Add nginx and s6 for CTS

This commit is contained in:
Disassembler 2018-02-01 14:01:05 +01:00
parent 35da2c422c
commit 086372e065
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
6 changed files with 81 additions and 7 deletions

6
cts.sh
View File

@ -14,17 +14,15 @@ envsubst <${SOURCE_DIR}/createdb.sql | docker exec -i postgres psql
# Copy existing config files into persistent storage
mkdir -p /srv/cts/conf
chown 8006:8006 /srv/cts/conf
docker run --rm -v /srv/cts/conf:/mnt/conf cts cp -rp /srv/cts/cts/settings/. /mnt/conf
chown -R root:root /srv/cts/conf
docker run --rm -v /srv/cts/conf:/mnt/conf cts cp /srv/cts/cts/settings/base.py /mnt/conf/
# Configure CTS
export CTS_SECRET=$(head -c 26 /dev/urandom | base64)
envsubst <${SOURCE_DIR}/srv/cts/conf/spotter.py >/srv/cts/conf/spotter.py
touch /srv/cts/conf/__init__.py
# Set "production values" (increases performance) only if the DEBUG environment variable is not set
if [ ${DEBUG:-0} -eq 0 ]; then
# TODO: DEBUG = False needs static resources to be server by nginx, see https://docs.djangoproject.com/en/2.0/howto/static-files/#serving-static-files-during-development
sed -i 's/DEBUG = True/DEBUG = False/' /srv/cts/conf/spotter.py
fi

View File

@ -9,7 +9,7 @@ RUN \
# Add edge/testing repository
echo '@edge http://dl-cdn.alpinelinux.org/alpine/edge/testing' >>/etc/apk/repositories \
# Install runtime dependencies
&& apk --no-cache add geos@edge libpq zlib
&& apk --no-cache add geos@edge libpq nginx s6 zlib
RUN \
# Install build dependencies
@ -36,10 +36,11 @@ RUN \
&& find /srv/cts -name '.git*' -exec rm -rf {} + \
&& rm -rf /root/.cache
COPY docker/ /
VOLUME ["/srv/cts/cts/settings"]
EXPOSE 8006
USER cts
ENV DJANGO_SETTINGS_MODULE cts.settings.spotter
WORKDIR /srv/cts
CMD ["manage.py", "runserver", "0.0.0.0:8006"]
CMD ["s6-svscan", "/etc/services.d"]

View File

@ -0,0 +1,62 @@
user nginx;
pid /run/nginx.pid;
worker_processes 1;
error_log /dev/stderr warn;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
access_log off;
server_tokens off;
client_max_body_size 100m;
keepalive_timeout 65;
sendfile on;
tcp_nodelay on;
server {
listen 8006;
server_name localhost;
location /robots.txt {
alias /srv/cts/cts/static/robots.txt;
}
location /media {
alias /srv/cts/cts/media;
}
location /static {
gzip on;
alias /srv/cts/cts/static;
expires max;
add_header Cache-Control public;
location /static/protected {
return 401;
}
}
location /protected {
internal;
root /srv/cts/cts/static;
}
error_page 502 503 504 /502.html;
location /502.html {
alias /srv/cts/cts/static/502.html;
}
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:8000;
}
}
}

View File

@ -0,0 +1,3 @@
#!/bin/sh
/bin/true

View File

@ -0,0 +1,7 @@
#!/bin/execlineb -P
cd /srv/cts
export DJANGO_SETTINGS_MODULE cts.settings.spotter
fdmove -c 2 1
s6-setuidgid 8006:8006
/srv/cts/manage.py runserver

View File

@ -0,0 +1,3 @@
#!/bin/execlineb -P
/usr/sbin/nginx -g "daemon off;"