updates

Clivern · May 29, 2024 · eaf987a · eaf987a
1 parent a3cddf9
commit eaf987a
Show file tree

Hide file tree

Showing 9 changed files with 149 additions and 73 deletions.
diff --git a/README.md b/README.md
@@ -45,37 +45,48 @@ Lynx is a Fast, Secure and Reliable Terraform Backend. It is built in Elixir wit
 
 - **OAuth2 Authentication Support:** Support for OAuth2 Providers like Azure AD OAuth, Keycloak, Okta ... etc
 
-## Deployment
+
+#### Quick Start
+
+> [!IMPORTANT]
+>
+> Make sure you have docker and docker-compose installed for the quick start.
+
 Lynx requires a [PostgreSQL](https://www.postgresql.org/) database. No Object Storage is required.
 
-### Docker Deployment
+To run `Lynx` alone on port `4000` on docker.
 
-To deploy a ready to use stack, you can go to [this docker-compose file](https://github.com/Clivern/Lynx/blob/main/docker-compose.yml) and execute it. All dependencies are already fulfilled. You can also download it directly via:
+```bash
+$ wget https://raw.githubusercontent.com/Clivern/Lynx/main/docker-compose.yml -O docker-compose.yml
+$ docker compose up -d
+```
+
+To run `Lynx` behind nginx reverse proxy on port `80` on docker.
 
 ```bash
-wget https://raw.githubusercontent.com/Clivern/Lynx/main/docker-compose.yml -O docker-compose.yml
-docker compose up -d
+$ wget https://raw.githubusercontent.com/Clivern/Lynx/main/docker-compose-nginx.yml -O docker-compose.yml
+$ wget https://raw.githubusercontent.com/Clivern/Lynx/main/nginx.conf -O nginx.conf
+$ docker compose up -d
 ```
 
-The application will be now available on port 4000 (by default)
+Here is a [video demonstration](https://www.youtube.com/watch?v=YNkHfysr3-0)
 
-### Deploy on Ubuntu
 
-[👉🏻 read here](./docs/how-to/deploy-on-ubuntu/Readme.md)
+#### Manual Installation
 
-### Demo Video
+Please check [this guide](./docs/how-to/deploy-on-ubuntu/README.md) for a manual setup on Ubuntu server.
 
-Here is a [video demonstration](https://www.youtube.com/watch?v=YNkHfysr3-0)
 
-## Important Links
+#### Important Links
 
 | Name            | Description                                                                                        |
 | --------------- | -------------------------------------------------------------------------------------------------- |
 | Bug Tracker     | [Submit issues on GitHub](https://github.com/clivern/lynx/issues)                                  |
 | Security Issues | [Submit security vulnerability on GitHub](https://github.com/Clivern/Lynx/security/advisories/new) |
 | Contributing    | [Read the contribution guide here](./docs/how-to/development/Reamd.md)                             |
 
-## License
+
+#### License
 
 © 2023, Clivern. Released under [MIT License](https://opensource.org/licenses/mit-license.php).
 

diff --git a/docker-compose-nginx.yml b/docker-compose-nginx.yml
@@ -0,0 +1,49 @@
+version: '3.8'
+
+services:
+  app:
+    image: clivern/lynx:0.11.9
+    environment:
+      APP_NAME: Lynx
+      APP_PORT: 4000
+      APP_SECRET: koPmu7TJCwD8mttV9vgWUeU7iuu/zTPOR3sX4UalM9KkYEVGPfyi0PeTVzu1TT8C
+      APP_HOST: localhost
+      APP_HTTP_SCHEMA: http
+      DB_USERNAME: root
+      DB_PASSWORD: D1q9f0C2&PEW
+      DB_HOSTNAME: db
+      DB_DATABASE: lynx
+      DB_PORT: 5432
+      DB_SSL: null
+      DB_CA_CERTFILE_PATH: null
+      MIX_ENV: prod
+    command: sh -c "/app/bin/migrate && /app/bin/server"
+    restart: unless-stopped
+    depends_on:
+      - db
+
+  db:
+    image: postgres:16.3
+    environment:
+      POSTGRES_DB: lynx
+      POSTGRES_USER: root
+      POSTGRES_PASSWORD: D1q9f0C2&PEW
+    restart: unless-stopped
+    volumes:
+      - db:/var/lib/postgresql/data
+
+  nginx:
+    image: nginx:1.25.4-alpine3.18
+    ports:
+      - '80:80'
+    healthcheck:
+      test: ["CMD", "curl", "--fail", "http://localhost/_ready"]
+      interval: 30s
+      retries: 3
+    restart: unless-stopped
+    volumes:
+      - ./nginx.conf:/etc/nginx/nginx.conf
+
+volumes:
+  db:
+    driver: local
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,10 +1,4 @@
-version: "3.8"
-
-volumes:
-  db:
-    driver: local
-  app:
-    driver: local
+version: '3.8'
 
 services:
   app:
@@ -25,6 +19,12 @@ services:
       MIX_ENV: prod
     command: sh -c "/app/bin/migrate && /app/bin/server"
     restart: unless-stopped
+    ports:
+      - '4000:4000'
+    healthcheck:
+      test: ["CMD", "curl", "--fail", "http://localhost:4000/_health"]
+      interval: 30s
+      retries: 3
     depends_on:
       - db
 
@@ -37,3 +37,7 @@ services:
     restart: unless-stopped
     volumes:
       - db:/var/lib/postgresql/data
+
+volumes:
+  db:
+    driver: local
diff --git a/docs/how-to/development/Reamd.md → docs/how-to/development/README.md b/docs/how-to/development/Reamd.md → docs/how-to/development/README.md
diff --git a/example/README.md b/example/README.md
@@ -0,0 +1,45 @@
+#### How to use Lynx as a backend
+
+After creating a project and environment in lynx dashboard. You can get the backend information and secrets to use. it should be something like the following
+
+```hcl
+terraform {
+  backend "http" {
+    username       = "hs2d21pk"
+    password       = "pO(BwDTjs5ND"
+    address        = "http://localhost:4000/client/clivern/monitoring/prod/state"
+    lock_address   = "http://localhost:4000/client/clivern/monitoring/prod/lock"
+    unlock_address = "http://localhost:4000/client/clivern/monitoring/prod/unlock"
+    lock_method    = "POST"
+    unlock_method  = "POST"
+  }
+}
+```
+
+Copy the `address`, `lock_address`, `unlock_address`, `lock_method` and `unlock_method` and place it in `backend.tf` file like the following
+
+```hcl
+terraform {
+  backend "http" {
+    address        = "http://localhost:4000/client/clivern/monitoring/prod/state"
+    lock_address   = "http://localhost:4000/client/clivern/monitoring/prod/lock"
+    unlock_address = "http://localhost:4000/client/clivern/monitoring/prod/unlock"
+    lock_method    = "POST"
+    unlock_method  = "POST"
+  }
+}
+```
+
+Username and password should be define as environment variables.
+
+```zsh
+$ export TF_HTTP_USERNAME="vf41bkwj"
+$ export TF_HTTP_PASSWORD="2sTb&N*gvyXj"
+```
+
+Then you can check the changes and apply them
+
+```zsh
+$ terraform plan
+$ terraform apply
+```
diff --git a/terraform-example/backend.tf → example/backend.tf b/terraform-example/backend.tf → example/backend.tf
@@ -1,11 +1,9 @@
 terraform {
   backend "http" {
-    username       = "hs2d21pk"
-    password       = "pO(BwDTjs5ND"
     address        = "http://localhost:4000/client/clivern/monitoring/prod/state"
     lock_address   = "http://localhost:4000/client/clivern/monitoring/prod/lock"
     unlock_address = "http://localhost:4000/client/clivern/monitoring/prod/unlock"
     lock_method    = "POST"
     unlock_method  = "POST"
   }
-}
+}
diff --git a/terraform-example/main.tf → example/main.tf b/terraform-example/main.tf → example/main.tf
@@ -5,7 +5,7 @@ terraform {
       version = "0.11.2"
     }
   }
-   required_version = ">= 1.3.7"
+  required_version = ">= 1.3.7"
 }
 
 provider "local" {}

diff --git a/nginx.conf b/nginx.conf
@@ -0,0 +1,19 @@
+events { }
+
+http {
+    server {
+        listen 80;
+        server_name lynx.sh; # Replace with your actual domain name
+
+        location / {
+            proxy_pass http://app:4000;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header Host $http_host;
+            proxy_set_header X-NginX-Proxy true;
+
+            proxy_redirect off;
+        }
+    }
+}
diff --git a/terraform-example/README.md b/terraform-example/README.md