3.25. uwsgi
If Nginx is on the same system a UNIX socket will be used. Therefore a group uwsginginx is created and both gnuhealth & ẁwww-data have to be part of that group. Otherwise you would either have a world-writable socket or could not access your server.
Besides the uwsgi protocol can be used by Nginx if systems are separated but the intranet considered secure.
Alternatively uWSGI can also provide HTTPS.
The uWSGI configuration contains two parts: Necessary steps for getting it running and optional recommendations for productive use of this source (not enabled by default):
https://www.bloomberg.com/company/stories/configuring-uwsgi-production-deployment/
The template uwsgi.ini.j2 contains many configuration options that were already commented inside. Worth to note is the harakiri option: It kills workers if a request exceeds the threshold of currently 600s. This is intended to prevent having numerous idle workers but could raise problems as well.
Finally uWSGI will be managed by systemd: A .service file will be copied and the service enabled so it always starts after booting. If running FreeBSD a rc file is used instead.
Parameters:
uwsgi_instances: List of uWSGI instances to deploy, selections are provided in defaults
uwsgi_upgrade: If true pass latest to Ansibles pip module instead of present
Defaults:
uwsgi_cert_filename: Path for certificate for HTTPS
uwsgi_key_filename: Path for key for HTTPS
uwsgi_ansible_comment: Put uwsgi_template_comment on top of templates if true
uwsgi_template_comment: Comment put on top of every template delivered by Ansible
uwsgi_https: Spawn HTTPS server if true
uwsgi_advanced_config: Set advanced productive config options if true (see templates/uwsgi.ini.j2)
uwsgi_example_instance: Dictionary containing all parameters that are possibly used by the role, no working default config, just to show what can be configured. See gnuhealth and thalamus roles defaults for example configurations.
Variables:
uwsgi_packages: Packages to be installed on the system differentiated by OS family
uwsgi_venv_python: Python executable used for virtual environment
uwsgi_nginx_group_name: Name of the group to be created for Nginx user & uWSGI user in order to have proper UNIX socket permissions (if necessary)
uwsgi_default_mode: Contains default modes for files and directories differentiated by OS