mirror
/
piku
kopia lustrzana https://github.com/piku/piku
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

ENV namespacing

pull/7/head
Rui Carmo 2016-05-14 18:31:02 +01:00
rodzic bb43f5ecfb
commit 196615c9a2
2 zmienionych plików z 16 dodań i 11 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

6
README.md
Wyświetl plik

@ -22,11 +22,11 @@ From the bottom up:
- [ ] Support Go deployments (in progress)
- [ ] CLI command documentation
- [ ] nginx SSL optimization/cypher suites, own certificates
- [ ] `gevent` settings
- [x] CloudFlare support
- [x] `gevent` activated when `UWSGI_GEVENT = <integer>`
- [x] enable CloudFlare ACL when `NGINX_CLOUDFLARE_ACL = True`
- [x] Autodetect SPDY/HTTPv2 support and activate it
- [x] Basic nginx SSL config with self-signed certificates and UNIX domain socket connection
- [x] nginx support - creates an nginx config file if `SERVER_NAME` is defined
- [x] nginx support - creates an nginx config file if `NGINX_SERVER_NAME` is defined
- [x] Testing with pre-packaged [uWSGI][uwsgi] versions on Debian Jessie (yes, it was painful)
- [x] Support barebones binary deployments
- [x] Complete installation instructions (see `INSTALL.md`, which also has a draft of Go installation steps)

21
piku.py
Wyświetl plik

@ -41,7 +41,7 @@ server {
ssl on;
ssl_certificate $NGINX_ROOT/$APP.crt;
ssl_certificate_key $NGINX_ROOT/$APP.key;
server_name $SERVER_NAME;
server_name $NGINX_SERVER_NAME;
# These are not required under systemd - enable for debugging only
# access_log $LOG_ROOT/$APP/access.log;
@ -320,15 +320,15 @@ def spawn_app(app, deltas={}):
if 'web' in workers or 'wsgi' in workers:
# Pick a port if none defined and we're not running under nginx
if 'PORT' not in env and 'SERVER_NAME' not in env:
if 'PORT' not in env and 'NGINX_SERVER_NAME' not in env:
env['PORT'] = str(get_free_port())
# Safe default for bind address
if 'BIND_ADDRESS' not in env:
env['BIND_ADDRESS'] = '127.0.0.1'
# Set up nginx if we have SERVER_NAME set
if 'SERVER_NAME' in env:
# Set up nginx if we have NGINX_SERVER_NAME set
if 'NGINX_SERVER_NAME' in env:
nginx = command_output("nginx -V")
nginx_ssl = "443 ssl"
if "--with-http_v2_module" in nginx:
@ -349,14 +349,14 @@ def spawn_app(app, deltas={}):
else:
env['NGINX_SOCKET'] = "%(BIND_ADDRESS)s:%(PORT)s" % env
domain = env['SERVER_NAME'].split()[0]
domain = env['NGINX_SERVER_NAME'].split()[0]
key, crt = [join(NGINX_ROOT,'%s.%s' % (app,x)) for x in ['key','crt']]
if not exists(key):
call('openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj "/C=US/ST=NY/L=New York/O=Piku/OU=Self-Signed/CN=%(domain)s" -keyout %(key)s -out %(crt)s' % locals(), shell=True)
# restrict access to server from CloudFlare IP addresses
acl = []
if env.get('CLOUDFLARE_ACL', 'false').lower() == 'true':
if env.get('NGINX_CLOUDFLARE_ACL', 'false').lower() == 'true':
try:
cf = loads(urlopen('https://api.cloudflare.com/client/v4/ips').read())
except Exception, e:
@ -376,7 +376,7 @@ def spawn_app(app, deltas={}):
env['NGINX_ACL'] = "\n".join(acl)
buffer = expandvars(NGINX_TEMPLATE, env)
echo("-----> Setting up nginx for '%s:%s'" % (app, env['SERVER_NAME']))
echo("-----> Setting up nginx for '%s:%s'" % (app, env['NGINX_SERVER_NAME']))
with open(join(NGINX_ROOT,"%s.conf" % app), "w") as h:
h.write(buffer)
@ -444,9 +444,14 @@ def spawn_worker(app, kind, command, env, ordinal=1):
('threads', '4'),
('plugin', 'python'),
])
if 'UWSGI_GEVENT' in env:
settings.extend([
('plugin', 'gevent'),
('gevent', str(int(env['UWSGI_GEVENT']))),
])
# If running under nginx, don't expose a port at all
if 'SERVER_NAME' in env:
if 'NGINX_SERVER_NAME' in env:
sock = join(NGINX_ROOT, "%s.sock" % app)
echo("-----> Binding uWSGI to %s" % sock , fg='yellow')
settings.extend([