ConceptProd/ConceptPortal-public
1
0
Fork 0
mirror of https://github.com/IRBorisov/ConceptPortal.git synced 2025-06-26 04:50:36 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Setup https for prod

Browse Source
This commit is contained in:
IRBorisov 2023-08-09 16:55:53 +03:00
parent a38cca9c0d
commit cd96ad2274
14 changed files with 41 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.dockerignore
View File

@ -59,4 +59,5 @@ bower_components
# Specific items # Specific items
docker-compose.yml docker-compose-dev.yml
docker-compose-prod.yml

1
.gitignore vendored
View File

@ -1,5 +1,6 @@
# SECURITY SENSITIVE FILES # SECURITY SENSITIVE FILES
secrets/ secrets/
cert/
# External distributions # External distributions
rsconcept/backend/import/*.whl rsconcept/backend/import/*.whl

2
README.md
View File

@ -9,6 +9,8 @@ This readme file is used mostly to document project dependencies
- run rsconcept\backend\LocalEnvSetup.ps1 - run rsconcept\backend\LocalEnvSetup.ps1
- run 'npm install' in rsconcept\frontend - run 'npm install' in rsconcept\frontend
- use VSCode configs in root folder to start developement - use VSCode configs in root folder to start developement
- production: create secrets secrets\db_password.txt and django_key.txt
- production: provide TLS certificate nginx\cert\portal-cert.pem and nginx\cert\portal-key.pem
# Frontend stack & Tooling [Vite + React + Typescript] # Frontend stack & Tooling [Vite + React + Typescript]
<details> <details>

47
docker-compose-dev.yml
View File

@ -1,47 +0,0 @@
volumes:
postgres_volume:
name: "postgres-db"
django_static_volume:
name: "static"
django_media_volume:
name: "media"
networks:
default:
name: concept-api-net
services:
frontend:
restart: always
depends_on:
- backend
build:
context: ./rsconcept/frontend
ports:
- 3000:3000
command: serve -s /home/node -l 3000
backend:
restart: always
depends_on:
- postgresql-db
build:
context: ./rsconcept/backend
env_file: ./rsconcept/backend/.env.dev
ports:
- 8000:8000
volumes:
- django_static_volume:/home/app/web/static
- django_media_volume:/home/app/web/media
command:
gunicorn -w 3 project.wsgi --bind 0.0.0.0:8000
postgresql-db:
restart: always
image: postgres:alpine
env_file: ./postgresql/.env.dev
volumes:
- postgres_volume:/var/lib/postgresql/data

8
docker-compose-prod.yml
View File

@ -23,8 +23,8 @@ services:
- backend - backend
build: build:
context: ./rsconcept/frontend context: ./rsconcept/frontend
ports: expose:
- 3000:3000 - 3000
command: serve -s /home/node -l 3000 command: serve -s /home/node -l 3000
@ -67,11 +67,11 @@ services:
build: build:
context: ./nginx context: ./nginx
ports: ports:
- 8000:80 - 8000:8000
- 3000:3000
depends_on: depends_on:
- backend - backend
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'" command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
volumes: volumes:
- django_static_volume:/var/www/static - django_static_volume:/var/www/static
- django_media_volume:/var/www/media - django_media_volume:/var/www/media

1
nginx/Dockerfile
View File

@ -2,3 +2,4 @@ FROM nginx:stable-alpine3.17-slim
# Сopу nginx configuration to the proxy-server # Сopу nginx configuration to the proxy-server
COPY ./default.conf /etc/nginx/conf.d/default.conf COPY ./default.conf /etc/nginx/conf.d/default.conf
COPY ./cert/* /etc/ssl/private/

25
nginx/default.conf
View File

@ -1,12 +1,17 @@
upstream innerdjango { upstream innerdjango {
server backend:8000; server backend:8000;
# `backend` is the service's name in docker-compose.yml, }
# The `innerdjango` is the name of upstream, used by nginx below.
upstream innerreact {
server frontend:3000;
} }
server { server {
listen 80; listen 8000 ssl;
ssl_certificate /etc/ssl/private/portal-cert.pem;
ssl_certificate_key /etc/ssl/private/portal-key.pem;
server_name dev.concept.ru www.dev.concept.ru portal.acconcept.ru www.portal.acconcept.ru; server_name dev.concept.ru www.dev.concept.ru portal.acconcept.ru www.portal.acconcept.ru;
location / { location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host; proxy_set_header Host $host;
@ -20,3 +25,17 @@ server {
alias /var/www/media/; alias /var/www/media/;
} }
} }
server {
listen 3000 ssl;
ssl_certificate /etc/ssl/private/portal-cert.pem;
ssl_certificate_key /etc/ssl/private/portal-key.pem;
server_name dev.concept.ru www.dev.concept.ru portal.acconcept.ru www.portal.acconcept.ru;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://innerreact;
proxy_redirect default;
}
}

3
postgresql/.env.dev
View File

@ -1,3 +0,0 @@
POSTGRES_USER=dev-test-user
POSTGRES_PASSWORD=02BD82EE0D
POSTGRES_DB=dev-db

28
rsconcept/backend/.env.dev
View File

@ -1,28 +0,0 @@
# !! THIS IS NOT THE FINAL PRODUCTION SETTINGS !!
# PLEASE MAKE SURE TO SETUP A PROPER ENV FILE OUTSIDE SOURCE CONTROL SYSTEM
# Application settings
SECRET_KEY=django-insecure-)rq@!&v7l2r%2%q#n!uq+zk@=&yc0^&ql^7%2!%9u)vt1x&j=d
ALLOWED_HOSTS=rs.acconcept.ru;localhost;portal.acconcept.ru
CSRF_TRUSTED_ORIGINS=http://rs.acconcept.ru:3000;http://localhost:3000
CORS_ALLOWED_ORIGINS=http://rs.acconcept.ru:3000;http://localhost:3000
# File locations
STATIC_ROOT=/home/app/web/static
MEDIA_ROOT=/home/app/web/media
# Database settings
DB_ENGINE=django.db.backends.postgresql_psycopg2
DB_NAME=dev-db
DB_USER=dev-test-user
DB_PASSWORD=02BD82EE0D
DB_HOST=postgresql-db
DB_PORT=5432
# Debug settings
DEBUG=1
PYTHONDEVMODE=1
PYTHONTRACEMALLOC=1

4
rsconcept/backend/.env.prod
View File

@ -1,8 +1,8 @@
# Application settings # Application settings
ALLOWED_HOSTS=localhost;portal.acconcept.ru;dev.concept.ru ALLOWED_HOSTS=localhost;portal.acconcept.ru;dev.concept.ru
CSRF_TRUSTED_ORIGINS=http://dev.concept.ru:3000;http://localhost:3000;http://portal.acconcept.ru:3000 CSRF_TRUSTED_ORIGINS=https://dev.concept.ru:3000;https://localhost:3000;https://portal.acconcept.ru:3000
CORS_ALLOWED_ORIGINS=http://dev.concept.ru:3000;http://localhost:3000;http://portal.acconcept.ru:3000 CORS_ALLOWED_ORIGINS=https://dev.concept.ru:3000;https://localhost:3000;https://portal.acconcept.ru:3000
# File locations # File locations

24
rsconcept/frontend/.gitignore vendored
View File

@ -1,24 +0,0 @@
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
lerna-debug.log*
node_modules
dist
dist-ssr
*.local
# Editor directories and files
.vscode/*
!.vscode/extensions.json
.idea
.DS_Store
*.suo
*.ntvs*
*.njsproj
*.sln
*.sw?

4
rsconcept/frontend/package-lock.json generated
View File

@ -1,12 +1,12 @@
{ {
"name": "frontend", "name": "frontend",
"version": "0.1.0", "version": "1.0.0",
"lockfileVersion": 3, "lockfileVersion": 3,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "frontend", "name": "frontend",
"version": "0.1.0", "version": "1.0.0",
"dependencies": { "dependencies": {
"axios": "^1.4.0", "axios": "^1.4.0",
"js-file-download": "^0.4.12", "js-file-download": "^0.4.12",

2
rsconcept/frontend/package.json
View File

@ -1,7 +1,7 @@
{ {
"name": "frontend", "name": "frontend",
"private": true, "private": true,
"version": "0.1.0", "version": "1.0.0",
"type": "module", "type": "module",
"scripts": { "scripts": {
"test": "jest", "test": "jest",

10
rsconcept/frontend/vite.config.ts
View File

@ -1,14 +1,10 @@
import react from '@vitejs/plugin-react' import react from '@vitejs/plugin-react';
import { defineConfig } from 'vite' import { defineConfig } from 'vite';
// https://vitejs.dev/config/ // https://vitejs.dev/config/
export default defineConfig({ export default defineConfig({
plugins: [react()], plugins: [react()],
server: { server: {
port: 3000, port: 3000
// https: {
// key: fs.readFileSync('cert/portal-key.pem'),
// cert: fs.readFileSync('cert/portal-cert.pem'),
// }
} }
}) })