UCMercedACM · No767 · Sep 10, 2024 · Sep 9, 2024 · Sep 9, 2024 · Sep 9, 2024
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,10 @@
+# ENV files
+**/.env
+
+# Logs
+**/*.log
+
+# Cache files
+**/__pycache__
+**/*.py[cod]
+**/*$py.class
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -0,0 +1,53 @@
+name: Docker
+
+on:
+  push:
+    branches: [main]
+    tags: ["v*"]
+
+jobs:
+  Build-and-Push:
+    runs-on: ubuntu-latest
+
+    # We want to filter out dependabot and pre-commit
+    # automated pushes to main
+    if: ${{ github.actor != 'dependabot[bot]'}} && ${{ github.actor != 'pre-commit-ci[bot]'}}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Prepare Docker Meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ghcr.io/${{ github.repository_owner }}/kanae
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=edge,branch=main
+
+      - name: Setup Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          version: latest
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./docker/Dockerfile
+          push: true
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/kanae-build-cache:server
+          cache-to: type=registry,mode=max,ref=ghcr.io/${{ github.repository_owner }}/kanae-build-cache:server
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/config-example.yml b/config-example.yml
@@ -0,0 +1,37 @@
+# --------------------------------- #
+#    Kanae's Configuration file     #
+# --------------------------------- #
+# This holds the configuration for Kanae. This file is not settable during runtime.
+# If you wish to change the values, change and save, and restart your server
+
+# Entries pertaining to Kanae are located here
+kanae:
+
+  # Host that the server will use.
+  # Set to 0.0.0.0 if running in Docker
+  host: 127.0.0.1
+
+  # Port that the server binds to.
+  # Defaults to 8000
+  port: 8000
+
+
+  # Prometheus exporter for Kanae. The following keys are used in order to control
+  # the behavior of the Prometheus exporter
+  prometheus:
+
+    # Whether the Prometheus exporter is enabled or not
+    enabled: False
+
+    # The host that the Prometheus exporter will bind to. By default,
+    # it will always be set to 127.0.0.1
+    host: "127.0.0.1"
+
+    # The port used for the Prometheus exporter. By default,
+    # it will always be set to 9555
+    port: 9555
+
+# The PostgreSQL connection URI that is used to connect to the database
+# The URI must be valid, and components will need to be quoted.
+# See https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING
+postgres_uri: "postgresql://user:password@localhost:5432/user"
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -0,0 +1,39 @@
+FROM python:3.12-slim-bookworm
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update \
+  && apt-get install -y --no-install-recommends \
+  bash \
+  git \
+  netcat-traditional \
+  tini \
+  && apt-get clean
+
+WORKDIR /kanae
+COPY /server /kanae/server/
+COPY /docker/start.sh /kanae/start.sh
+COPY /docker/wait-for /kanae/wait-for
+COPY /requirements.txt /kanae/requirements.txt
+
+RUN adduser --disabled-password --gecos "" kanae \
+  && chown -R kanae:kanae /kanae \
+  && chmod +x /kanae/start.sh \
+  && chmod +x /kanae/wait-for
+
+USER kanae
+
+ENV PATH="${PATH}:${HOME}/.local/bin"
+
+RUN pip install --user -r requirements.txt
+
+ENTRYPOINT ["/usr/bin/tini", "--"]
+
+CMD ["/kanae/start.sh"]
+
+STOPSIGNAL SIGTERM
+
+LABEL org.opencontainers.image.title="Kanae"
+LABEL org.opencontainers.image.description="Internal backend server for ACM @ UC Merced"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.source="https://github.com/UCMercedACM/kanae"
diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml
@@ -0,0 +1,18 @@
+name: kanae_dev
+
+# For development purposes, it is recommended just to launch the server and use it's HMR feature instead
+services:
+  database:
+    container_name: kanae_postgres
+    image: postgres:16
+    environment:
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
+      POSTGRES_USER: ${DB_USERNAME}
+    volumes:
+      - database:/var/lib/postgresql/data
+    ports:
+      - 5432:5432
+
+volumes:
+  database:
diff --git a/docker/docker-compose.prod.yml b/docker/docker-compose.prod.yml
@@ -0,0 +1,58 @@
+name: kanae
+
+services:
+  kanae:
+    container_name: kanae
+    image: ghcr.io/UCMercedACM/kanae:edge
+    volumes:
+      # Do not edit the next line. If you want to change the path of the configuration file, please edit the CONFIG_LOCATION variable
+      - ${CONFIG_LOCATION}:/kanae/server/config.yml
+    ports:
+      - 9619:9619
+    depends_on:
+      - database
+    # Safety script to fully wait until PostgreSQL is up
+    command: sh -c '/kanae/wait-for database:5432 -- echo "[Wait-for] PostgreSQL is fully up. Starting Kanae." && /kanae/start.sh'
+    restart: always
+
+  database:
+    container_name: kanae_postgres
+    image: postgres:16
+    environment:
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
+      POSTGRES_USER: ${DB_USERNAME}
+      POSTGRES_INITDB_ARGS: '--data-checksums'
+    ports:
+      - 5432:5432
+    volumes:
+      - database:/var/lib/postgresql/data
+    healthcheck:
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
+      interval: 5m
+      start_interval: 30s
+      start_period: 5m
+    restart: always
+
+  kanae-prometheus:
+    container_name: kanae_prometheus
+    ports:
+      - 9090:9090
+    image: prom/prometheus:latest
+    volumes:
+      - ./prometheus.yml:/etc/prometheus/prometheus.yml
+      - prometheus-data:/prometheus
+
+  # first login uses admin/admin
+  # add data source for http://kanae-prometheus:9090 to get started
+  kanae-grafana:
+    container_name: kanae_grafana
+    command: ['./run.sh', '-disable-reporting']
+    ports:
+      - 3000:3000
+    image: grafana/grafana-enterprise:latest-ubuntu
+    volumes:
+      - grafana-data:/var/lib/grafana
+
+volumes:
+  database:
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
@@ -0,0 +1,38 @@
+name: kanae
+
+services:
+  kanae:
+    container_name: kanae
+    image: ghcr.io/UCMercedACM/kanae:edge
+    volumes:
+      # Do not edit the next line. If you want to change the path of the configuration file, please edit the CONFIG_LOCATION variable
+      - ${CONFIG_LOCATION}:/kanae/server/config.yml
+    ports:
+      - 9619:9619
+    depends_on:
+      - database
+    # Safety script to fully wait until PostgreSQL is up
+    command: sh -c '/kanae/wait-for database:5432 -- echo "[Wait-for] PostgreSQL is fully up. Starting Kanae." && /kanae/start.sh'
+    restart: always
+
+  database:
+    container_name: kanae_postgres
+    image: postgres:16
+    environment:
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
+      POSTGRES_USER: ${DB_USERNAME}
+      POSTGRES_INITDB_ARGS: '--data-checksums'
+    ports:
+      - 5432:5432
+    volumes:
+      - database:/var/lib/postgresql/data
+    healthcheck:
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
+      interval: 5m
+      start_interval: 30s
+      start_period: 5m
+    restart: always
+
+volumes:
+  database:
diff --git a/docker/example.env b/docker/example.env
@@ -0,0 +1,11 @@
+# The location of where Rodhaj's configuration is stored.
+# The configuration can be found under the config-example.yml
+CONFIG_LOCATION=./config.yml
+
+# Connection secret for the postgres user. You should change it to a random password
+DB_PASSWORD=password
+
+# The values below this line do not need to be changed
+###################################################################################
+DB_USERNAME=postgres
+DB_DATABASE_NAME=kanae
diff --git a/docker/prometheus.yml b/docker/prometheus.yml
@@ -0,0 +1,8 @@
+global:
+  scrape_interval:     15s
+  evaluation_interval: 15s
+
+scrape_configs:
+  - job_name: kanae
+    static_configs:
+      - targets: ['kanae:9555']
diff --git a/docker/start.sh b/docker/start.sh
@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+KANAE_FIRST_START_CHECK="KANAE_FIRST_START"
+
+if [ ! -f $KANAE_FIRST_START_CHECK ]; then
+    touch $KANAE_FIRST_START_CHECK
+    echo "DO NOT EDIT THIS FILE! THIS IS USED WHEN YOU FIRST RUN KANAE USING DOCKER!" >> $KANAE_FIRST_START_CHECK
+    # python3 /kanae/server/migrations.py init
+fi
+
+exec python3 /kanae/server/launcher.py --no-workers