Create a docker-compose suitable for dev

This commit is contained in:
Gabriel Augendre 2020-12-27 13:35:16 +01:00
parent ffba6728b6
commit 14a7b31026
No known key found for this signature in database
GPG key ID: 1E693F4CE4AEE7B4
2 changed files with 60 additions and 7 deletions

View file

@ -2,7 +2,10 @@ version: '2.4'
services:
django:
image: rg.fr-par.scw.cloud/crocmagnon/blog:latest
build: .
build:
context: .
args:
POETRY_OPTIONS: "--no-dev"
env_file:
- .env
volumes:
@ -19,14 +22,9 @@ services:
volumes:
- staticfiles:/app/static
- media:/app/media
- ./docker/nginx.conf:/etc/nginx/conf.d/default.conf
- ./docker/nginx-dev.conf:/etc/nginx/conf.d/default.conf
depends_on:
- django
tests:
image: rg.fr-par.scw.cloud/crocmagnon/blog:tests
build:
context: .
dockerfile: tests.Dockerfile
volumes:
staticfiles: {}

55
docker/nginx-dev.conf Normal file
View file

@ -0,0 +1,55 @@
server {
server_name localhost:8000;
client_max_body_size 10M;
gzip on;
gzip_types
application/javascript
application/x-javascript
application/json
application/rss+xml
application/xml
application/vnd.ms-fontobject
application/font-sfnt
image/svg+xml
image/x-icon
text/xml
text/javascript
text/css
text/plain;
gzip_min_length 256;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_vary on;
location /static/ {
alias /app/static/;
expires 30d;
}
location /media/ {
alias /app/media/;
expires 30d;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://django:8000;
proxy_redirect off;
}
add_header Content-Security-Policy "frame-ancestors 'none'; default-src 'none'; img-src 'self' https:; script-src 'self'
https://plausible.augendre.info; connect-src https://plausible.augendre.info; style-src 'self' 'unsafe-inline';
font-src 'self'; manifest-src 'self';" always;
add_header X-Frame-Options "DENY" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
listen [::]:80;
listen 80;
}