Django deploy to production with nginx gunicorn and SSL - How to deploy?

I am trying to deploy my Django app to my domain but I do not know how to set this up, I currently have the app running in development only. There are many components involved, like Nginx, gunicorn, uvicorn, and apparently, I have to set up some SSL certificates. The relevant files:

This is my folder structure now, and it seems like I need to add the certificates to certs/, which is currently empty:

.rw-r--r--  53k  5 Dec 13:28 -- .coverage
drwxr-sr-x    - 11 Dec 12:32 -- .git/
.rw-r--r--   52  2 Dec 12:05 -- .gitignore
.rw-r--r-- 3.0k 11 Dec 01:05 -- .gitlab-ci.yml
drwxr-sr-x    -  2 Dec 21:09 -- app/
drwxr-sr-x    - 10 Dec 15:06 -- bank/
drwxr-sr-x    - 11 Dec 12:26 -- certs/
drwxr-sr-x    -  6 Dec 14:40 -- config/
drwxr-sr-x    -  2 Dec 21:33 -- data/
.rw-r--r-- 197k  5 Dec 13:28 -- db.sqlite3
.rw-r--r--  182 11 Dec 01:05 -- db_dev.env
.rw-r--r--  185 10 Dec 15:06 -- db_prod.env
.rw-r--r--  185 10 Dec 15:06 -- db_test.env
drwxr-sr-x    -  2 Dec 19:57 -- dbscripts/
.rw-r--r--  733 10 Dec 15:06 -- docker-compose.yml
.rw-r--r--  378 10 Dec 15:06 -- Dockerfile
.rw-r--r-- 1.0k 11 Dec 12:03 -- entrypoint.sh
drwxr-sr-x    -  4 Dec 00:23 -- htmlcov/
drwxr-sr-x    - 11 Dec 12:32 -- kea_bank/
.rw-r--r--  664  1 Dec 09:53 -- manage.py
drwxr-sr-x    -  9 Dec 18:03 -- ngin/
drwxr-sr-x    - 10 Dec 15:48 -M nginx/
.rw-r--r--   28  1 Dec 09:53 -- pylama.ini
.rw-r--r--  320  1 Dec 09:53 -- README.md
.rw-r--r--  676 10 Dec 15:06 -- requirements.txt
.rw-r--r--  154  1 Dec 09:53 -- runsqa
drwxr-sr-x    -  1 Dec 09:53 -- static/
drwxr-sr-x    -  5 Dec 13:19 -- templates/
drwxr-sr-x    -  2 Dec 16:43 -- tests/

"nginx/prod/conf.d"

1   upstream app_upstream {
  1     server app:8080;
  2 }
  3
  4 server {
  5     listen 80;
  6     listen 443;
  7     ssl on;
  8     ssl_certificate /etc/letsencrypt/live/pbstyle.dk/fullchain.pem;
  9     ssl_certificate_key /etc/letsencrypt/live/pbstyle.dk/privkey.pem;
 10
 11     server_name pbstyle.dk;
 12
 13     location /static/ {
 14         alias /static/;
 15     }
 16
 17     location /media/ {
 18         alias /media/;
 19     }
 20
 21     location / {
 22         proxy_set_header Host $host;
 23         proxy_pass http://app_upstream;
 24     }
 25 }

"entrypoint.sh" running production, last part:

1   #!/bin/sh
  1
  2 echo "${RTE} Runtime Environment - Running entrypoint.!"
  3
  4 if [ "$RTE" = "dev" ]; then
  5
  6     echo "This is development"
  7     python manage.py makemigrations --merge
  8     python manage.py migrate --noinput
  9     python manage.py createsuperuser --noinput --username $DJANGO_SUPERUSER_USERNAME --email $DJANGO_SUPERUSER_EMAIL 10     python manage.py runserver 0:8000
 11
 19 elif [ "$RTE" = "test" ]; then
 20
 21     echo "This is testing"
 22     python manage.py makemigrations
 23     python manage.py migrate
 24     python manage.py runserver
 25
 26 elif [ "$RTE" = "prod" ]; then
 27
 28     echo "This is production"
 29     python manage.py check --deploy
 30     python manage.py collectstatic --noinput
 31     gunicorn kea_bank.asgi:application -b 0.0.0.0:8080 -k uvicorn.workers.UvicornWorker
 32
 33 fi

"settings.py" allowing my domain:

 10 if RTE is RuntimeEnvironment.dev:
  9     SECRET_KEY = 'django-insecure-l)lj4%c6(3v5r!0b9eac&0%%_500%ct4x1nbf5j5qsarmtn0#d'
  8 else:
  7     SECRET_KEY = os.environ['DJANGO_SECRET_KEY']
  6
  4 if RTE is RuntimeEnvironment.dev:
  3     DEBUG = True
  2     ALLOWED_HOSTS = []
  1 else:
55      DEBUG = False
  1     ALLOWED_HOSTS = ['pbstyle.dk', 'https://pbstyle.dk/']
  2

Finally, I was informed that this is what's missing, under certs/ but I do not know how to set up the content of that structure:

├── certs/
│  ├── .updated-options-ssl-nginx-conf-digest.txt
│  ├── .updated-ssl-dhparams-pem-digest.txt
│  ├── accounts/
│  ├── archive/
│  ├── csr/
│  ├── keys/
│  ├── live/
│  ├── options-ssl-nginx.conf
│  ├── renewal/
│  ├── renewal-hooks/
│  └── ssl-dhparams.pem

When I docker-compose up build and check for the http status of my domain/djangoapp:

(testProduction|✚1)% http pbstyle.dk/kea_bank
HTTP/1.1 301 Moved Permanently
Age: 51
Connection: keep-alive
Content-Length: 235
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 11 Dec 2021 11:42:44 GMT
Location: https://pbstyle.dk/kea_bank
Server: Apache
Via: 1.1 varnish (Varnish/7.0)
X-Varnish: 400075556 489853851

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://pbstyle.dk/kea_bank">here</a>.</p>
</body></html>

Could someone please help me deploy the app? Thanks in advance for looking into this!

Back to Top