Create docker
crate #6
4 changed files with 162 additions and 0 deletions
25
.idea/jsonSchemas.xml
Normal file
25
.idea/jsonSchemas.xml
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<project version="4">
|
||||||
|
<component name="JsonSchemaMappingsProjectConfiguration">
|
||||||
|
<state>
|
||||||
|
<map>
|
||||||
|
<entry key="docker-compose.yml">
|
||||||
|
<value>
|
||||||
|
<SchemaInfo>
|
||||||
|
<option name="name" value="docker-compose.yml" />
|
||||||
|
<option name="relativePathToSchema" value="https://raw.githubusercontent.com/compose-spec/compose-spec/master/schema/compose-spec.json" />
|
||||||
|
<option name="applicationDefined" value="true" />
|
||||||
|
<option name="patterns">
|
||||||
|
<list>
|
||||||
|
<Item>
|
||||||
|
<option name="path" value="compose.yml" />
|
||||||
|
</Item>
|
||||||
|
</list>
|
||||||
|
</option>
|
||||||
|
</SchemaInfo>
|
||||||
|
</value>
|
||||||
|
</entry>
|
||||||
|
</map>
|
||||||
|
</state>
|
||||||
|
</component>
|
||||||
|
</project>
|
32
acrate_docker/Dockerfile
Normal file
32
acrate_docker/Dockerfile
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
FROM rust AS base_builder
|
||||||
|
WORKDIR /usr/src/acrate
|
||||||
|
COPY --from=source ./acrate_database ./acrate_database
|
||||||
|
COPY --from=source ./acrate_nodeinfo ./acrate_nodeinfo
|
||||||
|
COPY --from=source ./acrate_rd ./acrate_rd
|
||||||
|
COPY --from=source ./acrate_rdserver ./acrate_rdserver
|
||||||
|
COPY --from=source ./Cargo.toml ./Cargo.toml
|
||||||
|
COPY --from=source ./Cargo.lock ./Cargo.lock
|
||||||
|
|
||||||
|
FROM rust:slim AS base_runner
|
||||||
|
RUN apt-get update
|
||||||
|
RUN apt-get upgrade --assume-yes
|
||||||
|
RUN apt-get install --assume-yes libpq5
|
||||||
|
WORKDIR /usr/local/bin
|
||||||
|
ENV RUST_LOG="warn"
|
||||||
|
|
||||||
|
FROM base_builder AS migrate_build
|
||||||
|
RUN cargo build --release --package=acrate_database --features=bin --bin=acrate_database_migrate
|
||||||
|
|
||||||
|
FROM base_runner AS migrate
|
||||||
|
COPY --from=migrate_build /usr/src/acrate/target/release/acrate_database_migrate /usr/local/bin/acrate_database_migrate
|
||||||
|
ENTRYPOINT ["acrate_database_migrate"]
|
||||||
|
ENV RUST_LOG="warn,acrate_database_migrate=info"
|
||||||
|
|
||||||
|
FROM base_builder AS rdserver_build
|
||||||
|
RUN cargo build --release --package=acrate_rdserver --bin=acrate_rdserver
|
||||||
|
|
||||||
|
FROM base_runner AS rdserver
|
||||||
|
COPY --from=rdserver_build /usr/src/acrate/target/release/acrate_rdserver /usr/local/bin/acrate_rdserver
|
||||||
|
ENTRYPOINT ["acrate_rdserver"]
|
||||||
|
HEALTHCHECK CMD ["curl", "http://127.0.0.1/.healthcheck"]
|
||||||
|
ENV RUST_LOG="warn,acrate_rdserver=info"
|
89
acrate_docker/compose.yml
Normal file
89
acrate_docker/compose.yml
Normal file
|
@ -0,0 +1,89 @@
|
||||||
|
# Full acrate stack, running on a single machine for experimental purposes
|
||||||
|
|
||||||
|
x-config:
|
||||||
|
ingress_config_dir: &ingress_config_dir "./config/caddy"
|
||||||
|
|
||||||
|
name: "acrate"
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
ingress_data:
|
||||||
|
ingress_config:
|
||||||
|
postgres_data:
|
||||||
|
|
||||||
|
services:
|
||||||
|
# Public ingress node
|
||||||
|
ingress:
|
||||||
|
image: "caddy"
|
||||||
|
restart: "unless-stopped"
|
||||||
|
cap_add:
|
||||||
|
- "NET_ADMIN"
|
||||||
|
ports:
|
||||||
|
- protocol: "tcp"
|
||||||
|
target: 80
|
||||||
|
published: 80
|
||||||
|
- protocol: "tcp"
|
||||||
|
target: 443
|
||||||
|
published: 443
|
||||||
|
- protocol: "udp"
|
||||||
|
target: 443
|
||||||
|
published: 443
|
||||||
|
volumes:
|
||||||
|
- type: "volume"
|
||||||
|
source: "ingress_data"
|
||||||
|
target: "/data"
|
||||||
|
- type: "volume"
|
||||||
|
source: "ingress_config"
|
||||||
|
target: "/config"
|
||||||
|
- type: "bind"
|
||||||
|
source: *ingress_config_dir
|
||||||
|
target: "/etc/caddy"
|
||||||
|
|
||||||
|
# Main database
|
||||||
|
database:
|
||||||
|
image: "postgres"
|
||||||
|
restart: "unless-stopped"
|
||||||
|
environment:
|
||||||
|
# Make sure the password is the same for both client and server tools
|
||||||
|
POSTGRES_PASSWORD: &postgres_password "acrate"
|
||||||
|
PGUSER: "postgres"
|
||||||
|
PGPASS: *postgres_password
|
||||||
|
volumes:
|
||||||
|
- type: "volume"
|
||||||
|
source: "postgres_data"
|
||||||
|
target: "/var/lib/postgresql/data"
|
||||||
|
expose:
|
||||||
|
- 5432
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "pg_isready"]
|
||||||
|
|
||||||
|
# Migrations
|
||||||
|
migrate:
|
||||||
|
build:
|
||||||
|
dockerfile: "./Dockerfile"
|
||||||
|
additional_contexts:
|
||||||
|
- "source=.."
|
||||||
|
target: "migrate"
|
||||||
|
environment:
|
||||||
|
ACRATE_DATABASE_DATABASE_URL: &database_url "postgres:///postgres?host=database&user=postgres&password=acrate" # TODO: Split parameters off to their own envvars
|
||||||
|
depends_on:
|
||||||
|
database:
|
||||||
|
condition: "service_healthy"
|
||||||
|
|
||||||
|
# Resource descriptor server
|
||||||
|
rdserver:
|
||||||
|
build:
|
||||||
|
dockerfile: "./Dockerfile"
|
||||||
|
additional_contexts:
|
||||||
|
- "source=.."
|
||||||
|
target: "rdserver"
|
||||||
|
restart: "unless-stopped"
|
||||||
|
environment:
|
||||||
|
ACRATE_WEBFINGER_BIND_ADDRESS: "0.0.0.0:80"
|
||||||
|
ACRATE_WEBFINGER_DATABASE_URL: *database_url
|
||||||
|
expose:
|
||||||
|
- 80
|
||||||
|
depends_on:
|
||||||
|
database:
|
||||||
|
condition: "service_healthy"
|
||||||
|
migrate:
|
||||||
|
condition: "service_completed_successfully"
|
16
acrate_docker/config/caddy/Caddyfile
Normal file
16
acrate_docker/config/caddy/Caddyfile
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
# replace with your HTTPS domain
|
||||||
|
:80 {
|
||||||
|
@rdserver {
|
||||||
|
path "/.well-known/webfinger"
|
||||||
|
path "/.well-known/host-meta"
|
||||||
|
path "/.well-known/host-meta.xml"
|
||||||
|
path "/.well-known/host-meta.json"
|
||||||
|
}
|
||||||
|
|
||||||
|
reverse_proxy @rdserver {
|
||||||
|
to "http://rdserver"
|
||||||
|
|
||||||
|
health_uri "/.healthcheck"
|
||||||
|
health_status "204"
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue