dockerfile

deploy/websoft9.service

@@ -14,3 +14,9 @@ StandardError=syslog
 
 [Install]
 WantedBy=multi-user.target
+
+
+
+internal_ip=$(ip addr show eth0 | awk '/inet /{split($2, a, "/"); print a[1]}')
+nsenter -m -u -i -n -p -t 1 sh -c "sed -i '/websoft9-apphub/d' /etc/hosts"
+nsenter -m -u -i -n -p -t 1 sh -c "echo $internal_ip websoft9-apphub>> /etc/hosts"

docker/w9apphub/.env

@@ -1,4 +1,3 @@
-APP_NAME=websoft9-appmanage
+APP_NAME=websoft9-apphub
 APP_VERSION=0.8.17
-APP_HTTP_PORT=5000
 APP_NETWORK=websoft9

docker/w9apphub/Dockerfile

@@ -2,24 +2,46 @@ FROM python:3.10-slim
 LABEL maintainer="Websoft9<help@websoft9.com>"
 LABEL version="0.0.1"
 
-# Create API Directory
-WORKDIR  /usr
+ENV LIBRARY_VERSION=v0.5.4
 
-# Copy source and install pip dpendencies
-COPY ../../appmanage_new/src /usr
-COPY ../../appmanage_new/requirements.txt  /usr
+
+# RUN mkdir /usr/src/app/config
+WORKDIR  /usr/websoft9
 
 RUN apt update
+RUN apt install -y supervisor wget git zip
 
-# Install supervisord
-RUN apt install -y supervisor iproute2
+RUN wget https://github.com/Websoft9/docker-library/archive/refs/tags/$LIBRARY_VERSION.zip -O /usr/websoft9/library.zip
+RUN unzip library.zip
+RUN mkdir credentials
+RUN echo "This folder stored the credentials of other services that apphub will connect" > credentials/readme
+
+# Contentful
+
+
+# Copy source and install pip dpendencies
+# Todo: add virtualenv for Python install
+COPY ../../appmanage_new ./apphub
+RUN pip install -r apphub/requirements.txt
+
+
+# supervisor
 COPY config/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
-COPY config/cmd.sh /cmd.sh
-RUN chmod +x /etc/supervisor/conf.d/supervisord.conf /cmd.sh
-RUN pip install -r requirements.txt
-RUN mkdir /data 
-RUN mkdir /usr/src/app/config
-COPY config/settings.conf /usr/src/app/config/
+RUN chmod +r /etc/supervisor/conf.d/supervisord.conf
+
+# entrypoint
+COPY config/entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+
+VOLUME /usr/websoft9/apphub/logs
+VOLUME /usr/websoft9/apphub/src/conf
+VOLUME /usr/websoft9/media
+
+# Clean
+RUN rm -rf apphub/docs apphub/tests library.zip
 
 # Expose the port in which the application will be deployed
-EXPOSE 5000
+EXPOSE 8080
+
+ENTRYPOINT [/entrypoint.sh]

docker/w9apphub/config/cmd.sh

@@ -1,9 +0,0 @@
-#!/bin/bash
-
-# start by supervisord
-internal_ip=$(ip addr show eth0 | awk '/inet /{split($2, a, "/"); print a[1]}')
-nsenter -m -u -i -n -p -t 1 sh -c "sed -i '/websoft9-apphub/d' /etc/hosts"
-nsenter -m -u -i -n -p -t 1 sh -c "echo $internal_ip websoft9-apphub>> /etc/hosts"
-/usr/bin/supervisord
-supervisorctl start all
-tail -f /dev/null

docker/w9apphub/config/entrypoint.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# start by supervisord
+
+/usr/bin/supervisord
+supervisorctl start all
+tail -f /dev/null

docker/w9apphub/config/supervisord.conf

@@ -1,12 +1,10 @@
 [supervisord]
+
 nodaemon=false
 uvicorn app.main:app --reload --port 8080
-[program:appmanage]
+
+[program:apphub]
+
 command=uvicorn main:get_app --host 0.0.0.0 --port 5000 --log-level info
 autostart=true
-directory=/usr/src/app
-
-[program:job]
-command=rq worker --url redis://websoft9-redis:6379/0
-autostart=true
-directory=/usr/src/app
+directory=/usr/websoft9/apphub

docker/w9apphub/credential.json

@@ -0,0 +1,2 @@
+# filename=container_name
+{"username":"appuser","password":"apppassword"}

docker/w9apphub/docker-compose.yml

@@ -6,7 +6,7 @@ services:
     container_name: ${APP_NAME}
     pid: host
     privileged: true
-    restart: unless-stopped
+    restart: always
     volumes:
       - apphub-logs:/usr/src/app/logs
       - apphub-db:/usr/src/app/db

docker/w9deployment/docker-compose.yml

@@ -4,13 +4,17 @@ version: "3.8"
 services:
 
   portainer:
-    container_name: websoft9-deploy
-    image: websoft9dev/deploy:2.19.0
+    container_name: websoft9-deployment
+    image: websoft9dev/deployment:2.19.0
     entrypoint: ["/init_portainer"]
-    restart: unless-stopped
+    restart: always
+    ports:
+      - 9001-9999:9000
     volumes:
       - portainer:/data
       - /var/run/docker.sock:/var/run/docker.sock
+    labels:
+      com.docker.compose.w9_http.port: 9000
 
 networks:
   default:

docker/w9git/.env

@@ -5,6 +5,7 @@ APP_NETWORK=websoft9
 INSTALL_LOCK=true
 DISABLE_SSH=true
 RUN_MODE=prod
+# container inner port
 HTTP_PORT=3000
 DISABLE_REGISTRATION=false
 REQUIRE_SIGNIN_VIEW=false

docker/w9git/Dockerfile

@@ -3,6 +3,5 @@ FROM gitea/gitea:1.20.4
 LABEL maintainer="Websoft9<help@websoft9.com>"
 LABEL version="1.20.4"
 
-COPY init.sh /usr/local/bin/init.sh
-COPY ./init /etc/s6/init
-RUN chmod -R 755 /etc/s6/init /usr/local/bin/init.sh
+COPY ./src/s6/user /etc/s6/user
+RUN chmod -R 755 /etc/s6/user

docker/w9git/README.md

@@ -4,7 +4,4 @@ From official Gitea image, and:
 
 - Complete install wizard automaticlly by enviroment INSTALL_LOCK
 - Use default URL localhost for Host/Root_URL settings
-- Create admin credential by admin cli
-- Disable user register
-- Disable Gravatar
 

docker/w9git/docker-compose.yml

@@ -8,13 +8,17 @@ services:
   gitea:
     container_name: $APP_NAME
     image: websoft9dev/gitea:$APP_VERSION
-    restart: unless-stopped
+    restart: always
     env_file:
       - .env
     volumes:
       - gitea:/data
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
+    ports:
+      - 9001-9999:3000
+    labels:
+      com.docker.compose.w9_http.port: 3000
 
 networks:
   default:

docker/w9git/init/run

@@ -1,7 +0,0 @@
-#!/bin/bash
-
-s6-svwait -u /etc/s6/gitea
-
-pushd /root >/dev/null
-exec  /usr/local/bin/init.sh
-popd

docker/w9git/src/s6/README.md

@@ -0,0 +1,5 @@
+## Readme
+
+- Create admin credential by admin cli
+- to do: Disable user register
+- to do: Disable Gravatar

docker/w9git/src/s6/user/run

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+[[ -f ./setup ]] && source ./setup
+pushd /root >/dev/null
+exec su-exec root /bin/echo ""
+popd

docker/w9git/src/s6/user/setup

@@ -1,5 +1,7 @@
 #!/bin/bash
 
+echo "start  create user shell"
+
 set -e
 
 cred_path="/var/websoft9/credential"
@@ -16,6 +18,7 @@ mkdir -p "$(dirname "$cred_path")"
 
 
 # TODO IF admin is exists, echo it to cred_path
+# TODO wait culr localhost:3000
 
 echo "Create admin credential by admin cli"
 su -c "

docker/w9proxy/.env

@@ -1,7 +1,3 @@
-POWER_PASSWORD=changeme
 APP_NAME=websoft9-proxy
 APP_VERSION=2.10.3
-APP_HTTP_PORT=9092
-APP_USER=admin@example.com
-APP_PASSWORD=$POWER_PASSWORD
 APP_NETWORK=websoft9

docker/w9proxy/docker-compose.yml

@@ -6,14 +6,19 @@ version: "3.8"
 services:
   app:
     image: jc21/nginx-proxy-manager:${APP_VERSION}
-    restart: unless-stopped
+    restart: always
     container_name: ${APP_NAME}
     ports:
       - "80:80"
       - "443:443"
+      - "9001-9999:81"
     volumes:
       - nginx_data:/data
       - nginx_letsencrypt:/etc/letsencrypt
+    labels:
+      com.docker.compose.w9_http.port: 80
+      com.docker.compose.w9_https.port: 443
+      com.docker.compose.w9_console.port: 81
 
 networks:
   default:

docker/w9proxy/get_ip.sh

@@ -1,41 +0,0 @@
-#!/bin/bash
-url_list=(
-  api.ipify.org
-  bot.whatismyipaddress.com
-  icanhazip.com
-  ifconfig.co
-  ident.me
-  ifconfig.me
-  icanhazip.com
-  ipecho.net/plain
-  ipinfo.io/ip
-  ip.sb
-  whatismyip.akamai.com
-  inet-ip.info
-)
-
-curl_ip(){
-  curl --connect-timeout 1 -m 2 $1 2>/dev/null 
-  return $?
-}
-
-debug(){
-  for x in ${url_list[*]}
-    do
-      curl_ip $x
-    done
-}
-
-print_ip(){
-  for n in ${url_list[*]}
-    do
-       public_ip=`curl_ip $n`
-       check_ip=`echo $public_ip | awk -F"." '{print NF}'`
-    if [ ! -z "$public_ip" -a $check_ip -eq "4" ]; then
-       echo $public_ip
-       exit 0
-    fi
-    done
-}
-#debug
-print_ip

docker/w9proxy/initproxy.conf

@@ -17,73 +17,110 @@ server {
     rewrite ^/locales/(.*) /portainer/locales/$1 break; 
   }
 
-location /portainer/ {
-    proxy_set_header Host $host;
-    proxy_set_header X-Forwarded-Scheme $scheme;
-    proxy_set_header X-Forwarded-Proto  $scheme;
-    proxy_set_header X-Forwarded-For    $remote_addr;
-    proxy_set_header X-Real-IP		$remote_addr;
-    proxy_set_header Accept-Encoding \"\";
-    proxy_pass       http://websoft9-portainer:9000/;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection $http_connection;
-    proxy_http_version 1.1;
-    add_header 'Access-Control-Allow-Origin' '*';
-    add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
-    add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
-    if ($request_method = OPTIONS) {
-        return 204;
-    }
-    set $quot_tmp "\"";
-    # set $portainer_jwt "${quot_tmp}${arg_portainer_jwt}${quot_tmp}";
-    set $portainer_jwt "${quot_tmp}${cookie_portainerJWT}${quot_tmp}";
-    sub_filter '</head>' "<script>($portainer_jwt)?window.localStorage.setItem('portainer.JWT', '$portainer_jwt'):null;</script></head>";
-    sub_filter_once on;
-    sub_filter_types *;
-  }
-
-  location /nginxproxymanager/ {
-    proxy_set_header Host $host;
-    proxy_set_header X-Forwarded-Scheme $scheme;
-    proxy_set_header X-Forwarded-Proto  $scheme;
-    proxy_set_header X-Forwarded-For    $remote_addr;
-    proxy_set_header X-Real-IP		$remote_addr;
-    proxy_pass       http://websoft9-nginxproxymanager:81;
-    rewrite  ^/nginxproxymanager/?(.*)$ /$1 break;
-    proxy_http_version 1.1;
-    proxy_redirect off;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_cache_bypass $http_upgrade;
-    proxy_set_header Connection $http_connection;
-    proxy_cache_bypass $http_secret_header;
-    proxy_set_header Accept-Encoding \"\";
-    add_header Pragma "no-cache";
-    add_header Cache-Control "no-cache";
-    if ($request_method = OPTIONS) {
-        return 204;
-    }
-    sub_filter '</head>' "<script>var tokens='$cookie_nginx_tokens';(tokens)?window.localStorage.setItem('nginx-proxy-manager-tokens', '[{\"t\":\"$cookie_nginx_tokens\",\"n\":\"$cookie_nginx_nikeName\"}]'):null;</script></head>";
-    # source changes
-    sub_filter 'href="/' 'href="/nginxproxymanager/';
-    sub_filter 'src="/' 'src="/nginxproxymanager/';
-    sub_filter '/api' '/nginxproxymanager/api';
-    sub_filter '/assets' '/nginxproxymanager/assets';
-    sub_filter '/js/' '/nginxproxymanager/js/';
-    # script changes
-    sub_filter 'r.p="/' 'r.p="/nginxproxymanager/';
-    sub_filter '"/login' '"/nginxproxymanager/login';
-    sub_filter 'case"/logout"' 'case"/nginxproxymanager/logout"';
-    sub_filter 'window.location="/"' 'window.location="/nginxproxymanager/"';
-    sub_filter 'history.start({pushState:!0})' 'history.start({pushState:!0,root: "/nginxproxymanager/"})';
-    sub_filter 'i.history.navigate(e.' 'i.history.navigate(e.replace("/nginxproxymanager","").';
-    sub_filter_types *;
-    sub_filter_once off;
-  }
-
   location / {
-    # Proxy!
-    include conf.d/include/proxy.conf;
-  }
+      # Proxy!
+      include conf.d/include/proxy.conf;
+    }
+
+
+  # proxy for portainer
+  location /w9deployment/ {
+      proxy_set_header Host $host;
+      proxy_set_header X-Forwarded-Scheme $scheme;
+      proxy_set_header X-Forwarded-Proto  $scheme;
+      proxy_set_header X-Forwarded-For    $remote_addr;
+      proxy_set_header X-Real-IP		$remote_addr;
+      proxy_set_header Accept-Encoding \"\";
+      proxy_pass       http://websoft9-deployment:9000/;
+      proxy_set_header Upgrade $http_upgrade;
+      proxy_set_header Connection $http_connection;
+      proxy_http_version 1.1;
+      add_header 'Access-Control-Allow-Origin' '*';
+      add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+      add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
+      if ($request_method = OPTIONS) {
+          return 204;
+      }
+      set $quot_tmp "\"";
+      # set $portainer_jwt "${quot_tmp}${arg_portainer_jwt}${quot_tmp}";
+      set $portainer_jwt "${quot_tmp}${cookie_portainerJWT}${quot_tmp}";
+      sub_filter '</head>' "<script>($portainer_jwt)?window.localStorage.setItem('portainer.JWT', '$portainer_jwt'):null;</script></head>";
+      sub_filter_once on;
+      sub_filter_types *;
+    }
+
+
+  # proxy for Nginx proxy Manager
+  location /w9proxy/ {
+      proxy_set_header Host $host;
+      proxy_set_header X-Forwarded-Scheme $scheme;
+      proxy_set_header X-Forwarded-Proto  $scheme;
+      proxy_set_header X-Forwarded-For    $remote_addr;
+      proxy_set_header X-Real-IP		$remote_addr;
+      proxy_pass       http://websoft9-proxy:81;
+      rewrite  ^/w9proxy/?(.*)$ /$1 break;
+      proxy_http_version 1.1;
+      proxy_redirect off;
+      proxy_set_header Upgrade $http_upgrade;
+      proxy_cache_bypass $http_upgrade;
+      proxy_set_header Connection $http_connection;
+      proxy_cache_bypass $http_secret_header;
+      proxy_set_header Accept-Encoding \"\";
+      add_header Pragma "no-cache";
+      add_header Cache-Control "no-cache";
+      if ($request_method = OPTIONS) {
+          return 204;
+      }
+      sub_filter '</head>' "<script>var tokens='$cookie_nginx_tokens';(tokens)?window.localStorage.setItem('nginx-proxy-manager-tokens', '[{\"t\":\"$cookie_nginx_tokens\",\"n\":\"$cookie_nginx_nikeName\"}]'):null;</script></head>";
+      # source changes
+      sub_filter 'href="/' 'href="/w9proxy/';
+      sub_filter 'src="/' 'src="/w9proxy/';
+      sub_filter '/api' '/w9proxy/api';
+      sub_filter '/assets' '/w9proxy/assets';
+      sub_filter '/js/' '/w9proxy/js/';
+      # script changes
+      sub_filter 'r.p="/' 'r.p="/w9proxy/';
+      sub_filter '"/login' '"/w9proxy/login';
+      sub_filter 'case"/logout"' 'case"/w9proxy/logout"';
+      sub_filter 'window.location="/"' 'window.location="/w9proxy/"';
+      sub_filter 'history.start({pushState:!0})' 'history.start({pushState:!0,root: "/w9proxy/"})';
+      sub_filter 'i.history.navigate(e.' 'i.history.navigate(e.replace("/w9proxy","").';
+      sub_filter_types *;
+      sub_filter_once off;
+    }
+
+
+  # proxy for Gitea
+  location /w9git/ {
+      proxy_pass http://websoft9-git:3000/;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_hide_header X-Frame-Options;
+      add_header 'Access-Control-Allow-Origin' '*';
+      add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+      add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
+      if ($request_method = OPTIONS) {
+          return 204;
+      }
+    }
+
+
+  location /apidocs/static {
+      proxy_pass       http://websoft9-apphub:8080/static;
+    }
+
+    location /apidocs/openapi.json {
+      proxy_pass       http://websoft9-apphub:8080/;
+    }
+
+  location /apidocs/ {
+      proxy_pass       http://websoft9-apphub:8080/redoc;
+      sub_filter 'src="/static' 'src="/apidocs/static';
+      sub_filter 'spec-url="/' 'spec-url="/apidocs/openapi.json';
+    }
+
 
   # Custom
   include /data/nginx/custom/server_proxy[.]conf;