Skip to content
Browse files

Adding SSL to real-time unread counts. Long time coming.

  • Loading branch information...
1 parent 6311bf4 commit 90dd709b5b18d5f54efbaea5e3d46bf0f5988f37 @samuelclay committed
View
4 config/supervisor_node_favicons.conf
@@ -1,6 +1,6 @@
[program:node_favicons]
-command=node favicons.js
-directory=/srv/newsblur/node
+command=node node/favicons.js
+directory=/srv/newsblur
user=sclay
autostart=true
autorestart=true
View
5 config/supervisor_node_unread.conf
@@ -1,6 +1,6 @@
[program:node_unread]
-command=node unread_counts.js
-directory=/srv/newsblur/node
+command=node node/unread_counts.js
+directory=/srv/newsblur
user=sclay
autostart=true
autorestart=true
@@ -8,3 +8,4 @@ autorestart=true
priority=991
stopsignal=HUP
stdout_logfile = /srv/newsblur/logs/unread_counts.log
+environment = NODE_ENV=production
View
11 config/supervisor_node_unread_ssl.conf
@@ -0,0 +1,11 @@
+[program:node_unread_ssl]
+command=node node/unread_counts.js
+directory=/srv/newsblur
+user=sclay
+autostart=true
+autorestart=true
+#redirect_stderr=True
+priority=991
+stopsignal=HUP
+stdout_logfile = /srv/newsblur/logs/unread_counts.log
+environment = NODE_ENV=production,NODE_SSL=on
View
4 fabfile.py
@@ -326,7 +326,7 @@ def setup_db():
# setup_memcached()
# setup_postgres(standby=False)
setup_mongo()
- setup_gunicorn(supervisor=False)
+ # setup_gunicorn(supervisor=False)
# setup_redis()
setup_db_munin()
@@ -603,6 +603,7 @@ def setup_node():
def configure_node():
sudo('rm -fr /etc/supervisor/conf.d/node.conf')
put('config/supervisor_node_unread.conf', '/etc/supervisor/conf.d/node_unread.conf', use_sudo=True)
+ put('config/supervisor_node_unread_ssl.conf', '/etc/supervisor/conf.d/node_unread_ssl.conf', use_sudo=True)
put('config/supervisor_node_favicons.conf', '/etc/supervisor/conf.d/node_favicons.conf', use_sudo=True)
sudo('supervisorctl reload')
@@ -614,6 +615,7 @@ def copy_certificates():
run('mkdir -p %s/config/certificates/' % env.NEWSBLUR_PATH)
put('config/certificates/comodo/newsblur.com.crt', '%s/config/certificates/' % env.NEWSBLUR_PATH)
put('config/certificates/comodo/newsblur.com.key', '%s/config/certificates/' % env.NEWSBLUR_PATH)
+ put('config/certificates/comodo/EssentialSSLCA_2.crt', '%s/config/certificates/intermediate.crt' % env.NEWSBLUR_PATH)
def maintenance_on():
put('templates/maintenance_off.html', '%s/templates/maintenance_off.html' % env.NEWSBLUR_PATH)
View
13 media/ios/NewsBlur.xcodeproj/xcuserdata/sclay.xcuserdatad/xcdebugger/Breakpoints.xcbkptlist
@@ -16,19 +16,6 @@
landmarkName = "-applyNewIndex:pageController:"
landmarkType = "5">
</FileBreakpoint>
- <FileBreakpoint
- shouldBeEnabled = "No"
- ignoreCount = "0"
- continueAfterRunningActions = "No"
- filePath = "Classes/NewsBlurViewController.m"
- timestampString = "378030680.558538"
- startingColumnNumber = "9223372036854775807"
- endingColumnNumber = "9223372036854775807"
- startingLineNumber = "860"
- endingLineNumber = "860"
- landmarkName = "-didSelectSectionHeader:"
- landmarkType = "5">
- </FileBreakpoint>
</FileBreakpoints>
<SymbolicBreakpoints>
<SymbolicBreakpoint
View
3 media/js/newsblur/reader/reader.js
@@ -3745,7 +3745,8 @@
if (this.socket && !this.socket.socket.connected) {
this.socket.socket.connect();
} else if (force || !this.socket || !this.socket.socket.connected) {
- var server = window.location.protocol + '//' + window.location.hostname + ':8888';
+ var port = _.string.startsWith(window.location.protocol, 'https') ? 8889 : 8888;
+ var server = window.location.protocol + '//' + window.location.hostname + ':' + port;
this.socket = this.socket || io.connect(server);
// this.socket.refresh_feeds = _.debounce(_.bind(this.force_feeds_refresh, this), 1000*10);
View
16 node/unread_counts.coffee
@@ -1,10 +1,21 @@
fs = require 'fs'
-io = require('socket.io').listen 8888
redis = require 'redis'
REDIS_SERVER = if process.env.NODE_ENV == 'development' then 'localhost' else 'db01'
+SECURE = !!process.env.NODE_SSL
client = redis.createClient 6379, REDIS_SERVER
+if SECURE
+ privateKey = fs.readFileSync('./config/certificates/newsblur.com.key').toString()
+ certificate = fs.readFileSync('./config/certificates/newsblur.com.crt').toString()
+ ca = fs.readFileSync('./config/certificates/intermediate.crt').toString()
+ io = require('socket.io').listen 8889
+ key: privateKey
+ cert: certificate
+ ca: ca
+else
+ io = require('socket.io').listen 8888
+
io.configure 'production', ->
io.set 'log level', 1
io.enable 'browser client minification'
@@ -35,5 +46,6 @@ io.sockets.on 'connection', (socket) ->
socket.on 'disconnect', () ->
socket.subscribe?.end()
console.log " ---> [#{@username}] Disconnect, there are now" +
- " #{io.sockets.clients().length-1} users."
+ " #{io.sockets.clients().length-1} users. " +
+ " #{if SECURE then "(SSL)"}"
View
21 node/unread_counts.js
@@ -1,17 +1,30 @@
// Generated by CoffeeScript 1.4.0
(function() {
- var REDIS_SERVER, client, fs, io, redis;
+ var REDIS_SERVER, SECURE, ca, certificate, client, fs, io, privateKey, redis;
fs = require('fs');
- io = require('socket.io').listen(8888);
-
redis = require('redis');
REDIS_SERVER = process.env.NODE_ENV === 'development' ? 'localhost' : 'db01';
+ SECURE = !!process.env.NODE_SSL;
+
client = redis.createClient(6379, REDIS_SERVER);
+ if (SECURE) {
+ privateKey = fs.readFileSync('./config/certificates/newsblur.com.key').toString();
+ certificate = fs.readFileSync('./config/certificates/newsblur.com.crt').toString();
+ ca = fs.readFileSync('./config/certificates/intermediate.crt').toString();
+ io = require('socket.io').listen(8889, {
+ key: privateKey,
+ cert: certificate,
+ ca: ca
+ });
+ } else {
+ io = require('socket.io').listen(8888);
+ }
+
io.configure('production', function() {
io.set('log level', 1);
io.enable('browser client minification');
@@ -50,7 +63,7 @@
if ((_ref = socket.subscribe) != null) {
_ref.end();
}
- return console.log((" ---> [" + this.username + "] Disconnect, there are now") + (" " + (io.sockets.clients().length - 1) + " users."));
+ return console.log((" ---> [" + this.username + "] Disconnect, there are now") + (" " + (io.sockets.clients().length - 1) + " users. ") + (" " + (SECURE ? "(SSL)" : void 0)));
});
});

0 comments on commit 90dd709

Please sign in to comment.
Something went wrong with that request. Please try again.