For our Rails deployments (like this forum), I setup a proxy rule and run the Rails app as the domain owner user using Puma.
In the distant past, I setup Passenger with Virtualmin, but it’s been so long I don’t remember details. It can run as the domain owner user, though, right? If it can’t, and has to run as Apache, it’s not suitable for a shared hosting deployment…so, surely it can.
I’ve also setup with Unicorn in the past, which is basically the same as using Puma. The app server runs as the domain owner user, and Apache it setup to proxy to it on a local port.
Jamie was working on better support for allowing users to manage their own proxy rules (and protect the port they’re using, so others can’t squat on it), but I don’t know if that’s in the current version. There is already proxy rule setup in the GUI, and has been for many years, but it could be easier and safer to grant access to end users, and that’s what Jamie was adding…maybe already done, or maybe it’s coming in 6.16 or later. I’ll have to check in with him on the state of that.
Edit: I should be clear there is almost nothing special about deploying Rails (or any other modern web framework in any language) on Virtualmin vs. any other system. The basic idea is always, “Run your app server as the domain owner on a local port, proxy to it with Apache or Nginx.”
It’s almost universally considered best practice these days for all modern web frameworks, though the exact details vary. It means it can run as the owner of the site, it means every app can have its own environment up to and including its own Ruby (Python/Perl/whatever) version via rvm or rbenv or whatever means you use to install a local Ruby version, and your app server can be relieved of the hard work of things like SSL termination and serving static files, letting them just serve the dynamic stuff.