502 bad gateway debian + web2py + python3 + nginx

115 views

Skip to first unread message

Narulmon Tanarultakun

unread,

Jul 8, 2020, 6:22:34 PM7/8/20

to web2py-users

Hi all, I'm trying to learn how to use web2py, it's my first time using a framework to develop web apps,

I have to say it's being very hard to learn because all the documentation is very outdated. Now I'm trying to set up web2py to work with postrgerSQL and nginx on a fresh Debian 10 install.

Not sure how to do it properly since all the examples are for old linux distros that don't use systemd, I tried using the script that I found here:

https://github.com/motasmarcelo/setup-web2py-nginx-uwsgi-debian8

because it's the most recent I could find

But I modified it to use Python3 as follows:

#!/bin/bash


LOG_FILE=/tmp/setup-web2py.log

logged () {
    echo $(date +"%F_%T") $*  | tee -a $LOG_FILE
}

echo 'Setup-web2py-nginx-uwsgi-debian8.sh'
echo 'Requires Debian 8 (Jessie) and installs Nginx + uWSGI + Web2py'

# Check if user has root privileges
if [[ $EUID -ne 0 ]]; then
    logged "Aborting..."
    logged "You must run the script as root or using sudo"
    exit 1
fi

logged "Starting SETUP on $(date)"

# Get Web2py Application Name
echo -e "Web2py Application Name: \c "
read  APPNAME
echo

# Get Domain Name
echo -e "Enter app's domains names (Ex: www.example.com, example.com): \c "
read  DOMAINS
echo

# Get Web2py Admin Password
echo -e "Web2py Admin Password: \c "
read  PW


logged "[+]Updating system and installing needed software"
# Upgrade and install needed software
apt-get update
apt-get -y upgrade
apt-get -y autoremove
apt-get -y autoclean
echo "Installing nginx"
apt-get -y install nginx
echo "Installing uwsgi"
apt-get -y install uwsgi uwsgi-plugin-python3
apt-get -y install build-essential sudo python3-dev libxml2-dev unzip
echo


logged "[+]Configuring nginx's $APPNAME config at /etc/nginx/conf.d/$APPNAME"
# Create common nginx sections
mkdir /etc/nginx/conf.d/"$APPNAME"
echo '
gzip_static on;
gzip_http_version   1.1;
gzip_proxied        expired no-cache no-store private auth;
gzip_disable        "MSIE [1-6]\.";
gzip_vary           on;
' > /etc/nginx/conf.d/"$APPNAME"/gzip_static.conf
echo '
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
' > /etc/nginx/conf.d/"$APPNAME"/gzip.conf


# Create configuration file /etc/nginx/sites-available/"$APPNAME"
echo "server {
        listen          80;
        server_name     $DOMAINS;

        ###to enable correct use of response.static_version
        #location ~* ^/(\w+)/static(?:/_[\d]+\.[\d]+\.[\d]+)?/(.*)$ {
        #    alias /home/www-data/$APPNAME/applications/\$1/static/\$2;
        #    expires max;
        #}
        ###

        ###if you use something like myapp = dict(languages=['en', 'it', 'jp'], default_language='en') in your routes.py
        #location ~* ^/(\w+)/(en|it|jp)/static/(.*)$ {
        #    alias /home/www-data/$APPNAME/applications/\$1/;
        #    try_files static/\$2/\$3 static/\$3 = 404;
        #}
        ###

        location ~* ^/(\w+)/static/ {
            root /home/www-data/$APPNAME/applications/;
            #remove next comment on production
            #expires max;
            ### if you want to use pre-gzipped static files (recommended)
            ### check scripts/zip_static_files.py and remove the comments
            # include /etc/nginx/conf.d/$APPNAME/gzip_static.conf;
            ###
        }

        location / {
            uwsgi_pass      unix:///tmp/$APPNAME.socket;
            include         uwsgi_params;
            uwsgi_param     UWSGI_SCHEME \$scheme;
            uwsgi_param     SERVER_SOFTWARE    'nginx/\$nginx_version';

            ###remove the comments to turn on if you want gzip compression of your pages
            # include /etc/nginx/conf.d/$APPNAME/gzip.conf;
            ### end gzip section

            ### remove the comments if you use uploads (max 10 MB)
            #client_max_body_size 10m;
            ###
        }
}

server {
        listen 443 ssl spdy;
        server_name     $DOMAINS;

        ssl_certificate         /etc/nginx/ssl/$APPNAME.crt;
        ssl_certificate_key     /etc/nginx/ssl/$APPNAME.key;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:ssl_session_cache:1M;
        ssl_session_timeout 600m;
        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:EDH-RSA-DES-CBC3-SHA;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        keepalive_timeout    70;

        location / {
            uwsgi_pass      unix:///tmp/$APPNAME.socket;
            include         uwsgi_params;
            uwsgi_param     UWSGI_SCHEME \$scheme;
            uwsgi_param     SERVER_SOFTWARE    'nginx/\$nginx_version';
            ###remove the comments to turn on if you want gzip compression of your pages
            # include /etc/nginx/conf.d/$APPNAME/gzip.conf;
            ### end gzip section
            ### remove the comments if you want to enable uploads (max 10 MB)
            #client_max_body_size 10m;
            ###
        }
        ## if you serve static files through https, copy here the section
        ## from the previous server instance to manage static files

}" >/etc/nginx/sites-available/"$APPNAME"

#Link to sites-enabled (up)
ln -s /etc/nginx/sites-available/"$APPNAME" /etc/nginx/sites-enabled/"$APPNAME"
rm /etc/nginx/sites-enabled/default

logged "[+]Building SSL/TLS stuff"
#### Work on SSL stuff
mkdir /etc/nginx/ssl
cd /etc/nginx/ssl
# Create a temporary openssl conf
echo "
[ req ]
default_bits		= 2048
default_keyfile 	= privkey.pem
distinguished_name	= req_distinguished_name
string_mask = utf8only

[ req_distinguished_name ]
countryName			= Country Name (2 letter code)
countryName_default		= AU
countryName_min			= 2
countryName_max			= 2
stateOrProvinceName		= State or Province Name (full name)
stateOrProvinceName_default	= Some-State
localityName			= Locality Name (eg, city)
0.organizationName		= Organization Name (eg, company)
0.organizationName_default	= Internet Widgits Pty Ltd
organizationalUnitName		= Organizational Unit Name (eg, section)
commonName			= Common Name (e.g. server FQDN, your PRIMARY domain)
commonName_max			= 64
emailAddress			= Email Address
emailAddress_max		= 64

[ usr_cert ]
basicConstraints=CA:TRUE
keyUsage = digitalSignature, keyEncipherment, keyAgreement
extendedKeyUsage=serverAuth
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
" > /tmp/openssl.cnf

logged '[+]Creating a x509 certificate (2048 bits key-length and valid for 365 days) to run HTTPS'
openssl genrsa -out "$APPNAME".key 2048
chmod 400 "$APPNAME".key
openssl req -new -x509 -sha256 -days 365 -key "$APPNAME".key -config /tmp/openssl.cnf -extensions usr_cert -out "$APPNAME".crt
openssl x509 -noout -fingerprint -text -in "$APPNAME".crt > "$APPNAME".info
rm -rf /tmp/certificate.txt


logged "[+]Creating uwsgi configuration file /etc/uwsgi/apps-available/$APPNAME.ini"
####### Create configuration file /etc/uwsgi/"$APPNAME".ini
echo "[uwsgi]

socket = /tmp/$APPNAME.socket
pythonpath = /home/www-data/$APPNAME/
mount = /=wsgihandler:application
processes = 4
master = true
harakiri = 60
reload-mercy = 8
cpu-affinity = 1
stats = /tmp/$APPNAME.stats.socket
max-requests = 2000
limit-as = 512
reload-on-as = 256
reload-on-rss = 192
uid = www-data
gid = www-data
cron = 0 0 -1 -1 -1 python3 /home/www-data/$APPNAME/web2py.py -Q -S welcome -M -R scripts/sessions2trash.py -A -o
no-orphans = true
enable-threads = true
" >/etc/uwsgi/apps-available/"$APPNAME".ini
ln -s /etc/uwsgi/apps-available/"$APPNAME".ini /etc/uwsgi/apps-enabled/


logged "[+]Downloading and installing Web2py"
# Install Web2py
mkdir /home/www-data
cd /home/www-data
wget http://web2py.com/examples/static/web2py_src.zip
unzip web2py_src.zip
rm web2py_src.zip
mv web2py "$APPNAME"
chown -R www-data:www-data "$APPNAME"
cd /home/www-data/"$APPNAME"
sudo -u www-data python3 -c "from gluon.main import save_password; save_password('$PW',443)"

# Needed on new versions of web2py where new folders where added
ln -s handlers/wsgihandler.py .

logged "[+]"Creating app\'s remove\(rm\) script at /home/www-data/"$APPNAME"/"$APPNAME"_remove_app.sh
#Create app remove(rm) script
echo "
#!/bin/bash
rm -rf /etc/uwsgi/apps-available/"$APPNAME".ini /tmp/$APPNAME* /home/www-data/$APPNAME
systemctl stop nginx.service
find /etc/nginx/ -name *$APPNAME* -exec rm -rf {} \\;
systemctl restart nginx.service
systemctl reload uwsgi.service
" > /home/www-data/"$APPNAME"/"$APPNAME"_remove_app.sh && chmod +x /home/www-data/"$APPNAME"/"$APPNAME"_remove_app.sh


logged '[+](Re)Starting services'
#(Re)Start services
systemctl restart nginx.service
systemctl restart uwsgi.service
echo 'Done! Enjoy your app!'
echo

echo -e '
**** you can reload uwsgi with
sudo systemctl reload uwsgi.service
**** and stop it with
sudo systemctl stop uwsgi.service
**** to reload web2py only (without restarting uwsgi)
sudo touch --no-dereference /etc/uwsgi/"$APPNAME".ini
'
logged 'Finished SETUP'
echo '=====================================================' | tee -a "$LOG_FILE"

I'm just testing locally so I don't have a public IP address or a domain name so I just enter random names for domain name and app name.

I get a 502 bad gateway error when I try to browse the website.

In my /var/log/uwsgi/app/appname.log I get this errors:

Mon Jul  6 04:15:02 2020 - mapped 364600 bytes (356 KB) for 4 cores
Mon Jul  6 04:15:02 2020 - *** Operational MODE: preforking ***
Mon Jul  6 04:15:02 2020 - *** no app loaded. going in full dynamic mode ***
Mon Jul  6 04:15:02 2020 - *** uWSGI is running in multiple interpreter mode ***
Mon Jul  6 04:15:02 2020 - !!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!
Mon Jul  6 04:15:02 2020 - no request plugin is loaded, you will not be able to manage requests.
Mon Jul  6 04:15:02 2020 - you may need to install the package for your language of choice, or simply load it with --plugin.
Mon Jul  6 04:15:02 2020 - !!!!!!!!!!! END OF WARNING !!!!!!!!!!

I need help to make this work since I really don't know how to fix this because I basically don't know what I'm doing and I would also like to run uwsgi in emperor mode but I don;t really know how to achieve that, any help would be highly appreciated.

Murat KAŞIKÇIOĞLU

unread,

Jul 9, 2020, 3:49:59 AM7/9/20

to web...@googlegroups.com

Hi,

I've installed Python2 version with the same error. Can you check again uwsgi parameters?

processes=8

limit-as= more memory

reload-on-as= more memory

Murat.

Narulmon Tanarultakun <nt80...@gmail.com>, 9 Tem 2020 Per, 01:22 tarihinde şunu yazdı:

--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to web2py+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/web2py/5b7d2665-22f6-4ae3-abc2-053fc08c09cao%40googlegroups.com.

Reply all

Reply to author

Forward

0 new messages