Merge pull request #1815 from rodekruis/build.nginx-2

build: remove nginx from docker compose

README.md

@@ -69,7 +69,7 @@ are connected to a database-server). For setting up a fully working version of t
 
 1. Load initial raster data
 
-- Get the file `raster-files.zip` from [this folder](https://rodekruis.sharepoint.com/sites/510-CRAVK-510/Gedeelde%20%20documenten/Forms/AllItems.aspx?id=%2Fsites%2F510%2DCRAVK%2D510%2FGedeelde%20%20documenten%2FIBF%20%2D%20System%2FIBF%20Portal%20Production%20Data&viewid=6b2bb429%2D8ac9%2D4abb%2D9d81%2D08c846f72f9b).
+- Download [raster-files.zip](https://510ibfsystem.blob.core.windows.net/rasters/raster-files.zip)
 - Unzip it in `services/API-service/geoserver-volume/raster-files` folder, such that that folder now has subfolders:
   - `input`-folder: static raster files that are served through 'geoserver' to the 'IBF-dashboard'
   - `mock-output`-foldermock output raster files that are used by the mock-endpoint (see below)

docker-compose.ci.yml

@@ -1,4 +1,15 @@
 services:
+  nginx:
+    image: nginx
+    ports:
+      - 8080:80
+    volumes:
+      - ./tools/nginx.conf:/etc/nginx/conf.d/default.conf
+      - ./interfaces/IBF-dashboard/www/browser:/var/www/ibf-dashboard
+    networks:
+      - api-network
+    restart: unless-stopped
+
   ibf-api-service:
     command: ['npm', 'run', 'start:dev']
     environment:
@@ -7,19 +18,12 @@ services:
       - GEOSERVER_ADMIN_PASSWORD=${GEOSERVER_ADMIN_PASSWORD}
     ports:
       - ${LOCAL_PORT_IBF_SERVICE}:3000
+    volumes: !override
+      - ibf-api-service-node-modules:/home/ibf/api-service/node_modules
     depends_on:
       - ibf-local-db
     networks:
-      - web-server-network
       - api-network
-    user: root
-
-  ibf-dashboard:
-    entrypoint: ['echo', 'Service ibf-dashboard disabled']
-
-  ibf-geoserver:
-    ports:
-      - 8081:8080
 
   ibf-local-db:
     image: postgis/postgis
@@ -28,14 +32,9 @@ services:
       - POSTGRES_PASSWORD=${DB_PASSWORD}
       - POSTGRES_DB=${DB_DATABASE}
     volumes:
-      - ./database/init.sql:/docker-entrypoint-initdb.d/init.sql
-      # - ibf-local-db-data:/var/lib/postgresql/data
+      - ./tools/db-init.sql:/docker-entrypoint-initdb.d/init.sql
     ports:
       - 5437:5432
     networks:
       - api-network
     restart: unless-stopped
-
-# volumes:
-#   ibf-local-db-data:
-#   api_service_node_modules:

docker-compose.override.yml

@@ -1,4 +1,15 @@
 services:
+  nginx:
+    image: nginx
+    ports:
+      - 8080:80
+    volumes:
+      - ./tools/nginx.conf:/etc/nginx/conf.d/default.conf
+      - ./interfaces/IBF-dashboard/www/browser:/var/www/ibf-dashboard
+    networks:
+      - api-network
+    restart: unless-stopped
+
   ibf-api-service:
     command: ['npm', 'run', 'start:dev']
     environment:
@@ -10,15 +21,10 @@ services:
     depends_on:
       - ibf-local-db
     networks:
-      - web-server-network
       - api-network
 
   ibf-dashboard:
-    entrypoint: ['echo', 'Service ibf-dashboard disabled']
-
-  ibf-geoserver:
-    ports:
-      - 8081:8080
+    entrypoint: ['echo', 'ibf-dashboard is disabled']
 
   ibf-local-db:
     image: postgis/postgis
@@ -27,7 +33,7 @@ services:
       - POSTGRES_PASSWORD=${DB_PASSWORD}
       - POSTGRES_DB=${DB_DATABASE}
     volumes:
-      - ./database/init.sql:/docker-entrypoint-initdb.d/init.sql
+      - ./tools/db-init.sql:/docker-entrypoint-initdb.d/init.sql
       - ibf-local-db-data:/var/lib/postgresql/data
     ports:
       - 5437:5432
@@ -37,4 +43,5 @@ services:
 
 volumes:
   ibf-local-db-data:
-  api_service_node_modules:
+  ibf-api-service-node-modules:
+  ibf-dashboard-node-modules:

docker-compose.yml

@@ -1,21 +1,4 @@
 services:
-  nginx:
-    image: staticfloat/nginx-certbot
-    ports:
-      - 80:80
-      - 443:443
-    environment:
-      CERTBOT_EMAIL: ${CERTBOT_EMAIL}
-      ENVSUBST_VARS: FQDN
-      FQDN: ${FQDN}
-    volumes:
-      - ./nginx/conf.d:/etc/nginx/user.conf.d
-      - ibf-dashboard-root:/var/www/ibf-dashboard
-      - ./nginx/letsencrypt:/etc/letsencrypt
-    networks:
-      web-server-network:
-    restart: unless-stopped
-
   ibf-api-service:
     container_name: ibf-api-service
     build:
@@ -47,11 +30,12 @@ services:
       - EXTERNAL_API_SERVICE_URL=${EXTERNAL_API_SERVICE_URL}
       - TWILIO_WHATSAPP_NUMBER=${TWILIO_WHATSAPP_NUMBER}
       - API_SERVICE_URL=${API_SERVICE_URL}
+    ports:
+      - 3000:3000
     volumes:
-      - 'api_service_node_modules:/home/ibf/api-service/node_modules'
+      - ibf-api-service-node-modules:/home/ibf/api-service/node_modules
       - ./services/API-service:/home/ibf/api-service
     networks:
-      web-server-network:
       api-network:
     restart: unless-stopped
 
@@ -83,31 +67,29 @@ services:
       - SUPPORT_EMAIL_ADDRESS=${SUPPORT_EMAIL_ADDRESS}
       - WHATS_NEW_URL=${WHATS_NEW_URL}
     volumes:
-      - ibf-dashboard-root:/home/node/app/www/browser
-    networks:
-      web-server-network:
+      - ibf-dashboard-node-modules:/home/node/app/node_modules
+      - ./interfaces/IBF-dashboard/www:/home/node/app/_www
 
   ibf-geoserver:
     container_name: ibf-geoserver
     image: kartoza/geoserver:2.19.2
     environment:
       - GEOSERVER_ADMIN_PASSWORD=${GEOSERVER_ADMIN_PASSWORD}
       - JAVA_OPTS="-DALLOW_ENV_PARAMETRIZATION=true"
+    ports:
+      - 8081:8080
     volumes:
       - ./services/API-service/geoserver-volume/raster-files:/opt/geoserver/data_dir/workspaces/ibf-system/ibf-pipeline
       - ./services/API-service/geoserver-volume/geoserver-layers:/opt/geoserver/data_dir/workspaces/ibf-system
       - ./.env:/opt/geoserver/data_dir/geoserver-environment.properties
     networks:
-      web-server-network:
       api-network:
     restart: unless-stopped
 
 volumes:
-  ibf-dashboard-root:
-  api_service_node_modules:
+  ibf-api-service-node-modules:
+  ibf-dashboard-node-modules:
 
 networks:
-  web-server-network:
-    driver: bridge
   api-network:
     driver: bridge

docs/VM_SETUP.md

@@ -24,7 +24,7 @@
          `touch /home/ibf-user`
    6. Open `/etc/sudoers` with `sudo nano /etc/sudoers` and add these lines
 
-   ```jsx
+   ```console
    # Allow members of group ibf-users to execute systemctl daemon-reload
    %ibf-users ALL=NOPASSWD: /bin/systemctl daemon-reload
 
@@ -33,17 +33,19 @@
    ```
 
 2. Install Software
-   1. NodeJS
-      [Source](https://github.com/nodesource/distributions/blob/master/README.md#installation-instructions)
-      1. Follow instructions in Source for Node 16
-      2. Verification - `node -v`
-   2. Docker [Source](https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository)
-      1. Follow instructions in Source all th
-      2. Verification - `docker -v`
-      3. Allow users to access docker commands
-         1. `sudo usermod -aG docker <username>`
-         2. Verification - `grep docker /etc/group`
+
+   1. [Install NodeJS](https://github.com/nodesource/distributions/blob/master/README.md#installation-instructions)
+      - `node -v` to verify
+   2. [Install Docker](https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository)
+      - `docker -v` to verify
+      - `sudo usermod -aG docker <username>` to allow users to access docker commands
+      - `grep docker /etc/group` to verify group members
+      - `sudo chmod 660 /var/run/docker.sock` to give group members access to docker socket
+   3. [Install Nginx](https://nginx.org/en/linux_packages.html#Ubuntu)
+      - `nginx -v` to verify
+
 3. Setup IBF-system
+
    1. `cd /home/ibf-user`
    2. `git clone https://github.com/rodekruis/IBF-system.git`
    3. `cd /home/ibf-user/IBF-system`
@@ -54,33 +56,46 @@
       [Source](https://stackoverflow.com/a/6448326/1753041)
    6. `sudo chmod -R g+rwX /home/ibf-user/IBF-system`
       [Source](https://stackoverflow.com/a/6448326/1753041)
-   7. Setup Environment Variables
+   7. Create build folder
+      - `mkdir /home/ibf-user/IBF-system/interfaces/IBF-dashboard/www`
+      - `chown azureuser:ibf-users /home/ibf-user/IBF-system/interfaces/IBF-dashboard/www`
+      - `chmod 775 /home/ibf-user/IBF-system/interfaces/IBF-dashboard/www`
+   8. Setup Environment Variables
       1. Create `/home/ibf-user/IBF-system/.env`
          1. `cp /home/ibf-user/IBF-system/example.env /home/ibf-user/IBF-system/.env`
          2. Set the appropriate values in the `.env` file
          3. Load the `.env` vars by `source /home/ibf-user/IBF-system/.env`
          4. Test if the vars were loaded correctly `echo $NODE_ENV`
-   8. Load certificate: load `DigiCertGlobalRootCA.crt.pem` in `services/API-service/cert` for connection to Azure Postgres server (if applicable)
-   9. `. tools/deploy.sh`
+   9. Load certificate: load `DigiCertGlobalRootCA.crt.pem` in `services/API-service/cert` for connection to Azure Postgres server (if applicable)
+   10. Configure Nginx
+       - `cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.backup`
+       - `cp tools/nginx.conf /etc/nginx/conf.d/default.conf`
+       - Change `root`, `server_name`, and `proxy_pass` values in `/etc/nginx/conf.d/default.conf`
+       - Set `user` directive to `azureuser` in `/etc/nginx/nginx.conf`
+       - `service nginx restart` to restart nginx with new configuration
+       - `systemctl enable nginx` to start nginx on VM reboot
+       - `service nginx status` to verify
+   11. `source tools/deploy.sh`
+
 4. Load base data
 
    1. Load Geoserver source data
-      1. Download
-         [raster-files.zip](https://rodekruis.sharepoint.com/sites/510-CRAVK-510/_layouts/15/guestaccess.aspx?folderid=0fa454e6dc0024dbdba7a178655bdc216&authkey=AcqhM85JHZY8cc6H7BTKgO0&expiration=2021-08-27T22%3A00%3A00.000Z&e=MnocDf)
+      1. Download [raster-files.zip](https://510ibfsystem.blob.core.windows.net/rasters/raster-files.zip)
       2. Unzip the files using `apt install unzip` and `unzip raster-files.zip`, into `services/API-service/geoserver-volume/raster-files/`
    2. Seed database: `docker compose exec ibf-api-service npm run seed`
    3. Run all mock scenarios via Swagger: `api/scripts/mock-all`
 
-5. Setup web-hook
-   1. On Github
-      1. [Create web-hook](https://github.com/rodekruis/IBF-system/settings/hooks) to
+5. Setup webhook
+
+   1. On GitHub
+      1. [Create webhook](https://github.com/rodekruis/IBF-system/settings/hooks) to
          listen on `http://ip-address:3099/`
-      2. Set secret for web-hook access
-   2. On VM:
+      2. Set secret for webhook access
+   2. On VM
       1. `sudo cp tools/webhook.service /etc/systemd/system/`
-      2. Set `GITHUB_WEBHOOK_SECRET` value in `/etc/systemd/system/webhook.service` as same value set in Github Webhooks
-      3. Verification - `ls /etc/systemd/system/`
+      2. Set `GITHUB_WEBHOOK_SECRET` value in `/etc/systemd/system/webhook.service` as same value set in GitHub Webhooks
+      3. `ls /etc/systemd/system/` to verify
       4. In `/home/ibf-user/IBF-system` - `npm install github-webhook-handler`
-      5. `sudo systemctl enable webhook` > this makes sure the webhook also restarts again automatically on reboot
-      6. `sudo service webhook start`
-      7. Verification - `sudo service webhook status`
+      5. `systemctl enable webhook` to start webhook on VM reboot
+      6. `service webhook start` to start webhook manually
+      7. `service webhook status` to verify

docs/VM_SETUP_HANDOVER.md

@@ -102,7 +102,7 @@
 4. Load initial data
 
    1. Download
-      [raster-files.zip](https://rodekruis.sharepoint.com/sites/510-CRAVK-510/_layouts/15/guestaccess.aspx?folderid=0fa454e6dc0024dbdba7a178655bdc216&authkey=AcqhM85JHZY8cc6H7BTKgO0&expiration=2021-08-27T22%3A00%3A00.000Z&e=MnocDf)
+      [raster-files.zip](https://510ibfsystem.blob.core.windows.net/rasters/raster-files.zip)
    2. Unzip the files using `apt install unzip` and `unzip raster-files.zip`, into `services/API-service/geoserver-volume/raster-files/` such that that folder now has subfolders `input`, `mock-output` and `output`.
    3. Run seed script through `docker-compose exec ibf-api-service npm run seed`
 

example.env

@@ -1,7 +1,3 @@
-# nginx
-CERTBOT_EMAIL=
-FQDN=
-
 # services/API-service
 DB_HOST=ibf-local-db #docker.for.mac.localhost
 DB_PORT=5432 #5437

interfaces/IBF-dashboard/Dockerfile

@@ -2,7 +2,10 @@ FROM node:20-alpine
 
 RUN apk update && apk add python3 make g++ git
 
-RUN mkdir -p /home/node/app/node_modules && mkdir -p /home/node/app/www && chown -R node:node /home/node/app
+RUN mkdir -p /home/node/app/node_modules && \
+    mkdir -p /home/node/app/www && \
+    mkdir -p /home/node/app/_www && \
+    chown -R node:node /home/node/app
 
 WORKDIR /home/node/app
 
@@ -50,3 +53,5 @@ ARG WHATS_NEW_URL
 ENV WHATS_NEW_URL=$WHATS_NEW_URL
 
 RUN npm run build -- --configuration $NG_CONFIGURATION
+
+CMD ["cp", "-r", "www/.", "_www/"]