This is a quick blog post about how to get up and running with Hasura, GraphQL on DigitalOcean.
Hasura is probably my current favorite technology when it comes to handling backend mechanisms for a web app. Hasura is just awesome! So, what is Hasura?
Hasura is an Instant Realtime GraphQL on Postgres
Hasura automatically generates a GraphQL API based on your database. Your app will communicate with your database via GraphQL API. Hasura will handle everything between your app and PostgreSQL. That includes:
- Get, post, update and delete data.
- Handle subscriptions so you can retrieve real time data from your Postgres database.
- Handle access control in the form of roles (ex: admin or user roles).
- Build and manage your data in Postgres via the Hasura console. Which is a web interface similar to phpMyAdmin.
And much more. Read more on hasura.io.
Setup
Crate a new droplet on DigitalOcean base don the Hasura app under One-click apps. You can start out with a \$5/mo droplet at DigitalOcean to run your Hasura instance. That is more than enough to get started.
Install Hasura GraphQL using One-click apps at DigitalOcean This will install Hasura, together with PostgreSQL and Caddy on a DigitalOcean droplet for you.
Next we will use SSH to connect to our droplet to secure Hasura.
Log in to the server and run docker ps to make sure Hasura, PostgreSQL and Caddy is up and running.
So what is what here?
PostgreSQL
PostgreSQL is the database.
Hasura
Hasura generates the GraphQL API based on the database.
Caddy
Caddy is the webserver.
SSL/TLS (https:// and wss://)
We want to secure our communication to our server and we will let Caddy and Let’s encrypt set up a SSL/TSL certificate. This will enable HTTPS (Hypertext Transfer Protocol Secure) and WSS (WebSocket Secure).
First we must point a domain or subdomain to our server. This is done using a A record. In the example above we use the subdomain hasura.your-domain.com. In DigitalOcean this will look like this:
Notice, it could take up to 48 hours for DNS changes to take affect.
Next we will go back to our droplet and edit our Caddy config file located at /etc/hasura/Caddyfile. Edit it to look like:
hasura.your-domain.com {
proxy / graphql-engine:8080 {
websocket
}
}
Next, restart the container with docker restart 'container-id' (with out the ticks('). The container-id can be found using docker ps and is the left most column. In the image above my Caddy-container had the id of e0d614783237.
After the restart, Caddy will fix a SSL/TLS certificate and enable https/wss for the domain so you can securely interact with your Hasura GraphQL API.
Access key
Next we will password protect the Hasura console. Open the file /etc/hasura/docker-compose.yaml to edit the HASURA_GRAPHQL_ADMIN_SECRET variable. In the example below I set my access key to mysecretaccesskey.
environment:
HASURA_GRAPHQL_ADMIN_SECRET: mysecretaccesskey
HASURA_GRAPHQL_DATABASE_URL: postgres://postgres:@postgres:5432/postgres
command:
Next, browse to your newly created and secure Hasura console at https://hasura.your-domain.com. You will be prompted with a login screen. Use your HASURA_GRAPHQL_ADMIN_SECRET to login.
Congratulations! You are up and running with Hasura on DigitalOcean.
Serverless backend for modern web and mobile apps
