dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c1495c19d1
lemonldap-ng/doc/pages/documentation/current/psgi.html
Clément OUDOT 153ef2df00 Update documentation
2018-11-26 14:15:43 +01:00

289 lines
15 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:psgi</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,psgi"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="psgi.html"/>
<link rel="contents" href="psgi.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:psgi","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#fastcgi_server_replacement">FastCGI server replacement</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#llng_fastcgi_server">LLNG FastCGI Server</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#some_examples">Some examples</a></div></li>
</ul>
</li>
<li class="level2"><div class="li"><a href="#using_uwsgi">Using uWSGI</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#using_debian_lemonldap-ng-uwsgi-app_package">Using Debian lemonldap-ng-uwsgi-app package</a></div></li>
</ul>
</li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#protect_a_psgi_application">Protect a PSGI application</a></div></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="advanced_psgi_usage">Advanced PSGI usage</h1>
<div class="level1">
<p>
LLNG is build on <a href="http://plackperl.org/" class="urlextern" title="http://plackperl.org/" rel="nofollow">Plack</a>, so it can be used with any compatible server:
</p>
<ul>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/starman" class="urlextern" title="https://metacpan.org/pod/starman" rel="nofollow">Starman</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/twiggy" class="urlextern" title="https://metacpan.org/pod/twiggy" rel="nofollow">Twiggy</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Twiggy::Prefork" class="urlextern" title="https://metacpan.org/pod/Twiggy::Prefork" rel="nofollow">Twiggy::Prefork</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/feersum" class="urlextern" title="https://metacpan.org/pod/feersum" rel="nofollow">Starman</a></div>
</li>
<li class="level1"><div class="li"> uWSGI using <a href="http://uwsgi-docs.readthedocs.io/en/latest/Perl.html" class="urlextern" title="http://uwsgi-docs.readthedocs.io/en/latest/Perl.html" rel="nofollow">uWSGI PSGI plugin</a></div>
</li>
<li class="level1"><div class="li"> <strong>Alternative</strong>: <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js handler</a> can be used as FastCGI server, only for application protection</div>
</li>
</ul>
<p>
uWSGI or <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js FastCGI server</a> may provide the highest performance.
</p>
</div>
<!-- EDIT1 SECTION "Advanced PSGI usage" [1-635] -->
<h2 class="sectionedit2" id="fastcgi_server_replacement">FastCGI server replacement</h2>
<div class="level2">
<p>
A <code>llng-server.psgi</code> is provided in example directory. It is designed to replace exactly FastCGI server. You can use it :
</p>
<ul>
<li class="level1"><div class="li"> with a FCGI Plack server, but you just have to change llng-fastcgi-server engine <em>(in /etc/default/lemonldap-ng-fastcgi-server)</em> to have the same result. Available engines:</div>
<ul>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> <strong>(default)</strong>. It can use the following managers:</div>
<ul>
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager" rel="nofollow">FCGI::ProcManager</a> (default)</div>
</li>
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager::Constrained" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager::Constrained" rel="nofollow">FCGI::ProcManager::Constrained</a></div>
</li>
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager::Dynamic" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager::Dynamic" rel="nofollow">FCGI::ProcManager::Dynamic</a></div>
</li>
</ul>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" rel="nofollow">AnyEvent::FCGI</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::EV" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::EV" rel="nofollow">FCGI::EV</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" rel="nofollow">FCGI::Engine</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" rel="nofollow">FCGI::Engine::ProcManager</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Async" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Async" rel="nofollow">FCGI::Async</a></div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> with uWSGI <em><strong>(see below)</strong></em></div>
</li>
</ul>
<div class="noteimportant">Starman, Twiggy,… are HTTP servers, not FastCGI ones !
</div>
<p>
You can also replace only a part of it to create a specialized FastCGI server (portal,…). Look at <code>llng-server.psgi</code> example and take the part you want to use.
</p>
<p>
There are also some other psgi files in examples directory.
</p>
</div>
<!-- EDIT2 SECTION "FastCGI server replacement" [636-2110] -->
<h3 class="sectionedit3" id="llng_fastcgi_server">LLNG FastCGI Server</h3>
<div class="level3">
<p>
<code>llng-fastcgi-server</code> can be launched with the following options:
</p>
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign" colspan="2"> Command-line options </th><th class="col2 centeralign"> Environment variable </th><th class="col3 centeralign"> Explanation </th>
</tr>
<tr class="row1 rowodd">
<th class="col0 centeralign"> Short </th><th class="col1 centeralign"> Long </th><th class="col2 leftalign"> </th><th class="col3 leftalign"> </th>
</tr>
</thead>
<tr class="row2 roweven">
<td class="col0 centeralign"> -p </td><td class="col1 centeralign"> pid </td><td class="col2 centeralign"> PID </td><td class="col3 leftalign"> Process PID </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> -u </td><td class="col1 centeralign"> user </td><td class="col2 centeralign"> USER </td><td class="col3"> Unix uid </td>
</tr>
<tr class="row4 roweven">
<td class="col0 centeralign"> -g </td><td class="col1 centeralign"> group </td><td class="col2 centeralign"> GROUP </td><td class="col3"> Unix gid </td>
</tr>
<tr class="row5 rowodd">
<td class="col0 centeralign"> -n </td><td class="col1 centeralign"> proc </td><td class="col2 centeralign"> NPROC </td><td class="col3"> Number of process to launch <em>(FCGI::ProcManager*)</em> </td>
</tr>
<tr class="row6 roweven">
<td class="col0 centeralign"> -s </td><td class="col1 centeralign"> socket </td><td class="col2 centeralign"> SOCKET </td><td class="col3"> Socket to listen to </td>
</tr>
<tr class="row7 rowodd">
<td class="col0 centeralign"> -l </td><td class="col1 centeralign"> listen </td><td class="col2 centeralign"> LISTEN </td><td class="col3"> Listening address. Examples: <code>host:port</code>, <code>:port</code>, <code>/socket/path</code> </td>
</tr>
<tr class="row8 roweven">
<td class="col0 centeralign"> -f </td><td class="col1 centeralign"> customFunctionsFile </td><td class="col2 centeralign"> CUSTOM_FUNCTIONS_FILE </td><td class="col3"> File to load for custom functions </td>
</tr>
<tr class="row9 rowodd">
<td class="col0 centeralign"> -e </td><td class="col1 centeralign"> engine </td><td class="col2 centeralign"> ENGINE </td><td class="col3"> Plack::Handler engine, default to FCGI <em>(see below)</em> </td>
</tr>
<tr class="row10 roweven">
<td class="col0 leftalign"> </td><td class="col1 centeralign"> plackOptions </td><td class="col2 leftalign"> </td><td class="col3"> Other options to path to Plack. Can bu multi-valued. Values must look like <code>key=value</code> </td>
</tr>
</table></div>
<!-- EDIT4 TABLE [2210-2981] -->
<p>
See <code>llng-fastcgi-server(1)</code> manpage.
</p>
</div>
<h4 id="some_examples">Some examples</h4>
<div class="level4">
<p>
FCGI with FCGI::ProcManager::Constrained
</p>
<pre class="code shell">llng-fastcgi-server -u nobody -g nobody -s /run/llng.sock -n 10 -e FCGI \
--plackOptions manager=FCGI::ProcManager::Constrained</pre>
<p>
FCGI::Engine::ProcManager
</p>
<pre class="code shell">llng-fastcgi-server -u nobody -g nobody -s /run/llng.sock -n 10 \
-e FCGI::Engine::ProcManager</pre>
</div>
<!-- EDIT3 SECTION "LLNG FastCGI Server" [2111-3420] -->
<h3 class="sectionedit5" id="using_uwsgi">Using uWSGI</h3>
<div class="level3">
<p>
You must install uWSGI PSGI plugin. Then for example, launch llng-server.psgi <em>(simple example)</em>:
</p>
<pre class="code">/usr/bin/uwsgi --plugins psgi --socket :5000 --uid www-data --gid www-data --psgi /usr/share/lemonldap-ng/llng-server/llng-server.psgi</pre>
<p>
You will find in LLNG Nginx configuration files some comments that explain how to configure Nginx to use uWSGI instead of LLNG FastCGI server.
</p>
</div>
<h4 id="using_debian_lemonldap-ng-uwsgi-app_package">Using Debian lemonldap-ng-uwsgi-app package</h4>
<div class="level4">
<p>
lemonldap-ng-uwsgi-app installs a uWSGI application: <code>/etc/uwsgi/apps-available/llng-server.yaml</code>. To enable it, link it in <code>apps-enabled</code> and restart your uWSGI daemon:
</p>
<pre class="code shell">apt-get install uwsgi uwsgi-plugin-psgi
cd /etc/uwsgi/apps-enabled
ln -s ../apps-available/llng-server.yaml
service uwsgi restart</pre>
<p>
Then adapt your Nginx configuration to use this uWSGI app.
</p>
</div>
<!-- EDIT5 SECTION "Using uWSGI" [3421-4278] -->
<h2 class="sectionedit6" id="protect_a_psgi_application">Protect a PSGI application</h2>
<div class="level2">
<p>
LLNG provides <code>Plack::Middleware::Auth::LemonldapNG</code> that can be used to protect any PSGI application: it acts exactly like a LLNG handler. Simple example:
</p>
<dl class="file">
<dt><a href="_export/code/documentation/2.0/psgi/codeblock.4.code" title="Download Snippet" class="mediafile mf_psgi">app.psgi</a></dt>
<dd><pre class="code file perl"><span class="kw2">use</span> Plack<span class="sy0">::</span><span class="me2">Builder</span><span class="sy0">;</span>
&nbsp;
<span class="kw1">my</span> <span class="re0">$app</span> <span class="sy0">=</span> <span class="kw2">sub</span> <span class="br0">&#123;</span> <span class="sy0">...</span> <span class="br0">&#125;</span><span class="sy0">;</span>
builder <span class="br0">&#123;</span>
enable <span class="st0">&quot;Auth::LemonldapNG&quot;</span><span class="sy0">;</span>
<span class="re0">$app</span><span class="sy0">;</span>
<span class="br0">&#125;</span><span class="sy0">;</span></pre>
</dd></dl>
<p>
More advanced example:
</p>
<dl class="file">
<dt><a href="_export/code/documentation/2.0/psgi/codeblock.5.code" title="Download Snippet" class="mediafile mf_psgi">app.psgi</a></dt>
<dd><pre class="code file perl"><span class="kw2">use</span> Plack<span class="sy0">::</span><span class="me2">Builder</span><span class="sy0">;</span>
&nbsp;
<span class="kw1">my</span> <span class="re0">$app</span> <span class="sy0">=</span> <span class="kw2">sub</span> <span class="br0">&#123;</span> <span class="sy0">...</span> <span class="br0">&#125;</span><span class="sy0">;</span>
&nbsp;
<span class="co1"># Optionally ($proposedResponse is the PSGI response of Lemonldap::NG handler)</span>
<span class="kw2">sub</span> on_reject <span class="br0">&#123;</span>
<span class="kw1">my</span><span class="br0">&#40;</span><span class="re0">$self</span><span class="sy0">,</span><span class="re0">$env</span><span class="sy0">,</span><span class="re0">$proposedResponse</span><span class="br0">&#41;</span> <span class="sy0">=</span> <span class="co5">@_</span><span class="sy0">;</span>
<span class="co1"># ...</span>
<span class="br0">&#125;</span>
&nbsp;
builder <span class="br0">&#123;</span>
enable <span class="st0">&quot;Auth::LemonldapNG&quot;</span><span class="sy0">,</span>
llparams <span class="sy0">=&gt;</span> <span class="br0">&#123;</span>
<span class="co1"># ...</span>
<span class="br0">&#125;</span><span class="sy0">,</span>
on_reject <span class="sy0">=&gt;</span> <span class="re0">\&amp;on_reject</span><span class="sy0">;</span>
<span class="re0">$app</span><span class="sy0">;</span>
<span class="br0">&#125;</span><span class="sy0">;</span></pre>
</dd></dl>
</div>
<!-- EDIT6 SECTION "Protect a PSGI application" [4279-] --></div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink