inventree/inventree-docs
2
0
Fork 0
mirror of https://github.com/inventree/inventree-docs.git synced 2025-06-12 18:25:27 +00:00
Code Activity

More updates

Browse Source 
- Add section on "DEBUG" mode
- Update nginx.conf
- Update docker-compose.yml
This commit is contained in:
Oliver Walters
2021-06-16 22:53:00 +10:00
parent c6b3422dde
commit e1df21aa7a
3 changed files with 63 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
docs/start/intro.md
View File

@ -135,3 +135,33 @@ Refer to the following guides for further instructions:
- [**Bare metal development server setup guide**](./development.md)
- [**Bare metal production server setup guide**](./install.md)
## Debug Mode
By default, the InvenTree web server is configured to run in [DEBUG mode](https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-DEBUG).
Running in DEBUG mode provides many handy development features, however it is strongly recommended *NOT* to run in DEBUG mode in a production environment. This recommendation is made because DEBUG mode leaks a lot of information about your installation and may pose a security risk.
So, for a production setup, you should set `INVENTREE_DEBUG=false` in the [configuration options](./config.md).
### Potential Issues
However, turning off DEBUG mode creates further work for the system administrator. In particular, when running in DEBUG mode, the InvenTree web server natively manages *static* and *media* files, which means that the InvenTree server can run "monolithically" without the need for a separate web server.
With DEBUG mode turned off, a separate web server is required for serving *static* and *media* files. You can find further information in the [django documentation](https://docs.djangoproject.com/en/dev/howto/static-files/deployment/).
There are *many* different ways that a sysadmin might wish to handle this.
The [docker production example](./docker_prod.md) provides an example using [Nginx](https://www.nginx.com/) to serve *static* and *media* files, and redirecting other requests to the InvenTree web server itself.
You may use this as a jumping off point, or use an entirely different server setup.
#### Static Files
Static files can be served without any need for authentication. In fact, they must be accessible *without* authentication, otherwise the unauthenticated views (such as the login screen) will not function correctly.
#### Media Files
It is highly recommended that the *media* files are served in such a way that user authentication is required.
Refer to the [docker production example](./docker_prod.md) for a demonstration of using nginx to serve media files only to authenticated users, and forward authentication requests to the InvenTree web server.