Docker for prodution setup.

9 years ago · bfeeb816da
10 changed files with 106 additions and 22 deletions
--- a/13
+++ b/13
@ -0,0 +1,13 @@
+FROM python:3.5
+RUN apt-get update
+RUN apt-get install -y nodejs npm
+RUN ln -s /usr/bin/nodejs /usr/bin/node
+RUN mkdir /code
+WORKDIR /code
+RUN mkdir requirements
+ADD bikeshop_project /code
+COPY requirements /code/requirements
+RUN pip install -r requirements/production.txt
+RUN npm install
+RUN npm run build-production
+RUN DJANGO_SETTINGS_MODULE=bikeshop.settings.production python manage.py collectstatic --no-input
--- a/bikeshop_project/bikeshop/settings/development.py
+++ b/bikeshop_project/bikeshop/settings/development.py
@ -12,10 +12,9 @@ ALLOWED_HOSTS = []
 DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
-        'NAME': 'bikeshop_development',
-        'USER': 'bikeshop',
-        'PASSWORD': 'password',
-        'HOST': '127.0.0.1',
+        'NAME': 'postgres',
+        'USER': 'postgres',
+        'HOST': 'db',
        'PORT': '5432',
    }
 }
@ -53,4 +52,4 @@ INSTALLED_APPS += [
 # Don't worry about IP addresses, just show the toolbar.
 DEBUG_TOOLBAR_CONFIG = {
    'SHOW_TOOLBAR_CALLBACK': lambda *args: True
-}
+}
--- a/bikeshop_project/bikeshop/settings/production.py
+++ b/bikeshop_project/bikeshop/settings/production.py
@ -4,24 +4,13 @@ from .base import *
 # SECURITY WARNING: keep the secret key used in production secret!
 WSGI_APPLICATION = 'bikeshop.wsgi.application'

-SECRET_KEY = os.environ['DJANGO_SECRET_KEY']
+SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', 'secret')

 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = False

 ALLOWED_HOSTS = ['shop.bcbc.bike']

-DATABASES = {
-    'default': {
-        'ENGINE': 'django.db.backends.postgresql',
-        'NAME': 'bikeshop_production',
-        'USER': 'bikeshop',
-        'PASSWORD': os.environ['DJANGO_DB_PASSWORD'],
-        'HOST': '127.0.0.1',
-        'PORT': '5432',
-    }
-}
-
 LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
@ -56,4 +45,4 @@ WEBPACK_LOADER = {
        'POLL_INTERVAL': 0.1,
        'IGNORE': ['.+\.hot-update.js', '.+\.map']
    }
-}
+}
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@ -0,0 +1,34 @@
+version: "2"
+services:
+  nginx:
+    build:
+      context: docker/nginx
+    ports:
+      - "80:80"
+    links:
+      - workstand
+    volumes_from:
+      - workstand:ro
+  workstand:
+    build:
+      context: .
+      dockerfile: Dockerfile-prod
+    image: workstand:production
+    env_file:
+      - workstand.env
+    command: gunicorn --log-file=- -b 0.0.0.0:8000 bikeshop.wsgi:application
+    environment:
+      - DJANGO_SETTINGS_MODULE=bikeshop.settings.production
+    volumes:
+      - static:/code/static
+    depends_on:
+      - redis
+      - db
+  redis:
+    restart: always
+  db:
+    restart: always
+
+volumes:
+  static:
+    external: false
--- a/docker/nginx/Dockerfile
+++ b/docker/nginx/Dockerfile
@ -0,0 +1,2 @@
+FROM nginx:alpine
+COPY conf/* /etc/nginx/conf.d/
--- a/docker/nginx/conf/nginx-site.conf
+++ b/docker/nginx/conf/nginx-site.conf
@ -0,0 +1,46 @@
+# server {
+#        listen 80;
+#        server_name www.shop.bcbc.bike;
+#        # $scheme will get the http protocol
+#        # and 301 is best practice for tablet, phone, desktop and seo
+#        return 301 https://shop.bcbc.bike$request_uri;
+#}
+#server {
+#        listen 80;
+#        server_name shop.bcbc.bike;
+#        # $scheme will get the http protocol
+#        # and 301 is best practice for tablet, phone, desktop and seo
+#        return 301 https://shop.bcbc.bike$request_uri;
+#}
+server {
+    # listen 443 ssl;
+    listen 80;
+    server_name shop.bcbc.bike;
+
+    # ssl_certificate /etc/letsencrypt/live/{{ app_domain_name }}/fullchain.pem;
+    # ssl_certificate_key /etc/letsencrypt/live/{{ app_domain_name }}/privkey.pem;
+
+    # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    # ssl_prefer_server_ciphers on;
+    # ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
+
+    location = /favicon.ico { access_log off; log_not_found off; }
+    keepalive_timeout 5;
+    root /code;
+
+    location / {
+      # checks for static file, if not found proxy to app
+      try_files $uri @proxy_to_app;
+    }
+
+    location @proxy_to_app {
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      # enable this if and only if you use HTTPS
+      # proxy_set_header X-Forwarded-Proto https;
+      proxy_set_header Host $http_host;
+      # we don't want nginx trying to do something clever with
+      # redirects, we set the Host: header above already.
+      proxy_redirect off;
+      proxy_pass http://workstand:8000;
+    }
+}
--- a/requirements/base.txt
+++ b/requirements/base.txt
@ -1,4 +1,4 @@
-Django==1.9.4
+Django==1.9.7
 pytz==2015.7
 django-widget-tweaks==1.4.1
 psycopg2==2.6.1
@ -9,4 +9,5 @@ whoosh==2.7.4
 git+git://github.com/django-haystack/django-haystack.git
 djangorestframework
 django-webpack-loader
-requests
+requests
+PyYAML
--- a/requirements/development.txt
+++ b/requirements/development.txt
@ -1,5 +1,3 @@
 -r base.txt
 -r testing.txt
 django-debug-toolbar
-PyYAML
-gunicorn==19.4.5
--- a/requirements/production.txt
+++ b/requirements/production.txt
@ -1 +1,2 @@
 -r base.txt
+gunicorn==19.4.5
--- a/workstand.env
+++ b/workstand.env
@ -0,0 +1 @@
+DJANGO_SECRET_KEY=jfdklsafja438fj84pfh843afhapwfhsfuh
			`@ -0,0 +1 @@`
			`DJANGO_SECRET_KEY=jfdklsafja438fj84pfh843afhapwfhsfuh`