Update README and service configuration for Gunicorn usage and permissions
This commit is contained in:
26
README.md
26
README.md
@@ -20,7 +20,7 @@ The repository contains a Flask-based API proxy that allows Omada controller to
|
|||||||
On an Ubuntu/Debian system, you can install the required packages using apt:
|
On an Ubuntu/Debian system, you can install the required packages using apt:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo apt install -y python3 python3-dotenv python3-flask python3-flask-httpauth python3-requests
|
sudo apt install -y python3 python3-dotenv python3-flask python3-flask-httpauth python3-requests gunicorn
|
||||||
```
|
```
|
||||||
|
|
||||||
Copy the `app.py` file to your desired location, and run it using Python:
|
Copy the `app.py` file to your desired location, and run it using Python:
|
||||||
@@ -29,6 +29,12 @@ Copy the `app.py` file to your desired location, and run it using Python:
|
|||||||
flask run app.py
|
flask run app.py
|
||||||
```
|
```
|
||||||
|
|
||||||
|
or use Gunicorn for production:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
gunicorn --bind 0.0.0.0:8080 app:app
|
||||||
|
```
|
||||||
|
|
||||||
## Self-Signed SSL Certificate (Optional)
|
## Self-Signed SSL Certificate (Optional)
|
||||||
|
|
||||||
To run the Flask app with HTTPS, you can create a self-signed SSL certificate:
|
To run the Flask app with HTTPS, you can create a self-signed SSL certificate:
|
||||||
@@ -42,3 +48,21 @@ Then run the Flask app with SSL context:
|
|||||||
```bash
|
```bash
|
||||||
flask run --cert=cert.pem --key=key.pem
|
flask run --cert=cert.pem --key=key.pem
|
||||||
```
|
```
|
||||||
|
|
||||||
|
To use the Mail In A Box server's SSL certificate, use the following files:
|
||||||
|
|
||||||
|
- certificate: `/miab-data/ssl/ssl_certificate.pem`
|
||||||
|
- private key: `/miab-data/ssl/ssl_private_key.pem`
|
||||||
|
|
||||||
|
> **Note:** You have to run the web server as root to access the private key file.
|
||||||
|
|
||||||
|
## Service Installation
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo mkdir -p /opt/dns-updater
|
||||||
|
sudo cp app.py /opt/dns-updater/
|
||||||
|
sudo cp dns-updater.service /etc/systemd/system/
|
||||||
|
sudo systemctl daemon-reload
|
||||||
|
sudo systemctl enable --now dns-updater.service
|
||||||
|
sudo systemctl status dns-updater.service
|
||||||
|
```
|
||||||
|
|||||||
@@ -7,8 +7,7 @@ User=root
|
|||||||
Group=root
|
Group=root
|
||||||
WorkingDirectory=/opt/dns-updater
|
WorkingDirectory=/opt/dns-updater
|
||||||
Environment="MIAB_HOST=box.koszewscy.waw.pl"
|
Environment="MIAB_HOST=box.koszewscy.waw.pl"
|
||||||
Environment="STORAGE_ROOT=/miab-data"
|
ExecStart=/usr/bin/gunicorn --workers 4 --bind 0.0.0.0:8443 --certfile="/miab-data/ssl/ssl_certificate.pem" --keyfile="/miab-data/ssl/ssl_private_key.pem" app:app
|
||||||
ExecStart=/bin/sh -c '/usr/bin/gunicorn --workers 4 --bind 0.0.0.0:8443 --certfile="$STORAGE_ROOT/ssl/ssl_certificate.pem" --keyfile="$STORAGE_ROOT/ssl/ssl_private_key.pem" app:app'
|
|
||||||
Restart=always
|
Restart=always
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
|||||||
Reference in New Issue
Block a user