diff --git a/.circleci/config.yml b/.circleci/config.yml index d8413dc66..590bc72af 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -96,6 +96,12 @@ workflows: requires: - get-version + - docker-build-docker-compose-ingress: + context: *build-context + filters: *filters-build + requires: + - get-version + - publish-approval: type: approval filters: &filters-ignore-main-branch-or-all-tags @@ -199,6 +205,15 @@ workflows: - test-frontend-2 - test-server + - docker-publish-docker-compose-ingress: + context: *docker-hub-context + filters: *filters-publish + requires: + - docker-build-docker-compose-ingress + - get-version + - pre-commit + - publish-approval + - publish-helm-chart: filters: &filters-publish branches: @@ -673,6 +688,12 @@ jobs: FOLDER: utils SPECKLE_SERVER_PACKAGE: monitor-deployment + docker-build-docker-compose-ingress: + <<: *build-job + environment: + FOLDER: utils + SPECKLE_SERVER_PACKAGE: docker-compose-ingress + docker-publish: &publish-job docker: &base-image - image: cimg/python:3.9.15-node @@ -734,6 +755,12 @@ jobs: FOLDER: utils SPECKLE_SERVER_PACKAGE: monitor-deployment + docker-publish-docker-compose-ingress: + <<: *publish-job + environment: + FOLDER: utils + SPECKLE_SERVER_PACKAGE: docker-compose-ingress + publish-npm: docker: *docker-image working_directory: *work-dir diff --git a/docker-compose-speckle.yml b/docker-compose-speckle.yml index b3e4136c7..e49a08de4 100644 --- a/docker-compose-speckle.yml +++ b/docker-compose-speckle.yml @@ -1,20 +1,35 @@ -version: '2.3' +version: '2.4' services: - speckle-frontend: + speckle-ingress: build: context: . - dockerfile: packages/frontend/Dockerfile - image: speckle/speckle-frontend:local + dockerfile: utils/docker-compose-ingress/Dockerfile + platform: linux/amd64 + image: speckle/speckle-docker-compose-ingress:local restart: always ports: - '0.0.0.0:80:8080' environment: - FILE_SIZE_LIMIT_MB: 100 + FILE_SIZE_LIMIT_MB: '100' + NGINX_ENVSUBST_OUTPUT_DIR: '/etc/nginx' + + speckle-frontend-2: + build: + context: . + dockerfile: packages/frontend-2/Dockerfile + platform: linux/amd64 + image: speckle/speckle-frontend-2:local + restart: always + environment: + NUXT_PUBLIC_SERVER_NAME: 'local' + NUXT_PUBLIC_API_ORIGIN: 'http://127.0.0.1' + NUXT_PUBLIC_BACKEND_API_ORIGIN: 'http://speckle-server:3000' speckle-server: build: context: . dockerfile: packages/server/Dockerfile + platform: linux/amd64 image: speckle/speckle-server:local restart: always healthcheck: @@ -53,10 +68,14 @@ services: FILE_SIZE_LIMIT_MB: 100 EMAIL_FROM: 'no-reply@example.org' + USE_FRONTEND_2: true + FRONTEND_ORIGIN: 'http://127.0.0.1' + preview-service: build: context: . dockerfile: packages/preview-service/Dockerfile + platform: linux/amd64 image: speckle/speckle-preview-service:local restart: always mem_limit: '3000m' @@ -69,6 +88,7 @@ services: build: context: . dockerfile: packages/webhook-service/Dockerfile + platform: linux/amd64 image: speckle/speckle-webhook-service:local restart: always environment: @@ -79,6 +99,7 @@ services: build: context: . dockerfile: packages/fileimport-service/Dockerfile + platform: linux/amd64 image: speckle/speckle-fileimport-service:local restart: always environment: diff --git a/utils/1click_image_scripts/setup.py b/utils/1click_image_scripts/setup.py index 60e3e9696..5f93fd220 100755 --- a/utils/1click_image_scripts/setup.py +++ b/utils/1click_image_scripts/setup.py @@ -146,6 +146,7 @@ def main(): yml_doc = yaml.load(f) env = yml_doc["services"]["speckle-server"]["environment"] env["CANONICAL_URL"] = DoubleQuotedScalarString(canonical_url) + env["FRONTEND_ORIGIN"] = DoubleQuotedScalarString(canonical_url) env["SESSION_SECRET"] = DoubleQuotedScalarString(secrets.token_hex(32)) if email: env["EMAIL"] = DoubleQuotedScalarString("true") @@ -157,6 +158,10 @@ def main(): else: env["EMAIL"] = DoubleQuotedScalarString("false") + fe2env = yml_doc["services"]["speckle-frontend-2"]["environment"] + fe2env["NUXT_PUBLIC_SERVER_NAME"] = DoubleQuotedScalarString(canonical_url) + fe2env["NUXT_PUBLIC_API_ORIGIN"] = DoubleQuotedScalarString(canonical_url) + with open(os.path.join(FILE_PATH, "docker-compose.yml"), "w") as f: f.write("# This file was generated by SpeckleServer setup.\n") f.write("# If the setup is re-run, this file will be overwritten.\n\n") diff --git a/utils/1click_image_scripts/template-docker-compose.yml b/utils/1click_image_scripts/template-docker-compose.yml index 917cd07dd..e64d5e051 100644 --- a/utils/1click_image_scripts/template-docker-compose.yml +++ b/utils/1click_image_scripts/template-docker-compose.yml @@ -36,13 +36,15 @@ services: #### # Speckle Server ####### - speckle-frontend: - image: speckle/speckle-frontend:2 + speckle-frontend-2: + image: speckle/speckle-frontend-2:2 restart: always ports: - '127.0.0.1:8080:8080' environment: - FILE_SIZE_LIMIT_MB: 100 + NUXT_PUBLIC_SERVER_NAME: 'TODO: change' # e.g. 'my-speckle-server' + NUXT_PUBLIC_API_ORIGIN: 'TODO: change' # e.g. 'http://127.0.0.1' + NUXT_PUBLIC_BACKEND_API_ORIGIN: 'http://speckle-server:3000' speckle-server: image: speckle/speckle-server:2 @@ -92,6 +94,9 @@ services: FILE_SIZE_LIMIT_MB: 100 + USE_FRONTEND_2: true + FRONTEND_ORIGIN: 'TODO: change' + speckle-preview-service: image: speckle/speckle-preview-service:2 restart: always diff --git a/utils/docker-compose-ingress/Dockerfile b/utils/docker-compose-ingress/Dockerfile new file mode 100644 index 000000000..6c5d10d9e --- /dev/null +++ b/utils/docker-compose-ingress/Dockerfile @@ -0,0 +1,8 @@ +FROM nginx:1.25-bookworm +ENV FILE_SIZE_LIMIT_MB=100 + +RUN mkdir -p /var/nginx +COPY utils/docker-compose-ingress/nginx/templates /etc/nginx/templates +COPY utils/docker-compose-ingress/nginx/conf/mime.types /etc/nginx/mime.types + +EXPOSE 8080 diff --git a/utils/docker-compose-ingress/nginx/conf/mime.types b/utils/docker-compose-ingress/nginx/conf/mime.types new file mode 100644 index 000000000..8d37c8636 --- /dev/null +++ b/utils/docker-compose-ingress/nginx/conf/mime.types @@ -0,0 +1,98 @@ +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/avif avif; + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/wasm wasm; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/utils/docker-compose-ingress/nginx/templates/nginx.conf.template b/utils/docker-compose-ingress/nginx/templates/nginx.conf.template new file mode 100644 index 000000000..06030223b --- /dev/null +++ b/utils/docker-compose-ingress/nginx/templates/nginx.conf.template @@ -0,0 +1,137 @@ +pcre_jit on; +error_log stderr info; + +events { + worker_connections 1024; +} + +http { + include mime.types; + default_type application/octet-stream; + + # move default write paths to a custom directory + # kubernetes can mount this directory and prevent writes to the root directory + # https://github.com/openresty/docker-openresty/issues/119 + client_body_temp_path /var/nginx/nginx-client-body; + proxy_temp_path /var/nginx/nginx-proxy; + fastcgi_temp_path /var/nginx/nginx-fastcgi; + uwsgi_temp_path /var/nginx/nginx-uwsgi; + scgi_temp_path /var/nginx/nginx-scgi; + + log_format json_combined escape=json + '{' + '"time_local":"$time_local",' + '"remote_addr":"$remote_addr",' + '"remote_user":"$remote_user",' + '"request":"$request",' + '"status": "$status",' + '"body_bytes_sent":"$body_bytes_sent",' + '"request_time":"$request_time",' + '"http_referrer":"$http_referer",' + '"http_user_agent":"$http_user_agent"' + '}'; + + sendfile on; + keepalive_timeout 65; + access_log /dev/stdout json_combined; + + # Speckle configuration + server_tokens off; + gzip on; + gzip_disable "msie6"; + + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; + gzip_min_length 256; + gzip_types + application/atom+xml + application/geo+json + application/javascript + application/x-javascript + application/json + application/ld+json + application/manifest+json + application/rdf+xml + application/rss+xml + application/xhtml+xml + application/xml + font/eot + font/otf + font/ttf + image/svg+xml + text/css + text/javascript + text/plain + text/xml; + + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/13; + set_real_ip_from 104.24.0.0/14; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 2400:cb00::/32; + set_real_ip_from 2606:4700::/32; + set_real_ip_from 2803:f800::/32; + set_real_ip_from 2405:b500::/32; + set_real_ip_from 2405:8100::/32; + set_real_ip_from 2c0f:f248::/32; + set_real_ip_from 2a06:98c0::/29; + + #use any of the following two + real_ip_header CF-Connecting-IP; + #real_ip_header X-Forwarded-For; + + server { + listen 8080; + client_max_body_size 100m; + + location / { + resolver 127.0.0.11 valid=30s; + set $upstream_speckle_frontend_2 speckle-frontend-2; + client_max_body_size ${FILE_SIZE_LIMIT_MB}m; + proxy_pass http://$upstream_speckle_frontend_2:8080; + + proxy_buffering off; + proxy_request_buffering off; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + + location ~* ^/(graphql|explorer|(auth/.*)|(objects/.*)|(preview/.*)|(api/.*)|(static/.*)) { + resolver 127.0.0.11 valid=30s; + set $upstream_speckle_server speckle-server; + client_max_body_size ${FILE_SIZE_LIMIT_MB}m; + proxy_pass http://$upstream_speckle_server:3000; + + proxy_buffering off; + proxy_request_buffering off; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + + error_page 500 502 503 504 /50x.html; + + location = /50x.html { + root /app; + } + } +} diff --git a/workspace.code-workspace b/workspace.code-workspace index 6a77dcdc4..2ab309000 100644 --- a/workspace.code-workspace +++ b/workspace.code-workspace @@ -104,6 +104,9 @@ }, "[vue]": { "editor.defaultFormatter": "esbenp.prettier-vscode" + }, + "[dockercompose]": { + "editor.defaultFormatter": "esbenp.prettier-vscode" } }, "extensions": {