mirror of
https://github.com/Cian-H/I-Form_Research_Server_Stack.git
synced 2025-12-22 22:22:02 +00:00
Test of first full stack deployment
This commit is contained in:
Cian Hughes
143
backend.yaml
143
backend.yaml
@@ -15,42 +15,8 @@ services:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /var/lib/docker/volumes:/var/lib/docker/volumes
|
||||
networks:
|
||||
- i-form_research_server_stack
|
||||
# A traefik instance provides load balancing and reverse proxying for our services
|
||||
traefik:
|
||||
image: traefik:latest
|
||||
# Enables the web UI and tells Traefik to listen to docker
|
||||
command:
|
||||
- "--api.insecure=true"
|
||||
- "--providers.docker=true"
|
||||
- "--providers.docker.exposedbydefault=false"
|
||||
- "--providers.docker.network=traefik"
|
||||
- "--entrypoints.web.address=:80"
|
||||
- "--entrypoints.websecure.address=:443"
|
||||
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
|
||||
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
|
||||
- "--entrypoints.web.http.redirections.entryPoint.priority=10" # disable permanent forwarding for every route
|
||||
- "--certificatesresolvers.myresolver.acme.tlschallenge=true" # <== Enable TLS-ALPN-01 to generate and renew ACME certs
|
||||
- "--certificatesresolvers.myresolver.acme.email=${useremail}"
|
||||
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
|
||||
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
|
||||
ports:
|
||||
# - "80:80"
|
||||
# - "443:443"
|
||||
- "8089:8080"
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- traefik:/etc/traefik
|
||||
- letsencrypt:/letsencrypt
|
||||
deploy:
|
||||
replicas: 1
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
networks:
|
||||
- i-form_research_server_stack
|
||||
# secrets:
|
||||
# - traefik_cert
|
||||
# - traefik_key
|
||||
i-form_research_server_stack:
|
||||
ipv4_address: "172.252.0.5"
|
||||
###~~~~~~ Then, we will need numerous databases for our various services ~~~~~~###
|
||||
# We want neo4j as a graph database that can easily be used by other services
|
||||
neo4j:
|
||||
@@ -59,7 +25,7 @@ services:
|
||||
- "7474:7474"
|
||||
- "7687:7687"
|
||||
volumes:
|
||||
- neo4j:/data
|
||||
- stack_neo4j:/data
|
||||
deploy:
|
||||
replicas: 1
|
||||
restart_policy:
|
||||
@@ -90,10 +56,11 @@ services:
|
||||
# LC_ALL: C.UTF-8
|
||||
# POSTGRES_PASSWORD: /run/secrets/dataverse_postgres_key
|
||||
# volumes:
|
||||
# - dataverse_db:/var/lib/postgresql/data/ # persist data even if container shuts down
|
||||
# - dataverse_triggers:/triggers
|
||||
# - stack_dataverse_db:/var/lib/postgresql/data/ # persist data even if container shuts down
|
||||
# - stack_dataverse_triggers:/triggers
|
||||
# networks:
|
||||
# - i-form_research_server_stack
|
||||
# i-form_research_server_stack:
|
||||
# ipv4_address: "172.252.0.6"
|
||||
# labels:
|
||||
# - "traefik.enable=true"
|
||||
# - "traefik.http.routers.go.rule=Path(`/`)"
|
||||
@@ -124,14 +91,14 @@ services:
|
||||
MYSQL_USER: "elabftw"
|
||||
MYSQL_PASSWORD_FILE: /run/secrets/elabftw_sql_key
|
||||
MYSQL_ROOT_PASSWORD: "test" # MYSQL_RANDOM_ROOT_PASSWORD: 1
|
||||
MYSQL_HOST: "172.252.0.3"
|
||||
MYSQL_ROOT_HOST: "172.252.0.3" # Must allow root access from any host or won't work on swarm
|
||||
MYSQL_HOST: "172.252.0.15"
|
||||
MYSQL_ROOT_HOST: "172.252.0.15" # Must allow root access from any host or won't work on swarm
|
||||
TZ: "Europe/Paris"
|
||||
volumes:
|
||||
- elabftw_sql:/var/lib/mysql
|
||||
- stack_elabftw_sql:/var/lib/mysql
|
||||
networks:
|
||||
i-form_research_server_stack:
|
||||
ipv4_address: "172.252.0.2"
|
||||
ipv4_address: "172.252.0.7"
|
||||
###~~~~~~ Then, we plan our general utility services ~~~~~~###
|
||||
# The following service is a simple nginx server that hosts static websites
|
||||
nginx:
|
||||
@@ -139,13 +106,14 @@ services:
|
||||
ports:
|
||||
- "80:80"
|
||||
volumes:
|
||||
- web:/usr/share/nginx/html
|
||||
- stack_web:/usr/share/nginx/html
|
||||
deploy:
|
||||
replicas: 1
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
networks:
|
||||
- i-form_research_server_stack
|
||||
i-form_research_server_stack:
|
||||
ipv4_address: "172.252.0.8"
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.go.rule=Path(`/`)"
|
||||
@@ -171,7 +139,7 @@ services:
|
||||
# - "SOLR_JAVA_MEM=-Xms1g -Xmx1g"
|
||||
# - "SOLR_OPTS=-Dlog4j2.formatMsgNoLookups=true"
|
||||
# volumes:
|
||||
# - dataverse_solr_data:/opt/solr/server/solr/collection1/data
|
||||
# - stack_dataverse_solr_data:/opt/solr/server/solr/collection1/data
|
||||
# # - dataverse_config:/opt/solr/server/solr/collection1/conf/
|
||||
# - type: bind
|
||||
# source: dataverse_schema
|
||||
@@ -185,12 +153,13 @@ services:
|
||||
# - "traefik.http.routers.solr.tls=true"
|
||||
# - "traefik.http.routers.solr.tls.certresolver=myresolver"
|
||||
# networks:
|
||||
# - i-form_research_server_stack
|
||||
# i-form_research_server_stack:
|
||||
# ipv4_address: "172.252.0.9"
|
||||
|
||||
# minio:
|
||||
# image: minio/minio:RELEASE.2021-10-06T23-36-31Z
|
||||
# volumes:
|
||||
# - dataverse_minio:/data
|
||||
# - stack_dataverse_minio:/data
|
||||
# command:
|
||||
# - server
|
||||
# - /data
|
||||
@@ -217,7 +186,8 @@ services:
|
||||
# - traefik.http.routers.minio-console.rule=Host(`minio-stash.${traefikhost}`)
|
||||
# - traefik.http.services.minio-console.loadbalancer.server.port=9001
|
||||
# networks:
|
||||
# - i-form_research_server_stack
|
||||
# i-form_research_server_stack:
|
||||
# ipv4_address: "172.252.0.10"
|
||||
|
||||
# dataverse:
|
||||
# image: coronawhy/dataverse:5.13.allclouds
|
||||
@@ -302,12 +272,12 @@ services:
|
||||
# - postgres
|
||||
# - solr
|
||||
# volumes:
|
||||
# - dataverse_secrets:/secrets
|
||||
# - dataverse_data:/data
|
||||
# - dataverse_docroot:/opt/docroot
|
||||
# - dataverse_init:/opt/payara/init.d
|
||||
# - dataverse_triggers:/opt/payara/triggers
|
||||
# # - dataverse_config:/opt/payara/dvinstall
|
||||
# - stack_dataverse_secrets:/secrets
|
||||
# - stack_dataverse_data:/data
|
||||
# - stack_dataverse_docroot:/opt/docroot
|
||||
# - stack_dataverse_init:/opt/payara/init.d
|
||||
# - stack_dataverse_triggers:/opt/payara/triggers
|
||||
# # - stack_dataverse_config:/opt/payara/dvinstall
|
||||
# - type: bind
|
||||
# source: dataverse_schema
|
||||
# target: /opt/payara/dvinstall/schema.xml
|
||||
@@ -320,4 +290,63 @@ services:
|
||||
# - "traefik.http.routers.dataverse.tls=true"
|
||||
# - "traefik.http.routers.dataverse.tls.certresolver=myresolver"
|
||||
# networks:
|
||||
# - i-form_research_server_stack
|
||||
# i-form_research_server_stack:
|
||||
# ipv4_address: "172.252.0.11"
|
||||
|
||||
networks:
|
||||
i-form_research_server_stack:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
stack_rsync_run:
|
||||
external: true
|
||||
stack_rsync_log:
|
||||
external: true
|
||||
stack_rsync_etc:
|
||||
external: true
|
||||
stack_traefik:
|
||||
external: true
|
||||
stack_letsencrypt:
|
||||
external: true
|
||||
stack_coredns:
|
||||
external: true
|
||||
stack_web:
|
||||
external: true
|
||||
stack_grafana:
|
||||
external: true
|
||||
stack_dataverse:
|
||||
external: true
|
||||
stack_dataverse_db:
|
||||
external: true
|
||||
stack_dataverse_secrets:
|
||||
external: true
|
||||
stack_dataverse_solr_data:
|
||||
external: true
|
||||
stack_dataverse_triggers:
|
||||
external: true
|
||||
stack_dataverse_solr:
|
||||
external: true
|
||||
stack_dataverse_minio:
|
||||
external: true
|
||||
stack_dataverse_config:
|
||||
external: true
|
||||
stack_dataverse_schema:
|
||||
external: true
|
||||
stack_dataverse_init:
|
||||
external: true
|
||||
stack_dataverse_data:
|
||||
external: true
|
||||
stack_dataverse_docroot:
|
||||
external: true
|
||||
stack_neo4j:
|
||||
external: true
|
||||
stack_senaite:
|
||||
external: true
|
||||
stack_elabftw_uploads:
|
||||
external: true
|
||||
stack_elabftw_var:
|
||||
external: true
|
||||
stack_elabftw_etc:
|
||||
external: true
|
||||
stack_elabftw_sql:
|
||||
external: true
|
||||
|
||||
7
deploy
7
deploy
@@ -81,11 +81,10 @@ def deploy_stack(username: str, password: str, stack_name: Optional[str] = "stac
|
||||
stacks = portainer.StacksApi(client)
|
||||
# Then, deploy the substacks using the API
|
||||
print("Deploying substacks via portainer API")
|
||||
# portainer_deploy_stack("secrets", stacks, endpoint_id)
|
||||
portainer_deploy_stack("networks", stacks, endpoint_id)
|
||||
# portainer_deploy_stack("volumes", stacks, endpoint_id)
|
||||
# portainer_deploy_stack("backend", stacks, endpoint_id)
|
||||
# portainer_deploy_stack("frontend", stacks, endpoint_id)
|
||||
portainer_deploy_stack("volumes", stacks, endpoint_id)
|
||||
portainer_deploy_stack("backend", stacks, endpoint_id)
|
||||
portainer_deploy_stack("frontend", stacks, endpoint_id)
|
||||
print("Stack deployed!")
|
||||
|
||||
|
||||
|
||||
@@ -7,13 +7,14 @@ services:
|
||||
ports:
|
||||
- "3000:3000"
|
||||
volumes:
|
||||
- grafana:/var/lib/grafana
|
||||
- stack_grafana:/var/lib/grafana
|
||||
deploy:
|
||||
replicas: 1
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
networks:
|
||||
- i-form_research_server_stack
|
||||
i-form_research_server_stack:
|
||||
ipv4_address: "172.252.0.12"
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.go.rule=Path(`/`)"
|
||||
@@ -31,7 +32,8 @@ services:
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
networks:
|
||||
- i-form_research_server_stack
|
||||
i-form_research_server_stack:
|
||||
ipv4_address: "172.252.0.13"
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.go.rule=Path(`/`)"
|
||||
@@ -43,9 +45,10 @@ services:
|
||||
ports:
|
||||
- "8082:8080"
|
||||
volumes:
|
||||
- senaite:/data
|
||||
- stack_senaite:/data
|
||||
networks:
|
||||
- i-form_research_server_stack
|
||||
i-form_research_server_stack:
|
||||
ipv4_address: "172.252.0.14"
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.go.rule=Path(`/`)"
|
||||
@@ -53,14 +56,10 @@ services:
|
||||
# We also need to add a service for the elabftw instance and its database
|
||||
elabftw:
|
||||
image: elabftw/elabimg:latest
|
||||
# tty: true
|
||||
# stdin_open: true
|
||||
deploy:
|
||||
replicas: 1
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
depends_on:
|
||||
- mysql
|
||||
cap_drop:
|
||||
- ALL
|
||||
cap_add:
|
||||
@@ -74,7 +73,7 @@ services:
|
||||
- elabftw_secret_key
|
||||
environment:
|
||||
SECRET_KEY: /run/secrets/elabftw_secret_key
|
||||
DB_HOST: "localhost"
|
||||
DB_HOST: "172.252.0.7"
|
||||
DB_PORT: "3306"
|
||||
DB_NAME: "elabftw"
|
||||
DB_USER: "elabftw"
|
||||
@@ -85,22 +84,80 @@ services:
|
||||
TZ: "Europe/Paris"
|
||||
SERVER_NAME: "I-Form eLabFTW"
|
||||
SITE_URL: "127.0.0.1:443" # "elab.i-form.ie"
|
||||
DISABLE_HTTPS: 1
|
||||
# DISABLE_HTTPS: 1
|
||||
ENABLE_LETSENCRYPT: 0
|
||||
ports:
|
||||
- "3148:443"
|
||||
# - "443:443"
|
||||
- "443:443"
|
||||
volumes:
|
||||
- elabftw_uploads:/elabftw/uploads
|
||||
- elabftw_var:/var/elabftw
|
||||
- elabftw_etc:/etc/elabftw
|
||||
- stack_elabftw_uploads:/elabftw/uploads
|
||||
- stack_elabftw_var:/var/elabftw
|
||||
- stack_elabftw_etc:/etc/elabftw
|
||||
# if you have enabled letsencrypt, uncomment the line below
|
||||
# path to the folder with TLS certificate + private key
|
||||
# host:container
|
||||
#- /etc/letsencrypt:/ssl
|
||||
networks:
|
||||
- i-form_research_server_stack
|
||||
i-form_research_server_stack:
|
||||
ipv4_address: "172.252.0.15"
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.go.rule=Path(`/`)"
|
||||
- "traefik.http.services.go.loadbalancer.server.port=443"
|
||||
- "traefik.http.services.go.loadbalancer.server.port=443"
|
||||
|
||||
networks:
|
||||
i-form_research_server_stack:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
stack_rsync_run:
|
||||
external: true
|
||||
stack_rsync_log:
|
||||
external: true
|
||||
stack_rsync_etc:
|
||||
external: true
|
||||
stack_traefik:
|
||||
external: true
|
||||
stack_letsencrypt:
|
||||
external: true
|
||||
stack_coredns:
|
||||
external: true
|
||||
stack_web:
|
||||
external: true
|
||||
stack_grafana:
|
||||
external: true
|
||||
stack_dataverse:
|
||||
external: true
|
||||
stack_dataverse_db:
|
||||
external: true
|
||||
stack_dataverse_secrets:
|
||||
external: true
|
||||
stack_dataverse_solr_data:
|
||||
external: true
|
||||
stack_dataverse_triggers:
|
||||
external: true
|
||||
stack_dataverse_solr:
|
||||
external: true
|
||||
stack_dataverse_minio:
|
||||
external: true
|
||||
stack_dataverse_config:
|
||||
external: true
|
||||
stack_dataverse_schema:
|
||||
external: true
|
||||
stack_dataverse_init:
|
||||
external: true
|
||||
stack_dataverse_data:
|
||||
external: true
|
||||
stack_dataverse_docroot:
|
||||
external: true
|
||||
stack_neo4j:
|
||||
external: true
|
||||
stack_senaite:
|
||||
external: true
|
||||
stack_elabftw_uploads:
|
||||
external: true
|
||||
stack_elabftw_var:
|
||||
external: true
|
||||
stack_elabftw_etc:
|
||||
external: true
|
||||
stack_elabftw_sql:
|
||||
external: true
|
||||
Reference in New Issue
Block a user