Improve docker setup
Add gvaweb and gvaldap containers to docker-compose.yml. Unify most of Dockerfile with gvaweb and gvaldap. Add empty directories for mounting asset and media files into bind mounted docker volumes. Run application as separate system user.
This commit is contained in:
parent
54c1fbfed0
commit
0bf37d1bea
7 changed files with 76 additions and 20 deletions
5
.gitignore
vendored
5
.gitignore
vendored
|
@ -50,3 +50,8 @@ coverage-report/
|
||||||
.idea/
|
.idea/
|
||||||
|
|
||||||
.env
|
.env
|
||||||
|
|
||||||
|
/docker/django_media
|
||||||
|
/docker/django_static
|
||||||
|
!/docker/django_media/.empty
|
||||||
|
!/docker/django_static/.empty
|
||||||
|
|
47
Dockerfile
47
Dockerfile
|
@ -1,37 +1,56 @@
|
||||||
FROM debian:buster
|
ARG DEBIAN_RELEASE=buster
|
||||||
|
FROM debian:$DEBIAN_RELEASE
|
||||||
LABEL maintainer="Jan Dittberner <jan@dittberner.info>"
|
LABEL maintainer="Jan Dittberner <jan@dittberner.info>"
|
||||||
|
|
||||||
|
ENV LC_ALL=C.UTF-8
|
||||||
|
ENV LANG=C.UTF-8
|
||||||
|
|
||||||
RUN apt-get update \
|
RUN apt-get update \
|
||||||
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
|
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
|
||||||
build-essential \
|
build-essential \
|
||||||
dumb-init \
|
dumb-init \
|
||||||
gettext \
|
gettext \
|
||||||
git \
|
git \
|
||||||
libpq-dev \
|
|
||||||
postgresql-client \
|
|
||||||
python3-dev \
|
python3-dev \
|
||||||
python3-pip \
|
python3-pip \
|
||||||
python3-setuptools \
|
python3-setuptools \
|
||||||
|
python3-virtualenv \
|
||||||
python3-wheel \
|
python3-wheel \
|
||||||
&& apt-get clean \
|
&& apt-get clean \
|
||||||
&& rm -rf /var/lib/apt/lists/*.*
|
&& rm -rf /var/lib/apt/lists/*.*
|
||||||
|
|
||||||
VOLUME /srv/gnuviechadmin/media /srv/gnuviechadmin/static
|
RUN python3 -m pip install --prefix=/usr/local pipenv
|
||||||
WORKDIR /srv/gnuviechadmin
|
|
||||||
|
|
||||||
ENV LC_ALL=C.UTF-8
|
RUN apt-get update \
|
||||||
ENV LANG=C.UTF-8
|
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
|
||||||
|
libpq-dev \
|
||||||
|
postgresql-client \
|
||||||
|
&& apt-get clean \
|
||||||
|
&& rm -rf /var/lib/apt/lists/*.*
|
||||||
|
|
||||||
RUN python3 -m pip install -U --prefix=/usr/local pip && \
|
ARG GVAGID=2000
|
||||||
/usr/local/bin/pip3 install --prefix=/usr/local pipenv
|
ARG GVAUID=2000
|
||||||
|
|
||||||
COPY Pipfile Pipfile.lock /srv/gnuviechadmin/
|
ARG GVAAPP=gva
|
||||||
|
|
||||||
RUN pipenv install --system --deploy --ignore-pipfile --dev
|
VOLUME /srv/$GVAAPP/media /srv/$GVAAPP/static
|
||||||
|
|
||||||
COPY gnuviechadmin.sh /srv/
|
WORKDIR /srv/$GVAAPP
|
||||||
|
|
||||||
|
COPY Pipfile Pipfile.lock /srv/$GVAAPP/
|
||||||
|
|
||||||
|
RUN addgroup --gid $GVAGID $GVAAPP ; \
|
||||||
|
adduser --home /home/$GVAAPP --shell /bin/bash --uid $GVAUID --gid $GVAGID --disabled-password --gecos "User for gnuviechadmin component $GVAAPP" $GVAAPP
|
||||||
|
|
||||||
|
USER $GVAAPP
|
||||||
|
RUN python3 -m virtualenv --python=python3 /home/$GVAAPP/$GVAAPP-venv ; \
|
||||||
|
/home/$GVAAPP/$GVAAPP-venv/bin/python3 -m pip install -U pip ; \
|
||||||
|
VIRTUAL_ENV=/home/$GVAAPP/$GVAAPP-venv pipenv install --deploy --ignore-pipfile --dev
|
||||||
|
|
||||||
|
VOLUME /srv/$GVAAPP
|
||||||
|
|
||||||
EXPOSE 8000
|
EXPOSE 8000
|
||||||
VOLUME /srv/gnuviechadmin
|
|
||||||
|
|
||||||
ENTRYPOINT ["dumb-init", "/srv/gnuviechadmin.sh"]
|
COPY gva.sh /srv/
|
||||||
|
|
||||||
|
ENTRYPOINT ["dumb-init", "/srv/gva.sh"]
|
||||||
|
|
|
@ -18,8 +18,12 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- "redis_data:/var/lib/redis"
|
- "redis_data:/var/lib/redis"
|
||||||
gva:
|
gva:
|
||||||
|
image: gnuviech/gva:buster
|
||||||
build:
|
build:
|
||||||
context: .
|
context: .
|
||||||
|
args:
|
||||||
|
GVAGID: 1000
|
||||||
|
GVAUID: 1000
|
||||||
ports:
|
ports:
|
||||||
- "8000:8000"
|
- "8000:8000"
|
||||||
depends_on:
|
depends_on:
|
||||||
|
@ -32,9 +36,35 @@ services:
|
||||||
GVA_DOMAIN_NAME: localhost
|
GVA_DOMAIN_NAME: localhost
|
||||||
GVA_SITE_NAME: localhost
|
GVA_SITE_NAME: localhost
|
||||||
volumes:
|
volumes:
|
||||||
- "django_media:/srv/gnuviechadmin/media"
|
- "./docker/django_media:/srv/gva/media"
|
||||||
- "django_static:/srv/gnuviechadmin/static"
|
- "./docker/django_static:/srv/gva/static"
|
||||||
- "./gnuviechadmin:/srv/gnuviechadmin"
|
- ".:/srv/gva"
|
||||||
|
web:
|
||||||
|
image: gnuviech/gvaweb:buster
|
||||||
|
build:
|
||||||
|
context: ../gvaweb
|
||||||
|
args:
|
||||||
|
GVAGID: 1000
|
||||||
|
GVAUID: 1000
|
||||||
|
depends_on:
|
||||||
|
- mq
|
||||||
|
- redis
|
||||||
|
env_file: ../gvaweb/.env
|
||||||
|
volumes:
|
||||||
|
- "../gvaweb:/srv/gvaweb"
|
||||||
|
ldap:
|
||||||
|
image: gnuviech/gvaldap:buster
|
||||||
|
build:
|
||||||
|
context: ../gvaldap
|
||||||
|
args:
|
||||||
|
GVAGID: 1000
|
||||||
|
GVAUID: 1000
|
||||||
|
depends_on:
|
||||||
|
- mq
|
||||||
|
- redis
|
||||||
|
env_file: ../gvaldap/.env
|
||||||
|
volumes:
|
||||||
|
- "../gvaldap:/srv/gvaldap"
|
||||||
volumes:
|
volumes:
|
||||||
django_media:
|
django_media:
|
||||||
django_static:
|
django_static:
|
||||||
|
|
0
docker/django_media/.empty
Normal file
0
docker/django_media/.empty
Normal file
0
docker/django_static/.empty
Normal file
0
docker/django_static/.empty
Normal file
|
@ -355,7 +355,7 @@ GVA_ENVIRONMENT = get_env_variable("GVA_ENVIRONMENT", default="prod")
|
||||||
|
|
||||||
# ######### STATIC FILE CONFIGURATION
|
# ######### STATIC FILE CONFIGURATION
|
||||||
# See: https://docs.djangoproject.com/en/dev/ref/settings/#static-root
|
# See: https://docs.djangoproject.com/en/dev/ref/settings/#static-root
|
||||||
STATIC_ROOT = "/srv/gnuviechadmin/static/"
|
STATIC_ROOT = "/srv/gva/static/"
|
||||||
|
|
||||||
|
|
||||||
def show_debug_toolbar(request):
|
def show_debug_toolbar(request):
|
||||||
|
|
|
@ -13,8 +13,10 @@ do
|
||||||
sleep 1
|
sleep 1
|
||||||
done
|
done
|
||||||
|
|
||||||
echo "db is ready"
|
echo " db is ready"
|
||||||
|
|
||||||
|
. /home/gva/gva-venv/bin/activate
|
||||||
|
cd /srv/gva/gnuviechadmin
|
||||||
python3 manage.py compilemessages
|
python3 manage.py compilemessages
|
||||||
python3 manage.py collectstatic --noinput
|
python3 manage.py collectstatic --noinput
|
||||||
python3 manage.py migrate --noinput
|
python3 manage.py migrate --noinput
|
Loading…
Reference in a new issue