Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Nginx quality of life #2611

Merged
merged 4 commits into from
Dec 18, 2023
Merged

Nginx quality of life #2611

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
77dfa73
feat: introduce upstream in location; add custom 502 page
sirtawast Jun 30, 2023
6d5412c
feat: run benefit with backend only
sirtawast Jun 30, 2023
4b68a7c
feat: add env var to run next build using HTTPS without proxy
sirtawast Jun 30, 2023
d81cd40
feat: add possibility to use custom certs
sirtawast Dec 15, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
65 changes: 65 additions & 0 deletions compose.benefit-backend.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
version: "3.8"
name: yjdh-benefit
services:
postgres:
build:
context: ./backend
dockerfile: ./docker/finnish_postgres.Dockerfile
restart: on-failure
environment:
POSTGRES_USER: benefit
POSTGRES_PASSWORD: benefit
POSTGRES_DB: benefit
LC_COLLATE: "fi_FI.UTF-8"
LC_CTYPE: "fi_FI.UTF-8"
ports:
- 5434:5432
volumes:
- pgdata:/var/lib/postgresql/data
container_name: benefit-db

backend:
build:
context: ./backend
dockerfile: ./docker/benefit.Dockerfile
target: development
env_file:
- .env.benefit-backend
environment:
DATABASE_URL: postgres://benefit:benefit@benefit-db/benefit
DATABASE_HOST: benefit-db.helsinki
volumes:
- ./backend/benefit:/app
- ./backend/shared:/shared
depends_on:
- postgres
container_name: benefit-backend

local-proxy:
depends_on:
- postgres
- backend
build:
context: ./localdevelopment/benefit/nginx
container_name: benefit-local-proxy
volumes:
- ./localdevelopment/benefit/nginx/:/etc/nginx/
ports:
- 127.0.0.1:8000:8000

mailhog:
image: "mailhog/mailhog@sha256:8d76a3d4ffa32a3661311944007a415332c4bb855657f4f6c57996405c009bea"
ports:
- 1025:1025
- 8025:8025
container_name: benefit-mailhog
networks:
- default

volumes:
pgdata:
driver: local

networks:
default:
name: helsinki
1 change: 1 addition & 0 deletions frontend/benefit/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
certificates/
25 changes: 23 additions & 2 deletions frontend/shared/src/server/next-server.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
const express = require('express');
const next = require('next');

const https = require('https');
const fs = require('fs');
const port = process.env.PORT || 3000;
const app = next({ dev: process.env.NODE_ENV !== 'production' });
const handle = app.getRequestHandler();
Expand Down Expand Up @@ -41,7 +42,27 @@ const checkIsServerReady = (response) => {

server.get('*', (req, res) => handle(req, res));

await server.listen(port);
if (process.env.NEXT_SERVE_WITH_CUSTOM_CERTS) {
let options;
try {
options = {
key: fs.readFileSync(
process.cwd() + '/../../shared/src/server/localhost.key'
),
cert: fs.readFileSync(
process.cwd() + '/../../shared/src/server/localhost.crt'
),
};
} catch (e) {
console.error(
'No certificate file(s) found. Copy it from the local-proxy container.'
);
return;
}
https.createServer(options, server).listen(port);
} else {
await server.listen(port);
}
signalReady();
console.log(`> Ready on https://localhost:${port}`); // eslint-disable-line no-console
})();
56 changes: 56 additions & 0 deletions localdevelopment/benefit/nginx/html/500.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Error 502</title>
</head>
<body>
<style>
body {
padding: 24px;
text-align: center;
font-family: system-ui, -apple-system, BlinkMacSystemFont,
"Segoe UI", Roboto, Oxygen, Ubuntu, Cantarell, "Open Sans",
"Helvetica Neue", sans-serif;
}
h1 {
line-height: 1;
}

svg {
max-width: 100px;
}
</style>
<svg
viewBox="0 0 78 36"
title="Helsingin kaupunki"
role="img"
xmlns="http://www.w3.org/2000/svg"
class="Logo-module_logo__Y2mwP Logo-module_medium__1zyWm"
>
<path
d="M75.753 2.251v20.7c0 3.95-3.275 7.178-7.31 7.178h-22.26c-2.674 0-5.205.96-7.183 2.739a10.749 10.749 0 00-7.183-2.74H9.509c-4.003 0-7.247-3.21-7.247-7.177V2.25h73.491zM40.187 34.835a8.47 8.47 0 016.012-2.471h22.245c5.268 0 9.556-4.219 9.556-9.413V0H0v22.935c0 5.194 4.256 9.413 9.509 9.413h22.308c2.263 0 4.398.882 6.012 2.471L39.016 36l1.17-1.165z"
fill="currentColor"
></path>
<path
d="M67.522 11.676c0 .681-.556 1.177-1.255 1.177-.7 0-1.255-.496-1.255-1.177 0-.682.556-1.178 1.255-1.178.7-.03 1.255.465 1.255 1.178zm-2.352 9.622h2.178v-7.546H65.17v7.546zm-3.909-4.556l2.845 4.556h-2.368l-1.907-3.022-1.033 1.271v1.75h-2.161V10.453h2.16v5.004c0 .93-.11 1.86-.11 1.86h.047s.509-.821.938-1.41l1.653-2.154h2.542l-2.606 2.99zm-6.817-.278c0-1.875-.938-2.898-2.432-2.898-1.271 0-1.939.728-2.32 1.426h-.048l.112-1.24h-2.162v7.546h2.162V16.82c0-.868.524-1.472 1.335-1.472.81 0 1.16.527 1.16 1.534v4.416h2.177l.016-4.834zm-8.931-4.788c0 .681-.557 1.177-1.256 1.177-.7 0-1.255-.496-1.255-1.177 0-.682.556-1.178 1.255-1.178.715-.03 1.256.465 1.256 1.178zm-2.352 9.622h2.177v-7.546H43.16v7.546zm-3.75-2.107c0-.605-.859-.729-1.86-1.008-1.16-.294-2.622-.867-2.622-2.308 0-1.426 1.398-2.324 3.051-2.324 1.541 0 2.956.712 3.544 1.72l-1.86 1.022c-.19-.666-.762-1.193-1.62-1.193-.557 0-1.018.232-1.018.682 0 .573 1.018.635 2.162.991 1.208.372 2.32.915 2.32 2.294 0 1.518-1.446 2.417-3.115 2.417-1.811 0-3.242-.744-3.877-1.952l1.89-1.039c.24.822.922 1.441 1.955 1.441.62 0 1.05-.248 1.05-.743zm-6.882-8.677h-2.177v8.692c0 .775.175 1.348.509 1.705.35.356.89.526 1.636.526.255 0 .525-.03.78-.077.27-.062.476-.14.65-.233l.191-1.425a2.07 2.07 0 01-.46.124c-.128.03-.287.03-.461.03-.286 0-.414-.077-.509-.216-.111-.14-.159-.387-.159-.744v-8.382zm-7.246 4.57c-.795 0-1.446.558-1.621 1.581h3.05c.017-.899-.587-1.58-1.43-1.58zm3.353 3.007H23.63c.095 1.224.794 1.828 1.7 1.828.81 0 1.367-.527 1.494-1.24l1.828 1.007c-.54.961-1.7 1.798-3.322 1.798-2.16 0-3.75-1.472-3.75-3.951 0-2.464 1.62-3.951 3.703-3.951 2.081 0 3.464 1.44 3.464 3.486-.016.604-.111 1.023-.111 1.023zm-11.077 3.207h2.257V10.916h-2.257v4.107h-4.243v-4.091H11.06v10.366h2.256v-4.292h4.243v4.292z"
fill="currentColor"
></path>
</svg>
<h1>ERROR 502</h1>
<h2>Waiting for web server, reloading in <span>5</span> ...</h2>
<script>
var time = [4, 3, 2, 1, 0];
var i = 0;
var interval = setInterval(function () {
if (i < time.length) {
document.querySelector("span").innerHTML = time[i];
i++;
} else {
clearInterval(interval);
window.location.reload(true);
}
}, 1000);
</script>
</body>
</html>
41 changes: 35 additions & 6 deletions localdevelopment/benefit/nginx/nginx.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,21 +4,31 @@ http {
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_send_timeout 300;
resolver 127.0.0.11 valid=30s;

server {
listen 8000 ssl;
server_name localhost;
ssl_certificate localhost.crt;
ssl_certificate_key localhost.key;
client_max_body_size 20M;

# Redirect http requests to https
error_page 497 https://$host:$server_port$request_uri;
client_max_body_size 20M;
error_page 502 503 /500.html;

location = /500.html {
root /etc/nginx/html;
internal;
}
location / {
set $upstream_backend backend:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_pass http://backend:8000;
proxy_pass http://$upstream_backend;
}
}
server {
Expand All @@ -28,21 +38,28 @@ http {
ssl_certificate_key localhost.key;
client_max_body_size 20M;
error_page 497 302 =307 https://$host:$server_port$request_uri;
error_page 502 503 /500.html;

location = /500.html {
root /etc/nginx/html;
internal;
}
# https://github.com/vercel/next.js/issues/30491#issuecomment-962835174
location /_next/webpack-hmr {
proxy_pass http://applicant:3000/_next/webpack-hmr;
set $upstream_applicant applicant:3000;
proxy_pass http://$upstream_applicant/_next/webpack-hmr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location / {
set $upstream_applicant applicant:3000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_pass http://applicant:3000;
proxy_pass http://$upstream_applicant;
}
}
server {
Expand All @@ -52,21 +69,33 @@ http {
ssl_certificate_key localhost.key;
client_max_body_size 20M;
error_page 497 302 =307 https://$host:$server_port$request_uri;
error_page 502 503 /500.html;

location = /500.html {
root /etc/nginx/html;
internal;
}

# https://github.com/vercel/next.js/issues/30491#issuecomment-962835174
location /_next/webpack-hmr {
proxy_pass http://handler:3100/_next/webpack-hmr;
set $upstream_handler handler:3100;
proxy_pass http://$upstream_handler/_next/webpack-hmr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location / {
set $upstream_handler handler:3100;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_pass http://handler:3100;
proxy_pass http://$upstream_handler;
}
}

error_page 404 /custom_404.html;


}
Loading