diff --git a/.env.example b/.env.example index 7e46f26..1133251 100644 --- a/.env.example +++ b/.env.example @@ -1,8 +1,10 @@ +SECRET_KEY= + # 'dev' or whatever for dev environment, otherwise 'prod' to enable production environment ENV=dev # used only on production environment -HOST= +HOSTS= POSTGRES_DB=mumui POSTGRES_USER=mumui diff --git a/.gitignore b/.gitignore index 0daef0e..2377485 100644 --- a/.gitignore +++ b/.gitignore @@ -1,9 +1,13 @@ .ruff_cache __pycache__ -db.sqlite3 + venv -/static + +static + *.log *.pid -docker-compose.override.yml -.env \ No newline at end of file + +.env + +.deploy \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 222e5a4..c5d3de9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,12 +8,9 @@ WORKDIR /app RUN apt update && apt install -y -COPY startup.sh /app/ -COPY requirements.txt /app/ +COPY . /app/ RUN pip install -U pip RUN pip install -r requirements.txt -ENTRYPOINT [ "/app/startup.sh" ] - -EXPOSE 8000 \ No newline at end of file +ENTRYPOINT [ "/app/startup.sh" ] \ No newline at end of file diff --git a/Makefile b/Makefile index ae3dbba..2cd522e 100644 --- a/Makefile +++ b/Makefile @@ -1,17 +1,22 @@ ROOT_DIR = $(dir $(realpath $(lastword $(MAKEFILE_LIST)))) PYTHON = $(ROOT_DIR)venv/bin/python +REGISTRY := + +GIT_BRANCH = $(shell git rev-parse --abbrev-ref HEAD) +GIT_SHA = $(shell git rev-parse --short HEAD) +VERSION := 0.1.0 format: - @./venv/bin/black mumui/*.py deployment/*.py + @$(PYTHON) -m black mumui/*.py deployment/*.py lint: - @./venv/bin/ruff . + @$(PYTHON) -m ruff . dev: rm -rf venv python3 -m virtualenv venv - ./venv/bin/pip install -r requirements.txt - ./venv/bin/pip install -r requirements-dev.txt + $(PYTHON) -m pip install -r requirements.txt + $(PYTHON) -m pip install -r requirements-dev.txt django: docker build . -t mumui:local @@ -29,10 +34,31 @@ build: .PHONY: static static: - $(PYTHON) manage.py collectstatic --no-input + SECRET_KEY="" $(PYTHON) manage.py collectstatic --no-input + +run: pushpin-local nginx-local django + @docker compose up + +show: + @echo "branch: $(GIT_BRANCH)" + @echo "version: $(VERSION)" + @echo "registry: $(REGISTRY)" + +deploy: pushpin-local django static + @cp -pr static .deploy/prod/ + @cp -pr static .deploy/stage/ + + @docker tag pushpin:mumui $(REGISTRY)/pushpin:mumui + @docker push $(REGISTRY)/pushpin:mumui + + @docker tag mumui:local $(REGISTRY)/mumui:$(VERSION) + @docker push $(REGISTRY)/mumui:$(VERSION) + + @ngxsd mumui --env prod --var port=8090 --var version=$(VERSION) + @ngxsd mumui --env stage --var port=8090 --nginx + +destroy: + @ngxsd mumui --env prod --destroy + @ngxsd mumui --env stage --destroy -run: - docker compose up -stop: - docker compose down diff --git a/mumui/settings.py b/mumui/settings.py index 756f3cd..f9bbac6 100644 --- a/mumui/settings.py +++ b/mumui/settings.py @@ -21,15 +21,18 @@ BASE_DIR = Path(__file__).resolve().parent.parent # See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = "django-insecure-_c56%%c8%g%@5(3&thxi7ku2a&wst8lik*8@l0=#)ar)s86g36" +SECRET_KEY = os.environ["SECRET_KEY"] IS_PROD = os.getenv("ENV") == "prod" -HOST = "*" if not IS_PROD else os.getenv("HOST", "*") + +HOSTS = ["*"] +if IS_PROD: + HOSTS = os.environ["HOSTS"].split(",") # SECURITY WARNING: don't run with debug turned on in production! DEBUG = not IS_PROD -ALLOWED_HOSTS = ["*"] if not IS_PROD else [HOST.lstrip("https://")] +ALLOWED_HOSTS = [h.lstrip("https://") for h in HOSTS] # Application definition @@ -139,4 +142,4 @@ LOGOUT_REDIRECT_URL = "home" GRIP_URL = "http://pushpin:5561" EVENTSTREAM_CHANNELMANAGER_CLASS = "deployment.channels.DeploymentChannelManager" -CSRF_TRUSTED_ORIGINS = [HOST] if IS_PROD else ["http://localhost:8080"] +CSRF_TRUSTED_ORIGINS = HOSTS if IS_PROD else ["http://localhost:8080"] diff --git a/startup.sh b/startup.sh index 48b7a31..3e8bc44 100755 --- a/startup.sh +++ b/startup.sh @@ -3,7 +3,6 @@ pip install -r requirements.txt python manage.py makemigrations python manage.py migrate -python manage.py collectstatic --no-input DJANGO_SUPERUSER_PASSWORD=${ADMIN_PASSWORD} python manage.py createsuperuser --noinput --username admin --email admin@admin.fr