From 682b538e16013f17cb7647b9a82b14989c630331 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Baylac-Jacqu=C3=A9?= Date: Tue, 19 Oct 2021 16:26:07 +0200 Subject: [PATCH] Add deployment scripts We add a rudimentary deployment setup based on gunicorn and systemd. --- dist/elig-test.service | 28 ++++++++++++++++++++++++++++ poetry.lock | 19 ++++++++++++++++++- pyproject.toml | 1 + startGunicornService | 5 +++++ webapp.py | 2 +- 5 files changed, 53 insertions(+), 2 deletions(-) create mode 100644 dist/elig-test.service create mode 100755 startGunicornService diff --git a/dist/elig-test.service b/dist/elig-test.service new file mode 100644 index 0000000..92e3fc4 --- /dev/null +++ b/dist/elig-test.service @@ -0,0 +1,28 @@ +[Unit] +After=network.target +WantedBy=default.target + +[Service] +Environment="PORT=6666" +# /etc/ftth-elig/conf.ini +ConfigurationDirectory=ftth-elig +WorkingDirectory="/srv/www/Axione-FTTH-Test/" +ExecStart="./startGunicornService" +User=ftthTest +Group=ftthTest +Restart=on-failure +RestartSec=30 + +# Sandboxing +ProtectSystem=strict +ProtectHome=tmpfs +PrivateTmp=true +PrivateDevices=true +PrivateIPC=true +ProtectClock=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +RestrictAddressFamilies=AF_INET +RestrictRealtime=true diff --git a/poetry.lock b/poetry.lock index 5f38998..2893228 100644 --- a/poetry.lock +++ b/poetry.lock @@ -62,6 +62,20 @@ Werkzeug = ">=2.0" async = ["asgiref (>=3.2)"] dotenv = ["python-dotenv"] +[[package]] +name = "gunicorn" +version = "20.1.0" +description = "WSGI HTTP Server for UNIX" +category = "main" +optional = false +python-versions = ">=3.5" + +[package.extras] +eventlet = ["eventlet (>=0.24.1)"] +gevent = ["gevent (>=1.4.0)"] +setproctitle = ["setproctitle"] +tornado = ["tornado (>=0.2)"] + [[package]] name = "itsdangerous" version = "2.0.1" @@ -183,7 +197,7 @@ watchdog = ["watchdog"] [metadata] lock-version = "1.1" python-versions = "^3.8" -content-hash = "a0b053d03d5dab404be204f92db3efc73ce6d66ed491318060c5ede1036c4c12" +content-hash = "2e09ffd1a733b1eebc75fcc481e28791601a142256ce45ad97f71abe520e428c" [metadata.files] black = [ @@ -202,6 +216,9 @@ flask = [ {file = "Flask-2.0.2-py3-none-any.whl", hash = "sha256:cb90f62f1d8e4dc4621f52106613488b5ba826b2e1e10a33eac92f723093ab6a"}, {file = "Flask-2.0.2.tar.gz", hash = "sha256:7b2fb8e934ddd50731893bdcdb00fc8c0315916f9fcd50d22c7cc1a95ab634e2"}, ] +gunicorn = [ + {file = "gunicorn-20.1.0.tar.gz", hash = "sha256:e0a968b5ba15f8a328fdfd7ab1fcb5af4470c28aaf7e55df02a99bc13138e6e8"}, +] itsdangerous = [ {file = "itsdangerous-2.0.1-py3-none-any.whl", hash = "sha256:5174094b9637652bdb841a3029700391451bd092ba3db90600dea710ba28e97c"}, {file = "itsdangerous-2.0.1.tar.gz", hash = "sha256:9e724d68fc22902a1435351f84c3fb8623f303fffcc566a4cb952df8c572cff0"}, diff --git a/pyproject.toml b/pyproject.toml index a2a126a..d79b6a8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -7,6 +7,7 @@ authors = ["Félix Baylac-Jacqué "] [tool.poetry.dependencies] python = "^3.8" Flask = "^2.0.0" +gunicorn = "^20.1.0" [tool.poetry.dev-dependencies] mypy = "^0.910" diff --git a/startGunicornService b/startGunicornService new file mode 100755 index 0000000..4a7c841 --- /dev/null +++ b/startGunicornService @@ -0,0 +1,5 @@ +#!/usr/bin/env bash + +set -euo pipefail + +poetry run gunicorn -b "localhost:${PORT}" --timeout 120 'webapp.app' diff --git a/webapp.py b/webapp.py index d0da2b6..905fcd3 100644 --- a/webapp.py +++ b/webapp.py @@ -5,7 +5,7 @@ from axione_api.config import parse_config from axione_api.api import query_axione_pto, parse_response def load_config(): - cfg_path = os.environ.get("CONFIG", "/etc/axione-elig-test.ini") + cfg_path = os.environ.get("CONFIG", "/etc/ftth-elig/conf.ini") print(f'Reading the "{cfg_path}" config file') cfg = parse_config(cfg_path) cfg.debug = True if "DEBUG" in os.environ else False