f67cfd0494
# What this PR does Create a custom non-root user and use it to start an app. So uwsgi does not require to use `setUid` and `setGid` system calls. It handles errors while starting in Kubernetes with `runAsNonRoot: true` check. ## Which issue(s) this PR fixes closes https://github.com/grafana/oncall/issues/445 ## Checklist - [x] Unit, integration, and e2e (if applicable) tests updated - [ ] Documentation added (or `pr:no public docs` PR label added if not required) - [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not required) --------- Co-authored-by: Joey Orlando <joey.orlando@grafana.com> Co-authored-by: Joey Orlando <joseph.t.orlando@gmail.com>
23 lines
689 B
INI
23 lines
689 B
INI
[uwsgi]
|
|
strict=true
|
|
chdir=/etc/app
|
|
module=engine.wsgi:application
|
|
master=True
|
|
pidfile=/tmp/project-master.pid
|
|
http=0.0.0.0:8080
|
|
processes=5
|
|
harakiri=620
|
|
max-requests=5000
|
|
vacuum=True
|
|
buffer-size=65535
|
|
http-auto-chunked=True
|
|
http-timeout=620
|
|
post-buffering=1
|
|
enable-threads=true
|
|
|
|
; drop requests with CONTENT_LENGTH bigger than 15MB
|
|
route-if=ishigher:${CONTENT_LENGTH};15000000 break:413 Request Entity Too Large
|
|
|
|
logger=stdio
|
|
log-format=source=engine:uwsgi status=%(status) method=%(method) path=%(uri) latency=%(secs) google_trace_id=%(var.HTTP_X_CLOUD_TRACE_CONTEXT) protocol=%(proto) resp_size=%(size) req_body_size=%(cl)
|
|
log-encoder=format ${strftime:%%Y-%%m-%%d %%H:%%M:%%S} ${msgnl}
|