-
Notifications
You must be signed in to change notification settings - Fork 1
Advanced Configuration
As fiduswriter runs in a python instance, the instance needs to be activated before starting the server. This can be done with a boot script. Some methods of accomplishing this on different operating systems are shown below:
Startup scripts in Debian are stored in /etc/init.d/ (at least until the change systemd in the next version of Debian). To create a fiduswriter startup script, the following minimal script can be created, but it's a bit of a kludge (and is currently broken). Really we should be using a python startup daemon,
- see more info here
- and here
- (as root) make a new file called /etc/init.d/fiduswriter:
#! /bin/sh
### BEGIN INIT INFO
# Provides: fiduswriter
# Required-Start: $remote_fs
# Required-Stop: $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: fiduswriter boot
# Description: Fidus Writer is an online collaborative editor for academics with a web front end
### END INIT INFO
# Author: Johannes Wilm
#
# PATH
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="Fidus Writer"
NAME=fiduswriter
HOME=/var/www/fiduswriter
#
case "$1" in
# Start
start)
source $HOME/fiduswriter-venv/bin/activate
python $HOME/manage.py runserver &
;;
# Stop
stop)
# how do we stop fiduswriter?
;;
*)
echo "Usage: /etc/init.d/blah {start|stop}"
exit 1
;;
esac
exit 0
- chmod 755 fiduswriter
- update-rc.d fiduswriter defaults
Running fiduswriter locally is good for testing but for deployment it's often desirable to put a service behind a proxy. There are various ways of doing this but the aim is similar, to turn the link:
http://localhost:8000
into something like:
https://fiduswriter.mydomain.com
You'll notice that in this example, the http has changed to https, giving an encrypted connection and that the address is internet accessible whereas before it was only accessible to the local computer (or subnet in some cases). It is very useful to have your proxy encrypt the connection to stop passwords being sent in the clear. Also notice that the port has changed from :8000 to :443 (this is implicit as https is over port 443. This change is also important as it allows hosts behind firewalls to more easily access your site.
To run a proxy, we use the Proxypass and ProxypassReverse Syntax in Apache2.
Let's say that fiduswriter is running on http://localhost:8000.
To proxy, we would use the following virtualhost settings in Apache2 (example for SSL encryption given, if you only want http protocol then replace *:443 with *:80 and leave out the SSL config variables):
<VirtualHost *:443>
ServerName fiduswriter.mydomain.com
SSLProxyEngine On
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
# Fiduswriter
ProxyPass / http://localhost:8000/
ProxyPassReverse / http://localhost:8000/
</VirtualHost>
Now your site will be accessible from https://fiduswriter.mydomain.com, assuming that you have configured your firewall and DNS correctly. You will probably need an SSL certificate (StartSSL has them for free) so that your users are not bugged by browser warnings.
It should also be possible to proxy fiduswriter as a subdirectory, rather than a subdomain. In this case you'd use something like this (not fully working, image links broken with following config).
<VirtualHost *:443>
ServerName mydomain.com
... # SSL stuff
# Fiduswriter
ProxyPass /fiduswriter/ http://localhost:8000/
ProxyPassReverse /fiduswriter/ http://localhost:8000/
RedirectMatch permanent ^/fiduswriter$ /fiduswriter/
RewriteRule ^/fiduswriter/(images|javascripts|stylesheets)(.*) /fiduswriter/$1$2
</Virtualhost>