-
Notifications
You must be signed in to change notification settings - Fork 87
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #319 from opengovsg/release-4.34.1
build: [master] Release 4.34.1
- Loading branch information
Showing
136 changed files
with
6,126 additions
and
4,704 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,10 +2,10 @@ | |
|
||
This document details what is needed to create an environment to run FormSG in AWS. | ||
|
||
### Build and run your nodejs app | ||
## Build and run your NodeJS app | ||
|
||
``` | ||
$ npm install | ||
```bash | ||
npm install | ||
$ npm run build | ||
$ npm start | ||
``` | ||
|
@@ -25,7 +25,7 @@ As a prerequisite for EB deployment, make sure you have already created your AWS | |
|
||
### Dockerrun.aws.json | ||
|
||
``` | ||
```json | ||
{ | ||
"AWSEBDockerrunVersion": "1", | ||
"Image": { | ||
|
@@ -52,7 +52,7 @@ FormSG supports storing of users' Twilio API credentials using AWS Secret Manage | |
|
||
Firstly, name the secret with a unique secret name and store the secret value in the following format: | ||
|
||
``` | ||
```json | ||
{ | ||
"accountSid": "", | ||
"apiKey": "", | ||
|
@@ -96,7 +96,7 @@ The following env variables are set in Travis: | |
|
||
### Core Features | ||
|
||
#### App and Database | ||
#### App Config | ||
|
||
| Variable | Description | | ||
| :----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | ||
|
@@ -105,25 +105,36 @@ The following env variables are set in Travis: | |
| `APP_URL` | Defaults to `'https://form.gov.sg'`. | | ||
| `APP_KEYWORDS` | Defaults to `'forms, formbuilder, nodejs'`. | | ||
| `APP_IMAGES` | Defaults to `'/public/modules/core/img/og/img_metatag.png,/public/modules/core/img/og/logo-vertical-color.png'`. | | ||
| `APP_TWITTER_IMAGE` | ath to Twitter image. Defaults to `'/public/modules/core/img/og/logo-vertical-color.png'`. | | ||
| `APP_TWITTER_IMAGE` | Path to Twitter image. Defaults to `'/public/modules/core/img/og/logo-vertical-color.png'`. | | ||
|
||
#### App and Database | ||
|
||
| Variable | Description | | ||
| :----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | ||
| `DB_HOST` | A MongoDB URI. | | ||
| `OTP_LIFE_SPAN` | Time in milliseconds that admin login OTP is valid for. Defaults to 900000ms or 15 minutes. | | ||
| `BOUNCE_LIFE_SPAN` | Time in milliseconds that bounces are tracked for each form. Defaults to 1800000ms or 30 minutes. Only relevant if you have set up AWS to send bounce and delivery notifications to the /emailnotifications endpoint. | | ||
| `PORT` | Server port. Defaults to `5000`. | | ||
| `NODE_ENV` | [Express environment mode](https://expressjs.com/en/advanced/best-practice-performance.html#set-node_env-to-production). Defaults to `'development'`. This should always be set to a production environment | | ||
| `SESSION_SECRET` | Secret for `express-session`. Defaults to `'sandcrawler-138577'`. This should always be set in a production environment. | | ||
| `SUBMISSIONS_TOP_UP` | Use this to inflate the number of submissions displayed on the landing page. Defaults to `0`. | | ||
|
||
#### Banners | ||
|
||
| Variable | Description | | ||
| :----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | ||
| `SITE_BANNER_CONTENT` | If set, displays a banner message on both private routes that `ADMIN_BANNER_CONTENT` covers **and** public form routes that `IS_GENERAL_MAINTENANCE` covers. Overrides all other banner environment variables | | ||
| `ADMIN_BANNER_CONTENT` | If set, displays a banner message on private admin routes such as the form list page as well as form builder pages. | | ||
| `IS_LOGIN_BANNER` | If set, displays a banner message on the login page | | ||
| `IS_GENERAL_MAINTENANCE` | If set, displays a banner message on all forms. Overrides `IS_SP_MAINTENANCE` and `IS_CP_MAINTENANCE`. | | ||
| `IS_SP_MAINTENANCE` | If set, displays a banner message on SingPass forms. Overrides `IS_CP_MAINTENANCE`. | | ||
| `IS_CP_MAINTENANCE` | If set, displays a banner message on SingPass forms. | | ||
| `SUBMISSIONS_TOP_UP` | Use this to inflate the number of submissions displayed on the landing page. Defaults to `0`. | | ||
|
||
#### AWS services | ||
|
||
| Variable | Description | | ||
| :---------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- | | ||
| `AWS_REGION` | AWS region. | | ||
| `AWS_ACCESS_KEY_ID` | AWS IAM access key ID used to access S3. | | ||
| `AWS_SECRET_ACCESS_KEY` | AWS IAM access secret used to access S3. | | ||
| `AWS_ENDPOINT` | AWS S3 bucket endpoint. | | ||
| `IMAGE_S3_BUCKET` | Name of S3 bucket for image field uploads. | | ||
| `LOGO_S3_BUCKET` | Name of S3 bucket for form logo uploads. | | ||
| `LOGO_S3_BUCKET` | Name of S3 bucket for form logo uploads. | | ||
|
@@ -145,13 +156,12 @@ The following env variables are set in Travis: | |
| `SES_PASS` | SMTP password. | | ||
| `SES_MAX_MESSAGES` | Nodemailer configuration. Connection removed and new one created when this limit is reached. This helps to keep the connection up-to-date for long-running email messaging. Defaults to `100`. | | ||
| `SES_POOL` | Connection pool to send email in parallel to the SMTP server. Defaults to `38`. | | ||
| `SES_RATE` | Maximum email to send per second, or per `rateDelta` if supplied. | | ||
| `SES_RATEDELTA` | Defines the time measuring period in milliseconds for rate limiting. Defaults to `1000`. | | ||
| `MAIL_FROM` | Sender email address. Defaults to `'[email protected]'`. | | | ||
| `MAIL_SOCKET_TIMEOUT` | Milliseconds of inactivity to allow before killing a connection. This helps to keep the connection up-to-date for long-running email messaging. Defaults to `600000`. | | ||
| `MAIL_LOGGER` | If set to true then logs to console. If value is not set or is false then nothing is logged. | | ||
| `MAIL_DEBUG` | If set to `true`, then logs SMTP traffic, otherwise logs only transaction events. | | ||
| `CHROMIUM_BIN` | Filepath to chromium binary. Required for email autoreply PDF generation with Puppeteer. | | ||
| `BOUNCE_LIFE_SPAN` | Time in milliseconds that bounces are tracked for each form. Defaults to 10800000ms or 3 hours. Only relevant if you have set up AWS to send bounce and delivery notifications to the /emailnotifications endpoint. | | ||
|
||
### Additional Features | ||
|
||
|
@@ -180,6 +190,7 @@ If this feature is enabled, client-side error events will be piped to [sentry.io | |
|
||
| Variable | Description | | ||
| :------------------ | ----------------------------------------------------------------------------------------------------- | | ||
| `CSP_REPORT_URI` | Reporting URL for Content Security Policy violdations. Can be configured to use a Sentry.io endpoint. | | ||
| `SENTRY_CONFIG_URL` | Sentry.io URL for configuring the Raven SDK. | | ||
| `CSP_REPORT_URI` | Reporting URL for Content Security Policy violdations. Can be configured to use a Sentry.io endpoint. | | ||
|
||
|
@@ -235,6 +246,8 @@ Note that MyInfo is currently not supported for storage mode forms and enabling | |
| `MYINFO_CLIENT_CONFIG` | Configures [MyInfoGovClient](https://github.com/opengovsg/myinfo-gov-client). Set this to either`stg` or `prod` to fetch MyInfo data from the corresponding endpoints. | | ||
| `MYINFO_FORMSG_KEY_PATH` | Filepath to MyInfo private key, which is used to decrypt returned responses. | | ||
| `MYINFO_APP_KEY` | (deprecated) Directly specify contents of the MyInfo FormSG private key. Only works if `NODE_ENV` is set to `development`. | | ||
| `IS_SP_MAINTENANCE` | If set, displays a banner message on SingPass forms. Overrides `IS_CP_MAINTENANCE`. | | ||
| `IS_CP_MAINTENANCE` | If set, displays a banner message on CorpPass forms. | | ||
|
||
#### Verified Emails/SMSes | ||
|
||
|
@@ -263,4 +276,4 @@ If this feature is enabled, storage mode forms will also support authentication | |
| `MONGO_BINARY_VERSION` | Version of the Mongo binary used. Defaults to `'latest'` according to [MongoMemoryServer](https://github.com/nodkz/mongodb-memory-server) docs. | | ||
| `PWD` | Path of working directory. | | ||
| `MOCK_WEBHOOK_CONFIG_FILE` | Path of configuration file for mock webhook server | | ||
| `MOCK_WEBHOOK_PORT` | Port of mock webhook server | | ||
| `MOCK_WEBHOOK_PORT` | Port of mock webhook server | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,10 @@ | ||
#!/bin/bash | ||
set -x | ||
until $(curl --output /dev/null --silent --head --fail http://localhost:4572); do | ||
until $(curl --output /dev/null --silent --head --fail $AWS_ENDPOINT); do | ||
printf 'Waiting for Localstack to be ready...' | ||
sleep 5 | ||
done | ||
awslocal s3 mb s3://$IMAGE_S3_BUCKET | ||
awslocal s3 mb s3://$LOGO_S3_BUCKET | ||
awslocal s3 mb s3://$ATTACHMENT_S3_BUCKET | ||
awslocal --endpoint-url=$AWS_ENDPOINT s3 mb s3://$IMAGE_S3_BUCKET | ||
awslocal --endpoint-url=$AWS_ENDPOINT s3 mb s3://$LOGO_S3_BUCKET | ||
awslocal --endpoint-url=$AWS_ENDPOINT s3 mb s3://$ATTACHMENT_S3_BUCKET | ||
set +x |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.