Example project for me to figure out how to connect Wagtail as CMS on the backend with Gatsby for the frontend.
This setup is only designed for a single developer creating the site locally and then deploying the CMS on a webserver. Once the production server is up and running, all changes to content and media should be done directly on the production server (as I am not sure about any good merging strategies).
You can either run the development completely locally, or you can run in side the container.
To start the Wagtail container with development settings just run the following command in the repo root.
$ docker-compose -f dev.docker-compose.yml
You should be able to connect to the Wagtail admin at
http://localhost:8000/cms
.
To prepare data for distribution run the ./script/dist.sh
script.
This script packages the necessary data into a ./dist/dist.tar.gz
.
This archive is what you want to copy to the production server (with scp
for
example).
The data that was added to the Wagtail admin during development is stored
locally in the data/db.sqlite
and in the data/media
directories.
This data is packaged by the dist.sh
script. This means the data is available
on the host after the archive is extracted.
The packing will include a locally available .env
file. This file should be
configured for production before generating the distribution package. This file
may also be empty and be configured on the production host. It's only real
purpose is to define the SECRET_KEY
environment variable in production that
Django needs as a cryptography salt. Other settings set typically through
environment variables that are not sensitive are set in the docker-compose.yml
.
The Vagrantfile
defines a machine that can be interpreted as a simulated
production server.
The provisioning installs and configures the necessary software on the VM. Most
of those steps are performed by the scripts in the /server
directory. This
directory is contained in the dist.tar.gz
archive.
During provisioning, the dist.sh
script packages the data. This package is
then extracted into /home/dockrunner/app
. This is simulating the copying to the
server and extracting of the data with your non-root sudo user.
The following steps are basically just running the scripts in the ./server
directory, which is included in the distribution archive. These scripts install
and configure docker
, nginx
and ufw
.
The first script also create the dockrunner
user. This name is important as
it is used in the other docker configuration steps. The user name could be
anything else. It is only important that the user name is kept consistent
between the script concerning the docker configuration. The dockrunner
user, which is created during the provisioning, has a restricted login shell.
This means the user will only be able to execute a very limited set of commands.
Once the provisioning is done and you login to the VM with vagrant ssh
you
should switch to the dockrunner
user with sudo -u dockrunner -i
. This will
give you the restricted shell experience that this user would experience after
login. If you do need to run unrestricted commands as the typically restricted
user, you can start a different like so sudo -u dockrunner bash
. This of
course is only possible from a sudo
user account.
To start serving the backend as the dockrunner
user (which will always be
logged into it's home directory and is not allowed to switch directories) by
running following command.
$ docker-compose -f ./app/docker-compose.yml up -d --no-build
The container is running in detached mode and is set to restart automatically, unless it is stopped explicitly. When the host restarts, then the Docker daemon will restart automatically and then restart the container automatically.
The Vagrant machine is configured with port forwarding from 8000
on the host
to 80
on the VM. That means to test production the backend setup, you can be
visited at http://localhost:8000/cms
in the browser.
If you make changes to the code base that you want to test in a production
like configuration, you will need to build the images manually on the VM. This
can be achieved by starting an unrestricted shell for dockrunner
with
sudo -u dockrunner bash
, then cd /vagrant
to switch to the shared
directory and run docker-compose build
.
The production configuration requires two environment variables to be set.
SECRET_KEY
is critical and must exist otherwise the app won't start. this
is the encryption salt used by Django to secure the sessions with the backend.
NETLIFY_BUILD_HOOK_URL
is not required, but certainly recommended. This URL
is triggered whenever a page is published on the backend and results in a rebuild
of the Gatsby frontend. The app will start without this variable, but then
each build of the frontend needs to be triggered manually. This means that
publishing a page on the in Wagtail does not really result in a published page
on the frontend.
Both these variables can be defined in a .env
file the lives next to the
docker-compose.yml
on the production host. These variables are available in
the Wagtail container environment when it is started through the compose file.