Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding the Webserver #228

Merged
merged 12 commits into from
Mar 29, 2024
Merged

Conversation

mariobodemann
Copy link
Member

Summary

Provide code for a Webserver (ktor) that builds an API that access the badge image creation libraries and facilities. See it running as https://zebadge.app .

It's hosted as a cloud function on Google, using Google's/Squarespace custom domain and cloudflares DNS for SSL. To update, ssh into cloud function, update git, rerun server.

Currently @mariobodemann is paying for hosting.

When opened, the website displays a form with name and contact, including size and color. Once this form is changed, the badge will get drawn using a js 2d canvas. Alternatively a background image can get selected. Upon changes a new request is send to the API, returning a PNG that is also drawn next to the badge.

Once happy with the badge the use can connect ZeBadge and press the "sent" button to create the serial data thought the API that needs to be sent to the badge.

Once sending is done, the digital badge will be updated, showing the new data.

How It Was Tested

It was tested two ways:

  1. Local Host: a server is spun up locally by calling ./gradlew server:run --args="8000". Upon connecting chrome, or edge to the localhost:8000 address, the certificate error gets ignored. The website can now be fully used and some names were changed and the result was uploaded to ZeBadge.
  2. Same test was executed on https://ZeBadge.app

Screenshot/Gif

base badge test

IMG_20240326_224008_613

background image test

IMG_20240326_224014_122

Success

mariobodemann and others added 11 commits October 25, 2023 22:15
Move name on screen and update background image.
Yes, JS. run the server and open http://localhost:8000, connect a badge, enjoy.
This commit breaks down the `Main` file to multiple different files each represents a specific part of the backend (e.g., model, route, etc...)
Needed for https://zebadge.app, eight was not available on the machine.
update website, wording changes
Replace Telekom with Berlindroid, the new owner.
Copy link
Collaborator

@milosmns milosmns left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall makes sense, but I'd still recommend to look at this:

https://www.cloudflare.com/application-services/products/ssl/

If you point DNS to there, you can get HTTP>HTTPS redirections for free, plus image caching for free… and the app can always run in non-SSL mode (plus you get a free cert rotation by Cloudflare). 🤷‍♂️

@mariobodemann
Copy link
Member Author

Overall makes sense, but I'd still recommend to look at this:

https://www.cloudflare.com/application-services/products/ssl/

If you point DNS to there, you can get HTTP>HTTPS redirections for free, plus image caching for free… and the app can always run in non-SSL mode (plus you get a free cert rotation by Cloudflare). 🤷‍♂️

Hey,

thanks for the review, I'll talk about the specific things in a minute, on individual comments.

BUT: I am using cloudflare to generate the SSL certificate (That then gets transformed from PEM to PKCS to then JKS to be delivered by the webserver). Or do you mean anything different, that I might (:scream:) not understand yet?

@mariobodemann
Copy link
Member Author

I will merge it for now, it is getting to big for me to handle. If there are more changes, let us do them individually...

@mariobodemann mariobodemann merged commit 49324a7 into gdg-berlin-android:main Mar 29, 2024
5 checks passed
@mariobodemann mariobodemann deleted the ssl branch March 29, 2024 17:23
@milosmns
Copy link
Collaborator

milosmns commented Apr 3, 2024

What I meant was, you can do some port forwarding and never worry about SSL in the service itself :)

E.g.

[ Client ] -> DNS fetch -> request https://host:ip/endpoint
but here
Using Cloudflare you can point DNS to them, then enable SSL and caching on Cloudflare, then they forward all requests to you secretly. Example:
[ Client ] -> DNS fetch -> boom SSL cloudflare proxy, hello -> secret redirect to http://host:ip/endpoint

This way the service always run in HTTP mode and you pretend certificates don't exist. The same is achievable with cert rotator attached to k8s ingress, and I've done it in docker in the past too 🗡️ (but docker requires the whole server to run docker only, so that you can proxy requests through a single container to all other containers)

Not sure if that was clear 😄 yours works too, probably™. Just saying it could be simpler

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants