| Name | pypiserver-pluggable-backends JSON |
| Version |
1.5.2
JSON |
| download |
| home_page | https://github.com/pypiserver/pypiserver |
| Summary | A minimal PyPI server for use with pip/easy_install. |
| upload_time | 2023-08-24 03:01:29 |
| maintainer | Kostis Anagnostopoulos <ankostis@gmail.com>Matthew Planchard <mplanchard@gmail.com> |
| docs_url | None |
| author | |
| requires_python | >=3.6 |
| license | |
| keywords |
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
|
[**pypiserver - minimal PyPI server for use with pip/easy_install**](<>)
[](https://shields.io/)
[](https://github.com/pypiserver/pypiserver/actions/workflows/ci.yml)
[](https://pypi.org/project/pypiserver/)
[](https://raw.githubusercontent.com/pypiserver/pypiserver/master/LICENSE.txt)
| name | description |
| :---------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Version | 1.5.2 |
| Date: | 2023-07-30 |
| Source | https://github.com/pypiserver/pypiserver |
| PyPI | https://pypi.org/project/pypiserver/ |
| Tests | https://github.com/pypiserver/pypiserver/actions |
| Maintainers | Kostis Anagnostopoulos <ankostis@gmail.com>, Matthew Planchard <mplanchard@gmail.com>, Dmitrii Orlov <dmtree.dev@yahoo.com>, **Someone new?** We are looking for new maintainers! [#397](https://github.com/pypiserver/pypiserver/issues/397) |
| License | zlib/libpng + MIT |
| Community | https://pypiserver.zulipchat.com |
Chat with us on [Zulip](https://pypiserver.zulipchat.com)!
**pypiserver** is a minimal [PyPI](https://pypi.org/) compatible server for **pip** or **easy_install**.
It is based on [bottle](http://bottlepy.org/) and serves packages from regular directories.
Wheels, bdists, eggs and accompanying PGP-signatures can be uploaded
either with **pip**, **setuptools**, **twine**, **pypi-uploader**, or simply copied
with **scp**.
Note
The official software powering [PyPI](https://pypi.org/) is
[Warehouse](https://github.com/pypa/warehouse/). However,
[Warehouse](https://github.com/pypa/warehouse/)
is fairly specialized to be **pypi.org**'s own software, and should not
be used in other contexts. In particular, it does not officially support
being used as a custom package index by users wishing to serve their own
packages.
**pypiserver** implements the same interfaces as [PyPI](https://pypi.org/), allowing
standard Python packaging tooling such as **pip** and **twine** to
interact with it as a package index just as they would with [PyPI](https://pypi.org/), while
making it much easier to get a running index server.
# pypiserver
Table of Contents
- [pypiserver - minimal PyPI server for use with pip/easy_install](#pypiserver---minimal-pypi-server-for-use-with-pipeasy_install)
- [Quickstart Installation and Usage](#Quickstart-Installation-and-Usage)
- [More details about pypi-server run](#More-details-about-pypi-server-run)
- [More details about pypi-server update](#More-details-about-pypi-server-update)
- [Client-Side Configurations](#Client-Side-Configurations)
- [Configuring pip](#Configuring-pip)
- [Configuring easy_install](#Configuring-easy_install)
- [Uploading Packages Remotely](#Uploading-Packages-Remotely)
- [Apache like Authentication ( htpasswd )](#Apache-like-Authentication)
- [Upload with setuptools](#Upload-with-setuptools)
- [Upload with twine](#Upload-with-twine)
- [Using the Docker Image](#Using-the-Docker-Image)
- [Alternative Installation methods](#Alternative-Installation-methods)
- [Installing the Very Latest Version](#Installing-the-Very-Latest-Version)
- [Recipes](#Recipes)
- [Managing the Package Directory](#Managing-the-Package-Directory)
- [Serving Thousands of Packages](#Serving-Thousands-of-Packages)
- [Managing Automated Startup](#Managing-Automated-Startup)
- [Running as a systemd service](#Running-as-a-systemd-service)
- [Launching through supervisor](#Launching-through-supervisor)
- [Running as a service with NSSM (Windows)](#Running-as-a-service-with-NSSM)
- [Using a Different WSGI Server](#Using-a-Different-WSGI-Server)
- [Apache](#Apache)
- [Gunicorn](#Gunicorn)
- [Paste](#Paste)
- [Behind a Reverse Proxy](#Behind-a-Reverse-Proxy)
- [Nginx](#Nginx)
- [Supporting HTTPS](#Supporting-HTTPS)
- [Traefik](#Traefik)
- [Utilizing the API](#Utilizing-the-API)
- [Using Ad-Hoc Authentication Providers](#Using-Ad-Hoc-Authentication-Providers)
- [Use with MicroPython](#Use-with-MicroPython)
- [Custom Health Check Endpoint](#Custom-Health-Check-Endpoint)
- [Configure a custom health check by CLI arguments](#Configure-a-custom-health-check-by-CLI-arguments)
- [Configure a custom health endpoint by script](#Configure-a-custom-health-endpoint-by-script)
- [Sources](#Sources)
- [Known Limitations](#known-limitations)
- [Similar Projects](#similar-projects)
- [Unmaintained or archived](#unmaintained-or-archived)
- [Related Projects](#related-projects)
- [License](#license)
## [Quickstart Installation and Usage](#pypiserver)
**pypiserver** works with Python 3.6+ and PyPy3.
Older Python versions may still work, but they are not tested.
For legacy Python versions, use **pypiserver-1.x** series. Note that these are
not officially supported, and will not receive bugfixes or new features.
Tip
The commands below work on a unix-like operating system with a posix shell.
The **'~'** character expands to user's home directory.
If you're using Windows, you'll have to use their "Windows counterparts".
The same is true for the rest of this documentation.
1. Install **pypiserver** with this command
```shell
pip install pypiserver # Or: pypiserver[passlib,cache]
mkdir ~/packages # Copy packages into this directory.
```
See also [Alternative Installation methods](<>)
2. Copy some packages into your **~/packages** folder and then
get your **pypiserver** up and running
```shell
pypi-server run -p 8080 ~/packages & # Will listen to all IPs.
```
3. From the client computer, type this
```shell
# Download and install hosted packages.
pip install --extra-index-url http://localhost:8080/simple/ ...
# or
pip install --extra-index-url http://localhost:8080 ...
# Search hosted packages.
pip search --index http://localhost:8080 ...
# Note that pip search does not currently work with the /simple/ endpoint.
```
See also [Client-side configurations](#Client-Side-Configurations) for avoiding tedious typing.
4. Enter **pypi-server -h** in the cmd-line to print a detailed usage message
```text
usage: pypi-server [-h] [-v] [--log-file FILE] [--log-stream STREAM]
[--log-frmt FORMAT] [--hash-algo HASH_ALGO]
[--backend {auto,simple-dir,cached-dir}] [--version]
{run,update} ...
start PyPI compatible package server serving packages from PACKAGES_DIRECTORY. If PACKAGES_DIRECTORY is not given on the command line, it uses the default ~/packages. pypiserver scans this directory recursively for packages. It skips packages and directories starting with a dot. Multiple package directories may be specified.
positional arguments:
{run,update}
run Run pypiserver, serving packages from
PACKAGES_DIRECTORY
update Handle updates of packages managed by pypiserver. By
default, a pip command to update the packages is
printed to stdout for introspection or pipelining. See
the `-x` option for updating packages directly.
optional arguments:
-h, --help show this help message and exit
-v, --verbose Enable verbose logging; repeat for more verbosity.
--log-file FILE Write logging info into this FILE, as well as to
stdout or stderr, if configured.
--log-stream STREAM Log messages to the specified STREAM. Valid values are
stdout, stderr, and none
--log-frmt FORMAT The logging format-string. (see `logging.LogRecord`
class from standard python library)
--hash-algo HASH_ALGO
Any `hashlib` available algorithm to use for
generating fragments on package links. Can be disabled
with one of (0, no, off, false).
--backend {auto,simple-dir,cached-dir}
A backend implementation. Keep the default 'auto' to
automatically determine whether to activate caching or
not
--version show program's version number and exit
Visit https://github.com/pypiserver/pypiserver for more information
```
### [More details about pypi server run](#pypiserver)
Enter **pypi-server run -h** in the cmd-line to print a detailed usage
```text
usage: pypi-server run [-h] [-v] [--log-file FILE] [--log-stream STREAM]
[--log-frmt FORMAT] [--hash-algo HASH_ALGO]
[--backend {auto,simple-dir,cached-dir}] [--version]
[-p PORT] [-i HOST] [-a AUTHENTICATE]
[-P PASSWORD_FILE] [--disable-fallback]
[--fallback-url FALLBACK_URL]
[--health-endpoint HEALTH_ENDPOINT] [--server METHOD]
[-o] [--welcome HTML_FILE] [--cache-control AGE]
[--log-req-frmt FORMAT] [--log-res-frmt FORMAT]
[--log-err-frmt FORMAT]
[package_directory [package_directory ...]]
positional arguments:
package_directory The directory from which to serve packages.
optional arguments:
-h, --help show this help message and exit
-v, --verbose Enable verbose logging; repeat for more verbosity.
--log-file FILE Write logging info into this FILE, as well as to
stdout or stderr, if configured.
--log-stream STREAM Log messages to the specified STREAM. Valid values are
stdout, stderr, and none
--log-frmt FORMAT The logging format-string. (see `logging.LogRecord`
class from standard python library)
--hash-algo HASH_ALGO
Any `hashlib` available algorithm to use for
generating fragments on package links. Can be disabled
with one of (0, no, off, false).
--backend {auto,simple-dir,cached-dir}
A backend implementation. Keep the default 'auto' to
automatically determine whether to activate caching or
not
--version show program's version number and exit
-p PORT, --port PORT Listen on port PORT (default: 8080)
-i HOST, -H HOST, --interface HOST, --host HOST
Listen on interface INTERFACE (default: 0.0.0.0)
-a AUTHENTICATE, --authenticate AUTHENTICATE
Comma-separated list of (case-insensitive) actions to
authenticate (options: download, list, update;
default: update).
Any actions not specified are not authenticated, so
to authenticate downloads and updates, but allow
unauthenticated viewing of the package list, you would
use:
pypi-server -a 'download, update' -P
./my_passwords.htaccess
To disable authentication, use:
pypi-server -a . -P .
See the `-P` option for configuring users and
passwords.
Note that when uploads are not protected, the
`register` command is not necessary, but `~/.pypirc`
still needs username and password fields, even if
bogus.
-P PASSWORD_FILE, --passwords PASSWORD_FILE
Use an apache htpasswd file PASSWORD_FILE to set
usernames and passwords for authentication.
To allow unauthorized access, use:
pypi-server -a . -P .
--disable-fallback Disable the default redirect to PyPI for packages not
found in the local index.
--fallback-url FALLBACK_URL
Redirect to FALLBACK_URL for packages not found in the
local index.
--health-endpoint HEALTH_ENDPOINT
Configure a custom liveness endpoint. It always
returns 200 Ok if the service is up. Otherwise, it
means that the service is not responsive.
--server METHOD Use METHOD to run the server. Valid values include
paste, cherrypy, twisted, gunicorn, gevent, wsgiref,
and auto. The default is to use "auto", which chooses
one of paste, cherrypy, twisted, or wsgiref.
-o, --overwrite Allow overwriting existing package files during
upload.
--welcome HTML_FILE Use the contents of HTML_FILE as a custom welcome
message on the home page.
--cache-control AGE Add "Cache-Control: max-age=AGE" header to package
downloads. Pip 6+ requires this for caching.AGE is
specified in seconds.
--log-req-frmt FORMAT
A format-string selecting Http-Request properties to
log; set to '%s' to see them all.
--log-res-frmt FORMAT
A format-string selecting Http-Response properties to
log; set to '%s' to see them all.
--log-err-frmt FORMAT
A format-string selecting Http-Error properties to
log; set to '%s' to see them all.
```
### [More details about pypi-server update](#pypiserver)
More details about **pypi-server update**
```text
usage: pypi-server update [-h] [-v] [--log-file FILE] [--log-stream STREAM]
[--log-frmt FORMAT] [--hash-algo HASH_ALGO]
[--backend {auto,simple-dir,cached-dir}] [--version]
[-x] [-d DOWNLOAD_DIRECTORY] [-u]
[--blacklist-file IGNORELIST_FILE]
[package_directory [package_directory ...]]
positional arguments:
package_directory The directory from which to serve packages.
optional arguments:
-h, --help show this help message and exit
-v, --verbose Enable verbose logging; repeat for more verbosity.
--log-file FILE Write logging info into this FILE, as well as to
stdout or stderr, if configured.
--log-stream STREAM Log messages to the specified STREAM. Valid values are
stdout, stderr, and none
--log-frmt FORMAT The logging format-string. (see `logging.LogRecord`
class from standard python library)
--hash-algo HASH_ALGO
Any `hashlib` available algorithm to use for
generating fragments on package links. Can be disabled
with one of (0, no, off, false).
--backend {auto,simple-dir,cached-dir}
A backend implementation. Keep the default 'auto' to
automatically determine whether to activate caching or
not
--version show program's version number and exit
-x, --execute Execute the pip commands rather than printing to
stdout
-d DOWNLOAD_DIRECTORY, --download-directory DOWNLOAD_DIRECTORY
Specify a directory where packages updates will be
downloaded. The default behavior is to use the
directory which contains the package being updated.
-u, --allow-unstable Allow updating to unstable versions (alpha, beta, rc,
dev, etc.)
--blacklist-file IGNORELIST_FILE, --ignorelist-file IGNORELIST_FILE
Don't update packages listed in this file (one package
name per line, without versions, '#' comments
honored). This can be useful if you upload private
packages into pypiserver, but also keep a mirror of
public packages that you regularly update. Attempting
to pull an update of a private package from `pypi.org`
might pose a security risk - e.g. a malicious user
might publish a higher version of the private package,
containing arbitrary code.
```
## [Client-Side Configurations](#pypiserver)
Always specifying the pypi url on the command line is a bit
cumbersome. Since **pypiserver** redirects **pip/easy_install** to the
**pypi.org** index if it doesn't have a requested package, it is a
good idea to configure them to always use your local pypi index.
### [Configuring pip](#pypiserver)
For **pip** command this can be done by setting the environment variable
**[PIP_EXTRA_INDEX_URL](https://packaging.python.org/en/latest/guides/hosting-your-own-index/)** in your **.bashr/.profile/.zshrc**
```shell
export PIP_EXTRA_INDEX_URL=http://localhost:8080/simple/
```
or by adding the following lines to **~/.pip/pip.conf**
```shell
[global]
extra-index-url = http://localhost:8080/simple/
```
Note
If you have installed **pypiserver** on a remote url without *https*
you will receive an "untrusted" warning from *pip*, urging you to append
the **--trusted-host** option. You can also include this option permanently
in your configuration-files or environment variables.
### [Configuring easy_install](#pypiserver)
For **easy_install** command you may set the following configuration in
**~/.pydistutils.cfg**
```shell
[easy_install]
index_url = http://localhost:8080/simple/
```
### [Uploading Packages Remotely](#pypiserver)
Instead of copying packages directly to the server's folder (i.e. with **scp**),
you may use python tools for the task, e.g. **python setup.py upload**.
In that case, **pypiserver** is responsible for authenticating the upload-requests.
Note
We strongly advise to password-protected your uploads!
It is possible to disable authentication for uploads (e.g. in intranets).
To avoid lazy security decisions, read help for **-P** and **-a** options.
#### [Apache Like Authentication (htpasswd)](#pypiserver)
1. First make sure you have the **passlib** module installed (note that
**passlib>=1.6** is required), which is needed for parsing the Apache
*htpasswd* file specified by the **-P**, **--passwords** option
(see next steps)
```shell
pip install passlib
```
2. Create the Apache **htpasswd** file with at least one user/password pair
with this command (you'll be prompted for a password)
```shell
htpasswd -sc htpasswd.txt <some_username>
```
Tip
Read this [SO](http://serverfault.com/questions/152950/how-to-create-and-edit-htaccess-and-htpasswd-locally-on-my-computer-and-then-u) question for running `htpasswd` cmd under *Windows*
or if you have bogus passwords that you don't care because they are for
an internal service (which is still "bad", from a security perspective...)
you may use this [public service](http://www.htaccesstools.com/htpasswd-generator/)
Tip
When accessing pypiserver via the api, alternate authentication
methods are available via the **auther** config flag. Any callable
returning a boolean can be passed through to the pypiserver config in
order to provide custom authentication. For example, to configure
pypiserver to authenticate using the [python-pam](https://pypi.org/project/python-pam/)
```shell
import pam
pypiserver.default_config(auther=pam.authenticate)
```
Please see `Using Ad-hoc authentication providers`\_ for more information.
3. You need to restart the server with the **-P** option only once
(but user/password pairs can later be added or updated on the fly)
```shell
./pypi-server run -p 8080 -P htpasswd.txt ~/packages &
```
#### [Upload with setuptools](#pypiserver)
1. On client-side, edit or create a **~/.pypirc** file with a similar content:
```shell
[distutils]
index-servers =
pypi
local
[pypi]
username:<your_pypi_username>
password:<your_pypi_passwd>
[local]
repository: http://localhost:8080
username: <some_username>
password: <some_passwd>
```
2. Then from within the directory of the python-project you wish to upload,
issue this command:
```shell
python setup.py sdist upload -r local
```
#### [Upload with twine](#pypiserver)
To avoid storing you passwords on disk, in clear text, you may either:
- use the **register** *setuptools*'s command with the **-r** option,
like that
```shell
python setup.py sdist register -r local upload -r local
```
- use *twine* library, which
breaks the procedure in two steps. In addition, it supports signing
your files with PGP-Signatures and uploading the generated *.asc* files
to **pypiserver**::
```shell
twine upload -r local --sign -identity user_name ./foo-1.zip
```
## [Using the Docker Image](#pypiserver)
Starting with version 1.2.5, official Docker images will be built for each
push to master, each dev, alpha, or beta release, and each final release.
The most recent full release will always be available under the tag **latest**,
and the current master branch will always be available under the tag
**unstable**.
You can always check to see what tags are currently available at our
[*Docker Repo*](https://hub.docker.com/r/pypiserver/pypiserver/tags/).
To run the most recent release of **pypiserver** with Docker, simply
```shell
docker run pypiserver/pypiserver:latest run
```
This starts **pypiserver** serving packages from the **/data/packages**
directory inside the container, listening on the container port 8080.
The container takes all the same arguments as the normal **pypi-server**
executable, with the exception of the internal container port (**-p**),
which will always be 8080.
Of course, just running a container isn't that interesting. To map
port 80 on the host to port 8080 on the container::
```shell
docker run -p 80:8080 pypiserver/pypiserver:latest run
```
You can now access your **pypiserver** at **localhost:80** in a web browser.
To serve packages from a directory on the host, e.g. **~/packages**
```shell
docker run -p 80:8080 -v ~/packages:/data/packages pypiserver/pypiserver:latest run
```
To authenticate against a local **.htpasswd** file::
```shell
docker run -p 80:8080 -v ~/.htpasswd:/data/.htpasswd pypiserver/pypiserver:latest run -P .htpasswd packages
```
You can also specify **pypiserver** to run as a Docker service using a
composefile. An example composefile is [provided](https://github.com/pypiserver/pypiserver/blob/master/docker-compose.yml)
## [Alternative Installation Methods](#pypiserver)
When trying the methods below, first use the following command to check whether
previous versions of **pypiserver** already exist, and (optionally) uninstall them::
```shell
# VERSION-CHECK: Fails if not installed.
pypi-server --version
# UNINSTALL: Invoke again until it fails.
pip uninstall pypiserver
```
### [Installing the Very Latest Version](#pypiserver)
In case the latest version in *pypi* is a pre-release, you have to use
*pip*'s *--pre* option. And to update an existing installation combine it
with `--ignore-installed`
```shell
pip install pypiserver --pre -I
```
You can even install the latest **pypiserver** directly from *github* with the
following command, assuming you have *git* installed on your **PATH**
```shell
pip install git+git://github.com/pypiserver/pypiserver.git
```
## [Recipes](#pypiserver)
### [Managing the Package Directory](#pypiserver)
The **pypi-server** command has the **update** command that searches for updates of
available packages. It scans the package directory for available
packages and searches on pypi.org for updates. Without further
options **pypi-server update** will just print a list of commands which must
be run in order to get the latest version of each package. Output
looks like
```shell
$ ./pypi-server update
checking 106 packages for newer version
.........u.e...........e..u.............
.....e..............................e...
..........................
no releases found on pypi for PyXML, Pymacs, mercurial, setuptools
# update raven from 1.4.3 to 1.4.4
pip -q install --no-deps --extra-index-url https://pypi.org/simple/ -d /home/ralf/packages/mirror raven==1.4.4
# update greenlet from 0.3.3 to 0.3.4
pip -q install --no-deps --extra-index-url https://pypi.org/simple/ -d /home/ralf/packages/mirror greenlet==0.3.4
```
It first prints for each package a single character after checking the
available versions on pypi. A dot(.) means the package is up-to-date, **'u'**
means the package can be updated and **'e'** means the list of releases on
pypi is empty. After that it shows a *pip* command line which can be used
to update a one package. Either copy and paste that or run
**pypi-server update -x** in order to really execute those commands. You need
to have *pip* installed for that to work however.
Specifying an additional **-u** option will also allow alpha, beta and
release candidates to be downloaded. Without this option these
releases won't be considered.
### [Serving Thousands of Packages](#pypiserver)
By default, **pypiserver** scans the entire packages directory each time an
incoming HTTP request occurs. This isn't a problem for a small number of
packages, but causes noticeable slow-downs when serving thousands of packages.
If you run into this problem, significant speedups can be gained by enabling
pypiserver's directory caching functionality. The only requirement is to
install the **watchdog** package, or it can be installed during **pypiserver**
installation, by specifying the **cache** extras option::
```shell
pip install pypiserver[cache]
```
Additional speedups can be obtained by using your webserver's builtin
caching functionality. For example, if you are using `nginx` as a
reverse-proxy as described below in `Behind a reverse proxy`, you can
easily enable caching. For example, to allow nginx to cache up to
10 gigabytes of data for up to 1 hour::
```shell
proxy_cache_path /data/nginx/cache
levels=1:2
keys_zone=pypiserver_cache:10m
max_size=10g
inactive=60m
use_temp_path=off;
server {
# ...
location / {
proxy_cache pypiserver_cache;
proxy_pass http://localhost:8080;
}
}
```
Using webserver caching is especially helpful if you have high request
volume. Using nginx caching, a real-world pypiserver installation was
able to easily support over 1000 package downloads/min at peak load.
### [Managing Automated Startup](#pypiserver)
There are a variety of options for handling the automated starting of
pypiserver upon system startup. Two of the most common are *systemd* and
*supervisor* for linux systems. For windows creating services with scripts isn't
an easy task without a third party tool such as *NSSM*.
#### [Running As a systemd Service](#pypiserver)
**systemd** is installed by default on most modern Linux systems and as such,
it is an excellent option for managing the pypiserver process. An example
config file for **systemd** can be seen below
```shell
[Unit]
Description=A minimal PyPI server for use with pip/easy_install.
After=network.target
[Service]
Type=simple
# systemd requires absolute path here too.
PIDFile=/var/run/pypiserver.pid
User=www-data
Group=www-data
ExecStart=/usr/local/bin/pypi-server run -p 8080 -a update,download --log-file /var/log/pypiserver.log -P /etc/nginx/.htpasswd /var/www/pypi
ExecStop=/bin/kill -TERM $MAINPID
ExecReload=/bin/kill -HUP $MAINPID
Restart=always
WorkingDirectory=/var/www/pypi
TimeoutStartSec=3
RestartSec=5
[Install]
WantedBy=multi-user.target
```
Adjusting the paths and adding this file as **pypiserver.service** into your
**systemd/system** directory will allow management of the pypiserver process with
**systemctl**, e.g. **systemctl start pypiserver**.
More useful information about *systemd* can be found at
https://www.digitalocean.com/community/tutorials/how-to-use-systemctl-to-manage-systemd-services-and-units
#### [Launching through supervisor](#pypiserver)
[supervisor](http://supervisord.org/) has the benefit of being a pure python
package and as such, it provides excellent cross-platform support for process
management. An example configuration file for **supervisor** is given below
```shell
[program:pypi]
command=/home/pypi/pypi-venv/bin/pypi-server run -p 7001 -P /home/pypi/.htpasswd /home/pypi/packages
directory=/home/pypi
user=pypi
autostart=true
autorestart=true
stderr_logfile=/var/log/pypiserver.err.log
stdout_logfile=/var/log/pypiserver.out.log
```
From there, the process can be managed via **supervisord** using **supervisorctl**.
#### [Running As a service with NSSM](#pypiserver)
For Windows download NSSM from https://nssm.cc unzip to a desired location such as Program Files. Decide whether you are going
to use win32 or win64, and add that exe to environment PATH.
Create a start_pypiserver.bat
```shell
pypi-server run -p 8080 C:\Path\To\Packages &
```
Test the batch file by running it first before creating the service. Make sure you can access
the server remotely, and install packages. If you can, proceed, if not troubleshoot until you can.
This will ensure you know the server works, before adding NSSM into the mix.
From the command prompt
```shell
nssm install pypiserver
```
This command will launch a NSSM gui application
```shell
Path: C:\Path\To\start_pypiserver.bat
Startup directory: Auto generates when selecting path
Service name: pypiserver
```
There are more tabs, but that is the basic setup. If the service needs to be running with a certain
login credentials, make sure you enter those credentials in the logon tab.
Start the service
```shell
nssm start pypiserver
```
Other useful commands
```shell
nssm --help
nssm stop <servicename>
nssm restart <servicename>
nssm status <servicename>
```
For detailed information please visit https://nssm.cc
### [Using a Different WSGI Server](#pypiserver)
- The **bottle** web-server which supports many WSGI-servers, among others,
**paste**, **cherrypy**, **twisted** and **wsgiref** (part of Python); you select
them using the **--server** flag.
- You may view all supported WSGI servers using the following interactive code
```python
>>> from pypiserver import bottle
>>> list(bottle.server_names.keys())
['cgi', 'gunicorn', 'cherrypy', 'eventlet', 'tornado', 'geventSocketIO',
'rocket', 'diesel', 'twisted', 'wsgiref', 'fapws3', 'bjoern', 'gevent',
'meinheld', 'auto', 'aiohttp', 'flup', 'gae', 'paste', 'waitress']
```
- If none of the above servers matches your needs, invoke just the
**pypiserver:app()** method which returns the internal WSGI-app WITHOUT
starting-up a server - you may then send it to any WSGI server you like.
Read also the [Utilizing the API](#utilizing-the-api) section.
- Some examples are given below - you may find more details in [bottle
site](http://bottlepy.org/docs/dev/deployment.html#switching-the-server-backend%3E).
#### [Apache](#pypiserver)
To use your *Apache2* with **pypiserver**, prefer to utilize **mod_wsgi** as
explained in [bottle's documentation](http://bottlepy.org/docs/dev/deployment.html#apache-mod-wsgi%3E).
Note
If you choose instead to go with **mod_proxy**, mind that you may bump into problems
with the prefix-path (see [#155](https://github.com/pypiserver/pypiserver/issues/155%3E)).
1. Adapt and place the following *Apache* configuration either into top-level scope,
or inside some **<VirtualHost>** (contributed by Thomas Waldmann):
```shell
WSGIScriptAlias / /yoursite/wsgi/pypiserver-wsgi.py
WSGIDaemonProcess pypisrv user=pypisrv group=pypisrv umask=0007 \
processes=1 threads=5 maximum-requests=500 \
display-name=wsgi-pypisrv inactivity-timeout=300
WSGIProcessGroup pypisrv
WSGIPassAuthorization On # Required for authentication (https://github.com/pypiserver/pypiserver/issues/288)
<Directory /yoursite/wsgi >
Require all granted
</Directory>
```
or if using older **Apache \< 2.4**, substitute the last part with this::
```shell
<Directory /yoursite/wsgi >
Order deny,allow
Allow from all
</Directory>
```
2. Then create the **/yoursite/cfg/pypiserver.wsgi** file and make sure that
the **user** and **group** of the **WSGIDaemonProcess** directive
(**pypisrv:pypisrv** in the example) have the read permission on it
```python
import pypiserver
conf = pypiserver.default_config(
root = "/yoursite/packages",
password_file = "/yoursite/htpasswd", )
application = pypiserver.app(**conf)
```
Tip
If you have installed **pypiserver** in a virtualenv, follow **mod_wsgi**'s
[instructions](http://modwsgi.readthedocs.io/en/develop/user-guides/virtual-environments.html)
and prepend the python code above with the following
```python
import site
site.addsitedir('/yoursite/venv/lib/pythonX.X/site-packages')
```
Note
For security reasons, notice that the **Directory** directive grants access
to a directory holding the **wsgi** start-up script, alone; nothing else.
Note
To enable HTTPS support on Apache, configure the directive that contains the
WSGI configuration to use SSL.
#### [gunicorn](#pypiserver)
The following command uses **gunicorn** to start **pypiserver**
```shell
gunicorn -w4 'pypiserver:app(root="/home/ralf/packages")'
```
or when using multiple roots
```shell
gunicorn -w4 'pypiserver:app(root=["/home/ralf/packages", "/home/ralf/experimental"])'
```
#### [paste](#pypiserver)
[paste](http://pythonpaste.org) allows to run multiple WSGI applications
under different URL paths. Therefore, it is possible to serve different set
of packages on different paths.
The following example **paste.ini** could be used to serve stable and
unstable packages on different paths
```shell
[composite:main]
use = egg:Paste#urlmap
/unstable/ = unstable
/ = stable
[app:stable]
use = egg:pypiserver#main
root = ~/stable-packages
[app:unstable]
use = egg:pypiserver#main
root = ~/stable-packages
~/unstable-packages
[server:main]
use = egg:gunicorn#main
host = 0.0.0.0
port = 9000
workers = 5
accesslog = -
```
Note
You need to install some more dependencies for this to work, like::
```shell
pip install paste pastedeploy gunicorn pypiserver
```
The server can then start with
```shell
gunicorn_paster paste.ini
```
### [Behind a Reverse Proxy](#pypiserver)
You can run **pypiserver** behind a reverse proxy as well.
#### [Nginx](#pypiserver)
Extend your nginx configuration
```shell
upstream pypi {
server pypiserver.example.com:12345 fail_timeout=0;
}
server {
server_name myproxy.example.com;
location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://pypi;
}
}
```
As of pypiserver 1.3, you may also use the `X-Forwarded-Host` header in your
reverse proxy config to enable changing the base URL. For example if you
want to host pypiserver under a particular path on your server
```shell
upstream pypi {
server localhost:8000;
}
server {
location /pypi/ {
proxy_set_header X-Forwarded-Host $host:$server_port/pypi;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://pypi;
}
}
```
#### [Supporting HTTPS](#pypiserver)
Using a reverse proxy is the preferred way of getting pypiserver behind
HTTPS. For example, to put pypiserver behind HTTPS on port 443, with
automatic HTTP redirection, using `nginx`
```shell
upstream pypi {
server localhost:8000;
}
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name pypiserver.example.com;
ssl_certificate /etc/star.example.com.crt;
ssl_certificate_key /etc/star.example.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://pypi;
}
}
```
Please see [nginx's HTTPS docs for more details](http://nginx.org/en/docs/http/configuring_https_servers.html).
Getting and keeping your certificates up-to-date can be simplified using,
for example, using [certbot and letsencrypt](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04%3E).
#### [Traefik](#pypiserver)
It is also possible to use [Traefik](https://docs.traefik.io/) to put pypiserver behind HTTPS on port 443, with
automatic HTTP redirection using Docker Compose. Please see the provided [docker-compose.yml](https://github.com/pypiserver/pypiserver/blob/master/docker-compose.yml) example for more information.
### [Utilizing the API](#pypiserver)
In order to enable ad-hoc authentication-providers or to use WSGI-servers
not supported by *bottle* out-of-the-box, you needed to launch **pypiserver**
via its API.
- The main entry-point for configuring **pypiserver** is the [pypiserver:app()](https://github.com/pypiserver/pypiserver/blob/master/pypiserver/__init__.py#L116)
function. This function returns the internal WSGI-app that you my then
send to any WSGI-server you like.
- To get all **pypiserver:app()** keywords and their explanations, read the
function [pypiserver:default_config()](https://github.com/pypiserver/pypiserver/blob/master/pypiserver/__init__.py#L35)
- Finally, to fire-up a WSGI-server with the configured app, invoke
the **bottle:run(app, host, port, server)** function.
Note that **pypiserver** ships with its own copy of *bottle*; to use it,
import it like that: **from pypiserver import bottle**
#### [Using Ad-Hoc Authentication Providers](#pypiserver)
The **auther** keyword of **pypiserver:app()** function maybe set only using
the API. This can be any callable that returns a boolean when passed
the *username* and the *password* for a given request.
For example, to authenticate users based on the **/etc/passwd** file under Unix,
you may delegate such decisions to the [python-pam](https://pypi.org/project/python-pam/) library by following
these steps:
1. Ensure **python-pam** module is installed
pip install python-pam
1. Create a python-script along these lines
```shell
$ cat > pypiserver-start.py
import pypiserver
from pypiserver import bottle
import pam
app = pypiserver.app(root='./packages', auther=pam.authenticate)
bottle.run(app=app, host='0.0.0.0', port=80, server='auto')
[Ctrl+ D]
```
3. Invoke the python-script to start-up **pypiserver**
```shell
$ python pypiserver-start.py
```
Note
The [python-pam](https://pypi.org/project/python-pam/) module, requires *read* access to **/etc/shadow** file;
you may add the user under which **pypiserver** runs into the *shadow*
group, with a command like this: **sudo usermod -a -G shadow pypy-user**.
### [Use with MicroPython](#pypiserver)
The MicroPython interpreter for embedded devices can install packages with the
module **upip.py**. The module uses a specialized json-endpoint to retrieve
package information. This endpoint is supported by **pypiserver**.
It can be tested with the UNIX port of **micropython**
```shell
cd micropython
ports/unix/micropython -m tools.upip install -i http://my-server:8080 -p /tmp/mymodules micropython-foobar
```
Installing packages from the REPL of an embedded device works in this way:
```python
import network
import upip
sta_if = network.WLAN(network.STA_IF)
sta_if.active(True)
sta_if.connect('<your ESSID>', '<your password>')
upip.index_urls = ["http://my-server:8080"]
upip.install("micropython-foobar")
```
Further information on micropython-packaging can be found here: https://docs.micropython.org/en/latest/reference/packages.html
### [Custom Health Check Endpoint](#pypiserver)
**pypiserver** provides a default health endpoint at **/health**. It always returns
**200 Ok** if the service is up. Otherwise, it means that the service is not responsive.
In addition, **pypiserver** allows users to customize the health endpoint.
Alphanumeric characters, hyphens, forward slashes and underscores are allowed
and the endpoint should not overlap with any existing routes.
Valid examples: **/healthz**, **/health/live-1**, **/api_health**, **/action/health**
#### [Configure a custom health endpoint by CLI arguments](#pypiserver)
Run pypiserver with **--health-endpoint** argument:
```shell
pypi-server run --health-endpoint /action/health
```
#### [Configure a custom health endpoint by script](#pypiserver)
````python
import pypiserver
from pypiserver import bottle
app = pypiserver.app(root="./packages", health_endpoint="/action/health")
bottle.run(app=app, host="
```python
import pypiserver
from pypiserver import bottle
app = pypiserver.app(root="./packages", health_endpoint="/action/health")
bottle.run(app=app, host="0.0.0.0", port=8080, server="auto")
````
Try **curl http://localhost:8080/action/health**
## [Sources](#pypiserver)
To create a copy of the repository, use
```shell
git clone https://github.com/pypiserver/pypiserver.git
cd pypiserver
```
To receive any later changes, in the above folder use:
```shell
git pull
```
## [Known Limitations](#pypiserver)
**pypiserver** does not implement the full API as seen on [PyPI](https://pypi.org/). It
implements just enough to make **easy_install**, **pip install**, and
**search** work.
The following limitations are known:
- Command **pypi -U** that compares uploaded packages with *pypi* to see if
they are outdated, does not respect a http-proxy environment variable
(see [#19](https://github.com/pypiserver/pypiserver/issues/19).
- It accepts documentation uploads but does not save them to
disk (see [#47](https://github.com/pypiserver/pypiserver/issues/47) for a
discussion)
- It does not handle misspelled packages as *pypi-repo* does,
therefore it is suggested to use it with **--extra-index-url** instead
of **--index-url** (see [#38](https://github.com/pypiserver/pypiserver/issues/38%3E)).
Please use Github's [bugtracker](https://github.com/pypiserver/pypiserver/issues%3E)
for other bugs you find.
## [Similar Projects](#pypiserver)
There are lots of other projects, which allow you to run your own
PyPI server. If **pypiserver** doesn't work for you, the following are
among the most popular alternatives:
- [devpi-server](https://pypi.org/project/devpi/):
a reliable fast pypi.org caching server, part of
the comprehensive [github-style pypi index server and packaging meta tool](https://pypi.org/project/devpi/).
(version: 2.1.4, access date: 8/3/2015)
- Check this SO question: [How to roll my own pypi](http://stackoverflow.com/questions/1235331/how-to-roll-my-own-pypi)
### [Unmaintained or archived](#pypiserver)
These projects were once alternatives to pypiserver but are now either unmaintained or archived.
- [pip2pi](https://github.com/wolever/pip2pi)
a simple cmd-line tool that builds a PyPI-compatible local folder from pip requirements
- [flask-pypi-proxy](http://flask-pypi-proxy.readthedocs.org/)
A proxy for PyPI that also enables uploading custom packages.
## [Related Software](#pypiserver)
Though not direct alternatives for **pypiserver**'s use as an index
server, the following is a list of related software projects that you
may want to familiarize with:
- [pypi-uploader](https://pypi.org/project/pypi-uploader/):
A command-line utility to upload packages to your **pypiserver** from pypi without
having to store them locally first.
- [twine](https://pypi.org/project/twine/):
A command-line utility for interacting with PyPI or **pypiserver**.
- [warehouse](https://github.com/pypa/warehouse/):
the software that powers [PyPI](https://pypi.org/) itself. It is not generally intended to
be run by end-users.
# Licensing
**pypiserver** contains a copy of [bottle](http://bottlepy.org/) which is available under the
MIT license, and the remaining part is distributed under the zlib/libpng license.
See the **LICENSE.txt** file.
Raw data
{
"_id": null,
"home_page": "https://github.com/pypiserver/pypiserver",
"name": "pypiserver-pluggable-backends",
"maintainer": "Kostis Anagnostopoulos <ankostis@gmail.com>Matthew Planchard <mplanchard@gmail.com>",
"docs_url": null,
"requires_python": ">=3.6",
"maintainer_email": "ankostis@gmail.com",
"keywords": "",
"author": "",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/d6/f3/ade2d82c83505788413aea712b3c0c398b3ee33e7d479396aafdb9f38c8d/pypiserver-pluggable-backends-1.5.2.tar.gz",
"platform": "any",
"description": "\n\n[**pypiserver - minimal PyPI server for use with pip/easy_install**](<>)\n\n[](https://shields.io/)\n[](https://github.com/pypiserver/pypiserver/actions/workflows/ci.yml)\n[](https://pypi.org/project/pypiserver/)\n[](https://raw.githubusercontent.com/pypiserver/pypiserver/master/LICENSE.txt)\n\n| name | description |\n| :---------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| Version | 1.5.2 |\n| Date: | 2023-07-30 |\n| Source | https://github.com/pypiserver/pypiserver |\n| PyPI | https://pypi.org/project/pypiserver/ |\n| Tests | https://github.com/pypiserver/pypiserver/actions |\n| Maintainers | Kostis Anagnostopoulos <ankostis@gmail.com>, Matthew Planchard <mplanchard@gmail.com>, Dmitrii Orlov <dmtree.dev@yahoo.com>, **Someone new?** We are looking for new maintainers! [#397](https://github.com/pypiserver/pypiserver/issues/397) |\n| License | zlib/libpng + MIT |\n| Community | https://pypiserver.zulipchat.com |\n\nChat with us on [Zulip](https://pypiserver.zulipchat.com)!\n\n**pypiserver** is a minimal [PyPI](https://pypi.org/) compatible server for **pip** or **easy_install**.\nIt is based on [bottle](http://bottlepy.org/) and serves packages from regular directories.\nWheels, bdists, eggs and accompanying PGP-signatures can be uploaded\neither with **pip**, **setuptools**, **twine**, **pypi-uploader**, or simply copied\nwith **scp**.\n\nNote\nThe official software powering [PyPI](https://pypi.org/) is\n[Warehouse](https://github.com/pypa/warehouse/). However,\n[Warehouse](https://github.com/pypa/warehouse/)\nis fairly specialized to be **pypi.org**'s own software, and should not\nbe used in other contexts. In particular, it does not officially support\nbeing used as a custom package index by users wishing to serve their own\npackages.\n\n**pypiserver** implements the same interfaces as [PyPI](https://pypi.org/), allowing\nstandard Python packaging tooling such as **pip** and **twine** to\ninteract with it as a package index just as they would with [PyPI](https://pypi.org/), while\nmaking it much easier to get a running index server.\n\n# pypiserver\n\nTable of Contents\n\n- [pypiserver - minimal PyPI server for use with pip/easy_install](#pypiserver---minimal-pypi-server-for-use-with-pipeasy_install)\n - [Quickstart Installation and Usage](#Quickstart-Installation-and-Usage)\n - [More details about pypi-server run](#More-details-about-pypi-server-run)\n - [More details about pypi-server update](#More-details-about-pypi-server-update)\n - [Client-Side Configurations](#Client-Side-Configurations)\n - [Configuring pip](#Configuring-pip)\n - [Configuring easy_install](#Configuring-easy_install)\n - [Uploading Packages Remotely](#Uploading-Packages-Remotely)\n - [Apache like Authentication ( htpasswd )](#Apache-like-Authentication)\n - [Upload with setuptools](#Upload-with-setuptools)\n - [Upload with twine](#Upload-with-twine)\n - [Using the Docker Image](#Using-the-Docker-Image)\n - [Alternative Installation methods](#Alternative-Installation-methods)\n - [Installing the Very Latest Version](#Installing-the-Very-Latest-Version)\n - [Recipes](#Recipes)\n - [Managing the Package Directory](#Managing-the-Package-Directory)\n - [Serving Thousands of Packages](#Serving-Thousands-of-Packages)\n - [Managing Automated Startup](#Managing-Automated-Startup)\n - [Running as a systemd service](#Running-as-a-systemd-service)\n - [Launching through supervisor](#Launching-through-supervisor)\n - [Running as a service with NSSM (Windows)](#Running-as-a-service-with-NSSM)\n - [Using a Different WSGI Server](#Using-a-Different-WSGI-Server)\n - [Apache](#Apache)\n - [Gunicorn](#Gunicorn)\n - [Paste](#Paste)\n - [Behind a Reverse Proxy](#Behind-a-Reverse-Proxy)\n - [Nginx](#Nginx)\n - [Supporting HTTPS](#Supporting-HTTPS)\n - [Traefik](#Traefik)\n - [Utilizing the API](#Utilizing-the-API)\n - [Using Ad-Hoc Authentication Providers](#Using-Ad-Hoc-Authentication-Providers)\n - [Use with MicroPython](#Use-with-MicroPython)\n - [Custom Health Check Endpoint](#Custom-Health-Check-Endpoint)\n - [Configure a custom health check by CLI arguments](#Configure-a-custom-health-check-by-CLI-arguments)\n - [Configure a custom health endpoint by script](#Configure-a-custom-health-endpoint-by-script)\n - [Sources](#Sources)\n - [Known Limitations](#known-limitations)\n - [Similar Projects](#similar-projects)\n - [Unmaintained or archived](#unmaintained-or-archived)\n - [Related Projects](#related-projects)\n - [License](#license)\n\n## [Quickstart Installation and Usage](#pypiserver)\n\n**pypiserver** works with Python 3.6+ and PyPy3.\n\nOlder Python versions may still work, but they are not tested.\n\nFor legacy Python versions, use **pypiserver-1.x** series. Note that these are\nnot officially supported, and will not receive bugfixes or new features.\n\nTip\n\nThe commands below work on a unix-like operating system with a posix shell.\nThe **'~'** character expands to user's home directory.\n\nIf you're using Windows, you'll have to use their \"Windows counterparts\".\nThe same is true for the rest of this documentation.\n\n1. Install **pypiserver** with this command\n\n```shell\n pip install pypiserver # Or: pypiserver[passlib,cache]\n mkdir ~/packages # Copy packages into this directory.\n```\n\nSee also [Alternative Installation methods](<>)\n\n2. Copy some packages into your **~/packages** folder and then\n get your **pypiserver** up and running\n\n```shell\n pypi-server run -p 8080 ~/packages & # Will listen to all IPs.\n```\n\n3. From the client computer, type this\n\n```shell\n # Download and install hosted packages.\n pip install --extra-index-url http://localhost:8080/simple/ ...\n\n # or\n pip install --extra-index-url http://localhost:8080 ...\n\n # Search hosted packages.\n pip search --index http://localhost:8080 ...\n\n # Note that pip search does not currently work with the /simple/ endpoint.\n```\n\nSee also [Client-side configurations](#Client-Side-Configurations) for avoiding tedious typing.\n\n4. Enter **pypi-server -h** in the cmd-line to print a detailed usage message\n\n```text\nusage: pypi-server [-h] [-v] [--log-file FILE] [--log-stream STREAM]\n [--log-frmt FORMAT] [--hash-algo HASH_ALGO]\n [--backend {auto,simple-dir,cached-dir}] [--version]\n {run,update} ...\n\nstart PyPI compatible package server serving packages from PACKAGES_DIRECTORY. If PACKAGES_DIRECTORY is not given on the command line, it uses the default ~/packages. pypiserver scans this directory recursively for packages. It skips packages and directories starting with a dot. Multiple package directories may be specified.\n\npositional arguments:\n {run,update}\n run Run pypiserver, serving packages from\n PACKAGES_DIRECTORY\n update Handle updates of packages managed by pypiserver. By\n default, a pip command to update the packages is\n printed to stdout for introspection or pipelining. See\n the `-x` option for updating packages directly.\n\noptional arguments:\n -h, --help show this help message and exit\n -v, --verbose Enable verbose logging; repeat for more verbosity.\n --log-file FILE Write logging info into this FILE, as well as to\n stdout or stderr, if configured.\n --log-stream STREAM Log messages to the specified STREAM. Valid values are\n stdout, stderr, and none\n --log-frmt FORMAT The logging format-string. (see `logging.LogRecord`\n class from standard python library)\n --hash-algo HASH_ALGO\n Any `hashlib` available algorithm to use for\n generating fragments on package links. Can be disabled\n with one of (0, no, off, false).\n --backend {auto,simple-dir,cached-dir}\n A backend implementation. Keep the default 'auto' to\n automatically determine whether to activate caching or\n not\n --version show program's version number and exit\n\nVisit https://github.com/pypiserver/pypiserver for more information\n \n\n```\n\n### [More details about pypi server run](#pypiserver)\n\nEnter **pypi-server run -h** in the cmd-line to print a detailed usage\n\n```text\nusage: pypi-server run [-h] [-v] [--log-file FILE] [--log-stream STREAM]\n [--log-frmt FORMAT] [--hash-algo HASH_ALGO]\n [--backend {auto,simple-dir,cached-dir}] [--version]\n [-p PORT] [-i HOST] [-a AUTHENTICATE]\n [-P PASSWORD_FILE] [--disable-fallback]\n [--fallback-url FALLBACK_URL]\n [--health-endpoint HEALTH_ENDPOINT] [--server METHOD]\n [-o] [--welcome HTML_FILE] [--cache-control AGE]\n [--log-req-frmt FORMAT] [--log-res-frmt FORMAT]\n [--log-err-frmt FORMAT]\n [package_directory [package_directory ...]]\n\npositional arguments:\n package_directory The directory from which to serve packages.\n\noptional arguments:\n -h, --help show this help message and exit\n -v, --verbose Enable verbose logging; repeat for more verbosity.\n --log-file FILE Write logging info into this FILE, as well as to\n stdout or stderr, if configured.\n --log-stream STREAM Log messages to the specified STREAM. Valid values are\n stdout, stderr, and none\n --log-frmt FORMAT The logging format-string. (see `logging.LogRecord`\n class from standard python library)\n --hash-algo HASH_ALGO\n Any `hashlib` available algorithm to use for\n generating fragments on package links. Can be disabled\n with one of (0, no, off, false).\n --backend {auto,simple-dir,cached-dir}\n A backend implementation. Keep the default 'auto' to\n automatically determine whether to activate caching or\n not\n --version show program's version number and exit\n -p PORT, --port PORT Listen on port PORT (default: 8080)\n -i HOST, -H HOST, --interface HOST, --host HOST\n Listen on interface INTERFACE (default: 0.0.0.0)\n -a AUTHENTICATE, --authenticate AUTHENTICATE\n Comma-separated list of (case-insensitive) actions to\n authenticate (options: download, list, update;\n default: update).\n \n Any actions not specified are not authenticated, so\n to authenticate downloads and updates, but allow\n unauthenticated viewing of the package list, you would\n use:\n \n pypi-server -a 'download, update' -P\n ./my_passwords.htaccess\n \n To disable authentication, use:\n \n pypi-server -a . -P .\n \n See the `-P` option for configuring users and\n passwords.\n \n Note that when uploads are not protected, the\n `register` command is not necessary, but `~/.pypirc`\n still needs username and password fields, even if\n bogus.\n -P PASSWORD_FILE, --passwords PASSWORD_FILE\n Use an apache htpasswd file PASSWORD_FILE to set\n usernames and passwords for authentication.\n \n To allow unauthorized access, use:\n \n pypi-server -a . -P .\n \n --disable-fallback Disable the default redirect to PyPI for packages not\n found in the local index.\n --fallback-url FALLBACK_URL\n Redirect to FALLBACK_URL for packages not found in the\n local index.\n --health-endpoint HEALTH_ENDPOINT\n Configure a custom liveness endpoint. It always\n returns 200 Ok if the service is up. Otherwise, it\n means that the service is not responsive.\n --server METHOD Use METHOD to run the server. Valid values include\n paste, cherrypy, twisted, gunicorn, gevent, wsgiref,\n and auto. The default is to use \"auto\", which chooses\n one of paste, cherrypy, twisted, or wsgiref.\n -o, --overwrite Allow overwriting existing package files during\n upload.\n --welcome HTML_FILE Use the contents of HTML_FILE as a custom welcome\n message on the home page.\n --cache-control AGE Add \"Cache-Control: max-age=AGE\" header to package\n downloads. Pip 6+ requires this for caching.AGE is\n specified in seconds.\n --log-req-frmt FORMAT\n A format-string selecting Http-Request properties to\n log; set to '%s' to see them all.\n --log-res-frmt FORMAT\n A format-string selecting Http-Response properties to\n log; set to '%s' to see them all.\n --log-err-frmt FORMAT\n A format-string selecting Http-Error properties to\n log; set to '%s' to see them all.\n\n```\n\n### [More details about pypi-server update](#pypiserver)\n\nMore details about **pypi-server update**\n\n```text\nusage: pypi-server update [-h] [-v] [--log-file FILE] [--log-stream STREAM]\n [--log-frmt FORMAT] [--hash-algo HASH_ALGO]\n [--backend {auto,simple-dir,cached-dir}] [--version]\n [-x] [-d DOWNLOAD_DIRECTORY] [-u]\n [--blacklist-file IGNORELIST_FILE]\n [package_directory [package_directory ...]]\n\npositional arguments:\n package_directory The directory from which to serve packages.\n\noptional arguments:\n -h, --help show this help message and exit\n -v, --verbose Enable verbose logging; repeat for more verbosity.\n --log-file FILE Write logging info into this FILE, as well as to\n stdout or stderr, if configured.\n --log-stream STREAM Log messages to the specified STREAM. Valid values are\n stdout, stderr, and none\n --log-frmt FORMAT The logging format-string. (see `logging.LogRecord`\n class from standard python library)\n --hash-algo HASH_ALGO\n Any `hashlib` available algorithm to use for\n generating fragments on package links. Can be disabled\n with one of (0, no, off, false).\n --backend {auto,simple-dir,cached-dir}\n A backend implementation. Keep the default 'auto' to\n automatically determine whether to activate caching or\n not\n --version show program's version number and exit\n -x, --execute Execute the pip commands rather than printing to\n stdout\n -d DOWNLOAD_DIRECTORY, --download-directory DOWNLOAD_DIRECTORY\n Specify a directory where packages updates will be\n downloaded. The default behavior is to use the\n directory which contains the package being updated.\n -u, --allow-unstable Allow updating to unstable versions (alpha, beta, rc,\n dev, etc.)\n --blacklist-file IGNORELIST_FILE, --ignorelist-file IGNORELIST_FILE\n Don't update packages listed in this file (one package\n name per line, without versions, '#' comments\n honored). This can be useful if you upload private\n packages into pypiserver, but also keep a mirror of\n public packages that you regularly update. Attempting\n to pull an update of a private package from `pypi.org`\n might pose a security risk - e.g. a malicious user\n might publish a higher version of the private package,\n containing arbitrary code.\n\n\n```\n\n## [Client-Side Configurations](#pypiserver)\n\nAlways specifying the pypi url on the command line is a bit\ncumbersome. Since **pypiserver** redirects **pip/easy_install** to the\n**pypi.org** index if it doesn't have a requested package, it is a\ngood idea to configure them to always use your local pypi index.\n\n### [Configuring pip](#pypiserver)\n\nFor **pip** command this can be done by setting the environment variable\n**[PIP_EXTRA_INDEX_URL](https://packaging.python.org/en/latest/guides/hosting-your-own-index/)** in your **.bashr/.profile/.zshrc**\n\n```shell\nexport PIP_EXTRA_INDEX_URL=http://localhost:8080/simple/\n```\n\nor by adding the following lines to **~/.pip/pip.conf**\n\n```shell\n[global]\nextra-index-url = http://localhost:8080/simple/\n```\n\nNote\n\nIf you have installed **pypiserver** on a remote url without *https*\nyou will receive an \"untrusted\" warning from *pip*, urging you to append\nthe **--trusted-host** option. You can also include this option permanently\nin your configuration-files or environment variables.\n\n### [Configuring easy_install](#pypiserver)\n\nFor **easy_install** command you may set the following configuration in\n**~/.pydistutils.cfg**\n\n```shell\n[easy_install]\nindex_url = http://localhost:8080/simple/\n```\n\n### [Uploading Packages Remotely](#pypiserver)\n\nInstead of copying packages directly to the server's folder (i.e. with **scp**),\nyou may use python tools for the task, e.g. **python setup.py upload**.\nIn that case, **pypiserver** is responsible for authenticating the upload-requests.\n\nNote\n\nWe strongly advise to password-protected your uploads!\n\nIt is possible to disable authentication for uploads (e.g. in intranets).\nTo avoid lazy security decisions, read help for **-P** and **-a** options.\n\n#### [Apache Like Authentication (htpasswd)](#pypiserver)\n\n1. First make sure you have the **passlib** module installed (note that\n **passlib>=1.6** is required), which is needed for parsing the Apache\n *htpasswd* file specified by the **-P**, **--passwords** option\n (see next steps)\n\n```shell\n pip install passlib\n```\n\n2. Create the Apache **htpasswd** file with at least one user/password pair\n with this command (you'll be prompted for a password)\n\n```shell\n htpasswd -sc htpasswd.txt <some_username>\n\n```\n\nTip\n\nRead this [SO](http://serverfault.com/questions/152950/how-to-create-and-edit-htaccess-and-htpasswd-locally-on-my-computer-and-then-u) question for running `htpasswd` cmd under *Windows*\nor if you have bogus passwords that you don't care because they are for\nan internal service (which is still \"bad\", from a security perspective...)\nyou may use this [public service](http://www.htaccesstools.com/htpasswd-generator/)\n\nTip\n\nWhen accessing pypiserver via the api, alternate authentication\nmethods are available via the **auther** config flag. Any callable\nreturning a boolean can be passed through to the pypiserver config in\norder to provide custom authentication. For example, to configure\npypiserver to authenticate using the [python-pam](https://pypi.org/project/python-pam/)\n\n```shell\n import pam\n pypiserver.default_config(auther=pam.authenticate)\n\n```\n\nPlease see `Using Ad-hoc authentication providers`\\_ for more information.\n\n3. You need to restart the server with the **-P** option only once\n (but user/password pairs can later be added or updated on the fly)\n\n```shell\n ./pypi-server run -p 8080 -P htpasswd.txt ~/packages &\n```\n\n#### [Upload with setuptools](#pypiserver)\n\n1. On client-side, edit or create a **~/.pypirc** file with a similar content:\n\n```shell\n [distutils]\n index-servers =\n pypi\n local\n\n [pypi]\n username:<your_pypi_username>\n password:<your_pypi_passwd>\n\n [local]\n repository: http://localhost:8080\n username: <some_username>\n password: <some_passwd>\n```\n\n2. Then from within the directory of the python-project you wish to upload,\n issue this command:\n\n```shell\n python setup.py sdist upload -r local\n```\n\n#### [Upload with twine](#pypiserver)\n\nTo avoid storing you passwords on disk, in clear text, you may either:\n\n- use the **register** *setuptools*'s command with the **-r** option,\n like that\n\n```shell\n python setup.py sdist register -r local upload -r local\n```\n\n- use *twine* library, which\n breaks the procedure in two steps. In addition, it supports signing\n your files with PGP-Signatures and uploading the generated *.asc* files\n to **pypiserver**::\n\n```shell\n twine upload -r local --sign -identity user_name ./foo-1.zip\n```\n\n## [Using the Docker Image](#pypiserver)\n\nStarting with version 1.2.5, official Docker images will be built for each\npush to master, each dev, alpha, or beta release, and each final release.\nThe most recent full release will always be available under the tag **latest**,\nand the current master branch will always be available under the tag\n**unstable**.\n\nYou can always check to see what tags are currently available at our\n[*Docker Repo*](https://hub.docker.com/r/pypiserver/pypiserver/tags/).\n\nTo run the most recent release of **pypiserver** with Docker, simply\n\n```shell\n docker run pypiserver/pypiserver:latest run\n```\n\nThis starts **pypiserver** serving packages from the **/data/packages**\ndirectory inside the container, listening on the container port 8080.\n\nThe container takes all the same arguments as the normal **pypi-server**\nexecutable, with the exception of the internal container port (**-p**),\nwhich will always be 8080.\n\nOf course, just running a container isn't that interesting. To map\nport 80 on the host to port 8080 on the container::\n\n```shell\n docker run -p 80:8080 pypiserver/pypiserver:latest run\n```\n\nYou can now access your **pypiserver** at **localhost:80** in a web browser.\n\nTo serve packages from a directory on the host, e.g. **~/packages**\n\n```shell\n docker run -p 80:8080 -v ~/packages:/data/packages pypiserver/pypiserver:latest run\n```\n\nTo authenticate against a local **.htpasswd** file::\n\n```shell\n docker run -p 80:8080 -v ~/.htpasswd:/data/.htpasswd pypiserver/pypiserver:latest run -P .htpasswd packages\n```\n\nYou can also specify **pypiserver** to run as a Docker service using a\ncomposefile. An example composefile is [provided](https://github.com/pypiserver/pypiserver/blob/master/docker-compose.yml)\n\n## [Alternative Installation Methods](#pypiserver)\n\nWhen trying the methods below, first use the following command to check whether\nprevious versions of **pypiserver** already exist, and (optionally) uninstall them::\n\n```shell\n# VERSION-CHECK: Fails if not installed.\npypi-server --version\n\n# UNINSTALL: Invoke again until it fails.\npip uninstall pypiserver\n```\n\n### [Installing the Very Latest Version](#pypiserver)\n\nIn case the latest version in *pypi* is a pre-release, you have to use\n*pip*'s *--pre* option. And to update an existing installation combine it\nwith `--ignore-installed`\n\n```shell\npip install pypiserver --pre -I\n```\n\nYou can even install the latest **pypiserver** directly from *github* with the\nfollowing command, assuming you have *git* installed on your **PATH**\n\n```shell\npip install git+git://github.com/pypiserver/pypiserver.git\n```\n\n## [Recipes](#pypiserver)\n\n### [Managing the Package Directory](#pypiserver)\n\nThe **pypi-server** command has the **update** command that searches for updates of\navailable packages. It scans the package directory for available\npackages and searches on pypi.org for updates. Without further\noptions **pypi-server update** will just print a list of commands which must\nbe run in order to get the latest version of each package. Output\nlooks like\n\n```shell\n $ ./pypi-server update \n checking 106 packages for newer version\n\n .........u.e...........e..u.............\n .....e..............................e...\n ..........................\n\n no releases found on pypi for PyXML, Pymacs, mercurial, setuptools\n\n # update raven from 1.4.3 to 1.4.4\n pip -q install --no-deps --extra-index-url https://pypi.org/simple/ -d /home/ralf/packages/mirror raven==1.4.4\n\n # update greenlet from 0.3.3 to 0.3.4\n pip -q install --no-deps --extra-index-url https://pypi.org/simple/ -d /home/ralf/packages/mirror greenlet==0.3.4\n```\n\nIt first prints for each package a single character after checking the\navailable versions on pypi. A dot(.) means the package is up-to-date, **'u'**\nmeans the package can be updated and **'e'** means the list of releases on\npypi is empty. After that it shows a *pip* command line which can be used\nto update a one package. Either copy and paste that or run\n**pypi-server update -x** in order to really execute those commands. You need\nto have *pip* installed for that to work however.\n\nSpecifying an additional **-u** option will also allow alpha, beta and\nrelease candidates to be downloaded. Without this option these\nreleases won't be considered.\n\n### [Serving Thousands of Packages](#pypiserver)\n\nBy default, **pypiserver** scans the entire packages directory each time an\nincoming HTTP request occurs. This isn't a problem for a small number of\npackages, but causes noticeable slow-downs when serving thousands of packages.\n\nIf you run into this problem, significant speedups can be gained by enabling\npypiserver's directory caching functionality. The only requirement is to\ninstall the **watchdog** package, or it can be installed during **pypiserver**\ninstallation, by specifying the **cache** extras option::\n\n```shell\n pip install pypiserver[cache]\n```\n\nAdditional speedups can be obtained by using your webserver's builtin\ncaching functionality. For example, if you are using `nginx` as a\nreverse-proxy as described below in `Behind a reverse proxy`, you can\neasily enable caching. For example, to allow nginx to cache up to\n10 gigabytes of data for up to 1 hour::\n\n```shell\n proxy_cache_path /data/nginx/cache\n levels=1:2\n keys_zone=pypiserver_cache:10m\n max_size=10g\n inactive=60m\n use_temp_path=off;\n\n server {\n # ...\n location / {\n proxy_cache pypiserver_cache;\n proxy_pass http://localhost:8080;\n }\n }\n\n```\n\nUsing webserver caching is especially helpful if you have high request\nvolume. Using nginx caching, a real-world pypiserver installation was\nable to easily support over 1000 package downloads/min at peak load.\n\n### [Managing Automated Startup](#pypiserver)\n\nThere are a variety of options for handling the automated starting of\npypiserver upon system startup. Two of the most common are *systemd* and\n*supervisor* for linux systems. For windows creating services with scripts isn't\nan easy task without a third party tool such as *NSSM*.\n\n#### [Running As a systemd Service](#pypiserver)\n\n**systemd** is installed by default on most modern Linux systems and as such,\nit is an excellent option for managing the pypiserver process. An example\nconfig file for **systemd** can be seen below\n\n```shell\n [Unit]\n Description=A minimal PyPI server for use with pip/easy_install.\n After=network.target\n\n [Service]\n Type=simple\n # systemd requires absolute path here too.\n PIDFile=/var/run/pypiserver.pid\n User=www-data\n Group=www-data\n\n ExecStart=/usr/local/bin/pypi-server run -p 8080 -a update,download --log-file /var/log/pypiserver.log -P /etc/nginx/.htpasswd /var/www/pypi\n ExecStop=/bin/kill -TERM $MAINPID\n ExecReload=/bin/kill -HUP $MAINPID\n Restart=always\n\n WorkingDirectory=/var/www/pypi\n\n TimeoutStartSec=3\n RestartSec=5\n\n [Install]\n WantedBy=multi-user.target\n```\n\nAdjusting the paths and adding this file as **pypiserver.service** into your\n**systemd/system** directory will allow management of the pypiserver process with\n**systemctl**, e.g. **systemctl start pypiserver**.\n\nMore useful information about *systemd* can be found at\nhttps://www.digitalocean.com/community/tutorials/how-to-use-systemctl-to-manage-systemd-services-and-units\n\n#### [Launching through supervisor](#pypiserver)\n\n[supervisor](http://supervisord.org/) has the benefit of being a pure python\npackage and as such, it provides excellent cross-platform support for process\nmanagement. An example configuration file for **supervisor** is given below\n\n```shell\n [program:pypi]\n command=/home/pypi/pypi-venv/bin/pypi-server run -p 7001 -P /home/pypi/.htpasswd /home/pypi/packages\n directory=/home/pypi\n user=pypi\n autostart=true\n autorestart=true\n stderr_logfile=/var/log/pypiserver.err.log\n stdout_logfile=/var/log/pypiserver.out.log\n```\n\nFrom there, the process can be managed via **supervisord** using **supervisorctl**.\n\n#### [Running As a service with NSSM](#pypiserver)\n\nFor Windows download NSSM from https://nssm.cc unzip to a desired location such as Program Files. Decide whether you are going\nto use win32 or win64, and add that exe to environment PATH.\n\nCreate a start_pypiserver.bat\n\n```shell\n pypi-server run -p 8080 C:\\Path\\To\\Packages &\n```\n\nTest the batch file by running it first before creating the service. Make sure you can access\nthe server remotely, and install packages. If you can, proceed, if not troubleshoot until you can.\nThis will ensure you know the server works, before adding NSSM into the mix.\n\nFrom the command prompt\n\n```shell\n nssm install pypiserver\n```\n\nThis command will launch a NSSM gui application\n\n```shell\n Path: C:\\Path\\To\\start_pypiserver.bat\n Startup directory: Auto generates when selecting path\n Service name: pypiserver\n```\n\nThere are more tabs, but that is the basic setup. If the service needs to be running with a certain\nlogin credentials, make sure you enter those credentials in the logon tab.\n\nStart the service\n\n```shell\n nssm start pypiserver\n```\n\nOther useful commands\n\n```shell\n nssm --help\n nssm stop <servicename>\n nssm restart <servicename>\n nssm status <servicename>\n\n```\n\nFor detailed information please visit https://nssm.cc\n\n### [Using a Different WSGI Server](#pypiserver)\n\n- The **bottle** web-server which supports many WSGI-servers, among others,\n **paste**, **cherrypy**, **twisted** and **wsgiref** (part of Python); you select\n them using the **--server** flag.\n\n- You may view all supported WSGI servers using the following interactive code\n\n```python\n >>> from pypiserver import bottle\n >>> list(bottle.server_names.keys())\n ['cgi', 'gunicorn', 'cherrypy', 'eventlet', 'tornado', 'geventSocketIO',\n 'rocket', 'diesel', 'twisted', 'wsgiref', 'fapws3', 'bjoern', 'gevent',\n 'meinheld', 'auto', 'aiohttp', 'flup', 'gae', 'paste', 'waitress']\n\n```\n\n- If none of the above servers matches your needs, invoke just the\n **pypiserver:app()** method which returns the internal WSGI-app WITHOUT\n starting-up a server - you may then send it to any WSGI server you like.\n Read also the [Utilizing the API](#utilizing-the-api) section.\n\n- Some examples are given below - you may find more details in [bottle\n site](http://bottlepy.org/docs/dev/deployment.html#switching-the-server-backend%3E).\n\n#### [Apache](#pypiserver)\n\nTo use your *Apache2* with **pypiserver**, prefer to utilize **mod_wsgi** as\nexplained in [bottle's documentation](http://bottlepy.org/docs/dev/deployment.html#apache-mod-wsgi%3E).\n\nNote\nIf you choose instead to go with **mod_proxy**, mind that you may bump into problems\nwith the prefix-path (see [#155](https://github.com/pypiserver/pypiserver/issues/155%3E)).\n\n1. Adapt and place the following *Apache* configuration either into top-level scope,\n or inside some **<VirtualHost>** (contributed by Thomas Waldmann):\n\n```shell\n WSGIScriptAlias / /yoursite/wsgi/pypiserver-wsgi.py\n WSGIDaemonProcess pypisrv user=pypisrv group=pypisrv umask=0007 \\\n processes=1 threads=5 maximum-requests=500 \\\n display-name=wsgi-pypisrv inactivity-timeout=300\n WSGIProcessGroup pypisrv\n WSGIPassAuthorization On # Required for authentication (https://github.com/pypiserver/pypiserver/issues/288)\n\n <Directory /yoursite/wsgi >\n Require all granted\n </Directory>\n```\n\nor if using older **Apache \\< 2.4**, substitute the last part with this::\n\n```shell\n <Directory /yoursite/wsgi >\n Order deny,allow\n Allow from all\n </Directory>\n```\n\n2. Then create the **/yoursite/cfg/pypiserver.wsgi** file and make sure that\n the **user** and **group** of the **WSGIDaemonProcess** directive\n (**pypisrv:pypisrv** in the example) have the read permission on it\n\n```python\n\n import pypiserver\n\n conf = pypiserver.default_config(\n root = \"/yoursite/packages\",\n password_file = \"/yoursite/htpasswd\", )\n application = pypiserver.app(**conf)\n\n```\n\nTip\nIf you have installed **pypiserver** in a virtualenv, follow **mod_wsgi**'s\n[instructions](http://modwsgi.readthedocs.io/en/develop/user-guides/virtual-environments.html)\nand prepend the python code above with the following\n\n```python\n import site\n\n site.addsitedir('/yoursite/venv/lib/pythonX.X/site-packages')\n```\n\nNote\nFor security reasons, notice that the **Directory** directive grants access\nto a directory holding the **wsgi** start-up script, alone; nothing else.\n\nNote\nTo enable HTTPS support on Apache, configure the directive that contains the\nWSGI configuration to use SSL.\n\n#### [gunicorn](#pypiserver)\n\nThe following command uses **gunicorn** to start **pypiserver**\n\n```shell\n gunicorn -w4 'pypiserver:app(root=\"/home/ralf/packages\")'\n```\n\nor when using multiple roots\n\n```shell\n gunicorn -w4 'pypiserver:app(root=[\"/home/ralf/packages\", \"/home/ralf/experimental\"])'\n```\n\n#### [paste](#pypiserver)\n\n[paste](http://pythonpaste.org) allows to run multiple WSGI applications\nunder different URL paths. Therefore, it is possible to serve different set\nof packages on different paths.\n\nThe following example **paste.ini** could be used to serve stable and\nunstable packages on different paths\n\n```shell\n [composite:main]\n use = egg:Paste#urlmap\n /unstable/ = unstable\n / = stable\n\n [app:stable]\n use = egg:pypiserver#main\n root = ~/stable-packages\n\n [app:unstable]\n use = egg:pypiserver#main\n root = ~/stable-packages\n ~/unstable-packages\n\n [server:main]\n use = egg:gunicorn#main\n host = 0.0.0.0\n port = 9000\n workers = 5\n accesslog = -\n\n```\n\nNote\nYou need to install some more dependencies for this to work, like::\n\n```shell\n pip install paste pastedeploy gunicorn pypiserver\n```\n\nThe server can then start with\n\n```shell\n gunicorn_paster paste.ini\n```\n\n### [Behind a Reverse Proxy](#pypiserver)\n\nYou can run **pypiserver** behind a reverse proxy as well.\n\n#### [Nginx](#pypiserver)\n\nExtend your nginx configuration\n\n```shell\n upstream pypi {\n server pypiserver.example.com:12345 fail_timeout=0;\n }\n\n server {\n server_name myproxy.example.com;\n\n location / {\n proxy_set_header Host $host:$server_port;\n proxy_set_header X-Forwarded-Proto $scheme;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_pass http://pypi;\n }\n }\n\n```\n\nAs of pypiserver 1.3, you may also use the `X-Forwarded-Host` header in your\nreverse proxy config to enable changing the base URL. For example if you\nwant to host pypiserver under a particular path on your server\n\n```shell\n upstream pypi {\n server localhost:8000;\n }\n\n server {\n location /pypi/ {\n proxy_set_header X-Forwarded-Host $host:$server_port/pypi;\n proxy_set_header X-Forwarded-Proto $scheme;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_pass http://pypi;\n }\n }\n```\n\n#### [Supporting HTTPS](#pypiserver)\n\nUsing a reverse proxy is the preferred way of getting pypiserver behind\nHTTPS. For example, to put pypiserver behind HTTPS on port 443, with\nautomatic HTTP redirection, using `nginx`\n\n```shell\n upstream pypi {\n server localhost:8000;\n }\n\n server {\n listen 80 default_server;\n server_name _;\n return 301 https://$host$request_uri;\n }\n\n server {\n listen 443 ssl;\n server_name pypiserver.example.com;\n\n ssl_certificate /etc/star.example.com.crt;\n ssl_certificate_key /etc/star.example.com.key;\n ssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n ssl_ciphers HIGH:!aNULL:!MD5;\n\n location / {\n proxy_set_header Host $host:$server_port;\n proxy_set_header X-Forwarded-Proto $scheme;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_pass http://pypi;\n }\n }\n\n```\n\nPlease see [nginx's HTTPS docs for more details](http://nginx.org/en/docs/http/configuring_https_servers.html).\n\nGetting and keeping your certificates up-to-date can be simplified using,\nfor example, using [certbot and letsencrypt](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04%3E).\n\n#### [Traefik](#pypiserver)\n\nIt is also possible to use [Traefik](https://docs.traefik.io/) to put pypiserver behind HTTPS on port 443, with\nautomatic HTTP redirection using Docker Compose. Please see the provided [docker-compose.yml](https://github.com/pypiserver/pypiserver/blob/master/docker-compose.yml) example for more information.\n\n### [Utilizing the API](#pypiserver)\n\nIn order to enable ad-hoc authentication-providers or to use WSGI-servers\nnot supported by *bottle* out-of-the-box, you needed to launch **pypiserver**\nvia its API.\n\n- The main entry-point for configuring **pypiserver** is the [pypiserver:app()](https://github.com/pypiserver/pypiserver/blob/master/pypiserver/__init__.py#L116)\n function. This function returns the internal WSGI-app that you my then\n send to any WSGI-server you like.\n\n- To get all **pypiserver:app()** keywords and their explanations, read the\n function [pypiserver:default_config()](https://github.com/pypiserver/pypiserver/blob/master/pypiserver/__init__.py#L35)\n\n- Finally, to fire-up a WSGI-server with the configured app, invoke\n the **bottle:run(app, host, port, server)** function.\n Note that **pypiserver** ships with its own copy of *bottle*; to use it,\n import it like that: **from pypiserver import bottle**\n\n#### [Using Ad-Hoc Authentication Providers](#pypiserver)\n\nThe **auther** keyword of **pypiserver:app()** function maybe set only using\nthe API. This can be any callable that returns a boolean when passed\nthe *username* and the *password* for a given request.\n\nFor example, to authenticate users based on the **/etc/passwd** file under Unix,\nyou may delegate such decisions to the [python-pam](https://pypi.org/project/python-pam/) library by following\nthese steps:\n\n1. Ensure **python-pam** module is installed\n\n pip install python-pam\n\n1. Create a python-script along these lines\n\n```shell\n $ cat > pypiserver-start.py\n import pypiserver\n from pypiserver import bottle\n import pam\n app = pypiserver.app(root='./packages', auther=pam.authenticate)\n bottle.run(app=app, host='0.0.0.0', port=80, server='auto')\n\n [Ctrl+ D]\n```\n\n3. Invoke the python-script to start-up **pypiserver**\n\n```shell\n $ python pypiserver-start.py\n```\n\nNote\nThe [python-pam](https://pypi.org/project/python-pam/) module, requires *read* access to **/etc/shadow** file;\nyou may add the user under which **pypiserver** runs into the *shadow*\ngroup, with a command like this: **sudo usermod -a -G shadow pypy-user**.\n\n### [Use with MicroPython](#pypiserver)\n\nThe MicroPython interpreter for embedded devices can install packages with the\nmodule **upip.py**. The module uses a specialized json-endpoint to retrieve\npackage information. This endpoint is supported by **pypiserver**.\n\nIt can be tested with the UNIX port of **micropython**\n\n```shell\n cd micropython\n ports/unix/micropython -m tools.upip install -i http://my-server:8080 -p /tmp/mymodules micropython-foobar\n\n```\n\nInstalling packages from the REPL of an embedded device works in this way:\n\n```python\n import network\n import upip\n\n sta_if = network.WLAN(network.STA_IF)\n sta_if.active(True)\n sta_if.connect('<your ESSID>', '<your password>')\n upip.index_urls = [\"http://my-server:8080\"]\n upip.install(\"micropython-foobar\")\n```\n\nFurther information on micropython-packaging can be found here: https://docs.micropython.org/en/latest/reference/packages.html\n\n### [Custom Health Check Endpoint](#pypiserver)\n\n**pypiserver** provides a default health endpoint at **/health**. It always returns\n**200 Ok** if the service is up. Otherwise, it means that the service is not responsive.\n\nIn addition, **pypiserver** allows users to customize the health endpoint.\nAlphanumeric characters, hyphens, forward slashes and underscores are allowed\nand the endpoint should not overlap with any existing routes.\nValid examples: **/healthz**, **/health/live-1**, **/api_health**, **/action/health**\n\n#### [Configure a custom health endpoint by CLI arguments](#pypiserver)\n\nRun pypiserver with **--health-endpoint** argument:\n\n```shell\n pypi-server run --health-endpoint /action/health\n```\n\n#### [Configure a custom health endpoint by script](#pypiserver)\n\n````python\n import pypiserver\n from pypiserver import bottle\n app = pypiserver.app(root=\"./packages\", health_endpoint=\"/action/health\")\n bottle.run(app=app, host=\"\n\n```python\n import pypiserver\n from pypiserver import bottle\n app = pypiserver.app(root=\"./packages\", health_endpoint=\"/action/health\")\n bottle.run(app=app, host=\"0.0.0.0\", port=8080, server=\"auto\")\n````\n\nTry **curl http://localhost:8080/action/health**\n\n## [Sources](#pypiserver)\n\nTo create a copy of the repository, use\n\n```shell\n git clone https://github.com/pypiserver/pypiserver.git\n cd pypiserver\n```\n\nTo receive any later changes, in the above folder use:\n\n```shell\n git pull\n```\n\n## [Known Limitations](#pypiserver)\n\n**pypiserver** does not implement the full API as seen on [PyPI](https://pypi.org/). It\nimplements just enough to make **easy_install**, **pip install**, and\n**search** work.\n\nThe following limitations are known:\n\n- Command **pypi -U** that compares uploaded packages with *pypi* to see if\n they are outdated, does not respect a http-proxy environment variable\n (see [#19](https://github.com/pypiserver/pypiserver/issues/19).\n- It accepts documentation uploads but does not save them to\n disk (see [#47](https://github.com/pypiserver/pypiserver/issues/47) for a\n discussion)\n- It does not handle misspelled packages as *pypi-repo* does,\n therefore it is suggested to use it with **--extra-index-url** instead\n of **--index-url** (see [#38](https://github.com/pypiserver/pypiserver/issues/38%3E)).\n\nPlease use Github's [bugtracker](https://github.com/pypiserver/pypiserver/issues%3E)\nfor other bugs you find.\n\n## [Similar Projects](#pypiserver)\n\nThere are lots of other projects, which allow you to run your own\nPyPI server. If **pypiserver** doesn't work for you, the following are\namong the most popular alternatives:\n\n- [devpi-server](https://pypi.org/project/devpi/):\n a reliable fast pypi.org caching server, part of\n the comprehensive [github-style pypi index server and packaging meta tool](https://pypi.org/project/devpi/).\n (version: 2.1.4, access date: 8/3/2015)\n\n- Check this SO question: [How to roll my own pypi](http://stackoverflow.com/questions/1235331/how-to-roll-my-own-pypi)\n\n### [Unmaintained or archived](#pypiserver)\n\nThese projects were once alternatives to pypiserver but are now either unmaintained or archived.\n\n- [pip2pi](https://github.com/wolever/pip2pi)\n a simple cmd-line tool that builds a PyPI-compatible local folder from pip requirements\n\n- [flask-pypi-proxy](http://flask-pypi-proxy.readthedocs.org/)\n A proxy for PyPI that also enables uploading custom packages.\n\n## [Related Software](#pypiserver)\n\nThough not direct alternatives for **pypiserver**'s use as an index\nserver, the following is a list of related software projects that you\nmay want to familiarize with:\n\n- [pypi-uploader](https://pypi.org/project/pypi-uploader/):\n A command-line utility to upload packages to your **pypiserver** from pypi without\n having to store them locally first.\n\n- [twine](https://pypi.org/project/twine/):\n A command-line utility for interacting with PyPI or **pypiserver**.\n\n- [warehouse](https://github.com/pypa/warehouse/):\n the software that powers [PyPI](https://pypi.org/) itself. It is not generally intended to\n be run by end-users.\n\n# Licensing\n\n**pypiserver** contains a copy of [bottle](http://bottlepy.org/) which is available under the\nMIT license, and the remaining part is distributed under the zlib/libpng license.\nSee the **LICENSE.txt** file.\n",
"bugtrack_url": null,
"license": "",
"summary": "A minimal PyPI server for use with pip/easy_install.",
"version": "1.5.2",
"project_urls": {
"Homepage": "https://github.com/pypiserver/pypiserver"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "1221d5c076cbdac04149cdfd0401bf25d8c2d7d1efa2df4d33dde3e7bed48723",
"md5": "5743296b8f37a7a8917d0f7a091ebb0c",
"sha256": "0f1a347c945ebf640c81128fe5e4bb0bf053a30d8e81c61a6df10259f01c8681"
},
"downloads": -1,
"filename": "pypiserver_pluggable_backends-1.5.2-py2.py3-none-any.whl",
"has_sig": false,
"md5_digest": "5743296b8f37a7a8917d0f7a091ebb0c",
"packagetype": "bdist_wheel",
"python_version": "py2.py3",
"requires_python": ">=3.6",
"size": 93547,
"upload_time": "2023-08-24T03:01:27",
"upload_time_iso_8601": "2023-08-24T03:01:27.533546Z",
"url": "https://files.pythonhosted.org/packages/12/21/d5c076cbdac04149cdfd0401bf25d8c2d7d1efa2df4d33dde3e7bed48723/pypiserver_pluggable_backends-1.5.2-py2.py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "d6f3ade2d82c83505788413aea712b3c0c398b3ee33e7d479396aafdb9f38c8d",
"md5": "7892eabaead46cb341c45ddf7997a5d6",
"sha256": "8f10aec66711739d59f60aab3768169725281e5d6cd423d2c9829a4f5995db08"
},
"downloads": -1,
"filename": "pypiserver-pluggable-backends-1.5.2.tar.gz",
"has_sig": false,
"md5_digest": "7892eabaead46cb341c45ddf7997a5d6",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 185632,
"upload_time": "2023-08-24T03:01:29",
"upload_time_iso_8601": "2023-08-24T03:01:29.081904Z",
"url": "https://files.pythonhosted.org/packages/d6/f3/ade2d82c83505788413aea712b3c0c398b3ee33e7d479396aafdb9f38c8d/pypiserver-pluggable-backends-1.5.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-08-24 03:01:29",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "pypiserver",
"github_project": "pypiserver",
"travis_ci": false,
"coveralls": true,
"github_actions": true,
"tox": true,
"lcname": "pypiserver-pluggable-backends"
}
