mirror of
https://github.com/graphql-hive/console
synced 2026-05-08 18:00:44 +00:00
6540155fc7
* add supertoken container to docker-compose file * yeah I am sorry this one big commit and I am ashamed of it * use logOut function * feat: show header on 404 page * feat: better handling for organization cookie when not authenticated * wrap it * check session within server side props * add is_admin flag user migration * simplify and annotate the config * fix: handle status codes + fix email/password sign up with import from auth0 * no hardcoded env pls * decode process.env * secure update user id mapping via a key * fix: login form * lol we don't need to hit the API * fix: do graphql api authorization via authorization header instead of cookie * implement isAdmin flag * fix: types :) * skipit * yo we can run this * set env variables * disable because it annoys the hell out of me * use the right host * add not about token length * refactor: decode environment variables * feat: store external user id from guthub/google provider in the database * workaround supertokens omitting null values from the token * re-enable check * i have no time for this shit * add missing env variable * fix: email test; missing domain extension * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> * fix: env names * fix: link google account to the correct db record * feat: email confirmation emails * ? * bump ts-node * fix types * omit package form the bundle * remove it from dependencies... * add emails apckage to dev deps * resolve eslint issues * remove comments * update dev info + change env variable (no need to expose it on the frontend) * use correct user id lol Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com>
543 lines
14 KiB
YAML
543 lines
14 KiB
YAML
version: '3.8'
|
|
services:
|
|
db:
|
|
image: postgres:13.4-alpine
|
|
ports:
|
|
- 5432:5432
|
|
environment:
|
|
POSTGRES_DB: registry
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
PGDATA: /var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ['CMD-SHELL', 'pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
networks:
|
|
- 'stack'
|
|
|
|
clickhouse:
|
|
image: clickhouse/clickhouse-server:22.6.1-alpine
|
|
volumes:
|
|
- ../packages/services/storage/configs/clickhouse:/etc/clickhouse-server/conf.d
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:8123/ping']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 10s
|
|
environment:
|
|
CLICKHOUSE_USER: test
|
|
CLICKHOUSE_PASSWORD: test
|
|
ports:
|
|
- 8123:8123
|
|
networks:
|
|
- 'stack'
|
|
|
|
zookeeper:
|
|
image: confluentinc/cp-zookeeper:7.1.1-1-ubi8.amd64
|
|
hostname: zookeeper
|
|
networks:
|
|
- 'stack'
|
|
ports:
|
|
- 2181:2181
|
|
ulimits:
|
|
nofile:
|
|
soft: 20000
|
|
hard: 40000
|
|
environment:
|
|
ZOOKEEPER_CLIENT_PORT: 2181
|
|
ZOOKEEPER_TICK_TIME: 2000
|
|
|
|
broker:
|
|
image: confluentinc/cp-kafka:7.1.1-1-ubi8.amd64
|
|
hostname: borker
|
|
depends_on:
|
|
zookeeper:
|
|
condition: service_started
|
|
networks:
|
|
- 'stack'
|
|
ports:
|
|
- 29092:29092
|
|
- 9092:9092
|
|
ulimits:
|
|
nofile:
|
|
soft: 20000
|
|
hard: 40000
|
|
healthcheck:
|
|
test: ['CMD', 'cub', 'kafka-ready', '1', '5', '-b', '127.0.0.1:9092', '-c', '/etc/kafka/kafka.properties']
|
|
interval: 15s
|
|
timeout: 10s
|
|
retries: 6
|
|
start_period: 15s
|
|
environment:
|
|
KAFKA_BROKER_ID: 1
|
|
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
|
|
KAFKA_AUTO_CREATE_TOPICS_ENABLE: 'true'
|
|
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT
|
|
KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://broker:29092,PLAINTEXT_HOST://localhost:9092
|
|
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
|
|
KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 0
|
|
KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1
|
|
KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
|
|
|
|
redis:
|
|
image: bitnami/redis:6.2
|
|
networks:
|
|
- 'stack'
|
|
healthcheck:
|
|
test: ['CMD', 'redis-cli', 'ping']
|
|
interval: 5s
|
|
timeout: 10s
|
|
retries: 6
|
|
start_period: 5s
|
|
ports:
|
|
- 6379:6379
|
|
environment:
|
|
- REDIS_PASSWORD=test
|
|
- REDIS_DISABLE_COMMANDS=FLUSHDB,FLUSHALL
|
|
|
|
migrations:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-migrations.sh'
|
|
networks:
|
|
- 'stack'
|
|
depends_on:
|
|
clickhouse:
|
|
condition: service_healthy
|
|
db:
|
|
condition: service_healthy
|
|
environment:
|
|
MIGRATOR: 'up'
|
|
CLICKHOUSE_MIGRATOR: 'up'
|
|
POSTGRES_CONNECTION_STRING: 'postgresql://postgres:postgres@db:5432/registry'
|
|
CLICKHOUSE_PROTOCOL: 'http'
|
|
CLICKHOUSE_HOST: 'clickhouse'
|
|
CLICKHOUSE_PORT: '8123'
|
|
CLICKHOUSE_USERNAME: 'test'
|
|
CLICKHOUSE_PASSWORD: 'test'
|
|
# Tell dockest, we want to wait for the exit code of the migrator to be 0
|
|
labels:
|
|
dockest.readiness: 'exit_code'
|
|
volumes:
|
|
- './tarballs/storage.tgz:/storage.tgz'
|
|
- './run-migrations.sh:/run-migrations.sh'
|
|
|
|
server:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-server.sh'
|
|
networks:
|
|
- 'stack'
|
|
depends_on:
|
|
redis:
|
|
condition: service_healthy
|
|
clickhouse:
|
|
condition: service_healthy
|
|
migrations:
|
|
condition: service_completed_successfully
|
|
tokens:
|
|
condition: service_healthy
|
|
webhooks:
|
|
condition: service_healthy
|
|
emails:
|
|
condition: service_healthy
|
|
schema:
|
|
condition: service_healthy
|
|
usage_estimator:
|
|
condition: service_healthy
|
|
rate_limit:
|
|
condition: service_healthy
|
|
stripe_billing:
|
|
condition: service_healthy
|
|
local_cdn:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:3001/_readiness']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 5s
|
|
ports:
|
|
- 3001:3001
|
|
volumes:
|
|
- './tarballs/server.tgz:/server.tgz'
|
|
- './run-server.sh:/run-server.sh'
|
|
environment:
|
|
NODE_ENV: production
|
|
POSTGRES_HOST: db
|
|
POSTGRES_PORT: 5432
|
|
POSTGRES_DB: registry
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
ROARR_LOG: 'true'
|
|
CLICKHOUSE_PROTOCOL: 'http'
|
|
CLICKHOUSE_HOST: clickhouse
|
|
CLICKHOUSE_PORT: 8123
|
|
CLICKHOUSE_USERNAME: test
|
|
CLICKHOUSE_PASSWORD: test
|
|
REDIS_HOST: redis
|
|
REDIS_PORT: 6379
|
|
REDIS_PASSWORD: test
|
|
TOKENS_ENDPOINT: http://tokens:3003
|
|
WEBHOOKS_ENDPOINT: http://webhooks:3005
|
|
SCHEMA_ENDPOINT: http://schema:3002
|
|
USAGE_ESTIMATOR_ENDPOINT: http://usage_estimator:3008
|
|
RATE_LIMIT_ENDPOINT: http://rate_limit:3009
|
|
BILLING_ENDPOINT: http://stripe_billing:3010
|
|
EMAILS_ENDPOINT: http://emails:3011
|
|
CF_BASE_PATH: http://local_cdn:3004
|
|
CF_ACCOUNT_ID: 103df45224310d669213971ce28b5b70
|
|
CF_AUTH_TOKEN: 85e20c26c03759603c0f45884824a1c3
|
|
CF_NAMESPACE_ID: 33b1e3bbb4a4707d05ea0307cbb55c79
|
|
CDN_AUTH_PRIVATE_KEY: 1e1064ef9cda8bf38936b77317e90dc3
|
|
CDN_BASE_URL: http://localhost:3004
|
|
GITHUB_APP_ID: 123123
|
|
GITHUB_APP_PRIVATE_KEY: 5f938d51a065476c4dc1b04aeba13afb
|
|
ENCRYPTION_SECRET: 8ebe95cf24c1fbe306e9fa32c8c33148
|
|
FEEDBACK_SLACK_TOKEN: ''
|
|
FEEDBACK_SLACK_CHANNEL: '#hive'
|
|
WEB_APP_URL: https://app.graphql-hive.com
|
|
PORT: 3001
|
|
FF_CLICKHOUSE_V2_TABLES: ${FF_CLICKHOUSE_V2_TABLES}
|
|
SUPERTOKENS_CONNECTION_URI: http://supertokens:3567
|
|
SUPERTOKENS_API_KEY: bubatzbieber6942096420
|
|
|
|
schema:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-schema.sh'
|
|
networks:
|
|
- 'stack'
|
|
depends_on:
|
|
redis:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:3002/_readiness']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 5s
|
|
ports:
|
|
- 3002:3002
|
|
volumes:
|
|
- './tarballs/schema.tgz:/schema.tgz'
|
|
- './run-schema.sh:/run-schema.sh'
|
|
environment:
|
|
NODE_ENV: production
|
|
PORT: 3002
|
|
REDIS_HOST: redis
|
|
REDIS_PORT: 6379
|
|
REDIS_PASSWORD: test
|
|
|
|
tokens:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-tokens.sh'
|
|
networks:
|
|
- 'stack'
|
|
depends_on:
|
|
migrations:
|
|
condition: service_completed_successfully
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:3003/_readiness']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 5s
|
|
ports:
|
|
- 3003:3003
|
|
volumes:
|
|
- './tarballs/tokens.tgz:/tokens.tgz'
|
|
- './run-tokens.sh:/run-tokens.sh'
|
|
environment:
|
|
NODE_ENV: production
|
|
POSTGRES_HOST: db
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
POSTGRES_PORT: 5432
|
|
POSTGRES_DB: registry
|
|
ROARR_LOG: 'true'
|
|
PORT: 3003
|
|
|
|
local_cdn:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-local-cdn.sh'
|
|
networks:
|
|
- 'stack'
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:3004/_readiness']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 5s
|
|
ports:
|
|
- 3004:3004
|
|
volumes:
|
|
- '../packages/services/cdn-worker/dist/dev.js:/cdn.js'
|
|
- './run-local-cdn.sh:/run-local-cdn.sh'
|
|
environment:
|
|
NODE_ENV: production
|
|
PORT: 3004
|
|
CDN_AUTH_PRIVATE_KEY: 1e1064ef9cda8bf38936b77317e90dc3
|
|
|
|
webhooks:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-webhooks.sh'
|
|
networks:
|
|
- 'stack'
|
|
depends_on:
|
|
redis:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:3005/_readiness']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 5s
|
|
ports:
|
|
- 3005:3005
|
|
volumes:
|
|
- './tarballs/webhooks.tgz:/webhooks.tgz'
|
|
- './run-webhooks.sh:/run-webhooks.sh'
|
|
environment:
|
|
NODE_ENV: production
|
|
BULLMQ_COMMANDS_FROM_ROOT: 'true'
|
|
PORT: 3005
|
|
REDIS_HOST: redis
|
|
REDIS_PORT: 6379
|
|
REDIS_PASSWORD: test
|
|
|
|
emails:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-emails.sh'
|
|
networks:
|
|
- 'stack'
|
|
depends_on:
|
|
redis:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:3011/_readiness']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 5s
|
|
ports:
|
|
- 3011:3011
|
|
volumes:
|
|
- './tarballs/emails.tgz:/emails.tgz'
|
|
- './run-emails.sh:/run-emails.sh'
|
|
environment:
|
|
NODE_ENV: production
|
|
BULLMQ_COMMANDS_FROM_ROOT: 'true'
|
|
PORT: 3011
|
|
REDIS_HOST: redis
|
|
REDIS_PORT: 6379
|
|
REDIS_PASSWORD: test
|
|
EMAIL_PROVIDER: mock
|
|
EMAIL_FROM: mock@graphql-hive.com
|
|
|
|
usage:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-usage.sh'
|
|
networks:
|
|
- 'stack'
|
|
ports:
|
|
- '3006:3006'
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:3006/_readiness']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 5s
|
|
volumes:
|
|
- './tarballs/usage.tgz:/usage.tgz'
|
|
- './run-usage.sh:/run-usage.sh'
|
|
depends_on:
|
|
broker:
|
|
condition: service_healthy
|
|
rate_limit:
|
|
condition: service_healthy
|
|
tokens:
|
|
condition: service_healthy
|
|
environment:
|
|
NODE_ENV: production
|
|
TOKENS_ENDPOINT: http://tokens:3003
|
|
RATE_LIMIT_ENDPOINT: http://rate_limit:3009
|
|
KAFKA_CONNECTION_MODE: 'docker'
|
|
KAFKA_BROKER: broker:29092
|
|
KAFKA_BUFFER_SIZE: 350
|
|
KAFKA_BUFFER_INTERVAL: 1000
|
|
KAFKA_BUFFER_DYNAMIC: 'true'
|
|
PORT: 3006
|
|
|
|
usage_ingestor:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-usage-ingestor.sh'
|
|
networks:
|
|
- 'stack'
|
|
depends_on:
|
|
broker:
|
|
condition: service_healthy
|
|
clickhouse:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:3007/_readiness']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 5s
|
|
ports:
|
|
- 3007:3007
|
|
volumes:
|
|
- './tarballs/usage-ingestor.tgz:/usage-ingestor.tgz'
|
|
- './run-usage-ingestor.sh:/run-usage-ingestor.sh'
|
|
environment:
|
|
NODE_ENV: production
|
|
KAFKA_CONNECTION_MODE: 'docker'
|
|
KAFKA_BROKER: broker:29092
|
|
KAFKA_CONCURRENCY: 1
|
|
CLICKHOUSE_PROTOCOL: 'http'
|
|
CLICKHOUSE_HOST: clickhouse
|
|
CLICKHOUSE_PORT: 8123
|
|
CLICKHOUSE_USERNAME: test
|
|
CLICKHOUSE_PASSWORD: test
|
|
PORT: 3007
|
|
|
|
usage_estimator:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-usage-estimator.sh'
|
|
networks:
|
|
- 'stack'
|
|
ports:
|
|
- 3008:3008
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:3008/_readiness']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 5s
|
|
volumes:
|
|
- './tarballs/usage-estimator.tgz:/usage-estimator.tgz'
|
|
- './run-usage-estimator.sh:/run-usage-estimator.sh'
|
|
depends_on:
|
|
clickhouse:
|
|
condition: service_healthy
|
|
migrations:
|
|
condition: service_completed_successfully
|
|
environment:
|
|
NODE_ENV: production
|
|
POSTGRES_CONNECTION_STRING: 'postgresql://postgres:postgres@db:5432/registry'
|
|
ROARR_LOG: 'true'
|
|
CLICKHOUSE_PROTOCOL: 'http'
|
|
CLICKHOUSE_HOST: 'clickhouse'
|
|
CLICKHOUSE_PORT: '8123'
|
|
CLICKHOUSE_USERNAME: 'test'
|
|
CLICKHOUSE_PASSWORD: 'test'
|
|
PORT: 3008
|
|
FF_CLICKHOUSE_V2_TABLES: ${FF_CLICKHOUSE_V2_TABLES}
|
|
|
|
rate_limit:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-rate-limit.sh'
|
|
networks:
|
|
- 'stack'
|
|
ports:
|
|
- 3009:3009
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:3009/_readiness']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 5s
|
|
volumes:
|
|
- './tarballs/rate-limit.tgz:/rate-limit.tgz'
|
|
- './run-rate-limit.sh:/run-rate-limit.sh'
|
|
depends_on:
|
|
clickhouse:
|
|
condition: service_healthy
|
|
migrations:
|
|
condition: service_completed_successfully
|
|
usage_estimator:
|
|
condition: service_healthy
|
|
emails:
|
|
condition: service_healthy
|
|
environment:
|
|
NODE_ENV: production
|
|
LIMIT_CACHE_UPDATE_INTERVAL_MS: 2000
|
|
POSTGRES_CONNECTION_STRING: 'postgresql://postgres:postgres@db:5432/registry'
|
|
USAGE_ESTIMATOR_ENDPOINT: http://usage_estimator:3008
|
|
EMAILS_ENDPOINT: http://emails:3011
|
|
ROARR_LOG: 'true'
|
|
PORT: 3009
|
|
|
|
stripe_billing:
|
|
image: node:16.13.2-alpine3.14
|
|
entrypoint:
|
|
- '/bin/sh'
|
|
- '/run-stripe-billing.sh'
|
|
networks:
|
|
- 'stack'
|
|
ports:
|
|
- 3010:3010
|
|
healthcheck:
|
|
test: ['CMD', 'wget', '--spider', '-q', 'localhost:3010/_readiness']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 5s
|
|
volumes:
|
|
- './tarballs/stripe-billing.tgz:/stripe-billing.tgz'
|
|
- './run-stripe-billing.sh:/run-stripe-billing.sh'
|
|
depends_on:
|
|
clickhouse:
|
|
condition: service_healthy
|
|
migrations:
|
|
condition: service_completed_successfully
|
|
usage_estimator:
|
|
condition: service_healthy
|
|
environment:
|
|
NODE_ENV: production
|
|
STRIPE_SECRET_KEY: ${STRIPE_SECRET_KEY}
|
|
POSTGRES_CONNECTION_STRING: 'postgresql://postgres:postgres@db:5432/registry'
|
|
ROARR_LOG: 'true'
|
|
USAGE_ESTIMATOR_ENDPOINT: http://usage_estimator:3008
|
|
PORT: 3010
|
|
|
|
supertokens:
|
|
image: registry.supertokens.io/supertokens/supertokens-postgresql:3.9
|
|
networks:
|
|
- 'stack'
|
|
ports:
|
|
- '3567:3567'
|
|
environment:
|
|
POSTGRESQL_USER: postgres
|
|
POSTGRESQL_PASSWORD: postgres
|
|
POSTGRESQL_DATABASE_NAME: registry
|
|
POSTGRESQL_TABLE_NAMES_PREFIX: 'supertokens'
|
|
POSTGRESQL_HOST: db
|
|
POSTGRESQL_PORT: 5432
|
|
API_KEYS: bubatzbieber6942096420
|
|
|
|
networks:
|
|
stack: {}
|