The idea is to let Pow do its job, i.e. managing DNS entries for your apps and spawning them as needed.
All we really need is for “something” to perform SSL termination, and let clients request HTTPS while Pow keeps serving plain HTTP. Nginx feels overkill: I don’t need a full-fledged webserver, just something to deal with SSL.
The tunnels Ruby gem does just that:
$ gem install tunnels
$ sudo tunnels 443 80
127.0.0.1:443 --(--)--> 127.0.0.1:80
Ready :)
From thereon, all traffic to port 443 will flow to port 80, minus SSL. If you need the SSL certificate to be valid, the tunnelss fork is happy to oblige.
Now, Pow promised us we wouldn’t have to manually start apps (although you can if you want to, then using port proxying).
To get the same thing working with SSL and tunnels, let’s leverage
launchd, Apple’s take on system service
management. It’s like upstart or the infamous systemd (fanboy alert: it predates both).
Create a plist file in the daemon directory:
$ sudo vim /Library/LaunchDaemons/me.dec0de.tunnels.plist
with these contents:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>KeepAlive</key>
<true/>
<key>Label</key>
<string>me.dec0de.tunnels</string>
<key>ProgramArguments</key>
<array>
<string>/Users/mezis/.rbenv/shims/tunnels</string>
</array>
</dict>
</plist>
(replacing the path to the tunnels executable with your output from which
tunnels)
And enable the new service:
$ sudo launchctl load /Library/LaunchDaemons/me.dec0de.tunnels.plist
Voila! launchd will keep tunnels running no matter what, including across
system restarts.
Launchd can to many more things for you, including running things on a schedule
or at login time. If you want a GUI to setup you plist files,
Lingon ($4.99) can do that
for you, although digging in the docs works too.
It’s good to be lazy.