Requirements:
- Docker 18.09.0+
- Docker Compose 1.23.2+
If this is the first time you're running Democracy Sausage you'll need to:
Add the following to your hosts file.
127.0.0.1 public.test.democracysausage.org
127.0.0.1 admin.test.democracysausage.org
Install mkcert and generate self-signed certs for local dev.
brew install mkcert
mkcert -install
mkdir keys && cd $_
mkcert public.test.democracysausage.org
mkcert admin.test.democracysausage.org
Use the template .env files in secrets-tmpl
to create corresponding files under secrets/
for:
sausage-web.dev.env
sausage-web-db.dev.env
sausage-db.dev.env
sausage-public-frontend.dev.env
sausage-admin-frontend.dev.env
If you're starting from scratch:
Follow the instructions in data/federal_2019/electoral_boundaries/README.md
to load in the 2019 Federal electoral boundaries.
Alternatively, if you have access to the production database you can use the scripts in this repo to initialise your environment with its current state.
docker-compose up db
docker exec -i -t demsausage_db_1 /bin/bash
cd /var/lib/postgresql/scripts
./replace-dev-with-prod.sh
- Add yourself to the
app_allowedusers
table before trying to login - Load
initial_data/polling_place_facility_types.csv
intoapp_pollingplacefacilitytype
- Create a test election for yourself and load some polling places into it via the UI (contact the project maintainers for a sample)
docker-compose up
Then navigate to the URLs given below
Navigate to https://test.democracysausage.org
Navigate to https://admin.test.democracysausage.org
Cross browser testing thanks to BrowserStack.
Memcached is used to cache public-facing API endpoints to lighten the load on the backend Django service. For debugging purposes we can retrieve a list of currently set memcached key by:
docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' demsausage_memcached_1
telnet 172.27.0.5 11211
> Show general stats
stats
> Show all of the "slabs" in memcached (groups of keys)
stats slabs
STAT 18:chunk_size 4544
STAT 18:chunks_per_page 230
...
> Dump a list of all items stored in a given slab (in this case, slab 18)
stats cachedump 18 0
ITEM demsausage_:1:elections_list [4321 b; 0 s]
- AWS S3 hosts the
Public
andAdmin
sites. - CloudFlare sits in front and handles caching and gives us HTTPS.
- Travis CI handles automatic deploys from GitHub for us.
- Duck CLI to ftp sync the legacy PHP API.
- S3 bucket setup for static website hosting, bucket policy set to public, and error document set to
index.html
to let React Router work. 1.1 A second www.democracysausage.org bucket is setup to redirect requests to https://democracysausage.org - CloudFlare just has default settings except for these Page Rules: 2.2 api.democracysausage.org/* Cache Level: Bypass 2.3 democracysausage.org/static/* Cache Level: Standard, Edge Cache TTL: A Month (Because S3 sends No Cache headers by default.) 2.3 democracysausage.org/icons/* Cache Level: Standard, Edge Cache TTL: A Month (Because S3 sends No Cache headers by default.)
- Travis CI setup with default settings to pull from
.travis.yml
with environment variables AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_DEFAULT_REGION, CF_ZONE_ID, CF_EMAIL, CF_API_KEY, FTP_USERNAME, FTP_PASSWORD, FTP_PATH, REACT_APP_MAPBOX_API_KEY_PROD
{
"Version": "2012-10-17",
"Id": "PublicBucketPolicy",
"Statement": [
{
"Sid": "Stmt1482880670019",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::BUCKET_NAME_HERE/*"
}
]
}
Per Travis-CI's documentation on encrypting multiple files containing secrets.
tar cvf secrets.tar secrets/travis.env secrets/demsausage-frontends.prod.env
travis encrypt-file --force secrets.tar
- Moving a static website to AWS S3 + CloudFront with HTTPS
- Host a Static Site on AWS, using S3 and CloudFront
- S3 Deployment with Travis
- Setting up a continuously deployed static website with SSL
- Deploying a static site to Github Pages using Travis and Cloudflare
- Secure and fast GitHub Pages with CloudFlare
- How to get your SSL for free on a Shared Azure website with CloudFlare