diff --git a/.env.example b/.env.example index c57542a..8446aa7 100644 --- a/.env.example +++ b/.env.example @@ -1,5 +1,10 @@ # Generate rails credentials # Run `rails credentials:help` for instructions - RAILS_MASTER_KEY= -POSTGRES_PASSWORD= \ No newline at end of file + +# Will be used as the database password +POSTGRES_PASSWORD= + +# Set to the URL for the backend API. i.e. +# "ec2-instance-url.us-west-2.compute.amazon.com/graphql" +RAILS_API_URL="http://localhost:3001/graphql" \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index bac7ce8..0484af9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,8 +10,8 @@ services: POSTGRES_DB: bookworm_production POSTGRES_PASSWORD: $POSTGRES_PASSWORD healthcheck: - test: ["CMD-SHELL", "pg_isready -d bookworm_production -U postgres"] - interval: 30s + test: [ "CMD-SHELL", "pg_isready -d bookworm_production -U postgres" ] + interval: 10s timeout: 5s retries: 10 rails: @@ -27,40 +27,32 @@ services: DB_PASSWORD: $POSTGRES_PASSWORD RAILS_ENV: production healthcheck: - test: ["CMD-SHELL", "curl -d 'query{investigations {id name}}' -X POST http://localhost:3001/graphql || exit 1"] - interval: 30s + test: [ "CMD-SHELL", "curl -d 'query{investigations {id name}}' -X POST http://localhost:3001/graphql || exit 1" ] + interval: 10s timeout: 5s retries: 5 - ports: - - 3001:3001 - volumes: - - ./rails:/rails depends_on: db: - condition: - service_healthy + condition: service_healthy react: build: ./react container_name: bookworm-react env_file: .env environment: NODE_ENV: production - volumes: - - ./react:/react + RAILS_API_URL: $RAILS_API_URL ports: - - 3000:3000 + - 3000:80 healthcheck: - test: ["CMD-SHELL", "wget --no-verbose --spider --tries=1 localhost:3000 || exit 1"] - interval: 30s + test: [ "CMD-SHELL", "wget --no-verbose --spider --tries=1 localhost:3000 || exit 1" ] + interval: 10s timeout: 5s retries: 10 depends_on: db: - condition: - service_healthy + condition: service_healthy rails: - condition: - service_healthy + condition: service_healthy nginx: image: "nginx:latest" container_name: "bookworm-nginx" @@ -73,14 +65,12 @@ services: restart: unless-stopped depends_on: rails: - condition: - service_healthy + condition: service_healthy react: - condition: - service_healthy + condition: service_healthy volumes: postgres_data: {} networks: default: - name: bookworm \ No newline at end of file + name: bookworm diff --git a/nginx/conf.d/bookworm-ssl.conf b/nginx/conf.d/bookworm-ssl.conf index 0ff8374..e6680af 100644 --- a/nginx/conf.d/bookworm-ssl.conf +++ b/nginx/conf.d/bookworm-ssl.conf @@ -5,8 +5,29 @@ server { ssl_certificate /etc/ssl/certificate.pem; ssl_certificate_key /etc/ssl/key.pem; + location /graphql { + proxy_pass http://bookworm-rails:3001/graphql; + proxy_redirect default; + proxy_http_version 1.1; + + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_max_temp_file_size 0; + + #this is the maximum upload size + client_max_body_size 10m; + client_body_buffer_size 128k; + + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_request_buffering off; # Required for HTTP CLI commands + } + location / { - proxy_pass https://bookworm-react:3000; + proxy_pass http://bookworm-react:3000; proxy_redirect default; proxy_http_version 1.1; diff --git a/nginx/conf.d/bookworm.conf b/nginx/conf.d/bookworm.conf index 476a9eb..2205303 100644 --- a/nginx/conf.d/bookworm.conf +++ b/nginx/conf.d/bookworm.conf @@ -2,6 +2,26 @@ server { listen 80; server_name bookworm; + location /graphql { + proxy_pass http://bookworm-rails:3001/graphql; + proxy_redirect default; + proxy_http_version 1.1; + + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_max_temp_file_size 0; + + #this is the maximum upload size + client_max_body_size 10m; + client_body_buffer_size 128k; + + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_request_buffering off; # Required for HTTP CLI commands + } location / { proxy_pass http://bookworm-react:3000; proxy_redirect default; diff --git a/rails/config/environments/production.rb b/rails/config/environments/production.rb index 5cc7cc6..16e7017 100644 --- a/rails/config/environments/production.rb +++ b/rails/config/environments/production.rb @@ -41,11 +41,10 @@ # Assume all access to the app is happening through a SSL-terminating reverse proxy. # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. - # config.assume_ssl = true + config.assume_ssl = true # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - # config.force_ssl = true - config.force_ssl = false + config.force_ssl = true # Log to STDOUT by default config.logger = @@ -61,6 +60,7 @@ # information to avoid inadvertent exposure of personally identifiable information (PII). If you # want to log everything, set the level to "debug". config.log_level = ENV.fetch('RAILS_LOG_LEVEL', 'info') + # config.log_level = 'debug' # Use a different cache store in production. # config.cache_store = :mem_cache_store diff --git a/react/src/main.tsx b/react/src/main.tsx index eace657..bb4886a 100644 --- a/react/src/main.tsx +++ b/react/src/main.tsx @@ -17,7 +17,7 @@ import SignInPage from "./components/pages/SignInPage.tsx"; import { setContext } from "@apollo/client/link/context"; const httpLink = new HttpLink({ - uri: "http://localhost:3001/graphql", + uri: import.meta.env.RAILS_API_URL, // This probably needs to be the nginx address }); const authLink = setContext((_, { headers }) => {