From 55a64cf54602175a4a6f3c92ae2cbd9a418e9e7d Mon Sep 17 00:00:00 2001 From: maurice Date: Sat, 22 Nov 2025 17:37:45 +0100 Subject: [PATCH] NumberChords services --- services/numberchords/api.service.toml | 40 ++++++++++++++++++ services/numberchords/database.service.toml | 28 ++++++++++++ services/numberchords/identity.service.toml | 31 ++++++++++++++ services/numberchords/numberchords.caddy | 47 +++++++++++++++++++++ services/numberchords/secrets.md | 12 ++++++ services/numberchords/web.service.toml | 25 +++++++++++ 6 files changed, 183 insertions(+) create mode 100644 services/numberchords/api.service.toml create mode 100644 services/numberchords/database.service.toml create mode 100644 services/numberchords/identity.service.toml create mode 100644 services/numberchords/numberchords.caddy create mode 100644 services/numberchords/secrets.md create mode 100644 services/numberchords/web.service.toml diff --git a/services/numberchords/api.service.toml b/services/numberchords/api.service.toml new file mode 100644 index 0000000..ce8ba77 --- /dev/null +++ b/services/numberchords/api.service.toml @@ -0,0 +1,40 @@ +user = "podman" + +[service] +name = "numberchords-api" +host = "nc-api" +image = "numberchords-api" +network = "nc-test" +depend = ["numberchords-db.service"] + +[environment] +ASPNETCORE_ENVIRONMENT = "Test" +# "NC_Security__OtherIssuerKeys__identity.numberchords.com__AuthPublicKey" = "" + +[[secrets]] +key = "connection_string" +target = "Database__ConnectionString" + +[[secrets]] +key = "api_secret_key" +target = "Security__AuthSecretKey" + +[[secrets]] +key = "api_private_key" +target = "Security__AuthPrivateKey" + +[[secrets]] +key = "mollie_api_key" +target = "Payment__MollieApiKey" + +[[secrets]] +key = "smtp_username" +target = "Email__SmtpUsername" + +[[secrets]] +key = "smtp_password" +target = "Email__SmtpPassword" + +[[networks]] +name = "nc-test" +group = "caddy" \ No newline at end of file diff --git a/services/numberchords/database.service.toml b/services/numberchords/database.service.toml new file mode 100644 index 0000000..4023536 --- /dev/null +++ b/services/numberchords/database.service.toml @@ -0,0 +1,28 @@ +user = "podman" + +[service] +name = "numberchords-db" +host = "nc-db" +image = "mongodb/mongodb-community-server:latest" +network = "nc-test" + +[[volumes]] +source = "nc_database_test" +target = "/data/db" +create = true + +[[environment_secrets]] +name = "MONGO_INITDB_ROOT_USERNAME" +secret = "mongo_username" + +[[environment_secrets]] +name = "MONGO_INITDB_ROOT_PASSWORD" +secret = "mongo_password" + +[[ports]] +host = 27017 +container = 27017 + +[[networks]] +name = "nc-test" +group = "caddy" \ No newline at end of file diff --git a/services/numberchords/identity.service.toml b/services/numberchords/identity.service.toml new file mode 100644 index 0000000..3458656 --- /dev/null +++ b/services/numberchords/identity.service.toml @@ -0,0 +1,31 @@ +user = "podman" + +[service] +name = "numberchords-identity" +host = "nc-identity" +image = "numberchords-identity" +network = "nc-test" +depend = ["numberchords-db.service"] + +[environment] +ASPNETCORE_ENVIRONMENT = "Test" + +[[secrets]] +key = "connection_string" +target = "Database__ConnectionString" + +[[secrets]] +key = "id_secret_key" +target = "Security__AuthSecretKey" + +[[secrets]] +key = "id_private_key" +target = "Security__AuthPrivateKey" + +[[secrets]] +key = "api_secret_key" +target = "Security__OtherIssuerKeys_api-test.numberchords.com__AuthSecretKey" + +[[networks]] +name = "nc-test" +group = "caddy" \ No newline at end of file diff --git a/services/numberchords/numberchords.caddy b/services/numberchords/numberchords.caddy new file mode 100644 index 0000000..78e4c68 --- /dev/null +++ b/services/numberchords/numberchords.caddy @@ -0,0 +1,47 @@ +http://test.numberchords.com { + import https-redir +} + +http://test.cijferakkoorden.nl { + import https-redir +} + +http://api-test.numberchords.com { + import https-redir +} + +http://identity-test.numberchords.com { + import https-redir +} + +https://test.numberchords.com { + import https + import compression + import default-headers + log access + reverse_proxy nc-web:3000 +} + +https://test.cijferakkoorden.nl { + import https + import compression + import default-headers + log access + reverse_proxy nc-web:3000 +} + +https://api-test.numberchords.com { + import https + import compression + import default-headers + log access + reverse_proxy nc-api:8080 +} + +https://identity-test.numberchords.com { + import https + import compression + import default-headers + log access + reverse_proxy nc-identity:8080 +} \ No newline at end of file diff --git a/services/numberchords/secrets.md b/services/numberchords/secrets.md new file mode 100644 index 0000000..a3b9341 --- /dev/null +++ b/services/numberchords/secrets.md @@ -0,0 +1,12 @@ +# Set these secrets: + +- `connection_string`: MongoDB connection string +- `api_secret_key`: 32-byte base64 secret +- `api_private_key`: 32-byte base64 secret +- `id_secret_key`: 32-byte base64 secret +- `id_private_key`: 32-byte base64 secret +- `mollie_api_key`: Mollie API key +- `smtp_username`: SMTP email account username +- `smtp_password`: SMTP email account password +- `mongo_username`: MongoDB root username +- `mongo_password`: MongoDB root password \ No newline at end of file diff --git a/services/numberchords/web.service.toml b/services/numberchords/web.service.toml new file mode 100644 index 0000000..76314b0 --- /dev/null +++ b/services/numberchords/web.service.toml @@ -0,0 +1,25 @@ +user = "podman" + +[service] +name = "numberchords-web" +host = "nc-web" +image = "numberchords-web" +network = "nc-test" +depend = ["numberchords-api.service", "numberchords-identity.service"] + +[environment] +PRIVATE_DATABASE_NAME = "numberchords-test" +PRIVATE_DEFAULT_AUDIENCE="api-test.numberchords.com" +PROTOCOL_HEADER="x-forwarded-proto" +HOST_HEADER="x-forwarded-host" +BODY_SIZE_LIMIT="10000000" +PRIVATE_BASE_URL="http://nc-api:8080" +PRIVATE_IDENTITY_BASE_URL="http://nc-identity:8080" + +[[environment_secrets]] +name = "PRIVATE_CONNECTION_STRING" +secret = "connection_string" + +[[networks]] +name = "nc-test" +group = "caddy" \ No newline at end of file