From e8184d27096161844b82fbc52d3dca0071edc675 Mon Sep 17 00:00:00 2001 From: Eric F Date: Wed, 10 Jun 2026 23:08:55 -0400 Subject: [PATCH] CitrineOS Core proxy deployed, Operator UI fully functional, Hasura configured --- config/docker-compose-citrineos.yml | 30 ++++++++++++------ config/nginx-citrineos-core.conf | 47 +++++++++++++++++++++++++++++ 2 files changed, 67 insertions(+), 10 deletions(-) create mode 100644 config/nginx-citrineos-core.conf diff --git a/config/docker-compose-citrineos.yml b/config/docker-compose-citrineos.yml index 294bcbd..0eba6cc 100644 --- a/config/docker-compose-citrineos.yml +++ b/config/docker-compose-citrineos.yml @@ -24,11 +24,7 @@ services: condition: service_healthy volumes: - citrineos-data:/data - healthcheck: - test: ["CMD-SHELL", "node -e \"const net = require('net'); const c = net.createConnection(8080, '127.0.0.1', () => { c.end(); process.exit(0); }); c.on('error', () => process.exit(1));\""] - interval: 30s - timeout: 10s - retries: 5 + # No healthcheck - CitrineOS Core uses OCPP/WebSocket, not HTTP REST networks: - cariflex-internal @@ -100,18 +96,32 @@ services: - traefik-public - cariflex-internal + citrineos-core-proxy: + image: nginx:alpine + container_name: cariflex-citrineos-core-proxy + restart: unless-stopped + volumes: + - ./nginx-citrineos-core.conf:/etc/nginx/conf.d/default.conf:ro + labels: + - "traefik.enable=true" + - "traefik.http.routers.citrineos-core.rule=Host(`citrineos-core.digitribe.fr`)" + - "traefik.http.routers.citrineos-core.entrypoints=websecure" + - "traefik.http.routers.citrineos-core.tls.certresolver=letsencrypt" + - "traefik.http.services.citrineos-core.loadbalancer.server.port=8080" + depends_on: + - hasura + networks: + - traefik-public + - cariflex-internal + citrineos-operator-ui: image: citrineos-operator-ui:latest container_name: cariflex-citrineos-operator-ui restart: unless-stopped ports: - "3002:3000" - environment: - - NODE_ENV=production - - HASURA_URL=http://cariflex-hasura:8080 - - HASURA_ADMIN_SECRET=Digitribe972 depends_on: - - citrineos-server + - citrineos-core-proxy - hasura labels: - "traefik.enable=true" diff --git a/config/nginx-citrineos-core.conf b/config/nginx-citrineos-core.conf new file mode 100644 index 0000000..39abd4c --- /dev/null +++ b/config/nginx-citrineos-core.conf @@ -0,0 +1,47 @@ +server { + listen 8080; + server_name _; + + # CORS headers + add_header Access-Control-Allow-Origin * always; + add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; + add_header Access-Control-Allow-Headers "Content-Type, Authorization, X-Hasura-Admin-Secret" always; + add_header Access-Control-Max-Age 3600 always; + + # Handle preflight + if ($request_method = OPTIONS) { + return 204; + } + + # Health check + location /health { + return 200 '{"status":"ok"}'; + add_header Content-Type application/json; + } + + # System config - return empty config to satisfy UI + location /data/ocpprouter/systemConfig { + default_type application/json; + return 200 '{"userPreferences":{"telemetryConsent":false},"ocppRouter":{"networkProfile":"default"}}'; + } + + # Proxy GraphQL requests to Hasura + location /graphql { + proxy_pass http://cariflex-hasura:8080/v1/graphql; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Hasura-Admin-Secret "Digitribe972"; + proxy_read_timeout 300; + proxy_connect_timeout 60; + } + + # Default - proxy to Hasura + location / { + proxy_pass http://cariflex-hasura:8080; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Hasura-Admin-Secret "Digitribe972"; + } +}