From 875f0652750d94542b128c780570b1db7cb7f198 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Fri, 19 Mar 2021 19:09:59 +0100 Subject: [PATCH] feat: add graphiql --- Makefile | 16 +++- .../compose/docker-compose-prod-graphql.yml | 31 ++++++++ Resources/docker/web/Dockerfile | 2 - Resources/nginx/nginx.conf | 75 +++++++++++++++++-- config/docker-compose.py | 5 +- docker-compose.yml | 11 +-- 6 files changed, 119 insertions(+), 21 deletions(-) create mode 100644 Resources/compose/docker-compose-prod-graphql.yml delete mode 100644 Resources/docker/web/Dockerfile diff --git a/Makefile b/Makefile index a8c433f4..77402432 100755 --- a/Makefile +++ b/Makefile @@ -1,8 +1,10 @@ veekun_pokedex_repository = ../pokedex local_config = --settings=config.local docker_config = --settings=config.docker-compose +HASURA_GRAPHQL_ADMIN_SECRET=pokemon .PHONY: help +.SILENT: help: @grep -E '^[a-zA-Z_-]+:.*?# .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?# "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' @@ -81,14 +83,20 @@ pull-veekun: git -C ${veekun_pokedex_repository} checkout master-pokeapi git -C ${veekun_pokedex_repository} pull -sync-from-veekun: pull pull-veekun # Copy data from ../pokedex to this repository +sync-from-veekun: pull pull-veekun # Copy data from ../pokedex to this repository cp -a ${veekun_pokedex_repository}/pokedex/data/csv/. ./data/v2/csv -sync-to-veekun: pull pull-veekun # Copy data from this repository to ../pokedex +sync-to-veekun: pull pull-veekun # Copy data from this repository to ../pokedex cp -a ./data/v2/csv/. ${veekun_pokedex_repository}/pokedex/data/csv +read-env-file: # Exports ./.env into shell environment variables + export `egrep -v '^#' .env | xargs` + hasura-export: # Export Hasura configuration - hasura md export --project hasura --admin-secret pokemon + hasura md export --project hasura --admin-secret ${HASURA_GRAPHQL_ADMIN_SECRET} hasura-apply: # Apply local Hasura configuration - hasura md apply --project hasura --admin-secret pokemon + hasura md apply --project hasura --admin-secret ${HASURA_GRAPHQL_ADMIN_SECRET} + +hasura-get-anon-schema: # Dumps GraphQL schema + gq http://localhost:8080/v1/graphql --introspect > hasura/schema.graphql diff --git a/Resources/compose/docker-compose-prod-graphql.yml b/Resources/compose/docker-compose-prod-graphql.yml new file mode 100644 index 00000000..b7eef5fd --- /dev/null +++ b/Resources/compose/docker-compose-prod-graphql.yml @@ -0,0 +1,31 @@ +version: '2.4' +services: + db: + environment: + POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" + POSTGRES_USER: "${POSTGRES_USER}" + + app: + env_file: .env + + web: + volumes: + - graphiql:/public-console:ro + + graphql-engine: + environment: + HASURA_GRAPHQL_DATABASE_URL: "postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/pokeapi" + HASURA_GRAPHQL_ADMIN_SECRET: "${HASURA_GRAPHQL_ADMIN_SECRET}" + + graphiql: + image: pokeapi/graphiql:1.0.0 + command: sh -c 'cp -a /app/static/. /transfer/ && tail -f /etc/passwd' + volumes: + - graphiql:/transfer + depends_on: + - graphql-engine + +volumes: + graphiql: + +# docker-compose -f docker-compose.yml -f Resources/compose/docker-compose-graphql.yml up diff --git a/Resources/docker/web/Dockerfile b/Resources/docker/web/Dockerfile deleted file mode 100644 index 3b701f42..00000000 --- a/Resources/docker/web/Dockerfile +++ /dev/null @@ -1,2 +0,0 @@ -FROM nginx:alpine -COPY ./nginx/nginx.conf /etc/nginx/nginx.conf diff --git a/Resources/nginx/nginx.conf b/Resources/nginx/nginx.conf index 96052237..e91b490d 100644 --- a/Resources/nginx/nginx.conf +++ b/Resources/nginx/nginx.conf @@ -38,6 +38,23 @@ http { server app:8000 fail_timeout=0; } + upstream graphql_upstream { + server graphql-engine:8080 fail_timeout=0; + } + + geo $limit { + default 1; + 10.0.0.0/8 0; + 192.168.0.0/24 0; + } + + map $limit $limit_key { + 0 ""; + 1 $binary_remote_addr; + } + + limit_req_zone $limit_key zone=graphqlDefaultLimit:50m rate=1r/m; + server { listen 80 deferred; server_name _; @@ -47,6 +64,48 @@ http { root /code; + + # Admin console + location /graphql/admin/ { + expires 1m; # client-side caching, one minute for each API resource + add_header Cache-Control "public"; + add_header Pragma public; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + + proxy_redirect off; + + proxy_pass http://graphql_upstream/; + } + + location /graphql/console { + alias /public-console/; + index index.html; + try_files $uri $uri/ /index.html =405; + } + + location /graphql/v1beta { + limit_req zone=graphqlDefaultLimit burst=100 nodelay; + limit_req_status 429; + expires 1m; # client-side caching, one minute for each API resource + add_header Cache-Control "public"; + add_header Pragma public; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + + proxy_redirect off; + + proxy_pass http://graphql_upstream/v1/graphql; + } + location /media/ { root /code; autoindex off; @@ -57,14 +116,6 @@ http { autoindex off; } - location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ { # cache all these extensions for 5 days, disable logging - access_log off; - log_not_found off; - expires 5d; - add_header Cache-Control "public"; - add_header Pragma public; - } - location /api/ { expires 1m; # client-side caching, one minute for each API resource add_header Cache-Control "public"; @@ -79,6 +130,14 @@ http { proxy_pass http://pokeapi_upstream; } + # location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ { # cache all these extensions for 5 days, disable logging + # access_log off; + # log_not_found off; + # expires 5d; + # add_header Cache-Control "public"; + # add_header Pragma public; + # } + location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/config/docker-compose.py b/config/docker-compose.py index 824ea030..e33a2394 100644 --- a/config/docker-compose.py +++ b/config/docker-compose.py @@ -1,12 +1,13 @@ # Docker settings +import os from .settings import * DATABASES = { "default": { "ENGINE": "django.db.backends.postgresql_psycopg2", "NAME": "pokeapi", - "USER": "ash", - "PASSWORD": "pokemon", + "USER": os.environ.get("POSTGRES_USER", "ash"), + "PASSWORD": os.environ.get("POSTGRES_PASSWORD", "pokemon"), "HOST": "db", "PORT": 5432, } diff --git a/docker-compose.yml b/docker-compose.yml index a1fb2307..baf916f2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -31,20 +31,21 @@ services: restart: always web: - build: - context: ./Resources - dockerfile: ./docker/web/Dockerfile + image: nginx:alpine ports: - "80:80" - "443:443" restart: always + command: [nginx-debug, '-g', 'daemon off;'] + volumes: + - ./Resources/nginx/nginx.conf:/etc/nginx/nginx.conf:ro volumes_from: - app:ro links: - app graphql-engine: - image: hasura/graphql-engine:v2.0.0-alpha.3 + image: hasura/graphql-engine:v2.0.0-alpha.5 ports: - "8080:8080" depends_on: @@ -58,7 +59,7 @@ services: HASURA_GRAPHQL_ADMIN_SECRET: pokemon HASURA_GRAPHQL_UNAUTHORIZED_ROLE: anon HASURA_GRAPHQL_ENABLE_TELEMETRY: "false" - HASURA_GRAPHQL_CONSOLE_ASSETS_DIR: /srv/console-assets + # HASURA_GRAPHQL_CONSOLE_ASSETS_DIR: /srv/console-assets volumes: pg_data: