I'm trying to deploy a Django app on a CentOS 7 server (hosted at
WHM/cPanel), but I'm running into some difficulties. I've tried reading the
docs and as many guides/forum topics as I could, but I must still be
missing something crucial, because I can't seem to figure out what is going
wrong. Note that I don't have any real experience working with web servers
up until now, so I might be overlooking something obvious.
Some information about my system:
Server version: Apache/2.4.33 (cPanel)
~/.conda/envs/djangotest/bin/mod_wsgi-express
mod-wsgi 4.6.4 <pip>
Python 3.6.5 :: Anaconda, Inc.
I'll list the steps I've undertaken so far. Unless specified, all these
actions were performed via SSH as a non-root user. For demonstration
purposes, I've created a brand new Django app as a minimal reproducible
example (basically, what is outlined here:
https://www.digitalocean.com/community/tutorials/how-to-serve-django-applications-with-apache-and-mod_wsgi-on-centos-7,
and here:
https://docs.djangoproject.com/en/2.0/howto/deployment/wsgi/modwsgi/).
Ideally, I'd like to deploy the final app via the main Apache installation
(or alternatively via mod_wsgi-express's setup-only option) and serve it
over HTTPS.
1. Create a new subdomain `test` inside the cPanel webpanel.
2. Create a new directory `/home/user/public_html/test/myproject`,
3. As root, install miniconda at `/opt/miniconda3/`.
4. As a regular user, create a new conda environment `djangotest` (with
python3, pip and django) and install `mod_wsgi` via `pip`
(https://pypi.org/project/mod_wsgi/). Path:
`/home/user/.conda/envs/djangotest/`. The reason for using the pip version
is that CentOS' repoistory version (`yum install ea4-experimental
ea-apache24-mod_wsgi`) is compiled against python2.7, which from what I've
gathered wouldn't work if your Django app uses python3. While installing
`mod_wsgi` via pip, the following packages were also installed via yum:
`ea-apache24-devel libxml2-devel libxml++-devel python-devel`.
5. Start a new Django project at
`/home/user/public_html/test/myproject`: `django-admin.py startproject
myproject .`. Add `STATIC_ROOT = os.path.join(BASE_DIR, "static/")` to the
`settings.py` file. Collect all static files via `python manage.py
collectstatic`, `python manage.py makemigrations` and `python manage.py
migrate`. And finally add my domain to ALLOWED_HOSTS in the settings.py
file.
At this point, I can run a development server via `./manage.py runserver
0.0.0.0:8000` and access it at `test.domain.com:8000`.
Now, moving on to mod_wsgi:
1. I added 'mod_wsgi.server' to the INSTALLED_APPS list of my
settings.py file.
2. I can make both the HTTP and HTTPS site reachable by using
`python manage.py runmodwsgi --port=8001 --server-name test.domain.com
--https-port=8002 --ssl-certificate-file
/home/user/ssl/certs/test_domain_com_#####.crt --ssl-certificate-key-file
/home/user/ssl/keys/#####.key --access-log`
. Side-question: I actually found multiple .crt files for this
subdomain, am I supposed to use a specific one?
This command runs successfully (although I do have to add a security
exception for the https version on port 8002). I can't run it without
specifying any ports, because then my main apache complains that ports
80/443 are already in use. So my first question is, how do I disable these
ports and use 80/443 via mod_wsgi-express?
As I understand, to automate things it's better to use the `setup-only`
version of mod_wsgi-express. I added the following options to the above
command and ran it as root: `--setup-only --user nobody --group nobody
--server-root=/etc/mod_wsgi-express-test`. Again, this works for
non-default ports, but not for 80/443. Interestingly, I also noticed I
can't use port 8000 if I'm running mod_wsgi-express on the same port for
another subdomain.
Finally, I tried integrating everything into my main apache install. cPanel
uses an include file for use subdomain's virtualhost directive:
```
Alias /static /home/user/public_html/django/myproject/static
<Directory /home/user/public_html/django/myproject/static>
Require all granted
</Directory>
<Directory /home/user/public_html/django/myproject/myproject>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
WSGIDaemonProcess djangotest socket-user=user
python-home=/home/user/.conda/envs/djangotest
WSGIProcessGroup djangotest
WSGIScriptAlias / /home/user/public_html/django/myproject/myproject/wsgi.py
```
I also added this to the `pre_main_global` conf file (generated by
`mod_wsgi-express module-config`) and verified that mod_wsgi is being
picked up by apache (`httpd -M`).
```
LoadModule wsgi_module
"/home/user/.conda/envs/app/lib/python3.6/site-packages/mod_wsgi/server/mod_wsgi-py36.cpython-36m-x86_64-linux-gnu.so"
WSGIPythonHome "/home/user/.conda/envs/djangotest"
```
After rebuilding httpd.conf and restarting apache, I'm greeted by my site's
HTML index. I can't find any errors in the error_log though.
-------------------
I then moved on to my actual django app.
The interactive `python manage.py runmodwsgi` works fine, as long as I
don't try to use port 80/443.
The `setup-only` method fails however:
```
[Wed Jun 27 16:03:06.675478 2018] [ssl:warn] [pid 33391] AH01909:
localhost:8443:0 server certificate does NOT include an ID which matches
the server name
[Wed Jun 27 16:03:06.684517 2018] [ssl:warn] [pid 33393] AH01873: Init:
Session Cache is not configured [hint: SSLSessionCache]
[Wed Jun 27 16:03:06.685467 2018] [ssl:warn] [pid 33393] AH01909:
localhost:8443:0 server certificate does NOT include an ID which matches
the server name
[Wed Jun 27 16:03:06.686555 2018] [mpm_prefork:notice] [pid 33393] AH00163:
Apache/2.4.33 (cPanel) mod_wsgi/4.6.4 Python/3.6 OpenSSL/1.0.2o configured
-- resuming normal operations
[Wed Jun 27 16:03:06.686586 2018] [core:notice] [pid 33393] AH00094:
Command line: 'httpd (mod_wsgi-express) -f
/etc/mod_wsgi-express-app/httpd.conf -D MOD_WSGI_VIRTUAL_HOST -D
MOD_WSGI_WITH_HTTPS -D MOD_WSGI_HTTPS_ONLY -D MOD_WSGI_ACCESS_LOG -D
MOD_WSGI_MPM_ENABLE_PREFORK_MODULE -D MOD_WSGI_MPM_EXISTS_PREFORK_MODULE'
[Wed Jun 27 16:03:06.752358 2018] [wsgi:error] [pid 33394] mod_wsgi
(pid=33394): Failed to exec Python script file
'/etc/mod_wsgi-express-app/handler.wsgi'.
[Wed Jun 27 16:03:06.752434 2018] [wsgi:error] [pid 33394] mod_wsgi
(pid=33394): Exception occurred processing WSGI script
'/etc/mod_wsgi-express-app/handler.wsgi'.
[Wed Jun 27 16:03:06.753427 2018] [wsgi:error] [pid 33394] Traceback (most
recent call last):
[Wed Jun 27 16:03:06.753478 2018] [wsgi:error] [pid 33394] File
"/etc/mod_wsgi-express-app/handler.wsgi", line 94, in <module>
[Wed Jun 27 16:03:06.753484 2018] [wsgi:error] [pid 33394]
recorder_directory=recorder_directory)
[Wed Jun 27 16:03:06.753494 2018] [wsgi:error] [pid 33394] File
"/home/user/.conda/envs/app/lib/python3.6/site-packages/mod_wsgi/server/__init__.py",
line 1391, in __init__
[Wed Jun 27 16:03:06.753499 2018] [wsgi:error] [pid 33394]
__import__(entry_point)
[Wed Jun 27 16:03:06.753524 2018] [wsgi:error] [pid 33394]
ModuleNotFoundError: No module named 'internal_app_module'
```
Froms the docs, PyCon AU 2010 slides and various threads I've gathered that
my apache user might not have access to my home directory if I use the
express module (in contrast to integrating mod_wsgi into my system-wide
apache install that is run by root). Suggestions range from adding o+rx
permissions on specific files, making the entire home directory 755 (which
seems like a security hazard?) or installing the environment somewhere
else.
I opted for the latter and created a new environment (virtualenv this time
around, to also exclude any conda-shennanigans from messing up things)
inside `/opt/virtualenvtest`. This results in a different error:
```
[Wed Jun 27 16:06:35.925225 2018] [ssl:warn] [pid 33589] AH01909:
localhost:8443:0 server certificate do
es NOT include an ID which matches the server name
[Wed Jun 27 16:06:35.934826 2018] [ssl:warn] [pid 33591] AH01873: Init:
Session Cache is not configured
[hint: SSLSessionCache]
[Wed Jun 27 16:06:35.935537 2018] [ssl:warn] [pid 33591] AH01909:
localhost:8443:0 server certificate do
es NOT include an ID which matches the server name
[Wed Jun 27 16:06:35.936611 2018] [mpm_prefork:notice] [pid 33591] AH00163:
Apache/2.4.33 (cPanel) mod_w
sgi/4.6.4 Python/3.6 OpenSSL/1.0.2o configured -- resuming normal operations
[Wed Jun 27 16:06:35.936661 2018] [core:notice] [pid 33591] AH00094:
Command line: 'httpd (mod_wsgi-expr
ess) -f /etc/mod_wsgi-express-app/httpd.conf -D MOD_WSGI_VIRTUAL_HOST -D
MOD_WSGI_WITH_HTTPS -D MOD_WS
GI_HTTPS_ONLY -D MOD_WSGI_ACCESS_LOG -D MOD_WSGI_MPM_ENABLE_PREFORK_MODULE
-D MOD_WSGI_MPM_EXISTS_PREFOR
K_MODULE'
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ModuleNotFoundError: No module named 'encodings'
Current thread 0x00007f57ca144880 (most recent call first):
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ModuleNotFoundError: No module named 'encodings'
Current thread 0x00007f57ca144880 (most recent call first):
[Wed Jun 27 16:06:36.937821 2018] [core:notice] [pid 33591] AH00052: child
pid 33592 exit signal Aborted
(6)
[Wed Jun 27 16:06:36.938559 2018] [core:notice] [pid 33591] AH00052: child
pid 33593 exit signal Aborted
(6)
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ModuleNotFoundError: No module named 'encodings'
Current thread 0x00007f57ca144880 (most recent call first):
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ModuleNotFoundError: No module named 'encodings'
Current thread 0x00007f57ca144880 (most recent call first):
[Wed Jun 27 16:06:37.940557 2018] [core:notice] [pid 33591] AH00052: child
pid 33595 exit signal Aborted (6)
[Wed Jun 27 16:06:37.941081 2018] [core:notice] [pid 33591] AH00052: child
pid 33596 exit signal Aborted (6)
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ModuleNotFoundError: No module named 'encodings'
Current thread 0x00007f57ca144880 (most recent call first):
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ModuleNotFoundError: No module named 'encodings'
```
Google taught me that this could be related to a messed up PYTHONHOME
variable, but from what I can tell, the virtualenv works as intended (i.e.
I can import everything I need, including encodings, in an interactive
python session.)
So I'm at a loss here! Summary of my issues:
- `setup-only` method leads to import errors for custom python packages,
but not for a bare-bones django project
- interactive and `setup-only` method can't override port 80/443
- integration into system-wide apache install fails
Any help would be much appreciated!
--
You received this message because you are subscribed to the Google Groups
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.
