How to make changes on a productive Django website?


amongst other internet resources I want to thank Vito for the great tutorial series. With help of his tutorial I have successfully setup a django website on a server running on my old banana pi. First as a test, but now it is working fine over a year.
Django is running on a nginx Server with gunicorn and postgresql database. But now I want to add some small features (for this I must install additional django packages and add some models,…).

Now my question: Amongst stopping nginx, do I have to stop gunicorn, start the virtualenvironment (source env/bin/acitvate) and the django development server ( runserver) and change in the DEBUG from False to True to get detailed output. After I have made the changes successfully, stop the virtualenvironment / django development server, change DEBUG to False and start again nginx and gunicorn?
It would be nice, if someone has an answere - I don’t want to crash the whole thing ;O)

Sorry, maybe the question is trivial, but I have searched for hours in the web without success…


I use apache, but I assume it’s very similar. Activate the virtual environment, make your changes, make migrations, restart the web server. The migrations are the most dangerous part in production. If you cause a migration mishap in production you can’t simply wipe the database and clear migrations like in development. If something goes awry after you start the web server you will be redirected to the nginx 500 page. In this case- turn debug on to see what’s happening, fix it, then restart the web server again.

Good practice is to have a development server where you load your production database, migrations and such. Now stage all your changes in the development server. If you made your changes and all migrations ran smoothly- do the same on the production server. Your development server can be your laptop if necessary. Doing it this way avoids the need to turn on debug=True if someone goes wrong during pushing untested code to prod. The same way debug=True will allow you to see where your code failed- it will allow a potentially malicious user to gain insight into what your site is doing on the backend.