Starting place for a stack which includes Docker, NGINX, Django/FastAPI, and more...
For main branch (otherwise tack on: --checkout <branch_name>
):
cookiecutter https://github.com/rileypeterson/mycc.git
# Enter in Parameters
cd <project_slug>
source aliases.sh
deploy
- Separate branches for different setups (e.g. Just db/django, just nginx, just traefik, just elasticache, etc.)
cookiecutter https://github.com/audreyr/cookiecutter-pypackage.git --checkout develop
- Maybe use Traefik: https://www.reddit.com/r/Traefik/comments/hpsrx9/is_it_possible_to_configure_whitelist_for/
- Look through cookiecutter django
- Docker
- Environment files are placed here:
{{cookiecutter.project_slug}}/config/.dev.env {{cookiecutter.project_slug}}/config/.prod.env
- They're ignored
- If they already exist, they won't be overwritten when generating the cookiecutter
- This is because Postgres auth won't work if the credentials are overwritten
- See aliases.sh (Doesn't remove these files)
- The following files aren't rendered and django templates don't play nicely with cookiecutter:
"_copy_without_render": [ "{{cookiecutter.project_slug}}/pages/templates/pages/*.html" ]
- Therefore, just use the following
[[[[cookiecutter.project_name]]]]
(no spaces) within those files - It'll be rendered by the
post_gen_project.py
hook - For now only
cookiecutter.project_name
will be recognized, but it would be straight forward to add more.
prod-down
docker volume rm $(docker volume ls -q)
docker system prune -a --volumes
rm -rf <project_slug>
rm -rf .cookiecutter*
You can have an NGINX config which blocks IPs like this:
location / {
proxy_pass http://django;
include ddns/allowed_ips.conf;
deny all;
}
and the certbot ssl exchange will still work. Thus, you don't need to leave the root domain exposed to 80/443.