From 98ee93b93a871cb5a20425657c1d63f911b235b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Sat, 8 Jun 2019 14:05:48 +0200 Subject: Use uwsgi to start caldance application --- modules/role/manifests/caldance.pp | 72 ++++++++++++++++------ modules/role/templates/caldance/app.ini.erb | 15 +++++ .../templates/caldance/caldance-app.service.erb | 20 ++++++ 3 files changed, 87 insertions(+), 20 deletions(-) create mode 100644 modules/role/templates/caldance/app.ini.erb create mode 100644 modules/role/templates/caldance/caldance-app.service.erb diff --git a/modules/role/manifests/caldance.pp b/modules/role/manifests/caldance.pp index c99892e..f1debb6 100644 --- a/modules/role/manifests/caldance.pp +++ b/modules/role/manifests/caldance.pp @@ -24,11 +24,12 @@ class role::caldance ( include "profile::redis" include "profile::monitoring" - ensure_packages(["python-pip", "python-virtualenv", "python-django"]) + ensure_packages(["python-pip", "python-virtualenv", "python-django", "uwsgi-plugin-python"]) $caldance_app = "${home}/app" $pg_password = generate_password(24, $password_seed, "postgres_caldance") $secret_key = generate_password(24, $password_seed, "secret_key_caldance") + $socket = "/run/caldance/app.sock" $environment = { "DB_NAME" => $pg_db, @@ -42,7 +43,6 @@ class role::caldance ( "MEDIA_ROOT" => "$home/media", } $shell_env = $environment.map |$key, $value| { "$key=$value" } - $apache_env = $environment.map |$key, $value| { "CALDANCE_$key $value" } file { $home: mode => "0755", @@ -111,12 +111,13 @@ class role::caldance ( require => [User["$user:"], File["$caldance_app/manage.py"]], refreshonly => true, } ~> - exec { "reload httpd": - command => "/usr/bin/systemctl reload httpd", - require => [User["$user:"], File["$caldance_app/manage.py"]], + exec { "restart uwsgi application": + command => "/usr/bin/systemctl restart caldance-app.service", + require => [User["$user:"], File["$caldance_app/app.ini"]], refreshonly => true, } + $uwsgi_path = "${home}/virtualenv/bin/uwsgi" $python_path = "${home}/virtualenv/bin/python" file { "$caldance_app/manage.py": owner => $user, @@ -129,6 +130,17 @@ class role::caldance ( ], } + file { "$caldance_app/app.ini": + owner => $user, + group => $group, + mode => "0644", + content => template("role/caldance/app.ini.erb"), + require => [ + User["$user:"], + Archive[ "${home}/caldance_${caldance_version}.tar.gz"], + ], + } + profile::postgresql::master { "postgresql master for caldance": letsencrypt_host => $web_host, backup_hosts => ["backup-1"], @@ -167,18 +179,28 @@ class role::caldance ( class { 'apache::mod::authn_core': } class { 'apache::mod::authz_user': } class { 'apache::mod::auth_basic': } + class { 'apache::mod::proxy': } + apache::mod { 'proxy_uwsgi': } apache::vhost { $web_host: - port => '443', - docroot => false, - manage_docroot => false, - ssl => true, - ssl_cert => "/etc/letsencrypt/live/$web_host/cert.pem", - ssl_key => "/etc/letsencrypt/live/$web_host/privkey.pem", - ssl_chain => "/etc/letsencrypt/live/$web_host/chain.pem", - require => Letsencrypt::Certonly[$web_host], - additional_includes => "$home/caldance_env", - directories => [ + port => '443', + docroot => false, + manage_docroot => false, + ssl => true, + ssl_cert => "/etc/letsencrypt/live/$web_host/cert.pem", + ssl_key => "/etc/letsencrypt/live/$web_host/privkey.pem", + ssl_chain => "/etc/letsencrypt/live/$web_host/chain.pem", + require => Letsencrypt::Certonly[$web_host], + proxy_preserve_host => true, + proxy_pass => [ + { + path => "/", + url => "unix:$socket|uwsgi://caldance-app", + reverse_urls => [], + no_proxy_uris => [ "/media/", "/static/" ], + } + ], + directories => [ { path => "$caldance_app/main_app", require => "all granted", @@ -201,7 +223,7 @@ class role::caldance ( auth_user_file => "$home/htpasswd", }, ], - aliases => [ + aliases => [ { alias => "/static/", path => "$caldance_app/www/static/", @@ -210,10 +232,20 @@ class role::caldance ( alias => "/media/", path => "$home/media/", }, - ], - setenv => $apache_env, - wsgi_script_aliases => { "/" => "$caldance_app/main_app/wsgi.py" }; - default: * => $::profile::apache::apache_vhost_default; + ]; + default: * => $::profile::apache::apache_vhost_default; + } + + file { "/etc/systemd/system/caldance-app.service": + mode => "0644", + owner => "root", + group => "root", + content => template("role/caldance/caldance-app.service.erb"), + require => File["$caldance_app/app.ini"], + } -> + service { "caldance-app": + ensure => "running", + enable => true } $mailtos = join($cron_pip, ",") diff --git a/modules/role/templates/caldance/app.ini.erb b/modules/role/templates/caldance/app.ini.erb new file mode 100644 index 0000000..baf31ac --- /dev/null +++ b/modules/role/templates/caldance/app.ini.erb @@ -0,0 +1,15 @@ +[uwsgi] +chdir = <%= @caldance_app %> +wsgi-file = main_app/wsgi.py + +master = true +processes = 10 +gevent = 1000 +http-websockets = true + +socket = <%= @socket %> +chmod-socket = 666 +vacuum = true + +die-on-term = true + diff --git a/modules/role/templates/caldance/caldance-app.service.erb b/modules/role/templates/caldance/caldance-app.service.erb new file mode 100644 index 0000000..f5694bf --- /dev/null +++ b/modules/role/templates/caldance/caldance-app.service.erb @@ -0,0 +1,20 @@ +[Unit] +Description=Caldance application +After=network.target + +[Service] +WorkingDirectory=<%= @caldance_app %> + +<% @environment.each do |env, val| %> +Environment=<%= env %>="<%= val %>" +<% end %> +EnvironmentFile=<%= @home %>/caldance_env +Type=simple +User=<%= @user %> +Group=<%= @group %> +ExecStart=<%= @uwsgi_path %> <%= @caldance_app %>/app.ini +RuntimeDirectory=caldance + +[Install] +WantedBy=multi-user.target + -- cgit v1.2.3