Merge branch 'master' of makerforce.io:beep/backend
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/push Build is failing
Details
commit
c150719a01
54
.drone.yml
54
.drone.yml
|
@ -343,10 +343,56 @@ name: deploy
|
||||||
clone:
|
clone:
|
||||||
depth: 1
|
depth: 1
|
||||||
steps:
|
steps:
|
||||||
- name: nop
|
- name: submodule
|
||||||
image: 'alpine:3.8'
|
image: plugins/git
|
||||||
commands:
|
settings:
|
||||||
- echo nop
|
recursive: true
|
||||||
|
submodule_override:
|
||||||
|
backend-auth: 'https://git.makerforce.io/beep/backend-auth.git'
|
||||||
|
backend-bite: 'https://git.makerforce.io/beep/backend-bite.git'
|
||||||
|
backend-core: 'https://git.makerforce.io/beep/backend-core.git'
|
||||||
|
backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git'
|
||||||
|
backend-login: 'https://git.makerforce.io/beep/backend-login.git'
|
||||||
|
backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git'
|
||||||
|
backend-publish: 'https://git.makerforce.io/beep/backend-publish.git'
|
||||||
|
backend-signal: 'https://git.makerforce.io/beep/backend-signal.git'
|
||||||
|
backend-store: 'https://git.makerforce.io/beep/backend-store.git'
|
||||||
|
backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git'
|
||||||
|
backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git'
|
||||||
|
- name: copy-docker-compose
|
||||||
|
image: appleboy/drone-scp
|
||||||
|
settings:
|
||||||
|
host: staging.beepvoice.app
|
||||||
|
username: core
|
||||||
|
ssh_key:
|
||||||
|
from_secret: ssh_key
|
||||||
|
source:
|
||||||
|
- docker-compose.staging.yml
|
||||||
|
target: /home/core/staging
|
||||||
|
- name: copy-migrations
|
||||||
|
image: appleboy/drone-scp
|
||||||
|
settings:
|
||||||
|
host: staging.beepvoice.app
|
||||||
|
username: core
|
||||||
|
ssh_key:
|
||||||
|
from_secret: ssh_key
|
||||||
|
source:
|
||||||
|
- backend-core/postgres/*
|
||||||
|
target: /home/core/staging/backend-core/postgres
|
||||||
|
- name: docker-compose-up
|
||||||
|
image: appleboy/drone-ssh
|
||||||
|
settings:
|
||||||
|
host: staging.beepvoice.app
|
||||||
|
username: core
|
||||||
|
ssh_key:
|
||||||
|
from_secret: ssh_key
|
||||||
|
script:
|
||||||
|
- >-
|
||||||
|
cd /home/core/staging && docker-compose -f docker-compose.staging.yml
|
||||||
|
pull
|
||||||
|
- >-
|
||||||
|
cd /home/core/staging && docker-compose -f docker-compose.staging.yml
|
||||||
|
up -d
|
||||||
depends_on:
|
depends_on:
|
||||||
- backend-auth
|
- backend-auth
|
||||||
- backend-bite
|
- backend-bite
|
||||||
|
|
|
@ -93,3 +93,6 @@ URL: `<base-url>/transcription`
|
||||||
`transcription` takes the raw audio data, packages it and then sends it to the [Google Cloud Speech-to-Text](https://cloud.google.com/speech-to-text/). Sends the transcripted result to `store` to be stored. Handles HTTP requests to retrieve transcriptions too.
|
`transcription` takes the raw audio data, packages it and then sends it to the [Google Cloud Speech-to-Text](https://cloud.google.com/speech-to-text/). Sends the transcripted result to `store` to be stored. Handles HTTP requests to retrieve transcriptions too.
|
||||||
|
|
||||||
`transcription` relies on a running `nats` instance. Is insecure if not behind `traefik` calling `auth`.
|
`transcription` relies on a running `nats` instance. Is insecure if not behind `traefik` calling `auth`.
|
||||||
|
|
||||||
|
## Staging
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,190 @@
|
||||||
|
#
|
||||||
|
# Deployment
|
||||||
|
#
|
||||||
|
# Requirements
|
||||||
|
# ./traefik.staging.toml
|
||||||
|
# ./backend-core/postgres
|
||||||
|
#
|
||||||
|
|
||||||
|
version: "3"
|
||||||
|
services:
|
||||||
|
|
||||||
|
traefik:
|
||||||
|
image: traefik
|
||||||
|
command: --configfile=/traefik.toml
|
||||||
|
depends_on:
|
||||||
|
- core
|
||||||
|
- signal
|
||||||
|
- heartbeat
|
||||||
|
- bite
|
||||||
|
- publish
|
||||||
|
- subscribe
|
||||||
|
- transcription
|
||||||
|
- auth
|
||||||
|
ports:
|
||||||
|
- "80:80"
|
||||||
|
- "443:443"
|
||||||
|
- "1837:1837"
|
||||||
|
- "8080:8080"
|
||||||
|
volumes:
|
||||||
|
- ./traefik.staging.toml:/traefik.toml:ro
|
||||||
|
networks:
|
||||||
|
- traefiknet
|
||||||
|
- authnet
|
||||||
|
|
||||||
|
pg:
|
||||||
|
image: postgres:10.3
|
||||||
|
environment:
|
||||||
|
- POSTGRES_USER=root
|
||||||
|
- POSTGRES_PASSWORD=
|
||||||
|
- POSTGRES_DB=core
|
||||||
|
ports:
|
||||||
|
- "5432:5432" # Close this for production
|
||||||
|
volumes:
|
||||||
|
- ./backend-core/postgres:/docker-entrypoint-initdb.d:ro
|
||||||
|
networks:
|
||||||
|
- pgnet
|
||||||
|
|
||||||
|
nats:
|
||||||
|
image: nats:latest
|
||||||
|
ports: # Close these for production
|
||||||
|
- "4222:4222"
|
||||||
|
- "6222:6222"
|
||||||
|
- "8222:8222"
|
||||||
|
networks:
|
||||||
|
- natsnet
|
||||||
|
|
||||||
|
redis:
|
||||||
|
image: redis:latest
|
||||||
|
ports:
|
||||||
|
- "6379:6379" # Close this for production
|
||||||
|
networks:
|
||||||
|
- redisnet
|
||||||
|
|
||||||
|
core:
|
||||||
|
image: registry.makerforce.io/beep/backend-core:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
depends_on:
|
||||||
|
- pg
|
||||||
|
environment:
|
||||||
|
- LISTEN=:80
|
||||||
|
- POSTGRES=postgresql://root@pg:5432/core?sslmode=disable
|
||||||
|
networks:
|
||||||
|
- pgnet
|
||||||
|
- traefiknet
|
||||||
|
|
||||||
|
signal:
|
||||||
|
image: registry.makerforce.io/beep/backend-signal:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
environment:
|
||||||
|
- PORT=80
|
||||||
|
networks:
|
||||||
|
- traefiknet
|
||||||
|
|
||||||
|
heartbeat:
|
||||||
|
image: registry.makerforce.io/beep/backend-heartbeat:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
depends_on:
|
||||||
|
- redis
|
||||||
|
environment:
|
||||||
|
- LISTEN=:80
|
||||||
|
- REDIS=redis:6379
|
||||||
|
networks:
|
||||||
|
- redisnet
|
||||||
|
- traefiknet
|
||||||
|
|
||||||
|
login:
|
||||||
|
image: registry.makerforce.io/beep/backend-login:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
environment:
|
||||||
|
- LISTEN=:80
|
||||||
|
- SECRET=secret
|
||||||
|
- POSTGRES=postgresql://root@pg:5432/core?sslmode=disable
|
||||||
|
- REDIS=redis:6379
|
||||||
|
- TTL=120s
|
||||||
|
- MESSAGING_SID=MG19d18fafcff1f3f34dff04c5b04c0699
|
||||||
|
- TWILIO_SID=AC22ea3eea85e5108a96b947aea8ab1320
|
||||||
|
- TWILIO_TOKEN=fb23fa1a1564aa9f62a7a3117f07b3a0
|
||||||
|
networks:
|
||||||
|
- traefiknet
|
||||||
|
- redisnet
|
||||||
|
- pgnet
|
||||||
|
|
||||||
|
auth:
|
||||||
|
image: registry.makerforce.io/beep/backend-auth:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
environment:
|
||||||
|
- LISTEN=0.0.0.0:10205
|
||||||
|
- SECRET=secret
|
||||||
|
ports:
|
||||||
|
- "10205:10205" # Remove this for production
|
||||||
|
networks:
|
||||||
|
- authnet
|
||||||
|
|
||||||
|
bite:
|
||||||
|
image: registry.makerforce.io/beep/backend-bite:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
depends_on:
|
||||||
|
- nats
|
||||||
|
environment:
|
||||||
|
- LISTEN=:80
|
||||||
|
- NATS=nats://nats:4222
|
||||||
|
networks:
|
||||||
|
- natsnet
|
||||||
|
- traefiknet
|
||||||
|
|
||||||
|
publish:
|
||||||
|
image: registry.makerforce.io/beep/backend-publish:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
depends_on:
|
||||||
|
- nats
|
||||||
|
environment:
|
||||||
|
- LISTEN=:80
|
||||||
|
- NATS=nats://nats:4222
|
||||||
|
- SECRET=secret
|
||||||
|
networks:
|
||||||
|
- natsnet
|
||||||
|
- traefiknet
|
||||||
|
|
||||||
|
store:
|
||||||
|
image: registry.makerforce.io/beep/backend-store:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
depends_on:
|
||||||
|
- nats
|
||||||
|
environment:
|
||||||
|
- NATS=nats://nats:4222
|
||||||
|
- DBPATH=/tmp/badger
|
||||||
|
networks:
|
||||||
|
- natsnet
|
||||||
|
|
||||||
|
subscribe:
|
||||||
|
image: registry.makerforce.io/beep/backend-subscribe:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
depends_on:
|
||||||
|
- nats
|
||||||
|
environment:
|
||||||
|
- LISTEN=:80
|
||||||
|
- NATS=nats://nats:4222
|
||||||
|
networks:
|
||||||
|
- natsnet
|
||||||
|
- traefiknet
|
||||||
|
|
||||||
|
transcription:
|
||||||
|
image: registry.makerforce.io/beep/backend-transcription:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
depends_on:
|
||||||
|
- nats
|
||||||
|
environment:
|
||||||
|
- LISTEN=:80
|
||||||
|
- NATS=nats://nats:4222
|
||||||
|
- API_KEY=AIzaSyDxSXDefzw9gXCQaVzOCYlRn_vcC9Da9Q0
|
||||||
|
networks:
|
||||||
|
- natsnet
|
||||||
|
- traefiknet
|
||||||
|
|
||||||
|
networks:
|
||||||
|
authnet:
|
||||||
|
pgnet:
|
||||||
|
natsnet:
|
||||||
|
redisnet:
|
||||||
|
traefiknet:
|
56
drone_gen.js
56
drone_gen.js
|
@ -59,11 +59,57 @@ const deploy = {
|
||||||
},
|
},
|
||||||
steps: [
|
steps: [
|
||||||
{
|
{
|
||||||
name: 'nop',
|
name: 'submodule',
|
||||||
image: 'alpine:3.8',
|
image: 'plugins/git',
|
||||||
commands: [
|
settings: {
|
||||||
'echo nop',
|
recursive: true,
|
||||||
],
|
submodule_override,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: 'copy-docker-compose',
|
||||||
|
image: 'appleboy/drone-scp',
|
||||||
|
settings: {
|
||||||
|
host: 'staging.beepvoice.app',
|
||||||
|
username: 'core',
|
||||||
|
ssh_key: {
|
||||||
|
from_secret: 'ssh_key',
|
||||||
|
},
|
||||||
|
source: [
|
||||||
|
'docker-compose.staging.yml',
|
||||||
|
],
|
||||||
|
target: '/home/core/staging',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: 'copy-migrations',
|
||||||
|
image: 'appleboy/drone-scp',
|
||||||
|
settings: {
|
||||||
|
host: 'staging.beepvoice.app',
|
||||||
|
username: 'core',
|
||||||
|
ssh_key: {
|
||||||
|
from_secret: 'ssh_key',
|
||||||
|
},
|
||||||
|
source: [
|
||||||
|
'backend-core/postgres/*',
|
||||||
|
],
|
||||||
|
target: '/home/core/staging/backend-core/postgres',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: 'docker-compose-up',
|
||||||
|
image: 'appleboy/drone-ssh',
|
||||||
|
settings: {
|
||||||
|
host: 'staging.beepvoice.app',
|
||||||
|
username: 'core',
|
||||||
|
ssh_key: {
|
||||||
|
from_secret: 'ssh_key',
|
||||||
|
},
|
||||||
|
script: [
|
||||||
|
'cd /home/core/staging && docker-compose -f docker-compose.staging.yml pull',
|
||||||
|
'cd /home/core/staging && docker-compose -f docker-compose.staging.yml up -d',
|
||||||
|
],
|
||||||
|
},
|
||||||
},
|
},
|
||||||
],
|
],
|
||||||
depends_on: dockers,
|
depends_on: dockers,
|
||||||
|
|
|
@ -0,0 +1,183 @@
|
||||||
|
# staging
|
||||||
|
|
||||||
|
[api]
|
||||||
|
|
||||||
|
dashboard = false
|
||||||
|
|
||||||
|
[acme]
|
||||||
|
|
||||||
|
email = "letsencrypt+alpha@beepvoice.app"
|
||||||
|
caServer = "https://acme-v02.api.letsencrypt.org/directory"
|
||||||
|
acmeLogging = true
|
||||||
|
storage = "acme-staging.json"
|
||||||
|
onHostRule = true
|
||||||
|
entryPoint = "https"
|
||||||
|
[acme.httpChallenge]
|
||||||
|
entryPoint = "http"
|
||||||
|
|
||||||
|
# funny, this doesn't work...
|
||||||
|
defaultEntryPoints = ["http", "https"]
|
||||||
|
|
||||||
|
[entryPoints]
|
||||||
|
|
||||||
|
[entryPoints.http]
|
||||||
|
address = ":80"
|
||||||
|
[entryPoints.http.redirect]
|
||||||
|
entryPoint = "https"
|
||||||
|
[entryPoints.https]
|
||||||
|
address = ":443"
|
||||||
|
[entryPoints.https.tls]
|
||||||
|
[entryPoints.traefik]
|
||||||
|
address = ":8080"
|
||||||
|
|
||||||
|
[file]
|
||||||
|
|
||||||
|
# Core
|
||||||
|
|
||||||
|
[backends.core]
|
||||||
|
[backends.core.servers.one]
|
||||||
|
url = "http://core"
|
||||||
|
|
||||||
|
[frontends.core]
|
||||||
|
backend = "core"
|
||||||
|
entrypoints = ["http", "https"]
|
||||||
|
[frontends.core.auth.forward]
|
||||||
|
address = "http://auth:10205/auth"
|
||||||
|
[frontends.core.headers.customresponseheaders]
|
||||||
|
Access-Control-Allow-Origin = "*"
|
||||||
|
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||||
|
Access-Control-Allow-Credentials = "true"
|
||||||
|
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||||
|
[frontends.core.routes.one]
|
||||||
|
rule = "PathPrefixStrip: /core/"
|
||||||
|
|
||||||
|
# Signal
|
||||||
|
|
||||||
|
[backends.signal]
|
||||||
|
[backends.signal.servers.one]
|
||||||
|
url = "http://signal"
|
||||||
|
|
||||||
|
[frontends.signal]
|
||||||
|
backend = "signal"
|
||||||
|
entrypoints = ["http", "https"]
|
||||||
|
[frontends.signal.auth.forward]
|
||||||
|
address = "http://auth:10205/auth"
|
||||||
|
[frontends.signal.headers.customresponseheaders]
|
||||||
|
Access-Control-Allow-Origin = "*"
|
||||||
|
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||||
|
Access-Control-Allow-Credentials = "true"
|
||||||
|
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||||
|
[frontends.signal.routes.one]
|
||||||
|
rule = "PathPrefixStrip: /signal/"
|
||||||
|
|
||||||
|
# Heartbeat
|
||||||
|
|
||||||
|
[backends.heartbeat]
|
||||||
|
[backends.heartbeat.servers.one]
|
||||||
|
url = "http://heartbeat"
|
||||||
|
|
||||||
|
[frontends.heartbeat]
|
||||||
|
backend = "heartbeat"
|
||||||
|
entrypoints = ["http", "https"]
|
||||||
|
[frontends.heartbeat.auth.forward]
|
||||||
|
address = "http://auth:10205/auth"
|
||||||
|
[frontends.heartbeat.headers.customresponseheaders]
|
||||||
|
Access-Control-Allow-Origin = "*"
|
||||||
|
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||||
|
Access-Control-Allow-Credentials = "true"
|
||||||
|
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||||
|
[frontends.heartbeat.routes.one]
|
||||||
|
rule = "PathPrefixStrip: /heartbeat/"
|
||||||
|
|
||||||
|
# Bite
|
||||||
|
|
||||||
|
[backends.bite]
|
||||||
|
[backends.bite.servers.one]
|
||||||
|
url = "http://bite"
|
||||||
|
|
||||||
|
[frontends.bite]
|
||||||
|
backend = "bite"
|
||||||
|
entrypoints = ["http", "https"]
|
||||||
|
[frontends.bite.auth.forward]
|
||||||
|
address = "http://auth:10205/auth"
|
||||||
|
[frontends.bite.headers.customresponseheaders]
|
||||||
|
Access-Control-Allow-Origin = "*"
|
||||||
|
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||||
|
Access-Control-Allow-Credentials = "true"
|
||||||
|
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||||
|
[frontends.bite.routes.one]
|
||||||
|
rule = "PathPrefixStrip: /bite/"
|
||||||
|
|
||||||
|
# Publish
|
||||||
|
|
||||||
|
[backends.publish]
|
||||||
|
[backends.publish.servers.one]
|
||||||
|
url = "http://publish"
|
||||||
|
|
||||||
|
[frontends.publish]
|
||||||
|
backend = "publish"
|
||||||
|
entrypoints = ["http", "https"]
|
||||||
|
[frontends.publish.auth.forward]
|
||||||
|
address = "http://auth:10205/auth"
|
||||||
|
[frontends.publish.headers.customresponseheaders]
|
||||||
|
Access-Control-Allow-Origin = "*"
|
||||||
|
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||||
|
Access-Control-Allow-Credentials = "true"
|
||||||
|
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||||
|
[frontends.publish.routes.one]
|
||||||
|
rule = "PathPrefixStrip: /publish/"
|
||||||
|
|
||||||
|
# Subscribe
|
||||||
|
|
||||||
|
[backends.subscribe]
|
||||||
|
[backends.subscribe.servers.one]
|
||||||
|
url = "http://subscribe"
|
||||||
|
|
||||||
|
[frontends.subscribe]
|
||||||
|
backend = "subscribe"
|
||||||
|
entrypoints = ["http", "https"]
|
||||||
|
[frontends.subscribe.auth.forward]
|
||||||
|
address = "http://auth:10205/auth"
|
||||||
|
[frontends.subscribe.headers.customresponseheaders]
|
||||||
|
Access-Control-Allow-Origin = "*"
|
||||||
|
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||||
|
Access-Control-Allow-Credentials = "true"
|
||||||
|
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||||
|
[frontends.subscribe.routes.one]
|
||||||
|
rule = "PathPrefixStrip: /subscribe/"
|
||||||
|
|
||||||
|
# Transcription
|
||||||
|
|
||||||
|
[backends.transcription]
|
||||||
|
[backends.transcription.servers.one]
|
||||||
|
url = "http://transcription"
|
||||||
|
|
||||||
|
[frontends.transcription]
|
||||||
|
backend = "transcription"
|
||||||
|
entrypoints = ["http", "https"]
|
||||||
|
[frontends.transcription.auth.forward]
|
||||||
|
address = "http://auth:10205/auth"
|
||||||
|
[frontends.transcription.headers.customresponseheaders]
|
||||||
|
Access-Control-Allow-Origin = "*"
|
||||||
|
Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim"
|
||||||
|
Access-Control-Allow-Credentials = "true"
|
||||||
|
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||||
|
[frontends.transcription.routes.one]
|
||||||
|
rule = "PathPrefixStrip: /transcription/"
|
||||||
|
|
||||||
|
# Login
|
||||||
|
|
||||||
|
[backends.login]
|
||||||
|
[backends.login.servers.one]
|
||||||
|
url = "http://login"
|
||||||
|
|
||||||
|
[frontends.login]
|
||||||
|
backend = "login"
|
||||||
|
entrypoints = ["login", "login_https"]
|
||||||
|
[frontends.login.headers.customresponseheaders]
|
||||||
|
Access-Control-Allow-Origin = "*"
|
||||||
|
Access-Control-Allow-Headers = "Content-Type, Authorization"
|
||||||
|
Access-Control-Allow-Credentials = "true"
|
||||||
|
Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE"
|
||||||
|
[frontends.login.routes.one]
|
||||||
|
rule = "PathPrefixStrip: /"
|
Loading…
Reference in New Issue