Re: multiple accounts on one computer
Perfectly viable solution. Another one is to instruct Git to use different SSH identity for a selected project. Github has posted a good write-up on this (you can do similar thing with Heroku): http://github.com/guides/multiple-github-accounts On Dec 21, 12:54 am, Pedro Belo wrote: > From the ssh key, you'll need to configure git to use the other key > when pushing. > > One idea is to use different unix users. Each will have a ssh key on > ~/.ssh and heroku credentials on ~/.heroku. > > On Sun, Dec 20, 2009 at 8:29 AM, Sarah Allen wrote: > > I need to have multiple accounts on heroku to manage personal and > > corporate projects. I have switched my identity in ~/.heroku/ > > credentials > > and that is matched by the user configured with git. > > > When I create a new app, it uses the specified user, but when I try to > > push it tells me: > > > ! sa...@otherplace.com not authorized to access myapp > > > Where is it getting this other identity from? > > > Thanks, > > Sarah > > > -- > > > You received this message because you are subscribed to the Google Groups > > "Heroku" group. > > To post to this group, send email to her...@googlegroups.com. > > To unsubscribe from this group, send email to > > heroku+unsubscr...@googlegroups.com. > > For more options, visit this group > > athttp://groups.google.com/group/heroku?hl=en. -- You received this message because you are subscribed to the Google Groups "Heroku" group. To post to this group, send email to her...@googlegroups.com. To unsubscribe from this group, send email to heroku+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/heroku?hl=en.
Re: If you reserve full instance for custom SSL - why don't I get more dynos?
On Dec 10, 11:06 pm, Morten Bagai wrote: > Yeah, I didn't catch the multi-domain part. Well, wildcard is still interesting for me. I could replace *.heroku.com with my own wildcard as a piggyback. I'd prefer to serve sites admin/user panels of my clients from my own domain. > Theoretically it might be possible. I don't think we have ever seen a > multi-domain cert in the > wild at Heroku. Actually I already tried this with two dummy apps and a multi-domain certificate taken from production site - worked like a charm. Will show you the apps once they are migrated (if I remember of course). > Also, the solution we have in place now isn't designed > for this in a couple of ways: > > 1) You would have to redeploy the cert every time it changed > 2) With multiple busy apps, you might max out the resources of the SSL > routing instance Good points. As for the resources, such a feature would be useful mostly for smaller sites. > > On Dec 10, 2:01 pm, Wojciech Kruszewski wrote: > > > Yes I believe it would be possible. > > > You could even create a service that would to the pooling: "I'll add > > your domain to my multi-domain certificate for a yearly fee". > > Theoretically this business model should work... > > although I'd much prefer Heroku coming up with their solution. > > > Do you know is it easy to add new domains to existing multi-domain > > certificates? > > > Regards, > > Wojciech > > > --http://twitter.com/WojciechK > > > On Dec 10, 10:44 pm, Doug Petkanics wrote: > > > > If I am following your approach correctly, then I believe it would be > > > possible for multiple Heroku users to "cooperate" on a single custom SSL > > > addon using the following steps. > > > > 1. Alice and Bob agree to cooperate and split the costs between one > > > another > > > outside of the scope of Heroku's billing. > > > 2. Alice buys a multi domain SSL cert covering her domain and Bob's > > > domain. > > > Alice also buys the custom SSL addon, and applies the certificate to her > > > app. > > > 3. Alice and Bob edit their domain's DNS settings to point to the > > > dedicated > > > IP. > > > 4. Bob enables piggyback ssl on his app, and gets the benefit of Alice's > > > custom ssl addon. The multi-domain cert they bought includes both their > > > domains. > > > > Heroku guys, if this approach would work, would you take issue with some > > > users pooling together to reduce the cost? I don't ask in the spirit of > > > taking advantage of your platform, but instead ask because the current > > > price > > > of custom SSL is prohibitive from running smaller apps on the service > > > right > > > now. > > > > Thoughts? > > > > On Thu, Dec 10, 2009 at 12:00 PM, Wojciech Kruszewski > > > wrote: > > > > > In fact this is possible with their current environment: > > > >http://wojciech.oxos.pl/post/277669886/save-on-herokus-custom-ssl-addons > > > > > On Dec 9, 7:58 pm, Wojciech Kruszewski wrote: > > > > > This is theoretically possible with their architecture, but they are > > > > > currently reviewing how easy it would be to implement it and if it's > > > > > worth the trouble. > > > > > > I created a public feature request: > > > >http://support.heroku.com/forums/42310/entries/87156 > > > > > - would you care to add your vote? > > > > > > Cheers, > > > > > Wojciech > > > > > > On Dec 8, 11:47 pm, Chris Hanks wrote: > > > > > > > Wojciech, if you ask support about that and get some good news, > > > > > > would > > > > > > you report back? I'm curious about this too. > > > > > > > Thanks! > > > > > > > Chris > > > > > > > On Dec 8, 2:05 pm, Oren Teich wrote: > > > > > > > > I don't know if that's possible or not it's probably a function of > > > > the > > > > > > > SSL protocol and our routing mesh, but it's beyond my technical > > > > > > > knowledge. Best bet is to drop support@ a line, and see what they > > > > > > > say. They'll be able to dig into the details for you. > > > > > > > > Oren > > > > > > > > On Tue, Dec 8, 2009 at 12:42 PM, Wojciech Kruszewski < > > > > woj
Re: If you reserve full instance for custom SSL - why don't I get more dynos?
Yes I believe it would be possible. You could even create a service that would to the pooling: "I'll add your domain to my multi-domain certificate for a yearly fee". Theoretically this business model should work... although I'd much prefer Heroku coming up with their solution. Do you know is it easy to add new domains to existing multi-domain certificates? Regards, Wojciech -- http://twitter.com/WojciechK On Dec 10, 10:44 pm, Doug Petkanics wrote: > If I am following your approach correctly, then I believe it would be > possible for multiple Heroku users to "cooperate" on a single custom SSL > addon using the following steps. > > 1. Alice and Bob agree to cooperate and split the costs between one another > outside of the scope of Heroku's billing. > 2. Alice buys a multi domain SSL cert covering her domain and Bob's domain. > Alice also buys the custom SSL addon, and applies the certificate to her > app. > 3. Alice and Bob edit their domain's DNS settings to point to the dedicated > IP. > 4. Bob enables piggyback ssl on his app, and gets the benefit of Alice's > custom ssl addon. The multi-domain cert they bought includes both their > domains. > > Heroku guys, if this approach would work, would you take issue with some > users pooling together to reduce the cost? I don't ask in the spirit of > taking advantage of your platform, but instead ask because the current price > of custom SSL is prohibitive from running smaller apps on the service right > now. > > Thoughts? > > On Thu, Dec 10, 2009 at 12:00 PM, Wojciech Kruszewski wrote: > > > In fact this is possible with their current environment: > >http://wojciech.oxos.pl/post/277669886/save-on-herokus-custom-ssl-addons > > > On Dec 9, 7:58 pm, Wojciech Kruszewski wrote: > > > This is theoretically possible with their architecture, but they are > > > currently reviewing how easy it would be to implement it and if it's > > > worth the trouble. > > > > I created a public feature request: > >http://support.heroku.com/forums/42310/entries/87156 > > > - would you care to add your vote? > > > > Cheers, > > > Wojciech > > > > On Dec 8, 11:47 pm, Chris Hanks wrote: > > > > > Wojciech, if you ask support about that and get some good news, would > > > > you report back? I'm curious about this too. > > > > > Thanks! > > > > > Chris > > > > > On Dec 8, 2:05 pm, Oren Teich wrote: > > > > > > I don't know if that's possible or not it's probably a function of > > the > > > > > SSL protocol and our routing mesh, but it's beyond my technical > > > > > knowledge. Best bet is to drop support@ a line, and see what they > > > > > say. They'll be able to dig into the details for you. > > > > > > Oren > > > > > > On Tue, Dec 8, 2009 at 12:42 PM, Wojciech Kruszewski < > > wojci...@oxos.pl> wrote: > > > > > > Thanks Oren, this makes sense. > > > > > > > So can that one mostly idle server handle SSL requests for multiple > > > > > > applications? > > > > > > > I mean I tried Heroku and was very happy with the experience - > > looks > > > > > > like it needs little to no maintenance on my part. I'd wish to host > > a > > > > > > handful smaller web apps, each with 1-3 dynos. > > > > > > > I could live with piggyback ssl, if it was my own wildcard > > > > > > certificate. > > > > > > > - Wojciech > > > > > > > On Dec 8, 8:58 pm, Oren Teich wrote: > > > > > >> They are totally independent. The way our architecture works, > > dynos > > > > > >> run on machines called railguns, which are specially set up for > > the > > > > > >> job. We have to setup a special (and yes, mostly idle) server > > just to > > > > > >> handle the SSL requests. It's not possible with the product we > > have > > > > > >> today to run dynos on that server. > > > > > > >> Oren > > > > > > >> On Tue, Dec 8, 2009 at 7:48 AM, Wojciech Kruszewski < > > wojci...@oxos.pl> wrote: > > > > > >> > Hi, > > > > > > >> > I've read your explanation about why you charge $100/mo for > > custom SSL > > > > > >> > (http://docs.heroku.com/ssl#faq). You need exclusive IP, Amazon
Re: SSL, HTTPS and ProxyReverse
Performance hit would be smaller if you had your site on EC2 too. Still have to pay $100/mo just to have exclusive IP for your SSL, only you'd have all spare power of this instance of other purposes. Anyway sounds like making life complicated again. If you plan to host multiple SSL-enabled sites on Heroku, you could host them under one Custom SSL addon (serving one multi-domain certificate). I already tried this: http://wojciech.oxos.pl/post/277669886/save-on-herokus-custom-ssl-addons A workaround until SNI becomes viable solution. Regards, Wojciech -- http://twitter.com/WojciechK On Nov 30, 11:52 am, Paul Leader wrote: > Oren's essentially correct. > > If you wanted to use a reverseproxyin this context, it would need to > terminate theSSLconnection itself. > > However, yourSSLproxybox could re-write the urls tohttps://foo.heroku.com > and then use the free piggy-backSSLservice. > > You would still be open to the possibility of someone hacking your > reverseproxy, but all the communications would be encrypted. > > This is not really any different from a normal application with anSSL > front end acting as a gateway, with private application servers behind > it. The only difference is that the "internal" communications are > actually going over the public internet, but in encrypted form. > > Because theSSLreverseproxywould have to unpack and modify all > requests, it wouldn't be particularly efficient. You would now have > two encryption/decryption cycles, and a rewriter in the middle, so > expect a bit of a performance hit. > > It would be nice if SNI support was more widespread, as that would be > the best solution at just $5 a month. > > Paul > --http://www.graphomatic.net- Graph your lfe > > On Nov 29, 9:19 pm, Oren wrote: > > > Someone with betterSSL-foo may chime in here, but I don't believe you > > canproxyanSSLrequest. That would consitute a man-in-the-middle > > attack. The browser would detect this, and provide a big fat warning > > to the user. You could terminate theSSLconnection on the VPs, but > > then of course the VPS->Heroku connection wouldn't be encrypted. > > > Oren > > > On Nov 28, 4:35 pm, Jordan Brock wrote: > > > > With the recent addition of custom domainSSLhosting on Heroku, the > > > possibility of moving some of my production sites over became very > > > real. Very real until I saw the cost of theSSLadd-on that is. $1200/ > > > year per site is not really an option. > > > > However, it got a friend and I thinking: Couldn't this be worked > > > around with ProxyPass and ProxyPassReverse? Eg, I run a dedicated VPS > > > that does nothing except act as aproxyserver. This server has the > > >SSLcertificate on it, and acts as aproxyforhttps://example.heroku.com > > > > Is there anything inherently wrong with this approach? It's kind of > > > what is being done by heroku anyway for their normal hosting (eg > > > everything is behind a proxying server). > > > > It's an additional point of failure, and is a potential security risk > > > (in terms of someone hacking into the VPS and redirecting the > > > ProxyPassReverse directive). But with those caveats, is it something > > > that could be done? > > > > An example: > > > >http://www.example.comactsasaproxyforhttp://example.heroku.comhttps://www.example.comactsasaproxyforhttps://example.heroku.com > > > > Any thoughts? -- You received this message because you are subscribed to the Google Groups "Heroku" group. To post to this group, send email to her...@googlegroups.com. To unsubscribe from this group, send email to heroku+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/heroku?hl=en.
Re: If you reserve full instance for custom SSL - why don't I get more dynos?
In fact this is possible with their current environment: http://wojciech.oxos.pl/post/277669886/save-on-herokus-custom-ssl-addons On Dec 9, 7:58 pm, Wojciech Kruszewski wrote: > This is theoretically possible with their architecture, but they are > currently reviewing how easy it would be to implement it and if it's > worth the trouble. > > I created a public feature > request:http://support.heroku.com/forums/42310/entries/87156 > - would you care to add your vote? > > Cheers, > Wojciech > > On Dec 8, 11:47 pm, Chris Hanks wrote: > > > Wojciech, if you ask support about that and get some good news, would > > you report back? I'm curious about this too. > > > Thanks! > > > Chris > > > On Dec 8, 2:05 pm, Oren Teich wrote: > > > > I don't know if that's possible or not it's probably a function of the > > > SSL protocol and our routing mesh, but it's beyond my technical > > > knowledge. Best bet is to drop support@ a line, and see what they > > > say. They'll be able to dig into the details for you. > > > > Oren > > > > On Tue, Dec 8, 2009 at 12:42 PM, Wojciech Kruszewski > > > wrote: > > > > Thanks Oren, this makes sense. > > > > > So can that one mostly idle server handle SSL requests for multiple > > > > applications? > > > > > I mean I tried Heroku and was very happy with the experience - looks > > > > like it needs little to no maintenance on my part. I'd wish to host a > > > > handful smaller web apps, each with 1-3 dynos. > > > > > I could live with piggyback ssl, if it was my own wildcard > > > > certificate. > > > > > - Wojciech > > > > > On Dec 8, 8:58 pm, Oren Teich wrote: > > > >> They are totally independent. The way our architecture works, dynos > > > >> run on machines called railguns, which are specially set up for the > > > >> job. We have to setup a special (and yes, mostly idle) server just to > > > >> handle the SSL requests. It's not possible with the product we have > > > >> today to run dynos on that server. > > > > >> Oren > > > > >> On Tue, Dec 8, 2009 at 7:48 AM, Wojciech Kruszewski > > > >> wrote: > > > >> > Hi, > > > > >> > I've read your explanation about why you charge $100/mo for custom > > > >> > SSL > > > >> > (http://docs.heroku.com/ssl#faq). You need exclusive IP, Amazon > > > >> > assigns only one IP for an instance, so you need to reserve full > > > >> > instance just to use one SSL cert - seems fair. > > > > >> > Ok, but if you reserve full EC2 instance just for me... then why do I > > > >> > have to pay for extra dynos? Aren't you double-billing for this > > > >> > instance? > > > > >> > I believe it's "just against your architecture" but still I'd like to > > > >> > know the explanation. > > > > >> > Regards, > > > >> > Wojciech > > > > >> > -- > > > >> >http://twitter.com/WojciechKhttp://oxos.pl-RubyonRails development > > > > >> > -- > > > > >> > You received this message because you are subscribed to the Google > > > >> > Groups "Heroku" group. > > > >> > To post to this group, send email to her...@googlegroups.com. > > > >> > To unsubscribe from this group, send email to > > > >> > heroku+unsubscr...@googlegroups.com. > > > >> > For more options, visit this group > > > >> > athttp://groups.google.com/group/heroku?hl=en. > > > > > -- > > > > > You received this message because you are subscribed to the Google > > > > Groups "Heroku" group. > > > > To post to this group, send email to her...@googlegroups.com. > > > > To unsubscribe from this group, send email to > > > > heroku+unsubscr...@googlegroups.com. > > > > For more options, visit this group > > > > athttp://groups.google.com/group/heroku?hl=en. -- You received this message because you are subscribed to the Google Groups "Heroku" group. To post to this group, send email to her...@googlegroups.com. To unsubscribe from this group, send email to heroku+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/heroku?hl=en.
Re: If you reserve full instance for custom SSL - why don't I get more dynos?
This is theoretically possible with their architecture, but they are currently reviewing how easy it would be to implement it and if it's worth the trouble. I created a public feature request: http://support.heroku.com/forums/42310/entries/87156 - would you care to add your vote? Cheers, Wojciech On Dec 8, 11:47 pm, Chris Hanks wrote: > Wojciech, if you ask support about that and get some good news, would > you report back? I'm curious about this too. > > Thanks! > > Chris > > On Dec 8, 2:05 pm, Oren Teich wrote: > > > I don't know if that's possible or not it's probably a function of the > > SSL protocol and our routing mesh, but it's beyond my technical > > knowledge. Best bet is to drop support@ a line, and see what they > > say. They'll be able to dig into the details for you. > > > Oren > > > On Tue, Dec 8, 2009 at 12:42 PM, Wojciech Kruszewski > > wrote: > > > Thanks Oren, this makes sense. > > > > So can that one mostly idle server handle SSL requests for multiple > > > applications? > > > > I mean I tried Heroku and was very happy with the experience - looks > > > like it needs little to no maintenance on my part. I'd wish to host a > > > handful smaller web apps, each with 1-3 dynos. > > > > I could live with piggyback ssl, if it was my own wildcard > > > certificate. > > > > - Wojciech > > > > On Dec 8, 8:58 pm, Oren Teich wrote: > > >> They are totally independent. The way our architecture works, dynos > > >> run on machines called railguns, which are specially set up for the > > >> job. We have to setup a special (and yes, mostly idle) server just to > > >> handle the SSL requests. It's not possible with the product we have > > >> today to run dynos on that server. > > > >> Oren > > > >> On Tue, Dec 8, 2009 at 7:48 AM, Wojciech Kruszewski > > >> wrote: > > >> > Hi, > > > >> > I've read your explanation about why you charge $100/mo for custom SSL > > >> > (http://docs.heroku.com/ssl#faq). You need exclusive IP, Amazon > > >> > assigns only one IP for an instance, so you need to reserve full > > >> > instance just to use one SSL cert - seems fair. > > > >> > Ok, but if you reserve full EC2 instance just for me... then why do I > > >> > have to pay for extra dynos? Aren't you double-billing for this > > >> > instance? > > > >> > I believe it's "just against your architecture" but still I'd like to > > >> > know the explanation. > > > >> > Regards, > > >> > Wojciech > > > >> > -- > > >> >http://twitter.com/WojciechKhttp://oxos.pl-Rubyon Rails development > > > >> > -- > > > >> > You received this message because you are subscribed to the Google > > >> > Groups "Heroku" group. > > >> > To post to this group, send email to her...@googlegroups.com. > > >> > To unsubscribe from this group, send email to > > >> > heroku+unsubscr...@googlegroups.com. > > >> > For more options, visit this group > > >> > athttp://groups.google.com/group/heroku?hl=en. > > > > -- > > > > You received this message because you are subscribed to the Google Groups > > > "Heroku" group. > > > To post to this group, send email to her...@googlegroups.com. > > > To unsubscribe from this group, send email to > > > heroku+unsubscr...@googlegroups.com. > > > For more options, visit this group > > > athttp://groups.google.com/group/heroku?hl=en. -- You received this message because you are subscribed to the Google Groups "Heroku" group. To post to this group, send email to her...@googlegroups.com. To unsubscribe from this group, send email to heroku+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/heroku?hl=en.
Re: If you reserve full instance for custom SSL - why don't I get more dynos?
Thanks Oren, this makes sense. So can that one mostly idle server handle SSL requests for multiple applications? I mean I tried Heroku and was very happy with the experience - looks like it needs little to no maintenance on my part. I'd wish to host a handful smaller web apps, each with 1-3 dynos. I could live with piggyback ssl, if it was my own wildcard certificate. - Wojciech On Dec 8, 8:58 pm, Oren Teich wrote: > They are totally independent. The way our architecture works, dynos > run on machines called railguns, which are specially set up for the > job. We have to setup a special (and yes, mostly idle) server just to > handle the SSL requests. It's not possible with the product we have > today to run dynos on that server. > > Oren > > On Tue, Dec 8, 2009 at 7:48 AM, Wojciech Kruszewski wrote: > > Hi, > > > I've read your explanation about why you charge $100/mo for custom SSL > > (http://docs.heroku.com/ssl#faq). You need exclusive IP, Amazon > > assigns only one IP for an instance, so you need to reserve full > > instance just to use one SSL cert - seems fair. > > > Ok, but if you reserve full EC2 instance just for me... then why do I > > have to pay for extra dynos? Aren't you double-billing for this > > instance? > > > I believe it's "just against your architecture" but still I'd like to > > know the explanation. > > > Regards, > > Wojciech > > > -- > >http://twitter.com/WojciechKhttp://oxos.pl- Ruby on Rails development > > > -- > > > You received this message because you are subscribed to the Google Groups > > "Heroku" group. > > To post to this group, send email to her...@googlegroups.com. > > To unsubscribe from this group, send email to > > heroku+unsubscr...@googlegroups.com. > > For more options, visit this group > > athttp://groups.google.com/group/heroku?hl=en. -- You received this message because you are subscribed to the Google Groups "Heroku" group. To post to this group, send email to her...@googlegroups.com. To unsubscribe from this group, send email to heroku+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/heroku?hl=en.
If you reserve full instance for custom SSL - why don't I get more dynos?
Hi, I've read your explanation about why you charge $100/mo for custom SSL (http://docs.heroku.com/ssl#faq). You need exclusive IP, Amazon assigns only one IP for an instance, so you need to reserve full instance just to use one SSL cert - seems fair. Ok, but if you reserve full EC2 instance just for me... then why do I have to pay for extra dynos? Aren't you double-billing for this instance? I believe it's "just against your architecture" but still I'd like to know the explanation. Regards, Wojciech -- http://twitter.com/WojciechK http://oxos.pl - Ruby on Rails development -- You received this message because you are subscribed to the Google Groups "Heroku" group. To post to this group, send email to her...@googlegroups.com. To unsubscribe from this group, send email to heroku+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/heroku?hl=en.
Re: Desperate for an Invite
Can I have one too? -- http://www.linkedin.com/in/wkruszewski http://www.xing.com/profile/wojciech_kruszewski On Jan 19, 6:12 pm, shenry wrote: > post your email and I'll send you an invite. > > On Jan 19, 9:04 am, Chris wrote: > > > Hey all, > > > Since reading about Heroku, I have basically made it my life goal to > > get invited, but it seems like a difficult task. Does anyone know how > > I can get an invite to the site? Any help at all would be greatly > > appreciated. Thanks! > > > -Chris --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Heroku" group. To post to this group, send email to heroku@googlegroups.com To unsubscribe from this group, send email to heroku+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/heroku?hl=en -~--~~~~--~~--~--~---