diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..aad1422 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,20 @@ +FROM python:3.7-slim +ENV PYTHONUNBUFFERED 1 + +WORKDIR /konova + +# Install some dependencies +RUN apt update +RUN apt install -y gdal-bin + +# Copy requirements file into workspace +COPY ./requirements.txt /konova/ +RUN pip install --upgrade pip +RUN pip install -r requirements.txt + +# Copy rest of project into workspace +COPY . /konova/ + +# Move static files in designated folder +RUN python manage.py collectstatic --noinput + diff --git a/README.md b/README.md index 4497147..8fee921 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,7 @@ the database postgresql and the css library bootstrap as well as the icon packag fontawesome for a modern look, following best practices from the industry. ## Background processes +### !!! For non-docker run Konova uses celery for background processing. To start the worker you need to run ```shell $ celery -A konova worker -l INFO @@ -18,3 +19,58 @@ Technical documention is provided in the projects git wiki. A user documentation is not available (and not needed, yet). +# Docker +To run the docker-compose as expected, you need to take the following steps: + +1. Create a database containing docker, using an appropriate Dockerfile, e.g. the following +``` +version: '3.3' +services: + postgis: + image: postgis/postgis + restart: always + container_name: postgis-docker + ports: + - 5433:5432 + volumes: + - db-volume:/var/lib/postgresql/data + environment: + - POSTGRES_PASSWORD=postgres + - POSTGRES_USER=postgres + networks: + - db-network-bridge + +networks: + db-network-bridge: + driver: "bridge" + +volumes: + db-volume: +``` +This Dockerfile creates a Docker container running postgresql and postgis, creates the default superuser postgres, +creates a named volume for persisting the database and creates a new network bridge, which **must be used by any other +container, which wants to write/read on this database**. + +2. Make sure the name of the network bridge above matches the network in the konova docker-compose.yml +3. Get into the running postgis container (`docker exec -it postgis-docker bash`) and create new databases, users and so on. Make sure the database `konova` exists now! +4. Replace all `CHANGE_ME_xy` values inside of konova/docker-compose.yml for your installation. Make sure the `SSO_HOST` holds the proper SSO host, e.g. for the arnova project `arnova.example.org` (Arnova must be installed and the webserver configured as well, of course) +5. Take a look on konova/settings.py and konova/sub_settings/django_settings.py. Again: Replace all occurences of `CHANGE_ME` with proper values for your installation. + 1. Make sure you have the proper host strings added to `ALLOWED_HOSTS` inside of django_settings.py. +6. Build and run the docker setup using `docker-compose build` and `docker-compose start` from the main directory of this project (where the docker-compose.yml lives) +7. Run migrations! To do so, get into the konova service container (`docker exec -it konova-docker bash`) and run the needed commands (`python manage.py makemigrations LIST_OF_ALL_MIGRATABLE_APPS`, then `python manage.py migrate`) +8. Run the setup command `python manage.py setup` and follow the instructions on the CLI +9. To enable **SMTP** mail support, make sure your host machine (the one where the docker container run) has the postfix service configured properly. Make sure the `mynetworks` variable is xtended using the docker network bridge ip, created in the postgis container and used by the konova services. + 1. **Hint**: You can find out this easily by trying to perform a test mail in the running konova web application (which will fail, of course). Then take a look to the latest entries in `/var/log/mail.log` on your host machine. The failed IP will be displayed there. + 2. **Please note**: This installation guide is based on SMTP using postfix! + 3. Restart the postfix service on your host machine to reload the new configuration (`service postfix restart`) +10. Finally, make sure your host machine webserver passes incoming requests properly to the docker nginx webserver of konova. A proper nginx config for the host machine may look like this: +``` +server { + server_name konova.domain.org; + + location / { + proxy_pass http://localhost:KONOVA_NGINX_DOCKER_PORT/; + proxy_set_header Host $host; + } +} +``` \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..a67fb2f --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,83 @@ +version: '3.3' + +services: + redis: + image: redis + container_name: "konova-redis-cache" + volumes: + - /redis/data:/bitnami/redis/data + environment: + - REDIS_PASSWORD=CHANGE_ME + + konova: + external_links: + - postgis:db + - arnova-nginx-server:arnova + build: . + container_name: "konova-docker" + command: gunicorn konova.wsgi:application --bind 0.0.0.0:8000 + volumes: + - .:/konova + - konova_uploaded_files:/konova_uploaded_files + - static_file_volume:/konova/static # Point to the volume for static files. Shared with nginx service + expose: + - 8000 + depends_on: + - redis + environment: + - POSTGRES_NAME=konova + - POSTGRES_PORT=5432 + - POSTGRES_PASSWORD=CHANGE_ME + - POSTGRES_USER=konova + - POSTGRES_HOST=db + - REDIS_HOST=redis + - SSO_HOST=CHANGE_ME_TO_SSO_HOST_URL + - SMTP_HOST=172.17.0.1 + - SMTP_PORT=25 + - SMTP_REAL_REPLY_MAIL=ksp-servicestelle@sgdnord.rlp.de + +# To provide a celery worker instance, we need to add the celery worker as an own service + celery_worker: + external_links: + - postgis:db + - arnova-nginx-server:arnova + build: . + container_name: "konova-worker-docker" + command: celery -A konova worker -l INFO + volumes: + - .:/konova + - konova_uploaded_files:/konova_uploaded_files + depends_on: + - konova + environment: + - POSTGRES_NAME=konova + - POSTGRES_PORT=5432 + - POSTGRES_PASSWORD=CHANGE_ME + - POSTGRES_USER=konova + - POSTGRES_HOST=db + - REDIS_HOST=redis + - SSO_HOST=CHANGE_ME_TO_SSO_HOST_URL + - SMTP_HOST=172.17.0.1 + - SMTP_PORT=25 + - SMTP_REAL_REPLY_MAIL=ksp-servicestelle@sgdnord.rlp.de + + nginx: + build: ./nginx + container_name: "konova-nginx-server" + ports: + - "1337:80" + depends_on: + - konova + volumes: + - static_file_volume:/konova/static # Point to the volume for static files. Shared with konova service + +# Instead of an own, new network, we need to connect to the existing one, which is provided by the postgis container +# NOTE: THIS NETWORK MUST EXIST +networks: + default: + external: + name: postgis_nat_it_backend + +volumes: + static_file_volume: + konova_uploaded_files: \ No newline at end of file diff --git a/konova/celery.py b/konova/celery.py index 478f284..ab06cf7 100644 --- a/konova/celery.py +++ b/konova/celery.py @@ -17,7 +17,7 @@ app.config_from_object('django.conf:settings', namespace='CELERY') app.autodiscover_tasks() # Declare redis as broker -app.conf.broker_url = 'redis://localhost:6379/0' +app.conf.broker_url = f"redis://{os.environ.get('REDIS_HOST')}:6379/0" @app.task(bind=True) diff --git a/konova/sub_settings/django_settings.py b/konova/sub_settings/django_settings.py index b0d6ff8..e725f57 100644 --- a/konova/sub_settings/django_settings.py +++ b/konova/sub_settings/django_settings.py @@ -124,10 +124,11 @@ WSGI_APPLICATION = 'konova.wsgi.application' DATABASES = { 'default': { 'ENGINE': 'django.contrib.gis.db.backends.postgis', - 'NAME': 'konova', - 'USER': 'postgres', - 'HOST': '127.0.0.1', - 'PORT': '5432', + 'NAME': os.environ.get('POSTGRES_NAME'), + 'USER': os.environ.get('POSTGRES_USER'), + 'HOST': os.environ.get('POSTGRES_HOST'), + 'PASSWORD': os.environ.get('POSTGRES_PASSWORD'), + 'PORT': os.environ.get('POSTGRES_PORT'), } } @@ -209,19 +210,14 @@ DEBUG_TOOLBAR_CONFIG = { } # EMAIL (see https://docs.djangoproject.com/en/dev/topics/email/) - -# CHANGE_ME !!! ONLY FOR DEVELOPMENT !!! if DEBUG: + # ONLY FOR DEVELOPMENT NEEDED EMAIL_BACKEND = 'django.core.mail.backends.filebased.EmailBackend' - EMAIL_FILE_PATH = '/tmp/app-messages' # change this to a proper location + EMAIL_FILE_PATH = '/tmp/app-messages' -DEFAULT_FROM_EMAIL = "service@ksp.de" # The default email address for the 'from' element +DEFAULT_FROM_EMAIL = "no-reply@ksp.de" # The default email address for the 'from' element SERVER_EMAIL = DEFAULT_FROM_EMAIL # The default email sender address, which is used by Django to send errors via mail -EMAIL_HOST = "localhost" -EMAIL_REPLY_TO = "ksp-servicestelle@sgdnord.rlp.de" +EMAIL_HOST = os.environ.get('SMTP_HOST') +EMAIL_REPLY_TO = os.environ.get('SMTP_REAL_REPLY_MAIL') SUPPORT_MAIL_RECIPIENT = EMAIL_REPLY_TO -EMAIL_PORT = "25" -#EMAIL_HOST_USER = "" -#EMAIL_HOST_PASSWORD = "" -EMAIL_USE_TLS = False -EMAIL_USE_SSL = False +EMAIL_PORT = os.environ.get('SMTP_PORT') diff --git a/konova/sub_settings/sso_settings.py b/konova/sub_settings/sso_settings.py index 20417f0..390ed40 100644 --- a/konova/sub_settings/sso_settings.py +++ b/konova/sub_settings/sso_settings.py @@ -7,7 +7,9 @@ Created on: 31.01.22 """ # SSO settings -SSO_SERVER_BASE = "http://127.0.0.1:8000/" +import os + +SSO_SERVER_BASE = f"http://{os.environ.get('SSO_HOST')}/" SSO_SERVER = f"{SSO_SERVER_BASE}sso/" SSO_PRIVATE_KEY = "QuziFeih7U8DZvQQ1riPv2MXz0ZABupHED9wjoqZAqeMQaqkqTfxJDRXgSIyASwJ" -SSO_PUBLIC_KEY = "AGGK7E8eT5X5u2GD38ygGG3GpAefmIldJiiWW7gldRPqCG1CzmUfGdvPSGDbEY2n" \ No newline at end of file +SSO_PUBLIC_KEY = "AGGK7E8eT5X5u2GD38ygGG3GpAefmIldJiiWW7gldRPqCG1CzmUfGdvPSGDbEY2n" diff --git a/nginx/Dockerfile b/nginx/Dockerfile new file mode 100644 index 0000000..4c49d2e --- /dev/null +++ b/nginx/Dockerfile @@ -0,0 +1,4 @@ +FROM nginx:alpine + +RUN rm /etc/nginx/conf.d/default.conf +COPY nginx.conf /etc/nginx/conf.d \ No newline at end of file diff --git a/nginx/nginx.conf b/nginx/nginx.conf new file mode 100644 index 0000000..26b326c --- /dev/null +++ b/nginx/nginx.conf @@ -0,0 +1,20 @@ +upstream konova { + server konova:8000; +} + +server { + + listen 80; + + location / { + proxy_pass http://konova; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + proxy_redirect off; + } + + location /static/ { + alias /konova/static/; + } + +} diff --git a/requirements.txt b/requirements.txt index 763913c..20e0bff 100644 --- a/requirements.txt +++ b/requirements.txt @@ -48,3 +48,4 @@ webservices==0.7 wrapt==1.13.3 xmltodict==0.12.0 zipp==3.4.1 +gunicorn==20.1.0 \ No newline at end of file