Skip to content

Commit

Permalink
Better deployment (#37)
Browse files Browse the repository at this point in the history
* server asstelinks files for ios and android from ENV variable

* update docummentation

* fix typo
celuchmarek authored Nov 18, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
1 parent 70ba4c9 commit d1ca917
Showing 6 changed files with 52 additions and 37 deletions.
35 changes: 27 additions & 8 deletions .env.sample
Original file line number Diff line number Diff line change
@@ -1,8 +1,27 @@
AVM_MICROSERVICE_HOST=localhost:7200
FIREBASE_CREDENTIALS=
FIREBASE_PROJECT_ID=
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=
RAILS_LOG_LEVEL=
ROOT_URL_REDIRECT=
# ---- required in all environments ----
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=wdquAMgEOvYATXZzH2qWYhAT-d33R5s9NBaT3u0NTuE # random base64 encoded 32 bytes (should result in 44 characters)
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=uY3Dcm4RmTeSaILJZvD3Bk34zB7FttZLDwIMoM3YutE # random base64 encoded 32 bytes (should result in 44 characters)
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=Gsx8gdeRzLlWS6qWnpPglEIDI_mn2t4tyUkoeChZ7Ho # random base64 encoded 32 bytes (should result in 44 characters)
AVM_MICROSERVICE_HOST=localhost:7200 # host of the AVM service


# ---- required in produciton environment ----
DATABASE_URL=postgres://avm_server:password@pg-host:5432/avm_server_production
SECRET_KEY_BASE=be48dd3219138cc04cbdb48fb5324a4fb1a043c3db892ecf00087d895b97ea21bc5a64fddaa3835373cf2d3d62d8c4546a0359b68f6cc42278a5cc64bdfa9a5a # random 64 bytes in hex


# ---- rails app envs ----
RAILS_ENV=development # development, test, production
RAILS_LOG_LEVEL=info # error, warn, info
RAILS_LOG_TO_STDOUT=true # true, false - defaults to false in production; recommended to set to true for containered deployments


# ---- optional ----
APPLE_APP_SITE_ASSOCIATION=e30= # Base64 encoded content of Apple's /.well-known/apple-app-site-associaton file
ANDROID_ASSTELINKS=e30= # Base64 encoded contant of Andorid's /.well-known/assetlink.json file

FIREBASE_CREDENTIALS= # needed for Firebase Cloud Messaging - notifications
FIREBASE_PROJECT_ID= # needed for Firebase Cloud Messaging - notifications

ROOT_URL_REDIRECT=https://example.com/ # where to redirect root path request "/"
QR_CODE_URL_REDIRECT=https://example.com/ # where to redirect "/qr-code" request
7 changes: 0 additions & 7 deletions .gitlab/auto-deploy-values.yaml
Original file line number Diff line number Diff line change
@@ -34,10 +34,3 @@ persistence:
accessMode: ReadWriteMany
size: 1Gi
storageClass: nfs-client
- name: autogram-server-well-known
mount:
path: /app/public/.well-known
claim:
accessMode: ReadWriteMany
size: 1Mi
storageClass: nfs-client
13 changes: 13 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -17,6 +17,8 @@ Projekt sa skladá z viacerých častí:

## Ako si to rozbehnúť

### Development prostredie

- Je potrebné si nainštalovať správnu verziu Ruby. To sa najlepšie robí cez [RVM](https://rvm.io/) alebo [Rbenv](https://github.com/rbenv/rbenv).
- Aplikácia vyžaduje PostgreSQL databázu.
- Skopírovať `.env.sample` do `.env` a nastaviť hodnoty.
@@ -28,6 +30,17 @@ bundle exec rails db:setup
bundle esec rails s
```

### Produkčné nasadenie v kontajneri

- Je potrebné si vybuildiť Docker image na základe poskytnutého Dockerfile.
- Volume pre šifrované ukladanie podpisovaných súborov v `/app/storage`
- Premenné prosredia sú bližšie popísané v `.env.sample`, pričom tieto sú nevyhnutné pre produkčné nasadenie:
- PostgreSQL a connection string v `DATABASE_URL`
- Adresa [AVM Service](https://github.com/slovensko-digital/avm-service) inštnacie v `AVM_MICROSERVICE_HOST`
- Nastavené ENVs `ACTIVE_RECORD_ENCRYPTION_*`
- Nastavený ENV `SECRET_KEY_BASE`
- Nastavený ENV `RAILS_ENV=production`


## Architektúra riešenia

20 changes: 0 additions & 20 deletions app/controllers/apple_controller.rb

This file was deleted.

9 changes: 9 additions & 0 deletions app/controllers/assetlinks_controller.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
class AssetlinksController < ApplicationController
def apple_app_site_association
render :json => JSON.load(Base64.decode64 ENV.fetch('APPLE_APP_SITE_ASSOCIATION', 'e30='))
end

def android_assetlinks
render :json => JSON.load(Base64.decode64 ENV.fetch('ANDROID_ASSETLINKS', 'e30='))
end
end
5 changes: 3 additions & 2 deletions config/routes.rb
Original file line number Diff line number Diff line change
@@ -20,11 +20,12 @@
resources :integration_devices, path: '/integration-devices', only: [:index, :destroy]
resource :sign_request, path: '/sign-request', only: [:create]

get '/qr-code', to: redirect('https://sluzby.slovensko.digital/autogram-v-mobile/#download', status: 302)
get '/qr-code', to: redirect(ENV.fetch("QR_CODE_URL_REDIRECT", 'https://sluzby.slovensko.digital/autogram-v-mobile/#download'), status: 302)
end
end

get '/.well-known/apple-app-site-association' => 'apple#apple_app_site_association'
get '/.well-known/apple-app-site-association' => 'assetlinks#apple_app_site_association'
get '/.well-known/assetlinks.json' => 'assetlinks#android_assetlinks'
# Define your application routes per the DSL in https://guides.rubyonrails.org/routing.html

# Reveal health status on /up that returns 200 if the app boots with no exceptions, otherwise 500.

0 comments on commit d1ca917

Please sign in to comment.