Skip to content

Latest commit

 

History

History
78 lines (62 loc) · 4.13 KB

features.md

File metadata and controls

78 lines (62 loc) · 4.13 KB

RT cookiecutter template selling points

Main features

  • Cookiecutter template allowing long term support using Cruft update mechanism
  • Docker and docker compose for easy & simple (c) development and deployment
  • Latest python from 3.11 line
  • Latest Django LTS release
  • Gunicorn for running WSGI instances on prod
  • Uvicorn for ASGI instances on prod
  • Nginx as high-performance reverse proxy with automatic SSL certificate renewal
  • Postgres for database
  • Task management via celery with scheduled tasks support (using celery-beat)
  • Multiple workers & queues supported (if you need to divide / prioritize tasks and apply different levels of concurrency)

Self-hosted configuration

  • Persistent redis for task management backend
  • Celery task monitoring via flower

Cloud configuration options

  • AWS support: terraform to deploy RDS, SQS, ELB etc
  • Vultr: terraform for deploying application on cheap VPS servers
  • Support for transaction-based database connection pooling

Configuration

  • .env files for configuration; preconfigured .env for both local and prod environments
  • django-debug-toolbar (enabled for local environment) for debugging app performance
  • ipython included for nice interactive django shell
  • django-extensions for drawing graph of models and more

Continuous integration

  • Github Actions for CI/CD
  • nox for workflow automation
  • ruff for linting & auto fixing python code
  • shellcheck for linting & auto fixing shell scripts
  • pytest with xdist for efficient parallel testing

Deployment

  • 2-stage docker image build for clean app image (both debian-based and alpine-based base images are supported)
  • Easy deployment based on git push production master
  • Redeployment doesn't stop db, redis and nginx containers -> non-interrupted deployments
  • Migrations are done during deployment, before application startup -> application won't be run on unmigrated database

Security & performance

  • CORS headers preconfigured
  • CSP integrated
  • BREACH attack mitigation
  • Brotli compression support
  • 0-RTT TLS 1.3 Early Data support
  • http/2 support
  • TLS 1.2&1.3 via letsencrypt with auto-renewal
  • Forward secrecy ciphers
  • Overall ssllabs security class: A+ 100/100/90/90 (to keep compatibility with some older clients)
  • Optional fingerprinting of users on backend and frontend sides

Reliability

  • Cost-efficient & secure automatic database backups
    • B2 cloud storage using a writeFiles-only key with and option to store them locally or send them over email
    • zstd compression for efficient storage & excellent speed for both backup and restore
  • Scripted and repeatable procedure for restoring the system from a backup
  • Sentry error tracking preconfigured
  • Grafana for metrics and log aggregation (Grafana Loki)
    • Prometheus for data collection
    • Grafana Loki for log aggregation with Promtail for log shipping
    • Generic host dashboard section optimized for both VM and physical machines
    • nginx-level dashboard section for http/ws statistics
    • Active monitoring dashboard (http ping)
    • Alert history dashboard
  • Alertmanager for detecting issues and alerting