inventree/inventree-docs
2
0
Fork 0
mirror of https://github.com/inventree/inventree-docs.git synced 2025-04-27 21:26:43 +00:00
Code

More updates

Browse Source 
- Add section on "DEBUG" mode
- Update nginx.conf
- Update docker-compose.yml
This commit is contained in:
Oliver Walters 2021-06-16 22:53:00 +10:00
parent c6b3422dde
commit e1df21aa7a
3 changed files with 63 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
_includes/docker-compose.yml
View File

@ -30,6 +30,7 @@ services:
- POSTGRES_USER=pguser
- POSTGRES_PASSWORD=pgpassword
volumes:
# Map 'data' volume such that postgres database is stored externally
- data:/var/lib/postgresql/data/
restart: unless-stopped
@ -43,8 +44,8 @@ services:
depends_on:
- inventree-db
volumes:
# Data volume must map to /home/inventree/data
- data:/home/inventree/data
- static:/home/inventree/static
environment:
# Default environment variables are configured to match the 'db' container
# Note: If you change the database image, these will need to be adjusted
@ -66,8 +67,8 @@ services:
- inventree-db
- inventree-server
volumes:
# Data volume must map to /home/inventree/data
- data:/home/inventree/data
- static:/home/inventree/static
environment:
# Default environment variables are configured to match the 'db' container
# Note: If you change the database image, these will need to be adjusted
@ -81,7 +82,8 @@ services:
restart: unless-stopped
# nginx acts as a reverse proxy
# static files are served by nginx
# static files are served directly by nginx
# media files are served by nginx, although authentication is redirected to inventree-server
# web requests are redirected to gunicorn
# NOTE: You will need to provide a working nginx.conf file!
inventree-proxy:
@ -93,11 +95,11 @@ services:
# Change "1337" to the port that you want InvenTree web server to be available on
- 1337:80
volumes:
# Provide nginx.conf file to the container
# Provide ./nginx.conf file to the container
# Refer to the provided example file as a starting point
- ./nginx.conf:/etc/nginx/conf.d/default.conf:ro
# Static data volume is mounted to /var/www/static
- static:/var/www/static:ro
# nginx proxy needs access to static and media files
- data:/var/www
restart: unless-stopped
volumes:
@ -110,6 +112,4 @@ volumes:
o: bind
# This directory specified where InvenTree data are stored "outside" the docker containers
# Change this path to a local system path where you want InvenTree data stored
device: /path/to/data
# Static files, shared between containers
static:
device: /path/to/data

28
_includes/nginx.conf
View File

@ -1,3 +1,4 @@
server {
# Listen for connection on (internal) port 80
@ -10,17 +11,17 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
client_max_body_size 100M;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_request_buffering off;
}
# Redirect any requests for static files
@ -34,4 +35,23 @@ server {
add_header Cache-Control "public";
}
# Redirect any requests for media files
location /media/ {
alias /var/www/media/;
# Media files require user authentication
auth_request /auth;
}
# Use the 'user' API endpoint for auth
location /auth {
internal;
proxy_pass http://inventree-server:8000/auth/;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
}
}

30
docs/start/intro.md
View File

@ -135,3 +135,33 @@ Refer to the following guides for further instructions:
- [**Bare metal development server setup guide**](./development.md)
- [**Bare metal production server setup guide**](./install.md)
## Debug Mode
By default, the InvenTree web server is configured to run in [DEBUG mode](https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-DEBUG).
Running in DEBUG mode provides many handy development features, however it is strongly recommended *NOT* to run in DEBUG mode in a production environment. This recommendation is made because DEBUG mode leaks a lot of information about your installation and may pose a security risk.
So, for a production setup, you should set `INVENTREE_DEBUG=false` in the [configuration options](./config.md).
### Potential Issues
However, turning off DEBUG mode creates further work for the system administrator. In particular, when running in DEBUG mode, the InvenTree web server natively manages *static* and *media* files, which means that the InvenTree server can run "monolithically" without the need for a separate web server.
With DEBUG mode turned off, a separate web server is required for serving *static* and *media* files. You can find further information in the [django documentation](https://docs.djangoproject.com/en/dev/howto/static-files/deployment/).
There are *many* different ways that a sysadmin might wish to handle this.
The [docker production example](./docker_prod.md) provides an example using [Nginx](https://www.nginx.com/) to serve *static* and *media* files, and redirecting other requests to the InvenTree web server itself.
You may use this as a jumping off point, or use an entirely different server setup.
#### Static Files
Static files can be served without any need for authentication. In fact, they must be accessible *without* authentication, otherwise the unauthenticated views (such as the login screen) will not function correctly.
#### Media Files
It is highly recommended that the *media* files are served in such a way that user authentication is required.
Refer to the [docker production example](./docker_prod.md) for a demonstration of using nginx to serve media files only to authenticated users, and forward authentication requests to the InvenTree web server.