Use as docker image

.dockerignore

@@ -0,0 +1,3 @@
+.venv-*
+.git
+.idea

Dockerfile

@@ -0,0 +1,25 @@
+FROM python:3-alpine
+
+RUN apk add --no-cache tzdata && \
+    cp /usr/share/zoneinfo/Europe/Paris /etc/localtime && \
+    echo "Europe/Paris" >  /etc/timezone
+
+RUN apk add --no-cache postgresql-dev gcc musl-dev
+
+WORKDIR /app
+
+COPY requirements.txt /app
+
+RUN pip3 install -r requirements.txt
+
+COPY . /app
+
+VOLUME /app/staticfiles
+
+ENV DATABASE_URL postgres://postgresql:postgresql@db:5432/dashboard
+
+EXPOSE 8000
+
+RUN chmod +x bash/run-prod.sh
+
+CMD /app/bash/run-prod.sh

bash/dashboard.env

@@ -0,0 +1 @@
+DATABASE_URL=postgres://user:password@host/dashboard

bash/run-prod.sh

@@ -0,0 +1,2 @@
+#!/bin/sh
+python3 manage.py migrate && python3 manage.py collectstatic --noinput && gunicorn refunds.wsgi -b 0.0.0.0:8000 --log-file -

bash/update-refunds.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+set -e
+BASE_IMAGE="refunds"
+REGISTRY="crocmagnon"
+IMAGE="$REGISTRY/$BASE_IMAGE"
+CID=$(docker ps | grep $IMAGE | awk '{print $1}')
+docker pull $IMAGE
+
+for im in $CID
+do
+    LATEST=`docker inspect --format "{{.Id}}" $IMAGE`
+    RUNNING=`docker inspect --format "{{.Image}}" $im`
+    NAME=`docker inspect --format '{{.Name}}' $im | sed "s/\///g"`
+    echo "Latest:" $LATEST
+    echo "Running:" $RUNNING
+    if [ "$RUNNING" != "$LATEST" ];then
+        echo "upgrading $NAME"
+        docker stop $NAME
+        docker rm -f $NAME
+        docker run \
+            -v /opt/conf/www/$NAME:/app/staticfiles \
+            --name $NAME \
+            --env-file /opt/conf/environments/$NAME.env \
+            --restart always \
+            --net web \
+            -d $IMAGE
+    else
+        echo "$NAME up to date"
+    fi
+done

refunds/settings.py

@@ -45,11 +45,11 @@ USE_X_FORWARDED_HOST = PROD
 
 # We don't want to redirect but throw an error if no SSL in prod.
 # See api.middleware.RejectHTTPMiddleware
-SECURE_SSL_REDIRECT = ssl_required
+# SECURE_SSL_REDIRECT = ssl_required
 
 SECRET_KEY = os.getenv('SECRET_KEY', '+)2m1(7!+5-p-iazefib&8i7+a4^pod(èer!éç"fn,uo5)jhem(1-bo#p')
 
-ALLOWED_HOSTS = ['localhost', '.herokuapp.com', '.augendre.info']
+ALLOWED_HOSTS = ['localhost', '.herokuapp.com', '.augendre.info', 'refunds-web']
 
 X_FRAME_OPTIONS = 'DENY'