prod: Plume with S3 storage backend #13
5 changed files with 35 additions and 28 deletions
|
@ -4,5 +4,5 @@ services:
|
||||||
build:
|
build:
|
||||||
context: ./plume
|
context: ./plume
|
||||||
args:
|
args:
|
||||||
VERSION: 8709f6cf9f8ff7e3c5ee7ea699ee7c778e92fefc
|
PLUME_VERSION: 61e65a55ad1f5094321c111e395d00dddcb05e96
|
||||||
image: superboum/plume:v8
|
image: superboum/plume:v8
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
FROM rust:1.58.1-slim-bullseye as builder
|
#FROM rust:1.69-bullseye as builder
|
||||||
|
FROM rustlang/rust:nightly-bullseye as builder
|
||||||
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y \
|
apt-get install -y \
|
||||||
|
@ -18,21 +19,25 @@ RUN apt-get update && \
|
||||||
libssl-dev \
|
libssl-dev \
|
||||||
libclang-dev
|
libclang-dev
|
||||||
|
|
||||||
ARG VERSION
|
RUN cargo install wasm-pack
|
||||||
|
|
||||||
|
ARG PLUME_VERSION
|
||||||
WORKDIR /opt
|
WORKDIR /opt
|
||||||
RUN git clone -n https://git.joinplu.me/Plume/Plume.git plume
|
RUN git clone -n https://git.joinplu.me/lx/Plume.git plume
|
||||||
|
|
||||||
WORKDIR /opt/plume
|
WORKDIR /opt/plume
|
||||||
RUN git checkout ${VERSION}
|
RUN git checkout ${PLUME_VERSION}
|
||||||
|
# Small style patch to make text column wider
|
||||||
|
RUN git merge 397e3b4d9720475257817b322c05323d12918216
|
||||||
|
RUN rm rust-toolchain
|
||||||
|
|
||||||
WORKDIR /opt/plume/script
|
WORKDIR /opt/plume/script
|
||||||
RUN chmod a+x ./wasm-deps.sh && ./wasm-deps.sh
|
RUN chmod a+x ./wasm-deps.sh && ./wasm-deps.sh
|
||||||
|
|
||||||
WORKDIR /opt/plume
|
WORKDIR /opt/plume
|
||||||
RUN cargo install wasm-pack
|
|
||||||
RUN chmod a+x ./script/plume-front.sh && ./script/plume-front.sh
|
RUN chmod a+x ./script/plume-front.sh && ./script/plume-front.sh
|
||||||
RUN cargo install --path ./ --force --no-default-features --features postgres
|
RUN cargo install --path ./ --force --no-default-features --features postgres,s3
|
||||||
RUN cargo install --path plume-cli --force --no-default-features --features postgres
|
RUN cargo install --path plume-cli --force --no-default-features --features postgres,s3
|
||||||
RUN cargo clean
|
RUN cargo clean
|
||||||
|
|
||||||
#-----------------------------
|
#-----------------------------
|
||||||
|
|
|
@ -8,6 +8,17 @@ ROCKET_SECRET_KEY={{ key "secrets/plume/secret_key" | trimSpace }}
|
||||||
#MAIL_PASSWORD=123456
|
#MAIL_PASSWORD=123456
|
||||||
#MAIL_HELO_NAME=example.org
|
#MAIL_HELO_NAME=example.org
|
||||||
|
|
||||||
|
# S3 settings
|
||||||
|
S3_BUCKET=plume
|
||||||
|
AWS_ACCESS_KEY_ID={{ key "secrets/plume/s3_access_key" | trimSpace }}
|
||||||
|
AWS_SECRET_ACCESS_KEY={{ key "secrets/plume/s3_secret_key" | trimSpace }}
|
||||||
|
S3_REGION=garage
|
||||||
|
S3_HOSTNAME={{ env "attr.unique.network.ip-address" }}:3900
|
||||||
|
S3_PROTOCOL=http
|
||||||
|
S3_PATH_STYLE=true
|
||||||
|
S3_DIRECT_DOWNLOAD=true
|
||||||
|
S3_ALIAS_HOST=plume.web.deuxfleurs.fr
|
||||||
|
|
||||||
# DATABASE SETUP
|
# DATABASE SETUP
|
||||||
POSTGRES_PASSWORD={{ key "secrets/plume/pgsql_pw" | trimSpace }}
|
POSTGRES_PASSWORD={{ key "secrets/plume/pgsql_pw" | trimSpace }}
|
||||||
POSTGRES_USER=plume
|
POSTGRES_USER=plume
|
||||||
|
|
|
@ -1,12 +1,7 @@
|
||||||
job "plume-blog" {
|
job "plume-blog" {
|
||||||
datacenters = ["orion"]
|
datacenters = ["orion", "neptune"]
|
||||||
type = "service"
|
type = "service"
|
||||||
|
|
||||||
constraint {
|
|
||||||
attribute = "${attr.cpu.arch}"
|
|
||||||
value = "amd64"
|
|
||||||
}
|
|
||||||
|
|
||||||
group "plume" {
|
group "plume" {
|
||||||
count = 1
|
count = 1
|
||||||
|
|
||||||
|
@ -15,23 +10,13 @@ job "plume-blog" {
|
||||||
}
|
}
|
||||||
|
|
||||||
task "plume" {
|
task "plume" {
|
||||||
constraint {
|
|
||||||
attribute = "${attr.unique.hostname}"
|
|
||||||
operator = "="
|
|
||||||
value = "dahlia"
|
|
||||||
}
|
|
||||||
|
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
config {
|
config {
|
||||||
image = "superboum/plume:v8"
|
image = "lxpz/plume_s3:v1"
|
||||||
network_mode = "host"
|
network_mode = "host"
|
||||||
ports = [ "web_port" ]
|
ports = [ "web_port" ]
|
||||||
#command = "cat"
|
command = "sh"
|
||||||
#args = [ "/dev/stdout" ]
|
args = [ "-c", "plm search init; plm search refill; plume" ]
|
||||||
volumes = [
|
|
||||||
"/mnt/ssd/plume/search_index:/app/search_index",
|
|
||||||
"/mnt/ssd/plume/media:/app/static/media"
|
|
||||||
]
|
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
|
@ -51,6 +36,7 @@ job "plume-blog" {
|
||||||
tags = [
|
tags = [
|
||||||
"plume",
|
"plume",
|
||||||
"tricot plume.deuxfleurs.fr",
|
"tricot plume.deuxfleurs.fr",
|
||||||
|
"d53-cname plume.deuxfleurs.fr",
|
||||||
]
|
]
|
||||||
port = "web_port"
|
port = "web_port"
|
||||||
address_mode = "host"
|
address_mode = "host"
|
||||||
|
|
|
@ -1,10 +1,15 @@
|
||||||
[service_user."plume"]
|
[service_user."plume"]
|
||||||
password_secret = "plume/pgsql_pw"
|
password_secret = "plume/pgsql_pw"
|
||||||
|
|
||||||
|
|
||||||
[secrets."plume/secret_key"]
|
[secrets."plume/secret_key"]
|
||||||
type = 'command'
|
type = 'command'
|
||||||
rotate = true
|
rotate = true
|
||||||
command = 'openssl rand -base64 32'
|
command = 'openssl rand -base64 32'
|
||||||
|
|
||||||
|
[secrets."plume/s3_access_key"]
|
||||||
|
type = 'user'
|
||||||
|
description = 'S3 access key ID for database and media storage'
|
||||||
|
|
||||||
|
[secrets."plume/s3_secret_key"]
|
||||||
|
type = 'user'
|
||||||
|
description = 'S3 secret key for database and media storage'
|
||||||
|
|
Loading…
Reference in a new issue