Bug#998319: tryton-server: Should provide a ready-to-use production-grade server config

2021-11-03 Thread Raphael Hertzog 
Hi,

On Tue, 02 Nov 2021, Mathias Behrle wrote:
> A robust production grade setup will run the Tryton server not only behind a
> reverse proxy, but inside a wsgi server.
> 
> My prefered concept for the solution would be two additional packages:
> 
> tryton-server-uwsgi
> tryton-server-nginx
> 
> which would also need some changes to the tryton-server package itself to
> integrate well.

I don't have any strong preference. In distro-tracker, I provide vhosts
for apache and for nginx. I think it's useful to support both as you might
want to install on a server where something is already running.

However, the WSGI server is really open. For distro-tracker I opted to use
gunicorn with nginx and libapache2-mod-wsgi-py3 with apache.

> Documentation only has some problems:
> 
> - Often it is not read.
> - It is difficult to provide solutions matching different needs. At the end 
> you
>   get the question again: What to do with reverse proxy only, what to do with
>   wsgi backend, which backends to choose, etc.?
>   The mentioned packages would/should at least provide a basic working start
>   setup without too much manual steps.

Make some sane default choices and make it easy to follow your choices. If
users want something else, they can always override and change the setup.

Regards,
-- 
Raphaël Hertzog ◈ Freexian SARL ◈ Tel: +33 (0)6 88 21 35 47
https://www.freexian.com


signature.asc
Description: PGP signature

Bug#998319: tryton-server: Should provide a ready-to-use production-grade server config

2021-11-02 Thread Raphaël Hertzog 
Package: tryton-server
Version: 5.0.39-1
Severity: normal
X-Debbugs-Cc: raph...@freexian.com

When I deployed tryton-server, I simply followed the advice of
README.Debian and relied on the provided systemd service file
but now after having filed https://bugs.tryton.org/issue10921
I realize that it's (no longer?) the recommended way of deploying
the tryton server.

It would be nice if the Debian package could document a production-grade
way to deploy it and if it could provide everything required to make this
trivial (maybe some apache/nginx config snippet that we can include in a
new virtual host to configure the WSGI handler, or similar).

-- System Information:
Debian Release: bookworm/sid
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'oldoldstable'), (500, 
'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.14.0-2-amd64 (SMP w/16 CPU threads)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages tryton-server depends on:
ii  adduser3.118
ii  init-system-helpers1.60
ii  lsb-base   11.1.0
pn  python 
pn  python-dateutil
pn  python-genshi  
pn  python-lxml
pn  python-pkg-resources   
pn  python-polib   
pn  python-relatorio   
pn  python-sql 
pn  python-werkzeug
pn  python-wrapt   
ii  python33.9.2-3
ii  python3-bcrypt 3.2.0-1
ii  python3-dateutil   2.8.1-6
pn  python3-genshi 
ii  python3-lxml   4.6.3+dfsg-1
pn  python3-passlib
ii  python3-pkg-resources  58.2.0-1
pn  python3-polib  
pn  python3-relatorio  
pn  python3-sql
pn  python3-werkzeug   
ii  python3-wrapt  1.12.1-4+b1

Versions of packages tryton-server recommends:
ii  libreoffice-calc 1:7.2.2-1
ii  libreoffice-writer   1:7.2.2-1
ii  postgresql   14+231
pn  python-bcrypt
pn  python-levenshtein   
pn  python-psycopg2  
pn  python-pydot 
pn  python3-gevent   
ii  python3-html2text2020.1.16-1
ii  python3-levenshtein  0.12.2-2
ii  python3-pil  8.3.2-1
ii  python3-psycopg2 2.9.1-1
ii  python3-pydot1.4.2-1
pn  python3-weasyprint   
ii  ssl-cert 1.1.0+nmu1
ii  unoconv  0.7-2

Versions of packages tryton-server suggests:
ii  postgresql-client-13 [postgresql-client]  13.4-3
ii  postgresql-client-14 [postgresql-client]  14.0-1
pn  python-sphinx 
ii  python3-sphinx4.2.0-5
hi  tryton-client 5.0.33-1
pn  tryton-modules-all
pn  tryton-server-doc