librelist archives

Random compliment, WSGI

From:

Ed Marshall

Date:

2010-09-26 @ 15:19

So, I just got a mostly-working hgwebdir (sans SSL and auth) working under
Mongrel2. Speaking as an ops guy by trade (and programmer by hobby), I don't
think you guys really realize how pleasant this is to work with. :) I'm not
entirely bought into procer yet (I have a few of my own tools for handling
that kind of thing), but Mongrel2 is proving to be quite a pleasure to use.

So, about hgwebdir. :) I've traditionally run my hg server via fastcgi under
lighttpd; http://host.domain.com/hg/ is proxied to the fcgi-based hgwebdir
server, and all is well.

In hgweb's WSGI handler, URLs on the rendered page are constructed relative
to SCRIPT_NAME and PATH_INFO; specifically, it treats SCRIPT_NAME as a
prefix, and PATH_INFO as the useful bit. Timothy and Barry's WSGI
implementation didn't do anything with SCRIPT_NAME (I assume Django doesn't
care), so hgweb would see '/hg/' as PATH_INFO, and would fail pretty
miserably because it would assume 'hg' was the repository you were looking
for.

As a quick hack, I set SCRIPT_NAME to PATH, and PATH_INFO to PATH minus
PATTERN. This works for me, but only because my pattern is pretty simple:
"/hg/". Not necessarily something everyone could use.

So, my question: would it be reasonable for Mongrel2 to pass both the prefix
and what was matched, along with PATTERN, via 0MQ? ie. a request for '/hg/'
against a rute pattern of '/hg/(.*)' (a contrived example, but good enough
for illustration) could give:

    { 'PATTERN': '/hg/(.*)',
      'PREFIX': '/hg/',
      'MATCH': '', ... }

or, for '/hg/static/images/hglogo.png':

    { 'PATTERN': '/hg/(.*)',
      'PREFIX': '/hg/',
      'MATCH': 'static/images/hglogo.png', ... }

That gives us enough information to reconstruct SCRIPT_NAME and PATH_INFO
without having to re-calculate the pattern in the handler. Does this seem
reasonable?

Anyway, back to playing; Redmine is my next target.

--
Ed Marshall <esm@logic.net>
Felix qui potuit rerum cognoscere causas.
http://esm.logic.net/

On Sun, Sep 26, 2010 at 10:19:55AM -0500, Ed Marshall wrote:
> So, I just got a mostly-working hgwebdir (sans SSL and auth) working under
> Mongrel2. Speaking as an ops guy by trade (and programmer by hobby), I don't
> think you guys really realize how pleasant this is to work with. :) I'm not
> entirely bought into procer yet (I have a few of my own tools for handling
> that kind of thing), but Mongrel2 is proving to be quite a pleasure to use.

Cool, you should blog that so we can point at someone else who's liking
the design and does operations. :-)

> 
> So, my question: would it be reasonable for Mongrel2 to pass both the prefix
> and what was matched, along with PATTERN, via 0MQ? ie. a request for '/hg/'
> against a rute pattern of '/hg/(.*)' (a contrived example, but good enough
> for illustration) could give:
> 
>     { 'PATTERN': '/hg/(.*)',
>       'PREFIX': '/hg/',
>       'MATCH': '', ... }

Well, MATCH is just PATH.  That's already given to you and is just the
path of the url minus any ? params.  You get pattern too, and all we'd
do is break PATTERN at the first ( then hand that to you.  Can you try
that out and at least see if that works, then I'll look at how to add
that.

-- 
Zed A. Shaw
http://zedshaw.com/

On Sun, Sep 26, 2010 at 1:29 PM, Zed A. Shaw <zedshaw@zedshaw.com> wrote:
> Cool, you should blog that so we can point at someone else who's liking
> the design and does operations. :-)

Heh. Once I have a few more things working properly under it, and am
running in a state that I'd be comfortable calling "production", I'll
definitely write up the experience. Right now, about the only thing I
really need is SSL support, but it looks like that's coming (and I'm
patient).

Actually, that reminds me: are there any plans, near- or long-term, to
support http auth within Mongrel2 in some fashion? It's not a show-
stopper right now (the one app I need it for, I can probably do layered
on WSGI ala borrowed Django middleware or something), but it limits the
usefulness of Dir().

(I understand that it opens up a can of worms with respect to authn
backends, so an answer of "not in the foreseeable future" works for me.)

> Well, MATCH is just PATH.  That's already given to you and is just the
> path of the url minus any ? params.  You get pattern too, and all we'd
> do is break PATTERN at the first ( then hand that to you.  Can you try
> that out and at least see if that works, then I'll look at how to add
> that.

That works just fine for me; I was mainly punting to Mongrel2 in the
event that you might want to make changes to how route patterns work
down the road (multiple matches, perhaps; hadn't really thought it
through). This is certainly good enough for what I need. :)

If anyone else would find it useful, I forked Timothy's version here:

    http://github.com/logic/mongrel2_wsgi

-- 
Ed Marshall <esm@logic.net>
Felix qui potuit rerum cognoscere causas.
http://esm.logic.net/

On Sun, Sep 26, 2010 at 09:38:31PM -0500, Ed Marshall wrote:
> Actually, that reminds me: are there any plans, near- or long-term, to
> support http auth within Mongrel2 in some fashion? It's not a show-
> stopper right now (the one app I need it for, I can probably do layered
> on WSGI ala borrowed Django middleware or something), but it limits the
> usefulness of Dir().

Ahhh, auth. The perpetual monster in the closet.  What my plans are is
to have the filters system in place, then write a couple of the most
basic auth modules I can.  Simple things like query the sqlite and or a
cdb for user/pw.  After that people should be able to write their own
auth module for whatever whacky situations they need.

> If anyone else would find it useful, I forked Timothy's version here:
> 
>     http://github.com/logic/mongrel2_wsgi

Ok, I'll see how hard/easy it is to get that information out and send it
on.  I need to do some fixups of the way that json hash is built anyway
so that complex cookies work.

-- 
Zed A. Shaw
http://zedshaw.com/

On Sun, Sep 26, 2010 at 10:38 PM, Ed Marshall <esm@logic.net> wrote:
> On Sun, Sep 26, 2010 at 1:29 PM, Zed A. Shaw <zedshaw@zedshaw.com> wrote:
>> Cool, you should blog that so we can point at someone else who's liking
>> the design and does operations. :-)
>
> Heh. Once I have a few more things working properly under it, and am
> running in a state that I'd be comfortable calling "production", I'll
> definitely write up the experience. Right now, about the only thing I
> really need is SSL support, but it looks like that's coming (and I'm
> patient).

I hear you ;)  Just working out a bug/misunderstanding with reading certs now.

> Actually, that reminds me: are there any plans, near- or long-term, to
> support http auth within Mongrel2 in some fashion? It's not a show-
> stopper right now (the one app I need it for, I can probably do layered
> on WSGI ala borrowed Django middleware or something), but it limits the
> usefulness of Dir().
>
> (I understand that it opens up a can of worms with respect to authn
> backends, so an answer of "not in the foreseeable future" works for me.)

I'm not opposed to implementing it, assuming the can of worms isn't too big.