Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
279 lines (233 sloc) 7.96 KB
packages:
yum:
freetype-devel: []
libffi-devel: []
libpng-devel: []
libjpeg-turbo-devel: []
libevent: []
libevent-devel: []
python27-devel: []
nginx: []
git: []
files:
"/etc/nginx/nginx.conf" :
mode: "000644"
owner: root
group: root
content: |
user nginx; # Needed for permissions
pid /var/run/nginx.pid;
worker_processes 4; # Match number of cores
worker_rlimit_nofile 200000;
error_log /var/log/nginx/error.log;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
keepalive_timeout 15 5;
keepalive_requests 5000;
reset_timedout_connection on;
client_body_timeout 10;
send_timeout 20;
port_in_redirect off;
server_tokens off; # Remove version info
tcp_nodelay on;
tcp_nopush on;
sendfile on;
gzip on;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;
gzip_comp_level 6;
gzip_proxied any;
gzip_vary on;
include /etc/nginx/conf.d/*.conf;
include mime.types;
default_type application/octet-stream;
}
"/etc/nginx/conf.d/webapp.conf" :
mode: "000644"
owner: root
group: root
content: |
upstream python_backend {
server unix:///opt/python/log/uwsgi.sock;
}
server {
listen 8080 default_server; # avoid to be conflit with apache2, will change to 80 after app is deployed
server_name _;
# No logs, to avoid filling the instance disk
log_not_found off;
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
}
location /generate_204 {
log_not_found off;
access_log off;
return 204;
}
location /static/ {
alias /opt/python/current/app/static/;
}
location / {
try_files $uri @python_webapp;
}
location @python_webapp {
uwsgi_pass python_backend;
uwsgi_param Host $host;
uwsgi_param X-Real-IP $remote_addr;
uwsgi_param X-Forwarded-For $proxy_add_x_forwarded_for;
uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
uwsgi_param REMOTE_HOST $remote_addr;
include uwsgi_params;
}
}
"/opt/python/bin/uwsgilaunch" :
mode: "000755"
owner: root
group: root
content: |
#!/bin/bash
# Launch uWSGI server
# The purpose of this script is to set some environment variables before
# launching uWSGI server.
source /opt/python/current/env
if [ -f /etc/elasticbeanstalk/set-ulimit.sh ]; then
source /etc/elasticbeanstalk/set-ulimit.sh
fi
exec /opt/python/run/venv/bin/uwsgi \
--socket=/opt/python/log/uwsgi.sock \
--chdir=/opt/python/current/app \
--module=${WSGI_MODULE}:application \
--master \
--pidfile=/opt/python/run/uwsgi-master.pid \
--processes=5 \
--uid=wsgi \
--gid=wsgi \
--harakiri=60 \
--max-requests=5000 \
--vacuum \
--venv=/opt/python/run/venv \
--chmod-socket=666 \
--gevent=100
"/opt/python/etc/uwsgi.conf" :
mode: "000644"
owner: root
group: root
content: |
[program:uwsgi]
command=/opt/python/bin/uwsgilaunch
directory=/opt/python/current/app
autostart=true
autorestart=unexpected
startsecs=1 ; number of secs prog must stay running (def. 1)
startretries=3 ; max # of serial start failures (default 3)
exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)
killasgroup=false ; SIGKILL the UNIX process group (def false)
stdout_logfile=/opt/python/log/uwsgi.out
stdout_logfile_maxbytes=50MB ; max # logfile bytes b4 rotation (default 50MB)
stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)
redirect_stderr=true
"/opt/elasticbeanstalk/hooks/appdeploy/enact/99loadnewservice.sh" :
mode: "000755"
owner: root
group: root
content: |
#!/usr/bin/env bash
export PATH=$PATH:/usr/local/bin
LINE='Listen 8081'
if ! grep -qF "$LINE" /etc/httpd/conf/httpd.conf
then
sed -i 's/Listen 80/Listen 8081/g' /etc/httpd/conf/httpd.conf
fi
# Also replace in wsgi.conf
LINE='<VirtualHost \*:8081>'
if ! grep -qF "$LINE" /etc/httpd/conf.d/wsgi.conf
then
sed -i 's/<VirtualHost \*:80>/<VirtualHost *:8081>/g' /etc/httpd/conf.d/wsgi.conf
fi
LINE='files = uwsgi.conf'
if ! grep -qF "$LINE" /opt/python/etc/supervisord.conf
then
echo "[include]" >> /opt/python/etc/supervisord.conf && echo "$LINE" >> /opt/python/etc/supervisord.conf
fi
supervisorctl -c /opt/python/etc/supervisord.conf reread
supervisorctl -c /opt/python/etc/supervisord.conf reload
sed -i 's/listen 8080/listen 80/g' /etc/nginx/conf.d/webapp.conf
service nginx restart
"/opt/elasticbeanstalk/hooks/configdeploy/enact/99loadnewservice.sh" :
mode: "000755"
owner: root
group: root
content: |
#!/usr/bin/env bash
export PATH=$PATH:/usr/local/bin
LINE='Listen 8081'
if ! grep -qF "$LINE" /etc/httpd/conf/httpd.conf
then
sed -i 's/Listen 80/Listen 8081/g' /etc/httpd/conf/httpd.conf
fi
# Also replace in wsgi.conf
LINE='<VirtualHost \*:8081>'
if ! grep -qF "$LINE" /etc/httpd/conf.d/wsgi.conf
then
sed -i 's/<VirtualHost \*:80>/<VirtualHost *:8081>/g' /etc/httpd/conf.d/wsgi.conf
fi
LINE='files = uwsgi.conf'
if ! grep -qF "$LINE" /opt/python/etc/supervisord.conf
then
echo "[include]" >> /opt/python/etc/supervisord.conf && echo "$LINE" >> /opt/python/etc/supervisord.conf
fi
supervisorctl -c /opt/python/etc/supervisord.conf reread
supervisorctl -c /opt/python/etc/supervisord.conf reload
sed -i 's/listen 8080/listen 80/g' /etc/nginx/conf.d/webapp.conf
service nginx restart
"/opt/elasticbeanstalk/hooks/restartappserver/enact/99restartnginx.sh" :
mode: "000755"
owner: root
group: root
content: |
#!/bin/bash
set -xe
if [ -z "$EB_SYSTEM_STARTUP" ];
then
/usr/local/bin/supervisorctl -c /opt/python/etc/supervisord.conf restart uwsgi
service nginx restart
fi
eventHelper.py --msg "Nginx and uWSGI server successfully restarted." --severity INFO
"/opt/elasticbeanstalk/tasks/bundlelogs.d/nginx.conf" :
mode: "000644"
owner: root
group: root
content: |
/var/log/nginx/*log
"/opt/elasticbeanstalk/tasks/publishlogs.d/nginx.conf" :
mode: "000644"
owner: root
group: root
content: |
/var/log/nginx/*log
"/opt/elasticbeanstalk/tasks/systemtaillogs.d/nginx.conf" :
mode: "000644"
owner: root
group: root
content: |
/var/log/nginx/*log
"/opt/elasticbeanstalk/tasks/taillogs.d/nginx.conf" :
mode: "000644"
owner: root
group: root
content: |
/var/log/nginx/*log
services:
sysvinit:
nginx:
enabled: true
ensureRunning: true