pyramid_heroku
==============
Introduction
------------
pyramid_heroku is a collection of tweens and helpers to successfully run `Pyramid <http://www.trypyramid.com/>`_ on `Heroku <https://heroku.com/>`_
It provides the following:
* ``ClientAddr`` tween that sets real user's IP to ``request.client_addr``. Without this tween you cannot do IP-based geolocation, IP allowlisting, etc.
* ``Host`` tween that sets `request.host` to proxied `X-Forwarded-Host` header (note: potential security risk)
* ``HerokuappAccess`` tween that denies access to your app's ``<app>.herokuapp.com`` domain for any non-allowlisted IPs. This is helpful because you don't want anyone outside your team (i.e. usual visitors/users and search bots) to be able to visit ``<app>.heroku.com`` besides the domain the app is deployed on. This is for security and SEO purposes.
* ``migrate.py`` script for automatically running alembic migrations on deploy.
* ``maintenance.py`` script for controlling Heroku maintenance mode.
Installation
------------
Just do
``pip install pyramid_heroku``
or
``easy_install pyramid_heroku``
Compatibility
-------------
pyramid_heroku runs with pyramid>=1.7 and python>=3.6.
Other versions might also work.
Documentation
-------------
Usage example for tweens::
def main(global_config, **settings):$ cat .heroku/release.sh
config = Configurator(settings=settings)
config.include('pyramid_heroku.client_addr')
config.include('pyramid_heroku.herokuapp_access')
return config.make_wsgi_app()
The ``pyramid_heroku.herokuapp_access`` tween depends on
``pyramid_heroku.client_addr`` tween and it requires you to list allowlisted IPs
in the ``pyramid_heroku.herokuapp_allowlist`` setting. A bypass is possible
by setting the `HEROKUAPP_ACCESS_BYPASS` environment variable to a secret value
and then sending a request with the `User-Agent` header set to the same secret value.
The ``pyramid_heroku.client_addr`` tween sets request.client_addr to an IP we
can trust. It handles IP spoofing via ``X-Forwarded-For`` headers and
ignores Cloudflare's IPs when using Cloudflare reverse proxy.
Usage example for automatic alembic migration script::
$ cat .heroku/release.sh
#!/usr/bin/env bash
set -e
echo "Running migrations"
python -m pyramid_heroku.migrate my_app etc/production.ini
echo "DONE!"
For migration script to work, you need to set the ``MIGRATE_API_SECRET_HEROKU``
env var in Heroku. This allows the migration script to use the Heroku API.
Before running DB migration, the script will enable `Heroku maintenance mode <https://devcenter.heroku.com/articles/maintenance-mode>`_
if the app is not already in maintenance mode. After the migration, maintenance mode will
be disabled only if it was enabled by the migration script.
Maintenance mode can also be enabled/disabled using the ``pyramid_heroku.maintenance`` script.
Usage example for enabling the Heroku maintenance mode::
python -m pyramid_heroku.maintenance on my_app etc/production.ini
If you use structlog, add the following configuration setting to your INI file to enable structlog-like logging::
pyramid_heroku.structlog = true
See tests for more examples.
Releasing
---------
#. Update CHANGES.rst.
#. Update pyproject.toml version.
#. Run ``poetry check``.
#. Run ``poetry publish --build``.
We're hiring!
-------------
At Niteo we regularly contribute back to the Open Source community. If you do too, we'd like to invite you to `join our team
<https://niteo.co/careers/>`_!
Raw data
{
"_id": null,
"home_page": "https://github.com/teamniteo/pyramid_heroku",
"name": "pyramid_heroku",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.6",
"maintainer_email": null,
"keywords": "pyramid, heroku, pylons, web",
"author": "Niteo",
"author_email": "info@niteo.co",
"download_url": "https://files.pythonhosted.org/packages/a2/e3/2a9e7d8fe38f906490f6ab904342566bacc754a659107eb592c13a562cb4/pyramid_heroku-0.11.tar.gz",
"platform": null,
"description": "pyramid_heroku\n==============\n\nIntroduction\n------------\n\npyramid_heroku is a collection of tweens and helpers to successfully run `Pyramid <http://www.trypyramid.com/>`_ on `Heroku <https://heroku.com/>`_\n\nIt provides the following:\n\n* ``ClientAddr`` tween that sets real user's IP to ``request.client_addr``. Without this tween you cannot do IP-based geolocation, IP allowlisting, etc.\n* ``Host`` tween that sets `request.host` to proxied `X-Forwarded-Host` header (note: potential security risk)\n* ``HerokuappAccess`` tween that denies access to your app's ``<app>.herokuapp.com`` domain for any non-allowlisted IPs. This is helpful because you don't want anyone outside your team (i.e. usual visitors/users and search bots) to be able to visit ``<app>.heroku.com`` besides the domain the app is deployed on. This is for security and SEO purposes. \n* ``migrate.py`` script for automatically running alembic migrations on deploy.\n* ``maintenance.py`` script for controlling Heroku maintenance mode.\n\n\nInstallation\n------------\n\nJust do\n\n``pip install pyramid_heroku``\n\nor\n\n``easy_install pyramid_heroku``\n\n\nCompatibility\n-------------\n\npyramid_heroku runs with pyramid>=1.7 and python>=3.6.\nOther versions might also work.\n\n\nDocumentation\n-------------\n\nUsage example for tweens::\n\n def main(global_config, **settings):$ cat .heroku/release.sh\n config = Configurator(settings=settings)\n config.include('pyramid_heroku.client_addr')\n config.include('pyramid_heroku.herokuapp_access')\n return config.make_wsgi_app()\n\nThe ``pyramid_heroku.herokuapp_access`` tween depends on\n``pyramid_heroku.client_addr`` tween and it requires you to list allowlisted IPs\nin the ``pyramid_heroku.herokuapp_allowlist`` setting. A bypass is possible\nby setting the `HEROKUAPP_ACCESS_BYPASS` environment variable to a secret value\nand then sending a request with the `User-Agent` header set to the same secret value.\n\nThe ``pyramid_heroku.client_addr`` tween sets request.client_addr to an IP we\ncan trust. It handles IP spoofing via ``X-Forwarded-For`` headers and\nignores Cloudflare's IPs when using Cloudflare reverse proxy.\n\n\nUsage example for automatic alembic migration script::\n\n $ cat .heroku/release.sh\n #!/usr/bin/env bash\n\n set -e\n\n echo \"Running migrations\"\n python -m pyramid_heroku.migrate my_app etc/production.ini\n\n echo \"DONE!\"\n\nFor migration script to work, you need to set the ``MIGRATE_API_SECRET_HEROKU``\nenv var in Heroku. This allows the migration script to use the Heroku API.\n\n\nBefore running DB migration, the script will enable `Heroku maintenance mode <https://devcenter.heroku.com/articles/maintenance-mode>`_\nif the app is not already in maintenance mode. After the migration, maintenance mode will\nbe disabled only if it was enabled by the migration script.\n\nMaintenance mode can also be enabled/disabled using the ``pyramid_heroku.maintenance`` script.\n\nUsage example for enabling the Heroku maintenance mode::\n\n python -m pyramid_heroku.maintenance on my_app etc/production.ini\n\n\nIf you use structlog, add the following configuration setting to your INI file to enable structlog-like logging::\n\n pyramid_heroku.structlog = true\n\n\nSee tests for more examples.\n\n\n\nReleasing\n---------\n\n#. Update CHANGES.rst.\n#. Update pyproject.toml version.\n#. Run ``poetry check``.\n#. Run ``poetry publish --build``.\n\n\nWe're hiring!\n-------------\n\nAt Niteo we regularly contribute back to the Open Source community. If you do too, we'd like to invite you to `join our team\n<https://niteo.co/careers/>`_!\n",
"bugtrack_url": null,
"license": "BSD-3-Clause",
"summary": "A bunch of helpers for successfully running Pyramid on Heroku.",
"version": "0.11",
"project_urls": {
"Homepage": "https://github.com/teamniteo/pyramid_heroku"
},
"split_keywords": [
"pyramid",
" heroku",
" pylons",
" web"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "34fd513e1375fdb739b6a28ee6eca842fcd7499e152f3041d7673ec2eb4a5bed",
"md5": "948cd16868120422499048fca2dd89e7",
"sha256": "d151955338b29eca8e3fcf74ab86f241ae9f0d3a60f0e76755084a39aa0b4e6c"
},
"downloads": -1,
"filename": "pyramid_heroku-0.11-py3-none-any.whl",
"has_sig": false,
"md5_digest": "948cd16868120422499048fca2dd89e7",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.6",
"size": 20709,
"upload_time": "2024-11-22T21:37:25",
"upload_time_iso_8601": "2024-11-22T21:37:25.448679Z",
"url": "https://files.pythonhosted.org/packages/34/fd/513e1375fdb739b6a28ee6eca842fcd7499e152f3041d7673ec2eb4a5bed/pyramid_heroku-0.11-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "a2e32a9e7d8fe38f906490f6ab904342566bacc754a659107eb592c13a562cb4",
"md5": "8c16b0b71a1e2f56924500acc3bd7e22",
"sha256": "02f1ef22420c75831855a6a32c9b394f7e8a74d6f39aba0c09a1feb95f7138eb"
},
"downloads": -1,
"filename": "pyramid_heroku-0.11.tar.gz",
"has_sig": false,
"md5_digest": "8c16b0b71a1e2f56924500acc3bd7e22",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 15465,
"upload_time": "2024-11-22T21:37:27",
"upload_time_iso_8601": "2024-11-22T21:37:27.254894Z",
"url": "https://files.pythonhosted.org/packages/a2/e3/2a9e7d8fe38f906490f6ab904342566bacc754a659107eb592c13a562cb4/pyramid_heroku-0.11.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-11-22 21:37:27",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "teamniteo",
"github_project": "pyramid_heroku",
"travis_ci": false,
"coveralls": true,
"github_actions": true,
"circle": true,
"lcname": "pyramid_heroku"
}
JSON
