289 lines
15 KiB
HTML
289 lines
15 KiB
HTML
<!DOCTYPE html>
|
||
<html lang="en" dir="ltr">
|
||
<head>
|
||
<meta charset="utf-8" />
|
||
<title>documentation:2.0:psgi</title>
|
||
<meta name="generator" content="DokuWiki"/>
|
||
<meta name="robots" content="noindex,nofollow"/>
|
||
<meta name="keywords" content="documentation,2.0,psgi"/>
|
||
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
|
||
<link rel="start" href="psgi.html"/>
|
||
<link rel="contents" href="psgi.html" title="Sitemap"/>
|
||
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
|
||
<!-- //if:usedebianlibs
|
||
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
|
||
//elsif:useexternallibs
|
||
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
|
||
//elsif:cssminified
|
||
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
|
||
//else -->
|
||
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
|
||
<!-- //endif -->
|
||
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:psgi","namespace":"documentation:2.0"};
|
||
/*!]]>*/</script>
|
||
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
|
||
<!-- //if:usedebianlibs
|
||
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
|
||
//elsif:useexternallibs
|
||
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
|
||
//elsif:jsminified
|
||
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
|
||
//else -->
|
||
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
|
||
<!-- //endif -->
|
||
<!-- //if:usedebianlibs
|
||
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
|
||
//elsif:useexternallibs
|
||
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
|
||
//elsif:jsminified
|
||
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
|
||
//else -->
|
||
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script>
|
||
<!-- //endif -->
|
||
</head>
|
||
<body>
|
||
<div class="dokuwiki export container">
|
||
<!-- TOC START -->
|
||
<div id="dw__toc">
|
||
<h3 class="toggle">Table of Contents</h3>
|
||
<div>
|
||
|
||
<ul class="toc">
|
||
<li class="level1"><div class="li"><a href="#fastcgi_server_replacement">FastCGI server replacement</a></div>
|
||
<ul class="toc">
|
||
<li class="level2"><div class="li"><a href="#llng_fastcgi_server">LLNG FastCGI Server</a></div>
|
||
<ul class="toc">
|
||
<li class="level3"><div class="li"><a href="#some_examples">Some examples</a></div></li>
|
||
</ul>
|
||
</li>
|
||
<li class="level2"><div class="li"><a href="#using_uwsgi">Using uWSGI</a></div>
|
||
<ul class="toc">
|
||
<li class="level3"><div class="li"><a href="#using_debian_lemonldap-ng-uwsgi-app_package">Using Debian lemonldap-ng-uwsgi-app package</a></div></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="level1"><div class="li"><a href="#protect_a_psgi_application">Protect a PSGI application</a></div></li>
|
||
</ul>
|
||
</div>
|
||
</div>
|
||
<!-- TOC END -->
|
||
|
||
<h1 class="sectionedit1" id="advanced_psgi_usage">Advanced PSGI usage</h1>
|
||
<div class="level1">
|
||
|
||
<p>
|
||
LLNG is build on <a href="http://plackperl.org/" class="urlextern" title="http://plackperl.org/" rel="nofollow">Plack</a>, so it can be used with any compatible server:
|
||
</p>
|
||
<ul>
|
||
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/starman" class="urlextern" title="https://metacpan.org/pod/starman" rel="nofollow">Starman</a></div>
|
||
</li>
|
||
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/twiggy" class="urlextern" title="https://metacpan.org/pod/twiggy" rel="nofollow">Twiggy</a></div>
|
||
</li>
|
||
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Twiggy::Prefork" class="urlextern" title="https://metacpan.org/pod/Twiggy::Prefork" rel="nofollow">Twiggy::Prefork</a></div>
|
||
</li>
|
||
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/feersum" class="urlextern" title="https://metacpan.org/pod/feersum" rel="nofollow">Starman</a></div>
|
||
</li>
|
||
<li class="level1"><div class="li"> uWSGI using <a href="http://uwsgi-docs.readthedocs.io/en/latest/Perl.html" class="urlextern" title="http://uwsgi-docs.readthedocs.io/en/latest/Perl.html" rel="nofollow">uWSGI PSGI plugin</a></div>
|
||
</li>
|
||
<li class="level1"><div class="li"> <strong>Alternative</strong>: <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js handler</a> can be used as FastCGI server, only for application protection</div>
|
||
</li>
|
||
</ul>
|
||
|
||
<p>
|
||
uWSGI or <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js FastCGI server</a> may provide the highest performance.
|
||
</p>
|
||
|
||
</div>
|
||
<!-- EDIT1 SECTION "Advanced PSGI usage" [1-635] -->
|
||
<h2 class="sectionedit2" id="fastcgi_server_replacement">FastCGI server replacement</h2>
|
||
<div class="level2">
|
||
|
||
<p>
|
||
A <code>llng-server.psgi</code> is provided in example directory. It is designed to replace exactly FastCGI server. You can use it :
|
||
</p>
|
||
<ul>
|
||
<li class="level1"><div class="li"> with a FCGI Plack server, but you just have to change llng-fastcgi-server engine <em>(in /etc/default/lemonldap-ng-fastcgi-server)</em> to have the same result. Available engines:</div>
|
||
<ul>
|
||
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> <strong>(default)</strong>. It can use the following managers:</div>
|
||
<ul>
|
||
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager" rel="nofollow">FCGI::ProcManager</a> (default)</div>
|
||
</li>
|
||
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager::Constrained" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager::Constrained" rel="nofollow">FCGI::ProcManager::Constrained</a></div>
|
||
</li>
|
||
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager::Dynamic" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager::Dynamic" rel="nofollow">FCGI::ProcManager::Dynamic</a></div>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" rel="nofollow">AnyEvent::FCGI</a></div>
|
||
</li>
|
||
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::EV" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::EV" rel="nofollow">FCGI::EV</a></div>
|
||
</li>
|
||
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" rel="nofollow">FCGI::Engine</a></div>
|
||
</li>
|
||
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" rel="nofollow">FCGI::Engine::ProcManager</a></div>
|
||
</li>
|
||
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Async" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Async" rel="nofollow">FCGI::Async</a></div>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="level1"><div class="li"> with uWSGI <em><strong>(see below)</strong></em></div>
|
||
</li>
|
||
</ul>
|
||
<div class="noteimportant">Starman, Twiggy,… are HTTP servers, not FastCGI ones !
|
||
</div>
|
||
<p>
|
||
You can also replace only a part of it to create a specialized FastCGI server (portal,…). Look at <code>llng-server.psgi</code> example and take the part you want to use.
|
||
</p>
|
||
|
||
<p>
|
||
There are also some other psgi files in examples directory.
|
||
</p>
|
||
|
||
</div>
|
||
<!-- EDIT2 SECTION "FastCGI server replacement" [636-2110] -->
|
||
<h3 class="sectionedit3" id="llng_fastcgi_server">LLNG FastCGI Server</h3>
|
||
<div class="level3">
|
||
|
||
<p>
|
||
<code>llng-fastcgi-server</code> can be launched with the following options:
|
||
</p>
|
||
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
|
||
<thead>
|
||
<tr class="row0 roweven">
|
||
<th class="col0 centeralign" colspan="2"> Command-line options </th><th class="col2 centeralign"> Environment variable </th><th class="col3 centeralign"> Explanation </th>
|
||
</tr>
|
||
<tr class="row1 rowodd">
|
||
<th class="col0 centeralign"> Short </th><th class="col1 centeralign"> Long </th><th class="col2 leftalign"> </th><th class="col3 leftalign"> </th>
|
||
</tr>
|
||
</thead>
|
||
<tr class="row2 roweven">
|
||
<td class="col0 centeralign"> -p </td><td class="col1 centeralign"> –pid </td><td class="col2 centeralign"> PID </td><td class="col3 leftalign"> Process PID </td>
|
||
</tr>
|
||
<tr class="row3 rowodd">
|
||
<td class="col0 centeralign"> -u </td><td class="col1 centeralign"> –user </td><td class="col2 centeralign"> USER </td><td class="col3"> Unix uid </td>
|
||
</tr>
|
||
<tr class="row4 roweven">
|
||
<td class="col0 centeralign"> -g </td><td class="col1 centeralign"> –group </td><td class="col2 centeralign"> GROUP </td><td class="col3"> Unix gid </td>
|
||
</tr>
|
||
<tr class="row5 rowodd">
|
||
<td class="col0 centeralign"> -n </td><td class="col1 centeralign"> –proc </td><td class="col2 centeralign"> NPROC </td><td class="col3"> Number of process to launch <em>(FCGI::ProcManager*)</em> </td>
|
||
</tr>
|
||
<tr class="row6 roweven">
|
||
<td class="col0 centeralign"> -s </td><td class="col1 centeralign"> –socket </td><td class="col2 centeralign"> SOCKET </td><td class="col3"> Socket to listen to </td>
|
||
</tr>
|
||
<tr class="row7 rowodd">
|
||
<td class="col0 centeralign"> -l </td><td class="col1 centeralign"> –listen </td><td class="col2 centeralign"> LISTEN </td><td class="col3"> Listening address. Examples: <code>host:port</code>, <code>:port</code>, <code>/socket/path</code> </td>
|
||
</tr>
|
||
<tr class="row8 roweven">
|
||
<td class="col0 centeralign"> -f </td><td class="col1 centeralign"> –customFunctionsFile </td><td class="col2 centeralign"> CUSTOM_FUNCTIONS_FILE </td><td class="col3"> File to load for custom functions </td>
|
||
</tr>
|
||
<tr class="row9 rowodd">
|
||
<td class="col0 centeralign"> -e </td><td class="col1 centeralign"> –engine </td><td class="col2 centeralign"> ENGINE </td><td class="col3"> Plack::Handler engine, default to FCGI <em>(see below)</em> </td>
|
||
</tr>
|
||
<tr class="row10 roweven">
|
||
<td class="col0 leftalign"> </td><td class="col1 centeralign"> –plackOptions </td><td class="col2 leftalign"> </td><td class="col3"> Other options to path to Plack. Can bu multi-valued. Values must look like <code>–key=value</code> </td>
|
||
</tr>
|
||
</table></div>
|
||
<!-- EDIT4 TABLE [2210-2983] -->
|
||
<p>
|
||
See <code>llng-fastcgi-server(1)</code> manpage.
|
||
</p>
|
||
|
||
</div>
|
||
|
||
<h4 id="some_examples">Some examples</h4>
|
||
<div class="level4">
|
||
|
||
<p>
|
||
FCGI with FCGI::ProcManager::Constrained
|
||
</p>
|
||
<pre class="code shell">llng-fastcgi-server -u nobody -g nobody -s /run/llng.sock -n 10 -e FCGI \
|
||
--plackOptions=--manager=FCGI::ProcManager::Constrained</pre>
|
||
|
||
<p>
|
||
FCGI::Engine::ProcManager
|
||
</p>
|
||
<pre class="code shell">llng-fastcgi-server -u nobody -g nobody -s /run/llng.sock -n 10 \
|
||
-e FCGI::Engine::ProcManager</pre>
|
||
|
||
</div>
|
||
<!-- EDIT3 SECTION "LLNG FastCGI Server" [2111-3424] -->
|
||
<h3 class="sectionedit5" id="using_uwsgi">Using uWSGI</h3>
|
||
<div class="level3">
|
||
|
||
<p>
|
||
You must install uWSGI PSGI plugin. Then for example, launch llng-server.psgi <em>(simple example)</em>:
|
||
</p>
|
||
<pre class="code">/usr/bin/uwsgi --plugins psgi --socket :5000 --uid www-data --gid www-data --psgi /usr/share/lemonldap-ng/llng-server/llng-server.psgi</pre>
|
||
|
||
<p>
|
||
You will find in LLNG Nginx configuration files some comments that explain how to configure Nginx to use uWSGI instead of LLNG FastCGI server.
|
||
</p>
|
||
|
||
</div>
|
||
|
||
<h4 id="using_debian_lemonldap-ng-uwsgi-app_package">Using Debian lemonldap-ng-uwsgi-app package</h4>
|
||
<div class="level4">
|
||
|
||
<p>
|
||
lemonldap-ng-uwsgi-app installs a uWSGI application: <code>/etc/uwsgi/apps-available/llng-server.yaml</code>. To enable it, link it in <code>apps-enabled</code> and restart your uWSGI daemon:
|
||
</p>
|
||
<pre class="code shell">apt-get install uwsgi uwsgi-plugin-psgi
|
||
cd /etc/uwsgi/apps-enabled
|
||
ln -s ../apps-available/llng-server.yaml
|
||
service uwsgi restart</pre>
|
||
|
||
<p>
|
||
Then adapt your Nginx configuration to use this uWSGI app.
|
||
</p>
|
||
|
||
</div>
|
||
<!-- EDIT5 SECTION "Using uWSGI" [3425-4282] -->
|
||
<h2 class="sectionedit6" id="protect_a_psgi_application">Protect a PSGI application</h2>
|
||
<div class="level2">
|
||
|
||
<p>
|
||
LLNG provides <code>Plack::Middleware::Auth::LemonldapNG</code> that can be used to protect any PSGI application: it acts exactly like a LLNG handler. Simple example:
|
||
</p>
|
||
<dl class="file">
|
||
<dt><a href="_export/code/documentation/2.0/psgi/codeblock.4.code" title="Download Snippet" class="mediafile mf_psgi">app.psgi</a></dt>
|
||
<dd><pre class="code file perl"><span class="kw2">use</span> Plack<span class="sy0">::</span><span class="me2">Builder</span><span class="sy0">;</span>
|
||
|
||
<span class="kw1">my</span> <span class="re0">$app</span> <span class="sy0">=</span> <span class="kw2">sub</span> <span class="br0">{</span> <span class="sy0">...</span> <span class="br0">}</span><span class="sy0">;</span>
|
||
builder <span class="br0">{</span>
|
||
enable <span class="st0">"Auth::LemonldapNG"</span><span class="sy0">;</span>
|
||
<span class="re0">$app</span><span class="sy0">;</span>
|
||
<span class="br0">}</span><span class="sy0">;</span></pre>
|
||
</dd></dl>
|
||
|
||
<p>
|
||
More advanced example:
|
||
</p>
|
||
<dl class="file">
|
||
<dt><a href="_export/code/documentation/2.0/psgi/codeblock.5.code" title="Download Snippet" class="mediafile mf_psgi">app.psgi</a></dt>
|
||
<dd><pre class="code file perl"><span class="kw2">use</span> Plack<span class="sy0">::</span><span class="me2">Builder</span><span class="sy0">;</span>
|
||
|
||
<span class="kw1">my</span> <span class="re0">$app</span> <span class="sy0">=</span> <span class="kw2">sub</span> <span class="br0">{</span> <span class="sy0">...</span> <span class="br0">}</span><span class="sy0">;</span>
|
||
|
||
<span class="co1"># Optionally ($proposedResponse is the PSGI response of Lemonldap::NG handler)</span>
|
||
<span class="kw2">sub</span> on_reject <span class="br0">{</span>
|
||
<span class="kw1">my</span><span class="br0">(</span><span class="re0">$self</span><span class="sy0">,</span><span class="re0">$env</span><span class="sy0">,</span><span class="re0">$proposedResponse</span><span class="br0">)</span> <span class="sy0">=</span> <span class="co5">@_</span><span class="sy0">;</span>
|
||
<span class="co1"># ...</span>
|
||
<span class="br0">}</span>
|
||
|
||
builder <span class="br0">{</span>
|
||
enable <span class="st0">"Auth::LemonldapNG"</span><span class="sy0">,</span>
|
||
llparams <span class="sy0">=></span> <span class="br0">{</span>
|
||
<span class="co1"># ...</span>
|
||
<span class="br0">}</span><span class="sy0">,</span>
|
||
on_reject <span class="sy0">=></span> <span class="re0">\&on_reject</span><span class="sy0">;</span>
|
||
<span class="re0">$app</span><span class="sy0">;</span>
|
||
<span class="br0">}</span><span class="sy0">;</span></pre>
|
||
</dd></dl>
|
||
|
||
</div>
|
||
<!-- EDIT6 SECTION "Protect a PSGI application" [4283-] --></div>
|
||
</body>
|
||
</html>
|