From b9ad0c8056dccd15ee5092f3f0888dbf5b16abe4 Mon Sep 17 00:00:00 2001
From: Ebrahim Hoseiny Fadae <metalicn20@gmail.com>
Date: Sat, 30 Apr 2022 18:23:43 +0430
Subject: [PATCH 1/6] Close #3, Upload containers to public registry (#4)

* Remove deployment config

* Add docker-compose.yml

* Fix image name typo

* Remove --parallel flag
---
 .github/workflows/dev.yml   | 27 +++++++++++-------
 .github/workflows/main.yml  | 27 +++++++++++-------
 Jenkinsfile                 | 55 -------------------------------------
 dev.Jenkinsfile             | 55 -------------------------------------
 docker-compose.dev.yml      |  5 ----
 docker-compose.override.yml |  5 ----
 docker-compose.yml          | 15 +---------
 nginx.conf                  |  4 +--
 8 files changed, 37 insertions(+), 156 deletions(-)
 delete mode 100644 Jenkinsfile
 delete mode 100644 dev.Jenkinsfile
 delete mode 100644 docker-compose.dev.yml
 delete mode 100644 docker-compose.override.yml

diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml
index 1f79d9c..0f3db11 100644
--- a/.github/workflows/dev.yml
+++ b/.github/workflows/dev.yml
@@ -1,17 +1,24 @@
-name: Deploy OPEX-Nginx - Dev
+name: Push images on dev branch update
+
 on:
   push:
     branches:
       - dev
+
 jobs:
-  jenkinsJob:
-    name: Build OPEX-Nginx new dev version
-    runs-on: ubuntu-latest
+  build:
+    runs-on: ubuntu-20.04
+    name: Build NGINX
     steps:
-      - name: Trigger opex-nginx-dev on jenkins
-        uses: appleboy/jenkins-action@master
+      - name: Checkout Source Code
+        uses: actions/checkout@v2
+      - name: Build Docker images
+        run: TAG=dev docker-compose build
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
         with:
-          url: ${{ secrets.JENKINS_URL }}
-          user: ${{ secrets.JENKINS_USER }}
-          token: ${{ secrets.JENKINS_TOKEN }}
-          job: "opex-nginx-dev"
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Push images to GitHub Container Registry
+        run: TAG=dev docker-compose push
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index ae64f05..db1da6d 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -1,17 +1,24 @@
-name: Deploy OPEX-Nginx - Demo
+name: Push images on main branch update
+
 on:
   push:
     branches:
       - main
+
 jobs:
-  jenkinsJob:
-    name: Deploy OPEX-Nginx new demo version
-    runs-on: ubuntu-latest
+  build:
+    runs-on: ubuntu-20.04
+    name: Build NGINX
     steps:
-      - name: Trigger opex-nginx-demo on jenkins
-        uses: appleboy/jenkins-action@master
+      - name: Checkout Source Code
+        uses: actions/checkout@v2
+      - name: Build Docker images
+        run: TAG=latest docker-compose build
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
         with:
-          url: ${{ secrets.JENKINS_URL }}
-          user: ${{ secrets.JENKINS_USER }}
-          token: ${{ secrets.JENKINS_TOKEN }}
-          job: "opex-nginx-demo"
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Push images to GitHub Container Registry
+        run: TAG=latest docker-compose push
diff --git a/Jenkinsfile b/Jenkinsfile
deleted file mode 100644
index fb9d3ea..0000000
--- a/Jenkinsfile
+++ /dev/null
@@ -1,55 +0,0 @@
-pipeline {
-    agent any
-
-    stages('Deploy') {
-        stage('Deliver') {
-            environment {
-                COMPOSE_PROJECT_NAME = 'demo-nginx'
-                DEFAULT_NETWORK_NAME = 'demo-opex'
-            }
-            steps {
-                withCredentials([
-                    file(credentialsId: 'private.pem', variable: 'PRIVATE'),
-                    file(credentialsId: 'opex.dev.crt', variable: 'PUBLIC')
-                ]) {
-                    sh 'cp -f $PRIVATE ./private.pem'
-                    sh 'cp -f $PUBLIC ./opex.dev.crt'
-                }
-                sh 'docker-compose up -d --build --remove-orphans'
-                sh 'docker image prune -f'
-                sh 'docker network prune -f'
-            }
-        }
-    }
-
-    post {
-        always {
-            echo 'One way or another, I have finished'
-        }
-        success {
-            echo ':)'
-            setBuildStatus(":)", "SUCCESS")
-        }
-        unstable {
-            echo ':/'
-            setBuildStatus(":/", "UNSTABLE")
-        }
-        failure {
-            echo ':('
-            setBuildStatus(":(", "FAILURE")
-        }
-        changed {
-            echo 'Things were different before...'
-        }
-    }
-}
-
-void setBuildStatus(String message, String state) {
-    step([
-            $class            : "GitHubCommitStatusSetter",
-            reposSource       : [$class: "ManuallyEnteredRepositorySource", url: "https://github.com/opexdev/OPEX-Nginx"],
-            contextSource     : [$class: "ManuallyEnteredCommitContextSource", context: "ci/jenkins/build-status"],
-            errorHandlers     : [[$class: "ChangingBuildStatusErrorHandler", result: "UNSTABLE"]],
-            statusResultSource: [$class: "ConditionalStatusResultSource", results: [[$class: "AnyBuildResult", message: message, state: state]]]
-    ])
-}
diff --git a/dev.Jenkinsfile b/dev.Jenkinsfile
deleted file mode 100644
index 05af7e7..0000000
--- a/dev.Jenkinsfile
+++ /dev/null
@@ -1,55 +0,0 @@
-pipeline {
-    agent any
-
-    stages('Deploy') {
-        stage('Deliver') {
-            environment {
-                COMPOSE_PROJECT_NAME = 'dev-nginx'
-                DEFAULT_NETWORK_NAME = 'dev-opex'
-            }
-            steps {
-                withCredentials([
-                    file(credentialsId: 'private.pem', variable: 'PRIVATE'),
-                    file(credentialsId: 'opex.dev.crt', variable: 'PUBLIC')
-                ]) {
-                    sh 'cp -f $PRIVATE ./private.pem'
-                    sh 'cp -f $PUBLIC ./opex.dev.crt'
-                }
-                sh 'docker-compose -f docker-compose.yml -f docker-compose.dev.yml up -d --build --remove-orphans'
-                sh 'docker image prune -f'
-                sh 'docker network prune -f'
-            }
-        }
-    }
-
-    post {
-        always {
-            echo 'One way or another, I have finished'
-        }
-        success {
-            echo ':)'
-            setBuildStatus(":)", "SUCCESS")
-        }
-        unstable {
-            echo ':/'
-            setBuildStatus(":/", "UNSTABLE")
-        }
-        failure {
-            echo ':('
-            setBuildStatus(":(", "FAILURE")
-        }
-        changed {
-            echo 'Things were different before...'
-        }
-    }
-}
-
-void setBuildStatus(String message, String state) {
-    step([
-            $class            : "GitHubCommitStatusSetter",
-            reposSource       : [$class: "ManuallyEnteredRepositorySource", url: "https://github.com/opexdev/OPEX-Nginx"],
-            contextSource     : [$class: "ManuallyEnteredCommitContextSource", context: "ci/jenkins/build-status"],
-            errorHandlers     : [[$class: "ChangingBuildStatusErrorHandler", result: "UNSTABLE"]],
-            statusResultSource: [$class: "ConditionalStatusResultSource", results: [[$class: "AnyBuildResult", message: message, state: state]]]
-    ])
-}
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
deleted file mode 100644
index e8cc42d..0000000
--- a/docker-compose.dev.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-version: '3.8'
-services:
-  nginx:
-    ports:
-      - '8443:443'
\ No newline at end of file
diff --git a/docker-compose.override.yml b/docker-compose.override.yml
deleted file mode 100644
index 5084fe0..0000000
--- a/docker-compose.override.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-version: '3.8'
-services:
-  nginx:
-    ports:
-      - '443:443'
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index fd64b91..dbc8956 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,18 +1,5 @@
 version: '3.8'
 services:
   nginx:
+    image: ghcr.io/opexdev/nginx:$TAG
     build: .
-    volumes:
-      - www:/data/www
-    networks:
-      - default
-    deploy:
-      restart_policy:
-        condition: on-failure
-volumes:
-  www:
-    external: false
-networks:
-  default:
-    driver: bridge
-    name: ${DEFAULT_NETWORK_NAME:-opex}
\ No newline at end of file
diff --git a/nginx.conf b/nginx.conf
index eb7e193..9d39f26 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -13,8 +13,8 @@ http {
     ssl_session_timeout 10m;
     keepalive_timeout   70;
 
-    ssl_certificate     opex.dev.crt;
-    ssl_certificate_key private.pem;
+    ssl_certificate     /run/secrets/opex_dev_crt;
+    ssl_certificate_key /run/secrets/private_pem;
     ssl_protocols       TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
     ssl_ciphers         HIGH:!aNULL:!MD5;
 

From 3235e684738285ed2801525214d1f826f0db5a7d Mon Sep 17 00:00:00 2001
From: metalicn20 <metalicn20@gmail.com>
Date: Sat, 30 Apr 2022 18:26:02 +0430
Subject: [PATCH 2/6] Fix Dockerfile

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 7a37ab1..043362d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,2 +1,2 @@
 FROM nginx:1.20.2
-ADD nginx.conf opex.dev.crt private.pem /etc/nginx/
+ADD nginx.conf /etc/nginx/

From affcd6d0dde8bce451e35c1b08507b4559d60fe2 Mon Sep 17 00:00:00 2001
From: metalicn20 <metalicn20@gmail.com>
Date: Mon, 2 May 2022 11:28:02 +0430
Subject: [PATCH 3/6] Fix web-app upstream

---
 nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nginx.conf b/nginx.conf
index 9d39f26..f7221a5 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -47,7 +47,7 @@ http {
     }
 
     upstream docker-web-app {
-        server app:80;
+        server web-app:80;
     }
 
     upstream docker-ipg {

From 67cd0e10996eb51ec8d55ff7ebccda2f859431a2 Mon Sep 17 00:00:00 2001
From: metalicn20 <metalicn20@gmail.com>
Date: Mon, 2 May 2022 11:50:48 +0430
Subject: [PATCH 4/6] Add exposed port config

---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index 043362d..c81a62b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,2 +1,3 @@
 FROM nginx:1.20.2
 ADD nginx.conf /etc/nginx/
+EXPOSE 443
\ No newline at end of file

From 4469139768a74e878e29aaffc8e70990aabb700e Mon Sep 17 00:00:00 2001
From: metalicn20 <metalicn20@gmail.com>
Date: Sun, 8 May 2022 14:41:39 +0430
Subject: [PATCH 5/6] Update nginx.conf

---
 nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/nginx.conf b/nginx.conf
index f7221a5..82b91cb 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -70,6 +70,7 @@ http {
     proxy_set_header   Host $host;
     proxy_set_header   X-Real-IP $remote_addr;
     proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header   X-Forwarded-Proto http;
     proxy_set_header   X-Forwarded-Host $server_name;
 
     server {

From 2b36dafde11f5417123d59742aa65f71dd0c85b0 Mon Sep 17 00:00:00 2001
From: metalicn20 <metalicn20@gmail.com>
Date: Sun, 8 May 2022 14:46:09 +0430
Subject: [PATCH 6/6] Update nginx.conf

---
 nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nginx.conf b/nginx.conf
index 82b91cb..0614c61 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -70,7 +70,7 @@ http {
     proxy_set_header   Host $host;
     proxy_set_header   X-Real-IP $remote_addr;
     proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header   X-Forwarded-Proto http;
+    proxy_set_header   X-Forwarded-Proto $scheme;
     proxy_set_header   X-Forwarded-Host $server_name;
 
     server {