Skip to content

pravigo/heroku-buildpack-stunnel

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
bin
bin
 
 
support
support
 
 
.gitignore
.gitignore
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
Changelog.md
Changelog.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Heroku buildpack: stunnel

This is a Heroku buildpack that allows one to run stunnel in a dyno alongside application code. It is meant to be used in conjunction with other buildpacks as part of a multi-buildpack.

The current use of this buildpack is to allow for secure connection to Redis databases.

It uses stunnel and was extracted from the pgbouncer buildpack.

Usage

Example usage:

$ ls -a
.buildpacks  Gemfile  Gemfile.lock  Procfile  config/  config.ru

$ heroku config:add BUILDPACK_URL=https://github.com/ddollar/heroku-buildpack-multi.git

$ cat .buildpacks
https://github.com/yesware/heroku-buildpack-stunnel.git
https://github.com/heroku/heroku-buildpack-ruby.git

$ cat Procfile
web:    bin/start-stunnel bundle exec unicorn -p $PORT -c ./config/unicorn.rb -E $RACK_ENV
worker: bundle exec rake worker

$ git push heroku master
...
-----> Fetching custom git buildpack... done
-----> Multipack app detected
=====> Downloading Buildpack: https://github.com/yesware/heroku-buildpack-stunnel.git
=====> Detected Framework: stunnel
       Using stunnel version: 5.01
-----> Fetching and vendoring stunnel into slug
-----> Moving the configuration generation script into app/bin
-----> Moving the start-stunnel script into app/bin
-----> stunnel done
=====> Downloading Buildpack: https://github.com/heroku/heroku-buildpack-ruby.git
=====> Detected Framework: Ruby
-----> Compiling Ruby/Rails
-----> Using Ruby version: ruby-2.0.0
-----> Installing dependencies using 1.5.2
...

The buildpack will install and configure stunnel to connect to the STUNNEL_URLS over a SSL connection. Prepend bin/start-stunnel to any process in the Procfile to run stunnel alongside that process.

Settings

Some settings are configurable through app config vars at runtime. Refer to the appropriate documentation for stunnel configurations to see what settings are right for you.

  • STUNNEL_URLS REQUIRED. List of ENV variables to be tunneled, more detail below.
  • STUNNEL_PEM REQUIRED. Stunnel client certificate.

Multiple Databases

It is possible to connect to multiple databases through stunnel by setting STUNNEL_URLS to a list of config vars. Example:

$ heroku config:add STUNNEL_URLS="REDIS_APP_URL REDIS_ALTERNATE_URL"
$ heroku run bash

~ $ env | grep 'REDIS_APP_URL REDIS_ALTERNATE_URL'
REDIS_APP_URL=redis://username:password@ec2-107-20-228-134.compute-1.amazonaws.com:6379/0
REDIS_ALTERNATE_URL=redis://username:password@ec2-50-19-210-113.compute-1.amazonaws.com:6379/0

~ $ bin/start-stunnel env # filtered for brevity
REDIS_APP_URL_STUNNEL=redis://username:password@127.0.0.1:6001/0
REDIS_ALTERNATE_URL_STUNNEL=redis://username:password@127.0.0.1:6002/0

For more info, see CONTRIBUTING.md

About

Run stunnel in a dyno along with your application

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • Shell 100.0%