refactor: self hosting setup (#411)

* merge-commit: self hosted updates * dev: updates in self hosting setup * dev: update script to get the instance IP * dev: update script to generate backend secret key
2023-03-09 20:49:12 +05:30 · 2023-03-09 20:49:12 +05:30 · 0416e07f46
commit 0416e07f46
parent e3e57df4a2
7 changed files with 57 additions and 43 deletions
--- a/apiserver/.env.example
+++ b/apiserver/.env.example
@ -1,22 +1,21 @@
-SECRET_KEY="<-- django secret -->"
 DJANGO_SETTINGS_MODULE="plane.settings.production"
 # Database
-DATABASE_URL=postgres://plane:plane@db:5432/plane
+DATABASE_URL=postgres://plane:xyzzyspoon@db:5432/plane
 # Cache
 REDIS_URL=redis://redis:6379/
 # SMPT
-EMAIL_HOST="<-- email smtp -->"
-EMAIL_HOST_USER="<-- email host user -->"
-EMAIL_HOST_PASSWORD="<-- email host password -->"
+EMAIL_HOST=""
+EMAIL_HOST_USER=""
+EMAIL_HOST_PASSWORD=""
 # AWS 
-AWS_REGION="<-- aws region -->"
-AWS_ACCESS_KEY_ID="<-- aws access key -->"
-AWS_SECRET_ACCESS_KEY="<-- aws secret acess key -->"
-AWS_S3_BUCKET_NAME="<-- aws s3 bucket name -->"
+AWS_REGION=""
+AWS_ACCESS_KEY_ID=""
+AWS_SECRET_ACCESS_KEY=""
+AWS_S3_BUCKET_NAME=""
 # FE
 WEB_URL="localhost/"
 # OAUTH
-GITHUB_CLIENT_SECRET="<-- github secret -->"
+GITHUB_CLIENT_SECRET=""
 # Flags
 DISABLE_COLLECTSTATIC=1
 DOCKERIZED=1
--- a/apiserver/plane/settings/production.py
+++ b/apiserver/plane/settings/production.py
@ -22,13 +22,7 @@ DATABASES = {
    }
 }

-# CORS WHITELIST ON PROD
-CORS_ORIGIN_WHITELIST = [
-    # "https://example.com",
-    # "https://sub.example.com",
-    # "http://localhost:8080",
-    # "http://127.0.0.1:9000"
-]
+
 # Parse database configuration from $DATABASE_URL
 DATABASES["default"] = dj_database_url.config()
 SITE_ID = 1
@ -43,12 +37,33 @@ DOCKERIZED = os.environ.get(
 # Honor the 'X-Forwarded-Proto' header for request.is_secure()
 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")

-# Allow all host headers
-ALLOWED_HOSTS = ["*"]

 # TODO: Make it FALSE and LIST DOMAINS IN FULL PROD.
 CORS_ALLOW_ALL_ORIGINS = True

+
+CORS_ALLOW_METHODS = [
+    "DELETE",
+    "GET",
+    "OPTIONS",
+    "PATCH",
+    "POST",
+    "PUT",
+]
+
+CORS_ALLOW_HEADERS = [
+    "accept",
+    "accept-encoding",
+    "authorization",
+    "content-type",
+    "dnt",
+    "origin",
+    "user-agent",
+    "x-csrftoken",
+    "x-requested-with",
+]
+
+CORS_ALLOW_CREDENTIALS = True
 # Simplified static file serving.
 STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage"

--- a/apps/app/.env.example
+++ b/apps/app/.env.example
@ -1,7 +1,8 @@
-NEXT_PUBLIC_API_BASE_URL = "http://localhost"
-NEXT_PUBLIC_GOOGLE_CLIENTID="<-- google client id -->"
-NEXT_PUBLIC_GITHUB_APP_NAME="<-- github app name -->"
-NEXT_PUBLIC_GITHUB_ID="<-- github client id -->"
-NEXT_PUBLIC_SENTRY_DSN="<-- sentry dns -->"
+# Replace with your instance Public IP
+# NEXT_PUBLIC_API_BASE_URL = "http://localhost"
+NEXT_PUBLIC_GOOGLE_CLIENTID=""
+NEXT_PUBLIC_GITHUB_APP_NAME=""
+NEXT_PUBLIC_GITHUB_ID=""
+NEXT_PUBLIC_SENTRY_DSN=""
 NEXT_PUBLIC_ENABLE_OAUTH=0
 NEXT_PUBLIC_ENABLE_SENTRY=0
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -9,10 +9,10 @@ services:
    ports:
      - 80:80
    depends_on:
-      # - plane-web
+      - plane-web
      - plane-api
  db:
-    image: postgres:12-alpine
+    image: postgres:15.2-alpine
    container_name: db
    restart: always
    volumes:
@ -20,7 +20,8 @@ services:
    environment:
      POSTGRES_USER: plane
      POSTGRES_DB: plane
-      POSTGRES_PASSWORD: plane
+      POSTGRES_PASSWORD: xyzzyspoon
+      PGDATA : /var/lib/postgresql/data
    command: postgres -c 'max_connections=1000'
    ports:
      - 5432:5432
--- a/nginx/Dockerfile
+++ b/nginx/Dockerfile
@ -1,4 +1,4 @@
 FROM nginx:1.21-alpine

 RUN rm /etc/nginx/conf.d/default.conf
-COPY nginx.conf /etc/nginx/conf.d
+COPY nginx.conf /etc/nginx/nginx.conf
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@ -1,25 +1,20 @@
-upstream plane {
-    server localhost:80;
-}
+events { }

-error_log /var/log/nginx/error.log;
+
+http {
+  sendfile on;

 server {
    listen       80;
    root   /www/data/;
    access_log /var/log/nginx/access.log;
    location / {
-        proxy_pass http://planefrontend:3000/;
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
+        proxy_pass http://planefrontend:3000/;       
    }
+
    location /api/ {
        proxy_pass http://planebackend:8000/api/;
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-    }
-    error_page   500 502 503 504  /50x.html;
-    location = /50x.html {
-        root   /usr/share/nginx/html;
    }
+
 }
+}
--- a/setup.sh
+++ b/setup.sh
@ -1,4 +1,7 @@
-# Generating API Server environmental variables
+#!/bin/bash
 cp ./apiserver/.env.example ./apiserver/.env
 # Generating App environmental variables
-cp ./apps/app/.env.example ./apps/app/.env
+cp ./apps/app/.env.example ./apps/app/.env
+
+echo -e "\nNEXT_PUBLIC_API_BASE_URL=http://$1"  >> ./apps/app/.env
+echo -e "\nSECRET_KEY=\"$(tr -dc 'a-z0-9!@#$%^&*(-_=+)' < /dev/urandom | head -c50)\""  >> ./apiserver/.env