Andrew Timberlake Andrew Timberlake

Hi, I’m Andrew, a programer and entrepreneur from South Africa, founder of Sitesure for monitoring websites, APIs, and background jobs.
Thanks for visiting and reading.

Quote: No man is good…

“No man is good who thinks that he cannot be better. He has no holiness who thinks that he is holy enough”—Charles Haddon Spurgeon

22 Apr 2013
quote, theology,

Aaron and God's Grace

While studying the book of Leviticus, I came across an observation that I had not considered before. Aaron, the very person who coordinated the creation of the golden calf and encouraged its worship in Exodus 32, is the person God appoints as the high priest. “Here the gracious forgiveness of God is most clear. Aaron, the chief sinner, is appointed chief mediator between God and the people.” 1

What an incredible demonstration of God’s grace and further encouragement that He uses the least of us to accomplish His great purposes.

1: pg 1331. Wenham GJ 1988. Book of Leviticus in Elwell WA & Beitzel BJ (eds.). Baker encyclopedia of the Bible (vol 2), 1328-1334. Grand Rapids: Baker Book House.
21 Apr 2013
bible-study, theology,

"180" An incredible documentary

21 Apr 2013
video, theology,

Parenting quote by Vodie Baucham

“If parents have raised their children to be great doctors, lawyers, athletes, or musicians, but have not trained their children to honour them and obey God, they have failed!”—Voddie Baucham

13 Apr 2013
quote, theology, parenting,

In the Beginning Was the Word

13 Apr 2013
interest, video, theology,

How to protect downloads but still have nginx serve the files

I’ve just been working on a project where a number of downloads needed to be restricted to specific users. I needed to authenticate the user and then allow them access to the file. This is not too difficult in rails:

def download
  if authenticated?
    send_file #{RAILS_ROOT}/downloads/images/myfile.zip'
  end
end

The problem with this is that if the file is large, rails will spend a lot of time sending this file to the browser. The solution, hand it off to the webserver (in my case, nginx) to send the file once the authentication has succeeded. nginx supports a header named X-Accel-Redirect. Using this header, you send a full path to the file to be downloaded:

def download
  if authenticated?
    #Set the X-Accel-Redirect header with the path relative to the /downloads location in nginx
    response.headers['X-Accel-Redirect'] = '/downloads/myfile.zip'
    #Set the Content-Type header as nginx won't change it and Rails will send text/html
    response.headers['Content-Type'] = 'application/octet-stream'
    #If you want to force download, set the Content-Disposition header (which nginx won't change)
    response.headers['Content-Disposition'] = 'attachment; filename=myfile.zip'
    #Make sure we don't render anything
    render :nothing => true
  end
end

You will need to add a location directive in nginx marked as internal which nginx will use along with your path to get to the physical file.

location /downloads {
  root /rails_deploy/current/downloads;
  #Marked internal so that this location cannot be accessed directly.
  internal;
}

Notes:

You can also set additional control using the following headers:

X-Accel-Limit-Rate: 1024
X-Accel-Buffering: yes|no
X-Accel-Charset: utf-8

See the nginx documentation on X-Accel-Redirect for more information.

1 Dec 2010
ruby, rails, nginx,