docker env fixes to make development simpler

Author: =

.env.example

@@ -1,4 +1,6 @@
-DEBUG='False'
+DEBUG='False' # True for development
+NGINX_IMAGE='lscr.io/linuxserver/swag' # leave unset for development
+NGINX_CONF='./nginx.prod.conf' # leave unset for development
 SECRET_KEY='secret'
 DATABASE_PASSWORD='secret'
 DATABASE_ROOT_PASSWORD="secret"
@@ -17,4 +19,6 @@ REDIS_PASSWORD='secret'
 GOOGLE_ADSENSE_ID='ca-pub-abcde'
 RECAPTCHA_PUBLIC_KEY='secret'
 RECAPTCHA_PRIVATE_KEY='secret'
-GOOGLE_OAUTH_LINK="secret.apps.googleusercontent.com"
+GOOGLE_OAUTH_LINK="secret.apps.googleusercontent.com"
+HTTP_PORT="80"
+SSL_PORT="443"

.gitignore

@@ -5,4 +5,6 @@ set_env.sh
 fishauctions/customsettings.py
 media/
 auctions/templates/ads.txt
-swag/
+swag/
+mediafiles/
+staticfiles/

Dockerfile

@@ -25,7 +25,7 @@ RUN pip install --upgrade pip pip-tools
 COPY . /usr/src/app/
 
 # generate an updated requirements.txt file with the latest versions of all packages
-#RUN pip-compile requirements.in --upgrade # fixme
+RUN pip-compile requirements.in --upgrade
 
 # install python dependencies
 # COPY ./requirements.txt . # no need to copy this, we just generated it
@@ -76,13 +76,10 @@ RUN touch /var/log/cron.log
 COPY --from=builder /usr/src/app/wheels /wheels
 COPY --from=builder /usr/src/app/requirements.txt .
 RUN pip install --upgrade pip
-# keep docker image smaller
-#RUN pip install --no-cache /wheels/*
-# faster
-RUN pip install /wheels/* 
+RUN pip install --no-cache /wheels/*
 RUN pip install mysql-connector-python
 
-COPY . $APP_HOME
+#COPY . $APP_HOME
 
 # chown all the files to the app user
 RUN chown -R app:app $APP_HOME

auctions/templates/promo.html

@@ -137,7 +137,7 @@ <h2 class="text-right"><span class='text-info'>Completely free.</span></h2>
   </div>
 </div>
 <h5>This site provides all the tools you need to run traditional, in-person auctions.  Or, run your auctions online without the need to reserve an auction hall or pay an auctioneer.</h5><h4 class="text-right">No paperwork.  No math.  Simple enough to use on your phone.</h4>
-<div><h3>Click below to learn more about:</h3>
+<div><h3>aaClick below to learn more about:</h3>
     <ul class="nav nav-pills">
       <li class="nav-item">
         <a class="nav-link " data-toggle="tab" href="#runAuction">Online auctions</a>

docker-compose.prod.yaml

@@ -2,16 +2,12 @@ services:
   web:
     build: .
     volumes:
+      - .:/home/app/web
       - static_volume:/home/app/web/staticfiles
       - media_volume:/home/app/web/mediafiles
-    ports:
-      - 8000:8000
-    #expose:
-    #  - 8000
+    expose:
+      - 8000
     env_file: .env
-    # this will override whatever is set in the .env
-    environment:
-      - DEBUG=True
     depends_on:
       - db
     restart: always
@@ -40,21 +36,32 @@ services:
     restart: always
     command: redis-server --requirepass ${REDIS_PASSWORD-unsecure}
 
-# this server will get overridden in production - see docker-compose.prod.yaml
   nginx:
-    image: nginx:latest
+    image: ${NGINX_IMAGE-nginx}:latest # default setting is for development, use lscr.io/linuxserver/swag for production
     volumes:
-      - ./nginx.dev.conf:/etc/nginx/nginx.conf:ro
+      - ${NGINX_CONF-./nginx.dev.conf}:/etc/nginx/nginx.conf:ro
+      - ./swag:/config
       - ./nginx_fishauctions.conf:/etc/nginx/nginx_fishauctions.conf:ro
+      - static_volume:/home/app/web/staticfiles:ro
+      - media_volume:/home/app/web/mediafiles:ro
     ports:
       - ${HTTP_PORT-80}:80
+      - ${SSL_PORT-443}:443 # this is only used in production
     restart: always
     depends_on:
       - web
+    cap_add:
+      - NET_ADMIN
+    environment: # none of these get used in development
+      - PUID=${PUID-1000}
+      - PGID=${PGID-1000}
+      - TZ=Etc/UTC
+      - URL=${SITE_DOMAIN}
+      - VALIDATION=http
+      - EMAIL=${ADMIN_EMAIL}
 
 volumes:
   redis_data:
-    driver: local
   mariadb_data:
   static_volume:
   media_volume:

docker-compose.yaml

@@ -30,8 +30,7 @@ python manage.py collectstatic --no-input > /dev/null 2>&1
 
 if [ "${DEBUG}" = "True" ]; then
     echo Starting in development mode, cron jobs must be run manually
-    uvicorn fishauctions.asgi:application --reload --port 8000 --log-config=./uvicorn_log_config.yml
-    #python manage.py runserver 0.0.0.0:8000
+    exec uvicorn fishauctions.asgi:application --host 0.0.0.0 --port 8000 --reload --reload-include '*.py' --reload-include '*.html' --reload-include '*.js'
 else
     echo Starting fishauctions in production mode
     cron -f & # run cron in the foreground, but & allows the script to continue

entrypoint.sh

@@ -9,7 +9,8 @@ http {
                       '$status $body_bytes_sent "$http_referer" '
                       '"$http_user_agent" "$http_x_forwarded_for"';
 
-    access_log /var/log/nginx/access.log main;
+    access_log off;
+    #access_log /var/log/nginx/access.log main;
     error_log /var/log/nginx/error.log warn;
 
     sendfile on;

nginx.dev.conf

@@ -33,10 +33,19 @@ git clone https://github.com/iragm/fishauctions
 docker compose build
 docker compose up
 ```
-You should now be able to access a development site at 127.0.0.1
+You should now be able to access a development site at 127.0.0.1 (Note: don't use port 8000)
 
 #### ENV
-Development-friendly default values are set for most of the environment, but you may wish to use existing databases or specify secure passwords.  Simply rename the `.env.example` file to `.env`, edit it as needed, and you should be good to go.
+Development-friendly default values are set for most of the environment, but you may wish to use existing databases or specify secure passwords.  Simply rename the `.env.example` file to `.env`, edit it as needed (making sure to remove the lines used for production), and you should be good to go.
+
+This file doesn't document everything, but it has the most common settings.  For example, if you use port 80 for something else, you could serve up the development site on a different port by editing your .env file to have the line HTTP_PORT=81
+
+#### Production environment differences
+At this time, I'm only aware of one production deployment, but since this is open source, you're welcome to spin up your own competing website.
+
+In keeping with 12 Factor, all configuration is done from the .env file and the rest of the environment is kept extremely similar, but:
+- Production uses SWAG to add a cert, dev uses plain old Nginx to serve just http content.
+- Production uses Gunicorn with a Uvicorn worker process, development uses Uvicorn with a --reload flag (this is configured in entrypoint.sh)
 
 #### Cron jobs
 Some cron jobs are used to manage models - these run automatically if you're in production (debug=False), but will need to be run manually in development.  These can be found in the crontab file in the same folder as this readme.