#1 #2: first 'production' deployment (will get better); encrypted production secrets; add Makefile

2019-10-19 01:48:41 +02:00 · 2019-10-19 01:48:41 +02:00 · 122faa1c5d
parent 0a477144b4
commit 122faa1c5d
5 changed files with 50 additions and 2 deletions
--- a/.deployment/production/docker-compose.yml
+++ b/.deployment/production/docker-compose.yml
@ -0,0 +1,9 @@
+version: "3"
+
+services:
+  django-server:
+    build: ../../
+    ports:
+      - "8042:8042"
+    env_file:
+      - production.secrets.env
--- a/.deployment/production/production.secrets.env
+++ b/.deployment/production/production.secrets.env
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1 @@
+*.secrets.env filter=git-crypt diff=git-crypt
--- a/8
+++ b/8
@ -13,5 +13,9 @@ RUN pip3 install --upgrade pip && \

 COPY . .

-CMD ["gunicorn", "pluralityspace.wsgi:application", \
-                 "--bind", "0.0.0.0:8042"]
+# TODO #1: build a real production setup with gunicorn, nginx for static files etc.
+#CMD ["gunicorn", "pluralityspace.wsgi:application", \
+#                 "--bind", "0.0.0.0:8042"]
+
+ENTRYPOINT ["python3", "./manage.py"]
+CMD ["runserver", "0.0.0.0:8042"]
--- a/34
+++ b/34
@ -0,0 +1,34 @@
+# General settings
+APP_NAME := pluralityspace
+PYTHON ?= python3
+
+# Development server
+SERVER_LISTEN ?= 0.0.0.0:8042
+
+# Deployment settings
+STAGE ?= production
+GIT_CRYPT_KEY ?= ~/.git-crypt-keys/$(APP_NAME)-$(STAGE).key
+DOCKER_COMPOSE_YML := .deployment/$(STAGE)/docker-compose.yml
+
+.PHONY: run decrypt deploy-production
+
+# Default target: none
+all:
+
+
+### Local development
+
+# Run django development server
+run:
+	$(PYTHON) manage.py runserver $(SERVER_LISTEN)
+
+
+### Deployment
+
+# Unlock git-crypted production secrets
+decrypt:
+	git-crypt unlock $(GIT_CRYPT_KEY)
+
+# Deploy on production using docker-compose
+deploy:
+	docker-compose -f $(DOCKER_COMPOSE_YML) up --build --detach
				`@ -0,0 +1 @@`
				`*.secrets.env filter=git-crypt diff=git-crypt`