Compare commits

...

3 Commits

Author SHA1 Message Date
e7fe19890d
feat: monoimage 2023-12-11 12:23:00 -06:00
0c5ddeac85
fix: unignore non-sensitive .env file 2023-12-09 18:30:11 -06:00
e7d4f1fb51
fix: use local fs volumes 2023-12-09 18:26:13 -06:00
44 changed files with 2492 additions and 119 deletions

4
.gitignore vendored
View File

@ -1,3 +1,7 @@
pg_data
redis_data
minio_data
node_modules node_modules
.next .next

View File

@ -1,129 +1,105 @@
FROM node:18-alpine AS builder FROM git.orionkindel.com/tpl/asdf:bookworm AS system
RUN apk add --no-cache libc6-compat
# Set working directory
WORKDIR /app
ENV NEXT_PUBLIC_API_BASE_URL=http://NEXT_PUBLIC_API_BASE_URL_PLACEHOLDER
RUN yarn global add turbo ARG S6_OVERLAY_VERSION=3.1.6.2
RUN apk add tree
COPY . .
RUN turbo prune --scope=app --scope=plane-deploy --docker ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz /tmp
CMD tree -I node_modules/ RUN tar -C / -Jxpf /tmp/s6-overlay-noarch.tar.xz
# Add lockfile and package.json's of isolated subworkspace ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-x86_64.tar.xz /tmp
FROM node:18-alpine AS installer RUN tar -C / -Jxpf /tmp/s6-overlay-x86_64.tar.xz
RUN apk add --no-cache libc6-compat RUN apt-get update
WORKDIR /app RUN apt-get install -y \
ARG NEXT_PUBLIC_API_BASE_URL=http://localhost:8000 build-essential \
# First install the dependencies (as they change less often) zlib1g-dev \
COPY .gitignore .gitignore libncurses5-dev \
COPY --from=builder /app/out/json/ . libgdbm-dev \
COPY --from=builder /app/out/yarn.lock ./yarn.lock libnss3-dev \
RUN yarn install libssl-dev \
libreadline-dev \
libffi-dev \
libsqlite3-dev \
wget \
libbz2-dev \
uuid-dev \
nginx \
procps
# # Build the project RUN asdf plugin add nodejs \
COPY --from=builder /app/out/full/ . && asdf plugin add python \
COPY turbo.json turbo.json && asdf plugin add postgres
COPY replace-env-vars.sh /usr/local/bin/
USER root
RUN chmod +x /usr/local/bin/replace-env-vars.sh
RUN yarn turbo run build RUN --mount=type=cache,target=/.asdf-build \
export ASDF_DOWNLOAD_PATH=/.asdf-build \
&& export TMPDIR=/.asdf-build \
&& export POSTGRES_SKIP_INITDB=y \
&& asdf install nodejs 20.9.0 \
&& asdf install python 3.11.1 \
&& asdf install postgres 15.3
ENV NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL \ RUN asdf global nodejs 20.9.0 \
BUILT_NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL && asdf global postgres 15.3 \
&& asdf global python 3.11.1
RUN /usr/local/bin/replace-env-vars.sh http://NEXT_PUBLIC_WEBAPP_URL_PLACEHOLDER ${NEXT_PUBLIC_API_BASE_URL} RUN useradd -m postgres && passwd -d postgres
FROM python:3.11.1-alpine3.17 AS backend ADD https://dl.min.io/server/minio/release/linux-amd64/minio /usr/bin
RUN chmod +x /usr/bin/minio
# set environment variables RUN set -eo pipefail; \
ENV PYTHONDONTWRITEBYTECODE 1 curl -fsSL https://packages.redis.io/gpg | gpg --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg; \
ENV PYTHONUNBUFFERED 1 echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb bookworm main" | tee /etc/apt/sources.list.d/redis.list; \
ENV PIP_DISABLE_PIP_VERSION_CHECK=1 apt-get update; \
apt-get install -y redis
WORKDIR /code FROM system AS build
RUN apk --no-cache add \ RUN asdf reshim
"libpq~=15" \ RUN npm i -g yarn
"libxslt~=1.1" \ RUN --mount=type=cache,target=/.yarn-cache \
"nodejs-current~=19" \ yarn config set cache-folder /.yarn-cache
"xmlsec~=1.2" \
"nginx" \
"nodejs" \
"npm" \
"supervisor"
COPY apiserver/requirements.txt ./ COPY package.json turbo.json yarn.lock app.json ./
COPY apiserver/requirements ./requirements COPY packages packages
RUN apk add --no-cache libffi-dev COPY web web
RUN apk add --no-cache --virtual .build-deps \ COPY space space
"bash~=5.2" \ COPY apiserver apiserver
"g++~=12.2" \ RUN --mount=type=cache,target=/.yarn-cache \
"gcc~=12.2" \ --mount=type=cache,target=/web/.next \
"cargo~=1.64" \ --mount=type=cache,target=/space/.next \
"git~=2" \ yarn install && \
"make~=4.3" \ yarn build && \
"postgresql13-dev~=13" \ cp -R /web/.next /web/_next && \
"libc-dev" \ cp -R /space/.next /space/_next
"linux-headers" \
&& \
pip install -r requirements.txt --compile --no-cache-dir \
&& \
apk del .build-deps
# Add in Django deps and generate Django's static files RUN mv /web/_next /web/.next && \
COPY apiserver/manage.py manage.py mv /space/_next /space/.next && \
COPY apiserver/plane plane/ cp -R /web/.next/standalone/web/* /web/ && \
COPY apiserver/templates templates/ cp -R /space/.next/standalone/space/* /space/
RUN apk --no-cache add "bash~=5.2" ENV PYTHONDONTWRITEBYTECODE=1
COPY apiserver/bin ./bin/ ENV PYTHONUNBUFFERED=1
ENV PIP_DISABLE_PIP_VERSION_CHECK=1
RUN chmod +x ./bin/takeoff ./bin/worker RUN --mount=type=cache,target=/root/.cache/pip \
RUN chmod -R 777 /code cd /apiserver \
&& pip install -r requirements.txt --compile
# Expose container port and run entry point script FROM build AS s6
WORKDIR /app COPY docker/etc/ /etc/
# Don't run production as root RUN chmod -R 777 /root \
RUN addgroup --system --gid 1001 plane && chmod -R 777 /root/.asdf \
RUN adduser --system --uid 1001 captain && chmod -x /root/.asdf/lib/commands/* \
&& chmod -R 777 /apiserver \
&& chmod -R 777 /web \
&& chmod -R 777 /space \
&& ln $(asdf which postgres) /usr/bin/postgres \
&& ln $(asdf which initdb) /usr/bin/initdb \
&& ln $(asdf which node) /usr/bin/node \
&& ln $(asdf which npm) /usr/bin/npm \
&& ln $(asdf which python) /usr/bin/python
COPY --from=installer /app/apps/app/next.config.js . ENV S6_KEEP_ENV=1
COPY --from=installer /app/apps/app/package.json . ENTRYPOINT ["/init"]
COPY --from=installer /app/apps/space/next.config.js .
COPY --from=installer /app/apps/space/package.json .
COPY --from=installer --chown=captain:plane /app/apps/app/.next/standalone ./
COPY --from=installer --chown=captain:plane /app/apps/app/.next/static ./apps/app/.next/static
COPY --from=installer --chown=captain:plane /app/apps/space/.next/standalone ./
COPY --from=installer --chown=captain:plane /app/apps/space/.next ./apps/space/.next
ENV NEXT_TELEMETRY_DISABLED 1
# RUN rm /etc/nginx/conf.d/default.conf
#######################################################################
COPY nginx/nginx-single-docker-image.conf /etc/nginx/http.d/default.conf
#######################################################################
COPY nginx/supervisor.conf /code/supervisor.conf
ARG NEXT_PUBLIC_API_BASE_URL=http://localhost:8000
ENV NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL \
BUILT_NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL
USER root
COPY replace-env-vars.sh /usr/local/bin/
COPY start.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/replace-env-vars.sh
RUN chmod +x /usr/local/bin/start.sh
EXPOSE 80
CMD ["supervisord","-c","/code/supervisor.conf"]

View File

@ -81,7 +81,7 @@ services:
restart: always restart: always
command: postgres -c 'max_connections=1000' command: postgres -c 'max_connections=1000'
volumes: volumes:
- pgdata:/var/lib/postgresql/data - ./pgdata:/var/lib/postgresql/data
env_file: env_file:
- .env - .env
environment: environment:
@ -95,7 +95,7 @@ services:
image: redis:6.2.7-alpine image: redis:6.2.7-alpine
restart: always restart: always
volumes: volumes:
- redisdata:/data - ./redisdata:/data
plane-minio: plane-minio:
container_name: plane-minio container_name: plane-minio
@ -103,10 +103,10 @@ services:
restart: always restart: always
command: server /export --console-address ":9090" command: server /export --console-address ":9090"
volumes: volumes:
- uploads:/export - ./uploads:/export
environment: environment:
MINIO_ROOT_USER: ${AWS_ACCESS_KEY_ID} MINIO_ROOT_USER: ${MINIO_ROOT_USER}
MINIO_ROOT_PASSWORD: ${AWS_SECRET_ACCESS_KEY} MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
# Comment this if you already have a reverse proxy running # Comment this if you already have a reverse proxy running
proxy: proxy:
@ -124,8 +124,3 @@ services:
- web - web
- api - api
- space - space
volumes:
pgdata:
redisdata:
uploads:

View File

@ -0,0 +1,36 @@
events {
}
http {
sendfile on;
server {
listen 80;
root /www/data/;
access_log /var/log/nginx/access.log;
client_max_body_size 5242880;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Permissions-Policy "interest-cohort=()" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location / {
proxy_pass http://localhost:3000/;
}
location /api/ {
proxy_pass http://localhost:8000/api/;
}
location /spaces/ {
rewrite ^/spaces/?$ /spaces/login break;
proxy_pass http://localhost:3001/spaces/;
}
location /uploads/ {
proxy_pass http://localhost:9000/uploads/;
}
}
}

2296
docker/etc/redis/redis.conf Normal file

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,2 @@
#!/bin/bash
/bin/bash -lc 'cd /apiserver && /apiserver/bin/beat'

View File

@ -0,0 +1 @@
longrun

View File

@ -0,0 +1,2 @@
#!/bin/bash
/bin/bash -lc 'cd /apiserver && /apiserver/bin/worker'

View File

@ -0,0 +1 @@
longrun

View File

@ -0,0 +1,2 @@
#!/bin/bash
/bin/bash -lc 'cd /apiserver && /apiserver/bin/takeoff'

View File

@ -0,0 +1 @@
longrun

View File

@ -0,0 +1,2 @@
#!/bin/bash
/run/s6/basedir/bin/halt

View File

@ -0,0 +1,26 @@
#!/bin/bash
script=$(mktemp)
chmod 777 "$script"
chmod -R 750 /pg_data
chown -R postgres:postgres /pg_data
cat << "EOSH" > "$script"
pgdir=/root/.asdf/installs/postgres/15.3
export POSTGRES_USER=plane
export POSTGRES_PASSWORD=plane
export POSTGRES_DB=plane
export PGDATA=/pg_data
export ROOT_DB_URL=postgresql://plane:plane@localhost:5432/postgres
export TZ=GMT
pwfile=$(mktemp)
echo -n $POSTGRES_PASSWORD > $pwfile
$pgdir/bin/initdb -U $POSTGRES_USER --pwfile=$pwfile --no-locale -L $pgdir/share/ || true
$pgdir/bin/postgres -c 'max_connections=1000'
EOSH
su postgres -c "/bin/bash $script"

View File

@ -0,0 +1 @@
longrun

View File

@ -0,0 +1,2 @@
#!/command/execlineb -P
/usr/bin/minio server /minio_data --console-address ":9090"

View File

@ -0,0 +1 @@
longrun

View File

@ -0,0 +1,2 @@
#!/command/execlineb -P
nginx -g "daemon off;"

View File

@ -0,0 +1 @@
longrun

View File

@ -0,0 +1,2 @@
#!/command/execlineb -P
/usr/bin/redis-server /etc/redis/redis.conf

View File

@ -0,0 +1 @@
longrun

View File

@ -0,0 +1,4 @@
#!/bin/bash
HOSTNAME=127.0.0.1 \
PORT=3001 \
node /space/server.js space

View File

@ -0,0 +1 @@
longrun

View File

@ -0,0 +1 @@

View File

@ -0,0 +1 @@

View File

@ -0,0 +1 @@

View File

@ -0,0 +1 @@

View File

@ -0,0 +1 @@

View File

@ -0,0 +1 @@

View File

@ -0,0 +1 @@

View File

@ -0,0 +1 @@

View File

@ -0,0 +1,5 @@
#!/bin/bash
NEXT_PUBLIC_DEPLOY_URL="http://localhost/spaces" \
HOSTNAME=127.0.0.1 \
PORT=3000 \
node /web/server.js web

View File

@ -0,0 +1 @@
longrun