On 25/01/2008, Lukasz Szybalski <[EMAIL PROTECTED]> wrote:
> > > - I also put myfirstapp.wsgi in /var/www/myfirstapp/myfirstapp.wsgi
> > > -Prod.cfg in /var/www/myfirstapp/prod.cfg
> >
> > One would have to be careful about putting TG configuration there,
> > especially if it contains sensitive information such as database
> > passwords. The reason is that a misconfiguration of Apache could
> > result in the configuration file being downloadable by people thereby
> > exposing the sensitive information.
>
> I see your point. /var/www/ is indeed accessible from outside and
> anything that is in it.
> I will change it /usr/local/turbogears/myfirstapp/ then.
>
> > > - Server.log is also in /var/www/myfirstapp/server.log (I am not sure
> > > if this will be needed since I will be able to use apache logs to
> > > monitor my app? Correct?) (If that is the case who knows how to
> > > disable tg logs?)
> >
> > As with configuration files and main application Python code, don't
> > put logs in document tree as misconfiguration could result in it being
> > able to be downloaded, thus revealing sensitive information.
> >
> > As to disabling logging, the config option:
> >
> > turbogears.config.update({'global': {'server.log_to_screen': False}})
>
> I have this set already.
>
>
> > in WSGI script file should disable various TG logging so am not sure
> > where you log file comes into it. What is the option on configuration
> > where you are defining it? Maybe you shouldn't be defining that
> > configuration option to begin with.
>
> prod.cfg settings on server.log:
>
> [[[access_out]]]
> # set the filename as the first argument below
> args="('/usr/local/turbogears/myfirstapp/server.log',)"
> class='FileHandler'
> level='INFO'
> formatter='message_only'
>
> [[loggers]]
> [[[myfirstapp]]]
> level='ERROR'
> qualname='myfirstapp'
> handlers=['error_out']
>
> [[[access]]]
> level='INFO'
> qualname='turbogears.access'
> handlers=['access_out']
> propagate=0
>
> Shouldn't the access_out be pointing to apache access.log? How would I
> change it to do that?
Okay, you are using 'logging' module.
Most likely don't setup a FileHandler and instead allow it to log to
default of sys.stderr instead. This will automatically end up in
Apache error log.
> Actually disabling it would be better I think or sending it to
> /var/log/apache/warn.log assuming this would be handled by apache?
Okay, what I said above. :-)
> > > -Now I run into problem where my app www.example.com/myfirstapp has a
> > > login link that points to www.example.com/login How do I tell tg or
> > > wsgi to use www.example.com/myfirstapp/login?
> >
> > Possibly see:
> >
> > http://code.google.com/p/modwsgi/wiki/IntegrationWithTurboGears
> >
> > it talks in there about mounting TG application on subURL of site.
> I have the settings set to:
> turbogears.config.update({'global': {'server.webpath': '/myfirstapp'}})
>
> The actual url works example.com/myfirstapp/login but I guess there is
> a bug in html of master.kid in which there is a link href="/login"
> instead of webpath+'/login'
Or not using URL functions as described in:
http://docs.turbogears.org/1.0/GettingStarted/URLs
as referenced from that mod_wsgi document.
> > Look for:
> >
> > http://code.google.com/p/modwsgi/wiki/IntegrationWithTurboGears
> >
> > and the WSGI application wrapper to do SCRIPT_NAME fiddles.
> I don't really get the SCRIPT NAME setting, what should I use it for?
In WSGI SCRIPT_NAME is the mount point of the application. TG ignores
this and uses instead its server.webpath configuration option. For
this to work, seems though that WSGI SCRIPT_NAME has to be set to be
empty.
In other words, TG is not a WSGI compliant application and doing this
is to work around that fact.
> I wasn't able to find how to setup myfirstapp.example.com to be an
> access point for my app. Would that be an apache setting or wsgi?
> Could you point me to the right documentation.
In your VirtualHost for myfirstapp.example.com just use
WSGIScriptAlias with mount point as '/'. This is the first example in:
http://code.google.com/p/modwsgi/wiki/IntegrationWithTurboGears
> Other then that the tg seem to be working. I'll convert my real
> applications over the weekend and will see how it goes.
>
> As far as debuggin goes. If I set this to true:
> turbogears.config.update({'global': {'server.log_to_screen': True}})
> will errors if any show up on the actual page i'm accessing
> example.com/myfirstapp ??
As far as I know, this just controls whether details of requests are
logged. Ie., equivalent to Apache access log. When it says
log_to_screen it actually means sys.stdout and nothing to do with
stuff being showed in a response page.
If you want tracebacks to appear in a error response page rather than
generic 500 error page, see error catching WSGI middleware in:
http://code.google.com/p/modwsgi/wiki/DebuggingTechniques
Graham
> I updated my manual on mod_wsgi and turbogears:
> http://lucasmanual.com/mywiki/TurboGears#head-36b7eef1526da4fe58c73738c925f34f6bc93c1d
>
> Thanks,
> Lucas
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/turbogears?hl=en
-~----------~----~----~----~------~----~------~--~---
