From bb47f7a92f134ad2774ef18a0a5abb629a7fe27a Mon Sep 17 00:00:00 2001 From: Reginald Bondoc Date: Mon, 5 Dec 2022 21:17:59 +0100 Subject: [PATCH] Pre-bake some vars and change telemetry handling --- docker-compose.dev.yml | 10 ++--- docker-compose.yml | 10 +---- docs/self-hosting/configuration/envars.mdx | 24 +++++------ frontend/Dockerfile | 29 ++++++++++--- frontend/components/analytics/posthog.js | 3 +- frontend/components/utilities/attemptLogin.js | 18 +++----- frontend/components/utilities/config/index.ts | 3 -- .../utilities/telemetry/Telemetry.js | 43 +++++++++++++++++++ frontend/pages/_app.js | 10 ++--- frontend/scripts/replace-variable.sh | 16 +++++++ frontend/scripts/set-telemetry.sh | 8 ++++ frontend/scripts/start.sh | 14 ++++++ 12 files changed, 130 insertions(+), 58 deletions(-) create mode 100644 frontend/components/utilities/telemetry/Telemetry.js create mode 100644 frontend/scripts/replace-variable.sh create mode 100644 frontend/scripts/set-telemetry.sh create mode 100644 frontend/scripts/start.sh diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index 6eabfe4d96..949a96c7d6 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -23,7 +23,6 @@ services: build: context: ./backend dockerfile: Dockerfile - image: infisical/backend volumes: - ./backend/src:/app/src - ./backend/nodemon.json:/app/nodemon.json @@ -43,7 +42,6 @@ services: build: context: ./frontend dockerfile: Dockerfile.dev - image: infisical/frontend volumes: - ./frontend/pages:/app/pages - ./frontend/public:/app/public @@ -52,12 +50,8 @@ services: env_file: .env environment: - NEXT_PUBLIC_ENV=development - - NEXT_PUBLIC_WEBSITE_URL=${SITE_URL} - - NEXT_PUBLIC_POSTHOG_HOST=${POSTHOG_HOST} - - NEXT_PUBLIC_POSTHOG_API_KEY=${POSTHOG_PROJECT_API_KEY} - NEXT_PUBLIC_STRIPE_PRODUCT_PRO=${STRIPE_PRODUCT_PRO} - NEXT_PUBLIC_STRIPE_PRODUCT_STARTER=${STRIPE_PRODUCT_STARTER} - - NEXT_PUBLIC_TELEMETRY_ENABLED=${TELEMETRY_ENABLED} networks: - infisical-dev @@ -78,6 +72,8 @@ services: container_name: infisical-dev-mongo-express image: mongo-express restart: always + depends_on: + - mongo env_file: .env environment: - ME_CONFIG_MONGODB_ADMINUSERNAME=${MONGO_USERNAME} @@ -93,4 +89,4 @@ volumes: driver: local networks: - infisical-dev: \ No newline at end of file + infisical-dev: diff --git a/docker-compose.yml b/docker-compose.yml index 6fd3a951df..c719464aeb 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -22,9 +22,6 @@ services: restart: unless-stopped depends_on: - mongo - build: - context: ./backend - dockerfile: Dockerfile image: infisical/backend command: npm run start env_file: .env @@ -42,13 +39,10 @@ services: image: infisical/frontend env_file: .env environment: - - NEXT_PUBLIC_ENV=production - - NEXT_PUBLIC_WEBSITE_URL=${SITE_URL} - - NEXT_PUBLIC_POSTHOG_HOST=${POSTHOG_HOST} - - NEXT_PUBLIC_POSTHOG_API_KEY=${POSTHOG_PROJECT_API_KEY} + # - NEXT_PUBLIC_POSTHOG_API_KEY=${POSTHOG_PROJECT_API_KEY} + - INFISICAL_TELEMETRY_ENABLED=${TELEMETRY_ENABLED} - NEXT_PUBLIC_STRIPE_PRODUCT_PRO=${STRIPE_PRODUCT_PRO} - NEXT_PUBLIC_STRIPE_PRODUCT_STARTER=${STRIPE_PRODUCT_STARTER} - - NEXT_PUBLIC_TELEMETRY_ENABLED=${TELEMETRY_ENABLED} networks: - infisical diff --git a/docs/self-hosting/configuration/envars.mdx b/docs/self-hosting/configuration/envars.mdx index bea36da324..a55efbebc6 100644 --- a/docs/self-hosting/configuration/envars.mdx +++ b/docs/self-hosting/configuration/envars.mdx @@ -9,24 +9,24 @@ Configuring Infisical requires setting some environment variables. There is a fi | Variable | Description | Default Value | | ---------------------------- | ----------------------------------------------------------------------------------------------------------- | ---------------- | -| `PRIVATE_KEY` | ❗️ NaCl-generated server secret key | `None` | -| `PUBLIC_KEY` | ❗️ NaCl-generated server public key | `None` | -| `ENCRYPTION_KEY` | ❗️ Strong hex encryption key | `None` | -| `JWT_SIGNUP_SECRET` | ❗️JWT token secret | `None` | -| `JWT_REFRESH_SECRET` | ❗️ JWT token secret | `None` | -| `JWT_AUTH_SECRET` | ❗️ JWT token secret | `None` | +| `PRIVATE_KEY` | ❗️ NaCl-generated server secret key | `None` | +| `PUBLIC_KEY` | ❗️ NaCl-generated server public key | `None` | +| `ENCRYPTION_KEY` | ❗️ Strong hex encryption key | `None` | +| `JWT_SIGNUP_SECRET` | ❗️ JWT token secret | `None` | +| `JWT_REFRESH_SECRET` | ❗️ JWT token secret | `None` | +| `JWT_AUTH_SECRET` | ❗️ JWT token secret | `None` | | `JWT_SIGNUP_LIFETIME` | JWT token lifetime expressed in seconds or a string describing a time span (e.g. 60, "2 days", "10h", "7d") | `15m` | | `JWT_REFRESH_LIFETIME` | JWT token lifetime expressed in seconds or a string describing a time span (e.g. 60, "2 days", "10h", "7d") | `90d` | | `JWT_AUTH_LIFETIME` | JWT token lifetime expressed in seconds or a string describing a time span (e.g. 60, "2 days", "10h", "7d") | `10d` | | `EMAIL_TOKEN_LIFETIME` | Email OTP/magic-link lifetime expressed in seconds | `86400` | -| `MONGO_URL` | ❗️ MongoDB instance connection string either to container instance or MongoDB Cloud | `None` | +| `MONGO_URL` | ❗️ MongoDB instance connection string either to container instance or MongoDB Cloud | `None` | | `MONGO_USERNAME` | MongoDB username if using container | `None` | | `MONGO_PASSWORD` | MongoDB password if using container | `None` | -| `SITE_URL` | ❗️ Site URL - should be an absolute URL including the protocol (e.g. `https://app.infisical.com`) | `None` | -| `SMT_HOST` | Whether the user joined the community | `smtp.gmail.com` | -| `SMTP_NAME` | Hostname to connect to for establishing SMTP connections (e.g. `Team`) | `None` | -| `SMTP_USERNAME` | ❗️ Credential to connect to host (e.g. `team@infisical.com`) | `None` | -| `SMTP_PASSWORD` | ❗️ Credential to connect to host | `None` | +| `SITE_URL` | ❗️ Site URL - should be an absolute URL including the protocol (e.g. `https://app.infisical.com`) | `None` | +| `SMTP_HOST` | Hostname to connect to for establishing SMTP connections | `smtp.gmail.com` | +| `SMTP_NAME` | Name label to be used in From field (e.g. `Team`) | `None` | +| `SMTP_USERNAME` | ❗️ Credential to connect to host (e.g. `team@infisical.com`) | `None` | +| `SMTP_PASSWORD` | ❗️ Credential to connect to host | `None` | | `TELEMETRY_ENABLED` | `true` or `false`. [More](../overview). | `true` | | `OAUTH_CLIENT_SECRET_HEROKU` | OAuth client secret for Heroku integration | `None` | | `OAUTH_TOKEN_URL_HEROKU` | OAuth token URL for Heroku integration | `None` | diff --git a/frontend/Dockerfile b/frontend/Dockerfile index cc65b2ebac..5e59c68aad 100644 --- a/frontend/Dockerfile +++ b/frontend/Dockerfile @@ -1,3 +1,6 @@ +ARG POSTHOG_HOST=https://app.posthog.com +ARG POSTHOG_API_KEY=posthog-api-key + FROM node:16-alpine AS deps # Install dependencies only when needed. Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed. # RUN apk add --no-cache libc6-compat @@ -19,23 +22,34 @@ COPY --from=deps /app/node_modules ./node_modules # Copy all files COPY . . +ENV NODE_ENV production +ENV NEXT_PUBLIC_ENV production +ARG POSTHOG_HOST +ENV NEXT_PUBLIC_POSTHOG_HOST $POSTHOG_HOST +ARG POSTHOG_API_KEY +ENV NEXT_PUBLIC_POSTHOG_API_KEY $POSTHOG_API_KEY + # Build RUN npm run build -# Production image, copy all the files and run next +# Production image FROM node:16-alpine AS runner WORKDIR /app -ENV NODE_ENV production - RUN addgroup --system --gid 1001 nodejs RUN adduser --system --uid 1001 nextjs -COPY --from=builder /app/public ./public +RUN mkdir -p /app/.next/cache/images && chown nextjs:nodejs /app/.next/cache/images +VOLUME /app/.next/cache/images -# Automatically leverage output traces to reduce image size -# https://nextjs.org/docs/advanced-features/output-file-tracing +ARG POSTHOG_API_KEY +ENV NEXT_PUBLIC_POSTHOG_API_KEY=$POSTHOG_API_KEY \ + BAKED_NEXT_PUBLIC_POSTHOG_API_KEY=$POSTHOG_API_KEY + +COPY --chown=nextjs:nodejs --chmod=555 scripts ./scripts +COPY --from=builder /app/public ./public +RUN chown nextjs:nodejs ./public/data COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static @@ -44,6 +58,7 @@ USER nextjs EXPOSE 3000 ENV PORT 3000 +ENV NEXT_TELEMETRY_DISABLED 1 -CMD ["node", "server.js"] +CMD ["/app/scripts/start.sh"] diff --git a/frontend/components/analytics/posthog.js b/frontend/components/analytics/posthog.js index c8d51ad1b6..be12ba4188 100644 --- a/frontend/components/analytics/posthog.js +++ b/frontend/components/analytics/posthog.js @@ -4,12 +4,11 @@ import { ENV, POSTHOG_API_KEY, POSTHOG_HOST, - TELEMETRY_ENABLED, } from "../utilities/config"; export const initPostHog = () => { if (typeof window !== "undefined") { - if (ENV == "production" && TELEMETRY_ENABLED) { + if (ENV == "production" && TELEMETRY_CAPTURING_ENABLED) { posthog.init(POSTHOG_API_KEY, { api_host: POSTHOG_HOST, }); diff --git a/frontend/components/utilities/attemptLogin.js b/frontend/components/utilities/attemptLogin.js index 767fcb400d..5fe00dc9ae 100644 --- a/frontend/components/utilities/attemptLogin.js +++ b/frontend/components/utilities/attemptLogin.js @@ -4,10 +4,9 @@ import login2 from "~/pages/api/auth/Login2"; import getOrganizations from "~/pages/api/organization/getOrgs"; import getOrganizationUserProjects from "~/pages/api/organization/GetOrgUserProjects"; -import { initPostHog } from "../analytics/posthog"; import pushKeys from "./secrets/pushKeys"; -import { ENV } from "./config"; import SecurityClient from "./SecurityClient"; +import Telemetry from "./telemetry/Telemetry"; const nacl = require("tweetnacl"); nacl.util = require("tweetnacl-util"); @@ -33,6 +32,8 @@ const attemptLogin = async ( ) => { try { let userWorkspace, userOrg; + const telemetry = new Telemetry().getInstance(); + client.init( { username: email, @@ -159,16 +160,9 @@ const attemptLogin = async ( "Development" ); } - try { - if (email) { - if (ENV == "production") { - const posthog = initPostHog(); - posthog.identify(email); - posthog.capture("User Logged In"); - } - } - } catch (error) { - console.log("posthog", error); + if (email) { + telemetry.identify(email); + telemetry.capture("User Logged In"); } if (isLogin) { diff --git a/frontend/components/utilities/config/index.ts b/frontend/components/utilities/config/index.ts index 62549725ca..d0ffed00c0 100644 --- a/frontend/components/utilities/config/index.ts +++ b/frontend/components/utilities/config/index.ts @@ -4,8 +4,6 @@ const POSTHOG_HOST = process.env.NEXT_PUBLIC_POSTHOG_HOST! || "https://app.posthog.com"; const STRIPE_PRODUCT_PRO = process.env.NEXT_PUBLIC_STRIPE_PRODUCT_PRO!; const STRIPE_PRODUCT_STARTER = process.env.NEXT_PUBLIC_STRIPE_PRODUCT_STARTER!; -const TELEMETRY_ENABLED = - process.env.NEXT_PUBLIC_TELEMETRY_ENABLED! !== "false"; export { ENV, @@ -13,5 +11,4 @@ export { POSTHOG_HOST, STRIPE_PRODUCT_PRO, STRIPE_PRODUCT_STARTER, - TELEMETRY_ENABLED, }; diff --git a/frontend/components/utilities/telemetry/Telemetry.js b/frontend/components/utilities/telemetry/Telemetry.js new file mode 100644 index 0000000000..4de6ab5ce8 --- /dev/null +++ b/frontend/components/utilities/telemetry/Telemetry.js @@ -0,0 +1,43 @@ +import { initPostHog } from "~/components/analytics/posthog"; +import { ENV } from "~/components/utilities/config"; + +class Capturer { + constructor() { + this.api = initPostHog(); + } + + capture(item) { + if (ENV == "production" && TELEMETRY_CAPTURING_ENABLED) { + try { + api.capture(item); + } catch (error) { + console.error("PostHog", error); + } + } + } + + identify(id) { + if (ENV == "production" && TELEMETRY_CAPTURING_ENABLED) { + try { + api.identify(id); + } catch (error) { + console.error("PostHog", error); + } + } + } + +} + +class Telemetry { + constructor() { + if (!Telemetry.instance) { + Telemetry.instance = new Capturer(); + } + } + + getInstance() { + return Telemetry.instance; + } +} + +module.exports = Telemetry; diff --git a/frontend/pages/_app.js b/frontend/pages/_app.js index 6ed9af0131..8bc612b3c0 100644 --- a/frontend/pages/_app.js +++ b/frontend/pages/_app.js @@ -2,11 +2,10 @@ import { useEffect } from "react"; import { useRouter } from "next/router"; import { config } from "@fortawesome/fontawesome-svg-core"; -import { initPostHog } from "~/components/analytics/posthog"; import Layout from "~/components/basic/layout"; import RouteGuard from "~/components/RouteGuard"; import { publicPaths } from "~/const"; -import { ENV } from "~/utilities/config"; +import Telemetry from "~/utilities/telemetry/Telemetry"; import "@fortawesome/fontawesome-svg-core/styles.css"; import "../styles/globals.css"; @@ -15,17 +14,14 @@ config.autoAddCss = false; const App = ({ Component, pageProps, ...appProps }) => { const router = useRouter(); - const posthog = initPostHog(); useEffect(() => { // Init for auto capturing - const posthog = initPostHog(); + const telemetry = new Telemetry().getInstance(); const handleRouteChange = () => { if (typeof window !== "undefined") { - if (ENV == "production") { - posthog.capture("$pageview"); - } + telemetry.capture("$pageview"); } }; diff --git a/frontend/scripts/replace-variable.sh b/frontend/scripts/replace-variable.sh new file mode 100644 index 0000000000..ae449b0e82 --- /dev/null +++ b/frontend/scripts/replace-variable.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +ORIGINAL=$1 +REPLACEMENT=$2 + +if [ "${ORIGINAL}" = "${REPLACEMENT}" ]; then + echo "Replacement is the same, skipping.." + exit 0 +fi + +echo "Replacing pre-baked value.." + +find /app/public /app/.next -type f ! -name "*.png" ! -name "*.svg" ! -name "*.gif" ! -name "*.jpg" ! -name "*.jpeg" ! -name "*.ico" | +while read file; do + sed -i "s|$ORIGINAL|$REPLACEMENT|g" "$file" +done diff --git a/frontend/scripts/set-telemetry.sh b/frontend/scripts/set-telemetry.sh new file mode 100644 index 0000000000..75cac7ce35 --- /dev/null +++ b/frontend/scripts/set-telemetry.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +VALUE=$1 + +find /app/public /app/.next -type f ! -name "*.png" ! -name "*.svg" ! -name "*.gif" ! -name "*.jpg" ! -name "*.jpeg" ! -name "*.ico" | +while read file; do + sed -i "s|TELEMETRY_CAPTURING_ENABLED|$VALUE|g" "$file" +done diff --git a/frontend/scripts/start.sh b/frontend/scripts/start.sh new file mode 100644 index 0000000000..05a1f219af --- /dev/null +++ b/frontend/scripts/start.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +scripts/replace-variable.sh "$BAKED_NEXT_PUBLIC_POSTHOG_API_KEY" "$NEXT_PUBLIC_POSTHOG_API_KEY" + +if [ "$INFISICAL_TELEMETRY_ENABLED" != "false" ]; then + echo "Telemetry is enabled" + scripts/set-telemetry.sh true +else + echo "Client opted out of telemetry" + scripts/set-telemetry.sh false +fi + + +node server.js