Merge pull request #123 from mojtaba-naseri/master

Features, fix bug, maintenance with developer Docker package

config/dev.exs

@@ -7,7 +7,11 @@ import Config
 # watchers to your application. For example, we use it
 # with webpack to recompile .js and .css sources.
 config :mishka_html, MishkaHtmlWeb.Endpoint,
-  http: [port: 4000],
+  url: [scheme: System.get_env("PROTOCOL"), host: System.get_env("CMS_DOMAIN_NAME"), port: System.get_env("CMS_PORT")],
+  http: [
+      port: String.to_integer(System.get_env("PORT") || "4000"),
+      transport_options: [socket_opts: [:inet6]]
+    ],
   debug_errors: true,
   code_reloader: true,
   check_origin: false,
@@ -24,7 +28,11 @@ config :mishka_html, MishkaHtmlWeb.Endpoint,
   ]
 
 config :mishka_api, MishkaApiWeb.Endpoint,
-  http: [port: 4001],
+  url: [scheme: System.get_env("PROTOCOL"), host: System.get_env("API_DOMAIN_NAME"), port: System.get_env("API_PORT")],
+    http: [
+      port: String.to_integer(System.get_env("PORT") || "4001"),
+      transport_options: [socket_opts: [:inet6]]
+    ],
   debug_errors: true,
   code_reloader: true,
   check_origin: false,

deployment/docker/Dockerfile → deployment/docker/dockers/Dockerfile

@@ -1,5 +1,5 @@
 # Extend from the official Elixir image
-FROM elixir:1.12.3-alpine
+FROM elixir:1.13.3-alpine
 
 RUN apk update && apk add postgresql-client && rm -rf /var/cache/apk/*
 
@@ -18,7 +18,15 @@ ARG SECRET_KEY_BASE \
     API_DOMAIN_NAME \
     CMS_PORT \
     API_PORT \
-    PROTOCOL
+    PROTOCOL \
+    EMAIL_SYSTEM \
+    EMAIL_DOMAIN \
+    EMAIL_PORT \
+    EMAIL_SERVER \
+    EMAIL_HOSTNAME \
+    EMAIL_USERNAME \
+    EMAIL_PASSWORD \
+    WEB_SERVER
 
 ENV MIX_ENV=prod \
     SECRET_KEY_BASE=$SECRET_KEY_BASE \
@@ -33,7 +41,15 @@ ENV MIX_ENV=prod \
     API_DOMAIN_NAME=$API_DOMAIN_NAME \
     CMS_PORT=$CMS_PORT \
     API_PORT=$API_PORT \
-    PROTOCOL=$PROTOCOL
+    PROTOCOL=$PROTOCOL \
+    EMAIL_SYSTEM=$EMAIL_SYSTEM \
+    EMAIL_DOMAIN=$EMAIL_DOMAIN \
+    EMAIL_PORT=$EMAIL_PORT \
+    EMAIL_SERVER=$EMAIL_SERVER \
+    EMAIL_HOSTNAME=$EMAIL_HOSTNAME \
+    EMAIL_USERNAME=$EMAIL_USERNAME \
+    EMAIL_PASSWORD=$EMAIL_PASSWORD \
+    WEB_SERVER=$WEB_SERVER
 
 # Copy all application files
 COPY . /app
@@ -52,6 +68,6 @@ RUN  cd /app && \
 RUN apk del .build-deps && rm -rf deployment
 
 # Run entrypoint.sh script
-COPY deployment/docker/entrypoint.sh /app
+COPY deployment/docker/dockers/entrypoint.sh /app
 RUN chmod +x /app/entrypoint.sh
 CMD ["/app/entrypoint.sh"]

deployment/docker/dockers/docker-compose_dev_with_nginx.yml

@@ -0,0 +1,72 @@
+version: "3.9"
+
+services: 
+  mishka_nginx:
+    image: nginx:1.20.1-alpine
+    container_name: mishka_nginx
+    restart: always
+    ports:
+      - "80:80"
+      - "443:443"
+    networks:
+      netowrk:
+    volumes:
+      - ../etc/nginx/conf/:/etc/nginx/
+      - ../etc/nginx/cache:/var/nginx/cache
+      - ../etc/ssl/dev:/etc/ssl/dev:ro
+      - ../etc/ssl/letsencrypt:/etc/ssl/letsencrypt:ro
+      - /etc/localtime:/etc/localtime:ro
+    depends_on:
+      - mishka_cms
+
+
+  mishka_cms:
+    image: mishkagroup/elixir_dev:1.13.3-alpine
+    container_name: mishka_cms
+    restart: always
+    working_dir: /app
+    command: sleep 365d
+    hostname: mishka_cms
+    networks:
+      netowrk:
+    env_file:
+      - ../etc/.mishka_cms_env
+    volumes:
+      - cms:/app/Mnesia.nonode@nohost
+      - ../../../:/app
+      - /etc/localtime:/etc/localtime:ro
+    depends_on:
+      - mishka_db
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "300m"
+
+
+  mishka_db:
+    image: mishkagroup/postgresql:3.14
+    container_name: mishka_db
+    hostname: mishka_db
+    restart: always
+    networks:
+      netowrk:
+    ports:
+      - "5432:5432"
+    env_file:
+      - ../etc/.mishka_cms_env
+    volumes:
+      - database:/var/lib/postgresql/data
+      - /etc/localtime:/etc/localtime:ro
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "300m"
+
+
+networks:
+  netowrk:
+
+
+volumes:
+  cms:
+  database:

deployment/docker/dockers/docker-compose_dev_without_nginx.yml

@@ -0,0 +1,56 @@
+version: "3.9"
+
+services: 
+  mishka_cms:
+    image: mishkagroup/elixir_dev:1.13.3-alpine
+    container_name: mishka_cms
+    restart: always
+    working_dir: /app
+    command: sleep 365d
+    hostname: mishka_cms
+    networks:
+      netowrk:
+    ports:
+      - "4000:4000" # for web
+      - "4001:4001" # for api
+    env_file:
+      - ../etc/.mishka_cms_env
+    volumes:
+      - cms:/app/Mnesia.nonode@nohost
+      - ../../../:/app
+      - /etc/localtime:/etc/localtime:ro
+    depends_on:
+      - mishka_db
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "300m"
+
+
+  mishka_db:
+    image: mishkagroup/postgresql:3.14
+    container_name: mishka_db
+    hostname: mishka_db
+    restart: always
+    networks:
+      netowrk:
+    ports:
+      - "5432:5432"
+    env_file:
+      - ../etc/.mishka_cms_env
+    volumes:
+      - database:/var/lib/postgresql/data
+      - /etc/localtime:/etc/localtime:ro
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "300m"
+
+
+networks:
+  netowrk:
+
+
+volumes:
+  cms:
+  database:

deployment/docker/docker-compose_with_nginx.yml → deployment/docker/dockers/docker-compose_with_nginx.yml

@@ -11,11 +11,10 @@ services:
     networks:
       netowrk:
     volumes:
-      - nginx_logs:/var/log/
-      - ./nginx/conf/:/etc/nginx/
-      - ./nginx/cache:/var/nginx/cache
-      - ./certbot/letsencrypt:/etc/letsencrypt:ro
-      - ./certbot/master_certificates:/etc/master_certificates:ro
+      - ../etc/nginx/conf/:/etc/nginx/
+      - ../etc/nginx/cache:/var/nginx/cache
+      - ../etc/ssl/prod:/etc/ssl/prod:ro
+      - ../etc/ssl/letsencrypt:/etc/ssl/letsencrypt:ro
       - /etc/localtime:/etc/localtime:ro
 
     depends_on:
@@ -74,7 +73,6 @@ networks:
 
 
 volumes:
-  nginx_logs:
   cms:
   database:
 

deployment/docker/docs/mishka-logo.ans

@@ -0,0 +1,26 @@
+                     `-                          
+                      -:                          
+                 -:`       `:-                    
+                  .` `:/y: `.                     
+               ```  `+. +-   ``                   
+               `:-` :-  `+  -:.                   
+                     -``-`                        
+                      `.                          
+                    .://+.                        
+                 `.:::os:/+.                      
+                ....:-` ` `++`./s+.               
+        `:++.  `          `:ss/-y`++`             
+      .++-  ::            :/+` .:  -s:            
+    :+/`      `           :. o/.`.`  +y-          
+ `:/.                      +`od/  ./  y:/`        
+`.`                        :: ``   ./`o `:-       
+                           -+/.` `` `+/   `-`     
+                           `y`+   `-.`/:    ``    
+                            o/:/    -/-y          
+                             :oy:    `/h:         
+                              `+y+oooo+o++.       
+                                `//--:+o..++.     
+                                 `s. .+``--.++.   
+                                -yy:-/    ./..++` 
+                           `-//:y-.-::.     /::+s-
+                             .::--`       

deployment/docker/nginx/conf/conf.d/mishka_api.conf → deployment/docker/etc/nginx/conf/conf.d/mishka_api.conf

@@ -3,8 +3,8 @@ upstream api {
 }
 
 server {
-        listen MISHKA_API_PORT;
-        server_name MISHKA_API_DOMAIN_NAME;
+        listen 443 ssl http2;
+        server_name api.example.com;
 
         include /etc/nginx/ssl.conf;
 
@@ -31,6 +31,6 @@ server {
                 proxy_set_header Upgrade $http_upgrade;
                 proxy_set_header Connection "upgrade";
 
-                proxy_redirect  http://api https://MISHKA_API_DOMAIN_NAME/; 
+                proxy_redirect  http://api https://api.example.com/; 
         }
 }

deployment/docker/nginx/conf/conf.d/mishka_cms.conf → deployment/docker/etc/nginx/conf/conf.d/mishka_cms.conf

@@ -3,10 +3,10 @@ upstream cms {
 }
 
 server {
-        listen MISHKA_CMS_PORT;
-        server_name MISHKA_CMS_DOMAIN_NAME;
+        listen 443 ssl http2;
+        server_name cms.example.com;
 
-        #include /etc/nginx/ssl.conf;
+        include /etc/nginx/ssl.conf;
 
         # gzip config
         gzip on;
@@ -31,7 +31,7 @@ server {
                 proxy_set_header Upgrade $http_upgrade;
                 proxy_set_header Connection "upgrade";
 
-                proxy_redirect  http://cms https://MISHKA_CMS_DOMAIN_NAME/; 
+                proxy_redirect  http://cms https://cms.example.com/; 
 
         }
 

deployment/docker/nginx/conf/sample_conf/mishka_api.conf → deployment/docker/etc/nginx/conf/sample_conf/mishka_api.conf

@@ -6,7 +6,7 @@ server {
         listen MISHKA_API_PORT;
         server_name MISHKA_API_DOMAIN_NAME;
 
-        include /etc/nginx/ssl.conf;
+        #include /etc/nginx/ssl.conf;
 
         # gzip config
         gzip on;
@@ -17,8 +17,8 @@ server {
         gzip_proxied any;
 
         # logs
-        access_log  /var/log/nginx/mishka_api_access.log  main;
-        error_log  /var/log/nginx/mishka_api_error.log warn;
+        error_log /dev/stdout;
+        access_log /dev/stdout;
 
 
         location / {   

deployment/docker/nginx/conf/sample_conf/mishka_cms.conf → deployment/docker/etc/nginx/conf/sample_conf/mishka_cms.conf

@@ -17,8 +17,8 @@ server {
         gzip_proxied any;
 
         # logs
-        access_log  /var/log/nginx/mishka_cms_access.log  main;
-        error_log  /var/log/nginx/mishka_cms_error.log warn;
+        error_log /dev/stdout;
+        access_log /dev/stdout;
 
 
         location / {   

deployment/docker/etc/nginx/conf/sample_conf/ssl_dev.conf

@@ -0,0 +1,15 @@
+ssl_certificate           /etc/ssl/dev/server_example.crt;
+ssl_certificate_key       /etc/ssl/dev/server_example.key;
+ssl_trusted_certificate   /etc/ssl/letsencrypt/lets-encrypt-x3-cross-signed.pem;
+ssl_dhparam              /etc/ssl/letsencrypt/dhparam2048.pem; 
+ssl_ecdh_curve     secp384r1;
+ssl_session_cache shared:SSL:50m;
+ssl_session_timeout 1d;
+ssl_session_tickets off;
+ssl_prefer_server_ciphers on;
+ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
+ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
+resolver 8.8.8.8 8.8.4.4;
+ssl_stapling_verify on;
+ssl_buffer_size 4k;
+add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";

deployment/docker/etc/nginx/conf/sample_conf/ssl_prod.conf

@@ -0,0 +1,16 @@
+ssl_certificate           /etc/ssl/prod/letsencrypt/live/SITE_NAME/fullchain.pem;
+ssl_certificate_key       /etc/ssl/prod/letsencrypt/live/SITE_NAME/privkey.pem;
+ssl_trusted_certificate   /etc/ssl/letsencrypt/lets-encrypt-x3-cross-signed.pem;
+ssl_dhparam              /etc/ssl/letsencrypt/dhparam2048.pem; 
+ssl_ecdh_curve     secp384r1;
+ssl_session_cache shared:SSL:50m;
+ssl_session_timeout 1d;
+ssl_session_tickets off;
+ssl_prefer_server_ciphers on;
+ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
+ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
+resolver 8.8.8.8 8.8.4.4;
+ssl_stapling on;
+ssl_stapling_verify on;
+ssl_buffer_size 4k;
+add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";

deployment/docker/nginx/conf/ssl.conf → deployment/docker/etc/nginx/conf/ssl.conf

@@ -1,7 +1,7 @@
-ssl_certificate           /etc/letsencrypt/live/SITE_NAME/fullchain.pem;
-ssl_certificate_key       /etc/letsencrypt/live/SITE_NAME/privkey.pem;
-ssl_trusted_certificate   /etc/master_certificates/lets-encrypt-x3-cross-signed.pem;
-ssl_dhparam              /etc/master_certificates/dhparam2048.pem; 
+ssl_certificate           /etc/ssl/dev/server_example.crt;
+ssl_certificate_key       /etc/ssl/dev/server_example.key;
+ssl_trusted_certificate   /etc/ssl/letsencrypt/lets-encrypt-x3-cross-signed.pem;
+ssl_dhparam              /etc/ssl/letsencrypt/dhparam2048.pem; 
 ssl_ecdh_curve     secp384r1;
 ssl_session_cache shared:SSL:50m;
 ssl_session_timeout 1d;
@@ -10,7 +10,6 @@ ssl_prefer_server_ciphers on;
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
 ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
 resolver 8.8.8.8 8.8.4.4;
-ssl_stapling on;
 ssl_stapling_verify on;
 ssl_buffer_size 4k;
 add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";