diff --git a/.github/workflows/admin.yml b/.github/workflows/admin.yml index df17194e..0b2e2726 100644 --- a/.github/workflows/admin.yml +++ b/.github/workflows/admin.yml @@ -42,9 +42,14 @@ jobs: - name: Deploy env: SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} + SSL_PRIVATE_KEY: | + ${{ secrets.SSL_PRIVATE_KEY }} + SSL_PUBLIC_KEY: | + ${{ secrets.SSL_PUBLIC_KEY }} run: | echo "$SSH_PRIVATE_KEY" > ssh_private_key && chmod 600 ssh_private_key sed -i "s|ADMIN_PANEL_URL|${{ secrets.ADMIN_PANEL_URL }}|g" admin/nginx/conf.d/website-blog.conf + echo -e "$SSL_PRIVATE_KEY" > admin/nginx/certs/blog.live.domain.name.key && echo -e "$SSL_PUBLIC_KEY" > admin/nginx/certs/blog.live.domain.name.cert scp -o StrictHostKeyChecking=no -i ssh_private_key -r admin/nginx ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_ADDRESS }}:blog-admin-deployment cat admin/deploy.sh | ssh -o StrictHostKeyChecking=no -i ssh_private_key ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_ADDRESS }} 'cat > ./blog-admin-deployment/deploy.sh' - cat admin/docker-compose.yaml | ssh -o StrictHostKeyChecking=no -i ssh_private_key ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_ADDRESS }} sudo PUBLISH_PORT=${{secrets.PUBLISH_PORT}} APP_KEYS=${{secrets.APP_KEYS}} API_TOKEN_SALT=${{secrets.API_TOKEN_SALT}} ADMIN_JWT_SECRET=${{secrets.ADMIN_JWT_SECRET}} JWT_SECRET=${{secrets.JWT_SECRET}} DATABASE_CLIENT=${{secrets.DATABASE_CLIENT}} DATABASE_HOST=${{secrets.DATABASE_HOST}} DATABASE_PORT=${{secrets.DATABASE_PORT}} DATABASE_NAME=${{secrets.DATABASE_NAME}} DATABASE_USERNAME=${{secrets.DATABASE_USERNAME}} DATABASE_PASSWORD=${{secrets.DATABASE_PASSWORD}} DATABASE_SSL=${{secrets.DATABASE_SSL}} AWS_ACCOUNT_ID=${{secrets.AWS_ACCOUNT_ID}} AWS_ACCESS_KEY_ID=${{secrets.AWS_ACCESS_KEY_ID}} AWS_SECRET_ACCESS_KEY=${{secrets.AWS_SECRET_ACCESS_KEY}} AWS_REGION=${{secrets.AWS_REGION}} AWS_BUCKET=${{secrets.AWS_BUCKET}} AWS_BUCKET_URL=${{secrets.AWS_BUCKET_URL}} GITHUB_SHA=${{github.sha}} GITHUB_RUN_ATTEMPT=${{github.run_attempt}} SENTRY_DSN=${{secrets.SENTRY_DSN}} HR_FROM_MAIL=${{secrets.HR_FROM_MAIL}} 'bash -c "cd blog-admin-deployment && cat > docker-compose.yaml && chmod -R 755 ./deploy.sh && ./deploy.sh && cd .. && rm -rf blog-admin-deployment"' + cat admin/docker-compose.yaml | ssh -o StrictHostKeyChecking=no -i ssh_private_key ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_ADDRESS }} sudo PUBLISH_PORT=${{secrets.PUBLISH_PORT}} APP_KEYS=${{secrets.APP_KEYS}} API_TOKEN_SALT=${{secrets.API_TOKEN_SALT}} ADMIN_JWT_SECRET=${{secrets.ADMIN_JWT_SECRET}} JWT_SECRET=${{secrets.JWT_SECRET}} DATABASE_CLIENT=${{secrets.DATABASE_CLIENT}} DATABASE_HOST=${{secrets.DATABASE_HOST}} DATABASE_PORT=${{secrets.DATABASE_PORT}} DATABASE_NAME=${{secrets.DATABASE_NAME}} DATABASE_USERNAME=${{secrets.DATABASE_USERNAME}} DATABASE_PASSWORD=${{secrets.DATABASE_PASSWORD}} DATABASE_SSL=${{secrets.DATABASE_SSL}} AWS_ACCOUNT_ID=${{secrets.AWS_ACCOUNT_ID}} AWS_ACCESS_KEY_ID=${{secrets.AWS_ACCESS_KEY_ID}} AWS_SECRET_ACCESS_KEY=${{secrets.AWS_SECRET_ACCESS_KEY}} AWS_REGION=${{secrets.AWS_REGION}} AWS_BUCKET=${{secrets.AWS_BUCKET}} AWS_BUCKET_URL=${{secrets.AWS_BUCKET_URL}} GITHUB_SHA=${{github.sha}} GITHUB_RUN_ATTEMPT=${{github.run_attempt}} SENTRY_DSN=${{secrets.SENTRY_DSN}} HR_FROM_MAIL=${{secrets.HR_FROM_MAIL}} GH_PERSONAL_ACCESS_TOKEN=${{secrets.GH_PERSONAL_ACCESS_TOKEN}} 'bash -c "cd blog-admin-deployment && cat > docker-compose.yaml && chmod -R 755 ./deploy.sh && ./deploy.sh && cd .. && rm -rf blog-admin-deployment"' diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml index 7638b7e2..603196a9 100644 --- a/.github/workflows/deploy-dev.yml +++ b/.github/workflows/deploy-dev.yml @@ -1,45 +1,45 @@ -name: Deploy to dev +# name: Deploy to dev -on: - push: - branches: - - main +# on: +# push: +# branches: +# - main -jobs: - deploy-dev: - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - steps: - - name: Checkout - uses: actions/checkout@v2.3.3 +# jobs: +# deploy-dev: +# runs-on: ubuntu-latest +# permissions: +# id-token: write +# contents: read +# steps: +# - name: Checkout +# uses: actions/checkout@v2.3.3 - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-frontend-access - aws-region: ap-south-1 +# - name: Configure AWS credentials +# uses: aws-actions/configure-aws-credentials@v1 +# with: +# role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-frontend-access +# aws-region: ap-south-1 - - name: Build frontend and push on ECR - run: | - cd website - echo NEXT_PUBLIC_IFRAMELY_KEY=${{ secrets.IFRAMELY_KEY_DEV }} >> .env - echo NEXT_PUBLIC_RECAPTCHA_SITE_KEY=${{ secrets.RECAPTCHA_SITE_KEY_DEV }} >> .env - echo NEXT_PUBLIC_MIXPANEL_PROJECT_TOKEN=${{ secrets.MIXPANEL_PROJECT_TOKEN_DEV }} >> .env - echo NEXT_PUBLIC_STRAPI_URL=${{ secrets.STRAPI_URL }} >> .env - echo NEXT_PUBLIC_STRAPI_DOMAIN=${{ secrets.STRAPI_DOMAIN }} >> .env - echo NEXT_PUBLIC_WEBSITE_URL=${{ secrets.WEBSITE_URL_DEV }} >> .env - echo NEXT_PUBLIC_API_BASE=${{ secrets.API_BASE_DEV }} >> .env - bash ./../deploy/deploy-ecr-image.sh dev-blog ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.$AWS_REGION.amazonaws.com/canopas-blog +# - name: Build frontend and push on ECR +# run: | +# cd website +# echo NEXT_PUBLIC_IFRAMELY_KEY=${{ secrets.IFRAMELY_KEY_DEV }} >> .env +# echo NEXT_PUBLIC_RECAPTCHA_SITE_KEY=${{ secrets.RECAPTCHA_SITE_KEY_DEV }} >> .env +# echo NEXT_PUBLIC_MIXPANEL_PROJECT_TOKEN=${{ secrets.MIXPANEL_PROJECT_TOKEN_DEV }} >> .env +# echo NEXT_PUBLIC_STRAPI_URL=${{ secrets.STRAPI_URL }} >> .env +# echo NEXT_PUBLIC_STRAPI_DOMAIN=${{ secrets.STRAPI_DOMAIN }} >> .env +# echo NEXT_PUBLIC_WEBSITE_URL=${{ secrets.WEBSITE_URL_DEV }} >> .env +# echo NEXT_PUBLIC_API_BASE=${{ secrets.API_BASE_DEV }} >> .env +# bash ./../deploy/deploy-ecr-image.sh dev-blog ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.$AWS_REGION.amazonaws.com/canopas-blog - - name: Trigger Canopas website Workflow - uses: actions/github-script@v6 - with: - github-token: ${{ secrets.WORKFLOW_TOKEN }} - script: | - await github.rest.repos.createDispatchEvent({ - owner: 'canopas', - repo: 'canopas-website', - event_type: 'deploy-blog-dev', - }); +# - name: Trigger Canopas website Workflow +# uses: actions/github-script@v6 +# with: +# github-token: ${{ secrets.WORKFLOW_TOKEN }} +# script: | +# await github.rest.repos.createDispatchEvent({ +# owner: 'canopas', +# repo: 'canopas-website', +# event_type: 'deploy-blog-dev', +# }); diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml index 93802527..358d263b 100644 --- a/.github/workflows/deploy-prod.yml +++ b/.github/workflows/deploy-prod.yml @@ -1,46 +1,46 @@ -name: Deploy to prod +# name: Deploy to prod -on: - push: - branches: - - main +# on: +# push: +# branches: +# - main -jobs: - deploy-prod: - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - steps: - - name: Checkout - uses: actions/checkout@v2.3.3 +# jobs: +# deploy-prod: +# runs-on: ubuntu-latest +# permissions: +# id-token: write +# contents: read +# steps: +# - name: Checkout +# uses: actions/checkout@v2.3.3 - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-frontend-access - aws-region: ap-south-1 +# - name: Configure AWS credentials +# uses: aws-actions/configure-aws-credentials@v1 +# with: +# role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-frontend-access +# aws-region: ap-south-1 - - name: Build frontend and push on ECR - run: | - cd website - echo NEXT_PUBLIC_IFRAMELY_KEY=${{ secrets.IFRAMELY_KEY_PROD }} >> .env - echo NEXT_PUBLIC_RECAPTCHA_SITE_KEY=${{ secrets.RECAPTCHA_SITE_KEY_PROD }} >> .env - echo NEXT_PUBLIC_MIXPANEL_PROJECT_TOKEN=${{ secrets.MIXPANEL_PROJECT_TOKEN_PROD }} >> .env - echo NEXT_PUBLIC_STRAPI_URL=${{ secrets.STRAPI_URL }} >> .env - echo NEXT_PUBLIC_STRAPI_DOMAIN=${{ secrets.STRAPI_DOMAIN }} >> .env - echo NEXT_PUBLIC_WEBSITE_URL=${{ secrets.WEBSITE_URL_PROD }} >> .env - echo NEXT_PUBLIC_API_BASE=${{ secrets.API_BASE_PROD }} >> .env - mv config-prod.js config.js - bash ./../deploy/deploy-ecr-image.sh prod-blog ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.$AWS_REGION.amazonaws.com/canopas-blog +# - name: Build frontend and push on ECR +# run: | +# cd website +# echo NEXT_PUBLIC_IFRAMELY_KEY=${{ secrets.IFRAMELY_KEY_PROD }} >> .env +# echo NEXT_PUBLIC_RECAPTCHA_SITE_KEY=${{ secrets.RECAPTCHA_SITE_KEY_PROD }} >> .env +# echo NEXT_PUBLIC_MIXPANEL_PROJECT_TOKEN=${{ secrets.MIXPANEL_PROJECT_TOKEN_PROD }} >> .env +# echo NEXT_PUBLIC_STRAPI_URL=${{ secrets.STRAPI_URL }} >> .env +# echo NEXT_PUBLIC_STRAPI_DOMAIN=${{ secrets.STRAPI_DOMAIN }} >> .env +# echo NEXT_PUBLIC_WEBSITE_URL=${{ secrets.WEBSITE_URL_PROD }} >> .env +# echo NEXT_PUBLIC_API_BASE=${{ secrets.API_BASE_PROD }} >> .env +# mv config-prod.js config.js +# bash ./../deploy/deploy-ecr-image.sh prod-blog ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.$AWS_REGION.amazonaws.com/canopas-blog - - name: Trigger Canopas website Workflow - uses: actions/github-script@v6 - with: - github-token: ${{ secrets.WORKFLOW_TOKEN }} - script: | - await github.rest.repos.createDispatchEvent({ - owner: 'canopas', - repo: 'canopas-website', - event_type: 'deploy-blog-prod', - }); +# - name: Trigger Canopas website Workflow +# uses: actions/github-script@v6 +# with: +# github-token: ${{ secrets.WORKFLOW_TOKEN }} +# script: | +# await github.rest.repos.createDispatchEvent({ +# owner: 'canopas', +# repo: 'canopas-website', +# event_type: 'deploy-blog-prod', +# }); diff --git a/README.md b/README.md index 49b99e55..cd867ef2 100644 --- a/README.md +++ b/README.md @@ -4,11 +4,12 @@ This is our open-source Next.js blog website of [canopas](https://canopas.com). ## Showcase -This repository contains the working code of [our resources](https://articles.canopas.com/resources). You can check out the link to view a live example of this repository. +This repository contains the working code of [our resources](https://canopas.com/resources). You can check out the link to view a live example of this repository. ### Admin panel for handling content -![Admin panel](https://github.com/canopas/canopas-blog/assets/69897605/5a61df91-94bd-4a09-bced-e811450a2873) +![Admin panel](https://github.com/canopas/canopas-blog/assets/115449373/7542ff05-08ca-45ae-a4c6-24785419ae35) + ### Blogs website diff --git a/admin/.env.example b/admin/.env.example index 4175184f..d322529c 100644 --- a/admin/.env.example +++ b/admin/.env.example @@ -19,4 +19,4 @@ DATABASE_SSL= IFRAMELY_API_KEY= HR_FROM_MAIL= SENTRY_DSN= - +GH_PERSONAL_ACCESS_TOKEN= diff --git a/admin/Dockerfile b/admin/Dockerfile index 72c53c12..258111ed 100644 --- a/admin/Dockerfile +++ b/admin/Dockerfile @@ -11,11 +11,7 @@ RUN yarn install --frozen-lockfile ENV NODE_ENV production -RUN cd src/plugins/blog-editor - -RUN yarn install - -RUN cd ../../.. +RUN cd src/plugins/blog-editor && yarn install && cd ../../.. RUN yarn build diff --git a/admin/config/database.js b/admin/config/database.js index b206d8c8..b609e2e3 100644 --- a/admin/config/database.js +++ b/admin/config/database.js @@ -4,10 +4,12 @@ module.exports = ({ env }) => ({ connection: { host: env("DATABASE_HOST", "127.0.0.1"), port: env.int("DATABASE_PORT", 5432), - database: env("DATABASE_NAME", "blogs"), + database: env("DATABASE_NAME", "postgres"), user: env("DATABASE_USERNAME", "postgres"), password: env("DATABASE_PASSWORD", "postgres"), - ssl: env.bool("DATABASE_SSL", false), + ssl: { + rejectUnauthorized: env.bool("DATABASE_SSL_SELF", false), + }, }, debug: false, acquireConnectionTimeout: 600000, diff --git a/admin/config/plugins.js b/admin/config/plugins.js index 7c43f46f..5d13d251 100644 --- a/admin/config/plugins.js +++ b/admin/config/plugins.js @@ -16,7 +16,7 @@ module.exports = ({ env }) => ({ encodeURIComponent(match[0]); return ( // If you need, set maxwidth and other styles for 'iframely-embed' class - it's yours to customize - '
' + + '
' + '
' + `