##// END OF EJS Templates
env-variables: make it safer if there's a syntax problem inside .ini file....
env-variables: make it safer if there's a syntax problem inside .ini file. It's better to not crash, since it means server wont start. Let users fix problems instead of breaking the startup because of that.

File last commit:

r2205:dd780472 default
r3237:5cf82ecc default
Show More
gunicorn-ssl-support.rst
50 lines | 1.4 KiB | text/x-rst | RstLexer
/ docs / admin / gunicorn-ssl-support.rst
docs: updated section on performance, scaling, ssl support
r2205 .. _gunicorn-ssl-support:
Gunicorn SSL support
--------------------
:term:`Gunicorn` wsgi server allows users to use HTTPS connection directly
without a need to use HTTP server like Nginx or Apache. To Configure
SSL support directly with :term:`Gunicorn` you need to simply add the key
and certificate paths to your configuration file.
1. Open the :file:`home/{user}/.rccontrol/{instance-id}/rhodecode.ini` file.
2. In the ``[server:main]`` section, add two new variables
called `certfile` and `keyfile`.
.. code-block:: ini
[server:main]
host = 127.0.0.1
port = 10002
use = egg:gunicorn#main
workers = 1
threads = 1
proc_name = RhodeCodeEnterprise
worker_class = sync
max_requests = 1000
timeout = 3600
# adding ssl support
certfile = /home/ssl/my_server_com.pem
keyfile = /home/ssl/my_server_com.key
4. Save your changes.
5. Restart your |RCE| instance, using the following command:
.. code-block:: bash
$ rccontrol restart enterprise-1
After this is enabled you can *only* access your instances via https://
protocol. Check out more docs here `Gunicorn SSL Docs`_
.. note::
This change only can be applied to |RCE|. VCSServer doesn't support SSL
and should be only used with http protocol. Because only |RCE| is available
externally all communication will still be over SSL even without VCSServer
SSL enabled.
.. _Gunicorn SSL Docs: http://docs.gunicorn.org/en/stable/settings.html#ssl