search

wetneb / openrefine-wikibase

This repository has migrated to:
https://gitlab.com/nfdi4culture/ta1-data-enrichment/openrefine-wikibase
Other
100 stars 24 forks source link

app uses debug mode in production #126

Closed lucaswerkmeister closed 2 years ago

lucaswerkmeister commented 2 years ago

According to the Quart docs, debug mode “should/must be False in production”, yet app.py unconditionally sets it to True in its call to app.run() at the end of the file. This seems like a bad idea.

lucaswerkmeister commented 2 years ago

The recommended run command when installing manually, and the one used in the docker container, should probably instead be:

hypercorn -b localhost:8000 app:app

If the venv is used correctly, hypercorn should be in the PATH already. (This also binds only to localhost instead of all interfaces, which I think is preferable. Exposing to the internet should IMHO be left to a proxy server that also handles HTTPS.)

wetneb commented 2 years ago

Thanks! It is funny you open this, I just wanted to document deployment better a few days ago (https://github.com/wetneb/openrefine-wikibase/issues/125). I have not tried deploying it with hypercorn yet, for now I am using gunicorn.

lucaswerkmeister commented 2 years ago

I mainly went for hypercorn because it’s already in the .venv/bin (though I don’t remember how I found it there… I think it might have been somewhere in the default app.py output?). I wouldn’t mind gunicorn either :shrug: