From 71634876976c2a459bc961fcf74947c4ab11fb03 Mon Sep 17 00:00:00 2001 From: Dmitriy Shesterkin Date: Sun, 6 Aug 2017 16:10:12 +0300 Subject: [PATCH] deploy --- Dockerfile-prod | 106 +++++++++++++++++++++++++++++++++ conf/docker/entrypoint_prod.sh | 25 ++++++++ docker-compose.yml | 4 +- 3 files changed, 134 insertions(+), 1 deletion(-) create mode 100644 Dockerfile-prod create mode 100755 conf/docker/entrypoint_prod.sh diff --git a/Dockerfile-prod b/Dockerfile-prod new file mode 100644 index 0000000..fb63243 --- /dev/null +++ b/Dockerfile-prod @@ -0,0 +1,106 @@ +FROM alpine:latest + +ENV NGINX_VERSION="1.13.2" \ + NGINX_OPTS="--with-http_ssl_module \ + --with-http_gzip_static_module \ + --prefix=/usr/share/nginx \ + --sbin-path=/usr/sbin/nginx \ + --conf-path=/etc/nginx/nginx.conf \ + --pid-path=/var/run/nginx.pid \ + --http-log-path=/var/log/nginx/access.log \ + --error-log-path=/var/log/nginx/error.log \ + --user=nginx \ + --group=nginx \ + --add-module=/tmp/modules/nginx_requestid-master" +COPY requirements /opt/app/requirements + +RUN apk update && apk add --update --no-cache --progress \ + make \ + pcre \ + zlib \ + libpq \ + openssl \ + ca-certificates \ + python3 \ + libxml2-dev \ + py-libxml2 \ + libxml2-utils \ + libxslt-dev \ + libmagic \ + ghostscript \ + supervisor \ + cyrus-sasl-dev \ + jpeg libpng freetype \ + bash bash-completion \ + gettext-dev \ + libtool \ + mailcap \ + libgomp \ + jpeg-dev \ + expat \ + tcl-dev \ + tk-dev \ + + && apk add --no-cache --virtual=.build-dependencies \ + musl-dev \ + curl \ + build-base \ + postgresql-dev \ + ncurses-dev \ + pcre-dev \ + zlib-dev \ + libpng-dev \ + tiff-dev \ + lcms2-dev \ + libwebp-dev \ + libffi-dev \ + ttf-freefont \ + python3-dev \ + + && python3 -m ensurepip \ + && rm -r /usr/lib/python*/ensurepip \ + && pip3 install --upgrade pip setuptools \ + && pip3 install --no-cache-dir -r /opt/app/requirements/production.txt \ + + # Add nginx group and user + && addgroup -S nginx \ + && adduser -S nginx -G nginx \ + # Download additional nginx modules + && mkdir -p /tmp/modules \ + && cd /tmp/modules \ + && wget -O nginx-requestid.tar.gz https://github.com/hhru/nginx_requestid/archive/master.tar.gz \ + && tar xvzf nginx-requestid.tar.gz \ + # Download and compile nginx + && cd /tmp \ + && curl -fSL http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz -o nginx-${NGINX_VERSION}.tar.gz \ + && tar xzvf nginx-${NGINX_VERSION}.tar.gz \ + && cd nginx-${NGINX_VERSION} \ + && ./configure ${NGINX_OPTS} \ + && make \ + && make install \ + + # Delete build dependencies after use + && cd /tmp \ + && apk del .build-dependencies \ + && rm -rf \ + modules \ + nginx-${NGINX_VERSION} \ + nginx-${NGINX_VERSION}.tar.gz \ + /var/cache/apk/* \ + /root/.cache \ + + # Security precautions + && openssl rand -base64 32 > /opt/app/secret_key.txt \ + && echo "root:$(openssl passwd -apr1 uztOsdwP)" >> /etc/nginx/.htpasswd + +#COPY . /opt/app +#VOLUME ["/opt/app/public/media"] +WORKDIR /opt/app + +RUN rm -v /etc/nginx/nginx.conf +ADD /conf/nginx.conf /etc/nginx/ + +EXPOSE 80 + + +CMD ["conf/docker/entrypoint_stage.sh"] diff --git a/conf/docker/entrypoint_prod.sh b/conf/docker/entrypoint_prod.sh new file mode 100755 index 0000000..f9359dc --- /dev/null +++ b/conf/docker/entrypoint_prod.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash + +set -e +set -u + +export ENV=prod +export BRANCH=prod + +cd /opt/app + +# Collect static files +echo "Collect static files" +python3 manage.py collectstatic --noinput + +# Make database migrations +echo "Make database migrations" +python3 manage.py makemigrations + +# Apply database migrations +echo "Apply database migrations" +python3 manage.py migrate myauth --noinput +python3 manage.py migrate --noinput + + +supervisord -c /opt/app/conf/supervisor.conf diff --git a/docker-compose.yml b/docker-compose.yml index ebedb55..554a7d0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,7 +4,9 @@ services: web: restart: always container_name: dokumentor-web-prod - build: . + build: + context: . + dockerfile: Dockerfile-prod volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro