From 02756e0543ef3b7fead82b6753d95d052ab73c7f Mon Sep 17 00:00:00 2001 From: Wan Liuyang Date: Fri, 12 Jan 2018 12:26:59 +0800 Subject: [PATCH] Remove caddy, add nginx-proxy --- README.rst | 4 ++-- docs/deployment-with-docker.rst | 11 +++++---- .../compose/production/caddy/Caddyfile | 14 ----------- .../compose/production/caddy/Dockerfile | 3 --- {{cookiecutter.project_slug}}/env.example | 4 ++-- {{cookiecutter.project_slug}}/production.yml | 23 +++++++++++-------- 6 files changed, 23 insertions(+), 36 deletions(-) delete mode 100644 {{cookiecutter.project_slug}}/compose/production/caddy/Caddyfile delete mode 100644 {{cookiecutter.project_slug}}/compose/production/caddy/Dockerfile diff --git a/README.rst b/README.rst index 838253f4c..a0649df4f 100644 --- a/README.rst +++ b/README.rst @@ -46,7 +46,7 @@ Features * Grunt build for compass and livereload * Send emails via Anymail_ (using Mailgun_ by default, but switchable) * Media storage using Amazon S3 -* Docker support using docker-compose_ for development and production (using Caddy_ with LetsEncrypt_ support) +* Docker support using docker-compose_ for development and production (using acme.sh_ with LetsEncrypt_ support) * Procfile_ for deploying to Heroku * Instructions for deploying to PythonAnywhere_ * Run tests with unittest or py.test @@ -82,7 +82,7 @@ Optional Integrations .. _docker-compose: https://github.com/docker/compose .. _Opbeat: https://opbeat.com/ .. _PythonAnywhere: https://www.pythonanywhere.com/ -.. _Caddy: https://caddyserver.com/ +.. _acme.sh: https://github.com/Neilpang/acme.sh .. _LetsEncrypt: https://letsencrypt.org/ Constraints diff --git a/docs/deployment-with-docker.rst b/docs/deployment-with-docker.rst index fb383c3c5..078691e0d 100644 --- a/docs/deployment-with-docker.rst +++ b/docs/deployment-with-docker.rst @@ -17,7 +17,7 @@ of this application gets its configuration from. Notice how it provides configur * `postgres` service that runs the database * `redis` for caching -* `caddy` as webserver +* `nginx` as proxy webserver * `django` is the Django project run by gunicorn If you chose the `use_celery` option, there are two more services: @@ -59,11 +59,12 @@ It is always better to deploy a site behind HTTPS and will become crucial as the HTTPS is configured by default ------------------------------ -The Caddy webserver used in the default configuration will get you a valid certificate from Lets Encrypt and update it automatically. All you need to do to enable this is to make sure that your DNS records are pointing to the server Caddy runs on. +The nginx webserver used in the default configuration will get you a valid certificate from Lets Encrypt and update it automatically, using the `nginx-proxy` docker image. -You can read more about this here at `Automatic HTTPS`_ in the Caddy docs. +You can read more about this here at `Automated Nginx Reverse Proxy for Docker`_ and the `acme.sh`_ docs. -.. _Automatic HTTPS: https://caddyserver.com/docs/automatic-https +.. _Automated Nginx Reverse Proxy for Docker: http://jasonwilder.com/blog/2014/03/25/automated-nginx-reverse-proxy-for-docker/ +.. _acme.sh: https://github.com/Neilpang/acme.sh Optional: Postgres Data Volume Modifications @@ -108,7 +109,7 @@ If you want to scale your application, run:: docker-compose -f production.yml scale django=4 docker-compose -f production.yml scale celeryworker=2 -.. warning:: Don't run the scale command on postgres, celerybeat, or caddy. +.. warning:: Don't run the scale command on postgres, celerybeat, or nginx-proxy. If you have errors, you can always check your stack with `docker-compose`. Switch to your projects root directory and run:: diff --git a/{{cookiecutter.project_slug}}/compose/production/caddy/Caddyfile b/{{cookiecutter.project_slug}}/compose/production/caddy/Caddyfile deleted file mode 100644 index d36632e4b..000000000 --- a/{{cookiecutter.project_slug}}/compose/production/caddy/Caddyfile +++ /dev/null @@ -1,14 +0,0 @@ -www.{% raw %}{$DOMAIN_NAME}{% endraw %} { - redir https://{{cookiecutter.domain_name}} -} - -{% raw %}{$DOMAIN_NAME}{% endraw %} { - proxy / django:5000 { - header_upstream Host {host} - header_upstream X-Real-IP {remote} - header_upstream X-Forwarded-Proto {scheme} - } - log stdout - errors stdout - gzip -} diff --git a/{{cookiecutter.project_slug}}/compose/production/caddy/Dockerfile b/{{cookiecutter.project_slug}}/compose/production/caddy/Dockerfile deleted file mode 100644 index d02f0342d..000000000 --- a/{{cookiecutter.project_slug}}/compose/production/caddy/Dockerfile +++ /dev/null @@ -1,3 +0,0 @@ -FROM abiosoft/caddy:0.10.6 - -COPY ./compose/production/caddy/Caddyfile /etc/Caddyfile diff --git a/{{cookiecutter.project_slug}}/env.example b/{{cookiecutter.project_slug}}/env.example index 420ab4a5f..f60e93480 100644 --- a/{{cookiecutter.project_slug}}/env.example +++ b/{{cookiecutter.project_slug}}/env.example @@ -4,8 +4,8 @@ POSTGRES_PASSWORD=mysecretpass POSTGRES_USER=postgresuser CONN_MAX_AGE= -# Domain name, used by caddy -DOMAIN_NAME={{ cookiecutter.domain_name }} +# Domain name, used by nginx-proxy +VIRTUAL_HOST={{ cookiecutter.domain_name }} # General settings # DJANGO_READ_DOT_ENV_FILE=True diff --git a/{{cookiecutter.project_slug}}/production.yml b/{{cookiecutter.project_slug}}/production.yml index ef9163e5a..27cdafa09 100644 --- a/{{cookiecutter.project_slug}}/production.yml +++ b/{{cookiecutter.project_slug}}/production.yml @@ -3,7 +3,6 @@ version: '2' volumes: postgres_data: {} postgres_backup: {} - caddy: {} services: django:{% if cookiecutter.use_celery == 'y' %} &django{% endif %} @@ -14,7 +13,11 @@ services: - postgres - redis env_file: .env + environment: + - ENABLE_ACME=true command: /gunicorn.sh + expose: + - "5000" postgres: build: @@ -25,18 +28,18 @@ services: - postgres_backup:/backups env_file: .env - caddy: - build: - context: . - dockerfile: ./compose/production/caddy/Dockerfile + nginx-proxy: + image: neilpang/nginx-proxy depends_on: - django - volumes: - - caddy:/root/.caddy - env_file: .env ports: - - "0.0.0.0:80:80" - - "0.0.0.0:443:443" + - "80:80" + volumes: + - /var/run/docker.sock:/tmp/docker.sock:ro + - ./proxy/certs:/etc/nginx/certs + - ./proxy/acme:/acmecerts + - ./proxy/conf.d:/etc/nginx/conf.d + network_mode: "host" redis: image: redis:3.0