feat: add Souin

api/.env

@@ -21,7 +21,8 @@ OIDC_SERVER_URL=https://localhost/oidc/realms/demo
 OIDC_SWAGGER_CLIENT_ID=api-platform-swagger
 
 ###> symfony/framework-bundle ###
-APP_ENV=dev
+APP_ENV=prod
+APP_DEBUG=true
 APP_SECRET=!ChangeMe!
 ###< symfony/framework-bundle ###
 

api/Dockerfile

@@ -118,8 +118,8 @@ ARG TARGETARCH
 
 WORKDIR /srv/app
 
-# Download Caddy compiled with the Mercure and Vulcain modules
-ADD --chmod=500 https://caddyserver.com/api/download?os=linux&arch=$TARGETARCH&p=github.com/dunglas/mercure/caddy&p=github.com/dunglas/vulcain/caddy /usr/bin/caddy
+# Download Caddy compiled with the Mercure, Vulcain and Souin modules
+ADD --chmod=500 https://caddyserver.com/api/download?os=linux&arch=$TARGETARCH&p=github.com/dunglas/mercure/caddy&p=github.com/dunglas/vulcain/caddy&p=github.com/caddyserver/cache-handler /usr/bin/caddy
 
 COPY --link docker/caddy/Caddyfile /etc/caddy/Caddyfile
 

api/config/packages/api_platform.yaml

@@ -9,6 +9,8 @@ api_platform:
     graphql:
         graphql_playground: false
     mercure: ~
+    http_cache:
+        public: true
     defaults:
         stateless: true
         cache_headers:
@@ -28,6 +30,23 @@ api_platform:
         scopes:
             openid: (required) Indicates that the application intends to use OIDC to verify the user's identity
 
+when@prod:
+    parameters:
+        # The api url that is called to invalidate cached resources
+        # Can't be set in .env file cause it's only available on prod env
+        env(SOUIN_API_URL): http://caddy/souin-api/souin
+
+    api_platform:
+        http_cache:
+            invalidation:
+                enabled: true
+                purger: 'api_platform.http_cache.purger.souin'
+                urls: ['%env(SOUIN_API_URL)%']
+        defaults:
+            cache_headers:
+                max_age: 0
+                shared_max_age: 3600
+
 services:
     app.filter.review.admin.search:
         class: 'ApiPlatform\Doctrine\Orm\Filter\SearchFilter'

api/docker/caddy/Caddyfile

@@ -1,12 +1,13 @@
 {
-    # Debug
-    {$CADDY_DEBUG}
+    {$CADDY_GLOBAL_OPTIONS}
 }
 
 {$SERVER_NAME}
 
 log
 
+{$CADDY_CACHE}
+
 # Matches requests for OIDC routes
 @oidc expression path('/oidc/*')
 

docker-compose.prod.yml

@@ -27,6 +27,14 @@ services:
     environment:
       MERCURE_PUBLISHER_JWT_KEY: ${CADDY_MERCURE_JWT_SECRET}
       MERCURE_SUBSCRIBER_JWT_KEY: ${CADDY_MERCURE_JWT_SECRET}
+      CADDY_GLOBAL_OPTIONS: |
+        order cache before rewrite
+        cache {
+            api {
+                souin
+            }
+        }
+      CADDY_CACHE: cache
 
   database:
     environment:

helm/api-platform/templates/configmap.yaml

@@ -13,6 +13,7 @@ data:
   mercure-url: "http://{{ include "api-platform.fullname" . }}/.well-known/mercure"
   mercure-public-url: {{ .Values.mercure.publicUrl | default "http://127.0.0.1/.well-known/mercure" | quote }}
   mercure-extra-directives: {{ .Values.mercure.extraDirectives | quote }}
+  caddy-global-options: {{ .Values.caddy.globalOptions | quote }}
   oidc-server-url: "https://{{ (first .Values.ingress.hosts).host }}/oidc/realms/demo"
   oidc-server-url-internal: "http://{{ include "api-platform.fullname" . }}/oidc/realms/demo"
   next-auth-url: "https://{{ (first .Values.ingress.hosts).host }}/api/auth"

helm/api-platform/templates/deployment.yaml

@@ -40,6 +40,13 @@ spec:
               value: {{ include "api-platform.fullname" . }}-pwa:3000
             - name: OIDC_UPSTREAM
               value: {{ .Release.Name }}-keycloak:80
+            - name: CADDY_CACHE
+              value: cache
+            - name: CADDY_GLOBAL_OPTIONS
+              valueFrom:
+                configMapKeyRef:
+                  name: {{ include "api-platform.fullname" . }}
+                  key: caddy-global-options
             - name: MERCURE_EXTRA_DIRECTIVES
               valueFrom:
                 configMapKeyRef:

helm/api-platform/values.yaml

@@ -34,6 +34,13 @@ caddy:
     pullPolicy: IfNotPresent
     # Overrides the image tag whose default is the chart appVersion.
     tag: ""
+  globalOptions: |
+    order cache before rewrite
+    cache {
+        api {
+            souin
+        }
+    }
 
 # You may prefer using the managed version in production: https://mercure.rocks
 mercure: