feat: configure caddy to server api and ui

.env.example

@@ -1,5 +1,5 @@
 MELI_HOST=http://localhost:3001
-MELI_UI_URL=http://localhost:3000
+MELI_UI_HOST=http://localhost:3000
 MELI_PORT=3001
 MELI_SITES_DOMAIN=loopback.sh
 MELI_CADDY_MELI_SERVER_HOST=host.docker.internal:3001

docker-compose-dev.yml

@@ -22,9 +22,10 @@ services:
 
   caddy:
     image: caddy
-    command: ['caddy', 'run', '--config', '/etc/caddy/config.json']
+    command: [ 'caddy', 'run', '--config', '/etc/caddy/config.json' ]
     ports:
       - 127.0.0.1:80:80
+      - 127.0.0.1:8080:8080
       - 127.0.0.1:2019:2019
     volumes:
       - ./data/caddy:/sites

setupTests.js

@@ -11,7 +11,7 @@ process.env['FORCE_COLOR'] = '1';
 
 // env
 process.env.MELI_HOST = 'http://localhost:3001';
-process.env.MELI_UI_URL = 'http://localhost:3000';
+process.env.MELI_UI_HOST = 'http://localhost:3000';
 process.env.MELI_MAIL_HOST = 'localhost';
 process.env.MELI_MAIL_PORT = '1025';
 process.env.MELI_BILLING_PRICE_ID = 'price_123';

src/auth/authenticate.ts

@@ -26,10 +26,10 @@ async function handler(req: Request, res: Response, next: NextFunction) {
     if (err) {
       return next(err);
     }
-    logger.debug(`Redirecting to ${env.MELI_UI_URL} with cookie ${authCookieName} ${JSON.stringify(cookieOptions(), null, 2)}`);
+    logger.debug(`Redirecting to ${env.MELI_UI_HOST.host} with cookie ${authCookieName} ${JSON.stringify(cookieOptions(), null, 2)}`);
     res
       .cookie(authCookieName, token, cookieOptions())
-      .redirect(env.MELI_UI_URL);
+      .redirect(env.MELI_UI_HOST.host);
   });
 }
 

src/auth/passport/gitea.ts

@@ -19,7 +19,7 @@ if (
   && env.MELI_GITEA_CLIENT_ID
   && env.MELI_GITEA_CLIENT_SECRET
 ) {
-  const oauthCallbackUrl = `${env.MELI_HOST}${gitea_callback}`;
+  const oauthCallbackUrl = `${env.MELI_HOST.host}${gitea_callback}`;
   logger.debug('Enabling gitea auth', oauthCallbackUrl);
 
   passport.use('gitea', new OAuth2Strategy(

src/auth/passport/github.ts

@@ -19,7 +19,7 @@ if (
   && env.MELI_GITHUB_CLIENT_ID
   && env.MELI_GITHUB_CLIENT_SECRET
 ) {
-  const oauthCallbackUrl = `${env.MELI_HOST}${github_callback}`;
+  const oauthCallbackUrl = `${env.MELI_HOST.host}${github_callback}`;
   logger.debug('Enabling github auth', oauthCallbackUrl);
 
   passport.use('github', new OAuth2Strategy(

src/auth/passport/gitlab.ts

@@ -20,7 +20,7 @@ if (
   && env.MELI_GITLAB_CLIENT_ID
   && env.MELI_GITLAB_CLIENT_SECRET
 ) {
-  const oauthCallbackUrl = `${env.MELI_HOST}${gitlab_callback}`;
+  const oauthCallbackUrl = `${env.MELI_HOST.host}${gitlab_callback}`;
   logger.debug('Enabling gitlab auth', oauthCallbackUrl);
 
   passport.use('gitlab', new OAuth2Strategy(

src/auth/passport/google.ts

@@ -15,7 +15,7 @@ if (
   env.MELI_GOOGLE_CLIENT_ID
   && env.MELI_GOOGLE_CLIENT_SECRET
 ) {
-  const oauthCallbackUrl = `${env.MELI_HOST}${google_callback}`;
+  const oauthCallbackUrl = `${env.MELI_HOST.host}${google_callback}`;
   logger.debug('Enabling google auth', oauthCallbackUrl);
 
   // TODO could we use the OAuth2 strategy ?

src/caddy/config/app-server.ts

@@ -0,0 +1,42 @@
+import { env } from '../../env';
+
+export const appServer = {
+  listen: [':8080'],
+  routes: [
+    {
+      group: 'api',
+      match: [{
+        path: [
+          '/api/*',
+          '/auth/*',
+        ],
+      }],
+      handle: [
+        // https://caddyserver.com/docs/json/apps/http/servers/routes/handle/reverse_proxy/
+        {
+          handler: 'reverse_proxy',
+          upstreams: [{
+            dial: env.MELI_CADDY_API_HOST?.host || env.MELI_HOST.host,
+          }],
+        },
+      ],
+      terminal: true,
+    },
+    {
+      group: 'ui',
+      match: [{
+        path: ['/*'],
+      }],
+      handle: [
+        // https://caddyserver.com/docs/json/apps/http/servers/routes/handle/reverse_proxy/
+        {
+          handler: 'reverse_proxy',
+          upstreams: [{
+            dial: env.MELI_CADDY_UI_HOST?.host || env.MELI_UI_HOST.host,
+          }],
+        },
+      ],
+      terminal: true,
+    },
+  ],
+};

src/caddy/configuration.ts

@@ -14,6 +14,7 @@ import { getBranchFilesDir, getBranchStaticDir } from '../entities/sites/get-sit
 import { RedirectType, ReverseProxyRedirectConfig } from '../entities/sites/redirect';
 import { getReverseProxyDial } from './utils/get-reverse-proxy-dial';
 import { URL } from 'url';
+import { appServer } from './config/app-server';
 
 const logger = new Logger('meli.server:caddy');
 
@@ -66,6 +67,7 @@ async function generateConfig(): Promise<any> {
     apps: {
       http: {
         servers: {
+          app: appServer,
           sites: {
             listen: [':80'],
             routes: [

src/commons/validators/to-url.ts

@@ -0,0 +1,5 @@
+import { URL } from 'url';
+
+export function toUrl(str: string): URL {
+  return str ? new URL(str) : undefined;
+}

src/entities/orgs/handlers/invites/add-invite.ts

@@ -55,7 +55,7 @@ async function handler(req: Request, res: Response): Promise<void> {
 
   await sendInvite(email, {
     org: org.name,
-    url: `${env.MELI_UI_URL}/invite?token=${invite.token}`,
+    url: `${env.MELI_UI_HOST.host}/invite?token=${invite.token}`,
   });
 
   emitEvent(EventType.org_invite_added, {

src/entities/sites/serialize-redirect.ts

@@ -1,5 +1,4 @@
 import { Branch } from './branch';
-import { env } from '../../env';
 import { Site } from './site';
 import { getSiteUrl } from './get-site-url';
 import { getBranchUrl } from './get-branch-url';
@@ -13,6 +12,6 @@ export function serializeRedirect(site: Site, branch: Branch, redirect: Redirect
     type: redirect.type,
     path: redirect.path,
     config: redirect.config,
-    url: `${url}${env.MELI_CADDY_REDIRECT_PREFIX}${formatRedirectPath(redirect.path)}`,
+    url: `${url}${formatRedirectPath(redirect.path)}`,
   };
 }

src/env.ts

@@ -10,16 +10,17 @@ import {
 } from './commons/env/transformers';
 import { AppError } from './commons/errors/app-error';
 import { URL } from 'url';
+import { toUrl } from './commons/validators/to-url';
 
 export interface Env {
   DEBUG: string;
   MELI_PORT: number;
-  MELI_HOST: string;
+  MELI_HOST: URL;
   MELI_SITES_DOMAIN: URL;
   MELI_PUBLIC_HOST: string;
   MELI_JWT_SECRET: string;
   MELI_JWT_TOKEN_EXPIRATION: number;
-  MELI_UI_URL: string;
+  MELI_UI_HOST: URL;
   MELI_MONGO_URI: string;
   MELI_GITLAB_URL: string;
   MELI_GITLAB_CLIENT_ID: string;
@@ -68,7 +69,8 @@ export interface Env {
   MELI_STATIC_DIR: string;
   MELI_CADDY_MELI_SERVER_HOST: string;
   MELI_BCRYPT_SALTROUNDS: number;
-  MELI_CADDY_REDIRECT_PREFIX: string;
+  MELI_CADDY_UI_HOST: URL;
+  MELI_CADDY_API_HOST: URL;
 }
 
 const envSpec: EnvSpec<Env> = {
@@ -80,10 +82,10 @@ const envSpec: EnvSpec<Env> = {
     schema: number().default(3000),
   },
   MELI_HOST: {
-    schema: string().required(),
+    schema: string().required().custom(toUrl),
   },
   MELI_SITES_DOMAIN: {
-    schema: string().required().custom(url => new URL(url)),
+    schema: string().required().custom(toUrl),
   },
   MELI_PUBLIC_HOST: {
     schema: string(),
@@ -95,8 +97,8 @@ const envSpec: EnvSpec<Env> = {
     transform: stringToInt(),
     schema: number().min(3600).default(86400 * 30),
   },
-  MELI_UI_URL: {
-    schema: string().required(),
+  MELI_UI_HOST: {
+    schema: string().required().custom(toUrl),
   },
   MELI_GITLAB_URL: {
     schema: string().default('https://gitlab.com'),
@@ -286,9 +288,11 @@ const envSpec: EnvSpec<Env> = {
     transform: stringToInt(),
     schema: number().optional().default(10),
   },
-  MELI_CADDY_REDIRECT_PREFIX: {
-    // TODO included slash might be confusing
-    schema: string().optional().default('/env/').pattern(/^\/[\w_-]+$/),
+  MELI_CADDY_UI_HOST: {
+    schema: string().optional().custom(toUrl),
+  },
+  MELI_CADDY_API_HOST: {
+    schema: string().optional().custom(toUrl),
   },
 };
 

src/server.ts

@@ -87,7 +87,7 @@ async function main(): Promise<any> {
   app.use(compression());
   app.use(helmet());
   app.use(cors({
-    origin: env.MELI_UI_URL,
+    origin: env.MELI_UI_HOST.host,
     credentials: true,
   }));