Rework CSRF and improved .woodpecker.yml

2024-11-17 04:09:25 +08:00 · 2024-08-30 19:28:24 +08:00 · 2024-08-30 19:28:24 +08:00 · 81dd9334e3
commit 81dd9334e3
parent 47613a07d2
8 changed files with 44 additions and 40 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -3,4 +3,5 @@ chrome/
 dumps/
 media/
 TODO.md
-.env
+.env
+documentation/
--- a/.env.sample
+++ b/.env.sample
@ -39,6 +39,7 @@ REDIS_PORT = '6379'
 # Celery
 CELERY_BROKER = 'redis://redis:6379/0'
 CELERY_RESULT_BACKEND = 'redis://redis:6379/0'
+CELERY_FLOWER_PORT = 5555

 # Stripe
 STRIPE_SECRET_KEY = ''
@ -49,7 +50,7 @@ SERVE_MEDIA = 'False'
 BACKEND_ADDRESS = 'localhost'
 BACKEND_PORT = 8000
 FRONTEND_ADDRESS = 'localhost'
-FRONTEND_PORT = 4200
+FRONTEND_PORT = 4200 # Set this to 443 in production (HTTPS)
 USE_HTTPS = 'False'
 TIMEZONE = 'Asia/Manila'

--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -7,7 +7,7 @@ steps:
      - event: push
    commands:
      - docker build . -t git.keannu1.duckdns.org/keannu125/drf_template
-      - echo "$REGISTRY_PASSWORD" | docker login --password-stdin -u "$REGISTRY_USERNAME" -- "$CI_REGISTRY"
+      - echo "$REGISTRY_PASSWORD" | docker login "$CI_REGISTRY" --password-stdin -u "$REGISTRY_USERNAME"
      - docker push git.keannu1.duckdns.org/keannu125/drf_template
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
@ -23,7 +23,7 @@ steps:
      - chmod 600 /root/.ssh/id_rsa
      - echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > /root/.ssh/config
      - ssh root@10.0.10.4 '
-        cd /mnt/sdb1/files/docker projects/DRF-Template;
+        cd $PROJECT_DIR;
        docker-compose down;
        docker image rm git.keannu1.duckdns.org/keannu125/drf_template;
        docker volume rm git.keannu1.duckdns.org/keannu125/drf_template_db_data;
--- a/README.md
+++ b/README.md
@ -1,5 +1,7 @@
 ## DRF-Template

+![Build Status](https://woodpecker.06222001.xyz/api/badges/3/status.svg)
+
 This is a Django template that I personally use for my projects. This covers the following

 - Emails (and templated email designs)
--- a/backend/config/settings.py
+++ b/backend/config/settings.py
@ -35,17 +35,20 @@ def get_secret(secret_name):


 # URL Prefixes
-USE_HTTPS = (get_secret('USE_HTTPS') == 'True')
-URL_PREFIX = 'https://' if USE_HTTPS else 'http://'
-BACKEND_URL = URL_PREFIX + \
-    get_secret('BACKEND_ADDRESS') + ':' + get_secret('BACKEND_PORT')
-FRONTEND_URL = URL_PREFIX + \
-    get_secret('FRONTEND_ADDRESS') + ':' + get_secret('FRONTEND_PORT')
+URL_SCHEME = 'https' if (get_secret('USE_HTTPS') == 'True') else 'http'
+# Backend
+BACKEND_ADDRESS = get_secret('BACKEND_ADDRESS')
+BACKEND_PORT = get_secret('BACKEND_PORT')
+# Frontend
+FRONTEND_ADDRESS = get_secret('FRONTEND_ADDRESS')
+FRONTEND_PORT = get_secret('FRONTEND_PORT')

 ALLOWED_HOSTS = ['*']
 CSRF_TRUSTED_ORIGINS = [
-    BACKEND_URL,
-    FRONTEND_URL
+    # Frontend
+    f'{URL_SCHEME}://{FRONTEND_ADDRESS}:{FRONTEND_PORT}',
+    # Backend
+    f'{URL_SCHEME}://{BACKEND_ADDRESS}:{BACKEND_PORT}',
    # You can also set up https://*.name.xyz for wildcards here
 ]

--- a/backend/payments/views.py
+++ b/backend/payments/views.py
@ -1,4 +1,4 @@
-from config.settings import STRIPE_SECRET_KEY, STRIPE_SECRET_WEBHOOK, FRONTEND_URL
+from config.settings import STRIPE_SECRET_KEY, STRIPE_SECRET_WEBHOOK, URL_SCHEME, FRONTEND_ADDRESS, FRONTEND_PORT
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.views import APIView
 from rest_framework.response import Response
@ -87,9 +87,10 @@ class StripeCheckoutView(APIView):
                    'error': 'Regular users cannot avail prorated plans'
                }, status=status.HTTP_403_FORBIDDEN)

-            success_url = FRONTEND_URL + \
+            success_url = f'{URL_SCHEME}://{FRONTEND_ADDRESS}:{FRONTEND_PORT}' + \
                '/user/subscription/payment?success=true&agency=False&session_id={CHECKOUT_SESSION_ID}'
-            cancel_url = FRONTEND_URL + '/user/subscription/payment?success=false&user_group=False'
+            cancel_url = f'{URL_SCHEME}://{FRONTEND_ADDRESS}:{FRONTEND_PORT}' + \
+                '/user/subscription/payment?success=false&user_group=False'

            checkout_session = stripe.checkout.Session.create(
                line_items=[
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -59,7 +59,7 @@ services:
      - RUN_TYPE=monitor
    image: drf_template:latest
    ports:
-      - "5555:5555"
+      - "${CELERY_FLOWER_PORT}:5555"
    volumes:
      - .:/code
    depends_on:
--- a/start.sh
+++ b/start.sh
@ -1,36 +1,32 @@
 #!/bin/bash
-set -e
+# read .env values
+awk -F= '$1 == "BACKEND_DEBUG" {print $2}' .env
+awk -F= '$1 == "BACKEND_PORT" {print $2}' .env
+awk -F= '$1 == "CELERY_FLOWER_PORT" {print $2}' .env

 echo "Running as: $RUN_TYPE"
+cd backend/
 if [ "$RUN_TYPE" = "web" ]; then
-    python backend/manage.py spectacular --color --file backend/schema.yml
-    python backend/manage.py migrate
-    if [ ! -d "backend/static" ]; then
+    python manage.py graph_models -o ../documentation/erd/app_models.png
+    python manage.py spectacular --color --file schema.yml
+    python manage.py migrate
+    if [ ! -d "static" ]; then
        echo "Generating static files"
-        python backend/manage.py collectstatic --noinput
+        python manage.py collectstatic --noinput
+    fi
+    if [ "$BACKEND_DEBUG" = 'True' ]; then   
+        python manage.py runserver "0.0.0.0:${BACKEND_PORT:-8000}"
+    else
+        python -m granian --host 0.0.0.0 --port "${BACKEND_PORT:-8000}" --workers 8 --interface wsgi config.wsgi:application
    fi
-    python backend/manage.py graph_models -o documentation/erd/app_models.png
-    cd backend
-    # python manage.py runserver 0.0.0.0:8000
-    python -m granian --host 0.0.0.0 --workers 8 --interface wsgi config.wsgi:application
 elif [ "$RUN_TYPE" = "worker" ]; then
-    cd backend && celery -A config worker -l INFO -E --concurrency 1
+    celery -A config worker -l INFO -E --concurrency 1
 elif [ "$RUN_TYPE" = "beat" ]; then
    sleep 15
-    cd backend && celery -A config beat -l INFO --scheduler django_celery_beat.schedulers:DatabaseScheduler
+    celery -A config beat -l INFO --scheduler django_celery_beat.schedulers:DatabaseScheduler
 elif [ "$RUN_TYPE" = "monitor" ]; then
-    cd backend && celery -A config flower --port=5555
+    celery -A config flower --port="${CELERY_FLOWER_PORT:-5555}"
 else
-    echo "No RUN_TYPE value set. Defaulting to web mode"
-    echo "No value specified, defaulting to web"
-    python backend/manage.py spectacular --color --file backend/schema.yml
-    python backend/manage.py migrate
-    if [ ! -d "backend/static" ]; then
-        echo "Generating static files"
-        python backend/manage.py collectstatic --noinput
-    fi
-    python backend/manage.py graph_models -o documentation/erd/app_models.png
-    cd backend
-    # python manage.py runserver 0.0.0.0:8000
-    python -m granian --host 0.0.0.0 --workers 8 --interface wsgi config.wsgi:application
+    echo "No RUN_TYPE value set. Exiting"
+    exit 1
 fi