Thin with SSL support and ruby-debug
Asked Answered
B

4

7

Does anyone know of a way to run the ruby debugger and SSL at the same time with Thin?

I've been using Thin successfully with Rails 3.0.10.

I start it using rails server --debugger, and I can debug my code.

Recently, I have also needed to add SSL support to my application, and I'd like to be able to test it locally with a self-signed certificate.

Unfortunately, I have not found a way to start Thin with SSL support when using rails server.

I can successfully start Thin with SSL support by using:

thin start --ssl --ssl-verify --ssl-key-file ssllocal/server.key
    --ssl-cert-file ssllocal/server.crt

However, I have not found a way to activate the debugger using thin start.

So it seems like I have the choice of running the debugger (rails server) or SSL (thin start), but not both.

It seems possible to get Webrick to run SSL using rails server by modifying the rails/script file (see here). I experimented with this approach, but I have not had success. Here's one of the attempts:

#!/usr/bin/env ruby
# This command will automatically be run when you run "rails" with Rails 3
# gems installed from the root of your application.

APP_PATH = File.expand_path('../../config/application',  __FILE__)
require File.expand_path('../../config/boot',  __FILE__)


# THIS IS NEW:
require "rails/commands/server"
require 'rack'
require 'thin'
module Rails
  class Server
    def default_options
      super.merge({
        :Port        => 3000,
        :environment => (ENV['RAILS_ENV'] || "development").dup,
        :daemonize   => false,
        :debugger    => false,
        :pid         => File.expand_path("tmp/pids/server.pid"),
        :config      => File.expand_path("config.ru"),
        :SSLEnable   => true
        :ssl => true,
        "ssl-verify" => true,
        "ssl-key-file" => File.expand_path("ssllocal/server.key"),
        "ssl-cert-file" => File.expand_path("ssllocal/server.crt")       
      })
    end
  end
end


require 'rails/commands'

Note: for those who might be wondering, I created an 'ssllocal' directory off my root application directory, and that's where I store the ssl keys and certs.

Bacchanalia answered 6/1, 2012 at 4:57 Comment(0)
M
5

You could try just requiring the debugger yourself in your development environment.

In your Gemfile:

if RUBY_VERSION =~ /^1.9/
  gem "ruby-debug19", :group => :development
else
  gem "ruby-debug", :group => :development
end

And within the config block of your config/environments/development.rb:

require 'ruby-debug'
Debugger.start

This permits you to place the debugger statement anywhere in your code.

Magnificent answered 23/1, 2012 at 14:12 Comment(0)
P
3

Here's my solution - I hacked the Thin TcpServer to load my self-signed SSL certs, only in the development environment. My script/rails looks like this:

#!/usr/bin/env ruby
# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.

APP_PATH = File.expand_path('../../config/application',  __FILE__)
require File.expand_path('../../config/boot',  __FILE__)

# Hack our SSL certs into Thin TcpServer, only in development environment
require 'thin'
module Thin
  module Backends
    TcpServer.class_eval do
      def initialize_with_SSL(host, port)
        if Rails.env.development?
          Rails.logger.info "Loading SSL certs from ./ssl_dev..."
          @ssl = true
          @ssl_options = {
            :private_key_file => File.expand_path("../../ssl_dev/server.key", __FILE__),
            :cert_chain_file  => File.expand_path("../../ssl_dev/server.crt", __FILE__),
            :verify_peer => nil
          }
        end

        initialize_without_SSL(host, port)
      end

      alias_method :initialize_without_SSL, :initialize
      alias_method :initialize, :initialize_with_SSL      
    end
  end
end

# Must load 'rails/commands' after Thin SSL hack
require 'rails/commands'
Paddie answered 26/7, 2012 at 0:57 Comment(0)
S
1

Here's how I got it to finally work on production using Thin:

rvmsudo thin start -p 443 --ssl --ssl-key-file ssl/server.key --ssl-cert-file ssl/server.crt

If you are having issues with your KEY file, make sure you validate the CSR by using a site like:

https://ssl-tools.verisign.com

If your CSR fails, then the certificate you receive from your signing authority will fail too. My site would refuse to load with the SSL certs, only to find out that I abbreviated my State name to "TX" instead of "Texas" while creating my private key. That was the reason it wasn't working all along! SSL certs are a pain in the ass!

Steerage answered 6/8, 2013 at 18:2 Comment(0)
D
0

I was able to successfully get the debugging working with ssl enabled thin, using the solution suggested by nathan. Though I had to do one small change of deferring initialization of @ssl after the call of initialize_without_ssl (an alias method for the original TcpServer's initialize)

require 'thin'
module Thin
  module Backends
    TcpServer.class_eval do
      def initialize_with_SSL(host, port)
        if Rails.env.development?
          Rails.logger.info "Loading SSL certs from ./ssl_dev..."
          @ssl_options = {
            :private_key_file => File.expand_path("../../ssl_dev/server.key", __FILE__),
            :cert_chain_file  => File.expand_path("../../ssl_dev/server.crt", __FILE__),
            :verify_peer => nil
          }
        end

        initialize_without_SSL(host, port)
        # @ssl initialized after calling the original initialize of TcpServer
        @ssl = true if Rails.env.development? 

      end

      alias_method :initialize_without_SSL, :initialize
      alias_method :initialize, :initialize_with_SSL      
    end
  end
end

  alias_method :initialize_without_SSL, :initialize
  alias_method :initialize, :initialize_with_SSL      
end

In the above code snippett, @ssl is set to true after calling the original initialize call of Thin::Backend::TcpServer. I had to do this since the TcpServer invokes its parent's initialize (Thin::Backend:Base) that sets the @ssl to nil

  #Base initialize method. Thin gem version 1.5.0
  def initialize
    @connections                    = []
    @timeout                        = Server::DEFAULT_TIMEOUT
    @persistent_connection_count    = 0
    @maximum_connections            = Server::DEFAULT_MAXIMUM_CONNECTIONS
    @maximum_persistent_connections = Server::DEFAULT_MAXIMUM_PERSISTENT_CONNECTIONS
    @no_epoll                       = false
    @ssl                            = nil
    @threaded                       = nil
  end

As noted in nathan's code block, the whole solution appears to be a hack around. In my opinion, I am fine with the snippet considering the code is done within the context of env.development and most importantly it allows debugging with ssl enabled.

Disinterest answered 4/5, 2013 at 18:53 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.