69ee0bc6ac55b117614acf0211330b1acb020527 — Krystian ChachuĊ‚a 3 months ago fcf795f master
Add production deployment info
1 files changed, 117 insertions(+), 1 deletions(-)

M README.md => README.md +117 -1
@@ 6,8 6,124 @@ Live demo available at <https://demo.buyfriend.org/>.


## Running
## Running (development)

flask --app buyfriend init-db
flask --app buyfriend create-user user@localhost "User Name"
flask --app buyfriend run

## Deploying (production)

We recommend to use [Alpine Linux](https://alpinelinux.org/),
[NGINX](https://www.nginx.com/) and [Gunicorn](https://gunicorn.org/) to serve
buyfriend in production environments.

Buyfriend is available in a third party package repository:
You'll need to add it (refer to the link above for instructions) in order to
install buyfriend from the package manager.

doas apk add nginx gunicorn buyfriend

Create socket and instance directories and give ownership to the buyfriend user.

doas mkdir -p /var/run/buyfriend /var/lib/buyfriend
doas chown buyfriend:buyfriend /var/run/buyfriend /var/lib/buyfriend

Use the following NGINX configuration.
Replace `demo.buyfriend.org` with your domain.

server {
	listen 80 default_server;
	listen [::]:80 default_server;

	location / {
		return 302 https://$host$request_uri;

	location ^~ /.well-known {
		root /var/www;

server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	server_name demo.buyfriend.org;
	ssl_certificate /etc/ssl/uacme/demo.buyfriend.org/cert.pem;
	ssl_certificate_key /etc/ssl/uacme/private/demo.buyfriend.org/key.pem;

	location / {
		error_page 502 /502.html;

		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_set_header Host $http_host;
		proxy_redirect off;
		proxy_pass http://unix:/var/run/buyfriend/buyfriend.sock;

	location /photos {
		root /var/lib/buyfriend/;
		expires 1d;

	location /static {

		# Keep me up to date
		root /usr/lib/python3.11/site-packages/buyfriend/;

		gzip_types text/css;
		expires 1h;

	location = /502.html {
		return 502 "Site temporarily unavailable. Please try again in a moment.";

Edit `/etc/conf.d/buyfriend`:

BUYFRIEND_GUNICORN_ARGS="--worker-class gevent --workers 2 --keep-alive 5"

export BUYFRIEND_LOG_LEVEL=INFO  # set log level early to see config loading logs
#export BUYFRIEND_CONFIG=/etc/buyfriend/buyfriend.toml  # default value

Edit `/etc/buyfriend/buyfriend.toml` to your liking.
It is required to change the secret key, server name, admin email and SMTP
You can generate the secret key like this:

python -c 'import secrets; print(secrets.token_hex())'

Initialize database and create your first user account.

export BUYFRIEND_CONFIG=/etc/buyfriend/buyfriend.toml
doas -u buyfriend flask --app buyfriend init-db
doas -u buyfriend flask --app buyfriend create-user user@localhost "User Name"

Start buyfriend and NGINX and make them start on boot.

doas rc-service buyfriend start
doas rc-service nginx reload
doas rc-update add buyfriend
doas rc-update add nginx