nap

[WIP] NextJS/ApolloJS/PassportJS Build in Next JS for SSR, Apollo Client for GraphQL, Passport JS for authentication, Docker for development and production.

Overview

○ Docker

├─ ○ NodeJS

│  ├─ ○ NextJS

│  │  ├─ ./pages      : /usr/app/pages

│  │  ├─ ./components : /usr/app/components

│  │  ├─ ./lib        : /usr/app/lib

│  │  ├─ ./routes     : /usr/app/routes

│  │  └─ ./server     : /usr/app/server

│  │

│  ├─ ○ Apollo

│  │  └─ ./graphql    : /usr/app/graphql

│  │

│  └─ ○ PassportJS

│     └─ ./providers  : /usr/app/providers

│

├─ ○ Redis            : redis://redis

│  └─ data            : /data

│

└─ ○ MongoDB          : mongodb://mongo/graphql

   └─ data            : /data/db

Stacks

• next for SSR React.


• apollo for GraphQL client.


• passport for Express authentication.

Extras

• express for web framework.


• express-session for persist session via Redis.


• graphql-compose for build GraphQL types from Mongoose with resolvers.


• mongoose-role for manage user roles and user access levels


• modclean for smaller node_modules.


• mailgun for send email.


• passport-local for email/password login.


• passport-facebook-token for authenticating with Facebook access tokens.


• helmet : https://github.com/helmetjs/helmet


• lusca for web application security middleware.


• platform for detect client platform.


• commitizen for commit formatting.

Configurations

Copy from .env.example template and .env as you wish

cp .env.example .env

Develop

# Will build and run then attach with docker compose (it take sometime for first build)

npm run up-dev



# Try modify files and see the HMR result

open http://localhost:3000



# Try modify file in ./graphql and see the result via GraphiQL

open http://localhost:3000/graphql

Debug

• Server side : Use VSCode and press F5 to attach with nodejs


• Client side : Use Chrome Dev Tool

Addition

# Will kill all and tear down

npm run down



# Will dive into container

npm run in

Production

# Will pull image and run with docker compose (won't build)

npm run up

Test

# Will need to run server for integration test (WIP)

npm run up-dev



# To test all with Jest

npm run test



# To see coverage

npm run cover

Passport (cookie)

• Facebook : http://localhost:3000/auth/facebook/


• Github : http://localhost:3000/auth/github/


• Twitter : http://localhost:3000/auth/twitter/


• Google : http://localhost:3000/auth/google/


• Local : With email/password

Passport (token via GraphQL)

• Facebook : nap-react-native


• Login with email and password

Client example

• Login/Logout with Facebook from React Native.


• Login/Logout with Facebook from NextJS.

DOING

• Optional asking for user from facebook graph query.


• Link facebook-token with auth/facebook user.


• Link facebook-token with auth/email user.


• Unlink Facebook via React web.


• Handle cookies via React Native

TODO

• Add HOC to nap-react-native


• Create doc separated from this README as github page.


• Add Swarm mode stack


• Gracefully shutdown : https://github.com/heroku-examples/node-articles-nlp/blob/master/lib/server.js#L31


• Gracefully shutdown : https://github.com/sebhildebrandt/http-graceful-shutdown


• Don't run as root : https://github.com/jdleesmiller/docker-chat-demo/blob/master/Dockerfile


• Don't run as root : https://github.com/davidbarton/docker-node-tini/blob/master/Dockerfile#L34


• Separated Dockerfile : https://docs.docker.com/compose/compose-file/#build


• More secure with lusca


• Securing a Containerized Instance of MongoDB : http://rancher.com/securing-containerized-instance-mongodb/


• Docker Secrets : https://semaphoreci.com/community/tutorials/managing-secrets-in-docker-swarm

TOTEST

• Redis fail test.


• MongoDB fail test.


• HTTP fail test.


• HTTPS fail test.


• Unit test graphql-compose.


• Basic signin test.


• Passport test.


• Sessions expire test.


• Chaos testing with pumba

TOCUSTOM

• Custom MongoDB replication docker exec -it node1 mongo --eval "rs.initiate()"


• Run Multiple Docker Environments (qa, stage, prod) from the Same docker-compose File.


• HTTPS with https://github.com/expressjs/session#cookiesecure


• Production vs Development. docker-compose -f docker-compose.yml -f production.yml up -d


• Container config e.g. restart policy, limits CPU/RAM.


• Docker multi-stage build : https://codefresh.io/blog/node_docker_multistage/

TOHAVE

• Node Report : https://github.com/nodejs/node-report


• Docker driver lvm-direct


• Use base-image? https://github.com/phusion/passenger-docker


• GraphQL subscriptions :https://github.com/apollographql/graphql-subscriptions


• Fallback for Redis session store.


• Add MongoDB replica set/sharding? https://github.com/sisteming/mongodb-swarm


• Cache MongoDB with mongoose-cache


• Admin Dashboard with SSH.


• Authen with mobile via Digits


• Backing Up and Restoring Data Volumes


• how-to-copy-docker-images-from-one-host-to-another-without-via-repository


• Back up and restore dockerized MongoDB


• Export Docker Mongo Data


• Add Nginx TLS container : https://github.com/rabbotio/nginx-certbot


• Add HTTPS : https://github.com/vfarcic/docker-flow-stacks/blob/master/ssl/README.md