diff --git a/.dockerignore b/.dockerignore index b9e4842e..afe4e8d7 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,10 +1,4 @@ # Excluir todo * # Solo agregar lo que usamos en COPY -!./.git/ -!./rubygems-platform-musl.patch -!./Gemfile -!./Gemfile.lock -!./config/credentials.yml.enc -!./public/assets/ -!./public/packs/ +# !./archivo diff --git a/Dockerfile b/Dockerfile index ee6ba871..ecf43cbc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,125 +1,21 @@ -# Este Dockerfile está armado pensando en una compilación lanzada desde -# el mismo repositorio de trabajo. Cuando tengamos CI/CD algunas cosas -# como el tarball van a tener que cambiar porque ya vamos a haber hecho -# un clone/pull limpio. -FROM alpine:3.13.6 AS build -MAINTAINER "f " - -ARG RAILS_MASTER_KEY -ARG BRANCH - -# Un entorno base -ENV BRANCH=$BRANCH -ENV SECRET_KEY_BASE solo_es_necesaria_para_correr_rake +FROM registry.nulo.in/sutty/rails:3.13.6-2.7.5 +ARG PANDOC_VERSION=2.17.1.1 ENV RAILS_ENV production -ENV RAILS_MASTER_KEY=$RAILS_MASTER_KEY - -RUN apk add --no-cache libxslt libxml2 tzdata ruby ruby-json ruby-bigdecimal ruby-rake -RUN apk add --no-cache postgresql-libs git yarn brotli libssh2 python3 - -RUN test "2.7.4" = `ruby -e 'puts RUBY_VERSION'` - -# https://github.com/rubygems/rubygems/issues/2918 -# https://gitlab.alpinelinux.org/alpine/aports/issues/10808 -RUN apk add --no-cache patch -COPY ./rubygems-platform-musl.patch /tmp/ -RUN cd /usr/lib/ruby/2.7.0 && patch -Np 0 -i /tmp/rubygems-platform-musl.patch - -# Agregar el usuario -RUN addgroup -g 82 -S www-data -RUN adduser -s /bin/sh -G www-data -h /home/app -D app -RUN install -dm750 -o app -g www-data /home/app/sutty -RUN gem install --no-document bundler:2.1.4 - -# Empezamos con la usuaria app -USER app -# Vamos a trabajar dentro de este directorio -WORKDIR /home/app/sutty - -# Copiamos solo el Gemfile para poder instalar las gemas necesarias -COPY --chown=app:www-data ./Gemfile . -COPY --chown=app:www-data ./Gemfile.lock . -RUN bundle config set no-cache true -RUN bundle config set specific_platform true -RUN bundle install --path=./vendor --without='test development' -# Vaciar la caché -RUN rm vendor/ruby/2.7.0/cache/*.gem - -# Copiar el repositorio git -COPY --chown=app:www-data ./.git/ ./.git/ -# Hacer un clon limpio del repositorio en lugar de copiar todos los -# archivos -RUN cd .. && git clone sutty checkout -RUN cd ../checkout && git checkout $BRANCH - -WORKDIR /home/app/checkout -# Traer las gemas: -RUN rm -rf ./vendor -RUN mv ../sutty/vendor ./vendor -RUN mv ../sutty/.bundle ./.bundle - -# Instalar secretos -COPY --chown=app:root ./config/credentials.yml.enc ./config/ - -RUN rm -rf ./node_modules ./tmp/cache ./.git ./test ./doc -# Eliminar archivos innecesarios -USER root -RUN apk add --no-cache findutils -RUN find /home/app/checkout/vendor/ruby/2.7.0 -maxdepth 3 -type d -name test -o -name spec -o -name rubocop | xargs -r rm -rf - -# Contenedor final -FROM registry.nulo.in/sutty/monit:3.13.6 -ENV RAILS_ENV production - -# Pandoc -RUN echo 'http://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/repositories # Instalar las dependencias, separamos la librería de base de datos para # poder reutilizar este primer paso desde otros contenedores -RUN apk add --no-cache libxslt libxml2 tzdata ruby ruby-json ruby-bigdecimal ruby-rake ruby-irb ruby-io-console ruby-etc -RUN apk add --no-cache postgresql-libs libssh2 file rsync git jpegoptim vips -RUN apk add --no-cache ffmpeg imagemagick pandoc tectonic oxipng jemalloc -RUN apk add --no-cache git-lfs openssh-client patch - -# Chequear que la versión de ruby sea la correcta -RUN test "2.7.4" = `ruby -e 'puts RUBY_VERSION'` - -# https://github.com/rubygems/rubygems/issues/2918 -# https://gitlab.alpinelinux.org/alpine/aports/issues/10808 -COPY ./rubygems-platform-musl.patch /tmp/ -RUN apk add --no-cache patch && cd /usr/lib/ruby/2.7.0 && patch -Np 0 -i /tmp/rubygems-platform-musl.patch && apk del patch - +# # Necesitamos yarn para que Jekyll pueda generar los sitios # XXX: Eliminarlo cuando extraigamos la generación de sitios del proceso # principal -RUN apk add --no-cache yarn -# Instalar foreman para poder correr los servicios -RUN gem install --no-document --no-user-install bundler:2.1.4 foreman +RUN apk add --no-cache libxslt libxml2 postgresql-libs libssh2 \ + rsync git jpegoptim vips tectonic oxipng git-lfs openssh-client \ + yarn daemonize ruby-webrick -# Agregar el grupo del servidor web y la usuaria -RUN addgroup -g 82 -S www-data -RUN adduser -s /bin/sh -G www-data -h /srv/http -D app +RUN gem install --no-document --no-user-install foreman +RUN wget https://github.com/jgm/pandoc/releases/download/${PANDOC_VERSION}/pandoc-${PANDOC_VERSION}-linux-amd64.tar.gz -O - | tar --strip-components 1 -xvzf - pandoc-${PANDOC_VERSION}/bin/pandoc && mv /bin/pandoc /usr/bin/pandoc -# Convertirse en app para instalar -USER app -COPY --from=build --chown=app:www-data /home/app/checkout /srv/http -COPY --chown=app:www-data ./.git/ ./.git/ -RUN rm -rf /srv/http/_sites /srv/http/_deploy -RUN ln -s data/_storage /srv/http/_storage -RUN ln -s data/_sites /srv/http/_sites -RUN ln -s data/_deploy /srv/http/_deploy -RUN ln -s data/_private /srv/http/_private +VOLUME "/srv" -# Volver a root para cerrar la compilación -USER root -# Instalar la configuración de monit -RUN install -m 640 -o root -g root /srv/http/monit.conf /etc/monit.d/sutty.conf -RUN apk add --no-cache daemonize ruby-webrick -RUN install -m 755 /srv/http/entrypoint.sh /usr/local/bin/sutty - -# Mantener estos directorios! -VOLUME "/srv/http/data" - -# El puerto de puma EXPOSE 3000 EXPOSE 9394 diff --git a/entrypoint.sh b/entrypoint.sh index 3ae103bb..c6bfdb3b 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,10 +1,38 @@ #!/bin/sh set -e +s_pid=/srv/tmp/puma.pid +p_pid=/tmp/prometheus.pid + case $1 in - sutty) - su app -c "cd /srv/http && foreman start migrate" - daemonize -c /srv/http -u app /usr/bin/foreman start sutty + start) + su rails -c "cd /srv && foreman run migrate" + daemonize -c /srv -u rails /usr/bin/foreman start sutty + ;; + + stop) + cat $s_pid | xargs -r kill + ;; + + reload) + cat $s_pid | xargs -r kill -USR2 + ;; + + prometheus) + case $2 in + start) + rm -f $p_pid + daemonize -c /srv -p $p_pid -l $p_pid -u rails /usr/bin/foreman start prometheus + ;; + stop) + cat $p_pid | xargs -r kill + rm -f $p_pid + ;; + esac + ;; + + blazer) + test -z "$2" || b="_$2" + su rails -c "cd /srv && foreman run blazer$b" ;; - prometheus) daemonize -c /srv/http -p /tmp/prometheus.pid -l /tmp/prometheus.pid -u app /usr/bin/foreman start prometheus ;; esac diff --git a/monit.conf b/monit.conf index f574c56d..96c08d8a 100644 --- a/monit.conf +++ b/monit.conf @@ -1,31 +1,27 @@ -check process sutty with pidfile /srv/http/tmp/puma.pid - start program = "/usr/local/bin/sutty sutty" - stop program = "/bin/sh -c 'cat /srv/http/tmp/puma.pid | xargs kill'" +check process sutty with pidfile /srv/tmp/puma.pid + start program = "/usr/local/bin/sutty start" + stop program = "/usr/local/bin/sutty stop" check process prometheus with pidfile /tmp/prometheus.pid - start program = "/usr/local/bin/sutty prometheus" - stop program = "/bin/sh -c 'cat /tmp/prometheus.pid | xargs kill'" + start program = "/usr/local/bin/sutty prometheus start" + stop program = "/usr/local/bin/sutty prometheus start" check program blazer_5m - with path "/bin/sh -c 'cd /srv/http && foreman start blazer_5m'" - as uid "app" and gid "www-data" + with path "/usr/local/bin/sutty blazer 5m" every 5 cycles if status != 0 then alert check program blazer_1h - with path "/bin/sh -c 'cd /srv/http && foreman start blazer_1h'" - as uid "app" and gid "www-data" + with path "/usr/local/bin/sutty blazer 1h" every 60 cycles if status != 0 then alert check program blazer_1d - with path "/bin/sh -c 'cd /srv/http && foreman start blazer_1d'" - as uid "app" and gid "www-data" + with path "/usr/local/bin/sutty blazer 1d" every 1440 cycles if status != 0 then alert check program blazer - with path "/bin/sh -c 'cd /srv/http && foreman start blazer'" - as uid "app" and gid "www-data" + with path "/usr/local/bin/sutty blazer" every 61 cycles if status != 0 then alert