Hours ago, I posted about, “How to deploy rails application with pound as a Balancer”.
Lets run rails application on https with pound. For that your machine should have:
* Pound installed with ssl support
* Pound and mongrels running
Now, First of all we need a ssl certificate, that can be generate by issuing “openssl req -x509 -newkey rsa:1024 -keyout mydomain.pem -out mydomain.pem -days 365 -nodes” . Give all the information it asks. Now copy mydomain.pem to /etc/pound/ directory(I am assuming that your pound.cfg file resides in /etc/pound/). Now put the following code in pound configuration file(/etc/pound/pound.cfg):
ListenHTTPS
Address 0.0.0.0
Port 443
Cert "/etc/pound/mydomain.pem"
# pass along https hint
AddHeader "X-Forwarded-Proto: https"
HeadRemove "X-Forwarded-Proto"
Service
URL "/(images|stylesheets|javascripts)/"
BackEnd
Address 127.0.0.1
Port 8080
End
Session
Type BASIC
TTL 300
End
End
Service
BackEnd
Address 127.0.0.1
Port 8000
End
BackEnd
Address 127.0.0.1
Port 8001
End
BackEnd
Address 127.0.0.1
Port 8002
End
End
End
I am assuming that your mongrels are running at ports 8000, 8001, 8002, apache running at 8080 and pound is listening ports 443 & 80.
Restart pound, and you are done. With this configuration all requests for dynamic content at port 443(https) will get redirected to mongrels and requests for static content will get redirected to apache.
You may want to check if the request is https or not before serving the content. That can be done by adding a before_filter (defined below) in application.rb :
def confirm_ssl
unless request.ssl?
request.env["HTTPS"] = "on"
redirect_to "/"
return
end
end
By adding this method as before_filter in application.rb your application will check for https, if the request is not of type https it will redirect to an https request.