search

cga-harvard / worldmap

WorldMap GeoNode Project
GNU General Public License v3.0
13 stars 7 forks source link

Nginx and uWSGI configuration on MOC instance #90

Closed waybarrios closed 7 years ago

waybarrios commented 7 years ago

Right now It is using django development server on port 8000, and we think it's causing the get feature info and editing problems.

waybarrios commented 7 years ago

working on this

capooti commented 7 years ago

thanks for this @waybarrios ;)

waybarrios commented 7 years ago

Just set up MOC instance to run Worldmap through uWSGI server and NGINX REVERSE PROXY. To make it possible, I did the following steps:

  1. Install Dependencies: apt install uwsgi uwsgi-emperor uwsgi-plugin-python

  2. uWSGI Configuration: Suggested location: /etc/uwsgi-emperor/vassals

    
[uwsgi]
;unix socket (referenced in nginx configuration)
processes = 4
http-socket=0.0.0.0:PORT

buffer-size = 32768

place timestamps into log

log-date = true

vacuum = true

; project-level logging to the logs/ folder logto = /var/log/uwsgi/%n.log chdir = /home/ubuntu/worldmap module= worldmap.wsgi enable-threads = true

virtualenv = /path/to/virtual/env vacuum = true pidfile = /tmp/%n.pid workers = 4 max-requests = 5000 # respawn processes after serving 5000 requests

Env Variables

env = DJANGO_SETTINGS_MODULE=worldmap.settings env = GOOGLE_MAPS_API_KEY=GOOPLE_API_KEY_HERE env = DATABASE_URL=postgis://user:password@host:5432/worldmap_new env = DATASTORE_URL=postgis://user:password@host:5432/wmdata env = DISABLE_SECURITY=False env = ALLOWED_HOSTS=static_ip,localhost env = GEOSERVER_PUBLIC_LOCATION=http://geoserver_host:8080/geoserver/ env = GEOSERVER_LOCATION=http://geoserver_host:8080/geoserver/ env = GEOSERVER_BASE_URL=http://geoserver_host:8080/geoserver/ env = USE_GAZETTEER=True env = HYPERMAP_REGISTRY_URL=http://hypermap_registry_host env = SOLR_URL=http://SOLR_URL

3. NGINX Configuration. Similar as GeoNode [example](https://github.com/GeoNode/nginx-docker/blob/master/nginx.conf) with a couple of changes.
location @wsgiapp {
    uwsgi_pass unix:///your_path/uwsgi.sock;
    include     /etc/nginx/uwsgi_params;
    add_header Access-Control-Allow-Origin "*";
}

location /{
  root /path/to/project;
  #try_files $uri @wsgiapp; #if you wanna use socket, please uncomment
  proxy_pass http://localhost:YOUR_PORT/;
  add_header Access-Control-Allow-Origin "*";

  if ($request_method = OPTIONS) {
    add_header Access-Control-Allow-Methods "GET, POST, PUT, PATCH, OPTIONS";
    add_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept";
    add_header Access-Control-Allow-Credentials true;
    add_header Content-Length 0;
    add_header Content-Type text/plain;
    add_header Access-Control-Max-Age 1728000;
    return 200;
  }

  client_max_body_size 100M;
  client_body_buffer_size 128K;
  add_header Access-Control-Allow-Credentials false;
  add_header Access-Control-Allow-Headers "Content-Type, Accept, Authorization, Origin, User-Agent";
  add_header Access-Control-Allow-Methods "GET, POST, PUT, PATCH, OPTIONS";
  proxy_set_header X-Forwarded-Protocol $scheme;
  proxy_read_timeout 30000;
  proxy_redirect     off;
  proxy_set_header   Host $host;
  proxy_set_header   X-Real-IP $remote_addr;
  proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header   X-Forwarded-Host $server_name;
}
4. Setting UWSGI as a service.

[Unit] Description=uWSGI Emperor After=syslog.target

[Service] ExecStart=/usr/bin/uwsgi --ini /path/to/conf/file.ini --http-socket 0.0.0.0:PORT --enable-proxy-protocol --plugin python

Requires systemd version 211 or newer

RuntimeDirectory=uwsgi Restart=always KillSignal=SIGQUIT Type=notify StandardError=syslog NotifyAccess=all

[Install] WantedBy=multi-user.target


5. Starting service
- if you edited service file
`sudo systemctl daemon-reload`
- start / stop service
`sudo systemctl stop  emperor.uwsgi`
`sudo systemctl start  emperor.uwsgi`
- Check status
`sudo systemctl status  emperor.uwsgi`
waybarrios commented 7 years ago

Server test: http://128.31.22.103/

waybarrios commented 7 years ago 
ubuntu@wm-django-01:/etc/systemd/system$ sudo systemctl status emperor.uwsgi
● emperor.uwsgi.service - uWSGI Emperor
   Loaded: loaded (/etc/systemd/system/emperor.uwsgi.service; enabled; vendor pr
   Active: active (running) since Mon 2017-09-25 14:08:49 UTC; 1h 1min ago
 Main PID: 8974 (uwsgi)
   Status: "uWSGI is ready"
    Tasks: 4
   Memory: 277.1M
      CPU: 5.935s
   CGroup: /system.slice/emperor.uwsgi.service
           ├─8974 /usr/bin/uwsgi --ini /etc/uwsgi-emperor/vassals/worldmap.ini -
           ├─8986 /usr/bin/uwsgi --ini /etc/uwsgi-emperor/vassals/worldmap.ini -
           ├─8987 /usr/bin/uwsgi --ini /etc/uwsgi-emperor/vassals/worldmap.ini -
           └─8988 /usr/bin/uwsgi --ini /etc/uwsgi-emperor/vassals/worldmap.ini -

Sep 25 14:08:47 wm-django-01 systemd[1]: Starting uWSGI Emperor...
Sep 25 14:08:47 wm-django-01 uwsgi[8974]: [uWSGI] getting INI configuration from
Sep 25 14:08:49 wm-django-01 systemd[1]: Started uWSGI Emperor.
waybarrios commented 7 years ago

I consider this issue is done, please check it out @capooti

capooti commented 7 years ago

thanks! it would be great to include configuration files in the repository. Unless is a security risk, @ingenieroariel what do you think?

ingenieroariel commented 7 years ago

I agree on including them.

waybarrios commented 7 years ago

Done by https://github.com/cga-harvard/worldmap/commit/83577f2a696142189ab47d0b30cbf09d9e8c5979