added backend proxy and automatic https SSL

GeneralMagicio · Aug 13, 2024 · edc58c7 · edc58c7
1 parent cacbda6
commit edc58c7
Show file tree

Hide file tree

Showing 5 changed files with 46 additions and 5 deletions.
diff --git a/.caddy.env.template b/.caddy.env.template
@@ -0,0 +1,2 @@
+MY_URL="https://mydomain.com"
+IP_WHITELIST="0.0.0.0/0"
diff --git a/.github/workflows/staging-pipeline.yml b/.github/workflows/staging-pipeline.yml
@@ -159,7 +159,6 @@ jobs:
             cd QAcc-BE
             git checkout staging
             git pull
-            docker compose -f docker-compose-staging.yml stop qacc-be
-            docker compose -f docker-compose-staging.yml pull qacc-be
-            docker compose -f docker-compose-staging.yml up -d
+            docker compose -f docker-compose-staging.yml build --no-cache
+            docker compose -f docker-compose-staging.yml up -d --build
             docker image prune -a --force
diff --git a/.gitignore b/.gitignore
@@ -34,3 +34,4 @@ src/scripts/*.json
 ./src/server/adminJs/adminjs
 
 .DS_Store
+.caddy.env
diff --git a/Caddyfile b/Caddyfile
@@ -0,0 +1,10 @@
+{$MY_URL} {
+    route {
+        @allowed {
+            path /*
+            remote_ip {$IP_WHITELIST}
+        }
+        reverse_proxy @allowed qacc-be:4000
+        respond 403
+    }
+}
diff --git a/docker-compose-staging.yml b/docker-compose-staging.yml
@@ -1,7 +1,8 @@
 services:
   qacc-be:
     container_name: qacc-be
-    image: ghcr.io/generalmagicio/qacc-be:staging
+    build: .
+    #image: ghcr.io/generalmagicio/qacc-be:staging
     command: npm run start:docker:server
     environment:
       - ENVIRONMENT=production
@@ -11,6 +12,8 @@ services:
       - ./config:/usr/src/app/config
       - ./config:/usr/src/app/build/config
       - ./logs:/usr/src/app/logs
+    networks:
+      - qacc
     ports:
       - "4001:4000"
 
@@ -22,8 +25,34 @@ services:
     restart: always
     volumes:
       - redis-data:/data
+    networks:
+      - qacc
     ports:
       - "6379:6379"
 
+  caddy:
+    image: caddy:2-alpine
+    container_name: caddy
+    restart: unless-stopped
+    networks:
+      - qacc
+    ports:
+      - 80:80
+      - 443:443
+    env_file:
+      - .caddy.env
+    environment:
+      MY_URL=${MY_URL:-}
+      IP_WHITELIST=${IP_WHITELIST:-}
+    volumes:
+      - caddy_data:/data
+      - caddy_config:/config
+      - ./Caddyfile:/etc/caddy/Caddyfile
+
 volumes:
-  redis-data:
+  redis-data:
+  caddy_config:
+  caddy_data:
+
+networks:
+  qacc:
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		MY_URL="https://mydomain.com"
		IP_WHITELIST="0.0.0.0/0"
Original file line number	Diff line number	Diff line change
Expand Up		@@ -34,3 +34,4 @@ src/scripts/*.json
		./src/server/adminJs/adminjs

		.DS_Store
		.caddy.env