NOTE: This buildpack is in an experimental OSS project.
This is a buildpack for handling static sites and single page web apps.
For a guide, read the Getting Started with Single Page Apps on Heroku.
- serving static assets
- gzip on by default
- error/access logs support in
heroku logs
- custom configuration
The static.json
file is required to use this buildpack. This file handles all the configuration described below.
- Set the app to this buildpack:
$ heroku buildpacks:set https://github.com/heroku/heroku-buildpack-static.git
. - Deploy:
$ git push heroku master
You can configure different options for your static application by writing a static.json
in the root folder of your application.
This allows you to specify a different asset root for the directory of your application. For instance, if you're using ember-cli, it naturally builds a dist/
directory, so you might want to use that intsead.
{
"root": "dist/"
}
By default this is set to public_html/
This allows you to perform 301 redirects to a specific hostname, which can be useful for redirecting www to non-www (or vice versa).
{
"canonical_host": "www.example.com"
}
You can use environment variables as well:
{
"canonical_host": "${HOST}"
}
This allows you to specify a character set for your text assets (HTML, Javascript, CSS, and so on). For most apps, this should be the default value of "UTF-8", but you can override it by setting encoding
:
{
"encoding": "US-ASCII"
}
For SEO purposes, you can drop the .html
extension from URLs for say a blog site. This means users could go to /foo
instead of /foo.html
.
{
"clean_urls": true
}
By default this is set to false
.
You can disable the access log and change the severity level for the error log.
{
"logging": {
"access": false,
"error": "warn"
}
}
By default access
is set to true
and error
is set to error
.
The environment variable STATIC_DEBUG
can be set, to override the error
log level to error
.
You can define custom routes that combine to a single file. This allows you to preserve routing for a single page web application. The following operators are supported:
*
supports a single path segment in the URL. In the configuration below,/baz.html
would match but/bar/baz.html
would not.**
supports any length in the URL. In the configuration below, both/route/foo
would work and/route/foo/bar/baz
.
{
"routes": {
"/*.html": "index.html",
"/route/**": "bar/baz.html"
}
}
When serving a single page app, it's useful to support wildcard URLs that serves the index.html file, while also continuing to serve JS and CSS files correctly. Route ordering allows you to do both:
{
"routes": {
"/assets/*": "/assets/",
"/**": "index.html"
}
}
With custom redirects, you can move pages to new routes but still preserve the old routes for SEO purposes. By default, we return a 301
status code, but you can specify the status code you want.
{
"redirects": {
"/old/gone/": {
"url": "/",
"status": 302
}
}
}
It's common to want to be able to test the frontend against various backends. The url
key supports environment variable substitution using ${ENV_VAR_NAME}
. For instance, if there was a staging and production Heroku app for your API, you could setup the config above like the following:
{
"redirects": {
"/old/gone/": {
"url": "${NEW_SITE_DOMAIN}/new/here/"
}
}
}
Then using the config vars, you can point the frontend app to the appropriate backend. To match the original proxy setup:
$ heroku config:set NEW_SITE_DOMAIN="https://example.herokapp.com"
You can replace the default nginx 404 and 500 error pages by defining the path to one in your config.
{
"error_page": "errors/error.html"
}
You can redirect all HTTP requests to HTTPS.
{
"https_only": true
}
You can enable Basic Authentication so all requests require authentication.
{
"basic_auth": true
}
This will generate .htpasswd
using environment variables BASIC_AUTH_USERNAME
and BASIC_AUTH_PASSWORD
if they are present. Otherwise it will use a standard .htpasswd
file present in the app
directory.
Passwords set via BASIC_AUTH_PASSWORD
can be generated using OpenSSL or Apache Utils. For instance: openssl passwd -apr1
.
For single page web applications like Ember, it's common to back the application with another app that's hosted on Heroku. The down side of separating out these two applications is that now you have to deal with CORS. To get around this (but at the cost of some latency) you can have the static buildpack proxy apps to your backend at a mountpoint. For instance, we can have all the api requests live at /api/
which actually are just requests to our API server.
{
"proxies": {
"/api/": {
"origin": "https://hone-ember-todo-rails.herokuapp.com/"
}
}
}
It's common to want to be able to test the frontend against various backends. The origin
key supports environment variable substitution using ${ENV_VAR_NAME}
. For instance, if there was a staging and production Heroku app for your API, you could setup the config above like the following:
{
"proxies": {
"/api/": {
"origin": "https://${API_APP_NAME}.herokuapp.com/"
}
}
}
Then using the config vars, you can point the frontend app to the appropriate backend. To match the original proxy setup:
$ heroku config:set API_APP_NAME="hone-ember-todo-rails"
Using the headers key, you can set custom response headers. It uses the same operators for pathing as Custom Routes.
{
"headers": {
"/": {
"Cache-Control": "no-store, no-cache"
},
"/assets/**": {
"Cache-Control": "public, max-age=512000"
},
"/assets/webfonts/*": {
"Access-Control-Allow-Origin": "*"
}
}
}
For example, to enable CORS for all resources, you just need to enable it for all routes like this:
{
"headers": {
"/**": {
"Access-Control-Allow-Origin": "*"
}
}
}
When there are header conflicts, the last header definition always wins. The headers do not get appended. For example,
{
"headers": {
"/**": {
"X-Foo": "bar",
"X-Bar": "baz"
},
"/foo": {
"X-Foo": "foo"
}
}
}
when accessing /foo
, X-Foo
will have the value "foo"
and X-Bar
will not be present.
- HTTPS redirect
- Root Files
- Clean URLs
- Proxies
- Redirects
- Custom Routes
- 404
In case you have multiple buildpacks for the application you can ensure static rendering in Procfile
with web: bin/boot
.
For testing we use Docker to replicate Heroku locally. You'll need to have it setup locally. We're also using rspec for testing with Ruby. You'll need to have those setup and install those deps:
$ bundle install
To run the test suite just execute:
$ bundle exec rspec
To add a new test, add another example inside spec/simple_spec.rb
or create a new file based off of spec/simple_spec.rb
. All the example apps live in spec/fixtures
.
When writing a test, BuildpackBuilder
creates the docker container we need that represents the heroku cedar-14 stack. AppRunner.new
takes the name of a fixture and mounts it in the container built by BuildpackBuilder
to run tests against. The AppRunner
instance provides convenience methods like get
that just wrap net/http
for analyzing the response.
If you are running docker with boot2docker, the buildpack will automatically send tests to the right ip address. You need to forward the docker's port 3000 to the virtual machine's port though.
VBoxManage modifyvm "boot2docker-vm" --natpf1 "tcp-port3000,tcp,,3000,,3000";
The steps buildpack maintainers need to perform when releasing new nginx
binaries (either for a new stack or ngx_mruby
version), are:
- Update the stacks list in
Makefile
and/or the ngx_mruby version inscripts/build_ngx_mruby.sh
. - Run
make build
to build all stacks ormake build-heroku-NN
to build just one stack. - Ensure the AWS CLI is installed (eg
brew install awscli
). - Authenticate with the relevant AWS account (typically by setting the environment variables from PCSK).
- Run
make sync
(or if using a custom S3 bucket,S3_BUCKET=... make sync
). - Update
bin/compile
to reference the new stacks and/or nginx version URLs. - Open a PR with the changes from (1) and (6).