These scripts will help setup the Azure deployment
You will need to create a Key Vault to store secrets for the App Service. The Key Vault should contain the following secrets:
| name | value | description |
|---|---|---|
| DEBUG | False |
Set to False for prod |
| DJANGO-LOG-LEVEL | INFO |
Set to DEBUG for local dev and INFO for prod |
| GOOGLE-CLOUD-PROJECT | The Project ID for GCP | |
| SECRET-KEY | The SECRET_KEY generated by Django |
|
| POSTGRES-DB | postgres |
The Postgres database name |
| POSTGRES-USER | The username of the Postgres User | |
| POSTGRES-PASSWORD | A (secure) password for the Postgres User | |
| POSTGRES-HOST | The external IP for the Compute Engine instance with Postgres | |
| POSTGRES-PORT | 5432 |
The port for the Postgres Database |
| SENDGRID-API-KEY | The API key for SendGrid | |
| SENDGRID-ADMIN-EMAIL | The admin group email | |
| SENDGRID-NO-REPLY-EMAIL | The email address to use as the sender | |
| GOOGLE-CLIENT-ID | The client ID for Google OAuth2 | |
| GOOGLE-CLIENT-SECRET | The client secret for Google OAuth2 |
NOTE: The underscores have been replaced with dashes
As you create these secrets, you need to take note of the "Secret Identifier" as you will need them later
You can complete this using the Azure Portal or CLI. The example will be using the Azure Portal (CLI Instuctions TBD)
NOTE: The rest of this README will assume that you have experience with Azure
Create a web app with the following specifications:
Basic
| name | value |
|---|---|
| Publish | Docker Container |
| Operating System | Linux |
Docker
| name | value | description |
|---|---|---|
| Options | Single Container | |
| Image Source | Private Registry | |
| Server URL | https://quay.io |
|
| Username | The username of the robot account for Quay | |
| Password | The token for the robot account for Quay | |
| Full Image Name and Tag | nimbusinformatics/bdcat-data-tracker:latest |
From here, you will need to go into "Deployment>Deployment Center" and turn on Continuous Deployment
Since secrets are not stored in Quay container, you must insert them into the Application settings. Within the Application Settings, you will need to add the following:
| name |
|---|
| DEBUG |
| DJANGO_LOG_LEVEL |
| GOOGLE_CLOUD_PROJECT |
| SECRET_KEY |
| POSTGRES_DB |
| POSTGRES_USER |
| POSTGRES_PASSWORD |
| POSTGRES_HOST |
| POSTGRES_PORT |
| SENDGRID_API_KEY |
| SENDGRID_ADMIN_EMAIL |
| SENDGRID_NO_REPLY_EMAIL |
| GOOGLE_CLIENT_ID |
| GOOGLE_CLIENT_SECRET |
The value of each of there Application settings will be the value of the corresponding secret. These are in the format of:
@Microsoft.KeyVault(SecretUri={SECRET_IDENTIFIER})
Replace the {SECRET_IDENTIFIER} with the value of the secret identifier
You will need to create a single-server database with the following specifications:
Basics
| name | value |
|---|---|
| Version | 11 |
| Admin username | postgres |
NOTE: This may take a several minutes
From here, you will need to go to "Settings>Connection security":
| name | value |
|---|---|
| Firewall rule name | Add 0.0.0.0 - 255.255.255.255 |
| Enforce SSL connection | DISABLED |
Take note of the "Admin username" and "Server name" as that will be your POSTGRES_USER and POSTGRES_HOST environment variables