diff --git a/README.rst b/README.rst index c5f9d06b3..6f2ab1cd0 100644 --- a/README.rst +++ b/README.rst @@ -50,7 +50,7 @@ Features * Grunt build for compass and livereload * Send emails via Anymail_ (using Mailgun_ by default, but switchable) * Media storage using Amazon S3 -* Docker support using docker-compose_ for development and production (using Caddy_ with LetsEncrypt_ support) +* Docker support using docker-compose_ for development and production (using acme.sh_ with LetsEncrypt_ support) * Procfile_ for deploying to Heroku * Instructions for deploying to PythonAnywhere_ * Run tests with unittest or py.test @@ -85,7 +85,7 @@ Optional Integrations .. _docker-compose: https://github.com/docker/compose .. _Opbeat: https://opbeat.com/ .. _PythonAnywhere: https://www.pythonanywhere.com/ -.. _Caddy: https://caddyserver.com/ +.. _acme.sh: https://github.com/Neilpang/acme.sh .. _LetsEncrypt: https://letsencrypt.org/ Constraints diff --git a/docs/deployment-with-docker.rst b/docs/deployment-with-docker.rst index 25ff7cb9f..0d4d1e342 100644 --- a/docs/deployment-with-docker.rst +++ b/docs/deployment-with-docker.rst @@ -17,7 +17,7 @@ of this application gets its configuration from. Notice how it provides configur * `postgres` service that runs the database * `redis` for caching -* `caddy` as webserver +* `nginx` as proxy webserver * `django` is the Django project run by gunicorn If you chose the `use_celery` option, there are two more services: @@ -66,11 +66,12 @@ It is always better to deploy a site behind HTTPS and will become crucial as the HTTPS is configured by default ------------------------------ -The Caddy webserver used in the default configuration will get you a valid certificate from Lets Encrypt and update it automatically. All you need to do to enable this is to make sure that your DNS records are pointing to the server Caddy runs on. +The nginx webserver used in the default configuration will get you a valid certificate from Lets Encrypt and update it automatically, using the `nginx-proxy` docker image. -You can read more about this here at `Automatic HTTPS`_ in the Caddy docs. +You can read more about this here at `Automated Nginx Reverse Proxy for Docker`_ and the `acme.sh`_ docs. -.. _Automatic HTTPS: https://caddyserver.com/docs/automatic-https +.. _Automated Nginx Reverse Proxy for Docker: http://jasonwilder.com/blog/2014/03/25/automated-nginx-reverse-proxy-for-docker/ +.. _acme.sh: https://github.com/Neilpang/acme.sh Optional: Postgres Data Volume Modifications @@ -115,7 +116,7 @@ If you want to scale your application, run:: docker-compose -f production.yml scale django=4 docker-compose -f production.yml scale celeryworker=2 -.. warning:: Don't run the scale command on postgres, celerybeat, or caddy. +.. warning:: Don't run the scale command on postgres, celerybeat, or nginx-proxy. If you have errors, you can always check your stack with `docker-compose`. Switch to your projects root directory and run:: diff --git a/{{cookiecutter.project_slug}}/compose/production/caddy/Caddyfile b/{{cookiecutter.project_slug}}/compose/production/caddy/Caddyfile deleted file mode 100644 index d36632e4b..000000000 --- a/{{cookiecutter.project_slug}}/compose/production/caddy/Caddyfile +++ /dev/null @@ -1,14 +0,0 @@ -www.{% raw %}{$DOMAIN_NAME}{% endraw %} { - redir https://{{cookiecutter.domain_name}} -} - -{% raw %}{$DOMAIN_NAME}{% endraw %} { - proxy / django:5000 { - header_upstream Host {host} - header_upstream X-Real-IP {remote} - header_upstream X-Forwarded-Proto {scheme} - } - log stdout - errors stdout - gzip -} diff --git a/{{cookiecutter.project_slug}}/compose/production/caddy/Dockerfile b/{{cookiecutter.project_slug}}/compose/production/caddy/Dockerfile deleted file mode 100644 index d02f0342d..000000000 --- a/{{cookiecutter.project_slug}}/compose/production/caddy/Dockerfile +++ /dev/null @@ -1,3 +0,0 @@ -FROM abiosoft/caddy:0.10.6 - -COPY ./compose/production/caddy/Caddyfile /etc/Caddyfile diff --git a/{{cookiecutter.project_slug}}/env.example b/{{cookiecutter.project_slug}}/env.example index 1d28cb599..03850b576 100644 --- a/{{cookiecutter.project_slug}}/env.example +++ b/{{cookiecutter.project_slug}}/env.example @@ -4,8 +4,8 @@ POSTGRES_PASSWORD=!!!SET POSTGRES_PASSWORD!!! POSTGRES_USER=!!!SET POSTGRES_USER!!! CONN_MAX_AGE= -# Domain name, used by caddy -DOMAIN_NAME={{ cookiecutter.domain_name }} +# Domain name, used by nginx-proxy +VIRTUAL_HOST={{ cookiecutter.domain_name }} # General settings # DJANGO_READ_DOT_ENV_FILE=True diff --git a/{{cookiecutter.project_slug}}/production.yml b/{{cookiecutter.project_slug}}/production.yml index ef9163e5a..27cdafa09 100644 --- a/{{cookiecutter.project_slug}}/production.yml +++ b/{{cookiecutter.project_slug}}/production.yml @@ -3,7 +3,6 @@ version: '2' volumes: postgres_data: {} postgres_backup: {} - caddy: {} services: django:{% if cookiecutter.use_celery == 'y' %} &django{% endif %} @@ -14,7 +13,11 @@ services: - postgres - redis env_file: .env + environment: + - ENABLE_ACME=true command: /gunicorn.sh + expose: + - "5000" postgres: build: @@ -25,18 +28,18 @@ services: - postgres_backup:/backups env_file: .env - caddy: - build: - context: . - dockerfile: ./compose/production/caddy/Dockerfile + nginx-proxy: + image: neilpang/nginx-proxy depends_on: - django - volumes: - - caddy:/root/.caddy - env_file: .env ports: - - "0.0.0.0:80:80" - - "0.0.0.0:443:443" + - "80:80" + volumes: + - /var/run/docker.sock:/tmp/docker.sock:ro + - ./proxy/certs:/etc/nginx/certs + - ./proxy/acme:/acmecerts + - ./proxy/conf.d:/etc/nginx/conf.d + network_mode: "host" redis: image: redis:3.0