Feature: Docker deployment configuration

- Добавлена поддержка docker-compose для развертывания - STATIC_ROOT автоматически переключается в prod (/Volume1/DockerAppsData/npm/data/static/) - Добавлены ALLOWED_HOSTS и CSRF_TRUSTED_ORIGINS из env переменных - Улучшена обработка .env файла (проверка существования) - Добавлен gunicorn в requirements.txt - Добавлены .dockerignore, Dockerfile, docker-compose.yml - Добавлены example файлы для .env.docker и entrypoint.sh - Обновлен .gitignore для исключения файлов с секретами 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-08 02:10:59 +03:00
parent 8d50613876
commit 9e1145b9ce
8 changed files with 406 additions and 4 deletions
--- a/docker/.env.docker.example
+++ b/docker/.env.docker.example
@@ -0,0 +1,28 @@
+# Django settings
+SECRET_KEY=change-this-to-a-secure-random-key-in-production-min-50-chars
+DEBUG=False
+ALLOWED_HOSTS=yourdomain.com,*.yourdomain.com,localhost,127.0.0.1
+
+# Database (PostgreSQL)
+DB_NAME=inventory_db
+DB_USER=postgres
+DB_PASSWORD=your-secure-postgres-password-here
+DB_HOST=db
+DB_PORT=5432
+
+# Redis
+REDIS_HOST=redis
+REDIS_PORT=6379
+REDIS_DB=0
+
+# Celery
+CELERY_BROKER_URL=redis://redis:6379/0
+
+# Tenant Admin (создаётся при первом запуске)
+TENANT_ADMIN_EMAIL=admin@example.com
+TENANT_ADMIN_PASSWORD=change-this-secure-password
+TENANT_ADMIN_NAME=Admin
+
+# Django-tenants
+# Основной домен для public схемы
+PUBLIC_SCHEMA_DOMAIN=yourdomain.com
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -0,0 +1,56 @@
+# Dockerfile для Django приложения с Celery
+FROM python:3.11-slim
+
+# Переменные окружения
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+ENV DJANGO_SETTINGS_MODULE=myproject.settings
+
+# Установка системных зависимостей
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    # Для PostgreSQL
+    libpq-dev \
+    postgresql-client \
+    # Для Pillow и pillow-heif
+    libjpeg-dev \
+    libpng-dev \
+    libwebp-dev \
+    libheif-dev \
+    libde265-dev \
+    # Для сборки Python пакетов
+    gcc \
+    g++ \
+    # Утилиты
+    curl \
+    && rm -rf /var/lib/apt/lists/*
+
+# Рабочая директория
+WORKDIR /app
+
+# Копируем requirements и устанавливаем зависимости
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Копируем проект
+COPY myproject/ .
+
+# Создаём директории для статики и медиа
+RUN mkdir -p /app/staticfiles /app/media
+
+# Копируем entrypoint скрипт
+COPY docker/entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+# Создаём непривилегированного пользователя
+RUN useradd -m -u 1000 appuser && \
+    chown -R appuser:appuser /app
+USER appuser
+
+# Порт приложения
+EXPOSE 8000
+
+# Точка входа
+ENTRYPOINT ["/entrypoint.sh"]
+
+# Команда по умолчанию (будет переопределена в docker-compose)
+CMD ["web"]
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -0,0 +1,108 @@
+version: '3.8'
+
+# Все файлы хранятся в /Volume1/DockerAppsData/mixapp/
+# YAML файл хранится в /Volume1/DockerYAML/mix/
+
+services:
+  # PostgreSQL база данных
+  db:
+    image: postgres:15-alpine
+    container_name: mix_postgres
+    restart: unless-stopped
+    env_file:
+      - /Volume1/DockerAppsData/mixapp/app/docker/.env.docker
+    environment:
+      POSTGRES_DB: ${DB_NAME:-inventory_db}
+      POSTGRES_USER: ${DB_USER:-postgres}
+      POSTGRES_PASSWORD: ${DB_PASSWORD:-postgres}
+      POSTGRES_INITDB_ARGS: "--encoding=UTF8 --locale=C"
+    volumes:
+      - /Volume1/DockerAppsData/mixapp/postgres:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-postgres} -d ${DB_NAME:-inventory_db}"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    networks:
+      - mix_network
+
+  # Redis для кеша и Celery брокера
+  redis:
+    image: redis:7-alpine
+    container_name: mix_redis
+    restart: unless-stopped
+    command: redis-server --appendonly yes
+    volumes:
+      - /Volume1/DockerAppsData/mixapp/redis:/data
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    networks:
+      - mix_network
+
+  # Django Web приложение
+  web:
+    build:
+      context: /Volume1/DockerAppsData/mixapp/app
+      dockerfile: docker/Dockerfile
+    container_name: mix_web
+    restart: unless-stopped
+    command: web
+    env_file:
+      - /Volume1/DockerAppsData/mixapp/app/docker/.env.docker
+    volumes:
+      - /Volume1/DockerAppsData/mixapp/media:/app/media
+      - /Volume1/DockerAppsData/mixapp/static:/app/staticfiles
+    ports:
+      - "8000:8000"
+    depends_on:
+      db:
+        condition: service_healthy
+      redis:
+        condition: service_healthy
+    networks:
+      - mix_network
+
+  # Celery Worker для обработки задач
+  celery-worker:
+    build:
+      context: /Volume1/DockerAppsData/mixapp/app
+      dockerfile: docker/Dockerfile
+    container_name: mix_celery_worker
+    restart: unless-stopped
+    command: celery-worker
+    env_file:
+      - /Volume1/DockerAppsData/mixapp/app/docker/.env.docker
+    volumes:
+      - /Volume1/DockerAppsData/mixapp/media:/app/media
+    depends_on:
+      db:
+        condition: service_healthy
+      redis:
+        condition: service_healthy
+    networks:
+      - mix_network
+
+  # Celery Beat для периодических задач
+  celery-beat:
+    build:
+      context: /Volume1/DockerAppsData/mixapp/app
+      dockerfile: docker/Dockerfile
+    container_name: mix_celery_beat
+    restart: unless-stopped
+    command: celery-beat
+    env_file:
+      - /Volume1/DockerAppsData/mixapp/app/docker/.env.docker
+    depends_on:
+      db:
+        condition: service_healthy
+      redis:
+        condition: service_healthy
+    networks:
+      - mix_network
+
+networks:
+  mix_network:
+    driver: bridge
--- a/docker/entrypoint.sh.example
+++ b/docker/entrypoint.sh.example
@@ -0,0 +1,135 @@
+#!/bin/bash
+set -e
+
+# Ожидание готовности PostgreSQL
+wait_for_postgres() {
+    echo "Waiting for PostgreSQL..."
+    while ! python -c "
+import psycopg2
+import os
+try:
+    conn = psycopg2.connect(
+        dbname=os.environ.get('DB_NAME', 'inventory_db'),
+        user=os.environ.get('DB_USER', 'postgres'),
+        password=os.environ.get('DB_PASSWORD', 'postgres'),
+        host=os.environ.get('DB_HOST', 'db'),
+        port=os.environ.get('DB_PORT', '5432')
+    )
+    conn.close()
+    exit(0)
+except:
+    exit(1)
+" 2>/dev/null; do
+        echo "PostgreSQL is unavailable - sleeping"
+        sleep 2
+    done
+    echo "PostgreSQL is up!"
+}
+
+# Ожидание готовности Redis
+wait_for_redis() {
+    echo "Waiting for Redis..."
+    while ! python -c "
+import redis
+import os
+try:
+    r = redis.Redis(
+        host=os.environ.get('REDIS_HOST', 'redis'),
+        port=int(os.environ.get('REDIS_PORT', '6379')),
+        db=int(os.environ.get('REDIS_DB', '0'))
+    )
+    r.ping()
+    exit(0)
+except:
+    exit(1)
+" 2>/dev/null; do
+        echo "Redis is unavailable - sleeping"
+        sleep 2
+    done
+    echo "Redis is up!"
+}
+
+# Применение миграций и создание суперпользователя
+run_migrations() {
+    echo "Running migrations for shared apps..."
+    python manage.py migrate_schemas --shared
+
+    echo "Running migrations for tenant schemas..."
+    python manage.py migrate_schemas --tenant
+
+    echo "Collecting static files..."
+    python manage.py collectstatic --noinput
+}
+
+# Создание суперпользователя если не существует
+create_superuser() {
+    echo "Creating superuser if not exists..."
+    python manage.py shell << EOF
+from django.contrib.auth import get_user_model
+from django.db import connection
+from django_tenants.utils import schema_context
+import os
+
+User = get_user_model()
+
+# Создаём суперпользователя в public схеме из переменных окружения
+with schema_context('public'):
+    email = os.environ.get('TENANT_ADMIN_EMAIL', 'admin@example.com')
+    password = os.environ.get('TENANT_ADMIN_PASSWORD', 'changeme')
+    first_name = os.environ.get('TENANT_ADMIN_NAME', 'Admin')
+
+    if not User.objects.filter(email=email).exists():
+        user = User.objects.create_superuser(
+            email=email,
+            password=password,
+            first_name=first_name
+        )
+        print(f'Superuser {email} created successfully!')
+    else:
+        print(f'Superuser {email} already exists.')
+EOF
+}
+
+case "$1" in
+    web)
+        wait_for_postgres
+        wait_for_redis
+        run_migrations
+        create_superuser
+        echo "Starting Gunicorn..."
+        exec gunicorn myproject.wsgi:application \
+            --bind 0.0.0.0:8000 \
+            --workers 3 \
+            --threads 2 \
+            --timeout 120 \
+            --access-logfile - \
+            --error-logfile - \
+            --capture-output
+        ;;
+    celery-worker)
+        wait_for_postgres
+        wait_for_redis
+        echo "Starting Celery Worker..."
+        exec celery -A myproject worker \
+            -l info \
+            -Q celery,photo_processing \
+            --concurrency=2
+        ;;
+    celery-beat)
+        wait_for_postgres
+        wait_for_redis
+        echo "Starting Celery Beat..."
+        exec celery -A myproject beat -l info
+        ;;
+    migrate)
+        wait_for_postgres
+        run_migrations
+        create_superuser
+        ;;
+    shell)
+        exec python manage.py shell
+        ;;
+    *)
+        exec "$@"
+        ;;
+esac