Initial commit

2024-03-12 22:28:05 +01:00
commit 7711bcc220
40 changed files with 5137 additions and 0 deletions
--- a/docker/.env.example
+++ b/docker/.env.example
@@ -0,0 +1,7 @@
+ABOVE_ME__APRS__ADDRESS=aprs.example.com
+ABOVE_ME__APRS__USER_NAME=MYC4LLS1GN
+ABOVE_ME__APRS__PASSWORD=************
+ABOVE_ME__APRS__FILTER=r/12.3/45.6/78
+ABOVE_ME__APRS__CLIENT_ID=my-program 0.1
+ABOVE_ME__DDB_URL=https://example.com/aircraft
+RUST_LOG=warn
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -0,0 +1,23 @@
+services:
+  backend:
+    build:
+      context: ../backend
+    environment:
+      - ABOVE_ME__BIND_TO=0.0.0.0:9000
+    env_file:
+      - .env
+  frontend:
+    build:
+      context: ../frontend
+    restart: unless-stopped
+  gateway:
+    image: nginx
+    depends_on:
+      - backend
+      - frontend
+    restart: unless-stopped
+    ports:
+      - "127.0.0.1:9000:8080"
+    volumes:
+      - ./nginx.conf:/etc/nginx/nginx.conf:ro
+      - ./privacy-policy.html:/usr/share/nginx/html/privacy-policy.html:ro
--- a/docker/nginx.conf
+++ b/docker/nginx.conf
@@ -0,0 +1,53 @@
+events {
+  worker_connections          1024;
+}
+
+http {
+  include                     mime.types;
+
+  default_type                application/octet-stream;
+
+  sendfile                    on;
+
+  server_tokens               off;
+
+  server {
+    listen                    8080;
+    server_name               _;
+   
+    add_header                Content-Security-Policy "default-src 'self' 'unsafe-inline' data:;";
+    add_header                Permissions-Policy "geolocation=(), midi=(), camera=(), usb=(), payment=(), vr=(), speaker=(), ambient-light-sensor=(), gyroscope=(), microphone=(), usb=(), interest-cohort=()";
+    add_header                Referer "no-referrer"; 
+    add_header                Referrer-Policy "no-referrer";
+    add_header                Strict-Transport-Security "max-age=63072000" always;
+    add_header                Surrogate-Control "public";
+    add_header                X-Content-Type-Options "nosniff";
+    add_header                X-Frame-Options "DENY";
+
+    client_max_body_size      1;
+
+    location /r/ {
+        # Do not log location data
+        access_log            off;
+        error_log             /dev/null emerg;
+        proxy_pass            http://backend:9000/r/;
+    }
+
+    location /status {
+        proxy_pass            http://backend:9000/status;
+    }
+
+    gzip                      on;
+    gzip_types                *;
+    expires                   1d;
+
+    location = /privacy-policy.html {
+        root                  /usr/share/nginx/html;
+        try_files             /privacy-policy.html =404;
+    }
+
+    location / {
+        proxy_pass            http://frontend:80/;
+    }
+  }
+}
--- a/docker/privacy-policy.html
+++ b/docker/privacy-policy.html
@@ -0,0 +1 @@
+<!-- Fill this privacy policy. -->