flask site buildout #2
@ -12,7 +12,7 @@ COPY requirements.txt /code
|
||||
RUN target=/root/.cache/pip \
|
||||
pip3 install --root-user-action=ignore -q -r requirements.txt
|
||||
|
||||
# Need to make this explicit as part of expansion, no migrations or venv
|
||||
# Dockerignore has this skip migrations, venv, sqlite db
|
||||
COPY . .
|
||||
|
||||
ENV FLASK_APP microblog.py
|
||||
|
||||
@ -9,7 +9,6 @@ class Config:
|
||||
SQLALCHEMY_DATABASE_URI = 'mariadb+mariadbconnector://flasku:' + os.environ.get('DOTENV_MYSQL_PASSWORD') + '@db:3306/flask'
|
||||
|
||||
MAIL_SERVER = 'pmb'
|
||||
#MAIL_SERVER = ''
|
||||
MAIL_PORT = 25
|
||||
MAIL_USE_TLS = False
|
||||
MAIL_USERNAME = ''
|
||||
|
||||
@ -28,17 +28,23 @@ services:
|
||||
build:
|
||||
context: backend
|
||||
target: builder
|
||||
restart: always
|
||||
# Next two are only debug, used without restart
|
||||
stdin_open: true
|
||||
tty: true
|
||||
#restart: always
|
||||
# Comment following line to use flask (1worker, dev), uncomment to use uwsgi (wsgi)
|
||||
#command: ["uwsgi", "--http", "0.0.0.0:8000", "--master", "-p", "4", "-w", "app:server"]
|
||||
#command: ["uwsgi", "--http", "0.0.0.0:8000", "--master", "-p", "4", "-w", "microblog:app"]
|
||||
environment:
|
||||
- MYSQL_USER=flasku
|
||||
#- MYSQL_PASSWORD=flaskp
|
||||
- MYSQL_PASSWORD=${DOTENV_MYSQL_FLASK_PASSWORD}
|
||||
- TOKEN_I=${DOTENV_TOKEN_I}
|
||||
- TOKEN_C=${DOTENV_TOKEN_C}
|
||||
- ADMIN_EMAIL=${ADMIN_EMAIL}
|
||||
- FROM_ADDRESS=${GITEA_MAIL_FROM}
|
||||
- DOTENV_MYSQL_PASSWORD=${DOTENV_MYSQL_FLASK_PASSWORD}
|
||||
- DOTENV_FLASK_SECRET_KEY=${FLASK_SECRET_KEY}
|
||||
- DOTENV_TOKEN_I=${FLASK_TOKEN_I}
|
||||
- DOTENV_TOKEN_C=${FLASK_TOKEN_C}
|
||||
- DOTENV_ADMIN_EMAIL=${FLASK_ADMIN_EMAIL}
|
||||
- DOTENV_FROM_ADDRESS=${FLASK_MAIL_FROM}
|
||||
- DOTENV_JWT_PHRASE=${FLASK_JWT_PHRASE}
|
||||
- DOTENV_REAL_HOSTNAME=${FLASK_REAL_HOSTNAME}
|
||||
#ports:
|
||||
# - 8000:8000
|
||||
expose:
|
||||
|
||||
@ -28,17 +28,23 @@ services:
|
||||
build:
|
||||
context: backend
|
||||
target: builder
|
||||
# Next two are only debug, used without restart
|
||||
#stdin_open: true
|
||||
#tty: true
|
||||
restart: always
|
||||
# Comment following line to use flask (1worker, dev), uncomment to use uwsgi (wsgi)
|
||||
command: ["uwsgi", "--http", "0.0.0.0:8000", "--master", "-p", "4", "-w", "app:server"]
|
||||
command: ["uwsgi", "--http", "0.0.0.0:8000", "--master", "-p", "4", "-w", "microblog:app"]
|
||||
environment:
|
||||
- MYSQL_USER=flasku
|
||||
#- MYSQL_PASSWORD=flaskp
|
||||
- MYSQL_PASSWORD=${DOTENV_MYSQL_FLASK_PASSWORD}
|
||||
- TOKEN_I=${DOTENV_TOKEN_I}
|
||||
- TOKEN_C=${DOTENV_TOKEN_C}
|
||||
- ADMIN_EMAIL=${ADMIN_EMAIL}
|
||||
- FROM_ADDRESS=${GITEA_MAIL_FROM}
|
||||
- DOTENV_MYSQL_PASSWORD=${DOTENV_MYSQL_FLASK_PASSWORD}
|
||||
- DOTENV_FLASK_SECRET_KEY=${FLASK_SECRET_KEY}
|
||||
- DOTENV_TOKEN_I=${FLASK_TOKEN_I}
|
||||
- DOTENV_TOKEN_C=${FLASK_TOKEN_C}
|
||||
- DOTENV_ADMIN_EMAIL=${FLASK_ADMIN_EMAIL}
|
||||
- DOTENV_FROM_ADDRESS=${FLASK_MAIL_FROM}
|
||||
- DOTENV_JWT_PHRASE=${FLASK_JWT_PHRASE}
|
||||
- DOTENV_REAL_HOSTNAME=${FLASK_REAL_HOSTNAME}
|
||||
#ports:
|
||||
# - 8000:8000
|
||||
expose:
|
||||
@ -90,9 +96,9 @@ services:
|
||||
proxy:
|
||||
build: proxy
|
||||
restart: always
|
||||
volumes:
|
||||
- /home/finn/d/cert/var/lib/letsencrypt:/var/lib/letsencrypt
|
||||
- /home/finn/d/cert/etc/letsencrypt:/etc/letsencrypt
|
||||
#volumes:
|
||||
# - /home/finn/d/cert/var/lib/letsencrypt:/var/lib/letsencrypt
|
||||
# - /home/finn/d/cert/etc/letsencrypt:/etc/letsencrypt
|
||||
ports:
|
||||
- 80:80
|
||||
- 443:443
|
||||
|
||||
15
dotenv
15
dotenv
@ -5,7 +5,7 @@ DOTENV_MYSQL_ROOT_PASSWORD=rootp
|
||||
DOTENV_MYSQL_GITEA_PASSWORD=giteap
|
||||
DOTENV_MYSQL_FLASK_PASSWORD=flaskp
|
||||
|
||||
GITEA_MAIL_FROM=gitea@gitea.changeme
|
||||
GITEA_MAIL_FROM="git@changeme"
|
||||
|
||||
# Build ARG GPG_PP. May still need to be empty to avoid breakage.
|
||||
BUILD_GPG_PP=
|
||||
@ -13,12 +13,15 @@ BUILD_GPG_PP=
|
||||
|
||||
# Backend:
|
||||
|
||||
FLASK_SECRET_KEY="changeme"
|
||||
# Inconsequential token: minimal inconvenience if exposed
|
||||
DOTENV_TOKEN_I=dti
|
||||
FLASK_TOKEN_I=dti
|
||||
|
||||
# Consequential token: protect
|
||||
DOTENV_TOKEN_C=dtc
|
||||
|
||||
# Destination address for handler mailer
|
||||
ADMIN_EMAIL="email@email.changeme"
|
||||
FLASK_TOKEN_C=dtc
|
||||
|
||||
FLASK_MAIL_FROM="git@changeme"
|
||||
# admin email must be valid send from with mail subsystem
|
||||
FLASK_ADMIN_EMAIL="git@changeme"
|
||||
FLASK_JWT_PHRASE="jwtphrase"
|
||||
FLASK_REAL_HOSTNAME="localhost"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user