computertech/ircquotes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
36e0ab9a88e192be1b46598ba9cce502a0a5d65b
ircquotes/DEPLOYMENT.md
ComputerTech312 720b89a296 Make Gunicorn respect config.json settings 
- Updated gunicorn.conf.py to read host/port from config.json
- Added gunicorn section to config.json for server settings
- Created start_gunicorn.py as alternative launcher
- Updated config.json with server settings (127.0.0.1:6969)
- Updated documentation with new startup options
2025-09-20 20:25:36 +01:00

133 lines
2.6 KiB
Markdown
Raw Blame History

# ircquotes Production Deployment
## Configuration Management
### Configuration File: `config.json`
All application settings are now centralized in `config.json`. You can easily modify:
- **App settings** (host, port, debug mode)
- **Database configuration** (URI, connection pool settings)
- **Security settings** (CSRF, session cookies, security headers)
- **Rate limiting** (per-endpoint limits)
- **Quote settings** (length limits, pagination)
- **Admin credentials**
- **Feature toggles**
### Viewing Current Configuration
```bash
python config_manager.py
```
### Updating Configuration
```bash
# Change port
python config_manager.py app.port 8080
# Change quotes per page
python config_manager.py quotes.per_page 50
# Disable CSRF (not recommended)
python config_manager.py security.csrf_enabled false
# Change rate limits
python config_manager.py rate_limiting.endpoints.login "10 per minute"
```
## Running with Gunicorn (Production)
### Quick Start - Uses config.json settings
```bash
# Activate virtual environment
source .venv/bin/activate
# Install dependencies
pip install -r requirements.txt
# Option 1: Run with config file (recommended - uses config.json)
gunicorn --config gunicorn.conf.py app:app
# Option 2: Run with Python launcher (also uses config.json)
python start_gunicorn.py
```
### Manual Gunicorn Commands (ignores config.json)
**Basic production run:**
```bash
gunicorn -w 4 -b 127.0.0.1:6969 app:app
```
**With more workers (for higher traffic):**
```bash
gunicorn -w 8 -b 127.0.0.1:6969 --timeout 30 app:app
```
**Behind a reverse proxy (nginx/apache):**
```bash
gunicorn -w 4 -b 127.0.0.1:6969 app:app
```
### Environment Variables for Production
```bash
export FLASK_ENV=production
```
## Security Notes
- All major security vulnerabilities have been fixed
- CSRF protection enabled
- XSS protection with output escaping
- SQL injection prevention
- Rate limiting on all endpoints
- Secure session configuration
- Security headers added
## Admin Access
- Username: Configurable in `config.json` (default: admin)
- Password: Use the Argon2 hashed password in `config.json`
## Configuration Examples
### High-Traffic Setup
```json
{
"quotes": {
"per_page": 50
},
"rate_limiting": {
"endpoints": {
"vote": "120 per minute",
"search": "60 per minute"
}
}
}
```
### Development Setup
```json
{
"app": {
"debug": true,
"port": 5000
},
"security": {
"session_cookie_secure": false
},
"logging": {
"level": "DEBUG"
}
}
```
### Production Security Setup
```json
{
"security": {
"session_cookie_secure": true,
"csrf_enabled": true
},
"logging": {
"level": "WARNING"
}
}
```
Reference in New Issue View Git Blame Copy Permalink