From 342aa7632f6260226d64f5e4f0731f4af15b0c81 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Thu, 22 Aug 2024 16:11:49 +0000 Subject: [PATCH 1/4] Change nginx settings --- nginx/conf.d/bookworm-ssl.conf | 23 ++++++++++++++++++++++- nginx/conf.d/bookworm.conf | 20 ++++++++++++++++++++ 2 files changed, 42 insertions(+), 1 deletion(-) diff --git a/nginx/conf.d/bookworm-ssl.conf b/nginx/conf.d/bookworm-ssl.conf index 0ff8374..e6680af 100644 --- a/nginx/conf.d/bookworm-ssl.conf +++ b/nginx/conf.d/bookworm-ssl.conf @@ -5,8 +5,29 @@ server { ssl_certificate /etc/ssl/certificate.pem; ssl_certificate_key /etc/ssl/key.pem; + location /graphql { + proxy_pass http://bookworm-rails:3001/graphql; + proxy_redirect default; + proxy_http_version 1.1; + + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_max_temp_file_size 0; + + #this is the maximum upload size + client_max_body_size 10m; + client_body_buffer_size 128k; + + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_request_buffering off; # Required for HTTP CLI commands + } + location / { - proxy_pass https://bookworm-react:3000; + proxy_pass http://bookworm-react:3000; proxy_redirect default; proxy_http_version 1.1; diff --git a/nginx/conf.d/bookworm.conf b/nginx/conf.d/bookworm.conf index 476a9eb..2205303 100644 --- a/nginx/conf.d/bookworm.conf +++ b/nginx/conf.d/bookworm.conf @@ -2,6 +2,26 @@ server { listen 80; server_name bookworm; + location /graphql { + proxy_pass http://bookworm-rails:3001/graphql; + proxy_redirect default; + proxy_http_version 1.1; + + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_max_temp_file_size 0; + + #this is the maximum upload size + client_max_body_size 10m; + client_body_buffer_size 128k; + + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_request_buffering off; # Required for HTTP CLI commands + } location / { proxy_pass http://bookworm-react:3000; proxy_redirect default; From 0fba63a55af458dc84264e7e46b37f8062a3de9d Mon Sep 17 00:00:00 2001 From: Alex Boyd Date: Thu, 22 Aug 2024 16:12:56 +0000 Subject: [PATCH 2/4] Set SSL to on in production --- rails/config/environments/production.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/rails/config/environments/production.rb b/rails/config/environments/production.rb index 5cc7cc6..16e7017 100644 --- a/rails/config/environments/production.rb +++ b/rails/config/environments/production.rb @@ -41,11 +41,10 @@ # Assume all access to the app is happening through a SSL-terminating reverse proxy. # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. - # config.assume_ssl = true + config.assume_ssl = true # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - # config.force_ssl = true - config.force_ssl = false + config.force_ssl = true # Log to STDOUT by default config.logger = @@ -61,6 +60,7 @@ # information to avoid inadvertent exposure of personally identifiable information (PII). If you # want to log everything, set the level to "debug". config.log_level = ENV.fetch('RAILS_LOG_LEVEL', 'info') + # config.log_level = 'debug' # Use a different cache store in production. # config.cache_store = :mem_cache_store From 6224b6a38f2858e1ddb2eee1ab8aec7014d411aa Mon Sep 17 00:00:00 2001 From: Alex Boyd Date: Thu, 22 Aug 2024 16:14:21 +0000 Subject: [PATCH 3/4] Remove mapped volumes for react and rails folders --- docker-compose.yml | 35 ++++++++++++----------------------- 1 file changed, 12 insertions(+), 23 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index bac7ce8..52f8fed 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,8 +10,8 @@ services: POSTGRES_DB: bookworm_production POSTGRES_PASSWORD: $POSTGRES_PASSWORD healthcheck: - test: ["CMD-SHELL", "pg_isready -d bookworm_production -U postgres"] - interval: 30s + test: [ "CMD-SHELL", "pg_isready -d bookworm_production -U postgres" ] + interval: 10s timeout: 5s retries: 10 rails: @@ -27,40 +27,31 @@ services: DB_PASSWORD: $POSTGRES_PASSWORD RAILS_ENV: production healthcheck: - test: ["CMD-SHELL", "curl -d 'query{investigations {id name}}' -X POST http://localhost:3001/graphql || exit 1"] - interval: 30s + test: [ "CMD-SHELL", "curl -d 'query{investigations {id name}}' -X POST http://localhost:3001/graphql || exit 1" ] + interval: 10s timeout: 5s retries: 5 - ports: - - 3001:3001 - volumes: - - ./rails:/rails depends_on: db: - condition: - service_healthy + condition: service_healthy react: build: ./react container_name: bookworm-react env_file: .env environment: NODE_ENV: production - volumes: - - ./react:/react ports: - 3000:3000 healthcheck: - test: ["CMD-SHELL", "wget --no-verbose --spider --tries=1 localhost:3000 || exit 1"] - interval: 30s + test: [ "CMD-SHELL", "wget --no-verbose --spider --tries=1 localhost:3000 || exit 1" ] + interval: 10s timeout: 5s retries: 10 depends_on: db: - condition: - service_healthy + condition: service_healthy rails: - condition: - service_healthy + condition: service_healthy nginx: image: "nginx:latest" container_name: "bookworm-nginx" @@ -73,14 +64,12 @@ services: restart: unless-stopped depends_on: rails: - condition: - service_healthy + condition: service_healthy react: - condition: - service_healthy + condition: service_healthy volumes: postgres_data: {} networks: default: - name: bookworm \ No newline at end of file + name: bookworm From f81d783d23d95515677d7ed6ae9903c558726396 Mon Sep 17 00:00:00 2001 From: Alex Boyd Date: Thu, 22 Aug 2024 16:35:28 +0000 Subject: [PATCH 4/4] Set react httpLink through env variable --- .env.example | 9 +++++++-- docker-compose.yml | 3 ++- react/src/main.tsx | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.env.example b/.env.example index c57542a..8446aa7 100644 --- a/.env.example +++ b/.env.example @@ -1,5 +1,10 @@ # Generate rails credentials # Run `rails credentials:help` for instructions - RAILS_MASTER_KEY= -POSTGRES_PASSWORD= \ No newline at end of file + +# Will be used as the database password +POSTGRES_PASSWORD= + +# Set to the URL for the backend API. i.e. +# "ec2-instance-url.us-west-2.compute.amazon.com/graphql" +RAILS_API_URL="http://localhost:3001/graphql" \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 52f8fed..0484af9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -40,8 +40,9 @@ services: env_file: .env environment: NODE_ENV: production + RAILS_API_URL: $RAILS_API_URL ports: - - 3000:3000 + - 3000:80 healthcheck: test: [ "CMD-SHELL", "wget --no-verbose --spider --tries=1 localhost:3000 || exit 1" ] interval: 10s diff --git a/react/src/main.tsx b/react/src/main.tsx index eace657..bb4886a 100644 --- a/react/src/main.tsx +++ b/react/src/main.tsx @@ -17,7 +17,7 @@ import SignInPage from "./components/pages/SignInPage.tsx"; import { setContext } from "@apollo/client/link/context"; const httpLink = new HttpLink({ - uri: "http://localhost:3001/graphql", + uri: import.meta.env.RAILS_API_URL, // This probably needs to be the nginx address }); const authLink = setContext((_, { headers }) => {