Add staging files

2019-03-24 01:11:57 +08:00 · 2019-03-24 01:11:57 +08:00 · b407b94c0f
parent 04914ebc7d
commit b407b94c0f
2 changed files with 373 additions and 0 deletions
--- a/docker-compose.staging.yml
+++ b/docker-compose.staging.yml
@ -0,0 +1,190 @@
+#
+# Deployment
+#
+# Requirements
+# ./traefik.staging.toml
+# ./backend-core/postgres
+#
+
+version: "3"
+services:
+
+  traefik:
+    image: traefik
+    command: --configfile=/traefik.toml
+    depends_on:
+      - core
+      - signal
+      - heartbeat
+      - bite
+      - publish
+      - subscribe
+      - transcription
+      - auth
+    ports:
+      - "80:80"
+      - "443:443"
+      - "1837:1837"
+      - "8080:8080"
+    volumes:
+      - ./traefik.staging.toml:/traefik.toml:ro
+    networks:
+      - traefiknet
+      - authnet
+
+  pg:
+    image: postgres:10.3
+    environment:
+      - POSTGRES_USER=root
+      - POSTGRES_PASSWORD=
+      - POSTGRES_DB=core
+    ports:
+      - "5432:5432" # Close this for production
+    volumes:
+      - ./backend-core/postgres:/docker-entrypoint-initdb.d:ro
+    networks:
+      - pgnet
+
+  nats:
+    image: nats:latest
+    ports: # Close these for production
+      - "4222:4222"
+      - "6222:6222"
+      - "8222:8222"
+    networks:
+      - natsnet
+
+  redis:
+    image: redis:latest
+    ports:
+      - "6379:6379" # Close this for production
+    networks:
+      - redisnet
+
+  core:
+    image: registry.makerforce.io/beep/backend-core:latest
+    restart: unless-stopped
+    depends_on:
+      - pg
+    environment:
+      - LISTEN=:80
+      - POSTGRES=postgresql://root@pg:5432/core?sslmode=disable
+    networks:
+      - pgnet
+      - traefiknet
+
+  signal:
+    image: registry.makerforce.io/beep/backend-signal:latest
+    restart: unless-stopped
+    environment:
+      - PORT=80
+    networks:
+      - traefiknet
+
+  heartbeat:
+    image: registry.makerforce.io/beep/backend-heartbeat:latest
+    restart: unless-stopped
+    depends_on:
+      - redis
+    environment:
+      - LISTEN=:80
+      - REDIS=redis:6379
+    networks:
+      - redisnet
+      - traefiknet
+
+  login:
+    image: registry.makerforce.io/beep/backend-login:latest
+    restart: unless-stopped
+    environment:
+      - LISTEN=:80
+      - SECRET=secret
+      - POSTGRES=postgresql://root@pg:5432/core?sslmode=disable
+      - REDIS=redis:6379
+      - TTL=120s
+      - MESSAGING_SID=MG19d18fafcff1f3f34dff04c5b04c0699
+      - TWILIO_SID=AC22ea3eea85e5108a96b947aea8ab1320
+      - TWILIO_TOKEN=fb23fa1a1564aa9f62a7a3117f07b3a0
+    networks:
+      - traefiknet
+      - redisnet
+      - pgnet
+
+  auth:
+    image: registry.makerforce.io/beep/backend-auth:latest
+    restart: unless-stopped
+    environment:
+      - LISTEN=0.0.0.0:10205
+      - SECRET=secret
+    ports:
+      - "10205:10205" # Remove this for production
+    networks:
+      - authnet
+
+  bite:
+    image: registry.makerforce.io/beep/backend-bite:latest
+    restart: unless-stopped
+    depends_on:
+      - nats
+    environment:
+      - LISTEN=:80
+      - NATS=nats://nats:4222
+    networks:
+      - natsnet
+      - traefiknet
+
+  publish:
+    image: registry.makerforce.io/beep/backend-publish:latest
+    restart: unless-stopped
+    depends_on:
+      - nats
+    environment:
+      - LISTEN=:80
+      - NATS=nats://nats:4222
+      - SECRET=secret
+    networks:
+      - natsnet
+      - traefiknet
+
+  store:
+    image: registry.makerforce.io/beep/backend-store:latest
+    restart: unless-stopped
+    depends_on:
+      - nats
+    environment:
+      - NATS=nats://nats:4222
+      - DBPATH=/tmp/badger
+    networks:
+      - natsnet
+
+  subscribe:
+    image: registry.makerforce.io/beep/backend-subscribe:latest
+    restart: unless-stopped
+    depends_on:
+      - nats
+    environment:
+      - LISTEN=:80
+      - NATS=nats://nats:4222
+    networks:
+      - natsnet
+      - traefiknet
+
+  transcription:
+    image: registry.makerforce.io/beep/backend-transcription:latest
+    restart: unless-stopped
+    depends_on:
+      - nats
+    environment:
+      - LISTEN=:80
+      - NATS=nats://nats:4222
+      - API_KEY=AIzaSyDxSXDefzw9gXCQaVzOCYlRn_vcC9Da9Q0
+    networks:
+      - natsnet
+      - traefiknet
+
+networks:
+  authnet:
+  pgnet:
+  natsnet:
+  redisnet:
+  traefiknet:
--- a/traefik.staging.toml
+++ b/traefik.staging.toml
@ -0,0 +1,183 @@
+# staging
+
+[api]
+
+dashboard = false
+
+[acme]
+
+email = "letsencrypt+alpha@beepvoice.app"
+caServer = "https://acme-v02.api.letsencrypt.org/directory"
+acmeLogging = true
+storage = "acme-staging.json"
+onHostRule = true
+entryPoint = "https"
+  [acme.httpChallenge]
+  entryPoint = "http"
+
+# funny, this doesn't work...
+defaultEntryPoints = ["http", "https"]
+
+[entryPoints]
+
+  [entryPoints.http]
+  address = ":80"
+    [entryPoints.http.redirect]
+    entryPoint = "https"
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+  [entryPoints.traefik]
+  address = ":8080"
+
+[file]
+
+# Core
+
+[backends.core]
+  [backends.core.servers.one]
+  url = "http://core"
+
+[frontends.core]
+backend = "core"
+entrypoints = ["http", "https"]
+  [frontends.core.auth.forward]
+  address = "http://auth:10205/auth"
+  [frontends.core.headers.customresponseheaders]
+  Access-Control-Allow-Origin = "*"
+  Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
+  Access-Control-Allow-Credentials = "true"
+  Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
+  [frontends.core.routes.one]
+  rule = "PathPrefixStrip: /core/"
+
+# Signal
+
+[backends.signal]
+  [backends.signal.servers.one]
+  url = "http://signal"
+
+[frontends.signal]
+backend = "signal"
+entrypoints = ["http", "https"]
+  [frontends.signal.auth.forward]
+  address = "http://auth:10205/auth"
+  [frontends.signal.headers.customresponseheaders]
+  Access-Control-Allow-Origin = "*"
+  Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
+  Access-Control-Allow-Credentials = "true"
+  Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
+  [frontends.signal.routes.one]
+  rule = "PathPrefixStrip: /signal/"
+
+# Heartbeat
+
+[backends.heartbeat]
+  [backends.heartbeat.servers.one]
+  url = "http://heartbeat"
+
+[frontends.heartbeat]
+backend = "heartbeat"
+entrypoints = ["http", "https"]
+  [frontends.heartbeat.auth.forward]
+  address = "http://auth:10205/auth"
+  [frontends.heartbeat.headers.customresponseheaders]
+  Access-Control-Allow-Origin = "*"
+  Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
+  Access-Control-Allow-Credentials = "true"
+  Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
+  [frontends.heartbeat.routes.one]
+  rule = "PathPrefixStrip: /heartbeat/"
+
+# Bite
+
+[backends.bite]
+  [backends.bite.servers.one]
+  url = "http://bite"
+
+[frontends.bite]
+backend = "bite"
+entrypoints = ["http", "https"]
+  [frontends.bite.auth.forward]
+  address = "http://auth:10205/auth"
+  [frontends.bite.headers.customresponseheaders]
+  Access-Control-Allow-Origin = "*"
+  Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
+  Access-Control-Allow-Credentials = "true"
+  Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
+  [frontends.bite.routes.one]
+  rule = "PathPrefixStrip: /bite/"
+
+# Publish
+
+[backends.publish]
+  [backends.publish.servers.one]
+  url = "http://publish"
+
+[frontends.publish]
+backend = "publish"
+entrypoints = ["http", "https"]
+  [frontends.publish.auth.forward]
+  address = "http://auth:10205/auth"
+  [frontends.publish.headers.customresponseheaders]
+  Access-Control-Allow-Origin = "*"
+  Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
+  Access-Control-Allow-Credentials = "true"
+  Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
+  [frontends.publish.routes.one]
+  rule = "PathPrefixStrip: /publish/"
+
+# Subscribe
+
+[backends.subscribe]
+  [backends.subscribe.servers.one]
+  url = "http://subscribe"
+
+[frontends.subscribe]
+backend = "subscribe"
+entrypoints = ["http", "https"]
+  [frontends.subscribe.auth.forward]
+  address = "http://auth:10205/auth"
+  [frontends.subscribe.headers.customresponseheaders]
+  Access-Control-Allow-Origin = "*"
+  Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
+  Access-Control-Allow-Credentials = "true"
+  Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
+  [frontends.subscribe.routes.one]
+  rule = "PathPrefixStrip: /subscribe/"
+
+# Transcription
+
+[backends.transcription]
+  [backends.transcription.servers.one]
+  url = "http://transcription"
+
+[frontends.transcription]
+backend = "transcription"
+entrypoints = ["http", "https"]
+  [frontends.transcription.auth.forward]
+  address = "http://auth:10205/auth"
+  [frontends.transcription.headers.customresponseheaders]
+  Access-Control-Allow-Origin = "*"
+  Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
+  Access-Control-Allow-Credentials = "true"
+  Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
+  [frontends.transcription.routes.one]
+  rule = "PathPrefixStrip: /transcription/"
+
+# Login
+
+[backends.login]
+  [backends.login.servers.one]
+  url = "http://login"
+
+[frontends.login]
+backend = "login"
+entrypoints = ["login", "login_https"]
+  [frontends.login.headers.customresponseheaders]
+  Access-Control-Allow-Origin = "*"
+  Access-Control-Allow-Headers = "Content-Type, Authorization"
+  Access-Control-Allow-Credentials = "true"
+  Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
+  [frontends.login.routes.one]
+  rule = "PathPrefixStrip: /"