Wundergraph in Production Overview
During development, you're used to running WunderGraph using wunderctl up
.
This starts up a local instance of WunderGraph, runs the code generation,
recompiles the hooks as well as restarting the hooks background process,
and watches your filesystem for changes.
When running WunderGraph in production, you probably don't want to watch the filesystem for changes or run the code generation.
For that reason, you should be using wunderctl start
in production.
It achieves exactly what we need.
Read more about it here.
Other considerations when running WunderGraph in production#
- Make sure there are no secrets in your WunderGraph configuration, instead use environment variables.
- Use a TLS terminating proxy in front of your WunderGraph instance, e.g. ALB.
- Don't set CORS to allow all origins, instead use a whitelist!
Building for production#
Create a docker container using the linux binary of wunderctl. If you're using hooks, make sure to install NodeJS and npm. Don't forget to add CA certificates to your docker container so that it can make HTTPS requests.
Add the "generated" folder from your WunderGraph project to your docker container.
As "start" cmd, use wunderctl start
from within the generated folder or use the --wundergraph-dir
flag and point it to the generated directory.
Alternatively, you can also just install wunderctl and follow the other instructions without using docker if you prefer a different deployment model.
Example Dockerfile#
Using this DockerFile, you can build a docker image that runs WunderGraph in production. As a dependency, we need to install NodeJS and npm. Then we add the generated folder to the docker image. This contains the compiled hooks and the generated configuration. Finally, we run the wunderctl start command and expose a port.
FROM node:17ADD ./generated .RUN npm -g install @wundergraph/wunderctl@latestRUN wunderctl versionCMD wunderctl start --listen_addr 0.0.0.0:80EXPOSE 80
Allowing additional Hostnames#
You will probably run your WunderGraph instance on a different domain than "http://localhost:9991".
To allow additional hostnames in production, use the following configuration when running wunderctl generate
or wunderctl up
.
// wundergraph.config.tsconfigureWunderGraphApplication({security: {allowedHosts: ["example.com"]}});
Make sure to configure the "security" section in your WunderGraph configuration before running wunderctl generate
or wunderctl up
.
This example will allow the hostname "example.com" to access the WunderGraph instance.
If you don't configure this, you will get 404 not found errors.