From cd36e7902dbf7d0ad25ef33c9298528876a064e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tao=20Bojl=C3=A9n?= Date: Wed, 20 Feb 2019 20:04:07 +0000 Subject: [PATCH] merge --- backend/api/backend/settings/production.py | 3 +- config/nginx/conf.d/local.conf | 20 -------- docker-compose.production.yml | 57 ++++++++++++++++------ example.env | 3 ++ 4 files changed, 46 insertions(+), 37 deletions(-) delete mode 100644 config/nginx/conf.d/local.conf diff --git a/backend/api/backend/settings/production.py b/backend/api/backend/settings/production.py index c4539a3..975b4af 100644 --- a/backend/api/backend/settings/production.py +++ b/backend/api/backend/settings/production.py @@ -2,10 +2,9 @@ from .base import * DEBUG = False -ALLOWED_HOSTS = ['fediverse.space', 'www.fediverse.space', 'staging.fediverse.space'] +ALLOWED_HOSTS = ['api.fediverse.space'] CORS_ORIGIN_WHITELIST = [ 'fediverse.space', - 'www.fediverse.space', 'staging.fediverse.space' ] diff --git a/config/nginx/conf.d/local.conf b/config/nginx/conf.d/local.conf deleted file mode 100644 index 762dc7c..0000000 --- a/config/nginx/conf.d/local.conf +++ /dev/null @@ -1,20 +0,0 @@ -upstream app { - server unix:/var/gunicorn/.sock; -} - -server { - listen 80 default_server; - server_name localhost; - - location / { - allow all; - proxy_http_version 1.1; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_set_header X-Cluster-Client-Ip $remote_addr; - proxy_pass http://app; - } - - # Note that nginx doesn't serve any static files. -} - diff --git a/docker-compose.production.yml b/docker-compose.production.yml index d166321..6ade26a 100644 --- a/docker-compose.production.yml +++ b/docker-compose.production.yml @@ -1,9 +1,42 @@ version: '3' services: + nginx-proxy: + image: jwilder/nginx-proxy:alpine + restart: always + ports: + - "80:80" + - "443:443" + labels: + - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy + volumes: + - gunicorn-socket:/var/gunicorn # to talk to Django + - /var/run/docker.sock:/tmp/docker.sock:ro # for nginx-proxy + - conf:/etc/nginx/conf.d + - vhost:/etc/nginx/vhost.d + - html:/usr/share/nginx/html + - certs:/etc/nginx/certs:ro + networks: + - nginx_network + letsencrypt: + image: jrcs/letsencrypt-nginx-proxy-companion + container_name: nginx-proxy-le + volumes: + - gunicorn-socket:/var/gunicorn + - conf:/etc/nginx/conf.d + - vhost:/etc/nginx/vhost.d + - html:/usr/share/nginx/html + - certs:/etc/nginx/certs:rw + - /var/run/docker.sock:/var/run/docker.sock:ro + networks: + - nginx_network + depends_on: + - nginx-proxy db: restart: always networks: - database_network + depends_on: + - letsencrypt web: restart: always volumes: @@ -15,24 +48,18 @@ services: environment: - ENVIRONMENT=production - DJANGO_SETTINGS_MODULE=backend.settings.production - nginx: - image: nginx:1.14 - # build: - # context: . - # dockerfile: Dockerfile.nginx - ports: - - "80:80" - volumes: - - gunicorn-socket:/var/gunicorn - - ./config/nginx/conf.d:/etc/nginx/conf.d - networks: - - nginx_network - depends_on: - - web + - VIRTUAL_HOST + - LETSENCRYPT_HOST + - LETSENCRYPT_EMAIL networks: database_network: driver: bridge nginx_network: driver: bridge volumes: - gunicorn-socket: + gunicorn-socket: + conf: + vhost: + html: + certs: + diff --git a/example.env b/example.env index 4abeff1..f6ee70c 100644 --- a/example.env +++ b/example.env @@ -3,3 +3,6 @@ POSTGRES_USER=postgres POSTGRES_PASSWORD=postgres POSTGRES_DB=fediverse DJANGO_SETTINGS_MODULE=backend.settings.development +VIRTUAL_HOST=api.fediverse.space +LETSENCRYPT_HOST=api.fediverse.space +LETSENCRYPT_EMAIL=my@email.com