Boilerplate for viewer of API document with authentication.
In this boilerplate example, the google-oauth2 authentication (without devise) converts the moneyforward API document to slate format and displays it.
The moneyforward API documentation is borrowed from the head family.
- yarn (1.19.0)
- nodejs (v12.7.0)
- webpack (4.41.2)
- ruby (ruby 2.5.3p105 (2018-10-18 revision 65156) [x86_64-darwin18])
- Rails (6.0.0)
- slate (latest)
- widdershins (latest)
- js-yaml (latest)
A description of the components of this tool.
component | description |
---|---|
server | Server for running artifacts (API document) generated by generator . IP address restriction is set so that the API document can only be viewed from the viewer . |
certs | Prepare a public key and a private key to access github with the names id_rsa and id_rsa.pub . |
generator | Prepare the artifacts of the API document that you want to display. Build please set to be in a form that contains the index.html in the directory. In this example, the moneyforward API document (OpenAPI) is converted to slate format markdown with a tool called widdershins , and built with slate. |
viewer | API document viewer with google-oauth2 authentication. When authentication is passed, the API document running with server is displayed in iframe. |
tmp | A place where temporary artifacts during a build are spit out. Currently, it is a place to dump the build result of the ERB format nginx configuration file. |
item | description | default |
---|---|---|
APIDOC_TITLE | API document title | moneyforward |
APIDOC_URL | server URL of server |
http://0.0.0.0:8080 |
VIEWER_DATABASE_NAME | viewer database name |
viewer_production |
VIEWER_DATABASE_USERNAME | viewer database username |
postgres |
VIEWER_DATABASE_PASSWORD | viewer database password |
|
VIEWER_DATABASE_PORT | viewer database port |
5432 |
GOOGLE_CLIENT_ID | google-oauth2 client ID | |
GOOGLE_CLIENT_SECRET | google-oauth2 client secret | |
VIEWER_PORT | viewer port |
3000 |
APIDOC_PORT | server port |
8080 |
APIDOC_SSL_PORT | server ssl port |
443 |
APIDOC_SSL_CERT | server cert |
|
APIDOC_SSL_CERT_KEY | server cert key |
|
APIDOC_SERVER_NAME | server server name |
_ |
APP_BRANCH | The branch of the app that manages the API document files | master |
IPV4_ADDRESS_APIDOC | server IP Address |
172.25.0.103 |
IPV4_ADDRESS_VIEWER_BACKEND | viewer(backend) IP Address |
172.25.0.100 |
IPV4_ADDRESS_VIEWER_FRONTEND | viewer(frontend) IP Address |
172.25.0.101 |
IPV4_ADDRESS_VIEWER_DB | viewer(db) IP Address |
172.25.0.102 |
IPV4_ADDRESS_GENERATOR | generator IP Address |
172.25.0.104 |
APIDOC_SUBNET | Component county subnet for viewing API documentation | 172.25.0.0/24 |
APIDOC_SUBNET_DEFAULT_GATEWAY | Subnet default gateway | 172.25.0.1 |
EXTERNAL_IP | deployed instance External IP | 127.0.0.1 |
ELB_SUBNET_ADDRESS | ELB network address | |
HSTS_MAX_AGE | HTTP_Strict_Transport_Security max_age(valid production ssl) | 31536000 |
Prepare an .env
file. Make appropriate settings after copying.
GOOGLE_CLIENT_ID
・ If GOOGLE_CLIENT_SECRET
is set, it should work.
cp .env.sample .env
When accessing a private repository, copy the private key and public key. The name must be id_rsa
and id_rsa.pub
.
cp ~/.ssh/id_rsa ./certs/id_rsa
cp ~/.ssh/id_rsa.pub ./certs/id_rsa.pub
You need to configure viewer to use it in production environment, and execute the followiing command to prepare config/master.key
cd viewer
bundle install --path vendor/bundle
rm config/master.key
rm config/credentials.yml.enc
EDITOR=vim bundle exec rails credentials:edit
when depoying with using docker image cache.
/bin/bash deploy_dev.sh # development
/bin/bash deploy_prod.sh # production
when deploying without using docker image cache.
/bin/bash deploy_dev.sh --no-cache # development
/bin/bash deploy_prod.sh --no-cache # production
※ There is a problem that the cache of the image you want to cache is not effective even if --no-cache
is not specified, but
it does not affect the operation.
※ It takes a long time and takes about 5~10 minutes.
Refre to this document, prepare cert file
and private key
in server/ssl
.
The metohod is the same as ## Deploy
when deploying with using docker image cache.
/bin/bash deploy_ssl_dev.sh # development
/bin/bash deploy_ssl_prod.sh # production
when deploying without using docker image cache.
/bin/bash deploy_ssl_dev.sh --no-cache # development
/bin/bash deploy_ssl_prod.sh --no-cache # production