feat: use only env var for appflowy cloud (AppFlowy-IO#224)

* feat: use only env var for appflowy cloud * fix: jwt local testing * fix: security audit * feat: update docker deploy configs * fix: test utils dotenvy * fix: test try sqlx offline * fix: add gotrue configs for appflowy * fix: redis uri in docker
mwatts · Dec 19, 2023 · a7b259a · a7b259a
1 parent 5c1a16c
commit a7b259a
Show file tree

Hide file tree

Showing 11 changed files with 146 additions and 170 deletions.
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -43,7 +43,7 @@ jobs:
 
       - name: Run Docker-Compose
         run: |
-          docker compose up -d 
+          docker compose up -d
 
       - name: Run tests
         run: |

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -34,7 +34,6 @@ tokio-stream = "0.1.14"
 tokio-util = { version = "0.7.9", features = ["io"] }
 futures = "0.3.17"
 futures-util ={ version = "0.3.26" , features = ["std","io"] }
-config = { version = "0.13.3", default-features = false, features = ["yaml"] }
 once_cell = "1.13.0"
 chrono = { version = "0.4.23", features = ["serde", "clock"], default-features = false }
 derive_more = { version = "0.99" }
@@ -67,6 +66,8 @@ uuid = "1.4.1"
 tokio-tungstenite = { version = "0.20.1", features = ["native-tls"] }
 prost = "0.12.1"
 casbin = { version = "2.0.9" }
+dotenvy = "0.15.7"
+url = "2.5.0"
 
 # collab
 collab = { version = "0.1.0", features = ["async-plugin"] }
@@ -91,7 +92,6 @@ realtime-entity.workspace = true
 once_cell = "1.7.2"
 tempfile = "3.4.0"
 assert-json-diff = "2.0.2"
-dotenv = "0.15.0"
 scraper = "0.17.1"
 client-api = { path = "libs/client-api", features = ["collab-sync", "test_util"] }
 opener = "0.6.1"

diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM lukemathwalker/cargo-chef:latest-rust-1.69.0 as chef
+FROM lukemathwalker/cargo-chef:latest-rust-1.74.0 as chef
 
 WORKDIR /app
 RUN apt update && apt install lld clang -y
@@ -18,7 +18,7 @@ ENV SQLX_OFFLINE true
 # Build the project
 RUN cargo build --release --bin appflowy_cloud
 
-FROM debian:bullseye-slim AS runtime
+FROM debian:bookworm-slim AS runtime
 WORKDIR /app
 RUN apt-get update -y \
     && apt-get install -y --no-install-recommends openssl \

diff --git a/dev.env b/dev.env
@@ -15,7 +15,7 @@ GOTRUE_SMTP_HOST=smtp.gmail.com
 GOTRUE_SMTP_PORT=465
 GOTRUE_SMTP_USER=email_sender@some_company.com
 GOTRUE_SMTP_PASS=email_sender_password
-GOTRUE_SMTP_ADMIN_EMAIL=comp_admin@@some_company.com
+GOTRUE_SMTP_ADMIN_EMAIL=comp_admin@some_company.com
 
 # gotrue admin
 GOTRUE_ADMIN_EMAIL=admin@example.com

diff --git a/doc/DEPLOYMENT.md b/doc/DEPLOYMENT.md
@@ -164,3 +164,7 @@ with your own in `nginx/ssl/` directory
 
 ## Usage of AppFlowy Application with AppFlowy Cloud
 - [AppFlowy with AppFlowyCloud](https://docs.appflowy.io/docs/guides/appflowy/self-hosting-appflowy)
+
+## 5. FAQ
+- How do I use a different `postgres`?
+> You can set `APPFLOWY_DATABASE_URL` to another postgres url. The default url is using the postgres in docker compose.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -102,17 +102,20 @@ services:
     restart: on-failure
     environment:
       - RUST_LOG=${RUST_LOG:-info}
-      - APP_ENVIRONMENT=production
-      - APP__GOTRUE__JWT_SECRET=${GOTRUE_JWT_SECRET}
-      - APP__GOTRUE__EXT_URL=${API_EXTERNAL_URL}
-      - APP__GOTRUE__ADMIN_EMAIL=${GOTRUE_ADMIN_EMAIL}
-      - APP__GOTRUE__ADMIN_PASSWORD=${GOTRUE_ADMIN_PASSWORD}
-      - APP__S3__USE_MINIO=${USE_MINIO}
-      - APP__S3__MINIO_URL=${MINIO_URL:-http://minio:9000}
-      - APP__S3__ACCESS_KEY=${AWS_ACCESS_KEY_ID}
-      - APP__S3__SECRET_KEY=${AWS_SECRET_ACCESS_KEY}
-      - APP__S3__BUCKET=${AWS_S3_BUCKET}
-      - APP__S3__REGION=${AWS_REGION}
+      - APPFLOWY_ENVIRONMENT=production
+      - APPFLOWY_DATABASE_URL=postgres://postgres:password@postgres:5432/postgres
+      - APPFLOWY_REDIS_URI=redis://redis:6379
+      - APPFLOWY_GOTRUE_JWT_SECRET=${GOTRUE_JWT_SECRET}
+      - APPFLOWY_GOTRUE_BASE_URL=http://gotrue:9999
+      - APPFLOWY_GOTRUE_EXT_URL=${API_EXTERNAL_URL}
+      - APPFLOWY_GOTRUE_ADMIN_EMAIL=${GOTRUE_ADMIN_EMAIL}
+      - APPFLOWY_GOTRUE_ADMIN_PASSWORD=${GOTRUE_ADMIN_PASSWORD}
+      - APPFLOWY_S3_USE_MINIO=${USE_MINIO}
+      - APPFLOWY_S3_MINIO_URL=${MINIO_URL:-http://minio:9000}
+      - APPFLOWY_S3_ACCESS_KEY=${AWS_ACCESS_KEY_ID}
+      - APPFLOWY_S3_SECRET_KEY=${AWS_SECRET_ACCESS_KEY}
+      - APPFLOWY_S3_BUCKET=${AWS_S3_BUCKET}
+      - APPFLOWY_S3_REGION=${AWS_REGION}
     build:
       context: .
       dockerfile: Dockerfile

diff --git a/src/application.rs b/src/application.rs
@@ -2,7 +2,7 @@ use crate::api::metrics::{metrics_registry, metrics_scope};
 use crate::biz::casbin::adapter::PgAdapter;
 use crate::biz::casbin::MODEL_CONF;
 use crate::component::auth::HEADER_TOKEN;
-use crate::config::config::{Config, DatabaseSetting, GoTrueSetting, S3Setting, TlsConfig};
+use crate::config::config::{Config, DatabaseSetting, GoTrueSetting, S3Setting};
 use crate::middleware::cors_mw::default_cors;
 use crate::middleware::request_id::RequestIdMiddleware;
 use crate::self_signed::create_self_signed_certificate;
@@ -148,17 +148,17 @@ pub async fn run(
 }
 
 fn get_certificate_and_server_key(config: &Config) -> Option<(Secret<String>, Secret<String>)> {
-  let tls_config = config.application.tls_config.as_ref()?;
-  match tls_config {
-    TlsConfig::NoTls => None,
-    TlsConfig::SelfSigned => Some(create_self_signed_certificate().unwrap()),
+  if config.application.use_tls {
+    Some(create_self_signed_certificate().unwrap())
+  } else {
+    None
   }
 }
 
 pub async fn init_state(config: &Config) -> Result<AppState, Error> {
   // Postgres
   info!("Preparng to run database migrations...");
-  let pg_pool = get_connection_pool(&config.database).await?;
+  let pg_pool = get_connection_pool(&config.db_settings).await?;
   migrate(&pg_pool).await?;
 
   // Bucket storage
@@ -204,6 +204,7 @@ pub async fn init_state(config: &Config) -> Result<AppState, Error> {
     .await,
   );
 
+  info!("Application state initialized");
   Ok(AppState {
     pg_pool,
     config: Arc::new(config.clone()),
@@ -337,22 +338,22 @@ async fn get_connection_pool(setting: &DatabaseSetting) -> Result<PgPool, Error>
     .acquire_timeout(Duration::from_secs(10))
     .connect_with(setting.with_db())
     .await
-    .context("failed to connect to postgres database")
+    .map_err(|e| anyhow::anyhow!("Failed to connect to postgres database: {}", e))
 }
 
 async fn migrate(pool: &PgPool) -> Result<(), Error> {
   sqlx::migrate!("./migrations")
     .run(pool)
     .await
-    .context("failed to run migrations")
+    .map_err(|e| anyhow::anyhow!("Failed to run migrations: {}", e))
 }
 
 async fn get_gotrue_client(setting: &GoTrueSetting) -> Result<gotrue::api::Client, Error> {
   let gotrue_client = gotrue::api::Client::new(reqwest::Client::new(), &setting.base_url);
-  gotrue_client
+  let _ = gotrue_client
     .health()
     .await
-    .context("failed to connect to GoTrue")?;
+    .map_err(|e| anyhow::anyhow!("Failed to connect to GoTrue: {}", e));
   Ok(gotrue_client)
 }