Merge branch 'master' of ssh://willipink.eu:3456/moritz/coinmanager

.gitignore

@@ -3,3 +3,5 @@
 **/migrations/*
 Pipfile.lock
 **/work_data/*
+**/__pycache__/*
+*.sqlite

README.md

@@ -16,3 +16,66 @@ Coinc uses (besides python, javascript, HTML, CSS and more) the following open s
 - [Bootstrap](https://getbootstrap.com/) CSS backend, License: [MIT License](https://github.com/twbs/bootstrap/blob/master/LICENSE)
 - [Bootswatch](https://bootswatch.com/default/) CSS theme, License: [MIT License](https://github.com/thomaspark/bootswatch/blob/master/LICENSE)
 - [Flagpedia](https://flagpedia.net) flag symbols, License: public domain
+
+# Deploying
+Add the following settings to your django app:
+
+```
+./coinmanager/coinmanager/settings.py
+
+ALLOWED_HOSTS = ['<hostname>']
+DEBUG = False
+STATIC_URL = '/static/'
+STATIC_ROOT = os.path.join(BASE_DIR, 'static/')
+SECURE_SSL_REDIRECT = True
+SESSION_COOKIE_SECURE = True
+CSRF_COOKIE_SECURE = True
+```
+Then collect all static files in <project>/static: `python manage.py
+collectstatic`
+
+
+## Apache2
+- Install `mod_wsgi`: ` sudo apt install -y libapache2-mod-wsgi-py3 `
+- Enable it `a2enmod wsgi`
+- Own the project folder with your webserver group `sudo chown -R :www-data /path/to/coinmanager`
+- Add this outside of your apache2 VirtualHost config:
+```
+/etc/apache2/apache2.conf
+
+# create wsgi daemon process named *coinc*
+WSGIDaemonProcess coinc python-home=/path/to/venv python-path=/path/to/coinmanager/coinmanager
+# create wsgi process group *coinc*
+WSGIProcessGroup coinc
+# coinmanager app
+WSGIScriptAlias /coinc /path/to/coinmanager/coinmanager/wsgi.py
+```
+- And a site specifig config:
+```
+/etc/apache2/sites-enabled/coinmanager.conf
+
+# create alias
+WSGIScriptAlias /coinc /path/to/coinmanager/coinmanager/wsgi.py
+# route /static to the project folder TODO: this is not optimal
+Alias /static /path/to/coinmanager/static
+# apache does (not yet) serve the correct Content-Type header for .mjs files
+<Files "*.mjs">
+    ForceType text/javascript
+</Files>
+# downgrade Referrer-Policy header to make xhr-requests work
+<Directory /path/to/coinmanager>
+    Header always set Referrer-Policy "no-referrer-when-downgrade"
+</Directory>
+# grant access to static files
+<Directory /path/to/coinmanager/static>
+    Require all granted
+</Directory>
+# grant access to wsgi connector
+<Directory /path/to/coinmanager/coinmanager>
+    <Files wsgi.py>
+        Require all granted
+    </Files>
+</Directory>
+```
+- Test if your config syntax ist OK `apachectl configtest`
+- Finally restart apache2 `systemctl restart apache2`

coinmanager/coinmanager/settings.py

@@ -23,9 +23,9 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 SECRET_KEY = 'w-^#jkm1ub6=)(xiy%6od%+j6pwr51o0sk9o(-mb$8b77#h$53'
 
 # SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
+DEBUG = False
 
-ALLOWED_HOSTS = []
+ALLOWED_HOSTS = ['willipink.eu']
 
 
 # Application definition
@@ -119,3 +119,7 @@ USE_TZ = True
 # https://docs.djangoproject.com/en/3.0/howto/static-files/
 
 STATIC_URL = '/static/'
+STATIC_ROOT = os.path.join(BASE_DIR, 'static/')
+SECURE_SSL_REDIRECT = True
+SESSION_COOKIE_SECURE = True
+CSRF_COOKIE_SECURE = True