Merge 02756e0543 into 8dd9e691b1

2025-08-08 14:04:52 +03:00 · 2018-03-05 05:11:04 +00:00 · 2018-03-05 05:11:04 +00:00 · 5b3bcfeb11
commit 5b3bcfeb11
parent 8dd9e691b1 02756e0543
6 changed files with 23 additions and 36 deletions
--- a/README.rst
+++ b/README.rst
@ -50,7 +50,7 @@ Features
 * Grunt build for compass and livereload
 * Send emails via Anymail_ (using Mailgun_ by default, but switchable)
 * Media storage using Amazon S3
-* Docker support using docker-compose_ for development and production (using Caddy_ with LetsEncrypt_ support)
+* Docker support using docker-compose_ for development and production (using acme.sh_ with LetsEncrypt_ support)
 * Procfile_ for deploying to Heroku
 * Instructions for deploying to PythonAnywhere_
 * Run tests with unittest or py.test
@ -85,7 +85,7 @@ Optional Integrations
 .. _docker-compose: https://github.com/docker/compose
 .. _Opbeat: https://opbeat.com/
 .. _PythonAnywhere: https://www.pythonanywhere.com/
-.. _Caddy: https://caddyserver.com/
+.. _acme.sh: https://github.com/Neilpang/acme.sh
 .. _LetsEncrypt: https://letsencrypt.org/

 Constraints
--- a/docs/deployment-with-docker.rst
+++ b/docs/deployment-with-docker.rst
@ -17,7 +17,7 @@ of this application gets its configuration from. Notice how it provides configur

 * `postgres` service that runs the database
 * `redis` for caching
-* `caddy` as webserver
+* `nginx` as proxy webserver
 * `django` is the Django project run by gunicorn

 If you chose the `use_celery` option, there are two more services:
@ -66,11 +66,12 @@ It is always better to deploy a site behind HTTPS and will become crucial as the
 HTTPS is configured by default
 ------------------------------

-The Caddy webserver used in the default configuration will get you a valid certificate from Lets Encrypt and update it automatically. All you need to do to enable this is to make sure that your DNS records are pointing to the server Caddy runs on.
+The nginx webserver used in the default configuration will get you a valid certificate from Lets Encrypt and update it automatically, using the `nginx-proxy` docker image.

-You can read more about this here at `Automatic HTTPS`_ in the Caddy docs.
+You can read more about this here at `Automated Nginx Reverse Proxy for Docker`_ and the `acme.sh`_ docs.

-.. _Automatic HTTPS: https://caddyserver.com/docs/automatic-https
+.. _Automated Nginx Reverse Proxy for Docker: http://jasonwilder.com/blog/2014/03/25/automated-nginx-reverse-proxy-for-docker/
+.. _acme.sh: https://github.com/Neilpang/acme.sh


 Optional: Postgres Data Volume Modifications
@ -115,7 +116,7 @@ If you want to scale your application, run::
   docker-compose -f production.yml scale django=4
   docker-compose -f production.yml scale celeryworker=2

-.. warning:: Don't run the scale command on postgres, celerybeat, or caddy.
+.. warning:: Don't run the scale command on postgres, celerybeat, or nginx-proxy.

 If you have errors, you can always check your stack with `docker-compose`. Switch to your projects root directory and run::

--- a/{{cookiecutter.project_slug}}/compose/production/caddy/Caddyfile
+++ b/{{cookiecutter.project_slug}}/compose/production/caddy/Caddyfile
@ -1,14 +0,0 @@
-www.{% raw %}{$DOMAIN_NAME}{% endraw %} {
-    redir https://{{cookiecutter.domain_name}}
-}
-
-{% raw %}{$DOMAIN_NAME}{% endraw %} {
-    proxy / django:5000 {
-        header_upstream Host {host}
-        header_upstream X-Real-IP {remote}
-        header_upstream X-Forwarded-Proto {scheme}
-    }
-    log stdout
-    errors stdout
-    gzip
-}
--- a/{{cookiecutter.project_slug}}/compose/production/caddy/Dockerfile
+++ b/{{cookiecutter.project_slug}}/compose/production/caddy/Dockerfile
@ -1,3 +0,0 @@
-FROM abiosoft/caddy:0.10.6
-
-COPY ./compose/production/caddy/Caddyfile /etc/Caddyfile
--- a/{{cookiecutter.project_slug}}/env.example
+++ b/{{cookiecutter.project_slug}}/env.example
@ -4,8 +4,8 @@ POSTGRES_PASSWORD=!!!SET POSTGRES_PASSWORD!!!
 POSTGRES_USER=!!!SET POSTGRES_USER!!!
 CONN_MAX_AGE=

-# Domain name, used by caddy
-DOMAIN_NAME={{ cookiecutter.domain_name }}
+# Domain name, used by nginx-proxy
+VIRTUAL_HOST={{ cookiecutter.domain_name }}

 # General settings
 # DJANGO_READ_DOT_ENV_FILE=True
--- a/{{cookiecutter.project_slug}}/production.yml
+++ b/{{cookiecutter.project_slug}}/production.yml
@ -3,7 +3,6 @@ version: '2'
 volumes:
  postgres_data: {}
  postgres_backup: {}
-  caddy: {}

 services:
  django:{% if cookiecutter.use_celery == 'y' %} &django{% endif %}
@ -14,7 +13,11 @@ services:
      - postgres
      - redis
    env_file: .env
+    environment:
+      - ENABLE_ACME=true
    command: /gunicorn.sh
+    expose:
+      - "5000"

  postgres:
    build:
@ -25,18 +28,18 @@ services:
      - postgres_backup:/backups
    env_file: .env

-  caddy:
-    build:
-      context: .
-      dockerfile: ./compose/production/caddy/Dockerfile
+  nginx-proxy:
+    image: neilpang/nginx-proxy
    depends_on:
      - django
-    volumes:
-      - caddy:/root/.caddy
-    env_file: .env
    ports:
-      - "0.0.0.0:80:80"
-      - "0.0.0.0:443:443"
+      - "80:80"
+    volumes:
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - ./proxy/certs:/etc/nginx/certs
+      - ./proxy/acme:/acmecerts
+      - ./proxy/conf.d:/etc/nginx/conf.d
+    network_mode: "host"

  redis:
    image: redis:3.0