183 lines
5.8 KiB
Bash
183 lines
5.8 KiB
Bash
#!/bin/bash
|
|
|
|
#---------------------------------------------------------
|
|
# Script Install Tryton uswgi for Home Intance
|
|
# --------------------------------------------------------
|
|
|
|
|
|
#---------------------------------------------------------
|
|
# Fill this variables before run script #
|
|
#
|
|
domain=domain #
|
|
port=8000 #
|
|
user=psk #
|
|
# #
|
|
#---------------------------------------------------------
|
|
|
|
|
|
if ! [ -x "$(command -v nginx)" ]; then
|
|
sudo apt update
|
|
sudo apt -y install nginx
|
|
>&2
|
|
echo "nginx is installed"
|
|
fi
|
|
|
|
mkdir /etc/uwsgi
|
|
mkdir /etc/uwsgi/vassals
|
|
file_location=/etc/uwsgi/vassals/trytond.ini
|
|
if [ -f "$file_location" ]; then
|
|
echo "File $file_location already exists!"
|
|
else
|
|
cat > $file_location <<EOF
|
|
[uwsgi]
|
|
master = True # start in master mode
|
|
#http = :${port} # bind to port ${port}
|
|
socket = /var/run/uwsgi/trytond.sock
|
|
workers = 4 # run 4 worker processes
|
|
enable-threads = true
|
|
# gid
|
|
gid = www-data
|
|
# uid
|
|
uid = www-data
|
|
|
|
|
|
virtualenv = /home/${user}/.virtualenvs/tryton60
|
|
env = TRYTOND_CONFIG=/home/${user}/.trytond/trytond.conf
|
|
module = trytond.application:app
|
|
chmod-socket = 777
|
|
procname = TrytodServer
|
|
vacuum = true
|
|
die-on-term = true
|
|
|
|
single-interpreter = true
|
|
die-on-term = true ; Shutdown when receiving SIGTERM (default is respawn)
|
|
need-app = true
|
|
|
|
disable-logging = true ; Disable built-in logging
|
|
log-4xx = true ; but log 4xx's anyway
|
|
log-5xx = true ; and 5xx's
|
|
|
|
harakiri = 900 ; forcefully kill workers after 60 seconds
|
|
py-callos-afterfork = true ; allow workers to trap signals
|
|
|
|
max-requests = 1000 ; Restart workers after this many requests
|
|
max-worker-lifetime = 3600 ; Restart workers after this many seconds
|
|
reload-on-rss = 2048 ; Restart workers after this much resident memory
|
|
worker-reload-mercy = 60 ; How long to wait before forcefully killing workers
|
|
|
|
cheaper-algo = busyness
|
|
processes = 128 ; Maximum number of workers allowed
|
|
cheaper = 8 ; Minimum number of workers allowed
|
|
cheaper-initial = 16 ; Workers created at startup
|
|
cheaper-overload = 1 ; Length of a cycle in seconds
|
|
cheaper-step = 16 ; How many workers to spawn at a time
|
|
|
|
cheaper-busyness-multiplier = 30 ; How many cycles to wait before killing workers
|
|
cheaper-busyness-min = 20 ; Below this threshold, kill workers (if stable for multiplier cycles)
|
|
cheaper-busyness-max = 70 ; Above this threshold, spawn new workers
|
|
cheaper-busyness-backlog-alert = 16 ; Spawn emergency workers if more than this many requests are waiting in the queue
|
|
cheaper-busyness-backlog-step = 2 ; How many emergency workers to create if there are too many requests in the queue
|
|
|
|
EOF
|
|
fi
|
|
|
|
file_location2=/etc/systemd/system/uwtrytond.service
|
|
if [ -f "$file_location2" ]; then
|
|
echo "File $file_location2 already exists!"
|
|
else
|
|
cat > $file_location2 <<EOF
|
|
# Script Tryton Server Presik Technologies
|
|
|
|
[Unit]
|
|
Description=uWSGI Trytond Server
|
|
After=syslog.target
|
|
|
|
[Service]
|
|
User=${user}
|
|
ExecStart=/home/${user}/.virtualenvs/tryton60/bin/uwsgi --ini /etc/uwsgi/vassals/trytond.ini
|
|
# Requires systemd version 211 or newer
|
|
RuntimeDirectory=uwsgi
|
|
#Restart=always
|
|
KillSignal=SIGQUIT
|
|
Type=notify
|
|
StandardError=syslog
|
|
NotifyAccess=all
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
|
|
EOF
|
|
fi
|
|
|
|
|
|
file_location3=/etc/nginx/sites-available/trytond
|
|
if [ -f "$file_location3" ]; then
|
|
echo "File $file_location3 already exists!"
|
|
else
|
|
cat > $file_location3 <<EOF
|
|
upstream trytond {
|
|
server unix:/var/run/uwsgi/trytond.sock; # for a file socket
|
|
}
|
|
|
|
# configuration of the server
|
|
server {
|
|
# the port your site will be served on
|
|
listen ${port};
|
|
# the domain name it will serve for
|
|
server_name ${domain}; # substitute your machine's IP address or FQDN
|
|
|
|
access_log /var/log/nginx/${domain}_access.log;
|
|
error_log /var/log/nginx/${domain}_error.log;
|
|
|
|
# max upload size
|
|
client_max_body_size 2048M; # adjust to taste
|
|
|
|
#location /static {
|
|
# alias /<path_to>/static; # your Django project's static files - amend as required
|
|
#}
|
|
|
|
error_page 497 301 =307 https://${domain}:${port}$request_uri;
|
|
|
|
# Finally, send all non-media requests.
|
|
location / {
|
|
add_header 'Access-Control-Allow-Origin' '*';
|
|
include uwsgi_params; # the uwsgi_params file you installed
|
|
uwsgi_param REMOTE_USER '$remote_user';
|
|
uwsgi_param DATE_GMT '$date_gmt';
|
|
uwsgi_param DATE_LOCAL '$date_local';
|
|
uwsgi_param AUTH_TYPE Basic;
|
|
uwsgi_read_timeout 600s;
|
|
uwsgi_pass trytond;
|
|
}
|
|
|
|
location /status_server {
|
|
stub_status on;
|
|
allow 127.0.0.1;
|
|
deny all;
|
|
}
|
|
|
|
listen [::]:${port} ssl ipv6only=on; # managed by Certbot
|
|
listen ${port} ssl; # managed by Certbot
|
|
ssl_certificate /etc/letsencrypt/live/${domain}/fullchain.pem; # managed by Certbot
|
|
ssl_certificate_key /etc/letsencrypt/live/${domain}/privkey.pem; # managed by Certbot
|
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
|
#ssl_ciphers HIGH:!aNULL:!MD5;
|
|
|
|
}
|
|
|
|
|
|
EOF
|
|
fi
|
|
|
|
ln -s /etc/nginx/sites-available/trytond /etc/nginx/sites-enabled/
|
|
|
|
ufw allow 'Nginx Full'
|
|
ufw allow 8000
|
|
ufw reload
|
|
systemctl enable uwtrytond.service
|
|
systemctl start uwtrytond.service
|
|
systemctl stop nginx
|
|
systemctl start nginx
|