first draft

2026-02-06 09:56:05 +00:00 · 2025-10-25 16:27:49 +02:00 · 2025-10-25 16:27:49 +02:00 · f19c85ceb5
commit f19c85ceb5
parent 03ed61bea6
6 changed files with 69 additions and 50 deletions
--- a/deployment/bare_metal/.env.dist
+++ b/deployment/bare_metal/.env.dist
@ -86,9 +86,10 @@ FEDERATION_COMMUNITY_APIS=1_0
 GDT_ACTIVE=false

 # DLT-Connector (still in develop)
-DLT_CONNECTOR=true
+DLT_CONNECTOR=false
 DLT_CONNECTOR_PORT=6010
-NODE_SERVER_URL=http://localhost:8340/api
+DLT_NODE_SERVER_PORT=8340
+DLT_NODE_SERVER_URL=$URL_PROTOCOL://$COMMUNITY_HOST/dlt

 # used for combining a newsletter on klicktipp with this gradido community
 # if used, user will be subscribed on register and can unsubscribe in his account
--- a/deployment/bare_metal/nginx/sites-available/gradido-dlt.conf.template
+++ b/deployment/bare_metal/nginx/sites-available/gradido-dlt.conf.template
@ -0,0 +1,46 @@
+    # Blockchain Explorer
+    location /inspector {
+        limit_req zone=frontend burst=30 nodelay;
+        limit_conn addr 20;
+        alias $PROJECT_ROOT/inspector/build/;
+        index index.html;
+
+        # caching rules for assets
+        # static assets
+        location ~* \.(?:woff2?|ttf|otf|eot|jpg|jpeg|png|gif|svg|webp|ico)$ {
+            # keep assets for a week
+            add_header Cache-Control "public, max-age=604800";
+            try_files $uri =404;
+        }
+        # hashed assets
+        location ~* \.(?:js|css|json)$ {
+            add_header Cache-Control "public, max-age=31536000, immutable";
+            try_files $uri =404;
+        }
+
+        try_files $uri $uri/ /index.html = 404;
+
+        # don't cache index.html
+        add_header Cache-Control "no-cache, no-store, must-revalidate";
+        add_header Pragma "no-cache";
+        add_header Expires 0;
+
+        access_log $GRADIDO_LOG_PATH/nginx-access.inspector.log gradido_log;
+        error_log $GRADIDO_LOG_PATH/nginx-error.inspector.log warn;
+    }
+
+    # Gradido-Node
+    location /dlt {
+        proxy_http_version 1.1;
+        proxy_set_header   Upgrade $http_upgrade;
+        proxy_set_header   Connection 'upgrade';
+        proxy_set_header   X-Forwarded-For $remote_addr;
+        proxy_set_header   X-Real-IP  $remote_addr;
+        proxy_set_header   Host $host;
+        
+        proxy_pass         http://127.0.0.1:$DLT_NODE_SERVER_PORT/api;
+        proxy_redirect     off;
+
+        access_log $GRADIDO_LOG_PATH/nginx-access.dlt.log gradido_log;
+        error_log $GRADIDO_LOG_PATH/nginx-error.dlt.log warn;
+    }
--- a/deployment/bare_metal/nginx/sites-available/gradido.conf.ssl.template
+++ b/deployment/bare_metal/nginx/sites-available/gradido.conf.ssl.template
@ -101,22 +101,6 @@ server {
        error_log $GRADIDO_LOG_PATH/nginx-error.backend.log warn;
    }

-    # Gradido-Node
-    location /dlt {
-        proxy_http_version 1.1;
-        proxy_set_header   Upgrade $http_upgrade;
-        proxy_set_header   Connection 'upgrade';
-        proxy_set_header   X-Forwarded-For $remote_addr;
-        proxy_set_header   X-Real-IP  $remote_addr;
-        proxy_set_header   Host $host;
-        
-        proxy_pass         http://127.0.0.1:8340/api/;
-        proxy_redirect     off;
-
-        access_log $GRADIDO_LOG_PATH/nginx-access.dlt.log gradido_log;
-        error_log $GRADIDO_LOG_PATH/nginx-error.dlt.log warn;
-    }
-
    # Backend webhooks
    location /hook {
        limit_req zone=backend burst=20 nodelay;
@ -213,36 +197,8 @@ server {
        error_log $GRADIDO_LOG_PATH/nginx-error.admin.log warn;
    }

-    # Admin Frontend
-    location /inspector {
-        limit_req zone=frontend burst=30 nodelay;
-        limit_conn addr 20;
-        alias $PROJECT_ROOT/inspector/build/;
-        index index.html;
-
-        # caching rules for assets
-        # static assets
-        location ~* \.(?:woff2?|ttf|otf|eot|jpg|jpeg|png|gif|svg|webp|ico)$ {
-            # keep assets for a week
-            add_header Cache-Control "public, max-age=604800";
-            try_files $uri =404;
-        }
-        # hashed assets
-        location ~* \.(?:js|css|json)$ {
-            add_header Cache-Control "public, max-age=31536000, immutable";
-            try_files $uri =404;
-        }
-
-        try_files $uri $uri/ /index.html = 404;
-
-        # don't cache index.html
-        add_header Cache-Control "no-cache, no-store, must-revalidate";
-        add_header Pragma "no-cache";
-        add_header Expires 0;
-
-        access_log $GRADIDO_LOG_PATH/nginx-access.inspector.log gradido_log;
-        error_log $GRADIDO_LOG_PATH/nginx-error.inspector.log warn;
-    }
+    # dlt
+    $DLT_NGINX_CONF
    
    # Federation
    $FEDERATION_NGINX_CONF
--- a/deployment/bare_metal/start.sh
+++ b/deployment/bare_metal/start.sh
@ -185,6 +185,7 @@ cd $PROJECT_ROOT
 git fetch --all
 git checkout $BRANCH_NAME
 git pull
+git submodule update --init --recursive
 export BUILD_COMMIT="$(git rev-parse HEAD)"

 # install missing dependencies
@ -213,6 +214,16 @@ unset FEDERATION_APIVERSION
 unset FEDERATION_PORT
 log_step "===================================================================================================="

+# prepare inspector and gradido dlt node nginx config blocks if enabled
+if [ "$DLT_CONNECTOR" = true ] ; then
+  log_step "prepare inspector and dlt gradido node nginx config block"
+  envsubst '$DLT_NODE_SERVER_PORT' < $NGINX_CONFIG_DIR/gradido-dlt.conf.template >> $NGINX_CONFIG_DIR/gradido-dlt.conf
+  export DLT_NGINX_CONF=$(< $NGINX_CONFIG_DIR/gradido-dlt.conf)
+  rm $NGINX_CONFIG_DIR/gradido-dlt.conf
+else
+  export DLT_NGINX_CONF="# dlt is disabled"
+fi
+
 # *** 2nd read gradido-federation.conf file in env variable to be replaced in 3rd step
 export FEDERATION_NGINX_CONF=$(< $NGINX_CONFIG_DIR/gradido-federation.conf.locations)

@ -222,8 +233,9 @@ case "$URL_PROTOCOL" in
 'https') TEMPLATE_FILE="gradido.conf.ssl.template" ;;
       *) TEMPLATE_FILE="gradido.conf.template" ;;
 esac
-envsubst '$FEDERATION_NGINX_CONF' < $NGINX_CONFIG_DIR/$TEMPLATE_FILE > $NGINX_CONFIG_DIR/gradido.conf.tmp
+envsubst '$FEDERATION_NGINX_CONF,$DLT_NGINX_CONF' < $NGINX_CONFIG_DIR/$TEMPLATE_FILE > $NGINX_CONFIG_DIR/gradido.conf.tmp
 unset FEDERATION_NGINX_CONF
+unset DLT_NGINX_CONF
 envsubst "$(env | sed -e 's/=.*//' -e 's/^/\$/g')" < $NGINX_CONFIG_DIR/gradido.conf.tmp > $NGINX_CONFIG_DIR/gradido.conf
 rm $NGINX_CONFIG_DIR/gradido.conf.tmp
 rm $NGINX_CONFIG_DIR/gradido-federation.conf.locations
--- a/dlt-connector/src/config/schema.ts
+++ b/dlt-connector/src/config/schema.ts
@ -20,6 +20,10 @@ export const configSchema = v.object({
    ),
    '6010',
  ),
+  DLT_GRADIDO_NODE_SERVER_HOME_FOLDER: v.optional(
+    v.string('The home folder for the gradido dlt node server'),
+    '~/.gradido',  // currently hardcoded in dlt gradido node server
+  ),
  JWT_SECRET: v.optional(
    v.pipe(
      v.string('The JWT secret for connecting to the backend'),
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit ab1fcc03546a1e98e4f236243d6cef1ae4a566d6
+Subproject commit 8e29fd44efbede40649f850a674118e2d4379897