flask app

Die folgende Beschreibung nimmt Debian Bullseye als Grundlage.

flask

Installiere pip und erstelle venv:

root $ apt install python3-pip
$ mkdir flask-app
$ cd flask-app
$ python3 -m venv .venv
$ source .venv/bin/activate
(.venv) $ python -m pip install --upgrade pip
(.venv) $ python -m pip install flask

Erstelle hello world app: app.py

from flask import Flask

app = Flask(__name__)

@app.route("/")
def main():
    return "Hello world!"

if __name__ == "__main__":
    app.run()

gunicorn

Erstelle WSGI Einstiegpunkt: wsgi.py:

from app import app

if __name__ == "__main__":
    app.run()

Installiere gunicorn:

(.venv) $ python -m pip install gunicorn
(.venv) $ deactivate

Erstelle Systembenutzer gunicorn:

root $ adduser --system --home /var/www/gunicorn --ingroup www-data --disabled-password --shell /bin/bash gunicorn

/etc/systemd/system/gunicorn-flask-app.service:

[Unit]
Description=Flask Web Application Server using Gunicorn
After=network.target

[Service]
User=gunicorn
Group=www-data
WorkingDirectory=/var/www/gunicorn/flask-app
Environment="PATH=/var/www/gunicorn/flask-app/.venv/bin"
ExecStartPre=/usr/bin/mkdir -p -m 750 /tmp/gunicorn
ExecStart=/var/www/gunicorn/flask-app/.venv/bin/gunicorn -w 3 --bind unix:/tmp/gunicorn/flask-app.sock -m 007 wsgi:app
Restart=always

[Install]
WantedBy=multi-user.target

Kopiere das flask Projekt and aktiviere den Dienst:

root $ cp flask-app /var/www/gunicorn
root $ chown -R gunicorn:www-data /var/www/gunicorn/flask-app
root $ systemctl daemon-reload
root $ systemctl enable gunicorn-flask-app
root $ systemctl start gunicorn-flask-app

nginx

Install nginx:

root $ apt install nginx

/etc/nginx/sites-available/gunicorn:

### gunicorn wsgi configuration

upstream app_server {
  # fail_timeout=0 means we always retry an upstream even if it failed
  # to return a good HTTP response

  # for UNIX domain socket setups
  server unix:/tmp/gunicorn/flask-app.sock fail_timeout=0;

  # for a TCP configuration
  # server 192.168.0.7:8000 fail_timeout=0;
}

server {
  # use 'listen 80 deferred;' for Linux
  # use 'listen 80 accept_filter=httpready;' for FreeBSD
  listen 80 deferred;
  client_max_body_size 4G;

  # set the correct host(s) for your site
  server_name _;

  keepalive_timeout 5;

  # path for static files
  root /var/www/html;

  # Add index.php to the list if you are using PHP
  index index.html index.htm index.nginx-debian.html;

  location / {
    # checks for static file, if not found proxy to app
    try_files $uri @proxy_to_app;
  }

  location @proxy_to_app {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    # we don't want nginx trying to do something clever with
    # redirects, we set the Host: header above already.
    proxy_redirect off;
    proxy_pass http://app_server;
  }

  location ~ /\.ht {
    deny all;
  }
  location ~ /\.venv {
    deny all;
  }
}

Enable site:

root $ cd /etc/nginx/sites-enabled
root $ rm default
root $ ln -s /etc/nginx/sites-available/gunicorn gunicorn 
root $ systemctl reload nginx

© 2001 - 2024 Frank Remetter