This docker setup is designed for users of ApiOpenStudio on a local machine or a single server, and allows full https
traffic through a Traefik reverse proxy for Core and Admin. It is suitable for local development and
small-medium projects in production. It removes the need to deploy Admin and the Admin GUI on separate servers. It uses
the ApiOpenStudio, ApiOpenStudio Admin, Traefik
and MariaDB docker images.
Clone this repository (GitLab):
git clone git@gitlab.com:apiopenstudio/apiopenstudio_reverse_proxy.git
or (GitHub)
git clone git@github.com:naala89/apiopenstudio_reverse_proxy.gi
Install mkcert
, for documentation, see mkcert.
Generate new keys using the following bash commands:
cd apiopenstudio_reverse_proxy
mkcert -cert-file certs/localhost.crt -key-file certs/localhost.key "*.docker.localhost"
cp "$(mkcert -CAROOT)/rootCA.pem" certs/ca.crt
Add the following to your /etc/hosts
file:
127.0.0.1 docker.localhost
See mkcert guide
Save your certificate key and certificate somewhere safe on your server, and update your .env
to point to the
directory containing the certificates, e.g.:
SSL_CERT_DIR=/path/to/cert/dir
Update the following entries to point to the correct domains:
http.routers.traefik.tls.domains.*.main
http.routers.traefik.tls.domains.*.sans
Update the following entries to point to the correct filenames (the path to the files should remain /etc/certs/
):
tls.certificates.*.certFile
tls.certificates.*.keyFile
Copy the example config files:
cp example.env .env
cp example.settings.api.yml settings.api.yml
cp example.settings.admin.yml settings.admin.yml
sudo chmod 660 .env settings.api.yml settings.admin.yml
sudo chgrp 33 settings.api.yml settings.admin.yml
Update the values in the Database section:
MYSQL_ROOT_PASSWORD
MYSQL_DATABASE
MYSQL_USER
MYSQL_PASSWORD
Update the values in the URLs:
API_URL
(without thehttps://
prefix)ADMIN_URL
(without thehttps://
prefix)
Ensure that you have the correct image tags in:
API_IMAGE_TAG
ADMIN_IMAGE_TAG
Update the following values:
db.root_password
(same value asMYSQL_ROOT_PASSWORD
in.env
)db.username
(same value asMYSQL_USER
in.env
)db.password
(same value asMYSQL_PASSWORD
in.env
)api.url
(same value asAPI_URL
in.env
)api.jwt_issuer
(same asapi.url
)api.jwt_permitted_for
(same asapi.url
)
Update the following values:
admin.url
(same value asADMIN_URL
in.env
)
Create the docker network and start the images
docker network create api_network
docker compose up -d
docker exec -it apiopenstudio-api bash
./install.sh
exit
docker exec -it apiopenstudio-admin bash
./install.sh
exit
Traefik admin page is available on <API_URL>:8080
For any bugs or issues found, raise a ticket at the repository issue tracker
This project is open to contributions.
To contribute:
- Create a ticket, or work on an existing ticket.
- Fork the main repository into your own repo.
- Checkout the fork.
- Set a new
upstream
remote, pointing to the main repository. - Create a feature branch off
develop
. - Make updates.
- Push the changes to your
origin
(fork). - Create a merge request to the
upstream/develop
branch.
Clone your fork
git clone git@gitlab.com:<username>/<repo_name>.git
Set upstream
git remote add upstream https://gitlab.com/apiopenstudio/apiopenstudio_reverse_proxy
git fetch upstream
Checkout your feature branch
git checkout develop
git checkout -b feature/<ticket_id>-ticket-description
git push origin feature/<ticket_id>-ticket-description
Code and push changes. After you've finished creating and testing your changes:
git commit -a -m "#<ticket_number> - short description."
git push origin feature/<ticket_id>-ticket-description
Create a merge request. In your repository page in a browser:
- Click on
Merge requests
in the LHS menu. - Click on
New merge request
button at the top of the page. - Ensure the
Source branch
is the feature branch on your repository. - Ensure the target branch is
apiopenstudio/apiopenstudio_docker_dev
develop
branch. - Click on
Compare branches and continue
.
Follow the rest of the page prompts. If your merge request is accepted, it will be merged. If there are any updates required, you will be notified through the issue ticket.
Many thanks to the original developer and Traefik:
This is available under MIT License.