gitlab-ci.yml
cache:
key: "$CI_COMMIT_REF_NAME node:14.4.0-alpine"
paths:
- node_modules/
stages:
- release
- deploy
variables:
TAGGED_IMAGE: "$CI_REGISTRY_IMAGE:latest"
.release:
stage: release
image: docker:19.03.12
services:
- docker:dind
variables:
DOCKER_DRIVER: overlay2
DOCKER_BUILDKIT: 1
before_script:
- docker version
- docker info
- echo "$CI_JOB_TOKEN" | docker login --username $CI_REGISTRY_USER --password-stdin $CI_REGISTRY
script:
- printf "REACT_APP_XXX_BACKEND_URI=$REACT_APP_XXX_BACKEND_URI" > .env
- docker build --pull --target $CI_COMMIT_REF_NAME --tag $TAGGED_IMAGE --cache-from $TAGGED_IMAGE .
- docker push $TAGGED_IMAGE
after_script:
- docker logout $CI_REGISTRY
.deploy:
stage: deploy
image: gitlab/dind:latest
services:
- docker:dind
variables:
DOCKER_COMPOSE_PATH: "~/docker-composes/$CI_PROJECT_PATH/docker-compose.yml"
before_script:
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s)
- echo "$DEPLOY_SERVER_PRIVATE_KEY" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- ssh-keyscan $DEPLOYMENT_SERVER_IP >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
script:
- rsync -avR --rsync-path="mkdir -p ~/docker-composes/$CI_PROJECT_PATH/; rsync" ./docker-compose.yml root@$DEPLOYMENT_SERVER_IP:~/docker-composes/$CI_PROJECT_PATH/
- ssh root@$DEPLOYMENT_SERVER_IP "echo "$CI_REGISTRY_PASSWORD" | docker login --username $CI_REGISTRY_USER --password-stdin $CI_REGISTRY; docker-compose -f $DOCKER_COMPOSE_PATH rm -f -s -v $CI_COMMIT_REF_NAME; docker pull $TAGGED_IMAGE; docker-compose -f $DOCKER_COMPOSE_PATH -p $CI_COMMIT_REF_NAME up -d $CI_COMMIT_REF_NAME;"
release_stage:
extends: .release
only:
- stage
environment:
name: staging
url: http://staging.xxx.us
deploy_stage:
extends: .deploy
only:
- stage
environment:
name: staging
url: http://staging.xxx.us
Dockerfile
# pull official base image
# dev stage
FROM node:14.4.0-alpine AS dev
# set working directory
WORKDIR /var/www/
# install app dependencies
COPY package.json package-lock.json ./
RUN npm ci --silent
# add app
COPY . ./
# builder stage
FROM dev AS builder
RUN npm run build:app
# stage stage
FROM nginx:1.19.1-alpine AS stage
# Remove default files created by Nginx
RUN rm -rvf /usr/share/nginx/html/*
RUN rm -vf /etc/nginx/conf.d/default.conf
COPY --from=builder /var/www/build/ /usr/share/nginx/html
CMD ["nginx-debug", "-g", "daemon off;"]
docker-compose.yml
version: '3.8'
services:
stage:
container_name: xxx-website-stage
image: registry.gitlab.com/xxx.us/website:latest
build:
context: .
target: stage
dockerfile: Dockerfile
ports:
- '3002:80'
restart: always
default.conf
upstream staging-xxx-us {
server 0.0.0.0:3002;
}
server {
listen 3002;
server_name localhost;
# ...
}
server {
listen 80;
server_name staging.xxx.us;
location / {
proxy_pass http://staging-xxx-us;
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}
}
sudo docker ps
... ... "/docker-entrypoint.…" ... ... 0.0.0.0:3002->80/tcp xxx-website-stage
sudo ufw статус пронумерован
Status: active
To Action From
-- ------ ----
[ 1] OpenSSH ALLOW IN Anywhere
[ 2] 22/tcp ALLOW IN Anywhere
[ 3] 80/tcp ALLOW IN Anywhere
[ 4] 443/tcp ALLOW IN Anywhere
[ 5] OpenSSH (v6) ALLOW IN Anywhere (v6)
[ 6] 22/tcp (v6) ALLOW IN Anywhere (v6)
[ 7] 80/tcp (v6) ALLOW IN Anywhere (v6)
[ 8] 443/tcp (v6) ALLOW IN Anywhere (v6)
sudo netstat -ltnp | grep:*
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 12088/nginx: master
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 680/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1534/sshd
tcp6 0 0 :::80 :::* LISTEN 12088/nginx: master
tcp6 0 0 :::22 :::* LISTEN 1534/sshd
tcp6 0 0 :::3002 :::* LISTEN 28198/docker-proxy
sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Все нормально работает с портом 3001
, но ничего не работает с другими портами (например, 3002
). Я модифицирую порты в docker-compose.yml
к <anything>:80
и default.conf
указать на <anything>
в upstream
блок.
Обновление 2
У меня есть доступ к контейнеру, используя docker exec
и сайт открывается с портом 3002
, Я имею в виду http://staging.xxx.us:3002
работает нормально, но я ожидаю, что пользователи откроют сайт без какого-либо конкретного порта, я имею в виду http://staging.xxx.us
Я исправил проблему, используя nginx-прокси. Если вам нужна помощь, пожалуйста Проверь это. Я написал там рабочую конфигурацию.