From 6c9685783fdf38e0208953d6c98d16aef19dc7b3 Mon Sep 17 00:00:00 2001 From: Oliver Gwyther Date: Sat, 24 Jan 2026 22:39:00 +0000 Subject: [PATCH] Added files --- client/analytics.js | 1 + client/env.js | 4 ++ docker-compose.yml | 128 ++++++++++++++++++++++++++++++++++++++++++++ nginx/default.conf | 54 +++++++++++++++++++ 4 files changed, 187 insertions(+) create mode 100644 client/analytics.js create mode 100644 client/env.js create mode 100644 docker-compose.yml create mode 100644 nginx/default.conf diff --git a/client/analytics.js b/client/analytics.js new file mode 100644 index 0000000..76c8029 --- /dev/null +++ b/client/analytics.js @@ -0,0 +1 @@ +// Add your analytics script here. \ No newline at end of file diff --git a/client/env.js b/client/env.js new file mode 100644 index 0000000..882e8ed --- /dev/null +++ b/client/env.js @@ -0,0 +1,4 @@ +window.HASURA_API_URL = "/hasura"; +window.REPOFLOW_SERVER = "/api"; +window.IS_PRINT_ENV = true; +window.DOCS_URL = "/docs"; \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..b6c2ca9 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,128 @@ +name: repoflow + +services: + nginx: + image: nginxinc/nginx-unprivileged:1.29.3-alpine + restart: unless-stopped + ports: + - "9080:8080" + volumes: + - ./nginx/default.conf:/etc/nginx/conf.d/default.conf + depends_on: + - server + - client + - hasura + deploy: + replicas: 1 + networks: + - repoflow-net + + client: + image: api.repoflow.io/repoflow-public/docker-public/library/repoflow-client:0.7.2 + restart: unless-stopped + volumes: + - ./client/env.js:/usr/share/nginx/html/env.js:ro + - ./client/analytics.js:/usr/share/nginx/html/analytics.js:ro + deploy: + replicas: 1 + networks: + - repoflow-net + + server: + image: api.repoflow.io/repoflow-public/docker-public/library/repoflow-server:0.7.2 + restart: unless-stopped + env_file: + - ./secrets.env + environment: + - IS_PRINT_ENV=true + - SERVER_PORT=3000 + - SERVER_URL=http://localhost:9080/api + - FRONTEND_URL=http://localhost:9080 + - COOKIE_SECURE=false + - TMP_FOLDER=/tmp + - S3_USE_SSL=false + - S3_PORT=9000 + - S3_END_POINT=minio + - S3_BUCKET=repoflow + - S3_USE_PRE_SIGNED_URL=false + - HASURA_URL=http://hasura:8080/v1/graphql + - HASURA_URL_REST=http://hasura:8080/api/rest + - IS_SMART_SEARCH_ENABLED=false + - DEFAULT_SEARCH_LIMIT=10 + - IS_REDIS_ENABLED=false + - IS_REMOTE_CACHE_ENABLED=true + - COOKIE_EXPIRY_IN_SECONDS=2592000 + - JWS_ALGORITHM=HS256 + - DEFAULT_ADMIN_USER_NAME=admin + - DEFAULT_ADMIN_PASSWORD=password + volumes: + - server-logs:/var/log/repoflow + - grype-db:/srv/vulnerabilitiesScanning + depends_on: + - hasura + deploy: + replicas: 1 + networks: + - repoflow-net + + postgresql: + image: postgres:14 + restart: unless-stopped + environment: + POSTGRES_USER: user + POSTGRES_PASSWORD: password + POSTGRES_DB: repoflow + volumes: + - postgresql-data:/var/lib/postgresql/data + healthcheck: + test: ["CMD-SHELL", "pg_isready -U user -d repoflow -h 127.0.0.1"] + interval: 5s + timeout: 5s + retries: 20 + start_period: 10s + deploy: + replicas: 1 + networks: + - repoflow-net + + minio: + image: minio/minio:RELEASE.2025-07-23T15-54-02Z + restart: unless-stopped + env_file: + - ./secrets.env + volumes: + - minio-data:/data + command: server /data --console-address ":9001" + deploy: + replicas: 1 + networks: + - repoflow-net + + hasura: + image: hasura/graphql-engine:v2.48.1 + restart: unless-stopped + env_file: + - ./secrets.env + environment: + - HASURA_GRAPHQL_ENABLE_CONSOLE=true + - HASURA_GRAPHQL_DEV_MODE=true + - HASURA_GRAPHQL_ENABLED_LOG_TYPES=startup,http-log,webhook-log,websocket-log,query-log + - HASURA_GRAPHQL_ENABLE_TELEMETRY=false + - HASURA_GRAPHQL_UNAUTHORIZED_ROLE=anonymous + - HASURA_GRAPHQL_METADATA_DATABASE_URL=postgresql://user:password@postgresql:5432/repoflow + - HASURA_GRAPHQL_DATABASE_URL=postgresql://user:password@postgresql:5432/repoflow + depends_on: + postgresql: + condition: service_healthy + networks: + - repoflow-net + +networks: + repoflow-net: + driver: bridge + +volumes: + minio-data: + server-logs: + postgresql-data: + grype-db: \ No newline at end of file diff --git a/nginx/default.conf b/nginx/default.conf new file mode 100644 index 0000000..2817f4d --- /dev/null +++ b/nginx/default.conf @@ -0,0 +1,54 @@ +map $http_upgrade $connection_upgrade { + default upgrade; + '' close; +} + +map $request_uri $api_uri { + ~^/api(?/.*)$ $rest; + default $request_uri; +} + +client_max_body_size 10G; + +server { + listen 8080 default_server; + + add_header X-Frame-Options "DENY"; + add_header Content-Security-Policy "frame-ancestors 'none';"; + + location /v2/ { + proxy_read_timeout 600s; + proxy_request_buffering off; + rewrite ^/v2/(.*)$ /v2/$1 break; + proxy_pass http://server:3000; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /api/ { + proxy_read_timeout 600s; + proxy_request_buffering off; + proxy_pass http://server:3000$api_uri; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /hasura { + proxy_pass http://hasura:8080/v1/graphql; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + } + + location / { + proxy_pass http://client:8080/; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} \ No newline at end of file