feat: update connection pool and nginx redirects (#35)

* feat: update connection pool and nginx redirects

* fix: update title passing in layout

* fix: apply changes to nginx config

Author: iulusoy

src/frontend/src/app.html

@@ -1,6 +1,5 @@
 <!DOCTYPE html>
-<html lang="%lang%">
-	<title>Mailcom</title>
+<html lang="de">
 	<head>
 		<title>%sveltekit.title%</title>
 		<meta charset="utf-8" />

src/frontend/src/lib/server/db.ts

@@ -13,16 +13,19 @@ if (process.env.BUILD_MODE === 'true') {
     db = drizzle.mock();
     console.log('Mock database connection created');
 } else {
-// we will use client connections since we do not expect many concurrent connections
-    // and connection also does not need to be maintained for long
-    const connection = await mysql.createConnection({
+    // Use a pool instead of a single connection
+    // Pool handles reconnection automatically
+    const pool = mysql.createPool({
         host: process.env.MYSQL_HOST,
         port: process.env.MYSQL_PORT ? parseInt(process.env.MYSQL_PORT) : 3306,
         user: process.env.MYSQL_USER,
         password: process.env.MYSQL_PASSWORD,
         database: process.env.MYSQL_DATABASE,
+        waitForConnections: true,
+        connectionLimit: 5,
+        queueLimit: 0,
     });
-    db = drizzle(connection);
+    db = drizzle(pool);
 }
 
 const exportedDb = db;

src/frontend/src/routes/+layout.svelte

@@ -16,6 +16,10 @@
   }
 </script>
 
+<svelte:head>
+  <title>Mailcom</title>
+</svelte:head>
+
 
 <nav class="bg-white border-gray-200 px-4 lg:px-6 py-2.5 relative">
   <div class="flex flex-wrap justify-between items-center mx-auto max-w-screen-xl">

src/nginx/conf/nginx.conf

@@ -5,15 +5,29 @@ upstream app_server {
 server {
   listen 80 default_server;
   listen [::]:80 default_server;
-  server_name mailcom.rose.uni-heidelberg.de _;
+  server_name _;
   return 301 https://mailcom.rose.uni-heidelberg.de$request_uri;
 }
 
+# Catch-all HTTPS: redirect any non-canonical host to domain (308 preserves POST)
 server {
-  listen 443 ssl default_server;
-  listen [::]:443 ssl default_server;
+  listen 443 ssl;
+  listen [::]:443 ssl;
   http2 on;
-  server_name mailcom.rose.uni-heidelberg.de _;
+  server_name _;
+
+  ssl_certificate     /etc/nginx/ssl/mailcom.rose.uni-heidelberg.de.crt;
+  ssl_certificate_key /etc/nginx/ssl/mailcom.rose.uni-heidelberg.de.key;
+
+  return 308 https://mailcom.rose.uni-heidelberg.de$request_uri;
+}
+
+# Canonical HTTPS vhost: proxy to app
+server {
+  listen 443 ssl;
+  listen [::]:443 ssl;
+  http2 on;
+  server_name mailcom.rose.uni-heidelberg.de;
 
   ssl_certificate     /etc/nginx/ssl/mailcom.rose.uni-heidelberg.de.crt;
   ssl_certificate_key /etc/nginx/ssl/mailcom.rose.uni-heidelberg.de.key;
@@ -22,15 +36,14 @@ server {
   ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256';
   ssl_prefer_server_ciphers on;
 
-  # If someone sends HTTP to 443, redirect to HTTPS
-  error_page 497 =301 https://$host$request_uri;
-
   location / {
     proxy_pass http://app_server;
     proxy_set_header Host $host;
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Forwarded-Port $server_port;
     proxy_set_header X-Real-IP $remote_addr;
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Proto $scheme;
     proxy_http_version 1.1;
   }
 }