mirror of
https://codeberg.org/Freedium-cfd/web.git
synced 2026-03-11 09:04:37 +00:00
feat(docker): multiple profiles
This commit is contained in:
parent
40527c2b04
commit
270418ced0
9 changed files with 136 additions and 83 deletions
51
README.md
51
README.md
|
|
@ -8,25 +8,33 @@
|
|||
|
||||
## Stack:
|
||||
|
||||
- Backend: Python 3.9+, Unicorn, FastAPI, Jinja2, Sentry
|
||||
- Frontend: Tailwinds CSS v3
|
||||
- Database: PostgreSQL, Dragonfly (Redis and Memcached compatible key-value database)
|
||||
- Utils: Caddy, Docker, Docker Compose, Cloudflare WARP proxy (wgcf)
|
||||
- Backend:
|
||||
- language: Python 3.9+
|
||||
- framework: Unicorn, FastAPI
|
||||
- Frontend:
|
||||
- framework: Tailwinds CSS v3, Jinja2
|
||||
- monitoring: Sentry
|
||||
- Database:
|
||||
- PostgreSQL, Dragonfly (Redis and Memcached compatible key-value database)
|
||||
- Utils:
|
||||
- Caddy, Docker, Docker Compose, Cloudflare WARP proxy (wgcf)
|
||||
|
||||
## Local run:
|
||||
## Project configuration:
|
||||
|
||||
There is two profiles:
|
||||
There is three (3) docker-compose profiles:
|
||||
|
||||
- `min` - without 2 Cluster of Cloudflare WARP proxy, HAProxy proxy balancer, Plausible, Grafana.
|
||||
- `local` - based on `min`, but with `freedium.local` exposed hostname, both 80 and 443 ports are exposed, with self-signed TLS certificate.
|
||||
- `prod` - with all services for production.
|
||||
|
||||
For local development, we recommend to use `min` profile.
|
||||
### Requirements:
|
||||
|
||||
Requirements:
|
||||
|
||||
- Docker
|
||||
- Docker, Docker Compose, last version is preferred.
|
||||
- Linux, preferably rolling release. We can't guarantee that Freedium instance will work on other OS. Tested on Ubuntu 22.04 and Fedora 39.
|
||||
- git
|
||||
- Linux. Officially, we can't guarantee that Freedium will work on other OS.
|
||||
- Preferably, fresh and clean brain.
|
||||
|
||||
### Local run:
|
||||
|
||||
To configure your Freedium instance, follow these steps:
|
||||
|
||||
|
|
@ -48,13 +56,16 @@ To configure your Freedium instance, follow these steps:
|
|||
3. (Optional) Set up the Docker network:
|
||||
|
||||
```
|
||||
sudo docker network create caddy_freedium_net
|
||||
sudo docker network create caddy_net
|
||||
```
|
||||
|
||||
4. Change your hosts file:
|
||||
|
||||
```
|
||||
sudo nano /etc/hosts
|
||||
# or
|
||||
vim /etc/hosts
|
||||
# and when you are closed vim, type `:w !sudo tee %` to save file without executing vim in root mode
|
||||
```
|
||||
|
||||
Add the following line:
|
||||
|
|
@ -66,21 +77,23 @@ To configure your Freedium instance, follow these steps:
|
|||
5. Start the Freedium services (`min` profile):
|
||||
|
||||
```
|
||||
sudo docker compose --profile min -f ./docker-compose/docker-compose.yml up
|
||||
sudo docker compose --profile local -f ./docker-compose/docker-compose.yml up
|
||||
```
|
||||
|
||||
Stopping the services:
|
||||
|
||||
```
|
||||
sudo docker compose --profile min -f ./docker-compose/docker-compose.yml down
|
||||
sudo docker compose --profile local -f ./docker-compose/docker-compose.yml down
|
||||
```
|
||||
|
||||
6. (Optional) Configure your reverse proxy (Caddy, Nginx, etc.) to use `freedium.local` as a host.
|
||||
|
||||
If you use Dockerized reverse proxy, you can specify network `caddy_freedium_net` with `external: true` option in networks section of your reverse proxy container. Specify `caddy_freedium` hostname with port `80` (or `443`) in your reverse proxy configuration.
|
||||
|
||||
And now you can access local instance of Freedium by opening browser and type `https://freedium.local`. There is would be a warning about insecure connection, because we use self-signed TLS certificate. Ignore it.
|
||||
|
||||
### Production run:
|
||||
|
||||
All production services are running on `prod` profile. If you use Dockerized reverse proxy, you can specify network `caddy_freedium_net` with `external: true` option in networks section of your reverse proxy container. Specify `caddy_freedium` hostname with port `6752` (or `6753` for Plausible) in your reverse proxy configuration.
|
||||
|
||||
As alternative, you can directly change docker-compose configurations to use your reverse proxy. See `docker-compose` and `caddy` folders for more details.
|
||||
|
||||
## Architecture:
|
||||
|
||||
```mermaid
|
||||
|
|
@ -174,7 +187,7 @@ graph TB
|
|||
## TODO:
|
||||
|
||||
- ~~Integrate library notifiers - https://github.com/liiight/notifiers~~ Use Graphana and Loki instead
|
||||
- Do not use 'shturman/dante' image, because it is does not have updates for a long time. (Probably) Use https://hub.docker.com/r/vimagick/dante/
|
||||
- ~~Do not use 'shturman/dante' image, because it is does not have updates for a long time. (Probably) Use https://hub.docker.com/r/vimagick/dante/~~ Works, don't touch
|
||||
|
||||
## Roadmap
|
||||
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@
|
|||
lb_try_interval 1s
|
||||
}
|
||||
|
||||
plausible.freedium.local {
|
||||
plausible.freedium.local, :6753 {
|
||||
import common
|
||||
|
||||
reverse_proxy freedium_plausible:8000 {
|
||||
|
|
@ -27,7 +27,7 @@ plausible.freedium.local {
|
|||
}
|
||||
}
|
||||
|
||||
freedium.local {
|
||||
freedium.local, :6752 {
|
||||
import common
|
||||
|
||||
reverse_proxy freedium_web:7080 {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3.7'
|
||||
|
||||
services:
|
||||
redis_service:
|
||||
container_name: redis_service
|
||||
|
|
|
|||
|
|
@ -1,66 +1,104 @@
|
|||
version: '3.7'
|
||||
|
||||
x-expose: &expose
|
||||
networks:
|
||||
freedium_local_net:
|
||||
ipv4_address: 177.28.0.5
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
|
||||
x-freedium_web: &freedium_web
|
||||
env_file: ../.env
|
||||
build:
|
||||
context: ../
|
||||
dockerfile: Dockerfile
|
||||
# postgres_freedium:
|
||||
# condition: service_healthy
|
||||
volumes:
|
||||
- ../web:/app/web
|
||||
ports:
|
||||
- "7080:7080"
|
||||
networks:
|
||||
- freedium_net
|
||||
mem_limit: 4g
|
||||
restart: always
|
||||
healthcheck:
|
||||
test: [ "CMD-SHELL", "curl -f http://localhost:7080/ --max-time 80 --header 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.1.15'" ]
|
||||
interval: 30s
|
||||
start_period: 20s
|
||||
timeout: 80s
|
||||
retries: 3
|
||||
stop_grace_period: 2m
|
||||
|
||||
x-caddy_freedium: &caddy_freedium
|
||||
build:
|
||||
context: ../caddy
|
||||
dockerfile: Dockerfile
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
volumes:
|
||||
- ../caddy/Caddyfile:/etc/caddy/Caddyfile
|
||||
- ../caddy/static:/static
|
||||
- freedium_caddy_data:/data
|
||||
- freedium_caddy_config:/config
|
||||
restart: always
|
||||
healthcheck:
|
||||
test: [ "CMD-SHELL", "curl -f http://localhost:80/ --max-time 80 --header 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.1.15'" ]
|
||||
interval: 30s
|
||||
start_period: 20s
|
||||
timeout: 80s
|
||||
retries: 3
|
||||
stop_grace_period: 2m
|
||||
|
||||
services:
|
||||
caddy_freedium:
|
||||
container_name: caddy_freedium
|
||||
build:
|
||||
context: ../caddy
|
||||
dockerfile: Dockerfile
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
caddy_freedium_local:
|
||||
<<: [ *caddy_freedium, *expose ]
|
||||
container_name: caddy_freedium_local
|
||||
profiles:
|
||||
- local
|
||||
networks:
|
||||
freedium_local_net:
|
||||
ipv4_address: 177.28.0.5
|
||||
freedium_net:
|
||||
caddy_freedium_net:
|
||||
caddy_net:
|
||||
# ports:
|
||||
# - "6752:6752"
|
||||
# - "6753:6753"
|
||||
# - "80:80"
|
||||
# - "443:443"
|
||||
volumes:
|
||||
- ../caddy/Caddyfile:/etc/caddy/Caddyfile
|
||||
- freedium_caddy_data:/data
|
||||
- freedium_caddy_config:/config
|
||||
- ../caddy/static:/static
|
||||
restart: always
|
||||
healthcheck:
|
||||
test: [ "CMD-SHELL", "curl -f http://localhost:80/ --max-time 80 --header 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.1.15'" ]
|
||||
interval: 30s
|
||||
start_period: 20s
|
||||
timeout: 80s
|
||||
retries: 3
|
||||
stop_grace_period: 2m
|
||||
freedium_local_net:
|
||||
ipv4_address: 177.28.0.5
|
||||
|
||||
caddy_freedium:
|
||||
<<: *caddy_freedium
|
||||
container_name: caddy_freedium
|
||||
networks:
|
||||
freedium_net:
|
||||
caddy_freedium_net:
|
||||
caddy_net:
|
||||
ports:
|
||||
- "6752:6752"
|
||||
- "6753:6753"
|
||||
profiles:
|
||||
- prod
|
||||
- min
|
||||
|
||||
freedium_web_mini:
|
||||
<<: *freedium_web
|
||||
profiles:
|
||||
- min
|
||||
- local
|
||||
environment:
|
||||
- "PROXY_LIST=${PROXY_LIST:-}"
|
||||
container_name: freedium_web_mini
|
||||
hostname: freedium_web
|
||||
|
||||
freedium_web:
|
||||
container_name: freedium_web
|
||||
env_file: ../.env
|
||||
build:
|
||||
context: ../
|
||||
dockerfile: Dockerfile
|
||||
<<: *freedium_web
|
||||
profiles:
|
||||
- prod
|
||||
environment:
|
||||
- "PROXY_LIST=${PROXY_LIST:-socks5://haproxy-pb:1080}"
|
||||
- "PROXY_LIST=socks5://haproxy-pb:1080"
|
||||
depends_on:
|
||||
haproxy-proxy-balancer:
|
||||
condition: service_healthy
|
||||
# postgres_freedium:
|
||||
# condition: service_healthy
|
||||
volumes:
|
||||
- ../web:/app/web
|
||||
ports:
|
||||
- "7080:7080"
|
||||
networks:
|
||||
- freedium_net
|
||||
mem_limit: 4g
|
||||
restart: always
|
||||
healthcheck:
|
||||
test: [ "CMD-SHELL", "curl -f http://localhost:7080/ --max-time 80 --header 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.1.15'" ]
|
||||
interval: 30s
|
||||
start_period: 20s
|
||||
timeout: 80s
|
||||
retries: 3
|
||||
stop_grace_period: 2m
|
||||
container_name: freedium_web
|
||||
hostname: freedium_web
|
||||
|
||||
volumes:
|
||||
freedium_caddy_data:
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3.7'
|
||||
|
||||
# Based on: https://github.com/plausible/community-edition/blob/v2.1.4/compose.yml
|
||||
services:
|
||||
plausible_db:
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
version: '3.7'
|
||||
|
||||
services:
|
||||
haproxy-proxy-balancer:
|
||||
profiles:
|
||||
- prod
|
||||
build:
|
||||
context: ../proxy-balancer
|
||||
dockerfile: Dockerfile
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3.7'
|
||||
|
||||
services:
|
||||
autoheal:
|
||||
container_name: freedium_autoheal
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3.7'
|
||||
|
||||
services:
|
||||
wgcf1:
|
||||
image: neilpang/wgcf-docker:latest
|
||||
|
|
@ -21,6 +19,8 @@ services:
|
|||
interval: 5s
|
||||
timeout: 2s
|
||||
retries: 10000
|
||||
profiles:
|
||||
- prod
|
||||
|
||||
dante_1:
|
||||
image: shturman/dante:1.4.2
|
||||
|
|
@ -35,6 +35,8 @@ services:
|
|||
depends_on:
|
||||
wgcf1:
|
||||
condition: service_healthy
|
||||
profiles:
|
||||
- prod
|
||||
|
||||
wgcf1_healthcare_service:
|
||||
build:
|
||||
|
|
@ -53,6 +55,8 @@ services:
|
|||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
profiles:
|
||||
- prod
|
||||
|
||||
wgcf2:
|
||||
image: neilpang/wgcf-docker:latest
|
||||
|
|
@ -77,6 +81,8 @@ services:
|
|||
interval: 5s
|
||||
timeout: 2s
|
||||
retries: 10000
|
||||
profiles:
|
||||
- prod
|
||||
|
||||
dante_2:
|
||||
image: shturman/dante:1.4.2
|
||||
|
|
@ -91,6 +97,8 @@ services:
|
|||
depends_on:
|
||||
wgcf2:
|
||||
condition: service_healthy
|
||||
profiles:
|
||||
- prod
|
||||
|
||||
wgcf2_healthcare_service:
|
||||
build:
|
||||
|
|
@ -109,3 +117,5 @@ services:
|
|||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
profiles:
|
||||
- prod
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3.7'
|
||||
|
||||
include:
|
||||
- docker-compose.main.yml
|
||||
- docker-compose.wgcf.yml
|
||||
|
|
|
|||
Loading…
Reference in a new issue