updated examples

TandoorRecipes · Jun 3, 2020 · 9ac3d79 · 9ac3d79
1 parent 6f24b7d
commit 9ac3d79
Show file tree

Hide file tree

Showing 7 changed files with 142 additions and 9 deletions.
diff --git a/.env.template b/.env.template
@@ -7,14 +7,15 @@ ALLOWED_HOSTS=*
 # random secret key, use for example base64 /dev/urandom | head -c50 to generate one
 SECRET_KEY=
 
-# serve mediafiles directly using gunicorn, technically not a "best practice" but for the expected small deployments
-# of this application absolutely sufficient. If 0 (False) some kind of webserver (for example nginx) is needed to server mediafiles
-GUNICORN_MEDIA=1
-
 # add only a database password if you want to run with the default postgres, otherwise change settings accordingly
 DB_ENGINE=django.db.backends.postgresql_psycopg2
 POSTGRES_HOST=db_recipes
 POSTGRES_PORT=5432
 POSTGRES_USER=djangodb
 POSTGRES_PASSWORD=
-POSTGRES_DB=djangodb
+POSTGRES_DB=djangodb
+
+# Serve mediafiles directly using gunicorn. Basically everyone recommends not doing this. Please use any of the examples
+# provided that include an additional nxginx container to handle media file serving.
+# If you know what you are doing turn this back on (1) to serve media files using djangos serve() method.
+GUNICORN_MEDIA=0
diff --git a/.idea/dictionaries/vabene1111_PC.xml b/.idea/dictionaries/vabene1111_PC.xml
diff --git a/docs/docker/nginx-proxy/nginx/conf.d/Recipes.conf b/docs/docker/nginx-proxy/nginx/conf.d/Recipes.conf
@@ -4,10 +4,6 @@ server {
 
   client_max_body_size 16M;
 
-  # serve static files
-  location /static/ {
-    alias /static/;
-  }
   # serve media files
   location /media/ {
     alias /media/;

diff --git a/docs/docker/traefik-nginx/README.md b/docs/docker/traefik-nginx/README.md
@@ -0,0 +1,64 @@
+This is the recommended setup to run django recipes with traefik.
+
+----
+
+Please refer to the traefik documentation on how to setup a docker service in traefik. Since treafik can be a little
+confusing at times, the following are examples of my traefik configuration.
+
+
+You need to create a network called `traefik` using `docker network create traefik`.
+## docker-compose.yml
+
+```
+version: "3.3"
+
+services:
+
+  traefik:
+    image: "traefik:v2.1"
+    container_name: "traefik"
+    ports:
+      - "443:443"
+      - "80:80"
+      - "8080:8080"
+    volumes:
+      - "./letsencrypt:/letsencrypt"
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - "./config:/etc/traefik/"
+
+
+networks:
+    default:
+       external:
+         name: traefik
+```
+
+## traefik.toml
+Place this in a directory called `config` as this is mounted into the traefik container (see docer compose).
+**Change the email address accordingly**.
+```
+[api]
+  insecure=true
+
+[providers.docker]
+  endpoint = "unix:///var/run/docker.sock"
+  exposedByDefault = false
+  network = "traefik"
+
+#[log]
+#  level = "DEBUG"
+
+[entryPoints]
+  [entryPoints.web]
+    address = ":80"
+
+  [entryPoints.web_secure]
+    address = ":443"
+
+[certificatesResolvers.le_resolver.acme]
+
+  email = "[email protected]"
+  storage = "/letsencrypt/acme.json"
+
+  tlsChallenge=true
+```
diff --git a/docs/docker/traefik-nginx/docker-compose.yml b/docs/docker/traefik-nginx/docker-compose.yml
@@ -0,0 +1,46 @@
+version: "3"
+services:
+  db_recipes:
+    restart: always
+    image: postgres:11-alpine
+    volumes:
+      - ./postgresql:/var/lib/postgresql/data
+    env_file:
+      - ./.env
+    networks:
+      - default
+
+  web_recipes:
+    image: vabene1111/recipes
+    restart: always
+    env_file:
+      - ./.env
+    volumes:
+      - ./staticfiles:/opt/recipes/staticfiles
+      - ./mediafiles:/opt/recipes/mediafiles
+    depends_on:
+      - db_recipes
+    networks:
+      - default
+
+  nginx_recipes:
+    image: nginx:mainline-alpine
+    restart: always
+    env_file:
+      - ./.env
+    volumes:
+      - ./nginx/conf.d:/etc/nginx/conf.d
+      - ./mediafiles:/media
+    labels: # traefik example labels
+      - "traefik.enable=true"
+      - "traefik.http.routers.recipes.rule=Host(`recipes.mydomain.com`, `recipes.myotherdomain.com`)"
+      - "traefik.http.routers.recipes.entrypoints=web_secure"
+      - "traefik.http.routers.recipes.tls.certresolver=le_resolver"
+    networks:
+      - default
+      - traefik
+
+networks:
+  default:
+  traefik: # This is you external traefik network
+    external: true
diff --git a/docs/docker/traefik-nginx/nginx/conf.d/Recipes.conf b/docs/docker/traefik-nginx/nginx/conf.d/Recipes.conf
@@ -0,0 +1,16 @@
+server {
+  listen 80;
+  server_name localhost;
+
+  client_max_body_size 16M;
+
+  # serve media files
+  location /media/ {
+    alias /media/;
+  }
+  # pass requests for dynamic content to gunicorn
+  location / {
+    proxy_set_header Host $host;
+    proxy_pass http://web_recipes:8080;
+  }
+}
diff --git a/docs/docker/traefik/README.md b/docs/docker/traefik/README.md
@@ -1,3 +1,12 @@
+# Important Information
+Although this application allows running without any webserver in front of gunicorn it is heavily recommended by almost 
+everyone **not** to do this. It is hard to find exact explanations and appears not to be a security but only
+a performance risk but that is just my personal interpretation.
+
+**If you dont know what you are doing please choose the traefik-nginx config**
+
+----
+
 Please refer to the traefik documentation on how to setup a docker service in traefik. Since treafik can be a little
 confusing at times, the following are examples of my traefik configuration.