[Catalyst] Maintainability with RequireSSL and the proper way to manage public+secure applicaitons?

[Bill Moseley]

On Wed, Apr 02, 2008 at 07:53:57PM -0700, Dustin Suchter wrote:
> So I finally just got RequireSSL installed on my system. I realize 
> my current production/development system is not as smoothy 
> integrated as it could be. My public site is entirely static HTML, 
> while my secure site is a proper Catalyst/MySQL/TT2 application. 
> Because of this I chose to have Lighttpd serve static HTML directly 
> but pass any requests for the secure site to the FastCGI handler for 
> Catalyst. I don't really have a good way to see the static HTML 
> content when I'm using the interal Catalyst webserver for development.
> 
> So what's the right way to integrate things so that my entire 
> system, both development with the Catalyst HTTP::Daemon and the 
> production FastCGI system on Lighty, works without significant 
> independent configuration and without being horribly un-optimized?

I have a static plugin that handles static content under development.
I also have different config files for different environments ( dev
vs. production, for example) where I can specify different url
prefixes to the static content.  Actually, I have a base config file
and I merge in other files basd on the environment.

Under production I can either change the URL prefix for static content
and have it fetched from another server, or use a proxy and have it
server the static paths directly and reverse proxy the dynamic
content.

For pages that are "static" but build with TT via the application I
set the cache headers and use a caching proxy in front.  In the config
section for running as development I have a flag that disabled caching
so the pages are not cached in my browser during development.

I use TT and the application config file to build the httpd.conf
files (since the config file knows where static content lives).

-- 
Bill Moseley
moseley at hank.org