Commit 3ab346b1 authored by Jone Vassbø's avatar Jone Vassbø
Browse files

Added production settings

parent 451944fe
# Webserver running nginx
FROM nginx:perl
# Import groupid environment variable
ENV GROUPID=${GROUPID}
ENV PORT_PREFIX=${PORT_PREFIX}
# Copy nginx config to the container
COPY nginx.conf /etc/nginx/nginx.conf
\ No newline at end of file
......@@ -2,34 +2,59 @@
SecFit (Secure Fitness) is a hybrid mobile application for fitness logging.
## Deploy with Docker
## Development in VS code remote container
Prerequisites:
- VS code with remote development extension
- Docker
To develop in remote containers open a separate VS code instance inside both backend and frontend. Use VS code's command (Ctrl + P) ">Remote-Containers: Open Folder In Container..."
Benefits using this development environment:
- Development environment is identical to the production environment (uses the same dockerfile). This leads to fewer surprises when deploying.
- No manual installation steps needed
- No cleanup
- Easy to switch between different projects using different dependencies/technologies
## Deploy (Production) with Docker Compose/Swarm
### Prerequisites:
Docker
Docker Compose/Swarm
### Deploy:
- The deployment uses prebuilt images from docker hub, built with github actions
### Run with Docker Compose:
```
docker-compose up --build
```
Git
Hosts the application on http://localhost:4011
Windows hosts must use Education or more advanced versions to run Docker \
Download: https://innsida.ntnu.no/wiki/-/wiki/English/Microsoft+Windows+10
### Run (or update) wit Docker Swarm
### Install:
Prerequisites:
$ git clone https://gitlab.stud.idi.ntnu.no/kyleo/secfit.git \
$ cd secfit/
- Git clone, or copy `db.sqlite3`, `docker-compose.yaml` and `nginx.conf` to the server.
### Run:
```
sudo docker stack deploy --compose-file docker-compose.yml --with-registry-auth stack-secfit
```
$ docker-compose up --build \
Hosts the application on http://localhost:9090 with default settings
Hosts the application on http://localhost:4011 with default settings
## Technology
- **deployment** Docker
- **web** Nginx
- **database** Postgre SQL
- **proxy** Nginx
- **database** SQLite
- **backend** Django 3 with Django REST framework
- **application**
- **frontend**
- **browser** - HTML5/CSS/JS, Bootstrap v5 (no jQuery dependency)
- **mobile** Apache Cordova (uses same website)
- **authentication** JWT
......@@ -61,14 +86,7 @@ package.json - Some node.js requirements, this is needed for cordova
- **manage.py** - entry point for running the project.
- **seed.json** - contains seed data for the project to get it up and running quickly (coming soon)
## Local setup
It's recommended to have a look at: https://www.djangoproject.com/start/
Just as important is the Django REST guide: https://www.django-rest-framework.org/
Create a virtualenv https://docs.python-guide.org/dev/virtualenvs/
### Django
### Django basics
Installation with examples for Ubuntu. Windows and OSX is mostly the same
......@@ -121,19 +139,3 @@ If you want to run this as a mobile application
It's possible you will need to add the platforms you want to run and build.
The following documentation can be used to run the application in an Android emulator: \
https://cordova.apache.org/docs/en/latest/guide/platforms/android/index.html
# Development in VS code remote container
Prerequisites:
- VS code with remote development extension
- Docker
To develop in remote containers open a separate VS code instance inside both backend and frontend. Use VS code's command (Ctrl + P) ">Remote-Containers: Open Folder In Container..."
Benefits using this development environment:
- Development environment is identical to the production environment (uses the same dockerfile). This leads to fewer surprises when deploying.
- No manual installation steps needed
- No cleanup
- Easy to switch between different projects using different dependencies/technologies
......@@ -42,6 +42,7 @@ ALLOWED_HOSTS = [
"10." + groupid + ".0.6",
"10." + groupid + ".0.4",
"molde.idi.ntnu.no",
"secfit.vassbo.as",
"10.0.2.2",
]
......
File added
version: '3'
version: "3.8"
services:
backend:
container_name: django_group_${GROUPID}
build:
context: backend/secfit/
dockerfile: Dockerfile
args:
DJANGO_SUPERUSER_USERNAME: "${DJANGO_SUPERUSER_USERNAME}"
DJANGO_SUPERUSER_PASSWORD: "${DJANGO_SUPERUSER_PASSWORD}"
DJANGO_SUPERUSER_EMAIL: "${DJANGO_SUPERUSER_EMAIL}"
environment:
- GROUPID=${GROUPID}
networks:
backend_bridge:
ipv4_address: 10.${GROUPID}.0.4
image: jonev/secfit:backend
volumes:
- ./db.sqlite3:/code/db.sqlite3
application:
container_name: node_group_${GROUPID}
build:
context: frontend/
dockerfile: Dockerfile
args:
GROUPID: ${GROUPID}
DOMAIN: ${DOMAIN}
URL_PREFIX: ${URL_PREFIX}
PORT_PREFIX: ${PORT_PREFIX}
networks:
backend_bridge:
ipv4_address: 10.${GROUPID}.0.5
frontend:
image: jonev/secfit:frontend
web:
container_name: nginx_group_${GROUPID}
build:
context: .
dockerfile: Dockerfile
proxy:
image: nginx:perl
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
ports:
- ${PORT_PREFIX}${GROUPID}:80
environment:
- GROUPID=${GROUPID}
- PORT_PREFIX=${PORT_PREFIX}
networks:
backend_bridge:
ipv4_address: 10.${GROUPID}.0.6
networks:
backend_bridge:
driver: bridge
ipam:
config:
- subnet: 10.${GROUPID}.0.0/18
- 4011:80
# Get docker image
FROM debian:buster-slim
FROM node:lts-buster-slim
# Import groupid and host environment variable
ARG GROUPID
......@@ -14,11 +14,12 @@ WORKDIR /app
COPY . /app/
# Set the host variable in default.js (overwrite)
RUN echo "const HOST = '${URL_PREFIX}${DOMAIN}:${PORT_PREFIX}${GROUPID}';" > ./www/scripts/defaults.js
RUN echo "const HOST = 'https://secfit.vassbo.as';" > ./www/scripts/defaults.js
# Install cordova
# Also install shelljs because of windows for some reason
RUN apt-get update -y && apt-get install npm -y && npm install -g cordova && npm install -g shelljs
RUN npm install --silent -g cordova \
&& npm install --silent -g shelljs
# Run cordova app
CMD [ "cordova", "run", "browser", "--release", "--port=3000" ]
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
load_module modules/ngx_http_perl_module.so;
env GROUPID;
env PORT_PREFIX;
events {
worker_connections 1024;
}
http {
perl_set $GROUPID 'sub { return $ENV{"GROUPID"}; }';
perl_set $PORT_PREFIX 'sub { return $ENV{"PORT_PREFIX"}; }';
client_max_body_size 100M;
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://10.${GROUPID}.0.5:3000;
proxy_http_version 1.1;
proxy_set_header Host $host:${PORT_PREFIX}${GROUPID};
}
location /api/ {
proxy_pass http://10.${GROUPID}.0.4:8000;
proxy_http_version 1.1;
proxy_set_header Host $host:${PORT_PREFIX}${GROUPID};
}
location /api/root/ {
proxy_pass http://10.${GROUPID}.0.4:8000/;
proxy_http_version 1.1;
proxy_set_header Host $host:${PORT_PREFIX}${GROUPID};
}
location /admin/ {
proxy_pass http://10.${GROUPID}.0.4:8000;
proxy_http_version 1.1;
proxy_set_header Host $host:${PORT_PREFIX}${GROUPID};
}
location /static/ {
proxy_pass http://10.${GROUPID}.0.4:8000;
proxy_http_version 1.1;
proxy_set_header Host $host:${PORT_PREFIX}${GROUPID};
}
location /media/ {
proxy_pass http://10.${GROUPID}.0.4:8000;
proxy_http_version 1.1;
proxy_set_header Host $host:${PORT_PREFIX}${GROUPID};
}
location / {
proxy_pass http://frontend:3000;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
location /api/ {
proxy_pass http://backend:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
location /api/root/ {
proxy_pass http://backend:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
location /admin/ {
proxy_pass http://backend:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
location /static/ {
proxy_pass http://backend:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
location /media/ {
proxy_pass http://backend:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
}
}
}
\ No newline at end of file
server {
server_name secfit.vassbo.as;
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/secfit.vassbo.as/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/secfit.vassbo.as/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_pass http://192.168.0.20:4010;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
location /api/ {
proxy_pass http://192.168.0.20:4009;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
location /api/root/ {
proxy_pass http://192.168.0.20:4009;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
location /admin/ {
proxy_pass http://192.168.0.20:4009;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
location /static/ {
proxy_pass http://192.168.0.20:4009;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
location /media/ {
proxy_pass http://192.168.0.20:4009;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
}
server {
if ($host = secfit.vassbo.as) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name secfit.vassbo.as;
return 404; # managed by Certbot
}
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment