Adding backend.

Author: Sebastian Siemssen

.amazeeio/htaccess-additional

@@ -0,0 +1,18 @@
+<IfModule mod_headers.c>
+    <If "%{REQUEST_METHOD} = 'OPTIONS'" >
+        Header always set   Access-Control-Allow-Origin        "*"
+        Header always set   Access-Control-Allow-Credentials   "true"
+        Header always set   Access-Control-Allow-Methods       "POST, GET, OPTIONS"
+        Header always set   Access-Control-Allow-Headers       "Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Cache-Hash"
+
+        # Tell the client this pre-flight info is valid for 20 days
+        Header always set   Access-Control-Max-Age             "1728000"
+        Header always set   Content-Type                       "text/plain charset=UTF-8"
+        Header always set   Content-Length                     "0"
+        <IfModule mod_rewrite.c>
+            RedirectMatch 204 (.*)$
+        </IfModule>
+
+    </If>
+
+</IfModule>

.amazeeio/httpd-additional.conf

@@ -0,0 +1,6 @@
+  <IfModule mod_headers.c>
+    Header always set   Access-Control-Allow-Origin        "*"
+    Header always set   Access-Control-Allow-Credentials   "true"
+    Header always set   Access-Control-Allow-Methods       "POST, GET, OPTIONS"
+    Header always set   Access-Control-Allow-Headers       "Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Cache-Hash"
+  </IfModule>

.amazeeio/nginx.conf

@@ -0,0 +1,271 @@
+### Nginx configuration for Drupal 7 and 8. This configuration makes use of
+### drush (http:///drupal.org/project/drush) for site maintenance
+### and like tasks:
+###
+### 1. Run the cronjobs.
+### 2. Run the DB and code updates: drush up or drush upc followed by
+###    drush updb to run any DB updates required by the code upgrades
+###    that were performed.
+### 3. Disabling of xmlrpc.xml and update.php: all updates are now
+###    handled through drush.
+
+## If ssl terminator had ssl, we're passing that on
+if ($http_x_forwarded_proto = 'https') {
+  set $fastcgi_https "on";
+}
+
+## rewriting /index.php to / because after https://www.drupal.org/node/2599326
+## autocomplete URLs are forced to go to index.php
+rewrite ^/index.php / last;
+
+## The 'default' location.
+location / {
+
+
+    if ($request_method = 'OPTIONS') {
+        add_header 'Access-Control-Allow-Origin' "$http_origin" always;
+        add_header 'Access-Control-Allow-Credentials' 'true' always;
+        add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Cache-Hash' always;
+
+        ### Tell client that this pre-flight info is valid for 20 days
+        add_header 'Access-Control-Max-Age' 1728000;
+        add_header 'Content-Type' 'text/plain charset=UTF-8';
+        add_header 'Content-Length' 0;
+        return 204;
+    }
+
+    ## Disallow access to any dot files
+    location ~ /\. {
+         deny all;
+         access_log off;
+         log_not_found off;
+    }
+
+    ## Replicate the Apache <FilesMatch> directive of Drupal standard
+    ## .htaccess. Disable access to any code files. Return a 404 to curtail
+    ## information disclosure. Hide also the text files.
+    location ~* ^(?:.+\.(?:htaccess|make|txt|yml|md||engine|inc|info|install|module|profile|po|pot|sh|.*sql|test|theme|tpl(?:\.php)?|xtmpl)|code-style\.pl)$ {
+         deny all;
+         access_log off;
+         log_not_found off;
+    }
+
+    ## Expiring per default for two weeks, Drupal will overwrite that if necessary
+    expires 2w;
+
+    ## First we try the URI and relay to the /index.php?q=$escaped_uri&$args if not found.
+    try_files $uri @drupal;
+}
+
+########### Security measures ##########
+
+## Restrict access to the strictly necessary PHP files. Reducing the
+## scope for exploits. Handling of PHP code and the Drupal event loop.
+location @drupal {
+    ## Include the FastCGI config.
+    include generic-configs.d/fastcgi_drupal.conf;
+
+    add_header 'Access-Control-Allow-Origin' "$http_origin" always;
+    add_header 'Access-Control-Allow-Credentials' 'true' always;
+    add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS' always;
+    add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Cache-Hash' always;
+
+
+    # Adding args to query string.
+    fastcgi_param  QUERY_STRING       $args;
+
+        ## If a special xdebug php-fpm is exiting for this site, we check if the cookie or the parameters
+    ## contain the string 'xdebug'.
+
+    ## Requests with a cookie that contains "xdebug" are sent to the
+    ## php-fpm that runs xdebug.
+    if ($http_cookie ~* "xdebug") {
+      fastcgi_pass unix:/var/run/php-fpm-drupal-xdebug.sock;
+      break;
+    }
+
+    ## Requests with a parameter that contains "xdebug" are sent to the
+    ## php-fpm that runs xdebug.
+    if ($args ~* "xdebug") {
+      fastcgi_pass unix:/var/run/php-fpm-drupal-xdebug.sock;
+      break;
+    }
+
+
+    fastcgi_pass unix:/var/run/php-fpm-drupal.sock;
+
+    ## @TODO Phase2: Learn more about MicroCache with Auth, as we have
+    ## varnish most probably not necessary
+    ## FCGI microcache for authenticated users also.
+    #include apps/drupal/microcache_fcgi_auth.conf;
+
+    ## @TODO need to test that more indept.
+    ## Filefield Upload progress
+    ## http://drupal.org/project/filefield_nginx_progress support
+    ## through the NginxUploadProgress modules.
+    ##track_uploads uploads 60s;
+}
+
+## Trying to access private files directly returns a 404.
+location /sites/default/files/private/ {
+    internal;
+}
+
+## Disallow access to patches directory.
+location ^~ /patches {
+     deny all;
+     access_log off;
+     log_not_found off;
+}
+
+## Disallow access to backup directory.
+location ^~ /backup {
+     deny all;
+     access_log off;
+     log_not_found off;
+}
+
+## Disallow access to vagrant directory.
+location ^~ /vagrant {
+     deny all;
+     access_log off;
+     log_not_found off;
+}
+
+## Disallow access to /core/vendor.
+location ^~ /core/vendor {
+     deny all;
+     access_log off;
+     log_not_found off;
+}
+
+## Disallow access to /vendor.
+location ^~ /vendor {
+     deny all;
+     access_log off;
+     log_not_found off;
+}
+
+## Disable access logs for robots.txt.
+location = /robots.txt {
+    access_log off;
+    ## Add support for the robotstxt module
+    ## http://drupal.org/project/robotstxt.
+    try_files $uri @drupal;
+}
+
+location = /humans.txt {
+    access_log off;
+    ## Add support for the humanstxt module
+    ## http://drupal.org/project/humanstxt.
+    try_files $uri @drupal;
+}
+
+## Support for favicon. Return an 1x1 transparent GIF if it doesn't
+## exist.
+location = /favicon.ico {
+    expires 30d;
+    try_files /favicon.ico @empty;
+}
+
+## Return an in memory 1x1 transparent GIF.
+location @empty {
+    expires 30d;
+    empty_gif;
+}
+
+# Any other attempt to access PHP files does not have access.
+location ~* ^.+\.php$ {
+    deny all;
+}
+
+### Directives for installing drupal.
+location = /install.php {
+        ## If a special xdebug php-fpm is exiting for this site, we check if the cookie or the parameters
+    ## contain the string 'xdebug'.
+
+    ## Requests with a cookie that contains "xdebug" are sent to the
+    ## php-fpm that runs xdebug.
+    if ($http_cookie ~* "xdebug") {
+      fastcgi_pass unix:/var/run/php-fpm-drupal-xdebug.sock;
+      break;
+    }
+    ## Requests with a parameter that contains "xdebug" are sent to the
+    ## php-fpm that runs xdebug.
+    if ($args ~* "xdebug") {
+      fastcgi_pass unix:/var/run/php-fpm-drupal-xdebug.sock;
+      break;
+    }
+            fastcgi_pass unix:/var/run/php-fpm-drupal.sock;
+}
+### Directives for installing drupal.
+location = /core/install.php {
+        ## If a special xdebug php-fpm is exiting for this site, we check if the cookie or the parameters
+    ## contain the string 'xdebug'.
+
+    ## Requests with a cookie that contains "xdebug" are sent to the
+    ## php-fpm that runs xdebug.
+    if ($http_cookie ~* "xdebug") {
+      fastcgi_pass unix:/var/run/php-fpm-drupal-xdebug.sock;
+      break;
+    }
+    ## Requests with a parameter that contains "xdebug" are sent to the
+    ## php-fpm that runs xdebug.
+    if ($args ~* "xdebug") {
+      fastcgi_pass unix:/var/run/php-fpm-drupal-xdebug.sock;
+      break;
+    }
+            fastcgi_pass unix:/var/run/php-fpm-drupal.sock;
+}
+
+## PHP FPM status
+### The configuration for the status pages of php-fpm. As described in
+### http://www.php.net/manual/en/install.fpm.configuration.php.
+
+### php-fpm provides a status and a heartbeat page that is served through the web server.
+### Here's an example configuration for them.
+
+## The status page is at /fpm-status. Only local access is
+## allowed. Non authorized access returns a 404 through the error_page
+## directive.
+location = /fpm-status {
+    if ($dont_show_fpm_status) {
+        return 404;
+    }
+    fastcgi_pass unix:/var/run/php-fpm-drupal.sock;
+}
+
+## The ping page is at /ping and returns the string configured at the php-fpm level.
+## Also only local network connections (loopback and LAN) are permitted.
+location = /ping {
+    if ($dont_show_fpm_status) {
+        return 404;
+    }
+    fastcgi_pass unix:/var/run/php-fpm-drupal.sock;
+}
+
+## Nginx status
+### The configuration for Nginx status page. As described in
+### http://wiki.nginx.org/HttpStubStatusModule.
+
+### php-fpm provides a status and a heartbeat page that is served through the web server.
+### Here's an example configuration for them.
+
+## Get the nginx status.
+location /nginx_status {
+    if ($dont_show_nginx_status) {
+        return 404;
+    }
+    stub_status on;
+    access_log off;
+}
+
+## Access to some admin scripts
+location ^~ /amazeeio/admin {
+  alias /usr/local/lib/amazeeadmin;
+  try_files $uri /index.php =404;
+  include fastcgi_params;
+  fastcgi_param SCRIPT_FILENAME $request_filename;
+  fastcgi_pass unix:/var/run/php-fpm-drupal.sock;
+}

.gitignore

@@ -12,12 +12,3 @@
 .yarn
 npm-debug.log
 yarn-error.log
-
-# Generated stuff
-coverage
-dlls
-build
-node_modules
-npm-debug.log
-graphql.schema.json
-graphql.config.json

backend/.gitignore

@@ -0,0 +1,26 @@
+# Ignore directories generated by Composer
+drush/contrib
+vendor
+web/core
+web/modules/contrib
+web/themes/contrib
+web/profiles/contrib
+web/libraries
+
+# Ignore configuration files that may contain environment-sensitive information.
+web/sites/*/local.settings.php
+web/sites/*/local.services.yml
+
+# Ignore Drupal's file directory
+web/sites/*/files
+web/sites/*/private
+
+# We absolutely don't want to have the .sass-cache in git.
+.sass-cache
+
+# Ignore .map files
+*.css.map
+css/map
+
+# Ignore css files from custom themes
+/web/themes/*/css/*.*

backend/composer.json

@@ -0,0 +1,50 @@
+{
+    "name": "fubhy/drupal-decoupled-app",
+    "description": "A demo project for showcasing decoupled Drupal with React.",
+    "type": "project",
+    "repositories": [
+        {
+            "type": "composer",
+            "url": "https://packages.drupal.org/8"
+        }
+    ],
+    "require": {
+        "composer/installers": "^1.0.20",
+        "drupal-composer/drupal-scaffold": "^2.0.1",
+        "cweagans/composer-patches": "~1.0",
+        "drupal/core": "~8.0",
+        "drush/drush": "~8.0",
+        "drupal/console": "~1.0",
+        "drupal/graphql": "3.x-dev"
+    },
+    "conflict": {
+        "drupal/drupal": "*"
+    },
+    "minimum-stability": "dev",
+    "prefer-stable": true,
+    "autoload": {
+        "classmap": [
+            "scripts/composer/ScriptHandler.php"
+        ]
+    },
+    "scripts": {
+        "drupal-scaffold": "DrupalComposer\\DrupalScaffold\\Plugin::scaffold",
+        "post-install-cmd": [
+            "DrupalProject\\composer\\ScriptHandler::createRequiredFiles"
+        ],
+        "post-update-cmd": [
+            "DrupalProject\\composer\\ScriptHandler::createRequiredFiles"
+        ]
+    },
+    "extra": {
+        "installer-paths": {
+            "web/core": ["type:drupal-core"],
+            "web/modules/contrib/{$name}": ["type:drupal-module"],
+            "web/profiles/contrib/{$name}": ["type:drupal-profile"],
+            "web/libraries/{$name}": ["type:drupal-library"],
+            "web/themes/contrib/{$name}": ["type:drupal-theme"],
+            "drush/contrib/{$name}": ["type:drupal-drush"]
+        },
+        "composer-exit-on-patch-failure": true
+    }
+}