├── .circleci └── config.yml ├── .env.sample ├── .gitignore ├── LICENSE ├── README.md ├── ansible.cfg ├── assets ├── favicon.ico ├── fb-ogp.png ├── logo-full.png ├── logo-mark.png └── logo-white.png ├── db └── migrations │ ├── 20190120085046_initial.js │ ├── 20190121165943_add_internal_container_id.js │ ├── 20190121192656_set_default_contract_type.js │ ├── 20190121235541_add_docker_login_token.js │ └── 20190123010333_add_onetime_docker_login_token.js ├── docker-compose.yml ├── hosts.ini.sample ├── knexfile.js ├── package.json ├── packages ├── api │ ├── package.json │ ├── src │ │ ├── commands │ │ │ ├── command.ts │ │ │ └── ensureDockerContainers.ts │ │ ├── controllers │ │ │ ├── auth.ts │ │ │ ├── containers.ts │ │ │ ├── public.ts │ │ │ └── ws.ts │ │ ├── domain.ts │ │ ├── facades │ │ │ ├── docker.ts │ │ │ └── nginx.ts │ │ ├── helpers │ │ │ ├── environ.ts │ │ │ └── getRandomString.ts │ │ ├── index.ts │ │ ├── middleware │ │ │ ├── auth.ts │ │ │ └── logger.ts │ │ ├── models │ │ │ ├── Container.ts │ │ │ ├── ModelBase.ts │ │ │ └── User.ts │ │ ├── services │ │ │ └── logger.ts │ │ └── types.ts │ ├── tmp │ │ └── .gitkeep │ └── yarn.lock ├── frontend │ ├── index.html │ ├── package.json │ ├── src │ │ ├── App.tsx │ │ ├── ErrorBoundry.tsx │ │ ├── GlobalStyle.tsx │ │ ├── Routes.tsx │ │ ├── components │ │ │ ├── Button.tsx │ │ │ ├── Card.tsx │ │ │ ├── ConsoleLayout │ │ │ │ ├── Header.tsx │ │ │ │ ├── Sidebar.tsx │ │ │ │ └── index.tsx │ │ │ ├── DownAlert.tsx │ │ │ ├── Gradation.tsx │ │ │ ├── Header.tsx │ │ │ ├── Hidden.tsx │ │ │ ├── Terminal.tsx │ │ │ ├── TextField.tsx │ │ │ └── Title.tsx │ │ ├── entities │ │ │ ├── Container.ts │ │ │ └── User.ts │ │ ├── index.tsx │ │ ├── pages │ │ │ ├── Auth │ │ │ │ └── Login.tsx │ │ │ ├── ContainerDetail │ │ │ │ └── index.tsx │ │ │ ├── Containers │ │ │ │ ├── LaunchModal.tsx │ │ │ │ └── index.tsx │ │ │ ├── Dashboard │ │ │ │ └── index.tsx │ │ │ ├── Images │ │ │ │ ├── LaunchModal.tsx │ │ │ │ └── index.tsx │ │ │ ├── Landing │ │ │ │ └── index.tsx │ │ │ ├── NotFound │ │ │ │ └── index.tsx │ │ │ └── Try │ │ │ │ └── index.tsx │ │ ├── services │ │ │ └── api.ts │ │ └── utils.tsx │ ├── tsconfig.json │ ├── webpack.config.js │ └── yarn.lock └── registry │ ├── app.js │ ├── package.json │ └── yarn.lock ├── prettier.config.js ├── private ├── .env.production.encrypted └── hosts.ini.encrypted ├── provision ├── roles │ ├── app │ │ ├── files │ │ │ ├── docker-daemon.json │ │ │ └── larkin-api.service │ │ └── tasks │ │ │ ├── deploy.yml │ │ │ ├── main.yml │ │ │ └── setup.yml │ ├── db │ │ ├── files │ │ │ └── pg_hba.conf │ │ └── tasks │ │ │ ├── main.yml │ │ │ └── setup.yml │ ├── nodejs │ │ └── tasks │ │ │ ├── deploy.yml │ │ │ ├── main.yml │ │ │ └── setup.yml │ ├── registry │ │ ├── files │ │ │ ├── larkin-registry.service │ │ │ └── nginx.conf │ │ └── tasks │ │ │ ├── deploy.yml │ │ │ ├── main.yml │ │ │ └── setup.yml │ └── web │ │ ├── files │ │ └── nginx.conf │ │ └── tasks │ │ ├── main.yml │ │ └── setup.yml └── site.yml ├── scripts └── setup-ansible.js ├── tsconfig.json └── yarn.lock /.circleci/config.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | 3 | defaults: &defaults 4 | docker: 5 | - image: acro5piano/circleci-docker-image-node-10.3.0-awscli-ansible 6 | working_directory: ~/repo 7 | 8 | aliases: 9 | - &setup_awscli 10 | name: install aws cli 11 | command: | 12 | mkdir ~/.aws 13 | echo '[default]' >> ~/.aws/credentials 14 | echo aws_access_key_id = $AWS_ACCESS_KEY_ID >> ~/.aws/credentials 15 | echo aws_secret_access_key = $AWS_SECRET_ACCESS_KEY >> ~/.aws/credentials 16 | echo region = ap-northeast-1 >> ~/.aws/credentials 17 | - &restore_cache 18 | keys: 19 | - v1-dependencies-{{ checksum "yarn.lock" }} 20 | - v1-dependencies- 21 | - &save_cache 22 | paths: 23 | - /home/circleci/repo/node_modules 24 | key: v1-dependencies-{{ checksum "yarn.lock" }} 25 | 26 | jobs: 27 | test: 28 | <<: *defaults 29 | steps: 30 | - checkout 31 | - restore_cache: *restore_cache 32 | - run: yarn install 33 | - save_cache: *save_cache 34 | - run: *setup_awscli 35 | - run: 36 | name: check ts 37 | command: | 38 | yarn tsc 39 | deploy: 40 | <<: *defaults 41 | steps: 42 | - checkout 43 | - restore_cache: *restore_cache 44 | - run: yarn install 45 | - save_cache: *save_cache 46 | - run: *setup_awscli 47 | - run: 48 | name: decrypt 49 | command: | 50 | openssl aes-256-cbc -a -d -k $MASTER_KEY -in private/.env.production.encrypted > .env 51 | openssl aes-256-cbc -a -d -k $MASTER_KEY -in private/hosts.ini.encrypted > hosts.ini 52 | - run: 53 | name: install deploy tools 54 | command: | 55 | sudo pip3 install ansible awscli 56 | - run: 57 | name: deploy 58 | command: | 59 | cp .env ./packages/frontend/.env 60 | source .env 61 | yarn build:frontend 62 | yarn setup:ansible 63 | ansible-playbook provision_real/site.yml --tags deploy --limit appservers,registryservers 64 | aws configure set preview.cloudfront true 65 | aws s3 sync --acl public-read ./packages/frontend/build/ s3://larkin.sh 66 | aws cloudfront create-invalidation --distribution-id ERCZDB0NA4VCO --paths '/*' 67 | 68 | workflows: 69 | version: 2 70 | master_jobs: 71 | jobs: 72 | - test 73 | - deploy: 74 | requires: 75 | - test 76 | filters: 77 | branches: 78 | only: 79 | - master 80 | - easy-setup 81 | -------------------------------------------------------------------------------- /.env.sample: -------------------------------------------------------------------------------- 1 | API_HOST=api.larkin.sh 2 | API_URL=https://api.larkin.sh 3 | WS_URL=wss://api.larkin.sh 4 | REGISTY_API_URL=http://192.168.0.101:28642 5 | REGISTRY_LOCAL_IP=192.168.0.101:5000 6 | DOCKER_LOGIN_URL=https://registry.larkin.sh 7 | 8 | AWS_ACCESS_KEY_ID=AKIAxxxxxxxxxxxxxxxxxxxxxxxxx 9 | AWS_SECRET_ACCESS_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxx 10 | AWS_ROUTE53_HOSTED_ZONE_ID=xxxxxxxxxxxx 11 | AWS_ALIAS_HOSTED_ZONE_ID=xxxxxxxxxxx 12 | 13 | NGINX_CONF_FILE_DIR="/opt/larkin/nginx-conf.d" 14 | 15 | PG_CONNECTION_STRING=postgres://xxxxxxxxxxxxxxx:yyyyyyyyyyyyyyyyyyyyy@zzzzzzzzzzzzzzzzz:5432/larkin_production 16 | 17 | GITHUB_CLIENT_ID=xxxxxxxxxxxxxxxxxxx 18 | GITHUB_CLIENT_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 19 | GITHUB_CLIENT_CALLBACK_URL=http://larkin.sh/auth/github/callback 20 | 21 | JWT_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 22 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Logs 2 | logs 3 | *.log 4 | npm-debug.log* 5 | yarn-debug.log* 6 | yarn-error.log* 7 | 8 | # Runtime data 9 | pids 10 | *.pid 11 | *.seed 12 | *.pid.lock 13 | 14 | # Directory for instrumented libs generated by jscoverage/JSCover 15 | lib-cov 16 | 17 | # Coverage directory used by tools like istanbul 18 | coverage 19 | 20 | # nyc test coverage 21 | .nyc_output 22 | 23 | # Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files) 24 | .grunt 25 | 26 | # Bower dependency directory (https://bower.io/) 27 | bower_components 28 | 29 | # node-waf configuration 30 | .lock-wscript 31 | 32 | # Compiled binary addons (https://nodejs.org/api/addons.html) 33 | build/Release 34 | 35 | # Dependency directories 36 | node_modules/ 37 | jspm_packages/ 38 | 39 | # TypeScript v1 declaration files 40 | typings/ 41 | 42 | # Optional npm cache directory 43 | .npm 44 | 45 | # Optional eslint cache 46 | .eslintcache 47 | 48 | # Optional REPL history 49 | .node_repl_history 50 | 51 | # Output of 'npm pack' 52 | *.tgz 53 | 54 | # Yarn Integrity file 55 | .yarn-integrity 56 | 57 | # dotenv environment variables file 58 | .env 59 | .env.production 60 | 61 | # next.js build output 62 | .next 63 | 64 | dist 65 | 66 | *.retry 67 | db.json 68 | packages/api/tmp/* 69 | !packages/api/tmp/.gitkeep 70 | hosts.ini 71 | packages/frontend/build/ 72 | provision_real 73 | master_key 74 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | GNU GENERAL PUBLIC LICENSE 2 | Version 3, 29 June 2007 3 | 4 | Copyright (C) 2007 Free Software Foundation, Inc. 5 | Everyone is permitted to copy and distribute verbatim copies 6 | of this license document, but changing it is not allowed. 7 | 8 | Preamble 9 | 10 | The GNU General Public License is a free, copyleft license for 11 | software and other kinds of works. 12 | 13 | The licenses for most software and other practical works are designed 14 | to take away your freedom to share and change the works. By contrast, 15 | the GNU General Public License is intended to guarantee your freedom to 16 | share and change all versions of a program--to make sure it remains free 17 | software for all its users. We, the Free Software Foundation, use the 18 | GNU General Public License for most of our software; it applies also to 19 | any other work released this way by its authors. You can apply it to 20 | your programs, too. 21 | 22 | When we speak of free software, we are referring to freedom, not 23 | price. Our General Public Licenses are designed to make sure that you 24 | have the freedom to distribute copies of free software (and charge for 25 | them if you wish), that you receive source code or can get it if you 26 | want it, that you can change the software or use pieces of it in new 27 | free programs, and that you know you can do these things. 28 | 29 | To protect your rights, we need to prevent others from denying you 30 | these rights or asking you to surrender the rights. Therefore, you have 31 | certain responsibilities if you distribute copies of the software, or if 32 | you modify it: responsibilities to respect the freedom of others. 33 | 34 | For example, if you distribute copies of such a program, whether 35 | gratis or for a fee, you must pass on to the recipients the same 36 | freedoms that you received. You must make sure that they, too, receive 37 | or can get the source code. And you must show them these terms so they 38 | know their rights. 39 | 40 | Developers that use the GNU GPL protect your rights with two steps: 41 | (1) assert copyright on the software, and (2) offer you this License 42 | giving you legal permission to copy, distribute and/or modify it. 43 | 44 | For the developers' and authors' protection, the GPL clearly explains 45 | that there is no warranty for this free software. For both users' and 46 | authors' sake, the GPL requires that modified versions be marked as 47 | changed, so that their problems will not be attributed erroneously to 48 | authors of previous versions. 49 | 50 | Some devices are designed to deny users access to install or run 51 | modified versions of the software inside them, although the manufacturer 52 | can do so. This is fundamentally incompatible with the aim of 53 | protecting users' freedom to change the software. The systematic 54 | pattern of such abuse occurs in the area of products for individuals to 55 | use, which is precisely where it is most unacceptable. Therefore, we 56 | have designed this version of the GPL to prohibit the practice for those 57 | products. If such problems arise substantially in other domains, we 58 | stand ready to extend this provision to those domains in future versions 59 | of the GPL, as needed to protect the freedom of users. 60 | 61 | Finally, every program is threatened constantly by software patents. 62 | States should not allow patents to restrict development and use of 63 | software on general-purpose computers, but in those that do, we wish to 64 | avoid the special danger that patents applied to a free program could 65 | make it effectively proprietary. To prevent this, the GPL assures that 66 | patents cannot be used to render the program non-free. 67 | 68 | The precise terms and conditions for copying, distribution and 69 | modification follow. 70 | 71 | TERMS AND CONDITIONS 72 | 73 | 0. Definitions. 74 | 75 | "This License" refers to version 3 of the GNU General Public License. 76 | 77 | "Copyright" also means copyright-like laws that apply to other kinds of 78 | works, such as semiconductor masks. 79 | 80 | "The Program" refers to any copyrightable work licensed under this 81 | License. Each licensee is addressed as "you". "Licensees" and 82 | "recipients" may be individuals or organizations. 83 | 84 | To "modify" a work means to copy from or adapt all or part of the work 85 | in a fashion requiring copyright permission, other than the making of an 86 | exact copy. The resulting work is called a "modified version" of the 87 | earlier work or a work "based on" the earlier work. 88 | 89 | A "covered work" means either the unmodified Program or a work based 90 | on the Program. 91 | 92 | To "propagate" a work means to do anything with it that, without 93 | permission, would make you directly or secondarily liable for 94 | infringement under applicable copyright law, except executing it on a 95 | computer or modifying a private copy. Propagation includes copying, 96 | distribution (with or without modification), making available to the 97 | public, and in some countries other activities as well. 98 | 99 | To "convey" a work means any kind of propagation that enables other 100 | parties to make or receive copies. Mere interaction with a user through 101 | a computer network, with no transfer of a copy, is not conveying. 102 | 103 | An interactive user interface displays "Appropriate Legal Notices" 104 | to the extent that it includes a convenient and prominently visible 105 | feature that (1) displays an appropriate copyright notice, and (2) 106 | tells the user that there is no warranty for the work (except to the 107 | extent that warranties are provided), that licensees may convey the 108 | work under this License, and how to view a copy of this License. If 109 | the interface presents a list of user commands or options, such as a 110 | menu, a prominent item in the list meets this criterion. 111 | 112 | 1. Source Code. 113 | 114 | The "source code" for a work means the preferred form of the work 115 | for making modifications to it. "Object code" means any non-source 116 | form of a work. 117 | 118 | A "Standard Interface" means an interface that either is an official 119 | standard defined by a recognized standards body, or, in the case of 120 | interfaces specified for a particular programming language, one that 121 | is widely used among developers working in that language. 122 | 123 | The "System Libraries" of an executable work include anything, other 124 | than the work as a whole, that (a) is included in the normal form of 125 | packaging a Major Component, but which is not part of that Major 126 | Component, and (b) serves only to enable use of the work with that 127 | Major Component, or to implement a Standard Interface for which an 128 | implementation is available to the public in source code form. A 129 | "Major Component", in this context, means a major essential component 130 | (kernel, window system, and so on) of the specific operating system 131 | (if any) on which the executable work runs, or a compiler used to 132 | produce the work, or an object code interpreter used to run it. 133 | 134 | The "Corresponding Source" for a work in object code form means all 135 | the source code needed to generate, install, and (for an executable 136 | work) run the object code and to modify the work, including scripts to 137 | control those activities. However, it does not include the work's 138 | System Libraries, or general-purpose tools or generally available free 139 | programs which are used unmodified in performing those activities but 140 | which are not part of the work. For example, Corresponding Source 141 | includes interface definition files associated with source files for 142 | the work, and the source code for shared libraries and dynamically 143 | linked subprograms that the work is specifically designed to require, 144 | such as by intimate data communication or control flow between those 145 | subprograms and other parts of the work. 146 | 147 | The Corresponding Source need not include anything that users 148 | can regenerate automatically from other parts of the Corresponding 149 | Source. 150 | 151 | The Corresponding Source for a work in source code form is that 152 | same work. 153 | 154 | 2. Basic Permissions. 155 | 156 | All rights granted under this License are granted for the term of 157 | copyright on the Program, and are irrevocable provided the stated 158 | conditions are met. This License explicitly affirms your unlimited 159 | permission to run the unmodified Program. The output from running a 160 | covered work is covered by this License only if the output, given its 161 | content, constitutes a covered work. This License acknowledges your 162 | rights of fair use or other equivalent, as provided by copyright law. 163 | 164 | You may make, run and propagate covered works that you do not 165 | convey, without conditions so long as your license otherwise remains 166 | in force. You may convey covered works to others for the sole purpose 167 | of having them make modifications exclusively for you, or provide you 168 | with facilities for running those works, provided that you comply with 169 | the terms of this License in conveying all material for which you do 170 | not control copyright. Those thus making or running the covered works 171 | for you must do so exclusively on your behalf, under your direction 172 | and control, on terms that prohibit them from making any copies of 173 | your copyrighted material outside their relationship with you. 174 | 175 | Conveying under any other circumstances is permitted solely under 176 | the conditions stated below. Sublicensing is not allowed; section 10 177 | makes it unnecessary. 178 | 179 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law. 180 | 181 | No covered work shall be deemed part of an effective technological 182 | measure under any applicable law fulfilling obligations under article 183 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or 184 | similar laws prohibiting or restricting circumvention of such 185 | measures. 186 | 187 | When you convey a covered work, you waive any legal power to forbid 188 | circumvention of technological measures to the extent such circumvention 189 | is effected by exercising rights under this License with respect to 190 | the covered work, and you disclaim any intention to limit operation or 191 | modification of the work as a means of enforcing, against the work's 192 | users, your or third parties' legal rights to forbid circumvention of 193 | technological measures. 194 | 195 | 4. Conveying Verbatim Copies. 196 | 197 | You may convey verbatim copies of the Program's source code as you 198 | receive it, in any medium, provided that you conspicuously and 199 | appropriately publish on each copy an appropriate copyright notice; 200 | keep intact all notices stating that this License and any 201 | non-permissive terms added in accord with section 7 apply to the code; 202 | keep intact all notices of the absence of any warranty; and give all 203 | recipients a copy of this License along with the Program. 204 | 205 | You may charge any price or no price for each copy that you convey, 206 | and you may offer support or warranty protection for a fee. 207 | 208 | 5. Conveying Modified Source Versions. 209 | 210 | You may convey a work based on the Program, or the modifications to 211 | produce it from the Program, in the form of source code under the 212 | terms of section 4, provided that you also meet all of these conditions: 213 | 214 | a) The work must carry prominent notices stating that you modified 215 | it, and giving a relevant date. 216 | 217 | b) The work must carry prominent notices stating that it is 218 | released under this License and any conditions added under section 219 | 7. This requirement modifies the requirement in section 4 to 220 | "keep intact all notices". 221 | 222 | c) You must license the entire work, as a whole, under this 223 | License to anyone who comes into possession of a copy. This 224 | License will therefore apply, along with any applicable section 7 225 | additional terms, to the whole of the work, and all its parts, 226 | regardless of how they are packaged. This License gives no 227 | permission to license the work in any other way, but it does not 228 | invalidate such permission if you have separately received it. 229 | 230 | d) If the work has interactive user interfaces, each must display 231 | Appropriate Legal Notices; however, if the Program has interactive 232 | interfaces that do not display Appropriate Legal Notices, your 233 | work need not make them do so. 234 | 235 | A compilation of a covered work with other separate and independent 236 | works, which are not by their nature extensions of the covered work, 237 | and which are not combined with it such as to form a larger program, 238 | in or on a volume of a storage or distribution medium, is called an 239 | "aggregate" if the compilation and its resulting copyright are not 240 | used to limit the access or legal rights of the compilation's users 241 | beyond what the individual works permit. Inclusion of a covered work 242 | in an aggregate does not cause this License to apply to the other 243 | parts of the aggregate. 244 | 245 | 6. Conveying Non-Source Forms. 246 | 247 | You may convey a covered work in object code form under the terms 248 | of sections 4 and 5, provided that you also convey the 249 | machine-readable Corresponding Source under the terms of this License, 250 | in one of these ways: 251 | 252 | a) Convey the object code in, or embodied in, a physical product 253 | (including a physical distribution medium), accompanied by the 254 | Corresponding Source fixed on a durable physical medium 255 | customarily used for software interchange. 256 | 257 | b) Convey the object code in, or embodied in, a physical product 258 | (including a physical distribution medium), accompanied by a 259 | written offer, valid for at least three years and valid for as 260 | long as you offer spare parts or customer support for that product 261 | model, to give anyone who possesses the object code either (1) a 262 | copy of the Corresponding Source for all the software in the 263 | product that is covered by this License, on a durable physical 264 | medium customarily used for software interchange, for a price no 265 | more than your reasonable cost of physically performing this 266 | conveying of source, or (2) access to copy the 267 | Corresponding Source from a network server at no charge. 268 | 269 | c) Convey individual copies of the object code with a copy of the 270 | written offer to provide the Corresponding Source. This 271 | alternative is allowed only occasionally and noncommercially, and 272 | only if you received the object code with such an offer, in accord 273 | with subsection 6b. 274 | 275 | d) Convey the object code by offering access from a designated 276 | place (gratis or for a charge), and offer equivalent access to the 277 | Corresponding Source in the same way through the same place at no 278 | further charge. You need not require recipients to copy the 279 | Corresponding Source along with the object code. If the place to 280 | copy the object code is a network server, the Corresponding Source 281 | may be on a different server (operated by you or a third party) 282 | that supports equivalent copying facilities, provided you maintain 283 | clear directions next to the object code saying where to find the 284 | Corresponding Source. Regardless of what server hosts the 285 | Corresponding Source, you remain obligated to ensure that it is 286 | available for as long as needed to satisfy these requirements. 287 | 288 | e) Convey the object code using peer-to-peer transmission, provided 289 | you inform other peers where the object code and Corresponding 290 | Source of the work are being offered to the general public at no 291 | charge under subsection 6d. 292 | 293 | A separable portion of the object code, whose source code is excluded 294 | from the Corresponding Source as a System Library, need not be 295 | included in conveying the object code work. 296 | 297 | A "User Product" is either (1) a "consumer product", which means any 298 | tangible personal property which is normally used for personal, family, 299 | or household purposes, or (2) anything designed or sold for incorporation 300 | into a dwelling. In determining whether a product is a consumer product, 301 | doubtful cases shall be resolved in favor of coverage. For a particular 302 | product received by a particular user, "normally used" refers to a 303 | typical or common use of that class of product, regardless of the status 304 | of the particular user or of the way in which the particular user 305 | actually uses, or expects or is expected to use, the product. A product 306 | is a consumer product regardless of whether the product has substantial 307 | commercial, industrial or non-consumer uses, unless such uses represent 308 | the only significant mode of use of the product. 309 | 310 | "Installation Information" for a User Product means any methods, 311 | procedures, authorization keys, or other information required to install 312 | and execute modified versions of a covered work in that User Product from 313 | a modified version of its Corresponding Source. The information must 314 | suffice to ensure that the continued functioning of the modified object 315 | code is in no case prevented or interfered with solely because 316 | modification has been made. 317 | 318 | If you convey an object code work under this section in, or with, or 319 | specifically for use in, a User Product, and the conveying occurs as 320 | part of a transaction in which the right of possession and use of the 321 | User Product is transferred to the recipient in perpetuity or for a 322 | fixed term (regardless of how the transaction is characterized), the 323 | Corresponding Source conveyed under this section must be accompanied 324 | by the Installation Information. But this requirement does not apply 325 | if neither you nor any third party retains the ability to install 326 | modified object code on the User Product (for example, the work has 327 | been installed in ROM). 328 | 329 | The requirement to provide Installation Information does not include a 330 | requirement to continue to provide support service, warranty, or updates 331 | for a work that has been modified or installed by the recipient, or for 332 | the User Product in which it has been modified or installed. Access to a 333 | network may be denied when the modification itself materially and 334 | adversely affects the operation of the network or violates the rules and 335 | protocols for communication across the network. 336 | 337 | Corresponding Source conveyed, and Installation Information provided, 338 | in accord with this section must be in a format that is publicly 339 | documented (and with an implementation available to the public in 340 | source code form), and must require no special password or key for 341 | unpacking, reading or copying. 342 | 343 | 7. Additional Terms. 344 | 345 | "Additional permissions" are terms that supplement the terms of this 346 | License by making exceptions from one or more of its conditions. 347 | Additional permissions that are applicable to the entire Program shall 348 | be treated as though they were included in this License, to the extent 349 | that they are valid under applicable law. If additional permissions 350 | apply only to part of the Program, that part may be used separately 351 | under those permissions, but the entire Program remains governed by 352 | this License without regard to the additional permissions. 353 | 354 | When you convey a copy of a covered work, you may at your option 355 | remove any additional permissions from that copy, or from any part of 356 | it. (Additional permissions may be written to require their own 357 | removal in certain cases when you modify the work.) You may place 358 | additional permissions on material, added by you to a covered work, 359 | for which you have or can give appropriate copyright permission. 360 | 361 | Notwithstanding any other provision of this License, for material you 362 | add to a covered work, you may (if authorized by the copyright holders of 363 | that material) supplement the terms of this License with terms: 364 | 365 | a) Disclaiming warranty or limiting liability differently from the 366 | terms of sections 15 and 16 of this License; or 367 | 368 | b) Requiring preservation of specified reasonable legal notices or 369 | author attributions in that material or in the Appropriate Legal 370 | Notices displayed by works containing it; or 371 | 372 | c) Prohibiting misrepresentation of the origin of that material, or 373 | requiring that modified versions of such material be marked in 374 | reasonable ways as different from the original version; or 375 | 376 | d) Limiting the use for publicity purposes of names of licensors or 377 | authors of the material; or 378 | 379 | e) Declining to grant rights under trademark law for use of some 380 | trade names, trademarks, or service marks; or 381 | 382 | f) Requiring indemnification of licensors and authors of that 383 | material by anyone who conveys the material (or modified versions of 384 | it) with contractual assumptions of liability to the recipient, for 385 | any liability that these contractual assumptions directly impose on 386 | those licensors and authors. 387 | 388 | All other non-permissive additional terms are considered "further 389 | restrictions" within the meaning of section 10. If the Program as you 390 | received it, or any part of it, contains a notice stating that it is 391 | governed by this License along with a term that is a further 392 | restriction, you may remove that term. If a license document contains 393 | a further restriction but permits relicensing or conveying under this 394 | License, you may add to a covered work material governed by the terms 395 | of that license document, provided that the further restriction does 396 | not survive such relicensing or conveying. 397 | 398 | If you add terms to a covered work in accord with this section, you 399 | must place, in the relevant source files, a statement of the 400 | additional terms that apply to those files, or a notice indicating 401 | where to find the applicable terms. 402 | 403 | Additional terms, permissive or non-permissive, may be stated in the 404 | form of a separately written license, or stated as exceptions; 405 | the above requirements apply either way. 406 | 407 | 8. Termination. 408 | 409 | You may not propagate or modify a covered work except as expressly 410 | provided under this License. Any attempt otherwise to propagate or 411 | modify it is void, and will automatically terminate your rights under 412 | this License (including any patent licenses granted under the third 413 | paragraph of section 11). 414 | 415 | However, if you cease all violation of this License, then your 416 | license from a particular copyright holder is reinstated (a) 417 | provisionally, unless and until the copyright holder explicitly and 418 | finally terminates your license, and (b) permanently, if the copyright 419 | holder fails to notify you of the violation by some reasonable means 420 | prior to 60 days after the cessation. 421 | 422 | Moreover, your license from a particular copyright holder is 423 | reinstated permanently if the copyright holder notifies you of the 424 | violation by some reasonable means, this is the first time you have 425 | received notice of violation of this License (for any work) from that 426 | copyright holder, and you cure the violation prior to 30 days after 427 | your receipt of the notice. 428 | 429 | Termination of your rights under this section does not terminate the 430 | licenses of parties who have received copies or rights from you under 431 | this License. If your rights have been terminated and not permanently 432 | reinstated, you do not qualify to receive new licenses for the same 433 | material under section 10. 434 | 435 | 9. Acceptance Not Required for Having Copies. 436 | 437 | You are not required to accept this License in order to receive or 438 | run a copy of the Program. Ancillary propagation of a covered work 439 | occurring solely as a consequence of using peer-to-peer transmission 440 | to receive a copy likewise does not require acceptance. However, 441 | nothing other than this License grants you permission to propagate or 442 | modify any covered work. These actions infringe copyright if you do 443 | not accept this License. Therefore, by modifying or propagating a 444 | covered work, you indicate your acceptance of this License to do so. 445 | 446 | 10. Automatic Licensing of Downstream Recipients. 447 | 448 | Each time you convey a covered work, the recipient automatically 449 | receives a license from the original licensors, to run, modify and 450 | propagate that work, subject to this License. You are not responsible 451 | for enforcing compliance by third parties with this License. 452 | 453 | An "entity transaction" is a transaction transferring control of an 454 | organization, or substantially all assets of one, or subdividing an 455 | organization, or merging organizations. If propagation of a covered 456 | work results from an entity transaction, each party to that 457 | transaction who receives a copy of the work also receives whatever 458 | licenses to the work the party's predecessor in interest had or could 459 | give under the previous paragraph, plus a right to possession of the 460 | Corresponding Source of the work from the predecessor in interest, if 461 | the predecessor has it or can get it with reasonable efforts. 462 | 463 | You may not impose any further restrictions on the exercise of the 464 | rights granted or affirmed under this License. For example, you may 465 | not impose a license fee, royalty, or other charge for exercise of 466 | rights granted under this License, and you may not initiate litigation 467 | (including a cross-claim or counterclaim in a lawsuit) alleging that 468 | any patent claim is infringed by making, using, selling, offering for 469 | sale, or importing the Program or any portion of it. 470 | 471 | 11. Patents. 472 | 473 | A "contributor" is a copyright holder who authorizes use under this 474 | License of the Program or a work on which the Program is based. The 475 | work thus licensed is called the contributor's "contributor version". 476 | 477 | A contributor's "essential patent claims" are all patent claims 478 | owned or controlled by the contributor, whether already acquired or 479 | hereafter acquired, that would be infringed by some manner, permitted 480 | by this License, of making, using, or selling its contributor version, 481 | but do not include claims that would be infringed only as a 482 | consequence of further modification of the contributor version. For 483 | purposes of this definition, "control" includes the right to grant 484 | patent sublicenses in a manner consistent with the requirements of 485 | this License. 486 | 487 | Each contributor grants you a non-exclusive, worldwide, royalty-free 488 | patent license under the contributor's essential patent claims, to 489 | make, use, sell, offer for sale, import and otherwise run, modify and 490 | propagate the contents of its contributor version. 491 | 492 | In the following three paragraphs, a "patent license" is any express 493 | agreement or commitment, however denominated, not to enforce a patent 494 | (such as an express permission to practice a patent or covenant not to 495 | sue for patent infringement). To "grant" such a patent license to a 496 | party means to make such an agreement or commitment not to enforce a 497 | patent against the party. 498 | 499 | If you convey a covered work, knowingly relying on a patent license, 500 | and the Corresponding Source of the work is not available for anyone 501 | to copy, free of charge and under the terms of this License, through a 502 | publicly available network server or other readily accessible means, 503 | then you must either (1) cause the Corresponding Source to be so 504 | available, or (2) arrange to deprive yourself of the benefit of the 505 | patent license for this particular work, or (3) arrange, in a manner 506 | consistent with the requirements of this License, to extend the patent 507 | license to downstream recipients. "Knowingly relying" means you have 508 | actual knowledge that, but for the patent license, your conveying the 509 | covered work in a country, or your recipient's use of the covered work 510 | in a country, would infringe one or more identifiable patents in that 511 | country that you have reason to believe are valid. 512 | 513 | If, pursuant to or in connection with a single transaction or 514 | arrangement, you convey, or propagate by procuring conveyance of, a 515 | covered work, and grant a patent license to some of the parties 516 | receiving the covered work authorizing them to use, propagate, modify 517 | or convey a specific copy of the covered work, then the patent license 518 | you grant is automatically extended to all recipients of the covered 519 | work and works based on it. 520 | 521 | A patent license is "discriminatory" if it does not include within 522 | the scope of its coverage, prohibits the exercise of, or is 523 | conditioned on the non-exercise of one or more of the rights that are 524 | specifically granted under this License. You may not convey a covered 525 | work if you are a party to an arrangement with a third party that is 526 | in the business of distributing software, under which you make payment 527 | to the third party based on the extent of your activity of conveying 528 | the work, and under which the third party grants, to any of the 529 | parties who would receive the covered work from you, a discriminatory 530 | patent license (a) in connection with copies of the covered work 531 | conveyed by you (or copies made from those copies), or (b) primarily 532 | for and in connection with specific products or compilations that 533 | contain the covered work, unless you entered into that arrangement, 534 | or that patent license was granted, prior to 28 March 2007. 535 | 536 | Nothing in this License shall be construed as excluding or limiting 537 | any implied license or other defenses to infringement that may 538 | otherwise be available to you under applicable patent law. 539 | 540 | 12. No Surrender of Others' Freedom. 541 | 542 | If conditions are imposed on you (whether by court order, agreement or 543 | otherwise) that contradict the conditions of this License, they do not 544 | excuse you from the conditions of this License. If you cannot convey a 545 | covered work so as to satisfy simultaneously your obligations under this 546 | License and any other pertinent obligations, then as a consequence you may 547 | not convey it at all. For example, if you agree to terms that obligate you 548 | to collect a royalty for further conveying from those to whom you convey 549 | the Program, the only way you could satisfy both those terms and this 550 | License would be to refrain entirely from conveying the Program. 551 | 552 | 13. Use with the GNU Affero General Public License. 553 | 554 | Notwithstanding any other provision of this License, you have 555 | permission to link or combine any covered work with a work licensed 556 | under version 3 of the GNU Affero General Public License into a single 557 | combined work, and to convey the resulting work. The terms of this 558 | License will continue to apply to the part which is the covered work, 559 | but the special requirements of the GNU Affero General Public License, 560 | section 13, concerning interaction through a network will apply to the 561 | combination as such. 562 | 563 | 14. Revised Versions of this License. 564 | 565 | The Free Software Foundation may publish revised and/or new versions of 566 | the GNU General Public License from time to time. Such new versions will 567 | be similar in spirit to the present version, but may differ in detail to 568 | address new problems or concerns. 569 | 570 | Each version is given a distinguishing version number. If the 571 | Program specifies that a certain numbered version of the GNU General 572 | Public License "or any later version" applies to it, you have the 573 | option of following the terms and conditions either of that numbered 574 | version or of any later version published by the Free Software 575 | Foundation. If the Program does not specify a version number of the 576 | GNU General Public License, you may choose any version ever published 577 | by the Free Software Foundation. 578 | 579 | If the Program specifies that a proxy can decide which future 580 | versions of the GNU General Public License can be used, that proxy's 581 | public statement of acceptance of a version permanently authorizes you 582 | to choose that version for the Program. 583 | 584 | Later license versions may give you additional or different 585 | permissions. However, no additional obligations are imposed on any 586 | author or copyright holder as a result of your choosing to follow a 587 | later version. 588 | 589 | 15. Disclaimer of Warranty. 590 | 591 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY 592 | APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT 593 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY 594 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, 595 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 596 | PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM 597 | IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF 598 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 599 | 600 | 16. Limitation of Liability. 601 | 602 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 603 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS 604 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY 605 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE 606 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF 607 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD 608 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), 609 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF 610 | SUCH DAMAGES. 611 | 612 | 17. Interpretation of Sections 15 and 16. 613 | 614 | If the disclaimer of warranty and limitation of liability provided 615 | above cannot be given local legal effect according to their terms, 616 | reviewing courts shall apply local law that most closely approximates 617 | an absolute waiver of all civil liability in connection with the 618 | Program, unless a warranty or assumption of liability accompanies a 619 | copy of the Program in return for a fee. 620 | 621 | END OF TERMS AND CONDITIONS 622 | 623 | How to Apply These Terms to Your New Programs 624 | 625 | If you develop a new program, and you want it to be of the greatest 626 | possible use to the public, the best way to achieve this is to make it 627 | free software which everyone can redistribute and change under these terms. 628 | 629 | To do so, attach the following notices to the program. It is safest 630 | to attach them to the start of each source file to most effectively 631 | state the exclusion of warranty; and each file should have at least 632 | the "copyright" line and a pointer to where the full notice is found. 633 | 634 | 635 | Copyright (C) 636 | 637 | This program is free software: you can redistribute it and/or modify 638 | it under the terms of the GNU General Public License as published by 639 | the Free Software Foundation, either version 3 of the License, or 640 | (at your option) any later version. 641 | 642 | This program is distributed in the hope that it will be useful, 643 | but WITHOUT ANY WARRANTY; without even the implied warranty of 644 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 645 | GNU General Public License for more details. 646 | 647 | You should have received a copy of the GNU General Public License 648 | along with this program. If not, see . 649 | 650 | Also add information on how to contact you by electronic and paper mail. 651 | 652 | If the program does terminal interaction, make it output a short 653 | notice like this when it starts in an interactive mode: 654 | 655 | Copyright (C) 656 | This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 657 | This is free software, and you are welcome to redistribute it 658 | under certain conditions; type `show c' for details. 659 | 660 | The hypothetical commands `show w' and `show c' should show the appropriate 661 | parts of the General Public License. Of course, your program's commands 662 | might be different; for a GUI interface, you would use an "about box". 663 | 664 | You should also get your employer (if you work as a programmer) or school, 665 | if any, to sign a "copyright disclaimer" for the program, if necessary. 666 | For more information on this, and how to apply and follow the GNU GPL, see 667 | . 668 | 669 | The GNU General Public License does not permit incorporating your program 670 | into proprietary programs. If your program is a subroutine library, you 671 | may consider it more useful to permit linking proprietary applications with 672 | the library. If this is what you want to do, use the GNU Lesser General 673 | Public License instead of this License. But first, please read 674 | . 675 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Larkin 2 | 3 | Formerly [docker-run.com](https://github.com/acro5piano/docker-run.com) 4 | 5 | Simple Docker container management, including automatic reverse proxy, private registry, host management, and more. 6 | 7 | ![image](https://github.com/acro5piano/docker-run.com/blob/master/demo.gif) 8 | 9 | # Project status 10 | 11 | Currently Larkin is alpha. We will launch beta version by April 2019, so please watch us. 12 | 13 | # Why 14 | 15 | We all know Docker in production environment is great. Stateless deployment, shared environment in both development and production, and more. However, we have to do a lot of work when we manage our containers in production, such as Blue-Green deployment, Containers health check, and learn Kubernates. Do you imagine if we can run Docker Containers just by telling the url of your Docker image? 16 | 17 | - No need to create Fargate instance 18 | - No need to learn Kubernates 19 | - No need to write deploy script 20 | - No need to care about scalability 21 | - No need to set up your certificates 22 | 23 | Yes, Larkin is here: A new and better way to run Docker containers in production. 24 | 25 | # How to use 26 | 27 | As you can see the above demo, all you have to do is input your docker image url. Larkin creates an unique domain for your application. 28 | 29 | Deploy a new image? It is quite easy, no need to install any tools: 30 | 31 | ``` 32 | curl -XPOST -H 'Authorization: YOUR_TOKEN' -d HOST/IMAGE:VERSION https://api.larkin.sh/APP_ID/renew 33 | ``` 34 | 35 | And the Docker container will be renew without downtime. 36 | 37 | **Image renew API is not implemented now** 38 | 39 | # Running it locally 40 | 41 | **Requirements** 42 | 43 | - Node.js >= 10 44 | - Yarn 45 | 46 | **How to run** 47 | 48 | ``` 49 | git clone git@github.com:getlarkin/larkin 50 | cd larkin 51 | cp .env ./packages/frontend/.env 52 | cp .env ./packages/api/.env 53 | yarn install 54 | yarn dev 55 | ``` 56 | 57 | Note: The following features will not currently work in locally: 58 | 59 | - nginx proxy 60 | - Route53 host management 61 | - Docker registry server 62 | 63 | # Support 64 | 65 | https://www.buymeacoffee.com/geTuXnB 66 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | host_key_checking = False 3 | remote_user = ec2-user 4 | inventory = ./hosts.ini 5 | callback_whitelist = profile_tasks 6 | -------------------------------------------------------------------------------- /assets/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/getlarkin/larkin/97119f5fa4cce86e09cc3fcf80ae1cb1be171bd6/assets/favicon.ico -------------------------------------------------------------------------------- /assets/fb-ogp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/getlarkin/larkin/97119f5fa4cce86e09cc3fcf80ae1cb1be171bd6/assets/fb-ogp.png -------------------------------------------------------------------------------- /assets/logo-full.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/getlarkin/larkin/97119f5fa4cce86e09cc3fcf80ae1cb1be171bd6/assets/logo-full.png -------------------------------------------------------------------------------- /assets/logo-mark.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/getlarkin/larkin/97119f5fa4cce86e09cc3fcf80ae1cb1be171bd6/assets/logo-mark.png -------------------------------------------------------------------------------- /assets/logo-white.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/getlarkin/larkin/97119f5fa4cce86e09cc3fcf80ae1cb1be171bd6/assets/logo-white.png -------------------------------------------------------------------------------- /db/migrations/20190120085046_initial.js: -------------------------------------------------------------------------------- 1 | exports.up = async function(knex, Promise) { 2 | await knex.schema.createTable('users', function(table) { 3 | table 4 | .uuid('id') 5 | .notNullable() 6 | .primary() 7 | table.string('name') 8 | table.string('email').notNullable() 9 | table.string('avatar_url') 10 | table.string('contract_type') 11 | table.string('github_id').notNullable() 12 | table.string('github_url').notNullable() 13 | table.string('github_access_token').notNullable() 14 | table.string('github_refresh_token') 15 | table.timestamps() 16 | }) 17 | 18 | await knex.schema.createTable('containers', function(table) { 19 | table 20 | .uuid('id') 21 | .notNullable() 22 | .primary() 23 | table.uuid('user_id').notNullable() 24 | table.string('image').notNullable() 25 | table.string('command') 26 | table.string('public_host').notNullable() 27 | table.string('proxy_host').notNullable() 28 | table 29 | .integer('proxy_port') 30 | .unsigned() 31 | .notNullable() 32 | table.timestamps() 33 | }) 34 | 35 | await knex.schema.createTable('hostnames', function(table) { 36 | table 37 | .increments('id') 38 | .notNullable() 39 | .primary() 40 | table.string('hostname').notNullable() 41 | table.string('container_id') 42 | table.timestamps() 43 | }) 44 | } 45 | 46 | exports.down = async function(knex, Promise) { 47 | await knex.schema.dropTable('users') 48 | await knex.schema.dropTable('containers') 49 | await knex.schema.dropTable('containers') 50 | } 51 | -------------------------------------------------------------------------------- /db/migrations/20190121165943_add_internal_container_id.js: -------------------------------------------------------------------------------- 1 | exports.up = async function(knex, Promise) { 2 | await knex.schema.table('containers', function(table) { 3 | table 4 | .string('status') 5 | .default('running') 6 | .notNullable() 7 | table 8 | .string('internal_container_id') 9 | .default('') 10 | .notNullable() 11 | }) 12 | await knex.schema.dropTable('hostnames') 13 | } 14 | 15 | exports.down = async function(knex, Promise) { 16 | await knex.schema.createTable('hostnames', function(table) { 17 | table 18 | .increments('id') 19 | .notNullable() 20 | .primary() 21 | table.string('hostname').notNullable() 22 | table.string('container_id') 23 | table.timestamps() 24 | }) 25 | } 26 | -------------------------------------------------------------------------------- /db/migrations/20190121192656_set_default_contract_type.js: -------------------------------------------------------------------------------- 1 | exports.up = async function(knex, Promise) { 2 | await knex.table('users').update({ contract_type: 'hobby' }) 3 | await knex.schema.table('users', function(table) { 4 | table 5 | .string('contract_type') 6 | .notNullable() 7 | .default('hobby') 8 | .alter() 9 | }) 10 | } 11 | 12 | exports.down = function(knex, Promise) { 13 | return knex.schema.table('users', function(table) { 14 | table.string('contract_type').alter() 15 | }) 16 | } 17 | -------------------------------------------------------------------------------- /db/migrations/20190121235541_add_docker_login_token.js: -------------------------------------------------------------------------------- 1 | exports.up = async function(knex, Promise) { 2 | await knex.schema.table('users', function(table) { 3 | table 4 | .string('api_token') 5 | .default('') 6 | .notNullable() 7 | }) 8 | } 9 | 10 | exports.down = async function(knex, Promise) { 11 | await knex.schema.table('users', function(table) { 12 | table.dropColumn('api_token') 13 | }) 14 | } 15 | -------------------------------------------------------------------------------- /db/migrations/20190123010333_add_onetime_docker_login_token.js: -------------------------------------------------------------------------------- 1 | exports.up = async function(knex, Promise) { 2 | await knex.schema.table('users', function(table) { 3 | table 4 | .string('onetime_docker_login_token') 5 | .default('') 6 | .notNullable() 7 | }) 8 | } 9 | 10 | exports.down = async function(knex, Promise) { 11 | await knex.schema.table('users', function(table) { 12 | table.dropColumn('onetime_docker_login_token') 13 | }) 14 | } 15 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | db: 5 | image: postgres:10-alpine 6 | ports: 7 | - "29576:5432" 8 | environment: 9 | POSTGRES_PASSWORD: postgres 10 | POSTGRES_USER: postgres 11 | POSTGRES_DB: larkin_local 12 | redis: 13 | image: redis:3 14 | ports: 15 | - "47632:6379" 16 | -------------------------------------------------------------------------------- /hosts.ini.sample: -------------------------------------------------------------------------------- 1 | [dbservers] 2 | 11.22.33.44 ansible_ssh_private_key_file=/Users/someone/.ssh/larkin.pem 3 | 4 | [webservers] 5 | 11.22.33.44 ansible_ssh_private_key_file=/Users/someone/.ssh/larkin.pem 6 | 7 | [appservers] 8 | 11.22.33.44 ansible_ssh_private_key_file=/Users/someone/.ssh/larkin.pem 9 | 10 | [registryservers] 11 | 11.22.33.44 ansible_ssh_private_key_file=/Users/someone/.ssh/larkin.pem 12 | -------------------------------------------------------------------------------- /knexfile.js: -------------------------------------------------------------------------------- 1 | require('dotenv').config() 2 | 3 | module.exports = { 4 | client: 'pg', 5 | connection: process.env.PG_CONNECTION_STRING, 6 | migrations: { 7 | directory: './db/migrations', 8 | }, 9 | seeds: { 10 | directory: './db/seeds', 11 | }, 12 | } 13 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "larkin", 3 | "version": "0.0.1", 4 | "private": true, 5 | "repository": "git@github.com:getlarkin/larkin", 6 | "author": "gosho-kazuya ", 7 | "license": "MIT", 8 | "workspaces": { 9 | "packages": [ 10 | "./packages/*" 11 | ] 12 | }, 13 | "scripts": { 14 | "dev": "npm-run-all --parallel dev:api start:registry:dev dev:frontend", 15 | "dev:api": "nodemon --watch './packages/api/src/*.ts' --exec 'yarn start:api:dev' ./packages/api/src/index.ts", 16 | "dev:frontend": "yarn workspace @larkin/frontend start", 17 | "build:frontend": "yarn workspace @larkin/frontend build", 18 | "make:seed": "yarn workspace @larkin/api knex seed:make", 19 | "make:migration": "yarn workspace @larkin/api knex migrate:make", 20 | "db:init": "node tasks/init-db.js", 21 | "db:cli": "pgcli postgres://postgres:postgres@127.0.0.1:29576/larkin_local", 22 | "db:seed": "yarn workspace @larkin/api knex seed:run", 23 | "db:migrate": "yarn workspace @larkin/api knex migrate:latest", 24 | "db:migrate:rollback": "yarn workspace @larkin/api knex migrate:rollback", 25 | "start:api:dev": "cross-env NODE_ENV=development yarn workspace @larkin/api start", 26 | "start:registry:dev": "cross-env NODE_ENV=development yarn workspace @larkin/registry start", 27 | "start:api": "cross-env NODE_ENV=production yarn workspace @larkin/api start", 28 | "start:registry": "cross-env NODE_ENV=production yarn workspace @larkin/registry start", 29 | "setup:ansible": "node scripts/setup-ansible.js" 30 | }, 31 | "dependencies": { 32 | "@types/node": "^10.12.18", 33 | "typescript": "^3.2.2" 34 | }, 35 | "devDependencies": { 36 | "@types/jest": "^23.3.12", 37 | "cross-env": "^5.2.0", 38 | "ejs": "^2.6.1", 39 | "jest": "^23.6.0", 40 | "nodemon": "^1.18.9", 41 | "npm-run-all": "^4.1.5", 42 | "prettier": "^1.15.3", 43 | "ts-jest": "^23.10.5" 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /packages/api/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "@larkin/api", 3 | "version": "0.0.1", 4 | "private": true, 5 | "repository": "git@github.com:acro5piano/larkin.sh-core", 6 | "author": "gosho-kazuya ", 7 | "license": "MIT", 8 | "scripts": { 9 | "start": "ts-node -r tsconfig-paths/register ./src/index.ts" 10 | }, 11 | "dependencies": { 12 | "@types/body-parser": "^1.17.0", 13 | "@types/express": "^4.16.0", 14 | "@types/express-winston": "^3.0.0", 15 | "@types/jsonwebtoken": "^8.3.0", 16 | "@types/knex": "^0.15.1", 17 | "@types/node": "^10.12.18", 18 | "@types/passport": "^1.0.0", 19 | "@types/passport-github2": "^1.2.2", 20 | "@types/passport-jwt": "^3.0.1", 21 | "@types/uuid": "^3.4.4", 22 | "@types/winston": "^2.4.4", 23 | "@types/ws": "^6.0.1", 24 | "aws-sdk": "^2.389.0", 25 | "body-parser": "^1.18.3", 26 | "cors": "^2.8.5", 27 | "dotenv": "^6.2.0", 28 | "express": "^4.16.4", 29 | "express-winston": "^3.0.1", 30 | "get-port": "^4.1.0", 31 | "jsonwebtoken": "^8.4.0", 32 | "knex": "^0.20.1", 33 | "knex-tiny-logger": "^1.1.0", 34 | "objection": "^1.4.0", 35 | "passport": "^0.4.0", 36 | "passport-github2": "^0.1.11", 37 | "passport-jwt": "^4.0.0", 38 | "pg": "^7.8.0", 39 | "ts-node": "^7.0.1", 40 | "tsconfig-paths": "^3.7.0", 41 | "uuid": "^3.3.2", 42 | "winston": "^3.1.0", 43 | "ws": "^6.1.2" 44 | }, 45 | "devDependencies": {} 46 | } 47 | -------------------------------------------------------------------------------- /packages/api/src/commands/command.ts: -------------------------------------------------------------------------------- 1 | require('dotenv').config() 2 | 3 | import { logger } from '@larkin/api/services/logger' 4 | import { Model } from 'objection' 5 | 6 | export async function command(name: string, fn: Function) { 7 | logger.info(`Running: ${name}`) 8 | await fn() 9 | Model.knex().destroy() 10 | } 11 | -------------------------------------------------------------------------------- /packages/api/src/commands/ensureDockerContainers.ts: -------------------------------------------------------------------------------- 1 | import { command } from '@larkin/api/commands/command' 2 | 3 | import { Container } from '@larkin/api/models/Container' 4 | import { logger } from '@larkin/api/services/logger' 5 | import { dockerRun } from '@larkin/api/facades/docker' 6 | 7 | command('ensureDockerContainers', async () => { 8 | const containers = await Container.query().where({ status: 'running' }) 9 | await Promise.all( 10 | containers.map(async container => { 11 | const internal_container_id = await dockerRun( 12 | container.image, 13 | container.proxy_port, 14 | (data: any) => logger.info(data.toString()), 15 | ) 16 | 17 | await Container.query() 18 | .update({ 19 | internal_container_id, 20 | }) 21 | .where({ id: container.id }) 22 | }), 23 | ) 24 | }) 25 | -------------------------------------------------------------------------------- /packages/api/src/controllers/auth.ts: -------------------------------------------------------------------------------- 1 | import * as express from 'express' 2 | import * as passport from 'passport' 3 | import { sign } from 'jsonwebtoken' 4 | import { getRandomStringLong } from '@larkin/api/helpers/getRandomString' 5 | import { User } from '@larkin/api/models/User' 6 | import { requireAuth } from '@larkin/api/middleware/auth' 7 | 8 | export const router = express.Router() 9 | 10 | router.get('/me', requireAuth, (req, res) => { 11 | res.send(req.user) 12 | }) 13 | 14 | router.get('/github', passport.authenticate('github', { scope: ['user:email'] })) 15 | 16 | router.post('/github', passport.authenticate('github'), async (req, res) => { 17 | const { id } = req.user 18 | res.send(sign({ id }, process.env.JWT_SECRET as string)) 19 | }) 20 | 21 | router.post('/api_tokens', requireAuth, async (req, res) => { 22 | const api_token = getRandomStringLong() + getRandomStringLong() 23 | const user = await User.query().updateAndFetchById(req.user.id, { 24 | api_token, 25 | }) 26 | res.send(user) 27 | }) 28 | -------------------------------------------------------------------------------- /packages/api/src/controllers/containers.ts: -------------------------------------------------------------------------------- 1 | import * as express from 'express' 2 | import { requireAuth } from '@larkin/api/middleware/auth' 3 | import { Middleware } from '@larkin/api/types' 4 | import { Container } from '@larkin/api/models/Container' 5 | import { dockerPull, dockerRun, dockerKill } from '@larkin/api/facades/docker' 6 | import { createDomain } from '@larkin/api/domain' 7 | import { logger } from '@larkin/api/services/logger' 8 | import { createNewNginxConfig, restartNginx, runCertbot } from '@larkin/api/facades/nginx' 9 | const getPort = require('get-port') 10 | 11 | export const router = express.Router() 12 | 13 | router.use(requireAuth) 14 | 15 | const withContainer: Middleware = async (req, res, next) => { 16 | const container = await Container.query().findById(req.params.id) 17 | if (!container) { 18 | res.status(404).send('container not found') 19 | throw new Error('container not found') 20 | } 21 | req.params.container = container 22 | next() 23 | } 24 | 25 | router.get('/', async (req, res) => { 26 | const containers = await Container.query() 27 | .where({ user_id: req.user.id }) 28 | .where({ status: 'running' }) 29 | res.send(containers) 30 | }) 31 | 32 | router.post('/', requireAuth, async (req, res) => { 33 | const { image } = req.body 34 | const proxyPort = await getPort() 35 | 36 | if (!(await req.user.canCreateContainer())) { 37 | res.status(422).send('You are using "hobby" plan, so the limit is 1 container') 38 | return 39 | } 40 | 41 | const publicHostName: string = await createDomain() 42 | await createNewNginxConfig({ publicHostName, proxyPort, listenPort: 8080 }) 43 | restartNginx() 44 | 45 | try { 46 | await dockerPull(image, data => logger.info(data.toString())) 47 | } catch (e) { 48 | res.status(422).send('Somthing went wrong. Try again later.') 49 | return 50 | } 51 | 52 | const internal_container_id = await dockerRun(image, proxyPort, (data: any) => 53 | logger.info(data.toString()), 54 | ) 55 | 56 | await Container.query().insert({ 57 | user_id: req.user.id, 58 | internal_container_id, 59 | status: 'running', 60 | image: req.body.image, 61 | public_host: publicHostName, 62 | proxy_host: 'localhost', 63 | proxy_port: proxyPort, 64 | // command: string, 65 | }) 66 | 67 | res.send('ok') 68 | }) 69 | 70 | router.delete('/:id', requireAuth, withContainer, async (req, res) => { 71 | const { container } = req.params 72 | await dockerKill(container.internal_container_id) 73 | await container.$query().patch({ status: 'terminated' }) 74 | res.send('ok') 75 | }) 76 | 77 | router.put('/:id/public_host', withContainer, async (req, res) => { 78 | const { container } = req.params 79 | const publicHostName = req.body.public_host 80 | const { ssl } = req.body 81 | 82 | try { 83 | await runCertbot(publicHostName) 84 | } catch (e) { 85 | res.status(422).send('could not get ssl certs.') 86 | return 87 | } 88 | await createNewNginxConfig({ 89 | publicHostName, 90 | proxyPort: container.proxy_port, 91 | listenPort: ssl ? 443 : 80, 92 | ssl, 93 | }) 94 | await restartNginx() 95 | await Container.query() 96 | .update({ 97 | public_host: publicHostName, 98 | }) 99 | .where({ id: container.id }) 100 | 101 | res.send('ok') 102 | }) 103 | -------------------------------------------------------------------------------- /packages/api/src/controllers/public.ts: -------------------------------------------------------------------------------- 1 | import * as express from 'express' 2 | import { User } from '@larkin/api/models/User' 3 | import axios from 'axios' 4 | import { getRandomStringLong } from '@larkin/api/helpers/getRandomString' 5 | 6 | export const router = express.Router() 7 | 8 | router.get('/get_docker_login', async (req, res) => { 9 | const api_token = req.headers['x-token'] 10 | const user = await User.query().findOne({ api_token }) 11 | if (!user) { 12 | res.status(401).send('api token is wrong') 13 | return 14 | } 15 | const password = 16 | getRandomStringLong() + getRandomStringLong() + getRandomStringLong() + getRandomStringLong() 17 | 18 | await axios.post(`${process.env.REGISTRY_API_URL}/register`, { 19 | user: api_token, 20 | password, 21 | }) 22 | 23 | res.send(`docker login -u ${api_token} -p ${password} ${process.env.DOCKER_LOGIN_URL}`) 24 | }) 25 | -------------------------------------------------------------------------------- /packages/api/src/controllers/ws.ts: -------------------------------------------------------------------------------- 1 | import * as WebSocket from 'ws' 2 | import { createDomain } from '@larkin/api/domain' 3 | import { dockerPull, dockerRun } from '@larkin/api/facades/docker' 4 | import { createNewNginxConfig, restartNginx } from '@larkin/api/facades/nginx' 5 | import { logger } from '@larkin/api/services/logger' 6 | import { isProduction } from '@larkin/api/helpers/environ' 7 | import { Container } from '@larkin/api/models/Container' 8 | 9 | const getPort = require('get-port') 10 | 11 | export const onConnection = (ws: WebSocket) => { 12 | const handleStdIo = (data: any) => { 13 | logger.info(`stdout: ${data.toString()}`) 14 | try { 15 | ws.send(`[docker] ${data.toString()}`) 16 | } catch (e) { 17 | logger.info('websocket client is missing') 18 | } 19 | } 20 | 21 | const dockerLog = (message: string, newLine: boolean = false) => { 22 | logger.info(`[docker] ${message}`) 23 | try { 24 | ws.send(`${newLine ? '\n' : ''}[larkin.sh] ${message}`) 25 | } catch (e) { 26 | logger.info('websocket client is missing') 27 | } 28 | } 29 | 30 | ws.on('close', function() { 31 | logger.debug('connection closed.') 32 | }) 33 | 34 | ws.on('message', async (image: string) => { 35 | const proxyPort = await getPort() 36 | 37 | dockerLog('====> STEP 1. Connecting to larkin.sh build server...') 38 | dockerLog('Successfully connected to larkin.sh build server. Build started.') 39 | 40 | dockerLog('====> STEP 2. Registering your domain...', true) 41 | const publicHostName = await createDomain() 42 | const protocol = isProduction ? 'https' : 'http' 43 | dockerLog(`Successfully registered domain: ${protocol}://${publicHostName}`) 44 | await createNewNginxConfig({ publicHostName, proxyPort, listenPort: 8080 }) 45 | restartNginx() 46 | 47 | dockerLog(`====> STEP 3. Pulling ${image}...`, true) 48 | try { 49 | await dockerPull(image, handleStdIo) 50 | } catch (e) { 51 | dockerLog('Somthing went wrong. Try again later.') 52 | return 53 | } 54 | 55 | dockerLog('====> STEP 4. Running Docker container...', true) 56 | const internal_container_id = await dockerRun(image, proxyPort, handleStdIo, (ps: any) => { 57 | logger.info(`docker container is running at: :${proxyPort}`) 58 | setTimeout(async () => { 59 | dockerLog( 60 | 'Killing docker container due to exceeding 600 seconds limit for demo instance.', 61 | true, 62 | ) 63 | dockerLog('Thank you for applying demo. please Subscribe larkin.sh!') 64 | await Container.query() 65 | .update({ status: 'terminated' }) 66 | .where({ internal_container_id }) 67 | ps.kill() 68 | }, 600 * 1000) 69 | }) 70 | 71 | await Container.query().insert({ 72 | internal_container_id, 73 | status: 'running', 74 | image, 75 | public_host: publicHostName, 76 | proxy_host: 'localhost', 77 | proxy_port: proxyPort, 78 | // command: string, 79 | }) 80 | }) 81 | } 82 | -------------------------------------------------------------------------------- /packages/api/src/domain.ts: -------------------------------------------------------------------------------- 1 | require('dotenv').config() 2 | 3 | import * as AWS from 'aws-sdk' 4 | import { isProduction } from '@larkin/api/helpers/environ' 5 | import { getRandomString } from '@larkin/api/helpers/getRandomString' 6 | 7 | const getDomainAliasName = (): string => { 8 | return getRandomString() + '.larkin.sh' 9 | } 10 | 11 | export const createDomain = (): Promise => 12 | new Promise((resolve, reject) => { 13 | if (!isProduction) { 14 | return resolve('docker-run.local:5588') 15 | } 16 | 17 | const domainName = getDomainAliasName() 18 | 19 | const route53 = new AWS.Route53({ 20 | region: 'ap-northeast-1', 21 | credentials: { 22 | accessKeyId: process.env.AWS_ACCESS_KEY_ID || '', 23 | secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY || '', 24 | }, 25 | }) 26 | 27 | route53.changeResourceRecordSets( 28 | { 29 | HostedZoneId: process.env.AWS_ROUTE53_HOSTED_ZONE_ID as string, 30 | ChangeBatch: { 31 | Changes: [ 32 | { 33 | Action: 'CREATE', 34 | ResourceRecordSet: { 35 | Name: domainName, 36 | Type: 'A', 37 | AliasTarget: { 38 | HostedZoneId: process.env.AWS_ALIAS_HOSTED_ZONE_ID as string, 39 | DNSName: 'dualstack.larkin-elb-1431217607.us-east-1.elb.amazonaws.com', 40 | EvaluateTargetHealth: false, 41 | }, 42 | }, 43 | }, 44 | ], 45 | }, 46 | }, 47 | (err: any) => { 48 | if (err) { 49 | return reject(err) 50 | } else { 51 | return resolve(domainName) 52 | } 53 | }, 54 | ) 55 | }) 56 | -------------------------------------------------------------------------------- /packages/api/src/facades/docker.ts: -------------------------------------------------------------------------------- 1 | import { spawn, ChildProcess } from 'child_process' 2 | import { logger } from '@larkin/api/services/logger' 3 | import { getRandomString } from '@larkin/api/helpers/getRandomString' 4 | 5 | export const getContainerPort = (imageName: string) => 6 | new Promise(resolve => { 7 | const ps = spawn('docker', ['image', 'inspect', imageName]) 8 | ps.stdout.on('data', (data: any) => { 9 | try { 10 | const json = JSON.parse(data.toString()) 11 | const port = Object.keys(json[0].ContainerConfig.ExposedPorts)[0].split('/')[0] 12 | return resolve(Number(port)) 13 | } catch (e) { 14 | return null 15 | } 16 | }) 17 | }) 18 | 19 | type HandleStdIo = (data: any) => void 20 | 21 | const replacePrivateRepositoryHost = (image: string) => 22 | image.replace('registry.larkin.sh', process.env.REGISTRY_LOCAL_IP as string) 23 | 24 | export const dockerPull = (image: string, handleStdIo: HandleStdIo) => 25 | new Promise((resolve, reject) => { 26 | const ps = spawn('docker', ['pull', replacePrivateRepositoryHost(image)]) 27 | ps.stdout.on('data', handleStdIo) 28 | ps.stderr.on('data', handleStdIo) 29 | ps.on('exit', code => { 30 | if (code !== 0) { 31 | return reject(code) 32 | } 33 | resolve() 34 | }) 35 | }) 36 | 37 | export const dockerRun = async ( 38 | image: string, 39 | hostPort: number, 40 | handleStdIo: HandleStdIo, 41 | callback?: (ps: ChildProcess) => any, 42 | ) => { 43 | const name = getRandomString() 44 | const containerPort = await getContainerPort(replacePrivateRepositoryHost(image)) 45 | const ps = spawn('docker', [ 46 | 'run', 47 | '-d', 48 | '--name', 49 | name, 50 | '--rm', 51 | '-p', 52 | `${hostPort}:${containerPort}`, 53 | replacePrivateRepositoryHost(image), 54 | ]) 55 | ps.stdout.on('data', handleStdIo) 56 | ps.stderr.on('data', handleStdIo) 57 | if (callback) { 58 | setImmediate(() => callback(ps)) 59 | } 60 | return name 61 | } 62 | 63 | export const dockerKill = (name: string) => 64 | new Promise(resolve => { 65 | const ps = spawn('docker', ['kill', name]) 66 | ps.stdout.on('data', data => logger.info(data.toString())) 67 | ps.on('exit', resolve) 68 | }) 69 | -------------------------------------------------------------------------------- /packages/api/src/facades/nginx.ts: -------------------------------------------------------------------------------- 1 | import * as fs from 'fs' 2 | import * as cp from 'child_process' 3 | import { isProduction } from '@larkin/api/helpers/environ' 4 | import { logStdout } from '@larkin/api/services/logger' 5 | 6 | interface NginxConfig { 7 | publicHostName: string 8 | proxyPort: number 9 | listenPort: number 10 | ssl?: boolean 11 | } 12 | 13 | export const createNewNginxConfig = (config: NginxConfig) => 14 | new Promise(resolve => { 15 | const sslConfig = config.ssl 16 | ? ` 17 | # SSL 18 | ssl_certificate /etc/letsencrypt/live/${config.publicHostName}/fullchain.pem; 19 | ssl_certificate_key /etc/letsencrypt/live/${config.publicHostName}/privkey.pem; 20 | 21 | # Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html 22 | ssl_protocols TLSv1.1 TLSv1.2; 23 | ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; 24 | ssl_prefer_server_ciphers on; 25 | ssl_session_cache shared:SSL:10m; 26 | ` 27 | : '' 28 | 29 | const newConfig = ` 30 | server { 31 | server_name ${config.publicHostName}; 32 | listen ${config.listenPort}${config.ssl ? ' ssl' : ''}; 33 | 34 | ${sslConfig} 35 | 36 | location / { 37 | proxy_pass http://localhost:${config.proxyPort}; 38 | proxy_http_version 1.1; 39 | proxy_set_header Upgrade $http_upgrade; 40 | proxy_set_header Connection 'upgrade'; 41 | proxy_set_header Host $host; 42 | proxy_cache_bypass $http_upgrade; 43 | } 44 | } 45 | ` 46 | const confDir = `${process.env.NGINX_CONF_FILE_DIR}/${config.publicHostName}.conf` 47 | fs.writeFile(confDir, newConfig, 'utf8', err => { 48 | if (err) { 49 | console.error(err) 50 | throw new Error('cannot write nginx config') 51 | } 52 | resolve() 53 | }) 54 | }) 55 | 56 | export const restartNginx = () => { 57 | if (!isProduction) { 58 | return Promise.resolve() 59 | } 60 | 61 | return new Promise(resolve => { 62 | const ps = cp.spawn('sudo', ['systemctl', 'reload', 'nginx']) 63 | ps.on('exit', resolve) 64 | }) 65 | } 66 | 67 | export const runCertbot = (domain: string) => { 68 | if (!isProduction) { 69 | return Promise.resolve() 70 | } 71 | 72 | return new Promise((resolve, reject) => { 73 | const ps = cp.spawn('sudo', [ 74 | 'certbot', 75 | 'certonly', 76 | '--nginx', 77 | '-d', 78 | domain, 79 | '--email', 80 | 'ketsume0211@gmail.com', 81 | '--agree-tos', 82 | '--keep-until-expiring', 83 | '--non-interactive', 84 | ]) 85 | ps.stdout.on('data', logStdout) 86 | ps.stderr.on('data', logStdout) 87 | ps.on('close', code => { 88 | if (code !== 0) { 89 | reject(code) 90 | } else { 91 | resolve() 92 | } 93 | }) 94 | }) 95 | } 96 | -------------------------------------------------------------------------------- /packages/api/src/helpers/environ.ts: -------------------------------------------------------------------------------- 1 | export const isProduction = process.env.NODE_ENV === 'production' 2 | -------------------------------------------------------------------------------- /packages/api/src/helpers/getRandomString.ts: -------------------------------------------------------------------------------- 1 | const gen8 = () => 2 | Math.random() 3 | .toString(36) 4 | .slice(5) 5 | 6 | export const getRandomString = (): string => gen8() + gen8() 7 | 8 | export const getRandomStringLong = (): string => gen8() + gen8() + gen8() + gen8() 9 | -------------------------------------------------------------------------------- /packages/api/src/index.ts: -------------------------------------------------------------------------------- 1 | require('dotenv').config() 2 | 3 | import * as express from 'express' 4 | import * as bodyParser from 'body-parser' 5 | import * as WebSocket from 'ws' 6 | import * as http from 'http' 7 | 8 | import { loggerMiddleware } from '@larkin/api/middleware/logger' 9 | import { authMiddleware } from '@larkin/api/middleware/auth' 10 | import { logger } from '@larkin/api/services/logger' 11 | import { onConnection } from '@larkin/api/controllers/ws' 12 | 13 | import { router as ContainerController } from '@larkin/api/controllers/containers' 14 | import { router as AuthController } from '@larkin/api/controllers/auth' 15 | import { router as PublicApiController } from '@larkin/api/controllers/public' 16 | 17 | const app = express() 18 | const server = http.createServer(app) 19 | const wss = new WebSocket.Server({ server }) 20 | 21 | app.use(authMiddleware) 22 | app.use(require('cors')()) 23 | app.use(bodyParser.urlencoded({ extended: true })) 24 | app.use(bodyParser.json()) 25 | app.use(loggerMiddleware) 26 | app.enable('trust proxy') 27 | 28 | app.get('/health', (_req, res) => { 29 | res.send('ok') 30 | }) 31 | 32 | app.use('/containers', ContainerController) 33 | app.use('/auth', AuthController) 34 | app.use('/', PublicApiController) 35 | 36 | wss.on('connection', onConnection) 37 | 38 | const port = process.env.PORT || 5588 39 | server.listen(port, () => { 40 | logger.info(`docker-run-core is running: http://localhost:${port}`) 41 | logger.info(` NODE_ENV: ${process.env.NODE_ENV}`) 42 | }) 43 | -------------------------------------------------------------------------------- /packages/api/src/middleware/auth.ts: -------------------------------------------------------------------------------- 1 | import { Strategy as GitHubStrategy } from 'passport-github2' 2 | import { Strategy as JwtStrategy, ExtractJwt } from 'passport-jwt' 3 | import * as passport from 'passport' 4 | import { User } from '@larkin/api/models/User' 5 | 6 | passport.serializeUser(function(user, done) { 7 | done(null, user) 8 | }) 9 | 10 | passport.deserializeUser(function(obj, done) { 11 | done(null, obj) 12 | }) 13 | 14 | passport.use( 15 | new GitHubStrategy( 16 | { 17 | clientID: process.env.GITHUB_CLIENT_ID as string, 18 | clientSecret: process.env.GITHUB_CLIENT_SECRET as string, 19 | callbackURL: process.env.GITHUB_CLIENT_CALLBACK_URL as string, 20 | }, 21 | async function(accessToken: any, refreshToken: any, profile: any, done: any) { 22 | let user = await User.query().findOne({ github_id: profile.id }) 23 | if (!user) { 24 | user = await User.query().insert({ 25 | name: profile.username, 26 | email: profile.emails ? profile.emails[0].value : 'github_user@example.com', 27 | avatar_url: profile.photos ? profile.photos[0].value : '', 28 | github_id: profile.id, 29 | github_url: profile.profileUrl, 30 | github_access_token: accessToken, 31 | github_refresh_token: refreshToken, 32 | }) 33 | } 34 | process.nextTick(() => { 35 | return done(null, user) 36 | }) 37 | }, 38 | ), 39 | ) 40 | 41 | const jwtOptions = { 42 | secretOrKey: process.env.JWT_SECRET, 43 | jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(), 44 | } 45 | 46 | passport.use( 47 | new JwtStrategy(jwtOptions, async (payload, done) => { 48 | const user = await User.query().findById(payload.id) 49 | done(null, user) 50 | }), 51 | ) 52 | 53 | export const requireAuth = passport.authenticate('jwt', { session: false }) 54 | 55 | export const authMiddleware = passport.initialize() 56 | -------------------------------------------------------------------------------- /packages/api/src/middleware/logger.ts: -------------------------------------------------------------------------------- 1 | import { loggerOptions } from '../services/logger' 2 | 3 | const expressWinston = require('express-winston') 4 | 5 | export const loggerMiddleware = expressWinston.logger(loggerOptions) 6 | -------------------------------------------------------------------------------- /packages/api/src/models/Container.ts: -------------------------------------------------------------------------------- 1 | import { Model } from 'objection' 2 | import { ModelBase } from '@larkin/api/models/ModelBase' 3 | 4 | type ContainerStatus = 'initializing' | 'running' | 'terminated' 5 | 6 | export class Container extends ModelBase { 7 | user_id!: string 8 | image!: string 9 | internal_container_id!: string 10 | status!: ContainerStatus 11 | command?: string 12 | public_host!: string 13 | proxy_host!: string 14 | proxy_port!: number 15 | 16 | static tableName = 'containers' 17 | 18 | $beforeInsert() { 19 | super.$beforeInsert() 20 | if (!this.user_id) { 21 | this.user_id = '00000000-0000-0000-0000-000000000000' 22 | } 23 | } 24 | 25 | static get relationMappings() { 26 | return { 27 | containers: { 28 | relation: Model.BelongsToOneRelation, 29 | modelClass: __dirname + '/User', 30 | join: { 31 | from: 'containers.user_id', 32 | to: 'users.id', 33 | }, 34 | }, 35 | } 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /packages/api/src/models/ModelBase.ts: -------------------------------------------------------------------------------- 1 | import { Model } from 'objection' 2 | import * as Knex from 'knex' 3 | import * as uuid from 'uuid' 4 | const knexTinyLogger = require('knex-tiny-logger').default 5 | 6 | export const knex = Knex({ 7 | client: 'pg', 8 | connection: process.env.PG_CONNECTION_STRING, 9 | migrations: { 10 | directory: './db/migrations', 11 | }, 12 | seeds: { 13 | directory: './db/seeds/test', 14 | }, 15 | useNullAsDefault: true, 16 | }) 17 | 18 | Model.knex(knex) 19 | knexTinyLogger(knex) 20 | 21 | export class ModelBase extends Model { 22 | id!: string 23 | created_at!: string 24 | updated_at!: string 25 | 26 | $beforeInsert() { 27 | this.id = uuid() 28 | this.created_at = new Date().toISOString() 29 | this.updated_at = new Date().toISOString() 30 | } 31 | 32 | $beforeUpdate() { 33 | this.updated_at = new Date().toISOString() 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /packages/api/src/models/User.ts: -------------------------------------------------------------------------------- 1 | import { Model } from 'objection' 2 | import { ModelBase } from '@larkin/api/models/ModelBase' 3 | import { getRandomStringLong } from '@larkin/api/helpers/getRandomString' 4 | 5 | type ContractType = 'hobby' | 'basic' | 'pro' 6 | 7 | export class User extends ModelBase { 8 | name!: string 9 | email!: string 10 | contract_type!: ContractType 11 | avatar_url?: string 12 | github_id!: string 13 | github_url!: string 14 | github_access_token!: string 15 | github_refresh_token!: string 16 | api_token!: string 17 | onetime_docker_login_token!: string 18 | 19 | static tableName = 'users' 20 | 21 | $beforeInsert() { 22 | super.$beforeInsert() 23 | if (!this.api_token) { 24 | this.api_token = getRandomStringLong() + getRandomStringLong() 25 | } 26 | } 27 | 28 | async canCreateContainer(): Promise { 29 | const runningContainers = await this.$query().whereExists( 30 | this.$relatedQuery('containers').where({ status: 'running' }), 31 | ) 32 | 33 | if (this.contract_type === 'hobby' && runningContainers) { 34 | return false 35 | } 36 | return true 37 | } 38 | 39 | static get relationMappings() { 40 | return { 41 | containers: { 42 | relation: Model.HasManyRelation, 43 | modelClass: __dirname + '/Container', 44 | join: { 45 | from: 'users.id', 46 | to: 'containers.user_id', 47 | }, 48 | }, 49 | } 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /packages/api/src/services/logger.ts: -------------------------------------------------------------------------------- 1 | import * as winston from 'winston' 2 | 3 | export const loggerOptions = { 4 | level: 'info', 5 | format: winston.format.cli(), 6 | transports: [ 7 | new winston.transports.Console(), 8 | // new winston.transports.File({ filename: 'error.log', level: 'error' }), 9 | ], 10 | } 11 | 12 | export const logger = winston.createLogger(loggerOptions) 13 | 14 | export const logStdout = (data: any) => logger.info(`stdout: ${String(data)}`) 15 | -------------------------------------------------------------------------------- /packages/api/src/types.ts: -------------------------------------------------------------------------------- 1 | import { Response, Request } from 'express' 2 | 3 | export type Middleware = (req: Request, res: Response, next: () => any) => any 4 | export type Controller = (req: Request, res: Response) => any 5 | -------------------------------------------------------------------------------- /packages/api/tmp/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/getlarkin/larkin/97119f5fa4cce86e09cc3fcf80ae1cb1be171bd6/packages/api/tmp/.gitkeep -------------------------------------------------------------------------------- /packages/frontend/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Larkin - A new and better way to run Docker Containers in production 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 38 | 39 | 40 | 41 | 57 |
58 |
59 | 60 |
61 |
62 | 63 | 64 | -------------------------------------------------------------------------------- /packages/frontend/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "@larkin/frontend", 3 | "version": "1.0.0", 4 | "main": "index.js", 5 | "license": "MIT", 6 | "scripts": { 7 | "start": "cross-env NODE_ENV=development webpack-dev-server --watch --progress", 8 | "build": "cross-env NODE_ENV=production webpack" 9 | }, 10 | "dependencies": { 11 | "@material-ui/core": "^3.9.0", 12 | "@material-ui/icons": "^3.0.2", 13 | "axios": "^0.18.0", 14 | "react": "^16.7.0", 15 | "react-dom": "^16.7.0", 16 | "react-router": "^4.3.1", 17 | "react-router-dom": "^4.3.1", 18 | "styled-components": "^4.1.3" 19 | }, 20 | "devDependencies": { 21 | "@types/react": "^16.7.18", 22 | "@types/react-dom": "^16.0.11", 23 | "@types/react-router": "^4.4.3", 24 | "@types/react-router-dom": "^4.3.1", 25 | "@types/styled-components": "^4.1.5", 26 | "@types/webpack-env": "^1.13.6", 27 | "dotenv-webpack": "^1.6.0", 28 | "fork-ts-checker-webpack-plugin": "^0.5.2", 29 | "html-webpack-plugin": "^3.2.0", 30 | "styled-components": "^4.1.3", 31 | "ts-loader": "^5.3.3", 32 | "webpack": "^4.28.4", 33 | "webpack-cli": "^3.2.1", 34 | "webpack-dev-server": "^3.1.14" 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /packages/frontend/src/App.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import { BrowserRouter } from 'react-router-dom' 3 | import { GlobalStyle } from '@larkin/frontend/GlobalStyle' 4 | import { DownAlert } from '@larkin/frontend/components/DownAlert' 5 | import { createMuiTheme, MuiThemeProvider } from '@material-ui/core/styles' 6 | import { Routes } from '@larkin/frontend/Routes' 7 | import CssBaseline from '@material-ui/core/CssBaseline' 8 | import { getUrlQuery } from '@larkin/frontend/utils' 9 | import { loginWithGitHubToken } from '@larkin/frontend/services/api' 10 | import { loginWithJWTToken } from '@larkin/frontend/services/api' 11 | import { CONTAINERS_PATH } from '@larkin/frontend/Routes' 12 | 13 | const mainTheme = createMuiTheme({ 14 | typography: { 15 | useNextVariants: true, 16 | }, 17 | }) 18 | 19 | export class App extends React.Component<{}> { 20 | async componentDidMount() { 21 | const savedToken = localStorage.getItem('token') 22 | if (savedToken) { 23 | await loginWithJWTToken() 24 | } 25 | 26 | const code = getUrlQuery('code') 27 | if (code) { 28 | const token = await loginWithGitHubToken(code) 29 | if (token) { 30 | localStorage.setItem('token', token.data) 31 | window.location.href = CONTAINERS_PATH 32 | return 33 | } 34 | } 35 | } 36 | 37 | render() { 38 | return ( 39 | <> 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | ) 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /packages/frontend/src/ErrorBoundry.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | 3 | export class ErrorBoundry extends React.Component { 4 | componentDidCatch() { 5 | alert('Too many request. please try again later.') 6 | } 7 | 8 | render() { 9 | return this.props.children 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /packages/frontend/src/GlobalStyle.tsx: -------------------------------------------------------------------------------- 1 | import { createGlobalStyle } from 'styled-components' 2 | 3 | export const GlobalStyle = createGlobalStyle` 4 | @import url('https://fonts.googleapis.com/css?family=Noto+Sans+JP:400,700,900&subset=japanese'); 5 | @import url('https://fonts.googleapis.com/icon?family=Material+Icons'); 6 | 7 | * { 8 | box-sizing: border-box; 9 | } 10 | 11 | body { 12 | font-family: 'Noto Sans JP', sans-serif; 13 | font-size: 13px; 14 | line-height: 1.67; 15 | background: #fff; 16 | color: #666; 17 | } 18 | 19 | #root { 20 | position:relative; 21 | z-index: 0; 22 | } 23 | 24 | @font-face { 25 | font-family: 'Material Icons'; 26 | font-style: normal; 27 | font-weight: 400; 28 | src: local('Material Icons'), local('MaterialIcons-Regular'); 29 | } 30 | 31 | a { 32 | text-decoration: none; 33 | } 34 | 35 | input { 36 | line-height: 1.3; 37 | font-size: 16px; 38 | } 39 | 40 | textarea { 41 | line-height: 1.6; 42 | font-size: 16px; 43 | } 44 | 45 | code { 46 | background: #eee; 47 | padding: 2px 6px; 48 | border-radius: 4px; 49 | color: deeppink; 50 | } 51 | ` 52 | -------------------------------------------------------------------------------- /packages/frontend/src/Routes.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import { Route, Switch } from 'react-router-dom' 3 | import { Landing } from '@larkin/frontend/pages/Landing' 4 | import { NotFound } from '@larkin/frontend/pages/NotFound' 5 | import { Try } from '@larkin/frontend/pages/Try' 6 | import { Login } from '@larkin/frontend/pages/Auth/Login' 7 | import { Dashboard } from '@larkin/frontend/pages/Dashboard' 8 | import { Containers } from '@larkin/frontend/pages/Containers' 9 | import { ContainerDetail } from '@larkin/frontend/pages/ContainerDetail' 10 | import { Images } from '@larkin/frontend/pages/Images' 11 | 12 | export const LANDING_PATH = '/' 13 | export const TRY_PATH = '/try' 14 | export const LOGIN_PATH = '/login' 15 | export const DASHBOARD_PATH = '/dashboard' 16 | export const CONTAINERS_PATH = '/containers' 17 | export const CONTAINER_PATH = '/containers/:id' 18 | export const IMAGES_PATH = '/images' 19 | export const IMAGE_PATH = '/image' 20 | 21 | // Get full path to a resource. 22 | // e.g.) getLink('/users/:id/edit', 1) => /customers/1/visits/new 23 | export const getLink = (pathname: string, ...ids: any[]): string => 24 | ids.reduce((cur, id) => cur.replace(/:[a-z|A-Z]+/, id), pathname) 25 | 26 | export const Routes = () => ( 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | ) 39 | -------------------------------------------------------------------------------- /packages/frontend/src/components/Button.tsx: -------------------------------------------------------------------------------- 1 | import styled from 'styled-components' 2 | 3 | type ButtonVariant = 'primary' | 'default' | 'danger' 4 | 5 | interface Props { 6 | variant?: ButtonVariant 7 | fullWidth?: boolean 8 | } 9 | 10 | function getButtonColor(variant: ButtonVariant = 'primary') { 11 | switch (variant) { 12 | case 'default': 13 | return '#888' 14 | case 'primary': 15 | case 'danger': 16 | default: 17 | return '#FFF' 18 | } 19 | } 20 | 21 | function getButtonBGColor(variant: ButtonVariant = 'primary') { 22 | switch (variant) { 23 | case 'primary': 24 | return '#707ded' 25 | case 'danger': 26 | return '#ED7070' 27 | case 'default': 28 | default: 29 | return '#F8F8F8' 30 | } 31 | } 32 | 33 | export const Button = styled.button` 34 | padding: 8px 22px; 35 | border-radius: 5px; 36 | cursor: pointer; 37 | font-size: 14px; 38 | border: none; 39 | background: ${props => getButtonBGColor(props.variant)}; 40 | color: ${props => getButtonColor(props.variant)}; 41 | max-width: ${props => (props.fullWidth ? '100%' : '200px')}; 42 | display: ${props => (props.fullWidth ? 'inline-block' : 'inline')}; 43 | &[disabled] { 44 | background: #ccc; 45 | color: #666; 46 | } 47 | ` 48 | -------------------------------------------------------------------------------- /packages/frontend/src/components/Card.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import styled from 'styled-components' 3 | 4 | const Container = styled.div` 5 | background: #fff; 6 | border-radius: 3px; 7 | width: 250px; 8 | height: 250px; 9 | text-align: center; 10 | display: flex; 11 | flex-direction: column; 12 | justify-content: space-evenly; 13 | border: solid 1px #eee; 14 | ` 15 | 16 | const Num = styled.div` 17 | font-size: 48px; 18 | ` 19 | 20 | const Text = styled.div`` 21 | 22 | interface Props { 23 | text: string 24 | num: number 25 | } 26 | 27 | export const Card = ({ text, num }: Props) => ( 28 | 29 | {num} 30 | {text} 31 | 32 | ) 33 | -------------------------------------------------------------------------------- /packages/frontend/src/components/ConsoleLayout/Header.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import styled from 'styled-components' 3 | 4 | const Container = styled.div` 5 | display: flex; 6 | height: 64px; 7 | margin-left: 200px; 8 | align-items: center; 9 | background: #fff; 10 | padding: 12px; 11 | position: fixed; 12 | top: 0; 13 | width: 100%; 14 | border-bottom: solid 1px #eee; 15 | ` 16 | 17 | interface Props { 18 | title?: string 19 | } 20 | 21 | export const Header = ({ title }: Props) => {title} 22 | -------------------------------------------------------------------------------- /packages/frontend/src/components/ConsoleLayout/Sidebar.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import { Link } from 'react-router-dom' 3 | import styled from 'styled-components' 4 | import BarChartIcon from '@material-ui/icons/BarChart' 5 | import ViewComfyIcon from '@material-ui/icons/ViewComfy' 6 | import ScheduleIcon from '@material-ui/icons/Schedule' 7 | import CreditCardIcon from '@material-ui/icons/CreditCard' 8 | import PanoramaIcon from '@material-ui/icons/Panorama' 9 | import PowerSettingIcon from '@material-ui/icons/PowerSettingsNew' 10 | import { DASHBOARD_PATH, CONTAINERS_PATH, IMAGES_PATH } from '@larkin/frontend/Routes' 11 | import { Hidden } from '@larkin/frontend/components/Hidden' 12 | 13 | const Container = styled.div` 14 | height: 100vh; 15 | background: #7386b8; 16 | width: 200px; 17 | position: fixed; 18 | top: 0; 19 | left: 0; 20 | ` 21 | 22 | const LogoContainer = styled.div` 23 | padding: 12px; 24 | ` 25 | 26 | const Logo = styled.img` 27 | margin-top: 10px; 28 | width: 100%; 29 | ` 30 | 31 | const List = styled.div` 32 | margin-top: 18px; 33 | ` 34 | 35 | interface ListItemInterface { 36 | isActive?: boolean 37 | } 38 | 39 | const ListItem = styled.div` 40 | padding: 12px; 41 | color: #fff; 42 | display: flex; 43 | align-items: center; 44 | height: 50px; 45 | font-size: 14px; 46 | cursor: pointer; 47 | background: ${props => (props.isActive ? '#5268a0' : 'inherit')}; 48 | ` 49 | 50 | const ListText = styled.div` 51 | margin-left: 16px; 52 | ` 53 | 54 | export type Tab = 'dashboard' | 'containers' | 'images' | 'tasks' | 'billing' 55 | 56 | interface Props { 57 | activeTab: Tab 58 | } 59 | 60 | const logout = () => { 61 | window.localStorage.removeItem('token') 62 | window.location.href = '/' 63 | } 64 | 65 | export const Sidebar = ({ activeTab }: Props) => ( 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | Containers 75 | 76 | 77 | 78 | 79 | 80 | Registry 81 | 82 | 83 | 84 | 85 | Logout 86 | 87 | 88 | 89 | 90 | 91 | 92 | Dashboard 93 | 94 | 95 | 96 | 97 | Tasks 98 | 99 | 100 | 101 | Billing 102 | 103 | 104 | 105 | 106 | ) 107 | -------------------------------------------------------------------------------- /packages/frontend/src/components/ConsoleLayout/index.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import styled from 'styled-components' 3 | import { Header } from './Header' 4 | import { Sidebar, Tab } from './Sidebar' 5 | 6 | const Container = styled.div` 7 | margin: 64px 0 0 200px; 8 | ` 9 | 10 | interface Props { 11 | activeTab: Tab 12 | children?: any 13 | title?: string 14 | } 15 | 16 | export const ConsoleLayout = ({ children, activeTab, title }: Props) => ( 17 | <> 18 | 19 |
20 | {children} 21 | 22 | ) 23 | -------------------------------------------------------------------------------- /packages/frontend/src/components/DownAlert.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import styled from 'styled-components' 3 | 4 | const Container = styled.div` 5 | width: 100%; 6 | border-radius: 3px; 7 | height: 40px; 8 | display: flex; 9 | justify-content: center; 10 | align-items: center; 11 | background: #eb7b68; 12 | color: #fff; 13 | font-weight: bold; 14 | ` 15 | 16 | export const DownAlert = () => ( 17 | 18 | Sorry we are migrating to larkin.sh to be OSS! 19 | 20 | ) 21 | -------------------------------------------------------------------------------- /packages/frontend/src/components/Gradation.tsx: -------------------------------------------------------------------------------- 1 | import styled from 'styled-components' 2 | 3 | export const Gradation = styled.div` 4 | background: linear-gradient(180deg, #ecf6ff 0%, rgba(255, 255, 255, 0) 100%), #81d8fd; 5 | ` 6 | -------------------------------------------------------------------------------- /packages/frontend/src/components/Header.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import Hidden from '@material-ui/core/Hidden' 3 | import styled from 'styled-components' 4 | import { Link } from 'react-router-dom' 5 | import { Button } from '@larkin/frontend/components/Button' 6 | import { subscribe } from '@larkin/frontend/services/api' 7 | 8 | const Container = styled.div` 9 | padding: 18px; 10 | max-width: 1024px; 11 | margin: auto; 12 | display: flex; 13 | justify-content: space-between; 14 | /* 15 | @media (min-width: 768px) { 16 | display: flex; 17 | justify-content: space-between; 18 | } 19 | */ 20 | ` 21 | 22 | const LogoImg = styled.img` 23 | width: 40px; 24 | margin-top: 6px; 25 | margin-right: -6px; 26 | ` 27 | 28 | const HeaderLeft = styled.div` 29 | display: flex; 30 | align-items: center; 31 | ` 32 | 33 | const ListItem = styled.li` 34 | list-style: none; 35 | margin-left: 36px; 36 | cursor: pointer; 37 | font-size: 14px; 38 | ` 39 | 40 | export class Header extends React.Component { 41 | state = { 42 | email: '', 43 | sending: false, 44 | } 45 | 46 | subscribe = async () => { 47 | const isValid = /(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])/.test( 48 | this.state.email, 49 | ) 50 | if (!isValid) { 51 | alert('Email is wrong.') 52 | return 53 | } 54 | 55 | this.setState({ sending: true }) 56 | await subscribe(this.state.email) 57 | this.setState({ email: '', sending: false }) 58 | window.alert('Thank you for subscribing us! Get in touch soon.') 59 | } 60 | 61 | wip = () => { 62 | alert( 63 | 'Thank you for click me. Currently WIP state, so please subscribe us by submiting the form right!', 64 | ) 65 | } 66 | 67 | render() { 68 | return ( 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | GitHub 77 | 78 | 79 | 80 | Features 81 | Pricing 82 | Company 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | ) 92 | } 93 | } 94 | 95 | // this.setState({ email: e.target.value })} 100 | // /> 101 | // 102 | // {sending ? '...' : } 103 | // 104 | -------------------------------------------------------------------------------- /packages/frontend/src/components/Hidden.tsx: -------------------------------------------------------------------------------- 1 | import styled from 'styled-components' 2 | 3 | export const Hidden = styled.div` 4 | display: none; 5 | ` 6 | -------------------------------------------------------------------------------- /packages/frontend/src/components/Terminal.tsx: -------------------------------------------------------------------------------- 1 | import styled from 'styled-components' 2 | 3 | export const Terminal = styled.div` 4 | white-space: pre-wrap; 5 | font-family: 'Roboto Mono', monospace; 6 | padding: 12px 18px; 7 | color: #f8f8f8; 8 | overflow: scroll; 9 | margin: auto; 10 | border-radius: 4px; 11 | background: #333; 12 | min-height: 400px; 13 | margin-top: 45px; 14 | ` 15 | -------------------------------------------------------------------------------- /packages/frontend/src/components/TextField.tsx: -------------------------------------------------------------------------------- 1 | import styled from 'styled-components' 2 | 3 | interface TextFieldProps { 4 | fullWidth?: boolean 5 | } 6 | 7 | export const TextField = styled.input` 8 | border-radius: 4px; 9 | border: none; 10 | padding: 8px 12px; 11 | background: #f5f5f5; 12 | width: ${props => (props.fullWidth ? '100%' : 'auto')} 13 | 14 | ::placeholder { 15 | color: #aaa; 16 | opacity: 1; 17 | } 18 | ` 19 | -------------------------------------------------------------------------------- /packages/frontend/src/components/Title.tsx: -------------------------------------------------------------------------------- 1 | import styled from 'styled-components' 2 | 3 | export const Title = styled.div` 4 | font-size: 16px; 5 | font-weight: bold; 6 | margin: 24px 0; 7 | ` 8 | -------------------------------------------------------------------------------- /packages/frontend/src/entities/Container.ts: -------------------------------------------------------------------------------- 1 | export interface Container { 2 | id: string 3 | status: string 4 | image: string 5 | command?: string 6 | public_host: string 7 | created_at: string 8 | } 9 | -------------------------------------------------------------------------------- /packages/frontend/src/entities/User.ts: -------------------------------------------------------------------------------- 1 | export interface User { 2 | id: string 3 | name: string 4 | email: string 5 | avatar_url?: string 6 | github_id: string 7 | github_url: string 8 | github_access_token: string 9 | github_refresh_token: string 10 | api_token: string 11 | onetime_docker_login_token: string 12 | } 13 | -------------------------------------------------------------------------------- /packages/frontend/src/index.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import * as ReactDOM from 'react-dom' 3 | import { App } from './App' 4 | 5 | ReactDOM.render(, document.getElementById('root')) 6 | -------------------------------------------------------------------------------- /packages/frontend/src/pages/Auth/Login.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import styled from 'styled-components' 3 | import { RouteComponentProps } from 'react-router' 4 | import { Header } from '@larkin/frontend/components/Header' 5 | import { Button } from '@larkin/frontend/components/Button' 6 | 7 | const Container = styled.div` 8 | max-width: 1024px; 9 | margin: 36px auto; 10 | text-align: center; 11 | ` 12 | 13 | const GitHubButton = styled(Button)` 14 | background: #333; 15 | ` 16 | 17 | interface State { 18 | email: string 19 | password: string 20 | } 21 | 22 | const OAUTH_URL = `${process.env.API_URL}/auth/github` 23 | 24 | export class Login extends React.Component { 25 | state = { 26 | email: '', 27 | password: '', 28 | } 29 | 30 | render() { 31 | return ( 32 | <> 33 |
34 | 35 | 36 | Login with GitHub 37 | 38 | 39 | 40 | ) 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /packages/frontend/src/pages/ContainerDetail/index.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import Checkbox from '@material-ui/core/Checkbox' 3 | import { TextField } from '@larkin/frontend/components/TextField' 4 | import styled from 'styled-components' 5 | import { ConsoleLayout } from '@larkin/frontend/components/ConsoleLayout' 6 | import { RouteComponentProps } from 'react-router' 7 | import { getContainers, updateDomainPublicHost } from '@larkin/frontend/services/api' 8 | import { Container } from '@larkin/frontend/entities/Container' 9 | import { Title } from '@larkin/frontend/components/Title' 10 | import { Button } from '@larkin/frontend/components/Button' 11 | import { destroyContainer } from '@larkin/frontend/services/api' 12 | import { CONTAINERS_PATH } from '@larkin/frontend/Routes' 13 | 14 | const _Container = styled.div` 15 | max-width: 1024px; 16 | padding: 12px; 17 | margin: auto; 18 | ` 19 | 20 | const Section = styled.div` 21 | background: #fff; 22 | border-radius: 3px; 23 | padding: 12px 24px 24px; 24 | ` 25 | 26 | const Row = styled.div` 27 | display: flex; 28 | align-items: center; 29 | margin-top: 24px; 30 | ` 31 | 32 | const Label = styled.div` 33 | width: 200px; 34 | color: #888; 35 | ` 36 | 37 | const Value = styled.div` 38 | margin-left: 24px; 39 | color: #333; 40 | ` 41 | 42 | const SmallButton = styled.div` 43 | margin-left: 24px; 44 | color: #5268a0; 45 | border: solid 1px #a6b1cc; 46 | border-radius: 4px; 47 | padding: 5px 13px; 48 | cursor: pointer; 49 | display: inline-block; 50 | ` 51 | 52 | const SslNote = styled.div` 53 | display: flex; 54 | ` 55 | 56 | interface State { 57 | containers: Container[] 58 | newDomain: string 59 | editingDomain: boolean 60 | useSsl: boolean 61 | } 62 | 63 | export class ContainerDetail extends React.Component, State> { 64 | state = { 65 | containers: [] as Container[], 66 | newDomain: '', 67 | editingDomain: false, 68 | useSsl: true, 69 | } 70 | 71 | async componentDidMount() { 72 | await this.fetch() 73 | } 74 | 75 | fetch = async () => { 76 | const containers = (await getContainers()).data 77 | this.setState({ containers }) 78 | } 79 | 80 | toEditDomain = () => { 81 | this.setState({ editingDomain: true }) 82 | } 83 | 84 | onChangeNewDomain = (e: any) => { 85 | this.setState({ newDomain: e.target.value }) 86 | } 87 | 88 | onSubmitNewDomain = async () => { 89 | const { newDomain, useSsl } = this.state 90 | await updateDomainPublicHost(this.targetContainer.id, newDomain, useSsl) 91 | await this.fetch() 92 | this.setState({ editingDomain: false }) 93 | } 94 | 95 | get targetContainer() { 96 | const container = this.state.containers.find(c => c.id === this.props.match.params.id) 97 | if (!container) { 98 | throw new Error('container not found') 99 | } 100 | return container 101 | } 102 | 103 | deleteContainer = async () => { 104 | if (!window.confirm('are you sure?')) { 105 | return 106 | } 107 | 108 | await destroyContainer(this.targetContainer.id) 109 | 110 | this.props.history.replace(CONTAINERS_PATH) 111 | } 112 | 113 | render() { 114 | const { containers, editingDomain, newDomain, useSsl } = this.state 115 | if (containers.length === 0) { 116 | return 117 | } 118 | 119 | return ( 120 | ${this.targetContainer.id}`}> 121 | <_Container> 122 | Information 123 |
124 | 125 | 126 | {this.targetContainer.id} 127 | 128 | 129 | 130 | {this.targetContainer.image} 131 | 132 | 133 | 134 | 135 | {`https://${this.targetContainer.public_host}`} 139 | 140 | {editingDomain ? ( 141 | 142 | https:// 143 | 144 | Done 145 | 146 | this.setState({ useSsl: !useSsl })} 149 | color="primary" 150 | /> 151 | Use SSL to make standalone https connection. If you use CDN like Cloudflare, 152 | please check off. 153 | 154 |
155 | Note: You have to set your A record to 18.212.162.232 156 |
157 | 158 | ) : ( 159 | Set custom domain 160 | )} 161 | 162 | 163 | 164 | {this.targetContainer.status} 165 | 166 | 167 | 168 | {this.targetContainer.created_at} 169 | 170 |
171 | 172 | Actions 173 |
174 | 175 | 180 | Delete this container permanently. 181 | 182 |
183 | 184 | 185 | ) 186 | } 187 | } 188 | -------------------------------------------------------------------------------- /packages/frontend/src/pages/Containers/LaunchModal.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import styled from 'styled-components' 3 | import Dialog from '@material-ui/core/Dialog' 4 | import DialogActions from '@material-ui/core/DialogActions' 5 | import DialogContent from '@material-ui/core/DialogContent' 6 | import DialogContentText from '@material-ui/core/DialogContentText' 7 | import DialogTitle from '@material-ui/core/DialogTitle' 8 | import { Button } from '@larkin/frontend/components/Button' 9 | import { TextField } from '@larkin/frontend/components/TextField' 10 | import { launchContainer } from '@larkin/frontend/services/api' 11 | 12 | const FormArea = styled.div` 13 | margin-top: 24px; 14 | width: 800px; 15 | display: flex; 16 | align-items: center; 17 | ` 18 | 19 | const TextFieldContainer = styled.div` 20 | margin-left: 12px; 21 | flex: 1; 22 | ` 23 | 24 | interface Props { 25 | open: boolean 26 | onClose: () => void 27 | onLaunch: () => void 28 | } 29 | 30 | interface State { 31 | image: string 32 | launching: boolean 33 | } 34 | 35 | export class LaunchModal extends React.Component { 36 | state = { 37 | image: '', 38 | launching: false, 39 | } 40 | 41 | setImage = (e: any) => this.setState({ image: e.target.value }) 42 | 43 | launch = async () => { 44 | this.setState({ launching: true }) 45 | await launchContainer(this.state.image) 46 | this.setState({ launching: false }) 47 | this.props.onLaunch() 48 | } 49 | 50 | render() { 51 | const { open, onClose } = this.props 52 | const { image, launching } = this.state 53 | 54 | return ( 55 | 56 | Docker Run 57 | 58 | Launch a container by just filling docker image. 59 | 60 | $ docker run 61 | 62 | 68 | 69 | 70 | 71 | 72 | 75 | 76 | 77 | ) 78 | } 79 | } 80 | -------------------------------------------------------------------------------- /packages/frontend/src/pages/Containers/index.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import Table from '@material-ui/core/Table' 3 | import TableBody from '@material-ui/core/TableBody' 4 | import TableCell from '@material-ui/core/TableCell' 5 | import TableHead from '@material-ui/core/TableHead' 6 | import TableRow from '@material-ui/core/TableRow' 7 | import styled from 'styled-components' 8 | import { RouteComponentProps } from 'react-router' 9 | import { ConsoleLayout } from '@larkin/frontend/components/ConsoleLayout' 10 | import { getContainers } from '@larkin/frontend/services/api' 11 | import { Button } from '@larkin/frontend/components/Button' 12 | import { getLink, CONTAINER_PATH } from '@larkin/frontend/Routes' 13 | import { Container } from '@larkin/frontend/entities/Container' 14 | import { LaunchModal } from './LaunchModal' 15 | 16 | const Container = styled.div` 17 | max-width: 1024px; 18 | padding: 36px 12px 0; 19 | margin: 24px auto; 20 | ` 21 | 22 | const TableContainer = styled.div` 23 | background: #fff; 24 | border: solid 1px #eee; 25 | margin-top: 24px; 26 | ` 27 | 28 | const ClickableTableRow: any = styled(TableRow)` 29 | cursor: pointer; 30 | ` 31 | 32 | const UpgradeAlert = styled.span` 33 | display: inline; 34 | margin-left: 18px; 35 | color: #ed7070; 36 | ` 37 | 38 | interface State { 39 | containers: Container[] 40 | launchModalOpen: boolean 41 | } 42 | 43 | export class Containers extends React.Component { 44 | state = { 45 | containers: [] as Container[], 46 | launchModalOpen: false, 47 | } 48 | 49 | async componentDidMount() { 50 | await this.fetch() 51 | } 52 | 53 | fetch = async () => { 54 | const containers = (await getContainers()).data 55 | this.setState({ containers }) 56 | } 57 | 58 | onLaunch = async () => { 59 | await this.fetch() 60 | this.setState({ launchModalOpen: false }) 61 | } 62 | 63 | toContainer = (id: string) => { 64 | this.props.history.push(getLink(CONTAINER_PATH, id)) 65 | } 66 | 67 | openLaunchContainerModal = () => this.setState({ launchModalOpen: true }) 68 | closeLaunchContainerModal = () => this.setState({ launchModalOpen: false }) 69 | 70 | get canRunContainer() { 71 | return this.state.containers.length === 0 72 | } 73 | 74 | render() { 75 | const { containers, launchModalOpen } = this.state 76 | 77 | return ( 78 | 79 | 80 | 83 | 84 | {!this.canRunContainer && ( 85 | 86 | If you run 2 or more containers, you have to upgrade your plan (coming soon). 87 | 88 | )} 89 | 90 | 91 | 92 | 93 | Image 94 | Endpoint 95 | Status 96 | Created 97 | 98 | 99 | 100 | {containers.map(container => ( 101 | this.toContainer(container.id)} 105 | hover 106 | > 107 | {container.image} 108 | {container.public_host} 109 | {container.status} 110 | {container.created_at} 111 | 112 | ))} 113 | 114 |
115 | 116 | 117 | 122 | 123 | ) 124 | } 125 | } 126 | -------------------------------------------------------------------------------- /packages/frontend/src/pages/Dashboard/index.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import Grid from '@material-ui/core/Grid' 3 | import styled from 'styled-components' 4 | import { RouteComponentProps } from 'react-router' 5 | import { ConsoleLayout } from '@larkin/frontend/components/ConsoleLayout' 6 | import { Card } from '@larkin/frontend/components/Card' 7 | import { Title } from '@larkin/frontend/components/Title' 8 | 9 | const Container = styled.div` 10 | max-width: 1024px; 11 | padding: 12px; 12 | margin: auto; 13 | ` 14 | 15 | export class Dashboard extends React.Component { 16 | state = { 17 | email: '', 18 | password: '', 19 | } 20 | 21 | componentDidMount() {} 22 | 23 | render() { 24 | return ( 25 | 26 | 27 | Summary 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | ) 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /packages/frontend/src/pages/Images/LaunchModal.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import styled from 'styled-components' 3 | import Dialog from '@material-ui/core/Dialog' 4 | import DialogActions from '@material-ui/core/DialogActions' 5 | import DialogContent from '@material-ui/core/DialogContent' 6 | import DialogContentText from '@material-ui/core/DialogContentText' 7 | import DialogTitle from '@material-ui/core/DialogTitle' 8 | import { Button } from '@larkin/frontend/components/Button' 9 | import { TextField } from '@larkin/frontend/components/TextField' 10 | import { launchContainer } from '@larkin/frontend/services/api' 11 | 12 | const FormArea = styled.div` 13 | margin-top: 24px; 14 | ` 15 | 16 | const TextFieldContainer = styled.span` 17 | margin-left: 12px; 18 | ` 19 | 20 | interface Props { 21 | open: boolean 22 | onClose: () => void 23 | onLaunch: () => void 24 | } 25 | 26 | interface State { 27 | image: string 28 | } 29 | 30 | export class LaunchModal extends React.Component { 31 | state = { 32 | image: '', 33 | } 34 | 35 | setImage = (e: any) => this.setState({ image: e.target.value }) 36 | 37 | launch = async () => { 38 | await launchContainer(this.state.image) 39 | this.props.onLaunch() 40 | } 41 | 42 | render() { 43 | const { open, onClose } = this.props 44 | const { image } = this.state 45 | 46 | return ( 47 | 48 | Docker Run 49 | 50 | Launch a container by just filling docker image. 51 | 52 | $ docker run 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | ) 63 | } 64 | } 65 | -------------------------------------------------------------------------------- /packages/frontend/src/pages/Images/index.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | // import Table from '@material-ui/core/Table' 3 | // import TableBody from '@material-ui/core/TableBody' 4 | // import TableCell from '@material-ui/core/TableCell' 5 | // import TableHead from '@material-ui/core/TableHead' 6 | // import TableRow from '@material-ui/core/TableRow' 7 | import styled from 'styled-components' 8 | import { RouteComponentProps } from 'react-router' 9 | import { ConsoleLayout } from '@larkin/frontend/components/ConsoleLayout' 10 | import { Title } from '@larkin/frontend/components/Title' 11 | import { getContainers, getMe } from '@larkin/frontend/services/api' 12 | // import { Button } from '@larkin/frontend/components/Button' 13 | import { Terminal } from '@larkin/frontend/components/Terminal' 14 | import { getLink, CONTAINER_PATH } from '@larkin/frontend/Routes' 15 | import { Container } from '@larkin/frontend/entities/Container' 16 | import { User } from '@larkin/frontend/entities/User' 17 | 18 | const Container = styled.div` 19 | max-width: 1024px; 20 | padding: 36px 12px 0; 21 | margin: 24px auto; 22 | ` 23 | 24 | const Comment = styled.p` 25 | color: #5590c9; 26 | margin-top: 18px; 27 | ` 28 | 29 | // const TableContainer = styled.div` 30 | // background: #fff; 31 | // border: solid 1px #eee; 32 | // margin-top: 24px; 33 | // ` 34 | 35 | // const ClickableTableRow: any = styled(TableRow)` 36 | // cursor: pointer; 37 | // ` 38 | 39 | // const UpgradeAlert = styled.span` 40 | // display: inline; 41 | // margin-left: 18px; 42 | // color: #ed7070; 43 | // ` 44 | 45 | interface State { 46 | containers: Container[] 47 | me?: User 48 | launchModalOpen: boolean 49 | } 50 | 51 | export class Images extends React.Component { 52 | state = { 53 | containers: [] as Container[], 54 | me: undefined, 55 | launchModalOpen: false, 56 | } 57 | 58 | async componentDidMount() { 59 | await this.fetch() 60 | } 61 | 62 | fetch = async () => { 63 | const containers = (await getContainers()).data 64 | const me = (await getMe()).data 65 | this.setState({ containers, me }) 66 | } 67 | 68 | onLaunch = async () => { 69 | await this.fetch() 70 | this.setState({ launchModalOpen: false }) 71 | } 72 | 73 | toContainer = (id: string) => { 74 | this.props.history.push(getLink(CONTAINER_PATH, id)) 75 | } 76 | 77 | openLaunchContainerModal = () => this.setState({ launchModalOpen: true }) 78 | closeLaunchContainerModal = () => this.setState({ launchModalOpen: false }) 79 | 80 | get canRunContainer() { 81 | return this.state.containers.length === 0 82 | } 83 | 84 | render() { 85 | const { me } = this.state 86 | 87 | if (!me) { 88 | return 89 | } 90 | 91 | const user: User = me! 92 | 93 | return ( 94 | 95 | 96 | larkin.sh registry 97 |
You can push your Docker image to larkin.sh private registry.
98 | 99 | 100 | # 1. Retrieve the login command to use to authenticate your Docker client to your 101 | registry. Use curl request: 102 | 103 |

104 | $(curl -H "X-TOKEN: {user.api_token}" {process.env.API_URL}/get_docker_login) 105 |

106 | 107 | # 2. Build your Docker image using the following command. You can skip this step if 108 | your image is already built: 109 | 110 |

docker build -t myapp .

111 | 112 | # 3. After the build completes, tag your image so you can push the image to this 113 | repository: 114 | 115 |

docker tag myapp:latest registry.larkin.sh/{user.id}/myapp

116 | 117 | # 4. Run the following command to push this image to your newly created larkin.sh 118 | repository: 119 | 120 |

docker push registry.larkin.sh/{user.id}/myapp:latest

121 | 122 | 123 | 124 | ) 125 | } 126 | } 127 | -------------------------------------------------------------------------------- /packages/frontend/src/pages/Landing/index.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import Grid from '@material-ui/core/Grid' 3 | import { RouteComponentProps } from 'react-router' 4 | import styled from 'styled-components' 5 | import { Header } from '@larkin/frontend/components/Header' 6 | import { Button } from '@larkin/frontend/components/Button' 7 | import { Gradation } from '@larkin/frontend/components/Gradation' 8 | import { TextField } from '@larkin/frontend/components/TextField' 9 | 10 | const Container = styled.div` 11 | min-height: 100vh; 12 | text-align: center; 13 | ` 14 | 15 | const MyGradation = styled(Gradation)` 16 | min-height: 100vh; 17 | ` 18 | 19 | const TitleContainer = styled.div` 20 | margin: auto; 21 | max-width: 560px; 22 | text-align: center; 23 | justify-content: center; 24 | margin-top: 18px; 25 | @media (min-width: 768px) { 26 | margin-top: 100px; 27 | } 28 | ` 29 | 30 | const Title = styled.h1` 31 | color: #333; 32 | font-size: 36px; 33 | ` 34 | 35 | const SubTitle = styled.h1` 36 | color: #666; 37 | font-size: 16px; 38 | ` 39 | 40 | const FormContainer = styled.div` 41 | margin-top: 45px; 42 | ` 43 | 44 | const FormContainerButton = styled.div` 45 | margin-left: 24px; 46 | ` 47 | 48 | const InputContainer = styled.div` 49 | margin-left: 12px; 50 | ` 51 | 52 | const DemoImage = styled.img` 53 | width: 100%; 54 | max-width: 800px; 55 | margin-top: 50px; 56 | box-shadow: 1px 1px 58px -3px rgba(0, 0, 0, 0.4); 57 | ` 58 | 59 | const Footer = styled.div` 60 | border-top: solid 1px #ccc; 61 | padding: 12px; 62 | display: flex; 63 | justify-content: center; 64 | ` 65 | 66 | export class Landing extends React.Component { 67 | state = { 68 | image: '', 69 | } 70 | 71 | submit = () => { 72 | if (!this.state.image) { 73 | return alert('An image name is required. How about "grafana/grafana"?') 74 | } 75 | this.props.history.push(`/try/?image=${this.state.image}`) 76 | } 77 | 78 | render() { 79 | const { image } = this.state 80 | 81 | return ( 82 | <> 83 | 84 |
85 | 86 | A new and better way to run Docker Containers in production 87 | 88 | 89 | 90 | A complete Docker infrastructure for your production applications:
91 | Deploy and run your custom Docker image in 30 seconds. 92 | 93 | 94 | 95 | 96 | 97 |
$ docker run
98 | 99 | 100 | 101 | this.setState({ image: e.target.value })} 105 | /> 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | How it works 119 | 120 | 124 | 125 | 131 | 132 | ) 133 | } 134 | } 135 | -------------------------------------------------------------------------------- /packages/frontend/src/pages/NotFound/index.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import styled from 'styled-components' 3 | import { Header } from '@larkin/frontend/components/Header' 4 | 5 | const Container = styled.div` 6 | font-size: 28px; 7 | text-align: center; 8 | padding-top: 28px; 9 | ` 10 | 11 | export const NotFound = () => ( 12 | <> 13 |
14 | 404 Not Found 15 | 16 | ) 17 | -------------------------------------------------------------------------------- /packages/frontend/src/pages/Try/index.tsx: -------------------------------------------------------------------------------- 1 | import * as React from 'react' 2 | import { RouteComponentProps } from 'react-router' 3 | import styled from 'styled-components' 4 | import { health } from '@larkin/frontend/services/api' 5 | import { Header } from '@larkin/frontend/components/Header' 6 | import { getUrlQuery } from '@larkin/frontend/utils' 7 | 8 | const StatusIndicator = styled.div` 9 | width: 80%; 10 | margin: 24px auto; 11 | max-width: 800px; 12 | background: #f5f5f5; 13 | padding: 12px 18px; 14 | border-radius: 3px; 15 | ` 16 | 17 | const Status = styled.div` 18 | margin-top: 12px; 19 | ` 20 | 21 | const Console = styled.div` 22 | white-space: pre-wrap; 23 | font-family: 'Roboto Mono', monospace; 24 | padding: 12px 18px; 25 | color: #f8f8f8; 26 | width: 80%; 27 | max-width: 800px; 28 | overflow: scroll; 29 | margin: auto; 30 | border-radius: 4px; 31 | background: #333; 32 | min-height: 400px; 33 | margin-top: 45px; 34 | ` 35 | 36 | type Props = RouteComponentProps 37 | 38 | interface State { 39 | output: string[] 40 | appUrl: string 41 | expired: boolean 42 | status: string 43 | } 44 | 45 | export class Try extends React.Component { 46 | state = { 47 | output: [], 48 | appUrl: 'Getting domain...', 49 | status: '', 50 | expired: false, 51 | } 52 | 53 | async componentDidMount() { 54 | try { 55 | await health() 56 | } catch (e) { 57 | alert('Thank you, but rate limit exceeded. Please try again 10 minutes later!') 58 | return 59 | } 60 | 61 | const image = getUrlQuery('image') 62 | if (!image) { 63 | throw new Error('image is not set') 64 | } 65 | console.log(image) 66 | 67 | const ws = new WebSocket(process.env.WS_URL || '') 68 | ws.onmessage = ({ data }) => { 69 | const dockerRunRegex = /http[s]?:\/\/[a-z|\d|.]*?larkin\.(sh|local)(:5588)?/ 70 | const matchUrl = data.match(dockerRunRegex) 71 | if (matchUrl) { 72 | this.setState({ 73 | appUrl: matchUrl[0], 74 | }) 75 | } 76 | const matchStatus = data.match(/(STEP \d.+$)/) 77 | if (matchStatus) { 78 | this.setState({ 79 | status: matchStatus[0], 80 | }) 81 | } 82 | const matchExpired = data.match(/Killing docker container/) 83 | if (matchExpired) { 84 | this.setState({ 85 | expired: true, 86 | status: 'Finished. Thank you for applying demo. please Subscribe larkin.sh!', 87 | }) 88 | } 89 | this.setState({ output: [...this.state.output, data] }) 90 | } 91 | ws.onopen = () => ws.send(image) 92 | } 93 | 94 | render() { 95 | const { output, appUrl, status, expired } = this.state 96 | 97 | return ( 98 | <> 99 |
100 | 101 | 110 | {status} 111 | 112 | 113 | {output.map((output, index) => ( 114 |

{output}

115 | ))} 116 | 117 | 118 | ) 119 | } 120 | } 121 | -------------------------------------------------------------------------------- /packages/frontend/src/services/api.ts: -------------------------------------------------------------------------------- 1 | import axios from 'axios' 2 | 3 | export const API_URL = process.env.API_URL || '' 4 | 5 | export const subscribe = async (email: string) => 6 | await fetch('https://hooks.slack.com/services/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', { 7 | method: 'POST', 8 | body: JSON.stringify({ 9 | channel: 'notifications', 10 | text: `larkin.sh subscriber: ${email}`, 11 | }), 12 | }) 13 | 14 | const client = axios.create({ 15 | baseURL: API_URL, 16 | headers: { 17 | Authorization: `Bearer ${localStorage.getItem('token')}`, 18 | }, 19 | }) 20 | 21 | export const health = () => client.get('/health') 22 | 23 | export const getMe = () => client.get('/auth/me') 24 | 25 | export const loginWithGitHubToken = (token: string) => client.post(`/auth/github?code=${token}`) 26 | 27 | export const loginWithJWTToken = () => client.get('/auth/me') 28 | 29 | export const getContainers = () => client.get('/containers') 30 | 31 | export const launchContainer = (image: string) => client.post('/containers', { image }) 32 | 33 | export const destroyContainer = (id: string) => client.delete(`/containers/${id}`) 34 | 35 | export const updateDomainPublicHost = (id: string, public_host: string, ssl: boolean) => 36 | client.put(`/containers/${id}/public_host`, { public_host, ssl }) 37 | -------------------------------------------------------------------------------- /packages/frontend/src/utils.tsx: -------------------------------------------------------------------------------- 1 | export const getUrlQuery = (key: string) => new URLSearchParams(window.location.search).get(key) 2 | -------------------------------------------------------------------------------- /packages/frontend/tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "extends": "../../tsconfig.json" 3 | } 4 | -------------------------------------------------------------------------------- /packages/frontend/webpack.config.js: -------------------------------------------------------------------------------- 1 | const path = require('path') 2 | const HtmlWebpackPlugin = require('html-webpack-plugin') 3 | const ForkTsCheckerWebpackPlugin = require('fork-ts-checker-webpack-plugin') 4 | const Dotenv = require('dotenv-webpack') 5 | 6 | const isProduction = process.env.NODE_ENV === 'production' 7 | 8 | const webpackConfig = { 9 | entry: './src/index.tsx', 10 | mode: isProduction ? 'production' : 'development', 11 | devtool: isProduction ? '' : 'source-map', 12 | output: { 13 | filename: isProduction ? 'bundle.[hash].js' : 'bundle.js', 14 | path: path.resolve(__dirname, 'build'), 15 | publicPath: '/', 16 | }, 17 | resolve: { 18 | extensions: ['.tsx', '.ts', '.js', '.json', 'mjs'], 19 | alias: { 20 | '@larkin/frontend': path.resolve(__dirname, './src/'), 21 | }, 22 | }, 23 | devServer: { 24 | host: '0.0.0.0', 25 | port: process.env.PORT || 2075, 26 | historyApiFallback: true, 27 | }, 28 | module: { 29 | rules: [ 30 | { 31 | test: /\.tsx?$/, 32 | loader: 'ts-loader', 33 | exclude: /node_modules/, 34 | options: { 35 | // disable type checker - we will use it in fork plugin 36 | transpileOnly: true, 37 | }, 38 | }, 39 | { 40 | test: /\.mjs$/, 41 | include: /node_modules/, 42 | type: 'javascript/auto', 43 | }, 44 | { 45 | test: /\.(png|jpg|gif|svg)$/, 46 | use: [ 47 | { 48 | loader: 'file-loader', 49 | options: { 50 | name: isProduction ? '[name].[hash].[ext]' : '[name].[ext]', 51 | }, 52 | }, 53 | ], 54 | }, 55 | ], 56 | }, 57 | plugins: [ 58 | new HtmlWebpackPlugin({ 59 | inject: 'body', 60 | template: 'index.html', 61 | }), 62 | new ForkTsCheckerWebpackPlugin(), 63 | new Dotenv(), 64 | ], 65 | optimization: { 66 | splitChunks: { 67 | chunks: 'all', 68 | }, 69 | }, 70 | } 71 | 72 | module.exports = webpackConfig 73 | -------------------------------------------------------------------------------- /packages/registry/app.js: -------------------------------------------------------------------------------- 1 | const app = require('express')() 2 | const bodyParser = require('body-parser') 3 | const { exec } = require('child_process') 4 | const winston = require('winston') 5 | const expressWinston = require('express-winston') 6 | 7 | app.use(bodyParser.urlencoded({ extended: true })) 8 | app.use(bodyParser.json()) 9 | 10 | app.use( 11 | expressWinston.logger({ 12 | level: 'info', 13 | format: winston.format.cli(), 14 | transports: [new winston.transports.Console()], 15 | }), 16 | ) 17 | 18 | app.use((req, res, next) => { 19 | console.log(req.body.user) 20 | console.log(req.body.password) 21 | next() 22 | }) 23 | 24 | const register = (user, password) => 25 | new Promise(resolve => { 26 | const ps = exec(`echo ${password} | sudo htpasswd -i -c /etc/nginx/nginx.htpasswd ${user}`) 27 | ps.on('exit', resolve) 28 | }) 29 | 30 | app.post('/register', async (req, res) => { 31 | if (process.env.NODE_ENV !== 'production') { 32 | res.send('ok') 33 | return 34 | } 35 | await register(req.body.user, req.body.password) 36 | res.send('ok') 37 | }) 38 | 39 | app.listen(28642, () => { 40 | console.log('Register server is running at: http://localhost:28642') 41 | }) 42 | -------------------------------------------------------------------------------- /packages/registry/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "@larkin/registry", 3 | "version": "1.0.0", 4 | "main": "index.js", 5 | "license": "MIT", 6 | "scripts": { 7 | "start": "node app.js" 8 | }, 9 | "dependencies": { 10 | "body-parser": "^1.18.3", 11 | "express": "^4.16.4" 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /packages/registry/yarn.lock: -------------------------------------------------------------------------------- 1 | # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. 2 | # yarn lockfile v1 3 | 4 | 5 | accepts@~1.3.5: 6 | version "1.3.5" 7 | resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.5.tgz#eb777df6011723a3b14e8a72c0805c8e86746bd2" 8 | integrity sha1-63d99gEXI6OxTopywIBcjoZ0a9I= 9 | dependencies: 10 | mime-types "~2.1.18" 11 | negotiator "0.6.1" 12 | 13 | array-flatten@1.1.1: 14 | version "1.1.1" 15 | resolved "https://registry.yarnpkg.com/array-flatten/-/array-flatten-1.1.1.tgz#9a5f699051b1e7073328f2a008968b64ea2955d2" 16 | integrity sha1-ml9pkFGx5wczKPKgCJaLZOopVdI= 17 | 18 | body-parser@1.18.3, body-parser@^1.18.3: 19 | version "1.18.3" 20 | resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.18.3.tgz#5b292198ffdd553b3a0f20ded0592b956955c8b4" 21 | integrity sha1-WykhmP/dVTs6DyDe0FkrlWlVyLQ= 22 | dependencies: 23 | bytes "3.0.0" 24 | content-type "~1.0.4" 25 | debug "2.6.9" 26 | depd "~1.1.2" 27 | http-errors "~1.6.3" 28 | iconv-lite "0.4.23" 29 | on-finished "~2.3.0" 30 | qs "6.5.2" 31 | raw-body "2.3.3" 32 | type-is "~1.6.16" 33 | 34 | bytes@3.0.0: 35 | version "3.0.0" 36 | resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.0.0.tgz#d32815404d689699f85a4ea4fa8755dd13a96048" 37 | integrity sha1-0ygVQE1olpn4Wk6k+odV3ROpYEg= 38 | 39 | content-disposition@0.5.2: 40 | version "0.5.2" 41 | resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.2.tgz#0cf68bb9ddf5f2be7961c3a85178cb85dba78cb4" 42 | integrity sha1-DPaLud318r55YcOoUXjLhdunjLQ= 43 | 44 | content-type@~1.0.4: 45 | version "1.0.4" 46 | resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.4.tgz#e138cc75e040c727b1966fe5e5f8c9aee256fe3b" 47 | integrity sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA== 48 | 49 | cookie-signature@1.0.6: 50 | version "1.0.6" 51 | resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c" 52 | integrity sha1-4wOogrNCzD7oylE6eZmXNNqzriw= 53 | 54 | cookie@0.3.1: 55 | version "0.3.1" 56 | resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb" 57 | integrity sha1-5+Ch+e9DtMi6klxcWpboBtFoc7s= 58 | 59 | debug@2.6.9: 60 | version "2.6.9" 61 | resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f" 62 | integrity sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA== 63 | dependencies: 64 | ms "2.0.0" 65 | 66 | depd@~1.1.2: 67 | version "1.1.2" 68 | resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.2.tgz#9bcd52e14c097763e749b274c4346ed2e560b5a9" 69 | integrity sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak= 70 | 71 | destroy@~1.0.4: 72 | version "1.0.4" 73 | resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80" 74 | integrity sha1-l4hXRCxEdJ5CBmE+N5RiBYJqvYA= 75 | 76 | ee-first@1.1.1: 77 | version "1.1.1" 78 | resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" 79 | integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0= 80 | 81 | encodeurl@~1.0.2: 82 | version "1.0.2" 83 | resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59" 84 | integrity sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k= 85 | 86 | escape-html@~1.0.3: 87 | version "1.0.3" 88 | resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" 89 | integrity sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg= 90 | 91 | etag@~1.8.1: 92 | version "1.8.1" 93 | resolved "https://registry.yarnpkg.com/etag/-/etag-1.8.1.tgz#41ae2eeb65efa62268aebfea83ac7d79299b0887" 94 | integrity sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc= 95 | 96 | express@^4.16.4: 97 | version "4.16.4" 98 | resolved "https://registry.yarnpkg.com/express/-/express-4.16.4.tgz#fddef61926109e24c515ea97fd2f1bdbf62df12e" 99 | integrity sha512-j12Uuyb4FMrd/qQAm6uCHAkPtO8FDTRJZBDd5D2KOL2eLaz1yUNdUB/NOIyq0iU4q4cFarsUCrnFDPBcnksuOg== 100 | dependencies: 101 | accepts "~1.3.5" 102 | array-flatten "1.1.1" 103 | body-parser "1.18.3" 104 | content-disposition "0.5.2" 105 | content-type "~1.0.4" 106 | cookie "0.3.1" 107 | cookie-signature "1.0.6" 108 | debug "2.6.9" 109 | depd "~1.1.2" 110 | encodeurl "~1.0.2" 111 | escape-html "~1.0.3" 112 | etag "~1.8.1" 113 | finalhandler "1.1.1" 114 | fresh "0.5.2" 115 | merge-descriptors "1.0.1" 116 | methods "~1.1.2" 117 | on-finished "~2.3.0" 118 | parseurl "~1.3.2" 119 | path-to-regexp "0.1.7" 120 | proxy-addr "~2.0.4" 121 | qs "6.5.2" 122 | range-parser "~1.2.0" 123 | safe-buffer "5.1.2" 124 | send "0.16.2" 125 | serve-static "1.13.2" 126 | setprototypeof "1.1.0" 127 | statuses "~1.4.0" 128 | type-is "~1.6.16" 129 | utils-merge "1.0.1" 130 | vary "~1.1.2" 131 | 132 | finalhandler@1.1.1: 133 | version "1.1.1" 134 | resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.1.1.tgz#eebf4ed840079c83f4249038c9d703008301b105" 135 | integrity sha512-Y1GUDo39ez4aHAw7MysnUD5JzYX+WaIj8I57kO3aEPT1fFRL4sr7mjei97FgnwhAyyzRYmQZaTHb2+9uZ1dPtg== 136 | dependencies: 137 | debug "2.6.9" 138 | encodeurl "~1.0.2" 139 | escape-html "~1.0.3" 140 | on-finished "~2.3.0" 141 | parseurl "~1.3.2" 142 | statuses "~1.4.0" 143 | unpipe "~1.0.0" 144 | 145 | forwarded@~0.1.2: 146 | version "0.1.2" 147 | resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.1.2.tgz#98c23dab1175657b8c0573e8ceccd91b0ff18c84" 148 | integrity sha1-mMI9qxF1ZXuMBXPozszZGw/xjIQ= 149 | 150 | fresh@0.5.2: 151 | version "0.5.2" 152 | resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.5.2.tgz#3d8cadd90d976569fa835ab1f8e4b23a105605a7" 153 | integrity sha1-PYyt2Q2XZWn6g1qx+OSyOhBWBac= 154 | 155 | http-errors@1.6.3, http-errors@~1.6.2, http-errors@~1.6.3: 156 | version "1.6.3" 157 | resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.6.3.tgz#8b55680bb4be283a0b5bf4ea2e38580be1d9320d" 158 | integrity sha1-i1VoC7S+KDoLW/TqLjhYC+HZMg0= 159 | dependencies: 160 | depd "~1.1.2" 161 | inherits "2.0.3" 162 | setprototypeof "1.1.0" 163 | statuses ">= 1.4.0 < 2" 164 | 165 | iconv-lite@0.4.23: 166 | version "0.4.23" 167 | resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.23.tgz#297871f63be507adcfbfca715d0cd0eed84e9a63" 168 | integrity sha512-neyTUVFtahjf0mB3dZT77u+8O0QB89jFdnBkd5P1JgYPbPaia3gXXOVL2fq8VyU2gMMD7SaN7QukTB/pmXYvDA== 169 | dependencies: 170 | safer-buffer ">= 2.1.2 < 3" 171 | 172 | inherits@2.0.3: 173 | version "2.0.3" 174 | resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" 175 | integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4= 176 | 177 | ipaddr.js@1.8.0: 178 | version "1.8.0" 179 | resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.8.0.tgz#eaa33d6ddd7ace8f7f6fe0c9ca0440e706738b1e" 180 | integrity sha1-6qM9bd16zo9/b+DJygRA5wZzix4= 181 | 182 | media-typer@0.3.0: 183 | version "0.3.0" 184 | resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748" 185 | integrity sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g= 186 | 187 | merge-descriptors@1.0.1: 188 | version "1.0.1" 189 | resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61" 190 | integrity sha1-sAqqVW3YtEVoFQ7J0blT8/kMu2E= 191 | 192 | methods@~1.1.2: 193 | version "1.1.2" 194 | resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee" 195 | integrity sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4= 196 | 197 | mime-db@~1.37.0: 198 | version "1.37.0" 199 | resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.37.0.tgz#0b6a0ce6fdbe9576e25f1f2d2fde8830dc0ad0d8" 200 | integrity sha512-R3C4db6bgQhlIhPU48fUtdVmKnflq+hRdad7IyKhtFj06VPNVdk2RhiYL3UjQIlso8L+YxAtFkobT0VK+S/ybg== 201 | 202 | mime-types@~2.1.18: 203 | version "2.1.21" 204 | resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.21.tgz#28995aa1ecb770742fe6ae7e58f9181c744b3f96" 205 | integrity sha512-3iL6DbwpyLzjR3xHSFNFeb9Nz/M8WDkX33t1GFQnFOllWk8pOrh/LSrB5OXlnlW5P9LH73X6loW/eogc+F5lJg== 206 | dependencies: 207 | mime-db "~1.37.0" 208 | 209 | mime@1.4.1: 210 | version "1.4.1" 211 | resolved "https://registry.yarnpkg.com/mime/-/mime-1.4.1.tgz#121f9ebc49e3766f311a76e1fa1c8003c4b03aa6" 212 | integrity sha512-KI1+qOZu5DcW6wayYHSzR/tXKCDC5Om4s1z2QJjDULzLcmf3DvzS7oluY4HCTrc+9FiKmWUgeNLg7W3uIQvxtQ== 213 | 214 | ms@2.0.0: 215 | version "2.0.0" 216 | resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" 217 | integrity sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g= 218 | 219 | negotiator@0.6.1: 220 | version "0.6.1" 221 | resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.1.tgz#2b327184e8992101177b28563fb5e7102acd0ca9" 222 | integrity sha1-KzJxhOiZIQEXeyhWP7XnECrNDKk= 223 | 224 | on-finished@~2.3.0: 225 | version "2.3.0" 226 | resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.3.0.tgz#20f1336481b083cd75337992a16971aa2d906947" 227 | integrity sha1-IPEzZIGwg811M3mSoWlxqi2QaUc= 228 | dependencies: 229 | ee-first "1.1.1" 230 | 231 | parseurl@~1.3.2: 232 | version "1.3.2" 233 | resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.2.tgz#fc289d4ed8993119460c156253262cdc8de65bf3" 234 | integrity sha1-/CidTtiZMRlGDBViUyYs3I3mW/M= 235 | 236 | path-to-regexp@0.1.7: 237 | version "0.1.7" 238 | resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c" 239 | integrity sha1-32BBeABfUi8V60SQ5yR6G/qmf4w= 240 | 241 | proxy-addr@~2.0.4: 242 | version "2.0.4" 243 | resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-2.0.4.tgz#ecfc733bf22ff8c6f407fa275327b9ab67e48b93" 244 | integrity sha512-5erio2h9jp5CHGwcybmxmVqHmnCBZeewlfJ0pex+UW7Qny7OOZXTtH56TGNyBizkgiOwhJtMKrVzDTeKcySZwA== 245 | dependencies: 246 | forwarded "~0.1.2" 247 | ipaddr.js "1.8.0" 248 | 249 | qs@6.5.2: 250 | version "6.5.2" 251 | resolved "https://registry.yarnpkg.com/qs/-/qs-6.5.2.tgz#cb3ae806e8740444584ef154ce8ee98d403f3e36" 252 | integrity sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA== 253 | 254 | range-parser@~1.2.0: 255 | version "1.2.0" 256 | resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.0.tgz#f49be6b487894ddc40dcc94a322f611092e00d5e" 257 | integrity sha1-9JvmtIeJTdxA3MlKMi9hEJLgDV4= 258 | 259 | raw-body@2.3.3: 260 | version "2.3.3" 261 | resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.3.3.tgz#1b324ece6b5706e153855bc1148c65bb7f6ea0c3" 262 | integrity sha512-9esiElv1BrZoI3rCDuOuKCBRbuApGGaDPQfjSflGxdy4oyzqghxu6klEkkVIvBje+FF0BX9coEv8KqW6X/7njw== 263 | dependencies: 264 | bytes "3.0.0" 265 | http-errors "1.6.3" 266 | iconv-lite "0.4.23" 267 | unpipe "1.0.0" 268 | 269 | safe-buffer@5.1.2: 270 | version "5.1.2" 271 | resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d" 272 | integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g== 273 | 274 | "safer-buffer@>= 2.1.2 < 3": 275 | version "2.1.2" 276 | resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a" 277 | integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg== 278 | 279 | send@0.16.2: 280 | version "0.16.2" 281 | resolved "https://registry.yarnpkg.com/send/-/send-0.16.2.tgz#6ecca1e0f8c156d141597559848df64730a6bbc1" 282 | integrity sha512-E64YFPUssFHEFBvpbbjr44NCLtI1AohxQ8ZSiJjQLskAdKuriYEP6VyGEsRDH8ScozGpkaX1BGvhanqCwkcEZw== 283 | dependencies: 284 | debug "2.6.9" 285 | depd "~1.1.2" 286 | destroy "~1.0.4" 287 | encodeurl "~1.0.2" 288 | escape-html "~1.0.3" 289 | etag "~1.8.1" 290 | fresh "0.5.2" 291 | http-errors "~1.6.2" 292 | mime "1.4.1" 293 | ms "2.0.0" 294 | on-finished "~2.3.0" 295 | range-parser "~1.2.0" 296 | statuses "~1.4.0" 297 | 298 | serve-static@1.13.2: 299 | version "1.13.2" 300 | resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.13.2.tgz#095e8472fd5b46237db50ce486a43f4b86c6cec1" 301 | integrity sha512-p/tdJrO4U387R9oMjb1oj7qSMaMfmOyd4j9hOFoxZe2baQszgHcSWjuya/CiT5kgZZKRudHNOA0pYXOl8rQ5nw== 302 | dependencies: 303 | encodeurl "~1.0.2" 304 | escape-html "~1.0.3" 305 | parseurl "~1.3.2" 306 | send "0.16.2" 307 | 308 | setprototypeof@1.1.0: 309 | version "1.1.0" 310 | resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.1.0.tgz#d0bd85536887b6fe7c0d818cb962d9d91c54e656" 311 | integrity sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ== 312 | 313 | "statuses@>= 1.4.0 < 2": 314 | version "1.5.0" 315 | resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.5.0.tgz#161c7dac177659fd9811f43771fa99381478628c" 316 | integrity sha1-Fhx9rBd2Wf2YEfQ3cfqZOBR4Yow= 317 | 318 | statuses@~1.4.0: 319 | version "1.4.0" 320 | resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.4.0.tgz#bb73d446da2796106efcc1b601a253d6c46bd087" 321 | integrity sha512-zhSCtt8v2NDrRlPQpCNtw/heZLtfUDqxBM1udqikb/Hbk52LK4nQSwr10u77iopCW5LsyHpuXS0GnEc48mLeew== 322 | 323 | type-is@~1.6.16: 324 | version "1.6.16" 325 | resolved "https://registry.yarnpkg.com/type-is/-/type-is-1.6.16.tgz#f89ce341541c672b25ee7ae3c73dee3b2be50194" 326 | integrity sha512-HRkVv/5qY2G6I8iab9cI7v1bOIdhm94dVjQCPFElW9W+3GeDOSHmy2EBYe4VTApuzolPcmgFTN3ftVJRKR2J9Q== 327 | dependencies: 328 | media-typer "0.3.0" 329 | mime-types "~2.1.18" 330 | 331 | unpipe@1.0.0, unpipe@~1.0.0: 332 | version "1.0.0" 333 | resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" 334 | integrity sha1-sr9O6FFKrmFltIF4KdIbLvSZBOw= 335 | 336 | utils-merge@1.0.1: 337 | version "1.0.1" 338 | resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713" 339 | integrity sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM= 340 | 341 | vary@~1.1.2: 342 | version "1.1.2" 343 | resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.2.tgz#2299f02c6ded30d4a5961b0b9f74524a18f634fc" 344 | integrity sha1-IpnwLG3tMNSllhsLn3RSShj2NPw= 345 | -------------------------------------------------------------------------------- /prettier.config.js: -------------------------------------------------------------------------------- 1 | module.exports = { 2 | printWidth: 100, 3 | tabWidth: 2, 4 | singleQuote: true, 5 | trailingComma: 'all', 6 | semi: false, 7 | } 8 | -------------------------------------------------------------------------------- /private/.env.production.encrypted: -------------------------------------------------------------------------------- 1 | U2FsdGVkX18iuH4wl5Re9xRWGcFNeVi+pz9rkzc7DdfdcSGp6XgKJ21F4ZhpgNOX 2 | u+WzFMsylOtXqqsFQS2iAX4AuO6b8nJf1wEMxYUhACtxUyH6Itw7HoW/E5tDRzPe 3 | soBOZIWx+7sAT8vh5L8FT4VGSQsMjsLh0qNaw3jLq2qfwhqUV/ot3Ro9weGBWSAq 4 | cAFeqHGunGwvMRZw85CXEvvhm+vYKjMBoDjANk5COVRrOpqHsQ/MryQi1Lit59Wp 5 | kmwF4rmrp3IOb/B9Mj18mbFozNy4V7eRYxcsH39C1n1k4CxKkaHLg3Z2QMSHvvf0 6 | xsJy1OIElarSJixwIh+K8mQlni/01JW8B7p5rRomxlir5Zj+f6axVXmsZuaXUAJZ 7 | ePHLW5SZRC6YNBY/fzupeBsMdarMw5k4f0XAHD0kbuV12nwV7VZ1Yw2+u2Ey5zUp 8 | iERdlCJNDxh/9UtLtxltjcIwndGh6ADmWSUZGPRXwgoXAB4UTf0sMxCO8KcTyt9V 9 | SNtosYkhx1Gv19QUKzi+9E9vK0s3+tHX9BqwnzTdmhw95Xq+0seC1yfawp1PkmOG 10 | FqM3ml6AddWU7+OePynnGd/Aw3PTktEggTpvqsUbPKck3esZG75OGNNBLI0mIWCK 11 | GwJ8ADvlnQyu/d0eWw0gQL0sZKlhizJyUlF4qmpLsxcncN5MOv/CagJiDWYHE+vb 12 | E7e2VWQPfACNyYhkzJWmNkdWHylv8uWNAeqi8XMiJOfSI1Mma4Ag+tPXKKqaZNG/ 13 | B1cj/S2NfFnac5TVBtRQKCFERdynZ/z9xw0in7V/6oy+ZxzGPiTfRRbmLVk1e695 14 | LNz1F2roy1CVy7pSlLMGa1xmnRlJjYgruJc1l19jUSYu0MT5+mCE5D3N54rLVVVi 15 | jPtgmQl2Hk427ixEHRo9EyCBApqHTao4KKv9gGGttsiA9fOuQW+x17ez7WYBdPCo 16 | BADwbaPGjiuqSzdO2hH3vLSWgA1OyG2TvMXOx3UjJ9b89/rhcr6nipCFLTlW5JyG 17 | M+ODL4q5lEZNIwbhM1b7QM29cfV1JV1yvXxJZTX24FiizxjsjWGBVCyNWXGMjUpW 18 | Xz8KexbyWxpEaP2Fk1Qdl1GJmKskZD7uz3FwBpLw4JcLtqtUx4DPJWlGQ7i39eRl 19 | -------------------------------------------------------------------------------- /private/hosts.ini.encrypted: -------------------------------------------------------------------------------- 1 | U2FsdGVkX1/0BKR1UQ4ozs3sgV5I8KleXcDLgqPpRR8SyUByQOC5eJtxBqpuaxBo 2 | RndsbPSBkUUQnaxHJbcC7nHDCSZrUTxSCoH6NdCNpaq3335J7GHVjLWac6jx9A7o 3 | FvMfYBqKOJn7itNT6FLE7bwo161xmSf4D3r38Pz5BoASGQF/l0fy/V0dPTu+a/bt 4 | dzRljoCW3j7jUJjtz4XfgI2MBhcxH1AXwMxwVRpsWHlryoiyDXKD0K6TchDEraqn 5 | Y6HfSbnl2OtNPXk3qr1P/8J+qkKUqeOOFk3xcafKfdkyBRuM22ZlsenMBQFyrUje 6 | PViAKLbsdIr532iNiN1pdDKvEJm9gFg7gBiZKezSV85GGhNC9JCaTO/TeiWBZ58T 7 | iUgu1XmJfKOCr3ToMbuwgTCPe3///iUCORZntmdPccyvaAw5CiF2k7Ija0rABsJx 8 | LiWJk4ad/d21bmTvT3C6cOCeI8HYru6MX8rpCC/YRR2GSeEJuv1z2N60EtkS72i0 9 | TVg1+e1N2WCDmglQzfHrGg== 10 | -------------------------------------------------------------------------------- /provision/roles/app/files/docker-daemon.json: -------------------------------------------------------------------------------- 1 | { 2 | "insecure-registries" : ["<%= process.env.REGISTY_LOCAL_IP %>"] 3 | } 4 | -------------------------------------------------------------------------------- /provision/roles/app/files/larkin-api.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=larkin 3 | After=network.target remote-fs.target 4 | 5 | [Service] 6 | WorkingDirectory=/opt/larkin/current 7 | ExecStart=/usr/local/bin/npm run start:api 8 | ExecStop=/bin/true 9 | Restart=always 10 | Type=simple 11 | User=ec2-user 12 | Group=ec2-user 13 | StartLimitBurst=50 14 | 15 | [Install] 16 | WantedBy=multi-user.target 17 | -------------------------------------------------------------------------------- /provision/roles/app/tasks/deploy.yml: -------------------------------------------------------------------------------- 1 | - name: restart 2 | become: true 3 | systemd: 4 | name: larkin-api 5 | state: restarted 6 | enabled: True 7 | -------------------------------------------------------------------------------- /provision/roles/app/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - include: setup.yml 2 | tags: setup 3 | - include: deploy.yml 4 | tags: deploy 5 | -------------------------------------------------------------------------------- /provision/roles/app/tasks/setup.yml: -------------------------------------------------------------------------------- 1 | - name: download epel 2 | become: True 3 | get_url: 4 | url: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm 5 | dest: /tmp/epel.rpm 6 | mode: 0666 7 | - name: install epel 8 | become: True 9 | shell: yum -y install /tmp/epel.rpm; true 10 | - name: yum 11 | become: True 12 | yum: 13 | enablerepo: epel 14 | name: "{{ item }}" 15 | state: present 16 | update_cache: True 17 | with_items: 18 | - docker 19 | - nginx 20 | - python2-certbot-nginx 21 | - httpd-tools 22 | 23 | - name: insecure repo 24 | become: True 25 | copy: 26 | src: docker-daemon.json 27 | dest: /etc/docker/daemon.json 28 | mode: 0755 29 | - name: add to service 30 | become: True 31 | copy: 32 | src: larkin-api.service 33 | dest: /etc/systemd/system/larkin-api.service 34 | mode: 0755 35 | -------------------------------------------------------------------------------- /provision/roles/db/files/pg_hba.conf: -------------------------------------------------------------------------------- 1 | # TYPE DATABASE USER ADDRESS METHOD 2 | # "local" is for Unix domain socket connections only 3 | local all all trust 4 | 5 | # IPv4 local connections: 6 | host all all 127.0.0.1/32 trust 7 | host all all 172.31.72.176/32 trust 8 | 9 | # IPv6 local connections: 10 | host all all ::1/128 trust 11 | 12 | # Allow replication connections from localhost, by a user with the 13 | # replication privilege. 14 | local replication all trust 15 | host replication all 127.0.0.1/32 trust 16 | host replication all ::1/128 trust 17 | -------------------------------------------------------------------------------- /provision/roles/db/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - include: setup.yml 2 | tags: setup 3 | -------------------------------------------------------------------------------- /provision/roles/db/tasks/setup.yml: -------------------------------------------------------------------------------- 1 | - name: Enable postgres for amazon linux 2 2 | command: "amazon-linux-extras enable postgresql10" 3 | become: True 4 | - name: yum 5 | become: True 6 | yum: 7 | name: "{{ item }}" 8 | state: present 9 | with_items: 10 | - python2-pip 11 | - postgresql 12 | - postgresql-server 13 | - postgresql-devel 14 | - postgresql-contrib 15 | - postgresql-docs 16 | - name: setup postgresql 17 | become: True 18 | shell: /usr/bin/postgresql-setup --initdb; true 19 | - name: open to the world 20 | become: True 21 | lineinfile: 22 | path: pg_hba.conf 23 | line: "listen_addresses = '*'" 24 | state: present 25 | - name: open to the world 26 | become: True 27 | copy: 28 | src: pg_hba.conf 29 | dest: /var/lib/pgsql/data/pg_hba.conf 30 | owner: postgres 31 | - name: load postgresql 32 | become: True 33 | systemd: 34 | name: postgresql 35 | state: reloaded 36 | enabled: True 37 | - name: enable postgresql 38 | become: True 39 | systemd: 40 | name: postgresql 41 | state: started 42 | enabled: True 43 | - name: install required pip module 44 | become: True 45 | pip: 46 | name: "{{ item }}" 47 | with_items: 48 | - psycopg2 49 | - psycopg2-binary 50 | - name: create postgresql db 51 | postgresql_db: 52 | name: larkin_production 53 | encoding: UTF-8 54 | lc_collate: en_US.UTF-8 55 | lc_ctype: en_US.UTF-8 56 | - name: create postgres user 57 | become: True 58 | become_user: postgres 59 | postgresql_user: 60 | db: larkin_production 61 | name: larkin_admin 62 | password: "{{ lookup('env','PG_PASSWORD') }}" 63 | priv: "CONNECT/ALL" 64 | expires: infinity 65 | encrypted: yes 66 | -------------------------------------------------------------------------------- /provision/roles/nodejs/tasks/deploy.yml: -------------------------------------------------------------------------------- 1 | - name: remove old repository 2 | shell: "[ $(ls -d /opt/larkin/releases/* | wc -l) -gt 3 ] && ls -d /opt/larkin/releases/* | head -1 | xargs rm -rf; true" 3 | - name: get source code 4 | git: 5 | repo: https://github.com/getlarkin/larkin.git 6 | dest: /opt/larkin/releases/{{ ansible_date_time.iso8601_basic }} 7 | depth: 1 8 | accept_hostkey: True 9 | - name: copy env file 10 | copy: 11 | src: .env 12 | dest: /opt/larkin/releases/{{ ansible_date_time.iso8601_basic }}/{{ item }} 13 | with_items: 14 | - .env 15 | - packages/api/.env 16 | - name: commands 17 | command: "{{ item }}" 18 | args: 19 | chdir: /opt/larkin/releases/{{ ansible_date_time.iso8601_basic }} 20 | with_items: 21 | - yarn install 22 | - yarn db:migrate 23 | # - yarn db:seed 24 | - name: link 25 | file: 26 | src: /opt/larkin/releases/{{ ansible_date_time.iso8601_basic }} 27 | dest: /opt/larkin/current 28 | state: link 29 | -------------------------------------------------------------------------------- /provision/roles/nodejs/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - include: setup.yml 2 | tags: setup 3 | - include: deploy.yml 4 | tags: deploy 5 | -------------------------------------------------------------------------------- /provision/roles/nodejs/tasks/setup.yml: -------------------------------------------------------------------------------- 1 | - name: yum 2 | become: True 3 | yum: 4 | name: "{{ item }}" 5 | state: present 6 | with_items: 7 | - git 8 | - docker 9 | - name: download nodejs 10 | become: True 11 | get_url: 12 | url: https://nodejs.org/dist/v10.15.0/node-v10.15.0-linux-x64.tar.xz 13 | dest: /tmp/node.tar.xz 14 | mode: 0666 15 | - name: file 16 | become: True 17 | file: 18 | path: /var/lib/node 19 | state: directory 20 | - name: Extract node into /var/lib/node 21 | become: True 22 | unarchive: 23 | src: /tmp/node.tar.xz 24 | dest: /var/lib/node 25 | remote_src: yes 26 | - name: link 27 | become: True 28 | file: 29 | src: /var/lib/node/node-v10.15.0-linux-x64/bin/{{ item }} 30 | dest: /usr/local/bin/{{ item }} 31 | state: link 32 | with_items: 33 | - node 34 | - npm 35 | - name: Install "yarn" node.js package globally. 36 | become: True 37 | npm: 38 | name: yarn 39 | global: yes 40 | environment: 41 | PATH: $PATH:/usr/local/bin 42 | - name: link 43 | become: True 44 | file: 45 | src: /var/lib/node/node-v10.15.0-linux-x64/bin/{{ item }} 46 | dest: /usr/local/bin/{{ item }} 47 | state: link 48 | with_items: 49 | - yarn 50 | - name: add user to docker group 51 | become: True 52 | user: 53 | name: ec2-user 54 | shell: /bin/bash 55 | groups: adm,wheel,systemd-journal,docker 56 | append: yes 57 | - name: enable docker 58 | become: True 59 | systemd: 60 | name: docker 61 | state: started 62 | enabled: True 63 | - name: add nginx conf dir 64 | become: True 65 | file: 66 | path: /opt/larkin 67 | state: directory 68 | owner: ec2-user 69 | -------------------------------------------------------------------------------- /provision/roles/registry/files/larkin-registry.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=LarkinRegistry 3 | After=network.target remote-fs.target 4 | 5 | [Service] 6 | WorkingDirectory=/opt/larkin/current 7 | ExecStart=/usr/local/bin/npm run start:registry 8 | ExecStop=/bin/true 9 | Restart=always 10 | Type=simple 11 | User=ec2-user 12 | Group=ec2-user 13 | StartLimitBurst=50 14 | 15 | [Install] 16 | WantedBy=multi-user.target 17 | -------------------------------------------------------------------------------- /provision/roles/registry/files/nginx.conf: -------------------------------------------------------------------------------- 1 | # For more information on configuration, see: 2 | # * Official English Documentation: http://nginx.org/en/docs/ 3 | # * Official Russian Documentation: http://nginx.org/ru/docs/ 4 | 5 | user nginx; 6 | worker_processes auto; 7 | error_log /var/log/nginx/error.log; 8 | pid /run/nginx.pid; 9 | 10 | include /usr/share/nginx/modules/*.conf; 11 | 12 | events { 13 | worker_connections 1024; 14 | } 15 | 16 | http { 17 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 18 | '$status $body_bytes_sent "$http_referer" ' 19 | '"$http_user_agent" "$http_x_forwarded_for"'; 20 | access_log /var/log/nginx/access.log main; 21 | 22 | upstream docker-registry { 23 | server localhost:5000; 24 | } 25 | 26 | map $upstream_http_docker_distribution_api_version $docker_distribution_api_version { 27 | '' 'registry/2.0'; 28 | } 29 | 30 | server { 31 | listen 443 ssl; 32 | server_name registry.docker-run.com; 33 | 34 | # SSL 35 | ssl_certificate /etc/letsencrypt/live/registry.larkin.sh/fullchain.pem; 36 | ssl_certificate_key /etc/letsencrypt/live/registry.larkin.sh/privkey.pem; 37 | 38 | # Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html 39 | ssl_protocols TLSv1.1 TLSv1.2; 40 | ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; 41 | ssl_prefer_server_ciphers on; 42 | ssl_session_cache shared:SSL:10m; 43 | 44 | # disable any limits to avoid HTTP 413 for large image uploads 45 | client_max_body_size 0; 46 | 47 | # required to avoid HTTP 411: see Issue #1486 (https://github.com/moby/moby/issues/1486) 48 | chunked_transfer_encoding on; 49 | 50 | location /v2/ { 51 | # Do not allow connections from docker 1.5 and earlier 52 | # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents 53 | if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) { 54 | return 404; 55 | } 56 | 57 | # To add basic authentication to v2 use auth_basic setting. 58 | auth_basic "Welcome to registry.larkin.sh"; 59 | auth_basic_user_file /etc/nginx/nginx.htpasswd; 60 | 61 | ## If $docker_distribution_api_version is empty, the header is not added. 62 | ## See the map directive above where this variable is defined. 63 | add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always; 64 | 65 | proxy_pass http://docker-registry; 66 | proxy_set_header Host $http_host; # required for docker client's sake 67 | proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP 68 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 69 | proxy_set_header X-Forwarded-Proto $scheme; 70 | proxy_read_timeout 900; 71 | } 72 | } 73 | } 74 | -------------------------------------------------------------------------------- /provision/roles/registry/tasks/deploy.yml: -------------------------------------------------------------------------------- 1 | - name: restart 2 | become: true 3 | systemd: 4 | name: larkin-registry 5 | state: restarted 6 | enabled: True 7 | -------------------------------------------------------------------------------- /provision/roles/registry/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - include: setup.yml 2 | tags: setup 3 | - include: deploy.yml 4 | tags: deploy 5 | -------------------------------------------------------------------------------- /provision/roles/registry/tasks/setup.yml: -------------------------------------------------------------------------------- 1 | - name: download epel 2 | become: True 3 | get_url: 4 | url: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm 5 | dest: /tmp/epel.rpm 6 | mode: 0666 7 | - name: install epel 8 | become: True 9 | shell: yum -y install /tmp/epel.rpm; true 10 | - name: Enable nginx for amazon linux 2 11 | command: "amazon-linux-extras enable nginx1.12" 12 | become: True 13 | - name: yum 14 | become: True 15 | yum: 16 | enablerepo: epel 17 | name: "{{ item }}" 18 | state: present 19 | update_cache: True 20 | with_items: 21 | - docker 22 | - nginx 23 | - python2-certbot-nginx 24 | - httpd-tools 25 | 26 | # docker 27 | - name: enable docker 28 | become: True 29 | user: 30 | name: ec2-user 31 | shell: /bin/bash 32 | groups: adm,wheel,systemd-journal,docker 33 | append: yes 34 | - name: make docker registry file 35 | file: 36 | path: /home/ec2-user/registry 37 | state: directory 38 | - name: run docker registry service 39 | shell: docker run -d -p 5000:5000 --restart=always --name registry -v /home/ec2-user/registry:/var/lib/registry registry:2; true 40 | - name: enable docker 41 | become: True 42 | systemd: 43 | name: docker 44 | state: restarted 45 | enabled: True 46 | 47 | # nginx 48 | - name: get ssl cert 49 | become: True 50 | command: certbot certonly --standalone -d registry.larkin.sh --email ketsume0211@gmail.com --agree-tos --keep-until-expiring --non-interactive 51 | - name: copy nginx conf 52 | become: True 53 | copy: 54 | src: nginx.conf 55 | dest: /etc/nginx/nginx.conf 56 | mode: 0755 57 | - name: enable nginx 58 | become: True 59 | systemd: 60 | name: nginx 61 | state: restarted 62 | enabled: True 63 | 64 | # Nodejs service 65 | - name: add to service 66 | become: True 67 | copy: 68 | src: larkin-registry.service 69 | dest: /etc/systemd/system/larkin-registry.service 70 | mode: 0755 71 | -------------------------------------------------------------------------------- /provision/roles/web/files/nginx.conf: -------------------------------------------------------------------------------- 1 | # For more information on configuration, see: 2 | # * Official English Documentation: http://nginx.org/en/docs/ 3 | # * Official Russian Documentation: http://nginx.org/ru/docs/ 4 | 5 | user nginx; 6 | worker_processes auto; 7 | error_log /var/log/nginx/error.log; 8 | pid /run/nginx.pid; 9 | 10 | include /usr/share/nginx/modules/*.conf; 11 | 12 | events { 13 | worker_connections 1024; 14 | } 15 | 16 | http { 17 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 18 | '$status $body_bytes_sent "$http_referer" ' 19 | '"$http_user_agent" "$http_x_forwarded_for"'; 20 | access_log /var/log/nginx/access.log main; 21 | 22 | tcp_nopush on; 23 | tcp_nodelay on; 24 | keepalive_timeout 65; 25 | types_hash_max_size 2048; 26 | 27 | include /etc/nginx/mime.types; 28 | default_type application/octet-stream; 29 | 30 | include /opt/larkin/nginx-conf.d/*.conf; 31 | 32 | server { 33 | listen 8080; 34 | server_name api.larkin.sh; 35 | 36 | location / { 37 | proxy_pass http://localhost:5588; 38 | proxy_http_version 1.1; 39 | proxy_set_header Upgrade $http_upgrade; 40 | proxy_set_header Connection 'upgrade'; 41 | proxy_set_header Host $host; 42 | proxy_cache_bypass $http_upgrade; 43 | } 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /provision/roles/web/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - include: setup.yml 2 | tags: setup 3 | -------------------------------------------------------------------------------- /provision/roles/web/tasks/setup.yml: -------------------------------------------------------------------------------- 1 | - name: Enable nginx for amazon linux 2 2 | command: "amazon-linux-extras enable nginx1.12" 3 | become: True 4 | - name: yum 5 | become: True 6 | yum: 7 | name: nginx 8 | state: present 9 | - name: copy nginx conf 10 | become: True 11 | copy: 12 | src: nginx.conf 13 | dest: /etc/nginx/nginx.conf 14 | mode: 0755 15 | - name: add nginx conf dir 16 | become: True 17 | file: 18 | path: /opt/larkin/nginx-conf.d 19 | state: directory 20 | owner: ec2-user 21 | - name: enable nginx 22 | become: True 23 | systemd: 24 | name: nginx 25 | state: restarted 26 | enabled: True 27 | -------------------------------------------------------------------------------- /provision/site.yml: -------------------------------------------------------------------------------- 1 | - hosts: dbservers 2 | roles: 3 | - db 4 | - hosts: webservers 5 | roles: 6 | - web 7 | - hosts: appservers 8 | roles: 9 | - nodejs 10 | - app 11 | - hosts: registryservers 12 | roles: 13 | - nodejs 14 | - registry 15 | -------------------------------------------------------------------------------- /scripts/setup-ansible.js: -------------------------------------------------------------------------------- 1 | require('dotenv').config() 2 | 3 | const fs = require('fs') 4 | const ejs = require('ejs') 5 | const { spawn } = require('child_process') 6 | 7 | async function clear() { 8 | return new Promise(resolve => { 9 | const ps = spawn('rm', ['-rf', 'provision_real']) 10 | ps.on('exit', resolve) 11 | }) 12 | } 13 | 14 | async function copy() { 15 | return new Promise(resolve => { 16 | const ps = spawn('cp', ['-r', 'provision', 'provision_real']) 17 | ps.on('exit', resolve) 18 | }) 19 | } 20 | 21 | async function copyEnv() { 22 | return new Promise(resolve => { 23 | const ps = spawn('cp', ['.env', 'provision_real/.env']) 24 | ps.on('exit', resolve) 25 | }) 26 | } 27 | 28 | async function convert(file) { 29 | return new Promise((resolve, reject) => { 30 | ejs.renderFile(file, (err, data) => { 31 | if (err) { 32 | reject(err) 33 | } 34 | fs.writeFile(file, data, 'utf8', err => { 35 | if (err) { 36 | reject(err) 37 | } 38 | resolve(data) 39 | }) 40 | }) 41 | }) 42 | } 43 | 44 | const paths = [ 45 | './provision_real/roles/app/files/docker-daemon.json', 46 | './provision_real/roles/db/files/pg_hba.conf', 47 | './provision/roles/web/files/nginx.conf', 48 | ] 49 | 50 | async function main() { 51 | await clear() 52 | await copy() 53 | await copyEnv() 54 | await Promise.all(paths.map(convert)) 55 | } 56 | 57 | main() 58 | -------------------------------------------------------------------------------- /tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | /* Basic Options */ 4 | "target": "es2015", 5 | "module": "commonjs", 6 | "declaration": true, 7 | "sourceMap": true, 8 | "removeComments": true, 9 | "noLib": false, 10 | "skipLibCheck": true, 11 | "jsx": "react", 12 | "types": ["node", "jest"], 13 | "lib": ["dom", "es2015", "es2016", "es2017", "esnext.asynciterable"], 14 | "keyofStringsOnly": true, 15 | 16 | /* Strict Type-Checking Options */ 17 | "strict": true, 18 | "noImplicitAny": true, 19 | "strictNullChecks": true, 20 | "strictFunctionTypes": true, 21 | "strictPropertyInitialization": true, 22 | "noImplicitThis": true, 23 | // "alwaysStrict": true, 24 | 25 | /* Additional Checks */ 26 | "noUnusedLocals": true, 27 | "noUnusedParameters": true, 28 | "noImplicitReturns": true, 29 | "noFallthroughCasesInSwitch": true, 30 | 31 | /* Experimental Options */ 32 | "experimentalDecorators": true, 33 | "emitDecoratorMetadata": true, 34 | 35 | /* Module Resolution Options */ 36 | "baseUrl": "./", 37 | "outDir": "dist", 38 | "paths": { 39 | "@larkin/root/*": ["./*"], 40 | "@larkin/api/*": ["./packages/api/src/*"], 41 | "@larkin/frontend/*": ["./packages/frontend/src/*"] 42 | } 43 | } 44 | } 45 | --------------------------------------------------------------------------------