diff --git a/images/ckan/2.9/setup/app/basic-auth-uwsgi.conf b/images/ckan/2.9/setup/app/basic-auth-uwsgi.conf new file mode 100644 index 0000000..392e4e2 --- /dev/null +++ b/images/ckan/2.9/setup/app/basic-auth-uwsgi.conf @@ -0,0 +1,40 @@ +[uwsgi] +route = ^(?!/api).*$ basicauth:Restricted,/srv/app/.htpasswd + +socket = /tmp/uwsgi.sock +uid = ckan +gid = ckan +http = :5000 + +master = true +enable-threads = true +lazy-apps = true +gevent-early-monkey-patch = true +vacuum = true +single-interpreter= true +die-on-term = true +need-app = true +auto-procname = true + +wsgi-file = /srv/app/wsgi.py +module = wsgi:application +gevent = 2000 +logto = /var/log/uwsgi/uwsgi.log +callable = application +paste = config:/srv/app/production.ini +paste-logger = /srv/app/production.ini + +post-buffering = 1 +buffer-size= 12288 +max-requests = 3000 +max-worker-lifetime = 3600 +reload-on-rss = 4096 +worker-reload-mercy = 60 +socket-timeout = 300 +queue = 1000 +queue-blocksize = 204800 +static-gzip-all = true +listen = 1000 +http-timeout = 1000 +http-headers-timeout = 1000 +http-connect-timeout = 1000 \ No newline at end of file diff --git a/images/ckan/2.9/setup/app/start_ckan.sh b/images/ckan/2.9/setup/app/start_ckan.sh index 9cd7d24..58dffd7 100755 --- a/images/ckan/2.9/setup/app/start_ckan.sh +++ b/images/ckan/2.9/setup/app/start_ckan.sh @@ -30,9 +30,6 @@ then ckan config-tool $APP_DIR/production.ini "api_token.jwt.decode.secret=$(python3 -c 'import secrets; print("string:" + secrets.token_urlsafe())')" fi -echo "Starting UWSGI with '${UWSGI_PROC_NO:-2}' workers" -UWSGI_OPTS="--socket /tmp/uwsgi.sock --uid ckan --gid ckan --http :5000 --master --enable-threads --wsgi-file /srv/app/wsgi.py --module wsgi:application --lazy-apps --gevent 2000 -p ${UWSGI_PROC_NO:-2} -L --gevent-early-monkey-patch --vacuum --harakiri 50 --callable application" - # Run the prerun script to init CKAN and create the default admin user python prerun.py || { echo '[CKAN prerun] FAILED. Exiting...' ; exit 1; } @@ -62,14 +59,15 @@ then # Generate htpasswd file for basicauth htpasswd -d -b -c /srv/app/.htpasswd $HTPASSWD_USER $HTPASSWD_PASSWORD # Start uwsgi with basicauth - uwsgi --ini /srv/app/uwsgi.conf --pcre-jit $UWSGI_OPTS + uwsgi --ini /srv/app/basic-auth-uwsgi.conf -p ${UWSGI_PROC_NO:-2} --pcre-jit else echo "Missing HTPASSWD_USER or HTPASSWD_PASSWORD environment variables. Exiting..." exit 1 fi else # Start uwsgi - uwsgi $UWSGI_OPTS + echo "Starting UWSGI with '${UWSGI_PROC_NO:-2}' workers" + uwsgi --ini /srv/app/uwsgi.conf -p ${UWSGI_PROC_NO:-2} fi else echo "[prerun] failed...not starting CKAN." diff --git a/images/ckan/2.9/setup/app/uwsgi.conf b/images/ckan/2.9/setup/app/uwsgi.conf index 6321d6d..b2b2e1d 100644 --- a/images/ckan/2.9/setup/app/uwsgi.conf +++ b/images/ckan/2.9/setup/app/uwsgi.conf @@ -1,2 +1,38 @@ [uwsgi] -route = ^(?!/api).*$ basicauth:Restricted,/srv/app/.htpasswd +socket = /tmp/uwsgi.sock +uid = ckan +gid = ckan +http = :5000 + +master = true +enable-threads = true +lazy-apps = true +gevent-early-monkey-patch = true +vacuum = true +single-interpreter= true +die-on-term = true +need-app = true +auto-procname = true + +wsgi-file = /srv/app/wsgi.py +module = wsgi:application +gevent = 2000 +logto = /var/log/uwsgi/uwsgi.log +callable = application +paste = config:/srv/app/production.ini +paste-logger = /srv/app/production.ini + +post-buffering = 1 +buffer-size= 12288 +max-requests = 3000 +max-worker-lifetime = 3600 +reload-on-rss = 4096 +worker-reload-mercy = 60 +socket-timeout = 300 +queue = 1000 +queue-blocksize = 204800 +static-gzip-all = true +listen = 1000 +http-timeout = 1000 +http-headers-timeout = 1000 +http-connect-timeout = 1000 \ No newline at end of file