dvirlabs/my-recipes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use separate ingress for frontend and backend (like navix): frontend at my-recipes.dvirlabs.com, backend at api-my-recipes.dvirlabs.com

Browse Source
This commit is contained in:
dvirlabs 2025-12-06 22:44:59 +02:00
parent 5c8481304f
commit b4008f5b93
7 changed files with 123 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
frontend/10-generate-env.sh
View File

@ -1,32 +1,23 @@
#!/bin/sh #!/bin/sh
set -e set -e
# Template is in dist (copied by Dockerfile builder stage) # Generate env.js from API_BASE environment variable
TEMPLATE="/usr/share/nginx/html/env.js.template" # This is set in the Helm deployment values
TARGET="/usr/share/nginx/html/env.js" TARGET="/usr/share/nginx/html/env.js"
if [ -f "$TEMPLATE" ]; then # API_BASE should be set via deployment env (e.g., from Helm values)
echo "Generating env.js from template with API_BASE=${API_BASE:-/api}" # Default to /api as fallback (relative path)
# Default API_BASE to /api if not provided : ${API_BASE:=/api}
: ${API_BASE:=/api}
cat > "$TARGET" <<EOF echo "Generating env.js with API_BASE=${API_BASE}"
cat > "$TARGET" <<EOF
window.__ENV__ = { window.__ENV__ = {
API_BASE: "${API_BASE}" API_BASE: "${API_BASE}"
}; };
EOF EOF
echo "✓ env.js generated at $TARGET"
else
echo "Warning: env.js.template not found at $TEMPLATE, creating default env.js"
# Fallback: create env.js with default value
: ${API_BASE:=/api}
cat > "$TARGET" <<EOF
window.__ENV__ = {
API_BASE: "${API_BASE}"
};
EOF
echo "✓ Default env.js created at $TARGET"
fi
# Ensure ownership/permissions are OK for nginx echo "✓ env.js generated at $TARGET"
# Ensure ownership/permissions for nginx
chown -R nginx:nginx /usr/share/nginx/html || true chown -R nginx:nginx /usr/share/nginx/html || true

7
frontend/Dockerfile
View File

@ -15,10 +15,7 @@ COPY . .
# Build the application # Build the application
RUN npm run build RUN npm run build
# Copy env template to dist so it's available in production # Production stage - use nginx to serve static files
COPY public/env.js.template dist/env.js.template
# Production stage - use nginx to serve static files and proxy API calls
FROM nginx:alpine FROM nginx:alpine
# Copy nginx config # Copy nginx config
@ -28,7 +25,7 @@ COPY nginx.conf /etc/nginx/nginx.conf
COPY --from=builder /app/dist /usr/share/nginx/html COPY --from=builder /app/dist /usr/share/nginx/html
# Copy entrypoint script to nginx entrypoint.d directory # Copy entrypoint script to nginx entrypoint.d directory
# This will run before nginx starts and generate env.js from template # This will run before nginx starts and generate env.js from API_BASE env var
COPY 10-generate-env.sh /docker-entrypoint.d/10-generate-env.sh COPY 10-generate-env.sh /docker-entrypoint.d/10-generate-env.sh
# Ensure entrypoint script is executable # Ensure entrypoint script is executable

13
frontend/nginx.conf
View File

@ -13,19 +13,6 @@ http {
root /usr/share/nginx/html; root /usr/share/nginx/html;
index index.html; index index.html;
# Proxy API requests to backend service
# Frontend calls /api/recipes, nginx removes /api prefix and forwards to backend:8000/recipes
location /api/ {
proxy_pass http://backend:8000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Serve static files and fallback to index.html for SPA # Serve static files and fallback to index.html for SPA
location / { location / {
try_files $uri $uri/ /index.html; try_files $uri $uri/ /index.html;

32
manifests/my-recipes/values.yaml
View File

@ -23,6 +23,16 @@ backend:
env: env:
PYTHONUNBUFFERED: "1" PYTHONUNBUFFERED: "1"
tag: master-895786b tag: master-895786b
ingress:
enabled: true
className: "nginx"
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: api-my-recipes.dvirlabs.com
paths:
- path: /
pathType: Prefix
# Frontend configuration # Frontend configuration
frontend: frontend:
name: frontend name: frontend
@ -36,7 +46,7 @@ frontend:
port: 80 port: 80
targetPort: 80 targetPort: 80
env: env:
API_BASE: "https://my-recipes.dvirlabs.com/api" API_BASE: "https://api-my-recipes.dvirlabs.com"
resources: resources:
requests: requests:
cpu: 50m cpu: 50m
@ -45,6 +55,16 @@ frontend:
cpu: 200m cpu: 200m
memory: 256Mi memory: 256Mi
tag: master-bd31ffb tag: master-bd31ffb
ingress:
enabled: true
className: "nginx"
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: my-recipes.dvirlabs.com
paths:
- path: /
pathType: Prefix
# PostgreSQL configuration # PostgreSQL configuration
postgres: postgres:
name: db name: db
@ -72,24 +92,18 @@ postgres:
limits: limits:
cpu: 1000m cpu: 1000m
memory: 1Gi memory: 1Gi
# Ingress (top-level, maps frontend/backend paths) # Ingress (top-level, disabled - use component-specific ingress instead)
ingress: ingress:
enabled: true enabled: false
className: "nginx" className: "nginx"
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod" cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/rewrite-target: "/$2"
nginx.ingress.kubernetes.io/use-regex: "true"
hosts: hosts:
- host: my-recipes.dvirlabs.com - host: my-recipes.dvirlabs.com
paths: paths:
- path: / - path: /
pathType: Prefix pathType: Prefix
backend: frontend backend: frontend
# use a regex to capture and rewrite /api/... to /... on the backend
- path: /api(/|$)(.*)
pathType: ImplementationSpecific
backend: backend
tls: tls:
- secretName: recipes-tls - secretName: recipes-tls
hosts: hosts:

15
my-recipes-chart/templates/frontend-deployment.yaml
View File

@ -25,26 +25,13 @@ spec:
- containerPort: {{ .Values.frontend.service.targetPort }} - containerPort: {{ .Values.frontend.service.targetPort }}
name: http name: http
protocol: TCP protocol: TCP
{{- /* compute API_BASE: prefer frontend.env.API_BASE, else use first ingress host */}}
{{- $apiBase := "" }}
{{- if .Values.frontend.env.API_BASE }}
{{- $apiBase = .Values.frontend.env.API_BASE }}
{{- else if .Values.ingress.hosts }}
{{- $firstHost := index .Values.ingress.hosts 0 }}
{{- $apiBase = printf "https://%s/api" $firstHost.host }}
{{- end }}
env:
- name: API_BASE
value: {{ $apiBase | quote }}
{{- /* include any other env vars provided in values.frontend.env (skip API_BASE to avoid duplicate) */}}
{{- with .Values.frontend.env }} {{- with .Values.frontend.env }}
env:
{{- range $key, $value := . }} {{- range $key, $value := . }}
{{- if ne $key "API_BASE" }}
- name: {{ $key }} - name: {{ $key }}
value: {{ $value | quote }} value: {{ $value | quote }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }}
livenessProbe: livenessProbe:
httpGet: httpGet:
path: / path: /

79
my-recipes-chart/templates/ingress.yaml
View File

@ -1,31 +1,22 @@
{{- if .Values.ingress.enabled }} {{- if .Values.frontend.ingress.enabled }}
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
name: {{ .Release.Name }} name: {{ .Release.Name }}-frontend
namespace: {{ .Values.global.namespace }} namespace: {{ .Values.global.namespace }}
labels: labels:
app: {{ .Release.Name }} app: {{ .Release.Name }}-frontend
{{- with .Values.ingress.annotations }} component: frontend
{{- with .Values.frontend.ingress.annotations }}
annotations: annotations:
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 4 }}
{{- end }} {{- end }}
spec: spec:
{{- if .Values.ingress.className }} {{- if .Values.frontend.ingress.className }}
ingressClassName: {{ .Values.ingress.className }} ingressClassName: {{ .Values.frontend.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }} {{- end }}
rules: rules:
{{- range .Values.ingress.hosts }} {{- range .Values.frontend.ingress.hosts }}
- host: {{ .host | quote }} - host: {{ .host | quote }}
http: http:
paths: paths:
@ -34,15 +25,65 @@ spec:
pathType: {{ .pathType }} pathType: {{ .pathType }}
backend: backend:
service: service:
{{- if eq .backend "frontend" }}
name: {{ $.Release.Name }}-{{ $.Values.frontend.name }} name: {{ $.Release.Name }}-{{ $.Values.frontend.name }}
port: port:
number: {{ $.Values.frontend.service.port }} number: {{ $.Values.frontend.service.port }}
{{- else if eq .backend "backend" }} {{- end }}
{{- end }}
{{- if .Values.frontend.ingress.tls }}
tls:
{{- range .Values.frontend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}
---
{{- if .Values.backend.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Name }}-backend
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-backend
component: backend
{{- with .Values.backend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.backend.ingress.className }}
ingressClassName: {{ .Values.backend.ingress.className }}
{{- end }}
rules:
{{- range .Values.backend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ $.Release.Name }}-{{ $.Values.backend.name }} name: {{ $.Release.Name }}-{{ $.Values.backend.name }}
port: port:
number: {{ $.Values.backend.service.port }} number: {{ $.Values.backend.service.port }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if .Values.backend.ingress.tls }}
tls:
{{- range .Values.backend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}

32
my-recipes-chart/values.yaml
View File

@ -27,6 +27,17 @@ backend:
env: env:
PYTHONUNBUFFERED: "1" PYTHONUNBUFFERED: "1"
ingress:
enabled: true
className: "nginx"
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: api-my-recipes.dvirlabs.com
paths:
- path: /
pathType: Prefix
# Frontend configuration # Frontend configuration
frontend: frontend:
name: frontend name: frontend
@ -42,7 +53,7 @@ frontend:
targetPort: 80 targetPort: 80
env: env:
API_BASE: "https://my-recipes.dvirlabs.com/api" API_BASE: "https://api-my-recipes.dvirlabs.com"
resources: resources:
requests: requests:
@ -52,6 +63,17 @@ frontend:
cpu: 200m cpu: 200m
memory: 256Mi memory: 256Mi
ingress:
enabled: true
className: "nginx"
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: my-recipes.dvirlabs.com
paths:
- path: /
pathType: Prefix
# PostgreSQL configuration # PostgreSQL configuration
postgres: postgres:
name: db name: db
@ -86,22 +108,16 @@ postgres:
# Ingress configuration # Ingress configuration
ingress: ingress:
enabled: true enabled: false # Individual frontend/backend ingress resources handle routing instead
className: "nginx" className: "nginx"
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod" cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/rewrite-target: "/$2"
nginx.ingress.kubernetes.io/use-regex: "true"
hosts: hosts:
- host: my-recipes.dvirlabs.com - host: my-recipes.dvirlabs.com
paths: paths:
- path: / - path: /
pathType: Prefix pathType: Prefix
backend: frontend backend: frontend
# use a regex to capture and rewrite /api/... to /... on the backend
- path: /api(/|$)(.*)
pathType: ImplementationSpecific
backend: backend
tls: tls:
- secretName: recipes-tls - secretName: recipes-tls
hosts: hosts: