Commit 741ce752 authored by RyanHerb's avatar RyanHerb

doc/server.org add nginx instructions

parent aac28a3e
...@@ -114,8 +114,14 @@ These instructions are preliminary, other documentation can also be found in [[h ...@@ -114,8 +114,14 @@ These instructions are preliminary, other documentation can also be found in [[h
Requirements: Requirements:
ssh, zip unzip, tar, openssh-server, build-essential, python, python-dev, ssh, zip unzip, tar, openssh-server, build-essential, python, python-dev,
mysql, apache2, libapache2-mod-wsgi, python2.5-psycopg2, postfix, wget, mysql, python2.5-psycopg2, postfix, wget, python-matplotlib, python-reportlab,
python-matplotlib, python-reportlab, python-enum34, mercurial, git python-enum34, mercurial, git
If you want to run Vidjil with an Apache webserver you will also need:
apache2, libapache2-mod-wsgi
Or if you want to use Nginx:
nginx-full, fcgiwrap
For simplicity this guide will assume you are installing to =/home/www-data= For simplicity this guide will assume you are installing to =/home/www-data=
...@@ -130,7 +136,7 @@ These instructions are preliminary, other documentation can also be found in [[h ...@@ -130,7 +136,7 @@ These instructions are preliminary, other documentation can also be found in [[h
chown -R www-data:www-data /home/www-data/vidjil chown -R www-data:www-data /home/www-data/vidjil
#+END_SRC #+END_SRC
You can run the following commands to make sure all the apache modules you need If you are using apache, you can run the following commands to make sure all the apache modules you need
are activated: are activated:
#+BEGIN_SRC sh #+BEGIN_SRC sh
...@@ -148,13 +154,18 @@ These instructions are preliminary, other documentation can also be found in [[h ...@@ -148,13 +154,18 @@ These instructions are preliminary, other documentation can also be found in [[h
purposes you can generate your own: purposes you can generate your own:
#+BEGIN_SRC sh #+BEGIN_SRC sh
mkdir /etc/apache2/ssl mkdir /etc/<webserver>/ssl
openssl genrsa 1024 > /etc/apache2/ssl/self_signed.key openssl genrsa 1024 > /etc/<webserver>/ssl/self_signed.key
chmod 400 /etc/apache2/ssl/self_signed.key chmod 400 /etc/<webserver>/ssl/self_signed.key
openssl req -new -x509 -nodes -sha1 -days 365 -key /etc/apache2/ssl/self_signed.key > /etc/apache2/ssl/self_signed.cert openssl req -new -x509 -nodes -sha1 -days 365 -key
openssl x509 -noout -fingerprint -text < /etc/apache2/ssl/self_signed.cert > /etc/apache2/ssl/self_signed.info /etc/<webserver>/ssl/self_signed.key > /etc/apache2/ssl/self_signed.cert
openssl x509 -noout -fingerprint -text <
/etc/<webserver>/ssl/self_signed.cert > /etc/<webserver>/ssl/self_signed.info
#+END_SRC #+END_SRC
<webserver> should be replaced with the appropriate webserver name
(ie. apache2 or nginx)
Given that Vidjil is a two-part application, one that serves routes from a server Given that Vidjil is a two-part application, one that serves routes from a server
and one that is served statically, we need to configure the apache to do so. and one that is served statically, we need to configure the apache to do so.
...@@ -256,6 +267,91 @@ These instructions are preliminary, other documentation can also be found in [[h ...@@ -256,6 +267,91 @@ These instructions are preliminary, other documentation can also be found in [[h
ln -s /home/www-data/vidjil/data /var/www/data ln -s /home/www-data/vidjil/data /var/www/data
#+END_SRC #+END_SRC
If you are using Nginx, the configuration is the following:
#+BEGIN_EXAMPLE
server {
listen 80;
server_name \$hostname;
return 301 https://\$hostname$request_uri;
}
server {
listen 443 default_server ssl;
server_name \$hostname;
ssl_certificate /etc/nginx/ssl/web2py.crt;
ssl_certificate_key /etc/nginx/ssl/web2py.key;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_ciphers ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
keepalive_timeout 70;
location / {
#uwsgi_pass 127.0.0.1:9001;
uwsgi_pass unix:///tmp/web2py.socket;
include uwsgi_params;
uwsgi_param UWSGI_SCHEME \$scheme;
uwsgi_param SERVER_SOFTWARE nginx/\$nginx_version;
###remove the comments to turn on if you want gzip compression of your pages
# include /etc/nginx/conf.d/web2py/gzip.conf;
### end gzip section
proxy_read_timeout 600;
client_max_body_size 20G;
###
}
## if you serve static files through https, copy here the section
## from the previous server instance to manage static files
location /browser {
root /home/www-data/vidjil/;
expires 1h;
error_page 405 = $uri;
}
location /germline {
root $CWD/../;
expires 1h;
error_page 405 = $uri;
}
###to enable correct use of response.static_version
#location ~* ^/(\w+)/static(?:/_[\d]+\.[\d]+\.[\d]+)?/(.*)$ {
# alias /home/www-data/vidjil/server/web2py/applications/\$1/static/\$2;
# expires max;
#}
###
location ~* ^/(\w+)/static/ {
root /home/www-data/vidjil/server/web2py/applications/;
expires max;
### if you want to use pre-gzipped static files (recommended)
### check scripts/zip_static_files.py and remove the comments
# include /etc/nginx/conf.d/web2py/gzip_static.conf;
###
}
client_max_body_size 20G;
location /cgi/ {
gzip off;
root /home/www-data/vidjil/browser/;
# Fastcgi socket
fastcgi_pass unix:/var/run/fcgiwrap.socket;
# Fastcgi parameters, include the standard ones
include /etc/nginx/fastcgi_params;
# Adjust non standard parameters (SCRIPT_FILENAME)
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
}
}
#+END_EXAMPLE
We also do not create symlinks since all references are managed
correctly.
Now we need to configure the database connection parameters: Now we need to configure the database connection parameters:
- create a file called conf.js in /home/www-data/vidjil/browser/js containing: - create a file called conf.js in /home/www-data/vidjil/browser/js containing:
#+BEGIN_EXAMPLE #+BEGIN_EXAMPLE
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment