diff --git a/.gitignore b/.gitignore index e5766c22..f712de07 100644 --- a/.gitignore +++ b/.gitignore @@ -4,6 +4,7 @@ virt static_root/img/favicon.svg freva_web.conf +docker/databrowser_api_config.toml db node_modules venv/* diff --git a/README.md b/README.md index dae0f662..169ca586 100644 --- a/README.md +++ b/README.md @@ -76,7 +76,74 @@ The django and npm development servers will write output into `runserver.log` an `npm.log`. You can observe the output of the processes using `tail -f` or something similar. -> **Note**: You need a Node version of at least 16.5 along a npm version of 8.19 +> ``📝`` You need a Node version of at least 16.5 along a npm version of 8.19 + +# Production +The web app is meant to be applied in a docker container. A pre-build image +of the web app is available via: + +```console +docker pull ghcr.io/freva-clint/freva-web:latest +``` + +When running in production mode you should set the following container +environment variables: + +- ``EVALUATION_SYSTEM_CONFIG_FILE`` : Path to the freva config file +- ``LDAP_USER_DN``: the Distinguished Name within ldap for example + `uid=jdoe,ou=users,dc=example,dc=com`. +- ``LDAP_USER_PW``: password for the LDAP server connection. +- ``DJANGO_SUPERUSER_PASSWORD``: the super user password for the django app. + +The web app app is running on port 8000, hence you want to publish this port +via the `-p` flag. Ideally the path to the `$EVALUATION_SYSTEM_CONFIG_FILE` +should be mounted into the container as a volume. Since static files are served +by the http web server and not the django web app you have to add the location +of the static files (e.g. `/srv/static`) as a volume into the container to the +`/opt/freva_web/static` location. On startup of the container django app will +create all static files that will then be available through `/srv/static` on +the docker host. + +All together a minimal working example looks like this: + +```console +docker run -it -e EVALUATION_SYSTEM_CONFIG_FILE=/work/freva/evaluation_system.conf \ + -e LDAP_USER_DN='uid=jdoe,ou=users,dc=example,dc=com' \ + -e LDAP_USER_PW='secret' \ + -e DJANGO_SUPERUSER_PASSWORD='more_secret' \ + -v /work/freva:/work/freva:z \ + -v /srv/static:/opt/freva_web/static:z \ + -p 8000:8000 \ + ghcr.io/freva-clint/freva-web:latest +``` +The web app is then available via port 8000 on the host system. + +## Making the web app available on a web server. +To be able to access the web app through a normal http web server you will need +to setup a reverse proxy on your http web server to port 8000. Refer to the +reverse proxy settings for your web server. Here is a minimal example for +apache httpd (using the example from above where the static files are located +in `/srv/static` on the docker host): + +``` +Listen 80 +LoadModule proxy_html_module modules/mod_proxy_html.so +LoadModule proxy_module modules/mod_proxy.so +LoadModule proxy_connect_module modules/mod_proxy_connect.so +LoadModule proxy_http_module modules/mod_proxy_http.so + + ProxyPass /static/ ! + ProxyPass /api/databrowser/ http://freva-databrowser.example.com:7777/api/databrowser/ + ProxyPassReverse /api/databrowser/ http://freva-databrowser.example.com:7777/api/databrowser/ + ProxyPass / http://freva.example.com:8000/ + ProxyPassReverse / http://freva.example.com:8000/ + Alias /static /srv/static/ + Alias /robots.txt /srv/static/robots.txt + Alias /favicon.ico /srv/static/favicon.ico + +``` +> ``📝`` This is a minimal example, in a real world scenario you should always + configure your web server to enable web encryption via port 443. # Create a new web release. The production systems are deployed in a docker image hosted on the GitHub diff --git a/package.json b/package.json index 24f55e72..b465d692 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "evaluation_system_web", - "version": "2023.08.01", + "version": "2023.09.06", "description": "React-bits of the freva-web interface. The react-parts of the web interface include the plugin-selection, the data-browser and the result-browser", "main": "index.js", "engines": {