Updates/general updates

.github/workflows/ci.yml

@@ -11,7 +11,7 @@ jobs:
     strategy:
       matrix:
         os: [macos-latest, ubuntu-latest] #, windows-latest]
-        swift: ["6.0.3"]
+        swift: ["6.2.1"]
       fail-fast: false
     steps:
       - uses: SwiftyLab/setup-swift@latest

.gitignore

@@ -8,3 +8,7 @@ DerivedData/
 .netrc
 /.build 2
 .docker-compose.yml.swp
+ssl
+ssl.zip
+*.tmp
+session-state-*.json

.swiftformat

@@ -11,4 +11,4 @@
 --octalgrouping none
 --disable wrapMultilineStatementBraces
 --swiftversion 6.0.3
---header "{file}\n\nCreated by David Hunt on {created}\nCopyright {created.year} FOS Computer Services, LLC\n\nLicensed under the Apache License, Version 2.0 (the "License");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License."
+--header "{file}\n\nCopyright {created.year} FOS Computer Services, LLC\n\nLicensed under the Apache License, Version 2.0 (the "License");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License."

AI Config Script.txt

@@ -0,0 +1,23 @@
+Treat the attached files as follows:
+
+- docker-compose.yml - a docker compose file
+- Dockerfile-client.txt - a docker file for the front-end 'client' server
+- Dockerfile-server.txt - a docker file for the back-end server
+
+Modify the environment to support the following:
+
+- An nginx server should be placed in front of the front-end and back-end servers
+- The nginx front-end port should be 443
+- The nginx back-end port should be 8081
+- The client and server ports should be 8082 and 8083 respectively
+- Nginx should forward 443 requests to the front-end server
+- Nginx should forward 8081 request to the back-end server
+- Nginx should redirect port 80 requests to port 443
+- The machine running docker will be macos sequoia 15.5
+- The macos machine has a volume /Volumes/FOSWebService on which the logs should be placed for the servers and nginx
+- Retrieve an SSL certificate for the domain *.foscomputerservices.com from AWS Certificate Manager and install it in the nginx server
+- On the macos machine install postgress database
+- Make the postgress database available to the back-end server
+- The postgress database files should be stored on /Volumes/FOSWebService on the macos machine
+- Use nginx version 1.28.0
+- Use postgress version 17

Dockerfile-client

@@ -0,0 +1,89 @@
+# ================================
+# Build image
+# ================================
+
+FROM swift:6.1.0-noble AS build
+
+# Install OS updates
+RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
+    && apt-get -q update \
+    && apt-get -q dist-upgrade -y \
+    && apt-get install -y libjemalloc-dev
+
+# Set up a build area
+WORKDIR /build
+
+# First just resolve dependencies.
+# This creates a cached layer that can be reused
+# as long as your Package.swift/Package.resolved
+# files do not change.
+COPY ./Package.* ./
+RUN swift package resolve \
+        $([ -f ./Package.resolved ] && echo "--force-resolved-versions" || true)
+
+# Copy entire repo into container
+COPY . .
+
+# Build everything, with optimizations, with static linking, and using jemalloc
+# N.B.: The static version of jemalloc is incompatible with the static Swift runtime.
+RUN swift build -c release \
+                --static-swift-stdlib \
+                -Xlinker -ljemalloc \
+                --product VaporLeafWebApp
+
+# Switch to the staging area
+WORKDIR /staging
+
+# Copy main executable to staging area
+RUN cp "$(swift build --package-path /build -c release --show-bin-path)/VaporLeafWebApp" ./
+
+# Copy static swift backtracer binary to staging area
+RUN cp "/usr/libexec/swift/linux/swift-backtrace-static" ./
+
+# Copy resources bundled by SPM to staging area
+RUN find -L "$(swift build --package-path /build -c release --show-bin-path)/" -regex '.*\.resources$' -exec cp -Ra {} ./ \;
+
+# The Public and Resources are served up by the backend server
+# RUN [ -d /build/Public ] && { mv /build/Public ./Public && chmod -R a-w ./Public; } || true
+# RUN [ -d /build/Resources ] && { mv /build/Resources ./Resources && chmod -R a-w ./Resources; } || true
+
+# ================================
+# Run image
+# ================================
+FROM ubuntu:noble
+
+# Make sure all system packages are up to date, and install only essential packages.
+RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
+    && apt-get -q update \
+    && apt-get -q dist-upgrade -y \
+    && apt-get -q install -y \
+      libjemalloc2 \
+      ca-certificates \
+      tzdata \
+# If your app or its dependencies import FoundationNetworking, also install `libcurl4`.
+      libcurl4 \
+# If your app or its dependencies import FoundationXML, also install `libxml2`.
+      # libxml2 \
+    && rm -r /var/lib/apt/lists/*
+
+# Create a vapor user and group with /VaporLeafWebApp as its home directory
+RUN useradd --user-group --create-home --system --skel /dev/null --home-dir /VaporLeafWebApp vapor
+
+# Switch to the new home directory
+WORKDIR /VaporLeafWebApp
+
+# Copy built executable and any staged resources from builder
+COPY --from=build --chown=vapor:vapor /staging /VaporLeafWebApp
+
+# Provide configuration needed by the built-in crash reporter and some sensible default behaviors.
+ENV SWIFT_BACKTRACE=enable=yes,sanitize=yes,threads=all,images=all,interactive=no,swift-backtrace=./swift-backtrace-static
+
+# Ensure all further commands run as the vapor user
+USER vapor:vapor
+
+# Let Docker bind to the new internal port 8082
+EXPOSE 8082
+
+# Start the Vapor service when the image is run, default to listening on 8082 in production environment
+ENTRYPOINT ["./VaporLeafWebApp"]
+CMD ["serve", "--env", "production", "--hostname", "0.0.0.0", "--port", "8082"]

Dockerfile-nginx

@@ -0,0 +1,18 @@
+# Dockerfile.nginx
+
+# Use the official Nginx image with version 1.28.0 as a base
+FROM nginx:1.28.0
+
+# Copy the custom Nginx configuration file into the container
+COPY nginx.conf /etc/nginx/nginx.conf
+
+# Create a directory for SSL certificates inside the container
+# This directory will be mounted with the host's SSL certificate files
+RUN mkdir -p /etc/nginx/ssl
+
+# Expose the ports Nginx will listen on
+EXPOSE 443
+EXPOSE 8081
+
+# The default Nginx CMD will start Nginx
+CMD ["nginx", "-g", "daemon off;"]

Dockerfile → Dockerfile-server

@@ -2,7 +2,7 @@
 # Build image
 # ================================
 
-FROM swift:6.0.3-noble AS build
+FROM swift:6.1.0-noble AS build
 
 # Install OS updates
 RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
@@ -28,7 +28,8 @@ COPY . .
 # N.B.: The static version of jemalloc is incompatible with the static Swift runtime.
 RUN swift build -c release \
                 --static-swift-stdlib \
-                -Xlinker -ljemalloc
+                -Xlinker -ljemalloc \
+                --product VaporWebServer
 
 # Switch to the staging area
 WORKDIR /staging
@@ -50,7 +51,7 @@ RUN [ -d /build/Resources ] && { mv /build/Resources ./Resources && chmod -R a-w
 # ================================
 # Run image
 # ================================
-FROM ubuntu:jammy
+FROM ubuntu:noble
 
 # Make sure all system packages are up to date, and install only essential packages.
 RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
@@ -60,8 +61,9 @@ RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
       libjemalloc2 \
       ca-certificates \
       tzdata \
-# If your app or its dependencies import FoundationNetworking, also install `libcurl4`.
       libcurl4 \
+      # Install PostgreSQL client development files for Swift Vapor
+      libpq-dev \
 # If your app or its dependencies import FoundationXML, also install `libxml2`.
       # libxml2 \
     && rm -r /var/lib/apt/lists/*
@@ -81,9 +83,9 @@ ENV SWIFT_BACKTRACE=enable=yes,sanitize=yes,threads=all,images=all,interactive=n
 # Ensure all further commands run as the vapor user
 USER vapor:vapor
 
-# Let Docker bind to port 8080
-EXPOSE 8080
+# Let Docker bind to the new internal port 8083
+EXPOSE 8083
 
-# Start the Vapor service when the image is run, default to listening on 8080 in production environment
+# Start the Vapor service when the image is run, default to listening on 8083 in production environment
 ENTRYPOINT ["./VaporWebServer"]
-CMD ["serve", "--env", "production", "--hostname", "0.0.0.0", "--port", "8080"]
+CMD ["serve", "--env", "production", "--hostname", "0.0.0.0", "--port", "8083"]