The following are some recommendations for deploying production Pegasus applications.
Run the Django deployment checklist#
Django provides a deployment checklist that
helps ensure your site has some of the most important settings properly configured for production environments.
It is executed by running
manage.py check --deploy on your production server.
It’s recommended to run this on your production application and address any critical issues.
The default Pegasus configuration will contain some warnings, to help prevent misconfigurations which
can affect your site’s availability. Not all warnings are serious issues and some may not be possible to address
(e.g. if part of your site must be available over HTTP instead of HTTPS).
After running the
manage.py check --deploy command you should read through the documentation for any issues you get
and update the relevant settings where necessary.
Note: The “unable to guess serializer” warnings are safe to ignore, and will be fixed in a future version of Pegasus.
In your app’s
settings_production.py be sure to update the
with the domain(s) you want the site to be available from, replacing the
'*' that is there by default:
ALLOWED_HOSTS = [ 'example.com', # use your app's domain here ]
Failure to do this opens up your site to more HTTP host header attacks.
Update your Django Site#
Set up email#
If you haven’t already, you’ll want to set up your site to send email
Make sure your secrets are set#
Application secrets (e.g. API keys, passwords, etc.) are managed in environment variables. Ensure that you have configured the following variables (if you are using them):
All apps should set
SECRET_KEYto a long, randomly-generated value.
If you’re using Stripe, you should set the
STRIPE_LIVE_SECRET_KEYconfig vars (or whatever subset you are using).
If you set up email, ensure whatever keys/secrets you need are set.
If you’re using Mailchimp, set
Refer to your chosen platform’s documentation for details on how to set environment variables in that platform.
Sync Stripe data#
After setting up your Stripe variables per above, you’ll want to run:
python manage.py bootstrap_subscriptions
to initialize your subscription data.
See your chosen platform’s documentation for how to run one-off commands.
Set up media files#
Some functionality, like user profile pictures, requires saving user-uploaded files. In development these are saved to the file system, but in most production environments the file system is not usable for it. Instead, you need to set up an external storage to handle these.
There is guidance on configuring media files in the settings and configuration docs.
Future versions of Pegasus should improve on this process.
Optimize your front end#
The front-end files that ship with Pegasus are the developer-friendly versions. In production, these should be optimized.
First you should add the compiled files to your
.gitignore as described in the front end docs.
Then, as part of your CI/CD deployment process, you should build the bundle files directly on your production server
npm install && npm run build).
This will ensure that the latest, optimized version of the front-end code is always deployed as part of your production environment.
The platform-specific docs have some guidance on setting this up where possible.
Update other configuration options#
See the configuration page for a larger list of options, including social login, sign up flow changes, analytics, logging, and so on.