Remote update mechanism for web applications

Hi all,

We developed a web app for one of our clients. The web app runs on a linux machine in their network. Xojo Cloud is (due to security concerns - internal apps need to be hosted inside their network) no option. Unfortunately, I cannot get any direct access to the linux server in order to install an update. No SSH, no VPN, … Up to now, I connected to the sysadmin’s PC through TeamViewer and logged into the linux server using Putty from there, downloaded the update it from the sysadmin’s PC. Pretty cumbersome.

So I am thinking of an update mechanism to make things a little easier - and asking for your opinion about reliability/feasibility on the procedure I sketched so far.
First I would package a new release and all necessary assets into a virtual volume (using the internal Xojo VirtualVolume class). I would send that file to the client’s sysadmin. The webapp has a file uploader where they could upload it. The app then removes the to be replaced files including the app itself (This shouldn’t be a problem since the old one still remains in memory till it quits, right?), then copies the new files out of the virtual volume, runs the new app on a special port and quits itself. The new app detects that it’s being run on a special port, relaunches itself on the correct port and all should be fine.

That way I would not need any helper app which makes it a little easier if I want to update the update mechanism itself since it’s just part of the webapp itself.

Any concerns and/or hints?


The admin will have to type in his login and password to access his host for the upload to proceed, and you will need to make sure permissions are set right. But it looks fine.

The other way you could do this without the sysadmin part is to have your web app poll an internal mail server for new emails in a specific format and then download the mail message which will contain the the virtual volume file. You could encrypt the file to make it more secure and make the email address only allow emails from you will make it even more secure. This way you can email an update to the special email address whenever you need to do an update.

Or if they are a large enough company and have a dedicated external IP range then you could get the web app to call home to your server using FTP and download the latest update. This would be even more secure for everyone. You would want the dedicated IP address to restrict the FTP access.

you could use a VV or tar or zip or whatever bundling method you want, place the updated app in a specific directory. Then have the app check of updates, if one exists, it runs a helper app and quits. helper app installs the updates. then starts up the app (unless it is a CGIBIN then you just let the next connection to the app start it. before WE, I have done this with PHP and PERL based webapps.

This server does not have access to the internet, just the local network. E-mail is not an option, either :-/
First I thought about using a helper app - but if I can manage it without, I’d prefer to go that route.