cgiacofei/TandoorRecipes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated examples

Browse Source
This commit is contained in:
vabene1111 2020-06-03 20:54:38 +02:00
parent 6f24b7d34e
commit 9ac3d79b95
7 changed files with 142 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.env.template
View File

@ -7,10 +7,6 @@ ALLOWED_HOSTS=*
# random secret key, use for example base64 /dev/urandom | head -c50 to generate one # random secret key, use for example base64 /dev/urandom | head -c50 to generate one
SECRET_KEY= SECRET_KEY=
# serve mediafiles directly using gunicorn, technically not a "best practice" but for the expected small deployments
# of this application absolutely sufficient. If 0 (False) some kind of webserver (for example nginx) is needed to server mediafiles
GUNICORN_MEDIA=1
# add only a database password if you want to run with the default postgres, otherwise change settings accordingly # add only a database password if you want to run with the default postgres, otherwise change settings accordingly
DB_ENGINE=django.db.backends.postgresql_psycopg2 DB_ENGINE=django.db.backends.postgresql_psycopg2
POSTGRES_HOST=db_recipes POSTGRES_HOST=db_recipes
@ -18,3 +14,8 @@ POSTGRES_PORT=5432
POSTGRES_USER=djangodb POSTGRES_USER=djangodb
POSTGRES_PASSWORD= POSTGRES_PASSWORD=
POSTGRES_DB=djangodb POSTGRES_DB=djangodb
# Serve mediafiles directly using gunicorn. Basically everyone recommends not doing this. Please use any of the examples
# provided that include an additional nxginx container to handle media file serving.
# If you know what you are doing turn this back on (1) to serve media files using djangos serve() method.
GUNICORN_MEDIA=0

1
.idea/dictionaries/vabene1111_PC.xml
View File

@ -2,6 +2,7 @@
<dictionary name="vabene1111-PC"> <dictionary name="vabene1111-PC">
<words> <words>
<w>gunicorn</w> <w>gunicorn</w>
<w>traefik</w>
</words> </words>
</dictionary> </dictionary>
</component> </component>

4
docs/docker/nginx-proxy/nginx/conf.d/Recipes.conf
View File

@ -4,10 +4,6 @@ server {
client_max_body_size 16M; client_max_body_size 16M;
# serve static files
location /static/ {
alias /static/;
}
# serve media files # serve media files
location /media/ { location /media/ {
alias /media/; alias /media/;

64
docs/docker/traefik-nginx/README.md Normal file
View File

@ -0,0 +1,64 @@
This is the recommended setup to run django recipes with traefik.
----
Please refer to the traefik documentation on how to setup a docker service in traefik. Since treafik can be a little
confusing at times, the following are examples of my traefik configuration.
You need to create a network called `traefik` using `docker network create traefik`.
## docker-compose.yml
```
version: "3.3"
services:
traefik:
image: "traefik:v2.1"
container_name: "traefik"
ports:
- "443:443"
- "80:80"
- "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./config:/etc/traefik/"
networks:
default:
external:
name: traefik
```
## traefik.toml
Place this in a directory called `config` as this is mounted into the traefik container (see docer compose).
**Change the email address accordingly**.
```
[api]
insecure=true
[providers.docker]
endpoint = "unix:///var/run/docker.sock"
exposedByDefault = false
network = "traefik"
#[log]
# level = "DEBUG"
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web_secure]
address = ":443"
[certificatesResolvers.le_resolver.acme]
email = "you_email@mail.com"
storage = "/letsencrypt/acme.json"
tlsChallenge=true
```

46
docs/docker/traefik-nginx/docker-compose.yml Normal file
View File

@ -0,0 +1,46 @@
version: "3"
services:
db_recipes:
restart: always
image: postgres:11-alpine
volumes:
- ./postgresql:/var/lib/postgresql/data
env_file:
- ./.env
networks:
- default
web_recipes:
image: vabene1111/recipes
restart: always
env_file:
- ./.env
volumes:
- ./staticfiles:/opt/recipes/staticfiles
- ./mediafiles:/opt/recipes/mediafiles
depends_on:
- db_recipes
networks:
- default
nginx_recipes:
image: nginx:mainline-alpine
restart: always
env_file:
- ./.env
volumes:
- ./nginx/conf.d:/etc/nginx/conf.d
- ./mediafiles:/media
labels: # traefik example labels
- "traefik.enable=true"
- "traefik.http.routers.recipes.rule=Host(`recipes.mydomain.com`, `recipes.myotherdomain.com`)"
- "traefik.http.routers.recipes.entrypoints=web_secure"
- "traefik.http.routers.recipes.tls.certresolver=le_resolver"
networks:
- default
- traefik
networks:
default:
traefik: # This is you external traefik network
external: true

16
docs/docker/traefik-nginx/nginx/conf.d/Recipes.conf Normal file
View File

@ -0,0 +1,16 @@
server {
listen 80;
server_name localhost;
client_max_body_size 16M;
# serve media files
location /media/ {
alias /media/;
}
# pass requests for dynamic content to gunicorn
location / {
proxy_set_header Host $host;
proxy_pass http://web_recipes:8080;
}
}

9
docs/docker/traefik/README.md
View File

@ -1,3 +1,12 @@
# Important Information
Although this application allows running without any webserver in front of gunicorn it is heavily recommended by almost
everyone **not** to do this. It is hard to find exact explanations and appears not to be a security but only
a performance risk but that is just my personal interpretation.
**If you dont know what you are doing please choose the traefik-nginx config**
----
Please refer to the traefik documentation on how to setup a docker service in traefik. Since treafik can be a little Please refer to the traefik documentation on how to setup a docker service in traefik. Since treafik can be a little
confusing at times, the following are examples of my traefik configuration. confusing at times, the following are examples of my traefik configuration.