deploy.md

This section will allow you to properly deploy Ecolyo-Agent in a production environment

## Deploy Ecolyo-Agent application

To deploy ecolyo-agent application in a production environment, you need to create docker-compose.yml, site.conf and .env files

### docker-compose.yml

```
version: '3.7'
services:
  nginx:
    image: registry.forge.grandlyon.com/web-et-numerique/llle_project/backoffice-client:dev
    restart: unless-stopped
    ports:
      - 8080:8080
    depends_on:
      - backend
    networks:
      backoffice:
    volumes:
      - ./site.conf:/etc/nginx/conf.d/default.conf
      - ./image-lib:/usr/share/nginx/html/lib

  database-agent:
    image: mysql:5
    ports:
      - 3306:3306
    networks:
      backoffice:
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: ${DATABASE_PASSWORD}
      MYSQL_DATABASE: ${DATABASE_NAME}
    healthcheck:
      test: mysqladmin ping -h 127.0.0.1 -u root --password=$$MYSQL_ROOT_PASSWORD
      interval: 5s
      timeout: 10s
      retries: 60

  database-backup:
    image: registry.forge.grandlyon.com/web-et-numerique/llle_project/backoffice-server:db-backup
    networks:
      backoffice:
    environment:
      MYSQL_ROOT_PASSWORD: ${DATABASE_PASSWORD}
      MYSQL_DATABASE: ${DATABASE_NAME}
    volumes:
      - /mnt/local/data/backup:/backup
    restart: unless-stopped
    depends_on:
      database-agent:
        condition: service_healthy
  
  backend:
    image: registry.forge.grandlyon.com/web-et-numerique/llle_project/backoffice-server:dev
    networks:
      backoffice:
    depends_on:
      database-agent:
       condition: service_healthy
    restart: unless-stopped
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./configs:/app/configs
      - ./letsencrypt_cache:/app/letsencrypt_cache
      - ./data:/app/data
      - ./${IMAGE_FOLDER}:/app/${IMAGE_FOLDER}
    ports:
      - ${HTTPS_PORT}:${HTTPS_PORT}
      - 8190:8090
    environment:
      - HOSTNAME=${HOSTNAME}
      - HTTPS_PORT=${HTTPS_PORT}
      - ADMIN_ROLE=${ADMIN_ROLE}
      - REDIRECT_URL=${REDIRECT_URL}
      - CLIENT_ID=${CLIENT_ID}
      - CLIENT_SECRET=${CLIENT_SECRET}
      - AUTH_URL=${AUTH_URL}
      - IMAGE_FOLDER=${IMAGE_FOLDER}
      - MOCK_OAUTH2=${MOCK_OAUTH2}
      - TOKEN_URL=${TOKEN_URL}
      - USERINFO_URL=${USERINFO_URL}
      - DEBUG_MODE=${DEBUG_MODE}
      - DATABASE_USER=${DATABASE_USER}
      - DATABASE_NAME=${DATABASE_NAME}
      - DATABASE_PASSWORD=${DATABASE_PASSWORD}
      - DATABASE_HOST=database-agent
networks:
  backoffice:
```

### site.conf

```
server {
        listen 8080;
        server_name ecolyo-agent.grandlyon.com;
        location / {
                root /usr/share/nginx/html;
                index index.html index.htm;
                try_files $uri $uri/ /index.html =404;
        }
        location /api {
                proxy_pass https://backend:1443/api;
        }
        location /OAuth2Login {
                proxy_pass https://backend:1443/OAuth2Login;
        }
        location /OAuth2Callback {
                proxy_pass https://backend:1443/OAuth2Callback;
        }
        location /Logout {
                proxy_pass https://backend:1443/Logout;
        }
        location /swagger {
                proxy_pass https://backend:1443/swagger;
        }
        location /imageNames {
                proxy_pass https://backend:1443/api/admin/imageNames;
        }
        # cozy-doctypes workaround
        location /email {
            #  if ($arg_serviceName != overview) { return 404; } if ($arg_param !~ "^\d+$") { return 404; } if ($arg_serviceName = "image") { rewrite ^ /usr/share/nginx/html/lib/$arg_param? permanent;
            #}
            proxy_pass https://backend:1443/api/common/monthlyReport/$arg_param;
            # rewrite ^ /usr/share/nginx/html/lib/$arg_param? permanent;
        }
        location ~ ^/assets/(.+\.(?:gif|jpe?g|svg|png))$ {
                alias /usr/share/nginx/html/lib/$1;
                gzip_static on;
                expires max;
                add_header Cache-Control public;
        }
}
```

### .env

In this file, add the variables as described in the env-template file in the git repo

To use OAuth2 login ask your client ID and client secret

Here is the config to run the app

```
NODE_TLS_REJECT_UNAUTHORIZED = '0'
HTTPS=true
SSL_CRT_FILE=cert.pem
SSL_KEY_FILE=key.pem
# Common settings
HOSTNAME=your_url.com
ADMIN_ROLE=******
DEBUG_MODE=false
MOCK_OAUTH2=false
HTTPS_PORT=1443
IMAGE_FOLDER=image-lib

# Needed to user OAuth2 authentication :
REDIRECT_URL=https://${HOSTNAME}:443/OAuth2Callback
CLIENT_ID=**get one from your IDP**
CLIENT_SECRET=**get one from your IDP**
AUTH_URL=**get it from your IDP**
TOKEN_URL=**get it from your IDP**
USERINFO_URL=**get it from your IDP**
LOGOUT_URL=/

# Access to the database
DATABASE_USER=******
DATABASE_PASSWORD=*******
DATABASE_NAME=backoffice
```

## Start the application

Then start the app by launching the command :

```
docker-compose up -d
```

To check if the application starts successfully, launch the command
```
docker logs backoffice-client_backend_1
```

You should obtain the following messages:

> --- Server is starting ---  
> Token signing key set