anotsodev
5/11/2018 - 9:25 AM

django project deployment

config files and the needed variables for the Django app up and running.

nginx-gunicorn.conf
content_copyfile_download
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
  worker_connections  4096;  ## Default: 1024
}

http{

  upstream socsd_server {
    server unix:/var/www/socsd/run/gunicorn.sock fail_timeout=10s;
  }

  server {
      listen   80;
      server_name .socsd.us.trendnet.org;

      client_max_body_size 4G;

      access_log /var/www/socsd/logs/nginx-access.log;
      error_log /var/www/socsd/logs/nginx-error.log warn;

      location /static/ {
          autoindex on;
          alias   /var/www/socsd/static/;
      }

      location / {
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header Host $http_host;
          proxy_redirect off;

          if (!-f $request_filename) {
              proxy_pass http://socsd_server;
              break;
          }
      }

      # Error pages
      #error_page 500 502 503 504 /500.html;
      #location = /500.html {
      #   root /var/www/test/ourcase/static/;
      #}
  }
}
nginx.conf
content_copyfile_download
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
  worker_connections  4096;  ## Default: 1024
}

http {

   sendfile on;
   tcp_nopush on;
   tcp_nodelay on;
   keepalive_timeout 65;
   types_hash_max_size 2048;

   include /etc/nginx/mime.types;
   default_type application/octet-stream;

  ##
  # SSL Settings
  ##

   ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
   ssl_prefer_server_ciphers on;

  ##
  # Logging Settings
  ##

   access_log /var/log/nginx/access.log;
   error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##
      gzip on;

 upstream django {
    # server unix:///var/www/security-operations-dashboard/secopsd.sock; # for a file socket
     server 127.0.0.1:8001;
 }

server {
    # the port your site will be served on
    listen      80;
    # the domain name it will serve for
    server_name .socsd.us.trendnet.org; # substitute your machine's IP address or FQDN
    charset     utf-8;

    # max upload size
    client_max_body_size 75M;   # adjust to taste

    # Django media

    location /static/ {
        root /var/www/socsd.static; # your Django project's static files - amend as required
    }

    # Finally, send all non-media requests to the Django server.
    location / {
       uwsgi_pass  django;
        include     /etc/nginx/uwsgi_params; # the uwsgi_params file you installed
    }
 }
}
settings.py
content_copyfile_download
# ==== removed default lines ====

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = os.environ['DJANGO_SECRET']
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False

ALLOWED_HOSTS = ['*']

# ==== removed default lines ====

# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/2.0/howto/static-files/

STATIC_URL = 'http://example.com/static/'

STATICFILES_DIRS = (
    os.path.join(BASE_DIR, 'static'),
)

STATIC_ROOT = "/var/www/<path>/static"

ARCSIGHT_USERNAME = config('ARCSIGHT_USERNAME', default='')
ARCSIGHT_PASSWORD = config('ARCSIGHT_PASSWORD', default='')
ARCSIGHT_CERT = config('ARCSIGHT_CERT', default='')
EDCIMSVA_USERID = config('EDCIMSVA_USERID', default='')
EDCIMSVA_PASSWORD = config('EDCIMSVA_PASSWORD', default='')
SJDCIMSVA_USERID = config('SJDCIMSVA_USERID', default='')
SJDCIMSVA_PASSWORD = config('SJDCIMSVA_PASSWORD', default='')
SJDCDDEI1_USERID = config('SJDCDDEI1_USERID', default='')
SJDCDDEI1_PASSWORD = config('SJDCDDEI1_PASSWORD', default='')
SJDCDDEI2_USERID = config('SJDCDDEI2_USERID', default='')
SJDCDDEI2_PASSWORD = config('SJDCDDEI2_PASSWORD', default='')
SJDCDDEI3_USERID = config('SJDCDDEI3_USERID', default='')
SJDCDDEI3_PASSWORD = config('SJDCDDEI3_PASSWORD', default='')
SJDCDDEI4_USERID = config('SJDCDDEI4_USERID', default='')
SJDCDDEI4_PASSWORD = config('SJDCDDEI4_PASSWORD', default='')
EDCDDEI_USERID = config('EDCDDEI_USERID', default='')
EDCDDEI_PASSWORD = config('EDCDDEI_PASSWORD', default='')
project_uwsgi.ini
content_copyfile_download
[uwsgi]
# source: uwsgi documentation
gid = www-data
uid = www-data
# Django-related settings
# the base directory (full path)
chdir           = /var/www/<project>
# Django's wsgi file
module          = secopsd.wsgi
# the virtualenv (full path)
home            = /var/www/venv

# process-related settings
# master
master          = true
# maximum number of worker processes
processes       = 10
# the socket (use the full path to be safe
socket          = 127.0.0.1:8001
# ... with appropriate permissions - may be needed
# chmod-socket    = 664
# clear environment on exit
vacuum          = true
safe-pidfile = /tmp/project-master.pid 
# create a pidfile
harakiri = 20 
# respawn processes taking more than 20 seconds
#limit-as = 128 
# limit the project to 128 MB
max-requests = 5000 
# respawn processes after serving 5000 requests
daemonize = /var/log/uwsgi/<project>.log 
# background the process & log