From 659bb1dfb8f3b1bff4b9db276d3b1850608e799f Mon Sep 17 00:00:00 2001 From: shibao Date: Sat, 30 Jul 2022 03:10:43 -0400 Subject: [PATCH] add docker stuff --- .dockerignore | 20 ++++++++ .github/workflows/docker-hub.yml | 33 +++++++++++++ .gitignore | 5 ++ Dockerfile | 14 ++++++ README.markdown | 29 ++++++++++++ config.docker.py | 76 ++++++++++++++++++++++++++++++ docker-compose.yml | 80 ++++++++++++++++++++++++++++++++ 7 files changed, 257 insertions(+) create mode 100644 .dockerignore create mode 100644 .github/workflows/docker-hub.yml create mode 100644 Dockerfile create mode 100644 config.docker.py create mode 100644 docker-compose.yml diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..bee3ad0 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,20 @@ +.envrc.example +.gitignore +.tool-versions +*.md +Dockerfile +docker-compose.yml +.git +.github +.codecov.yml +.coveragerc +.env +.eslintrc.yml +.gitattributes +LICENSE +CHANGELOG.markdown +README.markdown +config.example.py +config.docker.py +forget.example.service +requirements-dev.txt diff --git a/.github/workflows/docker-hub.yml b/.github/workflows/docker-hub.yml new file mode 100644 index 0000000..551292c --- /dev/null +++ b/.github/workflows/docker-hub.yml @@ -0,0 +1,33 @@ +name: upload-to-docker-hub +on: + push: + branches: + - master + - docker +jobs: + buildx: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Build and push + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + push: true + tags: ${{ secrets.DOCKER_HUB_USERNAME }}/forget:latest + platforms: linux/amd64,linux/arm64,linux/arm/v7 diff --git a/.gitignore b/.gitignore index 1050a7f..5145303 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,8 @@ static/* .cache/ .coverage .pytest_cache + +# docker stuff +/redis +/postgres +/celery diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..295dc2a --- /dev/null +++ b/Dockerfile @@ -0,0 +1,14 @@ +FROM python:3 AS builder +WORKDIR /usr/src/app +COPY . . + +# install python stuff +RUN python -m pip install --upgrade pip +RUN pip install --no-cache-dir -r requirements.txt + +# build assets +RUN apt-get update -qq && apt-get install -qq nodejs npm +RUN npm install --save-dev +RUN doit + +VOLUME ["/var/log/celery", "/var/run/celery"] diff --git a/README.markdown b/README.markdown index 252a9a7..d6b657c 100644 --- a/README.markdown +++ b/README.markdown @@ -116,6 +116,35 @@ You can run the (currently very incomplete) test suite by running `pytest`. You'll need redis installed on your development machine, a temporary redis server will be started and shut down automatically by the test suite. +## Docker + +This project is also able to be deployed through Docker. + +1. Copy `docker-compose.yml` and `config.docker.py` into your preferred + directory. +1. Rename `config.docker.py` to `config.py` and add additional configurations to + your liking. +1. By default, the `docker-compose.yml` creates relative mounts `./redis`, + `./postgres`, and `./celery` relative to the `docker-compose.yml` location. + Feel free to change these if you'd like. +1. Run `docker-compose up` to start or `docker-compose up -d` to start in the + background, and use `docker-compose down` to stop. +1. If you have a reverse proxy on a docker network already, simply add the + Docker network details to `docker-compose.yml` and Forget should be available + at `http://forget:42157` in the Docker network. Otherwise, you'll need to add + something like the following to bind the docker container to a port: + ``` + services: + forget: + ...lots of stuff... + ports: + - "127.0.0.1:42157:42157" + ...other stuff... + ``` + This will bind the container's port `42157` to `127.0.0.1:42157` on your + local machine, which you can then reverse proxy. Make sure to never expose + this publically, as it is http and not secure! + ## Contact If you're having trouble with Forget, or if you're not having trouble but you diff --git a/config.docker.py b/config.docker.py new file mode 100644 index 0000000..ec241c0 --- /dev/null +++ b/config.docker.py @@ -0,0 +1,76 @@ +""" +this is an example config file for Forget + +copy this file to config.py before editing + +lines starting with # demonstrate default or example values +the # should be removed before editing +""" + +""" +DATABASE URI + +determines where to connect to the database +see for syntax +only postgresql with psycopg2 driver is officially supported +""" +SQLALCHEMY_DATABASE_URI='postgresql+psycopg2://postgres:postgres@forget-db/forget' + +""" +REDIS URI + +see +for syntax reference +""" +REDIS_URI='redis://forget-redis' + +""" +SERVER ADDRESS + +This is the address at which forget will be reached. +External services will redirect to this address when logging in. +""" +# SERVER_NAME="0.0.0.0:5000" +# HTTPS=True + +""" +TWITTER CREDENTIALS + +Apply for api keys on the developer portal +When prompted for it, your callback URL is {SERVER_NAME}/login/twitter/callback +""" +# TWITTER_CONSUMER_KEY='yN3DUNVO0Me63IAQdhTfCA' +# TWITTER_CONSUMER_SECRET='c768oTKdzAjIYCmpSNIdZbGaG0t6rOhSFQP0S5uC79g' + +""" +SENTRY + +If you want to send exceptions to sentry, enter your sentry DSN here +""" +# SENTRY_DSN='' + +""" +HIDDEN INSTANCES + +The front page shows one-click login buttons for the mastodon and +misskey instances that see the most heavy use. Instances configured in this +list will be prevented from appearing in these buttons. + +They will still appear if a user has previously logged into them and their +browser remembers it. A user will still be able to log into them by manually +typing the address into the log in form. + +This is a space-delimited list. Example syntax: +HIDDEN_INSTANCES='social.example.com pleroma.example.net mk.example.org' +""" +# HIDDEN_INSTANCES='' + +""" +ADVANCED FLASK CONFIG + +you can also use any config variable that flask expects here +A list of these config variables is available here: + +""" +# SESSION_COOKIE_SECURE=True +# DEBUG=True diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..e9dbca5 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,80 @@ +version: "3" + +services: + forget: + build: + context: ./ + container_name: forget + restart: always + environment: + - FLASK_APP=forget.py + volumes: + - ./config.py:/usr/src/app/config.py + depends_on: + - forget-redis + - forget-db + - forget-worker + - forget-beat + command: bash -c " + flask db upgrade && + gunicorn -w 9 -t 3600 -b 0.0.0.0:42157 forget:app + " + expose: + - 42157 + + forget-worker: + build: + context: ./ + container_name: forget-worker + restart: always + environment: + - FLASK_APP=forget.py + volumes: + - ./config.py:/usr/src/app/config.py + - ./celery/log:/var/log/celery + - ./celery/run:/var/run/celery + depends_on: + - forget-redis + - forget-db + command: bash -c " + mkdir -p /var/run/celery /var/log/celery && + chown -R nobody:nogroup /var/run/celery /var/log/celery && + exec celery --app=tasks worker + --loglevel=INFO --logfile=/var/log/celery/worker.log + --statedb=/var/run/celery/worker.state + --hostname=worker + --queues=celery.worker -O fair + --uid=nobody --gid=nogroup + " + + forget-beat: + build: + context: ./ + container_name: forget-beat + restart: always + environment: + - FLASK_APP=forget.py + volumes: + - ./config.py:/usr/src/app/config.py + depends_on: + - forget-redis + - forget-db + entrypoint: ["celery", "--app=tasks", "beat"] + + forget-redis: + container_name: forget-redis + image: redis:4.0-alpine + restart: always + volumes: + - ./redis:/data + + forget-db: + image: postgres:14-alpine + container_name: forget-db + restart: always + environment: + - POSTGRES_USER=postgres + - POSTGRES_PASSWORD=postgres + - POSTGRES_DB=forget + volumes: + - ./postgres:/var/lib/postgresql/data