Add documentation. Debugging and porting still missing. Initial setup explained

This commit is contained in:
Mario Hüttel 2024-11-25 23:39:15 +01:00
parent 146c2da4f3
commit cfb9970c26

View File

@ -40,6 +40,10 @@ The following settings are required to be adapted:
- `DJANGO_SECRET_KEY`: Provide a secret, and randomly generated key. Do not share this with anybody!
- `DJANGO_ALLOWED_HOST`: Set this to the domain, the application will be reached at. E.g: `lab.example.com`
- `DJANGO_MEDIA_URL`: Set this to the media URL at which your webserver serves the `DJANGO_MEDIA_VOL` diretory. E.g: `media.lab.example.com/` Note the **slash at the end**. It is important.
- `DJANGO_USER_ID`: The user ID to run the application inside the docker container. This is the user id, that is used to write the to `DJANGO_STATIC_VOL` and `DJANGO_MEDIA_VOL`. Make sure the user has access.
- `DJANGO_USER_GID`: The group ID to run the application inside the docker container. This is the group id, that is used to write the to `DJANGO_STATIC_VOL` and `DJANGO_MEDIA_VOL`.
> Note: It is not recommended to run the docker container without a set `DJANGO_USER_ID` and `DJANGO_USER_GID`. It will default to `0 (root)`.
Once the environment is set up, the docker containers can be built and started. Run
```
@ -96,18 +100,18 @@ server {
# Reverse Proxy for application
server {
listen 443 ssl;
listen [::]:443 ssl;
http2 on;
listen 443 ssl;
listen [::]:443 ssl;
http2 on;
# Add this for HTTP3. If your nginx is older than 2.25 this might not be available
######################################################################################
# listen 443 quic reuseport;
# listen [::]:443 quic reuseport;
# Enable QUIC and HTTP/3
# ssl_early_data on;
# add_header Alt-Svc 'h3=":443"; ma=86400';
# listen 443 quic reuseport;
# listen [::]:443 quic reuseport;
# Enable QUIC and HTTP/3
# ssl_early_data on;
# add_header Alt-Svc 'h3=":443"; ma=86400';
#######################################################################################
server_name lab.example.com; # Adapt domain
@ -146,7 +150,7 @@ server {
server {
listen 443 ssl;
listen [::]:443 ssl;
# Add this for HTTP3. If your nginx is older than 2.25 this might not be available
# Add this for HTTP3. If your nginx is older than 2.25 this might not be available
######################################################################################
# listen 443 quic reuseport;
# listen [::]:443 quic reuseport;
@ -158,15 +162,15 @@ server {
server_name media.lab.example.com; # Adapt according to DJANGO_MEDIA_URL
# Use letsencrypt as SSL certificate provider.
ssl_certificate /etc/letsencrypt/live/media.lab.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/media.lab.example.com/privkey.pem;
# Use letsencrypt as SSL certificate provider.
ssl_certificate /etc/letsencrypt/live/media.lab.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/media.lab.example.com/privkey.pem;
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:1m;
ssl_ession_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
error_page 502 /lab_down.html;