From 027c39c36794d7d0713cd446b2ca82586082f2e0 Mon Sep 17 00:00:00 2001 From: Yann Autissier Date: Sat, 7 May 2022 22:37:46 +0000 Subject: [PATCH] add ipfs --- make/apps/common.mk | 10 +++---- make/apps/def.mk | 4 +-- make/apps/myos/def.setup.mk | 3 +- make/apps/myos/setup.mk | 2 +- stack/alpine/.env.dist | 1 - stack/alpine/sysctl.yml | 14 ---------- stack/elastic.mk | 4 +-- stack/elastic/elasticsearch.yml | 2 -- stack/mysql/mysql.yml | 2 +- stack/node/.env.dist | 1 + stack/node/node.yml | 49 +++++++++++++++++++-------------- stack/portainer/portainer.yml | 27 ++++++++++++++++++ stack/redis/redis.yml | 2 -- 13 files changed, 69 insertions(+), 52 deletions(-) delete mode 100644 stack/alpine/.env.dist delete mode 100644 stack/alpine/sysctl.yml create mode 100644 stack/portainer/portainer.yml diff --git a/make/apps/common.mk b/make/apps/common.mk index da8351f..9ffacb2 100644 --- a/make/apps/common.mk +++ b/make/apps/common.mk @@ -13,17 +13,17 @@ bootstrap-app: install-bin-git # target bootstrap-docker: Install and configure docker # on local host .PHONY: bootstrap-docker -bootstrap-docker: install-bin-docker setup-docker-group +bootstrap-docker: install-bin-docker setup-docker-group setup-sysctl -# target bootstrap-host: Fire bootstrap-docker target and start node stack +# target bootstrap-host: Fire node target # on local host .PHONY: bootstrap-host -bootstrap-host: bootstrap-docker node +bootstrap-host: node -# target bootstrap-user: Fire bootstrap-docker target and start user stack +# target bootstrap-user: Fire User target # on local host .PHONY: bootstrap-user -bootstrap-user: bootstrap-docker user +bootstrap-user: User # target build: Build application docker images to run # on local host diff --git a/make/apps/def.mk b/make/apps/def.mk index c4d6564..233e243 100644 --- a/make/apps/def.mk +++ b/make/apps/def.mk @@ -1,6 +1,6 @@ APP_DIR ?= $(CURDIR) -APP_DOMAIN ?= $(ENV)$(addprefix .,$(DOMAIN)) -APP_HOST ?= $(APP)$(addprefix .,$(APP_DOMAIN)) +APP_DOMAIN ?= $(addsuffix .,$(filter-out master,$(ENV)))$(DOMAIN) +APP_HOST ?= $(addsuffix .,$(APP))$(APP_DOMAIN) APP_INSTALLED ?= $(APPS) APP_PARENT ?= $(MONOREPO) APP_PARENT_DIR ?= $(MONOREPO_DIR) diff --git a/make/apps/myos/def.setup.mk b/make/apps/myos/def.setup.mk index 2d83885..81c39bc 100644 --- a/make/apps/myos/def.setup.mk +++ b/make/apps/myos/def.setup.mk @@ -1,9 +1,10 @@ +ENV_VARS += SETUP_SYSCTL_CONFIG SETUP_BINFMT ?= false SETUP_BINFMT_ARCH ?= all SETUP_NFSD ?= false SETUP_NFSD_OSX_CONFIG ?= nfs.server.bonjour=0 nfs.server.mount.regular_files=1 nfs.server.mount.require_resv_port=0 nfs.server.nfsd_threads=16 nfs.server.async=1 SETUP_SYSCTL ?= false -SETUP_SYSCTL_CONFIG ?= vm.max_map_count=262144 vm.overcommit_memory=1 fs.file-max=8388608 net.core.somaxconn=1024 +SETUP_SYSCTL_CONFIG ?= vm.max_map_count=262144 vm.overcommit_memory=1 fs.file-max=8388608 net.core.rmem_max=2500000 define setup-nfsd-osx $(call INFO,setup-nfsd-osx,$(1)$(comma) $(2)$(comma) $(3)) diff --git a/make/apps/myos/setup.mk b/make/apps/myos/setup.mk index fd4d87f..9bc0304 100644 --- a/make/apps/myos/setup.mk +++ b/make/apps/myos/setup.mk @@ -27,7 +27,7 @@ endif .PHONY: setup-sysctl setup-sysctl: ifeq ($(SETUP_SYSCTL),true) - $(foreach config,$(SETUP_SYSCTL_CONFIG),$(call docker-run,sysctl -q -w $(config),--privileged alpine) &&) true + $(SUDO) sysctl -q -w $(SETUP_SYSCTL_CONFIG) endif # target setup-binfmt: Install binfmt abstraction layer diff --git a/stack/alpine/.env.dist b/stack/alpine/.env.dist deleted file mode 100644 index b4289aa..0000000 --- a/stack/alpine/.env.dist +++ /dev/null @@ -1 +0,0 @@ -SYSCTL_CONFIG=vm.max_map_count=262144 vm.overcommit_memory=1 fs.file-max=8388608 net.core.somaxconn=1024 diff --git a/stack/alpine/sysctl.yml b/stack/alpine/sysctl.yml deleted file mode 100644 index e8949f4..0000000 --- a/stack/alpine/sysctl.yml +++ /dev/null @@ -1,14 +0,0 @@ -version: '3.6' - -services: - sysctl: - command: sh -c 'sysctl -q -w ${SYSCTL_CONFIG} ||:' - image: alpine:latest - networks: - - private - privileged: true - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/stack/elastic.mk b/stack/elastic.mk index a19c70b..1b4a0b0 100644 --- a/stack/elastic.mk +++ b/stack/elastic.mk @@ -3,9 +3,9 @@ ELASTICSEARCH_PORT ?= 9200 ELASTICSEARCH_PROTOCOL ?= http ENV_VARS += ELASTICSEARCH_HOST ELASTICSEARCH_PASSWORD ELASTICSEARCH_PORT ELASTICSEARCH_PROTOCOL ELASTICSEARCH_USERNAME -elastic ?= elastic/curator elastic/elasticsearch elastic/kibana alpine/sysctl +elastic ?= elastic/curator elastic/elasticsearch elastic/kibana # target elasticsearch-delete-%: delete elasticsearch index % .PHONY: elasticsearch-delete-% elasticsearch-delete-%: - docker ps |awk '$$NF ~ /myos_elasticsearch/' |sed 's/^.*:\([0-9]*\)->9200\/tcp.*$$/\1/' |while read port; do echo -e "DELETE /$* HTTP/1.0\n\n" |nc localhost $$port; done + docker ps |awk '$$NF ~ /myos_$(ENV)_elasticsearch/' |sed 's/^.*:\([0-9]*\)->9200\/tcp.*$$/\1/' |while read port; do echo -e "DELETE /$* HTTP/1.0\n\n" |nc localhost $$port; done diff --git a/stack/elastic/elasticsearch.yml b/stack/elastic/elasticsearch.yml index 8771cb7..679b149 100644 --- a/stack/elastic/elasticsearch.yml +++ b/stack/elastic/elasticsearch.yml @@ -2,8 +2,6 @@ version: '3.6' services: elasticsearch: - depends_on: - - sysctl environment: - ES_JAVA_OPTS=-Xmx1024m -Xms1024m - xpack.security.enabled=false diff --git a/stack/mysql/mysql.yml b/stack/mysql/mysql.yml index ec0122b..c902a4f 100644 --- a/stack/mysql/mysql.yml +++ b/stack/mysql/mysql.yml @@ -5,8 +5,8 @@ services: environment: - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} labels: - - SERVICE_CHECK_SCRIPT=docker-healthcheck $$SERVICE_IP - SERVICE_3306_NAME=${COMPOSE_SERVICE_NAME}-mysql-3306 + - SERVICE_CHECK_SCRIPT=docker-healthcheck $$SERVICE_IP networks: - private ports: diff --git a/stack/node/.env.dist b/stack/node/.env.dist index 52fa054..2fbd5ca 100644 --- a/stack/node/.env.dist +++ b/stack/node/.env.dist @@ -3,5 +3,6 @@ CONSUL_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF CONSUL_SERVICE_8500_TAGS=urlprefix-consul.${APP_DOMAIN}/ FABIO_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF FABIO_SERVICE_9998_TAGS=urlprefix-fabio.${APP_DOMAIN}/ +IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${APP_DOMAIN}/ PORTAINER_SERVICE_9000_TAGS=urlprefix-portainer.${APP_DOMAIN}/ REGISTRATOR_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF diff --git a/stack/node/node.yml b/stack/node/node.yml index 3a6ecb2..a8574ca 100644 --- a/stack/node/node.yml +++ b/stack/node/node.yml @@ -16,8 +16,9 @@ services: , "enable_script_checks": true , "acl": { "enabled": true , "default_policy": "deny" + , "down_policy": "extend-cache" , "enable_token_persistence": true - , "tokens": { "master": "$CONSUL_ACL_TOKENS_MASTER" + , "tokens": { "initial_management": "$CONSUL_ACL_TOKENS_MASTER" , "agent": "$CONSUL_CONSUL_HTTP_TOKEN" } } @@ -27,15 +28,17 @@ services: - SERVICE_8300_IGNORE=true - SERVICE_8301_IGNORE=true - SERVICE_8302_IGNORE=true - - SERVICE_8500_CHECK_HTTP=/ui + - SERVICE_8500_CHECK_HTTP=/v1/health/service/consul - SERVICE_8500_NAME=${COMPOSE_SERVICE_NAME}-consul-8500 - SERVICE_8500_TAGS=${CONSUL_SERVICE_8500_TAGS} - SERVICE_8600_IGNORE=true - SERVICE_ADDRESS=${DOCKER_HOST_INET} + - SERVICE_CHECK_SCRIPT=docker-healthcheck ${DOCKER_HOST_INET} network_mode: host restart: always volumes: - consul:/consul/data + - ssl-certs:/certs - /var/run/docker.sock:/var/run/docker.sock fabio: image: fabiolb/fabio:latest @@ -46,39 +49,43 @@ services: - consul:${DOCKER_HOST_INET} hostname: ${HOSTNAME} labels: - - SERVICE_80_CHECK_TCP=true - SERVICE_80_NAME=${COMPOSE_SERVICE_NAME}-fabio-80 - - SERVICE_443_CHECK_TCP=true - SERVICE_443_NAME=${COMPOSE_SERVICE_NAME}-fabio-443 - - SERVICE_9998_CHECK_TCP=true + - SERVICE_9998_CHECK_HTTP=/routes - SERVICE_9998_NAME=${COMPOSE_SERVICE_NAME}-fabio-9998 - SERVICE_9998_TAGS=${FABIO_SERVICE_9998_TAGS} - SERVICE_9999_IGNORE=true ports: - - 80:80 - - 443:443 - - 9998 + - 80:80/tcp + - 443:443/tcp + - 9998/tcp networks: - public restart: always volumes: - - ssl-certs:/certs - portainer: - image: portainer/portainer:latest + - ssl-certs:/certs + ipfs: + image: ipfs/go-ipfs:latest labels: - - SERVICE_8000_IGNORE=true - - SERVICE_9000_CHECK_HTTP=/ - - SERVICE_9000_NAME=${COMPOSE_SERVICE_NAME}-portainer-9000 - - SERVICE_9000_TAGS=${PORTAINER_SERVICE_9000_TAGS} + - SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME}-ipfs-4001 + - SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME}-ipfs-5001 + - SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme + - SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME}-ipfs-8080 + - SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS} + - SERVICE_8081_IGNORE=true networks: - public ports: - - 8000 - - 9000 - restart: always + - 4001:4001 + - 5001/tcp + - 8080/tcp + ulimits: + nofile: + soft: 65536 + hard: 65536 volumes: - - /var/run/docker.sock:/var/run/docker.sock - - portainer:/data + - ipfs:/data/ipfs + restart: always registrator: build: args: @@ -103,7 +110,7 @@ services: volumes: consul: - portainer: + ipfs: ssl-certs: networks: diff --git a/stack/portainer/portainer.yml b/stack/portainer/portainer.yml new file mode 100644 index 0000000..231ff74 --- /dev/null +++ b/stack/portainer/portainer.yml @@ -0,0 +1,27 @@ +version: '3.6' + +services: + portainer: + image: portainer/portainer:latest + labels: + - SERVICE_8000_IGNORE=true + - SERVICE_9000_CHECK_HTTP=/ + - SERVICE_9000_NAME=${COMPOSE_SERVICE_NAME}-portainer-9000 + - SERVICE_9000_TAGS=${PORTAINER_SERVICE_9000_TAGS} + networks: + - public + ports: + - 8000 + - 9000 + restart: always + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - portainer:/data + +volumes: + portainer: + +networks: + public: + external: true + name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/redis/redis.yml b/stack/redis/redis.yml index fb11b92..c84c567 100644 --- a/stack/redis/redis.yml +++ b/stack/redis/redis.yml @@ -2,8 +2,6 @@ version: '3.6' services: redis: - depends_on: - - sysctl image: redis:alpine command: redis-server --appendonly yes labels: