Rails how to make SSL for API?

V

Vayladion Gognazdiak2017-09-19 06:43:57

Ruby on Rails

Vayladion Gognazdiak, 2017-09-19 06:43:57

Good day.
The task is to cover the service API with an SSL certificate ( self-signed ) while everything else should be a regular http.
Rails 5.1 service + puma + nginx.
I try like this:

scope module: 'api' do
    namespace :v1, constraints: { protocol: 'https' } do
      resources :books
    end
  end

In nginx config:

server {
  listen 80;
  listen 443 ssl;
  server_name mybooks.ru;
  root /var/www/books/current/public;
  try_files $uri/index.html $uri @puma_books_production;

  client_max_body_size 4G;
  keepalive_timeout 600;

  error_page 500 502 504 /500.html;
  error_page 503 @503;

  ssl_certificate         /etc/nginx/ssl/books.crt;
  ssl_certificate_key     /etc/nginx/ssl/books.key;


  location @puma_books_production {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Host $host;
    proxy_redirect off;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-Forwarded-Proto http;
    proxy_headers_hash_max_size 512;
    proxy_pass http://puma_books_production;
  } 

  location ^~ /assets/ {
    gzip_static on;
    expires max;
    add_header Cache-Control public;
  }

  location = /50x.html {
    root html;
  }

  location = /404.html {
    root html;
  }

  location @503 {
    error_page 405 = /system/maintenance.html;
    if (-f $document_root/system/maintenance.html) {
      rewrite ^(.*)$ /system/maintenance.html break;
    }
    rewrite ^(.*)$ /503.html break;
  }

  if ($request_method !~ ^(GET|HEAD|PUT|PATCH|POST|DELETE|OPTIONS)$ ){
    return 405;
  }

  if (-f $document_root/system/maintenance.html) {
    return 503;
  }
}

As a result, in the rail log when accessing https://mybooks.ru/v1/books we have:

I, [2017-09-19T05:39:10.791751 #24500]  INFO -- : [de22f879-8065-4149-b4b0-8bac25d4cfc9] Started GET "/v1/books" for 109.252.52.231 at 2017-09-19 05:39:10 +0200
F, [2017-09-19T05:39:10.792756 #24500] FATAL -- : [de22f879-8065-4149-b4b0-8bac25d4cfc9]   
F, [2017-09-19T05:39:10.792831 #24500] FATAL -- : [de22f879-8065-4149-b4b0-8bac25d4cfc9] ActionController::RoutingError (No route matches [GET] "/v1/books"):
F, [2017-09-19T05:39:10.792892 #24500] FATAL -- : [de22f879-8065-4149-b4b0-8bac25d4cfc9]   
F, [2017-09-19T05:39:10.792955 #24500] FATAL -- : [de22f879-8065-4149-b4b0-8bac25d4cfc9] actionpack (5.1.2) lib/action_dispatch/middleware/debug_exceptions.rb:63:in `call'

However, there are routes:

v1_books GET        /v1/books(.:format)                       api/v1/books#index {:protocol=>"https"}
                                     POST       /v1/books(.:format)                       api/v1/books#create {:protocol=>"https"}
                   new_v1_book GET        /v1/books/new(.:format)                   api/v1/books#new {:protocol=>"https"}
                  edit_v1_book GET        /v1/books/:id/edit(.:format)              api/v1/books#edit {:protocol=>"https"}
                       v1_book GET        /v1/books/:id(.:format)                   api/v1/books#show {:protocol=>"https"}
                                     PATCH      /v1/books/:id(.:format)                   api/v1/books#update {:protocol=>"https"}
                                     PUT        /v1/books/:id(.:format)                   api/v1/books#update {:protocol=>"https"}
                                     DELETE     /v1/books/:id(.:format)                   api/v1/books#destroy {:protocol=>"https"}

Please tell me where to dig?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Artur Bordenyuk, 2017-09-19
@HighQuality

You can do this in the parent API controller.