diff --git a/.env.dev b/.env.dev index 20e927f3..fe69fd87 100644 --- a/.env.dev +++ b/.env.dev @@ -19,4 +19,4 @@ GUNICORN_LOGLEVEL=info # Nginx host ports for local development (override prod defaults) NGINX_HTTP_PORT=8000 -NGINX_HTTPS_PORT=8443 +NGINX_HTTPS_PORT=8443 \ No newline at end of file diff --git a/deploy/settings_local.py b/deploy/settings_local.py index e1dd6ec5..03376c38 100644 --- a/deploy/settings_local.py +++ b/deploy/settings_local.py @@ -8,7 +8,35 @@ import os DEBUG = True -INTERNAL_IPS = ["82.69.88.125", "217.155.198.96", "localhost"] +INTERNAL_IPS = ["82.69.88.125", "217.155.198.96", "localhost", "127.0.0.1"] + +# When running in Docker (dev), requests will often come from an internal +# container/network address. Add any discovered host/container IPs (and a +# likely gateway address) to INTERNAL_IPS so the debug toolbar can render. +if DEBUG: + try: + import socket + + hostname, _, ips = socket.gethostbyname_ex(socket.gethostname()) + for ip in ips: + if ip not in INTERNAL_IPS: + INTERNAL_IPS.append(ip) + # common docker gateway pattern: replace last octet with '1' + parts = ip.split('.') + if len(parts) == 4: + parts[-1] = '1' + gw = '.'.join(parts) + if gw not in INTERNAL_IPS: + INTERNAL_IPS.append(gw) + except Exception: + # best-effort only; don't fail startup if this lookup doesn't work + pass + +# In local/dev enable the toolbar unconditionally to avoid IP/proxy +# headaches while developing inside Docker/behind nginx. +DEBUG_TOOLBAR_CONFIG = { + "SHOW_TOOLBAR_CALLBACK": lambda request: True, +} # Paths inside the nginx container / host-mounted deploy directories. # On the server, these paths are mounted into nginx as described in the @@ -75,4 +103,18 @@ DATABASES = { #"HOST": os.environ.get("DB_HOST", "161.35.163.87"), #"PORT": os.environ.get("DB_PORT", "5432"), } -} \ No newline at end of file +} + +# Development overrides to avoid forcing HTTPS and secure cookies in local dev +# (production should keep these True). +SECURE_SSL_REDIRECT = False +SESSION_COOKIE_SECURE = False +CSRF_COOKIE_SECURE = False +SECURE_HSTS_SECONDS = 0 + +# Allow requests from the local dev nginx/dev server and direct runserver +# (include scheme+host+port for Django's origin checking). +CSRF_TRUSTED_ORIGINS = [ + "http://127.0.0.1:8000", + "http://localhost:8000", +] \ No newline at end of file diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml index 9ae4f4c8..cc688c95 100644 --- a/docker/docker-compose.dev.yml +++ b/docker/docker-compose.dev.yml @@ -5,6 +5,16 @@ services: web: env_file: - ../.env.dev + # Development: run Django's autoreloading development server instead of + # the production entrypoint/gunicorn. Mount the repository into the + # container so code edits on the host trigger Django's autoreload. + entrypoint: ["python", "manage.py", "runserver", "0.0.0.0:8000"] + # Clear any command set by the prod compose file (which would be passed + # as an extra argument to manage.py). Setting an empty command prevents + # the image `command` from being appended to the entrypoint. + command: [] + volumes: + - ../:/usr/src/app:cached nginx: # Development nginx override: mount a simplified config that does not # reference LetsEncrypt certs so the container can start without real