iklim.co/Environment_Infrastructure
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Environment_Infrastructure/roadmap/prod-env/04-swag-nginx-configs.md
Murat ÖZDEMİR 8875af8e8a docs: fix roadmap and setup reference direction 
Remove setup runbook references from prod roadmap docs so roadmap remains design intent only. Keep setup-to-roadmap links, but normalize them to explicit relative paths.
2026-06-15 19:57:21 +03:00

2.0 KiB
Raw Blame History

04 — SWAG Nginx Proxy Configs (Prod)

Context

Production uses the same SWAG template files as test, with production subdomain values and StorageBox-backed output directories.

Required Environment Variables

The production env file is prod/secrets/iklim.co/.env on StorageBox.

API_SUBDOMAIN=api.iklim.co
APIGW_SUBDOMAIN=apigw.iklim.co
RABBITMQ_SUBDOMAIN=rabbitmq.iklim.co
GRAFANA_SUBDOMAIN=grafana.iklim.co
RESTRICTED_IPS="78.187.87.109/32,95.70.151.248/32"

SWAG_CERT_DIR=/mnt/storagebox/ssl
SWAG_DNS_CONFIG_DIR=/mnt/storagebox/swag/dns-conf
SWAG_SITE_CONFS_DIR=/mnt/storagebox/swag/site-confs
SWAG_PROXY_CONFS_DIR=/mnt/storagebox/swag/proxy-confs

Template Files

The shared templates live under root template/swag/:

  • template/swag/dns-conf/godaddy.ini.tpl
  • template/swag/site-confs/default.conf
  • template/swag/site-confs/api.conf.tpl
  • template/swag/site-confs/apigw.conf.tpl
  • template/swag/site-confs/rabbitmq.conf.tpl
  • template/swag/site-confs/grafana.conf.tpl

Deploy Behavior

The production workflow renders:

  • GoDaddy DNS credentials into $SWAG_DNS_CONFIG_DIR/godaddy.ini.
  • SWAG site configs into $SWAG_SITE_CONFS_DIR.
  • Optional proxy configs into $SWAG_PROXY_CONFS_DIR when templates exist.

Because StorageBox is mounted on the service nodes, files rendered by the runner are visible to SWAG regardless of which service node runs the container.

Verification

cat /mnt/storagebox/swag/site-confs/api.conf | grep server_name
docker exec $(docker ps -q -f name=iklimco_swag | head -1) nginx -t
curl -si https://api.iklim.co/health

Expected:

  • server_name api.iklim.co;
  • Nginx config syntax is valid.
  • Public API returns an APISIX response with a valid *.iklim.co certificate.

Historical / Superseded by Setup

The previous SWAG_CONFIG_DIR=/mnt/storagebox/swag/config and .env.prod references are superseded. Use the split SWAG_DNS_CONFIG_DIR, SWAG_SITE_CONFS_DIR, and SWAG_PROXY_CONFS_DIR variables from the current setup.