fix production domain
Build & Deploy / Build & Push Docker Image (push) Successful in 2m57s
Test / Type Check (all packages) (push) Successful in 58s
Build & Deploy / Deploy to VPS (push) Successful in 4s
Test / API Unit Tests (push) Successful in 51s
Test / Homepage Unit Tests (push) Successful in 44s
Test / Storefront Unit Tests (push) Successful in 43s
Test / Admin Unit Tests (push) Successful in 43s
Test / Dashboard Unit Tests (push) Successful in 42s
Test / API Integration Tests (push) Successful in 1m2s
Build & Deploy / Build & Push Docker Image (push) Successful in 2m57s
Test / Type Check (all packages) (push) Successful in 58s
Build & Deploy / Deploy to VPS (push) Successful in 4s
Test / API Unit Tests (push) Successful in 51s
Test / Homepage Unit Tests (push) Successful in 44s
Test / Storefront Unit Tests (push) Successful in 43s
Test / Admin Unit Tests (push) Successful in 43s
Test / Dashboard Unit Tests (push) Successful in 42s
Test / API Integration Tests (push) Successful in 1m2s
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
# Traefik domains
|
||||
ACME_EMAIL=ops@example.com
|
||||
ACME_EMAIL=rentaldrivego@gmail.com
|
||||
API_DOMAIN=api.rentaldrivego.ma
|
||||
PUBLIC_SITE_DOMAIN=rentaldrivego.ma
|
||||
PGMANAGE_DOMAIN=pgmanage.rentaldrivego.ma
|
||||
|
||||
@@ -123,7 +123,7 @@ services:
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.api.rule=Host(`${API_DOMAIN}`) && !HeadersRegexp(`x-middleware-subrequest`, `.+`)
|
||||
- traefik.http.routers.api.rule=Host(`${API_DOMAIN}`) && !HeaderRegexp(`x-middleware-subrequest`, `.+`)
|
||||
- traefik.http.routers.api.entrypoints=websecure
|
||||
- traefik.http.routers.api.tls=true
|
||||
- traefik.http.routers.api.tls.certresolver=letsencrypt
|
||||
@@ -171,7 +171,7 @@ services:
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.homepage.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && !HeadersRegexp(`x-middleware-subrequest`, `.+`)
|
||||
- traefik.http.routers.homepage.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && !HeaderRegexp(`x-middleware-subrequest`, `.+`)
|
||||
- traefik.http.routers.homepage.entrypoints=websecure
|
||||
- traefik.http.routers.homepage.tls=true
|
||||
- traefik.http.routers.homepage.tls.certresolver=letsencrypt
|
||||
@@ -215,7 +215,7 @@ services:
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.storefront.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && PathPrefix(`/explore`, `/renter`, `/sign-in`)
|
||||
- traefik.http.routers.storefront.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && (PathPrefix(`/explore`) || PathPrefix(`/renter`) || PathPrefix(`/sign-in`))
|
||||
- traefik.http.routers.storefront.entrypoints=websecure
|
||||
- traefik.http.routers.storefront.tls=true
|
||||
- traefik.http.routers.storefront.tls.certresolver=letsencrypt
|
||||
@@ -259,7 +259,7 @@ services:
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.dashboard.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && PathPrefix(`/dashboard`) && !HeadersRegexp(`x-middleware-subrequest`, `.+`)
|
||||
- traefik.http.routers.dashboard.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && PathPrefix(`/dashboard`) && !HeaderRegexp(`x-middleware-subrequest`, `.+`)
|
||||
- traefik.http.routers.dashboard.entrypoints=websecure
|
||||
- traefik.http.routers.dashboard.tls=true
|
||||
- traefik.http.routers.dashboard.tls.certresolver=letsencrypt
|
||||
@@ -303,7 +303,7 @@ services:
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.admin.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && PathPrefix(`/admin`) && !HeadersRegexp(`x-middleware-subrequest`, `.+`)
|
||||
- traefik.http.routers.admin.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && PathPrefix(`/admin`) && !HeaderRegexp(`x-middleware-subrequest`, `.+`)
|
||||
- traefik.http.routers.admin.entrypoints=websecure
|
||||
- traefik.http.routers.admin.tls=true
|
||||
- traefik.http.routers.admin.tls.certresolver=letsencrypt
|
||||
|
||||
@@ -10,6 +10,10 @@ PROJECT_NAME="${DOCKER_PROD_PROJECT_NAME:-rentaldrivego-prod}"
|
||||
TRAEFIK_NETWORK="${DOCKER_PROD_TRAEFIK_NETWORK:-traefik-proxy}"
|
||||
VOLUME_BACKUP_IMAGE="${DOCKER_VOLUME_BACKUP_IMAGE:-postgres:16-alpine}"
|
||||
API_UPLOADS_VOLUME="${DOCKER_PROD_API_UPLOADS_VOLUME:-${PROJECT_NAME}_api_uploads}"
|
||||
DEFAULT_ACME_EMAIL="rentaldrivego@gmail.com"
|
||||
DEFAULT_API_DOMAIN="api.rentaldrivego.ma"
|
||||
DEFAULT_PUBLIC_SITE_DOMAIN="rentaldrivego.ma"
|
||||
DEFAULT_CORS_ORIGINS="https://rentaldrivego.ma,https://www.rentaldrivego.ma"
|
||||
|
||||
ensure_env_file() {
|
||||
if [[ ! -f "${ENV_FILE}" ]]; then
|
||||
@@ -71,6 +75,7 @@ load_prod_env_exports() {
|
||||
local key
|
||||
|
||||
for key in \
|
||||
ACME_EMAIL \
|
||||
APP_IMAGE \
|
||||
APP_VERSION \
|
||||
IMAGE_TAG \
|
||||
@@ -86,8 +91,9 @@ load_prod_env_exports() {
|
||||
}
|
||||
|
||||
validate_prod_env_file() {
|
||||
local api_domain public_site_domain cors_origins postgres_password redis_password jwt_secret
|
||||
local acme_email api_domain public_site_domain cors_origins postgres_password redis_password jwt_secret
|
||||
|
||||
acme_email="$(read_env_value ACME_EMAIL)"
|
||||
api_domain="$(read_env_value API_DOMAIN)"
|
||||
public_site_domain="$(read_env_value PUBLIC_SITE_DOMAIN)"
|
||||
cors_origins="$(read_env_value CORS_ORIGINS)"
|
||||
@@ -95,18 +101,23 @@ validate_prod_env_file() {
|
||||
redis_password="$(read_env_value REDIS_PASSWORD)"
|
||||
jwt_secret="$(read_env_value JWT_SECRET)"
|
||||
|
||||
if [[ -z "${api_domain}" || "${api_domain}" == *example.com* ]]; then
|
||||
echo "Invalid API_DOMAIN in ${ENV_FILE}. Set it to the real production API hostname, not example.com." >&2
|
||||
if [[ "${acme_email}" != "${DEFAULT_ACME_EMAIL}" ]]; then
|
||||
echo "Invalid ACME_EMAIL in ${ENV_FILE}. Set ACME_EMAIL=${DEFAULT_ACME_EMAIL} for Let's Encrypt." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ -z "${public_site_domain}" || "${public_site_domain}" == *example.com* ]]; then
|
||||
echo "Invalid PUBLIC_SITE_DOMAIN in ${ENV_FILE}. Set it to the real production site hostname, not example.com." >&2
|
||||
if [[ "${api_domain}" != "${DEFAULT_API_DOMAIN}" ]]; then
|
||||
echo "Invalid API_DOMAIN in ${ENV_FILE}. Set API_DOMAIN=${DEFAULT_API_DOMAIN}." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ -z "${cors_origins}" || "${cors_origins}" == *example.com* ]]; then
|
||||
echo "Invalid CORS_ORIGINS in ${ENV_FILE}. Replace example.com origins with the real production domains." >&2
|
||||
if [[ "${public_site_domain}" != "${DEFAULT_PUBLIC_SITE_DOMAIN}" ]]; then
|
||||
echo "Invalid PUBLIC_SITE_DOMAIN in ${ENV_FILE}. Set PUBLIC_SITE_DOMAIN=${DEFAULT_PUBLIC_SITE_DOMAIN}." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ "${cors_origins}" != "${DEFAULT_CORS_ORIGINS}" ]]; then
|
||||
echo "Invalid CORS_ORIGINS in ${ENV_FILE}. Set CORS_ORIGINS=${DEFAULT_CORS_ORIGINS}." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
||||
Reference in New Issue
Block a user