Annotation Database Deployment: Difference between revisions
(Add switches.) |
No edit summary |
||
| Line 1: | Line 1: | ||
= Installation = | |||
The database, utilities and website are all stored in the same [https://gitlab.com/rskelly/msea-rov-db git repository], which is checked out on the server machine and deployed using a single script, [https://gitlab.com/rskelly/msea-rov-db/-/blob/main/app/server_config/install.sh install.sh]. The script is run | The database, utilities and website are all stored in the same [https://gitlab.com/rskelly/msea-rov-db git repository], which is checked out on the server machine and deployed using a single script, [https://gitlab.com/rskelly/msea-rov-db/-/blob/main/app/server_config/install.sh install.sh]. The script is run | ||
from the command line | from the command line, at which point it will prompt the user to type <code>stage</code> or <code>prod</code>. If the former, the application is deployed to the staging environment; if the latter, it is deployed to the production environment. | ||
Two switches are available: | Two switches are available: | ||
* <code>-v</code> will recompile the Vue code. | * <code>-v</code> will recompile and install the Vue code. | ||
* <code>-r</code> will reinstall the Python libraries required by the application. | * <code>-r</code> will reinstall the Python libraries required by the application. | ||
If neither of these steps are required, the installation can be run without them. This is appropriate when only the backend code has been updated. | If neither of these steps are required, the installation can be run without them. This is appropriate when only the backend code has been updated. | ||
The database is not automatically updated by the install script. To deploy the database, follow the instructions on the [[Annotation_Database#Database_Upgrades|Annotation Database]] page. | The database is not automatically updated by the install script. To deploy the database, follow the instructions on the [[Annotation_Database#Database_Upgrades|Annotation Database]] page. | ||
== NginxConfiguration == | |||
The server uses [https://en.wikipedia.org/wiki/Nginx Nginx] to proxy requests to other services, such as the Django applications, tile server and this Wiki. It also loads the default and error pages when necessary. | |||
=== IP Filtering === | |||
Because the site is not open to the public, we need an IP filtering block that will be loaded into each location in the server. This is included by the main configuration file, below. The file is called [https://gitlab.com/rskelly/msea-rov-db/-/blob/main/app/server_config/ipfilter.nginx ipfilter.nginx]. | |||
=== Server, Location Configurations === | |||
This is the main server configuration file, called [https://gitlab.com/rskelly/msea-rov-db/-/blob/main/app/server_config/msea.nginx msea.nginx]. There is a similar file for the staging server, and a further configuration for the Wiki site at [https://gitlab.com/rskelly/msea-rov-db/-/blob/main/app/server_config/wiki.nginx wiki.nginx]. | |||
== Tile Server Configuration == | |||
The tile server runs on an Apache instance and receives requests from Nginx. The tile server configuration is described [[Tile Server|here]]. | |||
== uWSGI Configuration == | |||
The Django application is served by the [https://en.wikipedia.org/wiki/UWSGI uWSGI] application server, receiving proxied requests through Nginx. | |||
The configuration file, [https://gitlab.com/rskelly/msea-rov-db/-/blob/main/app/server_config/msea_uwsgi.ini msea_uwsgi.ini], provides the location of a virtual environment (<code>.venv</code>), and environment variables, in particular the location of the application settings object. The socket through which Nginx communicates with uWSGI and the user under which it runs are also given. There is a similar file for the staging site. | |||
== Python Requirements == | |||
The [https://gitlab.com/rskelly/msea-rov-db/-/blob/main/app/server_config/requirements_debian.txt requirements] file is used by the install script to configure the virtual environment used by uWSGI to serve the application. This file is output by [https://pip-python3.readthedocs.io/en/stable/reference/pip_freeze.html pip freeze]. | |||
== Firewall Configuration == | |||
A script, [https://gitlab.com/rskelly/msea-rov-db/-/blob/main/app/server_config/ufw.sh ufw.sh] is run by the install script to reconfigure the firewall so that only necessary services are available to the world. | |||
The exclusion of IPs external to DFO is not performed by the firewall because some services must be available to external users. | |||
Revision as of 22:40, 15 February 2024
Installation
The database, utilities and website are all stored in the same git repository, which is checked out on the server machine and deployed using a single script, install.sh. The script is run
from the command line, at which point it will prompt the user to type stage or prod. If the former, the application is deployed to the staging environment; if the latter, it is deployed to the production environment.
Two switches are available:
-vwill recompile and install the Vue code.-rwill reinstall the Python libraries required by the application.
If neither of these steps are required, the installation can be run without them. This is appropriate when only the backend code has been updated.
The database is not automatically updated by the install script. To deploy the database, follow the instructions on the Annotation Database page.
NginxConfiguration
The server uses Nginx to proxy requests to other services, such as the Django applications, tile server and this Wiki. It also loads the default and error pages when necessary.
IP Filtering
Because the site is not open to the public, we need an IP filtering block that will be loaded into each location in the server. This is included by the main configuration file, below. The file is called ipfilter.nginx.
Server, Location Configurations
This is the main server configuration file, called msea.nginx. There is a similar file for the staging server, and a further configuration for the Wiki site at wiki.nginx.
Tile Server Configuration
The tile server runs on an Apache instance and receives requests from Nginx. The tile server configuration is described here.
uWSGI Configuration
The Django application is served by the uWSGI application server, receiving proxied requests through Nginx.
The configuration file, msea_uwsgi.ini, provides the location of a virtual environment (.venv), and environment variables, in particular the location of the application settings object. The socket through which Nginx communicates with uWSGI and the user under which it runs are also given. There is a similar file for the staging site.
Python Requirements
The requirements file is used by the install script to configure the virtual environment used by uWSGI to serve the application. This file is output by pip freeze.
Firewall Configuration
A script, ufw.sh is run by the install script to reconfigure the firewall so that only necessary services are available to the world.
The exclusion of IPs external to DFO is not performed by the firewall because some services must be available to external users.