@australiawow/setup-dev-stack 2.1.0 → 2.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/setup-dev-stack.sh +57 -34
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@australiawow/setup-dev-stack",
3
- "version": "2.1.0",
3
+ "version": "2.2.2",
4
4
  "description": "Automated Nginx/SSL/Docker Stack Orchestrator",
5
5
  "main": "setup-dev-stack.sh",
6
6
  "bin": {
package/setup-dev-stack.sh CHANGED
@@ -2,19 +2,23 @@
2
2
 
3
3
  # --- Technical Specification ---
4
4
  # Name: setup-dev-stack.sh
5
- # Version: 2.1.0 (Self-Healing Edition)
5
+ # Version: 2.2.2 (Master Edition)
6
+ # Author: australiawow (NPM) / nhague (GitHub)
7
+ # Architecture: Native Nginx (Mac) -> Docker Bridge (M1)
6
8
  # ----------------------------------------------------------------
7
9
 
8
- # MODULE 0: NATIVE DEPENDENCY CHECK (Runs as User)
10
+ # MODULE 1: DEPENDENCY SYNC (Runs as Standard User)
11
+ # Fact: Homebrew forbids running as root. We check this before sudo.
9
12
  echo "Step 1/6: Verifying Native Dependencies..."
10
13
 
11
- # Check for Homebrew
12
14
  if ! command -v brew >/dev/null 2>&1; then
13
15
  echo "Fact: Homebrew not detected. Installing..."
14
16
  /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
15
17
  fi
16
18
 
17
- # Check and Install Nginx/mkcert
19
+ # Determine Homebrew Prefix (M1 vs Intel)
20
+ BREW_PREFIX=$(brew --prefix)
21
+
18
22
  for tool in nginx mkcert; do
19
23
  if ! command -v $tool >/dev/null 2>&1; then
20
24
  echo "Fact: $tool missing. Installing via Homebrew..."
@@ -24,20 +28,24 @@ for tool in nginx mkcert; do
24
28
  fi
25
29
  done
26
30
 
27
- # MODULE 1: PRIVILEGE ELEVATION (The Switch)
31
+ # MODULE 2: PRIVILEGE ESCALATION
32
+ # Fact: Sudo is required for /etc/hosts and Nginx privileged ports (443)
28
33
  if [[ $EUID -ne 0 ]]; then
29
- echo "Fact: Dependencies synced. Elevating to sudo for Networking/Nginx..."
34
+ echo "Fact: Dependencies synced. Elevating to sudo for System Config..."
30
35
  exec sudo "$0" "$@"
31
36
  exit $?
32
37
  fi
33
38
 
34
- # From here on, we are ROOT
39
+ # Define User Identity
40
+ REAL_USER=${SUDO_USER:-$(whoami)}
41
+ USER_HOME=$(eval echo "~$REAL_USER")
42
+
35
43
  clear
36
44
  echo "------------------------------------------------"
37
- echo "🚀 NHAGUE DEV-STACK: INTERACTIVE SETUP"
45
+ echo "🚀 STACK-MASTER: INTERACTIVE SETUP"
38
46
  echo "------------------------------------------------"
39
47
 
40
- # MODULE 2: PROMPTS
48
+ # MODULE 3: INTERACTIVE PROMPTS
41
49
  read -p "Enter Client Slug (e.g., companyx): " CLIENT
42
50
  read -p "Enter Domain (e.g., companyx.com): " DOMAIN
43
51
 
@@ -49,31 +57,46 @@ else
49
57
  read -p "Enter full path to project: " PROJECT_DIR
50
58
  fi
51
59
 
52
- # MODULE 3: SSL AUTOMATION
53
- echo "Step 3/6: Automating SSL Trust..."
54
- # Fact: We must use the REAL_USER path for certs so they are accessible
55
- REAL_USER=${SUDO_USER:-$(whoami)}
56
- USER_HOME=$(eval echo "~$REAL_USER")
60
+ # MODULE 4: SSL AUTOMATION (Permissions Safe)
61
+ echo "Step 3/6: Automating SSL Trust for $DOMAIN..."
57
62
  CERT_DIR="$USER_HOME/certs/$CLIENT"
58
63
 
64
+ # Fix: Create dir as root but immediately give to user so mkcert works
59
65
  mkdir -p "$CERT_DIR"
60
- # Run mkcert as the real user to ensure it touches their local keychain
61
- sudo -u "$REAL_USER" mkcert -install >/dev/null 2>&1
62
- sudo -u "$REAL_USER" mkcert -cert-file "$CERT_DIR/cert.pem" -key-file "$CERT_DIR/key.pem" \
66
+ chown "$REAL_USER" "$CERT_DIR"
67
+
68
+ # Action: Run mkcert as the local user
69
+ sudo -u "$REAL_USER" "$BREW_PREFIX/bin/mkcert" -install >/dev/null 2>&1
70
+ sudo -u "$REAL_USER" "$BREW_PREFIX/bin/mkcert" -cert-file "$CERT_DIR/cert.pem" -key-file "$CERT_DIR/key.pem" \
63
71
  "$DOMAIN" "*.$DOMAIN" "localhost" "127.0.0.1" >/dev/null 2>&1
64
72
 
65
- # MODULE 4: DNS SPOOFING
73
+ if [ ! -f "$CERT_DIR/cert.pem" ]; then
74
+ echo "❌ Error: SSL Generation Failed. Check permissions on $CERT_DIR"
75
+ exit 1
76
+ fi
77
+
78
+ # MODULE 5: DNS SPOOFING
66
79
  echo "Step 4/6: Updating /etc/hosts..."
67
80
  sed -i '' "/$DOMAIN/d" /etc/hosts
68
81
  echo "127.0.0.1 api.$DOMAIN auth.$DOMAIN console.$DOMAIN db-admin.$DOMAIN app.$DOMAIN $DOMAIN" >> /etc/hosts
69
82
 
70
- # MODULE 5: NGINX GATEWAY
83
+ # MODULE 6: NGINX GATEWAY (Buffer Safe & Ghost-Config Proof)
71
84
  echo "Step 5/6: Configuring Nginx Gateway..."
72
- NGINX_ROOT="/opt/homebrew/etc/nginx"
73
- NGINX_SERVERS="$NGINX_ROOT/servers"
85
+ NGINX_CONF_ROOT="$BREW_PREFIX/etc/nginx"
86
+ NGINX_SERVERS="$NGINX_CONF_ROOT/servers"
74
87
  mkdir -p "$NGINX_SERVERS"
75
88
 
76
- # Fact: Mapping your Five Star stack ports
89
+ # Fix: Prevent "Ghost Configs" from breaking Nginx test
90
+ if ! "$BREW_PREFIX/bin/nginx" -t >/dev/null 2>&1; then
91
+ echo "⚠️ Fact: Nginx is currently blocked by an old/broken config."
92
+ read -p "Would you like to clear all old dev configs now? (y/n): " CLEAR_OLD
93
+ if [[ "$CLEAR_OLD" == "y" ]]; then
94
+ rm -f "$NGINX_SERVERS"/*.conf
95
+ echo "Fact: Stale configs removed."
96
+ fi
97
+ fi
98
+
99
+ # Port Mapping (Five Star Stack)
77
100
  H_PORT=8081
78
101
  K_PORT=8080
79
102
  KONG_PORT=8000
@@ -85,31 +108,23 @@ server {
85
108
  ssl_certificate $CERT_DIR/cert.pem;
86
109
  ssl_certificate_key $CERT_DIR/key.pem;
87
110
 
88
- # HASURA GRAPHQL
89
111
  location /graphql {
90
112
  proxy_pass http://localhost:$H_PORT/v1/graphql;
91
113
  proxy_http_version 1.1;
92
114
  proxy_set_header Upgrade \$http_upgrade;
93
115
  proxy_set_header Connection "upgrade";
94
116
  proxy_set_header Host \$host;
95
- proxy_set_header X-Real-IP \$remote_addr;
96
- proxy_set_header X-Forwarded-Proto \$scheme;
97
117
  }
98
118
 
99
- # KEYCLOAK AUTH (Strict Buffer Math for JWTs)
100
119
  location /auth {
101
120
  proxy_pass http://localhost:$K_PORT/auth;
102
121
  proxy_set_header Host \$host;
103
- proxy_set_header X-Real-IP \$remote_addr;
104
- proxy_set_header X-Forwarded-Proto \$scheme;
105
-
106
- # Fact: Buffer math must be consistent
122
+ # Fact: Standard buffer math for large JWT tokens
107
123
  proxy_buffer_size 128k;
108
124
  proxy_buffers 4 256k;
109
125
  proxy_busy_buffers_size 256k;
110
126
  }
111
127
 
112
- # KONG / CATCH-ALL
113
128
  location / {
114
129
  proxy_pass http://localhost:$KONG_PORT;
115
130
  proxy_set_header Host \$host;
@@ -119,7 +134,7 @@ server {
119
134
  }
120
135
  EOF
121
136
 
122
- # MODULE 6: DOCKER BRIDGE
137
+ # MODULE 7: DOCKER BRIDGE
123
138
  echo "Step 6/6: Generating Docker Override..."
124
139
  cat <<EOF > "$PROJECT_DIR/docker-compose.override.yml"
125
140
  version: '3.8'
@@ -131,15 +146,23 @@ services:
131
146
  auth-webhook:
132
147
  extra_hosts:
133
148
  - "auth.$DOMAIN:host.docker.internal"
149
+ kong:
150
+ extra_hosts:
151
+ - "api.$DOMAIN:host.docker.internal"
152
+ - "auth.$DOMAIN:host.docker.internal"
134
153
  EOF
135
154
 
155
+ # Reset Ownership
136
156
  chown "$REAL_USER" "$PROJECT_DIR/docker-compose.override.yml"
137
157
  chown -R "$REAL_USER" "$CERT_DIR"
138
158
 
139
159
  # RELOAD
140
- echo "Reloading Nginx Native..."
141
- /opt/homebrew/bin/nginx -t && /opt/homebrew/bin/brew services restart nginx
160
+ echo "Reloading Native Nginx..."
161
+ "$BREW_PREFIX/bin/nginx" -t && brew services restart nginx
142
162
 
143
163
  echo "------------------------------------------------"
144
164
  echo "✅ SETUP SUCCESSFUL: $DOMAIN"
165
+ echo "------------------------------------------------"
166
+ echo "URL: https://api.$DOMAIN"
167
+ echo "Path: $PROJECT_DIR"
145
168
  echo "------------------------------------------------"