Securely Integrating MoinMoin in TwistedWeb2
One interesting way to deploy MoinMoin > 1.5.5a in a twisted.web2 webserver environment is to use the MoinMoin wsgi method. Best is to isolate MoinMoin in its own user jail (optionally chrooted automatically by twistd) to avoid any potential future security problem in MoinMoin to expose or alter any information related to the core of the twisted.web2 webserver, or alternatively to be able to move MoinMoin to a different server or virtual machine later. To achieve the user separation the twisted.web2 SGI client/server works fine.
This is the SGI server running as user "moin" (start with "twistd twisted_moin.tac"):
1 from twisted.web2 import server, wsgi, channel, log, resource, static
2 import os
3
4 LOGPATH = os.path.expanduser('~moin/moin_logs/http.log')
5 use_threads = True
6 CONFIG_DIR = os.path.expanduser('~moin/moin/config')
7
8 import sys
9 sys.path.insert(0, CONFIG_DIR)
10
11 # Set threads flag, so other code can use proper locking
12 from MoinMoin import config
13 config.use_threads = use_threads
14 del config
15
16 from MoinMoin.server.wsgi import moinmoinApp
17 wsgi_wiki = wsgi.WSGIResource(moinmoinApp)
18
19 class root_class(resource.Resource):
20 addSlash = True
21
22 child_htdocs = static.File(os.path.expanduser('~moin/moin/htdocs'))
23 child_cpushare = wsgi_wiki
24 child_klive = wsgi_wiki
25
26 def locateChild(self, req, segments):
27 if len(segments) >= 2:
28 return super(root_class, self).locateChild(req, segments)
29 else:
30 return None, ()
31
32 root = root_class()
33 #root = log.LogWrapperResource(root)
34 #log.FileAccessLoggingObserver(LOGPATH).start()
35 site = server.Site(root)
36
37 from twisted.application import service, strports
38 application = service.Application("moinmoin")
39 #s = strports.service('tcp:8080', channel.HTTPFactory(site))
40 s = strports.service('tcp:8829:interface=127.0.0.1', channel.SCGIFactory(site))
41 s.setServiceParent(application)
You need to edit the variables to fit your moin installation paths.
On the SGI client side (i.e. normally the core of your twisted.web2 webserver running on port http or https) you need to add a child page like this:
Hope this helps.