linuxonazure

apache apache-python apache-secure autofs btrfs cdn-django couchdb create delete dhcp dns-bind dns-unbound dotnetcore elasticsearch elasticsearch-secure elasticsearch-secure-nodes hypervcreate iscsi lvm-ext4 lvm-ext4-snapshot lvm-striping lvm-xfs mariadb mongodb mongodb-secure multi nfs nfs4 ntp openldap postfix public-private pxe python-uwsgi-nginx quota quota-xfs raid-crypto-lvm readme redeploy redis samba samba-azure secure-sshd simple simple-managed-disks squid vsftpd

python-uwsgi-nginx/install.sh

raw link view readme
1
2 yum install policycoreutils-python -y
3 semanage fcontext -at httpd_sys_rw_content_t "/srv/webapi(/.*)?"
4 semanage fcontext -at httpd_sys_content_t "/srv/common(/.*)?"
5
6 yum install firewalld -y
7 systemctl start firewalld
8 systemctl enable firewalld
9 firewall-cmd --permanent --zone=public --add-interface=eth0
10 firewall-cmd --permanent --add-service=http --add-service=https --zone=public
11 firewall-cmd --reload
12
13 # Just for testing...
14
15 mkdir /srv/common
16 cat > /srv/common/robots.txt << EOF
17 User-agent: ia_archiver
18 Disallow: /
19 EOF
20
21 # UWSGI
22
23 yum install uwsgi uwsgi-plugin-python3 -y
24
25 chown -R nobody:uwsgi /etc/uwsgi.d
26 chmod -R g+s /etc/uwsgi.d
27
28 cat > /etc/uwsgi.d/webapi.ini << EOF
29 [uwsgi]
30 project = content
31 base = /srv/webapi/content
32 virtualenv = /srv/webapi
33
34 chdir = %(base)
35 home = %(virtualenv)
36 module = app:webapi_start
37
38 master = true
39 processes = 5
40
41 socket = %(base)/%(project).sock
42 chmod-socket = 660
43 uid = uwsgi
44 gid = uwsgi
45 vacuum = true
46
47 plugins = python3
48 EOF
49
50 # App
51
52 yum install python34 python-pip -y 2> /dev/null
53 yum install git -y
54 pip install --upgrade pip
55 pip install --upgrade virtualenv
56 cd /srv
57 virtualenv -p python3 webapi
58 chmod -R 2750 /srv/webapi
59 setfacl -m d:o:--- /srv/webapi
60 cd /srv/webapi
61 source bin/activate
62 git clone https://github.com/davidbetz/pywebapi content
63 cd /srv/webapi/content
64 pip install -r requirements.txt
65 deactivate
66
67 chown -R nobody:uwsgi /srv/webapi
68 restorecon -R /srv
69
70 #Nginx
71
72 cat > /etc/yum.repos.d/nginx.repo << EOF
73 [nginx]
74 name=nginx repo
75 baseurl=http://nginx.org/packages/mainline/centos/\$releasever/\$basearch/
76 gpgcheck=0
77 enabled=1
78 EOF
79
80 yum install -y nginx
81
82 export PUBLIC_IP=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
83
84 mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.disabled
85 cat > /etc/nginx/conf.d/webapi.conf << EOF
86 server {
87 listen $PUBLIC_IP:80;
88
89 location /robots.txt {
90 alias /srv/common/robots.txt;
91 }
92
93 location / {
94 include uwsgi_params;
95 uwsgi_pass unix:/srv/webapi/content/content.sock;
96
97 proxy_redirect off;
98 proxy_set_header Host \$host;
99 proxy_set_header X-Real-IP \$remote_addr;
100 proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
101 proxy_set_header X-Forwarded-Host \$server_name;
102 }
103 }
104 EOF
105
106 usermod nginx -aG uwsgi
107
108 systemctl start uwsgi
109 systemctl enable uwsgi
110
111 systemctl start nginx
112 systemctl enable nginx
113
114 # Test
115
116 curl $PUBLIC_IP/robots.txt
117 curl $PUBLIC_IP/item/1
118
apache apache-python apache-secure autofs btrfs cdn-django couchdb create delete dhcp dns-bind dns-unbound dotnetcore elasticsearch elasticsearch-secure elasticsearch-secure-nodes hypervcreate iscsi lvm-ext4 lvm-ext4-snapshot lvm-striping lvm-xfs mariadb mongodb mongodb-secure multi nfs nfs4 ntp openldap postfix public-private pxe python-uwsgi-nginx quota quota-xfs raid-crypto-lvm readme redeploy redis samba samba-azure secure-sshd simple simple-managed-disks squid vsftpd