Django deploy to production with nginx gunicorn and SSL - How to deploy?
I am trying to deploy my Django app to my domain but I do not know how to set this up, I currently have the app running in development only. There are many components involved, like Nginx, gunicorn, uvicorn, and apparently, I have to set up some SSL certificates. The relevant files:
This is my folder structure now, and it seems like I need to add the certificates to certs/, which is currently empty:
.rw-r--r-- 53k 5 Dec 13:28 -- .coverage
drwxr-sr-x - 11 Dec 12:32 -- .git/
.rw-r--r-- 52 2 Dec 12:05 -- .gitignore
.rw-r--r-- 3.0k 11 Dec 01:05 -- .gitlab-ci.yml
drwxr-sr-x - 2 Dec 21:09 -- app/
drwxr-sr-x - 10 Dec 15:06 -- bank/
drwxr-sr-x - 11 Dec 12:26 -- certs/
drwxr-sr-x - 6 Dec 14:40 -- config/
drwxr-sr-x - 2 Dec 21:33 -- data/
.rw-r--r-- 197k 5 Dec 13:28 -- db.sqlite3
.rw-r--r-- 182 11 Dec 01:05 -- db_dev.env
.rw-r--r-- 185 10 Dec 15:06 -- db_prod.env
.rw-r--r-- 185 10 Dec 15:06 -- db_test.env
drwxr-sr-x - 2 Dec 19:57 -- dbscripts/
.rw-r--r-- 733 10 Dec 15:06 -- docker-compose.yml
.rw-r--r-- 378 10 Dec 15:06 -- Dockerfile
.rw-r--r-- 1.0k 11 Dec 12:03 -- entrypoint.sh
drwxr-sr-x - 4 Dec 00:23 -- htmlcov/
drwxr-sr-x - 11 Dec 12:32 -- kea_bank/
.rw-r--r-- 664 1 Dec 09:53 -- manage.py
drwxr-sr-x - 9 Dec 18:03 -- ngin/
drwxr-sr-x - 10 Dec 15:48 -M nginx/
.rw-r--r-- 28 1 Dec 09:53 -- pylama.ini
.rw-r--r-- 320 1 Dec 09:53 -- README.md
.rw-r--r-- 676 10 Dec 15:06 -- requirements.txt
.rw-r--r-- 154 1 Dec 09:53 -- runsqa
drwxr-sr-x - 1 Dec 09:53 -- static/
drwxr-sr-x - 5 Dec 13:19 -- templates/
drwxr-sr-x - 2 Dec 16:43 -- tests/
"nginx/prod/conf.d"
1 upstream app_upstream {
1 server app:8080;
2 }
3
4 server {
5 listen 80;
6 listen 443;
7 ssl on;
8 ssl_certificate /etc/letsencrypt/live/pbstyle.dk/fullchain.pem;
9 ssl_certificate_key /etc/letsencrypt/live/pbstyle.dk/privkey.pem;
10
11 server_name pbstyle.dk;
12
13 location /static/ {
14 alias /static/;
15 }
16
17 location /media/ {
18 alias /media/;
19 }
20
21 location / {
22 proxy_set_header Host $host;
23 proxy_pass http://app_upstream;
24 }
25 }
"entrypoint.sh" running production, last part:
1 #!/bin/sh
1
2 echo "${RTE} Runtime Environment - Running entrypoint.!"
3
4 if [ "$RTE" = "dev" ]; then
5
6 echo "This is development"
7 python manage.py makemigrations --merge
8 python manage.py migrate --noinput
9 python manage.py createsuperuser --noinput --username $DJANGO_SUPERUSER_USERNAME --email $DJANGO_SUPERUSER_EMAIL 10 python manage.py runserver 0:8000
11
19 elif [ "$RTE" = "test" ]; then
20
21 echo "This is testing"
22 python manage.py makemigrations
23 python manage.py migrate
24 python manage.py runserver
25
26 elif [ "$RTE" = "prod" ]; then
27
28 echo "This is production"
29 python manage.py check --deploy
30 python manage.py collectstatic --noinput
31 gunicorn kea_bank.asgi:application -b 0.0.0.0:8080 -k uvicorn.workers.UvicornWorker
32
33 fi
"settings.py" allowing my domain:
10 if RTE is RuntimeEnvironment.dev:
9 SECRET_KEY = 'django-insecure-l)lj4%c6(3v5r!0b9eac&0%%_500%ct4x1nbf5j5qsarmtn0#d'
8 else:
7 SECRET_KEY = os.environ['DJANGO_SECRET_KEY']
6
4 if RTE is RuntimeEnvironment.dev:
3 DEBUG = True
2 ALLOWED_HOSTS = []
1 else:
55 DEBUG = False
1 ALLOWED_HOSTS = ['pbstyle.dk', 'https://pbstyle.dk/']
2
Finally, I was informed that this is what's missing, under certs/ but I do not know how to set up the content of that structure:
├── certs/
│ ├── .updated-options-ssl-nginx-conf-digest.txt
│ ├── .updated-ssl-dhparams-pem-digest.txt
│ ├── accounts/
│ ├── archive/
│ ├── csr/
│ ├── keys/
│ ├── live/
│ ├── options-ssl-nginx.conf
│ ├── renewal/
│ ├── renewal-hooks/
│ └── ssl-dhparams.pem
When I docker-compose up build and check for the http status of my domain/djangoapp:
(testProduction|✚1)% http pbstyle.dk/kea_bank
HTTP/1.1 301 Moved Permanently
Age: 51
Connection: keep-alive
Content-Length: 235
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 11 Dec 2021 11:42:44 GMT
Location: https://pbstyle.dk/kea_bank
Server: Apache
Via: 1.1 varnish (Varnish/7.0)
X-Varnish: 400075556 489853851
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://pbstyle.dk/kea_bank">here</a>.</p>
</body></html>
Could someone please help me deploy the app? Thanks in advance for looking into this!