This question already has answers here:
Where should I place the secret key in Flask?
(2 answers)
Closed 4 years ago.
I'm preparing to deploy a small Flask app that I've developed for internal use. I have an old laptop with Ubuntu Server 16.04, uWSGI and Nginx which I'll use for deployment.
OPTION 1
My current app setup has an instance/config.py file that I've kept out of version control. This file contains the following:
SECRET_KEY = ...
SQLALCHEMY_DATABASE_URI = ...
# Google 'client_id' and 'client_secret' for social authentication functionality.
The instance/config.py file is loaded as follows in app/__init__.py:
def create_app(config_name):
app = Flask(__name__, instance_relative_config=true)
app.config.from_object(app_config[config_name])
app.config.from_pyfile('config.py')
Is it safe to keep this same setup for production and thus have the instance/config.py file in the production server?
OPTION 2
Alternatively, should I be using environment variables? If this were the case, should I do something like so in wsgi.py:
os.environ['FLASK_CONFIG'] = 'production'
os.environ['SECRET_KEY'] = ...
os.environ['SQL_ALCHEMY_DATABASE_URI'] = ...
and then have the following in app/__init__.py:
def create_app(config_name):
if os.getenv('FLASK_CONFIG') == 'production':
app = Flask(__name__)
app.config.update(
SECRET_KEY=os.getenv('SECRET_KEY')
SQLALCHEMY_DATABASE_URI=os.getenv('SQLALCHEMY_DATABASE_URI')
)
else:
app = Flask(__name__, instance_relative_config=true)
app.config.from_object(app_config[config_name])
app.config.from_pyfile('config.py')
To answer the question, yes it's safe as long as your server is secure. Hopefully access is only allowed using a private key. If you're using a password to login, then that may be a problem.
It's a good idea to keep the actual file used to load configuration out of version control. I actually made a mistake with one of my servers where I did put config.py in version control and now I have to be careful each time I pull not overwrite the file.
One thing that you could do is to have a config file for each environment, say prod.py and dev.py, that are both checked in. Then create a pointer.py that is not checked into version control.
prod.py
SECRET_KEY = ...
SQLALCHEMY_DATABASE_URI = ...
...
pointer.py
from prod import SECRET_KEY, SQLALCHEMY_DATABASE_URI, ...
server.py
app.config.from_pyfile('pointer.py')
In dev, simply change the import statement to point to dev.py. You could also do from prod import *, but that isn't very good practice.
Related
I am trying to create a database for my Flask application in the main directory of my project. This is my code for initializing a database:
app.config["SQLALCHEMY_DATABASE_URI"] = 'sqlite:///users.db'
app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False
db = SQLAlchemy(app)
Flask requires application context, so this is how I create the database:
$ flask shell
>>> db.create_all()
I also tried doing it with:
$ python
>>> from app import app, db
>>> app.app_context().push()
>>> db.create_all()
Both of these options create the database in the /instance directory. Is there any way to get around this and create it in the main directory of the project?
The instance path is the preferred and default location for the database. I recommend you to use this one for security reasons. However, it is also possible to choose an alternative solution in which the full length of the path is specified in the configuration.
The following configuration corresponds to an outdated variant, where the database is created in the current working directory. Please don't use this anymore.
app.config['SQLALCHEMY_DATABASE_URI'] ='sqlite:///' + os.path.join(os.getcwd(), 'users.db')
This corresponds to the current solution.
app.config['SQLALCHEMY_DATABASE_URI'] ='sqlite:///' + os.path.join(app.instance_path, 'users.db')
I have recently built my rundeck server and created a DB using mariaDB and pointed rundeck to this. I followed the official documentation for this on the rundeck site. Since I have changed from the systemDB to mariaDB the service no longer starts.
My rundeck-config.properties file looks like this:
#loglevel.default is the default log level for jobs: ERROR,WARN,INFO,VERBOSE,DEBUG
loglevel.default=INFO
rdeck.base=/var/lib/rundeck
#rss.enabled if set to true enables RSS feeds that are public (non-authenticated)
rss.enabled=false
#change hostname here
grails.serverURL=http://IP OF SERVER:4440
dataSource.driverClassName=
dataSource.url = jdbc:mysql://IP OF SERVER/rundeck?autoReconnect=true&useSSL=false
dataSource.username = DB User
dataSource.password = Password
grails.plugin.databasemigration.updateOnStart=true
autoReconnect=true
#to store projects on backend
rundeck.projectsStorageType=db
#Encryption for key storage
rundeck.storage.provider.1.type=
rundeck.storage.provider.1.path=keys
rundeck.storage.converter.1.type=jasypt-encryption
rundeck.storage.converter.1.path=keys
rundeck.storage.converter.1.config.encryptorType=custom
rundeck.storage.converter.1.config.password=7ee99cf09ffc59e7
rundeck.storage.converter.1.config.algorithm=PBEWITHSHA256AND128BITAES-CBC-BC
rundeck.storage.converter.1.config.provider=BC
#Encryption for project config storage
rundeck.projectsStorageType=db
rundeck.config.storage.converter.1.type=jasypt-encryption
rundeck.config.storage.converter.1.path=projects
rundeck.config.storage.converter.1.config.password=7ee99cf09ffc59e7
rundeck.config.storage.converter.1.config.encryptorType=custom
rundeck.config.storage.converter.1.config.algorithm=PBEWITHSHA256AND128BITAES-CBC-BC
rundeck.config.storage.converter.1.config.provider=BC
rundeck.feature.repository.enabled=true
Can anyone help with this
A couple of things here:
Your dataSource.driverClassName is empty, set it to org.mariadb.jdbc.Driver, check the full example here.
Your rundeck.storage.provider.1.type is also empty, set it as rundeck.storage.provider.1.type=db.
I'm trying to implement custom XCOM backend.
Those are the steps I did:
Created "include" directory at the main Airflow dir (AIRFLOW_HOME).
Created these "custom_xcom_backend.py" file inside:
from typing import Any
from airflow.models.xcom import BaseXCom
import pandas as pd
class CustomXComBackend(BaseXCom):
#staticmethod
def serialize_value(value: Any):
if isinstance(value, pd.DataFrame):
value = value.to_json(orient='records')
return BaseXCom.serialize_value(value)
#staticmethod
def deserialize_value(result) -> Any:
result = BaseXCom.deserialize_value(result)
result = df = pd.read_json(result)
return result
Set at config file:
xcom_backend = include.custom_xcom_backend.CustomXComBackend
When I restarted webserver I got:
airflow.exceptions.AirflowConfigException: The object could not be loaded. Please check "xcom_backend" key in "core" section. Current value: "include.cust...
My guess is that it not recognizing the "include" folder
But how can I fix it?
*Note: There is no docker. It is installed on a Ubuntu machine.
Thanks!
So I solved it:
Put custom_xcom_backend.py into the plugins directory
set at config file:
xcom_backend = custom_xcom_backend.CustomXComBackend
Restart all airflow related services
*Note: Do not store DataFrames that way (bad practice).
Sources I used:
https://www.youtube.com/watch?v=iI0ymwOij88
I just installed dokku for the first time and I'm struggling with an apparently very simple problem... I made a sample python app that just logs an env variable:
import os
import time
API_TOKEN = os.getenv('API_TOKEN')
while True:
print(f'API_TOKEN is {API_TOKEN}')
time.sleep(1)
pass
With a Procfile as this:
worker: python temp.py
The deploy looks normal and successful, however if I try to look at the logs, dokku says
App <app name> has not been deployed .
Am I missing something very trivial?
Thanks in advance!
By default dokku only scales up the web process if it is present. Any workers or other processes are scaled to 0 otherwise known as "App < app name > has not been deployed"
To deploy your app you need to log onto the box and scale up the worker by running:
dokku ps:scale <app name> worker=1
change 1 to a larger number if you want more workers
If you often deploy the app to different dokku instances and have to search for this solution over and over again you can instead create a file in the root of your app called DOKKU_SCALE. In it you can set the default scale of all the proceses, like so:
worker=1
That reminds me, I need to go do that now. It is driving me nuts.
I've got my flex, php & zend project working fine on localhost but when I try to move it to production I get the following error:
Class "testService" does not exist: Plugin by name 'testService' was not found in the registry; used
paths:
: /home/myNewFolder/services/
#0 /home/ZendFramework/library/Zend/Amf/Server.php(550): Zend_Amf_Server->_dispatch('paged', Array,
'testService')
#1 /home/ZendFramework/library/Zend/Amf/Server.php(626): Zend_Amf_Server-
>_handle(Object(Zend_Amf_Request_Http))
#2 /home/myNewFolder/gateway.php(69): Zend_Amf_Server->handle()
#3 {main}
I've got my amf_config file as follows:
[zend]
webroot =/home/myNewFolder
zend_path =/home/ZendFramework/library
[zendamf]
amf.production = false
amf.directories[]=services
my .swf & services folder are located in "myNewFolder", which is located under the root of my directory.
I am using Zend version 1.9.4, Flex SDK 4.1. My localhost is windows & production host is Linux
two potential problems, the home on the server is not the path you think. Print home to screen to see what is there. Second, always, always use small letters. Too many problems arise when you write myApp, MyApp or Myapp. just write myapp, and do not worry again
Edit: wait a second, your services path is wrong. I assume it is under New Folder. Your amf directories should change to amf.directories[]=./services
Remember that Unix is case sensitive, and Windows doesn't so check the case, your file should be named testService.php, or TestService.php.