Table of Contents
Installation on Apache with WSGI
This is what is used to host the Demo site & Trac
Main install docs are here: InstallationGuidelines/Linux/Server/ApacheMySQL
This page provides some supplementary notes
Also see:
Add Web2Py user
Can run as Webserver, but if you can partition, you generally should:
adduser --system --disabled-password web2py
File Permissions
chown web2py ~web2py chown web2py ~web2py/applications/admin/cache chown web2py ~web2py/applications/admin/cron chown web2py ~web2py/applications/admin/databases chown web2py ~web2py/applications/admin/errors chown web2py ~web2py/applications/admin/sessions chown web2py ~web2py/applications/eden/cache chown web2py ~web2py/applications/eden/cron chown web2py ~web2py/applications/eden/databases chown web2py ~web2py/applications/eden/errors chown web2py ~web2py/applications/eden/models chown web2py ~web2py/applications/eden/sessions chown web2py ~web2py/applications/eden/static/img/markers chown web2py ~web2py/applications/eden/uploads
Cron
Note: This has been deprecated by the use of S3Task
If running on a UNIX variant (as would be recommended) then suggest using the Native Cron
vim /etc/crontab 0-59/1 * * * * web2py cd ~web2py/ && python web2py.py -C -D 1 >> /tmp/cron.output 2>&1 cp ~web2py/options_std.py ~web2py/options.py vim ~web2py/options.py extcron = True
Debian (or Ubuntu)
apt-get install -y libapache2-mod-wsgi a2enmod rewrite a2enmod deflate a2enmod headers a2enmod expires vim /etc/apache2/apache2.conf <IfModule mpm_prefork_module> # Recycle threads to avoid memory leaks MaxRequestsPerChild 1024 <IfModule mpm_worker_module> # Recycle threads to avoid memory leaks MaxRequestsPerChild 1024 vim /etc/apache2/mods-enabled/wsgi.conf # Enable to allow Basic Authentication for WebServices WSGIPassAuthorization On vim /etc/apache2/sites-available/eden
<VirtualHost *:80> ServerName demo.eden.sahanafoundation.org ServerAdmin webmaster@eden.sahanafoundation.org DocumentRoot /home/web2py/applications WSGIScriptAlias / /home/web2py/wsgihandler.py ## Edit the process and the maximum-requests to reflect your RAM WSGIDaemonProcess web2py user=web2py group=web2py home=/home/web2py processes=5 maximum-requests=50 RewriteEngine On RewriteCond %{REQUEST_URI} !/eden/(.*) RewriteRule /(.*) /eden/$1 [R] ### admin only accessible via SSH Tunnel <Location "/admin"> SSLRequireSSL </Location> ### appadmin requires SSL <LocationMatch "^(/[\w_]*/appadmin/.*)"> SSLRequireSSL </LocationMatch> ### static files do not need WSGI <LocationMatch "^(/[\w_]*/static/.*)"> Order Allow,Deny Allow from all </LocationMatch> ### everything else goes over WSGI <Location "/"> Order deny,allow Allow from all WSGIProcessGroup web2py </Location> ErrorLog /var/log/apache2/demo_error.log LogLevel warn CustomLog /var/log/apache2/demo_access.log combined </VirtualHost>
ln -s /etc/apache2/sites-available/eden /etc/apache2/sites-enabled/eden /etc/init.d/apache2 force-reload
Refer to the following URLs for WSGI configuration tuning:
- http://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIDaemonProcess
- http://code.google.com/p/modwsgi/wiki/ApplicationIssues#Memory_Constrained_VPS_Systems
WSGI Installation comments: http://blog.dscpl.com.au/2009/08/problems-with-example-web2py.html
Another set of Ubuntu docs: http://www.web2pyslices.com/main/slices/take_slice/14
Apache mod_deflate & mod_expires
Optimise by using GZip & Expires:
### static files do not need WSGI <LocationMatch "^(/[\w_]*/static/.*)"> Order Allow,Deny Allow from all SetOutputFilter DEFLATE BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary Header append Vary User-Agent env=!dont-vary ExpiresActive On ExpiresByType text/html "access plus 1 day" ExpiresByType text/javascript "access plus 1 week" ExpiresByType text/css "access plus 2 weeks" ExpiresByType image/ico "access plus 1 month" ExpiresByType image/gif "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" ExpiresByType image/jpg "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType application/x-shockwave-flash "access plus 1 month" </LocationMatch>
Static home page
ConfigurationGuidelines#StaticHomePage
RewriteEngine On # extract desired cookie value from multiple-cookie HTTP header RewriteCond %{HTTP_COOKIE} registered=([^;]+) # check that cookie value is correct RewriteCond %1 ^yes$ RewriteRule ^/$ /eden/ [R,L] RewriteRule ^/$ /eden/static/index.html [R,L] RewriteCond %{REQUEST_URI} !/phpmyadmin(.*) RewriteCond %{REQUEST_URI} !/eden/(.*) RewriteRule /(.*) /eden/$1 [R]
Redirect to SSL only for the login page
Add the following to the non SSL apache config [example.com is assumed to be your domain].
RewriteEngine On RewriteRule ^/eden/default/user/(.*)$ https://example.com/eden/default/user/$1 [R]
Add the following to the SSL apache config
RewriteEngine On RewriteRule ^(.*)/user/(.*)$ - [L] RewriteRule ^/eden/(.*)$ http://example.com/eden/$1 [R] [L]
Maintenance Site
A useful site defintion for maintenance windows: points users at a static page, however access to phpmyadmin can be maintained:
<VirtualHost *:80> ServerName demo.eden.sahanafoundation.org ServerAdmin webmaster@sahanafoundation.org DocumentRoot /var/www RewriteEngine On RewriteCond %{REQUEST_URI} !/phpmyadmin(.*) RewriteRule ^/(.*) /maintenance.html <Location "/"> Order deny,allow Allow from all </Location> ErrorLog /var/log/apache2/maintenance_error.log LogLevel warn CustomLog /var/log/apache2/maintenance_access.log combined </VirtualHost>
Enable maintenance:
a2ensite maintenance a2dissite eden apache2ctl restart
Restore production:
a2ensite eden a2dissite maintenance apache2ctl restart