Seprated env variables for specific app containers and added SSL feature using caddy

.github/workflows/build-branch.yml

@@ -390,12 +390,71 @@ jobs:
       - name: Build and Push Plane-Proxy to Docker Hub
         uses: docker/build-push-action@v5.1.0
         with:
-          context: ./nginx
-          file: ./nginx/Dockerfile
+          context: ./caddy
+          file: ./caddy/Dockerfile
           platforms: ${{ env.BUILDX_PLATFORMS }}
           tags: ${{ env.PROXY_TAG }}
           push: true
         env:
           DOCKER_BUILDKIT: 1
           DOCKER_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
           DOCKER_PASSWORD: ${{ secrets.DOCKERHUB_TOKEN }}
+
+  publish_assets:
+    if : ${{ github.event_name == 'release' }}
+    runs-on: ubuntu-latest
+    needs: [branch_build_push_web, branch_build_push_admin, branch_build_push_space, branch_build_push_apiserver, branch_build_push_proxy, branch_build_push_live]
+    steps:
+      - id: checkout_files
+        name: Checkout Files
+        uses: actions/checkout@v4
+
+      - name: Update shell script branch
+        run: |
+          sed -i "s/^RELEASE_TAG=.*/RELEASE_TAG=${{ github.event.release.tag_name }}/" ./deploy/selfhost/install.sh
+          sed -i "s/^export APP_RELEASE=.*/export APP_RELEASE=${{ github.event.release.tag_name }}/g" ./deploy/selfhost/install.sh
+          sed -i "s/APP_RELEASE=stable/APP_RELEASE=${{ github.event.release.tag_name }}/g" ./deploy/selfhost/install.sh
+
+          sed -i "s/^APP_RELEASE=.*/APP_RELEASE=${{ github.event.release.tag_name }}/" ./deploy/selfhost/variables.env
+
+          echo "Release Upload URL :::: ${{ github.event.release.upload_url }}"
+
+      - name: Upload docker-compose.yaml
+        uses: actions/upload-release-asset@v1.0.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: ./deploy/selfhost/docker-compose.yml
+          asset_name: docker-compose.yaml
+          asset_content_type: application/octet-stream
+
+      - name: Upload variables.env
+        uses: actions/upload-release-asset@v1.0.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: ./deploy/selfhost/variables.env
+          asset_name: variables.env
+          asset_content_type: application/octet-stream
+
+      - name: Upload setup.sh
+        uses: actions/upload-release-asset@v1.0.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: ./deploy/selfhost/install.sh
+          asset_name: setup.sh
+          asset_content_type: application/octet-stream
+
+      - name: Upload restore.sh
+        uses: actions/upload-release-asset@v1.0.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: ./deploy/selfhost/restore.sh
+          asset_name: restore.sh
+          asset_content_type: application/octet-stream

aio/Dockerfile-app

@@ -11,7 +11,7 @@ WORKDIR /app
 RUN yarn global add turbo
 COPY . .
 
-RUN turbo prune --scope=web --scope=space --scope=admin --docker
+RUN turbo prune --scope=web --scope=space --scope=admin --scope=live --docker
 
 # *****************************************************************************
 # STAGE 2: Install dependencies & build the project
@@ -53,7 +53,7 @@ ENV NEXT_PUBLIC_WEB_BASE_URL=$NEXT_PUBLIC_WEB_BASE_URL
 ENV NEXT_TELEMETRY_DISABLED=1
 ENV TURBO_TELEMETRY_DISABLED=1
 
-RUN yarn turbo run build --filter=web --filter=space --filter=admin
+RUN yarn turbo run build --filter=web --filter=space --filter=admin --filter=live
 
 # *****************************************************************************
 # STAGE 3: Copy the project and start it
@@ -87,6 +87,8 @@ RUN chmod +x ./api/bin/*
 RUN chmod -R 777 ./api/
 
 # NEXTJS BUILDS
+COPY --from=installer /app/node_modules ./node_modules/
+
 COPY --from=installer /app/web/next.config.js ./web/
 COPY --from=installer /app/web/package.json ./web/
 COPY --from=installer /app/web/.next/standalone ./web
@@ -105,6 +107,10 @@ COPY --from=installer /app/admin/.next/standalone ./admin
 COPY --from=installer /app/admin/.next/static ./admin/admin/.next/static
 COPY --from=installer /app/admin/public ./admin/admin/public
 
+COPY --from=installer /app/live/package.json ./live/
+COPY --from=installer /app/live/dist ./live/dist
+# COPY --from=installer /app/live/node_modules ./live/node_modules
+
 ARG NEXT_PUBLIC_API_BASE_URL=""
 ENV NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL
 

aio/nginx.conf

@@ -45,6 +45,14 @@ http {
             proxy_pass http://localhost:3003/god-mode/;
         }
 
+        location /live/ {
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade ${dollar}http_upgrade;
+            proxy_set_header Connection "upgrade";
+            proxy_set_header Host ${dollar}http_host;
+            proxy_pass http://localhost:3004/;
+        }
+
         location /api/ {
             proxy_http_version 1.1;
             proxy_set_header Upgrade ${dollar}http_upgrade;

aio/supervisord-app

@@ -29,6 +29,16 @@ stderr_logfile=/dev/stdout
 stderr_logfile_maxbytes=0
 environment=PORT=3003,HOSTNAME=0.0.0.0
 
+[program:live]
+command=node /app/live/dist/server.js
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stdout
+stderr_logfile_maxbytes=0
+environment=PORT=3004,HOSTNAME=0.0.0.0,API_BASE_URL="http://localhost:8000"
+
 [program:migrator]
 directory=/app/api
 command=sh -c "./bin/docker-entrypoint-migrator.sh"

caddy/Caddyfile.template

@@ -0,0 +1,34 @@
+(plane_proxy) {
+	request_body {
+		max_size {$FILE_SIZE_LIMIT}
+	}
+
+	reverse_proxy /spaces/* space:3000
+
+	reverse_proxy /god-mode/* admin:3000
+
+	reverse_proxy /live/* live:3000
+
+	reverse_proxy /api/* api:8000
+
+	reverse_proxy /auth/* api:8000
+
+	reverse_proxy /{$BUCKET_NAME}/* plane-minio:9000
+
+	reverse_proxy /* web:3000
+}
+
+{
+	email {$CERT_EMAIL:admin@example.com}
+	acme_ca {$CERT_ACME_CA} 
+	{$CERT_ACME_DNS}
+	servers {
+		max_header_size 5MB
+		client_ip_headers X-Forwarded-For X-Real-IP
+		trusted_proxies static {$TRUSTED_PROXIES:0.0.0.0/0}
+	}
+}
+
+{$SITE_ADDRESS} {
+	import plane_proxy
+}

caddy/Dockerfile

@@ -0,0 +1,9 @@
+FROM makeplane/caddy:latest
+
+COPY ./Caddyfile.template /etc/caddy/Caddyfile
+
+COPY ./caddy.sh /docker-entrypoint.sh
+
+RUN chmod +x /docker-entrypoint.sh
+
+CMD ["/docker-entrypoint.sh"]

caddy/caddy.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+if [ "$APP_DOMAIN" == "localhost" ]; then
+    export SITE_ADDRESS=":${LISTEN_HTTP_PORT}"
+elif [ "$SSL" == "true" ]; then
+    export SITE_ADDRESS="${APP_DOMAIN}:${LISTEN_HTTPS_PORT}"
+else
+    export SITE_ADDRESS="http://${APP_DOMAIN}:${LISTEN_HTTP_PORT}"
+fi
+
+exec caddy run --config /etc/caddy/Caddyfile

deploy/selfhost/README.md

@@ -55,14 +55,14 @@ Installing plane is a very easy and minimal step process.
 - User context used must have access to docker services. In most cases, use sudo su to switch as root user
 - Use the terminal (or gitbash) window to run all the future steps
 
-### Downloading Latest Stable Release
+### Downloading Latest Release
 
 ```
-mkdir plane-selfhost
+mkdir -p plane-selfhost && cd plane-selfhost
 
-cd plane-selfhost
+RELEASE_VERSION=<vX.XX-dev>
 
-curl -fsSL -o setup.sh https://raw.githubusercontent.com/makeplane/plane/master/deploy/selfhost/install.sh
+curl -fsSL -o setup.sh https://github.com/makeplane/plane/releases/download/${RELEASE_VERSION}/setup.sh
 
 chmod +x setup.sh
 ```
@@ -106,11 +106,15 @@ Again the `options [1-8]` will be popped up and this time hit `8` to exit.
 Before proceeding, we suggest used to review `.env` file and set the values.
 Below are the most import keys you must refer to. _<span style="color: #fcba03">You can use any text editor to edit this file</span>_.
 
-> `NGINX_PORT` - This is default set to `80`. Make sure the port you choose to use is not preoccupied. (e.g `NGINX_PORT=8080`)
-
-> `WEB_URL` - This is default set to `http://localhost`. Change this to the FQDN you plan to use along with NGINX_PORT (eg. `https://plane.example.com:8080` or `http://[IP-ADDRESS]:8080`)
-
-> `CORS_ALLOWED_ORIGINS` - This is default set to `http://localhost`. Change this to the FQDN you plan to use along with NGINX_PORT (eg. `https://plane.example.com:8080` or `http://[IP-ADDRESS]:8080`)
+> `APP_DOMAIN` - Set the Fully Qualified Domain Name here. (eg. `plane.example.com`)
+> 
+> `LISTEN_PORT` - This is default set to `80`. Make sure the port you choose to use is not preoccupied. (e.g `LISTEN_PORT=8080`)
+> 
+> `LISTEN_SSL_PORT` - This is default set to `443`. Make sure the port you choose to use is not preoccupied. (e.g `LISTEN_SSL_PORT=8443`)
+> 
+> `WEB_URL` - This is default set to `http://localhost`. Change this to the FQDN you plan to use along with LISTEN_PORT/LISTEN_SSL_PORT (eg. `https://plane.example.com:8443` or `http://[IP-ADDRESS]:8080`)
+> 
+> `CORS_ALLOWED_ORIGINS` - This is default set to `http://${APP_DOMAIN},https://${APP_DOMAIN}`. Change this to the FQDN you plan to use along with LISTEN_PORT and  LISTEN_SSL_PORT (eg. `http://plane.example.com:8080,https://plane.example.com:8443`)
 
 There are many other settings you can play with, but we suggest you configure `EMAIL SETTINGS` as it will enable you to invite your teammates onto the platform.
 
@@ -134,6 +138,8 @@ Select a Action you want to perform:
 Action [2]: 2
 ```
 
+> You can also choose to run `./setup.sh start` as direct command.
+
 Expect something like this.  
 ![Downloading docker images](images/download.png)
 
@@ -167,6 +173,8 @@ Select a Action you want to perform:
 Action [2]: 3
 ```
 
+> You can also choose to run `./setup.sh stop` as direct command.
+
 If all goes well, you must see something like this
 
 ![Stop Services](images/stopped.png)
@@ -193,6 +201,8 @@ Select a Action you want to perform:
 Action [2]: 4
 ```
 
+> You can also choose to run `./setup.sh restart` as direct command.
+
 If all goes well, you must see something like this
 
 ![Restart Services](images/restart.png)
@@ -219,6 +229,8 @@ Select a Action you want to perform:
 Action [2]: 5
 ```
 
+> You can also choose to run `./setup.sh upgrade` as direct command.
+
 By choosing this, it will stop the services and then will download the latest `docker-compose.yaml` and `plane.env`.
 
 You must expect the below message
@@ -253,6 +265,7 @@ Select a Action you want to perform:
 Action [2]: 6
 ```
 
+> You can also choose to run `./setup.sh logs` as direct command.
 
 This will further open sub-menu with list of services
 ```bash
@@ -343,6 +356,8 @@ Select a Action you want to perform:
 Action [2]: 7
 ```
 
+> You can also choose to run `./setup.sh backup` as direct command.
+
 In response, you can find the backup folder
 
 ```bash
@@ -364,7 +379,8 @@ When you want to restore the previously backed-up data, follow the instructions
 1. Download the restore script using the command below. We suggest downloading it in the same folder as `setup.sh`.
 
    ```bash
-   curl -fsSL -o restore.sh https://raw.githubusercontent.com/makeplane/plane/master/deploy/selfhost/restore.sh
+   RELEASE_VERSION=<vX.XX-dev>
+   curl -fsSL -o restore.sh https://github.com/makeplane/plane/releases/download/${RELEASE_VERSION}/restore.sh
    chmod +x restore.sh
    ```
 

deploy/selfhost/build.yml

@@ -17,6 +17,12 @@ services:
       context: ./
       dockerfile: ./admin/Dockerfile.admin
 
+  live:
+    image: ${DOCKERHUB_USER:-local}/plane-live:${APP_RELEASE:-latest}
+    build:
+      context: .
+      dockerfile: ./live/Dockerfile.live
+
   api:
     image: ${DOCKERHUB_USER:-local}/plane-backend:${APP_RELEASE:-latest}
     build:
@@ -26,5 +32,5 @@ services:
   proxy:
     image: ${DOCKERHUB_USER:-local}/plane-proxy:${APP_RELEASE:-latest}
     build:
-      context: ./nginx
+      context: ./caddy
       dockerfile: ./Dockerfile