Thanks for your help. I will look into updating the wiki when I understand it a bit better myself, but right now I'm pressed for time, and getting the site up and running is my first priority. I originally hoped to learn ruby and rails better before this point, but it was not possible.
Fortunately, I am able to use SSL (for the time being) since this is a private server and not a host, and no other sites hosted on the server require SSL right now. SSH ports aren't open, I've tried. The proxy allows connections to be made only to ports 80, 443, and 21. As far as network policy, I am a university student, and I am reasonably sure that I am not violating the network usage policy, as this website is most certainly for an educational purpose (and I cannot find anything in the policy that forbids what I am doing). Unfortunately, the reason that I am hosting this site off-campus instead of on university servers is that I have had no luck whatsoever getting out IT department to do anything at all for me (I have waited over four months for them to give me a database and am rather fed up), so a request for an exemption would likely as not never receive a response. Fortunately, I am making progress now, and I have everything working except the ssl_requirement extension, which I am trying to find a clean way to install (I'm not very keen on cloning a git repository into my radiant app directory). On Mon, Jan 25, 2010 at 8:27 PM, Anton Aylward <anton.aylw...@rogers.com>wrote: > Paul Fox said the following on 01/25/2010 03:05 PM: > > Yeah, I was just a bit confused by the arbitrary mention of port 3000 in > > the docs with reference to the admin panel. The documentation for > > deployment could use some improvement, I think. > > Its a Wiki. You can update it. I you think it is lacking you *should* > update it. > > The reference to port 3000 is*not* to the admin panel. > If you were to run rail locally in your machine with > > $ ./script/server > > you'd get a response > > Booting Mongrel > Rails 2.x.x application starting on http://0.0.0.0:3000 > Call with -d to detach > Ctrl-C to shut down server > > So: you would have a Mongrel server running listening on port 3000 > > If you now point you browser at http://0.0.0.0:3000 you will get your > application. > > If you point your browser at http://0.0.0.0:3000/admin you will get the > login to admin panel. > > My point is: the Mongrel server is listening on port 3000. > Its the path you give it that determines whether you are displaying a > page or the admin panel. > > http://mongrel.rubyforge.org/ > > Now read this before looking at Apache setup > > http://blog.codahale.com/2006/06/19/time-for-a-grown-up-server-rails-mongrel-apache-capistrano-and-you/ > > http://wiki.joyent.com/shared:kb:rails-with-mongrel > > You'll particularly want to read this and forward to you Sysadmin > http://wiki.rubyonrails.org/deployment/apache-mongrel > in particular setting up the virtual host. > > > > > > > I was planning on using mod_ssl for encryption. > > Now there you may have a problem. > SSL uses X.509 and x.509 binds to a SINGLE IP ADDRESS. > It one of the things I don't like about X,509. > It makes life difficult for situations like this. > > Many service providers require that you get a dedicated address, not a > shared virtual host, if you want SSL service. > > You are also going to have to apply for the X.509 certificate, have the > sysadmin install it, bind it to the address and your domain. Maybe the > service provider will do that for you. I hope so 'cos its a tedious > procedure. > > This is why I use SSH tunnels for the situation you are getting yourself > into. Its simpler to set up, doesn't require X.509. > https://calomel.org/firefox_ssh_proxy.html > > > > > > > I understand Apache configuration somewhat, so as long as that's all > > that is involved here, I shouldn't have issues. Since I'm not sysadmin > > and this is a shared host, I don't really have much choice as regards > > webserver. Also, Apache is the only webserver I have used so far, and > > I'd prefer not to have to learn something completely new right now. > > Apache is probably the most complicated web server around, if you ignore > Microsoft's IIS. Things like Mongrel, WEBbrick, nhttpd, ngnix are all a > lot simpler - the "just work". > http://en.wikipedia.org/wiki/Comparison_of_web_server_software > > The shared host may also preclude you being able to use SSL. > > > > Alas, I must use port 443, since I am administrating the site from > > behind an extremely restrictive proxy that only allows outgoing > > connections to particular ports (and only allows encrypted connections > > on 443). > > Check: you'll probably be able to use one of the SSH ports. > > If this is a non work project and you are doing this all from work, then > there are over-riding legal issues. Check with your corporate legal > department first. > > If this is a work project and work access then you may have good cause > for an exception. > > I work in IT security and I'm used to dealing with all that. > > > But before doing any of this, SSL or SSH, get the application working > first! If you can't get the application and the admin working WITHOUT > the security layer, be it mod_ssl or the > radiant-ssl_requirement-extension, then you are going to end up in a mess. > > You absolutely need the confidence that the baseline application and > admin function works "normally" before layering on anything more. > > > > > -- > A distracted figure with a huge bushy beard blunders in just as you > speak the word of ancient magic. The man wears loose clothing, and an > expression of intense concentration. He is clutching his frizzy hair > with one hand; his other hand grips an intricate grid - the object of > his attention. > > His eyes brighten the word you've spoken reaches his ears. "Yes! Yes! > That's it!" he exclaims as he draws out a pen and fills in a row of > squares. "Now my hyperconstrained, double-acrostic, cryptic crossword is > complete, and ready to puzzle others. That was all I needed - just a > simple five-letter word, composed only of the letters 'X' 'Y' and 'Z,' > that would fit here!" > > He grips your hand and shakes it fervently. "Thank you! Now that I've > finished with that, I can get on to those other things I've been meaning > to do, such as monkey-wrenching the demolition and saving recreational > linguistics for future generations." He turns away and mutters, just > before he departs, "I hope none of that will involve lying in front of a > bulldozer..." > _______________________________________________ Radiant mailing list Post: Radiant@radiantcms.org Search: http://radiantcms.org/mailing-list/search/ List Site: http://lists.radiantcms.org/mailman/listinfo/radiant Radiant: http://radiantcms.org Extensions: http://ext.radiantcms.org
