diff --git a/.env.example b/.env.example index 19d3aecc..91516422 100644 --- a/.env.example +++ b/.env.example @@ -23,9 +23,10 @@ POSTGRES_USER=fedireads POSTGRES_DB=fedireads POSTGRES_HOST=db +REDIS_PORT=6379 REDIS_PASSWORD=redispassword123 -CELERY_BROKER=redis://:${REDIS_PASSWORD}@redis:6379/0 -CELERY_RESULT_BACKEND=redis://:${REDIS_PASSWORD}@redis:6379/0 +CELERY_BROKER=redis://:${REDIS_PASSWORD}@redis:${REDIS_PORT}/0 +CELERY_RESULT_BACKEND=redis://:${REDIS_PASSWORD}@redis:${REDIS_PORT}/0 FLOWER_PORT=8888 FLOWER_USER=mouse diff --git a/README.md b/README.md index 98ce9c76..3d5ea4a7 100644 --- a/README.md +++ b/README.md @@ -169,8 +169,11 @@ Instructions for running BookWyrm in production: - Set a secure database password for postgres - Update your nginx configuration in `nginx/default.conf` - Replace `your-domain.com` with your domain name + - If you are running another web-server on your host machine, you will need to follow the [reverse-proxy instructions](#running-bookwyrm-behind-a-reverse-proxy) - Run the application (this should also set up a Certbot ssl cert for your domain) with `docker-compose up --build`, and make sure all the images build successfully + - If you are running other services on your host machine, you may run into errors where services fail when attempting to bind to a port. + See the [troubleshooting guide](#port-conflicts) for advice on resolving this. - When docker has built successfully, stop the process with `CTRL-C` - Comment out the `command: certonly...` line in `docker-compose.yml` - Run docker-compose in the background with: `docker-compose up -d` @@ -201,19 +204,99 @@ There are three concepts in the book data model: - `Book`, an abstract, high-level concept that could mean either a `Work` or an `Edition`. No data is saved as a `Book`, it serves as shared model for `Work` and `Edition` - `Work`, the theoretical umbrella concept of a book that encompasses every edition of the book, and - `Edition`, a concrete, actually published version of a book - + Whenever a user interacts with a book, they are interacting with a specific edition. Every work has a default edition, but the user can select other editions. Reviews aggregated for all editions of a work when you view an edition's page. ### Backups -Bookwyrm's db service dumps a backup copy of its database to its `/backups` directory daily at midnight UTC. +BookWyrm's db service dumps a backup copy of its database to its `/backups` directory daily at midnight UTC. Backups are named `backup__%Y-%m-%d.sql`. The db service has an optional script for periodically pruning the backups directory so that all recent daily backups are kept, but for older backups, only weekly or monthly backups are kept. To enable this script: -- Uncomment the final line in `postgres-docker/cronfile` -- rebuild your instance `docker-compose up --build` + - Uncomment the final line in `postgres-docker/cronfile` + - rebuild your instance `docker-compose up --build` You can copy backups from the backups volume to your host machine with `docker cp`: -- Run `docker-compose ps` to confirm the db service's full name (it's probably `bookwyrm_db_1`. -- Run `docker cp :/backups + - Run `docker-compose ps` to confirm the db service's full name (it's probably `bookwyrm_db_1`. + - Run `docker cp :/backups ` + +### Port Conflicts + +BookWyrm has multiple services that run on their default ports. +This means that, depending on what else you are running on your host machine, you may run into errors when building or running BookWyrm when attempts to bind to those ports fail. + +If this occurs, you will need to change your configuration to run services on different ports. +This may require one or more changes the following files: + - `docker-compose.yml` + - `nginx/default.conf` + - `.env` (You create this file yourself during setup) + +E.g., If you need Redis to run on a different port: + - In `docker-compose.yml`: + - In `services` -> `redis` -> `command`, add `--port YOUR_PORT` to the command + - In `services` -> `redis` -> `ports`, change `6379:6379` to your port + - In `.env`, update `REDIS_PORT` + +If you are already running a web-server on your machine, you will need to set up a reverse-proxy. + +#### Running BookWyrm Behind a Reverse-Proxy + +If you are running another web-server on your machine, you should have it handle proxying web requests to BookWyrm. + +The default BookWyrm configuration already has an nginx server that proxies requests to the django app that handles SSL and directly serves static files. +The static files are stored in a Docker volume that several BookWyrm services access, so it is not recommended to remove this server completely. + +To run BookWyrm behind a reverse-proxy, make the following changes: + - In `nginx/default.conf`: + - Comment out the two default servers + - Uncomment the server labeled Reverse-Proxy server + - Replace `your-domain.com` with your domain name + - In `docker-compose.yml`: + - In `services` -> `nginx` -> `ports`, comment out the default ports and add `- 8001:8001` + - In `services` -> `nginx` -> `volumes`, comment out the two volumes that begin `./certbot/` + - In `services`, comment out the `certbot` service + +At this point, you can follow, the [setup](#server-setup) instructions as listed. +Once docker is running, you can access your BookWyrm instance at `http://localhost:8001` (**NOTE:** your server is not accessible over `https`). + +Steps for setting up a reverse-proxy are server dependent. + +##### Nginx + +Before you can set up nginx, you will need to locate your nginx configuration directory, which is dependent on your platform and how you installed nginx. +See [nginx's guide](http://nginx.org/en/docs/beginners_guide.html) for details. + +To set up your server: + - In you `nginx.conf` file, ensure that `include servers/*;` isn't commented out. + - In your nginx `servers` directory, create a new file named after your domain containing the following information: + ```nginx + server { + server_name your-domain.com www.your-domain.com; + + location / { + proxy_pass http://localhost:8000; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + } + + location /images/ { + proxy_pass http://localhost:8001; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + } + + location /static/ { + proxy_pass http://localhost:8001; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + } + + listen [::]:80 ssl; + listen 80 ssl; + } + ``` + - run `sudo certbot run --nginx --email YOUR_EMAIL -d your-domain.com -d www.your-domain.com` + - restart nginx + +If everything worked correctly, your BookWyrm instance should now be externally accessible. \ No newline at end of file diff --git a/nginx/default.conf b/nginx/default.conf index 8ba8ec55..9435c080 100644 --- a/nginx/default.conf +++ b/nginx/default.conf @@ -47,3 +47,26 @@ server { alias /app/static/; } } + +# Reverse-Proxy server +# server { +# listen [::]:8001; +# listen 8001; + +# server_name your-domain.com www.your-domain.com; + +# location / { +# proxy_pass http://web; +# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +# proxy_set_header Host $host; +# proxy_redirect off; +# } + +# location /images/ { +# alias /app/images/; +# } + +# location /static/ { +# alias /app/static/; +# } +# } \ No newline at end of file