mirror of
https://0xacab.org/sutty/sutty
synced 2024-11-21 17:46:22 +00:00
reutilizar contenedores
This commit is contained in:
parent
c9edc86be3
commit
07546bafb2
3 changed files with 69 additions and 103 deletions
114
Dockerfile
114
Dockerfile
|
@ -1,125 +1,67 @@
|
|||
# Este Dockerfile está armado pensando en una compilación lanzada desde
|
||||
# el mismo repositorio de trabajo. Cuando tengamos CI/CD algunas cosas
|
||||
# como el tarball van a tener que cambiar porque ya vamos a haber hecho
|
||||
# un clone/pull limpio.
|
||||
FROM alpine:3.13.6 AS build
|
||||
FROM registry.nulo.in/sutty/rails:3.13.6-2.7.5 AS build
|
||||
MAINTAINER "f <f@sutty.nl>"
|
||||
|
||||
ARG RAILS_MASTER_KEY
|
||||
ARG BRANCH
|
||||
|
||||
# Un entorno base
|
||||
ENV BRANCH=$BRANCH
|
||||
ENV SECRET_KEY_BASE solo_es_necesaria_para_correr_rake
|
||||
ENV RAILS_ENV production
|
||||
ENV RAILS_MASTER_KEY=$RAILS_MASTER_KEY
|
||||
|
||||
RUN apk add --no-cache libxslt libxml2 tzdata ruby ruby-json ruby-bigdecimal ruby-rake
|
||||
RUN apk add --no-cache postgresql-libs git yarn brotli libssh2 python3
|
||||
RUN apk add --no-cache libxslt libxml2 tzdata postgresql-libs git yarn brotli libssh2 python3 findutils
|
||||
|
||||
RUN test "2.7.4" = `ruby -e 'puts RUBY_VERSION'`
|
||||
USER rails
|
||||
WORKDIR /srv/gems
|
||||
|
||||
# https://github.com/rubygems/rubygems/issues/2918
|
||||
# https://gitlab.alpinelinux.org/alpine/aports/issues/10808
|
||||
RUN apk add --no-cache patch
|
||||
COPY ./rubygems-platform-musl.patch /tmp/
|
||||
RUN cd /usr/lib/ruby/2.7.0 && patch -Np 0 -i /tmp/rubygems-platform-musl.patch
|
||||
COPY --chown=rails:www-data ./Gemfile .
|
||||
COPY --chown=rails:www-data ./Gemfile.lock .
|
||||
|
||||
# Agregar el usuario
|
||||
RUN addgroup -g 82 -S www-data
|
||||
RUN adduser -s /bin/sh -G www-data -h /home/app -D app
|
||||
RUN install -dm750 -o app -g www-data /home/app/sutty
|
||||
RUN gem install --no-document bundler:2.1.4
|
||||
|
||||
# Empezamos con la usuaria app
|
||||
USER app
|
||||
# Vamos a trabajar dentro de este directorio
|
||||
WORKDIR /home/app/sutty
|
||||
|
||||
# Copiamos solo el Gemfile para poder instalar las gemas necesarias
|
||||
COPY --chown=app:www-data ./Gemfile .
|
||||
COPY --chown=app:www-data ./Gemfile.lock .
|
||||
RUN bundle config set no-cache true
|
||||
RUN bundle config set specific_platform true
|
||||
RUN bundle install --path=./vendor --without='test development'
|
||||
# Vaciar la caché
|
||||
RUN rm vendor/ruby/2.7.0/cache/*.gem
|
||||
|
||||
# Copiar el repositorio git
|
||||
COPY --chown=app:www-data ./.git/ ./.git/
|
||||
# Hacer un clon limpio del repositorio en lugar de copiar todos los
|
||||
# archivos
|
||||
COPY --chown=rails:www-data ./.git/ ./.git/
|
||||
|
||||
RUN cd .. && git clone sutty checkout
|
||||
RUN cd ../checkout && git checkout $BRANCH
|
||||
|
||||
WORKDIR /home/app/checkout
|
||||
# Traer las gemas:
|
||||
RUN rm -rf ./vendor
|
||||
RUN mv ../sutty/vendor ./vendor
|
||||
RUN mv ../sutty/.bundle ./.bundle
|
||||
WORKDIR /srv/checkout
|
||||
|
||||
# Instalar secretos
|
||||
COPY --chown=app:root ./config/credentials.yml.enc ./config/
|
||||
RUN rm -rf ./vendor ./node_modules ./tmp/cache ./.git ./test ./doc
|
||||
RUN mv ../gems/vendor ./vendor
|
||||
RUN mv ../gems/.bundle ./.bundle
|
||||
RUN find /srv/checkout/vendor/ruby/2.7.0 -maxdepth 3 -type d -name test -o -name spec -o -name rubocop | xargs -r rm -rf
|
||||
|
||||
RUN rm -rf ./node_modules ./tmp/cache ./.git ./test ./doc
|
||||
# Eliminar archivos innecesarios
|
||||
USER root
|
||||
RUN apk add --no-cache findutils
|
||||
RUN find /home/app/checkout/vendor/ruby/2.7.0 -maxdepth 3 -type d -name test -o -name spec -o -name rubocop | xargs -r rm -rf
|
||||
|
||||
# Contenedor final
|
||||
FROM registry.nulo.in/sutty/monit:3.13.6
|
||||
FROM registry.nulo.in/sutty/rails:3.13.6-2.7.5
|
||||
ENV RAILS_ENV production
|
||||
|
||||
# Pandoc
|
||||
RUN echo 'http://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/repositories
|
||||
RUN echo 'https://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/repositories
|
||||
|
||||
# Instalar las dependencias, separamos la librería de base de datos para
|
||||
# poder reutilizar este primer paso desde otros contenedores
|
||||
RUN apk add --no-cache libxslt libxml2 tzdata ruby ruby-json ruby-bigdecimal ruby-rake ruby-irb ruby-io-console ruby-etc
|
||||
RUN apk add --no-cache postgresql-libs libssh2 file rsync git jpegoptim vips
|
||||
RUN apk add --no-cache ffmpeg imagemagick pandoc tectonic oxipng jemalloc
|
||||
RUN apk add --no-cache git-lfs openssh-client patch
|
||||
|
||||
# Chequear que la versión de ruby sea la correcta
|
||||
RUN test "2.7.4" = `ruby -e 'puts RUBY_VERSION'`
|
||||
|
||||
# https://github.com/rubygems/rubygems/issues/2918
|
||||
# https://gitlab.alpinelinux.org/alpine/aports/issues/10808
|
||||
COPY ./rubygems-platform-musl.patch /tmp/
|
||||
RUN apk add --no-cache patch && cd /usr/lib/ruby/2.7.0 && patch -Np 0 -i /tmp/rubygems-platform-musl.patch && apk del patch
|
||||
|
||||
#
|
||||
# Necesitamos yarn para que Jekyll pueda generar los sitios
|
||||
# XXX: Eliminarlo cuando extraigamos la generación de sitios del proceso
|
||||
# principal
|
||||
RUN apk add --no-cache yarn
|
||||
# Instalar foreman para poder correr los servicios
|
||||
RUN gem install --no-document --no-user-install bundler:2.1.4 foreman
|
||||
RUN apk add --no-cache libxslt libxml2 postgresql-libs libssh2 file \
|
||||
rsync git jpegoptim vips ffmpeg imagemagick pandoc tectonic \
|
||||
oxipng git-lfs openssh-client patch yarn daemonize ruby-webrick
|
||||
|
||||
# Agregar el grupo del servidor web y la usuaria
|
||||
RUN addgroup -g 82 -S www-data
|
||||
RUN adduser -s /bin/sh -G www-data -h /srv/http -D app
|
||||
RUN gem install --no-document --no-user-install foreman
|
||||
|
||||
USER rails
|
||||
|
||||
RUN rm -rf /srv
|
||||
COPY --from=build --chown=rails:www-data /srv/checkout /srv
|
||||
|
||||
# Convertirse en app para instalar
|
||||
USER app
|
||||
COPY --from=build --chown=app:www-data /home/app/checkout /srv/http
|
||||
COPY --chown=app:www-data ./.git/ ./.git/
|
||||
RUN rm -rf /srv/http/_sites /srv/http/_deploy
|
||||
RUN ln -s data/_storage /srv/http/_storage
|
||||
RUN ln -s data/_sites /srv/http/_sites
|
||||
RUN ln -s data/_deploy /srv/http/_deploy
|
||||
RUN ln -s data/_private /srv/http/_private
|
||||
|
||||
# Volver a root para cerrar la compilación
|
||||
USER root
|
||||
# Instalar la configuración de monit
|
||||
RUN install -m 640 -o root -g root /srv/http/monit.conf /etc/monit.d/sutty.conf
|
||||
RUN apk add --no-cache daemonize ruby-webrick
|
||||
RUN install -m 755 /srv/http/entrypoint.sh /usr/local/bin/sutty
|
||||
RUN install -m 640 -o root -g root /srv/monit.conf /etc/monit.d/sutty.conf
|
||||
RUN install -m 755 /srv/entrypoint.sh /usr/local/bin/sutty
|
||||
|
||||
# Mantener estos directorios!
|
||||
VOLUME "/srv/http/data"
|
||||
VOLUME "/srv/data"
|
||||
|
||||
# El puerto de puma
|
||||
EXPOSE 3000
|
||||
EXPOSE 9394
|
||||
|
|
|
@ -1,10 +1,38 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
s_pid=/srv/tmp/puma.pid
|
||||
p_pid=/tmp/prometheus.pid
|
||||
|
||||
case $1 in
|
||||
sutty)
|
||||
su app -c "cd /srv/http && foreman start migrate"
|
||||
daemonize -c /srv/http -u app /usr/bin/foreman start sutty
|
||||
start)
|
||||
su rails -c "cd /srv && foreman run migrate"
|
||||
daemonize -c /srv -u rails /usr/bin/foreman start sutty
|
||||
;;
|
||||
|
||||
stop)
|
||||
cat $s_pid | xargs -r kill
|
||||
;;
|
||||
|
||||
reload)
|
||||
cat $s_pid | xargs -r kill -USR2
|
||||
;;
|
||||
|
||||
prometheus)
|
||||
case $2 in
|
||||
start)
|
||||
rm -f $p_pid
|
||||
daemonize -c /srv -p $p_pid -l $p_pid -u rails /usr/bin/foreman start prometheus
|
||||
;;
|
||||
stop)
|
||||
cat $p_pid | xargs -r kill
|
||||
rm -f $p_pid
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
||||
blazer)
|
||||
test -z "$2" || b="_$2"
|
||||
su rails -c "cd /srv && foreman run blazer$b"
|
||||
;;
|
||||
prometheus) daemonize -c /srv/http -p /tmp/prometheus.pid -l /tmp/prometheus.pid -u app /usr/bin/foreman start prometheus ;;
|
||||
esac
|
||||
|
|
22
monit.conf
22
monit.conf
|
@ -1,31 +1,27 @@
|
|||
check process sutty with pidfile /srv/http/tmp/puma.pid
|
||||
start program = "/usr/local/bin/sutty sutty"
|
||||
stop program = "/bin/sh -c 'cat /srv/http/tmp/puma.pid | xargs kill'"
|
||||
check process sutty with pidfile /srv/tmp/puma.pid
|
||||
start program = "/usr/local/bin/sutty start"
|
||||
stop program = "/usr/local/bin/sutty stop"
|
||||
|
||||
check process prometheus with pidfile /tmp/prometheus.pid
|
||||
start program = "/usr/local/bin/sutty prometheus"
|
||||
stop program = "/bin/sh -c 'cat /tmp/prometheus.pid | xargs kill'"
|
||||
start program = "/usr/local/bin/sutty prometheus start"
|
||||
stop program = "/usr/local/bin/sutty prometheus start"
|
||||
|
||||
check program blazer_5m
|
||||
with path "/bin/sh -c 'cd /srv/http && foreman start blazer_5m'"
|
||||
as uid "app" and gid "www-data"
|
||||
with path "/usr/local/bin/sutty blazer 5m"
|
||||
every 5 cycles
|
||||
if status != 0 then alert
|
||||
|
||||
check program blazer_1h
|
||||
with path "/bin/sh -c 'cd /srv/http && foreman start blazer_1h'"
|
||||
as uid "app" and gid "www-data"
|
||||
with path "/usr/local/bin/sutty blazer 1h"
|
||||
every 60 cycles
|
||||
if status != 0 then alert
|
||||
|
||||
check program blazer_1d
|
||||
with path "/bin/sh -c 'cd /srv/http && foreman start blazer_1d'"
|
||||
as uid "app" and gid "www-data"
|
||||
with path "/usr/local/bin/sutty blazer 1d"
|
||||
every 1440 cycles
|
||||
if status != 0 then alert
|
||||
|
||||
check program blazer
|
||||
with path "/bin/sh -c 'cd /srv/http && foreman start blazer'"
|
||||
as uid "app" and gid "www-data"
|
||||
with path "/usr/local/bin/sutty blazer"
|
||||
every 61 cycles
|
||||
if status != 0 then alert
|
||||
|
|
Loading…
Reference in a new issue