I recently released DJ Checkup which is a fork from the now defunct Pony Checkup site. It’s a free security resource that will scan your Django site for common security errors and suggest how to fix them.
The architecture of the site needs a lot of work but the security checks are sound and it makes great recommendations. I’m currently working on a rewrite that makes it easier to add and remove checks in the future. Currently, to add a new check requires code changes throughout the site which is not great.
The site is running on a Vultr VPS on the US West Coast. It’s a fairly straight forward Django 3.1 app with a small PostgreSQL database and Redis server as a queue. A worker server uses Django-RQ to pick up tasks from the queue and run the checks. This is the same architecture I describe in the Advanced Django-RQ Example post. I’m also using Django-Storages for the first time—I’ll post a tutorial about this soon—and this is used to offload static files to an S3 bucket which is fronted by Cloudfront CDN.
I took this opportunity to do a deep dive on Terraform, and so I’m using this to fully provision all infrastructure in the dev, test, and production environments. Once the infrastructure is deployed, I use Ansible to configure the servers and deploy the app, which is using Docker for automation. This means the whole process is automated, repeatable and documented with code.
Great learning experience. Check out DJ Checkup and give your Django site a scan. If you’re interested to see what a perfect score looks like, take a look at the scan of DJ Checkup itself.
2 responses to “DJ Checkup”
Hey there, do you have more info on the whole automation deployment for infrastructure and server configuration? That would be greatly appreaciated.
Awesome work, thanks.
Hi JC – sorry for the delay, your comment got hidden away in the moderation queue. I have been meaning to post some details on how I automated the deployment, so will make a point to do that soon. I’m not sure if my process is that optimal yet, but I’ll let others be the judge of that.
Cheers – Stuart.