Example server setup

There are many ways to configure a server to run HybriD³ and Qresp instances. Here, we provide an example Nginx/Gunicorn configuration that has proven to work.

First, create and start the systemd units that run HybriD³/Qresp via the Gunicorn servers:

# /etc/systemd/system/qresp.socket

[Unit]
Description = qresp socket

[Socket]
ListenStream = /run/qresp.sock

[Install]
WantedBy = sockets.target

# /etc/systemd/system/qresp.service

[Unit]
Description = qresp daemon
Requires = qresp.socket
After = network.target

[Service]
User = apache
Group = apache
WorkingDirectory = /var/www/qresp/web
ExecStart = /var/www/qresp/web/venv/bin/gunicorn \
          --workers 2 \
          --bind unix:/run/qresp.sock \
          project:app

[Install]
WantedBy = multi-user.target

# /etc/systemd/system/matd3.socket

[Unit]
Description = matd3 socket

[Socket]
ListenStream = /run/matd3.sock

[Install]
WantedBy = sockets.target

# /etc/systemd/system/matd3.service

[Unit]
Description = matd3 daemon
Requires = matd3.socket
After = network.target

[Service]
User = nginx
Group = nginx
WorkingDirectory = /var/www/matd3-database
ExecStart = /var/www/matd3-database/venv/bin/gunicorn \
          --workers 2 \
          --bind unix:/run/matd3.sock \
          mainproject.wsgi

[Install]
WantedBy = multi-user.target

Note that the sockets should be started in system and not user mode. Then, start the Nginx server with the following configurations:

# /etc/nginx/sites-enabled/qresp.conf

server {
    listen              443 ssl;
    server_name         qresp.hybrid3.duke.edu;
    ssl_certificate     <path to .cer file>;
    ssl_certificate_key <path to .key file>;
    root /var/www/qresp/web;
    location / {
        try_files $uri @backend;
    }
    location @backend {
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://unix:/run/qresp.sock;
    }
}

# /etc/nginx/sites-enabled/matd3.conf

server {
    listen              443 ssl;
    server_name         matd3.com;
    ssl_certificate     <path to .cer file>;
    ssl_certificate_key <path to .key file>;
    root /var/www/matd3-database;
    location / {
        try_files $uri @backend;
    }
    location @backend {
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://unix:/run/matd3.sock;
    }
}