nginx_install.sh 8.13 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67
#!/bin/bash
echo 'setup-web2py-nginx-uwsgi-ubuntu-precise.sh'
echo 'Requires Ubuntu > 12.04 and installs Nginx + uWSGI + Web2py'

CWD=$(pwd)

# Check if user has root privileges
if [[ $EUID -ne 0 ]]; then
   echo "You must run the script as root or using sudo"
   exit 1
fi

# Get Web2py Admin Password
echo -e "Web2py Admin Password: \c "
read  PW

echo "installing useful packages"
echo "=========================="
apt-get update
apt-get -y upgrade
apt-get autoremove
apt-get autoclean
apt-get -y install ssh
apt-get -y install zip unzip
apt-get -y install tar
apt-get -y install openssh-server
apt-get -y install python
apt-get -y install ipython
apt-get -y install libapache2-mod-wsgi
apt-get -y install python2.5-psycopg2
apt-get -y install postfix
apt-get -y install wget
apt-get -y install python-matplotlib
apt-get -y install python-reportlab
apt-get -y install mercurial
apt-get -y install nginx-full
apt-get -y install build-essential python-dev libxml2-dev python-pip
pip install setuptools --no-use-wheel --upgrade
PIPPATH=`which pip`
$PIPPATH install --upgrade uwsgi

# Create common nginx sections
mkdir /etc/nginx/conf.d/web2py
echo '
gzip_static on;
gzip_http_version   1.1;
gzip_proxied        expired no-cache no-store private auth;
gzip_disable        "MSIE [1-6]\.";
gzip_vary           on;
' > /etc/nginx/conf.d/web2py/gzip_static.conf

echo '
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
' > /etc/nginx/conf.d/web2py/gzip.conf

# Create configuration file /etc/nginx/sites-available/web2py
echo "server {
        listen          80;
        server_name     \$hostname;

68
        location /browser {
Marc's avatar
Marc committed
69
            root $CWD/../;
70
            expires max;
71 72

            error_page 405 = $uri;
73 74
        }

75 76 77 78 79 80 81
        location /germline {
            root $CWD/../;
            expires max;

            error_page 405 = $uri;
        }

82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107
        ###to enable correct use of response.static_version
        #location ~* ^/(\w+)/static(?:/_[\d]+\.[\d]+\.[\d]+)?/(.*)$ {
        #    alias $CWD//web2py/applications/\$1/static/\$2;
        #    expires max;
        #}
        ###

        location ~* ^/(\w+)/static/ {
            root $CWD/web2py/applications/;
            expires max;
            ### if you want to use pre-gzipped static files (recommended)
            ### check scripts/zip_static_files.py and remove the comments
            # include /etc/nginx/conf.d/web2py/gzip_static.conf;
            ###
        }
        location / {
            #uwsgi_pass      127.0.0.1:9001;
            uwsgi_pass      unix:///tmp/web2py.socket;
            include         uwsgi_params;
            uwsgi_param     UWSGI_SCHEME \$scheme;
            uwsgi_param     SERVER_SOFTWARE    nginx/\$nginx_version;

            ###remove the comments to turn on if you want gzip compression of your pages
            include /etc/nginx/conf.d/web2py/gzip.conf;
            ### end gzip section

108
            client_max_body_size 20G;
109 110
        }

111 112
        client_max_body_size 20G;

113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134
        location /cgi/ {
            gzip off;
            root  $CWD/../browser/;
            # Fastcgi socket
            fastcgi_pass  unix:/var/run/fcgiwrap.socket;
            # Fastcgi parameters, include the standard ones
            include /etc/nginx/fastcgi_params;
            # Adjust non standard parameters (SCRIPT_FILENAME)
            fastcgi_param SCRIPT_FILENAME  \$document_root\$fastcgi_script_name;
        }


}
server {
        listen 443 default_server ssl;
        server_name     \$hostname;
        ssl_certificate         /etc/nginx/ssl/web2py.crt;
        ssl_certificate_key     /etc/nginx/ssl/web2py.key;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;
        ssl_session_timeout 10m;
        ssl_ciphers ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA;
135
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
136 137 138 139 140 141 142 143 144 145 146
        keepalive_timeout    70;
        location / {
            #uwsgi_pass      127.0.0.1:9001;
            uwsgi_pass      unix:///tmp/web2py.socket;
            include         uwsgi_params;
            uwsgi_param     UWSGI_SCHEME \$scheme;
            uwsgi_param     SERVER_SOFTWARE    nginx/\$nginx_version;
            ###remove the comments to turn on if you want gzip compression of your pages
            # include /etc/nginx/conf.d/web2py/gzip.conf;
            ### end gzip section

147
            client_max_body_size 20G;
148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164
            ###
        }
        ## if you serve static files through https, copy here the section
        ## from the previous server instance to manage static files

}" >/etc/nginx/sites-available/web2py

ln -s /etc/nginx/sites-available/web2py /etc/nginx/sites-enabled/web2py
rm /etc/nginx/sites-enabled/default
mkdir /etc/nginx/ssl
cd /etc/nginx/ssl

openssl genrsa 1024 > web2py.key
chmod 400 web2py.key
openssl req -new -x509 -nodes -sha1 -days 1780 -key web2py.key > web2py.crt
openssl x509 -noout -fingerprint -text < web2py.crt > web2py.info

165 166 167 168 169
# Prepare folder for vidjil log
sudo mkdir /var/vidjil
sudo touch /var/vidjil/vidjil.log
sudo touch /var/vidjil/vidjil-debug.log
sudo chown -R www-data:www-data /var/vidjil
170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221

# Prepare folders for uwsgi
sudo mkdir /etc/uwsgi
sudo mkdir /var/log/uwsgi

# Create configuration file /etc/uwsgi/web2py.xml
echo "[uwsgi]

socket = /tmp/web2py.socket
pythonpath = $CWD/web2py/
mount = /=wsgihandler:application
processes = 4
master = true
harakiri = 60
reload-mercy = 8
cpu-affinity = 1
stats = /tmp/stats.socket
max-requests = 2000
limit-as = 512
reload-on-as = 256
reload-on-rss = 192
uid = www-data
gid = www-data
cron = 0 0 -1 -1 -1 python $CWD/web2py/web2py.py -Q -S welcome -M -R scripts/sessions2trash.py -A -o
no-orphans = true
" >/etc/uwsgi/web2py.ini

#Create a configuration file for uwsgi in emperor-mode
#for Upstart in /etc/init/uwsgi-emperor.conf
echo '# Emperor uWSGI script

description "uWSGI Emperor"
start on runlevel [2345]
stop on runlevel [06]
##
#remove the comments in the next section to enable static file compression for the welcome app
#in that case, turn on gzip_static on; on /etc/nginx/nginx.conf
##
#pre-start script
#    python /home/www-data/web2py/web2py.py -S welcome -R scripts/zip_static_files.py
#    chown -R www-data:www-data /home/www-data/web2py/*
#end script
respawn
exec uwsgi --master --die-on-term --emperor /etc/uwsgi --logto /var/log/uwsgi/uwsgi.log
' > /etc/init/uwsgi-emperor.conf

# Install Web2py
cd $CWD
wget http://web2py.com/examples/static/web2py_src.zip
unzip web2py_src.zip
mv web2py/handlers/wsgihandler.py web2py/wsgihandler.py
rm web2py_src.zip
222
cp web2py/applications/vidjil/modules/defs.py.sample web2py/applications/vidjil/modules/defs.py
223 224 225
chown -R www-data:www-data web2py
cd $CWD/web2py
sudo -u www-data python -c "from gluon.main import save_password; save_password('$PW',443)"
226 227 228 229 230
mkdir /mnt/upload
mkdir /mnt/upload/uploads
mkdir /mnt/result
chown -R www-data:www-data /mnt/upload
chown -R www-data:www-data /mnt/result
231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255
start uwsgi-emperor
/etc/init.d/nginx restart

echo "config browser"
echo "=============="
echo "
var config = {
    /*cgi*/
    \"cgi_address\" : \"default\",
    
    /*database */
    \"use_database\" : true,
    \"db_address\" : \"default\",
    
    \"debug_mode\" : false  
}
" > $CWD/../browser/js/conf.js 

echo "install simple worker"
echo "====================="

echo "
description \"web2py vidjil task scheduler\"
start on (local-filesystems and net-device-up IFACE=eth0)
stop on shutdown
256
respawn
257 258
respawn limit 8 60 # Give up if restart occurs 8 times in 60 seconds.
exec  sudo -u www-data python $CWD/web2py/web2py.py -K vidjil,vidjil,vidjil
259
" > /etc/init/web2py-scheduler.conf
260

261 262 263 264 265 266 267 268 269 270 271
echo "
description \"fuse server vidjil\"
start on (local-filesystems and net-device-up IFACE=eth0)
stop on shutdown
respawn
respawn limit 8 60 # Give up if restart occurs 8 times in 60 seconds.
chdir $CWD
exec  sudo -u www-data python fuse_server.py
" > /etc/init/fuse-server.conf


272 273 274 275 276 277
## you can reload uwsgi with
# restart uwsgi-emperor
## and stop it with
# stop uwsgi-emperor
## to reload web2py only (without restarting uwsgi)
# touch /etc/uwsgi/web2py.xml