A minimal Notes server for storing text-only thoughts, etc. Uses Google Cloud Firestore.
All requests must have a valid JWT (or cookie) which can be obtained by POST /login, using valid creds.
NOTE: This server is only for demo purposes. JWTs alone are not a secure choice for end-user authentication in production.
- Create note: (
POST /notes) - Get all notes (
GET /notes) - Get random note (
GET /notes/random)
- GCP project with billing enabled
- A running GKE cluster in your project
- Firestore API enabled for your project, with a database,
notesdb, and an empty collection in that DB, callednotes - A domain (to serve managed SSL certs)
- Fork or clone this repo
- Build Docker image from source:
docker build -t <your-repo>:<tag> .
- Push the docker image:
docker push <your-repo>:<tag>
- Update
kubernetes/deployment.yaml'simage(line 24) with your Docker image - Follow instructions here to create a GCP static IP address named
example-ip-address. - Update
kubernetes/managed-cert.yamlwithdomains: <your-domain-name> - Get a service account private key for Firestore: go to the Google Cloud Platform Console > IAM & Admin > Service Accounts. Generate a private key, then download it as JSON,
service-account.json - Create a Kubernetes secret,
firestore-key, from the service account JSON:
kubectl create secret generic firestore-key --from-file=./service-account.json
- Create a second Kubernetes secret with your desired Notes Server credentials:
kubectl create secret generic notes-secret --from-literal=username=<YOUR_USERNAME> --from-literal=password=<YOUR_PASSWORD> --from-literal=signkey=<YOUR_JWT_SIGN_KEY>
- Apply Kubernetes manifests to the cluster. This will create the SSL managed certs for your domain name, an Ingress (for the static IP you created), and a Service/Deployment for the notes server.
kubectl apply -f kubernetes/