Added NATS server and frontend code to connect to it

backend/nats/Containerfile

@@ -0,0 +1,3 @@
+FROM nats:2.7.4-scratch
+COPY ./nats-server.conf /nats-server.conf
+EXPOSE 4223

backend/nats/nats-server.conf

@@ -0,0 +1,137 @@
+# Client port of 4222 on all interfaces
+port: 4222
+
+# HTTP monitoring port
+monitor_port: 8222
+
+# This is for clustering multiple servers together.
+cluster {
+  # It is recommended to set a cluster name
+  name: "sakal_cluster"
+
+  # Route connections to be received on any interface on port 6222
+  port: 6222
+
+  # Routes are protected, so need to use them with --routes flag
+  # e.g. --routes=nats-route://ruser:T0pS3cr3t@otherdockerhost:6222
+  authorization {
+    user: ruser
+    password: T0pS3cr3t
+    timeout: 2
+  }
+
+  # Routes are actively solicited and connected to from this server.
+  # This Docker image has none by default, but you can pass a
+  # flag to the nats-server docker image to create one to an existing server.
+  routes = []
+}
+
+
+websocket {
+    # Specify a host and port to listen for websocket connections
+    #
+    # listen: "host:port"
+
+    # It can also be configured with individual parameters,
+    # namely host and port.
+    #
+    # host: "hostname"
+    port: 4223
+
+    # This will optionally specify what host:port for websocket
+    # connections to be advertised in the cluster.
+    #
+    # advertise: "host:port"
+
+    # TLS configuration is required by default
+    #
+    #tls {
+    #  cert_file: "/path/to/cert.pem"
+    #  key_file: "/path/to/key.pem"
+    #}
+
+    # For test environments, you can disable the need for TLS
+    # by explicitly setting this option to `true`
+    #
+    no_tls: true
+
+    # [Cross-origin resource sharing option](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS).
+    #
+    # IMPORTANT! This option is used only when the http request presents an Origin
+    # header, which is the case for web browsers. If no Origin header is present,
+    # this check will not be performed.
+    #
+    # When set to `true`, the HTTP origin header must match the request’s hostname.
+    # The default is `false`.
+    #
+    # same_origin: true
+
+    # [Cross-origin resource sharing option](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS).
+    #
+    # IMPORTANT! This option is used only when the http request presents an Origin
+    # header, which is the case for web browsers. If no Origin header is present,
+    # this check will not be performed.
+    #
+    # List of accepted origins. When empty, and `same_origin` is `false`, clients from any origin are allowed to connect.
+    # This list specifies the only accepted values for the client's request Origin header. The scheme,
+    # host and port must match. By convention, the absence of TCP port in the URL will be port 80
+    # for an "http://" scheme, and 443 for "https://".
+    #
+    # allowed_origins [
+    #    "http://www.example.com"
+    #    "https://www.other-example.com"
+    # ]
+
+    # This enables support for compressed websocket frames
+    # in the server. For compression to be used, both server
+    # and client have to support it.
+    #
+    # compression: true
+
+    # This is the total time allowed for the server to
+    # read the client request and write the response back
+    # to the client. This includes the time needed for the
+    # TLS handshake.
+    #
+    # handshake_timeout: "2s"
+
+    # Name for an HTTP cookie, that if present will be used as a client JWT.
+    # If the client specifies a JWT in the CONNECT protocol, this option is ignored.
+    # The cookie should be set by the HTTP server as described [here](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies).
+    # This setting is useful when generating NATS `Bearer` client JWTs as the
+    # result of some authentication mechanism. The HTTP server after correct
+    # authentication can issue a JWT for the user, that is set securely preventing
+    # access by unintended scripts. Note these JWTs must be [NATS JWTs](https://docs.nats.io/nats-server/configuration/securing_nats/jwt).
+    #
+    # jwt_cookie: "my_jwt_cookie_name"
+
+    # If no user name is provided when a websocket client connects, will default
+    # this user name in the authentication phase. If specified, this will
+    # override, for websocket clients, any `no_auth_user` value defined in the
+    # main configuration file.
+    # Note that this is not compatible with running the server in operator mode.
+    #
+    # no_auth_user: "my_username_for_apps_not_providing_credentials"
+
+    # See below to know what is the normal way of limiting websocket clients
+    # to specific users.
+    # If there are no users specified in the configuration, this simple authorization
+    # block allows you to override the values that would be configured in the
+    # equivalent block in the main section.
+    #
+    # authorization {
+    #     # If this is specified, the client has to provide the same username
+    #     # and password to be able to connect.
+    #     # username: "my_user_name"
+    #     # password: "my_password"
+    #
+    #     # If this is specified, the password field in the CONNECT has to
+    #     # match this token.
+    #     # token: "my_token"
+    #
+    #     # This overrides the main's authorization timeout. For consistency
+    #     # with the main's authorization configuration block, this is expressed
+    #     # as a number of seconds.
+    #     # timeout: 2.0
+    #}
+}

backend/nats/run.sh

@@ -0,0 +1,3 @@
+#!/bin/sh
+cd "${0%/*}"  # set current directory of this script to where the script is located. necessary for podman "-v" bind mounts to be relative paths
+podman run -d --name sakal-nats -p 4222:4222 -p 4223:4223 localhost/sakal-nats-server:latest