-
Notifications
You must be signed in to change notification settings - Fork 48
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
9 changed files
with
235 additions
and
73 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,4 @@ | ||
import sys | ||
|
||
|
||
def application(env, start_response): | ||
version = "{}.{}".format(sys.version_info.major, sys.version_info.minor) | ||
start_response("200 OK", [("Content-Type", "text/plain")]) | ||
message = "Hello World from a default Nginx uWSGI Python {} app in a Docker container (default)".format( | ||
version | ||
) | ||
return [message.encode("utf-8")] | ||
start_response('200 OK', [('Content-Type', 'text/html')]) | ||
return [b"Hello World from a default Nginx uWSGI Python 3.6 app in a\ | ||
Docker container (default)"] |
This file was deleted.
Oops, something went wrong.
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
#!/bin/sh | ||
# | ||
# Note: base alpine Linux image may not include bash shell, | ||
# and we probably want to move to that for service images, | ||
# so just use bourn shell ... | ||
|
||
# | ||
# Update certificate authority index - | ||
# environment may have mounted more authorities | ||
# - ex: /usr/local/share/ca-certificates/cdis-ca.crt into system bundle | ||
# | ||
|
||
GEN3_DEBUG="${GEN3_DEBUG:-False}" | ||
GEN3_DRYRUN="${GEN3_DRYRUN:-False}" | ||
GEN3_UWSGI_TIMEOUT="${GEN3_UWSGI_TIMEOUT:-45s}" | ||
|
||
run() { | ||
if [ "$GEN3_DRYRUN" = True ]; then | ||
echo "DRY RUN - not running: $@" | ||
else | ||
echo "Running $@" | ||
"$@" | ||
fi | ||
} | ||
|
||
help() { | ||
cat - <<EOM | ||
Gen3 base (generic) launch script | ||
Use: | ||
dockkerrun.bash [--help] [--debug=False] [--uwsgiTimeout=45s] [--dryrun=False] | ||
EOM | ||
} | ||
|
||
|
||
while [ $# -gt 0 ]; do | ||
arg="$1" | ||
shift | ||
key="" | ||
value="" | ||
key="$(echo "$arg" | sed -e 's/^-*//' | sed -e 's/=.*$//')" | ||
value="$(echo "$arg" | sed -e 's/^.*=//')" | ||
|
||
if [ "$value" = "$arg" ]; then # =value not given, so use default | ||
value="" | ||
fi | ||
case "$key" in | ||
debug) | ||
GEN3_DEBUG="${value:-True}" | ||
;; | ||
uwsgiTimeout) | ||
GEN3_UWSGI_TIMEOUT="${value:-45s}" | ||
;; | ||
dryrun) | ||
GEN3_DRYRUN="${value:-True}" | ||
;; | ||
help) | ||
help | ||
exit 0 | ||
;; | ||
*) | ||
echo "ERROR: unknown argument $arg - bailing out" | ||
exit 1 | ||
;; | ||
esac | ||
done | ||
|
||
cat - <<EOM | ||
Got configuration: | ||
GEN3_DEBUG=$GEN3_DEBUG | ||
GEN3_UWSGI_TIMEOUT=$GEN3_UWSGI_TIMEOUT | ||
GEN3_DRYRUN=$GEN3_DRYRUN | ||
EOM | ||
|
||
run update-ca-certificates | ||
run mkdir -p /var/run/gen3 | ||
|
||
# fill in timeout in the uwsgi.conf template | ||
if [ -f /etc/nginx/sites-available/uwsgi.conf ]; then | ||
sed -i -e "s/GEN3_UWSGI_TIMEOUT/$GEN3_UWSGI_TIMEOUT/g" /etc/nginx/sites-available/uwsgi.conf | ||
fi | ||
|
||
# | ||
# Enable debug flag based on GEN3_DEBUG environment | ||
# | ||
if [ -f ./wsgi.py ] && [ "$GEN3_DEBUG" = "True" ]; then | ||
echo -e "\napplication.debug=True\n" >> ./wsgi.py | ||
fi | ||
|
||
( | ||
# Wait for nginx to create uwsgi.sock in a sub-process | ||
count=0 | ||
while [ ! -e /var/run/gen3/uwsgi.sock ] && [ $count -lt 10 ]; do | ||
echo "... waiting for /var/run/gen3/uwsgi.sock to appear" | ||
sleep 2 | ||
count="$(($count+1))" | ||
done | ||
if [ ! -e /var/run/gen3/uwsgi.sock ]; then | ||
echo "WARNING: /var/run/gen3/uwsgi.sock does not exist!!!" | ||
fi | ||
run uwsgi --ini /etc/uwsgi/uwsgi.ini | ||
) & | ||
run nginx -g 'daemon off;' | ||
wait |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,61 +1,35 @@ | ||
#!/usr/bin/env bash | ||
#!/usr/bin/env sh | ||
set -e | ||
|
||
# Get the maximum upload file size for Nginx, default to 0: unlimited | ||
USE_NGINX_MAX_UPLOAD=${NGINX_MAX_UPLOAD:-0} | ||
# Generate Nginx config for maximum upload file size | ||
echo "client_max_body_size $USE_NGINX_MAX_UPLOAD;" > /etc/nginx/conf.d/upload.conf | ||
|
||
# Explicitly add installed Python packages and uWSGI Python packages to PYTHONPATH | ||
# Otherwise uWSGI can't import Flask | ||
export PYTHONPATH=$PYTHONPATH:/usr/local/lib/python3.6/site-packages:/usr/lib/python3.6/site-packages | ||
|
||
# Get the number of workers for Nginx, default to 1 | ||
USE_NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1} | ||
# Modify the number of worker processes in Nginx config | ||
sed -i "/worker_processes\s/c\worker_processes ${USE_NGINX_WORKER_PROCESSES};" /etc/nginx/nginx.conf | ||
|
||
# Set the max number of connections per worker for Nginx, if requested | ||
# Set the max number of connections per worker for Nginx, if requested | ||
# Cannot exceed worker_rlimit_nofile, see NGINX_WORKER_OPEN_FILES below | ||
NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-1024} | ||
if [ -n "$NGINX_WORKER_CONNECTIONS" ] ; then | ||
sed -i "/worker_connections\s/c\ worker_connections ${NGINX_WORKER_CONNECTIONS};" /etc/nginx/nginx.conf | ||
fi | ||
|
||
# Set the max number of open file descriptors for Nginx workers, if requested | ||
if [ -n "$NGINX_WORKER_OPEN_FILES" ] ; then | ||
echo "worker_rlimit_nofile ${NGINX_WORKER_OPEN_FILES};" >> /etc/nginx/nginx.conf | ||
fi | ||
|
||
# Get the listen port for Nginx, default to 80 | ||
USE_LISTEN_PORT=${LISTEN_PORT:-80} | ||
|
||
if [ -f /app/nginx.conf ]; then | ||
cp /app/nginx.conf /etc/nginx/nginx.conf | ||
else | ||
content='user nginx;\n' | ||
# Set the number of worker processes in Nginx | ||
content=$content"worker_processes ${USE_NGINX_WORKER_PROCESSES};\n" | ||
content=$content'error_log /var/log/nginx/error.log warn;\n' | ||
content=$content'pid /var/run/nginx.pid;\n' | ||
content=$content'events {\n' | ||
content=$content" worker_connections ${NGINX_WORKER_CONNECTIONS};\n" | ||
content=$content'}\n' | ||
content=$content'http {\n' | ||
content=$content' include /etc/nginx/mime.types;\n' | ||
content=$content' default_type application/octet-stream;\n' | ||
content=$content' log_format main '"'\$remote_addr - \$remote_user [\$time_local] \"\$request\" '\n" | ||
content=$content' '"'\$status \$body_bytes_sent \"\$http_referer\" '\n" | ||
content=$content' '"'\"\$http_user_agent\" \"\$http_x_forwarded_for\"';\n" | ||
content=$content' access_log /var/log/nginx/access.log main;\n' | ||
content=$content' sendfile on;\n' | ||
content=$content' keepalive_timeout 65;\n' | ||
content=$content' include /etc/nginx/conf.d/*.conf;\n' | ||
content=$content'}\n' | ||
content=$content'daemon off;\n' | ||
# Set the max number of open file descriptors for Nginx workers, if requested | ||
if [ -n "${NGINX_WORKER_OPEN_FILES}" ] ; then | ||
content=$content"worker_rlimit_nofile ${NGINX_WORKER_OPEN_FILES};\n" | ||
fi | ||
# Save generated /etc/nginx/nginx.conf | ||
printf "$content" > /etc/nginx/nginx.conf | ||
|
||
content_server='server {\n' | ||
content_server=$content_server" listen ${USE_LISTEN_PORT};\n" | ||
content_server=$content_server' location / {\n' | ||
content_server=$content_server' include uwsgi_params;\n' | ||
content_server=$content_server' uwsgi_pass unix:///tmp/uwsgi.sock;\n' | ||
content_server=$content_server' }\n' | ||
content_server=$content_server'}\n' | ||
# Save generated server /etc/nginx/conf.d/nginx.conf | ||
printf "$content_server" > /etc/nginx/conf.d/nginx.conf | ||
|
||
# Generate Nginx config for maximum upload file size | ||
printf "client_max_body_size $USE_NGINX_MAX_UPLOAD;\n" > /etc/nginx/conf.d/upload.conf | ||
# Modify Nignx config for listen port | ||
if ! grep -q "listen ${USE_LISTEN_PORT};" /etc/nginx/nginx.conf ; then | ||
sed -i -e "/server {/a\ listen ${USE_LISTEN_PORT};" /etc/nginx/nginx.conf | ||
fi | ||
|
||
exec "$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
user nginx; | ||
worker_processes 1; | ||
|
||
error_log /var/log/nginx/error.log warn; | ||
pid /var/run/nginx.pid; | ||
|
||
|
||
events { | ||
worker_connections 1024; | ||
} | ||
|
||
|
||
http { | ||
include /etc/nginx/mime.types; | ||
default_type application/octet-stream; | ||
|
||
## | ||
# Logging Settings | ||
## | ||
log_format json '{"gen3log": "nginx", ' | ||
'"date_access": "$time_iso8601", ' | ||
'"user_id": "$http_x_userid", ' | ||
'"request_id": "$http_x_reqid", ' | ||
'"session_id": "$http_x_sessionid", ' | ||
'"visitor_id": "$http_x_visitorid", ' | ||
'"network_client_ip": "$http_x_forwarded_for", ' | ||
'"network_bytes_write": $body_bytes_sent, ' | ||
'"response_secs": $request_time, ' | ||
'"http_status_code": $status, ' | ||
'"http_request": "$request_uri", ' | ||
'"http_verb": "$request_method", ' | ||
'"http_referer": "$http_referer", ' | ||
'"http_useragent": "$http_user_agent", ' | ||
'"message": "$request"}'; | ||
|
||
|
||
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' | ||
'$status $body_bytes_sent "$http_referer" ' | ||
'"$http_user_agent" "$http_x_forwarded_for"'; | ||
|
||
access_log /var/log/nginx/access.log json; | ||
|
||
sendfile on; | ||
#tcp_nopush on; | ||
|
||
keepalive_timeout 65; | ||
|
||
#gzip on; | ||
|
||
include /etc/nginx/conf.d/*.conf; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
[supervisord] | ||
nodaemon=true | ||
|
||
[program:uwsgi] | ||
command=/usr/sbin/uwsgi --ini /etc/uwsgi/uwsgi.ini --die-on-term --need-app --plugin python3 | ||
stdout_logfile=/dev/stdout | ||
stdout_logfile_maxbytes=0 | ||
stderr_logfile=/dev/stderr | ||
stderr_logfile_maxbytes=0 | ||
|
||
[program:nginx] | ||
command=/usr/sbin/nginx | ||
stdout_logfile=/dev/stdout | ||
stdout_logfile_maxbytes=0 | ||
stderr_logfile=/dev/stderr | ||
stderr_logfile_maxbytes=0 | ||
# Graceful stop, see http://nginx.org/en/docs/control.html | ||
stopsignal=QUIT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
server { | ||
listen 80; | ||
|
||
location / { | ||
uwsgi_param REMOTE_ADDR $http_x_forwarded_for if_not_empty; | ||
uwsgi_param REMOTE_USER $http_x_userid if_not_empty; | ||
uwsgi_param REMOTE_REQID $http_x_reqid if_not_empty; | ||
uwsgi_param REMOTE_SESSIONID $http_x_sessionid if_not_empty; | ||
uwsgi_param REMOTE_VISITORID $http_x_visitorid if_not_empty; | ||
uwsgi_param GEN3_REQUEST_TIMESTAMP $msec; | ||
uwsgi_param GEN3_TIMEOUT_SECONDS GEN3_UWSGI_TIMEOUT; | ||
|
||
include uwsgi_params; | ||
uwsgi_pass unix:/var/run/gen3/uwsgi.sock; | ||
uwsgi_read_timeout GEN3_UWSGI_TIMEOUT; | ||
uwsgi_send_timeout GEN3_UWSGI_TIMEOUT; | ||
} | ||
|
||
location /_status { | ||
include uwsgi_params; | ||
uwsgi_pass unix:/var/run/gen3/uwsgi.sock; | ||
uwsgi_param GEN3_REQUEST_TIMESTAMP $msec; | ||
uwsgi_param GEN3_TIMEOUT_SECONDS GEN3_UWSGI_TIMEOUT; | ||
uwsgi_read_timeout GEN3_UWSGI_TIMEOUT; | ||
uwsgi_ignore_client_abort on; | ||
access_log off; | ||
} | ||
|
||
error_page 502 /502.html; | ||
location /502.html { | ||
return 504 '{"error": "Request Timeout or Service Unavailable"}'; | ||
} | ||
|
||
error_page 504 /504.html; | ||
location /504.html { | ||
return 504 '{"error": "Request Timeout"}'; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters