Skip to content

Networking

Classes

Networking

1
Networking(*args, **kwargs)

OptionsGroup

Networking related stuff. Socket definition, binding and tuning.

name 

1
.name: str = ''

Name to represent the group.

plugin 

1
.plugin: bool | str = False

Indication this option group belongs to a plugin.

register_socket

1
2
3
.register_socket(
    socket: Socket | list[Socket],  # (1)!
)
  1. Socket type object. See .sockets.

Registers the given socket(s) for further use.

set_basic_params

1
2
3
4
5
6
.set_basic_params(
    queue_size: int | None = None,  # (1)!
    freebind: bool | None = None,  # (2)!
    default_socket_type: str | None | type[Socket] = None,  # (3)!
    buffer_size: int | None = None,  # (4)!
)

  1. Also known as a backlog. Every socket has an associated queue where request will be put waiting for a process to became ready to accept them. When this queue is full, requests will be rejected.

    Default: 100 (an average value chosen by the maximum value allowed by default by your kernel).

    Note

    The maximum value is system/kernel dependent. Before increasing it you may need to increase your kernel limit too.

  2. Put socket in freebind mode. Allows binding to non-existent network addresses.

    Note

    Linux only.

  3. Force the socket type as default. See .sockets.

  4. Set the internal buffer max size - size of a request (request-body excluded), this generally maps to the size of request headers. Default: 4096 bytes (4k) / page size.

    The amount of variables you can add per-request is limited by the uwsgi packet buffer (). You can increase it up to 65535 (64k) with this option.

    Note

    If you receive a bigger request (for example with big cookies or query string) so that "invalid request block size" is logged in your logs you may need to increase it. It is a security measure too, so adapt to your app needs instead of maxing it out.

set_bsd_socket_params

1
2
3
.set_bsd_socket_params(
    port_reuse: bool | None = None,  # (1)!
)
  1. Enable REUSE_PORT flag on socket to allow multiple instances binding on the same address (BSD only).

Sets BSD-sockets related params.

set_sni_dir_params

1
.set_sni_dir_params(dir: str, ciphers: str | None = None)

Enable checking for cert/key/client_ca file in the specified directory and create a sni/ssl context on demand.

Expected filenames: * .crt * .key * .ca - this file is optional

set_sni_params

1
2
3
4
5
6
7
8
.set_sni_params(
    name: str,  # (1)!
    cert: str,  # (2)!
    key: str,  # (3)!
    ciphers: str | None = None,  # (4)!
    client_ca: str | None = None,  # (5)!
    wildcard: bool = False,  # (6)!
)

  1. Node/server/host name.

  2. Certificate file.

  3. Private key file.

  4. Ciphers [alias] string.

    1
2
3
4
5
6
    Example:
    * DEFAULT
    * HIGH
    * DHE, EDH

* <https://www.openssl.org/docs/man1.1.0/apps/ciphers.html>

  5. Client CA file for client-based auth.

    1
2
    .. note: You can prepend ! (exclamation mark) to make client certificate
    authentication mandatory.

  6. Allow regular expressions in name (used for wildcard certificates).

Allows setting Server Name Identification (virtual hosting for SSL nodes) params.

set_socket_params

1
2
3
4
5
6
7
8
.set_socket_params(
    timeout: int | None = None,  # (1)!
    send_timeout: int | None = None,  # (2)!
    keep_alive: bool | None = None,  # (3)!
    no_defer_accept: bool | None = None,  # (4)!
    buffer_send: int | None = None,  # (5)!
    buffer_receive: int | None = None,  # (6)!
)

  1. Internal sockets timeout. Default: 4.

  2. Send (write) timeout in seconds.

  3. Enable TCP KEEPALIVEs.

  4. Disable deferred accept() on sockets by default (where available) uWSGI will defer the accept() of requests until some data is sent by the client (this is a security/performance measure). If you want to disable this feature for some reason, specify this option.

  5. Set SO_SNDBUF (bytes).

  6. Set SO_RCVBUF (bytes).

Sets common socket params.

set_ssl_params

1
2
3
4
5
6
7
8
9
.set_ssl_params(
    verbose_errors: bool | None = None,  # (1)!
    sessions_cache: Strbool = None,  # (2)!
    sessions_timeout: int | None = None,  # (3)!
    session_context: str | None = None,  # (4)!
    raw_options: Intlist = None,  # (5)!
    dir_tmp: str | None = None,  # (6)!
    client_cert_var: str | None = None,  # (7)!
)

  1. Be verbose about SSL errors.

  2. Use uWSGI cache for ssl sessions storage.

    1
2
3
4
5
    Accepts either bool or cache name string.

* <http://uwsgi.readthedocs.io/en/latest/SSLScaling.html>

.. warning:: Please be sure to configure cache before setting this.

  3. Set SSL sessions timeout in seconds. Default: 300.

  4. Session context identifying string. Can be set to static shared value to avoid session rejection.

    Default: a value built from the HTTP server address.

  5. Set a raw ssl option by its numeric value.

  6. Store ssl-related temp files (e.g. pem data) in the specified directory.

  7. Export uWSGI variable HTTPS_CC containing the raw client certificate.

set_unix_socket_params

1
2
3
4
5
6
.set_unix_socket_params(
    abstract: bool | None = None,  # (1)!
    permissions: str | None = None,  # (2)!
    owner: str | None = None,  # (3)!
    umask: str | None = None,  # (4)!
)

  1. Force UNIX socket into abstract mode (Linux only).

  2. UNIX sockets are filesystem objects that obey UNIX permissions like any other filesystem object.

    You can set the UNIX sockets' permissions with this option if your webserver would otherwise have no access to the uWSGI socket. When used without a parameter, the permissions will be set to 666. Otherwise the specified chmod value will be used.

  3. Chown UNIX sockets.

  4. Set UNIX socket umask.

Sets Unix-socket related params.

sockets

1
.sockets()

Available socket types to use with .register_socket().

from_dsn 
1
2
3
4
.from_dsn(
    dsn: str,  # (1)!
    allow_shared_sockets: bool | None = None,  # (2)!
) -> Socket

  1. Data source name, e.g:

    Note

    Some schemas: fastcgi, http, https, raw, scgi, shared, udp, uwsgi, suwsgi, zeromq

  2. Allows using shared sockets to bind to privileged ports. If not provided automatic mode is enabled: shared are allowed if current user is not root.

Constructs socket configuration object from DSN.

Note

This will also automatically use shared sockets to bind to priviledged ports when non root.