diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9f0ea99..44eea8f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,7 +23,7 @@ jobs: run: | wait_for_postgres() { echo "Waiting for PostgreSQL to be ready..." - while ! nix shell nixpkgs#postgresql_16 -c pg_isready -h localhost -p 15432 -U postgres; do + while ! nix shell nixpkgs#postgresql_16 -c pg_isready -h 127.0.0.1 -p 15432 -U postgres; do sleep 1 done echo "PostgreSQL is ready." @@ -31,10 +31,10 @@ jobs: wait_for_postgrest() { echo "Waiting for PostgREST to be live and ready..." - while ! curl -s -I "http://localhost:3001/live" | grep "OK"; do + while ! curl -s -I "http://127.0.0.1:3001/live" | grep "OK"; do sleep 1 done - while ! curl -s -I "http://localhost:3001/ready" | grep "OK"; do + while ! curl -s -I "http://127.0.0.1:3001/ready" | grep "OK"; do sleep 1 done echo "PostgREST is live and ready." diff --git a/flake.nix b/flake.nix index 16c72e7..5936647 100644 --- a/flake.nix +++ b/flake.nix @@ -14,6 +14,8 @@ ]; forAllSystems = nixpkgs.lib.genAttrs allSystems; + + dbUrl = user: "postgres://${user}@127.0.0.1:15432/archtika"; in { devShells = forAllSystems ( @@ -24,13 +26,13 @@ { api = pkgs.mkShell { packages = with pkgs; [ - postgresql_16 + postgresql postgrest ]; shellHook = '' - alias dbmate="${pkgs.dbmate}/bin/dbmate --no-dump-schema --url postgres://postgres@localhost:15432/archtika?sslmode=disable" + alias dbmate="${pkgs.dbmate}/bin/dbmate --no-dump-schema --url ${dbUrl "postgres"}?sslmode=disable" alias formatsql="${pkgs.pgformatter}/bin/pg_format -s 2 -f 2 -U 2 -i db/migrations/*.sql" - alias dbconnect="${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:15432/archtika" + alias dbconnect="${pkgs.postgresql_16}/bin/psql ${dbUrl "postgres"}" ''; }; web = pkgs.mkShell { @@ -65,19 +67,32 @@ { api = { type = "app"; - program = "${pkgs.writeShellScriptBin "api-setup" '' - JWT_SECRET=$(tr -dc 'A-Za-z0-9' < /dev/urandom | head -c64) - WEBSITE_MAX_STORAGE_SIZE=100 - WEBSITE_MAX_NUMBER_USER=3 + program = + let + settings = { + maxStorage = 100; + maxWebsites = 3; + }; + jwtSecret = "BMlgCY9fEzmf7jhQpNnxlS6TM8E6xk2vS08C3ukm5LM2aTooaF5PfxT3o2K9uKzq"; + in + "${pkgs.writeShellScriptBin "api-setup" '' + psql ${dbUrl "postgres"} \ + -c "ALTER DATABASE archtika SET \"app.jwt_secret\" TO '${jwtSecret}'" \ + -c "ALTER DATABASE archtika SET \"app.website_max_storage_size\" TO ${toString settings.maxStorage}" \ + -c "ALTER DATABASE archtika SET \"app.website_max_number_user\" TO ${toString settings.maxWebsites}" - ${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:15432/archtika -c "ALTER DATABASE archtika SET \"app.jwt_secret\" TO '$JWT_SECRET'" - ${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:15432/archtika -c "ALTER DATABASE archtika SET \"app.website_max_storage_size\" TO $WEBSITE_MAX_STORAGE_SIZE" - ${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:15432/archtika -c "ALTER DATABASE archtika SET \"app.website_max_number_user\" TO $WEBSITE_MAX_NUMBER_USER" + ${pkgs.dbmate}/bin/dbmate --no-dump-schema \ + --url ${dbUrl "postgres"}?sslmode=disable \ + --migrations-dir ${self.outPath}/rest-api/db/migrations up - ${pkgs.dbmate}/bin/dbmate --url postgres://postgres@localhost:15432/archtika?sslmode=disable --migrations-dir ${self.outPath}/rest-api/db/migrations up - - PGRST_ADMIN_SERVER_PORT=3001 PGRST_DB_SCHEMAS="api" PGRST_DB_ANON_ROLE="anon" PGRST_OPENAPI_MODE="ignore-privileges" PGRST_DB_URI="postgres://authenticator@localhost:15432/archtika" PGRST_JWT_SECRET="$JWT_SECRET" ${pkgs.postgrest}/bin/postgrest - ''}/bin/api-setup"; + PGRST_ADMIN_SERVER_PORT=3001 \ + PGRST_DB_SCHEMAS="api" \ + PGRST_DB_ANON_ROLE="anon" \ + PGRST_OPENAPI_MODE="ignore-privileges" \ + PGRST_DB_URI="${dbUrl "authenticator"}" \ + PGRST_JWT_SECRET="${jwtSecret}" \ + ${pkgs.postgrest}/bin/postgrest + ''}/bin/api-setup"; }; } ); diff --git a/nix/deploy/prod/default.nix b/nix/deploy/prod/default.nix index 0ac3906..69984d4 100644 --- a/nix/deploy/prod/default.nix +++ b/nix/deploy/prod/default.nix @@ -1,4 +1,7 @@ { pkgs, localArchtikaPackage, ... }: +let + domain = "demo.archtika.com"; +in { imports = [ ./hardware-configuration.nix @@ -6,19 +9,26 @@ ../../module.nix ]; - networking.hostName = "archtika-demo"; + networking.hostName = "archtika-qs"; services.archtika = { enable = true; package = localArchtikaPackage; - domain = "demo.archtika.com"; - acmeEmail = "thilo.hohlt@tutanota.com"; - dnsProvider = "porkbun"; - dnsEnvironmentFile = /var/lib/porkbun.env; + inherit domain; settings = { disableRegistration = true; - maxWebsiteStorageSize = 50; - maxUserWebsites = 2; + }; + }; + + security.acme = { + acceptTerms = true; + defaults.email = "thilo.hohlt@tutanota.com"; + certs."${domain}" = { + inherit domain; + extraDomainNames = [ "*.${domain}" ]; + dnsProvider = "porkbun"; + environmentFile = /var/lib/porkbun.env; + group = "nginx"; }; }; } diff --git a/nix/deploy/qs/default.nix b/nix/deploy/qs/default.nix index 8b2dcc4..06202df 100644 --- a/nix/deploy/qs/default.nix +++ b/nix/deploy/qs/default.nix @@ -17,8 +17,6 @@ in inherit domain; settings = { disableRegistration = true; - maxWebsiteStorageSize = 50; - maxUserWebsites = 2; }; }; diff --git a/nix/docker.nix b/nix/docker.nix index 4393df0..e7f8c31 100644 --- a/nix/docker.nix +++ b/nix/docker.nix @@ -26,7 +26,7 @@ pkgs.dockerTools.buildLayeredImage { contents = [ archtika entrypoint - pkgs.postgresql_16 + pkgs.postgresql pkgs.nginx pkgs.acme-sh pkgs.bash diff --git a/web-app/package.json b/web-app/package.json index 7f171a0..440c02c 100644 --- a/web-app/package.json +++ b/web-app/package.json @@ -11,7 +11,7 @@ "check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch", "lint": "prettier --check . && eslint .", "format": "prettier --write .", - "gents": "pg-to-ts generate -c postgres://postgres@localhost:15432/archtika -o src/lib/db-schema.ts -s internal --datesAsStrings" + "gents": "pg-to-ts generate -c postgres://postgres@127.0.0.1:15432/archtika -o src/lib/db-schema.ts -s internal --datesAsStrings" }, "devDependencies": { "@playwright/test": "1.47.0", diff --git a/web-app/playwright.config.ts b/web-app/playwright.config.ts index 1204801..b058fc4 100644 --- a/web-app/playwright.config.ts +++ b/web-app/playwright.config.ts @@ -3,10 +3,10 @@ import { type PlaywrightTestConfig, devices } from "@playwright/test"; const config: PlaywrightTestConfig = { webServer: { command: "npm run build && npm run preview", - url: "http://localhost:4173" + url: "http://127.0.0.1:4173" }, use: { - baseURL: "http://localhost:4173", + baseURL: "http://127.0.0.1:4173", video: "retain-on-failure" }, testDir: "./tests", diff --git a/web-app/src/lib/db-schema.ts b/web-app/src/lib/db-schema.ts index 798c35b..31619ff 100644 --- a/web-app/src/lib/db-schema.ts +++ b/web-app/src/lib/db-schema.ts @@ -5,7 +5,7 @@ * AUTO-GENERATED FILE - DO NOT EDIT! * * This file was automatically generated by pg-to-ts v.4.1.1 - * $ pg-to-ts generate -c postgres://username:password@localhost:15432/archtika -t article -t change_log -t collab -t docs_category -t footer -t header -t home -t media -t settings -t user -t website -s internal + * $ pg-to-ts generate -c postgres://username:password@127.0.0.1:15432/archtika -t article -t change_log -t collab -t docs_category -t footer -t header -t home -t media -t settings -t user -t website -s internal * */ diff --git a/web-app/src/lib/server/utils.ts b/web-app/src/lib/server/utils.ts index c5b41d4..ab555be 100644 --- a/web-app/src/lib/server/utils.ts +++ b/web-app/src/lib/server/utils.ts @@ -1,8 +1,8 @@ import { dev } from "$app/environment"; export const API_BASE_PREFIX = dev - ? "http://localhost:3000" - : `${process.env.ORIGIN ? `${process.env.ORIGIN}/api` : "http://localhost:3000"}`; + ? "http://127.0.0.1:3000" + : `${process.env.ORIGIN ? `${process.env.ORIGIN}/api` : "http://127.0.0.1:3000"}`; export const REGISTRATION_IS_DISABLED = dev ? false diff --git a/web-app/src/routes/(authenticated)/website/[websiteId]/publish/+page.server.ts b/web-app/src/routes/(authenticated)/website/[websiteId]/publish/+page.server.ts index f606e7e..51bd655 100644 --- a/web-app/src/routes/(authenticated)/website/[websiteId]/publish/+page.server.ts +++ b/web-app/src/routes/(authenticated)/website/[websiteId]/publish/+page.server.ts @@ -98,17 +98,17 @@ const generateStaticFiles = async ( ) => { const websitePreviewUrl = `${ dev - ? "http://localhost:18000" + ? "http://127.0.0.1:18000" : process.env.ORIGIN ? process.env.ORIGIN - : "http://localhost:18000" + : "http://127.0.0.1:18000" }/previews/${websiteData.id}/`; const websiteProdUrl = dev - ? `http://localhost:18000/${websiteData.user.username}/${websiteData.slug}` + ? `http://127.0.0.1:18000/${websiteData.user.username}/${websiteData.slug}` : process.env.ORIGIN ? `${process.env.ORIGIN.replace("//", `//${websiteData.user.username}.`)}/${websiteData.slug}` - : `http://localhost:18000/${websiteData.user.username}/${websiteData.slug}`; + : `http://127.0.0.1:18000/${websiteData.user.username}/${websiteData.slug}`; const fileContents = (head: string, body: string) => { return `