Infrastructure migration (#753)

* docker images for production

* modifying to include migration on backend

* Nginx config update

* Nginx config update to expose

* adding ssl for backend

* substituting integration to test current config

* Server SSL config

* adding certificate auth to required options

* updating to working nginx conf

* adding beta configuration

* removing ssl from server

* Adding global env

.gitignore

@@ -10,3 +10,4 @@ packages/webapp/cypress/videos
 packages/webapp/cypress/screenshots
 .vscode
 .DS_Store
+.env

docker-compose.prod.yml

@@ -0,0 +1,50 @@
+version: "3.7"
+
+volumes:
+  postgres-data:
+    driver: local
+
+services:
+  db:
+    container_name: litefarm-db
+    image: postgres:13
+    ports:
+      - "5433:5432"
+    environment:
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+      POSTGRES_USER: ${POSTGRES_USER}
+      POSTGRES_DB: ${POSTGRES_DB}
+    healthcheck:
+      test: [ "CMD", "pg_isready", "-U", "postgres" ]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+    volumes:
+      - ~/docker/volumes/postgres:/var/lib/postgresql/data
+  backend:
+    container_name: litefarm-api
+    deploy:
+      restart_policy:
+        condition: on-failure
+        max_attempts: 3
+    build:
+      context: ./packages/api
+      dockerfile: prod.Dockerfile
+    volumes:
+      - /etc/letsencrypt:/usr/src/letsencrypt
+    ports:
+      - "5000:5000"
+    environment:
+      WAIT_HOSTS: litefarm-db:5432
+      NODE_ENV: production
+      DATABASE_URL: ${DATABASE_URL}
+  frontend:
+    container_name: litefarm-web
+    build:
+      context: ./packages/webapp
+      dockerfile: prod.Dockerfile
+    volumes:
+      - /etc/letsencrypt:/etc/letsencrypt
+    ports:
+      - "80:80"
+      - "443:443"

packages/api/.dockerignore

@@ -0,0 +1 @@
+node_modules

packages/api/package.json

@@ -9,6 +9,7 @@
     "test-end2end": "jest endToEnd",
     "jest-w": "jest --watch",
     "start": "set NODE_ENV=development&& node src/server.js",
+    "start:prod": "node src/server.js",
     "nodemon": "set NODE_ENV=development&& nodemon src/server.js",
     "debug-email-template": "set NODE_ENV=development&& DEBUG=email-templates nodemon src/server.js",
     "debug-i18n": "set NODE_ENV=development&& DEBUG=i18n:* nodemon src/server.js",

packages/api/prod.Dockerfile

@@ -0,0 +1,13 @@
+FROM node:14.16.0
+
+WORKDIR /usr/src/app
+
+COPY ./package*.json ./
+
+RUN npm install
+
+COPY . .
+
+RUN npm install -g nodemon
+
+CMD npm run migrate:dev:db &&  nodemon --exec npm run start:prod

packages/webapp/.dockerignore

@@ -0,0 +1 @@
+node_modules

packages/webapp/nginx.conf

@@ -0,0 +1,78 @@
+user  nginx;
+worker_processes  auto;
+
+error_log /dev/stdout info;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+
+    sendfile    on;
+    tcp_nopush  on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /dev/stdout;
+
+    gzip             on;
+    gzip_vary        on;
+    gzip_min_length  10240;
+    gzip_comp_level  6;
+    gzip_proxied expired no-cache no-store private auth;
+    gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
+
+    # include /etc/nginx/conf.d/*.conf;
+
+    server {
+        server_name beta.litefarm.org;
+
+        location / {
+            root /var/www/litefarm;
+            try_files $uri /index.html;
+        }
+        listen 443 ssl; # managed by Certbot
+        ssl_certificate /etc/letsencrypt/live/beta.litefarm.org/fullchain.pem; # managed by Certbot
+        ssl_certificate_key /etc/letsencrypt/live/beta.litefarm.org/privkey.pem; # managed by Certbot
+        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+    }
+
+    server {
+        server_name api.beta.litefarm.org;
+        underscores_in_headers on;
+
+        location / {
+          proxy_set_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
+          proxy_pass_request_headers      on;
+          proxy_set_header 'Access-Control-Allow-Origin' '*';
+          proxy_pass http://backend:5000/;
+        }
+        listen 443 ssl; # managed by Certbot
+        ssl_certificate /etc/letsencrypt/live/beta.litefarm.org/fullchain.pem; # managed by Certbot
+        ssl_certificate_key /etc/letsencrypt/live/beta.litefarm.org/privkey.pem; # managed by Certbot
+        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+    }
+
+    server {
+        if ($host = beta.litefarm.org) {
+            return 301 https://$host$request_uri;
+        } # managed by Certbot
+
+        server_name beta.litefarm.org;
+        listen 80;
+        return 404; # managed by Certbot
+    }
+
+}

packages/webapp/prod.Dockerfile

@@ -0,0 +1,19 @@
+FROM node:14.16.1 as build
+
+WORKDIR /usr/src/app
+
+COPY ./package*.json /usr/src/app/
+
+RUN npm install
+
+COPY ./ /usr/src/app/
+
+RUN npm run build
+
+FROM nginx:1.15
+
+COPY --from=build /usr/src/app/build /var/www/litefarm
+
+COPY --from=build /usr/src/app/nginx.conf /etc/nginx/
+
+EXPOSE 80 443

packages/webapp/src/apiConfig.js

@@ -23,7 +23,7 @@ if (NODE_ENV === 'development') {
   if (REACT_APP_ENV === 'production') {
     URI = 'https://litefarm-api-production.herokuapp.com';
   } else if (REACT_APP_ENV === 'integration') {
-    URI = 'https://litefarm-api-integration.herokuapp.com';
+    URI = 'https://api.beta.litefarm.org';
   }
 }