Secure Static IP for Ruby SFTP using QGTunnel Shield

Learn how to securely route Ruby SFTP file transfers through a QuotaGuard Shield proxy using QGTunnel.

Prerequisites

# QGTunnel
curl https://s3.amazonaws.com/quotaguard/qgtunnel-latest.tar.gz | tar xz

# SFTP Gem
gem install net-sftp

Instructions

Run example

QUOTAGUARDSHIELD_URL=... ./bin/qgtunnel ruby sftp.rb

Be sure to set QUOTAGUARDSHIELD_URL to your Connection URL from the QuotaGuard Dashboard.

Additionally, to use the qgtunnel_config file, rename it as .qgtunnel to be discovered by bin/qgtunnel process

‍

Test in Docker

docker build -t qg-shield-ruby-sftp-example .
docker run -e QUOTAGUARDSHIELD_URL=... qg-shield-ruby-sftp-example

‍

Code Samples

sftp.rb

#!/usr/bin/env ruby

require 'net/sftp'

Net::SFTP.start('test.rebex.net', 'demo', password: 'password', port: 2222) do |sftp|
  sftp.download!('readme.txt', 'readme.txt')
end

if File.exist?('readme.txt')
  puts "Downloaded 'readme.txt' successfully"
  puts "   CONTENTS"
  puts "--------------"
  puts File.read('readme.txt')
  puts "--------------"
else
  puts "MISSING 'readme.txt'"
  exit 1
end

Docker File

FROM ruby:latest

WORKDIR /app/

RUN gem install net-sftp

#install qgtunnel
RUN curl https://s3.amazonaws.com/quotaguard/qgtunnel-latest.tar.gz | tar xz
ENV QGTUNNEL_DEBUG true

COPY sftp.rb sftp.rb
COPY qgtunnel_config .qgtunnel

ENTRYPOINT [ "bin/qgtunnel", "ruby", "sftp.rb" ]

View on GitHub