Merge pull request #364 from ricardoapaes/feature/docker-production

Build docker for production

.env.example

@@ -0,0 +1,7 @@
+MYSQL_ROOT_PASSWORD=strongpassword
+MYSQL_DATABASE=whaticket
+JWT_SECRET=3123123213123
+JWT_REFRESH_SECRET=75756756756
+FRONTEND_PORT=3000
+TZ=America/Fortaleza
+MAX_CONCURRENT_SESSIONS=1

.gitignore

@@ -0,0 +1,2 @@
+.docker/data/
+.env

backend/.dockerignore

@@ -0,0 +1,5 @@
+.git
+*Dockerfile*
+*docker-compose*
+node_modules
+dist

backend/Dockerfile

@@ -0,0 +1,40 @@
+FROM node:14 as build-deps
+
+RUN apt-get update && apt-get install -y wget
+
+ENV DOCKERIZE_VERSION v0.6.1
+RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
+    && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
+    && rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz
+
+RUN apt-get update \
+    && apt-get install -y wget gnupg \
+    && wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - \
+    && sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list' \
+    && apt-get update \
+    && apt-get install -y google-chrome-stable fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf libxss1 \
+      --no-install-recommends \
+    && rm -rf /var/lib/apt/lists/*
+
+ADD https://github.com/Yelp/dumb-init/releases/download/v1.2.1/dumb-init_1.2.1_amd64 /usr/local/bin/dumb-init
+RUN chmod +x /usr/local/bin/dumb-init
+
+ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD true
+
+WORKDIR /usr/src/app
+COPY package*.json ./
+RUN npm install
+
+COPY . .
+RUN npm run build
+
+ENV NODE_ENV=production
+ENV PORT=3000
+ENV CHROME_BIN=google-chrome-stable
+
+EXPOSE 3000
+
+ENTRYPOINT ["dumb-init", "--"]
+CMD dockerize -wait tcp://${DB_HOST}:3306 \
+  && npx sequelize db:migrate \
+  && node dist/server.js

backend/src/libs/wbot.ts

@@ -43,10 +43,15 @@ export const initWbot = async (whatsapp: Whatsapp): Promise<Session> => {
         sessionCfg = JSON.parse(whatsapp.session);
       }
 
+      const args:String = process.env.CHROME_ARGS || "";
+
       const wbot: Session = new Client({
         session: sessionCfg,
         puppeteer: {
-          executablePath: process.env.CHROME_BIN || undefined
+          executablePath: process.env.CHROME_BIN || undefined,
+          // @ts-ignore
+          browserWSEndpoint: process.env.CHROME_WS || undefined,
+          args: args.split(' ')
         }
       });
 

docker-compose-browserless.yaml

@@ -0,0 +1,17 @@
+version: '3'
+
+networks:
+  whaticket:
+
+services:
+
+  backend:
+    environment:
+      - CHROME_WS=ws://chrome:3000
+
+  chrome:
+    image: browserless/chrome:latest
+    environment:
+      - MAX_CONCURRENT_SESSIONS=${MAX_CONCURRENT_SESSIONS:-1}
+    networks:
+      - whaticket

docker-compose.yaml

@@ -0,0 +1,49 @@
+version: '3'
+
+networks:
+  whaticket:
+
+services:
+
+  backend:
+    build:
+      context: ./backend
+      dockerfile: ./Dockerfile
+    environment:
+      - DB_HOST=mysql
+      - DB_USER=root
+      - DB_PASS=${MYSQL_ROOT_PASSWORD:-strongpassword}
+      - DB_NAME=${MYSQL_DATABASE:-whaticket}
+      - JWT_SECRET=${JWT_SECRET:-3123123213123}
+      - JWT_REFRESH_SECRET=${JWT_REFRESH_SECRET:-75756756756}
+      - BACKEND_URL=${BACKEND_URL:-http://localhost:3000/api}
+      - FRONTEND_URL=${BACKEND_URL:-http://localhost:3000}
+      - CHROME_ARGS=--no-sandbox --disable-setuid-sandbox
+    networks:
+      - whaticket
+
+  frontend:
+    ports:
+      - ${FRONTEND_PORT:-3000}:80
+    build:
+      context: ./frontend
+      dockerfile: ./Dockerfile
+    environment:
+      - URL_BACKEND=http://backend:3000/
+    networks:
+      - whaticket
+
+  mysql:
+    image: mariadb:latest
+    command: --character-set-server=utf8mb4 --collation-server=utf8mb4_bin    
+    volumes:
+      - ./.docker/data/:/var/lib/mysql
+    environment:
+      - MYSQL_DATABASE=${MYSQL_DATABASE:-whaticket}
+      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-strongpassword}
+      - TZ=${TZ:-America/Fortaleza}
+    ports:
+      - 3306:3306
+    restart: always
+    networks:
+      - whaticket

frontend/.docker/nginx/conf.d/default.conf

@@ -0,0 +1,4 @@
+server {
+    server_name _;
+    include include.d/spa.conf;
+}

frontend/.docker/nginx/include.d/allcache.conf

@@ -0,0 +1,3 @@
+expires 1y;
+add_header Cache-Control "public";
+access_log off;

frontend/.docker/nginx/include.d/nocache.conf

@@ -0,0 +1,5 @@
+add_header Last-Modified $date_gmt;
+add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
+if_modified_since off;
+expires off;
+etag off;

frontend/.docker/nginx/include.d/root.conf

@@ -0,0 +1,16 @@
+# X-Frame-Options is to prevent from clickJacking attack
+add_header X-Frame-Options SAMEORIGIN;
+
+# disable content-type sniffing on some browsers.
+add_header X-Content-Type-Options nosniff;
+
+# This header enables the Cross-site scripting (XSS) filter
+add_header X-XSS-Protection "1; mode=block";
+
+# This will enforce HTTP browsing into HTTPS and avoid ssl stripping attack
+add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
+
+add_header Referrer-Policy "no-referrer-when-downgrade";
+
+# Enables response header of "Vary: Accept-Encoding"
+gzip_vary on;

frontend/.docker/nginx/include.d/spa.conf

@@ -0,0 +1,28 @@
+listen 80;
+index index.html;
+root /var/www/public/;
+
+location /{{ default .Env.FOLDER_BACKEND "api" }}/ {
+    proxy_pass {{ .Env.URL_BACKEND }};
+}
+
+location /socket.io/ {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $host;
+    proxy_pass {{ .Env.URL_BACKEND }}socket.io/;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";    
+}
+
+location / {
+    try_files $uri $uri/ /index.html;
+    include include.d/nocache.conf;
+}
+
+location /static {
+   alias /var/www/public/static/;
+   include include.d/allcache.conf;
+}
+
+include include.d/root.conf;

frontend/.dockerignore

@@ -0,0 +1,5 @@
+.git
+*Dockerfile*
+*docker-compose*
+node_modules
+build

frontend/Dockerfile

@@ -0,0 +1,24 @@
+FROM node:14-alpine as build-deps
+WORKDIR /usr/src/app
+COPY package.json package-lock.json ./
+RUN npm install
+COPY .env* ./
+COPY src/ ./src/
+COPY public/ ./public/
+RUN echo "REACT_APP_BACKEND_URL=/api/" > .env.production
+RUN npm run build
+
+FROM nginx:alpine
+
+RUN apk add --no-cache openssl
+ENV DOCKERIZE_VERSION v0.6.1
+RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-alpine-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
+    && tar -C /usr/local/bin -xzvf dockerize-alpine-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
+    && rm dockerize-alpine-linux-amd64-$DOCKERIZE_VERSION.tar.gz
+
+COPY .docker/nginx /etc/nginx/
+COPY --from=build-deps /usr/src/app/build /var/www/public/
+EXPOSE 80
+
+RUN echo "dockerize -template /etc/nginx/include.d/spa.conf:/etc/nginx/include.d/spa.conf" > /docker-entrypoint.d/01-change-url-backend.sh \
+ && chmod +x /docker-entrypoint.d/01-change-url-backend.sh