X-Forwarded-Proto / X_FORWARDED_PROTO
Eric, think I came across an issue with the parser in unicorn, with a request (due to 2 layers of nginx proxying) coming across with both a X_FORWARDED_PROTO and a X-Forwarded-Proto header. From the socket (in HttpRequest) - we get: X_FORWARDED_PROTO: http X-Forwarded-Proto: https which is parsed to HTTP_X_FORWARDED_PROTO=http,https There was a passenger ticket that describes that from nginx's point of view - X-Forwarded-Proto is the correct form. -- /skaar sk...@waste.org where in the W.A.S.T.E is the wisdom s_u_b_s_t_r_u_c_t_i_o_n ___ Unicorn mailing list - mongrel-unicorn@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-unicorn Do not quote signatures (like this one) or top post when replying
Re: X-Forwarded-Proto / X_FORWARDED_PROTO
The Rack (and CGI) specs require that '-' be replaced with '_' for HTTP header names, so Unicorn is doing the correct thing and treating it as the same header. but should it aggregate the values? Even though '_' appears to be allowed in header names by rfc 2616, it's use is questionable as there are parsers that reject it. Any chance of fixing whatever sends the X_FORWARDED_PROTO header? It's completely pointless to set to http in our case we can probably fix the proxy chain - we have a set of dedicated SSL systems (which sets X-Forwarded-Proto) which forward to the main nginx front end (which sets X_FORWARDED_PROTO). I'll also look at removing the proxy-set-header cases that sets it to to 'http'. Just for reference: we ran into this issue when replacing nginx to mongrels over a TCP socket, with nginx to unicorn over a domain socket. With mongrel we don't have this problem (although I see from e26ebc985b882c38da50fb0104791a5f2c0f8522 - that you added support for it in http11) /skaar -- Eric Wong ___ Unicorn mailing list - mongrel-unicorn@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-unicorn Do not quote signatures (like this one) or top post when replying -- /skaar sk...@waste.org where in the W.A.S.T.E is the wisdom s_u_b_s_t_r_u_c_t_i_o_n ___ Unicorn mailing list - mongrel-unicorn@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-unicorn Do not quote signatures (like this one) or top post when replying
unicorn/reexec/bundler/cap deploy issue
Hi Eric, we've run into an issue with Unicorn's reexec, when the rails app is using Bundler and we deploy into dated release directories. Still not sure what the correct fix is for this, but what happens is that bundler modifies (acutally prefixes) PATH/RUBYOPT and when you reexec unicorn these are passed along to the new master process - and Bundler will again append to the PATH/RUBYOBT. This becomes more of a problem when you deploy with capistrano and include SIGUSR2 restart of your unicorn. And effectively it will attempt to load all Bundler vendor/bundler_gems/environment.rb for all deploys since unicorn was first started - and if you have, say, a keep only 5 releases strategy, you will soon get failures when a bundler environment.rb file in RUBYOPT has been shifted out. I'm still not sure what the right solution is (to modify unicorn, the unicorn.rb config file or to address it in bundler), but the following patch does it brute force in unicorn and introduce the assumption that a reexec should take the same PATH/RUBYOPT variables as the initial invokation of the unicorn process (using a similar strategy as with PWD): From 3d6ca163723148668d69115ebaf00cb814db8f49 Mon Sep 17 00:00:00 2001 From: skaar sk...@waste.org Date: Sat, 2 Jan 2010 12:29:38 -0500 Subject: [PATCH] filter PATH/RUBYOPT when rexec, and give new master same values as the original master process --- lib/unicorn.rb |4 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/lib/unicorn.rb b/lib/unicorn.rb index 225e00a..6b3e334 100644 --- a/lib/unicorn.rb +++ b/lib/unicorn.rb @@ -111,6 +111,8 @@ module Unicorn Dir.pwd end }.call, + :path = ENV['PATH'], + :rybyopt = ENV['RUBYOPT'], 0 = $0.dup, } @@ -488,6 +490,8 @@ module Unicorn self.reexec_pid = fork do listener_fds = LISTENERS.map { |sock| sock.fileno } ENV['UNICORN_FD'] = listener_fds.join(',') +ENV['PATH'] = START_CTX[:path] +ENV['RUBYOPT'] = START_CTX[:rubyopt] Dir.chdir(START_CTX[:cwd]) cmd = [ START_CTX[0] ].concat(START_CTX[:argv]) -- 1.6.6.rc3 -- /skaar sk...@waste.org where in the W.A.S.T.E is the wisdom s_u_b_s_t_r_u_c_t_i_o_n ___ Unicorn mailing list - mongrel-unicorn@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-unicorn Do not quote signatures (like this one) or top post when replying