Improve docker setup

Add gvaweb and gvaldap containers to docker-compose.yml. Unify most of
Dockerfile with gvaweb and gvaldap. Add empty directories for mounting
asset and media files into bind mounted docker volumes. Run application
as separate system user.
This commit is contained in:
Jan Dittberner 2020-03-03 13:10:09 +01:00
parent 54c1fbfed0
commit 0bf37d1bea
7 changed files with 76 additions and 20 deletions

5
.gitignore vendored
View file

@ -50,3 +50,8 @@ coverage-report/
.idea/
.env
/docker/django_media
/docker/django_static
!/docker/django_media/.empty
!/docker/django_static/.empty

View file

@ -1,37 +1,56 @@
FROM debian:buster
ARG DEBIAN_RELEASE=buster
FROM debian:$DEBIAN_RELEASE
LABEL maintainer="Jan Dittberner <jan@dittberner.info>"
ENV LC_ALL=C.UTF-8
ENV LANG=C.UTF-8
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
build-essential \
dumb-init \
gettext \
git \
libpq-dev \
postgresql-client \
python3-dev \
python3-pip \
python3-setuptools \
python3-virtualenv \
python3-wheel \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*.*
VOLUME /srv/gnuviechadmin/media /srv/gnuviechadmin/static
WORKDIR /srv/gnuviechadmin
RUN python3 -m pip install --prefix=/usr/local pipenv
ENV LC_ALL=C.UTF-8
ENV LANG=C.UTF-8
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
libpq-dev \
postgresql-client \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*.*
RUN python3 -m pip install -U --prefix=/usr/local pip && \
/usr/local/bin/pip3 install --prefix=/usr/local pipenv
ARG GVAGID=2000
ARG GVAUID=2000
COPY Pipfile Pipfile.lock /srv/gnuviechadmin/
ARG GVAAPP=gva
RUN pipenv install --system --deploy --ignore-pipfile --dev
VOLUME /srv/$GVAAPP/media /srv/$GVAAPP/static
COPY gnuviechadmin.sh /srv/
WORKDIR /srv/$GVAAPP
COPY Pipfile Pipfile.lock /srv/$GVAAPP/
RUN addgroup --gid $GVAGID $GVAAPP ; \
adduser --home /home/$GVAAPP --shell /bin/bash --uid $GVAUID --gid $GVAGID --disabled-password --gecos "User for gnuviechadmin component $GVAAPP" $GVAAPP
USER $GVAAPP
RUN python3 -m virtualenv --python=python3 /home/$GVAAPP/$GVAAPP-venv ; \
/home/$GVAAPP/$GVAAPP-venv/bin/python3 -m pip install -U pip ; \
VIRTUAL_ENV=/home/$GVAAPP/$GVAAPP-venv pipenv install --deploy --ignore-pipfile --dev
VOLUME /srv/$GVAAPP
EXPOSE 8000
VOLUME /srv/gnuviechadmin
ENTRYPOINT ["dumb-init", "/srv/gnuviechadmin.sh"]
COPY gva.sh /srv/
ENTRYPOINT ["dumb-init", "/srv/gva.sh"]

View file

@ -18,8 +18,12 @@ services:
volumes:
- "redis_data:/var/lib/redis"
gva:
image: gnuviech/gva:buster
build:
context: .
args:
GVAGID: 1000
GVAUID: 1000
ports:
- "8000:8000"
depends_on:
@ -32,9 +36,35 @@ services:
GVA_DOMAIN_NAME: localhost
GVA_SITE_NAME: localhost
volumes:
- "django_media:/srv/gnuviechadmin/media"
- "django_static:/srv/gnuviechadmin/static"
- "./gnuviechadmin:/srv/gnuviechadmin"
- "./docker/django_media:/srv/gva/media"
- "./docker/django_static:/srv/gva/static"
- ".:/srv/gva"
web:
image: gnuviech/gvaweb:buster
build:
context: ../gvaweb
args:
GVAGID: 1000
GVAUID: 1000
depends_on:
- mq
- redis
env_file: ../gvaweb/.env
volumes:
- "../gvaweb:/srv/gvaweb"
ldap:
image: gnuviech/gvaldap:buster
build:
context: ../gvaldap
args:
GVAGID: 1000
GVAUID: 1000
depends_on:
- mq
- redis
env_file: ../gvaldap/.env
volumes:
- "../gvaldap:/srv/gvaldap"
volumes:
django_media:
django_static:

View file

View file

View file

@ -355,7 +355,7 @@ GVA_ENVIRONMENT = get_env_variable("GVA_ENVIRONMENT", default="prod")
# ######### STATIC FILE CONFIGURATION
# See: https://docs.djangoproject.com/en/dev/ref/settings/#static-root
STATIC_ROOT = "/srv/gnuviechadmin/static/"
STATIC_ROOT = "/srv/gva/static/"
def show_debug_toolbar(request):

View file

@ -15,6 +15,8 @@ done
echo " db is ready"
. /home/gva/gva-venv/bin/activate
cd /srv/gva/gnuviechadmin
python3 manage.py compilemessages
python3 manage.py collectstatic --noinput
python3 manage.py migrate --noinput