Dockery/Pinry
1
0
Fork 0
mirror of https://github.com/pinry/pinry.git synced 2026-01-13 02:32:06 +01:00
Code Issues Packages Projects Releases Activity

Merge pull request #175 from pinry/refactor/docker-rework

Browse Source 
close #163 refactor/docker rework
This commit is contained in:
Ji Qu
2019-12-20 00:51:08 +08:00
committed by GitHub
parent 32369b8785 e5264ffe44
commit 8bb2437549
17 changed files with 152 additions and 267 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
Dockerfile.autobuild
View File

@@ -10,7 +10,6 @@
# Require: Docker (http://www.docker.io/)
# -----------------------------------------------------------------------------
# Base system is the LTS version of Ubuntu.
FROM python:3.7-stretch
@@ -20,47 +19,38 @@ RUN groupadd -g 2300 tmpgroup \
&& groupadd -g 1000 www-data \
&& usermod -g www-data www-data \
&& usermod -u 1000 www-data \
&& groupdel tmpgroup \
#
&& mkdir -p /srv/www/pinry/logs \
#
&& mkdir /data \
&& chown -R www-data:www-data /data \
#
&& mkdir -p /var/log/gunicorn \
&& apt-get update \
&& apt-get -y install nginx nginx-extras pwgen \
&& rm -rf /var/lib/apt/lists/*
&& groupdel tmpgroup
RUN mkdir /data
RUN chown -R www-data:www-data /data
RUN apt-get update \
&& apt-get -y install nginx nginx-extras pwgen \
&& rm -rf /var/lib/apt/lists/* \
&& apt-get autoclean
# required for other database options
RUN pip --no-cache-dir install pipenv gunicorn mysqlclient psycopg2 cx-Oracle
COPY Pipfile* /srv/www/pinry/
# COPY and start installation
COPY . /pinry
RUN cd /srv/www/pinry \
RUN cd /pinry \
&& pipenv install --three --system --clear
COPY . /srv/www/pinry/
# config nodejs and build frontend
# config nodejs
RUN curl -L https://raw.githubusercontent.com/tj/n/master/bin/n -o n || exit
RUN bash n 10
RUN npm -g install yarn
# build frontend
RUN cd /srv/www/pinry/pinry-spa/ && yarn install && yarn build
# Fix permissions
RUN chown -R www-data:www-data /srv/www \
&& cd /srv/www/pinry \
&& python manage.py collectstatic --noinput --settings=pinry.settings.docker
RUN cd /pinry/pinry-spa/ && yarn install && yarn build
# Load in all of our config files.
ADD docker/nginx/nginx.conf /etc/nginx/nginx.conf
ADD docker/nginx/sites-enabled/default /etc/nginx/sites-enabled/default
ADD docker/scripts/* /scripts/
# 80 is for nginx web, /data contains static files and database /start runs it.
EXPOSE 80
VOLUME ["/data"]
CMD ["/scripts/start.sh"]
CMD ["/pinry/docker/scripts/start.sh"]

1
README.md
View File

@@ -14,6 +14,7 @@ For more information visit [getpinry.com](https://getpinry.com).
- Browser Extensions
- Multi-user support
- Both public and private boards
- Works well with docker
## Requirements

135
docker/README.rst
View File

@@ -1,135 +0,0 @@
Pinry Docker
============
.. image:: https://travis-ci.org/pinry/docker-pinry.svg?branch=master
:target: https://travis-ci.org/pinry/docker-pinry
A nice and easy way to get a Pinry instance up and running using docker. For
help on getting started with docker see the `official getting started guide`_.
For more information on Pinry and a demo check out it's `website`_.
Getting Pinry Docker
---------------------
Running this will get the latest version of pinry itself::
git clone https://github.com/pinry/pinry
cd pinry
./docker/bootstrap.sh
Now you can start your container by command like this::
# this is where your database and pins localted
mkdir data
# use absolute path for docker to avoid using default data-volume (we use directory instead)
./docker/start_docker.sh `readlink -f data`
Please visit `http://your-ip` to visit your instance and register a new account, enjoy it.
Configuring docker-pinry
------------------------
Enable signups for new users by editing ``pinry/local_settings.py``::
ALLOW_NEW_REGISTRATIONS = True
`Additional pinry configuration settings`_
Building docker-pinry again
---------------------------
Running this will build you a docker image with the latest version of pinry::
./docker/build_docker.sh
Running docker-pinry in manual way
----------------------------------
Running the start command for the first time will setup your production secret
key, database and static files. It is important that you decide what port you
want and what location on the host machine you wish to store your files. If this
is the only thing running on your system and you wish to make it public without
a proxy then you can set ``-p=80:80``. The setting ``-p=10000:80`` assumes you
are wanting to proxy to this instance using something like nginx. Also note that
you must have your host mount directory created first (``mkdir -p /mnt/pinry``)
Then you have two choice to run docker-pinry
Fist one, with automaticlly configured default arguments::
./docker/start_docker.sh /mnt/pinry
Second one, start docker by hand with customized arguments::
SETTINGS_PATH=$(readlink -f docker/pinry/local_settings.py) \
DATA_PATH=$(readlink -f /mnt/pinry) \
sudo docker run -d=true -p=10000:80 \
-v=${DATA_PATH}:/data \
-v=${SETTINGS_PATH}:/srv/www/pinry/pinry/settings/local_settings.py \
pinry/pinry /scripts/start.sh
If it's the first run it'll take a few seconds but it will print out your
container ID which should be used to start and stop the container in the future
using the commands::
sudo docker start <container_id>
sudo docker stop <container_id>
Running docker-pinry with docker-compose
-----------------------------------------
Just config your ``docker-compose.yml`` and then run::
sudo pip install -U docker-compose
sudo docker-compose --project-directory docker up -d
Notes on the run commands
`````````````````````````
* ``-v`` is the volume you are mounting ``-v=host_dir:docker_dir``
* ``pinry/pinry`` is simply what I called my docker build of this image
* ``-d=true`` allows this to run cleanly as a daemon, remove for debugging
* ``-p`` is the port it connects to, ``-p=host_port:docker_port``
* Follow comments in ``local_settings.py`` to understand how the site configured
Using docker-pinry
------------------
Open a browser to ``http://<YOUR-HOSTNAME>:10000`` and register. Replace YOUR-HOSTNAME with the name
of the machine docker is running on, likely localhost.
You can map ``http://localhost:10000`` to your outer nginx for SSL or just change
the default port-mapping to ``80:80`` to serve your site directly, just enjoy!
Why include nginx and not just map to gunicorn directly?
-----------------------------------------------------------
Because gunicorn/django can't serve static files very well and it is unwise to do
so for security reasons. I built this so that people can have a full hosted
solution in a container. If you have a host machine running nginx then of course
there is no point to run nginx in the container as well, you can simply disable
nginx, map gunicorn to a port and then set your host machine's nginx to display
your media and static files since that directory is shared between the container
and host.
Why use sqlite3?
----------------
Because it has a very low resource cost and most pinry websites are small
personal ones. Why have a full on database for that? If you need more power
than you can easily modify the `pinry/local_settings.py` to point to a
stronger database solution.
.. Links
.. _official getting started guide: http://www.docker.io/gettingstarted/
.. _website: http://getpinry.com/
.. _additional pinry configuration settings: https://github.com/pinry/pinry/blob/master/docker/pinry/local_settings.example.py

51
docker/bootstrap.sh
View File

@@ -1,51 +0,0 @@
#!/bin/bash
script_dir="$( dirname "${0}" )"
# Force users to login before seeing any pins.
if [ "${ALLOW_NEW_REGISTRATIONS}" = "" ]; then
ALLOW_NEW_REGISTRATIONS=true
fi
if [[ "$(docker images -q pinry/pinry 2> /dev/null)" == "" ]]; then
echo "No docker image found, building..." && "${script_dir}/build_docker.sh"
fi
echo "=================================================================================="
echo "Note: Please copy this key and keep it in a secure place."
echo "Then you should manually edit your pinry/local_settings.py"
echo "and replace SECRET_KEY with new secret-key if you had previously generated a"
echo "pinry/local_settings.py."
echo "If no previous pinry/local_settings.py generated, you can have a look and edit it."
echo "If you want to use docker-compose, just edit docker-compose.yml and use 'docker-compose up'"
SECRET_KEY=$(sudo docker run pinry/pinry /scripts/gen_key.sh)
echo ""
echo "Your secret-key is(also saved/overwritten your docker's /data/production_secret_key.txt):"
echo ""
echo ${SECRET_KEY}
echo "=================================================================================="
local_settings_file="${script_dir}/pinry/local_settings.py"
# Create local_settings.py
if [ ! -f "${local_settings_file}" ];
then
cp "${script_dir}/pinry/local_settings.example.py" "${local_settings_file}"
sed -i "s/secret\_key\_place\_holder/${SECRET_KEY}/" "${local_settings_file}"
# Force users to login before seeing any pins.
if [ "${PRIVATE}" = "true" ]; then
sed -i "s/PUBLIC = True/PUBLIC = False/" "${local_settings_file}"
fi
# Enable people from creating new accounts.
if [ "${ALLOW_NEW_REGISTRATIONS}" = "true" ]; then
sed -i "s/ALLOW_NEW_REGISTRATIONS = False/ALLOW_NEW_REGISTRATIONS = True/" "${local_settings_file}"
fi
fi
# Copy to docker-compose.yml
if [ ! -f "${script_dir}/docker-compose.yml" ];
then
cp "${script_dir}/docker-compose.example.yml" "${script_dir}/docker-compose.yml"
fi

16
docker/docker-compose.example.yml
View File

@@ -1,16 +0,0 @@
version: '3'
services:
web:
build: .
command: >
bash -c "/scripts/start.sh"
ports:
# if you use "127.0.0.1", no one except you can visit it from within
# - "127.0.0.1:10000:8000"
- "80:80"
volumes:
# overwrite local_settings, you can always modify your local_settings file
- ./pinry/local_settings.py:/srv/www/pinry/pinry/settings/local_settings.py
- ./data/:/data/
restart: always

12
docker/nginx/sites-enabled/default
View File

@@ -2,14 +2,10 @@ server {
listen 80 default;
server_name _;
access_log /srv/www/pinry/logs/access.log;
error_log /srv/www/pinry/logs/error.log;
access_log /data/nginx-access.log;
error_log /data/nginx-error.log;
location /media {
alias /data/static/media;
expires max;
access_log off;
}
root /pinry/pinry-spa/dist/;
location /static {
alias /data/static;
@@ -26,7 +22,7 @@ server {
}
location / {
root /srv/www/pinry/pinry-spa/dist/;
root /pinry/pinry-spa/dist/;
access_log off;
}
}

2
docker/pinry/.gitignore vendored
View File

@@ -1,2 +0,0 @@
local_settings.py
production_secret_key.txt

4
docker/scripts/_start_gunicorn.sh
View File

@@ -1,3 +1,5 @@
#!/bin/bash
gunicorn pinry.wsgi -b 0.0.0.0:8000 -w 4 \
--capture-output --timeout 30 --user www-data --group www-data
--capture-output --timeout 30 \
--user www-data --group www-data \
--env DJANGO_SETTINGS_MODULE=pinry.settings.docker

30
docker/scripts/bootstrap.sh Executable file
View File

@@ -0,0 +1,30 @@
#!/bin/bash
gen_key() {
echo "=================================================================================="
echo "Note: Please copy this key and keep it in a secure place."
echo "Then you should manually edit your pinry/local_settings.py"
echo "and replace SECRET_KEY with new secret-key if you had previously generated a"
echo "pinry/local_settings.py."
echo "If no previous pinry/local_settings.py generated, you can have a look and edit it."
echo "If you want to use docker-compose, just edit docker-compose.yml and use 'docker-compose up'"
SECRET_KEY=$(bash /pinry/docker/scripts/gen_key.sh)
echo ""
echo "Your secret-key is(also saved/overwritten your docker's /data/production_secret_key.txt):"
echo ""
echo ${SECRET_KEY}
echo "=================================================================================="
}
local_settings_file="/data/local_settings.py"
# Create local_settings.py
if [ ! -f "${local_settings_file}" ];
then
cp "/pinry/pinry/settings/local_settings.example.py" "${local_settings_file}"
gen_key
sed -i "s/secret\_key\_place\_holder/${SECRET_KEY}/" "${local_settings_file}"
fi
ln -s "${local_settings_file}" "/pinry/pinry/settings/local_settings.py"

23
docker/scripts/gen_key.sh
View File

@@ -1,13 +1,16 @@
#!/bin/bash
# Check for secret key if one doesn't exist create.
if [ ! -f /data/production_secret_key.txt ]
then
cd /data
PRODUCTION_SECRET_KEY=`pwgen -c -n -1 65`
echo $PRODUCTION_SECRET_KEY > /data/production_secret_key.txt
else
PRODUCTION_SECRET_KEY=`cat /data/production_secret_key.txt`
fi
gen_key() {
# Check for secret key if one doesn't exist create.
if [ ! -f /data/production_secret_key.txt ]
then
cd /data
PRODUCTION_SECRET_KEY=`pwgen -c -n -1 65`
echo $PRODUCTION_SECRET_KEY > /data/production_secret_key.txt
else
PRODUCTION_SECRET_KEY=`cat /data/production_secret_key.txt`
fi
echo ${PRODUCTION_SECRET_KEY}
echo ${PRODUCTION_SECRET_KEY}
}
gen_key

15
docker/scripts/start.sh
View File

@@ -8,19 +8,18 @@
# Authors: Isaac Bythewood
# Updated: Aug 19th, 2014
# -----------------------------------------------------------------------------
PROJECT_ROOT="/pinry"
bash ${PROJECT_ROOT}/docker/scripts/bootstrap.sh
# If static files don't exist collect them
if [ ! -d /data/static ]
then
cd /srv/www/pinry
python manage.py collectstatic --noinput
fi
cd ${PROJECT_ROOT}
python manage.py collectstatic --noinput --settings=pinry.settings.docker
# If database doesn't exist yet create it
if [ ! -f /data/production.db ]
then
cd /srv/www/pinry
cd ${PROJECT_ROOT}
python manage.py migrate --noinput --settings=pinry.settings.docker
fi
@@ -30,5 +29,5 @@ chown -R www-data:www-data /data
# start all process
/usr/sbin/nginx
cd /srv/www/pinry/
/scripts/_start_gunicorn.sh
cd ${PROJECT_ROOT}
./docker/scripts/_start_gunicorn.sh

3
docker/start_docker.sh
View File

@@ -12,5 +12,4 @@ fi
sudo docker run -d=true -p=80:80 \
-v=${DATA_PATH}:/data \
-v=${SETTINGS_PATH}:/srv/www/pinry/pinry/settings/local_settings.py \
pinry/pinry /scripts/start.sh
pinry/pinry

71
docs/src/install-with-docker.md Normal file
View File

@@ -0,0 +1,71 @@
Pinry Docker
================
A nice and easy way to get a Pinry instance up and running using docker. For
help on getting started with docker see the official getting started guide at
the end of this page.
# Getting Pinry Docker
Running this will get the latest version of pinry itself
```
git clone https://github.com/pinry/pinry
cd pinry/docker
./build_docker.sh
```
Now you can start your container by command like this
```
# this is where your database, local_settings and pins located
mkdir data
# use absolute path for docker to avoid using default data-volume (we use directory instead)
./start_docker.sh `readlink -f data`
```
Please visit `http://your-ip` to visit your instance and register a new account, enjoy it.
Configuring docker-pinry
------------------------
Enable signups for new users by editing `pinry/local_settings.py`
```
ALLOW_NEW_REGISTRATIONS = True
```
# Building docker-pinry again (with latest version)
Running this will build you a docker image with the latest version of pinry
```
git pull --rebase
cd ./docker/
./build_docker.sh
```
# Backup
Just copy `data` folder's content to an safe place, enjoy :)
# Why include nginx and not just map to gunicorn directly?
Because gunicorn/django can't serve static files very well and it is unwise to do
so for security reasons. I built this so that people can have a full hosted
solution in a container. If you have a host machine running nginx then of course
there is no point to run nginx in the container as well, you can simply disable
nginx, map gunicorn to a port and then set your host machine's nginx to display
your media and static files since that directory is shared between the container
and host.
# Why use sqlite3?
Because it has a very low resource cost and most pinry websites are small
personal ones. Why have a full on database for that? If you need more power
than you can easily modify the `data/local_settings.py` to point to a
stronger database solution.
# Links
+ [official getting started guide](http://www.docker.io/gettingstarted/)
+ [additional pinry configuration settings](https://github.com/pinry/pinry/blob/master/pinry/settings/local_settings.example.py)

1
mkdocs.yml
View File

@@ -17,6 +17,7 @@ nav:
- Screenshots: 'screenshots.md'
- Extensions: 'extensions.md'
- Theories: 'theories.md'
- InstallWithDocker: 'install-with-docker.md'
- Development: 'development.md'
- Docs: 'docs.md'
- Passwords: 'passwords.md'

9
pinry/settings/docker.py
View File

@@ -6,7 +6,8 @@ from .base import *
# SECURITY WARNING: keep the secret key used in production secret!
if 'SECRET_KEY' not in os.environ:
logging.warning(
"No SECRET_KEY given in environ, please have a check"
"No SECRET_KEY given in environ, please have a check."
"If you have a local_settings file, please ignore this warning."
)
SECRET_KEY = os.environ.get('SECRET_KEY', "PLEASE_REPLACE_ME")
@@ -35,7 +36,5 @@ REST_FRAMEWORK['DEFAULT_RENDERER_CLASSES'] = [
'rest_framework.renderers.JSONRenderer',
]
try:
from .local_settings import *
except ImportError:
pass
# should not ignore import error in production, local_settings is required
from .local_settings import *

2
docker/pinry/local_settings.example.py → pinry/settings/local_settings.example.py
View File

@@ -28,7 +28,7 @@ DATABASES = {
}
# Allow users to register by themselves
ALLOW_NEW_REGISTRATIONS = False
ALLOW_NEW_REGISTRATIONS = True
# Delete image files once you remove your pin
IMAGE_AUTO_DELETE = True

2
pinry/wsgi.py
View File

@@ -1,6 +1,4 @@
import os
from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "pinry.settings.docker")
application = get_wsgi_application()