diff options
author | Alex <alex@adnab.me> | 2023-05-16 13:38:07 +0000 |
---|---|---|
committer | Alex <alex@adnab.me> | 2023-05-16 13:38:07 +0000 |
commit | 8a75be4d43fb83de2737c18a314e2602c775f193 (patch) | |
tree | 9ffa4130941cd57138e26eb49e5ce3b67e5967ef /cluster/prod | |
parent | 4ca45cf1d4ea44778501d9da640c156d842e539e (diff) | |
parent | 560486bc50f5298d91706604339513f6840a2a18 (diff) | |
download | nixcfg-8a75be4d43fb83de2737c18a314e2602c775f193.tar.gz nixcfg-8a75be4d43fb83de2737c18a314e2602c775f193.zip |
Merge pull request 'prod: Plume with S3 storage backend' (#13) from plume-s3 into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/13
Diffstat (limited to 'cluster/prod')
-rw-r--r-- | cluster/prod/app/plume/build/docker-compose.yml | 2 | ||||
-rw-r--r-- | cluster/prod/app/plume/build/plume/Dockerfile | 19 | ||||
-rw-r--r-- | cluster/prod/app/plume/config/app.env | 11 | ||||
-rw-r--r-- | cluster/prod/app/plume/deploy/plume.hcl | 24 | ||||
-rw-r--r-- | cluster/prod/app/plume/secrets.toml | 7 |
5 files changed, 35 insertions, 28 deletions
diff --git a/cluster/prod/app/plume/build/docker-compose.yml b/cluster/prod/app/plume/build/docker-compose.yml index 560f539..a621540 100644 --- a/cluster/prod/app/plume/build/docker-compose.yml +++ b/cluster/prod/app/plume/build/docker-compose.yml @@ -4,5 +4,5 @@ services: build: context: ./plume args: - VERSION: 8709f6cf9f8ff7e3c5ee7ea699ee7c778e92fefc + PLUME_VERSION: 61e65a55ad1f5094321c111e395d00dddcb05e96 image: superboum/plume:v8 diff --git a/cluster/prod/app/plume/build/plume/Dockerfile b/cluster/prod/app/plume/build/plume/Dockerfile index 1f57a52..6e9d4f9 100644 --- a/cluster/prod/app/plume/build/plume/Dockerfile +++ b/cluster/prod/app/plume/build/plume/Dockerfile @@ -1,4 +1,5 @@ -FROM rust:1.58.1-slim-bullseye as builder +#FROM rust:1.69-bullseye as builder +FROM rustlang/rust:nightly-bullseye as builder RUN apt-get update && \ apt-get install -y \ @@ -18,21 +19,25 @@ RUN apt-get update && \ libssl-dev \ libclang-dev -ARG VERSION +RUN cargo install wasm-pack + +ARG PLUME_VERSION WORKDIR /opt -RUN git clone -n https://git.joinplu.me/Plume/Plume.git plume +RUN git clone -n https://git.joinplu.me/lx/Plume.git plume WORKDIR /opt/plume -RUN git checkout ${VERSION} +RUN git checkout ${PLUME_VERSION} +# Small style patch to make text column wider +RUN git merge 397e3b4d9720475257817b322c05323d12918216 +RUN rm rust-toolchain WORKDIR /opt/plume/script RUN chmod a+x ./wasm-deps.sh && ./wasm-deps.sh WORKDIR /opt/plume -RUN cargo install wasm-pack RUN chmod a+x ./script/plume-front.sh && ./script/plume-front.sh -RUN cargo install --path ./ --force --no-default-features --features postgres -RUN cargo install --path plume-cli --force --no-default-features --features postgres +RUN cargo install --path ./ --force --no-default-features --features postgres,s3 +RUN cargo install --path plume-cli --force --no-default-features --features postgres,s3 RUN cargo clean #----------------------------- diff --git a/cluster/prod/app/plume/config/app.env b/cluster/prod/app/plume/config/app.env index b751bd6..b663d81 100644 --- a/cluster/prod/app/plume/config/app.env +++ b/cluster/prod/app/plume/config/app.env @@ -8,6 +8,17 @@ ROCKET_SECRET_KEY={{ key "secrets/plume/secret_key" | trimSpace }} #MAIL_PASSWORD=123456 #MAIL_HELO_NAME=example.org +# S3 settings +S3_BUCKET=plume +AWS_ACCESS_KEY_ID={{ key "secrets/plume/s3_access_key" | trimSpace }} +AWS_SECRET_ACCESS_KEY={{ key "secrets/plume/s3_secret_key" | trimSpace }} +S3_REGION=garage +S3_HOSTNAME={{ env "attr.unique.network.ip-address" }}:3900 +S3_PROTOCOL=http +S3_PATH_STYLE=true +S3_DIRECT_DOWNLOAD=true +S3_ALIAS_HOST=plume.web.deuxfleurs.fr + # DATABASE SETUP POSTGRES_PASSWORD={{ key "secrets/plume/pgsql_pw" | trimSpace }} POSTGRES_USER=plume diff --git a/cluster/prod/app/plume/deploy/plume.hcl b/cluster/prod/app/plume/deploy/plume.hcl index 4470099..c266167 100644 --- a/cluster/prod/app/plume/deploy/plume.hcl +++ b/cluster/prod/app/plume/deploy/plume.hcl @@ -1,12 +1,7 @@ job "plume-blog" { - datacenters = ["orion"] + datacenters = ["orion", "neptune"] type = "service" - constraint { - attribute = "${attr.cpu.arch}" - value = "amd64" - } - group "plume" { count = 1 @@ -15,23 +10,13 @@ job "plume-blog" { } task "plume" { - constraint { - attribute = "${attr.unique.hostname}" - operator = "=" - value = "dahlia" - } - driver = "docker" config { - image = "superboum/plume:v8" + image = "lxpz/plume_s3:v1" network_mode = "host" ports = [ "web_port" ] - #command = "cat" - #args = [ "/dev/stdout" ] - volumes = [ - "/mnt/ssd/plume/search_index:/app/search_index", - "/mnt/ssd/plume/media:/app/static/media" - ] + command = "sh" + args = [ "-c", "plm search init; plm search refill; plume" ] } template { @@ -51,6 +36,7 @@ job "plume-blog" { tags = [ "plume", "tricot plume.deuxfleurs.fr", + "d53-cname plume.deuxfleurs.fr", ] port = "web_port" address_mode = "host" diff --git a/cluster/prod/app/plume/secrets.toml b/cluster/prod/app/plume/secrets.toml index 4d68a5c..fd67a57 100644 --- a/cluster/prod/app/plume/secrets.toml +++ b/cluster/prod/app/plume/secrets.toml @@ -1,10 +1,15 @@ [service_user."plume"] password_secret = "plume/pgsql_pw" - [secrets."plume/secret_key"] type = 'command' rotate = true command = 'openssl rand -base64 32' +[secrets."plume/s3_access_key"] +type = 'user' +description = 'S3 access key ID for database and media storage' +[secrets."plume/s3_secret_key"] +type = 'user' +description = 'S3 secret key for database and media storage' |