This project started as a homelab project to learn DevOps skills.
With a solid grasp of Python, Docker, Terraform, AWS, and CI/CD secured, we realized the next few steps would require deploying actual software. We could have grabbed something generic, made a hello world app, like we'd been doing to learn the above tools. But instead decided to just build out something related to our current favorite hobby: Securities analysis. We had grown tired of bouncing between multiple websites, trying to piece together data we were interested in finding. So it was the solution to both our personal project and our hobby, "Why don't we just build what we're looking for?"
We went down the rabbit hole of financial markets, trying to find data sources with an affordable price tag. Celebrated upon finding EDGAR. After a few months of hacking together something functional, it was back to the DevOps side of things, getting ready to deploy version 0.1.0 of this thing.
Python 3.10.12: Data cleaning done with Pandas library, coffee, sweat, tears, ecstatic joy each week as new learning hurdles were overcome Django 4.2.1, gunicorn as WSGI talks to NGINX which is serving as both webserver and reverse proxy SQLite internal DB for now, chosen for simplicity and lack of user I/O, authentication, quick prototyping. Migration to PostgreSQL later if authentication is needed might be considered. SEC's EDGAR API to source all data via requests library Github Actions as both CI and CD at this time. Bypasses a Docker Hub altogether via images built on the runner and SCP'd as tarballs to target instance(s) Both Django and NGINX are running in their own Docker containers, orchestrated by Docker-Compose on... AWS Lightsail for hosting. Cheap hosting option until migration due to scaling reasons becomes necessary. Vanilla HTML and CSS is the only 'secret sauce' running the front end at this point. NGINX serves the static files, Django populates them with data, all built using Django Templating.
The Django admin page is completely disabled. A version of the Django secret key is in earlier repo versions, making Django Forms a security compromised Python tool until revisions are made that store said key in a secrets vault at a later date. However, there is no sensitive data in the database and data tampering is nearly impossible. Even if the data were able to be accessed nefariously, we have backups, no sensitive data is present, and for much less of a hacking headache the data therein is already much more easily accessible via the EDGAR API link above. The juice is most definitely not worth the squeeze unless Django has a bug bounty out, in which case you're legally required to split the cash prize with us, the victim. :-p
If future versions of the website require login authentication, or the storing of any sensitive data like names, addresses, payment info, user passwords, anything at all, a complete overhaul of this app's security would be necessary. Django secret keys would be stored in a secrets vault, or in a .env file to be deployed and 'installed' as environment variables, properly securing the whole thing.
The UI consists solely of Django Templating: HTML + CSS + unholy amounts of time for our data analysts and backend engineers to figure out how frontend stuff works.
Future versions of the site, if a UI revamp is necessary due to increased traffic attention, will include the building of an API with Django Rest Framework, and most likely a proper React or Angular frontend built out. This was avoided at first to cut down production time for version 0.1.0.
Server costs only go up from this point on. As we upgrade the UI, migrate to better architecture as needed, that all increases daily costs on our end.
If you have found value in the site, and find yourself in a place to 'donate to the cause', you can find the ability to do so below.
Thank you for your patronage and support in keeping this project alive!