add uwsgi for web docs

kevoreilly · Aug 28, 2022 · 44387ea · 44387ea
1 parent 3bf885d
commit 44387ea
Show file tree

Hide file tree

Showing 2 changed files with 59 additions and 3 deletions.
diff --git a/docs/book/src/usage/interactive_desktop.rst b/docs/book/src/usage/interactive_desktop.rst
@@ -23,9 +23,9 @@ New services added::
 Web server configuration
 ========================
 
-Enable and configure ``guacamole`` in ``conf/web.conf`` and restart ``cape-web.service``::
+Enable and configure ``guacamole`` in ``conf/web.conf`` and restart ``cape-web.service`` and ``guacd.service``::
 
-    $ systemctl restart cape-web
+    $ systemctl restart cape-web guacd.service
 
 In case you using ``NGINX``, you need to configure it, to be able to use interactive mode, Example config.
 
@@ -39,6 +39,10 @@ In case you using ``NGINX``, you need to configure it, to be able to use interac
         # CAPE
         server 127.0.0.1:8000;
     }
+    upstream nodeserver2 {
+        # guac-session
+        server 127.0.0.1:8008;
+    }
     server {
         listen <YOUR_DESIRED_IP>;
         client_max_body_size 101M;
@@ -53,7 +57,7 @@ In case you using ``NGINX``, you need to configure it, to be able to use interac
             alias /opt/CAPEv2/web/static/;
         }
         location /guac {
-            proxy_pass http://nodeserver1;
+            proxy_pass http://nodeserver2;
             proxy_set_header Host $host;
             proxy_set_header X-Real-IP $remote_addr;
             proxy_buffering off;

diff --git a/docs/book/src/usage/web.rst b/docs/book/src/usage/web.rst
@@ -93,6 +93,58 @@ To get rid of many bots/scrappers so we suggest deploying this amazing project `
 .. _`ReCaptcha`: https://www.google.com/recaptcha/admin/
 
 
+Best practices for production
+=============================
+We suggest to use ``uwsgi/gunicorn`` + ``NGINX``.
+
+`UWSGI documentation`_
+
+Instalation::
+
+    # nginx is optional
+    # sudo apt-get install uwsgi uwsgi-plugin-python nginx
+
+To enable ``uwsgi`` create ``/etc/uwsgi/apps-enabled/cape.ini``:
+
+.. code-block:: python
+
+    [uwsgi]
+    lazy-apps = True
+    vacuum = True
+    ; if using with NGINX
+    ;http-socket = 127.0.0.1:8000
+    ; if standalone
+    http-socket = 0.0.0.0:8000
+    static-map = /static=/opt/CAPEv2/web/static
+    plugins = python38
+    callable = application
+    chdir = /opt/CAPEv2/web
+    file = web/wsgi.py
+    env = DJANGO_SETTINGS_MODULE=web.settings
+    uid = cape
+    gid = cape
+    enable-threads = true
+    master = true
+    processes = 10
+    workers = 10
+    ;max-requests = 300
+    manage-script-name = true
+    ;disable-logging = True
+    listen = 2056
+    ;harakiri = 30
+    hunder-lock = True
+    #max-worker-lifetime = 30
+    ;Some files found in this directory are processed by uWSGI init.d script as
+    ;uWSGI configuration files.
+
+
+.. _`UWSGI documentation`: https://uwsgi-docs.readthedocs.io/en/latest/
+
+Start uwsgi with::
+
+    $ systemctl restart uwsgi
+
+
 Some extra security TIP(s)
 ==========================
 * `ModSecurity tutorial`_ - rejects requests