added nginx and fixed erroneous web container build and run process

ORNL · Mar 6, 2024 · afabc98 · afabc98
1 parent 748aa5c
commit afabc98
Show file tree

Hide file tree

Showing 6 changed files with 49 additions and 12 deletions.
diff --git a/compose/build_images_for_compose.sh b/compose/build_images_for_compose.sh
@@ -38,4 +38,3 @@ docker build -f \
   --build-arg RUNTIME="datafed-runtime" \
   "${PROJECT_ROOT}" \
   -t datafed-foxx:latest
-
diff --git a/compose/compose_core.yml b/compose/compose_core.yml
@@ -18,12 +18,11 @@ services:
       DATAFED_CORE_ADDRESS_PORT_INTERNAL: "datafed-core:7513"
       UID: "${DATAFED_UID}"
     image: datafed-web:latest
-    ports:
-      - 443:443 # This must be the same port that is mapped to the host for redirects to work
     volumes:
       - ./keys:/opt/datafed/keys
     networks:
-      - datafed-internal
+      datafed-internal:
+        ipv4_address: 172.16.0.10
 
   datafed-core:
     image: datafed-core:latest
@@ -80,6 +79,17 @@ services:
     networks:
       - datafed-internal
 
+  nginx:
+    image: nginx:latest
+    depends_on: ["datafed-web"]
+    volumes:
+      - ./keys:/keys
+      - ./nginx.conf:/etc/nginx/conf.d/nginx.conf
+    ports:
+      - 443:443 # this replaces the port that was open on the datafed-web service
+    networks:
+      - datafed-internal
+
 volumes:
   keys:
 
@@ -88,4 +98,7 @@ networks:
     driver: bridge
   datafed-internal:
     driver: bridge
+    ipam:
+      config:
+        - subnet: 172.16.0.0/24
 
diff --git a/compose/nginx.conf b/compose/nginx.conf
@@ -0,0 +1,28 @@
+upstream backend {
+    server 172.16.0.10:443;
+}
+server {
+    listen 443 ssl;
+    # ssl_preread on;
+    # server_name yourdomain.com;
+
+    # location / {
+    #     proxy_pass https://172.16.0.10:443;
+    #     proxy_set_header Host $host;
+    #     proxy_set_header X-Real-IP $remote_addr;
+    #     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    #     proxy_set_header X-Forwarded-Proto $scheme;
+    # }
+
+    ssl_certificate /keys/cert.crt;
+    ssl_certificate_key /keys/cert.key;
+
+    location / {
+        proxy_pass https://backend;
+        proxy_ssl_server_name on;
+        proxy_ssl_protocols TLSv1.2 TLSv1.3;
+        proxy_ssl_verify off;
+        proxy_ssl_verify_depth 2;
+        proxy_ssl_trusted_certificate /keys/cert.crt;
+    }
+}
diff --git a/docker/Dockerfile.dependencies b/docker/Dockerfile.dependencies
@@ -35,8 +35,9 @@ COPY ./scripts/utils.sh ${BUILD_DIR}/scripts/utils.sh
 COPY ./scripts/install_core_dependencies.sh ${BUILD_DIR}/scripts/
 COPY ./scripts/install_docs_dependencies.sh ${BUILD_DIR}/scripts/
 COPY ./scripts/install_repo_dependencies.sh ${BUILD_DIR}/scripts/
-COPY ./scripts/install_ws_dependencies.sh ${BUILD_DIR}/scripts/
 COPY ./scripts/install_authz_dependencies.sh ${BUILD_DIR}/scripts/
+COPY ./web/package.json ${BUILD_DIR}/web/package.json
+COPY ./scripts/install_ws_dependencies.sh ${BUILD_DIR}/scripts/
 COPY ./scripts/generate_datafed.sh ${BUILD_DIR}/scripts/generate_datafed.sh
 
 RUN echo "#!/bin/bash\n\$@" > /usr/bin/sudo && chmod +x /usr/bin/sudo

diff --git a/web/docker/Dockerfile b/web/docker/Dockerfile
@@ -76,9 +76,9 @@ COPY --chown=datafed:root ./scripts/install_ws.sh                ${BUILD_DIR}/sc
 COPY --chown=datafed:root ./cmake/Version.cmake                  ${BUILD_DIR}/cmake/Version.cmake
 COPY --chown=datafed:root ./scripts/utils.sh                     ${BUILD_DIR}/scripts/utils.sh
 COPY --chown=datafed:root ./scripts/export_dependency_version.sh ${BUILD_DIR}/scripts/export_dependency_version.sh
+COPY --from=ws-build --chown=datafed:root ${DATAFED_DEPENDENCIES_INSTALL_PATH}/nvm ${DATAFED_DEPENDENCIES_INSTALL_PATH}/nvm
 COPY --from=ws-build --chown=datafed:root ${BUILD_DIR}/web ${BUILD_DIR}/web
-COPY --from=ws-build --chown=datafed:root ${DATAFED_INSTALL_PATH} ${DATAFED_INSTALL_PATH}
-COPY --from=ws-build --chown=datafed:root ${DATAFED_DEPENDENCIES_INSTALL_PATH} ${DATAFED_DEPENDENCIES_INSTALL_PATH}
+COPY --from=ws-build --chown=datafed:root ${DATAFED_INSTALL_PATH}/web ${DATAFED_INSTALL_PATH}/web
 COPY --from=ws-build --chown=datafed:root /usr/bin/curl /usr/bin/curl
 
 RUN chown -R datafed:root ${DATAFED_INSTALL_PATH}/web
@@ -87,10 +87,7 @@ RUN chown -R datafed:root ${BUILD_DIR}
 WORKDIR ${DATAFED_DIR}
 
 RUN echo "${DATAFED_DIR}"
-RUN . ${BUILD_DIR}/scripts/export_dependency_version.sh && \
-  . ${DATAFED_DEPENDENCIES_INSTALL_PATH}/nvm/nvm.sh && \
-	npm --allow-root --unsafe-perm --prefix ${DATAFED_INSTALL_PATH}/web install
 
 USER root
 
-ENTRYPOINT ["/datafed/source/web/docker/entrypoint.sh", "/opt/datafed/web/datafed-ws.js", "/datafed/source/config/datafed-ws.cfg" ]
+ENTRYPOINT ["/datafed/source/web/docker/entrypoint.sh", "/datafed/source/web/datafed-ws.js", "/datafed/source/config/datafed-ws.cfg" ]
diff --git a/web/docker/entrypoint.sh b/web/docker/entrypoint.sh
@@ -14,7 +14,6 @@ PROJECT_ROOT=$(realpath "${SOURCE}/../..")
 
 "${PROJECT_ROOT}/scripts/generate_datafed.sh"
 "${PROJECT_ROOT}/scripts/generate_ws_config.sh"
-"${PROJECT_ROOT}/scripts/install_ws.sh"
 . "${PROJECT_ROOT}/scripts/dependency_versions.sh"
 
 export NVM_DIR="${DATAFED_DEPENDENCIES_INSTALL_PATH}/nvm"
Original file line number	Diff line number	Diff line change
Expand Up		@@ -38,4 +38,3 @@ docker build -f \
		--build-arg RUNTIME="datafed-runtime" \
		"${PROJECT_ROOT}" \
		-t datafed-foxx:latest