From 3685e3111fa63ec3875a929ea58d0797bd2c33ab Mon Sep 17 00:00:00 2001 From: sadnub Date: Sun, 5 Sep 2021 23:49:10 -0400 Subject: [PATCH] fix docker prod spinup. Move api container to uwsgi --- .devcontainer/.env.example | 1 + .devcontainer/docker-compose.yml | 1 + .../containers/tactical-nginx/entrypoint.sh | 17 ++----- docker/containers/tactical/dockerfile | 3 +- docker/containers/tactical/entrypoint.sh | 44 +++++++++++-------- docker/image-build.sh | 2 +- 6 files changed, 34 insertions(+), 34 deletions(-) diff --git a/.devcontainer/.env.example b/.devcontainer/.env.example index b92a9e98..89aec640 100644 --- a/.devcontainer/.env.example +++ b/.devcontainer/.env.example @@ -25,6 +25,7 @@ POSTGRES_PASS=postgrespass # DEV SETTINGS APP_PORT=80 API_PORT=80 +API_PROTOCOL=https:// HTTP_PROTOCOL=https DOCKER_NETWORK=172.21.0.0/24 DOCKER_NGINX_IP=172.21.0.20 diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index a21966a9..17ca0f1b 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -209,6 +209,7 @@ services: CERT_PRIV_KEY: ${CERT_PRIV_KEY} APP_PORT: ${APP_PORT} API_PORT: ${API_PORT} + API_PROTOCOL: ${API_PROTOCOL} networks: dev: ipv4_address: ${DOCKER_NGINX_IP} diff --git a/docker/containers/tactical-nginx/entrypoint.sh b/docker/containers/tactical-nginx/entrypoint.sh index 4dcd24fa..a2745aea 100644 --- a/docker/containers/tactical-nginx/entrypoint.sh +++ b/docker/containers/tactical-nginx/entrypoint.sh @@ -5,6 +5,7 @@ set -e : "${WORKER_CONNECTIONS:=2048}" : "${APP_PORT:=80}" : "${API_PORT:=80}" +: "${API_PROTOCOL:=}" # blank for uwgsi CERT_PRIV_PATH=${TACTICAL_DIR}/certs/privkey.pem CERT_PUB_PATH=${TACTICAL_DIR}/certs/fullchain.pem @@ -37,20 +38,10 @@ server { location / { #Using variable to disable start checks - set \$api http://tactical-backend:${API_PORT}; + set \$api ${API_PROTOCOL}tactical-backend:${API_PORT}; - proxy_pass \$api; - proxy_http_version 1.1; - proxy_cache_bypass \$http_upgrade; - - proxy_set_header Upgrade \$http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host \$host; - proxy_set_header X-Real-IP \$remote_addr; - proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto \$scheme; - proxy_set_header X-Forwarded-Host \$host; - proxy_set_header X-Forwarded-Port \$server_port; + include uwsgi_params; + uwsgi_pass \$api; } location /static/ { diff --git a/docker/containers/tactical/dockerfile b/docker/containers/tactical/dockerfile index fbf669b3..761133ce 100644 --- a/docker/containers/tactical/dockerfile +++ b/docker/containers/tactical/dockerfile @@ -18,8 +18,7 @@ RUN apt-get update && \ apt-get install -y --no-install-recommends gcc libc6-dev && \ rm -rf /var/lib/apt/lists/* && \ pip install --upgrade pip && \ - pip install --no-cache-dir setuptools wheel gunicorn && \ - sed -i '/uWSGI/d' ${TACTICAL_TMP_DIR}/api/requirements.txt && \ + pip install --no-cache-dir setuptools wheel && \ pip install --no-cache-dir -r ${TACTICAL_TMP_DIR}/api/requirements.txt diff --git a/docker/containers/tactical/entrypoint.sh b/docker/containers/tactical/entrypoint.sh index 45c1c4ef..b725520f 100644 --- a/docker/containers/tactical/entrypoint.sh +++ b/docker/containers/tactical/entrypoint.sh @@ -36,7 +36,8 @@ if [ "$1" = 'tactical-init' ]; then mkdir -p ${TACTICAL_DIR}/tmp mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/private/exe - mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/logs + mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/private/log + touch ${TACTICAL_DIR}/api/tacticalrmm/private/log/django_debug.log until (echo > /dev/tcp/"${POSTGRES_HOST}"/"${POSTGRES_PORT}") &> /dev/null; do echo "waiting for postgresql container to be ready..." @@ -98,6 +99,28 @@ EOF echo "${localvars}" > ${TACTICAL_DIR}/api/tacticalrmm/local_settings.py + +uwsgiconf="$(cat << EOF +[uwsgi] +chdir = /opt/tactical/api +module = tacticalrmm.wsgi +home = /opt/venv +master = true +processes = 8 +threads = 2 +enable-threads = true +socket = 0.0.0.0:80 +chmod-socket = 660 +buffer-size = 65535 +vacuum = true +die-on-term = true +max-requests = 2000 +EOF +)" + + echo "${uwsgiconf}" > ${TACTICAL_DIR}/api/uwsgi.ini + + # run migrations and init scripts python manage.py migrate --no-input python manage.py collectstatic --no-input @@ -123,22 +146,7 @@ fi if [ "$1" = 'tactical-backend' ]; then check_tactical_ready - # Prepare log files and start outputting logs to stdout - mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/logs - touch ${TACTICAL_DIR}/api/tacticalrmm/logs/gunicorn.log - touch ${TACTICAL_DIR}/api/tacticalrmm/logs/gunicorn-access.log - tail -n 0 -f ${TACTICAL_DIR}/api/tacticalrmm/logs/gunicorn*.log & - - export DJANGO_SETTINGS_MODULE=tacticalrmm.settings - - exec gunicorn tacticalrmm.wsgi:application \ - --name tactical-backend \ - --bind 0.0.0.0:80 \ - --workers 5 \ - --log-level=info \ - --log-file=${TACTICAL_DIR}/api/tacticalrmm/logs/gunicorn.log \ - --access-logfile=${TACTICAL_DIR}/api/tacticalrmm/logs/gunicorn-access.log \ - + uwsgi ${TACTICAL_DIR}/api/uwsgi.ini fi if [ "$1" = 'tactical-celery' ]; then @@ -152,7 +160,7 @@ if [ "$1" = 'tactical-celerybeat' ]; then celery -A tacticalrmm beat -l info fi -# backend container +# websocket container if [ "$1" = 'tactical-websockets' ]; then check_tactical_ready diff --git a/docker/image-build.sh b/docker/image-build.sh index a11447d9..95af4d2e 100755 --- a/docker/image-build.sh +++ b/docker/image-build.sh @@ -4,7 +4,7 @@ set -o errexit set -o pipefail # tactical tactical-frontend tactical-nats tactical-nginx -DOCKER_IMAGES="tactical tactical-frontend tactical-nats tactical-nginx tactical-meshcentral" +DOCKER_IMAGES="tactical" cd ..