Add template Django project

.gitignore

@@ -1,11 +1,165 @@
-*.pyc
-*.swp
+# ---> Python
+# Byte-compiled / optimized / DLL files
 __pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+.python_history
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+# lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+#poetry.lock
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+stack.env
+.venv
 env/
-env-glibc/
 venv/
+env-glibc/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+# PyCharm
+#  JetBrains specific template is maintainted in a separate JetBrains.gitignore that can
+#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
+#  and can be added to the global gitignore or merged into this file.  For a more nuclear
+#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
+.idea/
+
+.bash_history
+.vscode/
+core/static/admin
+core/static/debug_toolbar
+
 keys/
 handler/settings.ini
 handler/otp.key
 handler/certs/
-.vscode/

Dockerfile

@@ -0,0 +1,28 @@
+# syntax=docker/dockerfile:1
+FROM python:3
+ARG OPERATION
+
+RUN useradd -d /code xf
+RUN mkdir -p /code
+RUN chown -R xf:xf /code
+
+RUN mkdir -p /conf/static
+RUN chown -R xf:xf /conf
+
+RUN mkdir /venv
+RUN chown xf:xf /venv
+
+USER xf
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+WORKDIR /code
+COPY requirements.txt /code/
+RUN python -m venv /venv
+RUN . /venv/bin/activate && pip install -r requirements.txt
+
+# CMD . /venv/bin/activate && uwsgi --ini /conf/uwsgi.ini
+
+CMD if [ "$OPERATION" = "uwsgi" ] ; then . /venv/bin/activate && uwsgi --ini /conf/uwsgi.ini ; else . /venv/bin/activate && exec python manage.py runserver 0.0.0.0:8000; fi
+
+# CMD . /venv/bin/activate && uvicorn --reload --reload-include *.html --workers 2 --uds /var/run/socks/app.sock app.asgi:application
+# CMD . /venv/bin/activate && gunicorn -b 0.0.0.0:8000 --reload app.asgi:application -k uvicorn.workers.UvicornWorker

Makefile

@@ -0,0 +1,26 @@
+run:
+	docker-compose --env-file=stack.env up -d
+
+build:
+	docker-compose --env-file=stack.env build
+
+stop:
+	docker-compose --env-file=stack.env down
+
+log:
+	docker-compose --env-file=stack.env logs -f
+
+test:
+	docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py test $(MODULES) -v 2"
+
+migrate:
+	docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py migrate"
+
+makemigrations:
+	docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py makemigrations"
+
+auth:
+	docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py createsuperuser"
+
+token:
+	docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py addstatictoken m"

app/asgi.py

@@ -0,0 +1,16 @@
+"""
+ASGI config for app project.
+
+It exposes the ASGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/4.0/howto/deployment/asgi/
+"""
+
+import os
+
+from django.core.asgi import get_asgi_application
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "app.settings")
+
+application = get_asgi_application()

app/local_settings.py

@@ -0,0 +1,52 @@
+from os import getenv
+
+trues = ("t", "true", "yes", "y", "1")
+
+# URLs
+DOMAIN = getenv("DOMAIN", "example.com")
+URL = getenv("URL", f"https://{DOMAIN}")
+
+# Access control
+ALLOWED_HOSTS = getenv("ALLOWED_HOSTS", f"127.0.0.1,{DOMAIN}").split(",")
+
+# CSRF
+CSRF_TRUSTED_ORIGINS = getenv("CSRF_TRUSTED_ORIGINS", URL).split(",")
+
+# Stripe
+BILLING_ENABLED = getenv("BILLING_ENABLED", "false").lower() in trues
+
+STRIPE_TEST = getenv("STRIPE_TEST", "true").lower() in trues
+STRIPE_API_KEY_TEST = getenv("STRIPE_API_KEY_TEST", "")
+STRIPE_PUBLIC_API_KEY_TEST = getenv("STRIPE_PUBLIC_API_KEY_TEST", "")
+
+STRIPE_API_KEY_PROD = getenv("STRIPE_API_KEY_PROD", "")
+STRIPE_PUBLIC_API_KEY_PROD = getenv("STRIPE_PUBLIC_API_KEY_PROD", "")
+
+STRIPE_ENDPOINT_SECRET = getenv("STRIPE_ENDPOINT_SECRET", "")
+STATIC_ROOT = getenv("STATIC_ROOT", "")
+SECRET_KEY = getenv("SECRET_KEY", "")
+
+STRIPE_ADMIN_COUPON = getenv("STRIPE_ADMIN_COUPON", "")
+
+REGISTRATION_OPEN = getenv("REGISTRATION_OPEN", "false").lower() in trues
+
+NOTIFY_TOPIC = getenv("NOTIFY_TOPIC", "great-pluto")
+
+ELASTICSEARCH_USERNAME = getenv("ELASTICSEARCH_USERNAME", "elastic")
+ELASTICSEARCH_PASSWORD = getenv("ELASTICSEARCH_PASSWORD", "changeme")
+ELASTICSEARCH_HOST = getenv("ELASTICSEARCH_HOST", "localhost")
+ELASTICSEARCH_TLS = getenv("ELASTICSEARCH_TLS", "false") in trues
+
+DEBUG = getenv("DEBUG", "false").lower() in trues
+PROFILER = getenv("PROFILER", "false").lower() in trues
+
+if DEBUG:
+    import socket  # only if you haven't already imported this
+
+    hostname, _, ips = socket.gethostbyname_ex(socket.gethostname())
+    INTERNAL_IPS = [ip[: ip.rfind(".")] + ".1" for ip in ips] + [
+        "127.0.0.1",
+        "10.0.2.2",
+    ]
+
+SETTINGS_EXPORT = ["BILLING_ENABLED", "URL"]

app/settings.py

@@ -0,0 +1,230 @@
+"""
+Django settings for app project.
+
+Generated by 'django-admin startproject' using Django 4.0.6.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/4.0/topics/settings/
+
+For the full list of settings and their values, see
+https://docs.djangoproject.com/en/4.0/ref/settings/
+"""
+
+import os
+from pathlib import Path
+
+# Build paths inside the project like this: BASE_DIR / 'subdir'.
+BASE_DIR = Path(__file__).resolve().parent.parent
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/4.0/howto/deployment/checklist/
+
+# SECURITY WARNING: keep the secret key used in production secret!
+# MOVED TO local_settings.py
+
+ALLOWED_HOSTS = []
+
+# Application definition
+
+INSTALLED_APPS = [
+    "core",
+    "django.contrib.admin",
+    # 'core.apps.LibraryAdminConfig', # our custom OTP'ed admin
+    "django.contrib.auth",
+    "django.contrib.contenttypes",
+    "django.contrib.sessions",
+    "django.contrib.messages",
+    "django.contrib.staticfiles",
+    "debug_toolbar",
+    "template_profiler_panel",
+    "django_htmx",
+    "crispy_forms",
+    "crispy_bulma",
+    # "django_tables2",
+    # "django_tables2_bulma_template",
+    "django_otp",
+    "django_otp.plugins.otp_totp",
+    # "django_otp.plugins.otp_email",
+    # 'django_otp.plugins.otp_hotp',
+    "django_otp.plugins.otp_static",
+    "two_factor",
+    "two_factor.plugins.phonenumber",
+    # "two_factor.plugins.email",
+    # "two_factor.plugins.yubikey",
+    # "otp_yubikey",
+    "mixins",
+    "cachalot",
+]
+
+
+# Performance optimisations
+CACHES = {
+    "default": {
+        "BACKEND": "django.core.cache.backends.redis.RedisCache",
+        "LOCATION": "unix:///var/run/socks/redis.sock",
+        "OPTIONS": {
+            "db": "10",
+            "parser_class": "redis.connection.HiredisParser",
+            "pool_class": "redis.BlockingConnectionPool",
+        },
+    }
+}
+# CACHE_MIDDLEWARE_ALIAS = 'default'
+# CACHE_MIDDLEWARE_SECONDS = '600'
+# CACHE_MIDDLEWARE_KEY_PREFIX = ''
+
+CRISPY_TEMPLATE_PACK = "bulma"
+CRISPY_ALLOWED_TEMPLATE_PACKS = ("bulma",)
+DJANGO_TABLES2_TEMPLATE = "django-tables2/bulma.html"
+
+MIDDLEWARE = [
+    "debug_toolbar.middleware.DebugToolbarMiddleware",
+    "django.middleware.security.SecurityMiddleware",
+    "django.contrib.sessions.middleware.SessionMiddleware",
+    # 'django.middleware.cache.UpdateCacheMiddleware',
+    "django.middleware.common.CommonMiddleware",
+    # 'django.middleware.cache.FetchFromCacheMiddleware',
+    "django.middleware.csrf.CsrfViewMiddleware",
+    "django.contrib.auth.middleware.AuthenticationMiddleware",
+    "django_otp.middleware.OTPMiddleware",
+    "django.contrib.messages.middleware.MessageMiddleware",
+    "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    "django_htmx.middleware.HtmxMiddleware",
+]
+
+ROOT_URLCONF = "app.urls"
+
+TEMPLATES = [
+    {
+        "BACKEND": "django.template.backends.django.DjangoTemplates",
+        "DIRS": [os.path.join(BASE_DIR, "core/templates")],
+        "APP_DIRS": True,
+        "OPTIONS": {
+            "context_processors": [
+                "django.template.context_processors.debug",
+                "django.template.context_processors.request",
+                "django.contrib.auth.context_processors.auth",
+                "django.contrib.messages.context_processors.messages",
+                "core.util.django_settings_export.settings_export",
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = "app.wsgi.application"
+
+
+# Database
+# https://docs.djangoproject.com/en/4.0/ref/settings/#databases
+
+DATABASES = {
+    "default": {
+        "ENGINE": "django.db.backends.sqlite3",
+        "NAME": "/conf/db.sqlite3",
+    }
+}
+
+
+# Password validation
+# https://docs.djangoproject.com/en/4.0/ref/settings/#auth-password-validators
+
+AUTH_PASSWORD_VALIDATORS = [
+    {"NAME": f"django.contrib.auth.password_validation.{name}"}
+    for name in [
+        "UserAttributeSimilarityValidator",
+        "MinimumLengthValidator",
+        "CommonPasswordValidator",
+        "NumericPasswordValidator",
+    ]
+]
+
+
+# Internationalization
+# https://docs.djangoproject.com/en/4.0/topics/i18n/
+
+LANGUAGE_CODE = "en-us"
+
+TIME_ZONE = "UTC"
+
+USE_I18N = True
+
+USE_TZ = True
+
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/4.0/howto/static-files/
+
+STATIC_URL = "static/"
+
+# Default primary key field type
+# https://docs.djangoproject.com/en/4.0/ref/settings/#default-auto-field
+
+DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
+
+AUTH_USER_MODEL = "core.User"
+
+
+LOGOUT_REDIRECT_URL = "home"
+
+LOGIN_REDIRECT_URL = "home"
+# LOGIN_URL = "/accounts/login/"
+
+# 2FA
+LOGIN_URL = "two_factor:login"
+# LOGIN_REDIRECT_URL = 'two_factor:profile'
+
+# ALLOWED_PAYMENT_METHODS = ["bacs_debit", "card"]
+ALLOWED_PAYMENT_METHODS = ["card"]
+
+REST_FRAMEWORK = {
+    "DEFAULT_PARSER_CLASSES": [
+        "rest_framework.parsers.JSONParser",
+    ]
+}
+
+INTERNAL_IPS = [
+    "127.0.0.1",
+    "10.1.10.11",
+]
+
+DEBUG_TOOLBAR_PANELS = [
+    "template_profiler_panel.panels.template.TemplateProfilerPanel",
+    "debug_toolbar.panels.history.HistoryPanel",
+    "debug_toolbar.panels.versions.VersionsPanel",
+    "debug_toolbar.panels.timer.TimerPanel",
+    "debug_toolbar.panels.settings.SettingsPanel",
+    "debug_toolbar.panels.headers.HeadersPanel",
+    "debug_toolbar.panels.request.RequestPanel",
+    "debug_toolbar.panels.sql.SQLPanel",
+    "debug_toolbar.panels.staticfiles.StaticFilesPanel",
+    "debug_toolbar.panels.templates.TemplatesPanel",
+    "debug_toolbar.panels.cache.CachePanel",
+    "debug_toolbar.panels.signals.SignalsPanel",
+    "debug_toolbar.panels.logging.LoggingPanel",
+    "debug_toolbar.panels.redirects.RedirectsPanel",
+    "debug_toolbar.panels.profiling.ProfilingPanel",
+    "cachalot.panels.CachalotPanel",
+]
+
+from app.local_settings import *  # noqa
+
+if PROFILER:  # noqa - trust me its there
+    import pyroscope
+
+    pyroscope.configure(
+        application_name="neptune",
+        server_address="http://pyroscope:4040",
+        auth_token=os.getenv("PYROSCOPE_AUTH_TOKEN", ""),
+        # tags           = {
+        #     "region":   f'{os.getenv("REGION")}',
+        # }
+    )
+
+
+def show_toolbar(request):
+    return DEBUG  # noqa: from local imports
+
+
+DEBUG_TOOLBAR_CONFIG = {
+    "SHOW_TOOLBAR_CALLBACK": show_toolbar,
+}

app/urls.py

@@ -0,0 +1,43 @@
+"""app URL Configuration
+
+The `urlpatterns` list routes URLs to views. For more information please see:
+    https://docs.djangoproject.com/en/4.0/topics/http/urls/
+Examples:
+Function views
+    1. Add an import:  from my_app import views
+    2. Add a URL to urlpatterns:  path('', views.home, name='home')
+Class-based views
+    1. Add an import:  from other_app.views import Home
+    2. Add a URL to urlpatterns:  path('', Home.as_view(), name='home')
+Including another URLconf
+    1. Import the include() function: from django.urls import include, path
+    2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
+"""
+from django.conf import settings
+from django.conf.urls.static import static
+from django.contrib import admin
+from django.contrib.auth.views import LogoutView
+from django.urls import include, path
+from two_factor.urls import urlpatterns as tf_urls
+
+from core.views import (
+    base,
+    notifications,
+)
+
+# from core.views.stripe_callbacks import Callback
+
+urlpatterns = [
+    path("__debug__/", include("debug_toolbar.urls")),
+    path("", base.Home.as_view(), name="home"),
+    path("sapp/", admin.site.urls),
+    # 2FA login urls
+    path("", include(tf_urls)),
+    path("accounts/signup/", base.Signup.as_view(), name="signup"),
+    path("accounts/logout/", LogoutView.as_view(), name="logout"),
+    path(
+        "notifications/<str:type>/update/",
+        notifications.NotificationsUpdate.as_view(),
+        name="notifications_update",
+    ),
+] + static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)

app/wsgi.py

@@ -0,0 +1,16 @@
+"""
+WSGI config for app project.
+
+It exposes the WSGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/4.0/howto/deployment/wsgi/
+"""
+
+import os
+
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "app.settings")
+
+application = get_wsgi_application()

docker-compose.yml

@@ -0,0 +1,172 @@
+version: "2.2"
+   
+services:
+  app:
+    image: xf/pluto:prod
+    container_name: pluto
+    build:
+      context: .
+      args:
+        OPERATION: ${OPERATION}
+    volumes:
+      - ${REPO_DIR}:/code
+      - ${REPO_DIR}/docker/uwsgi.ini:/conf/uwsgi.ini
+      - ${APP_DATABASE_FILE}:/conf/db.sqlite3
+      - pluto_static:${STATIC_ROOT}
+    #ports:
+    # - "8000:8000" # uwsgi socket
+    env_file:
+      - stack.env
+    volumes_from:
+      - tmp
+    depends_on:
+      redis:
+        condition: service_healthy
+      migration:
+        condition: service_started
+      collectstatic:
+        condition: service_started
+    networks:
+      - default
+      - xf
+      - elastic
+
+  scheduling:
+    image: xf/pluto:prod
+    container_name: scheduling_pluto
+    build:
+      context: .
+      args:
+        OPERATION: ${OPERATION}
+    command: sh -c '. /venv/bin/activate && python manage.py scheduling'
+    volumes:
+      - ${REPO_DIR}:/code
+      - ${REPO_DIR}/docker/uwsgi.ini:/conf/uwsgi.ini
+      - ${APP_DATABASE_FILE}:/conf/db.sqlite3
+      - pluto_static:${STATIC_ROOT}
+    env_file:
+      - stack.env
+    volumes_from:
+      - tmp
+    depends_on:
+      redis:
+        condition: service_healthy
+      migration:
+        condition: service_started
+      collectstatic:
+        condition: service_started
+    networks:
+      - default
+      - xf
+      - elastic
+
+  migration:
+    image: xf/pluto:prod
+    container_name: migration_pluto
+    build:
+      context: .
+      args:
+        OPERATION: ${OPERATION}
+    command: sh -c '. /venv/bin/activate && python manage.py migrate --noinput'
+    volumes:
+      - ${REPO_DIR}:/code
+      - ${APP_DATABASE_FILE}:/conf/db.sqlite3
+      - pluto_static:${STATIC_ROOT}
+    volumes_from:
+      - tmp
+    env_file:
+      - stack.env
+
+  collectstatic:
+    image: xf/pluto:prod
+    container_name: collectstatic_pluto
+    build:
+      context: .
+      args:
+        OPERATION: ${OPERATION}
+    command: sh -c '. /venv/bin/activate && python manage.py collectstatic --noinput'
+    volumes:
+      - ${REPO_DIR}:/code
+      - ${APP_DATABASE_FILE}:/conf/db.sqlite3
+      - pluto_static:${STATIC_ROOT}
+    volumes_from:
+      - tmp
+    env_file:
+      - stack.env
+
+  nginx:
+    image: nginx:latest
+    container_name: nginx_pluto
+    ports:
+      - ${APP_PORT}:9999
+    ulimits:
+      nproc: 65535
+      nofile:
+         soft: 65535
+         hard: 65535
+    volumes:
+      - ${REPO_DIR}:/code
+      - ${REPO_DIR}/docker/nginx/conf.d/${OPERATION}.conf:/etc/nginx/conf.d/default.conf
+      - pluto_static:${STATIC_ROOT}
+    volumes_from:
+      - tmp
+    networks:
+      - default
+      - xf
+    depends_on:
+      app:
+        condition: service_started
+
+
+    # volumes_from:
+    #   - tmp
+    # depends_on:
+    #   redis:
+    #     condition: service_healthy
+
+  tmp:
+    image: busybox
+    container_name: tmp_pluto
+    command: chmod -R 777 /var/run/socks
+    volumes:
+      - /var/run/socks
+
+  # For caching
+  redis:
+    image: redis
+    container_name: redis_pluto
+    command: redis-server /etc/redis.conf
+    ulimits:
+      nproc: 65535
+      nofile:
+         soft: 65535
+         hard: 65535
+    volumes:
+      - ${REPO_DIR}/docker/redis.conf:/etc/redis.conf
+      - pluto_redis_data:/data
+    volumes_from:
+      - tmp
+    healthcheck:
+      test: "redis-cli -s /var/run/socks/redis.sock ping"
+      interval: 2s
+      timeout: 2s
+      retries: 15
+
+  # pyroscope:
+  #   image: "pyroscope/pyroscope:latest"
+  #   ports:
+  #     - "4040:4040"
+  #   command:
+  #     - "server"
+
+networks:
+  default:
+    driver: bridge
+  xf:
+    external: true
+  elastic:
+    external: true
+
+volumes:
+  pluto_static: {}
+  pluto_redis_data: {}

docker/nginx/conf.d/dev.conf

@@ -0,0 +1,23 @@
+upstream django {
+    #server app:8000;
+    #server unix:///var/run/socks/app.sock;
+    server app:8000;
+}
+
+server {
+  listen 9999;
+
+  location = /favicon.ico { access_log off; log_not_found off; }
+
+  location /static/ {
+    root /conf;
+  }
+
+  location / {
+    proxy_pass  http://django;
+    proxy_set_header   X-Real-IP $remote_addr;
+    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header   Host $host;
+  }
+
+}

docker/nginx/conf.d/uwsgi.conf

@@ -0,0 +1,24 @@
+upstream django {
+    server app:8000;
+    #server unix:///var/run/socks/app.sock;
+}
+
+server {
+  listen 9999;
+
+  location = /favicon.ico { access_log off; log_not_found off; }
+
+  location /static/ {
+    root /conf;
+  }
+
+  location / {
+      include     /etc/nginx/uwsgi_params; # the uwsgi_params file you installed
+      uwsgi_pass  django;
+      uwsgi_param Host $host;
+      uwsgi_param X-Real-IP $remote_addr;
+      uwsgi_param X-Forwarded-For $proxy_add_x_forwarded_for;
+      uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
+  }
+
+}

docker/redis.conf

@@ -0,0 +1,2 @@
+unixsocket /var/run/socks/redis.sock
+unixsocketperm 777

docker/uwsgi.ini

@@ -0,0 +1,12 @@
+[uwsgi]
+chdir=/code
+module=app.wsgi:application
+env=DJANGO_SETTINGS_MODULE=app.settings
+master=1
+pidfile=/tmp/project-master.pid
+socket=0.0.0.0:8000
+harakiri=20
+max-requests=100000
+vacuum=1
+home=/venv
+processes=12

manage.py

@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+"""Django's command-line utility for administrative tasks."""
+import os
+import sys
+
+
+def main():
+    """Run administrative tasks."""
+    os.environ.setdefault("DJANGO_SETTINGS_MODULE", "app.settings")
+    try:
+        from django.core.management import execute_from_command_line
+    except ImportError as exc:
+        raise ImportError(
+            "Couldn't import Django. Are you sure it's installed and "
+            "available on your PYTHONPATH environment variable? Did you "
+            "forget to activate a virtual environment?"
+        ) from exc
+    execute_from_command_line(sys.argv)
+
+
+if __name__ == "__main__":
+    main()

requirements.txt

@@ -0,0 +1,36 @@
+wheel
+uwsgi
+django
+pre-commit
+django-crispy-forms==1.14.0
+crispy-bulma
+django-rest-framework
+django-htmx
+cryptography
+django-debug-toolbar
+django-debug-toolbar-template-profiler
+orjson
+django-otp
+django-two-factor-auth
+django-otp-yubikey
+phonenumbers
+qrcode
+pydantic
+glom
+elasticsearch
+apscheduler
+git+https://git.zm.is/XF/django-crud-mixins
+# For caching
+redis
+hiredis
+django-cachalot
+PyOTP
+pycoingecko
+requests
+arrow
+httpx
+forex_python
+pyOpenSSL
+Klein
+ConfigObject
+