dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cc79680b89
lemonldap-ng/doc/pages/documentation/current/psgi.html
Xavier Guimard ce59789747 Update doc
2019-06-28 16:53:45 +02:00

314 lines
16 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:psgi</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,psgi"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="psgi.html"/>
<link rel="contents" href="psgi.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:psgi","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#fastcgi_server_replacement">FastCGI server replacement</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#llng_fastcgi_server">LLNG FastCGI Server</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#some_examples">Some examples</a></div></li>
</ul>
</li>
<li class="level2"><div class="li"><a href="#using_uwsgi">Using uWSGI</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#using_debian_lemonldap-ng-uwsgi-app_package">Using Debian lemonldap-ng-uwsgi-app package</a></div></li>
<li class="level3"><div class="li"><a href="#configuration">Configuration</a></div></li>
</ul>
</li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#protect_a_psgi_application">Protect a PSGI application</a></div></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="advanced_psgi_usage">Advanced PSGI usage</h1>
<div class="level1">
<p>
LLNG is build on <a href="http://plackperl.org/" class="urlextern" title="http://plackperl.org/" rel="nofollow">Plack</a>, so it can be used with any compatible server:
</p>
<ul>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/starman" class="urlextern" title="https://metacpan.org/pod/starman" rel="nofollow">Starman</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/twiggy" class="urlextern" title="https://metacpan.org/pod/twiggy" rel="nofollow">Twiggy</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Twiggy::Prefork" class="urlextern" title="https://metacpan.org/pod/Twiggy::Prefork" rel="nofollow">Twiggy::Prefork</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/feersum" class="urlextern" title="https://metacpan.org/pod/feersum" rel="nofollow">Starman</a></div>
</li>
<li class="level1"><div class="li"> uWSGI using <a href="http://uwsgi-docs.readthedocs.io/en/latest/Perl.html" class="urlextern" title="http://uwsgi-docs.readthedocs.io/en/latest/Perl.html" rel="nofollow">uWSGI PSGI plugin</a></div>
</li>
<li class="level1"><div class="li"> <strong>Alternative</strong>: <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js handler</a> can be used as FastCGI server, only for application protection</div>
</li>
</ul>
<p>
uWSGI or <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js FastCGI server</a> may provide the highest performance.
</p>
</div>
<!-- EDIT1 SECTION "Advanced PSGI usage" [1-635] -->
<h2 class="sectionedit2" id="fastcgi_server_replacement">FastCGI server replacement</h2>
<div class="level2">
<p>
A <code>llng-server.psgi</code> is provided in example directory. It is designed to replace exactly FastCGI server. You can use it :
</p>
<ul>
<li class="level1"><div class="li"> with a FCGI Plack server, but you just have to change llng-fastcgi-server engine <em>(in /etc/default/lemonldap-ng-fastcgi-server)</em> to have the same result. Available engines:</div>
<ul>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> <strong>(default)</strong>. It can use the following managers:</div>
<ul>
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager" rel="nofollow">FCGI::ProcManager</a> (default)</div>
</li>
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager::Constrained" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager::Constrained" rel="nofollow">FCGI::ProcManager::Constrained</a></div>
</li>
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager::Dynamic" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager::Dynamic" rel="nofollow">FCGI::ProcManager::Dynamic</a></div>
</li>
</ul>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" rel="nofollow">AnyEvent::FCGI</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::EV" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::EV" rel="nofollow">FCGI::EV</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" rel="nofollow">FCGI::Engine</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" rel="nofollow">FCGI::Engine::ProcManager</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Async" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Async" rel="nofollow">FCGI::Async</a></div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> with uWSGI <em><strong>(see below)</strong></em></div>
</li>
</ul>
<div class="noteimportant">Starman, Twiggy,... are HTTP servers, not FastCGI ones !
</div>
<p>
You can also replace only a part of it to create a specialized FastCGI server (portal,...). Look at <code>llng-server.psgi</code> example and take the part you want to use.
</p>
<p>
There are also some other psgi files in examples directory.
</p>
</div>
<!-- EDIT2 SECTION "FastCGI server replacement" [636-2110] -->
<h3 class="sectionedit3" id="llng_fastcgi_server">LLNG FastCGI Server</h3>
<div class="level3">
<p>
<code>llng-fastcgi-server</code> can be launched with the following options:
</p>
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign" colspan="2"> Command-line options </th><th class="col2 centeralign"> Environment variable </th><th class="col3 centeralign"> Explanation </th>
</tr>
<tr class="row1 rowodd">
<th class="col0 centeralign"> Short </th><th class="col1 centeralign"> Long </th><th class="col2 leftalign"> </th><th class="col3 leftalign"> </th>
</tr>
</thead>
<tr class="row2 roweven">
<td class="col0 centeralign"> -p </td><td class="col1 centeralign"> --pid </td><td class="col2 centeralign"> PID </td><td class="col3 leftalign"> Process PID </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> -u </td><td class="col1 centeralign"> --user </td><td class="col2 centeralign"> USER </td><td class="col3"> Unix uid </td>
</tr>
<tr class="row4 roweven">
<td class="col0 centeralign"> -g </td><td class="col1 centeralign"> --group </td><td class="col2 centeralign"> GROUP </td><td class="col3"> Unix gid </td>
</tr>
<tr class="row5 rowodd">
<td class="col0 centeralign"> -n </td><td class="col1 centeralign"> --proc </td><td class="col2 centeralign"> NPROC </td><td class="col3"> Number of process to launch <em>(FCGI::ProcManager*)</em> </td>
</tr>
<tr class="row6 roweven">
<td class="col0 centeralign"> -s </td><td class="col1 centeralign"> --socket </td><td class="col2 centeralign"> SOCKET </td><td class="col3"> Socket to listen to </td>
</tr>
<tr class="row7 rowodd">
<td class="col0 centeralign"> -l </td><td class="col1 centeralign"> --listen </td><td class="col2 centeralign"> LISTEN </td><td class="col3"> Listening address. Examples: <code>host:port</code>, <code>:port</code>, <code>/socket/path</code> </td>
</tr>
<tr class="row8 roweven">
<td class="col0 centeralign"> -f </td><td class="col1 centeralign"> --customFunctionsFile </td><td class="col2 centeralign"> CUSTOM_FUNCTIONS_FILE </td><td class="col3"> File to load for custom functions </td>
</tr>
<tr class="row9 rowodd">
<td class="col0 centeralign"> -e </td><td class="col1 centeralign"> --engine </td><td class="col2 centeralign"> ENGINE </td><td class="col3"> Plack::Handler engine, default to FCGI <em>(see below)</em> </td>
</tr>
<tr class="row10 roweven">
<td class="col0 leftalign"> </td><td class="col1 centeralign"> --plackOptions </td><td class="col2 leftalign"> </td><td class="col3"> Other options to path to Plack. Can bu multi-valued. Values must look like <code>--key=value</code> </td>
</tr>
</table></div>
<!-- EDIT4 TABLE [2210-2983] -->
<p>
See <code>llng-fastcgi-server(1)</code> manpage.
</p>
</div>
<h4 id="some_examples">Some examples</h4>
<div class="level4">
<p>
FCGI with FCGI::ProcManager::Constrained
</p>
<pre class="code shell">llng-fastcgi-server -u nobody -g nobody -s /run/llng.sock -n 10 -e FCGI \
--plackOptions=--manager=FCGI::ProcManager::Constrained</pre>
<p>
FCGI::Engine::ProcManager
</p>
<pre class="code shell">llng-fastcgi-server -u nobody -g nobody -s /run/llng.sock -n 10 \
-e FCGI::Engine::ProcManager</pre>
</div>
<!-- EDIT3 SECTION "LLNG FastCGI Server" [2111-3424] -->
<h3 class="sectionedit5" id="using_uwsgi">Using uWSGI</h3>
<div class="level3">
<p>
You must install uWSGI PSGI plugin. Then for example, launch llng-server.psgi <em>(simple example)</em>:
</p>
<pre class="code">/usr/bin/uwsgi --plugins psgi --socket :5000 --uid www-data --gid www-data --psgi /usr/share/lemonldap-ng/llng-server/llng-server.psgi</pre>
<p>
You will find in LLNG Nginx configuration files some comments that explain how to configure Nginx to use uWSGI instead of LLNG FastCGI server.
</p>
</div>
<h4 id="using_debian_lemonldap-ng-uwsgi-app_package">Using Debian lemonldap-ng-uwsgi-app package</h4>
<div class="level4">
<p>
lemonldap-ng-uwsgi-app installs a uWSGI application: <code>/etc/uwsgi/apps-available/llng-server.yaml</code>. To enable it, link it in <code>apps-enabled</code> and restart your uWSGI daemon:
</p>
<pre class="code shell">apt-get install uwsgi uwsgi-plugin-psgi
cd /etc/uwsgi/apps-enabled
ln -s ../apps-available/llng-server.yaml
service uwsgi restart</pre>
<p>
Then adapt your Nginx configuration to use this uWSGI app.
</p>
</div>
<h4 id="configuration">Configuration</h4>
<div class="level4">
<p>
To serve large requests with uWsgi, you could have to modify in uWsgi and/or Nginx init files several options. Example:
</p>
<dl class="file">
<dt><a href="_export/code/documentation/2.0/psgi/codeblock.4.code" title="Download Snippet" class="mediafile mf_ini">uWsgi.ini</a></dt>
<dd><pre class="code file ini"><span class="re1">workers</span> <span class="sy0">=</span><span class="re2"> 4</span>
<span class="re1">buffer-size</span> <span class="sy0">=</span><span class="re2"> 65535</span>
<span class="re1">limit-post</span> <span class="sy0">=</span><span class="re2"> 0</span></pre>
</dd></dl>
<dl class="file">
<dt><a href="_export/code/documentation/2.0/psgi/codeblock.5.code" title="Download Snippet" class="mediafile mf_conf">nginx.conf</a></dt>
<dd><pre class="code file nginx">client_max_body_size 300M;
proxy_send_timeout 600;
proxy_read_timeout 600;
proxy_connect_timeout 600;
uwsgi_read_timeout 120;
uwsgi_send_timeout 120;</pre>
</dd></dl>
</div>
<!-- EDIT5 SECTION "Using uWSGI" [3425-4685] -->
<h2 class="sectionedit6" id="protect_a_psgi_application">Protect a PSGI application</h2>
<div class="level2">
<p>
LLNG provides <code>Plack::Middleware::Auth::LemonldapNG</code> that can be used to protect any PSGI application: it acts exactly like a LLNG handler. Simple example:
</p>
<dl class="file">
<dt><a href="_export/code/documentation/2.0/psgi/codeblock.6.code" title="Download Snippet" class="mediafile mf_psgi">app.psgi</a></dt>
<dd><pre class="code file perl"><span class="kw2">use</span> Plack<span class="sy0">::</span><span class="me2">Builder</span><span class="sy0">;</span>
&nbsp;
<span class="kw1">my</span> <span class="re0">$app</span> <span class="sy0">=</span> <span class="kw2">sub</span> <span class="br0">&#123;</span> <span class="sy0">...</span> <span class="br0">&#125;</span><span class="sy0">;</span>
builder <span class="br0">&#123;</span>
enable <span class="st0">&quot;Auth::LemonldapNG&quot;</span><span class="sy0">;</span>
<span class="re0">$app</span><span class="sy0">;</span>
<span class="br0">&#125;</span><span class="sy0">;</span></pre>
</dd></dl>
<p>
More advanced example:
</p>
<dl class="file">
<dt><a href="_export/code/documentation/2.0/psgi/codeblock.7.code" title="Download Snippet" class="mediafile mf_psgi">app.psgi</a></dt>
<dd><pre class="code file perl"><span class="kw2">use</span> Plack<span class="sy0">::</span><span class="me2">Builder</span><span class="sy0">;</span>
&nbsp;
<span class="kw1">my</span> <span class="re0">$app</span> <span class="sy0">=</span> <span class="kw2">sub</span> <span class="br0">&#123;</span> <span class="sy0">...</span> <span class="br0">&#125;</span><span class="sy0">;</span>
&nbsp;
<span class="co1"># Optionally ($proposedResponse is the PSGI response of Lemonldap::NG handler)</span>
<span class="kw2">sub</span> on_reject <span class="br0">&#123;</span>
<span class="kw1">my</span><span class="br0">&#40;</span><span class="re0">$self</span><span class="sy0">,</span><span class="re0">$env</span><span class="sy0">,</span><span class="re0">$proposedResponse</span><span class="br0">&#41;</span> <span class="sy0">=</span> <span class="co5">@_</span><span class="sy0">;</span>
<span class="co1"># ...</span>
<span class="br0">&#125;</span>
&nbsp;
builder <span class="br0">&#123;</span>
enable <span class="st0">&quot;Auth::LemonldapNG&quot;</span><span class="sy0">,</span>
llparams <span class="sy0">=&gt;</span> <span class="br0">&#123;</span>
<span class="co1"># ...</span>
<span class="br0">&#125;</span><span class="sy0">,</span>
on_reject <span class="sy0">=&gt;</span> <span class="re0">\&amp;on_reject</span><span class="sy0">;</span>
<span class="re0">$app</span><span class="sy0">;</span>
<span class="br0">&#125;</span><span class="sy0">;</span></pre>
</dd></dl>
</div>
<!-- EDIT6 SECTION "Protect a PSGI application" [4686-] --></div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink