Wednesday, September 18, 2013

Deploying multiple Rails apps to same domain using sub URI's, nginx and passenger.

I recently had a requirement where I had to run two different Rails app's on the same domain with different sub URI's. The following was what I wanted to achieve: - Load Rails App1 - Load Rails App2
This is very easy to achieve provided you are using Passenger Phusion + nginx. I made the following changes to the server block in nginx.conf
server {
  listen 80; 
  root /var/www/app1/public;
  passenger_enabled on;
  passenger_base_uri /app2;
Look at how the
is pointing to app1's public folder. And look at the new addition
directive. Now, we need to carry out the final step - symlink app2's public folder to /var/www/app1/public/app2.
ln -s /var/www/app2/public /var/www/app1/public/app2 
Once the symlink is created, restart nginx and you are ready to serve different Rails apps on the same domain.


Wednesday, September 11, 2013

Configuring FTP access on Ubuntu 12.04 LTS server

Configuring FTP on Ubuntu is fairly trivial, but securing it requires some learning. Here's what I had to do configure FTP and allow users to access it.

1. Install the FTP server

 sudo apt-get install vsftpd

2. Create a new user

You can additionally disable shell access to the ftpuser., in my case I needed shell access.
 sudo useradd ftpuser
You can skip the step 2 and use the "ftp" user that gets created when you install vsftpd. In my case I needed a new user.

3. Restrict the ftpuser's access to file system and jail them to their home dir

Edit the /etc/vsftpd.conf and make the following change
 chroot_local_user = Yes

4. Restart vsftpd 

 sudo /etc/init.d/vsftpd restart 
You should be able to access and write to ftpuser's home directory now.

Additional Details:

Change default FTP upload directory for the ftp user created by vsftpd:

 sudo mkdir /srv/file_dir/ftp
 sudo usermod -d /srv/file_dir/ftp ftp 
The -d option to usermod changes the home directory of ftp user to /srv/file_dir/ftp

Allow ftpuser to access a specific folder outside home directory when chroot is enabled.

Lets assume you need FTP access to /var/www/files, then we need to do something like this:
 mkdir /home/ftpuser/www_files
 mount --bind /var/www/files /home/ftpuser/www_files 
Now, the /var/www/files directory is bound to your /home/ftpuser/www_files and is visible in your home directory listing. In case you get permission errors , make sure the ftpuser has enough access to -/var/www/files

To make the changes permanent add the following configuration to /etc/fstab
 /var/www/files /home/ftpuser/www_files none bind 0 0

Enable Anonymous downloads

If you wish to enable anonymous downloads edit /etc/vsftpd.conf and change.
It is recommended to turn off this feature unless you are absolutely certain you need this.