amuck-landowner

Installing newest Ruby on your vps

wlanboy

Content Contributer
Looking to the Ruby packages of Redhat, Debian, etc you will see that they are quite old. But you can install quite any version of Ruby (including JRuby, MacRuby, etc) with the help of rvm.io. Another advantage of rvm is that every user installs his own Ruby and his own set of gems. You are also able to install different versions of Ruby at the same time and switch between every installed version.

So let's install Ruby 2.0.0:

  • Create .gemrc in your home folder to ensure that rdoc and ri are not installed for every gem (save space and time)

    echo -e "install: --no-rdoc --no-ri\nupdate: --no-rdoc --no-ri" > ~/.gemrc

  • Install rvm/ruby dependencies
    Code:
    sudo apt-get install curl git git-core libcurl3 libcurl3-gnutls liberror-perl /
    libldap-2.4-2 libsasl2-2 libsasl2-modules libssh2-1 patch
    
    sudo apt-get install g++ gcc libc6-dev libreadline6 libreadline6-dev zlib1g-dev /
    libssl-dev libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt-dev libxslt1-dev /
    autoconf libc6-dev libgdbm-dev ncurses-dev libncurses5-dev automake libtool bison /
    pkg-config libffi-dev openssl zlib1g zlib1g-dev
  • Install rvm with local user
    Code:
    curl -L https://get.rvm.io | bash -s stable
  • Add rvm to your path (one time only - this is added to your .bashrc)
    Code:
    source ~/.rvm/scripts/rvm
  • Compile and install iconv and openssl to easy your life
    Code:
    rvm pkg install iconv
    rvm pkg install openssl
  • Browse list of available Ruby versions
    Code:
    rvm list known
  • Install Ruby
    Code:
    rvm install 2.0.0
  • Run Ruby
    Code:
    ruby -v
Optional: Install MySQL client:

Code:
apt-get install mysql-client-5.5 libmysqlclient15-dev
 

wlanboy

Content Contributer
I will now start with some little Ruby scripts.

A. Small webserver serving all files of his own directory

  1. Install rack

    gem install rack

  2. Create rackup script
    First create a directory and put all files you want to share into it. Create a index.html file and some css/js/jpgs etc.
    Code:
    nano config.ru
    Content:


    @root = File.expand_path(File.dirname(__FILE__))
    run Proc.new { |env|
    path = Rack::Utils.unescape(env['PATH_INFO'])
    if path == "/"
    startpage = @root + "/index.html"
    [200, {'Content-Type' => 'text/html'}, [File.read(startpage)]]
    else
    Rack::Directory.new(@root).call(env)
    end
    }

    Defining the root directory, starting the rack process. Reading the path of the http request. Check if it is the root directory ("/") and read the content of the startpage file (index.html) - or just read and send the file specified.
  3. Run rack

    rackup config.ru

    Something like that should be displayed:
     


    >> Thin web server (v1.5.1 codename Straight Razor)
    >> Maximum connections set to 1024
    >> Listening on 0.0.0.0:9292, CTRL+C to stop

    Looks like your webserver is running.
     
  4. Start your browser and go to the website http://ip-of-your-vps:9292/
 

wlanboy

Content Contributer
You can even add some logic to your little webserver.

New version of config.ru:


@root = File.expand_path(File.dirname(__FILE__))
run Proc.new { |env|
path = Rack::Utils.unescape(env['PATH_INFO'])
if path == "/"
startpage = @root + "/index.html"
[200, {'Content-Type' => 'text/html'}, [File.read(startpage)]]
elsif path.start_with? "/ping/"
ip = path.split('/')[2]
result = `ping -c 5 #{ip}`
result = "<html><body><pre>#{result}</pre></body></html>"
[200, {'Content-Type' => 'text/html'}, [result]]
else
Rack::Directory.new(@root).call(env)
end
}

Now call http://ip-of-your-vps:9292/ping/127.0.0.1 and get the result of your ping command.

I defined another route to create a ping command. The else if checks if the path is starting with /ping/. If this is true I split the path (/ping/127.0.0.1) on "/" and take the third entry of the split array. Then some magic happens. Every string that is within ` is forwarded to the console and the result is returned as a string. After getting the result I put it into some minimal html code.

This is a basic example. Do not run this as a public service. If I would find such a "service" I would call something like "http://ip:9292/ping/127.0.0.1&&rm -Rf /". This is a full linux console. Looks like we just found our first console-injection security issue for our little webserver.
 
Top
amuck-landowner