Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
log
 
 
www
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

Postgrest Skeleton

Stack:

Setting up a server

Assuming an Ubuntu Xenial 16.04 server.

sudo apt-get install apt-transport-https ca-certificates
sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
echo "deb https://apt.dockerproject.org/repo ubuntu-xenial main" | sudo tee /etc/apt/sources.list.d/docker.list
sudo apt-get purge lxc-docker
sudo apt-get update
sudo apt-get install linux-image-extra-$(uname -r) git curl docker-engine openssl
curl -L https://github.com/docker/compose/releases/download/1.6.2/docker-compose-`uname -s`-`uname -m` | sudo tee /usr/local/bin/docker-compose > /dev/null
sudo chmod +x /usr/local/bin/docker-compose
sudo service docker start
sudo docker run hello-world
docker-compose --version
sudo gpasswd -a $USER docker
sudo mkdir -p /srv/live.git /srv/live/certificates /srv/backups
sudo chown -R :adm /srv/live.git /srv/live /srv/backups
sudo chmod -R g+rwx /srv/live.git /srv/live /srv/backups
git init --bare /srv/live.git
openssl dhparam -out /srv/live/certificates/dhparam.pem 4096
crontab -e # Add '00 00 * * * /srv/live/make-backup'

git remote add staging staging.example.com:/srv/live.git
scp post-receive staging.example.com:/srv/live.git/hooks
nano site.conf
scp site.conf staging.example.com:/srv/live.git/
git push staging

Local testing

docker-compose start

Staging

source site.conf
export DOMAIN CERT_EMAIL JWT_SECRET POSTGRES_PASSWORD AUTHENTICATOR_PASSWORD
alias dc=docker-compose -f docker-compose.yml -f live.yml 
dc stop; dc rm -f; dc create; dc start; dc logs

Production

docker-compose -f docker-compose.yml -f staging.yml  -f production.yml start

Using

Staging

Deployment

docker-compose -f docker-compose.yml -f production.yml start

Dependencies

Make sure you have a recent version of docker, at least version 1.10.0.

https://docs.docker.com/engine/installation/linux/ubuntulinux/

Make sure you have a recent version of docker-compose, at least version 1.6.

curl -L https://github.com/docker/compose/releases/download/1.6.2/docker-compose-`uname -s`-`uname -m` | sudo tee /usr/local/bin/docker-compose > /dev/null
sudo chmod +x /usr/local/bin/docker-compose

To recompile the javascript you need Google Closure.

closure-compiler --language_out ECMASCRIPT5_STRICT --js js/*.js > www/min.js

Starting

docker-compose up

To start with a clean build

docker-compose stop
sudo rm -rf data/data
docker-compose rm -f
docker-compose create
docker-compose start

Raw database access

docker exec -ti -u postgres example_dbm_1 psql -d example -P pager=off

Dump database for backups

docker exec -ti -u postgres example_dbm_1 pg_dump -a --insert example

JWT token:

Example token (with signature removed):

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyb2xlIjoiYXV0aG9yIiwidXNlcmlkIjoiYXV0aDB8NTZkZWEwYjM4MWRlMjkyZTBjYjc1OTY1IiwiaXNzIjoiaHR0cHM6Ly9vcGVuZXRoLmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHw1NmRlYTBiMzgxZGUyOTJlMGNiNzU5NjUiLCJhdWQiOiJBWm10a0JONXpER0VSSmVzRlpHRlM4dllKWXlaVHJEbyIsImV4cCI6MTQ1NzQ4NjM5MywiaWF0IjoxNDU3NDUwMzkzfQ.2DIZz2bf19Jr9UaNA3DLl263JqzXvrAUky3Vr_ZgIbQ
{
	"role": "author",
	"userid": "auth0|56dea0b381de292e0cb75965",
	"iss": "https://example.auth0.com/",
	"sub": "auth0|56dea0b381de292e0cb75965",
	"aud": "AZmtkBN5zDGERJesFZGFS8vYJYyZTrDo",
	"exp": 1457486393,
	"iat": 1457450393
}

The role gets mapped to a PostgreSQL role, sub is used to uniquely identify users.

Regenerating Diffie-Hellman parameters

Goal:

https://www.owasp.org/index.php/List_of_useful_HTTP_headers

https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html

openssl dhparam -out certificates/dhparam.pem 4096

Content Security Policy

About

Skeleton web stack using Docker Compose, PostgreSQL, PostgREST, Nginx and Auth0.

Resources

License

Releases

No releases published

Packages

No packages published