From 398d51e208b485face29035852fed2201914548b Mon Sep 17 00:00:00 2001 From: willipink Date: Thu, 14 May 2020 21:46:42 +0000 Subject: [PATCH] #fix 3: get basic working setup with apache2 mod_wsgi --- README.md | 63 +++++++++++++++++++++++++++++ coinmanager/coinmanager/settings.py | 8 +++- 2 files changed, 69 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 75d9e79..0416d13 100644 --- a/README.md +++ b/README.md @@ -16,3 +16,66 @@ Coinc uses (besides python, javascript, HTML, CSS and more) the following open s - [Bootstrap](https://getbootstrap.com/) CSS backend, License: [MIT License](https://github.com/twbs/bootstrap/blob/master/LICENSE) - [Bootswatch](https://bootswatch.com/default/) CSS theme, License: [MIT License](https://github.com/thomaspark/bootswatch/blob/master/LICENSE) - [Flagpedia](https://flagpedia.net) flag symbols, License: public domain + +# Deploying +Add the following settings to your django app: + +``` +./coinmanager/coinmanager/settings.py + +ALLOWED_HOSTS = [''] +DEBUG = False +STATIC_URL = '/static/' +STATIC_ROOT = os.path.join(BASE_DIR, 'static/') +SECURE_SSL_REDIRECT = True +SESSION_COOKIE_SECURE = True +CSRF_COOKIE_SECURE = True +``` +Then collect all static files in /static: `python manage.py +collectstatic` + + +## Apache2 +- Install `mod_wsgi`: ` sudo apt install -y libapache2-mod-wsgi-py3 ` +- Enable it `a2enmod wsgi` +- Own the project folder with your webserver group `sudo chown -R :www-data /path/to/coinmanager` +- Add this outside of your apache2 VirtualHost config: +``` +/etc/apache2/apache2.conf + +# create wsgi daemon process named *coinc* +WSGIDaemonProcess coinc python-home=/path/to/venv python-path=/path/to/coinmanager/coinmanager +# create wsgi process group *coinc* +WSGIProcessGroup coinc +# coinmanager app +WSGIScriptAlias /coinc /path/to/coinmanager/coinmanager/wsgi.py +``` +- And a site specifig config: +``` +/etc/apache2/sites-enabled/coinmanager.conf + +# create alias +WSGIScriptAlias /coinc /path/to/coinmanager/coinmanager/wsgi.py +# route /static to the project folder TODO: this is not optimal +Alias /static /path/to/coinmanager/static +# apache does (not yet) serve the correct Content-Type header for .mjs files + + ForceType text/javascript + +# downgrade Referrer-Policy header to make xhr-requests work + + Header always set Referrer-Policy "no-referrer-when-downgrade" + +# grant access to static files + + Require all granted + +# grant access to wsgi connector + + + Require all granted + + +``` +- Test if your config syntax ist OK `apachectl configtest` +- Finally restart apache2 `systemctl restart apache2` diff --git a/coinmanager/coinmanager/settings.py b/coinmanager/coinmanager/settings.py index 510d002..7dbf9cc 100644 --- a/coinmanager/coinmanager/settings.py +++ b/coinmanager/coinmanager/settings.py @@ -23,9 +23,9 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) SECRET_KEY = 'w-^#jkm1ub6=)(xiy%6od%+j6pwr51o0sk9o(-mb$8b77#h$53' # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True +DEBUG = False -ALLOWED_HOSTS = [] +ALLOWED_HOSTS = ['willipink.eu'] # Application definition @@ -119,3 +119,7 @@ USE_TZ = True # https://docs.djangoproject.com/en/3.0/howto/static-files/ STATIC_URL = '/static/' +STATIC_ROOT = os.path.join(BASE_DIR, 'static/') +SECURE_SSL_REDIRECT = True +SESSION_COOKIE_SECURE = True +CSRF_COOKIE_SECURE = True