Skip to content

Deployment Overview of Django on Server

Prerequisites and Basic Requirements

The application requires a Linux-based environment (Debian or Ubuntu) with the following specifications:

  • Operating System: Debian or Ubuntu.

  • Privileges: Root access or sudo privileges are required for package installation and service management.

  • Domain: A domain under hostkey.in is used for SSL certificate issuance via Certbot.

  • Ports:

    • 8000: Internal application port (Django development server).

    • 443: External HTTPS port.

FQDN of the final panel on the hostkey.in domain

The application is accessible via the following FQDN format: <prefix><server_id>.hostkey.in

Based on the configuration, the specific URL structure uses the prefix django.

File and Directory Structure

The deployment utilizes several key directories for application files, configurations, and SSL certificates:

Path Description
/root/django_client/project Django project source code and management scripts.
/root/django_client/venv Python virtual environment (on Debian).
/etc/systemd/system/django.service Systemd service unit file for the Django application.
/root/nginx/compose.yml Docker Compose configuration for Nginx and Certbot.
/data/nginx/user_conf.d/ Custom Nginx configuration files.
/data/nginx/letsencrypt/ ACME challenge directory for SSL validation.
/data/nginx/nginx-certbot.env Environment variables for the Nginx container.

Application installation process

The application is installed as a Django project using Python 3. The deployment includes:

  1. Python Environment: A virtual environment is created at /root/django_client/venv (on Debian) or via global pip installation (on Ubuntu).

  2. Dependencies: Installation of django, python3-pip, and libpq-dev.

  3. Project Initialization: The Django project structure is generated in the /root/django_client/project directory.

  4. Static Files: Static files are collected into a static/ directory within the project root.

Access Rights and Security

  • User Execution: The Django service runs under the root user.

  • Firewall/Network: The application is configured to listen on 0.0.0.0:8000.

  • CSRF Protection: CSRF_TRUSTED_ORIGINS is explicitly set to include the hostkey.in domain for secure form submissions.

Databases

The application uses PostgreSQL-compatible libraries (libpq-dev) and performs database migrations during the installation process using: python /root/django_client/project/manage.py migrate

Docker Containers and Their Deployment

The deployment utilizes a Docker container to manage Nginx and Let's Encrypt SSL certificates via docker compose.

Deployment Command:

cd /root/nginx && docker compose up -d

Container Configuration Details:

  • Image: jonasal/nginx-certbot:latest

  • Network Mode: host

  • Volumes:

    • nginx_secrets:/etc/letsencrypt (External volume for SSL certificates)

    • /data/nginx/user_conf.d:/etc/nginx/user_conf.d

    • /data/nginx/letsencrypt:/var/www/letsencrypt

Proxy Servers

Nginx is deployed as a reverse proxy in a Docker container to handle HTTPS termination and SSL certificate management via Certbot.

  • SSL Management: Automated renewal is configured with an interval of 8d.

  • ACME Challenge: A specific location block is injected into the Nginx configuration to facilitate Let's Encrypt validation:

    location ^~ /.well-known/acme-challenge/ {
        root /var/www/letsencrypt;
        default_type "text/plain";
    }
    

Permission Settings

The following permission settings are applied to critical directories:

Directory Owner Group Mode
/root/nginx root root 0755
/data/nginx/letsencrypt/.well-known/acme-challenge root root 0755

Available ports for connection

Port Protocol Usage
443 HTTPS External web traffic (via Nginx)
8000 TCP Internal Django application service
question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×