diff --git a/README.md b/README.md index 719c615..861655a 100644 --- a/README.md +++ b/README.md @@ -193,4 +193,8 @@ You can use OpenSSL to display the content of each PEM certificate: Then ensure that the value matches the one in `elasticsearch.yml`. For more complete information on a certificate: -`openssl x509 -in admin.pem -text -noout` \ No newline at end of file +`openssl x509 -in admin.pem -text -noout` + +### NOSPC: no space left on device' while running the nodeJS in docker + +`sudo docker system prune -af` \ No newline at end of file diff --git a/doc/Dockerfile b/doc/Dockerfile new file mode 100644 index 0000000..9c133dc --- /dev/null +++ b/doc/Dockerfile @@ -0,0 +1,37 @@ +FROM node:latest + +RUN apt-get update && \ + apt-get install -y git \ + openssh-server + +RUN mkdir /var/run/sshd +EXPOSE 22 + +ARG SSH_KEY +ARG SSH_KEY_PASSPHRASE +RUN chmod go-w /root + +RUN mkdir -p /root/.ssh && \ + chmod 600 /root/.ssh + +RUN echo "$SSH_KEY" >> /root/.ssh/id_rsa && \ + echo "$SSH_KEY_PASSPHRASE" >> /root/.ssh/id_rsa.pub + +RUN chmod -R 600 /root/.ssh/id_rsa && \ + chmod -R 600 /root/.ssh/id_rsa.pub + +RUN ssh-keyscan -Ht rsa forgemia.inra.fr,147.100.164.13 >> ~/.ssh/known_hosts + +RUN mkdir /app/ + +WORKDIR /app/ + +RUN git clone git@forgemia.inra.fr:magnus.anatolius/in-sylva.doc.git + +RUN cd ./in-sylva.doc/website && yarn + +EXPOSE 3000 35729 + +WORKDIR /app/in-sylva.doc/website/ + +CMD ["yarn", "start"] diff --git a/doc/build.sh b/doc/build.sh new file mode 100644 index 0000000..e69de29 diff --git a/doc/run.sh b/doc/run.sh new file mode 100644 index 0000000..e69de29 diff --git a/docker-compose.yml b/docker-compose.yml index 088bf2a..7e9c775 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -235,7 +235,7 @@ services: REACT_APP_IN_SYLVA_KEYCLOAK_HOST: http://in-sylva.keycloak REACT_APP_IN_SYLVA_KEYCLOAK_PORT: 7000 ports: - - 3000:4000 + - 3000:3000 links: - gatekeeper - keycloak diff --git a/portal/.env b/portal/.env index 753a445..0e9346a 100644 --- a/portal/.env +++ b/portal/.env @@ -1,10 +1,5 @@ REACT_APP_IN_SYLVA_GATEKEEPER_HOST=/gatekeeper -REACT_APP_IN_SYLVA_GATEKEEPER_PORT=4000 - REACT_APP_IN_SYLVA_SOURCE_MANAGER_HOST=/source-manager -REACT_APP_IN_SYLVA_SOURCE_MANAGER_PORT=5000 - REACT_APP_IN_SYLVA_KEYCLOAK_HOST=/keycloak REACT_APP_IN_SYLVA_KEYCLOAK_PORT=7000 - REACT_APP_PORT=3000 \ No newline at end of file diff --git a/portal/build.sh b/portal/build.sh index 41d3d02..5d4ca3c 100644 --- a/portal/build.sh +++ b/portal/build.sh @@ -14,4 +14,4 @@ while [ "$1" != "" ]; do shift done # --no-cache -docker build --no-cache --build-arg SSH_KEY="$SSH_KEY" --build-arg SSH_KEY_PASSPHRASE="$SSH_KEY_PASSPHRASE" --tag in-sylva.portal . +docker build --build-arg SSH_KEY="$SSH_KEY" --build-arg SSH_KEY_PASSPHRASE="$SSH_KEY_PASSPHRASE" --tag in-sylva.portal . diff --git a/portal/env-config.js b/portal/env-config.js new file mode 100644 index 0000000..22979bf --- /dev/null +++ b/portal/env-config.js @@ -0,0 +1,7 @@ +window._env_ = { + REACT_APP_IN_SYLVA_GATEKEEPER_HOST: "/gatekeeper", + REACT_APP_IN_SYLVA_SOURCE_MANAGER_HOST: "/source-manager", + REACT_APP_IN_SYLVA_KEYCLOAK_HOST: "/keycloak", + REACT_APP_IN_SYLVA_KEYCLOAK_PORT: "7000", + REACT_APP_PORT: "3000", +} diff --git a/portal/nginx/nginx.conf b/portal/nginx/nginx.conf index 77bd0f3..4619085 100644 --- a/portal/nginx/nginx.conf +++ b/portal/nginx/nginx.conf @@ -17,7 +17,6 @@ server { include /etc/nginx/mime.types; listen 3000; listen [::]:3000; - listen [::]:7000; server_name _; access_log /var/log/nginx/host.access.log; @@ -49,7 +48,7 @@ server { location /keycloak/auth/ { proxy_pass http://backend_keycloak/keycloak/auth/; - + proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/search/.env b/search/.env new file mode 100644 index 0000000..753a445 --- /dev/null +++ b/search/.env @@ -0,0 +1,10 @@ +REACT_APP_IN_SYLVA_GATEKEEPER_HOST=/gatekeeper +REACT_APP_IN_SYLVA_GATEKEEPER_PORT=4000 + +REACT_APP_IN_SYLVA_SOURCE_MANAGER_HOST=/source-manager +REACT_APP_IN_SYLVA_SOURCE_MANAGER_PORT=5000 + +REACT_APP_IN_SYLVA_KEYCLOAK_HOST=/keycloak +REACT_APP_IN_SYLVA_KEYCLOAK_PORT=7000 + +REACT_APP_PORT=3000 \ No newline at end of file diff --git a/search/Dockerfile b/search/Dockerfile index b50472d..5a24ae7 100644 --- a/search/Dockerfile +++ b/search/Dockerfile @@ -1,5 +1,5 @@ # build environment -FROM node:latest as portal +FROM node:latest as search RUN apt-get update && \ apt-get install -y git \ @@ -41,12 +41,16 @@ RUN yarn build # production environment FROM nginx:latest -COPY --from=portal /app/in-sylva.search.app/build /usr/share/nginx/html +COPY --from=search /app/in-sylva.search.app/build /usr/share/nginx/html RUN rm /etc/nginx/conf.d/default.conf COPY nginx/nginx.conf /etc/nginx/conf.d +WORKDIR /usr/share/nginx/html +COPY ./env.sh . +COPY .env . + EXPOSE 3000 CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/search/build.sh b/search/build.sh index f3b23a8..42991a8 100644 --- a/search/build.sh +++ b/search/build.sh @@ -12,5 +12,6 @@ while [ "$1" != "" ]; do shift done -docker build --no-cache --build-arg SSH_KEY="$SSH_KEY" --build-arg SSH_KEY_PASSPHRASE="$SSH_KEY_PASSPHRASE" --tag in-sylva.search . +# --no-cache +docker build --build-arg SSH_KEY="$SSH_KEY" --build-arg SSH_KEY_PASSPHRASE="$SSH_KEY_PASSPHRASE" --tag in-sylva.search . diff --git a/search/env.sh b/search/env.sh new file mode 100644 index 0000000..73e1051 --- /dev/null +++ b/search/env.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +# Recreate config file +rm -rf ./env-config.js +touch ./env-config.js + +# Add assignment +echo "window._env_ = {" >> ./env-config.js + +# Read each line in .env file +# Each line represents key=value pairs +while read -r line || [[ -n "$line" ]]; +do + # Split env variables by character `=` + if printf '%s\n' "$line" | grep -q -e '='; then + varname=$(printf '%s\n' "$line" | sed -e 's/=.*//') + varvalue=$(printf '%s\n' "$line" | sed -e 's/^[^=]*=//') + fi + + # Read value of current variable if exists as Environment variable + value=$(printf '%s\n' "${!varname}") + # Otherwise use value from .env file + [[ -z $value ]] && value=${varvalue} + + # Append configuration property to JS file + echo " $varname: \"$value\"," >> ./env-config.js +done < .env + +echo "}" >> ./env-config.js \ No newline at end of file diff --git a/search/nginx/nginx.conf b/search/nginx/nginx.conf index 9a306bd..f5e6cf8 100644 --- a/search/nginx/nginx.conf +++ b/search/nginx/nginx.conf @@ -1,21 +1,97 @@ -server { +resolver 127.0.0.1 [::]; + +upstream backend_gatekeeper { + server gatekeeper:4000; +} + +upstream backend_keycloak { + server keycloak:7000; +} + +upstream backend_source_manager { + server source-manager:5000; +} + +server { + include /etc/nginx/mime.types; listen 3000; - listen 4000; - listen 5000; - listen 7000; + listen [::]:3000; + server_name _; + access_log /var/log/nginx/host.access.log; + error_log /var/log/nginx/host.error.log; + + root /usr/share/nginx/html; + index index.html index.htm; + + location /gatekeeper/ { + proxy_pass http://backend_gatekeeper/; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + location /keycloak/ { + proxy_pass http://backend_keycloak/; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Forwarded-Proto $scheme; + } + + location /keycloak/auth/ { + proxy_pass http://backend_keycloak/keycloak/auth/; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Forwarded-Proto $scheme; + } + + location /source-manager/ { + proxy_pass http://backend_source_manager/; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + location / { - root /usr/share/nginx/html; - index index.html index.htm; - try_files $uri $uri/ /index.html; - proxy_http_version 1.1; - proxy_set_header upgrade $http_upgrade; - proxy_set_header connection keep-alive; - proxy_set_header host $host; - proxy_cache_bypass $http_upgrade; - proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for; - proxy_set_header x-forwarded-proto $scheme; + root /usr/share/nginx/html; + index index.html; + autoindex on; + set $fallback_file /index.html; + if ($http_accept !~ text/html) { + set $fallback_file /null; + } + if ($uri ~ /$) { + set $fallback_file /null; + } + try_files $uri $fallback_file; + + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin: $http_origin'); + add_header 'Access-Control-Allow-Origin: GET, POST, DELETE, PUT, PATCH, OPTIONS'); + add_header 'Access-Control-Allow-Credentials: true'); + add_header 'Vary: Origin'); + + } + + add_header 'Access-Control-Allow-Origin' "$http_origin" always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, PATCH, DELETE, OPTIONS' always; + add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always; } error_page 500 502 503 504 /50x.html; @@ -23,5 +99,4 @@ server { location = /50x.html { root /usr/share/nginx/html; } - } \ No newline at end of file