https://sleepmap.de/enContents © 2022 <a href="mailto:dave@sleepmap.de">David Runge</a> <a rel="license" href="https://creativecommons.org/licenses/by-nc-sa/4.0/">CC BY-NC-SA 4.0</a>Mon, 12 Dec 2022 10:30:50 GMTNikola (getnikola.com)http://blogs.law.harvard.edu/tech/rsshttps://sleepmap.de/2016/securely-serving-webapps-using-uwsgi/David Runge<div><div class="line-block"> <div class="line">Ever since I have been running my own <a href="https://archlinux.org" target="_blank">Arch Linux</a> box to serve my services, I used <a href="https://www.nginx.org/" target="_blank">nginx</a> in conjunction with <a href="https://projects.unbit.it/uwsgi" target="_blank">uWSGI</a>.</div> <div class="line">So instead of using <a href="https://php-fpm.org/" target="_blank">php-fpm</a> and be limited to just <a href="https://secure.php.net/" target="_blank">PHP</a>, I can use a single application server to do all of them (<a href="https://en.wikipedia.org/wiki/Common_Gateway_Interface" target="_blank">CGI</a>, <a href="https://www.python.org/" target="_blank">Python</a>, <a href="https://secure.php.net/" target="_blank">PHP</a> and even the stuff I don't use, such as <a href="https://rack.github.io/" target="_blank">Ruby Rack</a>, <a href="http://www.mono-project.com/" target="_blank">Mono</a>, <a href="https://www.java.com/en/" target="_blank">Java</a>, <a href="https://www.lua.org/" target="_blank">Lua</a>, <a href="https://www.perl.org/" target="_blank">Perl</a>, <a href="http://www.webdav.org/" target="_blank">WebDAV</a>). They are all separately installable as plugins.</div> <div class="line">Static sites, such as this, default to being served by <a href="https://www.nginx.org/" target="_blank">nginx</a> directly of course.</div> <div class="line">Over time I found <a href="https://projects.unbit.it/uwsgi" target="_blank">uWSGI</a> to be a very versatile and powerful piece of software that has many advantages (over e.g. <a href="https://httpd.apache.org/" target="_blank">Apache</a>):</div> </div> <ul class="simple"> <li><p>socket activation</p></li> <li><p>webapp encapsulation and jailing</p></li> <li><p>self-healing</p></li> <li><p>being able to separetely manage services</p></li> <li><p>exit after idle</p></li> </ul> <div class="line-block"> <div class="line">I'll explain the services I use (<a href="https://mantisbt.org/" target="_blank">MantisBT</a>, <a href="https://roundcube.net/" target="_blank">roundcube</a>, <a href="https://owncloud.org" target="_blank">ownCloud</a>, <a href="http://list.org/" target="_blank">Mailman</a>, <a href="https://github.com/claudehohl/Stikked" target="_blank">Stikked</a>, <a href="https://wordpress.org" target="_blank">Wordpress</a>, <a href="http://postfixadmin.sourceforge.net/" target="_blank">Postfixadmin</a>, <a href="https://www.phpmyadmin.net/" target="_blank">phpMyAdmin</a>, <a href="https://git.zx2c4.com/cgit/" target="_blank">cgit</a>, <a href="https://www.mediawiki.org/wiki/MediaWiki" target="_blank">MediaWiki</a>, <a href="http://etherpad.org" target="_blank">Etherpad</a> ) along with configuration examples and their possible pitfalls.</div> <div class="line">In my last post about <a class="reference external" href="https://sleepmap.de/2016/2016/lets-encrypt-it-all">Let's Encrypt</a> I already showed some examples on how to configure <a href="https://www.nginx.org/" target="_blank">nginx</a> for the use with <a href="https://projects.unbit.it/uwsgi" target="_blank">uWSGI</a>. Let's jump right in.</div> </div> <p><a href="https://sleepmap.de/2016/securely-serving-webapps-using-uwsgi/">Read more…</a> (20 min remaining to read)</p></div>application serverarch linuxcgitmediawikinginxowncloudphppythonredisroundcubesecuritysocketssystemduwsgiwebappswordpresshttps://sleepmap.de/2016/securely-serving-webapps-using-uwsgi/Sat, 08 Oct 2016 07:00:00 GMThttps://sleepmap.de/2016/lets-encrypt-it-all/David Runge<div><div class="line-block"> <div class="line">For a couple of months now I have been using <a href="https://letsencrypt.org" target="_blank">Let's Encrypt</a> to generate free and valid certificates for all the services I run.</div> <div class="line">In many places the free <a href="https://en.wikipedia.org/wiki/Certificate_authority" target="_blank">Certificate Authority</a> (short CA) has spread like wild-fire. From small to large scale services, many adopted it and <a href="https://letsencrypt.org/2016/03/08/our-millionth-cert.html" target="_blank">the amount of issued certificates has grown over 1 million in just four months</a>.</div> <div class="line">As a visitor to this website you have probably noticed the small green lock sign next to the address bar. The certificate used for this website is accepted to be valid by your browser (and also by your operating system).</div> <div class="line">If you're up for some background knowledge, just read on. If you're up for some hands-on technical stuff, <a class="reference external" href="https://sleepmap.de/2016/lets-encrypt-it-all/#letsencrypt-howto">jump right on to the howto</a>.</div> <div class="line">Just note: This is a veeeeeeery long article in any case.</div> </div> <p><a href="https://sleepmap.de/2016/lets-encrypt-it-all/">Read more…</a> (16 min remaining to read)</p></div>acmearch linuxcertbotcertificatedovecothidden serviceletsencryptnginxopensslowncloudpostfixprosodyroundcubesecuritysslsystemdtlsvpnhttps://sleepmap.de/2016/lets-encrypt-it-all/Thu, 29 Sep 2016 18:00:00 GMT