make explorer more production ready

allow explorer to be deployed in an production environment without using
stupid hacks and DEBUG = true
This commit is contained in:
stupidcomputer 2024-06-28 15:35:47 -05:00
parent 599fc41389
commit 1471dab714
9 changed files with 114 additions and 2 deletions

2
.env.prod Normal file
View File

@ -0,0 +1,2 @@
SECRET_KEY=change_me
DJANGO_ALLOWED_HOSTS=localhost 127.0.0.1 [::1]

1
.gitignore vendored
View File

@ -5,3 +5,4 @@ __pycache__
db.sqlite3
media
uploads/
staticfiles/

22
docker-compose.prod.yml Normal file
View File

@ -0,0 +1,22 @@
services:
web:
build:
context: ./franklincce
dockerfile: Dockerfile.prod
command: gunicorn franklincce.wsgi:application --bind 0.0.0.0:8000
volumes:
- static_volume:/home/app/web/staticfiles
expose:
- 8000
env_file:
- ./.env.prod
nginx:
build: ./nginx
volumes:
- static_volume:/home/app/web/staticfiles
ports:
- 1337:80
depends_on:
- web
volumes:
static_volume:

View File

@ -1,6 +1,6 @@
services:
web:
build: ./app
build: ./franklincce
command: python manage.py runserver 0.0.0.0:8000
volumes:
- ./franklincce/:/usr/src/app/

View File

@ -0,0 +1,55 @@
FROM python:3.11.4-slim-buster as builder
# set work directory
WORKDIR /usr/src/app
# set environment variables
ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1
# install system dependencies
RUN apt-get update && \
apt-get install -y --no-install-recommends gcc
COPY ./requirements.txt .
RUN pip wheel --no-cache-dir --no-deps --wheel-dir /usr/src/app/wheels -r requirements.txt
# pull official base image
FROM python:3.11.4-slim-buster
# create directory for the app user
RUN mkdir -p /home/app
# create the app user
RUN addgroup --system app && adduser --system --group app
# create the appropriate directories
ENV HOME=/home/app
ENV APP_HOME=/home/app/web
RUN mkdir $APP_HOME
RUN mkdir $APP_HOME/staticfiles
WORKDIR $APP_HOME
# install dependencies
RUN apt-get update && apt-get install -y --no-install-recommends netcat
COPY --from=builder /usr/src/app/wheels /wheels
COPY --from=builder /usr/src/app/requirements.txt .
RUN pip install --upgrade pip
RUN pip install --no-cache /wheels/*
# copy entrypoint.prod.sh
COPY ./entrypoint.prod.sh .
RUN sed -i 's/\r$//g' $APP_HOME/entrypoint.prod.sh
RUN chmod +x $APP_HOME/entrypoint.prod.sh
# copy project
COPY . $APP_HOME
# chown all the files to the app user
RUN chown -R app:app $APP_HOME
# change to the app user
USER app
# run entrypoint.prod.sh
ENTRYPOINT ["/home/app/web/entrypoint.prod.sh"]

3
franklincce/entrypoint.prod.sh Executable file
View File

@ -0,0 +1,3 @@
#!/bin/sh
exec "$@"

View File

@ -19,7 +19,10 @@ BASE_DIR = Path(__file__).resolve().parent.parent
SECRET_KEY = os.environ.get("SECRET_KEY")
DEBUG = bool(os.environ.get("DEBUG", default=0))
DEBUG = os.environ.get("DEBUG", default=0)
print(DEBUG)
DEBUG = bool(DEBUG)
print(DEBUG)
# 'DJANGO_ALLOWED_HOSTS' should be a single string of hosts with a space between each.
# For example: 'DJANGO_ALLOWED_HOSTS=localhost 127.0.0.1 [::1]'
@ -118,4 +121,8 @@ STATIC_URL = '/static/'
# Default primary key field type
# https://docs.djangoproject.com/en/4.2/ref/settings/#default-auto-field
STATIC_ROOT = BASE_DIR / "staticfiles"
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
CSRF_TRUSTED_ORIGINS = ["http://localhost:1337"]

4
nginx/Dockerfile Normal file
View File

@ -0,0 +1,4 @@
FROM nginx:1.25
RUN rm /etc/nginx/conf.d/default.conf
COPY nginx.conf /etc/nginx/conf.d

18
nginx/nginx.conf Normal file
View File

@ -0,0 +1,18 @@
upstream franklincce {
server web:8000;
}
server {
listen 80;
location / {
proxy_pass http://franklincce;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
}
location /static/ {
alias /home/app/web/staticfiles/;
}
}