From bc5c8ccfcc8162d907a739c5b063b1e73add1ccb Mon Sep 17 00:00:00 2001 From: b1ek Date: Tue, 6 Jun 2023 14:09:40 +1000 Subject: [PATCH 1/3] configure this to run behind nginx --- config/nginx/logs/.gitignore | 2 ++ config/nginx/mime.types | 49 ++++++++++++++++++++++++++++++++++++ config/nginx/nginx.conf | 31 +++++++++++++++++++++++ config/nginx/proxy.conf | 10 ++++++++ docker-compose.dev | 9 ++++++- docker-compose.prod | 10 ++++++-- index.js | 4 ++- 7 files changed, 111 insertions(+), 4 deletions(-) create mode 100644 config/nginx/logs/.gitignore create mode 100644 config/nginx/mime.types create mode 100644 config/nginx/nginx.conf create mode 100644 config/nginx/proxy.conf diff --git a/config/nginx/logs/.gitignore b/config/nginx/logs/.gitignore new file mode 100644 index 0000000..c96a04f --- /dev/null +++ b/config/nginx/logs/.gitignore @@ -0,0 +1,2 @@ +* +!.gitignore \ No newline at end of file diff --git a/config/nginx/mime.types b/config/nginx/mime.types new file mode 100644 index 0000000..eb9a9ca --- /dev/null +++ b/config/nginx/mime.types @@ -0,0 +1,49 @@ +types { + text/html html htm shtml; + text/css css; + text/xml xml rss; + image/gif gif; + image/jpeg jpeg jpg; + application/x-javascript js; + text/plain txt; + text/x-component htc; + text/mathml mml; + image/png png; + image/x-icon ico; + image/x-jng jng; + image/vnd.wap.wbmp wbmp; + image/svg+xml svg svgz; + application/java-archive jar war ear; + application/mac-binhex40 hqx; + application/pdf pdf; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/zip zip; + application/octet-stream deb; + application/octet-stream bin exe dll; + application/octet-stream dmg; + application/octet-stream eot; + application/octet-stream iso img; + application/octet-stream msi msp msm; + audio/mpeg mp3; + audio/x-realaudio ra; + video/mpeg mpeg mpg; + video/quicktime mov; + video/x-flv flv; + video/x-msvideo avi; + video/x-ms-wmv wmv; + video/x-ms-asf asx asf; + video/x-mng mng; +} \ No newline at end of file diff --git a/config/nginx/nginx.conf b/config/nginx/nginx.conf new file mode 100644 index 0000000..ba54f50 --- /dev/null +++ b/config/nginx/nginx.conf @@ -0,0 +1,31 @@ +user nobody nobody; +worker_processes 4; +error_log logs/error.log; +pid logs/nginx.pid; +worker_rlimit_nofile 8192; + +events { + worker_connections 4096; ## Default: 1024 +} + +http { + include mime.types; + include proxy.conf; + index index.html index.htm; + + default_type application/octet-stream; + log_format main '$remote_addr - $remote_user [$time_local] $status ' + '"$request" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + access_log logs/access.log main; + sendfile on; + tcp_nopush on; + server_names_hash_bucket_size 128; # this seems to be required for some vhosts + + server { + listen 80; + location / { + proxy_pass http://server; + } + } +} \ No newline at end of file diff --git a/config/nginx/proxy.conf b/config/nginx/proxy.conf new file mode 100644 index 0000000..0906ee1 --- /dev/null +++ b/config/nginx/proxy.conf @@ -0,0 +1,10 @@ +proxy_redirect off; +proxy_set_header Host $host; +proxy_set_header X-Real-IP $remote_addr; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +client_max_body_size 10m; +client_body_buffer_size 128k; +proxy_connect_timeout 90; +proxy_send_timeout 90; +proxy_read_timeout 90; +proxy_buffers 32 4k; \ No newline at end of file diff --git a/docker-compose.dev b/docker-compose.dev index dba401d..c543023 100644 --- a/docker-compose.dev +++ b/docker-compose.dev @@ -7,7 +7,6 @@ services: volumes: - './:/opt/code' ports: - - '${APP_PORT}:${APP_PORT}' - '9229:9229' env_file: ./.env environment: @@ -21,6 +20,14 @@ services: - '6379:6379' networks: - homepage + nginx: + image: nginx:alpine + ports: + - '${APP_PORT}:80' + networks: + - homepage + volumes: + - './config/nginx:/etc/nginx' db: image: postgres:alpine ports: diff --git a/docker-compose.prod b/docker-compose.prod index deec8ba..b6fa1c6 100644 --- a/docker-compose.prod +++ b/docker-compose.prod @@ -7,8 +7,6 @@ services: dockerfile: Dockerfile volumes: - './:/opt/code' - ports: - - '${APP_PORT}:${APP_PORT}' env_file: ./.env environment: APP_PORT: '${APP_PORT}' @@ -19,6 +17,14 @@ services: image: redis:alpine networks: - homepage + nginx: + image: nginx:alpine + ports: + - '${APP_PORT}:80' + networks: + - homepage + volumes: + - './config/nginx:/etc/nginx' db: restart: always image: postgres:alpine diff --git a/index.js b/index.js index c0aea5d..6a2c4c8 100644 --- a/index.js +++ b/index.js @@ -13,7 +13,9 @@ const app = express(); const session = require('express-session'); const bodyparser = require('body-parser'); -const { APP_PORT } = process.env; +// this runs behind nginx now, which handles +// the external port +const APP_PORT = 80; // process.env; app.set('trust proxy', process.env.TRUST_PROXY); From 8f503aefc020db5b078385f7f8572377b52e7d3d Mon Sep 17 00:00:00 2001 From: b1ek Date: Tue, 6 Jun 2023 14:11:07 +1000 Subject: [PATCH 2/3] add warning --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 51b692b..1cf2d80 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,9 @@ This is a rewrite of my current website to Express.JS. [Git repo](https://git.blek.codes/blek/homepage.js) | [Website](https://blek.codes) +# Warning: This branch is __experimental__ +### This branch is untested and unstable, and probably won't work in production. +### Please don't use it for other purposes that development. # Running an instance First, [generate the app key](#generate-the-key). From 64dc7b21baadcec539fcfd5d96d4ea268ede584c Mon Sep 17 00:00:00 2001 From: b1ek Date: Tue, 6 Jun 2023 18:32:32 +1000 Subject: [PATCH 3/3] serve static files over nginx --- config/nginx/nginx.conf | 12 ++++++++++++ docker-compose.dev | 1 + docker-compose.prod | 1 + 3 files changed, 14 insertions(+) diff --git a/config/nginx/nginx.conf b/config/nginx/nginx.conf index ba54f50..e858187 100644 --- a/config/nginx/nginx.conf +++ b/config/nginx/nginx.conf @@ -22,10 +22,22 @@ http { tcp_nopush on; server_names_hash_bucket_size 128; # this seems to be required for some vhosts + gzip on; + gzip_types text/plain application/json application/x-json application/javascript application/x-javascript text/css text/x-css; + gzip_min_length 1024; + gzip_static on; + server { listen 80; location / { proxy_pass http://server; } + location /static { + root /var/www; + gzip_static on; + } + location /announce.json/ { + root /var/www; + } } } \ No newline at end of file diff --git a/docker-compose.dev b/docker-compose.dev index c543023..390fe27 100644 --- a/docker-compose.dev +++ b/docker-compose.dev @@ -28,6 +28,7 @@ services: - homepage volumes: - './config/nginx:/etc/nginx' + - './public:/var/www:ro' db: image: postgres:alpine ports: diff --git a/docker-compose.prod b/docker-compose.prod index b6fa1c6..437dc67 100644 --- a/docker-compose.prod +++ b/docker-compose.prod @@ -25,6 +25,7 @@ services: - homepage volumes: - './config/nginx:/etc/nginx' + - './public:/var/www:ro' db: restart: always image: postgres:alpine