diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..8116a00 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,5 @@ +venv +target +__pycache__ +pflaenzli/media +*.sqlite3 \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..88f7702 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,19 @@ +FROM python:3.11 + +RUN apt update && apt install -y libpq-dev nginx + +ADD requirements.txt requirements.txt + +RUN pip install -r requirements.txt + +COPY pflaenzli /app +COPY entrypoint.sh /app +COPY default /etc/nginx/sites-enabled/default + +WORKDIR /app + +RUN chmod +x entrypoint.sh + +RUN python3 manage.py collectstatic --no-input -c + +ENTRYPOINT /app/entrypoint.sh diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000..236341e --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,27 @@ +pipeline { + agent any + + stages { + stage('Pull git') { + checkout scm + } + + stage('Build Docker Image') { + steps { + script { + def dockerImage = docker.build('pflaenzli', '-f Dockerfile . --tag pflaenzli:${env.BUILD_NUMBER}') + } + } + } + + stage('Push Docker Image') { + steps { + script { + docker.withRegistry('https://git.thisfro.ch', 'jenkins-ci') { + dockerImage.push() + } + } + } + } + } +} \ No newline at end of file diff --git a/default b/default new file mode 100644 index 0000000..07c6af2 --- /dev/null +++ b/default @@ -0,0 +1,19 @@ +server { + listen 80; + + charset utf-8; + + location /static { + access_log off; + alias /app/pflaenzli/static_collected; + } + + location / { + proxy_pass http://127.0.0.1:8000; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + access_log off; + client_max_body_size 10M; + } +} diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..65af10d --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,18 @@ +version: '3' + +services: + pflaenzli: + build: . + ports: + - 8080:80 + environment: + DOCKER: True + + db: + image: postgres:15 + command: postgres -c password_encryption=md5 + environment: + POSTGRES_PASSWORD: development + POSTGRES_USER: pflaenzli + POSTGRES_DB: pflaenzli + POSTGRES_INITDB_ARGS: "--auth-local=md5" diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 0000000..8536db0 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,6 @@ +#!/bin/bash +python manage.py migrate + +nginx + +gunicorn --bind :8000 --workers 4 pflaenzli_django.wsgi:application diff --git a/pflaenzli/pflaenzli_django/settings.py b/pflaenzli/pflaenzli_django/settings.py index 5f7bb5c..55e95a5 100644 --- a/pflaenzli/pflaenzli_django/settings.py +++ b/pflaenzli/pflaenzli_django/settings.py @@ -32,8 +32,8 @@ SECRET_KEY = "django-insecure-q=ps#iypevr!3zfpwtfp3lw#4r3%oyj*(2=*iq^8f4_zbodi^( # SECURITY WARNING: don't run with debug turned on in production! DEBUG = True -ALLOWED_HOSTS = [] - +ALLOWED_HOSTS = ["localhost"] +CSRF_TRUSTED_ORIGINS = ["http://localhost:8080", "https://staging.pflaenz.li"] # Application definition @@ -144,7 +144,7 @@ USE_TZ = True STATIC_URL = "static/" MEDIA_ROOT = os.path.join(BASE_DIR, "media") MEDIA_URL = "media/" - +STATIC_ROOT = "/app/pflaenzli/static_collected" # Default primary key field type # https://docs.djangoproject.com/en/4.1/ref/settings/#default-auto-field