Skip to main content

A bunch of helpers for successfully running Pyramid on Heroku.

Project description

Introduction

pyramid_heroku is a collection of tweens and helpers to successfully run Pyramid on Heroku

It provides the following:

  • ClientAddr tween that sets real user’s IP to request.client_addr. Without this tween you cannot do IP-based geolocation, IP allowlisting, etc.

  • Host tween that sets request.host to proxied X-Forwarded-Host header (note: potential security risk)

  • HerokuappAccess tween that denies access to your app’s <app>.herokuapp.com domain for any non-allowlisted IPs. This is helpful because you don’t want anyone outside your team (i.e. usual visitors/users and search bots) to be able to visit <app>.heroku.com besides the domain the app is deployed on. This is for security and SEO purposes.

  • migrate.py script for automatically running alembic migrations on deploy.

  • maintenance.py script for controlling Heroku maintenance mode.

Installation

Just do

pip install pyramid_heroku

or

easy_install pyramid_heroku

Compatibility

pyramid_heroku runs with pyramid>=1.7 and python>=3.6. Other versions might also work.

Documentation

Usage example for tweens:

def main(global_config, **settings):$ cat .heroku/release.sh
    config = Configurator(settings=settings)
    config.include('pyramid_heroku.client_addr')
    config.include('pyramid_heroku.herokuapp_access')
    return config.make_wsgi_app()

The pyramid_heroku.herokuapp_access tween depends on pyramid_heroku.client_addr tween and it requires you to list allowlisted IPs in the pyramid_heroku.herokuapp_allowlist setting. A bypass is possible by setting the HEROKUAPP_ACCESS_BYPASS environment variable to a secret value and then sending a request with the HEROKUAPP_ACCESS_BYPASS header set to the same secret value.

The pyramid_heroku.client_addr tween sets request.client_addr to an IP we can trust. It handles IP spoofing via X-Forwarded-For headers and ignores Cloudflare’s IPs when using Cloudflare reverse proxy.

Usage example for automatic alembic migration script:

$ cat .heroku/release.sh
#!/usr/bin/env bash

set -e

echo "Running migrations"
python -m pyramid_heroku.migrate my_app etc/production.ini

echo "DONE!"

For migration script to work, you need to set the MIGRATE_API_SECRET_HEROKU env var in Heroku. This allows the migration script to use the Heroku API.

Before running DB migration, the script will enable Heroku maintenance mode if the app is not already in maintenance mode. After the migration, maintenance mode will be disabled only if it was enabled by the migration script.

Maintenance mode can also be enabled/disabled using the pyramid_heroku.maintenance script.

Usage example for enabling the Heroku maintenance mode:

python -m pyramid_heroku.maintenance on my_app etc/production.ini

If you use structlog, add the following configuration setting to your INI file to enable structlog-like logging:

pyramid_heroku.structlog = true

See tests for more examples.

Releasing

  1. Update CHANGES.rst.

  2. Update pyproject.toml version.

  3. Run poetry check.

  4. Run poetry publish --build.

We’re hiring!

At Niteo we regularly contribute back to the Open Source community. If you do too, we’d like to invite you to join our team!

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyramid_heroku-0.10.5.tar.gz (15.3 kB view details)

Uploaded Source

Built Distribution

pyramid_heroku-0.10.5-py3-none-any.whl (20.6 kB view details)

Uploaded Python 3

File details

Details for the file pyramid_heroku-0.10.5.tar.gz.

File metadata

  • Download URL: pyramid_heroku-0.10.5.tar.gz
  • Upload date:
  • Size: 15.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.8.3 CPython/3.11.9 Darwin/23.6.0

File hashes

Hashes for pyramid_heroku-0.10.5.tar.gz
Algorithm Hash digest
SHA256 bfe0adc85f384a39c71a615550ba970d13623536a9f28dc23c9cf8acea8481c3
MD5 9ce11edfa7cb01f2f2aa18bac2a6971f
BLAKE2b-256 c5b4503e6aaea47d4faa8a5a8f6aeba055b20f8c9513c90ab943f9bc257091da

See more details on using hashes here.

File details

Details for the file pyramid_heroku-0.10.5-py3-none-any.whl.

File metadata

  • Download URL: pyramid_heroku-0.10.5-py3-none-any.whl
  • Upload date:
  • Size: 20.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.8.3 CPython/3.11.9 Darwin/23.6.0

File hashes

Hashes for pyramid_heroku-0.10.5-py3-none-any.whl
Algorithm Hash digest
SHA256 1c47e1c8077626cc5c5730bd3d53b3333cf8035852191f8e14ccd0d6d80da86d
MD5 4ab075386f5689f711d5507687816e8f
BLAKE2b-256 18677cd51f54680a0a9b429dc98bcf336fc52f4b05811a3e28e47926d41805b5

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page