Using Faye with SSL

  • Tutorial
We live in an era of abundance and are free to choose from dozens of proposed options, the one that we like the most.

When developing a real-time service, you can get by with the familiar setInterval (), but you should take advantage of the capabilities of WebSocket technology and the like. Here are the benefits you get:
  • Instant customer notification of an event
  • Ability to create a service using event channels thanks to the pub / sub architecture.
  • The lack of constant requests to the server and reduced load as a result.


Our project was developed on Ruby on Rails and uses the Nginx + Passenger bundle .
Of all the libraries that implement messaging, Faye is the most painlessly implemented .
  • It works as a separate process and does not require the use of any specific server.
  • Independent of project configuration
  • There are versions for RoR and Node.js

The process of setting up and using is described in detail in the documentation, an article on the Faye hub as a way not to shut down your server in the Faye screencast .
But as it usually happens, difficulties can arise at any time, it is worth taking a step to the side.

Now I would like to describe the Faye configuration situation when using SSL .
Let this short article save someone a few hours of life.

Faye server setup


Faye uses Thin as a server . We start it with SSL enabled.
Create the file faye.ru in the project root with the following contents

require 'faye'
faye_server = Faye::RackAdapter.new(:mount => '/faye', :timeout => 30)
Faye::WebSocket.load_adapter('thin')
run faye_server


In the project directory lib / ssl / we place SSL certificates.
We create the config file config / thin.yml

- port: 9292
ssl: true
ssl_key_file: / <Project name> /lib/ssl/cert.key
ssl_cert_file: / <Project name> /lib/ssl/cert.crt
environment: production
rackup: faye.ru

To start the server, use the command:
bundle exec thin -C config/thin.yml -e production start

(production mode is required)
The server is configured and running, it's time to help the faye client connect.

Faye client setup


The client will connect at
https://example.com/faye

We use Nginx to create a proxy to the Faye server.
In the server block, we describe the following location.
location /faye {
  proxy_set_header  X-Real-IP  $remote_addr;
  proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header Host $http_host;
  proxy_redirect off;
  proxy_pass https://127.0.0.1:9292;
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  break;
}

We restart Nginx and if everything is configured correctly, we can establish a client-server connection and subscribe to the channel.

var faye = new Faye.Client("https://example.com/faye");
faye.subscribe("/events", function(data) {
	alert(data)
});


Sending Messages from Rails


To send, you need to make a request to the Faye server with the channel and message. When using SSL, the following method is used for this:

/*
channel канал сообщений
data данные в json формате
*/
def broadcast(channel, data)
      url = URI.parse("https://localhost:9292/faye")
      form = Net::HTTP::Post.new(url.path.empty? ? '/' : url.path)
      form.set_form_data(:message => {:channel => channel, :data => data }.to_json)
      http = Net::HTTP.new(url.host, url.port)
      http.use_ssl = url.scheme == "https"
      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
      http.start {|h| h.request(form)}
end


As a result, we have a fully configured and working messaging system with the client.
The Staply project uses this technology for its intended purpose, for exchanging messages between users.
I did not describe an important security topic, but this is a completely different story.
Thanks for attention.

Also popular now: