Fix ssl backend and cors and more small fixes

Kimiega · Kimiega · commit c14e02ae5967 · 2025-01-15T00:33:38.000+03:00
diff --git a/backend/config/crypto/ca.cnf b/backend/config/crypto/ca.cnf
@@ -19,3 +19,18 @@ authorityKeyIdentifier = keyid:always,issuer
 basicConstraints = critical, CA:true
 keyUsage = critical, digitalSignature, cRLSign, keyCertSign
 
+[req_ext]
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = localhost
+DNS.2 = authik-0.dating.se.ifmo.ru
+DNS.3 = authik-1.dating.se.ifmo.ru
+DNS.4 = authik-2.dating.se.ifmo.ru
+DNS.5 = matchmaker-0.dating.se.ifmo.ru
+DNS.6 = matchmaker-1.dating.se.ifmo.ru
+DNS.7 = matchmaker-2.dating.se.ifmo.ru
+DNS.8 = people-0.dating.se.ifmo.ru
+DNS.9 = people-1.dating.se.ifmo.ru
+DNS.10 = people-2.dating.se.ifmo.ru
+DNS.11 = server.dc1.consul
diff --git a/backend/consul/Dockerfile b/backend/consul/Dockerfile
@@ -12,3 +12,5 @@ RUN chmod -R 755 /consul/config && \
     chmod 644 /consul/config/itmo-dating-backend.crt && \
     chmod 644 /consul/config/itmo-dating-backend-ca.crt && \
     chmod 644 /consul/config/consul.hcl
+
+CMD ["sh", "./consul/run.sh"]
diff --git a/backend/consul/config/consul.hcl b/backend/consul/config/consul.hcl
@@ -14,6 +14,10 @@ acl {
   enable_token_persistence = true
 }
 
+limits {
+  http_max_conns_per_client = 400
+}
+
 data_dir = "/opt/consul/data"
 
 ui = true
diff --git a/backend/consul/run.sh b/backend/consul/run.sh
@@ -1,4 +1,3 @@
 #!/bin/sh
 
-consul agent -config-file=/consul/config/consul.hcl -bootstrap-expect=1 \
-  | grep -v "This request used the token query parameter which is deprecated and will be removed"
+consul agent -config-file=/consul/config/consul.hcl -bootstrap-expect=1 | grep -v "This request used the token query parameter which is deprecated and will be removed"
diff --git a/backend/gateway/build.gradle.kts b/backend/gateway/build.gradle.kts
@@ -7,7 +7,7 @@ dependencies {
 
     implementation(libs.org.springframework.boot.spring.boot)
     implementation(libs.org.springframework.cloud.spring.cloud.starter.gateway)
-
+    implementation(libs.org.springframework.spring.web)
     implementation(libs.org.springdoc.springdoc.openapi.starter.webflux.ui)
 
     testImplementation(libs.org.springframework.boot.spring.boot.starter.test)
diff --git a/backend/gateway/src/main/kotlin/ru/ifmo/se/dating/gateway/ClientSSLContextConfig.kt b/backend/gateway/src/main/kotlin/ru/ifmo/se/dating/gateway/ClientSSLContextConfig.kt
@@ -12,17 +12,17 @@ import javax.net.ssl.KeyManagerFactory
 import javax.net.ssl.TrustManagerFactory
 
 @Configuration
-class SSLContextConfig(
-    @Value("\${server.ssl.key-store-type}")
+class ClientSSLContextConfig(
+    @Value("\${client.ssl.key-store-type}")
     private val keyStoreType: String,
 
-    @Value("\${server.ssl.key-store}")
+    @Value("\${client.ssl.key-store}")
     private val keyStore: Resource,
 
-    @Value("\${server.ssl.key-store-password}")
+    @Value("\${client.ssl.key-store-password}")
     private val keyStorePassword: String,
 
-    @Value("\${server.ssl.protocol}")
+    @Value("\${client.ssl.protocol}")
     private val sslProtocol: String,
 ) {
     @Bean
diff --git a/backend/gateway/src/main/kotlin/ru/ifmo/se/dating/gateway/CorsFilter.kt b/backend/gateway/src/main/kotlin/ru/ifmo/se/dating/gateway/CorsFilter.kt
@@ -1,4 +1,4 @@
-package ru.ifmo.se.dating.spring.api
+package ru.ifmo.se.dating.gateway
 
 import org.springframework.http.HttpMethod
 import org.springframework.http.HttpStatus
diff --git a/backend/gateway/src/main/resources/application.yml b/backend/gateway/src/main/resources/application.yml
@@ -95,10 +95,16 @@ server:
   ssl:
     enabled: true
     key-store-type: PKCS12
-    key-store: classpath:keystore/itmo-dating-backend.p12
+    key-store: classpath:keystore/keystore.p12
     key-store-password: ${KEY_STORE_PASSWORD}
     protocol: TLSv1.3
     enabled-protocols: TLSv1.3
+client:
+  ssl:
+    key-store-type: PKCS12
+    key-store: classpath:keystore/itmo-dating-backend.p12
+    key-store-password: ${KEY_STORE_PASSWORD}
+    protocol: TLSv1.3
 springdoc:
   swagger-ui:
     path: /swagger-ui.html
diff --git a/backend/starter-service-discovery/src/main/resources/application-service-discovery.yml b/backend/starter-service-discovery/src/main/resources/application-service-discovery.yml
@@ -16,6 +16,8 @@ spring:
         instance-id: instance-${HOSTNAME}
         heartbeat:
           enabled: true
+          ttl: 30
+        catalog-services-watch-delay: 5000
 management:
   health:
     consul:
diff --git a/compose.yml b/compose.yml
@@ -85,7 +85,6 @@ services:
     image: ghcr.io/secs-dev/itmo-dating-consul:latest
     build:
       context: ./backend/consul
-    command: sh ./consul/run.sh
     hostname: server.dc1.consul
     ports:
       - "127.0.0.1:8500:8500/tcp"

Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,10 @@ acl {`
`14`	`14`	`enable_token_persistence = true`
`15`	`15`	`}`
`16`	`16`
	`17`	`+limits {`
	`18`	`+ http_max_conns_per_client = 400`
	`19`	`+}`
	`20`	`+`
`17`	`21`	`data_dir = "/opt/consul/data"`
`18`	`22`
`19`	`23`	`ui = true`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-package ru.ifmo.se.dating.spring.api`
	`1`	`+package ru.ifmo.se.dating.gateway`
`2`	`2`
`3`	`3`	`import org.springframework.http.HttpMethod`
`4`	`4`	`import org.springframework.http.HttpStatus`