fix: final fixes

.gitignore

@@ -7,6 +7,7 @@ test/
 ZBotData/
 bin/
 logs/
+data/
 
 # Files
 *.zbif

docker-compose.prod.yaml

@@ -3,7 +3,8 @@ services:
     build:
       context: ./nginx-docker
     ports:
-      - "80:8080"
+      - "80:80"
+      - "443:443"
     environment:
       - NEXTJS_CONTAINER_IP=frontend
       - ACTIX_CONTAINER_IP=backend
@@ -12,8 +13,8 @@ services:
     volumes:
       - ./data/certbot/conf:/etc/letsencrypt
       - ./data/certbot/www:/var/www/certbot
-    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
-
+    netowrks:
+      - app-network
 
   certbot:
     image: certbot/certbot
@@ -23,27 +24,32 @@ services:
     entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
 
   backend:
-    container_name: zyenyo-backend
+    container_name: backend
     build:
       context: zyenyo-backend
       target: production
     restart: always
     env_file: .env
-    ports:
-      - "8000:8000"
+    netowrks:
+      - app-network
 
   frontend:
+    container_name: frontend
     build:
       context: ./zyenyo-frontend
     restart: always
     environment:
       - NODE_ENV=production
-    ports:
-      - "80:8080"
+    networks:
+      - app-network
 
   discord:
     build:
       context: ./zyenyo-discord
       target: runner
     restart: always
     env_file: .env
+
+networks:
+  app-network:
+    driver: bridge

init-letsencrypt.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 if ! [ -x "$(command -v docker-compose)" ]; then
-  echo 'Error: docker-compose is not installed.' >&2
+  echo 'Error: docker compose -f "docker-compose.prod.yaml" is not installed.' >&2
   exit 1
 fi
 
@@ -30,7 +30,7 @@ fi
 echo "### Creating dummy certificate for $domains ..."
 path="/etc/letsencrypt/live/$domains"
 mkdir -p "$data_path/conf/live/$domains"
-docker-compose run --rm --entrypoint "\
+docker compose -f "docker-compose.prod.yaml" run --rm --entrypoint "\
   openssl req -x509 -nodes -newkey rsa:$rsa_key_size -days 1\
     -keyout '$path/privkey.pem' \
     -out '$path/fullchain.pem' \
@@ -39,11 +39,11 @@ echo
 
 
 echo "### Starting nginx ..."
-docker-compose up --force-recreate -d nginx
+docker compose -f "docker-compose.prod.yaml" up --force-recreate -d nginx
 echo
 
 echo "### Deleting dummy certificate for $domains ..."
-docker-compose run --rm --entrypoint "\
+docker compose -f "docker-compose.prod.yaml" run --rm --entrypoint "\
   rm -Rf /etc/letsencrypt/live/$domains && \
   rm -Rf /etc/letsencrypt/archive/$domains && \
   rm -Rf /etc/letsencrypt/renewal/$domains.conf" certbot
@@ -66,7 +66,7 @@ esac
 # Enable staging mode if needed
 if [ $staging != "0" ]; then staging_arg="--staging"; fi
 
-docker-compose run --rm --entrypoint "\
+docker compose -f "docker-compose.prod.yaml" run --rm --entrypoint "\
   certbot certonly --webroot -w /var/www/certbot \
     $staging_arg \
     $email_arg \
@@ -77,4 +77,4 @@ docker-compose run --rm --entrypoint "\
 echo
 
 echo "### Reloading nginx ..."
-docker-compose exec nginx nginx -s reload
+docker compose -f "docker-compose.prod.yaml" exec nginx nginx -s reload

nginx-docker/prod-nginx.conf

@@ -1,7 +1,14 @@
+server {
+    listen 80;
+    server_name example.org;    location / {
+        return 301 https://$host$request_uri;
+    }    
+}
+
 server {
 
-    listen 8080 ssl;
-    listen [::]:8080 ssl;
+    listen 443 ssl;
+    listen [::]:443 ssl;
     server_name _;
 
     proxy_cache off;
@@ -11,19 +18,27 @@ server {
     proxy_set_header Connection "upgrade";
     proxy_cache_bypass $http_upgrade;
 
+    ssl_certificate /etc/letsencrypt/live/zyenyobot.com-0001/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/zyenyobot.com-0001/privkey.pem;
     include /etc/letsencrypt/options-ssl-nginx.conf;
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 
-    ssl_certificate /etc/letsencrypt/live/zyenyobot.com/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/zyenyobot.com/privkey.pem;
+    resolver 127.0.0.11 valid=10s;
+    resolver_timeout 5s;
+
+    location /.well-known/acme-challenge/ {
+	   root /var/www/certbot;
+    }
 
     location / {
-        proxy_pass http://${NEXTJS_CONTAINER_IP}:3000;
+	set $target http://${NEXTJS_CONTAINER_IP}:8080;
+        proxy_pass $target;
         add_header X-Custom-HeaderNextServer "Value for Custom Header @nextserver";
     }
 
     location /api {
-        proxy_pass http://${ACTIX_CONTAINER_IP}:8000;
+	set $target_api http://${ACTIX_CONTAINER_IP}:8000;
+        proxy_pass $target_api;
     }
 
     location /test {

zyenyo-backend/src/main.rs

@@ -56,7 +56,7 @@ async fn main() -> std::io::Result<()> {
     HttpServer::new(move || {
         let cors = match context.environment.as_str() {
             "development" => Cors::permissive(),
-            "production" => Cors::default().allowed_origin("http://localhost:80").allowed_methods(vec!["GET", "POST"]),
+            "production" => Cors::default().allowed_origin("https://zyenyobot.com").allowed_methods(vec!["GET", "POST"]),
             _ => panic!()
         };