Skip to content

Commit

Permalink
Merge pull request #728 from IntersectMBO/fix/715-dev-environment-loa…
Browse files Browse the repository at this point in the history 
…d-balancing-and-routing-issue

[#715] Dev environment load balancing and routing issue
  • Loading branch information
@placek
placek authored Apr 16, 2024
2 parents 94d1a53 + aaecda0 commit cc64e97
Show file tree
Hide file tree
Showing 3 changed files with 66 additions and 57 deletions.
2 changes: 1 addition & 1 deletion scripts/govtool/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ include config.mk
.DEFAULT_GOAL := info

# image tags
cardano_node_image_tag := 8.9.0
cardano_node_image_tag := 8.10.0-pre
cardano_db_sync_image_tag := sancho-4.1.0

.PHONY: all
Expand Down
2 changes: 1 addition & 1 deletion scripts/govtool/config.mk
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ $(output_dirs):
mkdir -p $@

$(docker_compose_file): $(template_config_dir)/docker-compose.yml.tpl $(target_config_dir)/
if [[ "$(env)" == "dev" ]]; then CSP_ALLOWED_HOSTS=",http://localhost"; else CSP_ALLOWED_HOSTS=; fi; \
if [[ "$(env)" == "dev" ]]; then CSP_ALLOWED_HOSTS=",http://localhost,http://localhost:5173"; else CSP_ALLOWED_HOSTS=; fi; \
sed -e "s|<DOMAIN>|$(domain)|g" \
-e "s|<DOCKER_USER>|$(docker_user)|g" \
-e "s|<REPO_URL>|$(repo_url)|g" \
Expand Down
119 changes: 64 additions & 55 deletions scripts/govtool/config/templates/docker-compose.yml.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ version: "3.9"

services:
traefik:
image: traefik:v2.10
image: traefik:v3.0
command:
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
Expand Down Expand Up @@ -32,9 +32,9 @@ services:
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
- "traefik.http.routers.to-http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.to-http-catchall.entrypoints=web"
- "traefik.http.routers.to-http-catchall.middlewares=redirect-to-https"

loki:
image: grafana/loki:2.9.4
Expand Down Expand Up @@ -79,26 +79,11 @@ services:
logging: *logging
labels:
- "traefik.enable=true"
- "traefik.http.routers.grafana.rule=Host(`<DOMAIN>`) && PathPrefix(`/grafana`)"
- "traefik.http.routers.grafana.entrypoints=websecure"
- "traefik.http.routers.grafana.tls.certresolver=myresolver"
- "traefik.http.routers.to-grafana.rule=Host(`<DOMAIN>`) && PathPrefix(`/grafana`)"
- "traefik.http.routers.to-grafana.entrypoints=websecure"
- "traefik.http.routers.to-grafana.tls.certresolver=myresolver"
- "traefik.http.services.grafana.loadbalancer.server.port=3000"

status-service:
build:
context: ../../govtool/status-service
environment:
- GRAFANA_USERNAME=admin
- GRAFANA_PASSWORD=${GRAFANA_ADMIN_PASSWORD}
restart: always
logging: *logging
labels:
- "traefik.enable=true"
- "traefik.http.routers.status-service.rule=Host(`<DOMAIN>`) && PathPrefix(`/status`)"
- "traefik.http.routers.status-service.entrypoints=websecure"
- "traefik.http.routers.status-service.tls.certresolver=myresolver"
- "traefik.http.services.status-service.loadbalancer.server.port=8000"

postgres:
image: postgres:15-alpine
environment:
Expand Down Expand Up @@ -182,6 +167,50 @@ services:
restart: always
logging: *logging

status-service:
build:
context: ../../govtool/status-service
environment:
- GRAFANA_USERNAME=admin
- GRAFANA_PASSWORD=${GRAFANA_ADMIN_PASSWORD}
restart: always
logging: *logging
labels:
- "traefik.enable=true"
- "traefik.http.routers.to-status-service.rule=Host(`<DOMAIN>`) && PathPrefix(`/status`)"
- "traefik.http.routers.to-status-service.entrypoints=websecure"
- "traefik.http.routers.to-status-service.tls.certresolver=myresolver"
- "traefik.http.services.status-service.loadbalancer.server.port=8000"

metadata-validation:
build:
context: ../../govtool/metadata-validation
environment:
- PORT=3000
logging: *logging
restart: always
healthcheck:
test: ["CMD-SHELL", "curl -f 127.0.0.1:3000/health || exit 1"]
interval: 5s
timeout: 5s
retries: 5
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.metadata-validation-stripprefix.stripprefix.prefixes=/metadata-validation"
- "traefik.http.middlewares.metadata-validation-cors.headers.accesscontrolallowmethods=*"
- "traefik.http.middlewares.metadata-validation-cors.headers.accesscontrolallowheaders=*"
- "traefik.http.middlewares.metadata-validation-cors.headers.accesscontrolalloworiginlist=https://<DOMAIN><CSP_ALLOWED_HOSTS>"
- "traefik.http.middlewares.metadata-validation-cors.headers.accesscontrolmaxage=100"
- "traefik.http.routers.to-metadata-validation.rule=Host(`<DOMAIN>`) && PathPrefix(`/metadata-validation`)"
- "traefik.http.routers.to-metadata-validation.middlewares=metadata-validation-stripprefix@docker,metadata-validation-cors@docker"
- "traefik.http.routers.to-metadata-validation.entrypoints=websecure"
- "traefik.http.routers.to-metadata-validation.tls.certresolver=myresolver"
- "traefik.http.services.metadata-validation.loadbalancer.server.port=3000"
- "traefik.http.services.metadata-validation.loadbalancer.healthcheck.path=/health"
- "traefik.http.services.metadata-validation.loadbalancer.healthcheck.port=3000"
- "traefik.http.services.metadata-validation.loadbalancer.healthcheck.interval=10s"
- "traefik.http.services.metadata-validation.loadbalancer.healthcheck.timeout=5s"

backend:
image: <REPO_URL>/backend:${BACKEND_TAG}
command: /usr/local/bin/vva-be -c /run/secrets/backend-config.json start-app
Expand All @@ -196,42 +225,21 @@ services:
logging: *logging
labels:
- "traefik.enable=true"
- "traefik.http.routers.backend.rule=Host(`<DOMAIN>`) && PathPrefix(`/api`)"
- "traefik.http.middlewares.backend-stripprefix.stripprefix.prefixes=/api"
- "traefik.http.middlewares.backend-cors.headers.accesscontrolallowmethods=GET,HEAD,OPTIONS"
- "traefik.http.middlewares.backend-cors.headers.accesscontrolallowheaders=*"
- "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://<DOMAIN><CSP_ALLOWED_HOSTS>"
- "traefik.http.middlewares.backend-cors.headers.accesscontrolmaxage=100"
- "traefik.http.middlewares.backend-cors.headers.addvaryheader=true"
- "traefik.http.routers.backend.middlewares=backend-stripprefix@docker,backend-cors@docker"
- "traefik.http.routers.backend.entrypoints=websecure"
- "traefik.http.routers.backend.tls.certresolver=myresolver"
- "traefik.http.routers.to-backend.rule=Host(`<DOMAIN>`) && PathPrefix(`/api`)"
- "traefik.http.routers.to-backend.middlewares=backend-stripprefix@docker,backend-cors@docker"
- "traefik.http.routers.to-backend.entrypoints=websecure"
- "traefik.http.routers.to-backend.tls.certresolver=myresolver"
- "traefik.http.services.backend.loadbalancer.server.port=9876"

metadata-validation:
build:
context: ../../govtool/metadata-validation
environment:
- PORT=3000
logging: *logging
restart: always
healthcheck:
test: ["CMD-SHELL", "curl -f 127.0.0.1:3000/health || exit 1"]
interval: 5s
timeout: 5s
retries: 5
labels:
- "traefik.enable=true"
- "traefik.http.routers.metadata-validation.rule=Host(`<DOMAIN>`) && PathPrefix(`/metadata-validation`)"
- "traefik.http.middlewares.metadata-validation-stripprefix.stripprefix.prefixes=/metadata-validation"
- "traefik.http.routers.metadata-validation.middlewares=metadata-validation-stripprefix@docker"
- "traefik.http.middlewares.backend-cors.headers.accesscontrolallowmethods=*"
- "traefik.http.middlewares.backend-cors.headers.accesscontrolallowheaders=*"
- "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://<DOMAIN><CSP_ALLOWED_HOSTS>"
- "traefik.http.middlewares.backend-cors.headers.accesscontrolmaxage=100"
- "traefik.http.routers.metadata-validation.entrypoints=websecure"
- "traefik.http.routers.metadata-validation.tls.certresolver=myresolver"
- "traefik.http.services.metadata-validation.loadbalancer.server.port=3000"
- "traefik.http.services.backend.loadbalancer.healthcheck.path=/epoch/params"
- "traefik.http.services.backend.loadbalancer.healthcheck.port=9876"
- "traefik.http.services.backend.loadbalancer.healthcheck.interval=10s"
- "traefik.http.services.backend.loadbalancer.healthcheck.timeout=5s"

frontend:
image: <REPO_URL>/frontend:${FRONTEND_TAG}
Expand All @@ -247,11 +255,12 @@ services:
logging: *logging
labels:
- "traefik.enable=true"
- "traefik.http.routers.frontend.rule=Host(`<DOMAIN>`)"
- "traefik.http.routers.frontend.entrypoints=websecure"
- "traefik.http.routers.frontend.tls.certresolver=myresolver"
- "traefik.http.middlewares.frontend-csp.headers.contentSecurityPolicy=default-src 'self'; img-src *.usersnap.com https://www.googletagmanager.com 'self' data:; script-src *.usersnap.com 'self' 'unsafe-inline' https://www.googletagmanager.com https://browser.sentry-cdn.com; style-src *.usersnap.com *.googleapis.com 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *.usersnap.com https://s3.eu-central-1.amazonaws.com/upload.usersnap.com 'self' o4506155985141760.ingest.sentry.io *.google-analytics.com; font-src *.usersnap.com *.gstatic.com 'self' 'unsafe-inline' https://fonts.gstatic.com; worker-src blob:"
- "traefik.http.routers.frontend.middlewares=frontend-csp@docker"
- "traefik.http.routers.to-frontend.rule=Host(`<DOMAIN>`)"
- "traefik.http.routers.to-frontend.entrypoints=websecure"
- "traefik.http.routers.to-frontend.tls.certresolver=myresolver"
- "traefik.http.routers.to-frontend.middlewares=frontend-csp@docker"
- "traefik.http.routers.to-frontend.priority=1"
- "traefik.http.services.frontend.loadbalancer.server.port=80"

secrets:
Expand Down

0 comments on commit cc64e97

Please sign in to comment.