diff --git a/compose/django/Dockerfile b/compose/django/Dockerfile index 2794dc1..9e684a9 100644 --- a/compose/django/Dockerfile +++ b/compose/django/Dockerfile @@ -17,14 +17,18 @@ RUN mkdir -p /var/log/gunicorn/ \ && chown -R root:django /var/log/gunicorn/ \ && chmod -R 770 /var/log/gunicorn/ +COPY ./compose/django/dev-gunicorn-mhackspace.sh /dev-gunicorn-mhackspace.sh COPY ./compose/django/live-gunicorn-mhackspace.sh /live-gunicorn-mhackspace.sh COPY ./compose/django/stage-gunicorn-mhackspace.sh /stage-gunicorn-mhackspace.sh COPY ./compose/django/entrypoint.sh /entrypoint.sh RUN sed -i 's/\r//' /entrypoint.sh \ && sed -i 's/\r//' /stage-gunicorn-mhackspace.sh \ && sed -i 's/\r//' /live-gunicorn-mhackspace.sh \ + && sed -i 's/\r//' /dev-gunicorn-mhackspace.sh \ && chmod +x /entrypoint.sh \ && chown django /entrypoint.sh \ + && chmod +x /dev-gunicorn-mhackspace.sh \ + && chown django /dev-gunicorn-mhackspace.sh \ && chmod +x /stage-gunicorn-mhackspace.sh \ && chown django /stage-gunicorn-mhackspace.sh \ && chmod +x /live-gunicorn-mhackspace.sh \ diff --git a/compose/django/Dockerfile-dev b/compose/django/Dockerfile-dev index 70b4eba..25d1394 100644 --- a/compose/django/Dockerfile-dev +++ b/compose/django/Dockerfile-dev @@ -1,18 +1,39 @@ -FROM python:3.5 +FROM python:3.6 ENV PYTHONUNBUFFERED 1 # Requirements have to be pulled and installed here, otherwise caching won't work COPY ./requirements /requirements -RUN pip install --cache-dir ./cache/pip -r /requirements/local.txt +RUN pip install --cache-dir ./cache/pip -r /requirements/local.txt \ + && groupadd -r django \ + && useradd -r -g django django + +COPY . /app + +RUN mkdir -p /var/log/gunicorn/ \ + && mkdir -p /data/sockets \ + && chown -R django /app \ + && chown -R root:django /var/log/gunicorn/ \ + && chmod -R 770 /var/log/gunicorn/ + +COPY ./compose/django/dev-gunicorn-mhackspace.sh /dev-gunicorn-mhackspace.sh +COPY ./compose/django/live-gunicorn-mhackspace.sh /live-gunicorn-mhackspace.sh +COPY ./compose/django/stage-gunicorn-mhackspace.sh /stage-gunicorn-mhackspace.sh COPY ./compose/django/entrypoint.sh /entrypoint.sh -RUN sed -i 's/\r//' /entrypoint.sh -RUN chmod +x /entrypoint.sh - -COPY ./compose/django/start-dev.sh /start-dev.sh -RUN sed -i 's/\r//' /start-dev.sh -RUN chmod +x /start-dev.sh +RUN sed -i 's/\r//' /entrypoint.sh \ + && sed -i 's/\r//' /stage-gunicorn-mhackspace.sh \ + && sed -i 's/\r//' /live-gunicorn-mhackspace.sh \ + && sed -i 's/\r//' /dev-gunicorn-mhackspace.sh \ + && chmod +x /entrypoint.sh \ + && chown django /entrypoint.sh \ + && chmod +x /dev-gunicorn-mhackspace.sh \ + && chown django /dev-gunicorn-mhackspace.sh \ + && chmod +x /stage-gunicorn-mhackspace.sh \ + && chown django /stage-gunicorn-mhackspace.sh \ + && chmod +x /live-gunicorn-mhackspace.sh \ + && chown django /live-gunicorn-mhackspace.sh \ + && chown django /data/sockets WORKDIR /app diff --git a/compose/django/dev-gunicorn-mhackspace.sh b/compose/django/dev-gunicorn-mhackspace.sh new file mode 100755 index 0000000..a1782e5 --- /dev/null +++ b/compose/django/dev-gunicorn-mhackspace.sh @@ -0,0 +1,5 @@ +#!/bin/sh +#python /app/manage.py collectstatic --noinput +#python /app/manage.py compilescss + +/usr/local/bin/gunicorn config.wsgi -w 2 -b unix:/data/sockets/dev-gunicorn-mhackspace.sock --reload --chdir=/app diff --git a/config/settings/local.py b/config/settings/local.py index e97a0e9..951667f 100644 --- a/config/settings/local.py +++ b/config/settings/local.py @@ -134,13 +134,13 @@ LOGGING = { }, 'loggers': { 'django.request': { - 'handlers': ['mail_admins', 'logfile'], + 'handlers': ['mail_admins'], 'level': 'ERROR', 'propagate': True }, 'django.security.DisallowedHost': { 'level': 'ERROR', - 'handlers': ['logfile', 'console', 'mail_admins'], + 'handlers': ['console', 'mail_admins'], 'propagate': True } } @@ -162,4 +162,5 @@ AWS_S3_SECURE_URLS = True STATIC_URL = '%s/%s/' % (AWS_S3_ENDPOINT_URL, AWS_STORAGE_BUCKET_NAME) STATICFILES_STORAGE = 'storages.backends.s3boto3.S3Boto3Storage' -COMPRESS_URL = '%s/%s/' % (AWS_S3_ENDPOINT_URL, AWS_STORAGE_BUCKET_NAME) +COMPRESS_URL = 'static/' +#/'%s/%s/' % (AWS_S3_ENDPOINT_URL, AWS_STORAGE_BUCKET_NAME) diff --git a/config/settings/nginx/maidstone-hackspace.org.uk b/config/settings/nginx/maidstone-hackspace.org.uk new file mode 100644 index 0000000..4255bb8 --- /dev/null +++ b/config/settings/nginx/maidstone-hackspace.org.uk @@ -0,0 +1,44 @@ +upstream app-dev { + server unix:/data/sockets/dev-gunicorn-mhackspace.sock fail_timeout=0; +} + +server { + listen 80; + server_name dev.maidstone-hackspace.org.uk; + root /var/www/maidstone-hackspace-website; + + resolver 8.8.8.8; + + server_tokens off; + add_header X-Frame-Options "ALLOW-FROM riot.im"; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header Strict-Transport-Security max-age=15768000; + + error_page 404 = /404.htm; + + location /media { + alias /var/www/maidstone-hackspace-website/mhackspace/media; + expires 1d; + add_header Pragma public; + add_header Cache-Control "public"; + } + + + location / { +# try_files $uri $uri; + access_log on; + proxy_redirect off; + proxy_pass http://app-dev; + proxy_pass_header Server; + + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-SSL-Protocol $ssl_protocol; + + proxy_ssl_session_reuse off; + } + +} + diff --git a/local.yml b/local.yml new file mode 100644 index 0000000..a16fde7 --- /dev/null +++ b/local.yml @@ -0,0 +1,79 @@ +version: '2' + +volumes: + sockets: + driver: local + postgres_data: + driver: local + postgres_backup: + driver: local + +services: + nginx: + image: olymk2/nginx + volumes: + - ./config/settings/nginx/maidstone-hackspace.org.uk:/etc/nginx/sites-enabled/default + - ./:/var/www + - sockets:/data/sockets + + postgres: + build: ./compose/postgres + volumes: + - postgres_data:/var/lib/postgresql/data + - postgres_backup:/backups + env_file: .env + + django: + build: + context: . + dockerfile: ./compose/django/Dockerfile-dev + user: django + depends_on: + - postgres + # - redis + command: /dev-gunicorn-mhackspace.sh + env_file: .env + volumes: + - .:/app + - sockets:/data/sockets + + # port 8125 + mailhog: + image: mailhog/mailhog + ports: + - "8125:8025" + + redis: + image: redis:latest + + celeryworker: + build: + context: . + dockerfile: ./compose/django/Dockerfile + env_file: .env + volumes: + - .:/app + depends_on: + - postgres + - redis + command: celery -A mhackspace.celeryapp worker -l INFO + + celerybeat: + build: + context: . + dockerfile: ./compose/django/Dockerfile + env_file: .env + volumes: + - .:/app + depends_on: + - postgres + - redis + command: celery -A mhackspace.celeryapp beat -l INFO + + # port 9000 by default + bucket: + image: minio/minio + env_file: .env + volumes: + - ./mhackspace:/data + command: server /data diff --git a/requirements/base.txt b/requirements/base.txt index 79f3c9f..7115af0 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -56,6 +56,10 @@ git+https://github.com/jrief/django-sass-processor.git libsass==0.13.2 lxml==3.7.3 +# WSGI Handler +# ------------------------------------------------ +gevent==1.2.2 +gunicorn==19.7.1 # Your custom requirements go here mock==2.0.0 diff --git a/requirements/production.txt b/requirements/production.txt index 493b750..c8dcdf7 100644 --- a/requirements/production.txt +++ b/requirements/production.txt @@ -2,15 +2,6 @@ # production that aren't in development. -r base.txt - - -# WSGI Handler -# ------------------------------------------------ -gevent==1.2.2 -gunicorn==19.7.1 - - - # Email backends for Mailgun, Postmark, SendGrid and more # ------------------------------------------------------- django-anymail==0.10