Improve EC2 deployments

.env.example

@@ -9,3 +9,9 @@ DB_PORT=
 DB_USERNAME=
 DB_PASSWORD=
 DB_DATABASE=
+
+# Use same values for POSTGRES_USER, POSTGRES_PASSWORD and POSTGRES_DB
+# It's for postgres docker container. You can skip if you're going to use RDS or another service.
+POSTGRES_USER=
+POSTGRES_PASSWORD=
+POSTGRES_DB=

README.md

@@ -2,10 +2,49 @@
 
 ## Migrations
 
-### Generate
+Typeorm will use .env file. Make sure you are going to connect to the correct DB by checking .env file.
 
-`npm run typeorm -- migration:generate apps/api/src/migrations/NameOfTheMigration`
+- To generate a new migration:
 
-### Run
+  - `npm run typeorm -- migration:generate apps/api/src/migrations/NameOfTheMigration`
 
-`npm run typeorm -- migration:run`
+- To run the migrations:
+  - `npm run typeorm -- migration:run`
+
+## Instructions to deploy to ECS
+
+- Setup ECS cluster
+- Setup RDS and Elasticache
+- Update api_secrets in Secrets Manager
+- Change ELB target to ECS
+  - Use conditions to redirect to correct service
+- Uncomment ECS deployment step in github workflows
+
+## Commands to deploy to EC2
+
+- Change ELB target to EC2
+  - You don't need to specify any redirects as there is an Nginx server handling routing.
+- Comment out ECS deployment step in github workflows
+- Connect to EC2 instance via ssh
+  - `ssh -i ./attendance.pem [email protected]`
+- Install docker and docker compose
+  - Check internet for this step
+- If needed, update image tags in `docker-compose.yml` file
+  - When you push a new version, github workflows builds and pushes new image tags to ECR using commit hash. You can use commit hash a few minutes after pushing.
+- Copy required files from repository to EC2
+  - `scp -i ./attendance.pem ./docker-compose.yml nginx-compose.conf [email protected]:~`
+- In EC2, retrieve secrets from secrets manager to .env file
+  - `aws secretsmanager get-secret-value --secret-id api_secrets| jq --raw-output '.SecretString' | jq -r 'to_entries|map("\(.key)=\(.value|tostring)")|.[]' > .env`
+- In EC2, login to ECR
+  - `aws ecr get-login-password | docker login --username AWS --password-stdin 123456789010.dkr.ecr.eu-central-1.amazonaws.com`
+- In EC2, start the containers
+  - `docker-compose up`
+
+## How to connect to EC2 postgres
+
+- Create SSH tunnel
+  - `ssh -i ./attendance.pem -L 5433:localhost:5432 [email protected]`
+- Connect to postgres with following inputs
+  - host = localhost
+  - port = 5433
+  - Refer to secrets manager for username, password and database name

docker-compose.yml

@@ -1,35 +1,20 @@
-version: '3.8'
-
 services:
   api:
-    build:
-      context: .
-      dockerfile: api.Dockerfile
+    image: 574099924710.dkr.ecr.eu-central-1.amazonaws.com/attendence-taker-api:db5758a38922bceb073ac500d5152429be34a2e1
     networks:
       - app-network
     depends_on:
       - postgres
       - redis
-    environment:
-      REDIS_HOST: redis
-      REDIS_PORT: 6379
-      DB_HOST: postgres
-      DB_PORT: 5432
-      DB_USERNAME: your_postgres_user
-      DB_PASSWORD: your_postgres_password
-      DB_DATABASE: your_postgres_db
+    env_file: .env
 
   desktop:
-    build:
-      context: .
-      dockerfile: desktop.Dockerfile
+    image: 574099924710.dkr.ecr.eu-central-1.amazonaws.com/attendence-taker-desktop:db5758a38922bceb073ac500d5152429be34a2e1
     networks:
       - app-network
 
   mobile:
-    build:
-      context: .
-      dockerfile: mobile.Dockerfile
+    image: 574099924710.dkr.ecr.eu-central-1.amazonaws.com/attendence-taker-mobile:db5758a38922bceb073ac500d5152429be34a2e1
     networks:
       - app-network
 
@@ -48,10 +33,9 @@ services:
 
   postgres:
     image: postgres:13
-    environment:
-      POSTGRES_USER: your_postgres_user
-      POSTGRES_PASSWORD: your_postgres_password
-      POSTGRES_DB: your_postgres_db
+    env_file: .env
+    ports:
+      - '5432:5432'
     volumes:
       - postgres_data:/var/lib/postgresql/data
     networks:
@@ -61,10 +45,13 @@ services:
     image: redis:latest
     networks:
       - app-network
+    volumes:
+      - redis_data:/data
 
 networks:
   app-network:
     driver: bridge
 
 volumes:
   postgres_data:
+  redis_data:

nginx-compose.conf

@@ -3,12 +3,21 @@ server {
     server_name api.attendance.koraykural.com;
 
     location / {
-        proxy_pass http://api:3333/;
+        proxy_pass http://api:80/;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
     }
+
+    location /socket.io/ {
+      proxy_pass http://api:80; 
+      proxy_http_version 1.1;
+      proxy_set_header Upgrade $http_upgrade;
+      proxy_set_header Connection 'upgrade';
+      proxy_set_header Host $host;
+      proxy_cache_bypass $http_upgrade;
+    }
 }
 
 server {