uWSGI + nginx + systemd

This chapter provides an example for configuring uWSGI, nginx, and systemd for a Pyramid application.

Below you can find an almost production ready configuration. "Almost" because some uwsgi parameters might need tweaking to fit your needs.

An example systemd configuration file is shown here:

 1# /etc/systemd/system/pyramid.service
 2
 3[Unit]
 4Description=pyramid app
 5
 6# Requirements
 7Requires=network.target
 8
 9# Dependency ordering
10After=network.target
11
12[Service]
13TimeoutStartSec=0
14RestartSec=10
15Restart=always
16
17# path to app
18WorkingDirectory=/opt/env/wiki
19# the user that you want to run app by
20User=app
21
22KillSignal=SIGQUIT
23Type=notify
24NotifyAccess=all
25
26# Main process
27ExecStart=/opt/env/bin/uwsgi --ini-paste-logged /opt/env/wiki/development.ini
28
29[Install]
30WantedBy=multi-user.target

注釈

In order to use the --ini-paste-logged parameter (and have logs from an application), PasteScript is required. To install, run:

pip install PasteScript

uWSGI can be configured in .ini files, for example:

1# development.ini
2# ...
3
4[uwsgi]
5socket = /tmp/pyramid.sock
6chmod-socket = 666
7protocol = http

Save the files and run the below commands to start the process:

systemctl enable pyramid.service
systemctl start pyramid.service

Verify that the file /tmp/pyramid.sock was created.

Here are a few useful commands:

systemctl restart pyramid.service # restarts app
journalctl -fu pyramid.service # tail logs

Next we need to configure a virtual host in nginx. Below is an example configuration:

 1# myapp.conf
 2
 3upstream pyramid {
 4    server unix:///tmp/pyramid.sock;
 5}
 6
 7server {
 8    listen 80;
 9
10    # optional ssl configuration
11
12    listen 443 ssl;
13    ssl_certificate /path/to/ssl/pem_file;
14    ssl_certificate_key /path/to/ssl/certificate_key;
15
16    # end of optional ssl configuration
17
18    server_name  example.com;
19
20    access_log  /opt/env/access.log;
21
22    location / {
23        proxy_set_header        Host $http_host;
24        proxy_set_header        X-Real-IP $remote_addr;
25        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
26        proxy_set_header        X-Forwarded-Proto $scheme;
27
28        client_max_body_size    10m;
29        client_body_buffer_size 128k;
30        proxy_connect_timeout   60s;
31        proxy_send_timeout      90s;
32        proxy_read_timeout      90s;
33        proxy_buffering         off;
34        proxy_temp_file_write_size 64k;
35        proxy_pass http://pyramid;
36        proxy_redirect          off;
37    }
38}

A better explanation for some of the above nginx directives can be found in the cookbook recipe nginx + pserve + supervisord.