Merge pull request #1894 from scpwiki/WJ-994-dev-docker

[WJ-994] Fix deepwell build in Docker
scpwiki · Apr 25, 2024 · 827492e · 827492e
2 parents 0d5e06b + 62001cc
commit 827492e
Show file tree

Hide file tree

Showing 10 changed files with 206 additions and 122 deletions.
diff --git a/.github/workflows/docker-build-push-api.dev.yaml b/.github/workflows/docker-build-push-api.dev.yaml
@@ -4,7 +4,6 @@ on:
   push:
     branches:
       - develop
-      - build-to-ecr # TEMP
     paths:
       - 'deepwell/**'
       - 'install/aws/dev/docker/api/**'
@@ -17,46 +16,16 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v2
 
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v1
-        with:
-          aws-access-key-id: ${{ secrets.DOCKER_PUSH_KEY }}
-          aws-secret-access-key: ${{ secrets.DOCKER_PUSH_SECRET }}
-          aws-region: us-east-2
-
-      - name: Login to Amazon ECR
-        id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v1
-
-      - name: Build, tag, and push image to Amazon ECR
-        id: build-image
-        env:
-          DOCKER_BUILDKIT: 1
-          ECR_REGISTRY: ${{ vars.ECR_REPOSITORY }}
-          ECR_REPOSITORY: wikijump/deepwell
-          IMAGE_TAG: ${{ github.sha }}
-        run: |
-          set -ex
-          docker build -f install/aws/dev/docker/api/Dockerfile -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -t $ECR_REGISTRY/$ECR_REPOSITORY:dev .
-          docker push $ECR_REGISTRY/$ECR_REPOSITORY --all-tags
-          echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT
-
-      - name: Download task definition
+      - name: Set up deployment environment
         run: |
-          aws ecs describe-task-definition --task-definition wikijump-deepwell-dev --query taskDefinition > task-definition.json
-
-      - name: Fill in the new image ID in the Amazon ECS task definition
-        id: task-def
-        uses: aws-actions/amazon-ecs-render-task-definition@v1
-        with:
-          task-definition: task-definition.json
-          container-name: deepwell
-          image: ${{ steps.build-image.outputs.image }}
-
-      - name: Deploy Amazon ECS task definition
-        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
-        with:
-          task-definition: ${{ steps.task-def.outputs.task-definition }}
-          service: wikijump-deepwell-dev
-          cluster: wikijump-dev
-          wait-for-service-stability: true
+          echo "$DOKKU_DEPLOY_KEY" > ~/.ssh/ssh-deploy
+          chmod 400 ~/.ssh/ssh-deploy
+          echo 'Host wikijump.dev' >> ~/.ssh/config
+          echo '    HostName wikijump.dev' >> ~/.ssh/config
+          echo '    User linuxuser' >> ~/.ssh/config
+          echo '    IdentityFile ~/.ssh/ssh-deploy' >> ~/.ssh/config
+          echo '    IdentitiesOnly yes' >> ~/.ssh/config
+          git remote add dokku [email protected]:deepwell
+
+      - name: Deploy to Dokku
+        run: git push dokku HEAD:master
diff --git a/.github/workflows/docker-build-push-postgres.dev.yaml b/.github/workflows/docker-build-push-postgres.dev.yaml
diff --git a/.github/workflows/docker-build-push-web.dev.yaml b/.github/workflows/docker-build-push-web.dev.yaml
@@ -0,0 +1,31 @@
+name: '[backend] Docker push Framerail'
+
+on:
+  push:
+    branches:
+      - develop
+    paths:
+      - 'framerail/**'
+      - 'install/aws/dev/docker/web/**'
+      - '.github/workflows/docker-build-push-web.dev.yaml'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up deployment environment
+        run: |
+          echo "$DOKKU_DEPLOY_KEY" > ~/.ssh/ssh-deploy
+          chmod 400 ~/.ssh/ssh-deploy
+          echo 'Host wikijump.dev' >> ~/.ssh/config
+          echo '    HostName wikijump.dev' >> ~/.ssh/config
+          echo '    User linuxuser' >> ~/.ssh/config
+          echo '    IdentityFile ~/.ssh/ssh-deploy' >> ~/.ssh/config
+          echo '    IdentitiesOnly yes' >> ~/.ssh/config
+          git remote add dokku [email protected]:framerail
+
+      - name: Deploy to Dokku
+        run: git push dokku HEAD:master
diff --git a/install/aws/dev/docker/api/Dockerfile b/install/aws/dev/docker/api/Dockerfile
@@ -2,11 +2,11 @@
 # DEEPWELL build
 #
 
-FROM rust:latest AS rust
+FROM rust:alpine AS rust
 
 # Install system dependencies
-RUN apt update
-RUN apt install libmagic-dev
+RUN apk update
+RUN apk add --no-cache build-base libmagic-static file
 
 # Copy source
 RUN mkdir /src
@@ -24,15 +24,18 @@ RUN cargo build --release
 #
 
 # We want alpine, but need glibc
-FROM frolvlad/alpine-glibc:glibc-2.34
+FROM alpine:latest
 
 ENV LOCALIZATION_PATH="/opt/locales"
 
-RUN apk add --no-cache curl libmagic
+RUN apk update
+RUN apk add --no-cache curl
 COPY --from=rust /src/deepwell/target/release/deepwell /usr/local/bin/deepwell
 COPY ./install/files/api/health-check.sh /bin/wikijump-health-check
-COPY ./install/files/dev/api_env /.env
+COPY ./install/files/dev/deepwell.toml /etc/deepwell.toml
 COPY ./locales/fluent /opt/locales/fluent
+COPY ./deepwell/seeder /opt/seeder
 
 USER daemon
-CMD ["/usr/local/bin/deepwell"]
+EXPOSE 2747
+CMD ["/usr/local/bin/deepwell", "/etc/deepwell.toml"]
diff --git a/install/aws/prod/docker/api/Dockerfile b/install/aws/prod/docker/api/Dockerfile
@@ -2,11 +2,11 @@
 # DEEPWELL build
 #
 
-FROM rust:latest AS rust
+FROM rust:alpine AS rust
 
 # Install system dependencies
-RUN apt update
-RUN apt install libmagic-dev
+RUN apk update
+RUN apk add --no-cache build-base libmagic-static file
 
 # Copy source
 RUN mkdir /src
@@ -24,14 +24,17 @@ RUN cargo build --release
 #
 
 # We want alpine, but need glibc
-FROM frolvlad/alpine-glibc:glibc-2.30
+FROM alpine:latest
 
 ENV LOCALIZATION_PATH="/opt/locales"
 
-RUN apk add --no-cache curl libmagic
+RUN apk update
+RUN apk add --no-cache curl
 COPY --from=rust /src/deepwell/target/release/deepwell /usr/local/bin/deepwell
+COPY ./install/files/api/health-check.sh /bin/wikijump-health-check
+COPY ./install/files/prod/deepwell.toml /etc/deepwell.toml
 COPY ./locales/fluent /opt/locales/fluent
-COPY ./install/files/prod/api_env /.env
 
 USER daemon
-CMD ["/usr/local/bin/deepwell"]
+EXPOSE 2747
+CMD ["/usr/local/bin/deepwell", "/etc/deepwell.toml"]
diff --git a/install/files/dev/api_env b/install/files/dev/api_env
diff --git a/install/files/dev/deepwell.toml b/install/files/dev/deepwell.toml
@@ -0,0 +1,71 @@
+[logger]
+enable = true
+level = "debug"
+
+[server]
+address = "[::]:2747"
+pid-file = ""
+
+[database]
+run-migrations = true
+run-seeder = true
+seeder-path = "/opt/seeder"
+
+[security]
+authentication-fail-delay-ms = 100
+
+[security.session]
+token-prefix = "wj:"
+token-length = 64
+duration-session-minutes = 30
+duration-login-minutes = 5
+
+[security.mfa]
+recovery-code-count = 4
+recovery-code-length = 8
+time-step = 30
+time-skew = 1
+
+[domain]
+main = "wikijump.dev"
+files = "wjfiles.dev"
+
+[job]
+workers = 2
+max-attempts = 3
+delay-ms = 5
+min-delay-poll-secs = 10  # 10 seconds
+max-delay-poll-secs = 360  # 6 minutes
+prune-session-secs = 600  # 5 minutes
+prune-text-secs = 86400  # 1 day
+name-change-refill-secs = 86400  # 1 day
+lift-expired-punishments-secs = 86400  # 1 day
+
+[locale]
+path = "/opt/locales"
+
+[ftml]
+render-timeout-ms = 2000
+rerender-skip = [
+    { job-depth = 1, last-update-ms = 100 },
+    { job-depth = 10, last-update-ms = 1500 },
+    { job-depth = 50, last-update-ms = 0 },
+]
+
+[special-pages]
+special-prefix = "_"
+template = "_template"
+missing = "_404"
+private = "_public"
+banned = "_ban"
+
+[user]
+default-name-changes = 2
+maximum-name-changes = 3
+minimum-name-bytes = 3
+refill-name-change-days = 90
+
+[message]
+maximum-subject-bytes = 128
+maximum-body-bytes = 200000
+maximum-recipients = 6
diff --git a/install/files/prod/api_env b/install/files/prod/api_env
diff --git a/install/files/prod/deepwell.toml b/install/files/prod/deepwell.toml
@@ -0,0 +1,71 @@
+[logger]
+enable = true
+level = "debug"
+
+[server]
+address = "[::]:2747"
+pid-file = ""
+
+[database]
+run-migrations = false
+run-seeder = false
+seeder-path = "seeder"
+
+[security]
+authentication-fail-delay-ms = 100
+
+[security.session]
+token-prefix = "wj:"
+token-length = 64
+duration-session-minutes = 30
+duration-login-minutes = 5
+
+[security.mfa]
+recovery-code-count = 4
+recovery-code-length = 8
+time-step = 30
+time-skew = 1
+
+[domain]
+main = "wikijump.com"
+files = "wjfiles.com"
+
+[job]
+workers = 2
+max-attempts = 3
+delay-ms = 5
+min-delay-poll-secs = 10  # 10 seconds
+max-delay-poll-secs = 360  # 6 minutes
+prune-session-secs = 600  # 5 minutes
+prune-text-secs = 86400  # 1 day
+name-change-refill-secs = 86400  # 1 day
+lift-expired-punishments-secs = 86400  # 1 day
+
+[locale]
+path = "/opt/locales"
+
+[ftml]
+render-timeout-ms = 2000
+rerender-skip = [
+    { job-depth = 1, last-update-ms = 100 },
+    { job-depth = 10, last-update-ms = 1500 },
+    { job-depth = 50, last-update-ms = 0 },
+]
+
+[special-pages]
+special-prefix = "_"
+template = "_template"
+missing = "_404"
+private = "_public"
+banned = "_ban"
+
+[user]
+default-name-changes = 2
+maximum-name-changes = 3
+minimum-name-bytes = 3
+refill-name-change-days = 90
+
+[message]
+maximum-subject-bytes = 128
+maximum-body-bytes = 200000
+maximum-recipients = 6
diff --git a/install/local/dev/api/Dockerfile b/install/local/dev/api/Dockerfile
@@ -27,4 +27,5 @@ RUN mkdir /src
 COPY ./deepwell /src/deepwell
 WORKDIR /src/deepwell
 
+EXPOSE 2747
 CMD ["/usr/local/cargo/bin/cargo", "watch", "-w", "/src/deepwell", "-w", "/opt/locales", "-w", "/etc/deepwell.toml", "--why", "-x", "run -- /etc/deepwell.toml"]