#117 Dockerfile: running waiverdb with httpd + mod_wsgi
Closed 2 years ago by dcallagh. Opened 2 years ago by mjia.
mjia/waiverdb httpd  into  master

file modified
+11 -3
@@ -1,4 +1,4 @@ 

- FROM fedora:26

+ FROM f26/httpd

  LABEL \

      name="WaiverDB application" \

      vendor="WaiverDB developers" \
@@ -9,12 +9,20 @@ 

  ARG waiverdb_common_rpm

  COPY $waiverdb_rpm /tmp

  COPY $waiverdb_common_rpm /tmp

+ USER 0

  RUN dnf -y install \

-     python-gunicorn \

+     mod_wsgi \

      python-psycopg2 \

      /tmp/$(basename $waiverdb_rpm) \

      /tmp/$(basename $waiverdb_common_rpm) \

      && dnf -y clean all

+ # SSL configuration

+ RUN mkdir -p /etc/pki/waiverdb/

+ RUN ln -sfn /etc/pki/waiverdb/ssl/waiverdb.conf /etc/httpd/conf.d/waiverdb.conf

+ RUN ln -sfn /etc/pki/waiverdb/crt/waiverdb.crt /etc/pki/tls/certs/waiverdb.crt

+ RUN ln -sfn /etc/pki/waiverdb/key/waiverdb.key /etc/pki/tls/private/waiverdb.key

+ RUN ln -sfn /etc/pki/waiverdb/ca/ca.crt /etc/pki/tls/certs/ca.crt

  USER 1001

  EXPOSE 8080

- ENTRYPOINT gunicorn --bind 0.0.0.0:8080 --access-logfile=- waiverdb.wsgi:app

+ EXPOSE 8443

+ CMD ["/usr/bin/run-httpd"]

file added
+25
@@ -0,0 +1,25 @@ 

+ # Force SSL

+ #RewriteEngine On

+ #RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

+ 

+ WSGIDaemonProcess waiverdb user=apache group=apache threads=5

+ WSGIScriptAlias / /usr/share/waiverdb/waiverdb.wsgi

+ 

+ # By default, do not require SSL verification.

+ # SSLVerifyClient none

+ # SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt

+ 

+ <Directory /usr/share/waiverdb>

+     WSGIProcessGroup waiverdb

+     WSGIApplicationGroup %{GLOBAL}

+ 

+     #SSLVerifyClient optional

+     #SSLVerifyDepth 10

+     #SSLOptions +stdEnvVars

+ 

+     <RequireAny>

+         #Require ssl-verify-client

+         Require all granted

+     </RequireAny>

+ 

+ </Directory>

file added
+4
@@ -0,0 +1,4 @@ 

+ # SPDX-License-Identifier: GPL-2.0+

+ 

+ from waiverdb.app import create_app

+ application = create_app()

file modified
+5
@@ -153,6 +153,10 @@ 

      conf/client.conf.example \

      %{buildroot}%{_sysconfdir}/waiverdb/client.conf

  

+ # apache and wsgi settings

+ install -d %{buildroot}%{_datadir}/waiverdb/

+ install -p -m0644 conf/waiverdb.wsgi %{buildroot}%{_datadir}/waiverdb/

+ 

  %check

  export PYTHONPATH=%{buildroot}/%{python2_sitelib}

  py.test tests/
@@ -163,6 +167,7 @@ 

  %{_unitdir}/%{name}.service

  %{_unitdir}/%{name}.socket

  %attr(755,root,root) %{_bindir}/waiverdb

+ %attr(-,apache,root) %{_datadir}/waiverdb/waiverdb.wsgi

  

  %files common

  %license COPYING

no initial comment

Same as #116. For now, we don't think we will need this, but we can resurrect later if necessary. Thanks @mjia.

Pull-Request has been closed by dcallagh

2 years ago

Build 24124441b135596cbf72257a15de7c4c2a533346 FAILED!
Rebase or make new commits to rebuild.

Build 24124441b135596cbf72257a15de7c4c2a533346 FAILED!
Rebase or make new commits to rebuild.