# HG changeset patch # User BenoƮt Allard # Date 1411563859 -7200 # Node ID 63b00c10ada8bc1968de3e8c212a02ff455499d9 # Parent 4a9f23230eba93da7b719c642c331aeb4fa2d1a4 Add Configuration support, warning when in DEBUG mode, and Deployment instruction diff -r 4a9f23230eba -r 63b00c10ada8 README.txt --- a/README.txt Wed Sep 24 10:07:49 2014 +0200 +++ b/README.txt Wed Sep 24 15:04:19 2014 +0200 @@ -13,3 +13,71 @@ ------------ Farol is a web platform dedicated to the management of Security Advisories. + +Dependencies +------------ + +Farol has a dependency on FarolLuz, Flask, and (obviously) Python. + +Python can be either 2 or 3. 2.7 has been tested, as well as 3.3. 3.2 will not +work due to Flask (and dependencies) not being compatible with it. + +Configuration +------------- + +Configuration of Farol is done through a ``farol.cfg`` file that has to be set in the application *instance path*. + +Deployment +---------- + +.. note:: While there are dozen of ways to deploy a WSGI application, this + section documents a simple yet working and scalable way of doing it. + +0. Get ``farol`` and ``farolluz`` source code. + +1. Start with a virtualenv:: + + virtualenv farol_env + +2. Install FarolLuz and Farol in the virtualenv:: + + farol_env/bin/pip install ./farolluz + farol_env/bin/pip install ./farol + +3. Install gunicorn in the virtualenv:: + + farol_env/bin/pip install gunicorn + +3b. (Optional) Test that farol can run in the virtualenv:: + + farol_env/bin/gunicorn farol.main:app + + Visit the page http://localhost:8000 in a Web browser. + +4. Configure Farol: set ``DEBUG`` to ``False``, and set the SECRET_KEY to + something stable (and secret), so that it remains between reboot. The path + to the configuration file can be found on the About page in the Debug + Section. + +4. Setup ``supervisord`` (that has previously been installed) to monitor the + gunicorn process. + +5. Setup ``nginx`` (that has previously also been installed) to proxy the + gunicorn socket. + +It is most probable that supervisord and nginx will also be used for other +services in your server. + +Upgrade +------- + +When new version are available, the following can be done: + +Upgrade FarolLuz and Farol installation in the virtualenv:: + + farol_env/bin/pip install --upgrade ./farolluz ./farol + +Restart the gunicorn process:: + + supervisorctl farol restart + diff -r 4a9f23230eba -r 63b00c10ada8 farol/main.py --- a/farol/main.py Wed Sep 24 10:07:49 2014 +0200 +++ b/farol/main.py Wed Sep 24 15:04:19 2014 +0200 @@ -39,7 +39,9 @@ from .vulnerability import vulnerability from .producttree import producttree -app = Flask(__name__) +app = Flask(__name__, instance_relative_config=True) +app.config.from_object('farol.config.Config') +app.config.from_pyfile('farol.cfg', silent=True) app.register_blueprint(vulnerability, url_prefix='/vulnerability') app.register_blueprint(producttree, url_prefix='/producttree') @@ -47,11 +49,10 @@ @app.context_processor def cache_content(): """ List the documents in cache """ - if 'CACHE_DIRECTORY' not in app.config: - return dict(cache=[]) - dirname = app.config['CACHE_DIRECTORY'] + dirname = app.config.get('CACHE_DIRECTORY', + os.path.join(app.instance_path, '_cache')) if not os.path.exists(dirname): - os.mkdir(dirname) + os.makedirs(dirname) l = [] for path in os.listdir(dirname): name, ext = os.path.splitext(path) @@ -376,5 +377,5 @@ @app.route('/about') def about(): - return render_template('about.j2') + return render_template('about.j2', instance_dir=app.instance_path) diff -r 4a9f23230eba -r 63b00c10ada8 farol/templates/about.j2 --- a/farol/templates/about.j2 Wed Sep 24 10:07:49 2014 +0200 +++ b/farol/templates/about.j2 Wed Sep 24 15:04:19 2014 +0200 @@ -37,6 +37,13 @@

Farol is a web platform to manipulate Security Advisories. The main structure is highly inspired from the structure of a CVRF document.

This platform is meant as a way to review / create / edit / publish Security Advisories in an accessible way

In the current version, Advisories not currently saved are kept in memory of the running process. If the process terminates, and they are not seved, documents are lost.

+ {% if config.DEBUG and not config.DEBUG_SURE %} +
+

Debug Mode

+

Your application is Running in Debug mode. While this might be a choice you made, this is not suitable for Production deployment. The console is an example of unsafe debug facilities.

+

You can turn the Debug mode off by setting DEBUG=False in the configuration file located at the following path: {{ instance_dir }}/farol.cfg.

+

If you want to remove this message and the DEBUG Footer alert, but still want to keep the Debug mode on, just set DEBUG_SURE=True in your configuration file.

+ {% endif %}

Farol is published under GPLv2+, and is Copyright © Greenbone Networks GmbH.

diff -r 4a9f23230eba -r 63b00c10ada8 farol/templates/base.j2 --- a/farol/templates/base.j2 Wed Sep 24 10:07:49 2014 +0200 +++ b/farol/templates/base.j2 Wed Sep 24 15:04:19 2014 +0200 @@ -117,6 +117,9 @@ {% block content %}{% endblock %} + {% if config.DEBUG and not config.DEBUG_SURE %} +
DEBUG: This application is running in debug mode. See the about page for more Details
+ {% endif %}