From 77471d9991a0f4f451299babd6beb390588e2a96 Mon Sep 17 00:00:00 2001
From: Piotr Gawron <piotr.gawron@uni.lu>
Date: Tue, 21 Feb 2017 11:22:56 +0100
Subject: [PATCH] information about production deployment readme.md
---
readme.md | 137 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 136 insertions(+), 1 deletion(-)
diff --git a/readme.md b/readme.md
index 14a40866..ebabb3fd 100644
--- a/readme.md
+++ b/readme.md
@@ -57,4 +57,139 @@ MEDIA_ROOT = '/tmp/media' # Warning! `/tmp` directory can be flushed in any mome
- For reference of HTML tempalte, see [https://almsaeedstudio.com/themes/AdminLTE/pages/widgets.html#](https://almsaeedstudio.com/themes/AdminLTE/pages/widgets.html#)
## Production deployment
- - extract static files and make them available via nginx: `./manage.py collectstatic`
\ No newline at end of file
+ - git pull and other project installation should be performed in a dir where this django app should be installed, in this tutorial it's /var/www/scheduling-system/
+ - install nginx: `apt-get install nginx`
+ - create gunicorn service in systemd (http://docs.gunicorn.org/en/stable/deploy.html#systemd):
+
+### /etc/systemd/system/gunicorn.service
+
+```
+[Unit]
+Description=gunicorn daemon
+Requires=gunicorn.socket
+After=network.target
+
+[Service]
+PIDFile=/run/gunicorn/pid
+User=www-data
+Group=www-data
+WorkingDirectory=/var/www/scheduling-system/smash
+
+ExecStart=/var/www/scheduling-system/env/bin/gunicorn --pid /run/gunicorn/pid smash.wsgi
+ExecReload=/bin/kill -s HUP $MAINPID
+ExecStop=/bin/kill -s TERM $MAINPID
+PrivateTmp=true
+
+[Install]
+WantedBy=multi-user.target
+```
+### /etc/systemd/system/gunicorn.socket
+
+```
+[Unit]
+Description=gunicorn socket
+
+[Socket]
+ListenStream=/run/gunicorn/socket
+ListenStream=0.0.0.0:9000
+ListenStream=[::]:8000
+
+[Install]
+WantedBy=sockets.target
+
+ - modify nginx configuration
+
+# /etc/nginx/nginx.conf
+
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+
+events {
+ worker_connections 768;
+ # multi_accept on;
+}
+http {
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 2048;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ ##
+ # SSL Settings
+ ##
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+ ssl_prefer_server_ciphers on;
+
+ ##
+ # Logging Settings
+ ##
+
+ access_log /var/log/nginx/access.log;
+ error_log /var/log/nginx/error.log;
+
+ ##
+ # Gzip Settings
+ ##
+
+ gzip on;
+ gzip_disable "msie6";
+
+ include /etc/nginx/conf.d/*.conf;
+ include /etc/nginx/sites-enabled/*;
+}
+```
+
+### /etc/nginx/sites-enabled/default
+
+```
+upstream app_server {
+ # fail_timeout=0 means we always retry an upstream even if it failed
+ # to return a good HTTP response
+
+ # for UNIX domain socket setups
+ server unix:/run/gunicorn/socket fail_timeout=0;
+
+ # for a TCP configuration
+ # server 192.168.0.7:8000 fail_timeout=0;
+}
+
+server {
+ listen 80 default_server;
+ listen [::]:80 default_server;
+
+ listen 443 ssl;
+
+
+ root /var/www/html;
+
+ # Add index.php to the list if you are using PHP
+ index index.html index.htm index.nginx-debian.html;
+
+ server_name prc.parkinson.lu;
+
+ ssl_certificate /etc/nginx/ssl/nginx.crt;
+ ssl_certificate_key /etc/nginx/ssl/nginx.key;
+
+
+ location / {
+ # checks for static file, if not found proxy to app
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ # enable this if and only if you use HTTPS
+ # proxy_set_header X-Forwarded-Proto https;
+ proxy_set_header Host $http_host;
+ # we don't want nginx trying to do something clever with
+ # redirects, we set the Host: header above already.
+ proxy_redirect off;
+ proxy_pass http://app_server;
+ }
+
+}
+```
+ - extract static files and make them available via nginx: `./manage.py collectstatic`
+ - you start application by starting gunicorn and nginx: `service gunicorn start`, `service nginx start`
\ No newline at end of file
--
GitLab