Update Docker configuration: change command to use entrypoint script, set superuser environment variables, and adjust NGINX settings for port and server name.

2025-11-11 10:43:23 +00:00
parent 7021035f94
commit 99ae905cb0
8 changed files with 92 additions and 7 deletions
--- a/app/apps/core/management/init.py
+++ b/app/apps/core/management/init.py
@@ -0,0 +1,2 @@
+# Intentionally empty to mark package
+
--- a/app/apps/core/management/commands/init.py
+++ b/app/apps/core/management/commands/init.py
@@ -0,0 +1,2 @@
+# Intentionally empty to mark package
+
--- a/app/apps/core/management/commands/ensure_admin.py
+++ b/app/apps/core/management/commands/ensure_admin.py
@@ -0,0 +1,68 @@
+import os
+
+from django.contrib.auth import get_user_model
+from django.core.management.base import BaseCommand
+
+
+class Command(BaseCommand):
+    help = "Ensure a Django superuser exists using environment variables"
+
+    def handle(self, *args, **options):
+        username = (
+            os.getenv("DJANGO_SUPERUSER_USERNAME")
+            or os.getenv("KEYWARDEN_ADMIN_USERNAME")
+        )
+        email = (
+            os.getenv("DJANGO_SUPERUSER_EMAIL")
+            or os.getenv("KEYWARDEN_ADMIN_EMAIL")
+        )
+        password = (
+            os.getenv("DJANGO_SUPERUSER_PASSWORD")
+            or os.getenv("KEYWARDEN_ADMIN_PASSWORD")
+        )
+
+        if not username or not email or not password:
+            self.stdout.write(
+                self.style.WARNING(
+                    "Superuser env vars not fully set; skipping ensure_admin. "
+                    "Set DJANGO_SUPERUSER_USERNAME, DJANGO_SUPERUSER_EMAIL, "
+                    "DJANGO_SUPERUSER_PASSWORD (or KEYWARDEN_ADMIN_*)."
+                )
+            )
+            return
+
+        User = get_user_model()
+
+        user, created = User.objects.get_or_create(username=username, defaults={
+            "email": email,
+            "is_staff": True,
+            "is_superuser": True,
+        })
+
+        if created:
+            user.set_password(password)
+            user.save()
+            self.stdout.write(self.style.SUCCESS(f"Superuser '{username}' created."))
+            return
+
+        changed = False
+
+        if user.email != email:
+            user.email = email
+            changed = True
+
+        # Ensure flags are correct
+        if not user.is_staff:
+            user.is_staff = True
+            changed = True
+        if not user.is_superuser:
+            user.is_superuser = True
+            changed = True
+
+        if changed:
+            user.save()
+            self.stdout.write(self.style.SUCCESS(f"Superuser '{username}' updated."))
+        else:
+            self.stdout.write(self.style.SUCCESS(f"Superuser '{username}' already present."))
+
+
--- a/app/entrypoint.sh
+++ b/app/entrypoint.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+set -eu
+
+python manage.py migrate --noinput
+python manage.py ensure_admin
+
+exec gunicorn keywarden.wsgi:application --bind 0.0.0.0:80 --workers 3
+
+