egommerce/api-gateway
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Make some clearing for nginx

Browse Source
This commit is contained in:
PB
2025-10-17 08:07:15 +02:00
parent 7d0c06b86c
commit 214889a1a5
13 changed files with 11 additions and 432 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Dockerfile
View File

@@ -1,4 +1,4 @@
FROM traefik:v3.0 FROM 1.28.0-alpine3.21
ARG BUILD_TIME ARG BUILD_TIME
@@ -8,11 +8,9 @@ LABEL dev.egommerce.image.service="api-gateway"
LABEL dev.egommerce.image.version="1.0" LABEL dev.egommerce.image.version="1.0"
LABEL dev.egommerce.image.build_time=${BUILD_TIME} LABEL dev.egommerce.image.build_time=${BUILD_TIME}
COPY ./api-gateway/etc /etc/traefik # COPY ./api-gateway/etc /etc/traefik
COPY ./api-gateway/plugins /plugins-local
COPY ./api-gateway/entrypoint.sh ./api-gateway/wait-for-it.sh /
ENTRYPOINT ["/entrypoint.sh"] # ENTRYPOINT ["/entrypoint.sh"]
CMD ["traefik"] # CMD ["traefik"]
EXPOSE 443 8080 EXPOSE 443

3
Makefile
View File

@@ -8,5 +8,8 @@ build-image-dev:
build-image-prod: build-image-prod:
- sh ${DEPLOY_DIR}/image-build.sh - sh ${DEPLOY_DIR}/image-build.sh
push-image-dev:
- sh ${DEPLOY_DIR}/image-push.sh dev
push-image-prod: push-image-prod:
- sh ${DEPLOY_DIR}/image-push.sh - sh ${DEPLOY_DIR}/image-push.sh

36
api-gateway/entrypoint.sh
View File

@@ -1,36 +0,0 @@
#!/bin/sh
set +e
waitForService()
{
./wait-for-it.sh $1 -t 2 1>/dev/null 2>&1
status=$?
while [ $status != 0 ]
do
echo "[x] wating for $1..."
sleep 1
./wait-for-it.sh $1 -t 2 1>/dev/null 2>&1
status=$?
done
}
waitForService "api-registry:8500"
set -e
# first arg is `-f` or `--some-option`
if [ "${1#-}" != "$1" ]; then
set -- traefik "$@"
fi
# if our command is a valid Traefik subcommand, let's invoke it through Traefik instead
# (this allows for "docker run traefik version", etc)
if traefik "$1" --help >/dev/null 2>&1
then
set -- traefik "$@"
else
echo "= '$1' is not a Traefik command: assuming shell execution." 1>&2
fi
# echo "Executing: $@"
exec "$@"

9
api-gateway/etc/tls.yml
View File

@@ -1,9 +0,0 @@
tls:
certificates:
certFile: /etc/traefik/certs/client.cert
keyFile: /etc/traefik/certs/client.key
stores:
default:
defaultCertificate:
certFile: /etc/traefik/certs/client.cert
keyFile: /etc/traefik/certs/client.key

81
api-gateway/etc/traefik.yml
View File

@@ -1,81 +0,0 @@
################################################################
global:
checkNewVersion: false
sendAnonymousUsage: false
################################################################
entryPoints:
https:
address: :443
http2:
maxConcurrentStreams: 250
transport:
respondingTimeouts:
readTimeout: '100ms'
writeTimeout: '100ms'
idleTimeout: '200ms'
# ^^ FIXME: Use ENV var
rabbitmq:
address: :5672
metrics:
address: :8084
certificatesResolvers:
tls:
acme:
email: keedosn+egommerce@gmail.com
storage: acme.json
httpChallenge:
# used during the challenge
entryPoint: https
################################################################
# serversTransport:
# insecureSkipVerify: true
# rootCAs:
# - /etc/traefik/certs/client.cert
################################################################
api:
insecure: true
# dashboard: true
################################################################
providers:
file:
filename: /etc/traefik/tls.yml
docker:
exposedByDefault: false
# Default host rule.
# Optional
# Default: "Host(`{{ normalize .Name }}`)"
# defaultRule: Host(`{{ normalize .Name }}.docker.localhost`)
################################################################
consulCatalog:
exposedByDefault: false
refreshInterval: 5s
# ^^ configure in stack`s yml api-registry `command:` section: --providers.consulcatalog.refreshInterval=10s
endpoint:
address: api-registry:8500
# ^^ FIXME: Use ENV var
################################################################
# log:
# level: DEBUG
################################################################
accessLog: {}
################################################################
metrics:
prometheus:
entryPoint: metrics
addEntryPointsLabels: true
addRoutersLabels: true
addServicesLabels: true
################################################################
experimental:
localPlugins:
requestid:
moduleName: "git.pbiernat.dev/traefik/plugin-requestid"

6
api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/.traefik.yml
View File

@@ -1,6 +0,0 @@
displayName: Add X-Request-ID Header
type: middleware
import: git.pbiernat.dev/traefik/plugin-requestid
summary: 'Add a X-Request-ID header for tracing'
testData: {}

3
api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/README.md
View File

@@ -1,3 +0,0 @@
# plugin-requestid
Add X-Request-ID header

3
api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/go.mod
View File

@@ -1,3 +0,0 @@
module git.pbiernat.dev/traefik/plugin-requestid
go 1.18

61
api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/requestid.go
View File

@@ -1,61 +0,0 @@
package plugin_requestid
import (
"context"
"fmt"
"net/http"
)
const defaultHeaderName = "X-Request-ID"
// Config plugin configuration
type Config struct {
HeaderName string `json:"headerName"`
}
// CreateConfig create default plugin configuration
func CreateConfig() *Config {
return &Config{
HeaderName: defaultHeaderName,
}
}
// RequestIDHeader
type RequestIDHeader struct {
headerName string
name string
next http.Handler
}
// New create new RequestIDHeader
func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error) {
hdr := &RequestIDHeader{
next: next,
name: name,
}
if config == nil {
return nil, fmt.Errorf("config can not be nil")
}
if config.HeaderName == "" {
hdr.headerName = defaultHeaderName
} else {
hdr.headerName = config.HeaderName
}
return hdr, nil
}
func (r *RequestIDHeader) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
uuid := newUUID().String()
// header injection to backend service
req.Header.Add(r.headerName, uuid)
// header injection to client response
rw.Header().Add(r.headerName, uuid)
r.next.ServeHTTP(rw, req)
}

58
api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/uuid.go
View File

@@ -1,58 +0,0 @@
// source: https://github.com/trinnylondon/traefik-add-trace-id/blob/master/rand-utils.go
package plugin_requestid
import (
"crypto/rand"
"encoding/hex"
"io"
)
var rander = rand.Reader // random function
type UUID [16]byte
func must(uuid UUID, err error) UUID {
if err != nil {
panic(err)
}
return uuid
}
func newUUID() UUID {
return must(newRandom())
}
func newRandom() (UUID, error) {
return newRandomFromReader(rander)
}
// newRandomFromReader returns a UUID based on bytes read from a given io.Reader.
func newRandomFromReader(r io.Reader) (UUID, error) {
var uuid UUID
_, err := io.ReadFull(r, uuid[:])
if err != nil {
return UUID{}, err
}
uuid[6] = (uuid[6] & 0x0f) | 0x40 // Version 4
uuid[8] = (uuid[8] & 0x3f) | 0x80 // Variant is 10
return uuid, nil
}
// String returns the string form of uuid, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
// , or "" if uuid is invalid.
func (uuid UUID) String() string {
var buf [36]byte
encodeHex(buf[:], uuid)
return string(buf[:])
}
func encodeHex(dst []byte, uuid UUID) {
hex.Encode(dst, uuid[:4])
dst[8] = '-'
hex.Encode(dst[9:13], uuid[4:6])
dst[13] = '-'
hex.Encode(dst[14:18], uuid[6:8])
dst[18] = '-'
hex.Encode(dst[19:23], uuid[8:10])
dst[23] = '-'
hex.Encode(dst[24:], uuid[10:])
}

165
api-gateway/wait-for-it.sh
View File

@@ -1,165 +0,0 @@
#!/usr/bin/env sh
# Use this script to test if a given TCP host/port are available
set -e
cmdname=$(basename "$0")
echoerr() {
if [ "$QUIET" -ne 1 ]; then
printf "%s\n" "$*" 1>&2;
fi
}
usage()
{
exitcode="$1"
cat << USAGE >&2
Usage:
$cmdname host:port [-s] [-t timeout] [-- command args]
-h HOST | --host=HOST Host or IP under test
-p PORT | --port=PORT TCP port under test
Alternatively, you specify the host and port as host:port
-s | --strict Only execute subcommand if the test succeeds
-q | --quiet Don't output any status messages
-t TIMEOUT | --timeout=TIMEOUT
Timeout in seconds, zero for no timeout
-- COMMAND ARGS Execute command with args after the test finishes
USAGE
exit "$exitcode"
}
wait_for()
{
if [ "$TIMEOUT" -gt 0 ]; then
echoerr "$cmdname: waiting $TIMEOUT seconds for $HOST:$PORT"
else
echoerr "$cmdname: waiting for $HOST:$PORT without a timeout"
fi
start_ts=$(date +%s)
while true
do
nc -z "$HOST" "$PORT" >/dev/null 2>&1
result=$?
if [ $result -eq 0 ]; then
end_ts=$(date +%s)
echoerr "$cmdname: $HOST:$PORT is available after $((end_ts - start_ts)) seconds"
break
fi
sleep 1
done
return $result
}
wait_for_wrapper()
{
# In order to support SIGINT during timeout: http://unix.stackexchange.com/a/57692
if [ "$QUIET" -eq 1 ]; then
timeout "$TIMEOUT" "$0" -q -child "$HOST":"$PORT" -t "$TIMEOUT" &
else
timeout "$TIMEOUT" "$0" --child "$HOST":"$PORT" -t "$TIMEOUT" &
fi
PID=$!
trap 'kill -INT -$PID' INT
wait $PID
RESULT=$?
if [ $RESULT -ne 0 ]; then
echoerr "$cmdname: timeout occurred after waiting $TIMEOUT seconds for $HOST:$PORT"
fi
return $RESULT
}
TIMEOUT=15
STRICT=0
CHILD=0
QUIET=0
# process arguments
while [ $# -gt 0 ]
do
case "$1" in
*:* )
HOST=$(printf "%s\n" "$1"| cut -d : -f 1)
PORT=$(printf "%s\n" "$1"| cut -d : -f 2)
shift 1
;;
--child)
CHILD=1
shift 1
;;
-q | --quiet)
QUIET=1
shift 1
;;
-s | --strict)
STRICT=1
shift 1
;;
-h)
HOST="$2"
if [ "$HOST" = "" ]; then break; fi
shift 2
;;
--host=*)
HOST=$(printf "%s" "$1" | cut -d = -f 2)
shift 1
;;
-p)
PORT="$2"
if [ "$PORT" = "" ]; then break; fi
shift 2
;;
--port=*)
PORT="${1#*=}"
shift 1
;;
-t)
TIMEOUT="$2"
if [ "$TIMEOUT" = "" ]; then break; fi
shift 2
;;
--timeout=*)
TIMEOUT="${1#*=}"
shift 1
;;
--)
shift
break
;;
--help)
usage 0
;;
*)
echoerr "Unknown argument: $1"
usage 1
;;
esac
done
if [ "$HOST" = "" -o "$PORT" = "" ]; then
echoerr "Error: you need to provide a host and port to test."
usage 2
fi
if [ $CHILD -gt 0 ]; then
wait_for
RESULT=$?
exit $RESULT
else
if [ "$TIMEOUT" -gt 0 ]; then
wait_for_wrapper
RESULT=$?
else
wait_for
RESULT=$?
fi
fi
if [ "$*" != "" ]; then
if [ $RESULT -ne 0 -a $STRICT -eq 1 ]; then
echoerr "$cmdname: strict mode, refusing to execute subprocess"
exit $RESULT
fi
exec "$@"
else
exit $RESULT
fi

2
deploy/image-build.sh
View File

@@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
# RUN IN REPO ROOT DIR !! # RUN IN REPO ROOT DIR !!
export IMAGE_NAME="git.pbiernat.dev/egommerce/api-gateway" export IMAGE_NAME="git.ego.freeddns.org/egommerce/api-gateway"
export BUILD_TIME=$(date +"%Y%m%d%H%M%S") export BUILD_TIME=$(date +"%Y%m%d%H%M%S")
TARGET=${1:-latest} TARGET=${1:-latest}

4
deploy/image-push.sh
View File

@@ -1,9 +1,9 @@
#!/bin/sh #!/bin/sh
# RUN IN REPO ROOT DIR !! # RUN IN REPO ROOT DIR !!
export IMAGE_NAME="git.pbiernat.dev/egommerce/api-gateway" export IMAGE_NAME="git.ego.freeddns.org/egommerce/api-gateway"
TARGET=${1:-latest} TARGET=${1:-latest}
echo $DOCKER_PASSWORD | docker login git.pbiernat.dev -u $DOCKER_USERNAME --password-stdin echo $DOCKER_PASSWORD | docker login git.ego.freeddns.org -u $DOCKER_USERNAME --password-stdin
docker push "$IMAGE_NAME:$TARGET" docker push "$IMAGE_NAME:$TARGET"