From 9cdbdabb657b4a4e754c050d09ea8733c9855510 Mon Sep 17 00:00:00 2001
From: Cian Hughes <chughes000@gmail.com>
Date: Wed, 29 Jan 2025 14:28:34 +0000
Subject: [PATCH] Combined landing with repo and serving repo directly via
 caddy

---
 caddy/Caddyfile      |  9 ++---
 caddy/repo.caddyfile | 66 ++++++++++++++++++++++++++++++++++++
 docker-compose.yaml  | 79 +++++++++++++++++++++++++++++++++++++++++---
 3 files changed, 144 insertions(+), 10 deletions(-)
 create mode 100644 caddy/repo.caddyfile

diff --git a/caddy/Caddyfile b/caddy/Caddyfile
index 247d32f..be5ecf6 100644
--- a/caddy/Caddyfile
+++ b/caddy/Caddyfile
@@ -1,3 +1,5 @@
+import repo.caddyfile
+
 {
     admin off
 }
@@ -19,12 +21,7 @@
     }
     handle /repo* {
         uri strip_prefix /repo
-        reverse_proxy am-d-model-data-repository-frontend:80 {
-            header_up X-Forwarded-Proto https
-            header_up X-Forwarded-For {remote}
-            header_up X-Real-IP {remote}
-            header_up Host {host}
-        }
+        import repo_site
     }
 }
 
diff --git a/caddy/repo.caddyfile b/caddy/repo.caddyfile
new file mode 100644
index 0000000..3c6ed37
--- /dev/null
+++ b/caddy/repo.caddyfile
@@ -0,0 +1,66 @@
+(repo_cors) {
+    header {
+        Access-Control-Allow-Origin  *
+        Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE, OPTIONS"
+        Access-Control-Allow-Headers "*"
+        Access-Control-Allow-Credentials true
+        Strict-Transport-Security "max-age=15768000"
+        # Request ID tracing
+        +X-Request-ID {uuid}
+    }
+}
+
+(repo_common_proxy) {
+    # Equivalent to proxy_request_buffering off
+    request_body_read_buffer_size 100mb
+    # Set headers similar to uwsgi_param
+    header_up Host {host}
+    header_up X-Forwarded-For {remote_host}
+    header_up X-Forwarded-Proto {scheme}
+    header_up X-Request-ID {uuid}
+    # Remove sensitive headers
+    header_down -X-Session-ID
+    header_down -X-User-ID
+}
+
+(repo_site) {
+    import repo_cors
+
+    # UI Server routes
+    handle / {
+        reverse_proxy repo-web-ui:5000 {
+            import repo_common_proxy
+            # Default max upload size 100MB
+            request_body_max_size 100mb
+        }
+    }
+
+    # API routes
+    handle /api/* {
+        reverse_proxy repo-web-api:5000 {
+            import repo_common_proxy
+            # Default max upload size 100MB
+            request_body_max_size 100mb
+        }
+    }
+
+    # Large file upload API routes
+    handle_path /api/records/*/draft/files/*/content {
+        reverse_proxy repo-web-api:5000 {
+            import repo_common_proxy
+            # Max upload size 50GB
+            request_body_max_size 50gb
+            encode gzip
+        }
+    }
+
+    handle /static/* {
+        root * /opt/invenio/var/instance/static
+        file_server
+    }
+
+    handle /robots.txt {
+        root * /opt/invenio/var/instance/static
+        file_server
+    }
+}
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 0f6c79d..83a2fcb 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -14,25 +14,96 @@ services:
         image: docker.io/library/caddy:latest
         depends_on:
             - site
+            - repo-web-ui
         networks:
             - am-d-model-network
-            - am-d-model-repo-network
         ports:
             - "80:80"
             - "443:443"
         volumes:
             - caddy_data:/data
             - ./caddy:/etc/caddy
+            - repo_static_data:/opt/invenio/var/instance/static
         restart: unless-stopped
         labels:
             - "io.containers.autoupdate=registry"
+    repo-cache:
+        extends:
+          file: repo/docker-services.yml
+          service: cache
+        networks:
+          - am-d-model-network
+    repo-db:
+        extends:
+          file: repo/docker-services.yml
+          service: db
+        networks:
+          - am-d-model-network
+    repo-mq:
+        extends:
+          file: repo/docker-services.yml
+          service: mq
+        networks:
+          - am-d-model-network
+    repo-search:
+        extends:
+          file: repo/docker-services.yml
+          service: search
+        networks:
+          - am-d-model-network
+    repo-s3:
+      extends:
+        file: repo/docker-services.yml
+        service: s3
+      networks:
+        - am-d-model-network
+    # UI Application
+    repo-web-ui:
+      extends:
+        file: repo/docker-services.yml
+        service: app
+      command: ["uwsgi /opt/invenio/var/instance/uwsgi_ui.ini"]
+      image: am-d-model-data-repository:latest
+      ports:
+        - "5000"
+      volumes:
+        - repo_static_data:/opt/invenio/var/instance/static
+      networks:
+        - am-d-model-network
+    # API Rest Application
+    repo-web-api:
+      extends:
+        file: repo/docker-services.yml
+        service: app
+      command: ["uwsgi /opt/invenio/var/instance/uwsgi_rest.ini"]
+      image: am-d-model-data-repository:latest
+      ports:
+        - "5000"
+      networks:
+        - am-d-model-network
+    # Worker
+    repo-worker:
+      extends:
+        file: repo/docker-services.yml
+        service: app
+      command: ["celery -A invenio_app.celery worker --beat --loglevel=INFO"]
+      image: am-d-model-data-repository:latest
+      depends_on:
+        repo-search:
+          condition: service_started
+        repo-cache:
+          condition: service_started
+        repo-db:
+          condition: service_started
+        repo-mq:
+          condition: service_started
+      networks:
+        - am-d-model-network
 
 networks:
     am-d-model-network:
         name: am-d-model-network
-    am-d-model-repo-network:
-        name: am-d-model-repo-network
-        external: true
 
 volumes:
     caddy_data:
+    repo_static_data: