From 9cb6fef2aed9260783af95c8c7eca4921c8cae3c Mon Sep 17 00:00:00 2001
From: Nico Vermaas <vermaas@astron.nl>
Date: Wed, 24 Jun 2020 17:16:11 +0200
Subject: [PATCH] docker-compose and Dockerfile for esap_nginx

---
 esap/docker/docker-compose-dev.yml | 55 ++++++++++++++++++++++++++++
 esap/docker/docker-compose.yml     | 40 ++++++++++++++++++++
 esap/docker/shared/Dockerfile      |  7 ++++
 esap/docker/shared/esap_nginx.conf | 59 ++++++++++++++++++++++++++++++
 esap/docker/shared/oidc            |  2 +
 5 files changed, 163 insertions(+)
 create mode 100644 esap/docker/docker-compose-dev.yml
 create mode 100644 esap/docker/docker-compose.yml
 create mode 100644 esap/docker/shared/Dockerfile
 create mode 100644 esap/docker/shared/esap_nginx.conf
 create mode 100644 esap/docker/shared/oidc

diff --git a/esap/docker/docker-compose-dev.yml b/esap/docker/docker-compose-dev.yml
new file mode 100644
index 00000000..2cca342b
--- /dev/null
+++ b/esap/docker/docker-compose-dev.yml
@@ -0,0 +1,55 @@
+version: '3.4'
+
+networks:
+  esap_network: 
+  traefik_proxy:
+    external:
+      name: traefik_proxy
+  default:
+    driver: bridge
+
+services:
+  esap_api:
+    container_name: esap_api
+    image: esap_api:latest
+    networks:
+      - esap_network
+    expose:
+      - 8000
+    env_file:
+      - $HOME/shared/oidc
+    restart: always
+    volumes:
+      - $HOME/shared:/shared
+
+  esap_api_dev:
+    container_name: esap_api_dev
+    image: esap_api_dev:latest
+    ports:
+      - 15671:8000
+    expose:
+      - 8000
+    networks:
+      - esap_network
+    env_file:
+      - $HOME/shared/oidc
+    restart: always
+    volumes:
+      - $HOME/shared/:/shared
+
+  esap_nginx:
+    build:
+        context: $HOME/shared
+        dockerfile: Dockerfile
+    container_name: esap_nginx
+    image: esap_nginx:latest
+    networks:
+      - esap_network    
+    ports:
+      - 80:80
+    volumes:
+      - $HOME/shared:/shared
+      - $HOME/shared:/etc/nginx/conf.d 
+      - $HOME/shared/static:/static
+    restart: always
+
diff --git a/esap/docker/docker-compose.yml b/esap/docker/docker-compose.yml
new file mode 100644
index 00000000..dbf53f37
--- /dev/null
+++ b/esap/docker/docker-compose.yml
@@ -0,0 +1,40 @@
+version: '3.4'
+
+networks:
+  esap_network: 
+  traefik_proxy:
+    external:
+      name: traefik_proxy
+  default:
+    driver: bridge
+
+services:
+  esap_api:
+    container_name: esap_api
+    image: esap_api:latest
+    networks:
+      - esap_network
+    expose: 
+      - 8000
+    env_file:
+      - $HOME/shared/oidc
+    restart: always
+    volumes:
+      - $HOME/shared:/shared
+
+  esap_nginx:
+    build:
+        context: $HOME/shared
+        dockerfile: Dockerfile
+    container_name: esap_nginx
+    image: esap_nginx:latest
+    networks:
+      - esap_network    
+    ports:
+      - 80:80
+    volumes:
+      - $HOME/shared:/shared
+      - $HOME/shared:/etc/nginx/conf.d 
+      - $HOME/shared/static:/static
+    restart: always
+
diff --git a/esap/docker/shared/Dockerfile b/esap/docker/shared/Dockerfile
new file mode 100644
index 00000000..663fa8fe
--- /dev/null
+++ b/esap/docker/shared/Dockerfile
@@ -0,0 +1,7 @@
+FROM nginx
+RUN apt-get update && apt-get install --no-install-recommends -y bash nano mc
+RUN rm /etc/nginx/conf.d/default.conf
+COPY esap_nginx.conf /etc/nginx/conf.d/
+ 
+# put Dockerfile, esap_nginx.conf and oidc in your $HOME/shared directory
+# where the docker-compose.yml can find it.
diff --git a/esap/docker/shared/esap_nginx.conf b/esap/docker/shared/esap_nginx.conf
new file mode 100644
index 00000000..c17288d5
--- /dev/null
+++ b/esap/docker/shared/esap_nginx.conf
@@ -0,0 +1,59 @@
+
+
+# nginx configuration for esap
+# note how this connects directly into the esap_api container on port 8000, 
+# this is made possible by the docker-compose 'network:' configuration.
+
+upstream web8005 {
+  server esap_api:8000;
+}
+
+
+server {
+  server_name localhost;
+
+  # inside the container, listen to port 80
+  listen 80;
+ 
+  root /shared/public_html;
+     
+  # Any route that doesn't have a file extension (e.g. /devices)
+  location / {
+	try_files $uri $uri/ /index.html;
+  }
+	
+    
+  # ===== proxy to esap-api on port 8005 =====
+  location /esap-api/ {
+     proxy_pass http://web8005/esap-api/;
+     proxy_set_header Host sdc.astron.nl;
+	 proxy_set_header X-Forwarded-For $remote_addr;
+  }
+  
+  # This reflect a change in the Django settings (docker_dop457.py) to serve multiple applications: STATIC_URL = '/static_esap/' 	
+  location /static_esap/ {
+     proxy_pass http://web8005/static_esap/;
+	 proxy_set_header Host sdc.astron.nl;
+	 proxy_set_header X-Forwarded-For $remote_addr;	 
+  }
+
+  
+  location /oidc/ {
+     proxy_pass http://web8005/oidc/;
+  }
+
+  
+  location /static/ {
+        alias /static/;
+  }
+
+  
+  # redirect server error pages to the static page /50x.html
+  #
+  error_page   500 502 503 504  /50x.html;
+  location = /50x.html {
+      root   /usr/share/nginx/html;
+  }
+
+}
+
diff --git a/esap/docker/shared/oidc b/esap/docker/shared/oidc
new file mode 100644
index 00000000..5010ea72
--- /dev/null
+++ b/esap/docker/shared/oidc
@@ -0,0 +1,2 @@
+OIDC_RP_CLIENT_ID="<your_client_id>"
+OIDC_RP_CLIENT_SECRET="<your_client_secret>"
\ No newline at end of file
-- 
GitLab