services and redis authentication #10
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ment improvements This commit introduces a comprehensive production-ready deployment system with systemd service integration, centralized configuration, and operational improvements. New Features: - redis_connector.py: Centralized Redis connection management with support for environment variables, CLI args, TLS, authentication, password files, and configurable connection options - Systemd service units for action_dispatcher, dispatcher_webmonitor, and templated action_server@ instances with hardening (NoNewPrivileges, PrivateTmp, ProtectSystem, ProtectHome) - install.sh: Automated installer script for setting up services with configurable user/path, virtualenv creation, and dependency installation - nginx-dispatcher.conf: Production-ready Nginx reverse proxy configuration with upstream pooling, WebSocket support, and security headers - requirements.txt: Python dependency declarations (redis, Flask, gunicorn, gevent) - rdispatch.env.example: Sample environment configuration file Core Improvements: - Replaced hardcoded sys.argv parsing with argparse across all entry points - Converted debug print() statements to structured logging with --log-level CLI option - Added graceful shutdown handlers (SIGTERM/SIGINT) to dispatcher - Robust error handling in Redis connector (file I/O, connection failures, auth) - Parameterized service files using %INSTALL_USER% and %INSTALL_PATH% placeholders Configuration Changes: - action_dispatcher.py: Now uses redis_connector, argparse, and logging - action_server.py: Accepts Redis object, uses logging, --log-level support - dispatcher_webmonitor.py: Uses redis_connector.connect_from_env(), logging - show_log.py: Migrated to argparse, redis_connector, and logging - Gunicorn settings: 4 workers, 120s timeout, 600s keepalive, bind to 127.0.0.1:5000 Service Architecture: - [email protected]: Templated unit supporting instances like action_server@my_server:1 for scalable server deployment - All services use journald logging, environment files, and systemd best practices - Services bind web monitor to localhost only, requiring reverse proxy for external access Documentation: - README.md: Added installation instructions, configuration guide, service management examples, and Nginx setup documentation Breaking Changes: - action_server.py main() signature changed to accept Redis object instead of host string - Redis connection now requires explicit configuration via CLI args or environment - action_server_my_server_1.service removed in favor of templated [email protected]
Contributor
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi -
I made a whole bunch of changes to add authentication for redis and provide systemd services files. A few of them are BREAKING changes - named arguments to some of the scripts. If you would like to discuss, prior to, or instead of merging I totally understand and would be happy to.
There are pretty good comments in some of the commits.
A lot of the code was written / suggested by chatGPT, but I did look at it pretty closely.
-Josh