diff --git a/config/dev.edn b/config/dev.edn index bdf06e8e..0b4c2647 100644 --- a/config/dev.edn +++ b/config/dev.edn @@ -1 +1,2 @@ -{:db {:server "localhost"}} +{:db {:server "localhost"} + :scheme "http"} diff --git a/config/prod.edn b/config/prod.edn index b0f33850..cc9a8b07 100644 --- a/config/prod.edn +++ b/config/prod.edn @@ -1 +1,2 @@ -{:db {:server "database"}} +{:db {:server "database"} + :scheme "https"} diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index 913feab6..a14a745d 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -1,8 +1,27 @@ -version: '2' +version: '3' services: - app: - ports: - - 80:3000 + nginx-proxy: restart: always + volumes: + - /var/run/docker.sock:/tmp/docker.sock:ro + - /opt/integreat/certs/:/etc/nginx/certs:ro + - /opt/integreat/etc/nginx/vhost.d:/etc/nginx/vhost.d + - /opt/integreat/usr/share/nginx/html:/usr/share/nginx/html + letsencrypt: + restart: always + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + - /opt/integreat/certs/:/etc/nginx/certs + - /opt/integreat/etc/nginx/vhost.d:/etc/nginx/vhost.d + - /opt/integreat/usr/share/nginx/html:/usr/share/nginx/html + app: + restart: always + environment: + config: /usr/local/config/prod.edn + VIRTUAL_HOST: integreat.aws.brycecovertoperations.com + LETSENCRYPT_HOST: integreat.aws.brycecovertoperations.com + LETSENCRYPT_EMAIL: le@brycecovertoperations.com database: restart: always + volumes: + - /opt/integreat/var/lib/postgresql/data:/var/lib/postgresql/data \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 08a7be99..526eae5d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,13 +1,33 @@ -version: '2' +version: '3' services: + nginx-proxy: + image: jwilder/nginx-proxy:alpine + ports: + - "80:80" + - "443:443" + labels: + - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true" + volumes: + - /var/run/docker.sock:/tmp/docker.sock:ro + - ./data/certs/:/etc/nginx/certs:ro + - ./data/etc/nginx/vhost.d:/etc/nginx/vhost.d + - ./data/usr/share/nginx/html:/usr/share/nginx/html + letsencrypt: + image: jrcs/letsencrypt-nginx-proxy-companion:stable + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + - ./data/certs/:/etc/nginx/certs + - ./data/etc/nginx/vhost.d:/etc/nginx/vhost.d + - ./data/usr/share/nginx/html:/usr/share/nginx/html app: build: . - ports: - - 3000:3000 + expose: + - 3000 depends_on: - database environment: config: /usr/local/config/prod.edn + VIRTUAL_HOST: local.integreat.aws.brycecovertoperations.com database: image: postgres:9-alpine ports: @@ -16,6 +36,8 @@ services: POSTGRES_USER: ap POSTGRES_PASSWORD: fifteen-invoices-imported! POSTGRES_DB: autoap + volumes: + - ./data/var/lib/postgresql/data:/var/lib/postgresql/data migrator: build: ./migrator depends_on: diff --git a/src/clj/auto_ap/handler.clj b/src/clj/auto_ap/handler.clj index dbbcc7a9..5634d1b7 100644 --- a/src/clj/auto_ap/handler.clj +++ b/src/clj/auto_ap/handler.clj @@ -17,6 +17,7 @@ [clj-fuzzy.metrics :as m] [clj-http.client :as http] [clj-time.core :as time] + [config.core :refer [env]] [buddy.auth :refer [authenticated?]] @@ -42,16 +43,18 @@ (GET "/" [] (response/resource-response "index.html" {:root "public"})) (GET "/api/oauth" {{:strs [code]} :query-params :keys [scheme] :as r {:strs [host]} :headers} + (try (let [auth (-> "https://accounts.google.com/o/oauth2/token" (http/post {:form-params {"client_id" google-client-id "client_secret" google-client-secret "code" code - "redirect_uri" (str (name scheme) "://" host "/api/oauth") + "redirect_uri" (str (:scheme env) "://" host "/api/oauth") "grant_type" "authorization_code"} :as :json}) :body) + _ (println auth) token (:access_token auth) profile (-> (http/get "https://www.googleapis.com/oauth2/v1/userinfo" {:headers {"Authorization" (str "Bearer " token)} :as :json}) @@ -74,7 +77,7 @@ (catch Exception e {:status 401 - :body (str "Couldn't authenticate " (.toString e))}))) + :body (str "Couldn't authenticate " (.toString e))}))) (route/resources "/") (routes (ANY "*" [] (response/resource-response "index.html" {:root "public"}))))