iac: nirvai-web: rename core to web and extract platform services into new repo nirv-ai/core

Question

iac: nirvai-web: rename core to web and extract platform services into new repo nirv-ai/core

noahehall opened this issue 2 years ago · comments

noah edward hall commented 2 years ago

C

refactor core service stack: nirvai-web
nirvai web should be treated as another set of services in nirvai platform
this will loosen the coupling to nirvai core components, resolve various architectural issues, and simplify integrations downstream
- while we could have kept one mighty monorepo and created multiple nomad jobspecs, this tight coupling would require even more security measures

T

nirvai-web: rename core to web
- copypasta extracted services into nirvai-core
  - core/apps/letsencrypt/[domain]/live/[domain] should be cp -Lr to /etc/ssl/cets/[domain]
    - sym/hard link wont work and you need to dereference the source files
    - .env:REG_CERTS_HOST needs to point to this dir
- nirvai-web base refactor
  - grep: apps/letsencrypt/ - > /etc/ssl/certs/[domain]/*.pem
  - grep: core -> web
  - grep: 8200 -> 8300 (proxy doesnt exist in web)
  - grep: 8080 -> 3000 (proxy doesnt exist in web)
  - grep: 8080/bff -> 3001 (proxy doesnt exist in web)
  - delete all env vars related proxy and proxy integration
  - prefix all web envars with WEB_[SERVICE]_X_Y_Z
- refactor: repo nirvai/{docs, configs, scripts}
  - repeat whatever was done for nirvai-web
  - docker
    - script.exec
    - script,log (new)
    - script.refresh
    - script.reset
- nirvai-web running locally
  - node bff
    - cors && ssl certs added if NODE_ENV !== production
      - we should use dev.nirv.ai cert since its available
  - react ui
    - ssl enable via env var
  - postgres db
    - removed the external: true from the postgres volume
  - vault automation should be able to initialize a set of configs with an arbitrary amount of microservice configuration init files
    - vault running
    - vault automation working
    - vault bff approle + postgres dynamic creds
    - ui: nirvai create account
  - ~~[ ] tf-infra~~
    - tf refactor could occur without nirvai-core, but lets do it all at the same time
  - ~~[ ] nomad~~
    - nomad refactor is dependent on nirvai-core refactor

A

@see https://github.com/nirv-ai/docs/blob/main/_architecture_decision_records_/core-IaC.png
@see #26
@see https://www.hashicorp.com/blog/configuring-third-party-loadbalancers-with-consul-nginx-haproxy-f5
- dude their diagrams are 100% better than ours