Heroku

DNS

Set up two addresses per environment, one for the public site and one for the apply site.
Add the addresses first to Heroku to get the the DNS target for the CNAME entry.
OBS! If you are using Cloudflare ignore the DNS targets and use the Heroku application URL instead, something like [dev-app-name].herokuapp.com.
Add redirects for robots.txt and favicon.ico to /static/robots.txt and /static/favicon.ico.

Heroku

Create a Heroku app for your project. A dev, test and live environment is good to have.
Connect the Heroku app to your git repo or push your code directly to Heroku. If you are using GitHub I recommend selecting it as the "deployment method".
Then so the following steps for each environment.
    1.
    Set these settings as a minimum:
    2.
    API_BASE_URL
    3.
    BASIC_AUTH_ENABLED
    4.
    BASIC_AUTH_LOGIN
    5.
    BASIC_AUTH_PASSWORD
    6.
    DJANGO_SETTINGS_MODULE
    7.
    EMAIL_HOST
    8.
    ON_HEROKU=true (so correct production settings gets loaded)
    9.
    ORG_LONG_NAME
    10.
    ORG_SHORT_NAME
    11.
    ORG_EMAIL
    12.
    SECRET_KEY
    13.
    SEND_MESSAGES
    14.
    SERVER_EMAIL
    15.
    STAFF_EMAIL_DOMAINS
Generate secret key with:
1
python -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())"
Copied!
    1.
    Add Heroku Postgres as a add-on. "Hobby dev" or "Hobby basic" works for dev and test and "Standard 0" is a good start for production.
    2.
    Add buildpacks for Nodejs and Python, make sure Nodejs is listed first.
    3.
    Temporarily remove the "release" step from the "Procfile". It has a clear cache step that will fail until the cache tables are created.
    4.
    Deploy the appropriate branch.
    5.
    Activate dynos to run your app. For dev and test the "Hobby" level works well. For production a "Standard-2X" with a dyno count of 2 and WEB_CONCURRENCY set to 3 performance well.
    6.
    Run the following commands from the command line with the help of heroku-cli. If it's the first time you use heroku-cli you first need to login with heroku login.
1
$ heroku run python manage.py migrate -a [name-of-app]
2
$ heroku run python manage.py createcachetable -a [name-of-app]
3
$ heroku run python manage.py createsuperuser -a [name-of-app]
4
$ heroku run python manage.py wagtailsiteupdate [the-public-address] [the-apply-address] 443 -a [name-of-app]
Copied!
    1.
    Now add the "release" step back to the "Procfile" and deploy again.
You should now have a running site.

AWS S3

Set up a bucket for private files and another for public files. Private files are uploads on submissions.
Set these settings as a minimum:
    AWS_ACCESS_KEY_ID
    AWS_SECRET_ACCESS_KEY
    AWS_STORAGE_BUCKET_NAME (most often same as AWS_PUBLIC_BUCKET_NAME)
    AWS_PRIVATE_BUCKET_NAME
    AWS_PUBLIC_BUCKET_NAME
Optionally set these as well:
    AWS_PUBLIC_CUSTOM_DOMAIN
    AWS_QUERYSTRING_EXPIRE

Private bucket

Properties:
Versioning enabled. Default encryption enables AES-256
CORS configuration:
1
<?xml version="1.0" encoding="UTF-8"?>
2
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
3
<CORSRule>
4
<AllowedOrigin>*</AllowedOrigin>
5
<AllowedMethod>GET</AllowedMethod>
6
<AllowedMethod>POST</AllowedMethod>
7
<AllowedMethod>PUT</AllowedMethod>
8
<MaxAgeSeconds>3000</MaxAgeSeconds>
9
<AllowedHeader>*</AllowedHeader>
10
</CORSRule>
11
</CORSConfiguration>
Copied!

Public bucket

Properties:
Versioning enabled.
Access Control List:
Public access -> Everyone -> List Yes
CORS configuration:
1
<?xml version="1.0" encoding="UTF-8"?>
2
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
3
<CORSRule>
4
<AllowedOrigin>*</AllowedOrigin>
5
<AllowedMethod>GET</AllowedMethod>
6
<AllowedMethod>POST</AllowedMethod>
7
<AllowedMethod>PUT</AllowedMethod>
8
<MaxAgeSeconds>3000</MaxAgeSeconds>
9
<AllowedHeader>*</AllowedHeader>
10
</CORSRule>
11
</CORSConfiguration>
Copied!
Bucket policy:
1
{
2
"Version": "2012-10-17",
3
"Id": "Policy1562302603386",
4
"Statement": [
5
{
6
"Sid": "Stmt1562302600239",
7
"Effect": "Allow",
8
"Principal": "*",
9
"Action": "s3:GetObject",
10
"Resource": "arn:aws:s3:::public.example.com/*"
11
}
12
]
13
}
Copied!

Mailgun

Set:
    MAILGUN_API_KEY
And it should just work.
Last modified 6mo ago