diff --git a/keyserver/docker-compose.yml b/keyserver/docker-compose.yml index ee623e2f1..19dc35f9a 100644 --- a/keyserver/docker-compose.yml +++ b/keyserver/docker-compose.yml @@ -1,38 +1,39 @@ version: "3.9" services: node: build: dockerfile: keyserver/Dockerfile context: ../ image: commapp/node-keyserver:1.0 restart: always ports: - "3000:3000" environment: - REDIS_URL=redis://cache + - COMM_LISTEN_ADDR=0.0.0.0 - COMM_MYSQL_HOST=${COMM_MYSQL_HOST:-database} - COMM_MYSQL_DATABASE - COMM_MYSQL_USER - COMM_MYSQL_PASSWORD depends_on: - cache - database database: image: mysql:5.7.37-debian restart: always expose: - "3306" # There is no M1 build on Docker Hub, so we force x64 # This is what we want in production anyways. M1 devs will have it emulated platform: linux/amd64 environment: - MYSQL_RANDOM_ROOT_PASSWORD=yes - MYSQL_DATABASE=$COMM_MYSQL_DATABASE - MYSQL_USER=$COMM_MYSQL_USER - MYSQL_PASSWORD=$COMM_MYSQL_PASSWORD cache: image: redis:6.2.6-bullseye restart: always expose: - "6379" command: redis-server --loglevel warning diff --git a/keyserver/src/keyserver.js b/keyserver/src/keyserver.js index 41e3afe6e..023c5fc54 100644 --- a/keyserver/src/keyserver.js +++ b/keyserver/src/keyserver.js @@ -1,165 +1,168 @@ // @flow import cluster from 'cluster'; import cookieParser from 'cookie-parser'; import express from 'express'; import expressWs from 'express-ws'; import os from 'os'; import './cron/cron'; import { migrate } from './database/migrations'; import { jsonEndpoints } from './endpoints'; import { emailSubscriptionResponder } from './responders/comm-landing-responders'; import { jsonHandler, httpGetHandler, downloadHandler, htmlHandler, uploadHandler, } from './responders/handlers'; import landingHandler from './responders/landing-handler'; import { errorReportDownloadResponder } from './responders/report-responders'; import { createNewVersionResponder, markVersionDeployedResponder, } from './responders/version-responders'; import { websiteResponder } from './responders/website-responders'; import { onConnection } from './socket/socket'; import { multerProcessor, multimediaUploadResponder, uploadDownloadResponder, } from './uploads/uploads'; import { prefetchAllURLFacts, getSquadCalURLFacts, getLandingURLFacts, getCommAppURLFacts, } from './utils/urls'; (async () => { await prefetchAllURLFacts(); const squadCalBaseRoutePath = getSquadCalURLFacts()?.baseRoutePath; const landingBaseRoutePath = getLandingURLFacts()?.baseRoutePath; const commAppBaseRoutePath = getCommAppURLFacts()?.baseRoutePath; const compiledFolderOptions = process.env.NODE_ENV === 'development' ? undefined : { maxAge: '1y', immutable: true }; if (cluster.isMaster) { const didMigrationsSucceed: boolean = await migrate(); if (!didMigrationsSucceed) { // The following line uses exit code 2 to ensure nodemon exits // in a dev environment, instead of restarting. Context provided // in https://github.com/remy/nodemon/issues/751 process.exit(2); } const cpuCount = os.cpus().length; for (let i = 0; i < cpuCount; i++) { cluster.fork(); } cluster.on('exit', () => cluster.fork()); } else { const server = express(); expressWs(server); server.use(express.json({ limit: '50mb' })); server.use(cookieParser()); const setupAppRouter = router => { router.use('/images', express.static('images')); router.use('/fonts', express.static('fonts')); router.use('/misc', express.static('misc')); router.use( '/.well-known', express.static( '.well-known', // Necessary for apple-app-site-association file { setHeaders: res => res.setHeader('Content-Type', 'application/json'), }, ), ); router.use( '/compiled', express.static('app_compiled', compiledFolderOptions), ); router.use('/', express.static('icons')); for (const endpoint in jsonEndpoints) { // $FlowFixMe Flow thinks endpoint is string const responder = jsonEndpoints[endpoint]; const expectCookieInvalidation = endpoint === 'log_out'; router.post( `/${endpoint}`, jsonHandler(responder, expectCookieInvalidation), ); } router.get( '/create_version/:deviceType/:codeVersion', httpGetHandler(createNewVersionResponder), ); router.get( '/mark_version_deployed/:deviceType/:codeVersion', httpGetHandler(markVersionDeployedResponder), ); router.get( '/download_error_report/:reportID', downloadHandler(errorReportDownloadResponder), ); router.get( '/upload/:uploadID/:secret', downloadHandler(uploadDownloadResponder), ); // $FlowFixMe express-ws has side effects that can't be typed router.ws('/ws', onConnection); router.get('*', htmlHandler(websiteResponder)); router.post( '/upload_multimedia', multerProcessor, uploadHandler(multimediaUploadResponder), ); }; // Note - the order of router declarations matters. On prod we have // squadCalBaseRoutePath configured to '/', which means it's a catch-all. If // we call server.use on squadCalRouter first, it will catch all requests // and prevent commAppRouter and landingRouter from working correctly. So we // make sure that squadCalRouter goes last if (landingBaseRoutePath) { const landingRouter = express.Router(); landingRouter.use('/images', express.static('images')); landingRouter.use('/fonts', express.static('fonts')); landingRouter.use( '/compiled', express.static('landing_compiled', compiledFolderOptions), ); landingRouter.use('/', express.static('landing_icons')); landingRouter.post('/subscribe_email', emailSubscriptionResponder); landingRouter.get('*', landingHandler); server.use(landingBaseRoutePath, landingRouter); } if (commAppBaseRoutePath) { const commAppRouter = express.Router(); setupAppRouter(commAppRouter); server.use(commAppBaseRoutePath, commAppRouter); } if (squadCalBaseRoutePath) { const squadCalRouter = express.Router(); setupAppRouter(squadCalRouter); server.use(squadCalBaseRoutePath, squadCalRouter); } - server.listen(parseInt(process.env.PORT, 10) || 3000, 'localhost'); + server.listen( + parseInt(process.env.PORT, 10) || 3000, + process.env.COMM_LISTEN_ADDR || 'localhost', + ); } })();