MAGICGrants/strapi
1
0
Fork 0
mirror of https://github.com/MAGICGrants/strapi.git synced 2026-01-09 20:57:56 -05:00
Code Issues Packages Projects Releases Wiki Activity

chore: setup deploy

Browse Source
This commit is contained in:
Artur
2024-11-28 18:13:56 -03:00
parent af841993e7
commit b50111d863
11 changed files with 3165 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.dockerignore Normal file
View File

@@ -0,0 +1,8 @@
.tmp/
.cache/
.git/
build/
node_modules/
.env
data/
backup/

41
.github/workflows/deploy.yml vendored Normal file
View File

@@ -0,0 +1,41 @@
name: Deploy app to donate.magicgrants.org
on:
push:
branches:
- main
jobs:
deploy:
runs-on: ubuntu-latest
environment: main
steps:
- uses: actions/checkout@v4
- uses: webfactory/ssh-agent@v0.9.0
with:
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
- name: Deploy
run: |
ssh -o StrictHostKeyChecking=no ${{ secrets.VPS_USER }}@${{ secrets.VPS_IP }} << 'EOF'
export HISTFILE=/dev/null
cd strapi
echo "Pulling changes..."
git pull
echo "Building and starting..."
APP_KEYS=${{ secrets.APP_KEYS }} \
API_TOKEN_SALT=${{ secrets.API_TOKEN_SALT }} \
JWT_SECRET=${{ secrets.JWT_SECRET }} \
ADMIN_JWT_SECRET=${{ secrets.ADMIN_JWT_SECRET }} \
TRANSFER_TOKEN_SALT=${{ secrets.TRANSFER_TOKEN_SALT }} \
DATABASE_PASSWORD=${{ secrets.DATABASE_PASSWORD }} \
AWS_ACCESS_KEY_ID: ${ secrets.AWS_ACCESS_KEY_ID } \
AWS_ACCESS_SECRET: ${ secrets.AWS_ACCESS_SECRET } \
AWS_REGION: ${{ secrets.AWS_REGION }} \
AWS_BUCKET: ${{ secrets.AWS_BUCKET }} \
CDN_URL: ${{ secrets.CDN_URL }} \
CDN_ROOT_PATH: ${{ secrets.CDN_ROOT_PATH }} \
CLOUDFLARE_TUNNEL_TOKEN=${{ secrets.CLOUDFLARE_TUNNEL_TOKEN }} \
docker compose -f docker-compose.prod.yml up -d --build
EOF

29
Dockerfile Normal file
View File

@@ -0,0 +1,29 @@
# Creating multi-stage build for production
FROM node:20-alpine as build
RUN apk update && apk add --no-cache build-base gcc autoconf automake zlib-dev libpng-dev vips-dev > /dev/null 2>&1
ARG NODE_ENV=production
ENV NODE_ENV=${NODE_ENV}
WORKDIR /opt/
COPY package.json package-lock.json ./
RUN npm config set fetch-retry-maxtimeout 600000 -g && npm install --only=production
ENV PATH /opt/node_modules/.bin:$PATH
WORKDIR /opt/app
COPY . .
RUN npm run build
# Creating final production image
FROM node:20-alpine
RUN apk add --no-cache vips-dev
ARG NODE_ENV=production
ENV NODE_ENV=${NODE_ENV}
WORKDIR /opt/
COPY --from=build /opt/node_modules ./node_modules
WORKDIR /opt/app
COPY --from=build /opt/app ./
ENV PATH /opt/node_modules/.bin:$PATH
RUN chown -R node:node /opt/app
USER node
EXPOSE 1337
CMD ["npm", "run", "start"]

13
config/env/development/database.ts vendored Normal file
View File

@@ -0,0 +1,13 @@
export default ({ env }) => ({
connection: {
client: 'postgres',
connection: {
host: env('DATABASE_HOST', 'localhost'),
port: env.int('DATABASE_PORT', 5432),
database: env('DATABASE_NAME', 'strapi'),
user: env('DATABASE_USERNAME', 'strapi'),
password: env('DATABASE_PASSWORD', 'strapi'),
ssl: env.bool('DATABASE_SSL', false)
}
}
});

13
config/env/production/database.ts vendored Normal file
View File

@@ -0,0 +1,13 @@
export default ({ env }) => ({
connection: {
client: 'postgres',
connection: {
host: env('DATABASE_HOST', 'localhost'),
port: env.int('DATABASE_PORT', 5432),
database: env('DATABASE_NAME', 'strapi'),
user: env('DATABASE_USERNAME', 'strapi'),
password: env('DATABASE_PASSWORD', 'strapi'),
ssl: env.bool('DATABASE_SSL', false)
}
}
});

48
config/middlewares.ts
View File

@@ -1,12 +1,38 @@
export default [
'strapi::logger',
'strapi::errors',
'strapi::security',
'strapi::cors',
'strapi::poweredBy',
'strapi::query',
'strapi::body',
'strapi::session',
'strapi::favicon',
'strapi::public',
export default ({ env }) => [
"strapi::logger",
"strapi::errors",
"strapi::security",
"strapi::cors",
"strapi::poweredBy",
"strapi::query",
"strapi::body",
"strapi::session",
"strapi::favicon",
"strapi::public",
{
name: "strapi::security",
config: {
contentSecurityPolicy: {
useDefaults: true,
directives: {
"connect-src": ["'self'", "https:"],
"img-src": [
"'self'",
"data:",
"blob:",
"market-assets.strapi.io",
`${env("AWS_BUCKET")}.s3.${env("AWS_REGION")}.amazonaws.com`,
],
"media-src": [
"'self'",
"data:",
"blob:",
"market-assets.strapi.io",
`${env("AWS_BUCKET")}.s3.${env("AWS_REGION")}.amazonaws.com`,
],
upgradeInsecureRequests: null,
},
},
},
},
];

28
config/plugins.ts
View File

@@ -1 +1,27 @@
export default () => ({});
export default ({ env }) => ({
// ...
upload: {
config: {
provider: "aws-s3",
providerOptions: {
baseUrl: env("CDN_URL"),
rootPath: env("CDN_ROOT_PATH"),
s3Options: {
accessKeyId: env("AWS_ACCESS_KEY_ID"),
secretAccessKey: env("AWS_ACCESS_SECRET"),
region: env("AWS_REGION"),
params: {
ACL: env("AWS_ACL", "private"),
signedUrlExpires: env("AWS_SIGNED_URL_EXPIRES", 15 * 60),
Bucket: env("AWS_BUCKET"),
},
},
},
actionOptions: {
upload: {},
uploadStream: {},
delete: {},
},
},
},
});

68
docker-compose.prod.yml Normal file
View File

@@ -0,0 +1,68 @@
services:
cloudflared:
image: cloudflare/cloudflared:latest
container_name: cloudflared
restart: unless-stopped
command: tunnel --no-autoupdate run
environment:
TUNNEL_TOKEN: ${CLOUDFLARE_TUNNEL_TOKEN}
REAL_IP_HEADER: Cf-Connecting-Ip
depends_on:
- nginx
nginx:
image: nginx:1
container_name: nginx
restart: unless-stopped
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
depends_on:
- strapi
strapi:
container_name: strapi
build:
context: .
dockerfile: Dockerfile
restart: unless-stopped
environment:
NODE_ENV: production
DATABASE_CLIENT: postgres
DATABASE_HOST: postgres
DATABASE_PORT: 5432
DATABASE_NAME: strapi
DATABASE_USERNAME: strapi
DATABASE_PASSWORD: ${DATABASE_PASSWORD}
APP_KEYS: ${APP_KEYS}
JWT_SECRET: ${JWT_SECRET}
API_TOKEN_SALT: ${API_TOKEN_SALT}
TRANSFER_TOKEN_SALT: ${TRANSFER_TOKEN_SALT}
ADMIN_JWT_SECRET: ${ADMIN_JWT_SECRET}
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}
AWS_ACCESS_SECRET: ${AWS_ACCESS_SECRET}
AWS_REGION: ${AWS_REGION}
AWS_BUCKET: ${AWS_BUCKET}
CDN_URL: ${CDN_URL}
CDN_ROOT_PATH: ${CDN_ROOT_PATH}
volumes:
- ./config:/opt/app/config
- ./src:/opt/app/src
- ./package.json:/opt/package.json
- ./package-lock.json:/opt/package-lock.json
- ./public/uploads:/opt/app/public/uploads
depends_on:
- postgres
postgres:
container_name: strapi-postgres
image: postgres:16-alpine
restart: unless-stopped
environment:
POSTGRES_USER: strapi
POSTGRES_DB: strapi
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
volumes:
- "strapi_postgres_data:/var/lib/postgresql/data"
volumes:
postgres_data:

19
nginx.conf Normal file
View File

@@ -0,0 +1,19 @@
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name strapi.magicgrants.org;
location / {
proxy_pass http://strapi:1337;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
}
}
}

2932
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

3
package.json
View File

@@ -13,8 +13,9 @@
"dependencies": {
"@strapi/plugin-cloud": "^5.2.0",
"@strapi/plugin-users-permissions": "^5.2.0",
"@strapi/provider-upload-aws-s3": "^5.4.2",
"@strapi/strapi": "^5.2.0",
"pg": "^8.8.0",
"pg": "^8.13.1",
"react": "^18.0.0",
"react-dom": "^18.0.0",
"react-router-dom": "^6.0.0",