- add docker-swarm deployment example

- update dependencies
2025-11-13 00:03:27 +10:00 · 2023-11-22 09:08:23 +01:00
parent 55e94ca792
commit dfb3ef60dd
12 changed files with 602 additions and 413 deletions
--- a/apps/client/src/pages/dashboard/resumes/_dialogs/import.tsx
+++ b/apps/client/src/pages/dashboard/resumes/_dialogs/import.tsx
@ -283,7 +283,7 @@ export const ImportDialog = () => {
                <Label className="text-error">{t`Errors`}</Label>
                <ScrollArea orientation="vertical" className="h-[180px]">
                  <div className="whitespace-pre-wrap rounded bg-secondary-accent p-4 font-mono text-xs leading-relaxed">
-                    {JSON.stringify(validationResult.errors, null, 4)}
+                    {JSON.stringify(JSON.parse(validationResult.errors), null, 4)}
                  </div>
                </ScrollArea>
              </div>
--- a/apps/server/src/contributors/contributors.service.ts
+++ b/apps/server/src/contributors/contributors.service.ts
@ -34,10 +34,10 @@ export class ContributorsService {
  }

  async fetchCrowdinContributors() {
+    try {
      const projectId = this.configService.getOrThrow("CROWDIN_PROJECT_ID");
      const accessToken = this.configService.getOrThrow("CROWDIN_PERSONAL_TOKEN");

-    try {
      const response = await this.httpService.axiosRef.get(
        `https://api.crowdin.com/api/v2/projects/${projectId}/members`,
        { headers: { Authorization: `Bearer ${accessToken}` } },
--- a/libs/parser/src/reactive-resume-v3/schema.ts
+++ b/libs/parser/src/reactive-resume-v3/schema.ts
@ -15,7 +15,7 @@ const basicsSchema = z.object({
  phone: z.string(),
  headline: z.string(),
  summary: z.string(),
-  birthdate: z.string(),
+  birthdate: z.string().optional(),
  website: z.string(),
  profiles: z.array(profileSchema),
  location: z.object({
@ -40,7 +40,7 @@ const basicsSchema = z.object({
 const sectionSchema = z.object({
  id: z.string(),
  name: z.string(),
-  type: z.enum(["basic", "custom"]),
+  type: z.enum(["basic", "work", "custom"]),
  columns: z.number().or(z.null()),
  visible: z.boolean(),
 });
@ -147,7 +147,7 @@ const metadataSchema = z.object({
  date: z.object({ format: z.string() }),
  theme: z.object({ text: z.string(), primary: z.string(), background: z.string() }),
  layout: z.array(z.array(z.array(z.string()))),
-  locale: z.string(),
+  locale: z.string().optional(),
  template: z.string(),
  typography: z.object({
    size: z.object({ body: z.number(), heading: z.number() }),
--- a/package.json
+++ b/package.json
@ -60,20 +60,20 @@
    "@types/cookie-parser": "^1.4.6",
    "@types/express": "^4.17.21",
    "@types/file-saver": "^2.0.7",
-    "@types/jest": "^29.5.9",
+    "@types/jest": "^29.5.10",
    "@types/lodash.debounce": "^4.0.9",
    "@types/lodash.get": "^4.4.9",
    "@types/lodash.set": "^4.3.9",
    "@types/multer": "^1.4.11",
-    "@types/node": "20.9.3",
+    "@types/node": "20.9.4",
    "@types/nodemailer": "^6.4.14",
-    "@types/papaparse": "^5.3.12",
+    "@types/papaparse": "^5.3.13",
    "@types/passport": "^1.0.16",
    "@types/passport-github2": "^1.2.9",
    "@types/passport-google-oauth20": "^2.0.14",
    "@types/passport-local": "^1.0.38",
    "@types/react": "18.2.38",
-    "@types/react-dom": "18.2.16",
+    "@types/react-dom": "18.2.17",
    "@types/react-is": "18.2.4",
    "@types/retry": "^0.12.5",
    "@types/webfontloader": "^1.6.38",
@ -108,7 +108,7 @@
    "ts-jest": "^29.1.1",
    "ts-node": "10.9.1",
    "typescript": "~5.3.2",
-    "vite": "~5.0.1",
+    "vite": "~5.0.2",
    "vite-plugin-dts": "~3.6.3",
    "vitest": "~0.34.6"
  },
@ -162,7 +162,7 @@
    "@radix-ui/react-toggle": "^1.0.3",
    "@radix-ui/react-toggle-group": "^1.0.4",
    "@radix-ui/react-tooltip": "^1.0.7",
-    "@sentry/node": "^7.81.0",
+    "@sentry/node": "^7.81.1",
    "@songkeys/nestjs-redis": "^10.0.0",
    "@songkeys/nestjs-redis-health": "^10.0.0",
    "@swc/helpers": "~0.5.3",
@ -215,7 +215,7 @@
    "react": "18.2.0",
    "react-colorful": "^5.6.1",
    "react-dom": "18.2.0",
-    "react-helmet-async": "^2.0.0",
+    "react-helmet-async": "^2.0.1",
    "react-hook-form": "^7.48.2",
    "react-parallax-tilt": "^1.7.175",
    "react-resizable-panels": "^0.0.61",
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
--- a/tools/compose/development.yml
+++ b/tools/compose/development.yml
@ -1,4 +1,4 @@
-version: "3"
+version: "3.8"

 # In this Docker Compose example, we only fire up the services required for local development.
 # This is not advised for production use as it exposes ports to the database insecurely.
@ -6,22 +6,22 @@ version: "3"

 services:
  # Database (Postgres)
-  postgres:
-    image: postgres:alpine
-    restart: unless-stopped
-    ports:
-      - ${POSTGRES_PORT:-5432}:5432
-    volumes:
-      - postgres_data:/var/lib/postgresql/data
-    environment:
-      POSTGRES_DB: ${POSTGRES_DB:-postgres}
-      POSTGRES_USER: ${POSTGRES_USER:-postgres}
-      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-postgres} -d ${POSTGRES_DB:-postgres}"]
-      interval: 10s
-      timeout: 5s
-      retries: 5
+  # postgres:
+  #   image: postgres:alpine
+  #   restart: unless-stopped
+  #   ports:
+  #     - ${POSTGRES_PORT:-5432}:5432
+  #   volumes:
+  #     - postgres_data:/var/lib/postgresql/data
+  #   environment:
+  #     POSTGRES_DB: ${POSTGRES_DB:-postgres}
+  #     POSTGRES_USER: ${POSTGRES_USER:-postgres}
+  #     POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
+  #   healthcheck:
+  #     test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-postgres} -d ${POSTGRES_DB:-postgres}"]
+  #     interval: 10s
+  #     timeout: 5s
+  #     retries: 5

  # Storage (for image uploads)
  minio:
--- a/tools/compose/nginx-proxy-manager.yml
+++ b/tools/compose/nginx-proxy-manager.yml
@ -1,4 +1,4 @@
-version: "3"
+version: "3.8"

 # In this Docker Compose example, we use Nginx Proxy Manager to manage the reverse proxy and SSL certificates.
 # There's very little configuration to be made on the compose file itself, and most of it is done on the Nginx Proxy Manager UI.
--- a/tools/compose/simple.yml
+++ b/tools/compose/simple.yml
@ -1,4 +1,4 @@
-version: "3"
+version: "3.8"

 # In this Docker Compose example, it assumes that you maintain a reverse proxy externally (or chose not to).
 # The only two exposed ports here are from minio (:9000) and the app itself (:3000).
--- a/tools/compose/swarm.yml
+++ b/tools/compose/swarm.yml
@ -0,0 +1,189 @@
+version: "3.8"
+
+# In this Docker Compose example, we use Docker Swarm to deploy Reactive Resume on multiple servers, with Traefik as the load balancer.
+
+services:
+  # Database (Postgres)
+  postgres:
+    image: postgres:alpine
+    networks:
+      - reactive_resume_network
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    environment:
+      POSTGRES_DB: postgres
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres -d postgres"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    deploy:
+      replicas: 1
+      restart_policy:
+        condition: on-failure
+
+  # Storage (for image uploads)
+  minio:
+    image: minio/minio
+    command: server /data
+    networks:
+      - reactive_resume_network
+    volumes:
+      - minio_data:/data
+    environment:
+      MINIO_ROOT_USER: minioadmin
+      MINIO_ROOT_PASSWORD: minioadmin
+    deploy:
+      replicas: 1
+      restart_policy:
+        condition: on-failure
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.storage.rule=Host(`storage.arkpg.xyz`)
+        - traefik.http.routers.storage.entrypoints=websecure
+        - traefik.http.routers.storage.tls.certresolver=letsencrypt
+        - traefik.http.services.storage.loadbalancer.server.port=9000
+
+  # Chrome Browser (for printing and previews)
+  chrome:
+    image: browserless/chrome:1.61.0-puppeteer-21.4.1
+    networks:
+      - reactive_resume_network
+    environment:
+      TOKEN: chrome_token
+    deploy:
+      replicas: 3
+      restart_policy:
+        condition: on-failure
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.printer.rule=Host(`printer.arkpg.xyz`)
+        - traefik.http.routers.printer.entrypoints=websecure
+        - traefik.http.routers.printer.tls.certresolver=letsencrypt
+        - traefik.http.services.printer.loadbalancer.server.port=3000
+
+  # Redis (for cache & server session management)
+  redis:
+    image: redis:alpine
+    command: redis-server --save 60 1 --loglevel warning --bind 0.0.0.0 --requirepass password
+    networks:
+      - reactive_resume_network
+    volumes:
+      - redis_data:/data
+    deploy:
+      replicas: 1
+      restart_policy:
+        condition: on-failure
+
+  app:
+    image: amruthpillai/reactive-resume:v4.0.0-alpha.8
+    networks:
+      - reactive_resume_network
+    environment:
+      # -- Environment Variables --
+      PORT: 3000
+      NODE_ENV: production
+
+      # -- URLs --
+      PUBLIC_URL: https://arkpg.xyz
+      STORAGE_URL: https://storage.arkpg.xyz
+
+      # -- Printer (Chrome) --
+      CHROME_TOKEN: chrome_token
+      CHROME_URL: wss://printer.arkpg.xyz
+
+      # -- Database (Postgres) --
+      DATABASE_URL: postgresql://postgres:postgres@postgres:5432/postgres
+
+      # -- Auth --
+      ACCESS_TOKEN_SECRET: access_token_secret
+      REFRESH_TOKEN_SECRET: refresh_token_secret
+
+      # -- Emails --
+      # SMTP_URL: smtp://user:pass@smtp:587 # Optional
+
+      # -- Storage (Minio) --
+      STORAGE_ENDPOINT: minio
+      STORAGE_PORT: 9000
+      STORAGE_REGION: us-east-1 # Optional
+      STORAGE_BUCKET: default
+      STORAGE_ACCESS_KEY: minioadmin
+      STORAGE_SECRET_KEY: minioadmin
+
+      # -- Cache (Redis) --
+      REDIS_URL: redis://default:password@redis:6379
+
+      # -- Sentry --
+      # VITE_SENTRY_DSN: https://id.sentry.io # Optional
+
+      # -- Crowdin (Optional) --
+      CROWDIN_PROJECT_ID:
+      CROWDIN_PERSONAL_TOKEN:
+
+      # -- Email --
+      # DISABLE_EMAIL_AUTH: true
+
+      # -- GitHub --
+      GITHUB_CLIENT_ID: github_client_id
+      GITHUB_CLIENT_SECRET: github_client_secret
+      GITHUB_CALLBACK_URL: https://arkpg.xyz/api/auth/github/callback
+
+      # -- Google --
+      GOOGLE_CLIENT_ID: google_client_id
+      GOOGLE_CLIENT_SECRET: google_client_secret
+      GOOGLE_CALLBACK_URL: https://arkpg.xyz/api/auth/google/callback
+    deploy:
+      replicas: 3
+      restart_policy:
+        condition: on-failure
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.app.rule=Host(`arkpg.xyz`)
+        - traefik.http.routers.app.entrypoints=websecure
+        - traefik.http.routers.app.tls.certresolver=letsencrypt
+        - traefik.http.services.app.loadbalancer.server.port=3000
+
+  traefik:
+    image: traefik
+    command:
+      - --api=true
+      - --providers.docker=true
+      - --providers.docker.swarmMode=true
+      - --providers.docker.exposedbydefault=false
+      - --providers.docker.network=reactive_resume_network
+      - --entrypoints.web.address=:80
+      - --entrypoints.websecure.address=:443
+      - --certificatesresolvers.letsencrypt.acme.tlschallenge=true
+      - --certificatesresolvers.letsencrypt.acme.email=noreply@arkpg.xyz
+      - --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
+
+      # Let's Encrypt Staging Server (for testing)
+      # - --certificatesResolvers.letsencrypt.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
+
+      # Redirect all HTTP requests to HTTPS
+      - --entrypoints.web.http.redirections.entrypoint.to=websecure
+      - --entrypoints.web.http.redirections.entrypoint.scheme=https
+    ports:
+      - 80:80
+      - 443:443
+      - 8080:8080
+    networks:
+      - reactive_resume_network
+    volumes:
+      - letsencrypt_data:/letsencrypt
+      - /var/run/docker.sock:/var/run/docker.sock
+    deploy:
+      placement:
+        constraints: [node.role == manager]
+
+volumes:
+  minio_data:
+  redis_data:
+  postgres_data:
+  letsencrypt_data:
+
+networks:
+  reactive_resume_network:
+    external: true
--- a/tools/compose/traefik-secure.yml
+++ b/tools/compose/traefik-secure.yml
@ -1,4 +1,4 @@
-version: "3"
+version: "3.8"

 # In this Docker Compose example, we use Traefik to route requests to the app and storage containers in a secure manner (HTTPS).
 # This example assumes you have a domain name (example.com) and a wildcard DNS record pointing to your server.
--- a/tools/compose/traefik.yml
+++ b/tools/compose/traefik.yml
@ -1,4 +1,4 @@
-version: "3"
+version: "3.8"

 # In this Docker Compose example, we use Traefik to route requests to the app and storage containers.
 # This example assumes you have a domain name (example.com) and a wildcard DNS record pointing to your server.
--- a/tools/prisma/migrations/20231121234455_initialize_tables/migration.sql
+++ b/tools/prisma/migrations/20231121234455_initialize_tables/migration.sql
@ -63,15 +63,15 @@ CREATE UNIQUE INDEX "Secrets_resetToken_key" ON "Secrets"("resetToken");
 -- CreateIndex
 CREATE UNIQUE INDEX "Secrets_userId_key" ON "Secrets"("userId");

-- CreateIndex
-CREATE UNIQUE INDEX "Resume_slug_key" ON "Resume"("slug");
-
 -- CreateIndex
 CREATE INDEX "Resume_userId_idx" ON "Resume"("userId");

 -- CreateIndex
 CREATE UNIQUE INDEX "Resume_userId_id_key" ON "Resume"("userId", "id");

+-- CreateIndex
+CREATE UNIQUE INDEX "Resume_userId_slug_key" ON "Resume"("userId", "slug");
+
 -- AddForeignKey
 ALTER TABLE "Secrets" ADD CONSTRAINT "Secrets_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User"("id") ON DELETE CASCADE ON UPDATE CASCADE;