-
Notifications
You must be signed in to change notification settings - Fork 38
Deployment: Heroku
replaced by: https://docs.hypha.app/deployment/heroku
Set up two addresses per environment, one for the public site and one for the apply site.
Add the addresses first to Heroku to get the the DNS target for the CNAME entry.
OBS! If you are using Cloudflare ignore the DNS targets and use the Heroku application URL instead, something like [dev-app-name].herokuapp.com.
Add redirects for robots.txt and favicon.ico to /static/robots.txt and /static/favicon.ico.
Create a Heroku app for your project. A dev, test and live environment is good to have.
Connect the Heroku app to your git repo or push your code directly to Heroku. If you are using GitHub I recommend selecting it as the "deployment method".
Then so the following steps for each environment.
- Set these settings as a minimum:
- API_BASE_URL
- BASIC_AUTH_ENABLED
- BASIC_AUTH_LOGIN
- BASIC_AUTH_PASSWORD
- DJANGO_SETTINGS_MODULE
- EMAIL_HOST
- ON_HEROKU=true (so correct production settings gets loaded)
- ORG_LONG_NAME
- ORG_SHORT_NAME
- ORG_EMAIL
- SECRET_KEY
- SEND_MESSAGES
- SERVER_EMAIL
- STAFF_EMAIL_DOMAINS
Generate secret key with:
python -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())"
-
Add Heroku Postgres as a add-on. "Hobby dev" or "Hobby basic" works for dev and test and "Standard 0" is a good start for production.
-
Add buildpacks for Nodejs and Python, make sure Nodejs is listed first.
-
Temporarily remove the "release" step from the "Procfile". It has a clear cache step that will fail until the cache tables are created.
-
Deploy the appropriate branch.
-
Activate dynos to run your app. For dev and test the "Hobby" level works well. For production a "Standard-2X" with a dyno count of 2 and WEB_CONCURRENCY set to 3 performance well.
-
Run the following commands from the command line with the help of heroku-cli. If it's the first time you use heroku-cli you first need to login with
heroku login.
$ heroku run python manage.py migrate -a [name-of-app]
$ heroku run python manage.py createcachetable -a [name-of-app]
$ heroku run python manage.py createsuperuser -a [name-of-app]
$ heroku run python manage.py wagtailsiteupdate [the-public-address] [the-apply-address] 443 -a [name-of-app]
- Now add the "release" step back to the "Procfile" and deploy again.
You should now have a running site.
Set up a bucket for private files and another for public files. Private files are uploads on submissions.
Set these settings as a minimum:
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AWS_STORAGE_BUCKET_NAME (most often same as AWS_PUBLIC_BUCKET_NAME)
- AWS_PRIVATE_BUCKET_NAME
- AWS_PUBLIC_BUCKET_NAME
Optionally set these as well:
- AWS_PUBLIC_CUSTOM_DOMAIN
- AWS_QUERYSTRING_EXPIRE
Properties:
Versioning enabled. Default encryption enables AES-256
CORS configuration:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
Properties:
Versioning enabled.
Access Control List:
Public access -> Everyone -> List Yes
CORS configuration:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
Bucket policy:
{
"Version": "2012-10-17",
"Id": "Policy1562302603386",
"Statement": [
{
"Sid": "Stmt1562302600239",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::public.example.com/*"
}
]
}
Set:
- MAILGUN_API_KEY
And it should just work.