Securely serving webapps using uWSGI
####################################
:date: 2016-10-02 20:00
:modified: 2016-10-03 04:00
:tags: application server, archlinux, cgit, mediawiki, nginx, owncloud, php, python, roundcube, security, sockets, systemd, uwsgi, webapps, wordpress
:category: admin
:slug: securely-serving-webapps-using-uwsgi
:summary: An introductory on how to securely serve all your webapps using |website-nginx| and |website-uwsgi| with |website-systemd| on |website-archlinux|
:authors: David Runge
| Ever since I'm running my own |website-archlinux| box to serve my services, I have been using |website-nginx| in conjunction with |website-uwsgi|.
| So instead of using |website-php-fpm| and be limited to just |website-php|, I can use a single application server to do all of them (|wiki-cgi|, |website-python|, |website-php| and even the stuff I don't use, such as |website-ruby|, |website-mono|, |website-java|, |website-lua|, |website-perl|, |website-webdav|). They are all separately installable as plugins.
| Static sites, such as this, default to being served by |website-nginx| directly of course.
| Over time I found |website-uwsgi| to be a very versatile and powerful piece of software that has many advantages (over e.g. |website-apache|):
* socket activation
* webapp encapsulation and jailing
* self-healing
* being able to separetely manage services
* close after idle
| I'll explain the services I use (|website-roundcube|, |website-owncloud|, |website-mailman|, |website-stikked|, |website-wordpress|, |website-postfixadmin|, |website-phpmyadmin|, |website-cgit|, |website-mediawiki|, |website-mantisbt| ) along with configuration examples and their possible pitfalls.
| In my last post about `Let's Encrypt <../2016/lets-encrypt-it-all>`_ I already showed some examples on how to configure |website-nginx| for the use with |website-uwsgi|. Let's jump right in.
|
Preparing nginx
_______________
.. |website-letsencrypt| raw:: html
Let's Encrypt
.. |website-archlinux| raw:: html
Arch Linux
.. |website-python| raw:: html
Python
.. |website-nginx| raw:: html
nginx
.. |website-roundcube| raw:: html
roundcube
.. |website-uwsgi| raw:: html
uWSGI
.. |readthedocs-uwsgi| raw:: html
uWSGI
.. |website-owncloud| raw:: html
ownCloud
.. |website-systemd| raw:: html
systemd
.. |website-php-fpm| raw:: html
php-fpm
.. |website-php| raw:: html
PHP
.. |wiki-cgi| raw:: html
CGI
.. |website-ruby| raw:: html
Ruby Rack
.. |website-mono| raw:: html
Mono
.. |website-java| raw:: html
Java
.. |website-lua| raw:: html
Lua
.. |website-perl| raw:: html
Perl
.. |website-webdav| raw:: html
WebDAV
.. |website-apache| raw:: html
Apache
.. |website-mailman| raw:: html
Mailman
.. |website-stikked| raw:: html
Stikked
.. |website-wordpress| raw:: html
Wordpress
.. |website-postfixadmin| raw:: html
Postfixadmin
.. |website-phpmyadmin| raw:: html
phpMyAdmin
.. |website-cgit| raw:: html
cgit
.. |website-mediawiki| raw:: html
MediaWiki
.. |website-mantisbt| raw:: html
MantisBT