@australiawow/setup-dev-stack 1.0.1 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/setup-dev-stack.sh +65 -59
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@australiawow/setup-dev-stack",
3
- "version": "1.0.1",
3
+ "version": "2.1.0",
4
4
  "description": "Automated Nginx/SSL/Docker Stack Orchestrator",
5
5
  "main": "setup-dev-stack.sh",
6
6
  "bin": {
package/setup-dev-stack.sh CHANGED
@@ -2,63 +2,82 @@
2
2
 
3
3
  # --- Technical Specification ---
4
4
  # Name: setup-dev-stack.sh
5
- # Version: 7.0 (NPM/GitHub Edition)
5
+ # Version: 2.1.0 (Self-Healing Edition)
6
6
  # ----------------------------------------------------------------
7
7
 
8
- # 1. Self-Elevate to sudo if not already
8
+ # MODULE 0: NATIVE DEPENDENCY CHECK (Runs as User)
9
+ echo "Step 1/6: Verifying Native Dependencies..."
10
+
11
+ # Check for Homebrew
12
+ if ! command -v brew >/dev/null 2>&1; then
13
+ echo "Fact: Homebrew not detected. Installing..."
14
+ /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
15
+ fi
16
+
17
+ # Check and Install Nginx/mkcert
18
+ for tool in nginx mkcert; do
19
+ if ! command -v $tool >/dev/null 2>&1; then
20
+ echo "Fact: $tool missing. Installing via Homebrew..."
21
+ brew install $tool
22
+ else
23
+ echo "Fact: $tool detected."
24
+ fi
25
+ done
26
+
27
+ # MODULE 1: PRIVILEGE ELEVATION (The Switch)
9
28
  if [[ $EUID -ne 0 ]]; then
29
+ echo "Fact: Dependencies synced. Elevating to sudo for Networking/Nginx..."
10
30
  exec sudo "$0" "$@"
11
31
  exit $?
12
32
  fi
13
33
 
34
+ # From here on, we are ROOT
14
35
  clear
15
36
  echo "------------------------------------------------"
16
- echo "🚀 SETUP-DEV-STACK: INTERACTIVE SETUP"
37
+ echo "🚀 NHAGUE DEV-STACK: INTERACTIVE SETUP"
17
38
  echo "------------------------------------------------"
18
39
 
19
- # 2. Prompts
40
+ # MODULE 2: PROMPTS
20
41
  read -p "Enter Client Slug (e.g., companyx): " CLIENT
21
42
  read -p "Enter Domain (e.g., companyx.com): " DOMAIN
22
43
 
23
44
  CURRENT_DIR=$(pwd)
24
- echo "Current folder: $CURRENT_DIR"
25
- read -p "Is this the project root? (y/n): " IS_CURRENT
26
-
45
+ read -p "Is this the project root? ($CURRENT_DIR) (y/n): " IS_CURRENT
27
46
  if [[ "$IS_CURRENT" == "y" || "$IS_CURRENT" == "Y" ]]; then
28
47
  PROJECT_DIR=$CURRENT_DIR
29
48
  else
30
49
  read -p "Enter full path to project: " PROJECT_DIR
31
50
  fi
32
51
 
33
- # 3. Variables (Constants for your specific stack)
34
- H_PORT=8081
35
- K_PORT=8080
36
- PG_PORT=5050
37
- KONG_PORT=8000
38
- MINIO_PORT=9000
39
-
40
- # 4. Dependency Sync
41
- echo "Step 1/5: Syncing Native Dependencies..."
42
- for tool in nginx mkcert; do
43
- command -v $tool >/dev/null 2>&1 || brew install $tool
44
- done
45
- mkcert -install >/dev/null 2>&1
52
+ # MODULE 3: SSL AUTOMATION
53
+ echo "Step 3/6: Automating SSL Trust..."
54
+ # Fact: We must use the REAL_USER path for certs so they are accessible
55
+ REAL_USER=${SUDO_USER:-$(whoami)}
56
+ USER_HOME=$(eval echo "~$REAL_USER")
57
+ CERT_DIR="$USER_HOME/certs/$CLIENT"
46
58
 
47
- # 5. SSL Automation
48
- echo "Step 2/5: Automating SSL Trust..."
49
- CERT_DIR="$HOME/certs/$CLIENT"
50
59
  mkdir -p "$CERT_DIR"
51
- mkcert -cert-file "$CERT_DIR/cert.pem" -key-file "$CERT_DIR/key.pem" \
60
+ # Run mkcert as the real user to ensure it touches their local keychain
61
+ sudo -u "$REAL_USER" mkcert -install >/dev/null 2>&1
62
+ sudo -u "$REAL_USER" mkcert -cert-file "$CERT_DIR/cert.pem" -key-file "$CERT_DIR/key.pem" \
52
63
  "$DOMAIN" "*.$DOMAIN" "localhost" "127.0.0.1" >/dev/null 2>&1
53
64
 
54
- # 6. DNS Spoofing
55
- echo "Step 3/5: Updating /etc/hosts..."
65
+ # MODULE 4: DNS SPOOFING
66
+ echo "Step 4/6: Updating /etc/hosts..."
56
67
  sed -i '' "/$DOMAIN/d" /etc/hosts
57
68
  echo "127.0.0.1 api.$DOMAIN auth.$DOMAIN console.$DOMAIN db-admin.$DOMAIN app.$DOMAIN $DOMAIN" >> /etc/hosts
58
69
 
59
- # 7. Nginx Logic
60
- echo "Step 4/5: Configuring Nginx Gateway..."
61
- NGINX_SERVERS="/opt/homebrew/etc/nginx/servers"
70
+ # MODULE 5: NGINX GATEWAY
71
+ echo "Step 5/6: Configuring Nginx Gateway..."
72
+ NGINX_ROOT="/opt/homebrew/etc/nginx"
73
+ NGINX_SERVERS="$NGINX_ROOT/servers"
74
+ mkdir -p "$NGINX_SERVERS"
75
+
76
+ # Fact: Mapping your Five Star stack ports
77
+ H_PORT=8081
78
+ K_PORT=8080
79
+ KONG_PORT=8000
80
+
62
81
  cat <<EOF > "$NGINX_SERVERS/$CLIENT.conf"
63
82
  server {
64
83
  listen 443 ssl;
@@ -66,26 +85,31 @@ server {
66
85
  ssl_certificate $CERT_DIR/cert.pem;
67
86
  ssl_certificate_key $CERT_DIR/key.pem;
68
87
 
88
+ # HASURA GRAPHQL
69
89
  location /graphql {
70
90
  proxy_pass http://localhost:$H_PORT/v1/graphql;
71
91
  proxy_http_version 1.1;
72
92
  proxy_set_header Upgrade \$http_upgrade;
73
93
  proxy_set_header Connection "upgrade";
74
94
  proxy_set_header Host \$host;
95
+ proxy_set_header X-Real-IP \$remote_addr;
96
+ proxy_set_header X-Forwarded-Proto \$scheme;
75
97
  }
76
98
 
99
+ # KEYCLOAK AUTH (Strict Buffer Math for JWTs)
77
100
  location /auth {
78
101
  proxy_pass http://localhost:$K_PORT/auth;
79
102
  proxy_set_header Host \$host;
80
- proxy_buffer_size 128k;
81
- proxy_buffers 4 256k;
82
- }
83
-
84
- location /files {
85
- proxy_pass http://localhost:$MINIO_PORT;
86
- proxy_set_header Host \$host;
103
+ proxy_set_header X-Real-IP \$remote_addr;
104
+ proxy_set_header X-Forwarded-Proto \$scheme;
105
+
106
+ # Fact: Buffer math must be consistent
107
+ proxy_buffer_size 128k;
108
+ proxy_buffers 4 256k;
109
+ proxy_busy_buffers_size 256k;
87
110
  }
88
111
 
112
+ # KONG / CATCH-ALL
89
113
  location / {
90
114
  proxy_pass http://localhost:$KONG_PORT;
91
115
  proxy_set_header Host \$host;
@@ -93,23 +117,10 @@ server {
93
117
  proxy_set_header X-Forwarded-Proto \$scheme;
94
118
  }
95
119
  }
96
-
97
- server {
98
- listen 443 ssl;
99
- server_name auth.$DOMAIN;
100
- ssl_certificate $CERT_DIR/cert.pem;
101
- ssl_certificate_key $CERT_DIR/key.pem;
102
- location / {
103
- proxy_pass http://localhost:$K_PORT;
104
- proxy_set_header Host \$host;
105
- proxy_buffer_size 128k;
106
- proxy_buffers 4 256k;
107
- }
108
- }
109
120
  EOF
110
121
 
111
- # 8. Docker Bridge
112
- echo "Step 5/5: Generating Docker Override..."
122
+ # MODULE 6: DOCKER BRIDGE
123
+ echo "Step 6/6: Generating Docker Override..."
113
124
  cat <<EOF > "$PROJECT_DIR/docker-compose.override.yml"
114
125
  version: '3.8'
115
126
  services:
@@ -120,19 +131,14 @@ services:
120
131
  auth-webhook:
121
132
  extra_hosts:
122
133
  - "auth.$DOMAIN:host.docker.internal"
123
- kong:
124
- extra_hosts:
125
- - "api.$DOMAIN:host.docker.internal"
126
- - "auth.$DOMAIN:host.docker.internal"
127
134
  EOF
128
135
 
129
- # Reset Ownership
130
- REAL_USER=${SUDO_USER:-$(whoami)}
131
136
  chown "$REAL_USER" "$PROJECT_DIR/docker-compose.override.yml"
132
137
  chown -R "$REAL_USER" "$CERT_DIR"
133
138
 
134
- # 9. Reload
135
- /opt/homebrew/bin/nginx -t && sudo /opt/homebrew/bin/brew services restart nginx
139
+ # RELOAD
140
+ echo "Reloading Nginx Native..."
141
+ /opt/homebrew/bin/nginx -t && /opt/homebrew/bin/brew services restart nginx
136
142
 
137
143
  echo "------------------------------------------------"
138
144
  echo "✅ SETUP SUCCESSFUL: $DOMAIN"