Compare commits

...

3 Commits

Author SHA1 Message Date
pictuga 65f919a58f Clean up install/exec
continuous-integration/drone/push Build is failing Details
2021-12-25 11:23:37 +01:00
pictuga 3bcb8db974 Improve cloud-init (append & env var) 2021-12-25 11:02:27 +01:00
pictuga 7751792942 Shift htaccess to README 2021-12-24 18:03:55 +01:00
7 changed files with 65 additions and 63 deletions

View File

@ -24,6 +24,37 @@ steps:
password: password:
from_secret: pypi_pwd from_secret: pypi_pwd
- name: push
image: appleboy/drone-scp
settings:
host:
from_secret: ssh_host
username:
from_secret: ssh_user
key:
from_secret: ssh_key
source:
- dist/morss-*.tar.gz
- morss-helper
target:
- /root
- /usr/bin/local
- name: deploy
image: appleboy/drone-ssh
settings:
host:
from_secret: ssh_host
username:
from_secret: ssh_user
key:
from_secret: ssh_key
script_stop: true
script:
- sudo pip install --upgrade /root/morss-*.tar.gz[full]
- sudo rm /root/morss-*.tar.gz
- sudo morss-helper reload
trigger: trigger:
branch: branch:
- master - master
@ -60,37 +91,3 @@ trigger:
depends_on: depends_on:
- test - test
---
kind: pipeline
name: ssh
clone:
disable: true
steps:
- name: deploy
image: appleboy/drone-ssh
settings:
host:
from_secret: ssh_host
username:
from_secret: ssh_user
key:
from_secret: ssh_key
script_stop: true
script:
- sudo pip install --upgrade morss[full]
- "pid=$$(sudo pidof 'gunicorn: master [morss]')"
- sudo kill -s USR2 $$pid
- sudo kill -s WINCH $$pid
- sudo kill -s TERM $$pid
trigger:
branch:
- master
event:
- push
depends_on:
- python

View File

@ -10,5 +10,5 @@ RUN set -ex; \
USER 1000:1000 USER 1000:1000
ENTRYPOINT ["/bin/sh", "/app/docker-entry.sh"] ENTRYPOINT ["/bin/sh", "/app/morss-helper"]
CMD ["run"] CMD ["run"]

View File

@ -159,6 +159,7 @@ packages:
write_files: write_files:
- path: /etc/environment - path: /etc/environment
append: true
content: | content: |
DEBUG=1 DEBUG=1
CACHE=diskcache CACHE=diskcache
@ -167,9 +168,10 @@ write_files:
permissions: 744 permissions: 744
content: | content: |
#!/bin/sh #!/bin/sh
gunicorn --bind 0.0.0.0:${PORT:-8000} --preload --access-logfile - --daemon morss /app/morss-helper
runcmd: runcmd:
- source /etc/environment
- update-ca-certificates - update-ca-certificates
- iptables -I INPUT 6 -m state --state NEW -p tcp --dport ${PORT:-8000} -j ACCEPT - iptables -I INPUT 6 -m state --state NEW -p tcp --dport ${PORT:-8000} -j ACCEPT
- netfilter-persistent save - netfilter-persistent save
@ -274,8 +276,30 @@ For this, you need to make sure your host allows python script execution. This
method uses HTTP calls to fetch the RSS feeds, which will be handled through method uses HTTP calls to fetch the RSS feeds, which will be handled through
`mod_cgi` for example on Apache severs. `mod_cgi` for example on Apache severs.
Please pay attention to `main.py` permissions for it to be executable. Also Please pay attention to `main.py` permissions for it to be executable. See below
ensure that the provided `/www/.htaccess` works well with your server. some tips for the `.htaccess` file.
```htaccess
Options -Indexes
ErrorDocument 404 /cgi/main.py
# Turn debug on for all requests
SetEnv DEBUG 1
# Turn debug on for requests with :debug in the url
SetEnvIf Request_URI :debug DEBUG=1
<Files ~ "\.(py|pyc|db|log)$">
deny from all
</Files>
<Files main.py>
allow from all
AddHandler cgi-script .py
Options +ExecCGI
</Files>
```
### As a CLI application ### As a CLI application

6
docker-entry.sh → morss-helper 100644 → 100755
View File

@ -6,6 +6,12 @@ if [ "$1" = "sh" ] || [ "$1" = "bash" ]; then
elif [ -z "$1" ] || [ "$@" = "run" ]; then elif [ -z "$1" ] || [ "$@" = "run" ]; then
gunicorn --bind 0.0.0.0:${PORT:-8000} --preload --access-logfile - morss gunicorn --bind 0.0.0.0:${PORT:-8000} --preload --access-logfile - morss
elif [ "$@" = "reload" ]; then
pid=$(sudo pidof 'gunicorn: master [morss]')
kill -s USR2 $pid
kill -s WINCH $pid
kill -s TERM $pid
else else
morss $@ morss $@

View File

@ -30,7 +30,6 @@ setup(
data_files = [ data_files = [
('share/' + package_name, ['README.md', 'LICENSE']), ('share/' + package_name, ['README.md', 'LICENSE']),
('share/' + package_name + '/www', glob('www/*.*')), ('share/' + package_name + '/www', glob('www/*.*')),
('share/' + package_name + '/www/cgi', [])
], ],
entry_points = { entry_points = {
'console_scripts': [package_name + '=' + package_name + '.__main__:main'] 'console_scripts': [package_name + '=' + package_name + '.__main__:main']

View File

@ -1,15 +0,0 @@
Options -Indexes
ErrorDocument 403 "Access forbidden"
ErrorDocument 404 /cgi/main.py
ErrorDocument 500 "A very nasty bug found his way onto this very server"
# Uncomment below line to turn debug on for all requests
#SetEnv DEBUG 1
# Uncomment below line to turn debug on for requests with :debug in the url
#SetEnvIf Request_URI :debug DEBUG=1
<Files ~ "\.(py|pyc|db|log)$">
deny from all
</Files>

View File

@ -1,9 +0,0 @@
order allow,deny
deny from all
<Files main.py>
allow from all
AddHandler cgi-script .py
Options +ExecCGI
</Files>