ComputerTech312
720b89a296
- Updated gunicorn.conf.py to read host/port from config.json - Added gunicorn section to config.json for server settings - Created start_gunicorn.py as alternative launcher - Updated config.json with server settings (127.0.0.1:6969) - Updated documentation with new startup options
2.6 KiB
2.6 KiB
ircquotes Production Deployment
Configuration Management
Configuration File: config.json
All application settings are now centralized in config.json. You can easily modify:
- App settings (host, port, debug mode)
- Database configuration (URI, connection pool settings)
- Security settings (CSRF, session cookies, security headers)
- Rate limiting (per-endpoint limits)
- Quote settings (length limits, pagination)
- Admin credentials
- Feature toggles
Viewing Current Configuration
python config_manager.py
Updating Configuration
# Change port
python config_manager.py app.port 8080
# Change quotes per page
python config_manager.py quotes.per_page 50
# Disable CSRF (not recommended)
python config_manager.py security.csrf_enabled false
# Change rate limits
python config_manager.py rate_limiting.endpoints.login "10 per minute"
Running with Gunicorn (Production)
Quick Start - Uses config.json settings
# Activate virtual environment
source .venv/bin/activate
# Install dependencies
pip install -r requirements.txt
# Option 1: Run with config file (recommended - uses config.json)
gunicorn --config gunicorn.conf.py app:app
# Option 2: Run with Python launcher (also uses config.json)
python start_gunicorn.py
Manual Gunicorn Commands (ignores config.json)
Basic production run:
gunicorn -w 4 -b 127.0.0.1:6969 app:app
With more workers (for higher traffic):
gunicorn -w 8 -b 127.0.0.1:6969 --timeout 30 app:app
Behind a reverse proxy (nginx/apache):
gunicorn -w 4 -b 127.0.0.1:6969 app:app
Environment Variables for Production
export FLASK_ENV=production
Security Notes
- All major security vulnerabilities have been fixed
- CSRF protection enabled
- XSS protection with output escaping
- SQL injection prevention
- Rate limiting on all endpoints
- Secure session configuration
- Security headers added
Admin Access
- Username: Configurable in
config.json(default: admin) - Password: Use the Argon2 hashed password in
config.json
Configuration Examples
High-Traffic Setup
{
"quotes": {
"per_page": 50
},
"rate_limiting": {
"endpoints": {
"vote": "120 per minute",
"search": "60 per minute"
}
}
}
Development Setup
{
"app": {
"debug": true,
"port": 5000
},
"security": {
"session_cookie_secure": false
},
"logging": {
"level": "DEBUG"
}
}
Production Security Setup
{
"security": {
"session_cookie_secure": true,
"csrf_enabled": true
},
"logging": {
"level": "WARNING"
}
}