|
@ -54,6 +54,74 @@ $ make offline # https://offline.voicegardens.org |
|
|
$ make voicegardens # https://voicegardens.org |
|
|
$ make voicegardens # https://voicegardens.org |
|
|
``` |
|
|
``` |
|
|
|
|
|
|
|
|
|
|
|
Here is an example Supervisor configuration: |
|
|
|
|
|
|
|
|
|
|
|
``` |
|
|
|
|
|
[group:voicegardens] |
|
|
|
|
|
programs=online,offline |
|
|
|
|
|
|
|
|
|
|
|
[program:online] |
|
|
|
|
|
directory=/var/www/voicegardens.org |
|
|
|
|
|
user=www-data |
|
|
|
|
|
autostart=true |
|
|
|
|
|
autorestart=true |
|
|
|
|
|
environment=PATH="/var/www/voicegardens.org/.venv/lib/python3.7/site-packages:%(ENV_PATH)s" |
|
|
|
|
|
command=/var/www/voicegardens.org/.venv/bin/gunicorn --workers 1 --bind 127.0.0.1:9090 voicegardens.server:app |
|
|
|
|
|
|
|
|
|
|
|
[program:offline] |
|
|
|
|
|
directory=/var/www/offline.voicegardens.org |
|
|
|
|
|
user=www-data |
|
|
|
|
|
autostart=true |
|
|
|
|
|
autorestart=true |
|
|
|
|
|
environment=PATH="/var/www/offline.voicegardens.org/.venv/lib/python3.7/site-packages:%(ENV_PATH)s" |
|
|
|
|
|
command=/var/www/offline.voicegardens.org/.venv/bin/gunicorn --workers 1 --bind 127.0.0.1:9091 voicegardens.server:app |
|
|
|
|
|
``` |
|
|
|
|
|
|
|
|
|
|
|
And an Nginx configuration (after running `cerbot --nginx -d voicegardens.org`): |
|
|
|
|
|
|
|
|
|
|
|
``` |
|
|
|
|
|
upstream voicegardens { |
|
|
|
|
|
server 127.0.0.1:9090; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
server { |
|
|
|
|
|
root /var/www/voicegardens.org; |
|
|
|
|
|
|
|
|
|
|
|
server_name voicegardens.org; # managed by Certbot |
|
|
|
|
|
|
|
|
|
|
|
location / { |
|
|
|
|
|
try_files $uri @proxy_to_app; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
location @proxy_to_app { |
|
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
|
|
|
|
proxy_set_header X-Forwarded-Proto $scheme; |
|
|
|
|
|
proxy_set_header Host $http_host; |
|
|
|
|
|
proxy_redirect off; |
|
|
|
|
|
proxy_pass http://voicegardens; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
listen [::]:443 ssl ipv6only=on; # managed by Certbot |
|
|
|
|
|
listen 443 ssl; # managed by Certbot |
|
|
|
|
|
ssl_certificate /etc/letsencrypt/live/voicegardens.org/fullchain.pem; # managed by Certbot |
|
|
|
|
|
ssl_certificate_key /etc/letsencrypt/live/voicegardens.org/privkey.pem; # managed by Certbot |
|
|
|
|
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
|
|
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
server { |
|
|
|
|
|
if ($host = voicegardens.org) { |
|
|
|
|
|
return 301 https://$host$request_uri; |
|
|
|
|
|
} # managed by Certbot |
|
|
|
|
|
|
|
|
|
|
|
listen 80 ; |
|
|
|
|
|
listen [::]:80 ; |
|
|
|
|
|
server_name voicegardens.org; |
|
|
|
|
|
return 404; # managed by Certbot |
|
|
|
|
|
} |
|
|
|
|
|
``` |
|
|
|
|
|
|
|
|
## Layers of the Onion |
|
|
## Layers of the Onion |
|
|
|
|
|
|
|
|
- [Flask](http://flask.palletsprojects.com/en/1.1.x/) |
|
|
- [Flask](http://flask.palletsprojects.com/en/1.1.x/) |
|
|