From 2ee13214fe6f725a2f6fa277f78dd946f1fea47c Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 21:43:43 +0530 Subject: [PATCH 01/36] Added deploy.yml --- .github/workflows/deploy.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000000..de2ea2d40d --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,24 @@ +name: Deploy to AWS EC2 + +on: + push: + branches: + - main + +jobs: + deploy: + runs-on: ubuntu-latest + + steps: + - name: Execute remote ssh commands using password + uses: appleboy/ssh-action@master + with: + host: ${{ secrets.HOST }} + username: ${{ secrets.USERNAME }} + key: ${{ secrets.SSH_KEY }} + script: | + git clone https://github.com/PalisadoesFoundation/talawa-api.git + cd your-repo + sudo apt-get update + docker system prune -a -f + docker-compose up --build -d \ No newline at end of file From d77a7e58df8392c0ffa1c110524fbc2e42426291 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 21:47:46 +0530 Subject: [PATCH 02/36] Added action to run when push on deploy branch too --- .github/workflows/deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index de2ea2d40d..47633d77a0 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -3,8 +3,8 @@ name: Deploy to AWS EC2 on: push: branches: - - main - + - deploy + - deployment jobs: deploy: runs-on: ubuntu-latest From 6f57ddd6a4d2f4b14ad53dda5d3dc0818858a4a6 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 21:52:43 +0530 Subject: [PATCH 03/36] refactor: changed push to all branches --- .github/workflows/deploy.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 47633d77a0..851abcd637 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,10 +1,7 @@ name: Deploy to AWS EC2 -on: - push: - branches: - - deploy - - deployment +on: [push] + jobs: deploy: runs-on: ubuntu-latest From ddac4188682e56c2e55e5c33f5af4143672477cb Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 22:02:03 +0530 Subject: [PATCH 04/36] test: ec2 ci/cd pipeline test1 --- .github/workflows/deploy.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 851abcd637..f57587d918 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -18,4 +18,5 @@ jobs: cd your-repo sudo apt-get update docker system prune -a -f - docker-compose up --build -d \ No newline at end of file + docker-compose up --build -d + \ No newline at end of file From 85d54a24133fdb7c91d6bcdacc3a0dabb48c2106 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 22:06:15 +0530 Subject: [PATCH 05/36] test: ec2 ci/cd pipeline test2 --- .github/workflows/deploy.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index f57587d918..851abcd637 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -18,5 +18,4 @@ jobs: cd your-repo sudo apt-get update docker system prune -a -f - docker-compose up --build -d - \ No newline at end of file + docker-compose up --build -d \ No newline at end of file From 2ed3f8e7ba2f88b4f34f787428ba4e8c28e5d69a Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 22:11:23 +0530 Subject: [PATCH 06/36] refactor: Added Port to deploy.yml --- .github/workflows/deploy.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 851abcd637..d0f8457378 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -8,11 +8,12 @@ jobs: steps: - name: Execute remote ssh commands using password - uses: appleboy/ssh-action@master + uses: appleboy/ssh-action@v1.0.0 with: host: ${{ secrets.HOST }} username: ${{ secrets.USERNAME }} key: ${{ secrets.SSH_KEY }} + port: ${{ secrets.PORT }} script: | git clone https://github.com/PalisadoesFoundation/talawa-api.git cd your-repo From 9d13d5f2a94107c197285d92497e828252b47113 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 22:21:46 +0530 Subject: [PATCH 07/36] test: ec2 ci/cd pipeline test3 --- .github/workflows/deploy.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index d0f8457378..b17f03745f 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -19,4 +19,5 @@ jobs: cd your-repo sudo apt-get update docker system prune -a -f - docker-compose up --build -d \ No newline at end of file + docker-compose up --build -d + \ No newline at end of file From d52229eee1939aefd7ec8dc67df85855ab465f85 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 22:28:32 +0530 Subject: [PATCH 08/36] test: ec2 ci/cd pipeline test4 --- .github/workflows/deploy.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b17f03745f..d0f8457378 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -19,5 +19,4 @@ jobs: cd your-repo sudo apt-get update docker system prune -a -f - docker-compose up --build -d - \ No newline at end of file + docker-compose up --build -d \ No newline at end of file From 172fb1741d298d51172fdceb8885ac13864105ae Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 22:30:52 +0530 Subject: [PATCH 09/36] test: ec2 ci/cd pipeline test5 --- .github/workflows/deploy.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index d0f8457378..b17f03745f 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -19,4 +19,5 @@ jobs: cd your-repo sudo apt-get update docker system prune -a -f - docker-compose up --build -d \ No newline at end of file + docker-compose up --build -d + \ No newline at end of file From aad3ae422eb05cac21586b06a4aead4cb8781766 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 22:34:53 +0530 Subject: [PATCH 10/36] refactor: typo in cd command --- .github/workflows/deploy.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b17f03745f..df2660a59f 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -16,8 +16,7 @@ jobs: port: ${{ secrets.PORT }} script: | git clone https://github.com/PalisadoesFoundation/talawa-api.git - cd your-repo + cd talawa-api sudo apt-get update docker system prune -a -f docker-compose up --build -d - \ No newline at end of file From d7c5df1b176e6f2b773dc9797904f8a05a85b080 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 22:37:12 +0530 Subject: [PATCH 11/36] refactor: added command to delete repo after docker compose --- .github/workflows/deploy.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index df2660a59f..ab864197ef 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -20,3 +20,6 @@ jobs: sudo apt-get update docker system prune -a -f docker-compose up --build -d + cd .. + sudo rm -fr talawa-api/ + From 29af287952faeb38cf6ac52415894d42f3941e3f Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 22:39:42 +0530 Subject: [PATCH 12/36] refactor: added sudo to required commands --- .github/workflows/deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index ab864197ef..37e03dfa23 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -18,8 +18,8 @@ jobs: git clone https://github.com/PalisadoesFoundation/talawa-api.git cd talawa-api sudo apt-get update - docker system prune -a -f - docker-compose up --build -d + sudo docker system prune -a -f + sudo docker-compose up --build -d cd .. sudo rm -fr talawa-api/ From af788de43410d258c080475a3af790ce85a0e34b Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 12 Dec 2023 23:45:13 +0530 Subject: [PATCH 13/36] refactor: Simplifed the script in deploy.yml --- .github/workflows/deploy.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 37e03dfa23..0ed46ac21f 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,6 +1,10 @@ name: Deploy to AWS EC2 -on: [push] +on: + push: + branches: + - deployment + - develop jobs: deploy: @@ -15,11 +19,8 @@ jobs: key: ${{ secrets.SSH_KEY }} port: ${{ secrets.PORT }} script: | - git clone https://github.com/PalisadoesFoundation/talawa-api.git cd talawa-api - sudo apt-get update + git pull origin sudo docker system prune -a -f - sudo docker-compose up --build -d - cd .. - sudo rm -fr talawa-api/ + sudo docker-compose up -d From 19a06fdd54bd99e096080800072f54de6f04553f Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Wed, 13 Dec 2023 00:20:10 +0530 Subject: [PATCH 14/36] refactor: removed timeout issue --- .github/workflows/deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 0ed46ac21f..2e39e49772 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -18,6 +18,7 @@ jobs: username: ${{ secrets.USERNAME }} key: ${{ secrets.SSH_KEY }} port: ${{ secrets.PORT }} + command_timeout: 200m script: | cd talawa-api git pull origin From 0470a5e5eecc166c730b52fc5bf44cdf66ef051b Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Fri, 15 Dec 2023 09:09:17 +0530 Subject: [PATCH 15/36] refactor: Optimized the Build process of Docker Compose --- .github/workflows/deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 2e39e49772..0574e1089b 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -22,6 +22,6 @@ jobs: script: | cd talawa-api git pull origin - sudo docker system prune -a -f - sudo docker-compose up -d + sudo docker-compose down + sudo docker-compose up -d --build From cdacef518b343c2dff1db55197f0e047adf002e4 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Thu, 21 Dec 2023 22:45:49 +0530 Subject: [PATCH 16/36] refactor : Added Password field to Action --- .github/workflows/deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 0574e1089b..817bfca262 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -16,6 +16,7 @@ jobs: with: host: ${{ secrets.HOST }} username: ${{ secrets.USERNAME }} + password: ${{ secrets.PASSWORD }} key: ${{ secrets.SSH_KEY }} port: ${{ secrets.PORT }} command_timeout: 200m From acce6bbff0aa5abd939664de0d4bc1c65e126bb7 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Thu, 21 Dec 2023 22:54:17 +0530 Subject: [PATCH 17/36] refactor: removed sudo from commands --- .github/workflows/deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 817bfca262..532fe99314 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -23,6 +23,6 @@ jobs: script: | cd talawa-api git pull origin - sudo docker-compose down - sudo docker-compose up -d --build + docker-compose down + docker-compose up -d --build From 701a1efb84b234f9dfeb3b6d26046cc01b9bc71c Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Thu, 21 Dec 2023 23:01:26 +0530 Subject: [PATCH 18/36] refactor : removed the password field as it was not needed --- .github/workflows/deploy.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 532fe99314..7896c6e062 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -16,7 +16,6 @@ jobs: with: host: ${{ secrets.HOST }} username: ${{ secrets.USERNAME }} - password: ${{ secrets.PASSWORD }} key: ${{ secrets.SSH_KEY }} port: ${{ secrets.PORT }} command_timeout: 200m From 84a600a5d03ca1945e8a192facdf3c4b40d3a6fc Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Thu, 21 Dec 2023 23:12:55 +0530 Subject: [PATCH 19/36] refactor: Added main branch for on push in github-action --- .github/workflows/deploy.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 7896c6e062..aa42895480 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,9 +1,9 @@ -name: Deploy to AWS EC2 +name: Deploy to Cloud VPS on: push: branches: - - deployment + - main - develop jobs: @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - name: Execute remote ssh commands using password + - name: Execute remote ssh commands uses: appleboy/ssh-action@v1.0.0 with: host: ${{ secrets.HOST }} @@ -20,6 +20,7 @@ jobs: port: ${{ secrets.PORT }} command_timeout: 200m script: | + cd develop cd talawa-api git pull origin docker-compose down From b802878dabfdab37f3146070b5d966355b220df3 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Fri, 22 Dec 2023 01:11:28 +0530 Subject: [PATCH 20/36] refactor: always run code from develop --- .github/workflows/deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index aa42895480..646d1ddc95 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -22,6 +22,7 @@ jobs: script: | cd develop cd talawa-api + git checkout develop git pull origin docker-compose down docker-compose up -d --build From 53a87a70ff0896b6cccff49aa58902c6caf57caa Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Sat, 23 Dec 2023 14:03:46 +0530 Subject: [PATCH 21/36] refactor: Added API_DEMO Suffix to env variables and testing for talawa-api user --- .github/workflows/deploy.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 646d1ddc95..9e67fa1f2c 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -5,6 +5,7 @@ on: branches: - main - develop + - deployment jobs: deploy: @@ -14,11 +15,11 @@ jobs: - name: Execute remote ssh commands uses: appleboy/ssh-action@v1.0.0 with: - host: ${{ secrets.HOST }} - username: ${{ secrets.USERNAME }} - key: ${{ secrets.SSH_KEY }} - port: ${{ secrets.PORT }} - command_timeout: 200m + host: ${{ secrets.API_DEMO_HOST }} + username: ${{ secrets.API_DEMO_USERNAME }} + key: ${{ secrets.API_DEMO_SSH_KEY }} + port: ${{ secrets.API_DEMO_PORT }} + command_timeout: 30m script: | cd develop cd talawa-api From d19c0ff5e8adda0984f746d8422b04bf45918735 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Sat, 23 Dec 2023 14:41:46 +0530 Subject: [PATCH 22/36] refactor: removed the triger for push on deployement branch --- .github/workflows/deploy.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 9e67fa1f2c..e41ba6c88a 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -3,9 +3,7 @@ name: Deploy to Cloud VPS on: push: branches: - - main - develop - - deployment jobs: deploy: From 1949629c58933e6fc1cca5acc52d97373cbfe575 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 26 Dec 2023 23:26:54 +0530 Subject: [PATCH 23/36] Added MongoDB Reset Script --- scripts/reset_mongo.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100755 scripts/reset_mongo.sh diff --git a/scripts/reset_mongo.sh b/scripts/reset_mongo.sh new file mode 100755 index 0000000000..3b96a71136 --- /dev/null +++ b/scripts/reset_mongo.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +# Set the name of your MongoDB container +MONGO_CONTAINER_NAME="talawa-api-mongodb-1" + +# Set the name of your MongoDB database +MONGO_DATABASE_NAME="talawa-api" + +# Use a single docker exec command to drop the database +docker exec -it "$MONGO_CONTAINER_NAME" mongosh --eval "db.getSiblingDB('$MONGO_DATABASE_NAME').dropDatabase()" \ No newline at end of file From b2cad3d029f36423d8889d9e0da1053006da2614 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 26 Dec 2023 23:47:42 +0530 Subject: [PATCH 24/36] refactor: Fixed Bug in Setup.ts related MongoDB url env variable --- setup.ts | 37 ++++++++++++++++++++++++++----------- 1 file changed, 26 insertions(+), 11 deletions(-) diff --git a/setup.ts b/setup.ts index 4469288824..b69eeddd62 100644 --- a/setup.ts +++ b/setup.ts @@ -317,7 +317,19 @@ async function main(): Promise { message: "Are you setting up this project using Docker?", default: false, }); - if (!isDockerInstallation) { + + if (isDockerInstallation) { + const DB_URL = "mongodb://localhost:27017/talawa-api"; + const config = dotenv.parse(fs.readFileSync(".env")); + config.MONGO_DB_URL = DB_URL; + process.env.MONGO_DB_URL = DB_URL; + + fs.writeFileSync(".env", ""); + for (const key in config) { + fs.appendFileSync(".env", `${key}=${config[key]}\n`); + } + console.log(`Your MongoDB URL is:\n${process.env.MONGO_DB_URL}`); + } else { if (process.env.MONGO_DB_URL) { console.log( `\nMongoDB URL already exists with the value:\n${process.env.MONGO_DB_URL}` @@ -334,6 +346,7 @@ async function main(): Promise { await mongoDB(); } } + if (process.env.RECAPTCHA_SECRET_KEY) { console.log( `\nreCAPTCHA secret key already exists with the value ${process.env.RECAPTCHA_SECRET_KEY}` @@ -366,16 +379,18 @@ async function main(): Promise { await twoFactorAuth(); } - const { shouldRunDataImport } = await inquirer.prompt([ - { - type: "confirm", - name: "shouldRunDataImport", - message: "Do you want to import sample data?", - default: true, - }, - ]); - if (shouldRunDataImport) { - await importData(); + if (!isDockerInstallation) { + const { shouldRunDataImport } = await inquirer.prompt([ + { + type: "confirm", + name: "shouldRunDataImport", + message: "Do you want to import sample data?", + default: true, + }, + ]); + if (shouldRunDataImport) { + await importData(); + } } else { console.log( "\nCongratulations! Talawa API has been successfully setup! šŸ„‚šŸŽ‰" From d283307d4157f6cacb65ef3daf65ffb2f5474b28 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 26 Dec 2023 23:59:37 +0530 Subject: [PATCH 25/36] Added SSL Certs renew script --- scripts/cert_renew.sh | 6 ++++++ scripts/reset_mongo.sh | 6 ++++-- 2 files changed, 10 insertions(+), 2 deletions(-) create mode 100755 scripts/cert_renew.sh diff --git a/scripts/cert_renew.sh b/scripts/cert_renew.sh new file mode 100755 index 0000000000..5ad5dd49b6 --- /dev/null +++ b/scripts/cert_renew.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +# Renew the certificates +certbot renew + +chmod +x "$0" \ No newline at end of file diff --git a/scripts/reset_mongo.sh b/scripts/reset_mongo.sh index 3b96a71136..fc24fc2961 100755 --- a/scripts/reset_mongo.sh +++ b/scripts/reset_mongo.sh @@ -6,5 +6,7 @@ MONGO_CONTAINER_NAME="talawa-api-mongodb-1" # Set the name of your MongoDB database MONGO_DATABASE_NAME="talawa-api" -# Use a single docker exec command to drop the database -docker exec -it "$MONGO_CONTAINER_NAME" mongosh --eval "db.getSiblingDB('$MONGO_DATABASE_NAME').dropDatabase()" \ No newline at end of file +# Uses docker exec command to drop the database +docker exec -it "$MONGO_CONTAINER_NAME" mongosh --eval "db.getSiblingDB('$MONGO_DATABASE_NAME').dropDatabase()" + +chmod +x "$0" \ No newline at end of file From 576175d0c0ad3d17231d130980d3b5c3ba3a69ec Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Wed, 27 Dec 2023 00:50:55 +0530 Subject: [PATCH 26/36] docs: Added docs to setup cloud instance for future refrence --- docs/cloud-instance-setup.md | 184 +++++++++++++++++++++++++++++++++++ 1 file changed, 184 insertions(+) create mode 100644 docs/cloud-instance-setup.md diff --git a/docs/cloud-instance-setup.md b/docs/cloud-instance-setup.md new file mode 100644 index 0000000000..2bdc18ad13 --- /dev/null +++ b/docs/cloud-instance-setup.md @@ -0,0 +1,184 @@ +# Talawa API Cloud Instance Setup Guide + +This guide provides step-by-step instructions for setting up a cloud instance of the Talawa API for developers. It is assumed that: +- You are doing this on a server that is running Ubuntu 22.04.1 or higher. +- You want to deploy the 'develop' branch to the instance. +- You have sudo privileges. +- You are executing all commands under the home directory of the 'talawa-api' user. + +## 1. Virtual Private Server (VPS) Setup + +First, update your package lists and upgrade the system: + +```bash +sudo apt-get update && sudo apt-get upgrade +``` + +Next, install curl: + +```bash +sudoĀ apt-getĀ installĀ curl +``` + +Then, install Node Version Manager (nvm): + +```bash +sudoĀ curlĀ -o-Ā https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.shĀ |Ā bash + +sourceĀ ~/.bashrc + +nvmĀ installĀ --lts +``` + +After that, install Docker: +```bash +sudoĀ apt-getĀ installĀ docker.ioĀ -y +``` + +Finally, install Docker Compose: + +```bash +sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose +sudo chmod +x /usr/local/bin/docker-compose +``` + + +## 2. Repository Setup + +Create a new directory and clone the Talawa API repository: + +```bash +mkdir develop +cd develop +git clone https://github.com/PalisadoesFoundation/talawa-api.git +cd talawa-api +npm install +npm run setup +``` + +## 3. Docker Configuration + +To allow commands to run without sudo, execute the following: + +```bash +sudo groupadd docker +sudo usermod -aG docker $USER +newgrp docker +rm -fr ~/.docker/ +``` + +## 4. Running the Containers + +Start the containers and import sample data: + +```bash +docker-composeĀ upĀ -dĀ --build +npmĀ runĀ import:sample-data +``` + +## 5. Firewall Setup + +Enable the firewall and allow SSH, HTTP, and HTTPS: +```bash +sudo ufw enable +sudo ufw allow ssh +sudo ufw allow http +sudo ufw allow https +sudo ufw status +``` + + +## 6. NGINX Installation and Configuration + +Install NGINX and configure it: + +```bash +sudo apt install nginx +sudo vi /etc/nginx/sites-available/default +``` + +Add the following to the location part of the server block: +```bash +server_name yourdomain.com www.yourdomain.com; + +location / { + proxy_pass http://localhost:4000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; +} +``` + +Check the NGINX configuration and restart it: +```bash +sudo nginx -t +sudo nginx -s reload +``` + +## 7. SSL Configuration with LetsEncrypt + +Add SSL with LetsEncrypt: + +``` +sudo add-apt-repository ppa:certbot/certbot +sudo apt-get update +sudo apt-get install python3-certbot-nginx +sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com +``` + +## 8. SSH Keys for GitHub Actions + +For secure communication between GitHub Actions and the API VPS, you'll need to generate SSH keys and add the public key to the authorized keys on your VPS. Here's how you can do it: + +1. On your VPS, generate an SSH key pair: + + ```bash + ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" + ``` + + This command creates an Ed25519 SSH key pair with increased key derivation iterations for added security. Replace "your_email@example.com" with your actual email address. + +2. Copy the public key for your VPS: + + ```bash + cat ~/.ssh/id_ed25519.pub + ``` + +3. Paste it to your ~/.ssh/authorized_keys file on vps. + +4. Copy the **private** key using - + + ```bash + cat ~/.ssh/id_ed25519 + ``` + +## 9. GitHub Action Setup + +To enable continuous integration with GitHub Actions, you need to set up the necessary secrets for the workflow. These secrets allow secure communication between the GitHub Actions workflow and your VPS. Here are the steps to set up the required secrets: + +1. Navigate to your GitHub repository. + +2. Click on the "Settings" tab. + +3. In the left sidebar, select "Secrets." + +4. Click on the "New repository secret" button. + + - For the first secret: + + - Name: `API_DEMO_HOST` + - Value: `api-demo.talawa.io` + - For the second secret: + - Name: `API_DEMO_USERNAME` + - Value: `talawa-api` + - For the third secret: + - Name: `API_DEMO_SSH_KEY` + - Value: (Paste the **private** SSH key you copied in previous step ) + - For the fourth secret: + - Name: `API_DEMO_PORT` + - Value: `22` + +These secrets are crucial for the GitHub Actions workflow to connect securely to your VPS and deploy the Talawa API. + From 40626312a0b969670e0e0d2c43e610ac6cbe6e90 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Wed, 27 Dec 2023 01:06:43 +0530 Subject: [PATCH 27/36] refactor: import sample data after dropping the database in reset_mongo.sh --- scripts/reset_mongo.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/reset_mongo.sh b/scripts/reset_mongo.sh index fc24fc2961..639380500a 100755 --- a/scripts/reset_mongo.sh +++ b/scripts/reset_mongo.sh @@ -1,12 +1,12 @@ #!/bin/bash -# Set the name of your MongoDB container MONGO_CONTAINER_NAME="talawa-api-mongodb-1" -# Set the name of your MongoDB database MONGO_DATABASE_NAME="talawa-api" # Uses docker exec command to drop the database docker exec -it "$MONGO_CONTAINER_NAME" mongosh --eval "db.getSiblingDB('$MONGO_DATABASE_NAME').dropDatabase()" +npm run import:sample-data + chmod +x "$0" \ No newline at end of file From 9e4629bacfe918584d7f2c4660bf23fa2d1949dd Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Mon, 1 Jan 2024 02:01:30 +0530 Subject: [PATCH 28/36] refactor: Changed File Structure as needed --- .github/workflows/deploy.yml | 9 +++------ scripts/cert_renew.sh | 6 ------ .../cloud-api-demo/README.md | 0 scripts/cloud-api-demo/cert_renew.sh | 10 ++++++++++ scripts/cloud-api-demo/check_permissions.sh | 13 +++++++++++++ scripts/cloud-api-demo/deploy.sh | 14 ++++++++++++++ scripts/{ => cloud-api-demo}/reset_mongo.sh | 6 +++++- 7 files changed, 45 insertions(+), 13 deletions(-) delete mode 100755 scripts/cert_renew.sh rename docs/cloud-instance-setup.md => scripts/cloud-api-demo/README.md (100%) create mode 100755 scripts/cloud-api-demo/cert_renew.sh create mode 100644 scripts/cloud-api-demo/check_permissions.sh create mode 100644 scripts/cloud-api-demo/deploy.sh rename scripts/{ => cloud-api-demo}/reset_mongo.sh (71%) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index e41ba6c88a..13b3f0c60d 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,9 +1,11 @@ +# You can find the deployment instructions in the scripts/cloud-api-demo/README.md file name: Deploy to Cloud VPS on: push: branches: - develop + - deployment jobs: deploy: @@ -19,10 +21,5 @@ jobs: port: ${{ secrets.API_DEMO_PORT }} command_timeout: 30m script: | - cd develop - cd talawa-api - git checkout develop - git pull origin - docker-compose down - docker-compose up -d --build + /usr/local/bin/deploy.sh diff --git a/scripts/cert_renew.sh b/scripts/cert_renew.sh deleted file mode 100755 index 5ad5dd49b6..0000000000 --- a/scripts/cert_renew.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -# Renew the certificates -certbot renew - -chmod +x "$0" \ No newline at end of file diff --git a/docs/cloud-instance-setup.md b/scripts/cloud-api-demo/README.md similarity index 100% rename from docs/cloud-instance-setup.md rename to scripts/cloud-api-demo/README.md diff --git a/scripts/cloud-api-demo/cert_renew.sh b/scripts/cloud-api-demo/cert_renew.sh new file mode 100755 index 0000000000..2aa9f34081 --- /dev/null +++ b/scripts/cloud-api-demo/cert_renew.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +# Renew the certificates +certbot renew + +# Set permissions to 700 for the script +chmod 700 "$0" + +# Set ownership to talawa-api user +chown talawa-api "$0" diff --git a/scripts/cloud-api-demo/check_permissions.sh b/scripts/cloud-api-demo/check_permissions.sh new file mode 100644 index 0000000000..5e97c2a0f7 --- /dev/null +++ b/scripts/cloud-api-demo/check_permissions.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +# Check and correct permissions for cert_renew.sh +chown talawa-api /usr/local/bin/cert_renew.sh +chmod 700 /usr/local/bin/cert_renew.sh + +# Check and correct permissions for deploy.sh +chown talawa-api /usr/local/bin/deploy.sh +chmod 700 /usr/local/bin/deploy.sh + +# Check and correct permissions for reset_mongo.sh +chown talawa-api /usr/local/bin/reset_mongo.sh +chmod 700 /usr/local/bin/reset_mongo.sh diff --git a/scripts/cloud-api-demo/deploy.sh b/scripts/cloud-api-demo/deploy.sh new file mode 100644 index 0000000000..2e2aaa8deb --- /dev/null +++ b/scripts/cloud-api-demo/deploy.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +cd ~/develop +cd talawa-api +git checkout develop +git pull origin +docker-compose down +docker-compose up -d --build + +# Set permissions to 700 for the script +chmod 700 "$0" + +# Set ownership to talawa-api user +chown talawa-api "$0" diff --git a/scripts/reset_mongo.sh b/scripts/cloud-api-demo/reset_mongo.sh similarity index 71% rename from scripts/reset_mongo.sh rename to scripts/cloud-api-demo/reset_mongo.sh index 639380500a..1c4b26bc70 100755 --- a/scripts/reset_mongo.sh +++ b/scripts/cloud-api-demo/reset_mongo.sh @@ -9,4 +9,8 @@ docker exec -it "$MONGO_CONTAINER_NAME" mongosh --eval "db.getSiblingDB('$MONGO_ npm run import:sample-data -chmod +x "$0" \ No newline at end of file +# Set permissions to 700 for the script +chmod 700 "$0" + +# Set ownership to talawa-api user +chown talawa-api "$0" \ No newline at end of file From 6cbab32951d1f51781591ee3efa7f7abf28721e0 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Mon, 1 Jan 2024 02:35:13 +0530 Subject: [PATCH 29/36] fixed conflict in setup.ts --- package-lock.json | 80 +++++++++++++++++ package.json | 1 + setup.ts | 212 +++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 289 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 6f14db044f..3ef7c64a02 100644 --- a/package-lock.json +++ b/package-lock.json @@ -52,6 +52,7 @@ "nanoid": "^3.3.4", "nodemailer": "^6.7.8", "pm2": "^5.2.0", + "redis": "^4.6.12", "shortid": "^2.2.16", "uuid": "^9.0.0", "validator": "^13.7.0", @@ -5000,6 +5001,64 @@ "resolved": "https://registry.npmjs.org/@protobufjs/utf8/-/utf8-1.1.0.tgz", "integrity": "sha512-Vvn3zZrhQZkkBE8LSuW3em98c0FwgO4nxzv6OdSxPKJIEKY2bGbHn+mhGIPerzI4twdxaP8/0+06HBpwf345Lw==" }, + "node_modules/@redis/bloom": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@redis/bloom/-/bloom-1.2.0.tgz", + "integrity": "sha512-HG2DFjYKbpNmVXsa0keLHp/3leGJz1mjh09f2RLGGLQZzSHpkmZWuwJbAvo3QcRY8p80m5+ZdXZdYOSBLlp7Cg==", + "peerDependencies": { + "@redis/client": "^1.0.0" + } + }, + "node_modules/@redis/client": { + "version": "1.5.13", + "resolved": "https://registry.npmjs.org/@redis/client/-/client-1.5.13.tgz", + "integrity": "sha512-epkUM9D0Sdmt93/8Ozk43PNjLi36RZzG+d/T1Gdu5AI8jvghonTeLYV69WVWdilvFo+PYxbP0TZ0saMvr6nscQ==", + "dependencies": { + "cluster-key-slot": "1.1.2", + "generic-pool": "3.9.0", + "yallist": "4.0.0" + }, + "engines": { + "node": ">=14" + } + }, + "node_modules/@redis/client/node_modules/yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + }, + "node_modules/@redis/graph": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@redis/graph/-/graph-1.1.1.tgz", + "integrity": "sha512-FEMTcTHZozZciLRl6GiiIB4zGm5z5F3F6a6FZCyrfxdKOhFlGkiAqlexWMBzCi4DcRoyiOsuLfW+cjlGWyExOw==", + "peerDependencies": { + "@redis/client": "^1.0.0" + } + }, + "node_modules/@redis/json": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/@redis/json/-/json-1.0.6.tgz", + "integrity": "sha512-rcZO3bfQbm2zPRpqo82XbW8zg4G/w4W3tI7X8Mqleq9goQjAGLL7q/1n1ZX4dXEAmORVZ4s1+uKLaUOg7LrUhw==", + "peerDependencies": { + "@redis/client": "^1.0.0" + } + }, + "node_modules/@redis/search": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/@redis/search/-/search-1.1.6.tgz", + "integrity": "sha512-mZXCxbTYKBQ3M2lZnEddwEAks0Kc7nauire8q20oA0oA/LoA+E/b5Y5KZn232ztPb1FkIGqo12vh3Lf+Vw5iTw==", + "peerDependencies": { + "@redis/client": "^1.0.0" + } + }, + "node_modules/@redis/time-series": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/@redis/time-series/-/time-series-1.0.5.tgz", + "integrity": "sha512-IFjIgTusQym2B5IZJG3XKr5llka7ey84fw/NOYqESP5WUfQs9zz1ww/9+qoz4ka/S6KcGBodzlCeZ5UImKbscg==", + "peerDependencies": { + "@redis/client": "^1.0.0" + } + }, "node_modules/@repeaterjs/repeater": { "version": "3.0.4", "resolved": "https://registry.npmjs.org/@repeaterjs/repeater/-/repeater-3.0.4.tgz", @@ -9508,6 +9567,14 @@ "node": ">=12" } }, + "node_modules/generic-pool": { + "version": "3.9.0", + "resolved": "https://registry.npmjs.org/generic-pool/-/generic-pool-3.9.0.tgz", + "integrity": "sha512-hymDOu5B53XvN4QT9dBmZxPX4CWhBPPLguTZ9MMFeFa/Kg0xWVfylOVNlJji/E7yTZWFd/q9GO5TxDLq156D7g==", + "engines": { + "node": ">= 4" + } + }, "node_modules/gensync": { "version": "1.0.0-beta.2", "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", @@ -13821,6 +13888,19 @@ "node": ">=8.10.0" } }, + "node_modules/redis": { + "version": "4.6.12", + "resolved": "https://registry.npmjs.org/redis/-/redis-4.6.12.tgz", + "integrity": "sha512-41Xuuko6P4uH4VPe5nE3BqXHB7a9lkFL0J29AlxKaIfD6eWO8VO/5PDF9ad2oS+mswMsfFxaM5DlE3tnXT+P8Q==", + "dependencies": { + "@redis/bloom": "1.2.0", + "@redis/client": "1.5.13", + "@redis/graph": "1.1.1", + "@redis/json": "1.0.6", + "@redis/search": "1.1.6", + "@redis/time-series": "1.0.5" + } + }, "node_modules/redis-errors": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/redis-errors/-/redis-errors-1.2.0.tgz", diff --git a/package.json b/package.json index 2b4f25ef23..bd200c4187 100644 --- a/package.json +++ b/package.json @@ -84,6 +84,7 @@ "nanoid": "^3.3.4", "nodemailer": "^6.7.8", "pm2": "^5.2.0", + "redis": "^4.6.12", "shortid": "^2.2.16", "uuid": "^9.0.0", "validator": "^13.7.0", diff --git a/setup.ts b/setup.ts index b69eeddd62..c36dd172fa 100644 --- a/setup.ts +++ b/setup.ts @@ -3,6 +3,7 @@ const fs = require("fs"); const cryptolib = require("crypto"); const inquirer = require("inquirer"); const mongodb = require("mongodb"); +const redis = require("redis"); const { exec } = require("child_process"); dotenv.config(); @@ -44,6 +45,113 @@ async function accessAndRefreshTokens( } } +// Check connection to Redis with the specified URL. +async function checkRedisConnection(url: string): Promise { + let response = false; + const client = redis.createClient(url); + + console.log("\nChecking Redis connection...."); + + try { + await client.connect(); + console.log("\nConnection to Redis successful! šŸŽ‰"); + response = true; + } catch (error) { + console.log(`\nConnection to Redis failed. Please try again.\n`); + } + client.quit(); + return response; +} + +// Redis url prompt +async function askForRedisUrl(): Promise<{ + host: string; + port: number; + password: string; +}> { + const { host, port, password } = await inquirer.prompt([ + { + type: "input", + name: "host", + message: "Enter Redis hostname (default: localhost):", + default: "localhost", + }, + { + type: "input", + name: "port", + message: "Enter Redis port (default: 6379):", + default: 6379, + }, + { + type: "password", + name: "password", + message: + "Enter Redis password (optional : Leave empty for local connections) :", + }, + ]); + + return { host, port, password }; +} + +// get the redis url +async function redisConfiguration(): Promise { + const REDIS_URL = process.env.REDIS_URL; + + try { + let isConnected = false, + url = ""; + while (!isConnected) { + const { host, port, password } = await askForRedisUrl(); + url = `redis://${password ? password + "@" : ""}${host}:${port}`; + isConnected = await checkRedisConnection(url); + } + + const config = dotenv.parse(fs.readFileSync(".env")); + config.REDIS_URL = url; + fs.writeFileSync(".env", ""); + for (const key in config) { + fs.appendFileSync(".env", `${key}=${config[key]}\n`); + } + } catch (err) { + console.error(err); + abort(); + } +} + +//LAST_RESORT_SUPERADMIN_EMAIL prompt +async function askForSuperAdminEmail(): Promise { + const { email } = await inquirer.prompt([ + { + type: "input", + name: "email", + message: + "Enter the email which you wish to assign as the Super Admin of last resort:", + validate: (input: string) => + isValidEmail(input) || "Invalid email. Please try again.", + }, + ]); + + return email; +} + +// Get the super admin email +async function superAdmin(): Promise { + try { + const email = await askForSuperAdminEmail(); + + const config = dotenv.parse(fs.readFileSync(".env")); + + config.LAST_RESORT_SUPERADMIN_EMAIL = email; + fs.writeFileSync(".env", ""); + for (const key in config) { + fs.appendFileSync(".env", `${key}=${config[key]}\n`); + } + } catch (err) { + console.log(err); + abort(); + } +} + // Check the connection to MongoDB with the specified URL. async function checkConnection(url: string): Promise { let response = false; @@ -138,6 +246,37 @@ async function recaptcha(): Promise { fs.appendFileSync(".env", `${key}=${config[key]}\n`); } } +async function recaptchaSiteKey(): Promise { + console.log( + "\nPlease visit this URL to set up reCAPTCHA:\n\nhttps://www.google.com/recaptcha/admin/create" + ); + console.log( + '\nSelect reCAPTCHA v2 and the "I`m not a robot" checkbox option' + ); + console.log( + '\nAdd "localhost" in domains and accept the terms, then press submit' + ); + + const { recaptchaSiteKey } = await inquirer.prompt([ + { + type: "input", + name: "recaptchaSiteKey", + message: "Enter your reCAPTCHA site key:", + validate: async (input: string): Promise => { + if (validateRecaptcha(input)) { + return true; + } + return "Invalid reCAPTCHA site key. Please try again."; + }, + }, + ]); + const config = dotenv.parse(fs.readFileSync(".env")); + config.RECAPTCHA_SITE_KEY = recaptchaSiteKey; + fs.writeFileSync(".env", ""); + for (const key in config) { + fs.appendFileSync(".env", `${key}=${config[key]}\n`); + } +} function isValidEmail(email: string): boolean { const pattern = /^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$/; @@ -330,6 +469,23 @@ async function main(): Promise { } console.log(`Your MongoDB URL is:\n${process.env.MONGO_DB_URL}`); } else { + // Redis configuration + if (process.env.REDIS_URL) { + console.log( + `\nRedis URL already exists with the value:\n${process.env.REDIS_URL}` + ); + } + const { shouldSetRedis } = await inquirer.prompt({ + type: "confirm", + name: "shouldSetRedis", + message: "Would you like to set up a Redis URL?", + default: true, + }); + if (shouldSetRedis) { + await redisConfiguration(); + } + + // MongoDB configuration if (process.env.MONGO_DB_URL) { console.log( `\nMongoDB URL already exists with the value:\n${process.env.MONGO_DB_URL}` @@ -363,6 +519,17 @@ async function main(): Promise { await recaptcha(); } + const { shouldSetRecaptchaSiteKey } = await inquirer.prompt({ + type: "confirm", + name: "shouldSetRecaptchaSiteKey", + message: "Would you like to set up a reCAPTCHA site key?", + default: true, + }); + + if (shouldSetRecaptchaSiteKey) { + await recaptchaSiteKey(); + } + if (process.env.MAIL_USERNAME) { console.log( `\nMail username already exists with the value ${process.env.MAIL_USERNAME}` @@ -379,6 +546,42 @@ async function main(): Promise { await twoFactorAuth(); } + if (process.env.LAST_RESORT_SUPERADMIN_EMAIL) { + console.log( + `\nSuper Admin of last resort already exists with the value ${process.env.LAST_RESORT_SUPERADMIN_EMAIL}` + ); + } + + const { shouldSetSuperUserEmail } = await inquirer.prompt([ + { + type: "confirm", + name: "shouldSetSuperUserEmail", + message: "Would you like to setup a Super Admin email of last resort?", + default: true, + }, + ]); + if (shouldSetSuperUserEmail) { + await superAdmin(); + } + // check if mail_username is set, if not, set it to mail_username's value + else if ( + !shouldSetSuperUserEmail && + !process.env.LAST_RESORT_SUPERADMIN_EMAIL + // process.env.MAIL_USERNAME + ) { + if (process.env.MAIL_USERNAME) { + console.log( + "No super admin email configured, setting it to mail username's value." + ); + } + const config = dotenv.parse(fs.readFileSync(".env")); + config.LAST_RESORT_SUPERADMIN_EMAIL = config.MAIL_USERNAME; + fs.writeFileSync(".env", ""); + for (const key in config) { + fs.appendFileSync(".env", `${key}=${config[key]}\n`); + } + } + if (!isDockerInstallation) { const { shouldRunDataImport } = await inquirer.prompt([ { @@ -388,14 +591,15 @@ async function main(): Promise { default: true, }, ]); + if (shouldRunDataImport) { await importData(); } - } else { - console.log( - "\nCongratulations! Talawa API has been successfully setup! šŸ„‚šŸŽ‰" - ); } + + console.log( + "\nCongratulations! Talawa API has been successfully setup! šŸ„‚šŸŽ‰" + ); } main(); From dd0a592d607fe2e1dae03662c5b2264a62f8f521 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Mon, 1 Jan 2024 16:16:18 +0530 Subject: [PATCH 30/36] reverted all changes in setup.ts --- setup.ts | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/setup.ts b/setup.ts index a63bbe63e6..eb2edd46df 100644 --- a/setup.ts +++ b/setup.ts @@ -456,19 +456,7 @@ async function main(): Promise { message: "Are you setting up this project using Docker?", default: false, }); - - if (isDockerInstallation) { - const DB_URL = "mongodb://localhost:27017/talawa-api"; - const config = dotenv.parse(fs.readFileSync(".env")); - config.MONGO_DB_URL = DB_URL; - process.env.MONGO_DB_URL = DB_URL; - - fs.writeFileSync(".env", ""); - for (const key in config) { - fs.appendFileSync(".env", `${key}=${config[key]}\n`); - } - console.log(`Your MongoDB URL is:\n${process.env.MONGO_DB_URL}`); - } else { + if (!isDockerInstallation) { // Redis configuration if (process.env.REDIS_URL) { console.log( @@ -502,12 +490,21 @@ async function main(): Promise { await mongoDB(); } } - if (process.env.RECAPTCHA_SECRET_KEY) { console.log( `\nreCAPTCHA secret key already exists with the value ${process.env.RECAPTCHA_SECRET_KEY}` ); } + const { shouldSetRecaptcha } = await inquirer.prompt({ + type: "confirm", + name: "shouldSetRecaptcha", + message: "Would you like to set up a reCAPTCHA secret key?", + default: true, + }); + + if (shouldSetRecaptcha) { + await recaptcha(); + } const { shouldSetRecaptchaSiteKey } = await inquirer.prompt({ type: "confirm", @@ -552,7 +549,6 @@ async function main(): Promise { ]); if (shouldSetSuperUserEmail) { await superAdmin(); - } // check if mail_username is set, if not, set it to mail_username's value else if ( @@ -588,7 +584,6 @@ async function main(): Promise { } } - console.log( "\nCongratulations! Talawa API has been successfully setup! šŸ„‚šŸŽ‰" ); From 1acc455ec07415a00de0b9ad1d07689158dedf5d Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Mon, 1 Jan 2024 16:38:20 +0530 Subject: [PATCH 31/36] refactor: Added detailed comments in scripts --- scripts/cloud-api-demo/cert_renew.sh | 4 ++++ scripts/cloud-api-demo/check_permissions.sh | 4 ++++ scripts/cloud-api-demo/deploy.sh | 15 +++++++++++++-- scripts/cloud-api-demo/reset_mongo.sh | 11 +++++++++-- 4 files changed, 30 insertions(+), 4 deletions(-) diff --git a/scripts/cloud-api-demo/cert_renew.sh b/scripts/cloud-api-demo/cert_renew.sh index 2aa9f34081..bc242a5006 100755 --- a/scripts/cloud-api-demo/cert_renew.sh +++ b/scripts/cloud-api-demo/cert_renew.sh @@ -1,5 +1,9 @@ #!/bin/bash +# Purpose: Renew SSL certificates generated by Certbot +# These certificates are required to be renewed every 90 days. +# This script will be used to create a cronjob for automatic renewal. + # Renew the certificates certbot renew diff --git a/scripts/cloud-api-demo/check_permissions.sh b/scripts/cloud-api-demo/check_permissions.sh index 5e97c2a0f7..a75e3e2089 100644 --- a/scripts/cloud-api-demo/check_permissions.sh +++ b/scripts/cloud-api-demo/check_permissions.sh @@ -1,5 +1,9 @@ #!/bin/bash +# Purpose: Check and correct permissions for script files +# This script will be used in a cron job to ensure proper permissions for various scripts on the cloud instance. +# This ensures that all scripts have correct permissions and ownership for the talawa-api user on the cloud instance. + # Check and correct permissions for cert_renew.sh chown talawa-api /usr/local/bin/cert_renew.sh chmod 700 /usr/local/bin/cert_renew.sh diff --git a/scripts/cloud-api-demo/deploy.sh b/scripts/cloud-api-demo/deploy.sh index 2e2aaa8deb..e0bce923fc 100644 --- a/scripts/cloud-api-demo/deploy.sh +++ b/scripts/cloud-api-demo/deploy.sh @@ -1,10 +1,21 @@ #!/bin/bash -cd ~/develop -cd talawa-api +# Purpose: Deploy containers to a cloud instance on every push +# This script contains the commands used by .github/workflows/deploy.yaml file. + +# Navigate to the project directory +cd ~/develop/talawa-api + +# Switch to the 'develop' branch git checkout develop + +# Pull the latest changes from the 'develop' branch on the origin git pull origin + +# Stop and remove existing containers docker-compose down + +# Build and launch containers in the background docker-compose up -d --build # Set permissions to 700 for the script diff --git a/scripts/cloud-api-demo/reset_mongo.sh b/scripts/cloud-api-demo/reset_mongo.sh index 1c4b26bc70..cfbda3bbb4 100755 --- a/scripts/cloud-api-demo/reset_mongo.sh +++ b/scripts/cloud-api-demo/reset_mongo.sh @@ -1,16 +1,23 @@ #!/bin/bash +# Purpose: Required for a cron job to reset the database on a cloud instance every 24 hours +# This script uses docker exec command to drop the specified MongoDB database, +# then runs a command to import sample data using npm. + +# Specify the MongoDB container name MONGO_CONTAINER_NAME="talawa-api-mongodb-1" +# Specify the MongoDB database name MONGO_DATABASE_NAME="talawa-api" -# Uses docker exec command to drop the database +# Use docker exec command to drop the specified MongoDB database docker exec -it "$MONGO_CONTAINER_NAME" mongosh --eval "db.getSiblingDB('$MONGO_DATABASE_NAME').dropDatabase()" +# Run a command to import sample data using npm npm run import:sample-data # Set permissions to 700 for the script chmod 700 "$0" # Set ownership to talawa-api user -chown talawa-api "$0" \ No newline at end of file +chown talawa-api "$0" From 7e4c8a777123fd4ead079212b4da190856b1a058 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Tue, 2 Jan 2024 23:56:27 +0530 Subject: [PATCH 32/36] refactor: removed perm check from each script as dedicateted script checks for it --- scripts/cloud-api-demo/README.md | 2 +- scripts/cloud-api-demo/cert_renew.sh | 5 ----- scripts/cloud-api-demo/deploy.sh | 6 ------ scripts/cloud-api-demo/reset_mongo.sh | 10 ++++------ 4 files changed, 5 insertions(+), 18 deletions(-) diff --git a/scripts/cloud-api-demo/README.md b/scripts/cloud-api-demo/README.md index 2bdc18ad13..5e1219d974 100644 --- a/scripts/cloud-api-demo/README.md +++ b/scripts/cloud-api-demo/README.md @@ -169,7 +169,7 @@ To enable continuous integration with GitHub Actions, you need to set up the nec - For the first secret: - Name: `API_DEMO_HOST` - - Value: `api-demo.talawa.io` + - Value: `api-demo.talawa.io` (Replace with your hostname) - For the second secret: - Name: `API_DEMO_USERNAME` - Value: `talawa-api` diff --git a/scripts/cloud-api-demo/cert_renew.sh b/scripts/cloud-api-demo/cert_renew.sh index bc242a5006..bdfe6f710b 100755 --- a/scripts/cloud-api-demo/cert_renew.sh +++ b/scripts/cloud-api-demo/cert_renew.sh @@ -7,8 +7,3 @@ # Renew the certificates certbot renew -# Set permissions to 700 for the script -chmod 700 "$0" - -# Set ownership to talawa-api user -chown talawa-api "$0" diff --git a/scripts/cloud-api-demo/deploy.sh b/scripts/cloud-api-demo/deploy.sh index e0bce923fc..8d4bf7fb3d 100644 --- a/scripts/cloud-api-demo/deploy.sh +++ b/scripts/cloud-api-demo/deploy.sh @@ -17,9 +17,3 @@ docker-compose down # Build and launch containers in the background docker-compose up -d --build - -# Set permissions to 700 for the script -chmod 700 "$0" - -# Set ownership to talawa-api user -chown talawa-api "$0" diff --git a/scripts/cloud-api-demo/reset_mongo.sh b/scripts/cloud-api-demo/reset_mongo.sh index cfbda3bbb4..ba51b23920 100755 --- a/scripts/cloud-api-demo/reset_mongo.sh +++ b/scripts/cloud-api-demo/reset_mongo.sh @@ -5,7 +5,7 @@ # then runs a command to import sample data using npm. # Specify the MongoDB container name -MONGO_CONTAINER_NAME="talawa-api-mongodb-1" +MONGO_CONTAINER_NAME="talawa-api_mongodb_1" # Specify the MongoDB database name MONGO_DATABASE_NAME="talawa-api" @@ -13,11 +13,9 @@ MONGO_DATABASE_NAME="talawa-api" # Use docker exec command to drop the specified MongoDB database docker exec -it "$MONGO_CONTAINER_NAME" mongosh --eval "db.getSiblingDB('$MONGO_DATABASE_NAME').dropDatabase()" +# Changing to repo dir +cd /home/talawa-api/develop/talawa-api + # Run a command to import sample data using npm npm run import:sample-data -# Set permissions to 700 for the script -chmod 700 "$0" - -# Set ownership to talawa-api user -chown talawa-api "$0" From 126d642ca7b9fe3346e22caca8244f43a4fbc7ca Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Wed, 3 Jan 2024 00:29:12 +0530 Subject: [PATCH 33/36] refactor: fixed cert_renew.sh --- scripts/cloud-api-demo/cert_renew.sh | 4 ++-- scripts/cloud-api-demo/reset_mongo.sh | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/scripts/cloud-api-demo/cert_renew.sh b/scripts/cloud-api-demo/cert_renew.sh index bdfe6f710b..fd9e0ef638 100755 --- a/scripts/cloud-api-demo/cert_renew.sh +++ b/scripts/cloud-api-demo/cert_renew.sh @@ -5,5 +5,5 @@ # This script will be used to create a cronjob for automatic renewal. # Renew the certificates -certbot renew - +certbot renew --config-dir ~/.certbot/config --logs-dir ~/.certbot/logs --work-dir ~/.certbot/work + \ No newline at end of file diff --git a/scripts/cloud-api-demo/reset_mongo.sh b/scripts/cloud-api-demo/reset_mongo.sh index ba51b23920..b2e6ed4aad 100755 --- a/scripts/cloud-api-demo/reset_mongo.sh +++ b/scripts/cloud-api-demo/reset_mongo.sh @@ -18,4 +18,3 @@ cd /home/talawa-api/develop/talawa-api # Run a command to import sample data using npm npm run import:sample-data - From ce7dae0dfbf41ba8be53a3682398059bcb661971 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Wed, 3 Jan 2024 02:15:08 +0530 Subject: [PATCH 34/36] docs: Completed the Cloud API Demo Readme --- scripts/cloud-api-demo/README.md | 126 ++++++++++++++++++++++++++++++- 1 file changed, 123 insertions(+), 3 deletions(-) diff --git a/scripts/cloud-api-demo/README.md b/scripts/cloud-api-demo/README.md index 5e1219d974..ba92554206 100644 --- a/scripts/cloud-api-demo/README.md +++ b/scripts/cloud-api-demo/README.md @@ -6,6 +6,33 @@ This guide provides step-by-step instructions for setting up a cloud instance of - You have sudo privileges. - You are executing all commands under the home directory of the 'talawa-api' user. +# Table Of Contents +- [Talawa API Cloud Instance Setup Guide](#talawa-api-cloud-instance-setup-guide) + - [1. Virtual Private Server (VPS) Setup](#1-virtual-private-server-vps-setup) + - [2. Repository Setup](#2-repository-setup) + - [3. Docker Configuration](#3-docker-configuration) + - [4. Running the Containers](#4-running-the-containers) + - [5. Firewall Setup](#5-firewall-setup) + - [6. NGINX Installation and Configuration](#6-nginx-installation-and-configuration) + - [6.1 Install NGINX and configure it](#61-install-nginx-and-configure-it) + - [6.2 Add the following to the location part of the server block](#62-add-the-following-to-the-location-part-of-the-server-block) + - [6.3 Check the NGINX configuration and restart it](#63-check-the-nginx-configuration-and-restart-it) + - [7. SSL Configuration with LetsEncrypt](#7-ssl-configuration-with-letsencrypt) + - [8. SSH Keys for GitHub Actions](#8-ssh-keys-for-github-actions) + - [9. GitHub Action Setup](#9-github-action-setup) + - [10. Cron Jobs](#10-cron-jobs) + - [10.1 Setting up Scripts](#101-setting-up-scripts) + - [10.1.1 Setting Permissions and Owner for check_permissions.sh](#1011-setting-permissions-and-owner-for-check_permissionssh) + - [10.1.2 Modify sudoers file to allow talawa-api to run chmod and chown without password prompt](#1012-modify-sudoers-file-to-allow-talawa-api-to-run-chmod-and-chown-without-password-prompt) + - [10.1.3 Run check_permissions.sh once to correct permissions for other scripts](#1013-run-check_permissionssh-once-to-correct-permissions-for-other-scripts) + - [10.2 Setting up Cronjobs](#102-setting-up-cronjobs) + - [10.2.1 Cron job to run check_permissions.sh](#1021-cron-job-to-run-check_permissionssh) + - [10.2.2 Cron job to run cert_renew.sh](#1022-cron-job-to-run-cert_renewsh) + - [10.2.3 Cron job to run reset_mongo.sh](#1023-cron-job-to-run-reset_mongosh) + - [10.3 Logging for cron jobs](#103-logging-for-cron-jobs) + + + ## 1. Virtual Private Server (VPS) Setup First, update your package lists and upgrade the system: @@ -90,14 +117,14 @@ sudo ufw status ## 6. NGINX Installation and Configuration -Install NGINX and configure it: +### 6.1 Install NGINX and configure it: ```bash sudo apt install nginx sudo vi /etc/nginx/sites-available/default ``` -Add the following to the location part of the server block: +### 6.2 Add the following to the location part of the server block: ```bash server_name yourdomain.com www.yourdomain.com; @@ -111,7 +138,7 @@ location / { } ``` -Check the NGINX configuration and restart it: +### 6.3 Check the NGINX configuration and restart it: ```bash sudo nginx -t sudo nginx -s reload @@ -182,3 +209,96 @@ To enable continuous integration with GitHub Actions, you need to set up the nec These secrets are crucial for the GitHub Actions workflow to connect securely to your VPS and deploy the Talawa API. +## 10. Cron Jobs + +### 10.1 Setting up Scripts: +Copy the following scripts from **/home/talawa-api/develop/talawa-api/scripts/cloud-api-demo** to **/usr/local/bin**: +`cert_renew.sh` +`check_permissions.sh` +`deploy.sh` +`reset_mongo.sh` + +#### 10.1.1 Setting Permissions and Owner for check_permissions.sh: + +```bash +sudo chmod 700 /usr/local/bin/check_permissions.sh +sudo chown talawa-api /usr/local/bin/check_permissions.sh +``` + +#### 10.1.2 Modify sudoers file to allow talawa-api to run chmod and chown without password prompt: +- Open sudoers file with sudo visudo. +- Add the following line: +```bash +talawa-api ALL=(ALL) NOPASSWD: /bin/chmod, /bin/chown +``` +- Save and exit the editor + +#### 10.1.3 Run check_permissions.sh once to correct permissions for other scripts: +```bash +/usr/local/bin/check_permissions.sh +``` +Executing check_permissions.sh once will ensure that the correct permissions are applied to the other scripts in the specified directory. + +### 10.2 Setting up Cronjobs: + +#### 10.2.1 Cron job to run check_permissions.sh +This cron job will execute check_permissions.sh every midnight, ensuring that the correct permissions are maintained for the scripts : +```bash +echo "0 0 * * * talawa-api /usr/local/bin/check_permissions.sh" | sudo tee /etc/cron.d/check_permissions +``` +#### 10.2.2 Cron job to run cert_renew.sh +This cron job will execute `cert_renew.sh` every 90 days, ensuring that the certificates are renewed in a timely manner: +```bash +echo "0 0 */90 * * talawa-api /usr/local/bin/cert_renew.sh" | sudo tee /etc/cron.d/cert_renew +``` +#### 10.2.3 Cron job to run reset_mongo.sh +This cron job will execute `reset_mongo.sh` every 24 hours, ensuring that the MongoDB is reset on a daily basis: +```bash +echo "0 0 * * * talawa-api /usr/local/bin/reset_mongo.sh" | sudo tee /etc/cron.d/reset_mongo +``` +#### 10.3 Logging for cron jobs + +1. **Create the logrotate configuration file:** + +```bash +sudo nano /etc/logrotate.d/talawa-api-cron +``` +2. **Add the following content to the file:** +```log +/var/log/talawa-api/cron.log { + rotate 7 + daily + missingok + notifempty + compress + delaycompress + create 640 talawa-api talawa-api + sharedscripts + postrotate + systemctl restart cron + endscript +} +``` + +**Explanation:** +- `rotate 7`: Retains the last 7 rotated log files. +- `daily`: Rotates the log file daily. +- `missingok`: Ignores errors if the log file is missing. +- `notifempty`: Does not rotate the log file if it is empty. +- `compress`: Compresses rotated log files. +- `delaycompress`: Delays compression until the next rotation cycle. +- `create 640 talawa-api talawa-api`: Creates new log files with the specified permissions and ownership. In this case, both the owner and group are set to talawa-api. +- `sharedscripts`: Runs the `postrotate` script only once even if multiple log files are rotated. +- `postrotate` ... endscript: Defines the actions to be taken after log rotation, in this case, restarting the cron service. + +3. **Save and exit the text editor (Ctrl + X, then Y, then Enter in nano).** + +4. **Restart Cron Service:** +Apply the logrotate changes by restarting the cron service: +```bash +sudo systemctl restart cron +``` + +Now, the cron job output will be logged to `/var/log/talawa-api/cron.log`, and log rotation will be managed by logrotate according to the specified configuration. Adjust the log rotation parameters in the logrotate configuration file as needed. + +This will set up logging for the cron jobs and manage log rotation using logrotate. \ No newline at end of file From a263e7bed4b19572576f18987bc3faeb5764897e Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Thu, 4 Jan 2024 17:47:18 +0000 Subject: [PATCH 35/36] docs: added solution to cors error --- scripts/cloud-api-demo/README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scripts/cloud-api-demo/README.md b/scripts/cloud-api-demo/README.md index ba92554206..7105f38553 100644 --- a/scripts/cloud-api-demo/README.md +++ b/scripts/cloud-api-demo/README.md @@ -76,12 +76,14 @@ Create a new directory and clone the Talawa API repository: ```bash mkdir develop -cd develop +cd developus git clone https://github.com/PalisadoesFoundation/talawa-api.git cd talawa-api npm install npm run setup ``` +**Important Note:** After running `npm run setup`, you need to edit the `.env` file and change `TALAWA_ADMIN_URL=api-demo.talawa.io` (replace with your hostname) and `NODE_ENV = production`. + ## 3. Docker Configuration From d32d6ab38559311df05a83ee8a372344ddf83040 Mon Sep 17 00:00:00 2001 From: vasujain275 Date: Thu, 4 Jan 2024 17:49:20 +0000 Subject: [PATCH 36/36] refactor: removed deployment branch from deploy.yml --- .github/workflows/deploy.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 13b3f0c60d..953eee0d8a 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -5,7 +5,6 @@ on: push: branches: - develop - - deployment jobs: deploy: