SSLocal
SSLocal helps to make running SSL in your local Ruby development environment as streamlined as possible. Currently it's built to work with Rack apps that use Puma (including Rails).
Please do not use this gem in production environments - it's only meant for local development.
Installation
- Install mkcert
- Add
config/certificates
to your application's.gitignore
file. - Add this gem to your application's Gemfile - ideally just for the development environment.
gem "sslocal", group: :development
- Add the following lines to the end of your
config/puma.rb
file - adjusting the environment variable name if appropriate.
if ENV.fetch("RAILS_ENV", "development") == "development"
require "sslocal"
plugin :sslocal
end
Usage
- Ensure the
config/certificates
folder exists (mkdir -p config/certificates
). - Generate the local certificate via
mkcert
:
mkcert --cert-file config/certificates/development.crt \
--key-file config/certificates/development.key \
localhost 127.0.0.1
- Boot your Rack/Rails app (whether via
rails server
, Foreman, Overmind, etc), and it should automatically use SSL using the generated certificate files.
If you're using SSLocal with a Rails app, it will change your app's settings dynamically to use HTTPS for Webpacker and ActionCable (if they're being used). However, if you are using Webpacker, you'll almost certainly want to install and set up the SSLocal library for JavaScript as well to keep matching protocols.
If you want to switch back to HTTP, just delete the certificate files and restart your Rack/Rails app. The certificate files are not precious, and can be deleted/regenerated as much as you like.
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/pat/sslocal-rb. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the code of conduct.
License
The gem is copyright Pat Allan, 2020, and is available as open source under the terms of the MIT License.
Code of Conduct
Everyone interacting in SSLocal's codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.