diff --git a/compose.yml b/compose.yml index 750ada7..9602d42 100644 --- a/compose.yml +++ b/compose.yml @@ -19,11 +19,18 @@ services: ports: - 8001:8001 environment: + DEBUG: "False" CTLSSA_SECRET_KEY: '1' CTLSSA_DJANGO_DATABASE: production CTLSSA_DB_ENGINE: postgresql_psycopg2 CTLSSA_DB_HOST: db CTLSSA_CERTSTREAM_SERVER_URL: ws://certstream:4000 + labels: + - "traefik.enable=true" + - "traefik.http.routers.ctlssa.rule='Host(`${CTLSSA_HOSTNAME}`) && PathPrefix(`/ctlssa`)" + - "traefik.http.routers.ctlssa.priority=20" + - "traefik.http.routers.ctlssa.entrypoints=websecure" + # uwsgi reloads on SIGTERM, so use SIGINT instead # https://uwsgi-docs.readthedocs.io/en/latest/Management.html#signals-for-controlling-uwsgi stop_signal: SIGINT @@ -47,6 +54,7 @@ services: develop: *app_develop image: ghcr.io/internetstandards/ctlssa:latest environment: + DEBUG: "False" CTLSSA_SECRET_KEY: '1' CTLSSA_DJANGO_DATABASE: production CTLSSA_DB_ENGINE: postgresql_psycopg2 diff --git a/src/ctlssa/app/settings.py b/src/ctlssa/app/settings.py index 7b13d6e..e550152 100644 --- a/src/ctlssa/app/settings.py +++ b/src/ctlssa/app/settings.py @@ -24,9 +24,10 @@ SECRET_KEY: str = os.environ.get("SECRET_KEY", "_dzlo^9d#ox6!7c9rju@=u8+4^sprqocy3s*l*ejc2yr34@&98") # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True +DEBUG = os.environ.get("DEBUG", "False").lower() == "true" -ALLOWED_HOSTS = os.environ.get("CTLSSA_ALLOWED_HOSTS", "").split(",") +CTLSSA_HOSTNAME = os.environ.get("CTLSSA_HOSTNAME", "localhost:8001") +ALLOWED_HOSTS = os.environ.get("CTLSSA_ALLOWED_HOSTS", f"{CTLSSA_HOSTNAME}").split(",") # Application definition diff --git a/src/ctlssa/suggestions/urls.py b/src/ctlssa/suggestions/urls.py index 061eef5..4bb0a74 100644 --- a/src/ctlssa/suggestions/urls.py +++ b/src/ctlssa/suggestions/urls.py @@ -4,4 +4,6 @@ urlpatterns = [ path("", views.suggest, name="suggest"), + # make available under alternative path for when reverse proxied under prefix + path("ctlssa", views.suggest, name="suggest"), ]