Scott.Idem/OSIT-AE-Docker-Env
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: Scott.Idem:master
Branches Tags
Scott.Idem:master Scott.Idem:dev_cluster Scott.Idem:development Scott.Idem:development-old
...
pull from: Scott.Idem:development
Branches Tags
Scott.Idem:dev_cluster Scott.Idem:development Scott.Idem:master Scott.Idem:development-old

7 Commits
master ... developmen

Author SHA1 Message Date
Scott Idem
d265064cf6 Clean up before wrapping up for the night. Seems to be working well. 2024-02-14 20:37:18 -05:00
Scott Idem
56da44234a Trying again 2024-02-14 20:32:52 -05:00
Scott Idem
4d50418238 Making things easier to configure 2024-02-14 20:27:17 -05:00
Scott Idem
b87fd7f200 Ooops 2024-02-14 18:54:15 -05:00
Scott Idem
f171d314f2 Still trying to fix a Docker compose bug? 2024-02-14 18:53:15 -05:00
Scott Idem
2ac5a39706 Trying to fix a Docker compose bug? 2024-02-14 18:30:01 -05:00
Scott Idem
9fe60c418d Updated the cert filenames and paths 2024-02-13 17:42:20 -05:00
5 changed files with 73 additions and 58 deletions
Expand all files Collapse all files

1
.env.default
View File

@@ -21,6 +21,7 @@ OSIT_WEB_MAX_BODY_SIZE=5120M
DOCKER_AE_SERVER_EXTRA_HOST=example.oneskyit.com:192.168.32.20 DOCKER_AE_SERVER_EXTRA_HOST=example.oneskyit.com:192.168.32.20
DOCKER_AE_APP_SERVER_EXTRA_HOST=example-app.oneskyit.com:192.168.32.20 DOCKER_AE_APP_SERVER_EXTRA_HOST=example-app.oneskyit.com:192.168.32.20
DOCKER_AE_API_SERVER_EXTRA_HOST=example-api.oneskyit.com:192.168.32.20 DOCKER_AE_API_SERVER_EXTRA_HOST=example-api.oneskyit.com:192.168.32.20
DOCKER_AE_API_BAK_SERVER_EXTRA_HOST=example-bak-api.oneskyit.com:192.168.32.20
DOCKER_AE_API_V5_SERVER_EXTRA_HOST=example-api-v5.oneskyit.com:192.168.32.20 DOCKER_AE_API_V5_SERVER_EXTRA_HOST=example-api-v5.oneskyit.com:192.168.32.20
DOCKER_AE_APP_EXTRA_HOST=example-api.oneskyit.com:192.168.32.20 # This should be a static(ish) IP. It may need to be externally routable? prod-api.oneskyit.com:104.237.143.4 DOCKER_AE_APP_EXTRA_HOST=example-api.oneskyit.com:192.168.32.20 # This should be a static(ish) IP. It may need to be externally routable? prod-api.oneskyit.com:104.237.143.4
DOCKER_AE_APP_EXTRA_HOST_V5=example-api-v5.oneskyit.com:192.168.32.20 DOCKER_AE_APP_EXTRA_HOST_V5=example-api-v5.oneskyit.com:192.168.32.20

11
README.md
View File

@@ -8,6 +8,12 @@ sudo mkdir /srv/env
sudo chown -R scott:scott /srv/env/ sudo chown -R scott:scott /srv/env/
git clone https://scott_idem@bitbucket.org/oneskyit/one-sky-it-container-environment.git /srv/env/test_aether git clone https://scott_idem@bitbucket.org/oneskyit/one-sky-it-container-environment.git /srv/env/test_aether
``` ```
* Using rsync is also an option. The symlinked directories will need to be copied separately.
```bash
sudo rsync -vhr -progress /srv/env/prod_aether/ /srv/env/bak_aether
rsync -av /srv/http/aether_app/ /srv/apps/prod_aether_app_flask
rsync -av /srv/http/aether_api/ /srv/apps/prod_aether_api_fastapi
```
### Part 2 ### Part 2
* Create links to needed for the srv/ directories. See the README.md file under srv/ for details. * Create links to needed for the srv/ directories. See the README.md file under srv/ for details.
@@ -115,6 +121,11 @@ sdfasdfasd git clone https://scott_idem@bitbucket.org/oneskyit/one-sky-it-contai
```bash ```bash
sudo ln -s /srv/apps/prod_aether_app_flask /srv/env/bak_aether/srv/aether_app_ln
sudo ln -s /srv/apps/prod_aether_api_fastapi /srv/env/bak_aether/srv/aether_api_ln
sudo ln -s /mnt/data/speaker_ready/hosted_tmp /srv/env/bak_aether/srv/hosted_tmp_ln
sudo ln -s /mnt/data/speaker_ready/hosted_files /srv/env/bak_aether/srv/hosted_files_ln
ln -s /srv/http/dev_app.oneskyit.com /srv/env/test_aether/srv/aether_app_ln ln -s /srv/http/dev_app.oneskyit.com /srv/env/test_aether/srv/aether_app_ln
ln -s /srv/http/dev_fastapi.oneskyit.com /srv/env/test_aether/srv/aether_api_ln ln -s /srv/http/dev_fastapi.oneskyit.com /srv/env/test_aether/srv/aether_api_ln
ln -s /mnt/data/speaker_ready/hosted_tmp /srv/env/test_aether/srv/hosted_tmp_ln ln -s /mnt/data/speaker_ready/hosted_tmp /srv/env/test_aether/srv/hosted_tmp_ln

20
conf/nginx/site-enabled_aether_fastapi_gunicorn.conf
View File

@@ -1,7 +1,7 @@
server { server {
listen 80; listen 80;
listen [::]:80; listen [::]:80;
server_name server_name
${DOCKER_AE_API_SERVER_NAME} ${DOCKER_AE_API_SERVER_NAME}
fastapi.localhost fastapi.localhost
@@ -36,13 +36,13 @@ server {
fastcgi_connect_timeout 4s; fastcgi_connect_timeout 4s;
fastcgi_send_timeout 5s; fastcgi_send_timeout 5s;
fastcgi_read_timeout 5s; fastcgi_read_timeout 5s;
# proxy read timeout being too low will cause 504 Gateway Time-out on the client browser # proxy read timeout being too low will cause 504 Gateway Time-out on the client browser
proxy_read_timeout 2100s; proxy_read_timeout 2100s;
proxy_pass http://fastapi_backend; proxy_pass http://fastapi_backend;
} }
location /ws { location /ws {
proxy_set_header Host $http_host; proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
@@ -61,7 +61,7 @@ server {
# proxy_headers_hash_max_size 1024; # proxy_headers_hash_max_size 1024;
proxy_pass http://fastapi_backend; proxy_pass http://fastapi_backend;
access_log /logs/nginx/access_fastapi_gunicorn_ws.log; access_log /logs/nginx/access_fastapi_gunicorn_ws.log;
error_log /logs/nginx/error_fastapi_gunicorn_ws.log; error_log /logs/nginx/error_fastapi_gunicorn_ws.log;
} }
@@ -71,7 +71,7 @@ server {
server { server {
listen 443 ssl; listen 443 ssl;
listen [::]:443 ssl; listen [::]:443 ssl;
server_name server_name
${DOCKER_AE_API_SERVER_NAME} ${DOCKER_AE_API_SERVER_NAME}
fastapi.localhost fastapi.localhost
@@ -90,8 +90,8 @@ server {
include /etc/nginx/options-ssl-nginx.conf; include /etc/nginx/options-ssl-nginx.conf;
ssl_certificate /etc/certs/fullchain.pem; ssl_certificate /etc/certs/fullchain_wild.pem;
ssl_certificate_key /etc/certs/privkey.pem; ssl_certificate_key /etc/certs/privkey_wild.pem;
ssl_dhparam /etc/certs/ssl-dhparams.pem; ssl_dhparam /etc/certs/ssl-dhparams.pem;
# include brotli.conf; # include brotli.conf;
@@ -115,13 +115,13 @@ server {
fastcgi_connect_timeout 35s; fastcgi_connect_timeout 35s;
fastcgi_send_timeout 35s; fastcgi_send_timeout 35s;
fastcgi_read_timeout 35s; fastcgi_read_timeout 35s;
# proxy read timeout being too low will cause 504 Gateway Time-out on the client browser # proxy read timeout being too low will cause 504 Gateway Time-out on the client browser
proxy_read_timeout 2100s; proxy_read_timeout 2100s;
proxy_pass http://fastapi_backend; proxy_pass http://fastapi_backend;
} }
location /ws { location /ws {
proxy_set_header Host $http_host; proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
@@ -140,7 +140,7 @@ server {
# proxy_headers_hash_max_size 1024; # proxy_headers_hash_max_size 1024;
proxy_pass http://fastapi_backend; proxy_pass http://fastapi_backend;
access_log /logs/nginx/access_fastapi_gunicorn_ws.log; access_log /logs/nginx/access_fastapi_gunicorn_ws.log;
error_log /logs/nginx/error_fastapi_gunicorn_ws.log; error_log /logs/nginx/error_fastapi_gunicorn_ws.log;
} }

20
conf/nginx/site-enabled_aether_flask_gunicorn.conf
View File

@@ -1,14 +1,21 @@
server { server {
listen 80; listen 80;
listen [::]:80; listen [::]:80;
# server_name # server_name
# ${NGINX_SERVER_NAMES} # ${NGINX_SERVER_NAMES}
# ; # ;
server_name server_name
${DOCKER_AE_APP_SERVER_NAME} ${DOCKER_AE_APP_SERVER_NAME}
flask_gunicorn.localhost demo.localhost dev.localhost flask_gunicorn.localhost demo.localhost dev.localhost
bak-app.oneskyit.com
bak-connect.oneskyit.com *.bak-connect.oneskyit.com
bak-demo.oneskyit.com *.bak-demo.oneskyit.com
bak-businessgroup.oneskyit.com *.bak-businessgroup.oneskyit.com
bak-ishlt.oneskyit.com *.bak-ishlt.oneskyit.com
dev-app.oneskyit.com dev-app.oneskyit.com
dev-connect.oneskyit.com *.dev-connect.oneskyit.com dev-connect.oneskyit.com *.dev-connect.oneskyit.com
dev-demo.oneskyit.com *.dev-demo.oneskyit.com dev-demo.oneskyit.com *.dev-demo.oneskyit.com
@@ -70,7 +77,7 @@ server {
server { server {
listen 443 ssl; listen 443 ssl;
listen [::]:443 ssl; listen [::]:443 ssl;
# The Docker nginx envsubst with templates does not work for multiple server names. # The Docker nginx envsubst with templates does not work for multiple server names.
# server_name # server_name
# ${NGINX_SERVER_NAMES} # ${NGINX_SERVER_NAMES}
@@ -79,6 +86,13 @@ server {
${DOCKER_AE_APP_SERVER_NAME} ${DOCKER_AE_APP_SERVER_NAME}
flask_gunicorn.localhost demo.localhost dev.localhost flask_gunicorn.localhost demo.localhost dev.localhost
bak-app.oneskyit.com
bak-connect.oneskyit.com *.bak-connect.oneskyit.com
bak-demo.oneskyit.com *.bak-demo.oneskyit.com
bak-businessgroup.oneskyit.com *.bak-businessgroup.oneskyit.com
bak-ishlt.oneskyit.com *.bak-ishlt.oneskyit.com
dev-app.oneskyit.com dev-app.oneskyit.com
dev-connect.oneskyit.com *.dev-connect.oneskyit.com dev-connect.oneskyit.com *.dev-connect.oneskyit.com
dev-demo.oneskyit.com *.dev-demo.oneskyit.com dev-demo.oneskyit.com *.dev-demo.oneskyit.com

79
docker-compose.yml
View File

@@ -46,7 +46,7 @@ services:
# - ./conf/nginx/other.conf:/etc/nginx/conf.d/other.conf # - ./conf/nginx/other.conf:/etc/nginx/conf.d/other.conf
- ./conf/nginx/site.conf:/etc/nginx/conf.d/0_site.conf - ./conf/nginx/site.conf:/etc/nginx/conf.d/0_site.conf
# - ./conf/nginx/site-enabled_aether-mailman2.conf:/etc/nginx/conf.d/site-enabled_aether-mailman2.conf # - ./conf/nginx/site-enabled_aether-mailman2.conf:/etc/nginx/conf.d/site-enabled_aether-mailman2.conf
# - ./conf/nginx/site-enabled_aether-nextcloud.conf:/etc/nginx/conf.d/site-enabled_aether-nextcloud.conf # - ./conf/nginx/site-enabled_aether-nextcloud.conf:/etc/nginx/conf.d/site-enabled_aether-nextcloud.conf
# - ./conf/nginx/site-enabled_aether-phpmyadmin.conf:/etc/nginx/templates/site-enabled_aether-phpmyadmin.conf.template # - ./conf/nginx/site-enabled_aether-phpmyadmin.conf:/etc/nginx/templates/site-enabled_aether-phpmyadmin.conf.template
@@ -58,6 +58,8 @@ services:
# - ./conf/nginx/site-enabled_aether_api_v5_fastapi_gunicorn.conf:/etc/nginx/templates/site-enabled_aether_api_v5_fastapi_gunicorn.conf.template # - ./conf/nginx/site-enabled_aether_api_v5_fastapi_gunicorn.conf:/etc/nginx/templates/site-enabled_aether_api_v5_fastapi_gunicorn.conf.template
- ./conf/nginx/site-enabled_aether_flask_gunicorn.conf:/etc/nginx/templates/site-enabled_aether_flask_gunicorn.conf.template - ./conf/nginx/site-enabled_aether_flask_gunicorn.conf:/etc/nginx/templates/site-enabled_aether_flask_gunicorn.conf.template
- ./conf/certs/oneskyit_wild_fullchain.pem:/etc/certs/fullchain_wild.pem
- ./conf/certs/oneskyit_wild_privkey.pem:/etc/certs/privkey_wild.pem
- ./conf/certs/oneskyit.com_fullchain.pem:/etc/certs/fullchain.pem - ./conf/certs/oneskyit.com_fullchain.pem:/etc/certs/fullchain.pem
- ./conf/certs/oneskyit.com_privkey.pem:/etc/certs/privkey.pem - ./conf/certs/oneskyit.com_privkey.pem:/etc/certs/privkey.pem
- ./conf/certs/ssl-dhparams.pem:/etc/certs/ssl-dhparams.pem - ./conf/certs/ssl-dhparams.pem:/etc/certs/ssl-dhparams.pem
@@ -119,42 +121,25 @@ services:
# # - ./customcert.pem:/etc/ssl/certs/ssl-cert-snakeoil.pem # # - ./customcert.pem:/etc/ssl/certs/ssl-cert-snakeoil.pem
# # - ./customcertkey.key:/etc/ssl/private/ssl-cert-snakeoil.key # # - ./customcertkey.key:/etc/ssl/private/ssl-cert-snakeoil.key
# php5: # php7:
# restart: always # restart: always
# container_name: ae_php5_dev # container_name: ${CONTAINER_PHP7}
# # image: php:5-fpm # # image: php:fpm
# build: # build:
# context: ./ # context: ./
# dockerfile: php5.Dockerfile # dockerfile: php7.Dockerfile
# volumes: # volumes:
# - ./srv/html_php:/srv/html_php # - ./srv/html_php:/srv/html_php
# # - ./srv/oneskyit_site:/srv/oneskyit_site
# - ./conf/php/custom_php5.ini:/usr/local/etc/php/conf.d/custom_php5.ini # # - ./srv/nextcloud:/srv/nextcloud
#
# - ./logs:/logs # - ./conf/php/custom_php7.ini:/usr/local/etc/php/conf.d/custom_php7.ini
# ports:
# - "9005:9000" # - ./logs/php7:/logs
# # ports:
# # - "9007:9000"
# # networks: # # networks:
# # - local-net # # - local-net
php7:
restart: always
container_name: ${CONTAINER_PHP7}
# image: php:fpm
build:
context: ./
dockerfile: php7.Dockerfile
volumes:
- ./srv/html_php:/srv/html_php
- ./srv/oneskyit_site:/srv/oneskyit_site
# - ./srv/nextcloud:/srv/nextcloud
- ./conf/php/custom_php7.ini:/usr/local/etc/php/conf.d/custom_php7.ini
- ./logs/php7:/logs
# ports:
# - "9007:9000"
# networks:
# - local-net
# phpmyadmin: # phpmyadmin:
# image: phpmyadmin # image: phpmyadmin
@@ -227,10 +212,10 @@ services:
restart: always restart: always
container_name: ${CONTAINER_REDIS} container_name: ${CONTAINER_REDIS}
image: redis image: redis
ports: # ports:
# host to image # # host to image
# default port is 6379 # # default port is 6379
- "${AE_REDIS_PORT}:6379" # - "${AE_REDIS_PORT}:6379"
aether_api_gunicorn: aether_api_gunicorn:
restart: always restart: always
@@ -243,6 +228,8 @@ services:
- ./.env - ./.env
ports: ports:
- "${AE_API_GUNICORN_PORT}:5005" - "${AE_API_GUNICORN_PORT}:5005"
extra_hosts:
- "${DOCKER_AE_SERVER_EXTRA_HOST}"
# expose: # expose:
# - 5005 # - 5005
# networks: # networks:
@@ -251,11 +238,11 @@ services:
- ./conf/aether_fastapi_gunicorn_conf.py:/conf/gunicorn_fastapi_conf.py - ./conf/aether_fastapi_gunicorn_conf.py:/conf/gunicorn_fastapi_conf.py
- ./conf/aether_fastapi_requirements_current.txt:/requirements_current.txt - ./conf/aether_fastapi_requirements_current.txt:/requirements_current.txt
- ./conf/aether_api_config.py:/srv/aether_api/app/config.py - ./conf/aether_api_config.py:/srv/aether_api/app/config.py
- ./logs/ae_api:/logs - ./logs/ae_api:/logs
# - ./logs/ae_api/aether_fastapi_gunicorn.log:/logs/gunicorn.log # - ./logs/ae_api/aether_fastapi_gunicorn.log:/logs/gunicorn.log
# - ./logs/aether_fastapi_gunicorn_access.log:/logs/gunicorn_access.log # - ./logs/aether_fastapi_gunicorn_access.log:/logs/gunicorn_access.log
# - ./logs/aether_fastapi_gunicorn_error.log:/logs/gunicorn_error.log # - ./logs/aether_fastapi_gunicorn_error.log:/logs/gunicorn_error.log
# - ./logs/aether_api.log:/logs/aether_api.log # - ./logs/aether_api.log:/logs/aether_api.log
# - ./logs/ae_api/aether_api.log.1:/logs/aether_api.log.1 # - ./logs/ae_api/aether_api.log.1:/logs/aether_api.log.1
# - ./logs/ae_api/aether_api.log.2:/logs/aether_api.log.2 # - ./logs/ae_api/aether_api.log.2:/logs/aether_api.log.2
@@ -263,13 +250,13 @@ services:
# - ./logs/ae_api/aether_api.log.4:/logs/aether_api.log.4 # - ./logs/ae_api/aether_api.log.4:/logs/aether_api.log.4
# - ./logs/ae_api/aether_api.log.5:/logs/aether_api.log.5 # - ./logs/ae_api/aether_api.log.5:/logs/aether_api.log.5
# - ./logs/ae_api/aether_api_warning.log:/logs/aether_api_warning.log # - ./logs/ae_api/aether_api_warning.log:/logs/aether_api_warning.log
- ./srv/aether_api_ln:/srv/aether_api - ./srv/aether_api_ln:/srv/aether_api
- ./srv/hosted_files_ln:/srv/hosted_files - ./srv/hosted_files_ln:/srv/hosted_files
- ./srv/hosted_tmp_ln:/srv/hosted_tmp - ./srv/hosted_tmp_ln:/srv/hosted_tmp
# - ./tmp/ae_api:/tmp # - ./tmp/ae_api:/tmp
- ./temp/ae_api:/temp - ./temp/ae_api:/temp
# - ./temp/ae_api/aether_fastapi_requirements_current.txt:/temp/requirements_current.txt # - ./temp/ae_api/aether_fastapi_requirements_current.txt:/temp/requirements_current.txt
# links: # links:
@@ -278,7 +265,7 @@ services:
- redis - redis
stdin_open: true # docker run -i stdin_open: true # docker run -i
tty: true # docker run -t tty: true # docker run -t
# aether_api_v5_gunicorn: # aether_api_v5_gunicorn:
# restart: always # restart: always
# container_name: ae_api_v5_dev # container_name: ae_api_v5_dev
@@ -294,15 +281,15 @@ services:
# - ./conf/aether_api_v5_fastapi_gunicorn_conf.py:/conf/gunicorn_fastapi_conf.py # - ./conf/aether_api_v5_fastapi_gunicorn_conf.py:/conf/gunicorn_fastapi_conf.py
# - ./conf/aether_api_v5_fastapi_requirements_current.txt:/conf/requirements_current.txt # - ./conf/aether_api_v5_fastapi_requirements_current.txt:/conf/requirements_current.txt
# - ./conf/aether_api_v5_fastapi_config.py:/srv/aether_api/app/config.py # - ./conf/aether_api_v5_fastapi_config.py:/srv/aether_api/app/config.py
# #
# - ./logs/ae_api_v5:/logs # - ./logs/ae_api_v5:/logs
# #
# - ./srv/aether_api_v5_ln:/srv/aether_api # - ./srv/aether_api_v5_ln:/srv/aether_api
# - ./srv/hosted_files_ln:/srv/hosted_files # - ./srv/hosted_files_ln:/srv/hosted_files
# - ./srv/hosted_tmp_ln:/srv/hosted_tmp # - ./srv/hosted_tmp_ln:/srv/hosted_tmp
# #
# # - ./tmp/ae_api:/tmp # # - ./tmp/ae_api:/tmp
# #
# - ./temp/ae_api:/temp # - ./temp/ae_api:/temp
# # - ./temp/ae_api/aether_fastapi_requirements_current.txt:/temp/requirements_current.txt # # - ./temp/ae_api/aether_fastapi_requirements_current.txt:/temp/requirements_current.txt
# # links: # # links:
@@ -329,9 +316,11 @@ services:
# networks: # networks:
# - local-net # - local-net
extra_hosts: extra_hosts:
# - dev-api.oneskyit.com:192.168.32.20 - "${DOCKER_AE_SERVER_EXTRA_HOST}"
- "${DOCKER_AE_API_SERVER_EXTRA_HOST}" - "${DOCKER_AE_API_SERVER_EXTRA_HOST}"
- "${DOCKER_AE_API_BAK_SERVER_EXTRA_HOST}"
- "${DOCKER_AE_API_V5_SERVER_EXTRA_HOST}" - "${DOCKER_AE_API_V5_SERVER_EXTRA_HOST}"
# - dev-api.oneskyit.com:192.168.32.20
volumes: volumes:
- ./conf/aether_flask_gunicorn_conf.py:/conf/gunicorn_flask_conf.py - ./conf/aether_flask_gunicorn_conf.py:/conf/gunicorn_flask_conf.py
- ./conf/aether_flask_requirements_current.txt:/requirements_current.txt - ./conf/aether_flask_requirements_current.txt:/requirements_current.txt