diff --git a/.gitignore b/.gitignore index 413f2ab..ab5b39c 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,5 @@ **/migrations/* Pipfile.lock **/work_data/* +**/__pycache__/* +*.sqlite diff --git a/README.md b/README.md index 75d9e79..0416d13 100644 --- a/README.md +++ b/README.md @@ -16,3 +16,66 @@ Coinc uses (besides python, javascript, HTML, CSS and more) the following open s - [Bootstrap](https://getbootstrap.com/) CSS backend, License: [MIT License](https://github.com/twbs/bootstrap/blob/master/LICENSE) - [Bootswatch](https://bootswatch.com/default/) CSS theme, License: [MIT License](https://github.com/thomaspark/bootswatch/blob/master/LICENSE) - [Flagpedia](https://flagpedia.net) flag symbols, License: public domain + +# Deploying +Add the following settings to your django app: + +``` +./coinmanager/coinmanager/settings.py + +ALLOWED_HOSTS = [''] +DEBUG = False +STATIC_URL = '/static/' +STATIC_ROOT = os.path.join(BASE_DIR, 'static/') +SECURE_SSL_REDIRECT = True +SESSION_COOKIE_SECURE = True +CSRF_COOKIE_SECURE = True +``` +Then collect all static files in /static: `python manage.py +collectstatic` + + +## Apache2 +- Install `mod_wsgi`: ` sudo apt install -y libapache2-mod-wsgi-py3 ` +- Enable it `a2enmod wsgi` +- Own the project folder with your webserver group `sudo chown -R :www-data /path/to/coinmanager` +- Add this outside of your apache2 VirtualHost config: +``` +/etc/apache2/apache2.conf + +# create wsgi daemon process named *coinc* +WSGIDaemonProcess coinc python-home=/path/to/venv python-path=/path/to/coinmanager/coinmanager +# create wsgi process group *coinc* +WSGIProcessGroup coinc +# coinmanager app +WSGIScriptAlias /coinc /path/to/coinmanager/coinmanager/wsgi.py +``` +- And a site specifig config: +``` +/etc/apache2/sites-enabled/coinmanager.conf + +# create alias +WSGIScriptAlias /coinc /path/to/coinmanager/coinmanager/wsgi.py +# route /static to the project folder TODO: this is not optimal +Alias /static /path/to/coinmanager/static +# apache does (not yet) serve the correct Content-Type header for .mjs files + + ForceType text/javascript + +# downgrade Referrer-Policy header to make xhr-requests work + + Header always set Referrer-Policy "no-referrer-when-downgrade" + +# grant access to static files + + Require all granted + +# grant access to wsgi connector + + + Require all granted + + +``` +- Test if your config syntax ist OK `apachectl configtest` +- Finally restart apache2 `systemctl restart apache2` diff --git a/coinmanager/coinmanager/settings.py b/coinmanager/coinmanager/settings.py index 510d002..7dbf9cc 100644 --- a/coinmanager/coinmanager/settings.py +++ b/coinmanager/coinmanager/settings.py @@ -23,9 +23,9 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) SECRET_KEY = 'w-^#jkm1ub6=)(xiy%6od%+j6pwr51o0sk9o(-mb$8b77#h$53' # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True +DEBUG = False -ALLOWED_HOSTS = [] +ALLOWED_HOSTS = ['willipink.eu'] # Application definition @@ -119,3 +119,7 @@ USE_TZ = True # https://docs.djangoproject.com/en/3.0/howto/static-files/ STATIC_URL = '/static/' +STATIC_ROOT = os.path.join(BASE_DIR, 'static/') +SECURE_SSL_REDIRECT = True +SESSION_COOKIE_SECURE = True +CSRF_COOKIE_SECURE = True