change(docker): host fastapi over plain http

We don't need the https certificates being dealt with in the fastapi
service; we will define our certificates in any frontend nginx
running on top.

Signed-off-by: Kevin Morris <kevr@0cost.org>

docker/config/nginx.conf

@@ -23,7 +23,7 @@ http {
 
     gzip on;
 
-    upstream hypercorn {
+    upstream asgi_backend {
         server fastapi:8000;
     }
 
@@ -142,7 +142,7 @@ http {
             proxy_set_header X-Forwarded-Proto $scheme;
             proxy_redirect off;
             proxy_buffering off;
-            proxy_pass https://hypercorn;
+            proxy_pass http://asgi_backend;
         }
     }
 

docker/scripts/run-fastapi.sh

@@ -1,17 +1,4 @@
 #!/bin/bash
-
-CERT=/data/localhost.cert.pem
-KEY=/data/localhost.key.pem
-
-# If production.{cert,key}.pem exists, prefer them. This allows
-# user customization of the certificates that FastAPI uses.
-if [ -f /data/production.cert.pem ]; then
-    CERT=/data/production.cert.pem
-fi
-if [ -f /data/production.key.pem ]; then
-    KEY=/data/production.key.pem
-fi
-
 # By default, set FASTAPI_WORKERS to 2. In production, this should
 # be configured by the deployer.
 if [ -z ${FASTAPI_WORKERS+x} ]; then
@@ -28,16 +15,12 @@ alembic upgrade head
 
 if [ "$1" == "uvicorn" ] || [ "$1" == "" ]; then
     exec uvicorn --reload \
-        --ssl-certfile "$CERT" \
-        --ssl-keyfile "$KEY" \
         --log-config /docker/logging.conf \
         --host "0.0.0.0" \
         --port 8000 \
         aurweb.asgi:app
 elif [ "$1" == "gunicorn" ]; then
     exec gunicorn \
-        --keyfile="$KEY" \
-        --certfile="$CERT" \
         --log-config /docker/logging.conf \
         --bind "0.0.0.0:8000" \
         -w $FASTAPI_WORKERS \
@@ -45,8 +28,6 @@ elif [ "$1" == "gunicorn" ]; then
         aurweb.asgi:app
 elif [ "$1" == "hypercorn" ]; then
     exec hypercorn --reload \
-        --certfile "$CERT" \
-        --keyfile "$KEY" \
         --log-config /docker/logging.conf \
         -b "0.0.0.0:8000" \
         aurweb.asgi:app