vincent.astolfi
/
maettleship
mirror of https://github.com/viastolfi/maettleship.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Secrets working well. Better security overall
continuous-integration/drone/push Build is passing Details

Browse Source
main
Vincent 8 months ago
parent a5b144fa87
commit 56859467fe
4 changed files with 35 additions and 23 deletions
Show Stats Download Patch File Download Diff File

2
Dockerfile
Unescape View File

@ -8,4 +8,4 @@ COPY . .
EXPOSE 3000 EXPOSE 3000
CMD ["npm", "run", "prod"] CMD ["npm", "run", "prod"]

27
database.js
Unescape View File

@ -1,10 +1,23 @@
const mysql = require("mysql2"); const mysql = require("mysql2");
const fs = require('node:fs');
const connection = mysql.createPool({
host: process.env.DB_HOST,
user: process.env.DB_USER,
password: process.env.DB_PASSWORD,
database: process.env.DB_NAME
});
module.exports = connection; try {
const db_user_password = fs.readFileSync(process.env.DB_USER_PASSWORD_FILE, 'utf8').replace(/\r?\n|\r/g, "");
const db_user = fs.readFileSync(process.env.DB_USER_FILE, 'utf8').replace(/\r?\n|\r/g, "");
console.log(db_user)
const connection = mysql.createPool({
host: process.env.DB_HOST,
user: db_user,
password: db_user_password,
database: process.env.DB_NAME,
});
module.exports = connection;
} catch (e) {
console.log(e)
}

2
db/init.sql
Unescape View File

@ -24,4 +24,4 @@ CREATE TABLE IF NOT EXISTS score (
wins INT NOT NULL DEFAULT 0, wins INT NOT NULL DEFAULT 0,
loses INT NOT NULL DEFAULT 0, loses INT NOT NULL DEFAULT 0,
FOREIGN KEY (playerId) REFERENCES users(id) FOREIGN KEY (playerId) REFERENCES users(id)
); );

27
docker-compose.yml
Unescape View File

@ -9,16 +9,14 @@ services:
- .:/usr/src/app - .:/usr/src/app
- /usr/src/app/node_modules - /usr/src/app/node_modules
environment: environment:
DB_HOST: /run/secrets/db_host DB_HOST: db
DB_USER: /run/secrets/db_user DB_USER_FILE: /run/secrets/db_user
DB_PASSWORD: /run/secrets/db_password DB_USER_PASSWORD_FILE: /run/secrets/db_user_password
DB_NAME: /run/secrets/db_name DB_NAME: battleship
COOKIE_SECRET_KEY: /run/secrets/cookie_key COOKIE_SECRET_KEY: /run/secrets/cookie_key
secrets: secrets:
- db_host
- db_user - db_user
- db_password - db_user_password
- db_name
- cookie_key - cookie_key
networks: networks:
- app-network - app-network
@ -29,11 +27,14 @@ services:
image: mysql:8.0 image: mysql:8.0
restart: always restart: always
environment: environment:
MYSQL_ROOT_PASSWORD: /run/secrets/db_password MYSQL_ROOT_PASSWORD_FILE: /run/secrets/db_password
MYSQL_DATABASE: /run/secrets/db_name MYSQL_USER_FILE: /run/secrets/db_user
MYSQL_PASSWORD_FILE: /run/secrets/db_user_password
MYSQL_DATABASE: battleship
secrets: secrets:
- db_user_password
- db_password - db_password
- db_name - db_user
ports: ports:
- "3306:3306" - "3306:3306"
networks: networks:
@ -63,14 +64,12 @@ services:
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h; done;'" entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h; done;'"
secrets: secrets:
db_host: db_user_password:
file: secrets/db_host.txt file: secrets/db_user_password.txt
db_user: db_user:
file: secrets/db_user.txt file: secrets/db_user.txt
db_password: db_password:
file: secrets/db_password.txt file: secrets/db_password.txt
db_name:
file: secrets/db_name.txt
cookie_key: cookie_key:
file: secrets/cookie_key.txt file: secrets/cookie_key.txt

Write Preview
Loading…
Cancel
Save