While solutions like localtunnel and showoff.io allow you to do this, they have some limitations both in terms of cost and functionality. The biggest problem is that it gets expensive for lots of developers or you can't use your own hostnames.
We've developed a alternative using DNS, a reverse proxy and an ssh tunnel that makes it trivial to allow public access to a any number of dev servers on demand.
Here's how it works:
- Set up a reverse proxy (you can use Apache or nginx).
# assume public IP of 1.2.3.4 # need name-based virtual hosting # so we can support many dev boxes with a single IP NameVirtualHost 1.2.3.4:80 # Need a VirtualHost container for each developer <VirtualHost 1.2.3.4:80> ServerName jason.dev.domain.com ProxyRequests Off ProxyPreserveHost On ProxyPass / http://localhost:2000/ ProxyPassReverse / http://localhost:2000/ </VirtualHost> <VirtualHost 1.2.3.4:80> ServerName tim.dev.domain.com ProxyRequests Off ProxyPreserveHost On ProxyPass / http://localhost:2001/ ProxyPassReverse / http://localhost:2001/ </VirtualHost>
I am not an nginx user, but I got this idea from someone who did this with nginx.
- Configure a wildcard CNAME record for *.dev.domain.com that points to your proxy server. Using the wildcard avoids having to munge DNS for every new developer.
- Set up a proxy user account on the box and add all developers' ssh keys to the account. All this user needs to do is to log in and forward non-privileged ports, so it can be locked down substantially.
- Edit your /etc/hosts to so that the canonical name for your server points to your local dev IP.
# /etc/hosts entry 33.33.33.11 jason.dev.domain.com
- To make your dev server publicly available, create an SSH tunnel. Remember that each developer will have a particular remote port number assigned to them and them only.
ssh proxy@proxy.dev.domain.com -R 2000:jason.dev.domain.com:80
- This setup allows the exact same host name to be used everywhere but have it hit the local dev box locally and have the same name resolve to the public proxy for development that require it.
While this does require you to have a publicly-reachable server somewhere to configure the proxy, this probably isn't a huge problem for most companies. In return you get a near foolproof setup for debugging webhooks, mobile apps, etc, at no cost, and without jumping through any hoops or relying on any third-party systems.
This is a pretty nice solution. :-)
ReplyDeleteAnother way to accomplish this, is using PageKite, from www.pagekite.org (disclaimer, I am the author - and don't be confused by the fact that we offer a complementary paid service, PageKite is free software and you can DIY if you want to).
It may be a somewhat steeper learning curve to get it up and running than what you have described here, since it is a new tool and the front-end configs aren't really well documented yet, but combining PageKite with a wildcard DNS setup has the advantage that once you have it up and running, you'll be able to dynamically create new server names in mere seconds without needing to edit any configuration files or keep track of weird port numbers.
If you want to give it a try, I hang out on #pagekite on Freenode and am always happy to chat with new users. :-)
Bjarni- oh cool I didn't find PageKit when I was googling around for a solution. Looks pretty nice, though the documentation is a bit intimidating, there is so much going on. I think what 99% of people want is just a publicly-accessible http server at a given name. The rest of the stuff, like https, auth, etc, is added bells and whistles.
ReplyDeleteI guess it'd be nice if PageKit ran trivially on GAE, maybe it does.
Good luck!
Alan
If I recall, GAE is an HTTP-only service, while PageKite (note the 'e', it is a kite!) wants to control port 80 and 443 itself.
ReplyDeleteAnd yes, PageKite will seem rather complicated if you dive in an start slogging through the docs. Once you get the hang of it, it's really easy to use though - what you are doing with your apache/ssh/... hack above can be done in one line with PageKite like so:
pagekite --isfrontend \
--ports=80 --domain=http:*.foo.com:SECRET
Launching a new site then becomes this:
pagekite --frontend=proxy.foo.com:80 \
--backend=http:woot.foo.com:localhost:80:SECRET
:-)