~ekez/negativefour

104f1862f3866b1eda2f30bb65c2f0ad94334a5f — Zeke Medley 3 months ago 1c357c4
Docs about webpage deployment and add /status endpoint to serve
3 files changed, 174 insertions(+), 1 deletions(-)

M docs/index.md
A docs/negativefour.com.md
M serve/app.js
M docs/index.md => docs/index.md +2 -0
@@ 7,3 7,5 @@ websites on both the clearnet and as a tor hidden service.
- Initial spec [here](docs/initial-spec.md)
  - Phase one spec [here](docs/phase-1.md)
- Abuse mitigation [here](docs/abuse-mitigation.md)
- Notes about configuration of our box [here](docs/multiple-sites-one-host.md)
- How the webpage is served [here](negativefour.com.md)

A docs/negativefour.com.md => docs/negativefour.com.md +171 -0
@@ 0,0 1,171 @@
# How negativefour.com is served

negativefour consists of the following services

- `www` - negativefour.com or www.negativefour.com
- `serve` - serve.negativefour.com

## www

This is a standard express application using the pug templating
engine. This is the frontend that users are expected to interact with.

It is run by a systemd service called `negativefour.com` and has the
following configuration:

```
[Unit]
Description=The negativefour website

[Service]
User=admin
Group=admin
WorkingDirectory=/home/admin/negativefour/www
ExecStart=npm start
Restart=always
RestartSec=1

[Install]
WantedBy=multi-user.target
```

www runs on port 2999. In order to deliver traffic to it we use
apache2 as a reverse proxy via the following configuration in
`/etc/apache2/sites-avaliable/negativefour.com.conf`:

```
<VirtualHost *:80>
	     ServerAdmin zekemedley@gmail.com
	     ProxyPreserveHost On
	     ProxyRequests Off
	     ServerName www.negativefour.com
	     ServerAlias negativefour.com
	     ProxyPass / http://localhost:2999/
	     ProxyPassReverse / http://localhost:2999/
</VirtualHost>
```

In addition to the apache2 reverse proxy we also proxy traffic to this
endpoint through Cloudflare hence the lack of a SSL config.

## serve

This is an api with no frontend which processes requests to deploy and
undeploy webpages. Webpages deployed by this endpoint are deployed to
`<NAME>.negativefour.app`.

The systemd and apache configs for this service are as follows:

`/etc/systemd/system/serve.negativefour.com.service`

```
[Unit]
Description=The negativefour deployment managment endpoint

[Service]
User=root
Group=root
WorkingDirectory=/home/admin/negativefour/serve
ExecStart=node app.js
Restart=always
RestartSec=1

[Install]
WantedBy=multi-user.target
```

`/etc/apache2/sites-available/serve.negativefour.com.conf`

```
<VirtualHost *:80>
	     ServerAdmin zekemedley@gmail.com
	     ProxyPreserveHost On
	     ProxyRequests Off
	     ServerName serve.negativefour.com
	     ProxyPass / http://localhost:2998/
	     ProxyPassReverse / http://localhost:2998/
</VirtualHost>
```

### `/deploy`

All requests must have a `token` field which is a signed JSON web
token. The token must be signed by the same key that the frontend
uses.

POST JSON body params:

```
{
	name: <name of the webpage>,
	repo: <link to git repo containing static webpage>,
	token: <json web token containing user info>
}
```

POST JSON response:

```
{
	jobID: <id for querying the status of the deploy job>
}
```

An invalid request will result in a JSON reponse containing an error
field and the HTTP status code will be set appropriately.

```
{
	error: <error message for the invalid request>
}
```

### `/undeploy`

POST JSON body params:

```
{
	name: <name of the webpage>,
	token: <json web token containing user info>
}
```

POST JSON response:

```
{
	jobID: <id for querying the status of the undeploy job>
}
```

An invalid request will result in a JSON reponse containing an error
field and the HTTP status code will be set appropriately.

```
{
	error: <error message for the invalid request>
}
```

### `/status`

GET JSON body params:

```
{
	jobID: <previously provided jobID>,
	token: <json web token containing user info>
}
```

GET JSON response:

```
{
	stdout: <standard out from job so far>,
	stderr: <standard err from job so far>,
	exitCode: <present if job has exited - exit code of deploy script>,
	serverError: <present if there was a server starting the script - contains error message>
}
```

M serve/app.js => serve/app.js +1 -1
@@ 87,7 87,7 @@ app.post('/deploy', function(req, res) {
    })
})

app.get('/deploy', function(req, res) {
app.get('/status', function(req, res) {
    const token = req.body.token
    const jobID = req.body.jobID