Changing Elastic Beanstalk (Ruby) Passenger ngnix Config

January 19, 2014 16:20 by docbliny 

Is that title geeky enough for you? If so, keep reading…


I had to get Amazon CloudFront CDN configured this weekend for a Ruby project. This was mostly straightforward, and there are plenty of instructions on the web on how to go about that.

However, static assets are delivered by Phusion Passenger Standalone under the Ruby container for Amazon Elastic Beanstalk. This means you can’t set headers for those files in Ruby. Why is this an issue? Well, if you’ve got custom fonts, you’ll need to set CORS headers for those fonts to work on Internet Explorer and Firefox:

Access-Control-Allow-Origin: *


OK, this is where it gets to the usual “I just lost a day” situation. All the pieces were available, but getting everything glued together, and going through a rather slow deployment to test each iteration was a time sink. What you need to do is:

  1. Change the nginx configuration to add the CORS header to all font files by patching the Passenger config.erb template file.
  2. Patch Amazon’s broken /etc/init.d/passenger file so you can actually restart the service.

Note: I'm leaving the layout of this page broken in the file examples below to avoid confusion with line wrapping.

Modifying the nginx config template

You’ll need to create a file in the projects .ebextensions folder similar to the following:


  "/home/ec2-user/" :
    mode: "000777"
    owner: ec2-user
    group: ec2-user
    content: |
      CONFIG_FILE=$(passenger-config --root)/resources/templates/standalone/config.erb
      MATCH=$(grep '(eot)|(ttf)|(woff)' $CONFIG_FILE)
      if [ -z "$MATCH" ]; then
        cp -f $CONFIG_FILE $CONFIG_FILE.bak
        sed -e'/location @static_asset {/a \\t if ($request_filename ~* ^.*?\.(eot)|(ttf)|(woff)$){ add_header Access-Control-Allow-Origin *; }' $CONFIG_FILE.bak >$CONFIG_FILE
    command: sh /home/ec2-user/
    cwd: /home/ec2-user

Then patch /etc/init.d/passenger:


    command: sed -i 's/passenger stop \$OPTS/passenger stop -p \$EB_CONFIG_HTTP_PORT --pid-file \$EB_CONFIG_APP_PIDS\/' /etc/init.d/passenger

...and finally restart passenger so this goes into effect before CloudFront can hit font files and cache them without the correct headers:


    command: /etc/init.d/passenger restart


  • This was done on the 64bit Amazon Linux 2013.09 running Ruby 1.9.3 container.
  • The real runtime nginx configuration file ends up under /tmp/passenger-standalone.[random]/config. Check it to make sure the changes are applied.
  • /log/var/cfn-init.log is your friend when debugging the .ebextensions.
  • I was having issues with the initial deployment for a newly created environment not being applied (I just got the placeholder page from Amazon). This was always resolved by pushing the same application version again to the environment. The error in the Beanstalk event console was: The following instances have not responded in the allowed command timeout time (they might still finish eventually on their own)

Latest Google Chrome kills “Most Recent Tabs” feature

September 27, 2013 12:59 by docbliny 

UPDATE 2/22/2014: Google kills the workaround without fixing the original issue. Total cluster-fail. #chromefail

Well, not completely (unless you’re an unlucky sod like me), but makes it unusable. You now have to reopen each previously closed tab one-by-one. No more clicking on “21 closed tabs” to open up what you were working on previously. Unfortunately, the new menu item is greyed out completely for me and doesn’t show _any_ recently closed tabs.

Luckily, there’s a way to disable this new feature (along with the new big search box and not seeing Chrome Apps in the start window):

  1. Open a new tab, and enter chrome://flags .
  2. Search for Enable Instant Extended API for Mac, Windows, Chrome OS.
  3. Select Disabled from the dropdown.
  4. Restart Chrome.

Wave licensing center suddenly think you’re on a different machine?

September 15, 2013 16:02 by docbliny 

I started up Cubase for the first time in a few weeks, and I immediately got an error from my Waves plug-ins stating that its licenses couldn’t be found. This obviously freaked me out; I started the Wave License Center, and noticed that it couldn’t identify my machine anymore, and all my old licenses were listed under View All Licenses under the real name of the computer.

Long story short, I’d installed Visual Studio 2013 Pro Preview and along with that the Windows Phone dev kit (Don’t get me started how bad an idea it is to have everything on one machine…). Anyway, Waves didn’t recognize the machine because the network traffic was going through the Hyper-V vEthernet (External Switch) adapter with a different MAC address.

The fix:

  1. Start Hyper-V Manager.
  2. Click Virtual Switch Manager under the Actions pane.
  3. Select External Switch under the Virtual Switches pane/group.
  4. Select Internal Network, and then click OK.
  5. Close the Hyper-V Manager control panel.
  6. Open up your Network Connections control panel, and then disable vEthernet (External Switch) and vEthernet (Internal … Windows Phone Emulator…).
  7. Reboot (to be safe).

After a restart (and writing this post), I was good to go (but where’d my musical inspiration run off to in the meantime?)

Surface Pro and Screen Rotation Issue

February 17, 2013 10:10 by docbliny 

I was having the rather irritating issue with my Surface Pro where I’d hop on the train for my morning or afternoon commute, and the screen wouldn’t rotate (change the orientation) when I was trying to read with my Kindle app. What made it frustrating was that it’d start working again when I arrived. I read the troubleshooting document and then contacted Microsoft support and they weren’t able to reproduce the issue. This morning, I finally figured out what was going on.


Nexus Q

June 29, 2012 20:01 by docbliny 

Nexus Q... Another Google IO giveaway. Problems so far:

  • Only getting 2 channel stereo for movies. Unacceptable.
  • Continuous buffering issues on a 30M cable connection. Unacceptable.
  • No basic remote. I need to unlock an Android device just to hit pause. Unacceptable.
  • Both my tablet and phone are now stating that my account isn't allowed to make changes. Unacceptable.
  • MAC address not printed on device or box. A pain to set up my firewall and WLAN since they limit access by MAC address.
On the other hand:
  • Design. Nice. Funky.
  • I can turn off the the LEDs. Excellent.
  • Integrated power supply. Yes, please.
  • HDMI connector. Thank you.
Overall, I'm here trying to watch a movie and... I don't have an option to download (to avoid the buffering issues), and it stops every few seconds to buffer. Sorry, but #fail.
Update: So I got bored waiting for the buffering and decided to check Google+ and watched a YouTube video. Now I can't continue watching the movie. All I get is a message stating "Playback stopped because you began playing this video on another device." #epicfail
Update 2: Did I mention the fact that I can't configure the Q anymore? Yes, I did. All I get is a message stating "Only the owner of this Nexus Q can modify its settings." As far as I know, I didn't rent it for 24h, it was given to me. Do I really need to pull up the Android SDK to reset the damn thing to get it working again, like I had to do with the Samsung Galaxy Tab?
Update 3: I ended up finishing the movie using Google Play / YouTube. But guess what? I paid for HD and YouTube only provided me with a 480 quality stream.
Update 4 (7/10/2012): Just got an email from Google that they've refunded my rental based on the issue I had. Plus one for Google. I stopped using the PlayStation Store for anything a long time ago when they declined to refund me for a movie that simply wouldn't play and they couldn't solve the issue.

XBox Live MTU Error

February 4, 2012 13:37 by docbliny 

Had issues with XBox Live complaining about the MTU size not being sufficient. Well, that wasn’t actually the cause for me. In the end, I had to turn off uPnP on my Cisco RV082 firewall to get the network connection test to pass and to be able to sign into XBox Live.

Is your Ajax application really slow on IE7? Here’s a tip

July 11, 2011 11:56 by docbliny 

Is your Ajax application running really slowly for users on IE7 (poor folks)? Have you narrowed down the cause to updating the history with location.hash? Is dynaTrace showing you that it’s actually the native DOM call hanging for more than 5 seconds?

If so, disable the Internet Explorer 7 Developer Toolbar and associated Browser Helper Object (BHO).

AT&T MicroCell “Straight to voicemail” fixed?

July 18, 2010 08:21 by docbliny 

Looks like last Thursday/Friday night’s firmware update for the AT&T MicroCell fixed the issue I was having with calls going straight to voicemail. My support case got escalated around, and I got a call on Thursday to reboot the device on Friday morning. I’m sure I wasn’t the only one complaining about this, and it was lucky timing for me that they now got it fixed. So far all calls have come through, but of course I’m still a little paranoid.

AT&T MicroCell woes

July 2, 2010 16:12 by docbliny 

If you’re looking to get an AT&T MicroCell, my unfolding story might interest you. I switched to AT&T with the lure of the iPhone 4 and partly because my T-Mobile reception has never been that great in my home office. Unfortunately, AT&T’s reception was even worse in the whole house. I thought I’d suck it up and drove to the nearest AT&T store and picked up a MicroCell.

First, the device needs to be (at least initially) by a window for it to get a GPS lock. You can plug in an external GPS antenna, which I bought and plugged in. Good to go, I don’t need to have this box in the living room anymore.

Second, iPhone’s location services are screwed up when it triangulates based on the M-Cell as the tower. This happens inside where the phone can’t get a GPS signal. AT&T’s response is that it’s a “feature” so they don’t give away your private information to third parties. Whatever. All my photos are now tagged as being taken in Santa Cruz – great.

Third, and most importantly, my phones don’t get incoming calls reliably; calls go straight to voicemail. I’m seeing a full five bars, and I’m making sure to obey Uncle Steve’s “hold differently” advice, but no luck. While I was on the phone with AT&T support today, about 80-90% of calls didn’t come through. Calling from MicroCell to MicroCell, our VOIP landline, an international phone roaming on T-Mobile, and calls from AT&T went straight to voicemail. Nice.

What makes this issue intolerable is that with bad reception you can at least see some indication that you won’t be getting calls. With the MicroCell you end up being paranoid because all you see is a full five bars (“more bars” per AT&T’s marketing. And yes, those making folks must enjoy their liquor) and you don’t know if you’re missing calls or not. Not great when you’re working from home and the boss tries to reach you.

Silverlight 3 WriteableBitmap requires call to Invalidate() after Render()

September 6, 2009 18:20 by docbliny 

All of the samples I cam across using WriteableBitmap seemed to be from a prerelease version. They call the constructor with an additional parameter and don't call Invalidate() which is required for the anything to actually show up in the bitmap.

private void UpdatePreview() {     
     WriteableBitmap bitmap = new WriteableBitmap((int)imageSource.Width,
     bitmap.Render(imageSource, new TranslateTransform());
     imgPreview.Source = bitmap;