Achmad Setyabudi Susilo
3d99940658
Sandbox Deployment Platform — Go control plane + agents, NextJS dashboard, nginx reverse proxy. Cross-compile via Docker; deploy via sshpass to 172.18.136.92 (micro) and 172.18.139.186 (gateway). - control-plane: HTTP API, WS hub, SQLite (modernc.org/sqlite) for progress, .log files for log persistence - agent-micro / agent-gateway: alpine:3.20 + bind-mounted repo, binary exec'd in container, no Dockerfile build step - dashboard: NextJS static export + shadcn/ui components, single WebSocket hook - docker-compose.yml: three services on alpine:latest with docker socket bind for agents - scripts/: build.sh (golang:1.23-alpine cross-compile), deploy.sh, patch-nginx.sh (idempotent nginx splice), ssh wrappers Runtime model: pass-through Bitbucket creds per deploy, never logged or persisted on the agent. Control plane never touches git or docker directly — agents do all the work locally.
52 lines
1.4 KiB
Nginx Configuration File
52 lines
1.4 KiB
Nginx Configuration File
# SDP nginx — serves the static NextJS export and proxies API + WS
|
|
# to the Go control plane.
|
|
#
|
|
# try_files: any unknown path falls back to /index.html so client-side
|
|
# routing works. /api and /ws are matched first and proxied upstream.
|
|
|
|
upstream control_plane {
|
|
server 127.0.0.1:8080;
|
|
keepalive 16;
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name _;
|
|
|
|
# Long-lived WS connections need a generous read timeout.
|
|
proxy_read_timeout 3600s;
|
|
proxy_send_timeout 3600s;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
# --- API: control plane ---
|
|
location /api/ {
|
|
proxy_pass http://control_plane;
|
|
}
|
|
|
|
# --- WebSocket: agent + dashboard subscriptions ---
|
|
location /ws/ {
|
|
proxy_pass http://control_plane;
|
|
}
|
|
|
|
# --- Static dashboard ---
|
|
root /var/www/sdp/dashboard/out;
|
|
index index.html;
|
|
|
|
# ponytail: try_files does all the work. _next chunks, images, etc. are
|
|
# served as files; unknown paths fall back to /index.html for SPA routing.
|
|
location / {
|
|
try_files $uri $uri/ $uri.html /index.html;
|
|
}
|
|
|
|
# Cache static assets aggressively; never cache index.html.
|
|
location /_next/static/ {
|
|
expires 1y;
|
|
add_header Cache-Control "public, immutable";
|
|
}
|
|
}
|