adds nginx; git-deploy 1.0.5 config changes

.gitignore

@@ -1,10 +1,18 @@
 *.pyc
 .env
+.envrc
+venv
 .in
 .localstack/
 package-lock.json
 node_modules/*
 
+/mnt/*
+
+nginx/localhost/*
+minica-key.pem
+minica.pem
+
 
 # Ignore the build directory
 

README.DOCKER.md

@@ -0,0 +1,36 @@
+## Alternative localized "deployment"
+
+
+This configuration looks more like deployment, but is slightly more awkward for
+development, particularly for making changes to static files:
+
+`docker-compose.local.yml` will:
+
+ * start a postgres container
+ * start an Nginx container
+ * start an application container and run the application via gunicorn
+
+The application is served internally on socket file which is proxied to port 80 on the localhost.
+
+If running the local deployment on https, you will need to create ssl certs. Be sure
+to have [minica](https://github.com/jsha/minica) installed, then:
+
+```
+$ cd nginx
+$ minica --domains localhost 
+```
+
+This will create the following gitignored files that will be copied into the nginx build
+(see the nginx Dockerfile for details):
+
+ * nginx/localhost/cert.pem
+ * nginx/localhost/key.pem
+ * minica.pem
+
+
+```
+$ docker-compose -f docker-compose.local.yml build
+$ docker-compose -f docker-compose.local.yml up
+```
+Go to: http://localhost or https://localhost
+

copybuild_to_cdn.sh

@@ -0,0 +1 @@
+aws --endpoint-url=http://localhost:4572 s3 cp build/ s3://cdn.knilab.com/libs/storymapjs/dev/ --recursive --acl public-read

deploy/config.common.yml

@@ -1,7 +1,6 @@
 project_name: StoryMapJS
-gitdeploy_version: "1.0.4"
-port: 9014
-python: python2
+gitdeploy_version: "1.0.5"
+python: python3
 type: flask
 pwd: "{{ lookup('env', 'PWD') }}"
 # these will be merged with deployment-specific env into init_env
@@ -28,25 +27,23 @@ init_env_common:
 static_dir: "{{ deploy_dir }}/static"
 
 application_dir: "{{ deploy_dir }}" # application dir could be a subdirectory
-service_name: "apps/storymap"
+service_name: "storymap"
 
 # Configs below will not usually change
 deploy_dir: "{{ install_root }}/{{ project_name }}"
-env_setup_script: "{{ deploy_dir }}/env.sh"
-env_run_script: "{{ deploy_dir }}/env_run.sh"
+env_run_script: "direnv exec {{ deploy_dir }}"
+env_file: "{{ deploy_dir }}/.env"
 project_repo: "[email protected]:NUKnightLab/{{ project_name }}.git"
 requirements_file: "{{ deploy_dir }}/requirements.txt"
 virtualenv: "{{ virtualenv_root }}/{{ project_name }}"
 wsgi_application: "core.wsgi:application"
-static_service: "s3"
-static_dest: "s3://{{ static_bucket }}/{{ project_name }}"
 
 # Configs common to all projects
 application_user: apps
 install_root: /home/{{ application_user }}/sites
 virtualenv_root: /home/{{ application_user }}/env
 
-nginx_template: "{{ config_dir }}/custom_nginx.j2"
+nginx_conf: "{{ deploy_dir }}/nginx/conf.d/{{ project_name }}.conf"
 
 # environment keys must match deployment branch names. Value is the name
 # of the branch to be merged into this environment during deployment.

deploy/config.stg.yml

@@ -1,4 +1,4 @@
-domains: "storymap.knilab.com"
+domains: "stg-storymap.knightlab.com"
 cnames: "storymapjs.knilab.com"
 static_bucket: "media.knilab.com"
 gunicorn_reload: True # generally True on staging only

docker-compose.local.yml

@@ -0,0 +1,87 @@
+version: '3'
+
+# Runs the Django development server, which is less than ideal in terms of
+# replicating the deployment environment locally -- for which, the
+# docker-compose-local.yml file is provided. However, due to lack of a good solution
+# for static file development in a more deployment-like configuration, this
+# current compose file is provided for development.
+
+# web service mount to apps location so that development updates in the application
+# are reflected in the container.
+
+# Note: the db build will create the default postgres database and user. To
+# create the application database, run `initdb.sh` after building.
+
+services:
+  app:
+    restart: always
+    build: .
+    #ports:
+    #  - "443:5000"
+    #  - "80:5000"
+    links:
+      - mongo:mongo
+      - localstack:localstack
+    volumes:
+      - .:/usr/src/apps/StoryMapJS
+      - .localstack:/usr/src/apps/StoryMapJS/.localstack
+    env_file: .env
+    #command: python api.py -s -p 5000
+    command: gunicorn --workers 3 --worker-tmp-dir /dev/shm --bind unix:/usr/src/apps/StoryMapJS/mnt/storymap.sock core.wsgi:application
+    depends_on:
+      - mongo
+
+  #static:
+  #  restart: always
+  #  image: nginx:alpine
+  #  volumes:
+  #    - ./build:/var/www
+  #    - ./localhost/default.conf:/etc/nginx/conf.d/default.conf
+  #    - .localstack/server.test.pem.crt:/etc/nginx/conf.d/server.crt
+  #    - .localstack/server.test.pem.key:/etc/nginx/conf.d/server.key
+  #  ports:
+  #    - "3000:443"
+
+  nginx:
+    build: ./nginx/
+    restart: always
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - .:/usr/src/apps/storymap
+      - web-static:/var/www/storymap
+      - ./nginx/logs:/var/log/nginx
+    links:
+      - app:app
+    depends_on:
+      - app
+
+  mongo:
+    image: mongo:2.4
+    restart: always
+    volumes:
+      - mongodata:/data/db
+    ports:
+      - "27017-27019:27017-27019"
+      - "28017:28017"
+    environment:
+      MONGO_INITDB_DATABASE: storymapjs
+
+  localstack:
+    image: localstack/localstack-light
+    restart: always
+    environment:
+      USE_LIGHT_IMAGE: 1
+      USE_SSL: 1
+      LOCALSTACK_SERVICES: s3
+      DATA_DIR: /tmp/localstack/data
+    ports:
+      - '4563-4599:4563-4599'
+    volumes:
+      - ./.localstack:/tmp/localstack
+      - /var/run/docker.sock:/var/run/docker.sock
+
+volumes:
+  mongodata:
+  web-static:

makebuckets.sh

@@ -0,0 +1,2 @@
+aws --endpoint-url=http://localhost:4572 s3 mb s3://uploads.knilab.com
+aws --endpoint-url=http://localhost:4572 s3 mb s3://cdn.knilab.com

nginx/Dockerfile

@@ -0,0 +1,8 @@
+FROM nginx:latest
+RUN rm /etc/nginx/conf.d/default.conf
+COPY conf.d/ /etc/nginx/conf.d/
+COPY ./localhost/cert.pem /etc/letsencrypt/live/knightlab.com/fullchain.pem
+COPY ./localhost/key.pem /etc/letsencrypt/live/knightlab.com/privkey.pem
+COPY ./minica.pem /etc/letsencrypt/live/knightlab.com/chain.pem
+RUN ln -sf /dev/stdout /var/log/nginx/storymap.log \
+	&& ln -sf /dev/stderr /var/log/nginx/storymap.err.log

nginx/conf.d/storymap.conf

@@ -0,0 +1,41 @@
+server {
+  listen 80;
+  server_name localhost storymap.knightlab.com stg-storymap.knightlab.com;
+
+  # Intended to make localhost development a bit more sane. Remove this
+  # condition if absolute parity with deployment is required. See also
+  # "If Is Evil" in the Nginx docs: https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
+  if ($host = localhost) {
+    return 302 https://$host$request_uri;
+  }
+
+  return 301 https://$host$request_uri;
+}
+
+server {
+  #listen 80;
+  listen 443 ssl;
+  server_name localhost storymap.knightlab.com stg-storymap.knightlab.com;
+
+  ssl_certificate /etc/letsencrypt/live/knightlab.com/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/knightlab.com/privkey.pem;
+  ssl_trusted_certificate /etc/letsencrypt/live/knightlab.com/chain.pem;
+
+  ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
+
+  access_log  /var/log/nginx/storymap.log;
+  error_log /var/log/nginx/storymap.err.log info;
+  client_max_body_size 5M;
+  root /var/www/storymap;
+
+  location / {
+    try_files $uri @proxy_to_storymap;
+  }
+
+  location @proxy_to_storymap {
+      proxy_pass http://unix:/usr/src/apps/storymap/mnt/storymap.sock;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+  }
+}

stagedev.py

@@ -0,0 +1,40 @@
+    def build():
+        """Build lib version"""
+        _setup_env()
+        # Get build config
+        if not 'build' in _config:
+            abort('Could not find "build" in config file')
+        # Check version
+        if not 'version' in _config:
+            _config['version'] = datetime.utcnow().strftime('%Y-%m-%d-%H-%M-%S')
+            warn('Using development version value "%(version)s"' % _config)
+        notice('Building version %(version)s...' % _config)
+        # Clean build directory
+        clean(_config['build_path'])
+        # Build it
+        for key, param in _config['build'].iteritems():
+            getattr(static, key)(_config, param)
+
+
+   def stage_dev():
+        """
+        Build lib and copy to local cdn repository as 'dev' version
+        No tagging/committing/etc/
+        """
+        _setup_env()
+        if not 'stage' in _config:
+            abort('Could not find "stage" in config file')
+        # Make sure cdn exists
+        exists(dirname(env.cdn_path), required=True)
+        # Build version
+        build()
+        # Copy to local CDN repository
+        cdn_path = join(env.cdn_path, 'dev')
+        clean(cdn_path)
+        for r in _config['stage']:
+            static.copy(_config, [{
+                "src": r['src'],
+                "dst": cdn_path, "regex": r['regex']}])
+        # Create zip file in local CDN repository
+        _make_zip(join(cdn_path, '%(name)s.zip' % _config))
+