falcon 0.33.6 → 0.33.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +41 -0
- data/lib/falcon/configurations/tls.rb +7 -3
- data/lib/falcon/extensions/openssl.rb +31 -0
- data/lib/falcon/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b160c1d16bc68ba43ddf9c3b29b94ff409d8574369640bb77bd0318f11f39bfc
|
4
|
+
data.tar.gz: fd449ff09cb4dc3fe071ed8cf225371f4d183102af3c44c2a7a4c1f6c8af9528
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 600d0288267ec4528a412cba8ccb13d494280d3a24c6dbeed7256fb510ff49955f5fd5aceb41c6ad07325d3e84650261163170963bb907aa34990c3c68c980cb
|
7
|
+
data.tar.gz: d88b88e815c301f5ea4a2f7f8c51e772b9512576db4b6ace0daf4dbb11b1eb6db46e1140a53ce085912f74b925d96b50e2b18b05194bbc95e56075f4a78def63
|
data/README.md
CHANGED
@@ -42,6 +42,8 @@ Alternatively, install in terminal:
|
|
42
42
|
|
43
43
|
## Usage
|
44
44
|
|
45
|
+
### Development
|
46
|
+
|
45
47
|
You can run `falcon serve` directly. It will load the `config.ru` and start serving on https://localhost:9292. Please [try the interactive online tutorial](https://katacoda.com/ioquatix/scenarios/falcon-introduction).
|
46
48
|
|
47
49
|
The `falcon serve` command has the following options for you to use:
|
@@ -77,6 +79,45 @@ To run on a different port:
|
|
77
79
|
$ falcon serve --port 3000
|
78
80
|
```
|
79
81
|
|
82
|
+
### Virtual Hosts
|
83
|
+
|
84
|
+
Falcon can replace Nginx as a virtual server for Ruby applications. **This is an experimental feature**.
|
85
|
+
|
86
|
+
```
|
87
|
+
/--------------------\
|
88
|
+
| Client Browser |
|
89
|
+
\--------------------/
|
90
|
+
||
|
91
|
+
(TLS + HTTP/2 TCP)
|
92
|
+
||
|
93
|
+
/--------------------\
|
94
|
+
| Falcon Proxy (SNI) |
|
95
|
+
\--------------------/
|
96
|
+
||
|
97
|
+
(HTTP/2 UNIX PIPE)
|
98
|
+
||
|
99
|
+
/--------------------\
|
100
|
+
| Application Server | (Rack Compatible)
|
101
|
+
\--------------------/
|
102
|
+
```
|
103
|
+
|
104
|
+
You need to create a `falcon.rb` configuration in the root of your application, and start the virtual host:
|
105
|
+
|
106
|
+
```
|
107
|
+
$ cat /srv/http/example.com/falcon.rb
|
108
|
+
#!/usr/bin/env -S falcon host
|
109
|
+
|
110
|
+
load :rack, :lets_encrypt_tls, :supervisor
|
111
|
+
|
112
|
+
rack 'hello.localhost', :lets_encrypt_tls
|
113
|
+
|
114
|
+
supervisor
|
115
|
+
|
116
|
+
% falcon virtual /srv/http/example.com/falcon.rb
|
117
|
+
```
|
118
|
+
|
119
|
+
The falcon virtual server is hard coded to redirect http traffic to https, and will serve each application using an internal SNI-based proxy.
|
120
|
+
|
80
121
|
### Integration with Rails
|
81
122
|
|
82
123
|
Falcon works perfectly with `rails` apps.
|
@@ -18,19 +18,23 @@
|
|
18
18
|
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
19
|
# THE SOFTWARE.
|
20
20
|
|
21
|
+
require_relative '../extensions/openssl'
|
22
|
+
|
21
23
|
add(:tls) do
|
22
24
|
ssl_session_id {"falcon"}
|
23
25
|
|
24
26
|
ssl_certificate_path {File.expand_path("ssl/certificate.pem", root)}
|
25
|
-
|
27
|
+
ssl_certificates {OpenSSL::X509.load_certificates(ssl_certificate_path)}
|
28
|
+
|
29
|
+
ssl_certificate {ssl_certificates[0]}
|
30
|
+
ssl_certificate_chain {ssl_certificates[1..-1]}
|
26
31
|
|
27
32
|
ssl_private_key_path {File.expand_path("ssl/private.key", root)}
|
28
33
|
ssl_private_key {OpenSSL::PKey::RSA.new(File.read(ssl_private_key_path))}
|
29
34
|
|
30
35
|
ssl_context do
|
31
36
|
OpenSSL::SSL::SSLContext.new.tap do |context|
|
32
|
-
context.
|
33
|
-
context.key = ssl_private_key
|
37
|
+
context.add_certificate(ssl_certificate, ssl_private_key, ssl_certificate_chain)
|
34
38
|
|
35
39
|
context.session_id_context = ssl_session_id
|
36
40
|
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# Copyright, 2018, by Samuel G. D. Williams. <http://www.codeotaku.com>
|
2
|
+
#
|
3
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
# of this software and associated documentation files (the "Software"), to deal
|
5
|
+
# in the Software without restriction, including without limitation the rights
|
6
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
# copies of the Software, and to permit persons to whom the Software is
|
8
|
+
# furnished to do so, subject to the following conditions:
|
9
|
+
#
|
10
|
+
# The above copyright notice and this permission notice shall be included in
|
11
|
+
# all copies or substantial portions of the Software.
|
12
|
+
#
|
13
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
# THE SOFTWARE.
|
20
|
+
|
21
|
+
require 'openssl/x509'
|
22
|
+
|
23
|
+
module OpenSSL::X509
|
24
|
+
CERTIFICATE_PATTERN = /-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----/m
|
25
|
+
|
26
|
+
def self.load_certificates(path)
|
27
|
+
File.read(path).scan(CERTIFICATE_PATTERN).collect do |text|
|
28
|
+
Certificate.new(text)
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
data/lib/falcon/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: falcon
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.33.
|
4
|
+
version: 0.33.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Samuel Williams
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-06-
|
11
|
+
date: 2019-06-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: async
|
@@ -277,6 +277,7 @@ files:
|
|
277
277
|
- lib/falcon/configurations/supervisor.rb
|
278
278
|
- lib/falcon/configurations/tls.rb
|
279
279
|
- lib/falcon/endpoint.rb
|
280
|
+
- lib/falcon/extensions/openssl.rb
|
280
281
|
- lib/falcon/host.rb
|
281
282
|
- lib/falcon/hosts.rb
|
282
283
|
- lib/falcon/proxy.rb
|