Friday, February 16, 2007

Set up Pound to use HTTPS with Mongrel

I wanted to use HTTPS and followed what is written in Pound Best Practice Deployment and Pound Installation mostly. Also Think Again! >> Mongrel is useful.

Briefly, the following is what I did:
1. Install Pound
$./configure --prefix=/usr/local
$ make
$ sudo make install
2. Update mongrel to 1.0.1 (because I had one older one)
$ gem update mongrel
3. Install mongrel_cluster gem
$ gem install mongrel_cluster
4. Configure Pound
4-1. Created pound.cfg under /user/local/etc.
4-2. Filled the pound.cfg with the following content:

ListenHTTP
Address 0.0.0.0
Port 80
Service
BackEnd
Address 127.0.0.1
Port 8000
End
End
End

ListenHTTPS
Address 0.0.0.0
Port 443
Cert "/usr/local/etc/test.pem"
# pass along https hint
AddHeader "X-Forwarded-Proto: https"
HeadRemove "X-Forwarded-Proto"
Service
BackEnd
Address 127.0.0.1
Port 8000
End
End
End

4-3. Generated test certificate
$ openssl req -x509 -newkey rsa:1024 -keyout test.pem -out test.pem -days -nodes
5. Configure Mongrel Cluster and start Mongrel with Cluster
$ cd railsapp
$ mongrel_rails cluster::configure -p 8000 -N 1 (I set the number of clusters to be 1.)
$ mongrel_rails cluster::start
6. Start Pound
$ sudo pound -f /usr/local/etc/pound.cfg

Note:
The following command shows Help for Mongrel (e.g. "mongrel_rails cluster::stop" to stop Mongrel with Cluster):
$ mongrel_rails help

No comments: