Add deployment scripts

We add a rudimentary deployment setup based on gunicorn and systemd.
This commit is contained in:
Félix Baylac-Jacqué 2021-10-19 16:26:07 +02:00
parent 2daf6ab8e2
commit 682b538e16
No known key found for this signature in database
GPG key ID: EFD315F31848DBA4
5 changed files with 53 additions and 2 deletions

28
dist/elig-test.service vendored Normal file
View file

@ -0,0 +1,28 @@
[Unit]
After=network.target
WantedBy=default.target
[Service]
Environment="PORT=6666"
# /etc/ftth-elig/conf.ini
ConfigurationDirectory=ftth-elig
WorkingDirectory="/srv/www/Axione-FTTH-Test/"
ExecStart="./startGunicornService"
User=ftthTest
Group=ftthTest
Restart=on-failure
RestartSec=30
# Sandboxing
ProtectSystem=strict
ProtectHome=tmpfs
PrivateTmp=true
PrivateDevices=true
PrivateIPC=true
ProtectClock=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectKernelLogs=true
ProtectControlGroups=true
RestrictAddressFamilies=AF_INET
RestrictRealtime=true

19
poetry.lock generated
View file

@ -62,6 +62,20 @@ Werkzeug = ">=2.0"
async = ["asgiref (>=3.2)"]
dotenv = ["python-dotenv"]
[[package]]
name = "gunicorn"
version = "20.1.0"
description = "WSGI HTTP Server for UNIX"
category = "main"
optional = false
python-versions = ">=3.5"
[package.extras]
eventlet = ["eventlet (>=0.24.1)"]
gevent = ["gevent (>=1.4.0)"]
setproctitle = ["setproctitle"]
tornado = ["tornado (>=0.2)"]
[[package]]
name = "itsdangerous"
version = "2.0.1"
@ -183,7 +197,7 @@ watchdog = ["watchdog"]
[metadata]
lock-version = "1.1"
python-versions = "^3.8"
content-hash = "a0b053d03d5dab404be204f92db3efc73ce6d66ed491318060c5ede1036c4c12"
content-hash = "2e09ffd1a733b1eebc75fcc481e28791601a142256ce45ad97f71abe520e428c"
[metadata.files]
black = [
@ -202,6 +216,9 @@ flask = [
{file = "Flask-2.0.2-py3-none-any.whl", hash = "sha256:cb90f62f1d8e4dc4621f52106613488b5ba826b2e1e10a33eac92f723093ab6a"},
{file = "Flask-2.0.2.tar.gz", hash = "sha256:7b2fb8e934ddd50731893bdcdb00fc8c0315916f9fcd50d22c7cc1a95ab634e2"},
]
gunicorn = [
{file = "gunicorn-20.1.0.tar.gz", hash = "sha256:e0a968b5ba15f8a328fdfd7ab1fcb5af4470c28aaf7e55df02a99bc13138e6e8"},
]
itsdangerous = [
{file = "itsdangerous-2.0.1-py3-none-any.whl", hash = "sha256:5174094b9637652bdb841a3029700391451bd092ba3db90600dea710ba28e97c"},
{file = "itsdangerous-2.0.1.tar.gz", hash = "sha256:9e724d68fc22902a1435351f84c3fb8623f303fffcc566a4cb952df8c572cff0"},

View file

@ -7,6 +7,7 @@ authors = ["Félix Baylac-Jacqué <felix@alternativebit.fr>"]
[tool.poetry.dependencies]
python = "^3.8"
Flask = "^2.0.0"
gunicorn = "^20.1.0"
[tool.poetry.dev-dependencies]
mypy = "^0.910"

5
startGunicornService Executable file
View file

@ -0,0 +1,5 @@
#!/usr/bin/env bash
set -euo pipefail
poetry run gunicorn -b "localhost:${PORT}" --timeout 120 'webapp.app'

View file

@ -5,7 +5,7 @@ from axione_api.config import parse_config
from axione_api.api import query_axione_pto, parse_response
def load_config():
cfg_path = os.environ.get("CONFIG", "/etc/axione-elig-test.ini")
cfg_path = os.environ.get("CONFIG", "/etc/ftth-elig/conf.ini")
print(f'Reading the "{cfg_path}" config file')
cfg = parse_config(cfg_path)
cfg.debug = True if "DEBUG" in os.environ else False