diff --git a/docker/conf/web-keycloak.yml b/docker/conf/web-keycloak.yml index 576e57c..54a3db9 100644 --- a/docker/conf/web-keycloak.yml +++ b/docker/conf/web-keycloak.yml @@ -1,61 +1,65 @@ storage: cls: remote url: http://swh-storage:5002/ timeout: 1 objstorage: cls: remote url: http://swh-objstorage:5003/ indexer_storage: cls: remote url: http://swh-idx-storage:5007/ scheduler: cls: remote url: http://swh-scheduler:5008/ vault: cls: remote args: url: http://swh-vault:5005/ deposit: private_api_url: https://swh-deposit:5006/1/private/ private_api_user: swhworker private_api_password: '' allowed_hosts: - "*" debug: yes serve_assets: yes -development_db: /tmp/db.sqlite3 -production_db: /tmp/db.sqlite3 +production_db: + host: swh-web-db + port: 5432 + name: swh-web + user: postgres + password: testpassword throttling: cache_uri: 127.0.0.1:11211 scopes: swh_api: limiter_rate: default: 120/h swh_api_origin_search: limiter_rate: default: 70/m swh_api_origin_visit_latest: limiter_rate: default: 700/m swh_vault_cooking: limiter_rate: default: 120/h swh_save_origin: limiter_rate: default: 120/h search: {} keycloak: server_url: http://keycloak:8080/keycloak/auth/ realm_name: SoftwareHeritage diff --git a/docker/conf/web-mirror.yml b/docker/conf/web-mirror.yml index 57a0605..5d6dc96 100644 --- a/docker/conf/web-mirror.yml +++ b/docker/conf/web-mirror.yml @@ -1,33 +1,40 @@ storage: cls: remote url: http://swh-storage-mirror:5002/ timeout: 1 objstorage: cls: remote url: http://swh-objstorage:5003/ indexer_storage: cls: remote url: http://swh-idx-storage:5007/ scheduler: cls: remote url: http://swh-scheduler:5008/ vault: cls: remote args: url: http://swh-vault:5005/ deposit: private_api_url: https://swh-deposit:5006/1/private/ private_api_user: swhworker private_api_password: '' allowed_hosts: - "*" debug: yes serve_assets: yes + +production_db: + host: swh-web-db + port: 5432 + name: swh-web + user: postgres + password: testpassword diff --git a/docker/conf/web-read-replica.yml b/docker/conf/web-read-replica.yml index 7fdea9a..ab8b161 100644 --- a/docker/conf/web-read-replica.yml +++ b/docker/conf/web-read-replica.yml @@ -1,63 +1,67 @@ storage: cls: remote url: http://swh-storage-read-replica:5002/ timeout: 1 indexer_storage: cls: remote url: http://swh-idx-storage:5007/ scheduler: cls: remote url: http://swh-scheduler:5008/ vault: cls: remote args: url: http://swh-vault:5005/ deposit: private_api_url: https://swh-deposit:5006/1/private/ private_api_user: swhworker private_api_password: '' allowed_hosts: - "*" debug: yes serve_assets: yes -development_db: /tmp/db.sqlite3 -production_db: /tmp/db.sqlite3 +production_db: + host: swh-web-db + port: 5432 + name: swh-web + user: postgres + password: testpassword throttling: cache_uri: 127.0.0.1:11211 scopes: swh_api: limiter_rate: default: 120/h exempted_networks: - 0.0.0.0/0 swh_api_origin_search: limiter_rate: default: 70/m exempted_networks: - 0.0.0.0/0 swh_api_origin_visit_latest: limiter_rate: default: 700/m exempted_networks: - 0.0.0.0/0 swh_vault_cooking: limiter_rate: default: 120/h exempted_networks: - 0.0.0.0/0 swh_save_origin: limiter_rate: default: 120/h exempted_networks: - 0.0.0.0/0 search: {} diff --git a/docker/conf/web-search.yml b/docker/conf/web-search.yml index 5f6045a..b8fbaf7 100644 --- a/docker/conf/web-search.yml +++ b/docker/conf/web-search.yml @@ -1,66 +1,70 @@ storage: cls: remote url: http://swh-storage:5002/ timeout: 1 indexer_storage: cls: remote url: http://swh-idx-storage:5007/ scheduler: cls: remote url: http://swh-scheduler:5008/ vault: cls: remote url: http://swh-vault:5005/ deposit: private_api_url: https://swh-deposit:5006/1/private/ private_api_user: swhworker private_api_password: "" search: cls: remote url: http://swh-search:5010/ metadata_search_backend: swh-search allowed_hosts: - "*" debug: yes serve_assets: yes -development_db: /tmp/db.sqlite3 -production_db: /tmp/db.sqlite3 +production_db: + host: swh-web-db + port: 5432 + name: swh-web + user: postgres + password: testpassword throttling: cache_uri: 127.0.0.1:11211 scopes: swh_api: limiter_rate: default: 120/h exempted_networks: - 0.0.0.0/0 swh_api_origin_search: limiter_rate: default: 70/m exempted_networks: - 0.0.0.0/0 swh_api_origin_visit_latest: limiter_rate: default: 700/m exempted_networks: - 0.0.0.0/0 swh_vault_cooking: limiter_rate: default: 120/h exempted_networks: - 0.0.0.0/0 swh_save_origin: limiter_rate: default: 120/h exempted_networks: - 0.0.0.0/0 diff --git a/docker/conf/web.yml b/docker/conf/web.yml index d07b627..0cc32de 100644 --- a/docker/conf/web.yml +++ b/docker/conf/web.yml @@ -1,63 +1,67 @@ storage: cls: remote url: http://swh-storage:5002/ timeout: 1 indexer_storage: cls: remote url: http://swh-idx-storage:5007/ scheduler: cls: remote url: http://swh-scheduler:5008/ vault: cls: remote args: url: http://swh-vault:5005/ deposit: private_api_url: https://swh-deposit:5006/1/private/ private_api_user: swhworker private_api_password: '' allowed_hosts: - "*" debug: yes serve_assets: yes -development_db: /tmp/db.sqlite3 -production_db: /tmp/db.sqlite3 +production_db: + host: swh-web-db + port: 5432 + name: swh-web + user: postgres + password: testpassword throttling: cache_uri: 127.0.0.1:11211 scopes: swh_api: limiter_rate: default: 120/h exempted_networks: - 0.0.0.0/0 swh_api_origin_search: limiter_rate: default: 70/m exempted_networks: - 0.0.0.0/0 swh_api_origin_visit_latest: limiter_rate: default: 700/m exempted_networks: - 0.0.0.0/0 swh_vault_cooking: limiter_rate: default: 120/h exempted_networks: - 0.0.0.0/0 swh_save_origin: limiter_rate: default: 120/h exempted_networks: - 0.0.0.0/0 search: {} diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 23f4eab..8d57770 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -1,426 +1,433 @@ version: "2.1" services: amqp: image: rabbitmq:3.6-management ports: - 5072:5672 zookeeper: image: wurstmeister/zookeeper restart: always kafka: image: wurstmeister/kafka ports: - "5092:9092" env_file: ./env/kafka.env environment: KAFKA_CREATE_TOPICS: swh.journal.objects.content:1:1, swh.journal.objects.origin:1:1, swh.journal.objects.origin_visit:1:1, swh.journal.objects.origin_visit_status:1:1, swh.journal.objects.revision:1:1, swh.journal.indexed.origin_intrinsic_metadata:1:1 depends_on: - zookeeper healthcheck: test: "[ `JMX_PORT= kafka-topics.sh --list --zookeeper zookeeper:2181 | wc -l` -ge 6 ]" interval: 10s timeout: 5s retries: 10 prometheus: image: prom/prometheus depends_on: - prometheus-statsd-exporter command: # Needed for the reverse-proxy - "--web.external-url=/prometheus" - "--config.file=/etc/prometheus/prometheus.yml" volumes: - "./conf/prometheus.yml:/etc/prometheus/prometheus.yml:ro" restart: unless-stopped prometheus-statsd-exporter: image: prom/statsd-exporter command: - "--statsd.mapping-config=/etc/prometheus/statsd-mapping.yml" volumes: - "./conf/prometheus-statsd-mapping.yml:/etc/prometheus/statsd-mapping.yml:ro" restart: unless-stopped prometheus-rabbitmq-exporter: image: kbudde/rabbitmq-exporter restart: unless-stopped environment: SKIP_QUEUES: "RPC_.*" MAX_QUEUES: 5000 RABBIT_URL: http://amqp:15672 LOG_LEVEL: warning grafana: image: grafana/grafana restart: unless-stopped depends_on: - prometheus environment: GF_SERVER_ROOT_URL: http://localhost:5080/grafana volumes: - "./conf/grafana/provisioning:/etc/grafana/provisioning:ro" - "./conf/grafana/dashboards:/var/lib/grafana/dashboards" nginx: image: nginx volumes: - "./conf/nginx.conf:/etc/nginx/nginx.conf:ro" ports: - 5080:5080 # Scheduler swh-scheduler-db: image: postgres:12 env_file: - ./env/common_python.env - ./env/scheduler-db.env swh-scheduler: image: swh/stack build: ./ env_file: - ./env/common_python.env - ./env/scheduler-db.env - ./env/scheduler.env environment: SWH_CONFIG_FILENAME: /scheduler.yml SWH_SCHEDULER_CONFIG_FILE: /scheduler.yml entrypoint: /entrypoint.sh depends_on: - swh-scheduler-db ports: - 5008:5008 volumes: - "./conf/scheduler.yml:/scheduler.yml:ro" - "./services/swh-scheduler/entrypoint.sh:/entrypoint.sh:ro" swh-scheduler-listener: image: swh/stack build: ./ env_file: - ./env/common_python.env - ./env/scheduler-db.env - ./env/scheduler.env environment: SWH_CONFIG_FILENAME: /scheduler.yml SWH_SCHEDULER_CONFIG_FILE: /scheduler.yml entrypoint: /entrypoint.sh command: start-listener depends_on: - swh-scheduler - amqp volumes: - "./conf/scheduler.yml:/scheduler.yml:ro" - "./services/swh-scheduler-worker/entrypoint.sh:/entrypoint.sh:ro" swh-scheduler-runner: image: swh/stack build: ./ env_file: - ./env/common_python.env - ./env/scheduler-db.env - ./env/scheduler.env environment: SWH_CONFIG_FILENAME: /scheduler.yml SWH_SCHEDULER_CONFIG_FILE: /scheduler.yml entrypoint: /entrypoint.sh command: start-runner -p 10 depends_on: - swh-scheduler - amqp volumes: - "./conf/scheduler.yml:/scheduler.yml:ro" - "./services/swh-scheduler-worker/entrypoint.sh:/entrypoint.sh:ro" # Graph storage swh-storage-db: image: postgres:12 env_file: - ./env/storage-db.env swh-storage: image: swh/stack build: ./ ports: - 5002:5002 depends_on: - swh-storage-db - swh-objstorage - kafka env_file: - ./env/common_python.env - ./env/storage.env environment: SWH_CONFIG_FILENAME: /storage.yml STORAGE_BACKEND: postgresql entrypoint: /entrypoint.sh volumes: - "./conf/storage.yml:/storage.yml:ro" - "./services/swh-storage/entrypoint.sh:/entrypoint.sh:ro" # Object storage swh-objstorage: build: ./ image: swh/stack ports: - 5003:5003 env_file: - ./env/common_python.env environment: SWH_CONFIG_FILENAME: /objstorage.yml entrypoint: /entrypoint.sh volumes: - "./conf/objstorage.yml:/objstorage.yml:ro" - "./services/swh-objstorage/entrypoint.sh:/entrypoint.sh:ro" # Indexer storage swh-idx-storage-db: image: postgres:12 env_file: - ./env/indexers-db.env swh-idx-storage: image: swh/stack build: ./ ports: - 5007:5007 depends_on: - swh-idx-storage-db env_file: - ./env/common_python.env - ./env/indexers-db.env - ./env/indexers.env environment: SWH_CONFIG_FILENAME: /indexer_storage.yml entrypoint: /entrypoint.sh volumes: - "./conf/indexer_storage.yml:/indexer_storage.yml:ro" - "./services/swh-indexer-storage/entrypoint.sh:/entrypoint.sh:ro" # Web interface + swh-web-db: + image: postgres:12 + env_file: + - ./env/01-web-db.env swh-web: build: ./ image: swh/stack ports: - 5004:5004 depends_on: - swh-storage - swh-idx-storage + - swh-web-db env_file: - ./env/common_python.env + - ./env/01-web-db.env + - ./env/02-web-db.env environment: VERBOSITY: 3 DJANGO_SETTINGS_MODULE: swh.web.settings.production SWH_CONFIG_FILENAME: /web.yml entrypoint: /entrypoint.sh volumes: - "./conf/web.yml:/web.yml:ro" - "./services/swh-web/entrypoint.sh:/entrypoint.sh:ro" swh-deposit-db: image: postgres:12 env_file: - ./env/deposit-db.env swh-deposit: image: swh/stack build: ./ ports: - 5006:5006 depends_on: - swh-deposit-db - swh-scheduler env_file: - ./env/common_python.env - ./env/deposit-db.env - ./env/deposit.env environment: VERBOSITY: 3 SWH_CONFIG_FILENAME: /deposit.yml DJANGO_SETTINGS_MODULE: swh.deposit.settings.production entrypoint: /entrypoint.sh volumes: - "./conf/deposit.yml:/deposit.yml:ro" - "./services/swh-deposit/entrypoint.sh:/entrypoint.sh:ro" swh-vault-db: image: postgres:12 env_file: - ./env/vault-db.env swh-vault: image: swh/stack build: ./ env_file: - ./env/common_python.env - ./env/vault-db.env - ./env/vault.env environment: SWH_CONFIG_FILENAME: /vault.yml command: server ports: - 5005:5005 depends_on: - swh-vault-db - swh-objstorage - swh-storage - swh-scheduler entrypoint: /entrypoint.sh volumes: - "./conf/vault.yml:/vault.yml:ro" - "./services/swh-vault/entrypoint.sh:/entrypoint.sh:ro" swh-vault-worker: image: swh/stack build: ./ command: worker env_file: - ./env/common_python.env - ./env/workers.env environment: SWH_CONFIG_FILENAME: /cooker.yml depends_on: - swh-vault - swh-storage entrypoint: /entrypoint.sh volumes: - "./conf/vault-worker.yml:/cooker.yml:ro" - "./services/swh-vault/entrypoint.sh:/entrypoint.sh:ro" # Lister Celery workers swh-lister: image: swh/stack build: ./ env_file: - ./env/common_python.env - ./env/listers.env - ./env/workers.env user: swh environment: SWH_WORKER_INSTANCE: listers SWH_CONFIG_FILENAME: /lister.yml depends_on: - swh-scheduler - swh-scheduler-runner - amqp entrypoint: /entrypoint.sh volumes: - "./conf/lister.yml:/lister.yml:ro" - "./services/swh-listers-worker/entrypoint.sh:/entrypoint.sh:ro" # Loader + deposit checker Celery workers swh-loader: image: swh/stack build: ./ env_file: - ./env/common_python.env - ./env/workers.env user: swh environment: SWH_WORKER_INSTANCE: loader SWH_CONFIG_FILENAME: /loader.yml entrypoint: /entrypoint.sh depends_on: - swh-storage - swh-scheduler - amqp volumes: - "./conf/loader.yml:/loader.yml:ro" - "./services/swh-worker/entrypoint.sh:/entrypoint.sh:ro" swh-loader-deposit: image: swh/stack build: ./ env_file: - ./env/common_python.env - ./env/workers.env user: swh environment: SWH_WORKER_INSTANCE: loader-deposit SWH_CONFIG_FILENAME: /loader-deposit.yml entrypoint: /entrypoint.sh depends_on: - swh-storage - swh-scheduler - swh-deposit - amqp volumes: - "./conf/loader-deposit.yml:/loader-deposit.yml:ro" - "./services/swh-worker/entrypoint.sh:/entrypoint.sh:ro" # Indexer Celery workers swh-indexer: image: swh/stack build: ./ user: swh env_file: - ./env/common_python.env - ./env/indexers-db.env - ./env/indexers.env - ./env/workers.env environment: SWH_WORKER_INSTANCE: indexer SWH_CONFIG_FILENAME: /indexer.yml CONCURRENCY: 4 entrypoint: /entrypoint.sh depends_on: - swh-scheduler-runner - swh-idx-storage - swh-storage - swh-objstorage - amqp volumes: - "./conf/indexer.yml:/indexer.yml:ro" - "./services/swh-indexer-worker/entrypoint.sh:/entrypoint.sh:ro" # Journal related swh-indexer-journal-client: image: swh/stack build: ./ entrypoint: /entrypoint.sh env_file: - ./env/common_python.env depends_on: kafka: condition: service_healthy swh-storage: condition: service_started swh-scheduler: condition: service_started volumes: - "./conf/indexer_journal_client.yml:/etc/softwareheritage/indexer/journal_client.yml:ro" - "./services/swh-indexer-journal-client/entrypoint.sh:/entrypoint.sh:ro" swh-scheduler-journal-client: image: swh/stack build: ./ entrypoint: /entrypoint.sh env_file: - ./env/common_python.env depends_on: kafka: condition: service_healthy swh-scheduler: condition: service_started volumes: - "./conf/scheduler_journal_client.yml:/etc/softwareheritage/scheduler/journal_client.yml:ro" - "./services/swh-scheduler-journal-client/entrypoint.sh:/entrypoint.sh:ro" diff --git a/docker/env/01-web-db.env b/docker/env/01-web-db.env new file mode 100644 index 0000000..7eca345 --- /dev/null +++ b/docker/env/01-web-db.env @@ -0,0 +1,2 @@ +POSTGRES_DB=swh-web +POSTGRES_PASSWORD=testpassword diff --git a/docker/env/02-web-db.env b/docker/env/02-web-db.env new file mode 100644 index 0000000..d16bcd8 --- /dev/null +++ b/docker/env/02-web-db.env @@ -0,0 +1,3 @@ +PGHOST=swh-web-db +PGUSER=postgres + diff --git a/docker/services/swh-web/entrypoint.sh b/docker/services/swh-web/entrypoint.sh index ca5431d..d1e1df1 100755 --- a/docker/services/swh-web/entrypoint.sh +++ b/docker/services/swh-web/entrypoint.sh @@ -1,43 +1,48 @@ #!/bin/bash set -e create_admin_script=" from django.contrib.auth import get_user_model; username = 'admin'; password = 'admin'; email = 'admin@swh-web.org'; User = get_user_model(); if not User.objects.filter(username = username).exists(): User.objects.create_superuser(username, email, password); " +source /srv/softwareheritage/utils/pgsql.sh +setup_pgsql + source /srv/softwareheritage/utils/pyutils.sh setup_pip case "$1" in "shell") exec bash -i ;; *) echo "Starting memcached" memcached& + wait_pgsql + echo "Migrating db using ${DJANGO_SETTINGS_MODULE}" django-admin migrate --settings=${DJANGO_SETTINGS_MODULE} echo "Creating Django admin user" echo "$create_admin_script" | python3 -m swh.web.manage shell echo "starting the swh-web server" exec gunicorn --bind 0.0.0.0:5004 \ --threads 2 \ --workers 2 \ --timeout 3600 \ --access-logfile '-' \ --config 'python:swh.web.gunicorn_config' \ 'django.core.wsgi:get_wsgi_application()' esac