From f7a311149ccf1f02c3b888386c9a3ab225317e6f Mon Sep 17 00:00:00 2001 From: David Londono Date: Wed, 3 Sep 2025 09:08:10 -0500 Subject: [PATCH] reverse proxy for mobile --- templates/compose/appflowy.yaml | 153 ++++++++++++++++++++++++++++---- 1 file changed, 136 insertions(+), 17 deletions(-) diff --git a/templates/compose/appflowy.yaml b/templates/compose/appflowy.yaml index 805134b71..6f9dfc579 100644 --- a/templates/compose/appflowy.yaml +++ b/templates/compose/appflowy.yaml @@ -6,12 +6,137 @@ # port: 80 services: + nginx: + image: nginx:latest + environment: + - SERVICE_URL_BACKEND + volumes: + - type: bind + source: ./nginx/nginx.conf + target: /etc/nginx/nginx.conf + read_only: true + content: | + # Please do not directly edit this file. + + error_log /var/log/nginx/error.log notice; + pid /var/run/nginx.pid; + + + events { + worker_connections 1024; + } + + + http { + resolver 127.0.0.11 valid=10s; + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + server { + listen 80; + client_max_body_size 10M; + underscores_in_headers on; + + # Backend services + set $appflowy_cloud_backend "http://appflowy_cloud:8000"; + set $gotrue_backend "http://gotrue:9999"; + # GoTrue Authentication Service + location /gotrue/ { + proxy_pass $gotrue_backend; + rewrite ^/gotrue(/.*)$ $1 break; + # Allow headers like redirect_to to be handed over to the gotrue + # for correct redirecting + proxy_set_header Host $http_host; + proxy_pass_request_headers on; + } + + # WebSocket endpoint - handle both /ws and /ws/v2 + location ~ ^/ws(/.*)?$ { + proxy_pass $appflowy_cloud_backend; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 86400s; + } + + # API endpoints + location /api { + proxy_pass $appflowy_cloud_backend; + + # Headers + proxy_set_header X-Request-Id $request_id; + proxy_set_header Host $http_host; + + # Special handling for publish endpoint + location ~* ^/api/workspace/([a-zA-Z0-9_-]+)/publish$ { + proxy_pass $appflowy_cloud_backend; + proxy_request_buffering off; + client_max_body_size 256M; + } + + # Chat endpoint (streaming) + location /api/chat { + proxy_pass $appflowy_cloud_backend; + + proxy_http_version 1.1; + proxy_set_header Connection ""; + chunked_transfer_encoding on; + proxy_buffering off; + proxy_cache off; + + proxy_read_timeout 600s; + proxy_connect_timeout 600s; + proxy_send_timeout 600s; + } + + # Import endpoint + location /api/import { + proxy_pass $appflowy_cloud_backend; + + proxy_set_header X-Request-Id $request_id; + proxy_set_header Host $http_host; + + proxy_read_timeout 600s; + proxy_connect_timeout 600s; + proxy_send_timeout 600s; + + proxy_request_buffering off; + proxy_buffering off; + proxy_cache off; + client_max_body_size 2G; + } + } + + # Health check endpoint + location /health { + access_log off; + return 200 "healthy\n"; + add_header Content-Type text/plain; + } + } + } + depends_on: + - appflowy_cloud + - gotrue + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + appflowy_web: environment: - - SERVICE_FQDN_APPFLOWYWEB_80 - - APPFLOWY_BASE_URL=${SERVICE_FQDN_APPFLOWYCLOUD_8000} - - APPFLOWY_GOTRUE_BASE_URL=${SERVICE_FQDN_GOTRUE_9999} - - APPFLOWY_WS_BASE_URL=${SERVICE_FQDN_APPFLOWYCLOUD_8000}/ws/v2 + - SERVICE_URL_APPFLOWYWEB + - APPFLOWY_BASE_URL=${SERVICE_URL_CLOUD} + - APPFLOWY_GOTRUE_BASE_URL=${SERVICE_URL_GOTRUE} + - APPFLOWY_WS_BASE_URL=${SERVICE_URL_CLOUD}/ws/v2 image: appflowyinc/appflowy_web:latest depends_on: - appflowy_cloud @@ -26,8 +151,9 @@ services: - "traefik.http.middlewares.appflowy-cors.headers.accessControlAllowOriginList=*" - "traefik.http.middlewares.appflowy-cors.headers.addvaryheader=true" environment: - - SERVICE_FQDN_APPFLOWYCLOUD_8000 + - SERVICE_URL_CLOUD_8000 - RUST_LOG=${RUST_LOG:-info} + - APPFLOWY_BASE_URL=${SERVICE_URL_CLOUD} - APPFLOWY_ENVIRONMENT=production - APPFLOWY_DATABASE_URL=postgres://${SERVICE_USER_POSTGRES}:${SERVICE_PASSWORD_POSTGRES}@postgres:5432/${POSTGRES_DB:-appflowy} - APPFLOWY_REDIS_URI=redis://redis:6379 @@ -52,7 +178,7 @@ services: - AI_SERVER_HOST=ai - AI_SERVER_PORT=5001 - AI_OPENAI_API_KEY=${AI_OPENAI_API_KEY:-} - - APPFLOWY_WEB_URL=${SERVICE_FQDN_APPFLOWYWEB_80} + - APPFLOWY_WEB_URL=${SERVICE_URL_APPFLOWYWEB} depends_on: gotrue: condition: service_healthy @@ -64,7 +190,7 @@ services: gotrue: image: appflowyinc/gotrue:latest environment: - - SERVICE_FQDN_GOTRUE_9999 + - SERVICE_URL_GOTRUE_9999 - GOTRUE_API_HOST=0.0.0.0 - GOTRUE_API_PORT=9999 - PORT=9999 @@ -75,9 +201,8 @@ services: - GOTRUE_URI_ALLOW_LIST=** - GOTRUE_JWT_SECRET=${SERVICE_PASSWORD_JWT} - GOTRUE_JWT_EXP=${GOTRUE_JWT_EXP:-7200} - - GOTRUE_JWT_ADMIN_GROUP_NAME=supabase_admin - GOTRUE_DB_DRIVER=postgres - - API_EXTERNAL_URL=${SERVICE_FQDN_GOTRUE_9999} + - API_EXTERNAL_URL=${SERVICE_URL_GOTRUE} - DATABASE_URL=postgres://${SERVICE_USER_POSTGRES}:${SERVICE_PASSWORD_POSTGRES}@postgres:5432/${POSTGRES_DB:-appflowy}?search_path=auth - GOTRUE_SMTP_HOST=${GOTRUE_SMTP_HOST} - GOTRUE_SMTP_PORT=${GOTRUE_SMTP_PORT:-587} @@ -103,17 +228,11 @@ services: admin_frontend: image: appflowyinc/admin_frontend:latest environment: - - SERVICE_FQDN_ADMINFRONTEND_3000 + - SERVICE_URL_ADMINFRONTEND_3000 - RUST_LOG=info - ADMIN_FRONTEND_REDIS_URL=redis://redis:6379 - ADMIN_FRONTEND_GOTRUE_URL=http://gotrue:9999 - ADMIN_FRONTEND_APPFLOWY_CLOUD_URL=http://appflowy_cloud:8000 - - ADMIN_FRONTEND_PATH_PREFIX=/console - - ADMIN_FRONTEND_HOST=0.0.0.0 - - ADMIN_FRONTEND_PORT=3000 - - ADMIN_FRONTEND_OAUTH_CLIENT_ID=appflowy_cloud - - ADMIN_FRONTEND_OAUTH_CLIENT_SECRET=${SERVICE_PASSWORD_ADMINOAUTH} - - ADMIN_FRONTEND_OAUTH_ALLOWABLE_REDIRECT_URIS=${SERVICE_FQDN_ADMINFRONTEND_3000} depends_on: gotrue: condition: service_healthy @@ -127,7 +246,7 @@ services: - AI_SERVER_PORT=5001 - DEFAULT_AI_MODEL=gpt-4.1-mini # Make sure the model is available in your OpenAI account - DEFAULT_AI_COMPLETION_MODEL=gpt-4.1-mini # Make sure the model is available in your OpenAI account - - AI_APPFLOWY_HOST=${SERVICE_FQDN_APPFLOWYWEB_80} + - AI_APPFLOWY_HOST=${SERVICE_URL_APPFLOWYWEB} - APPFLOWY_GOTRUE_JWT_SECRET=${SERVICE_PASSWORD_JWT} - AZURE_OPENAI_API_KEY=${AZURE_OPENAI_API_KEY}