Uwsgi and ready for deployment

7 files changed, 58 insertions, 5 deletions

diff --git a/.gitignore b/.gitignore
index ce88364..4017474 100644
--- a/.gitignore
+++ b/.gitignore
@@ -13,3 +13,6 @@ local_settings.py
 env/
 venv/
 ENV/
+
+# data dir
+data/
diff --git a/Dockerfile b/Dockerfile
index 1473480..9bb25dc 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -16,6 +16,7 @@ RUN apt-get update && \
     apt-get clean
 
 ADD src /app
+ADD other_conf/uwsgi.conf /app/
 ADD start.sh /
 
 ENTRYPOINT [ "/start.sh" ]
diff --git a/README.md b/README.md
index 2714a2a..76d72f9 100644
--- a/README.md
+++ b/README.md
@@ -5,16 +5,22 @@
 docker build --no-cache=true -t ndn-pwman .
 ```
 
+Make a `secret.txt` file and add a random 50 character secret in a data dir.
+
+```
+6dxjpk*+-ywfxxi#_wmpzon@-p6hwwh9z)7q0t)h7zy*tdz20x
+```
+
 Migrate db if necessary.
 
 ```
-docker run --rm -ti ndn-pwman migrate
+docker run --rm -ti -v $(pwd)/data:/opt/pwman ndn-pwman migrate
 ```
 
 Then run a collect static:
 
 ```
-docker run --rm --ti ndn-pwman -v /opt/pwman-statics:/opt/statics collectstatic
+docker run --rm --ti ndn-pwman -v $(pwd)/data:/opt/pwman collectstatic
 ```
 
 You need a useradmin keytab file, and the admin password for our ldap.
@@ -39,7 +45,7 @@ docker run --rm -ti ndn-pwman shell
 - LDAP_URL
 - LDAP_USER
 - LDAP_PASSWORD
-- KERBEROS_SCRIPT 
+- KERBEROS_SCRIPT
 - DEBUG_MODE
 - SECRET_KEY_FILE
 - SECRET_KEY
diff --git a/nginx-test/pwman.dev.conf b/nginx-test/pwman.dev.conf
index 12af816..2804b61 100644
--- a/nginx-test/pwman.dev.conf
+++ b/nginx-test/pwman.dev.conf
@@ -27,3 +27,28 @@ server {
     proxy_set_header AFFILIATION 'employee@nordu.net';
   }
 }
+
+server {
+  listen 80;
+  server_name uwsgi.pwman.dev;
+
+
+  location /sso/ {
+    include            uwsgi_params;
+    uwsgi_pass pwman:8000;
+  }
+
+  location /sso/accounts/login-federated/ {
+    include            uwsgi_params;
+    uwsgi_pass pwman:8000;
+    uwsgi_param HTTP_X_REMOTE_USER 'markus@nordu.net';
+    uwsgi_param HTTP_GIVENNAME 'Markus';
+    uwsgi_param HTTP_SN 'Krogh';
+    uwsgi_param HTTP_MAIL 'markus@nordu.net';
+    uwsgi_param HTTP_AFFILIATION 'employee@nordu.net';
+  }
+
+  location /sso/static/ {
+    alias /opt/pwman/;
+  }
+}
diff --git a/other_conf/uwsgi.conf b/other_conf/uwsgi.conf
new file mode 100644
index 0000000..ad48d13
--- /dev/null
+++ b/other_conf/uwsgi.conf
@@ -0,0 +1,18 @@
+[uwsgi]
+# Django-related settings
+plugins = python
+protocol = uwsgi
+# the base directory (full path)
+chdir           = /app/
+# Django's wsgi file
+wsgi-file       = /app/pwman/wsgi.py
+# process-related settings
+# master
+master          = true
+# maximum number of worker processes
+processes       = 5
+#threads        = 2
+max-requests    = 5000
+# the socket (use the full path to be safe
+socket          = 0.0.0.0:8000
+#socket          = /opt/pwman/pwman.sock
diff --git a/src/pwman/settings.py b/src/pwman/settings.py
index cf7bb69..8d63f92 100644
--- a/src/pwman/settings.py
+++ b/src/pwman/settings.py
@@ -11,7 +11,7 @@ DATA_DIR = environ.get('DATA_DIR', '/opt/pwman')
 # See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/
 
 
-ALLOWED_HOSTS = ['crowd.nordu.net', 'pwman.nordu.net', 'localhost']
+ALLOWED_HOSTS = ['crowd.nordu.net', 'pwman.nordu.net', 'localhost', 'uwsgi.pwman.dev']
 
 INSTALLED_APPS = [
     'django.contrib.auth',
diff --git a/start.sh b/start.sh
index c271303..2b0047c 100755
--- a/start.sh
+++ b/start.sh
@@ -10,7 +10,7 @@ case "$*" in
     ;;
   server)
     # uwsgi start!
-
+    uwsgi --ini /app/uwsgi.conf
     ;;
   shell)
     /bin/bash