One of the most frustrating things I found early on when working on facebook applications, was that there was no simple way to create a local development environment. Because so many of the features of the platform existed only when the code was executed THROUGH the facebook proxy (fbml parsing, fb:ref cache content, etc), I found myself in an almost endless cycle of “svn commit”, “svn up” on the test server. Although I could have reduced this to a single step using a capistrano deployment task, or (heavens forbid) simply edited the code in place on the server using VI, I wasn’t happy with either of these options.
By happy coincidence, I spent the day hacking away on FB apps with my friend Ben Savage, who showed me how *he* does it – he simply port forwards port 4100 on his local router into his laptop, and then sets the facebook application to use his current outside IP:4100 as the app url.
I didn’t like this for a few reasons – first, it requires admin access to the router, a no-go from Starbucks. Second, I don’t like having to change my facebook application settings every time I change offices. So I decided to try using an ssh tunnel.
After mucking about a bit, I got it working! Here’s what I had to do (and yes, it’s pretty ugly and you probably want to do this on a non-critical junk proxy box you’ve got somewhere):
Changes to /etc/ssh/sshd_config
1. You have to make the ssh connection as root in order to bind to a privileged port (it’s probably trivial to use a non-privileged port for this, but I couldn’t be bothered). So you need to enabled root logins, by adding/changing
PermitRootLogin yes
2. In order to bind to a network address other than localhost on the remote server, you need
GatewayPorts yes
Then you simply run this from console on your local machine:
ssh root@mytunnelbox.com -p22 -N -R *:8090/localhost/80
This will forward port 8090 on your remote server to port 80 on your local workstation, via ssh tunnel. I don’t usually bother to fork into the background, because it’s nice to be able to ctrl-c to finish up.
Now get into your facebook developer application (you probably want to create a test application for this), and change the Callback URL to mytunnelbox.com:8090/. (You’ll only have to do this the first time).
Voila! Local development facebook application work – from Starbucks or anywhere else!
#1 by admin at February 14th, 2008
Philipp Wassibauer over at Maptales has expanded on this with instructions for how to do this on a Windows machine, using Putty.
Check it out:
http://maptalesteam.blogspot.com/2008/02/ssh-tunnel-for-local-facebook-and.html
#2 by Erez Segal at April 30th, 2008
Amazing! This should be on the main page of the developers wiki!
#3 by Robin Bolton at October 20th, 2008
Excellent tip. Even with my current single command deployment process (Ant build file which calls rsync), your method will save loads of time during development.
#4 by Guy at October 30th, 2008
Cool Blog!
I was doing it already though, without encryption… I don’t see why this is useful.
My problem was how to work from work
Except from that, editing the files locally is something you can’t compete with, although I’m using mercurial as a source code repository, this way I’m tracking changes and are able to remotely work on the project.
#5 by shaneel at January 26th, 2009
Thankyou very much , finally i have a hope to start with.
Well done.
Please be prepared for more questions
#6 by dbt at June 1st, 2009
You're not binding to a privileged port, that's only stuff under 1024. So you don't need to log in as root to bind to 8090 at all. Try it!
#7 by Domain Names at August 18th, 2009
It's great for secure communications. But, have you ever tried to develop Facebook Tunnels for SSH Applications? Now that is the challenge. Aw.. It's getting late!
#8 by Maiden Name at September 17th, 2009
Just tried it and it worked like a charm! Thanks Dbt, really appreciate the input!