Skip to content
Snippets Groups Projects
Select Git revision
  • staging
  • main default protected
2 results
hanfi's avatar
Merge branch 'staging' into 'main'
hanfi authored 
added more docu

See merge request !9
dc258ef8
History
hanfi's avatar dc258ef8
History
Name Last commit Last update
backend
.flake8
.gitignore
.pre-commit-config.yaml
README.md
requirements-dev.txt
requirements.txt
README.md

Chaos Parcel Serivce: Backend

The backend is a simple FastAPI app (https://fastapi.tiangolo.com/) usign a sqlite database

Development

To test and develop, you can run it on your computer.

check the repo out and change your workign directory into the top level

create a virtual env

python -m venv venv

activate the virtual env

. venv/bin/activate

install required dependencies

pip install -r requirements.txt
pip install -r requirements-dev.txt

for development, use the uvicorn server

pip install uvicorn

now you can run the app

uvicorn backend.main:app --reload

It will use the default setting from backend/config.py
you can override settings using a .env file in the working directory

Deployment

This assumes you run the code as user www-data and the code is checked out at /srv/backend Do not checkout this code as the user ruining the code. the onyl requried writeable location is the database directory/file

checkout the code (main branch for production)
cd into the directory

mkdir instance
chown www-data:www-data instance

create a file .env with content

# the database location relative to the repository root
database_url = "sqlite:///instance/paketshop.db"
# the url for the customer frontend (the people sending parcels)
customer_url = "https://bgp.events.ccc.de"
# the url this app will be run under
backend_url = "https://backend.bgp.events.ccc.de"
# the url for the people handling the parcels
worker_url = "https://intern.bgp.events.ccc.de"
# a shared secret for the workers
shared_secret = "{{ bgp_secrets.shared_secret }}"
# a deployment wide secret key. 
# can be created with:
# python3 -c 'import os; print(os.urandom(16).hex())'
signing_key = "{{ bgp_secrets.signing_key }}"
# how long workers are logged in.
token_lifetime = "180"

create a venv and install requirements:

python -m venv venv
. venv/bin/activate
pip install -r requirements.txt

We suggest to use gunicorn to server the python app, so install it

pip install gunicorn

create a runtime directory to allow the webserver to forward calls to

mdkir /run/bgp
chown www-data:www-data /run/bgp

on production systems you may want to create a /etc/tmpfiles.d/bgp_backend.conf

d   /run/bgp/   0750 www-data www-data - -

to create the file on boot

create a systemd service file to serve the app in /etc/systemd/system/bgp_backend.service:

[Unit]
Description=Gunicorn instance to serve bgp backend fastapi app
After=network.target

[Service]
User=www-data
Group=www-data
WorkingDirectory=/srv/backend
ExecStart=/srv/backend/venv/bin/gunicorn -k uvicorn.workers.UvicornWorker --bind unix:/run/bgp/socket backend.main:app

[Install]
WantedBy=multi-user.target

now you can run the app

systemctl daemon-reload
systemctl start bgp_backend

in your webserver use the socket at /run/bgp/socket to connect the webserver to the app
on nginx the backend url would look like this:

unix:/run/bgp/socket

Impressum - Datenschutzerklärung