[[TOC]] = Installation on Apache with WSGI = This is what is used to host the Demo site & Trac Main install docs are here: [wiki:InstallationGuidelines/Linux/Server/ApacheMySQL] This page provides some supplementary notes Also see: * PakistanDeploymentCycle * mod_rewrite: http://web2py.com/AlterEgo/default/show/144 == Add Web2Py user == Can run as Webserver, but if you can partition, you generally should: {{{ adduser --system --disabled-password web2py }}} == File Permissions == {{{ chown web2py ~web2py chown web2py ~web2py/applications/admin/cache chown web2py ~web2py/applications/admin/cron chown web2py ~web2py/applications/admin/databases chown web2py ~web2py/applications/admin/errors chown web2py ~web2py/applications/admin/sessions chown web2py ~web2py/applications/eden/cache chown web2py ~web2py/applications/eden/cron chown web2py ~web2py/applications/eden/databases chown web2py ~web2py/applications/eden/errors chown web2py ~web2py/applications/eden/models chown web2py ~web2py/applications/eden/sessions chown web2py ~web2py/applications/eden/static/img/markers chown web2py ~web2py/applications/eden/uploads }}} == Environment Variables == If running the Survey module & wanting graphs: {{{ chown web2py /home/web2py echo "os.environ['MPLCONFIGDIR'] = '/home/web2py/.matplotlib'" >> ~web2py/wsgihandler.py }}} == Cron == If running on a UNIX variant (as would be recommended) then suggest using the [http://web2py.com/book/default/chapter/04#Cron Native Cron] {{{ vim /etc/crontab 0-59/1 * * * * web2py cd ~web2py/ && python web2py.py -C -D 1 >> /tmp/cron.output 2>&1 cp ~web2py/options_std.py ~web2py/options.py vim ~web2py/options.py extcron = True }}} == Debian (or Ubuntu) == {{{ apt-get install -y libapache2-mod-wsgi a2enmod rewrite a2enmod deflate a2enmod headers a2enmod expires vim /etc/apache2/apache2.conf # Recycle threads to avoid memory leaks MaxRequestsPerChild 1024 # Recycle threads to avoid memory leaks MaxRequestsPerChild 1024 vim /etc/apache2/mods-enabled/wsgi.conf # Enable to allow Basic Authentication for WebServices WSGIPassAuthorization On vim /etc/apache2/sites-available/eden }}} {{{ ServerName demo.eden.sahanafoundation.org ServerAdmin webmaster@eden.sahanafoundation.org DocumentRoot /home/web2py/applications WSGIScriptAlias / /home/web2py/wsgihandler.py ## Edit the process and the maximum-requests to reflect your RAM WSGIDaemonProcess web2py user=web2py group=web2py home=/home/web2py processes=5 maximum-requests=50 RewriteEngine On RewriteCond %{REQUEST_URI} !/eden/(.*) RewriteRule /(.*) /eden/$1 [R] ### admin only accessible via SSH Tunnel SSLRequireSSL ### appadmin requires SSL SSLRequireSSL ### static files do not need WSGI Order Allow,Deny Allow from all ### everything else goes over WSGI Order deny,allow Allow from all WSGIProcessGroup web2py ErrorLog /var/log/apache2/demo_error.log LogLevel warn CustomLog /var/log/apache2/demo_access.log combined }}} {{{ ln -s /etc/apache2/sites-available/eden /etc/apache2/sites-enabled/eden /etc/init.d/apache2 force-reload }}} Refer to the following URLs for WSGI configuration tuning: * http://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIDaemonProcess * http://code.google.com/p/modwsgi/wiki/ApplicationIssues#Memory_Constrained_VPS_Systems WSGI Installation comments: http://blog.dscpl.com.au/2009/08/problems-with-example-web2py.html Another set of Ubuntu docs: http://www.web2pyslices.com/main/slices/take_slice/14 == Apache mod_deflate & mod_expires == Optimise by using [http://httpd.apache.org/docs/2.2/mod/mod_deflate.html GZip] & [http://httpd.apache.org/docs/2.2/mod/mod_expires.html Expires]: {{{ ### static files do not need WSGI Order Allow,Deny Allow from all SetOutputFilter DEFLATE BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary Header append Vary User-Agent env=!dont-vary ExpiresActive On ExpiresByType text/html "access plus 1 day" ExpiresByType text/javascript "access plus 1 week" ExpiresByType text/css "access plus 2 weeks" ExpiresByType image/ico "access plus 1 month" ExpiresByType image/gif "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" ExpiresByType image/jpg "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType application/x-shockwave-flash "access plus 1 month" }}} == Static home page == ConfigurationGuidelines#StaticHomePage {{{ RewriteEngine On # extract desired cookie value from multiple-cookie HTTP header RewriteCond %{HTTP_COOKIE} registered=([^;]+) # check that cookie value is correct RewriteCond %1 ^yes$ RewriteRule ^/$ /eden/ [R,L] RewriteRule ^/$ /eden/static/index.html [R,L] RewriteCond %{REQUEST_URI} !/phpmyadmin(.*) RewriteCond %{REQUEST_URI} !/eden/(.*) RewriteRule /(.*) /eden/$1 [R] }}} == Redirect to SSL only for the login page == Add the following to the non SSL apache config [example.com is assumed to be your domain]. {{{ RewriteEngine On RewriteRule ^/eden/default/user/(.*)$ https://example.com/eden/default/user/$1 [R] }}} Add the following to the SSL apache config {{{ RewriteEngine On RewriteRule ^(.*)/user/(.*)$ - [L] RewriteRule ^/eden/(.*)$ http://example.com/eden/$1 [R] [L] }}} == Maintenance Site == A useful site defintion for maintenance windows: points users at a static page, however access to phpmyadmin can be maintained: {{{ ServerName demo.eden.sahanafoundation.org ServerAdmin webmaster@sahanafoundation.org DocumentRoot /var/www RewriteEngine On RewriteCond %{REQUEST_URI} !/phpmyadmin(.*) RewriteRule ^/(.*) /maintenance.html Order deny,allow Allow from all ErrorLog /var/log/apache2/maintenance_error.log LogLevel warn CustomLog /var/log/apache2/maintenance_access.log combined }}} Enable maintenance: {{{ a2ensite maintenance a2dissite eden apache2ctl restart }}} Restore production: {{{ a2ensite eden a2dissite maintenance apache2ctl restart }}} ---- InstallationGuidelines