A Clean, Well-Lighted Place

Adding Basic Authentication and Rewirite Rules to Your Engine Yard Application

Today I’ve decided to clean up and put some order in our Nginx setup and customizations for app hosted on AppCloud.

Till now we’re using keep files to add basic authentication for our staging and #{application}.rewites file for the rewrite rules. Turns out few things changed since last time I looked at these.

Tip (straight from the docs): Where possible, consider using an include file instead of a keep file.

So I’ve decided to move basic authenticatin stuff to /etc/nginx/servers/#{application}/custom.locations.conf as described here, but soon I found out that it’s not working that way anymore. As it’s stated in that AppCloud update notes

Deprecated usage:
both are replaced by:

Here are the steps how to add basic authentication to your app:

  • ssh to your app
  • cd /data/nginx/servers
  • Open the custom.conf file by typing: vim #{application}/custom.conf
  • Add in the following code (don;t forget to change #{application} with your EY app name
    auth_basic  "Restricted";
    auth_basic_user_file  /data/nginx/servers/#{application}/#{application}.users;
    passenger_enabled on;
    Hit :wq to save and quit vim.
  • Create #{application}.users file by typing htpasswd -c /data/nginx/servers/#{application}/#{application}.users #{user_name}. Don’t forget to replace #{application} and #{user_name}/
  • Restart nginx using sudo /etc/init.d/nginx restart
  • Revisit your app and you should have the basic authentication pop-up on your site.

Same for your rewrite rules. Since /etc/nginx/servers/#{application}.rewrites is deprecated, just put your rules in /etc/nginx/servers/#{application}/custom.conf. At the end it should look, for example, something like

  auth_basic  "Restricted";
  auth_basic_user_file  /data/nginx/servers/#{application}/#{application}.users;
  passenger_enabled on;

  rewrite ^/members/(.*)/blog_entries/(.*)$  /members/$1/blog/$2 permanent;

Hope this helps. I’ll try to keep it updated if anything changes, but if you see a problem, just drop a comment.