more docker improvements

This commit is contained in:
Ross
2025-12-01 14:01:46 +00:00
parent 9ed789ba90
commit e9a04e823c
3 changed files with 55 additions and 3 deletions
+1 -1
View File
@@ -19,4 +19,4 @@ GUNICORN_LOGLEVEL=info
# Nginx host ports for local development (override prod defaults)
NGINX_HTTP_PORT=8000
NGINX_HTTPS_PORT=8443
NGINX_HTTPS_PORT=8443
+44 -2
View File
@@ -8,7 +8,35 @@ import os
DEBUG = True
INTERNAL_IPS = ["82.69.88.125", "217.155.198.96", "localhost"]
INTERNAL_IPS = ["82.69.88.125", "217.155.198.96", "localhost", "127.0.0.1"]
# When running in Docker (dev), requests will often come from an internal
# container/network address. Add any discovered host/container IPs (and a
# likely gateway address) to INTERNAL_IPS so the debug toolbar can render.
if DEBUG:
try:
import socket
hostname, _, ips = socket.gethostbyname_ex(socket.gethostname())
for ip in ips:
if ip not in INTERNAL_IPS:
INTERNAL_IPS.append(ip)
# common docker gateway pattern: replace last octet with '1'
parts = ip.split('.')
if len(parts) == 4:
parts[-1] = '1'
gw = '.'.join(parts)
if gw not in INTERNAL_IPS:
INTERNAL_IPS.append(gw)
except Exception:
# best-effort only; don't fail startup if this lookup doesn't work
pass
# In local/dev enable the toolbar unconditionally to avoid IP/proxy
# headaches while developing inside Docker/behind nginx.
DEBUG_TOOLBAR_CONFIG = {
"SHOW_TOOLBAR_CALLBACK": lambda request: True,
}
# Paths inside the nginx container / host-mounted deploy directories.
# On the server, these paths are mounted into nginx as described in the
@@ -75,4 +103,18 @@ DATABASES = {
#"HOST": os.environ.get("DB_HOST", "161.35.163.87"),
#"PORT": os.environ.get("DB_PORT", "5432"),
}
}
}
# Development overrides to avoid forcing HTTPS and secure cookies in local dev
# (production should keep these True).
SECURE_SSL_REDIRECT = False
SESSION_COOKIE_SECURE = False
CSRF_COOKIE_SECURE = False
SECURE_HSTS_SECONDS = 0
# Allow requests from the local dev nginx/dev server and direct runserver
# (include scheme+host+port for Django's origin checking).
CSRF_TRUSTED_ORIGINS = [
"http://127.0.0.1:8000",
"http://localhost:8000",
]
+10
View File
@@ -5,6 +5,16 @@ services:
web:
env_file:
- ../.env.dev
# Development: run Django's autoreloading development server instead of
# the production entrypoint/gunicorn. Mount the repository into the
# container so code edits on the host trigger Django's autoreload.
entrypoint: ["python", "manage.py", "runserver", "0.0.0.0:8000"]
# Clear any command set by the prod compose file (which would be passed
# as an extra argument to manage.py). Setting an empty command prevents
# the image `command` from being appended to the entrypoint.
command: []
volumes:
- ../:/usr/src/app:cached
nginx:
# Development nginx override: mount a simplified config that does not
# reference LetsEncrypt certs so the container can start without real