Chaos Parcel Serivce: Backend
Deployment
This assumes you run the code as user www-data
Do not checkout this code as the same user.
checkout the code (main branch for production)
cd into the directory
mkdir instance
chown www-data:www-data instancecreate a file .env with content
# the database location relative to the repository root
database_url = "sqlite:///instance/paketshop.db"
# the url for the customer frontend (the people sending parcels)
customer_url = "https://bgp.events.ccc.de"
# the url this app will be run under
backend_url = "https://backend.bgp.events.ccc.de"
# the url for the people handling the parcels
worker_url = "https://intern.bgp.events.ccc.de"
# a shared secret for the workers
shared_secret = "{{ bgp_secrets.shared_secret }}"
# a deployment wide secret key.
# can be created with:
# python3 -c 'import os; print(os.urandom(16).hex())'
signing_key = "{{ bgp_secrets.signing_key }}"
# how long workers are logged in.
token_lifetime = "180"create a venv and install requirements:
python -m venv venv
. venv/bin/activate
pip install -r requirements.txtWe suggest to use gunicorn to server the python app, so install it
pip install gunicorncreate a runtime directory to allow the webserver to forward calls to
mdkir /run/bgp
chown www-data:www-data /run/bgpcreate a systemd service file to serve the app:
[Unit]
Description=Gunicorn instance to serve bgp backend fastapi app
After=network.target
[Service]
User=www-data
Group=www-data
WorkingDirectory=/srv/backend
ExecStart=/srv/backend/venv/bin/gunicorn -k uvicorn.workers.UvicornWorker --bind unix:/run/bgp/socket backend.main:app
[Install]
WantedBy=multi-user.target