Scott.Idem/OSIT-AE-Docker-Env
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5fd57dc11acaa677593c72fc420384bdc2e87fec
OSIT-AE-Docker-Env/README.md

106 lines
4.0 KiB
Markdown
Raw Blame History

# Aether Framework - Docker Environment (Unified V3)
This repository provides the unified Docker orchestration and configuration for the Aether Platform. It manages the lifecycle of the Aether API (FastAPI), Aether App (SvelteKit), and supporting infrastructure (MariaDB, Redis, Nginx).
## 🚀 Quick Start
### 1. Initialize Directory Structure
Create the base directory and clone this environment:
```bash
sudo mkdir -p /srv/env/aether
sudo chown -R $USER:$USER /srv/env/aether
git clone https://bitbucket.org/oneskyit/one-sky-it-container-environment.git /srv/env/aether/container_env
```
### 2. Configure Environment Settings
Copy the template and update it with your local paths and credentials:
```bash
cd /srv/env/aether/container_env
cp env.default .env
# Edit .env to match your host system (Paths, DB, Ports)
vim .env
```
### 3. Setup Persistent Data & Symlinks
The containers expect data and some source code to be available via absolute paths defined in `.env`:
- **FastAPI Source (`AE_API_SRC`):** Mounted directly for real-time development.
- **SvelteKit Source (`AE_APP_SRC`):** Used as the build context for the SvelteKit container.
- **Hosted Files:** Link physical file storage for the API:
```bash
ln -s /mnt/data/aether/hosted_files srv/hosted_files
ln -s /mnt/data/aether/hosted_tmp srv/hosted_tmp
```
### 4. Certificates & Database
* **SSL:** Place your Let's Encrypt certificates in `conf/certs/`.
* **Database:** Use the restoration scripts (see below) to import a MariaDB snapshot.
---
## 🛠️ Management Commands
### Orchestration (Unified Stack)
```bash
docker compose up -d --build # Build and start all services (Autonomous SvelteKit build)
docker compose down # Stop all services
docker compose restart ae_app # Restart the SvelteKit UI
docker compose restart ae_api # Restart the FastAPI Backend
```
### Deployment Workflow
The SvelteKit application is built **inside** the container. You can control the build mode (which bakes in the correct `PUBLIC_` variables) via the `.env` file:
- Set `AE_APP_BUILD_MODE=staging` for development/testing.
- Set `AE_APP_BUILD_MODE=prod` for production.
Then run:
```bash
docker compose up -d --build ae_app
```
---
## 🗄️ Database Management (Physical Backups)
... (rest of the file remains the same) ...
The system uses physical hot backups via `mariabackup` for maximum speed and data integrity.
### User-Facing Scripts
These scripts are located in the root directory:
* **`./backup_db.sh`**: Triggers an immediate hot backup. Results are stored in `backups/`.
* **`./export_db.sh`**: Creates a "Conference Ready" backup in `backups/conference_export/` with host-user ownership.
* **`./restore_db.sh [backup_file.gz]`**: Performs a full "Clean Slate" restoration.
* *Warning:* This stops MariaDB, archives current data, and resets `root` passwords to match your `.env`.
* **`./check_and_import.sh`**: A watchdog script that monitors `backups/import/` for new snapshots and triggers automated restoration.
---
## 📂 Directory Map
* **`conf/`**: Configuration templates for Nginx, Gunicorn, and the API.
* **`logs/`**: Centralized logging for all containers.
* **`srv/`**: Mount points for data and source code (managed via symlinks).
* **`scripts/`**: Internal automation logic.
* **`backups/`**: Storage for MariaDB snapshots.
---
## 📝 Configuration Guidelines
### Environment Profiles (`COMPOSE_PROFILES`)
* **`database`**: Includes MariaDB, phpMyAdmin, and the `ae_ops` maintenance service.
* **App-Only**: Leave empty if connecting to a remote/shared database server.
### Aether Config ID (`AE_CFG_ID`)
Specifies the record from the `cfg` table to load during the API bootstrap process:
* `1`: Default / Template
* `5`: Home Development
* `7`: Live Testing
---
## ⚠️ Security Notes
* Never commit the `.env` file (it is ignored by git).
* Ensure `AE_API_JWT_KEY` is a unique, high-entropy string in production.
* The API prioritizes `.env` credentials over DB settings for core infrastructure (SMTP/DB) to prevent accidental lockouts.
Reference in New Issue View Git Blame Copy Permalink