linux - File permissions for Django: Gunicorn, Nginx, and Static Files -

-

I have a standard Ubuntu 14.04 machine. I use it daily under user mh00h . I'm interested in using this machine as a production server. How can I manage file permissions for Django and Nginx?

Nginx is currently configured to run under www-data: www-data . This reduces the risk of the rest of a machine. Django / gunicorn should be similarly run under a user other than mh00h . But what under the user can actually run Gunocorn? Any , right?

Next: I am storing all my web development files under / home / mh00h / development . Owned by mh00h / home / mh00h / development / project1 (all directories / files but / media and / static) ? Owned by mh00h I do the best practice of the two-pick of the Django to create a project directory with stable files inside it. Of course, now NGX will now have / home / mh00h / development / project1 / project1 / Static because all of those root directories are mh00h , not Www-data (. / Static Is owned by www-data ).

To make this case complicated, virtualenvwrapper creates my virtual environment under /home/mh00h/.virtualenvs/ .

I have two scoops best practices and store / static separate / var / www , because I have all these directories well on any other server But later I want to be packed together for easy transportation.

  1. Where should my static files be stored?
  2. Where do the dozens of specific files should be stored?
  3. Which user / group should be able to use 1 and 2?
  4. Where should the VirtualWorwer environment be stored?
  5. What permissions should these locations have?

    Thank you.

    All our files and directories output environment with 755/644 file permissions root: root < / Code>, unless otherwise necessary. Some private files (private keys, etc.) are read only by the user / process, while they are still descriptive by the root .

    For project structure: All our projects have a dedicated directory under /srv/www/vhosts.d/ . Virtual environments are submitted under / srv / www / virtualenvs . It is entirely possible to store them in your home folder, but I think this central approach is more with the idea of ​​the server to produce the right settings, all virtual envs are also available by all users.

    Many of our main project directories (manage.py and many deployment / update scripts) are included in the forward division outside subdirectores and it is: ie the web are public files, Src frontend contains the source folder included in the template folder and the saab folder. The entire project directory is included in the GIT repository, but deployment-specific files (user uploaded files, search index, encryption key) are all in the .git-ignore .

    Runs our NGN process as www-data . Normally each Django project has its own user, and the gunicorn process runs as user.

Comments

Post a Comment

Popular posts from this blog

ios - Adding an SKSpriteNode to SKScene from a child SKSpriteNode -

-
I have a SKScene where I am adding an SKSpriteNode I have subclassed the SKSpriteNode class to create this node. In the subclass I am defining some SKActions on Sprite. What do I want to do when the end of this phantom ends the SKAction sequence, then I add a new Prayer node to this scene. How is this possible. The following code is mine: The code for the sequence is that I'm running on the Scansprinitode subclass (TEMissileNode): - SKAction * moveDown = [SKAction moveToY: Self.position.y - 20 Duration: 0.2]; SKAction * animation = [SKAction animateWithTextures: textures timePerFrame: time / 7]; SKAction * moveMissileProjectile = [SKAction Moving: Pointoffscreen Term: Time]; SKAction * group = [SKAction group: @ [animation, movement projectile]]; SKAction * Sequence = [SKAction Sequence: @ [Hilldown, Group, [SKAction removalFromParent]]]; [Self run action: sequence]; From the main scene, I call those actions that execute these tasks TEMissileNode * missile = [tmissil...
Read more

Matlab transpose a table vector -

-
An embarrassing simple question seems to be, but how can I move a Matlab table vector? aTableT = aTable '; I tried a standard syntax for the simple interaction of a line vector to a line vector aTable : ATableT = reshape (aTable, 1, Height (aTable)); and aTableT = rot90 (aTable); According to the head, the last time table should work for table, see. However, I get this error code: Error type in using table / permit (line 396) Undefined function 'permute' for the input arguments. Error in rot 90 (line 29) b = magnitude (b, [2 1 3: ndims (a)]); NB: fliplr is not useful either pretty sure I have covered clear angles - any ideas? Thanks! Try changing your table into an array, move it, then back to a table In other words, try doing this: aTableArray = table2array (aTable); ATableT = array 2table (aTableArray. '); I have also read the document for rot90 , and it says that rot90 is definitely working for tables Do, and I find you...
Read more

c# - Textbox not clickable but editable -

-
I have a small form with 10 text boxes, I have set them in the correct tab order. I want them on my tab service I was wondering if there is a way to set the text box so that they can be selected for editing until they are tabbed. That is ... I do not want the end user to edit the text box to click on them, I just want to make them editable through tabu. this should do the trick public partial category poor text box: Text Box {Safe Override Zero WndProc (Ref: Message Message) {if (m.msg == (Int) WM.LBUTTONDOWN) {Return; // mount down events} base.WndProc (ref m); }} Window message enum can be found. How to do this without anherizing: text box : class EatMouseDown: netwindows {safe override zero WndProc (ref message message) {if (m.msg == (int) WM.LBUTTONDOWN) {return; } Base.WandProc (Ref M); }} Safe Override Zero Onload (EventEurge E) {base.OnLoad (e); How to do this without any part: left a clean part, whatever is important, this can be a buggy but it works R...
Read more