From 055e1080dd3b4cfcc8d93e81aa8232ef8311e943 Mon Sep 17 00:00:00 2001 From: James Graham Date: Thu, 17 Mar 2022 13:58:07 +0000 Subject: [PATCH] build: update deployment for Docker --- Caddyfile | 3 - Dockerfile | 2 + Vagrantfile => deploy/Vagrantfile | 5 ++ deploy/playbook.yml | 85 ++++++++++++++++++++++++++ deploy/templates/Caddyfile.j2 | 15 +++++ deploy/templates/docker-compose.yml.j2 | 35 +++++++++++ docker-compose.yml | 4 +- entrypoint.sh | 11 ++-- playbook.yml | 18 ------ 9 files changed, 150 insertions(+), 28 deletions(-) rename Vagrantfile => deploy/Vagrantfile (90%) create mode 100644 deploy/playbook.yml create mode 100644 deploy/templates/Caddyfile.j2 create mode 100644 deploy/templates/docker-compose.yml.j2 delete mode 100644 playbook.yml diff --git a/Caddyfile b/Caddyfile index 4282331..70cd7c9 100644 --- a/Caddyfile +++ b/Caddyfile @@ -1,7 +1,4 @@ :80 :443 { - - tls {$CADDY_TLS_EMAIL} - root * /srv file_server diff --git a/Dockerfile b/Dockerfile index d8c5165..14b3c68 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,5 +11,7 @@ RUN pip install --no-cache-dir --upgrade pip \ COPY . ./ +# USER mapper + ENTRYPOINT [ "/app/entrypoint.sh" ] CMD [ "gunicorn", "-w", "2", "-b", "0.0.0.0:8000", "breccia_mapper.wsgi" ] diff --git a/Vagrantfile b/deploy/Vagrantfile similarity index 90% rename from Vagrantfile rename to deploy/Vagrantfile index 5b8bbfc..bf6a5dc 100644 --- a/Vagrantfile +++ b/deploy/Vagrantfile @@ -20,5 +20,10 @@ Vagrant.configure("2") do |config| config.vm.provision "ansible" do |ansible| ansible.verbose = "v" ansible.playbook = "playbook.yml" + ansible.host_vars = { + "default" => { + "deploy_environment" => "vagrant" + } + } end end diff --git a/deploy/playbook.yml b/deploy/playbook.yml new file mode 100644 index 0000000..8fc6bf4 --- /dev/null +++ b/deploy/playbook.yml @@ -0,0 +1,85 @@ +--- +- hosts: all + become_user: root + become_method: sudo + become: yes + + pre_tasks: + - name: Check if running under Vagrant + stat: + path: /vagrant + register: vagrant_dir + + vars: + project_name: mapper + project_dir: /srv/{{ project_name }} + project_src_dir: "{{ project_dir }}/src" + + django_settings: + debug: 1 + secret_key: debug_only_g62WlORMbo8iAcV7vKCKBQ== + + tasks: + - name: Vagrant specific tasks + block: + - name: Add Docker repository + get_url: + url: https://download.docker.com/linux/centos/docker-ce.repo + dest: '/etc/yum.repos.d/docker-ce.repo' + when: deploy_environment is defined and deploy_environment == "vagrant" + + - name: Install system dependencies + ansible.builtin.yum: + name: + - git + - docker-ce + - docker-ce-cli + - containerd.io + - docker-compose-plugin + state: present + + # - name: Update system packages + # ansible.builtin.yum: + # name: '*' + # state: latest + + - name: Clone / update from source repos + ansible.builtin.git: + repo: 'https://github.com/Southampton-RSG/breccia-mapper.git' + dest: '{{ project_src_dir }}' + version: docker + accept_hostkey: yes + + - name: Copy template files + ansible.builtin.template: + src: '{{ item }}.j2' + dest: '{{ project_dir }}/{{ item }}' + mode: 0600 + loop: + - Caddyfile + - docker-compose.yml + + - name: Start Docker + ansible.builtin.systemd: + name: docker + state: started + enabled: yes + + - name: Pull latest docker images + ansible.builtin.command: + chdir: "{{ project_dir }}" + cmd: docker compose pull {{ item }} + loop: + - caddy + + - name: Build custom images + ansible.builtin.command: + chdir: "{{ project_dir }}" + cmd: docker compose build {{ item }} + loop: + - web + + - name: Start containers + ansible.builtin.command: + chdir: "{{ project_dir }}" + cmd: docker compose up -d diff --git a/deploy/templates/Caddyfile.j2 b/deploy/templates/Caddyfile.j2 new file mode 100644 index 0000000..70cd7c9 --- /dev/null +++ b/deploy/templates/Caddyfile.j2 @@ -0,0 +1,15 @@ +:80 :443 { + root * /srv + file_server + + @proxy_paths { + not path /static/* + } + + reverse_proxy @proxy_paths http://web:8000 + + log { + output stderr + format single_field common_log + } +} \ No newline at end of file diff --git a/deploy/templates/docker-compose.yml.j2 b/deploy/templates/docker-compose.yml.j2 new file mode 100644 index 0000000..7253bb7 --- /dev/null +++ b/deploy/templates/docker-compose.yml.j2 @@ -0,0 +1,35 @@ +version: '3.1' + +services: + web: + image: breccia-mapper + build: {{ project_src_dir }} + ports: + - 8000:8000 + environment: + DEBUG: {{ django_settings.debug }} + DATABASE_URL: sqlite:////app/db.sqlite3 + SECRET_KEY: {{ django_settings.secret_key }} + volumes: + - ./db.sqlite3:/app/db.sqlite3:z + - static_files:/app/static + + caddy: + image: caddy:2 + restart: unless-stopped + ports: + - 80:80 + - 443:443 + volumes: + - ./Caddyfile:/etc/caddy/Caddyfile:z + # Caddy serves static files collected by Django + - static_files:/srv/static:ro + - caddy_data:/data + - caddy_config:/config + depends_on: + - web + +volumes: + caddy_data: + caddy_config: + static_files: diff --git a/docker-compose.yml b/docker-compose.yml index c18444b..c2331f0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -20,12 +20,10 @@ services: ports: - 80:80 - 443:443 - environment: - CADDY_TLS_EMAIL: ${CADDY_TLS_EMAIL} volumes: - ./Caddyfile:/etc/caddy/Caddyfile:z # Caddy serves static files collected by Django - - static_files:/srv/static + - static_files:/srv/static:ro - caddy_data:/data - caddy_config:/config depends_on: diff --git a/entrypoint.sh b/entrypoint.sh index 64e83ff..478ac41 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,5 +1,8 @@ -#!/bin/sh +#!/bin/bash -python manage.py migrate \ - && python manage.py collectstatic --no-input \ - && exec "$@" +set -eo pipefail + +python manage.py migrate +python manage.py collectstatic --no-input + +exec "$@" diff --git a/playbook.yml b/playbook.yml deleted file mode 100644 index 815ee4d..0000000 --- a/playbook.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- hosts: all - become_user: root - become_method: sudo - become: yes - - pre_tasks: - - name: Check if running under Vagrant - stat: - path: /vagrant - register: vagrant_dir - - roles: - - database - - webserver - - vars: - ansible_python_interpreter: python2