Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
app
config
flow-typed/npm
scripts
.babelrc
.browserslistrc
.dockerignore
.eslintignore
.eslintrc.yml
.flowconfig
.gitignore
.postcssrc
.prettierrc
.stylelintignore
.stylelintrc.yml
README.md
docker-compose.dev.yml
docker-compose.prod.yml
package.json
server.hot.js
server.js
yarn.lock

README.md

alexfedoseev.com

Development

I use alexfedoseev.dev domain for local development, so this needs to be added to /etc/hosts:

fe80::1%lo0  alexfedoseev.dev
127.0.0.1    alexfedoseev.dev
fe80::1%lo0  www.alexfedoseev.dev
127.0.0.1    www.alexfedoseev.dev
fe80::1%lo0  hot.alexfedoseev.dev
127.0.0.1    hot.alexfedoseev.dev

Then run yarn start (docker will build development services) and visit alexfedoseev.dev.

To test production builds run yarn run local:production.

Docker

2 services:

  • web
  • nginx

Development containers:

/
  www/
    |-- deps/             # web: dependencies cache
    |-- public/           # volume: generated client assets
    |-- src/              # host -> web: app sources
        |-- build/        #              server app build
        |-- node_modules/ #              dependencies
  etc/
    |-- nginx/            # nginx: configs
    |-- ssl/              # nginx: self-signed certificate

Production containers:

/
  www/
    |-- deps/             # web: dependencies cache
    |-- public/           # volume: generated client assets
    |-- src/              # web: app sources
        |-- build/        #      server app build
        |-- node_modules/ #      dependencies
    |-- letsencrypt/      # host -> nginx: dummy entrypoint to obtain a SSL cert
  etc/
    |-- nginx/            # nginx: configs
    |-- letsencrypt/      # host -> nginx: SSL certs

SSL

Self-signed certificate for local development

Generate self-signed wildcard certificate for local development (commited for *.alexfedoseev.dev):

openssl genrsa 2048 > alexfedoseev.dev.key
openssl req -new -x509 -nodes -sha1 -days 3650 -key alexfedoseev.dev.key > alexfedoseev.dev.crt

# Enter `*.alexfedoseev.dev` as "Common Name"

openssl x509 -noout -fingerprint -text < alexfedoseev.dev.crt > alexfedoseev.dev.info
cat alexfedoseev.dev.crt alexfedoseev.dev.key > alexfedoseev.dev.pem

LetsEncrypt for production

Obtain a cert from LetsEncrypt (run against production host):

docker run \
  -it \
  --rm \
  --name certbot \
  -v "/etc/letsencrypt:/etc/letsencrypt" \
  -v "/www/letsencrypt:/www/letsencrypt" \
  certbot/certbot \
  certonly \
  -d alexfedoseev.com \
  -d www.alexfedoseev.com \
  --webroot \
  --webroot-path /www/letsencrypt

Renew it manually:

docker run \
  -t \
  --rm \
  -v "/etc/letsencrypt:/etc/letsencrypt" \
  -v "/www/letsencrypt:/www/letsencrypt" \
  -v "/var/log/letsencrypt:/var/log/letsencrypt" \
  certbot/certbot \
  renew \
  --webroot \
  --webroot-path /www/letsencrypt \
&& docker-compose -f docker-compose.prod.yml kill -s HUP nginx

Or using cron:

0 0 */15 * * docker run -t --rm -v "/etc/letsencrypt:/etc/letsencrypt" -v "/www/letsencrypt:/www/letsencrypt" -v "/var/log/letsencrypt:/var/log/letsencrypt" certbot/certbot renew --webroot --webroot-path /www/letsencrypt && docker-compose -f docker-compose.prod.yml kill -s HUP nginx >/dev/null 2>&1