From a1e1292d960ac209b2c5c4be38b68b7429068cf0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89lie=20Bouttier?= Date: Mon, 11 Sep 2023 17:17:35 +0000 Subject: [PATCH] traefik https --- .env.current | 47 ---------------------------------------- .env.dev | 36 ------------------------------ .env.latest-versions | 16 -------------- .env.prod => .env.sample | 25 +++++++++++---------- .gitignore | 5 ++--- config/traefik/.gitkeep | 0 docker-compose.yml | 42 +++++++++++++++++++++-------------- 7 files changed, 42 insertions(+), 129 deletions(-) delete mode 100644 .env.current delete mode 100644 .env.dev delete mode 100644 .env.latest-versions rename .env.prod => .env.sample (60%) create mode 100644 config/traefik/.gitkeep diff --git a/.env.current b/.env.current deleted file mode 100644 index 6e82402..0000000 --- a/.env.current +++ /dev/null @@ -1,47 +0,0 @@ -GN_VERSION="cur" - -GEONATURE_BACKEND_CURRENT_IMAGE="gn_backend_${GN_VERSION}" -GEONATURE_FRONTEND_CURRENT_IMAGE="gn_frontend_${GN_VERSION}" -GEONATURE_ATLAS_CURRENT_IMAGE="gn_atlas_${GN_VERSION}" -GEONATURE_FRONTEND_CURRENT_4_MODULES_IMAGE="gn_frontend_4_${GN_VERSION}" -GEONATURE_BACKEND_CURRENT_4_MODULES_IMAGE="gn_backend_4_${GN_VERSION}" - -POSTGRES_USER="geonatadmin" -POSTGRES_PASSWORD="geonatpasswd" -POSTGRES_HOST="postgres" -POSTGRES_DB="geonature2db" - -GDS_HTTP_PORT=8081 -GDS_HTTPS_PORT=8083 - -BASE_PROTOCOL="http" -HOST="localhost" - -GDS_USERSHUB_IMAGE="ghcr.io/pnx-si/usershub:latest" -GDS_USERSHUB_HOST="${HOST}:${GDS_HTTP_PORT}" -GDS_USERSHUB_PROTOCOL="${BASE_PROTOCOL}" -GDS_USERSHUB_DOMAIN="${HOST}" -GDS_USERSHUB_PREFIX="/usershub" - -GDS_TAXHUB_IMAGE="ghcr.io/pnx-si/taxhub:latest" -GDS_TAXHUB_DOMAIN="${HOST}" -GDS_TAXHUB_HOST="${HOST}:${GDS_HTTP_PORT}" -GDS_TAXHUB_PREFIX="/taxhub" -GDS_TAXHUB_API_PREFIX="${GDS_TAXHUB_PREFIX}/api" -GDS_TAXHUB_PROTOCOL="${BASE_PROTOCOL}" - -GDS_GEONATURE_BACKEND_IMAGE="${GEONATURE_BACKEND_CURRENT_4_MODULES_IMAGE}" -GDS_GEONATURE_DOMAIN="${HOST}" -GDS_GEONATURE_BACKEND_HOST="${HOST}:${GDS_HTTP_PORT}" -GDS_GEONATURE_BACKEND_PREFIX="/geonature/api" -GDS_GEONATURE_BACKEND_PROTOCOL="${BASE_PROTOCOL}" - -GDS_GEONATURE_FRONTEND_IMAGE="${GEONATURE_FRONTEND_CURRENT_4_MODULES_IMAGE}" -GDS_GEONATURE_FRONTEND_PROTOCOL="${BASE_PROTOCOL}" -GDS_GEONATURE_FRONTEND_HOST="${HOST}:${GDS_HTTP_PORT}" -GDS_GEONATURE_FRONTEND_PREFIX="/geonature" - -GDS_ATLAS_IMAGE="${GEONATURE_ATLAS_CURRENT_IMAGE}" -GDS_ATLAS_DOMAIN="${HOST}" -GDS_ATLAS_HOST="${HOST}:${GDS_HTTP_PORT}" -GDS_ATLAS_PREFIX="/atlas" \ No newline at end of file diff --git a/.env.dev b/.env.dev deleted file mode 100644 index 108f97d..0000000 --- a/.env.dev +++ /dev/null @@ -1,36 +0,0 @@ -BASE_PROTOCOL="http" -HOST="localhost" - -HTTP_PORT=8081 -HTTPS_PORT=8083 - -POSTGRES_USER="geonatadmin" -POSTGRES_PASSWORD="geonatpasswd" -POSTGRES_HOST="postgres" -POSTGRES_DB="geonature2db" - -USERSHUB_IMAGE="ghcr.io/pnx-si/usershub:latest" -USERSHUB_HOST="${HOST}:${HTTP_PORT}" -USERSHUB_PROTOCOL="${BASE_PROTOCOL}" -USERSHUB_DOMAIN="${HOST}" -USERSHUB_PREFIX="/usershub" -USERSHUB_SECRET_KEY="change me" - -TAXHUB_IMAGE="ghcr.io/pnx-si/taxhub:latest" -TAXHUB_DOMAIN="${HOST}" -TAXHUB_PROTOCOL="${BASE_PROTOCOL}" -TAXHUB_HOST="${HOST}:${HTTP_PORT}" -TAXHUB_PREFIX="/taxhub" -TAXHUB_API_PREFIX="${TAXHUB_PREFIX}/api" - -GEONATURE_DOMAIN="${HOST}" - -GEONATURE_BACKEND_IMAGE="ghcr.io/pnx-si/geonature-backend-extra:latest" -GEONATURE_BACKEND_HOST="${HOST}:${HTTP_PORT}" -GEONATURE_BACKEND_PREFIX="/geonature/api" -GEONATURE_BACKEND_PROTOCOL="http" - -GEONATURE_FRONTEND_IMAGE="ghcr.io/pnx-si/geonature-frontend-extra:latest" -GEONATURE_FRONTEND_HOST="${HOST}:${HTTP_PORT}" -GEONATURE_FRONTEND_PROTOCOL="${BASE_PROTOCOL}" -GEONATURE_FRONTEND_PREFIX="/geonature" diff --git a/.env.latest-versions b/.env.latest-versions deleted file mode 100644 index 782c94f..0000000 --- a/.env.latest-versions +++ /dev/null @@ -1,16 +0,0 @@ -# VERSIONS - -GDS_VERSION=0.0.1 - -# Pour info -# GN_MODULE_DASHBOARD=1.3.0 -# GN_MODULE_EXPORT=1.4.0 -# GN_MODULE_IMPORT=2.1.0 -# GN_MODULE_MONITORING=0.6.0 - -GDS_USERSHUB_IMAGE="ghcr.io/pnx-si/usershub:2.3.3" -GDS_TAXHUB_IMAGE="ghcr.io/pnx-si/taxhub:1.11.1" - -# en attendant la prochaine release de geonature -GDS_GEONATURE_BACKEND_IMAGE="ghcr.io/pnx-si/gds-geonature-4-modules-backend:main" -GDS_GEONATURE_BACKEND_IMAGE="ghcr.io/pnx-si/gds-geonature-4-modules-backend:main" diff --git a/.env.prod b/.env.sample similarity index 60% rename from .env.prod rename to .env.sample index aef0e2c..e76c209 100644 --- a/.env.prod +++ b/.env.sample @@ -1,36 +1,39 @@ -BASE_PROTOCOL="http" -HOST="example.com" +BASE_PROTOCOL="https" HTTP_PORT=80 HTTPS_PORT=443 +HOST="localhost" +HOSTPORT="${HOST}" # set to ${HOST}:${HTTPS_PORT} if different from 443 + +ACME_EMAIL="" # required for valid https certificates + POSTGRES_USER="geonatadmin" POSTGRES_PASSWORD="geonatpasswd" POSTGRES_HOST="postgres" POSTGRES_DB="geonature2db" USERSHUB_IMAGE="ghcr.io/pnx-si/usershub:latest" -USERSHUB_HOST="${HOST}" USERSHUB_PROTOCOL="${BASE_PROTOCOL}" -USERSHUB_DOMAIN="${HOST}" +USERSHUB_HOST="${HOST}" +USERSHUB_HOSTPORT="${HOSTPORT}" USERSHUB_PREFIX="/usershub" -USERSHUB_SECRET_KEY="change me" TAXHUB_IMAGE="ghcr.io/pnx-si/taxhub:latest" -TAXHUB_DOMAIN="${HOST}" TAXHUB_PROTOCOL="${BASE_PROTOCOL}" TAXHUB_HOST="${HOST}" +TAXHUB_HOSTPORT="${HOST}" TAXHUB_PREFIX="/taxhub" TAXHUB_API_PREFIX="${TAXHUB_PREFIX}/api" -GEONATURE_DOMAIN="${HOST}" - -GEONATURE_BACKEND_IMAGE="ghcr.io/pnx-si/geonature-backend:latest" +GEONATURE_BACKEND_IMAGE="ghcr.io/pnx-si/geonature-backend-extra:latest" +GEONATURE_BACKEND_PROTOCOL="${BASE_PROTOCOL}" GEONATURE_BACKEND_HOST="${HOST}" +GEONATURE_BACKEND_HOSTPORT="${HOSTPORT}" GEONATURE_BACKEND_PREFIX="/geonature/api" -GEONATURE_BACKEND_PROTOCOL="${BASE_PROTOCOL}" -GEONATURE_FRONTEND_IMAGE="ghcr.io/pnx-si/geonature-frontend:latest" +GEONATURE_FRONTEND_IMAGE="ghcr.io/pnx-si/geonature-frontend-extra:latest" GEONATURE_FRONTEND_PROTOCOL="${BASE_PROTOCOL}" GEONATURE_FRONTEND_HOST="${HOST}" +GEONATURE_FRONTEND_HOSTPORT="${HOSTPORT}" GEONATURE_FRONTEND_PREFIX="/geonature" diff --git a/.gitignore b/.gitignore index daa140d..70cfd53 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,6 @@ .env -config/* -data/taxhub/static/* -data/geonature/media/* +/config/ +/data/ !data/**/.gitkeep !data/**/*.sample *.swp diff --git a/config/traefik/.gitkeep b/config/traefik/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/docker-compose.yml b/docker-compose.yml index ad13cdb..3982d11 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,9 +10,9 @@ x-geonature-backend-defaults: &geonature-backend-defaults <<: *defaults environment: - GEONATURE_SQLALCHEMY_DATABASE_URI=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT:-5432}/${POSTGRES_DB} - - GEONATURE_URL_APPLICATION="${GEONATURE_FRONTEND_PROTOCOL}://${GEONATURE_FRONTEND_HOST}${GEONATURE_FRONTEND_PREFIX:-}" - - GEONATURE_API_ENDPOINT="${GEONATURE_BACKEND_PROTOCOL}://${GEONATURE_BACKEND_HOST}${GEONATURE_BACKEND_PREFIX:-/}" - - GEONATURE_API_TAXHUB="${TAXHUB_PROTOCOL}://${TAXHUB_HOST}${TAXHUB_API_PREFIX}" + - GEONATURE_URL_APPLICATION="${GEONATURE_FRONTEND_PROTOCOL}://${GEONATURE_FRONTEND_HOSTPORT}${GEONATURE_FRONTEND_PREFIX:-}" + - GEONATURE_API_ENDPOINT="${GEONATURE_BACKEND_PROTOCOL}://${GEONATURE_BACKEND_HOSTPORT}${GEONATURE_BACKEND_PREFIX:-/}" + - GEONATURE_API_TAXHUB="${TAXHUB_PROTOCOL}://${TAXHUB_HOSTPORT}${TAXHUB_API_PREFIX}" - GEONATURE_CONFIG_FILE=${GEONATURE_CONFIG_FILE:-/dist/config/geonature_config.toml} - GEONATURE_STATIC_FOLDER=${GEONATURE_STATIC_FOLDER:-/dist/static} - GEONATURE_CUSTOM_STATIC_FOLDER=${GEONATURE_CUSTOM_STATIC_FOLDER:-/dist/custom} @@ -39,11 +39,17 @@ services: command: - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - - "--entrypoints.web.address=:80" - - "--entrypoints.websecure.address=:443" + - "--entryPoints.web.address=:80" + - "--entryPoints.web.http.redirections.entrypoint.to=websecure" + - "--entryPoints.web.http.redirections.entrypoint.scheme=https" + - "--entryPoints.websecure.address=:443" + - "--certificatesResolvers.acme-resolver.acme.email=${ACME_EMAIL}" + - "--certificatesResolvers.acme-resolver.acme.storage=/etc/traefik/certs/acme.json" + - "--certificatesResolvers.acme-resolver.acme.tlsChallenge=true" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - - ./data/traefik/certs:/certs + - ./config/traefik:/etc/traefik/dynamic + - ./data/traefik/certs:/etc/traefik/certs ports: - ${HTTP_PORT:-80}:80 - ${HTTPS_PORT:-443}:443 @@ -84,7 +90,7 @@ services: volumes: - ${USERSHUB_CONFIG_DIRECTORY:-./config/usershub}:/dist/config/ environment: - - USERSHUB_URL_APPLICATION="${USERSHUB_PROTOCOL}://${USERSHUB_HOST}${USERSHUB_PREFIX}" + - USERSHUB_URL_APPLICATION="${USERSHUB_PROTOCOL}://${USERSHUB_HOSTPORT}${USERSHUB_PREFIX}" - USERSHUB_SQLALCHEMY_DATABASE_URI=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT:-5432}/${POSTGRES_DB} - USERSHUB_SETTINGS=${USERSHUB_SETTINGS:-/dist/config/config.py} - USERSHUB_ACTIVATE_APP=${USERSHUB_ACTIVATE_APP:-true} @@ -93,8 +99,9 @@ services: - PYTHONPATH=/dist/config labels: - "traefik.enable=true" - - "traefik.http.routers.usershub.rule=Host(`${USERSHUB_DOMAIN}`) && PathPrefix(`${USERSHUB_PREFIX:-/usershub}`)" - - "traefik.http.routers.usershub.entrypoints=web" + - "traefik.http.routers.usershub.rule=Host(`${USERSHUB_HOST}`) && PathPrefix(`${USERSHUB_PREFIX}`)" + - "traefik.http.routers.usershub.entrypoints=websecure" + - "traefik.http.routers.usershub.tls.certResolver=acme-resolver" taxhub: <<: *defaults @@ -112,8 +119,9 @@ services: - PYTHONPATH=/dist/config labels: - "traefik.enable=true" - - "traefik.http.routers.taxhub.rule=Host(`${TAXHUB_DOMAIN}`) && PathPrefix(`${TAXHUB_PREFIX:-/taxhub}`)" - - "traefik.http.routers.taxhub.entrypoints=web" + - "traefik.http.routers.taxhub.rule=Host(`${TAXHUB_HOST}`) && PathPrefix(`${TAXHUB_PREFIX}`)" + - "traefik.http.routers.taxhub.entrypoints=websecure" + - "traefik.http.routers.taxhub.tls.certResolver=acme-resolver" geonature-worker: <<: *geonature-backend-defaults @@ -140,18 +148,20 @@ services: - ${GEONATURE_MEDIA_DIRECTORY:-./data/geonature/media}:/dist/media labels: - "traefik.enable=true" - - "traefik.http.routers.geonature-backend.rule=Host(`${GEONATURE_DOMAIN}`) && PathPrefix(`${GEONATURE_BACKEND_PREFIX:-/geonature/api}`)" - - "traefik.http.routers.geonature-backend.entrypoints=web" + - "traefik.http.routers.geonature-backend.rule=Host(`${GEONATURE_BACKEND_HOST}`) && PathPrefix(`${GEONATURE_BACKEND_PREFIX}`)" + - "traefik.http.routers.geonature-backend.entrypoints=websecure" + - "traefik.http.routers.geonature-backend.tls.certResolver=acme-resolver" geonature-frontend: image: ${GEONATURE_FRONTEND_IMAGE} environment: - NGINX_LOCATION=${GEONATURE_FRONTEND_PREFIX} - - API_ENDPOINT="${GEONATURE_BACKEND_PROTOCOL}://${GEONATURE_BACKEND_HOST}${GEONATURE_BACKEND_PREFIX}" + - API_ENDPOINT="${GEONATURE_BACKEND_PROTOCOL}://${GEONATURE_BACKEND_HOSTPORT}${GEONATURE_BACKEND_PREFIX}" labels: - "traefik.enable=true" - - "traefik.http.routers.geonature.rule=Host(`${GEONATURE_DOMAIN}`) && PathPrefix(`${GEONATURE_FRONTEND_PREFIX:-/}`)" - - "traefik.http.routers.geonature.entrypoints=web" + - "traefik.http.routers.geonature.rule=Host(`${GEONATURE_FRONTEND_HOST}`) && PathPrefix(`${GEONATURE_FRONTEND_PREFIX}`)" + - "traefik.http.routers.geonature.entrypoints=websecure" + - "traefik.http.routers.geonature.tls.certResolver=acme-resolver" volumes: redis: