ACCESS_TOKEN_SECRET = '???'
```
+### SSL Certificate
+
+If you wish to host your system publicly, you'll need an SSL certificate
+signed by a proper authority.
+
+If you are working on local system for development, a self signed certificate
+will suffice. There are plenty of resources available for learning how to
+create one, so that will not be detailed here. Note that the Vagrant file will
+automatically generated a self signed certificate within the virtual machine.
+
+The certificate should be installed using nginx.
+
# Development Install
If you need to setup the project for development, it is highly recommend that
1. Connect to the virtual machine with `vagrant ssh`
Note:
-Port 80 of the virtual machine will be configured as port 6659 on the host
+Port 443 of the virtual machine will be configured as port 6659 on the host
+system. While on the host system, fire up your favorite browser and point it at
+`https://localhost:6659/`. This connects to your host system on port 6659, which
+forwards to your virtual machine's web site using SSL.
+
+Port 80 of the virtual machine will be configured as port 16659 on the host
system. While on the host system, fire up your favorite browser and point it at
-`http://localhost:6659/`. This connects to your host system on port 6659, which
-forwards to your virtual machine's web site.
+`http://localhost:16659/`. This connects to your host system on port 16659,
+which forwards to your virtual machine's web site using plain text.
## Completing the Virtual Machine with Fabric
server {
listen 80;
- # don't do virtual hosting, handle all requests regardless of header
- server_name "";
+ listen 443 ssl;
+ server_name localhost;
client_max_body_size 20M;
location / {
git_ssh_key = File.read(ENV['HOME'] + '/.vagrant.d/insecure_private_key');
# build a shell script that installs prereqs, copies over the host secrets,
-# configures the database, sets up the user/group associations, pulls in the
-# code from the host machine, sets up some external dependency configs, and
-# then runs fabric.
+# configures the database, sets up the user/group associations, creates a self
+# signed SSL cert, pulls in the code from the host machine, sets up some
+# external dependency configs, and then runs fabric.
shellscript = <<SCRIPT
cat >>/home/vagrant/.ssh/insecure_private_key <<EOF
#{git_ssh_key}
EOF
chmod 644 /home/vagrant/.ssh/config
+cat >/home/vagrant/localhost.conf <<EOF
+[req]
+default_keyfile=localhost.key.pem
+encrypt_key=no
+default_bits=512
+prompt=no
+utf8=yes
+distinguished_name=dn
+
+[dn]
+C=US
+ST=Massachusetts
+L=Cambridge
+O=FinalsClub Foundation
+CN=localhost
+emailAddress=info@karmanotes.org
+EOF
+cd /home/vagrant
+openssl req -new -config localhost.conf -out localhost.csr.pem
+openssl x509 -req -in localhost.csr.pem -signkey localhost.key.pem -out localhost.cert.pem
+chown vagrant:vagrant localhost*
+cd -
+
export DEBIAN_FRONTEND=noninteractive
add-apt-repository -y ppa:coolwanglu/pdf2htmlex # pdf2htmlex
cat > /etc/nginx/sites-available/karmaworld <<CONFIG
server {
listen 80;
+ listen 443 ssl;
# don't do virtual hosting, handle all requests regardless of header
- server_name "";
+ server_name localhost;
client_max_body_size 20M;
+ ssl_certificate /home/vagrant/localhost.cert.pem;
+ ssl_certificate_key /home/vagrant/localhost.key.pem;
location / {
# pass traffic through to gunicorn
# config.vm.network :forwarded_port, guest: 80, host: 8080
# OM (sanskrit) KW (KarmaWorld) on a phone: 66 59
- config.vm.network :forwarded_port, guest: 80, host: 6659, auto_correct: true
+ config.vm.network :forwarded_port, guest: 443, host: 6659, auto_correct: true
+ config.vm.network :forwarded_port, guest: 80, host: 16659, auto_correct: true
# Create a private network, which allows host-only access to the machine
# using a specific IP.
projects / oweals / karmaworld.git / commitdiff