Using Faye with SSL
We live in an era of plenty and are free to choose from dozens of proposed options, the one we like the most.
When developing a real-time service, you can get away with the usual setInterval (), but you should use the capabilities of the WebSocket technology and the like. Here are the benefits you will get:
Our project is developed on Ruby on Rails and uses a bunch of Nginx + Passenger .
Of all the libraries that implement messaging, Faye is the most painlessly implemented.
The process of setting up and using is described in detail in the documentation, an article on the Faye Habré as a way not to zadolbat your server in the Faye screencast.
But as it usually happens, difficulties can arise at any time, it is worth taking a step aside.
Now I would like to describe the situation of setting up Faye using SSL .
Let this small article save someone a few hours of life.
')
Faye uses Thin as a server. Run it with SSL enabled.
Create a faye.ru file in the project root with the following contents
In the project directory lib / ssl / we place SSL certificates.
Create config / thin.yml configuration file
- port: 9292
ssl: true
ssl_key_file: / <Project name> /lib/ssl/cert.key
ssl_cert_file: / <Project name> /lib/ssl/cert.crt
environment: production
rackup: faye.ru
To start the server, use the command:
(production mode is required)
The server is up and running, it's time to help the faye client connect.
The client will connect to
Use Nginx to create a proxy to the Faye server.
In the server block we describe the following location.
We restart Nginx and if everything is properly configured, we can connect the client to the server and subscribe to the channel.
To send you need to make a request to the Faye server with the channel and message. When using SSL, the following method is used for this:
As a result, we have a fully configured and working messaging system with the client.
In the project Staply, this technology is used for its intended purpose, to exchange messages between users.
I did not describe the important topic of security, but this is another story.
Thanks for attention.
When developing a real-time service, you can get away with the usual setInterval (), but you should use the capabilities of the WebSocket technology and the like. Here are the benefits you will get:
- Instant client notification of an event
- The ability to create a service that uses event channels thanks to the pub / sub architecture.
- The lack of constant incoming requests to the server and reducing the load as a result.
Our project is developed on Ruby on Rails and uses a bunch of Nginx + Passenger .
Of all the libraries that implement messaging, Faye is the most painlessly implemented.
- It works as a separate process and does not require the use of any particular server.
- Not dependent on project configuration
- There are versions for RoR and Node.js
The process of setting up and using is described in detail in the documentation, an article on the Faye Habré as a way not to zadolbat your server in the Faye screencast.
But as it usually happens, difficulties can arise at any time, it is worth taking a step aside.
Now I would like to describe the situation of setting up Faye using SSL .
Let this small article save someone a few hours of life.
')
Faye server setup
Faye uses Thin as a server. Run it with SSL enabled.
Create a faye.ru file in the project root with the following contents
require 'faye' faye_server = Faye::RackAdapter.new(:mount => '/faye', :timeout => 30) Faye::WebSocket.load_adapter('thin') run faye_server In the project directory lib / ssl / we place SSL certificates.
Create config / thin.yml configuration file
- port: 9292
ssl: true
ssl_key_file: / <Project name> /lib/ssl/cert.key
ssl_cert_file: / <Project name> /lib/ssl/cert.crt
environment: production
rackup: faye.ru
To start the server, use the command:
bundle exec thin -C config/thin.yml -e production start (production mode is required)
The server is up and running, it's time to help the faye client connect.
Faye client setup
The client will connect to
https://example.com/faye
Use Nginx to create a proxy to the Faye server.
In the server block we describe the following location.
location /faye { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass https://127.0.0.1:9292; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; break; } We restart Nginx and if everything is properly configured, we can connect the client to the server and subscribe to the channel.
var faye = new Faye.Client("https://example.com/faye"); faye.subscribe("/events", function(data) { alert(data) }); Posting from Rails
To send you need to make a request to the Faye server with the channel and message. When using SSL, the following method is used for this:
/* channel data json */ def broadcast(channel, data) url = URI.parse("https://localhost:9292/faye") form = Net::HTTP::Post.new(url.path.empty? ? '/' : url.path) form.set_form_data(:message => {:channel => channel, :data => data }.to_json) http = Net::HTTP.new(url.host, url.port) http.use_ssl = url.scheme == "https" http.verify_mode = OpenSSL::SSL::VERIFY_NONE http.start {|h| h.request(form)} end As a result, we have a fully configured and working messaging system with the client.
In the project Staply, this technology is used for its intended purpose, to exchange messages between users.
I did not describe the important topic of security, but this is another story.
Thanks for attention.
Source: https://habr.com/ru/post/232745/
All Articles