Merged in feature/multidevfix (pull request #38)

Feature/multidevfix * multidev sync * multidev sync fix typo * Add conf for www and dev01 * Add conf for www and dev01 * fix typo * symlink fix * hpa and resource modify Approved-by: Rachit Bhargava
2024-02-28 22:52:29 +00:00
parent 5b27e475cf
commit ac0ffd7543
6 changed files with 349 additions and 9 deletions
--- a/bitbucket-pipelines.yml
+++ b/bitbucket-pipelines.yml
@@ -106,6 +106,7 @@ definitions:
      after-script:
       - aws eks update-kubeconfig --name caresage-eks-cluster-$ENV --region us-east-1
       - sleep 10 && while  kubectl get po -A |grep -i medicalalert-web|egrep -i '0/1|crash'; do sleep 10; echo "--- still getting 0/1 or crash pods-----"; done
+       - chmod 755 ./multidev-sync.sh && ./multidev-sync.sh

 pipelines:
  # our custom pipeline, what shows up Bitbucket web app
--- a/build/dev/deployment.tpl
+++ b/build/dev/deployment.tpl
@@ -83,8 +83,8 @@ spec:
          timeoutSeconds: 10
        resources:
          limits:
-            cpu: 1000m
-            memory: 2048Mi
+            cpu: 2000m
+            memory: 4096Mi
          requests:
            cpu: 500m
            memory: 1024Mi
--- a/build/dev/web-default-conf-cm.yaml
+++ b/build/dev/web-default-conf-cm.yaml
@@ -66,7 +66,7 @@ data:
        return 301 https://$host$request_uri;
        }

-        root /usr/share/nginx/subdomain/$subdomain;
+        root /usr/share/nginx/subdomain/$subdomain-web;
        index index.php index.html index.htm;
        sendfile off;

@@ -92,7 +92,7 @@ data:

        error_page 404 /404.html;
        location = /404.html {
-            root   /usr/share/nginx/subdomain/$subdomain;
+            root   /usr/share/nginx/subdomain/$subdomain-web;
            add_header Cache-Control "no-cache" always;
        }

@@ -147,7 +147,7 @@ data:
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
-            root   /usr/share/nginx/subdomain/$subdomain;
+            root   /usr/share/nginx/subdomain/$subdomain-web;
            add_header Cache-Control "no-cache" always;
        }

@@ -197,7 +197,310 @@ data:
        }

    }
-    
+
+  www.conf: |
+
+    server {
+       #-----------------------------
+        client_max_body_size 512m;
+        # ------------------------
+        client_body_timeout 1200;
+        client_header_timeout 600;
+        # ---------------------------
+
+        listen   80;
+        listen   [::]:80;
+
+        server_name  www.dev-medicalalert.com;
+
+        if ($http_x_forwarded_proto != 'https') {
+        return 301 https://$host$request_uri;
+        }
+
+        root /usr/share/nginx/subdomain/www;
+        index index.php index.html index.htm;
+        sendfile off;
+
+        # Security - Hide nginx version number in error pages and Server header
+        server_tokens off;
+
+        # Add stdout logging
+        error_log /dev/stdout error;
+        access_log /dev/stdout;
+
+        # reduce the data that needs to be sent over network
+        gzip on;
+        gzip_min_length 10240;
+        gzip_proxied expired no-cache no-store private auth;
+        gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
+        gzip_disable "MSIE [1-6]\.";
+        add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
+        add_header X-Cache-Status $upstream_cache_status;
+        add_header Cache-Control "public";
+
+        #Cache everything by default
+        set $no_cache 0;
+
+        error_page 404 /404.html;
+        location = /404.html {
+            root   /usr/share/nginx/subdomain/www;
+            add_header Cache-Control "no-cache" always;
+        }
+
+        #Don't cache POST requests
+        if ($request_method = POST)
+        {
+            set $no_cache 1;
+        }
+
+        #Don't cache if the URL contains a query string
+        if ($query_string != "")
+        {
+            set $no_cache 1;
+        }
+
+        #Don't cache the following URLs
+        if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
+
+            set $no_cache 1;
+        }
+
+
+        # Don't use the cache for logged in users or recent commenters
+        if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
+        set $no_cache 1;
+        }
+
+
+        #Don't cache if there is a cookie called PHPSESSID
+        if ($http_cookie = "PHPSESSID")
+        {
+            set $no_cache 1;
+        }
+
+        location / {
+            # First attempt to serve request as file, then
+            # as directory, then fall back to index.php
+            try_files $uri $uri/ /index.php?$args;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
+            include fastcgi_params;
+            fastcgi_cache MYAPP;
+            fastcgi_cache_valid 200 60m;
+            fastcgi_cache_valid 301 302 0m;
+            fastcgi_cache_valid any 1m;
+            fastcgi_cache_bypass $no_cache;
+            fastcgi_no_cache $no_cache;
+
+        }
+
+        # redirect server error pages to the static page /50x.html
+        #
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+            root   /usr/share/nginx/subdomain/www;
+            add_header Cache-Control "no-cache" always;
+        }
+
+        # pass the PHP scripts to FastCGI server listening on socket
+        #
+        #~ \.php$
+        location ~ [^/]\.php(/|$)  {
+            proxy_set_header X-Forwarded-Proto $scheme;
+            try_files $uri $uri/ /index.php?$args;
+            if (!-f $document_root$fastcgi_script_name) {
+            return 404;
+            }
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            
+            fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+            fastcgi_index index.php;
+            include fastcgi_params;
+            fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            fastcgi_cache MYAPP;
+            fastcgi_cache_valid 200 60m;
+            fastcgi_cache_valid 301 302 0m;
+            fastcgi_cache_valid any  1m;
+            fastcgi_cache_bypass $no_cache;
+            fastcgi_no_cache $no_cache;
+        }
+
+        location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
+            expires 7d;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            fastcgi_cache MYAPP;
+            fastcgi_cache_valid 200 60m;
+            fastcgi_cache_valid 301 302 0m;
+            fastcgi_cache_valid any 1m; 
+            proxy_cache_background_update on;
+            proxy_cache_lock on;
+            fastcgi_cache_bypass $no_cache;
+            fastcgi_no_cache $no_cache;
+        }
+
+        # deny access to . files, for security
+        #
+        location ~ /\. {
+                log_not_found off;
+                deny all;
+        }
+
+    }
+
+  dev01.conf: |
+
+    server {
+       #-----------------------------
+        client_max_body_size 512m;
+        # ------------------------
+        client_body_timeout 1200;
+        client_header_timeout 600;
+        # ---------------------------
+
+        listen   80;
+        listen   [::]:80;
+
+        server_name  dev01.dev-medicalalert.com;
+
+        if ($http_x_forwarded_proto != 'https') {
+        return 301 https://$host$request_uri;
+        }
+
+        root /usr/share/nginx/subdomain/dev01;
+        index index.php index.html index.htm;
+        sendfile off;
+
+        # Security - Hide nginx version number in error pages and Server header
+        server_tokens off;
+
+        # Add stdout logging
+        error_log /dev/stdout error;
+        access_log /dev/stdout;
+
+        # reduce the data that needs to be sent over network
+        gzip on;
+        gzip_min_length 10240;
+        gzip_proxied expired no-cache no-store private auth;
+        gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
+        gzip_disable "MSIE [1-6]\.";
+        add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
+        add_header X-Cache-Status $upstream_cache_status;
+        add_header Cache-Control "public";
+
+        #Cache everything by default
+        set $no_cache 0;
+
+        error_page 404 /404.html;
+        location = /404.html {
+            root   /usr/share/nginx/subdomain/dev01;
+            add_header Cache-Control "no-cache" always;
+        }
+
+        #Don't cache POST requests
+        if ($request_method = POST)
+        {
+            set $no_cache 1;
+        }
+
+        #Don't cache if the URL contains a query string
+        if ($query_string != "")
+        {
+            set $no_cache 1;
+        }
+
+        #Don't cache the following URLs
+        if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
+
+            set $no_cache 1;
+        }
+
+
+        # Don't use the cache for logged in users or recent commenters
+        if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
+        set $no_cache 1;
+        }
+
+
+        #Don't cache if there is a cookie called PHPSESSID
+        if ($http_cookie = "PHPSESSID")
+        {
+            set $no_cache 1;
+        }
+
+        location / {
+            # First attempt to serve request as file, then
+            # as directory, then fall back to index.php
+            try_files $uri $uri/ /index.php?$args;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            fastcgi_param SUBDOMAIN dev01; # $_SERVER["SUBDOMAIN"]
+            include fastcgi_params;
+            fastcgi_cache MYAPP;
+            fastcgi_cache_valid 200 60m;
+            fastcgi_cache_valid 301 302 0m;
+            fastcgi_cache_valid any 1m;
+            fastcgi_cache_bypass $no_cache;
+            fastcgi_no_cache $no_cache;
+
+        }
+
+        # redirect server error pages to the static page /50x.html
+        #
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+            root   /usr/share/nginx/subdomain/dev01;
+            add_header Cache-Control "no-cache" always;
+        }
+
+        # pass the PHP scripts to FastCGI server listening on socket
+        #
+        #~ \.php$
+        location ~ [^/]\.php(/|$)  {
+            proxy_set_header X-Forwarded-Proto $scheme;
+            try_files $uri $uri/ /index.php?$args;
+            if (!-f $document_root$fastcgi_script_name) {
+            return 404;
+            }
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            
+            fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+            fastcgi_index index.php;
+            include fastcgi_params;
+            fastcgi_param SUBDOMAIN dev01; # $_SERVER["SUBDOMAIN"]
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            fastcgi_cache MYAPP;
+            fastcgi_cache_valid 200 60m;
+            fastcgi_cache_valid 301 302 0m;
+            fastcgi_cache_valid any  1m;
+            fastcgi_cache_bypass $no_cache;
+            fastcgi_no_cache $no_cache;
+        }
+
+        location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
+            expires 7d;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            fastcgi_cache MYAPP;
+            fastcgi_cache_valid 200 60m;
+            fastcgi_cache_valid 301 302 0m;
+            fastcgi_cache_valid any 1m; 
+            proxy_cache_background_update on;
+            proxy_cache_lock on;
+            fastcgi_cache_bypass $no_cache;
+            fastcgi_no_cache $no_cache;
+        }
+
+        # deny access to . files, for security
+        #
+        location ~ /\. {
+                log_not_found off;
+                deny all;
+        }
+
+    }
+
+ 
  localhost.conf: |

    server {
--- a/build/dev/web-hpa.yml
+++ b/build/dev/web-hpa.yml
@@ -8,12 +8,12 @@ spec:
    apiVersion: apps/v1
    kind: Deployment
    name: medicalalert-web
-  minReplicas: 3
-  maxReplicas: 6
+  minReplicas: 1
+  maxReplicas: 1
  metrics:
  - resource:
      name: cpu
      target:
        averageValue: "90"
        type: AverageValue
-    type: Resource
+    type: Resource
--- a/common-jobs-bitbucket.sh
+++ b/common-jobs-bitbucket.sh
@@ -124,6 +124,24 @@ kubectl exec common-job-pod -n $NAMESPACE -- apt update
 kubectl exec common-job-pod -n $NAMESPACE -- apt install rclone rsync -y
 kubectl exec common-job-pod -n $NAMESPACE -- sh -c '. /tmp/setenv.sh; cd /tmp && rclone sync --exclude wp-content/uploads/**   wp/ /usr/share/nginx/subdomain/$SUBDOMAIN  -q && echo ---sync-done--- '

+ # -----------------------------------------------------------
+if [ "$ENV" = "dev" ] ; then 
+pods=`kubectl get pods --no-headers -o custom-columns=":metadata.name" -n $NAMESPACE`
+for i in $pods; do 
+kubectl exec $i -n $NAMESPACE -- apt-key adv --fetch-keys 'https://packages.sury.org/php/apt.gpg' > /dev/null 2>&1
+kubectl exec $i -n $NAMESPACE -- apt update
+kubectl exec $i -n $NAMESPACE -- apt install rclone rsync -y
+
+kubectl cp setenv.sh  $NAMESPACE/$i:/tmp/setenv.sh && echo "setenv copy done" || exit 9
+
+kubectl exec $i -n $NAMESPACE -- sh -c '. /tmp/setenv.sh; cd /usr/share/nginx/subdomain && rclone sync --exclude wp-content/uploads/** $SUBDOMAIN/ /usr/share/nginx/subdomain/$SUBDOMAIN-web  -q && echo ---sync-done from efs to local for $SUBDOMAIN-web --- && cd $SUBDOMAIN-web/wp-content && [ -L uploads ] && [ -e uploads ]] && echo ----symlink-exist--- || ln -s  /usr/share/nginx/subdomain/$SUBDOMAIN/wp-content/uploads uploads && chown -R  nginx:nginx /usr/share/nginx/subdomain/$SUBDOMAIN-web'
+done
+else 
+
+echo ----The env is $ENV and thus no multidev applicable----
+
+fi 
+
 kubectl delete po common-job-pod -n $NAMESPACE 
 # -------------------------------------------------------------------------------------------------------------------------

--- a/multidev-sync.sh
+++ b/multidev-sync.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+NAMESPACE=medicalalert-web
+
+if [ "$ENV" = "dev" ]; then 
+	pods=`kubectl get pods --no-headers -o custom-columns=":metadata.name" -n $NAMESPACE`
+	for i in $pods; do 
+		kubectl exec $i -n $NAMESPACE -- apt-key adv --fetch-keys 'https://packages.sury.org/php/apt.gpg' > /dev/null 2>&1
+		kubectl exec $i -n $NAMESPACE -- apt-get update
+		kubectl exec $i -n $NAMESPACE -- apt-get install rclone rsync -y
+		kubectl exec $i  -n $NAMESPACE -- sh -c 'for j in dev02 dev03 dev04 dev05; do cd /usr/share/nginx/subdomain && rclone sync --exclude wp-content/uploads/** $j/ /usr/share/nginx/subdomain/$j-web  -q && echo ---sync-done from efs to local for $j-web --- && cd $j-web/wp-content && [ -L uploads ] && [ -e uploads ]] && echo ----symlink-exist--- || ln -s  /usr/share/nginx/subdomain/$j/wp-content/uploads uploads && chown -R  nginx:nginx /usr/share/nginx/subdomain/$j-web;done'
+        		
+	done
+else 
+
+	echo ----The env is $ENV and thus no multidev applicable----
+
+fi