Merged in dev-patrick (pull request #10)

Dev patrick
2020-10-07 03:43:02 +00:00
parent 60114d3d02 914ccb6d55
commit 5f6cdf5bf8
8 changed files with 1 additions and 197 deletions
--- a/.ebextensions/00_cleanup.config
+++ b/.ebextensions/00_cleanup.config
@@ -1,5 +0,0 @@
-commands:
-  10_cleanup:
-    command: |
-      sudo rm -f /opt/elasticbeanstalk/hooks/configdeploy/post/*
-      sudo rm -f /etc/nginx/conf.d/*
--- a/.ebextensions/01_setup.config
+++ b/.ebextensions/01_setup.config
@@ -1,13 +0,0 @@
-Resources:
-  sslSecurityGroupIngress:
-    Type: AWS::EC2::SecurityGroupIngress
-    Properties:
-      GroupId: {"Fn::GetAtt" : ["AWSEBSecurityGroup", "GroupId"]}
-      IpProtocol: tcp
-      ToPort: 443
-      FromPort: 443
-      CidrIp: 0.0.0.0/0
-
-packages:
-  yum:
-    epel-release: []
--- a/.ebextensions/02_nginx.config
+++ b/.ebextensions/02_nginx.config
@@ -1,105 +0,0 @@
-files:
-  "/etc/nginx/nginx.pre":
-    mode: "000644"
-    owner: root
-    group: root
-    content: |
-      user nginx;
-      worker_processes auto;
-      error_log /var/log/nginx/error.log;
-      pid /var/run/nginx.pid;
-
-      events {
-        worker_connections  1024;
-      }
-
-      http {
-        port_in_redirect off;
-        default_type application/octet-stream;
-
-        log_format main '$remote_addr - $remote_user [$time_local] "$request" '
-                        '$status $body_bytes_sent "$http_referer" '
-                        '"$http_user_agent" "$http_x_forwarded_for"';
-
-        log_format healthd '$msec"$uri"$status"$request_time"$upstream_response_time"$http_x_forwarded_for';
-
-        access_log /var/log/nginx/access.log  main;
-        sendfile on;
-        keepalive_timeout 65;
-
-        include /etc/nginx/mime.types;
-        include /etc/nginx/conf.d/*.conf;
-      }
-
-  "/etc/nginx/conf.d/http_custom.conf":
-    mode: "000644"
-    owner: root
-    group: root
-    content: |
-      server {
-        listen 8080;
-
-        location ~ /.well-known/  {
-          root /var/www/letsencrypt/;
-        }
-
-        location / {
-          return 301 https://$host$request_uri;
-        }
-      }
-
-  "/etc/nginx/conf.d/https_custom.pre":
-    mode: "000644"
-    owner: root
-    group: root
-    content: |
-      upstream nodejs {
-          server 127.0.0.1:5000;
-          keepalive 256;
-      }
-      server {
-        listen 443 ssl default;
-        server_name localhost;
-        error_page 497 https://$host$request_uri;
-
-        if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
-          set $year $1;
-          set $month $2;
-          set $day $3;
-          set $hour $4;
-        }
-
-        access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
-        access_log /var/log/nginx/access.log main;
-
-        location / {
-            proxy_pass http://nodejs;
-            proxy_set_header Connection "";
-            proxy_http_version 1.1;
-            proxy_set_header Host $host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "Upgrade";
-        }
-
-        gzip on;
-        gzip_comp_level 4;
-        gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
-
-        ssl_certificate /etc/letsencrypt/live/ebcert/fullchain.pem;
-        ssl_certificate_key /etc/letsencrypt/live/ebcert/privkey.pem;
-        ssl_session_timeout 5m;
-        ssl_protocols TLSv1.1 TLSv1.2;
-        ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
-        ssl_prefer_server_ciphers on;
-
-        if ($host ~* ^www\.(.*)) {
-          set $host_without_www $1;
-          rewrite ^(.*) https://$host_without_www$1 permanent;
-        }
-
-        if ($ssl_protocol = "") {
-          rewrite ^ https://$host$request_uri? permanent;
-        }
-      }
--- a/.ebextensions/03_container_commands.config
+++ b/.ebextensions/03_container_commands.config
@@ -1,45 +0,0 @@
-container_commands:
-  10_setup_nginx:
-    command: |
-      sudo rm -f /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf
-      sudo rm -f /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf
-
-      sudo rm -f /tmp/deployment/config/#etc#nginx#nginx.conf
-      sudo rm -f /etc/nginx/nginx.conf
-
-      sudo mv /etc/nginx/nginx.pre /etc/nginx/nginx.conf
-
-      sudo service nginx stop
-      sudo service nginx start
-  20_install_certbot:
-    command: |
-      wget https://dl.eff.org/certbot-auto
-      mv certbot-auto /usr/local/bin/certbot-auto
-      chown root /usr/local/bin/certbot-auto
-      chmod 0755 /usr/local/bin/certbot-auto
-  30_create_webroot_path:
-    command: |
-      sudo rm -rf /var/www/letsencrypt/
-      sudo mkdir /var/www/letsencrypt/
-  40_configure_cert:
-    command: |
-      certbot_command="/usr/local/bin/certbot-auto certonly --webroot --webroot-path /var/www/letsencrypt --debug --non-interactive --email ${LETSENCRYPT_EMAIL} --agree-tos --expand --keep-until-expiring"
-      for domain in $(echo ${LETSENCRYPT_DOMAIN} | sed "s/,/ /g")
-      do
-        certbot_command="$certbot_command --domains $domain"
-      done
-      eval $certbot_command
-  50_link_cert:
-    command: |
-      domain="$( cut -d ',' -f 1 <<< "${LETSENCRYPT_DOMAIN}" )";
-      if [ -d /etc/letsencrypt/live ]; then
-        domain_folder_name="$(ls /etc/letsencrypt/live | sort -n | grep $domain | head -1)";
-        if [ -d /etc/letsencrypt/live/${domain_folder_name} ]; then
-          ln -sfn /etc/letsencrypt/live/${domain_folder_name} /etc/letsencrypt/live/ebcert
-        fi
-      fi
-  60_enable_https_config:
-    command: |
-      sudo mv /etc/nginx/conf.d/https_custom.pre /etc/nginx/conf.d/https_custom.conf
-      sudo service nginx stop
-      sudo service nginx start
--- a/.ebextensions/04_configdeploy_post_hooks.config
+++ b/.ebextensions/04_configdeploy_post_hooks.config
@@ -1,11 +0,0 @@
-files:
-  # Elastic Beanstalk recreates the default configuration during every configuration deployment
-  "/opt/elasticbeanstalk/hooks/configdeploy/post/99_kill_default_nginx.sh":
-    mode: "000755"
-    owner: root
-    group: root
-    content: |
-      #!/bin/bash -xe
-      rm -f /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf
-      service nginx stop
-      service nginx start
--- a/.ebextensions/05_cron.config
+++ b/.ebextensions/05_cron.config
@@ -1,8 +0,0 @@
-files:
-  # Cron to renew cert
-  "/etc/cron.d/certbot_renew":
-    mode: "000644"
-    owner: root
-    group: root
-    content: |
-      @weekly root /usr/local/bin/certbot-auto renew
--- a/.elasticbeanstalk/config.yml
+++ b/.elasticbeanstalk/config.yml
@@ -1,9 +0,0 @@
-branch-defaults:
-  master:
-    environment: Bodyshop-prod
-global:
-  application_name: bodyshop
-  default_ec2_keyname: e-yqpq3yupbk
-  default_platform: Node.js running on 64bit Amazon Linux/4.14.1
-  default_region: ca-central-1
-  sc: git
--- a/hasura/config.yaml
+++ b/hasura/config.yaml
@@ -1,2 +1,2 @@
 endpoint: https://bodyshop-dev-db.herokuapp.com
-#endpoint: https://bodyshop-staging-db.herokuapp.com/
+#endpoint: https://db.imex.online