pulumi-django-azure 1.0.4__py3-none-any.whl → 1.0.7__py3-none-any.whl

pulumi_django_azure/django_deployment.py

@@ -14,6 +14,7 @@ class DjangoDeployment(pulumi.ComponentResource):
         tenant_id: str,
         resource_group_name: pulumi.Input[str],
         vnet: azure.network.VirtualNetwork,
+        pgsql_sku: azure.dbforpostgresql.SkuArgs,
         pgsql_ip_prefix: str,
         appservice_ip_prefix: str,
         app_service_sku: azure.web.SkuDescriptionArgs,
@@ -28,11 +29,13 @@ class DjangoDeployment(pulumi.ComponentResource):
         :param tenant_id: The Entra tenant ID for the database authentication.
         :param resource_group_name: The resource group name to create the resources in.
         :param vnet: The virtual network to create the subnets in.
+        :param pgsql_sku: The SKU for the PostgreSQL server.
         :param pgsql_ip_prefix: The IP prefix for the PostgreSQL subnet.
         :param appservice_ip_prefix: The IP prefix for the app service subnet.
         :param app_service_sku: The SKU for the app service plan.
         :param storage_account_name: The name of the storage account. Should be unique across Azure.
         :param cdn_host: A custom CDN host name (optional)
+        :param comms_data_location: The data location for the Communication Services (optional if you don't need it)
         :param opts: The resource options
         """
 
@@ -50,7 +53,7 @@ class DjangoDeployment(pulumi.ComponentResource):
         self._cdn_host = self._create_cdn(custom_host=cdn_host)
 
         # PostgreSQL resources
-        self._create_database(ip_prefix=pgsql_ip_prefix)
+        self._create_database(sku=pgsql_sku, ip_prefix=pgsql_ip_prefix)
 
         # Subnet for the apps
         self._app_subnet = self._create_subnet(
@@ -145,7 +148,7 @@ class DjangoDeployment(pulumi.ComponentResource):
             # Return the default CDN host name
             return self._cdn_endpoint.host_name
 
-    def _create_database(self, ip_prefix: str):
+    def _create_database(self, sku: azure.dbforpostgresql.SkuArgs, ip_prefix: str):
         # Create subnet for PostgreSQL
         subnet = self._create_subnet(
             name="pgsql",
@@ -176,10 +179,7 @@ class DjangoDeployment(pulumi.ComponentResource):
         self._pgsql = azure.dbforpostgresql.Server(
             f"pgsql-{self._name}",
             resource_group_name=self._rg,
-            sku=azure.dbforpostgresql.SkuArgs(
-                name="Standard_B2s",
-                tier=azure.dbforpostgresql.SkuTier.BURSTABLE,
-            ),
+            sku=sku,
             version="16",
             auth_config=azure.dbforpostgresql.AuthConfigArgs(
                 password_auth=azure.dbforpostgresql.PasswordAuthEnum.DISABLED,
@@ -260,8 +260,6 @@ class DjangoDeployment(pulumi.ComponentResource):
                     # azure.web.NameValuePairArgs(name="WEBSITE_HTTPLOGGING_RETENTION_DAYS", value="7"),
                     # pgAdmin settings
                     azure.web.NameValuePairArgs(name="PGADMIN_DISABLE_POSTFIX", value="true"),
-                    azure.web.NameValuePairArgs(name="PGADMIN_AUTHENTICATION_SOURCES", value="['oauth2, 'internal']"),
-                    azure.web.NameValuePairArgs(name="PGADMIN_OAUTH2_NAME", value="azure"),
                     azure.web.NameValuePairArgs(name="PGADMIN_DEFAULT_EMAIL", value="dbadmin@dbadmin.net"),
                     azure.web.NameValuePairArgs(name="PGADMIN_DEFAULT_PASSWORD", value="dbadmin"),
                 ],
@@ -348,6 +346,51 @@ class DjangoDeployment(pulumi.ComponentResource):
                 host_name=host,
             )
 
+    def _add_webapp_comms(self, data_location: str, domains: list[str], suffix: str) -> azure.communication.CommunicationService:
+        email_service = azure.communication.EmailService(
+            f"comms-email-{suffix}",
+            resource_group_name=self._rg,
+            location="global",
+            data_location=data_location,
+        )
+
+        domain_resources = []
+        if domains:
+            # Add our own custom domains
+            for domain in domains:
+                safe_host = domain.replace(".", "-")
+                d = azure.communication.Domain(
+                    f"comms-email-domain-{suffix}-{safe_host}",
+                    resource_group_name=self._rg,
+                    location="global",
+                    domain_management=azure.communication.DomainManagement.CUSTOMER_MANAGED,
+                    domain_name=domain,
+                    email_service_name=email_service.name,
+                )
+                domain_resources.append(d.id.apply(lambda n: n))
+        else:
+            # Add an Azure managed domain
+            d = azure.communication.Domain(
+                f"comms-email-domain-{suffix}-azure",
+                resource_group_name=self._rg,
+                location="global",
+                domain_management=azure.communication.DomainManagement.AZURE_MANAGED,
+                domain_name="AzureManagedDomain",
+                email_service_name=email_service.name,
+            )
+            domain_resources.append(d.id.apply(lambda n: n))
+
+        # Create Communication Services and link the domains
+        comm_service = azure.communication.CommunicationService(
+            f"comms-{suffix}",
+            resource_group_name=self._rg,
+            location="global",
+            data_location=data_location,
+            linked_domains=domain_resources,
+        )
+
+        return comm_service
+
     def _get_storage_account_access_keys(
         self, storage_account: azure.storage.StorageAccount
     ) -> Sequence[azure.storage.outputs.StorageAccountKeyResponse]:
@@ -394,6 +437,8 @@ class DjangoDeployment(pulumi.ComponentResource):
         website_hosts: list[str],
         django_settings_module: str,
         environment_variables: dict[str, str] = {},
+        comms_data_location: Optional[str] = None,
+        comms_domains: Optional[list[str]] = [],
     ) -> azure.web.WebApp:
         """
         Create a Django website with it's own database and storage containers.
@@ -405,6 +450,8 @@ class DjangoDeployment(pulumi.ComponentResource):
         :param website_hosts: The list of custom host names for the website.
         :param django_settings_module: The Django settings module to load.
         :param environment_variables: A dictionary of environment variables to set.
+        :param comms_data_location: The data location for the Communication Services (optional if you don't need it).
+        :param comms_domains: The list of custom domains for the E-mail Communication Services (optional).
         """
 
         # Create a database
@@ -433,6 +480,14 @@ class DjangoDeployment(pulumi.ComponentResource):
             container_name=f"{name}-static",
         )
 
+        # Communication Services (optional)
+        if comms_data_location:
+            comms = self._add_webapp_comms(comms_data_location, comms_domains, f"{name}-{self._name}")
+            # Add the domains as environment variable
+            environment_variables["AZURE_COMMUNICATION_SERVICE"] = comms.name
+        else:
+            comms = None
+
         # Create a Django Secret Key (random)
         secret_key = pulumi_random.RandomString(f"django-secret-{name}-{self._name}", length=50)
 
@@ -534,6 +589,24 @@ class DjangoDeployment(pulumi.ComponentResource):
             scope=self._storage_account.id,
         )
 
+        # Grant the app to send e-mails
+        if comms:
+            comms_role = comms.id.apply(
+                lambda scope: azure.authorization.get_role_definition(
+                    # Contributor
+                    role_definition_id="b24988ac-6180-42a0-ab88-20f7382dd24c",
+                    scope=scope,
+                )
+            )
+
+            azure.authorization.RoleAssignment(
+                f"ra-{name}-comms",
+                principal_id=principal_id,
+                principal_type=azure.authorization.PrincipalType.SERVICE_PRINCIPAL,
+                role_definition_id=comms_role.id,
+                scope=comms.id,
+            )
+
         # Create a CORS rules for this website
         if website_hosts:
             origins = [f"https://{host}" for host in website_hosts]

{pulumi_django_azure-1.0.4.dist-info → pulumi_django_azure-1.0.7.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: pulumi-django-azure
-Version: 1.0.4
+Version: 1.0.7
 Summary: Simply deployment of Django on Azure with Pulumi
 Author-email: Maarten Ureel <maarten@youreal.eu>
 License: MIT License
@@ -45,6 +45,7 @@ To have a proper and secure environment, we need these components:
 * Storage account for media and static files
 * CDN endpoint in front with a domain name of our choosing
 * PostgreSQL server
+* Azure Communication Services to send e-mails
 * Webapp with multiple custom host names and managed SSL for the website itself
 * Webapp running pgAdmin
 
@@ -101,6 +102,8 @@ django.add_django_website(
     repository_branch="main",
     website_hosts=["example.com", "www.example.com"],
     django_settings_module="mywebsite.settings.production",
+    comms_data_location="europe",
+    comms_domains=["mydomain.com"],
 )
 
 django.add_database_administrator(
@@ -120,6 +123,7 @@ django.add_database_administrator(
 6. Re-deploy with custom hosts
 7. Re-deploy once more to enable HTTPS on website domains
 8. Manually activate HTTPS on the CDN host
+9. Go to the e-mail communications service on Azure and configure DKIM, SPF,... for your custom domains.
 
 ## Custom domain name for CDN
 When deploying the first time, you will get a `cdn_cname` output. You need to create a CNAME to this domain before the deployment of the custom domain will succeed.

pulumi_django_azure-1.0.7.dist-info/RECORD

@@ -0,0 +1,7 @@
+pulumi_django_azure/__init__.py,sha256=tXTvPfr8-Nll5cjMyY9yj_0z_PQ0XAcxihzHRCES-hU,63
+pulumi_django_azure/django_deployment.py,sha256=jqDh1K1OnSvfxiSW0ZTJNGfwZ620C8y5KvPSF4vrCDg,26607
+pulumi_django_azure-1.0.7.dist-info/LICENSE,sha256=NX2LN3U319Zaac8b7ZgfNOco_nTBbN531X_M_13niSg,1087
+pulumi_django_azure-1.0.7.dist-info/METADATA,sha256=TYfdQP5kCTUpLibHrNu2rcEOwCBSlZ2BrLVRsI35eQo,8113
+pulumi_django_azure-1.0.7.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
+pulumi_django_azure-1.0.7.dist-info/top_level.txt,sha256=MNPRJhq-_G8EMCHRkjdcb_xrqzOkmKogXUGV7Ysz3g0,20
+pulumi_django_azure-1.0.7.dist-info/RECORD,,

{pulumi_django_azure-1.0.4.dist-info → pulumi_django_azure-1.0.7.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: bdist_wheel (0.42.0)
+Generator: bdist_wheel (0.43.0)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

pulumi_django_azure-1.0.4.dist-info/RECORD

@@ -1,7 +0,0 @@
-pulumi_django_azure/__init__.py,sha256=tXTvPfr8-Nll5cjMyY9yj_0z_PQ0XAcxihzHRCES-hU,63
-pulumi_django_azure/django_deployment.py,sha256=yvpOUkcHs37Mb2xTD6BqtB21opxTvFLQzRxMHXTK2aY,23410
-pulumi_django_azure-1.0.4.dist-info/LICENSE,sha256=NX2LN3U319Zaac8b7ZgfNOco_nTBbN531X_M_13niSg,1087
-pulumi_django_azure-1.0.4.dist-info/METADATA,sha256=25RH8tZL2LrhBjuYRngUcRArER9TiAorLEaCJulFhLA,7887
-pulumi_django_azure-1.0.4.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
-pulumi_django_azure-1.0.4.dist-info/top_level.txt,sha256=MNPRJhq-_G8EMCHRkjdcb_xrqzOkmKogXUGV7Ysz3g0,20
-pulumi_django_azure-1.0.4.dist-info/RECORD,,