prod: Plume with S3 storage backend #13

Merged
lx merged 1 commit from plume-s3 into main 2023-05-16 13:38:07 +00:00
5 changed files with 35 additions and 28 deletions

View file

@ -4,5 +4,5 @@ services:
build:
context: ./plume
args:
VERSION: 8709f6cf9f8ff7e3c5ee7ea699ee7c778e92fefc
PLUME_VERSION: 61e65a55ad1f5094321c111e395d00dddcb05e96
image: superboum/plume:v8

View file

@ -1,4 +1,5 @@
FROM rust:1.58.1-slim-bullseye as builder
#FROM rust:1.69-bullseye as builder
FROM rustlang/rust:nightly-bullseye as builder
RUN apt-get update && \
apt-get install -y \
@ -18,21 +19,25 @@ RUN apt-get update && \
libssl-dev \
libclang-dev
ARG VERSION
RUN cargo install wasm-pack
ARG PLUME_VERSION
WORKDIR /opt
RUN git clone -n https://git.joinplu.me/Plume/Plume.git plume
RUN git clone -n https://git.joinplu.me/lx/Plume.git plume
WORKDIR /opt/plume
RUN git checkout ${VERSION}
RUN git checkout ${PLUME_VERSION}
# Small style patch to make text column wider
RUN git merge 397e3b4d9720475257817b322c05323d12918216
RUN rm rust-toolchain
WORKDIR /opt/plume/script
RUN chmod a+x ./wasm-deps.sh && ./wasm-deps.sh
WORKDIR /opt/plume
RUN cargo install wasm-pack
RUN chmod a+x ./script/plume-front.sh && ./script/plume-front.sh
RUN cargo install --path ./ --force --no-default-features --features postgres
RUN cargo install --path plume-cli --force --no-default-features --features postgres
RUN cargo install --path ./ --force --no-default-features --features postgres,s3
RUN cargo install --path plume-cli --force --no-default-features --features postgres,s3
RUN cargo clean
#-----------------------------

View file

@ -8,6 +8,17 @@ ROCKET_SECRET_KEY={{ key "secrets/plume/secret_key" | trimSpace }}
#MAIL_PASSWORD=123456
#MAIL_HELO_NAME=example.org
# S3 settings
S3_BUCKET=plume
AWS_ACCESS_KEY_ID={{ key "secrets/plume/s3_access_key" | trimSpace }}
AWS_SECRET_ACCESS_KEY={{ key "secrets/plume/s3_secret_key" | trimSpace }}
S3_REGION=garage
S3_HOSTNAME={{ env "attr.unique.network.ip-address" }}:3900
S3_PROTOCOL=http
S3_PATH_STYLE=true
S3_DIRECT_DOWNLOAD=true
S3_ALIAS_HOST=plume.web.deuxfleurs.fr
# DATABASE SETUP
POSTGRES_PASSWORD={{ key "secrets/plume/pgsql_pw" | trimSpace }}
POSTGRES_USER=plume

View file

@ -1,12 +1,7 @@
job "plume-blog" {
datacenters = ["orion"]
datacenters = ["orion", "neptune"]
type = "service"
constraint {
attribute = "${attr.cpu.arch}"
value = "amd64"
}
group "plume" {
count = 1
@ -15,23 +10,13 @@ job "plume-blog" {
}
task "plume" {
constraint {
attribute = "${attr.unique.hostname}"
operator = "="
value = "dahlia"
}
driver = "docker"
config {
image = "superboum/plume:v8"
image = "lxpz/plume_s3:v1"
network_mode = "host"
ports = [ "web_port" ]
#command = "cat"
#args = [ "/dev/stdout" ]
volumes = [
"/mnt/ssd/plume/search_index:/app/search_index",
"/mnt/ssd/plume/media:/app/static/media"
]
command = "sh"
args = [ "-c", "plm search init; plm search refill; plume" ]
}
template {
@ -51,6 +36,7 @@ job "plume-blog" {
tags = [
"plume",
"tricot plume.deuxfleurs.fr",
"d53-cname plume.deuxfleurs.fr",
]
port = "web_port"
address_mode = "host"

View file

@ -1,10 +1,15 @@
[service_user."plume"]
password_secret = "plume/pgsql_pw"
[secrets."plume/secret_key"]
type = 'command'
rotate = true
command = 'openssl rand -base64 32'
[secrets."plume/s3_access_key"]
type = 'user'
description = 'S3 access key ID for database and media storage'
[secrets."plume/s3_secret_key"]
type = 'user'
description = 'S3 secret key for database and media storage'