diff --git a/.env b/.env index 0840d25b..3648159b 100644 --- a/.env +++ b/.env @@ -5,8 +5,6 @@ DB_PORT=3306 SENTRY_DSN= -CAMPUS_API_TOKEN= - SMTP_PASSWORD= SMTP_URL= SMTP_FROM= diff --git a/README.md b/README.md index 417e8062..2d8906c4 100644 --- a/README.md +++ b/README.md @@ -76,9 +76,9 @@ There are a few environment variables available: ## Running the Server (Docker) ```bash -docker compose up -d +docker compose -f docker-compose.local.yml up -d ``` -The docker compose will start the server and a mariadb instance. +The docker compose will start the server and a mariadb instance (=> without the grpc-web layer and without routing/certificates to worry about) The server will be available at `localhost:50051` and the mariadb instance at `localhost:3306`. Additionally, docker creates the volume `campus-db-data` to persist the data of the mariadb instances. diff --git a/deployment/charts/backend/files/envoy.yaml b/config/envoy.yaml similarity index 98% rename from deployment/charts/backend/files/envoy.yaml rename to config/envoy.yaml index b81cf80d..ae42d40e 100644 --- a/deployment/charts/backend/files/envoy.yaml +++ b/config/envoy.yaml @@ -55,5 +55,5 @@ static_resources: - endpoint: address: socket_address: - address: localhost + address: backend-v2 port_value: 50051 diff --git a/deployment/charts/backend/templates/deployments/backend-v2.yaml b/deployment/charts/backend/templates/deployments/backend-v2.yaml index cce6c705..45937580 100644 --- a/deployment/charts/backend/templates/deployments/backend-v2.yaml +++ b/deployment/charts/backend/templates/deployments/backend-v2.yaml @@ -53,11 +53,6 @@ spec: secretKeyRef: name: backend-api-keys key: SENTRY_DSN - - name: CAMPUS_API_TOKEN - valueFrom: - secretKeyRef: - name: backend-api-keys - key: CAMPUS_API_TOKEN - name: SMTP_PASSWORD valueFrom: secretKeyRef: @@ -132,8 +127,6 @@ spec: ports: - containerPort: 8081 name: http - - containerPort: 9901 - name: admin volumeMounts: - mountPath: /etc/envoy/envoy.yaml subPath: envoy.yaml @@ -163,7 +156,6 @@ metadata: app.kubernetes.io/name: backend-v2 data: OMDB_API_KEY: {{ $.Values.backend.omdbApiKey | b64enc }} - CAMPUS_API_TOKEN: {{ $.Values.backend.campusApiToken | b64enc }} SENTRY_DSN: {{ $.Values.backend.sentry.dsn | b64enc }} SMTP_PASSWORD: {{ $.Values.backend.smtp.password | b64enc }} SMTP_URL: {{ $.Values.backend.smtp.url | b64enc }} diff --git a/docker-compose.yaml b/docker-compose.local.yml similarity index 55% rename from docker-compose.yaml rename to docker-compose.local.yml index df847654..36108ee4 100644 --- a/docker-compose.yaml +++ b/docker-compose.local.yml @@ -1,36 +1,36 @@ services: backend: - image: ghcr.io/tum-dev/campus-backend/backend-server:latest - restart: always build: context: server/ args: version: dev # compiled with the git sha in prod + restart: always ports: - - 50051:50051 + - "50051:50051" environment: + - ENVIRONMENT=${ENVIRONMENT:-dev} - DB_DSN=root:${DB_ROOT_PASSWORD}@tcp(db:${DB_PORT:-3306})/${DB_NAME}?charset=utf8mb4&parseTime=True&loc=Local - DB_NAME=${DB_NAME} - - ENVIRONMENT=dev - SENTRY_DSN=${SENTRY_DSN} - OMDB_API_KEY=${OMDB_API_KEY} - - CAMPUS_API_TOKEN=${CAMPUS_API_TOKEN} - SMTP_PASSWORD=${SMTP_PASSWORD} - SMTP_URL=${SMTP_URL:-postout.lrz.de} - SMTP_USERNAME=${SMTP_USERNAME:-bot@tum.app} - SMTP_FROM=${SMTP_FROM:-bot@tum.app} - SMTP_PORT=${SMTP_PORT:-587} + - MensaCronDisabled=true + user: 1000:3000 + read_only: true volumes: - backend-storage:/Storage - user: 1000:3000 depends_on: db: condition: service_healthy - db: image: bitnami/mariadb:latest + restart: unless-stopped ports: - - ${DB_PORT:-3306}:3306 + - "${DB_PORT:-3306}:3306" environment: - MARIADB_ROOT_PASSWORD=${DB_ROOT_PASSWORD} - MARIADB_DATABASE=${DB_NAME} @@ -43,35 +43,6 @@ services: interval: 15s timeout: 5s retries: 6 - # The following code can be used to test the envoy proxy locally - # The reason why this is commented out is that this working requires the following change: - # - # ./deployment/charts/backend/files/envoy.yaml - # socket_address: - # - address: localhost - # + address: backend - # port_value: 50051 - # - #grpc-web: - # image: envoyproxy/envoy:v1.27-latest - # restart: always - # command: - # - /docker-entrypoint.sh - # - --config-path - # - /etc/envoy/envoy.yaml - # - --service-cluster - # - backend-v2 - # - --service-node - # - backend-v2 - # - --log-level - # - info - # ports: - # - 8081:8081 - # - 9901:9901 - # volumes: - # - ./deployment/charts/backend/files/envoy.yaml:/etc/envoy/envoy.yaml - # depends_on: - # - backend volumes: campus-db-data: diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 00000000..4126acc1 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,99 @@ +services: + backend: + image: ghcr.io/tum-dev/campus-backend/backend-server:main + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.routers.backend.entrypoints=webs" + - "traefik.http.routers.backend.tls.certresolver=leacme" + - "traefik.http.routers.backend.rule=Host(`api.tum.app`)" + - "traefik.http.services.backend.loadbalancer.server.port=50051" + + - "traefik.http.routers.backend_h2.entrypoints=webs" + - "traefik.http.routers.backend_h2.tls.certresolver=leacme" + - "traefik.http.routers.backend_h2.rule=Host(`api-grpc.tum.app`) && Headers(`Content-Type`, `application/grpc`)" + - "traefik.http.routers.backend_h2.scheme=h2c" + - "traefik.http.services.backend_h2.loadbalancer.server.port=50051" + networks: + - traefik_traefik + - campus_db + expose: + - "50051" + environment: + - ENVIRONMENT=${ENVIRONMENT:-dev} + - DB_DSN=root:${DB_ROOT_PASSWORD}@tcp(db:3306)/${DB_NAME}?charset=utf8mb4&parseTime=True&loc=Local + - DB_NAME=${DB_NAME} + - SENTRY_DSN=${SENTRY_DSN} + - OMDB_API_KEY=${OMDB_API_KEY} + - SMTP_PASSWORD=${SMTP_PASSWORD} + - SMTP_URL=${SMTP_URL:-postout.lrz.de} + - SMTP_USERNAME=${SMTP_USERNAME:-bot@tum.app} + - SMTP_FROM=${SMTP_FROM:-bot@tum.app} + - SMTP_PORT=${SMTP_PORT:-587} + - MensaCronDisabled=true + volumes: + - backend-storage:/Storage + user: 1000:3000 + read_only: true + depends_on: + db: + condition: service_healthy + db: + image: bitnami/mariadb:latest + restart: unless-stopped + networks: + - campus_db + expose: + - 3306 + environment: + - MARIADB_ROOT_PASSWORD=${DB_ROOT_PASSWORD} + - MARIADB_DATABASE=${DB_NAME} + - MARIADB_CHARACTER_SET=utf8mb4 + - MARIADB_COLLATE=utf8mb4_unicode_ci + volumes: + - campus-db-data:/bitnami/mariadb + healthcheck: + test: ['CMD', '/opt/bitnami/scripts/mariadb/healthcheck.sh'] + interval: 15s + timeout: 5s + retries: 6 + grpc-web: + image: envoyproxy/envoy:v1.27-latest + restart: unless-stopped + networks: + - traefik_traefik + command: + - /docker-entrypoint.sh + - --config-path + - /etc/envoy/envoy.yaml + - --service-cluster + - backend + - --service-node + - backend + - --log-level + - info + expose: + - "8081" + #- "9901" # admin interface, not very useful + labels: + - "traefik.enable=true" + - "traefik.http.routers.grpc-web.entrypoints=webs" + - "traefik.http.routers.grpc-web.tls.certresolver=leacme" + - "traefik.http.routers.grpc-web.rule=Host(`api.tum.app`)" + - "traefik.http.services.grpc-web.loadbalancer.server.port=8081" + volumes: + - ./config/envoy.yaml:/etc/envoy/envoy.yaml:ro + depends_on: + backend: + condition: service_healthy + +volumes: + campus-db-data: + driver: local + backend-storage: + driver: local + +networks: + campus_db: + traefik_traefik: + external: true