Nick Ager

@nickager

One snag developers hit when building Seaside apps in Pharo is the standard image doesn't include support for https - often necessary when invoking a web service.

There is a cryptography package which apparently includes https support, although I've yet to use it. There's also a libcurl plugin - which again I've yet to use. Instead I'll focus on mimicking a server deployment configuration on my local machine. Specifically, my current deployment uses Nginx for https support from Gemstone and I'd like to achieve the same effect when developing locally within Pharo on my Mac. Sean Allen has written a useful blog post about faking an https client using Nginx. Rather than repeating his article, I'll focus on configuring a similar setup within Pharo on a Mac.

Pre-requisites

Ensure you have a package manager installed for MacOS. I'm using MacPorts. An alternative package manager that appears to be receiving good reviews is homebrew - though I've yet to use it. The instructions below are based on an installation using MacPorts.

Installing Nginx

Firstly ensure your MacPort installation is up-to-date:

$ sudo port -d selfupdate

Install Nginx including the ssl and debug modules:

$ sudo port install nginx +ssl +debug

In addition to the ssl and debug modules there are many other Nginx modules or variants, in MacPort parlance, available which you may like to install:

$ sudo port variants nginx
nginx has the variants:
   addition: Append text to pages
   dav: Add WebDAV support to server
   debug: Enable debug mode
   flv: Add FLV (Flash Video) streaming support to server
   geoip: Enable Ngx http GeoIP module  (http://wiki.nginx.org/HttpGeoIPModule)
   google_perftools: Enable Google Performance Tools profiling for workers
   gzip_static: Avoids compressing the same file each time it is requested
   mail: Add IMAP4/POP3 mail proxy support
   perl5: Add perl support to the server directly within nginx and call perl via SSI
   realip: Using nginx as a backend
   redis: Enable Ngx HTTP Redis module
   secure_download: Enable Ngx http secure download  (http://wiki.nginx.org/HttpSecureDownload)
   ssl: Add SSL (HTTPS) support to the server, and also to the mail proxy if that is enabled
   status: Add /nginx_status support to the server
   substitution: Replace text in pages
   upload: Enable Valery Kholodkov's upload module (http://grid.net.ru/nginx/upload.en.html)
   zip: Enable Ngx zip download module  (http://wiki.nginx.org/NginxNgxZip)

Check the Nginx installation

$ which nginx
/opt/local/sbin/nginx
$ sudo nginx -V
nginx version: nginx/0.8.54
TLS SNI support enabled
configure arguments: --prefix=/opt/local 
--with-cc-opt='-I/opt/local/include -O2' 
--with-ld-opt=-L/opt/local/lib 
--conf-path=/opt/local/etc/nginx/nginx.conf 
--error-log-path=/opt/local/var/log/nginx/error.log 
--http-log-path=/opt/local/var/log/nginx/access.log 
--pid-path=/opt/local/var/run/nginx/nginx.pid 
--lock-path=/opt/local/var/run/nginx/nginx.lock 
--http-client-body-temp-path=/opt/local/var/run/nginx/client_body_temp 
--http-proxy-temp-path=/opt/local/var/run/nginx/proxy_temp 
--http-fastcgi-temp-path=/opt/local/var/run/nginx/fastcgi_temp 
--http-uwsgi-temp-path=/opt/local/var/run/nginx/uwsgi_temp 
--with-http_ssl_module 
--with-debug

The -V command-line option displays the compile-time configuration options. Ensure that both ssl and debug are included. The -V argument is one way of discovering the default locations for the nginx.conf, error.log and access.log files.

Create a Nginx config for Pharo

Edit nginx.conf using your favourite text editor (here I'm using TextMate):

$sudo mate /opt/local/etc/nginx/nginx.conf

An example Nginx config:

worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

    server {
       server_name  localhost; 
       listen       80;
 
        location / {
            proxy_pass http://127.0.0.1:8080;
        }
    }

	# example using a reserve proxy for https to paypal test sandbox
	server {
	   server_name paypaltesting;

	   location / {
	       proxy_pass https://svcs.sandbox.paypal.com;
	   }
    }
}

Note: strictly speaking the configuration named localhost isn't necessary, it allows you to access your Pharo server through port 80, ie there is no need to specify a port when you access it through http://localhost. I find this useful to verify that nginx is running successfully.

now edit the /etc/hosts file:

$ mate /etc/hosts

and add a line such as:

127.0.0.1 paypaltesting

or whatever you've named your https server in /opt/local/etc/nginx/nginx.conf (above).

Testing your configuration

Startup Nginx:

$ sudo nginx

Within Pharo you can then access https web-services through something like:

HTTPSocket 
    httpGetDocument: 'http://paypaltesting/AdaptivePayments/Preapproval'
    args: self args 
    accept: (WAMimeType main: '*' sub: '*') greaseString
    request: self header
Posted by Nick Ager at 03/25/2011, 3:12 pm with tags sysadmin, Nginx, Mac link
|