diff --git a/backend/.gitignore b/backend/.gitignore new file mode 100644 index 00000000..f9d00a65 --- /dev/null +++ b/backend/.gitignore @@ -0,0 +1 @@ +database.json \ No newline at end of file diff --git a/backend/src/awsSetup.ts b/backend/src/awsSetup.ts new file mode 100644 index 00000000..261fb567 --- /dev/null +++ b/backend/src/awsSetup.ts @@ -0,0 +1,28 @@ +import AWS from 'aws-sdk' + +export const setupFinished = new Promise((resolve) => { + const secretsManager = new AWS.SecretsManager({ + region: process.env.AWS_REGION, + }) + + const secrets = Object.entries(process.env).filter( + ([key, value]) => key.startsWith('AWS_SECRET_') && value !== undefined, + ) as [string, string][] + + const promises = secrets.map(async ([key, SecretId]) => { + return new Promise((resolve) => { + secretsManager.getSecretValue({ SecretId }, (err, data) => { + if (err) { + throw err + } + const realKey = key.replace('AWS_SECRET_', '') + process.env[realKey] = data.SecretString + resolve(true) + }) + }) + }) + + Promise.all(promises).then(() => { + resolve() + }) +}) diff --git a/backend/src/server.prod.ts b/backend/src/server.prod.ts deleted file mode 100644 index ce628e27..00000000 --- a/backend/src/server.prod.ts +++ /dev/null @@ -1,26 +0,0 @@ -import AWS from 'aws-sdk' -import { env } from './utils/misc.js' - -async function main() { - const secretsManager = new AWS.SecretsManager({ - region: env('AWS_REGION'), - }) - - const secrets = Object.entries(process.env).filter( - ([key, value]) => key.startsWith('AWS_SECRET_') && value !== undefined, - ) as [string, string][] - - secrets.forEach(([key, SecretId]) => { - secretsManager.getSecretValue({ SecretId }, (err, data) => { - if (err) { - throw err - } - const realKey = key.replace('AWS_SECRET_', '') - process.env[realKey] = data.SecretString - }) - }) - - await import('./server.js') -} - -main() diff --git a/backend/src/server.ts b/backend/src/server.ts index 85963f82..922d3055 100644 --- a/backend/src/server.ts +++ b/backend/src/server.ts @@ -1,2 +1,9 @@ -import './api.js' -import './worker.js' +const loadServer = async () => { + if (process.env.NODE_ENV === 'production') { + await import('./awsSetup.js').then(({ setupFinished }) => setupFinished) + } + await import('./worker.js') + await import('./api.js') +} + +loadServer() diff --git a/backend/start-server.sh b/backend/start-server.sh index 6387ce45..dce27a06 100644 --- a/backend/start-server.sh +++ b/backend/start-server.sh @@ -1,2 +1,2 @@ -yarn db-migrate up -node dist/server.js \ No newline at end of file +yarn db-migrate up -e ${NODE_ENV:-development} +yarn start \ No newline at end of file diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index bf55d7f2..3d7e7398 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -59,19 +59,8 @@ services: ports: - "3000:3000" restart: unless-stopped - environment: - DATABASE_URL: ${DATABASE_URL} - RPC_ENDPOINT: ${RPC_ENDPOINT} - PRIVATE_KEYS_PATH: ${PRIVATE_KEYS_PATH} - CORS_ALLOWED_ORIGINS: ${CORS_ALLOWED_ORIGINS} - OBJECT_MAPPING_ARCHIVER_URL: ${OBJECT_MAPPING_ARCHIVER_URL} - MAX_CACHE_SIZE: ${MAX_CACHE_SIZE} - JWT_SECRET: ${JWT_SECRET} - FILES_GATEWAY_URL: ${FILES_GATEWAY_URL} - FILES_GATEWAY_TOKEN: ${FILES_GATEWAY_TOKEN} - AUTH_SERVICE_URL: ${AUTH_SERVICE_URL} - AUTH_SERVICE_API_KEY: ${AUTH_SERVICE_API_KEY} - ACCEPT_UNAUTHORIZED_CERTS: ${ACCEPT_UNAUTHORIZED_CERTS} + env_file: + - .env healthcheck: test: ["CMD", "curl", "-f", "http://localhost:3000/health"] interval: 15s