Mercurial > farol
changeset 1:63b00c10ada8
Add Configuration support, warning when in DEBUG mode, and Deployment instruction
| author | Benoît Allard <benoit.allard@greenbone.net> |
|---|---|
| date | Wed, 24 Sep 2014 15:04:19 +0200 |
| parents | 4a9f23230eba |
| children | fe1918b6e3e0 |
| files | README.txt farol/main.py farol/templates/about.j2 farol/templates/base.j2 run_web setup.py |
| diffstat | 6 files changed, 87 insertions(+), 11 deletions(-) [+] |
line wrap: on
line diff
--- a/README.txt Wed Sep 24 10:07:49 2014 +0200 +++ b/README.txt Wed Sep 24 15:04:19 2014 +0200 @@ -13,3 +13,71 @@ ------------ Farol is a web platform dedicated to the management of Security Advisories. + +Dependencies +------------ + +Farol has a dependency on FarolLuz, Flask, and (obviously) Python. + +Python can be either 2 or 3. 2.7 has been tested, as well as 3.3. 3.2 will not +work due to Flask (and dependencies) not being compatible with it. + +Configuration +------------- + +Configuration of Farol is done through a ``farol.cfg`` file that has to be set in the application *instance path*. + +Deployment +---------- + +.. note:: While there are dozen of ways to deploy a WSGI application, this + section documents a simple yet working and scalable way of doing it. + +0. Get ``farol`` and ``farolluz`` source code. + +1. Start with a virtualenv:: + + virtualenv farol_env + +2. Install FarolLuz and Farol in the virtualenv:: + + farol_env/bin/pip install ./farolluz + farol_env/bin/pip install ./farol + +3. Install gunicorn in the virtualenv:: + + farol_env/bin/pip install gunicorn + +3b. (Optional) Test that farol can run in the virtualenv:: + + farol_env/bin/gunicorn farol.main:app + + Visit the page http://localhost:8000 in a Web browser. + +4. Configure Farol: set ``DEBUG`` to ``False``, and set the SECRET_KEY to + something stable (and secret), so that it remains between reboot. The path + to the configuration file can be found on the About page in the Debug + Section. + +4. Setup ``supervisord`` (that has previously been installed) to monitor the + gunicorn process. + +5. Setup ``nginx`` (that has previously also been installed) to proxy the + gunicorn socket. + +It is most probable that supervisord and nginx will also be used for other +services in your server. + +Upgrade +------- + +When new version are available, the following can be done: + +Upgrade FarolLuz and Farol installation in the virtualenv:: + + farol_env/bin/pip install --upgrade ./farolluz ./farol + +Restart the gunicorn process:: + + supervisorctl farol restart +
--- a/farol/main.py Wed Sep 24 10:07:49 2014 +0200 +++ b/farol/main.py Wed Sep 24 15:04:19 2014 +0200 @@ -39,7 +39,9 @@ from .vulnerability import vulnerability from .producttree import producttree -app = Flask(__name__) +app = Flask(__name__, instance_relative_config=True) +app.config.from_object('farol.config.Config') +app.config.from_pyfile('farol.cfg', silent=True) app.register_blueprint(vulnerability, url_prefix='/vulnerability') app.register_blueprint(producttree, url_prefix='/producttree') @@ -47,11 +49,10 @@ @app.context_processor def cache_content(): """ List the documents in cache """ - if 'CACHE_DIRECTORY' not in app.config: - return dict(cache=[]) - dirname = app.config['CACHE_DIRECTORY'] + dirname = app.config.get('CACHE_DIRECTORY', + os.path.join(app.instance_path, '_cache')) if not os.path.exists(dirname): - os.mkdir(dirname) + os.makedirs(dirname) l = [] for path in os.listdir(dirname): name, ext = os.path.splitext(path) @@ -376,5 +377,5 @@ @app.route('/about') def about(): - return render_template('about.j2') + return render_template('about.j2', instance_dir=app.instance_path)
--- a/farol/templates/about.j2 Wed Sep 24 10:07:49 2014 +0200 +++ b/farol/templates/about.j2 Wed Sep 24 15:04:19 2014 +0200 @@ -37,6 +37,13 @@ <p>Farol is a web platform to manipulate Security Advisories. The main structure is highly inspired from the structure of a CVRF document.</p> <p>This platform is meant as a way to review / create / edit / publish Security Advisories in an accessible way</p> <p>In the current version, Advisories not currently saved are kept in memory of the running process. If the process terminates, and they are not seved, documents are lost.</p> + {% if config.DEBUG and not config.DEBUG_SURE %} + <hr> + <h3 id="debug">Debug Mode</h3> + <p>Your application is Running in Debug mode. While this might be a choice you made, this is not suitable for Production deployment. The <a href="/console">console</a> is an example of unsafe debug facilities.</p> + <p>You can turn the Debug mode off by setting <code>DEBUG=False</code> in the configuration file located at the following path: <code>{{ instance_dir }}/farol.cfg</code>.</p> + <p>If you want to remove this message and the DEBUG Footer alert, but still want to keep the Debug mode on, just set <code>DEBUG_SURE=True</code> in your configuration file.</p> + {% endif %} <hr> <p><strong>Farol</strong> is published under GPLv2+, and is Copyright © <a href="http://greenbone.net">Greenbone Networks GmbH</a>.</p> </div>
--- a/farol/templates/base.j2 Wed Sep 24 10:07:49 2014 +0200 +++ b/farol/templates/base.j2 Wed Sep 24 15:04:19 2014 +0200 @@ -117,6 +117,9 @@ <script>$("#error-popover").popover();</script> {% block content %}{% endblock %} </div> + {% if config.DEBUG and not config.DEBUG_SURE %} + <div class="alert alert-danger"><strong>DEBUG:</strong> This application is running in debug mode. See the <a href="{{ url_for('about', _anchor='debug')}}">about page</a> for more Details</div> + {% endif %} </div> <footer class="footer container-fluid"> <a class="pull-right" href="{{ url_for('about') }}">About ...</a>
--- a/run_web Wed Sep 24 10:07:49 2014 +0200 +++ b/run_web Wed Sep 24 15:04:19 2014 +0200 @@ -21,12 +21,7 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -import os - from farol.main import app -app.secret_key = os.urandom(24) -app.config['CACHE_DIRECTORY'] = os.path.join(os.path.dirname(__file__), '_cache') - if __name__ == "__main__": app.run(host="0.0.0.0", debug=True)