TiTiler
We are running DevSeed TiTiler on the Cyverse OpenStack Cloud
For this we are running a xl
instance (16-cores, 64 GB RAM, 200 GiB Disk ) with Ubuntu 22.04 and Docker
Instructions for DevSeed TiTiler¶
Start Docker¶
We are running TiTiler with Docker:
docker run \
--name titiler \
--env FORWARDED_ALLOW_IPS=*
--env REDIRECT_URL=https://titiler.cyverse.org \
-p 8000:8000 \
--env PORT=8000 \
--env WORKERS_PER_CORE=1 \
--restart always \
-d \
-it \
ghcr.io/developmentseed/titiler:latest
To ensure that the container is always alive and is healthy, we are running a cron
job every 5 minutes to test it and restart it as necessary
*/5 * * * * docker ps -f health=unhealthy --format "docker restart {{.ID}}" | sh
NGINX¶
Install nginx
sudo apt install apache2-utils nginx
modify /etc/nginx/sites-enabled/default
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /etc/ssl/certs/cyverse.org.fullchain.crt;
ssl_certificate_key /etc/ssl/private/cyverse.org.key;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
proxy_pass http://localhost:8000;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
Add Certs
Add .key
and .crt
to:
$ /etc/ssl/private/
$ /etc/ssl/certs/
Start a new tmux
session.
Check and Restart nginx
sudo systemctl status nginx
sudo systemctl restart nginx
Last update:
2024-03-21