diff --git a/Dockerfile-prod b/Dockerfile-prod new file mode 100644 index 0000000..8514a75 --- /dev/null +++ b/Dockerfile-prod @@ -0,0 +1,13 @@ +FROM python:3.5 +RUN apt-get update +RUN apt-get install -y nodejs npm +RUN ln -s /usr/bin/nodejs /usr/bin/node +RUN mkdir /code +WORKDIR /code +RUN mkdir requirements +ADD bikeshop_project /code +COPY requirements /code/requirements +RUN pip install -r requirements/production.txt +RUN npm install +RUN npm run build-production +RUN DJANGO_SETTINGS_MODULE=bikeshop.settings.production python manage.py collectstatic --no-input diff --git a/bikeshop_project/bikeshop/settings/development.py b/bikeshop_project/bikeshop/settings/development.py index 8b641d8..60d1f1f 100644 --- a/bikeshop_project/bikeshop/settings/development.py +++ b/bikeshop_project/bikeshop/settings/development.py @@ -12,10 +12,9 @@ ALLOWED_HOSTS = [] DATABASES = { 'default': { 'ENGINE': 'django.db.backends.postgresql', - 'NAME': 'bikeshop_development', - 'USER': 'bikeshop', - 'PASSWORD': 'password', - 'HOST': '127.0.0.1', + 'NAME': 'postgres', + 'USER': 'postgres', + 'HOST': 'db', 'PORT': '5432', } } @@ -53,4 +52,4 @@ INSTALLED_APPS += [ # Don't worry about IP addresses, just show the toolbar. DEBUG_TOOLBAR_CONFIG = { 'SHOW_TOOLBAR_CALLBACK': lambda *args: True -} \ No newline at end of file +} diff --git a/bikeshop_project/bikeshop/settings/production.py b/bikeshop_project/bikeshop/settings/production.py index 8e8d54e..f4004be 100644 --- a/bikeshop_project/bikeshop/settings/production.py +++ b/bikeshop_project/bikeshop/settings/production.py @@ -4,24 +4,13 @@ from .base import * # SECURITY WARNING: keep the secret key used in production secret! WSGI_APPLICATION = 'bikeshop.wsgi.application' -SECRET_KEY = os.environ['DJANGO_SECRET_KEY'] +SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', 'secret') # SECURITY WARNING: don't run with debug turned on in production! DEBUG = False ALLOWED_HOSTS = ['shop.bcbc.bike'] -DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': 'bikeshop_production', - 'USER': 'bikeshop', - 'PASSWORD': os.environ['DJANGO_DB_PASSWORD'], - 'HOST': '127.0.0.1', - 'PORT': '5432', - } -} - LOGGING = { 'version': 1, 'disable_existing_loggers': False, @@ -56,4 +45,4 @@ WEBPACK_LOADER = { 'POLL_INTERVAL': 0.1, 'IGNORE': ['.+\.hot-update.js', '.+\.map'] } -} \ No newline at end of file +} diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml new file mode 100644 index 0000000..9a3f6be --- /dev/null +++ b/docker-compose.prod.yml @@ -0,0 +1,34 @@ +version: "2" +services: + nginx: + build: + context: docker/nginx + ports: + - "80:80" + links: + - workstand + volumes_from: + - workstand:ro + workstand: + build: + context: . + dockerfile: Dockerfile-prod + image: workstand:production + env_file: + - workstand.env + command: gunicorn --log-file=- -b 0.0.0.0:8000 bikeshop.wsgi:application + environment: + - DJANGO_SETTINGS_MODULE=bikeshop.settings.production + volumes: + - static:/code/static + depends_on: + - redis + - db + redis: + restart: always + db: + restart: always + +volumes: + static: + external: false diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile new file mode 100644 index 0000000..e8c5ebb --- /dev/null +++ b/docker/nginx/Dockerfile @@ -0,0 +1,2 @@ +FROM nginx:alpine +COPY conf/* /etc/nginx/conf.d/ diff --git a/docker/nginx/conf/nginx-site.conf b/docker/nginx/conf/nginx-site.conf new file mode 100644 index 0000000..eb812db --- /dev/null +++ b/docker/nginx/conf/nginx-site.conf @@ -0,0 +1,46 @@ +# server { +# listen 80; +# server_name www.shop.bcbc.bike; +# # $scheme will get the http protocol +# # and 301 is best practice for tablet, phone, desktop and seo +# return 301 https://shop.bcbc.bike$request_uri; +#} +#server { +# listen 80; +# server_name shop.bcbc.bike; +# # $scheme will get the http protocol +# # and 301 is best practice for tablet, phone, desktop and seo +# return 301 https://shop.bcbc.bike$request_uri; +#} +server { + # listen 443 ssl; + listen 80; + server_name shop.bcbc.bike; + + # ssl_certificate /etc/letsencrypt/live/{{ app_domain_name }}/fullchain.pem; + # ssl_certificate_key /etc/letsencrypt/live/{{ app_domain_name }}/privkey.pem; + + # ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + # ssl_prefer_server_ciphers on; + # ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; + + location = /favicon.ico { access_log off; log_not_found off; } + keepalive_timeout 5; + root /code; + + location / { + # checks for static file, if not found proxy to app + try_files $uri @proxy_to_app; + } + + location @proxy_to_app { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # enable this if and only if you use HTTPS + # proxy_set_header X-Forwarded-Proto https; + proxy_set_header Host $http_host; + # we don't want nginx trying to do something clever with + # redirects, we set the Host: header above already. + proxy_redirect off; + proxy_pass http://workstand:8000; + } +} diff --git a/requirements/base.txt b/requirements/base.txt index 636588d..335c0a3 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -1,4 +1,4 @@ -Django==1.9.4 +Django==1.9.7 pytz==2015.7 django-widget-tweaks==1.4.1 psycopg2==2.6.1 @@ -9,4 +9,5 @@ whoosh==2.7.4 git+git://github.com/django-haystack/django-haystack.git djangorestframework django-webpack-loader -requests \ No newline at end of file +requests +PyYAML diff --git a/requirements/development.txt b/requirements/development.txt index b570dc0..1f503bd 100644 --- a/requirements/development.txt +++ b/requirements/development.txt @@ -1,5 +1,3 @@ -r base.txt -r testing.txt django-debug-toolbar -PyYAML -gunicorn==19.4.5 \ No newline at end of file diff --git a/requirements/production.txt b/requirements/production.txt index a3e81b8..a945c48 100644 --- a/requirements/production.txt +++ b/requirements/production.txt @@ -1 +1,2 @@ -r base.txt +gunicorn==19.4.5 diff --git a/workstand.env b/workstand.env new file mode 100644 index 0000000..4f77618 --- /dev/null +++ b/workstand.env @@ -0,0 +1 @@ +DJANGO_SECRET_KEY=jfdklsafja438fj84pfh843afhapwfhsfuh