diff --git a/DEPLOYMENT.md b/DEPLOYMENT.md index 6f5c29a..ca7483c 100644 --- a/DEPLOYMENT.md +++ b/DEPLOYMENT.md @@ -2,16 +2,22 @@ ## Deployment with Docker (recommended quickstart) -This was a bit rushed so the deployment utilizes a single docker file `docker-compose.prod.yml` in the root of the directory +This was a bit rushed so the deployment utilizes a single +docker file `docker-compose.prod.yml` in the root of the directory I wanted some simple instructions below to configure the deployment -Be sure to use the proper hostname (batdetectai.kitware.com) in all locations that require it. +Be sure to use the proper hostname (batdetectai.kitware.com) in +all locations that require it. ## Docker Compose Differences -I created a `client` service which has it's own Dockerfile and builds the vue client app. The `client` service also uses a reverse proxy to route `/api`, `/admin` fields to the django server. -The client will need to be built with a different Client ID for accessing the server. +I created a `client` service which has it's own Dockerfile and +builds the vue client app. +The `client` service also uses a reverse proxy to route +`/api`, `/admin` fields to the django server. +The client will need to be built with a different Client ID +for accessing the server. ### Initial Setup for Deployment @@ -21,7 +27,7 @@ The client will need to be built with a different Client ID for accessing the se 3. Run `docker compose run --rm django ./manage.py makeclient \ --username your.super.user@email.address \ --uri https://batdetectai.kitware.com/` -4. Run `docker compose run --rm django ./manage.py collectstatic` to collect the static files +4. Run `docker compose run --rm django ./manage.py collectstatic`to collect the static files 5. Run `docker compose -f docker-compose.prod.yml up` to start the server add `-d` for a silent version to run in the background 6. Copy over the ./dev/.env.prod.docker-compose.template to `./dev/.env.prod.docker-compose.template` and change the default passwords 7. Change the ID in the `./client/env.production` to a custom ID @@ -30,4 +36,4 @@ The client will need to be built with a different Client ID for accessing the se ### system.d service -Service that will automatically start and launch the server \ No newline at end of file +Service that will automatically start and launch the server diff --git a/bats_ai/settings.py b/bats_ai/settings.py index c780ed7..97925a5 100644 --- a/bats_ai/settings.py +++ b/bats_ai/settings.py @@ -1,5 +1,6 @@ from __future__ import annotations +import os from pathlib import Path from composed_configuration import ( @@ -10,7 +11,7 @@ ProductionBaseConfiguration, TestingBaseConfiguration, ) -from composed_configuration._configuration import _BaseConfiguration, HttpsMixin +from composed_configuration._configuration import _BaseConfiguration from configurations import values @@ -78,7 +79,8 @@ class TestingConfiguration(BatsAiMixin, TestingBaseConfiguration): class KitwareConfiguration(BatsAiMixin, _BaseConfiguration): - SECRET_KEY = 'secretkey' # Dummy value for local development configuration + SECRET_KEY = values.SecretValue() + baseHost = os.environ['SERVERHOSTNAME'] EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' DEFAULT_FILE_STORAGE = 'minio_storage.storage.MinioMediaStorage' MINIO_STORAGE_ENDPOINT = values.Value( @@ -95,8 +97,9 @@ class KitwareConfiguration(BatsAiMixin, _BaseConfiguration): MINIO_STORAGE_AUTO_CREATE_MEDIA_POLICY = 'READ_WRITE' MINIO_STORAGE_MEDIA_USE_PRESIGNED = True MINIO_STORAGE_MEDIA_URL = 'http://127.0.0.1:9000/django-storage' - ALLOWED_HOSTS = ['batdetectai.kitware.com'] - CSRF_TRUSTED_ORIGINS = ["https://batdetectai.kitware.com", "https://www.batdetectai.kitware.com"] + ALLOWED_HOSTS = [baseHost] + CSRF_TRUSTED_ORIGINS = [f'https://{baseHost}', f'https://{baseHost}'] + CORS_ORIGIN_WHITELIST = [f'https://{baseHost}', f'https://{baseHost}'] class ProductionConfiguration(BatsAiMixin, ProductionBaseConfiguration): diff --git a/client/README.md b/client/README.md index 35a6427..4bf6c06 100644 --- a/client/README.md +++ b/client/README.md @@ -30,8 +30,8 @@ git grep CHANGEME ## Recommended IDE Setup -- [VSCode](https://code.visualstudio.com/) -- [Volar](https://marketplace.visualstudio.com/items?itemName=johnsoncodehk.volar) +* [VSCode](https://code.visualstudio.com/) +* [Volar](https://marketplace.visualstudio.com/items?itemName=johnsoncodehk.volar) ## Type Support For `.vue` Imports in TS diff --git a/dev/.env.prod.docker-compose.template b/dev/.env.prod.docker-compose.template index 3e265a5..f03ed11 100644 --- a/dev/.env.prod.docker-compose.template +++ b/dev/.env.prod.docker-compose.template @@ -8,6 +8,6 @@ DJANGO_MINIO_STORAGE_ACCESS_KEY=minioAccessKey DJANGO_MINIO_STORAGE_SECRET_KEY=minioSecretKey DJANGO_STORAGE_BUCKET_NAME=django-storage DJANGO_MINIO_STORAGE_ENDPOINT=minio:9000 -DJANGO_CORS_ORIGIN_WHITELIST=http://batdetectai.kitware.com -DJANGO_EMAIL_URL=submission://USER:PASSWORD@smtp.sendgrid.com -DJANGO_ALLOWED_HOSTS=['batdetectai.kitware.com'] +SERVERHOSTNAME=batdetectai.kitware.com +DJANGO_SECRET_KEY=changeme +ACME_EMAIL=Bryon.Lewis@kitware.com diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index 61dbd63..e47f978 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -6,6 +6,7 @@ services: restart: always image: traefik:v2.4 container_name: traefik + env_file: ./dev/.env.prod.docker-compose networks: - django-nginx command: > @@ -26,7 +27,7 @@ services: # Traefik HTTPS Redirect - "traefik.enable=true" - "traefik.http.routers.http-catchall.entrypoints=web" - - "traefik.http.routers.http-catchall.rule=Host(`batdetectai.kitware.com`)" + - "traefik.http.routers.http-catchall.rule=Host(`${SERVERHOSTNAME}``)" - "traefik.http.routers.http-catchall.middlewares=redirect-to-https-mddl@docker" - "traefik.http.middlewares.redirect-to-https-mddl.redirectscheme.scheme=https" volumes: @@ -84,13 +85,14 @@ services: build: context: . dockerfile: ./dev/client.Dockerfile + env_file: ./dev/.env.prod.docker-compose networks: - django-nginx depends_on: - django labels: - "traefik.http.routers.client-rtr.entrypoints=websecure" - - "traefik.http.routers.client-rtr.rule=Host(`batdetectai.kitware.com`)" + - "traefik.http.routers.client-rtr.rule=Host(`${SERVERHOSTNAME}`)" - "traefik.enable=true" - "traefik.http.services.client-svc.loadbalancer.server.port=80" postgres: