Completely re-structured the project from scratch, wrote a better bootstrap script, changed configuration format to yaml, improved Caddyfile, and more. #15 #16 #20
This commit is contained in:
parent
0012214f9b
commit
5572fec9c1
91 changed files with 739 additions and 1345 deletions
46
data/Caddyfile
Normal file
46
data/Caddyfile
Normal file
|
|
@ -0,0 +1,46 @@
|
|||
{
|
||||
# disable unwanted stuff
|
||||
admin off
|
||||
skip_install_trust
|
||||
# define the ports by the environment variables
|
||||
http_port {$HTTP_PORT}
|
||||
https_port {$HTTPS_PORT}
|
||||
}
|
||||
|
||||
0.0.0.0 {
|
||||
# the tls certificates
|
||||
tls {$DATADIR}/tls/server.pem {$DATADIR}/tls/server-key.pem
|
||||
route {
|
||||
# profile pictures
|
||||
file_server /profilepictures/* {
|
||||
root {$DATADIR}/profilepictures/..
|
||||
}
|
||||
# static files
|
||||
file_server /static/* {
|
||||
root {$DATADIR}/static/..
|
||||
}
|
||||
# favicon
|
||||
redir /favicon.ico /static/favicon.ico
|
||||
# reverse proxy to the (django) application
|
||||
reverse_proxy localhost:{$APPLICATION_PORT}
|
||||
# set additional security headers
|
||||
header Content-Security-Policy "default-src 'self'"
|
||||
}
|
||||
# use compression
|
||||
encode gzip
|
||||
# logging
|
||||
log {
|
||||
output file {$ACCESS_LOG}
|
||||
format filter {
|
||||
wrap console
|
||||
fields {
|
||||
common_log delete
|
||||
request>headers delete
|
||||
request>tls delete
|
||||
user_id delete
|
||||
resp_headers delete
|
||||
}
|
||||
}
|
||||
level INFO
|
||||
}
|
||||
}
|
||||
37
data/config.example.yml
Normal file
37
data/config.example.yml
Normal file
|
|
@ -0,0 +1,37 @@
|
|||
---
|
||||
app:
|
||||
# The secret key, used for security protections
|
||||
# This MUST be a secret, very long, random string
|
||||
secret_key: "!!!insert random data!!!"
|
||||
# The port for the asgi application
|
||||
# This should be blocked by the firewall
|
||||
application_port: 8001
|
||||
# Used for auto-logout, in seconds
|
||||
session_cookie_age: 600
|
||||
# Interval for automatic session clearing, in minutes
|
||||
session_clear_interval: 120
|
||||
# The default and fallback language, currently only de and en are supported.
|
||||
language_code: "en"
|
||||
# Your timezone
|
||||
timezone: "CET"
|
||||
# Specify the suffix for your currency
|
||||
currency_suffix: "$"
|
||||
# Enable/Disable password validation
|
||||
# (numeric PINs are NOT valid when this is set to true)
|
||||
password_validation: true
|
||||
db:
|
||||
# Database configuration
|
||||
database: "drinks"
|
||||
user: "drinks"
|
||||
password: "insert password"
|
||||
host: "127.0.0.1"
|
||||
port: 5432
|
||||
caddy:
|
||||
# Ports that the web server listens on
|
||||
http_port: 80
|
||||
https_port: 443
|
||||
logs:
|
||||
# Logfile paths
|
||||
caddy: "./data/logs/caddy.log"
|
||||
http_access: "./data/logs/http-access.log"
|
||||
application: "./data/logs/application.log"
|
||||
0
data/logs/.gitkeep
Normal file
0
data/logs/.gitkeep
Normal file
0
data/tls/.gitkeep
Normal file
0
data/tls/.gitkeep
Normal file
Loading…
Add table
Add a link
Reference in a new issue