mirror of
https://github.com/mediacms-io/mediacms.git
synced 2025-06-22 04:51:31 +02:00
mount src folder, fix permissions, store db and media on host directories
This commit is contained in:
parent
a15ed70d44
commit
ac3ce569a8
10
.gitignore
vendored
10
.gitignore
vendored
@ -1,3 +1,11 @@
|
|||||||
media_files/encoded/
|
media_files/encoded/
|
||||||
media_files/original/
|
media_files/original/
|
||||||
postgres_data/
|
postgres_data/
|
||||||
|
celerybeat-schedule
|
||||||
|
logs/
|
||||||
|
pids/
|
||||||
|
static/admin/
|
||||||
|
static/ckeditor/
|
||||||
|
static/debug_toolbar/
|
||||||
|
static/mptt/
|
||||||
|
static/rest_framework/
|
12
Dockerfile
12
Dockerfile
@ -21,12 +21,11 @@ RUN wget -q http://zebulon.bok.net/Bento4/binaries/Bento4-SDK-1-6-0-632.x86_64-u
|
|||||||
unzip -j Bento4-SDK-1-6-0-632.x86_64-unknown-linux.zip Bento4-SDK-1-6-0-632.x86_64-unknown-linux/bin/mp4hls -d Bento4-SDK-1-6-0-632.x86_64-unknown-linux/bin/ && \
|
unzip -j Bento4-SDK-1-6-0-632.x86_64-unknown-linux.zip Bento4-SDK-1-6-0-632.x86_64-unknown-linux/bin/mp4hls -d Bento4-SDK-1-6-0-632.x86_64-unknown-linux/bin/ && \
|
||||||
rm Bento4-SDK-1-6-0-632.x86_64-unknown-linux.zip
|
rm Bento4-SDK-1-6-0-632.x86_64-unknown-linux.zip
|
||||||
|
|
||||||
RUN chown -R www-data. /home/mediacms.io/ && chmod +x /home/mediacms.io/mediacms/deploy/docker/start.sh /home/mediacms.io/mediacms/deploy/docker/prestart.sh
|
|
||||||
|
|
||||||
############ RUNTIME IMAGE ############
|
############ RUNTIME IMAGE ############
|
||||||
FROM python:3.8-slim-buster as runtime-image
|
FROM python:3.8-slim-buster as runtime-image
|
||||||
|
|
||||||
ENV PYTHONUNBUFFERED=1
|
ENV PYTHONUNBUFFERED=1
|
||||||
|
ENV PYTHONDONTWRITEBYTECODE=1
|
||||||
ENV ADMIN_USER='admin'
|
ENV ADMIN_USER='admin'
|
||||||
ENV ADMIN_PASSWORD='mediacms'
|
ENV ADMIN_PASSWORD='mediacms'
|
||||||
ENV ADMIN_EMAIL='admin@localhost'
|
ENV ADMIN_EMAIL='admin@localhost'
|
||||||
@ -54,13 +53,12 @@ RUN apt-get update -y && apt-get -y upgrade && apt-get install --no-install-reco
|
|||||||
apt-get purge --auto-remove && \
|
apt-get purge --auto-remove && \
|
||||||
apt-get clean
|
apt-get clean
|
||||||
|
|
||||||
# forward request and error logs to docker log collector
|
|
||||||
RUN ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log && \
|
|
||||||
ln -sf /dev/stdout /var/log/nginx/mediacms.io.access.log && ln -sf /dev/stderr /var/log/nginx/mediacms.io.error.log
|
|
||||||
|
|
||||||
WORKDIR /home/mediacms.io/mediacms
|
WORKDIR /home/mediacms.io/mediacms
|
||||||
|
|
||||||
EXPOSE 9000 80
|
EXPOSE 9000 80
|
||||||
|
|
||||||
|
RUN chmod +x ./deploy/docker/entrypoint.sh
|
||||||
|
|
||||||
|
ENTRYPOINT ["./deploy/docker/entrypoint.sh"]
|
||||||
|
|
||||||
CMD ["./deploy/docker/start.sh"]
|
CMD ["./deploy/docker/start.sh"]
|
||||||
|
|
32
cms/local_settings.py
Executable file
32
cms/local_settings.py
Executable file
@ -0,0 +1,32 @@
|
|||||||
|
FRONTEND_HOST = 'http://localhost'
|
||||||
|
PORTAL_NAME = 'MediaCMS'
|
||||||
|
SECRET_KEY = 'ma!s3^b-cw!f#7s6s0m3*jx77a@riw(7701**(r=ww%w!2+yk2'
|
||||||
|
POSTGRES_HOST = 'db'
|
||||||
|
REDIS_LOCATION = "redis://redis:6379/1"
|
||||||
|
|
||||||
|
DATABASES = {
|
||||||
|
"default": {
|
||||||
|
"ENGINE": "django.db.backends.postgresql",
|
||||||
|
"NAME": "mediacms",
|
||||||
|
"HOST": POSTGRES_HOST,
|
||||||
|
"PORT": "5432",
|
||||||
|
"USER": "mediacms",
|
||||||
|
"PASSWORD": "mediacms",
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
CACHES = {
|
||||||
|
"default": {
|
||||||
|
"BACKEND": "django_redis.cache.RedisCache",
|
||||||
|
"LOCATION": REDIS_LOCATION,
|
||||||
|
"OPTIONS": {
|
||||||
|
"CLIENT_CLASS": "django_redis.client.DefaultClient",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# CELERY STUFF
|
||||||
|
BROKER_URL = REDIS_LOCATION
|
||||||
|
CELERY_RESULT_BACKEND = BROKER_URL
|
||||||
|
|
||||||
|
DEBUG = False
|
30
deploy/docker/entrypoint.sh
Executable file
30
deploy/docker/entrypoint.sh
Executable file
@ -0,0 +1,30 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# forward request and error logs to docker log collector
|
||||||
|
ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log && \
|
||||||
|
ln -sf /dev/stdout /var/log/nginx/mediacms.io.access.log && ln -sf /dev/stderr /var/log/nginx/mediacms.io.error.log
|
||||||
|
cp /home/mediacms.io/mediacms/deploy/docker/local_settings.py /home/mediacms.io/mediacms/cms/local_settings.py
|
||||||
|
|
||||||
|
mkdir -p /home/mediacms.io/mediacms/{logs,pids}
|
||||||
|
touch /home/mediacms.io/mediacms/logs/debug.log
|
||||||
|
|
||||||
|
chown -R www-data. /home/mediacms.io/
|
||||||
|
|
||||||
|
TARGET_GID=$(stat -c "%g" /home/mediacms.io/mediacms/)
|
||||||
|
|
||||||
|
EXISTS=$(cat /etc/group | grep $TARGET_GID | wc -l)
|
||||||
|
|
||||||
|
# Create new group using target GID and add www-data user
|
||||||
|
if [ $EXISTS == "0" ]; then
|
||||||
|
groupadd -g $TARGET_GID tempgroup
|
||||||
|
usermod -a -G tempgroup www-data
|
||||||
|
else
|
||||||
|
# GID exists, find group name and add
|
||||||
|
GROUP=$(getent group $TARGET_GID | cut -d: -f1)
|
||||||
|
usermod -a -G $GROUP www-data
|
||||||
|
fi
|
||||||
|
|
||||||
|
chmod +x /home/mediacms.io/mediacms/deploy/docker/start.sh /home/mediacms.io/mediacms/deploy/docker/prestart.sh
|
||||||
|
|
||||||
|
exec "$@"
|
3
deploy/docker/prestart.sh
Normal file → Executable file
3
deploy/docker/prestart.sh
Normal file → Executable file
@ -1,7 +1,4 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
mkdir -p /home/mediacms.io/mediacms/logs
|
|
||||||
touch /home/mediacms.io/mediacms/logs/debug.log
|
|
||||||
chown www-data. -R /home/mediacms.io/mediacms/logs
|
|
||||||
|
|
||||||
RANDOM_ADMIN_PASS=`python -c "import secrets;chars = 'abcdefghijklmnopqrstuvwxyz0123456789';print(''.join(secrets.choice(chars) for i in range(10)))"`
|
RANDOM_ADMIN_PASS=`python -c "import secrets;chars = 'abcdefghijklmnopqrstuvwxyz0123456789';print(''.join(secrets.choice(chars) for i in range(10)))"`
|
||||||
ADMIN_PASSWORD=${ADMIN_PASSWORD:-$RANDOM_ADMIN_PASS}
|
ADMIN_PASSWORD=${ADMIN_PASSWORD:-$RANDOM_ADMIN_PASS}
|
||||||
|
17
deploy/docker/reverse_proxy/certs/localhost.crt
Normal file
17
deploy/docker/reverse_proxy/certs/localhost.crt
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIICwzCCAaugAwIBAgIJAOyvdwguJQd+MA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
|
||||||
|
BAMTCWxvY2FsaG9zdDAeFw0yMTAxMjQxMjUwMzFaFw0zMTAxMjIxMjUwMzFaMBQx
|
||||||
|
EjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
|
||||||
|
ggEBAONswEwBzkgoO+lkewiKUnwvYqC54qleCUg9hidqjoyzd5XWKh1mIF7aaSCG
|
||||||
|
rJGSxCce8CbqAqGkpvsgXzwwbY72l7FwmAXFHO5ObQfpmFhjt2fsKRM9MTCo/UyU
|
||||||
|
liuhgP+Q+BNzUontTUC40NVHs8R7IHG4z8unB7qB/7zGK2tfilLB8JDqPTkc22vN
|
||||||
|
C4P1YxiGyY5bm37wQrroC9zPJ8bqanrF9Y90QJHubibnPWqnZvK2HkDWjp5LYkn8
|
||||||
|
IuzBycs1cLd8eMjU9aT72kweykvnGDDc3YbXFzT2zBTGSFEBROsVdPrNF9PaeE3j
|
||||||
|
pu4UZ8Ge3Fp3VYd+04DnWtbQq0MCAwEAAaMYMBYwFAYDVR0RBA0wC4IJbG9jYWxo
|
||||||
|
b3N0MA0GCSqGSIb3DQEBBQUAA4IBAQAdm2aGn4evosbdWgBHgzr6oYWBIiPpf1SA
|
||||||
|
GXizuf5OaMActFP0rZ0mogndLH5d51J2qqSfOtaWSA5qwlPvDSTn1nvJeHoVLfZf
|
||||||
|
kQHaB7/DaOPGsZCQBELPhYHwl7+Ej3HYE+siiaRfjC2NVgf8P/pAsTlKbe2e+34l
|
||||||
|
GwWSFol24w5xAmUezCF41JiZbqHoZhSh7s/PuJnK2RvhpjkrIot8GvxnbvOcKDIv
|
||||||
|
JzEKo3qPq8pc5RBkpP7Kp2+EgAYn1xAn0CekxZracW/MY+tg2mCeFucZW2V1iwVs
|
||||||
|
LpAw6GJnjYz5mbrQskPbrJ9t78JGUKQ0kL/VUTfryUHMHYCiJlvd
|
||||||
|
-----END CERTIFICATE-----
|
27
deploy/docker/reverse_proxy/certs/localhost.key
Normal file
27
deploy/docker/reverse_proxy/certs/localhost.key
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIIEpAIBAAKCAQEA42zATAHOSCg76WR7CIpSfC9ioLniqV4JSD2GJ2qOjLN3ldYq
|
||||||
|
HWYgXtppIIaskZLEJx7wJuoCoaSm+yBfPDBtjvaXsXCYBcUc7k5tB+mYWGO3Z+wp
|
||||||
|
Ez0xMKj9TJSWK6GA/5D4E3NSie1NQLjQ1UezxHsgcbjPy6cHuoH/vMYra1+KUsHw
|
||||||
|
kOo9ORzba80Lg/VjGIbJjlubfvBCuugL3M8nxupqesX1j3RAke5uJuc9aqdm8rYe
|
||||||
|
QNaOnktiSfwi7MHJyzVwt3x4yNT1pPvaTB7KS+cYMNzdhtcXNPbMFMZIUQFE6xV0
|
||||||
|
+s0X09p4TeOm7hRnwZ7cWndVh37TgOda1tCrQwIDAQABAoIBAQCmKKyOW7tlCNBN
|
||||||
|
AzbI1JbTWKOMnoM2DxhlCV5cqgOgVPcIKEL428bGxniMZRjr+vkJRBddtxdZFj1R
|
||||||
|
uSMbjJ5fF1dZMtQ/UvaCPhZ283p1CdXUPbz863ZnAPCf5Oea1RK0piw5ucYSM6h/
|
||||||
|
owgg65Qx92uK6uYW+uAwqg440+ihNvnaZoVTx5CjZbL9KISkrlNJnuYiB5vzOD0i
|
||||||
|
UVklO5Qz8VCuOcOVGZCA2SxHm4HAbg/aiQnpaUa9de4TsZ4ygF66pZh77T0wNOos
|
||||||
|
sS1riKtHQpX+osJyoTI/rIKFAhycsZ+AA7Qpu6GW4xQlNS6K8vRiIbktwkC+IT0O
|
||||||
|
RSn8Dg7BAoGBAPe5R8SpgXx9jKdA1eFa/Vjx5bmB96r2MviIOIWF8rs2K33xe+rj
|
||||||
|
v+BZ2ZjdpVjcm2nRMf9r/eDq2ScNFWmKoZsUmdyT84Qq9yLcTSUdno+zCy+L0LNH
|
||||||
|
DqJq5jIxJaV7amHeR/w10BVuiDmzhSsTmhfnXTUGRO/h2PjRyC3yEYdxAoGBAOsF
|
||||||
|
2+gTsdOGlq6AVzW5MLZkreq8WCU2wWpZRiCPh6HJa8htuynYxO5AWUiNUbYKddj2
|
||||||
|
0za9DFiXgH+Oo8wrkTYLEdN0T5/o+ScL5t3VG3m9R6pnuudLC2vmGQP0hNuZUpnF
|
||||||
|
7FzdJ85h6taR2bM1zFzOfl81K0BhTHGxTU2r70vzAoGAVXuLJ3LyqtnMKn72DzDN
|
||||||
|
0d6PTkdqBoW0qwyerHy/eRjFQ02MXE7BDJMUwmphv1tJCefVX/WNAwsnahFavTPI
|
||||||
|
dnJSccpgMtB8vXvV5yPkbmPzTTHrD6JKi4Nl8hYBjqwa1rDUmFSdfHfK7FZlcqrt
|
||||||
|
9qexAzYpnbmKnLoPYMNyhxECgYEAm5OCUeuPoL2MS7GLiXWwyFx3QFczZlcLzBGS
|
||||||
|
uYUpvLBwF/qDlhz3p9uS/tMFzyK3hktF4Ate+9o2ZroOtd31PzgusbJh7zIylGVt
|
||||||
|
i1VB3eGtaiFGeUuVIPTthE++Dvw80KxTXdnMOvNYmHduDBLF2H2c6/tvSSvfhbdf
|
||||||
|
u9XgD38CgYAiLcVySxMKNpsXatuC31wjT+rnaH22SD/7pXe2q6MRW/s+bGOspu0v
|
||||||
|
NeJSLoM98v8F99q0W0lgqesYJVI20Frru0DfXIp60ryaDolzve3Iwk8SOJUlcnUG
|
||||||
|
cCtmPUkjyr18QAlrcCB4PozJGjpPWyabaY8gGwo8wAEpJWHrIJlHew==
|
||||||
|
-----END RSA PRIVATE KEY-----
|
@ -1,17 +0,0 @@
|
|||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIICyTCCAbGgAwIBAgIJAPHG6VrZeH1/MA0GCSqGSIb3DQEBBQUAMBYxFDASBgNV
|
|
||||||
BAMTC21lZGlhY21zLmlvMB4XDTIxMDExNjE1NDUzNVoXDTMxMDExNDE1NDUzNVow
|
|
||||||
FjEUMBIGA1UEAxMLbWVkaWFjbXMuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
|
|
||||||
ggEKAoIBAQC+xxnUwjoIZq8sTw2DYGgIYxQ5lJ8Uvt+z+K/PQpT5nFqd1jURF8Zd
|
|
||||||
a92TlJjM5aSKosavuPHbFNkA7rSnLvP+I+8qsNPoinEUlE12Spg4E7dQkOkvTGty
|
|
||||||
/amFq69o9vm46GpvwImTZ5AQkzejk0ARUuFSdq9ev4aA44IBYiV4c2jRqnP7LY4j
|
|
||||||
+SA/rt+9bNUTwQ6QWEHDTHmKePr91UTZBcDw/oaoaJwWFXuEVC7VjtDN09ZNjkdg
|
|
||||||
pI6PvQZVw2IlBHS4S+ol+G2k2ckSCLgOj+dZrndr8OGrlAb8wgsInLK54nHm6VRe
|
|
||||||
G883CJd/VlOQAulE26ZkzIdAIjJCwb+DAgMBAAGjGjAYMBYGA1UdEQQPMA2CC21l
|
|
||||||
ZGlhY21zLmlvMA0GCSqGSIb3DQEBBQUAA4IBAQBwxkTE5GBuFjcFsBzMqhePgC7W
|
|
||||||
INzoTmyMLJrNClFLkUKkDrwNmShLNhZUbMHeDD1W40aKYJCV44QhT04fK18HU/DW
|
|
||||||
RkprlJDI8WUnuY97zN6Ms9z/GwYDGNXGLh8I/SEMhfJ8cIQuofhvuyi/E4AdWRva
|
|
||||||
Hw1RSC8RikTZQ5Y84oJ44RfHNfK7xkaeurcm/Tn4Vxx4RgXA2MMoFA7XbT08vhKw
|
|
||||||
iiQ9u4QL1GP3Nm8cTDDA9OChhLl56k24MD3WJM2HFTFlE5S4hFRkEqzy4pI/BTU4
|
|
||||||
S4fkXK88xDtB/kHlHgRQiNH+6ik8ZXXP1F56+vDLuR28nK3hRTpQwaRQ7dzC
|
|
||||||
-----END CERTIFICATE-----
|
|
@ -1,27 +0,0 @@
|
|||||||
-----BEGIN RSA PRIVATE KEY-----
|
|
||||||
MIIEowIBAAKCAQEAvscZ1MI6CGavLE8Ng2BoCGMUOZSfFL7fs/ivz0KU+ZxandY1
|
|
||||||
ERfGXWvdk5SYzOWkiqLGr7jx2xTZAO60py7z/iPvKrDT6IpxFJRNdkqYOBO3UJDp
|
|
||||||
L0xrcv2phauvaPb5uOhqb8CJk2eQEJM3o5NAEVLhUnavXr+GgOOCAWIleHNo0apz
|
|
||||||
+y2OI/kgP67fvWzVE8EOkFhBw0x5inj6/dVE2QXA8P6GqGicFhV7hFQu1Y7QzdPW
|
|
||||||
TY5HYKSOj70GVcNiJQR0uEvqJfhtpNnJEgi4Do/nWa53a/Dhq5QG/MILCJyyueJx
|
|
||||||
5ulUXhvPNwiXf1ZTkALpRNumZMyHQCIyQsG/gwIDAQABAoIBAQCMauVTWOX3+wRi
|
|
||||||
G4l5skLAMZTYUNDKJzdmMtvMNFiMZI258Mk8XIBvkI4VKuFQppH2TJrrCbhSJUUX
|
|
||||||
z5p+FywVWYOWq3I9jXBv0jw1ne/uDmz1ysMnQhswFw5oSZahLm9drwtwV4mrSiWa
|
|
||||||
XZEtP5t/ZL5dwOeRWGz6fvnYZNHpldkyZDO8+ywB55P+XDfGyxUppMOWdbNV9wGo
|
|
||||||
Fg6ypUFWFEUD8Ou8xd5FT5QqrQ5ruZJDKcYhPTuK0/dRsMgAxB+Bhf8XH3ynUZp2
|
|
||||||
+qMXcKyIQumq9r+/ulE/Yhnbh/E4hYBbThhnmPejNeSvWb7niYfL/fsPI8FLmtmi
|
|
||||||
z+Ab5IABAoGBAPb4rUP3rVDatzsf2jJSUXcMn9gAdf3ajbw+Z2CCf4j1wj1BTIM5
|
|
||||||
5YmABJMS7D97H+a6Vn+SZd426UJYMlKPDnVOTXvvlzhP/TmiSFa8FW8Rjho9Rcnc
|
|
||||||
LDwnO48q0AJg3HslrjEUaDuWaNHJkqB5tGqzKgZCZxrqoNRYgufPwH+DAoGBAMXA
|
|
||||||
hr4KxwlcXYIwbM+Uj8eHnESwPWk2+cRwpv62u4ezctZrBCHgAHKvznG7VUeniQfj
|
|
||||||
P2MaGFz6Pvzw3cFRLKRVqJom5iXO6+H0EucusdqJY4xdWZt02ZweoJXZi9tiDGmG
|
|
||||||
fPOp3vUax4uGUS4LeSo+ZhPNfbfy9c8ZGQ7Z9cABAoGAA0oyvKoK8/3F3RLCjFMO
|
|
||||||
ZMCVTIJNEBGeO7i1FdMHMeLcMIazJzhZN2iuJutknD/en+sxhceEdd5TYx/bo7/m
|
|
||||||
GGfvnkwFvqlKHT9tKUKeInmgY/cW++Zj7HU1VOXkGXQC290Xoe28qbaKNOkze9HD
|
|
||||||
NnymfajayMABXnLDY6Uf0lMCgYBgVLIOn4dnuvPeOKK42ADWTOxF1aiEuYAgPlRL
|
|
||||||
Hk7qAvN9GfKQYeM1+whRBNW9KxKoof290/dsS4clhlwwEM/zWbrhJPPWFR95GYGf
|
|
||||||
1nJTJ7wzo0HEZb6fu5e0h54Gh5POT/JMbEKtGZd9Ezg2euZSOsVU/jQwyI0PjoVT
|
|
||||||
Y7/AAQKBgHEWxqZwJ3BE9gXRRGhKiPLNG9+OzwjrMiinN4s9Hol0STB1AqryswpU
|
|
||||||
9QL7Mb8SdxCDY2CseQRwT2VFiP10ElCuzZJ6Yk2cxzmrxAAhRWGHSIuNlnXTA6LR
|
|
||||||
AhIMLFLz+7KqBx8VHybkhZNCR1nPR9MicS9MpSEYTuRAnV2B1cuU
|
|
||||||
-----END RSA PRIVATE KEY-----
|
|
0
deploy/docker/start.sh
Normal file → Executable file
0
deploy/docker/start.sh
Normal file → Executable file
@ -11,7 +11,7 @@ services:
|
|||||||
migrations:
|
migrations:
|
||||||
image: mediacms:latest
|
image: mediacms:latest
|
||||||
volumes:
|
volumes:
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
- ./:/home/mediacms.io/mediacms/
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -31,9 +31,7 @@ services:
|
|||||||
deploy:
|
deploy:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
volumes:
|
volumes:
|
||||||
- ./media_files/:/home/mediacms.io/mediacms/media_files/
|
- ./:/home/mediacms.io/mediacms/
|
||||||
- ./static/:/home/mediacms.io/mediacms/static/
|
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
|
||||||
environment:
|
environment:
|
||||||
ENABLE_CELERY_BEAT: 'no'
|
ENABLE_CELERY_BEAT: 'no'
|
||||||
ENABLE_CELERY_SHORT: 'no'
|
ENABLE_CELERY_SHORT: 'no'
|
||||||
@ -45,7 +43,7 @@ services:
|
|||||||
celery_beat:
|
celery_beat:
|
||||||
image: mediacms:latest
|
image: mediacms:latest
|
||||||
volumes:
|
volumes:
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
- ./:/home/mediacms.io/mediacms/
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -59,9 +57,7 @@ services:
|
|||||||
deploy:
|
deploy:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
volumes:
|
volumes:
|
||||||
- ./media_files/:/home/mediacms.io/mediacms/media_files/
|
- ./:/home/mediacms.io/mediacms/
|
||||||
- ./static/:/home/mediacms.io/mediacms/static/
|
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -72,7 +68,7 @@ services:
|
|||||||
db:
|
db:
|
||||||
image: postgres
|
image: postgres
|
||||||
volumes:
|
volumes:
|
||||||
- ./postgres_data/:/var/lib/postgresql/data/
|
- ../postgres_data/:/var/lib/postgresql/data/
|
||||||
restart: always
|
restart: always
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_USER: mediacms
|
POSTGRES_USER: mediacms
|
||||||
|
@ -8,12 +8,12 @@ services:
|
|||||||
- "443:443"
|
- "443:443"
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/tmp/docker.sock:ro
|
- /var/run/docker.sock:/tmp/docker.sock:ro
|
||||||
- ./deploy/docker/reverse_proxy/certs:/etc/nginx/certs
|
- ./deploy/docker/reverse_proxy/certs/:/etc/nginx/certs/
|
||||||
- ./deploy/docker/reverse_proxy/client_max_body_size.conf:/etc/nginx/conf.d/client_max_body_size.conf:ro
|
- ./deploy/docker/reverse_proxy/client_max_body_size.conf:/etc/nginx/conf.d/client_max_body_size.conf:ro
|
||||||
migrations:
|
migrations:
|
||||||
image: mediacms:latest
|
image: mediacms:latest
|
||||||
volumes:
|
volumes:
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
- ./:/home/mediacms.io/mediacms/
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -33,9 +33,7 @@ services:
|
|||||||
deploy:
|
deploy:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
volumes:
|
volumes:
|
||||||
- ./media_files/:/home/mediacms.io/mediacms/media_files/
|
- ./:/home/mediacms.io/mediacms/
|
||||||
- ./static/:/home/mediacms.io/mediacms/static/
|
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
|
||||||
environment:
|
environment:
|
||||||
ENABLE_CELERY_BEAT: 'no'
|
ENABLE_CELERY_BEAT: 'no'
|
||||||
ENABLE_CELERY_SHORT: 'no'
|
ENABLE_CELERY_SHORT: 'no'
|
||||||
@ -47,7 +45,7 @@ services:
|
|||||||
celery_beat:
|
celery_beat:
|
||||||
image: mediacms:latest
|
image: mediacms:latest
|
||||||
volumes:
|
volumes:
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
- ./:/home/mediacms.io/mediacms/
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -61,9 +59,7 @@ services:
|
|||||||
deploy:
|
deploy:
|
||||||
replicas: 2
|
replicas: 2
|
||||||
volumes:
|
volumes:
|
||||||
- ./media_files/:/home/mediacms.io/mediacms/media_files/
|
- ./:/home/mediacms.io/mediacms/
|
||||||
- ./static/:/home/mediacms.io/mediacms/static/
|
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -74,7 +70,7 @@ services:
|
|||||||
db:
|
db:
|
||||||
image: postgres
|
image: postgres
|
||||||
volumes:
|
volumes:
|
||||||
- ./postgres_data/:/var/lib/postgresql/data/
|
- ../postgres_data/:/var/lib/postgresql/data/
|
||||||
restart: always
|
restart: always
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_USER: mediacms
|
POSTGRES_USER: mediacms
|
||||||
|
@ -4,7 +4,7 @@ services:
|
|||||||
migrations:
|
migrations:
|
||||||
image: mediacms:latest
|
image: mediacms:latest
|
||||||
volumes:
|
volumes:
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/deploy/docker/local_settings.py
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -28,7 +28,7 @@ services:
|
|||||||
volumes:
|
volumes:
|
||||||
- media_store:/home/mediacms.io/mediacms/media_files/
|
- media_store:/home/mediacms.io/mediacms/media_files/
|
||||||
- static_store:/home/mediacms.io/mediacms/static/
|
- static_store:/home/mediacms.io/mediacms/static/
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/deploy/docker/local_settings.py
|
||||||
environment:
|
environment:
|
||||||
ENABLE_CELERY_BEAT: 'no'
|
ENABLE_CELERY_BEAT: 'no'
|
||||||
ENABLE_CELERY_SHORT: 'no'
|
ENABLE_CELERY_SHORT: 'no'
|
||||||
@ -39,7 +39,7 @@ services:
|
|||||||
celery_beat:
|
celery_beat:
|
||||||
image: mediacms:latest
|
image: mediacms:latest
|
||||||
volumes:
|
volumes:
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/deploy/docker/local_settings.py
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -51,11 +51,11 @@ services:
|
|||||||
celery_worker:
|
celery_worker:
|
||||||
image: mediacms:latest
|
image: mediacms:latest
|
||||||
deploy:
|
deploy:
|
||||||
replicas: 2
|
replicas: 1
|
||||||
volumes:
|
volumes:
|
||||||
- media_store:/home/mediacms.io/mediacms/media_files/
|
- media_store:/home/mediacms.io/mediacms/media_files/
|
||||||
- static_store:/home/mediacms.io/mediacms/static/
|
- static_store:/home/mediacms.io/mediacms/static/
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/deploy/docker/local_settings.py
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -73,9 +73,9 @@ services:
|
|||||||
POSTGRES_PASSWORD: mediacms
|
POSTGRES_PASSWORD: mediacms
|
||||||
POSTGRES_DB: mediacms
|
POSTGRES_DB: mediacms
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD-SHELL", "pg_isready -U $mediacms"]
|
test: ["CMD-SHELL", "pg_isready -U mediacms"]
|
||||||
interval: 10s
|
interval: 30s
|
||||||
timeout: 5s
|
timeout: 10s
|
||||||
retries: 5
|
retries: 5
|
||||||
redis:
|
redis:
|
||||||
image: "redis:alpine"
|
image: "redis:alpine"
|
||||||
|
@ -4,7 +4,7 @@ services:
|
|||||||
migrations:
|
migrations:
|
||||||
image: mediacms:latest
|
image: mediacms:latest
|
||||||
volumes:
|
volumes:
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
- ./:/home/mediacms.io/mediacms/
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -26,9 +26,7 @@ services:
|
|||||||
ports:
|
ports:
|
||||||
- "80:80"
|
- "80:80"
|
||||||
volumes:
|
volumes:
|
||||||
- ./media_files/:/home/mediacms.io/mediacms/media_files/
|
- ./:/home/mediacms.io/mediacms/
|
||||||
- ./static/:/home/mediacms.io/mediacms/static/
|
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
|
||||||
environment:
|
environment:
|
||||||
ENABLE_CELERY_BEAT: 'no'
|
ENABLE_CELERY_BEAT: 'no'
|
||||||
ENABLE_CELERY_SHORT: 'no'
|
ENABLE_CELERY_SHORT: 'no'
|
||||||
@ -39,7 +37,7 @@ services:
|
|||||||
celery_beat:
|
celery_beat:
|
||||||
image: mediacms:latest
|
image: mediacms:latest
|
||||||
volumes:
|
volumes:
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
- ./:/home/mediacms.io/mediacms/
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -53,9 +51,7 @@ services:
|
|||||||
deploy:
|
deploy:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
volumes:
|
volumes:
|
||||||
- ./media_files/:/home/mediacms.io/mediacms/media_files/
|
- ./:/home/mediacms.io/mediacms/
|
||||||
- ./static/:/home/mediacms.io/mediacms/static/
|
|
||||||
- ./deploy/docker/local_settings.py:/home/mediacms.io/mediacms/cms/local_settings.py
|
|
||||||
environment:
|
environment:
|
||||||
ENABLE_UWSGI: 'no'
|
ENABLE_UWSGI: 'no'
|
||||||
ENABLE_NGINX: 'no'
|
ENABLE_NGINX: 'no'
|
||||||
@ -66,7 +62,7 @@ services:
|
|||||||
db:
|
db:
|
||||||
image: postgres
|
image: postgres
|
||||||
volumes:
|
volumes:
|
||||||
- ./postgres_data:/var/lib/postgresql/data/
|
- ../postgres_data:/var/lib/postgresql/data/
|
||||||
restart: always
|
restart: always
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_USER: mediacms
|
POSTGRES_USER: mediacms
|
||||||
|
@ -9,9 +9,9 @@ The mediacms image is built to use supervisord as the main process, which manage
|
|||||||
* ENABLE_CELERY_LONG
|
* ENABLE_CELERY_LONG
|
||||||
* ENABLE_MIGRATIONS
|
* ENABLE_MIGRATIONS
|
||||||
|
|
||||||
By default, all these services are enabled, but in order to create a scaleable deployment, some of them are disabled.
|
By default, all these services are enabled, but in order to create a scaleable deployment, some of them can be disabled, splitting the service up into smaller services.
|
||||||
|
|
||||||
Also see the `Dockerfile` for other environment variables which you may wish to override. Application settings can also be overridden by updating the `deploy/docker/local_settings.py` file.
|
Also see the `Dockerfile` for other environment variables which you may wish to override. Application settings, eg. `FRONTEND_HOST` can also be overridden by updating the `deploy/docker/local_settings.py` file.
|
||||||
|
|
||||||
See example deployments in the sections below. These example deployments have been tested on `docker-compose version 1.27.4` running on `Docker version 19.03.13`
|
See example deployments in the sections below. These example deployments have been tested on `docker-compose version 1.27.4` running on `Docker version 19.03.13`
|
||||||
|
|
||||||
@ -23,15 +23,15 @@ The main container runs migrations, mediacms_web, celery_beat, celery_workers (c
|
|||||||
|
|
||||||
## Advanced Deployment, accessed as http://localhost:8000
|
## Advanced Deployment, accessed as http://localhost:8000
|
||||||
|
|
||||||
Here we can run 1 mediacms_web instance, with the FRONTEND_HOST in `deploy/docker/local_settings.py` is configured as http://localhost:8000. This is bootstrapped by a single migrations instance and supported by a single celery_beat instance and 1 or more celery_worker instances. Redis and postgres containers are also used for persistence. Clients can access the service on http://localhost:8000, on the docker host machine. This is similar to [this deployment](../docker-compose.yaml), with a `port` defined in FRONTEND_HOST.
|
Here we can run 1 mediacms_web instance, with the FRONTEND_HOST in `deploy/docker/local_settings.py` configured as http://localhost:8000. This is bootstrapped by a single migrations instance and supported by a single celery_beat instance and 1 or more celery_worker instances. Redis and postgres containers are also used for persistence. Clients can access the service on http://localhost:8000, on the docker host machine. This is similar to [this deployment](../docker-compose.yaml), with a `port` defined in FRONTEND_HOST.
|
||||||
|
|
||||||
## Advanced Deployment, with reverse proxy, accessed as http://mediacms.io
|
## Advanced Deployment, with reverse proxy, accessed as http://mediacms.io
|
||||||
|
|
||||||
Here we can use `jwilder/nginx-proxy` to reverse proxy to 1 or more instances of mediacms_web supported by other services as mentioned in the previous deployment. The FRONTEND_HOST in `deploy/docker/local_settings.py` is configured as http://mediacms.io, nginx-proxy has port 80 exposed. Clients can access the service on http://mediacms.io (Assuming DNS or the hosts file is setup correctly to point to the IP of the nginx-proxy instance). This is similar to [this deployment](../docker-compose-http-proxy.yaml).
|
Here we can use `jwilder/nginx-proxy` to reverse proxy to 1 or more instances of mediacms_web supported by other services as mentioned in the previous deployment. The FRONTEND_HOST in `deploy/docker/local_settings.py` is configured as http://mediacms.io, nginx-proxy has port 80 exposed. Clients can access the service on http://mediacms.io (Assuming DNS or the hosts file is setup correctly to point to the IP of the nginx-proxy instance). This is similar to [this deployment](../docker-compose-http-proxy.yaml).
|
||||||
|
|
||||||
## Advanced Deployment, with reverse proxy, accessed as https://mediacms.io
|
## Advanced Deployment, with reverse proxy, accessed as https://localhost
|
||||||
|
|
||||||
The reverse proxy (`jwilder/nginx-proxy`) can be configured to provide SSL termination using self-signed certificates, letsencrypt or CA signed certificates (see: https://hub.docker.com/r/jwilder/nginx-proxy). In this case the FRONTEND_HOST should be set to https://mediacms.io. This is similar to [this deployment](../docker-compose-http-proxy.yaml).
|
The reverse proxy (`jwilder/nginx-proxy`) can be configured to provide SSL termination using self-signed certificates, letsencrypt or CA signed certificates (see: https://hub.docker.com/r/jwilder/nginx-proxy or [LetsEncrypt Example](https://www.singularaspect.com/use-nginx-proxy-and-letsencrypt-companion-to-host-multiple-websites/) ). In this case the FRONTEND_HOST should be set to https://mediacms.io. This is similar to [this deployment](../docker-compose-http-proxy.yaml).
|
||||||
|
|
||||||
## A Scaleable Deployment Architecture (Docker, Swarm, Kubernetes)
|
## A Scaleable Deployment Architecture (Docker, Swarm, Kubernetes)
|
||||||
|
|
||||||
|
@ -5,7 +5,7 @@ from .methods import is_mediacms_editor, is_mediacms_manager
|
|||||||
def stuff(request):
|
def stuff(request):
|
||||||
"""Pass settings to the frontend"""
|
"""Pass settings to the frontend"""
|
||||||
ret = {}
|
ret = {}
|
||||||
if request.is_secure() and settings.LOCAL_INSTALL:
|
if request.is_secure():
|
||||||
# in case session is https, pass this setting so
|
# in case session is https, pass this setting so
|
||||||
# that the frontend uses https too
|
# that the frontend uses https too
|
||||||
ret["FRONTEND_HOST"] = settings.SSL_FRONTEND_HOST
|
ret["FRONTEND_HOST"] = settings.SSL_FRONTEND_HOST
|
||||||
|
Loading…
x
Reference in New Issue
Block a user