Focus on code not on configuration.
Out of the box production ready setup for:
- REST Api (django-rest-framework)
- JWT Authentication (djangorestframework-simplejwt)
- WebSocket (channels)
- Background task execution (celery)
git clone https://github.com/Faisal-Manzer/django-super-template.git
mv django-super-template server
cd server
cp secrets.example.json secrets.json
chmod +x install.sh
./install.sh
Obtain RSA key pair from: https://travistidwell.com/jsencrypt/demo/ and paste them in config/keys/private.key and config/keys/public.key
DJANGO
:SECRET_KEY
: Secret key used by django. Generate new secret key (here)[https://djecrety.ir].DEBUG
,PRODUCATION
: See modesALLOWED_HOST
: For development is always['*']
regardless of the settings. For production chose two hostapi.YOUR_DOMAIN.com
amdadmin.YOUR_DOMAIN.com
. If you want you can change sub-domains in__config__/hosts.py
.
CLIENTS
: Regex pattern for your API Client base url. This is CORS whitelist.DB
: Postgres database settingsTEST_USER
: Create a test user by./manage.py create-test-user
with credentials provided here.TASK_QUEUE
: Celery task broker message queue, redis is preferred as message broker but you can customise according to requirements.CHANNEL_DB
: Temporary data base used by channels to store messages. Redis is preferred.AWS
:S3
:BUCKET_NAME
: S3Bucket name where media and static file will be stored in production.REGION
: S3Bucket RegionSTATIC_FOLDER
: Key prefix for storing static files in S3MEDIA_FOLDER
: Key prefix for storing media files in S3
USER
:ACCESS_KEY_ID
,SECRET_ACCESS_KEY
: respective key provide by AWS IAM user for programmatic access.
CDN
: Cloud front domains for S3 bucketPRIMARY
: Custom domain name for Cloudfront CDNSECONDARY
: Another domain name for Cloudfront CDN. NOTE: SECONDARY will not be used any where.
Run these server in separate terminals
- Postgres
- Django
./manage.py runserver 0.0.0.0:8000
- Redis
redis-server
- Celery
celery worker -l info -A __config__
There are total 9 passing test with 0 errors and 0 failure.
./manage.py test
Also open WebSocket browser test to confirm that websocket is running correctly.
If all the tests are not passing then there is some configuration issue in secrets.json
or some server has not been started.
There are three modes in the project:
- Development: Used for development environment (
DEBUG=True
,PRODUCTION=False
) - Staging: When testing deployment to AWS. You can see logs and trails of project (
DEBUG=True
,PRODUCTION=True
) - Production: When deploying final production application.
Normally any CI/CD will need all the secrets
defined in secrets.json
but coming
this file to version control is not safe. We created a utility for commit secrets to version control in safe way.
A dump file will be created with AES encryption to protect secrets.
./encrypt.py -g
Save DJANGO_CONFIG_PRIVATE_KEY
and DJANGO_CONFIG_PUBLIC_KEY
with respective value.
You can use --generate
to generate random keys.
usage: encrypt.py [-h] [-i INPUT] [-o OUTPUT] [-e] [-g]
[--public-key PUBLIC_KEY] [--private-key PRIVATE_KEY]
Creates encrypted secrets file which can be committed to repo or can be used
in CI/CD.
optional arguments:
-h, --help show this help message and exit
-i INPUT, --input INPUT
Input file path to be encrypted
-o OUTPUT, --output OUTPUT
Output file path
-e, --use-env Use environment variable
-g, --generate Generate random strong Public key and Private key
--public-key PUBLIC_KEY
Public key of 16 character
--private-key PRIVATE_KEY
Private key which can be of 16, 24, 32 character