A Buildout recipe to install and configure Nginx with conda.
Project description
*****************************
birdhousebuilder.recipe.nginx
*****************************
.. image:: https://travis-ci.org/bird-house/birdhousebuilder.recipe.nginx.svg?branch=master
:target: https://travis-ci.org/bird-house/birdhousebuilder.recipe.nginx
:alt: Travis Build
Introduction
************
``birdhousebuilder.recipe.nginx`` is a `Buildout`_ recipe to install `Nginx`_ from an `Anaconda`_ channel and to deploy a site configuration for your application.
This recipe is used by the `Birdhouse`_ project.
.. _`Buildout`: http://buildout.org/
.. _`Anaconda`: http://continuum.io/
.. _`Nginx`: http://nginx.org/
.. _`Mako`: http://www.makotemplates.org
.. _`Birdhouse`: http://bird-house.github.io
Usage
*****
The recipe requires that Anaconda is already installed. You can use the buildout option ``anaconda-home`` to set the prefix for the anaconda installation. Otherwise the environment variable ``CONDA_PREFIX`` (variable is set when activating a conda environment) is used as conda prefix.
The recipe will install the ``nginx`` package from a conda channel in a conda enviroment defined by ``CONDA_PREFIX``. The intallation folder is given by the ``prefix`` buildout option. It deploys a Nginx site configuration for your application. The configuration will be deployed in ``${prefix}/etc/nginx/conf.d/myapp.conf``. Nginx can be started with ``${prefix}/etc/init.d/nginx start``.
The recipe depends on ``birdhousebuilder.recipe.conda`` and ``zc.recipe.deployment``.
Supported options
=================
This recipe supports the following options:
**anaconda-home**
Buildout option pointing to the root folder of the Anaconda installation. Default: ``$HOME/anaconda``.
Buildout part options for the program section:
**prefix**
Deployment option to set the prefix of the installation folder. Default: ``/``
**user**
Deployment option to set the run user.
**etc-user**
Deployment option to set the user of the ``/etc`` directory. Default: ``root``
**name**
The name of your application.
**input**
The path to a `Mako`_ template with a Nginx configuration for your application.
**worker-processes**
The number of worker processes started (use ``auto`` for dynamic value). Default: 1
**keepalive-timeout**
Timeout during keep-alive client connection will stay open on the server side. Default: 5s
**organization**
The organization name for the certificate. Default: ``Birdhouse``
**organization-unit**
The organization unit for the certificate. Default: ``Demo``
**ssl-verify-client**
Nginx option to verify SSL client certificates. Possible values: ``off`` (default), ``on``, ``optional``.
`Nginx ssl_verify_client option`_
**ssl-client-certificate**
Nginx option with the name of the bundle of CA certificates for the client. Default: ``esgf-ca-bundle.crt``.
`Nginx ssl_client_certificate`_
**ssl-client-certificate-url**
Optional URL to download a bundle of CA certificates for ``ssl-client-certificate``. Default:
https://github.com/ESGF/esgf-dist/raw/master/installer/certs/esgf-ca-bundle.crt
All additional options can be used as parameters in your Nginx site configuration.
.. _Nginx ssl_verify_client option: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_verify_client
.. _Nginx ssl_client_certificate option: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_client_certificate
Example usage
=============
The following example ``buildout.cfg`` installs Nginx with a site configuration for ``myapp``::
[buildout]
parts = myapp_nginx
anaconda-home = /opt/anaconda
[myapp_nginx]
recipe = birdhousebuilder.recipe.nginx
name = myapp
prefix = /
user = www-data
input = ${buildout:directory}/templates/myapp_nginx.conf
hostname = localhost
port = 8081
An example Mako template for your Nginx configuration could look like this::
upstream myapp {
server unix:///tmp/myapp.socket fail_timeout=0;
}
server {
listen ${port};
server_name ${hostname};
root ${prefix}/var/www;
index index.html index.htm;
location / {
# checks for static file, if not found proxy to app
try_files $uri @proxy_to_phoenix;
}
location @proxy_to_phoenix {
proxy_pass http://myapp;
}
}
Authors
*******
Carsten Ehbrecht ehbrecht at dkrz.de
Changes
*******
0.3.7 (2018-02-07)
==================
* Feature #8: added options to handle SSL client verification.
* fixed travis build ... needed to update versions.
* pep8.
0.3.6 (2017-03-09)
==================
* Fixed #7: create ``var/tmp/nginx`` folder.
* set ``user`` directive only if different from etc-user.
0.3.5 (2016-12-12)
==================
* fixed ``etc/`` folder permissions.
* update MANIFEST.in.
0.3.4 (2016-07-14)
==================
* fixed ssl-key-length option (int value).
0.3.3 (2016-07-13)
==================
* ssl-key-length option added.
0.3.2 (2016-07-11)
==================
* create ``var/www`` folder.
0.3.1 (2016-07-04)
==================
* enabled user in nginx.conf.
* using supervisor skip-user option.
0.3.0 (2016-06-30)
==================
* enabled travis.
* updated buildout and doctests.
* added conda options env, pkgs, channels.
* using zc.recipe.deployment
* fail save with log message when cert generation fails.
0.2.6 (2016-04-11)
==================
* added cryptography conda package.
0.2.5 (2016-01-19)
==================
* set keepalive_timeout to 5s (can be overwritten in options).
0.2.4 (2016-01-15)
==================
* disabled sendfile in nginx.conf.
* ``worker_processes`` is now configurable.
0.2.3 (2015-07-06)
==================
* create cert.pem only if it does not exist.
0.2.2 (2015-06-25)
==================
* cleaned up templates.
* added user option.
0.2.1 (2015-06-23)
==================
* generates self-signed certificate for https.
0.2.0 (2015-02-24)
==================
* installing in conda enviroment ``birdhouse``.
* using ``$ANACONDA_HOME`` environment variable.
* separation of anaconda-home and installation prefix.
0.1.7 (2014-12-06)
==================
* Don't update conda on buildout update.
0.1.6 (2014-11-11)
==================
* Removed proxy configuration.
* Fixed supervisor config: nginx didn't stop.
* nginx is started as supervisor service.
0.1.5 (2014-10-27)
==================
* disabled SSLv3 (poodle attack)
0.1.4 (2014-10-21)
==================
* Updated docs.
* Fixed pyOpenSSL dependency.
0.1.3 (2014-08-26)
==================
* Fixed proxy config for wpsoutputs.
* Using proxy-enabled buildout option.
* options master and superuser_enabled added.
0.1.2 (2014-08-01)
==================
* Updated documentation.
0.1.1 (2014-07-24)
==================
* Added start-stop script for nginx.
* Generates self-signed certificate for https.
0.1.0 (2014-07-10)
==================
Initial Release.
birdhousebuilder.recipe.nginx
*****************************
.. image:: https://travis-ci.org/bird-house/birdhousebuilder.recipe.nginx.svg?branch=master
:target: https://travis-ci.org/bird-house/birdhousebuilder.recipe.nginx
:alt: Travis Build
Introduction
************
``birdhousebuilder.recipe.nginx`` is a `Buildout`_ recipe to install `Nginx`_ from an `Anaconda`_ channel and to deploy a site configuration for your application.
This recipe is used by the `Birdhouse`_ project.
.. _`Buildout`: http://buildout.org/
.. _`Anaconda`: http://continuum.io/
.. _`Nginx`: http://nginx.org/
.. _`Mako`: http://www.makotemplates.org
.. _`Birdhouse`: http://bird-house.github.io
Usage
*****
The recipe requires that Anaconda is already installed. You can use the buildout option ``anaconda-home`` to set the prefix for the anaconda installation. Otherwise the environment variable ``CONDA_PREFIX`` (variable is set when activating a conda environment) is used as conda prefix.
The recipe will install the ``nginx`` package from a conda channel in a conda enviroment defined by ``CONDA_PREFIX``. The intallation folder is given by the ``prefix`` buildout option. It deploys a Nginx site configuration for your application. The configuration will be deployed in ``${prefix}/etc/nginx/conf.d/myapp.conf``. Nginx can be started with ``${prefix}/etc/init.d/nginx start``.
The recipe depends on ``birdhousebuilder.recipe.conda`` and ``zc.recipe.deployment``.
Supported options
=================
This recipe supports the following options:
**anaconda-home**
Buildout option pointing to the root folder of the Anaconda installation. Default: ``$HOME/anaconda``.
Buildout part options for the program section:
**prefix**
Deployment option to set the prefix of the installation folder. Default: ``/``
**user**
Deployment option to set the run user.
**etc-user**
Deployment option to set the user of the ``/etc`` directory. Default: ``root``
**name**
The name of your application.
**input**
The path to a `Mako`_ template with a Nginx configuration for your application.
**worker-processes**
The number of worker processes started (use ``auto`` for dynamic value). Default: 1
**keepalive-timeout**
Timeout during keep-alive client connection will stay open on the server side. Default: 5s
**organization**
The organization name for the certificate. Default: ``Birdhouse``
**organization-unit**
The organization unit for the certificate. Default: ``Demo``
**ssl-verify-client**
Nginx option to verify SSL client certificates. Possible values: ``off`` (default), ``on``, ``optional``.
`Nginx ssl_verify_client option`_
**ssl-client-certificate**
Nginx option with the name of the bundle of CA certificates for the client. Default: ``esgf-ca-bundle.crt``.
`Nginx ssl_client_certificate`_
**ssl-client-certificate-url**
Optional URL to download a bundle of CA certificates for ``ssl-client-certificate``. Default:
https://github.com/ESGF/esgf-dist/raw/master/installer/certs/esgf-ca-bundle.crt
All additional options can be used as parameters in your Nginx site configuration.
.. _Nginx ssl_verify_client option: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_verify_client
.. _Nginx ssl_client_certificate option: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_client_certificate
Example usage
=============
The following example ``buildout.cfg`` installs Nginx with a site configuration for ``myapp``::
[buildout]
parts = myapp_nginx
anaconda-home = /opt/anaconda
[myapp_nginx]
recipe = birdhousebuilder.recipe.nginx
name = myapp
prefix = /
user = www-data
input = ${buildout:directory}/templates/myapp_nginx.conf
hostname = localhost
port = 8081
An example Mako template for your Nginx configuration could look like this::
upstream myapp {
server unix:///tmp/myapp.socket fail_timeout=0;
}
server {
listen ${port};
server_name ${hostname};
root ${prefix}/var/www;
index index.html index.htm;
location / {
# checks for static file, if not found proxy to app
try_files $uri @proxy_to_phoenix;
}
location @proxy_to_phoenix {
proxy_pass http://myapp;
}
}
Authors
*******
Carsten Ehbrecht ehbrecht at dkrz.de
Changes
*******
0.3.7 (2018-02-07)
==================
* Feature #8: added options to handle SSL client verification.
* fixed travis build ... needed to update versions.
* pep8.
0.3.6 (2017-03-09)
==================
* Fixed #7: create ``var/tmp/nginx`` folder.
* set ``user`` directive only if different from etc-user.
0.3.5 (2016-12-12)
==================
* fixed ``etc/`` folder permissions.
* update MANIFEST.in.
0.3.4 (2016-07-14)
==================
* fixed ssl-key-length option (int value).
0.3.3 (2016-07-13)
==================
* ssl-key-length option added.
0.3.2 (2016-07-11)
==================
* create ``var/www`` folder.
0.3.1 (2016-07-04)
==================
* enabled user in nginx.conf.
* using supervisor skip-user option.
0.3.0 (2016-06-30)
==================
* enabled travis.
* updated buildout and doctests.
* added conda options env, pkgs, channels.
* using zc.recipe.deployment
* fail save with log message when cert generation fails.
0.2.6 (2016-04-11)
==================
* added cryptography conda package.
0.2.5 (2016-01-19)
==================
* set keepalive_timeout to 5s (can be overwritten in options).
0.2.4 (2016-01-15)
==================
* disabled sendfile in nginx.conf.
* ``worker_processes`` is now configurable.
0.2.3 (2015-07-06)
==================
* create cert.pem only if it does not exist.
0.2.2 (2015-06-25)
==================
* cleaned up templates.
* added user option.
0.2.1 (2015-06-23)
==================
* generates self-signed certificate for https.
0.2.0 (2015-02-24)
==================
* installing in conda enviroment ``birdhouse``.
* using ``$ANACONDA_HOME`` environment variable.
* separation of anaconda-home and installation prefix.
0.1.7 (2014-12-06)
==================
* Don't update conda on buildout update.
0.1.6 (2014-11-11)
==================
* Removed proxy configuration.
* Fixed supervisor config: nginx didn't stop.
* nginx is started as supervisor service.
0.1.5 (2014-10-27)
==================
* disabled SSLv3 (poodle attack)
0.1.4 (2014-10-21)
==================
* Updated docs.
* Fixed pyOpenSSL dependency.
0.1.3 (2014-08-26)
==================
* Fixed proxy config for wpsoutputs.
* Using proxy-enabled buildout option.
* options master and superuser_enabled added.
0.1.2 (2014-08-01)
==================
* Updated documentation.
0.1.1 (2014-07-24)
==================
* Added start-stop script for nginx.
* Generates self-signed certificate for https.
0.1.0 (2014-07-10)
==================
Initial Release.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for birdhousebuilder.recipe.nginx-0.3.7.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8912e42ac8fae5f6f65793e5d4fb7180ce8e0e7660a06aa7386bfb407501c949 |
|
MD5 | e9bd068ec2f21de37d4d039c0dec9110 |
|
BLAKE2b-256 | b6530d0ba2ac145391a73f15b53fae5c29a998951bdd86286ac5f96d4c860b9e |