feat: new server migration (finally)

.github/workflows/docker.yml

@@ -0,0 +1,54 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# GitHub recommends pinning actions to a commit SHA.
+# To get a newer version, you will need to update the SHA.
+# You can also reference a tag or branch, but the action may change without warning.
+
+name: Publish Docker image
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  push_to_registry:
+    name: Push Docker image to Docker Hub
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v3
+
+      - name: Log in to Sr Izan's container registry
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
+        with:
+          registry: containers.srizan.dev
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: containers.srizan.dev/api
+          tags: latest
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Emit a webhook to the server
+        env:
+          AUTH_HEADER: ${{ secrets.WHSERVER_TOKEN }}
+        run: |
+          curl -X POST \
+            -H "Authorization: Bearer $AUTH_HEADER" \
+            https://webhooks.srizan.dev/hooks/api

Dockerfile

@@ -1,13 +1,26 @@
-FROM node:alpine
+# Build stage
+FROM node:lts-alpine AS build
 
 WORKDIR /app
 
-COPY package.json ./
-
-RUN npm install
+COPY package.json yarn.lock ./
+RUN yarn
 
 COPY . .
+RUN yarn build
 
-RUN npm run build
+# Final stage
+FROM node:lts-alpine AS final
 
-CMD node dist/index.js
+WORKDIR /app
+
+COPY --from=build /app/dist ./dist
+COPY --from=build /app/schemas ./schemas
+COPY --from=build /app/util ./util
+COPY --from=build /app/routes ./routes
+COPY --from=build /app/docs ./docs
+COPY --from=build /app/public ./public
+COPY --from=build /app/node_modules ./node_modules
+COPY --from=build /app/package.json ./package.json
+
+CMD ["node", "dist/index.js"]

deploy.sh

@@ -1,11 +0,0 @@
-#!/bin/bash
-
-git pull
-
-docker build . -t srizan10/api
-
-docker stop api
-
-docker rm api
-
-docker run -d -t --name api -p 8083:7272 --restart unless-stopped srizan10/api

routes/misc/download.ts

@@ -2,51 +2,5 @@ import axios from "axios"
 import { Request, Response } from "express"
 
 export default async function download(req: Request, res: Response) {
-	const url = req.query.url as string
-	const filetype = req.query.type as string
-
-	function typeResolver(filetype: string) {
-		switch (filetype) {
-			case "png":
-				return {
-					success: true,
-					extension: "png",
-					contentType: "image/png",
-				}
-			case "jpg" || "jpeg":
-				return {
-					success: true,
-					extension: "jpg",
-					contentType: "image/jpeg",
-				}
-			case "gif":
-				return {
-					success: true,
-					extension: "gif",
-					contentType: "image/gif",
-				}
-			default:
-				return {
-					success: false,
-					extension: "idk",
-					contentType: "idk/idk",
-				}
-		}
-	}
-
-	try {
-		const fileTypeResolved = typeResolver(filetype)
-		if (!fileTypeResolved.success)
-			return res.status(400).send({ error: 'Image needs to be either png, jpg or gif' })
-		
-		const response = await axios.get(url, { responseType: "stream" })
-		res.set({
-			"Content-Disposition": `attachment; filename=download.${fileTypeResolved.extension}`,
-			"Content-Type": fileTypeResolved.contentType,
-		})
-		response.data.pipe(res)
-	} catch (error) {
-		console.error(error)
-		res.status(400).send({ error: 'File not found' })
-	}
+	res.send('Disabled due to security reasons')
 }