Re: How to configure fastcgi with httpd?

Sat, 31 Aug 2024 14:30:40 -0700 



• Omar Polo [2024-08-31 17:16]:

On 2024/08/31 21:32:45 +0800, Sadeep Madurange <sad...@asciimx.com> wrote:

Hello,

I have a python script (flask.py) with the following content on an
OpenBSD 7.5 server:

#! /usr/local/bin/python3
print("hello, world!")


This doesn't look like a flask app.


I ran the following command to install it:

# install -o www -g www -m 0500 flask.py /var/www/cgi-bin

Then I added the following config to /etc/httpd.conf:

server "localhost" {
     listen on * port 8080
     location "/*" {
         fastcgi { param SCRIPT_FILENAME "/cgi-bin/flask.py" }
     }
}

restarted httpd, and executed the following curl request:


Notice that this is OpenBSD httpd and not Apache httpd.


$ curl http://localhost:8080/

However, I keep getting 500 internal server error. Not sure what I'm
doing wrong, so any help is much appreciated.


FastCGI is a binary protocol.  You're expected to have your program
listening on a socket or on a local port, then configure httpd to talk
to it.

slowcgi(8) is a way to wrap cgi scripts over fastcgi.

I wouldn't reccomend to run python stuff as a CGI script.  Setting up
the chroot is hard and there's little gain.

I don't work with python, but it seems that flask (assuming you intend to
use it) has some fastcgi support, see

     https://flask.palletsprojects.com/en/2.0.x/deploying/fastcgi/

fastcgi support in flask is coming from flup:

pkg_add py3-flup


in particular the part where it specifies the address to bind the
UNIX-domain socket.


WSGIServer(application, bindAddress='/path/to/fcgi.sock').run()



a more complete example, with getting rid of any stale sockets and using 
more suitable permissions:


#!/usr/local/bin/python3

from flask import Flask
app = Flask(__name__)
# more flask stuff here

if __name__ == '__main__':
    from flup.server.fcgi import WSGIServer
    sock = pathlib.Path('/var/www/run/wwwrun/foo.sock').resolve()
    try:
        sock.unlink()
    except:
        pass
    WSGIServer(app, bindAddress=str(sock), umask=0o007).run()

make sure that the python scripts is run as a daemon when the system starts.


note that the script will not run in a chroot, but have access to the 
entire system, not just what is present in /var/www. beware.



If you're usign a UNIX-domain socket, you have to put it somewhere
inside the /var/www chroot; for example /var/www/run/<your-app>/fcgi.sock
and then instructs httpd to talk to it

        fastcgi {
                # note that this is relative to the /var/www chroot
                socket "/run/<your-app>/fcgi.sock"
        }


HTH
























					Reply via email to