From 00de98d5e3bc836715d04b7d8b8934389062f63d Mon Sep 17 00:00:00 2001 From: jaseg Date: Tue, 5 Jul 2022 22:31:09 +0200 Subject: gerboweb: Add prod container build --- gerboweb/Containerfile | 18 ++++++++++++++++++ gerboweb/ansible/uwsgi-gerboweb.ini | 1 + gerboweb/gerboweb.cfg | 4 ---- gerboweb/gerboweb.py | 6 ++++++ gerboweb/gerboweb_prod.cfg | 3 +++ gerboweb/uwsgi-gerboweb.ini | 11 +++++++++++ 6 files changed, 39 insertions(+), 4 deletions(-) create mode 100644 gerboweb/Containerfile delete mode 100644 gerboweb/gerboweb.cfg create mode 100644 gerboweb/gerboweb_prod.cfg create mode 100644 gerboweb/uwsgi-gerboweb.ini diff --git a/gerboweb/Containerfile b/gerboweb/Containerfile new file mode 100644 index 0000000..5733b48 --- /dev/null +++ b/gerboweb/Containerfile @@ -0,0 +1,18 @@ +FROM docker.io/archlinux:latest +MAINTAINER gerbolyze@jaseg.de +RUN pacman --noconfirm -Syu +RUN pacman --noconfirm -Sy pugixml opencv pango cairo git python make clang cargo python-pip base-devel gerbv rsync tmux uwsgi uwsgi-plugin-python +RUN cargo install usvg resvg +RUN python3 -m pip install pip==21.3.1 +RUN python3 -m pip install flask numpy lxml wasmtime svg_flatten_wasi resvg_wasi flask_wtf +RUN --mount=type=bind,rw,destination=/git \ + cd /git/gerbonara && \ + python3 -m pip --disable-pip-version-check install . && \ + cd /git && \ + python3 -m pip --disable-pip-version-check install . +RUN mkdir /gerboweb +ADD ["gerboweb/uwsgi-gerboweb.ini","gerboweb/gerboweb.py","gerboweb/job_processor.py","gerboweb/job_queue.py","/gerboweb/"] +ADD ["gerboweb/static","/gerboweb/"] +ADD ["gerboweb/templates","/gerboweb/"] +ADD gerboweb/gerboweb_prod.cfg /gerboweb/gerboweb.cfg +ENTRYPOINT uwsgi --ini /gerboweb/uwsgi-gerboweb.ini --chmod-socket=660 --socket=/run/uwsgi/socket diff --git a/gerboweb/ansible/uwsgi-gerboweb.ini b/gerboweb/ansible/uwsgi-gerboweb.ini index 155d01a..c88d321 100644 --- a/gerboweb/ansible/uwsgi-gerboweb.ini +++ b/gerboweb/ansible/uwsgi-gerboweb.ini @@ -7,4 +7,5 @@ plugins = python3 chdir = /var/lib/gerboweb mount = /=gerboweb:app env = GERBOWEB_SETTINGS=gerboweb_prod.cfg +mule = job_processor.py diff --git a/gerboweb/gerboweb.cfg b/gerboweb/gerboweb.cfg deleted file mode 100644 index 02ea211..0000000 --- a/gerboweb/gerboweb.cfg +++ /dev/null @@ -1,4 +0,0 @@ -MAX_CONTENT_LENGTH=10000000 -SECRET_KEY="FIXME: CHANGE THIS KEY" -UPLOAD_PATH="/var/cache/gerboweb/upload" -JOB_QUEUE_DB="/var/cache/gerboweb/job_queue.sqlite3" diff --git a/gerboweb/gerboweb.py b/gerboweb/gerboweb.py index 0a0dda0..6ab255c 100644 --- a/gerboweb/gerboweb.py +++ b/gerboweb/gerboweb.py @@ -6,6 +6,7 @@ import tempfile import uuid from functools import wraps from os import path +from pathlib import Path import os import sqlite3 @@ -20,6 +21,11 @@ from job_queue import JobQueue app = Flask(__name__, static_url_path='/static') app.config.from_envvar('GERBOWEB_SETTINGS') +if app.config['SECRET_KEY'] is None: + if (p := Path('/run/secrets/gerboweb')).isfile(): + app.config['SECRET_KEY'] = p.read_bytes() + else: + app.config['SECRET_KEY'] = os.urandom(32) class UploadForm(FlaskForm): upload_file = FileField(validators=[DataRequired()]) diff --git a/gerboweb/gerboweb_prod.cfg b/gerboweb/gerboweb_prod.cfg new file mode 100644 index 0000000..1f4b0f8 --- /dev/null +++ b/gerboweb/gerboweb_prod.cfg @@ -0,0 +1,3 @@ +MAX_CONTENT_LENGTH=10000000 +UPLOAD_PATH="/var/cache/gerboweb/upload" +JOB_QUEUE_DB="/var/cache/gerboweb/job_queue.sqlite3" diff --git a/gerboweb/uwsgi-gerboweb.ini b/gerboweb/uwsgi-gerboweb.ini new file mode 100644 index 0000000..94aaa88 --- /dev/null +++ b/gerboweb/uwsgi-gerboweb.ini @@ -0,0 +1,11 @@ +[uwsgi] +master = True +cheap = True +die-on-idle = False +manage-script-name = True +plugins = python3 +chdir = /gerboweb +mount = /=gerboweb:app +env = GERBOWEB_SETTINGS=gerboweb.cfg +mule = job_processor.py + -- cgit