Merge branch 'master' into feat/oauth-signin

2026-06-02 10:57:31 +00:00 · 2022-03-06 16:43:20 +01:00
parent e7f702e854 72d92528f1
commit f60794f91c
23 changed files with 427 additions and 7 deletions
@@ -1,4 +1,4 @@
 .env
-
+*.secret.yaml
 .DS_Store
-.idea
+.idea
@@ -101,6 +101,7 @@ getDiscordConfig =
 getDiscordTokens :: String -> MaybeT IO ExternalToken
 getDiscordTokens code = MaybeT $ do
    cfg <- getDiscordConfig
+    backUrl <- envAsString "BACK_URL" ""
    let endpoint = tokenEndpoint code cfg
    request' <- parseRequest endpoint
    let request =
@@ -111,7 +112,7 @@ getDiscordTokens code = MaybeT $ do
                , ("client_secret", B8.pack . oauthClientSecret $ cfg)
                , ("code", B8.pack code)
                , ("grant_type", "authorization_code")
-                , ("redirect_uri", "http://localhost:8080/auth/redirect")
+                , ("redirect_uri", B8.pack $ backUrl ++ "auth/redirect")
                ]
            request'
    response <- httpJSONEither request
@@ -151,6 +152,7 @@ getGoogleConfig =
 getGoogleTokens :: String -> MaybeT IO ExternalToken
 getGoogleTokens code = MaybeT $ do
    cfg <- getGoogleConfig
+    backUrl <- envAsString "BACK_URL" ""
    let endpoint = tokenEndpoint code cfg
    request' <- parseRequest endpoint
    let request =
@@ -161,7 +163,7 @@ getGoogleTokens code = MaybeT $ do
                , ("client_secret", B8.pack . oauthClientSecret $ cfg)
                , ("code", B8.pack code)
                , ("grant_type", "authorization_code")
-                , ("redirect_uri", "http://localhost:8080/auth/redirect")
+                , ("redirect_uri", B8.pack $ backUrl ++ "auth/redirect")
                ]
            request'
    response <- httpJSONEither request
@@ -200,6 +202,7 @@ getSpotifyConfig =
 getSpotifyTokens :: String -> MaybeT IO ExternalToken
 getSpotifyTokens code = MaybeT $ do
    cfg <- getSpotifyConfig
+    backUrl <- envAsString "BACK_URL" ""
    let basicAuth = encodeBase64 $ B8.pack $ oauthClientId cfg ++ ":" ++ oauthClientSecret cfg
    let endpoint = tokenEndpoint code cfg
    request' <- parseRequest endpoint
@@ -210,7 +213,7 @@ getSpotifyTokens code = MaybeT $ do
            setRequestBodyURLEncoded
                [ ("code", B8.pack code)
                , ("grant_type", "authorization_code")
-                , ("redirect_uri", "http://localhost:8080/auth/redirect")
+                , ("redirect_uri", B8.pack $ backUrl ++ "auth/redirect")
                ]
            request'
    response <- httpJSONEither request
@@ -247,6 +250,7 @@ getTwitterConfig =
 getTwitterTokens :: String -> MaybeT IO ExternalToken
 getTwitterTokens code = MaybeT $ do
    cfg <- getTwitterConfig
+    backUrl <- envAsString "BACK_URL" ""
    let basicAuth = encodeBase64 $ B8.pack $ "Basic " ++ oauthClientId cfg ++ ":" ++ oauthClientSecret cfg
    let endpoint = tokenEndpoint code cfg
    request' <- parseRequest endpoint
@@ -257,7 +261,7 @@ getTwitterTokens code = MaybeT $ do
            setRequestBodyURLEncoded
                [ ("code", B8.pack code)
                , ("grant_type", "authorization_code")
-                , ("redirect_uri", "http://localhost:8080/auth/redirect")
+                , ("redirect_uri", B8.pack $ backUrl ++ "auth/redirect")
                , ("code_verifier", "challenge")
                ]
            request'
@@ -297,6 +301,7 @@ getAnilistConfig =
 getAnilistTokens :: String -> MaybeT IO ExternalToken
 getAnilistTokens code = MaybeT $ do
    cfg <- getAnilistConfig
+    backUrl <- envAsString "BACK_URL" ""
    let endpoint = tokenEndpoint code cfg
    request' <- parseRequest endpoint
    let request =
@@ -307,7 +312,7 @@ getAnilistTokens code = MaybeT $ do
                , ("client_secret", B8.pack . oauthClientSecret $ cfg)
                , ("code", B8.pack code)
                , ("grant_type", "authorization_code")
-                , ("redirect_uri", "http://localhost:8080/auth/redirect")
+                , ("redirect_uri", B8.pack $ backUrl ++ "auth/redirect")
                ]
            request'
    response <- httpJSONEither request
@@ -0,0 +1,3 @@
+FROM postgres:14
+
+COPY db.sql /docker-entrypoint-initdb.d/
@@ -0,0 +1,35 @@
+CREATE TABLE IF NOT EXISTS users (
+	id SERIAL PRIMARY KEY,
+	username VARCHAR(255) UNIQUE NOT NULL,
+	password VARCHAR(255) NOT NULL,
+	slug VARCHAR(255) UNIQUE NOT NULL,
+	external_tokens JSONB[] NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS pipelines (
+	id SERIAL PRIMARY KEY,
+	name VARCHAR(255) NOT NULL,
+	type VARCHAR(255) NOT NULL,
+	params JSONB NOT NULL,
+	user_id INTEGER NOT NULL,
+	enabled BOOLEAN NOT NULL,
+	error TEXT,
+	trigger_count INTEGER NOT NULL,
+	last_trigger TIMESTAMP,
+	CONSTRAINT fk_user
+		FOREIGN KEY (user_id)
+			REFERENCES users(id)
+				ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS reactions (
+	id SERIAL PRIMARY KEY,
+	type VARCHAR(255) NOT NULL,
+	params JSONB NOT NULL,
+	pipeline_id INTEGER NOT NULL,
+	react_order INTEGER NOT NULL,
+	CONSTRAINT fk_pipeline
+		FOREIGN KEY (pipeline_id)
+			REFERENCES pipelines(id)
+				ON DELETE CASCADE
+);
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
@@ -0,0 +1,24 @@
+apiVersion: v2
+name: aeris
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: configmap-back
+data:
+    WORKER_API_URL: http://api:8080/worker
+    WORKER_URL: http://worker:5000
+    BACK_URL: https://aeris.westeurope.cloudapp.azure.com/api/
@@ -0,0 +1,36 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: aeris-back
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: back
+  template:
+    metadata:
+      labels:
+        app: back
+    spec:
+      containers:
+      - name: back
+        imagePullPolicy: Always
+        image: {{ .Values.BACK_IMAGE }}
+        ports:
+        - containerPort: 8080
+        volumeMounts:
+          - mountPath: "/cache"
+            name: postgres-volume-claim
+        envFrom:
+        - configMapRef:
+            name: configmap-postgres
+        - configMapRef:
+            name: configmap-back
+        - secretRef:
+            name: secret-postgres
+        - secretRef:
+            name: secret-back
+      volumes:
+      - name: postgres-volume-claim
+        persistentVolumeClaim:
+          claimName: volume-claim-back
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: api-service
+spec:
+  type: LoadBalancer
+  # loadBalancerIP: "20.105.195.175"
+  selector:
+    app: back
+  ports:
+    - port: 8080
+      targetPort: 8080
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: volume-back
+  labels:
+    type: local
+    name: volume-back
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 50M
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/mnt/data"
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: volume-claim-back
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 50M
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: api
+spec:
+  type: ClusterIP
+  # loadBalancerIP: "20.105.195.175"
+  selector:
+    app: back
+  ports:
+    - port: 8080
+      targetPort: 8080
@@ -0,0 +1,18 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: louis.auzuret@gmail.com
+    privateKeySecretRef:
+      name: letsencrypt
+    solvers:
+    - http01:
+        ingress:
+          class: nginx
+          podTemplate:
+            spec:
+              nodeSelector:
+                "kubernetes.io/os": linux
@@ -0,0 +1,21 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: aeris-front
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: front
+  template:
+    metadata:
+      labels:
+        app: front
+    spec:
+      containers:
+      - name: front
+        imagePullPolicy: Always
+        image: {{ .Values.FRONT_IMAGE }}
+        #args: ["/api"]
+        ports:
+        - containerPort: 80
@@ -0,0 +1,52 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: aeris-ingress
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+    nginx.ingress.kubernetes.io/use-regex: "true"
+    cert-manager.io/cluster-issuer: letsencrypt
+spec:
+  tls:
+  - hosts:
+    - aeris.westeurope.cloudapp.azure.com
+    secretName: tls-secret
+  rules:
+  - host: aeris.westeurope.cloudapp.azure.com
+    http:
+      paths:
+      - path: /(.*)
+        pathType: Prefix
+        backend:
+          service:
+            name: front-cluster
+            port:
+              number: 80
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: aeris-ingress-static
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/rewrite-target: /static/$2
+    nginx.ingress.kubernetes.io/use-regex: "true"
+    cert-manager.io/cluster-issuer: letsencrypt
+spec:
+  tls:
+  - hosts:
+    - aeris.westeurope.cloudapp.azure.com
+    secretName: tls-secret
+  rules:
+  - host: aeris.westeurope.cloudapp.azure.com
+    http:
+      paths:
+      - path:
+        pathType: Prefix
+        backend:
+          service:
+            name: front-cluster
+            port: 
+              number: 80
+        path: /static(/|$)(.*)
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: front-service
+spec:
+  type: LoadBalancer
+  #loadBalancerIP: "13.81.34.213"
+  selector:
+    app: front
+  ports:
+    - port: 80
+      targetPort: 80
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: front-cluster
+spec:
+  type: ClusterIP
+  #loadBalancerIP: "13.81.34.213"
+  selector:
+    app: front
+  ports:
+    - port: 80
+      targetPort: 80
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: configmap-postgres
+data:
+  POSTGRES_HOST: "postgres-service"
+  POSTGRES_PORT: "5432"
+  POSTGRES_DB: "aeris"
+  PGDATA: /var/lib/postgresql/data/d
@@ -0,0 +1,34 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: postgres-deployment
+spec:
+  replicas: 1
+  selector:
+      matchLabels:
+        app: postgres
+  template:
+    metadata:
+      name: postgres
+      labels: 
+        app: postgres
+    spec:
+      containers:
+      - name: postgres
+        image: {{ .Values.DB_IMAGE }}
+        ports:
+          - containerPort: 5432
+            hostPort: 5432
+        volumeMounts:
+          - mountPath: "/var/lib/postgresql/data"
+            name: postgres-volume-claim
+        envFrom:
+        - configMapRef:
+            name: configmap-postgres
+        - secretRef:
+            name: secret-postgres
+      volumes:
+        - name: postgres-volume-claim
+          persistentVolumeClaim:
+            claimName: volume-claim-postgres
+      restartPolicy: Always
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgres-service
+spec:
+  type: ClusterIP
+  selector:
+    app: postgres
+  ports:
+    - port: 5432
+      targetPort: 5432
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: volume-postgres
+  labels:
+    type: local
+    name: volume-postgres
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 200M
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/mnt/data"
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: volume-claim-postgres
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 200M
@@ -0,0 +1,26 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: aeris-worker
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: worker
+  template:
+    metadata:
+      labels:
+        app: worker
+    spec:
+      restartPolicy: Always
+      containers:
+      - name: worker
+        imagePullPolicy: Always
+        image: {{ .Values.WORKER_IMAGE }}
+        ports:
+        - containerPort: 5000
+        envFrom:
+        - secretRef:
+            name: secret-back
+        - configMapRef:
+            name: configmap-back
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: worker
+spec:
+  type: ClusterIP
+  selector:
+    app: worker
+  ports:
+    - port: 5000
+      targetPort: 5000
@@ -0,0 +1,4 @@
+BACK_IMAGE: aeris.azurecr.io/back
+FRONT_IMAGE: aeris.azurecr.io/front
+WORKER_IMAGE: aeris.azurecr.io/worker
+DB_IMAGE: aeris.azurecr.io/postgres