From 5e13f7795e9fde3e444c3a4fb20a0726a18a9806 Mon Sep 17 00:00:00 2001 From: Teck Meng Date: Wed, 28 Feb 2024 14:28:19 +0800 Subject: [PATCH] Update environment variables and configurations --- .env | 13 ++++++++++--- README.md | 14 +++++++------- compose/traefik/traefik.yml | 24 +++++++++++++++++++++++- production.yml | 35 +++++++++++++++++++++++++++-------- 4 files changed, 67 insertions(+), 19 deletions(-) diff --git a/.env b/.env index 197f782..62bdcc7 100644 --- a/.env +++ b/.env @@ -1,12 +1,19 @@ # Environment variables for docker-compose.yml LOG_LEVEL="DEBUG" -NETWORK=web +NETWORK="web" ## dashboard configs HOST="furyhawk.lol" # subdomain for dashboard. DASHBOARD_HOST="dashboard.furyhawk.lol" +# log file path on host machine +LOG_PATH=./logs + +## TLS configs +CERT_PATH=./certs +ACME_PATH=./acme.json + # The following are the environment variables for the streamlit app FIN_LOCATION="/fin" STREAMLIT_FIN_SERVER_PORT="8501" @@ -14,8 +21,8 @@ BAI_LOCATION="/bai" STREAMLIT_BAI_SERVER_PORT="8502" # user/pass -DASHBOARD_USER=admin -DASHBOARD_PASSWORD=pass +DASHBOARD_USER="test" +DASHBOARD_PASSWORD="$apr1$2E4PEW8M$/wEgFNKX71h.YYMywV7WZ/" OSRM_ALGORITHM="mld" OSRM_THREADS=2 diff --git a/README.md b/README.md index 57b7a7c..86cbeaf 100644 --- a/README.md +++ b/README.md @@ -3,21 +3,21 @@ This simple project uses Traefik as a reverse proxy to a Streamlit application a ## Requirements - Docker Compose -- Python 3.9 +- Python 3.11 ## Local Deployment #### Python: -1. `cd src` -2. `pip install -r requirements.txt` -3. `streamlit run app.py` +1. `cd src` +2. `pip install -r requirements.txt` +3. `streamlit run app.py` #### Docker: -1. `sudo docker-compose -f local.yml up --build` +1. `docker compose -f local.yml up --build` ## Production Deployment -1. In `compose/traefik/traefik.yml`, change `example@test.com` to your email. +1. In `compose/traefik/traefik.yml`, change `example@test.com` to your email. 2. In `compose/traefik/traefik.yml`, change `example.com` to your domain. 3. `docker compose -f production.yml up --build -d --remove-orphans` ### Notes: -Feel free to make a PR or get in contact with me on Discord at yoyojoe#5510. + diff --git a/compose/traefik/traefik.yml b/compose/traefik/traefik.yml index 82a81ef..bdd631b 100644 --- a/compose/traefik/traefik.yml +++ b/compose/traefik/traefik.yml @@ -38,12 +38,18 @@ http: routers: dashboard: rule: "Host(`dashboard.furyhawk.lol`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" + entryPoints: + - web-secure service: api@internal middlewares: - auth tls: # https://docs.traefik.io/master/routing/routers/#certresolver certResolver: letsencrypt + domains: + - main: "furyhawk.lol" + sans: + - "*.furyhawk.lol" web-secure-router: rule: "Host(`furyhawk.lol`, `www.furyhawk.lol`, `bai.furyhawk.lol`) || PathPrefix(`/bai`)" @@ -56,6 +62,10 @@ http: tls: # https://docs.traefik.io/master/routing/routers/#certresolver certResolver: letsencrypt + domains: + - main: "furyhawk.lol" + sans: + - "*.furyhawk.lol" fin-router: rule: "Host(`fin.furyhawk.lol`)" entryPoints: @@ -67,6 +77,10 @@ http: tls: # https://docs.traefik.io/master/routing/routers/#certresolver certResolver: letsencrypt + domains: + - main: "furyhawk.lol" + sans: + - "*.furyhawk.lol" blog-router: rule: "Host(`blog.furyhawk.lol`)" entryPoints: @@ -91,12 +105,16 @@ http: tls: # https://docs.traefik.io/master/routing/routers/#certresolver certResolver: letsencrypt + domains: + - main: "furyhawk.lol" + sans: + - "*.furyhawk.lol" middlewares: auth: basicAuth: users: - - "test:$apr1$2E4PEW8M$/wEgFNKX71h.YYMywV7WZ/" + - ${DASHBOARD_USER}:${DASHBOARD_PASSWORD} csrf: # https://doc.traefik.io/traefik/middlewares/http/headers/#hostsproxyheaders # https://docs.djangoproject.com/en/dev/ref/csrf/#ajax @@ -141,3 +159,7 @@ providers: file: filename: /etc/traefik/traefik.yml watch: true + docker: + network: {{env "NETWORK"}} + exposedByDefault: true + endpoint: "unix:///var/run/docker.sock" diff --git a/production.yml b/production.yml index 4dcbe48..f951123 100644 --- a/production.yml +++ b/production.yml @@ -2,6 +2,8 @@ version: '3.7' x-environment: &default-environment LOG_LEVEL: "DEBUG" + LOG_PATH: "./logs" + ACME_PATH: "./acme.json" DASHBOARD_USER: ${DASHBOARD_USER} DASHBOARD_PASSWORD: ${DASHBOARD_PASSWORD} FIN_LOCATION: "/fin" @@ -9,9 +11,6 @@ x-environment: &default-environment BAI_LOCATION: "/bai" STREAMLIT_BAI_SERVER_PORT: "8502" -volumes: - production_traefik: {} - services: osrm-backend: environment: @@ -28,7 +27,10 @@ services: container_name: osrm_backend restart: always ports: - - ${OSRM_PORT}:${OSRM_PORT} + - ${OSRM_PORT:-5000}:${OSRM_PORT:-5000} + networks: + - net + - default streamlit-bai: environment: @@ -39,6 +41,9 @@ services: expose: - ${STREAMLIT_BAI_SERVER_PORT} command: streamlit run --server.port=$STREAMLIT_BAI_SERVER_PORT --server.address=0.0.0.0 --server.baseUrlPath=$BAI_LOCATION src/app.py + networks: + - net + - default streamlit-fin: environment: @@ -51,6 +56,9 @@ services: restart: always expose: - ${STREAMLIT_FIN_SERVER_PORT} + networks: + - net + - default command: streamlit run --server.port=$STREAMLIT_FIN_SERVER_PORT --server.address=0.0.0.0 --server.baseUrlPath=$FIN_LOCATION src/app.py traefik: @@ -60,9 +68,20 @@ services: context: . dockerfile: ./compose/traefik/Dockerfile image: traefik_production + container_name: traefik + retart: always volumes: - - production_traefik:/etc/traefik/acme:z - - /var/run/docker.sock:/var/run/docker.sock:ro + - "${LOG_PATH:-./logs}:/logs" + - "${ACME_PATH:-./acme.json}:/etc/traefik/acme/acme.json" + - "/var/run/docker.sock:/var/run/docker.sock:ro" + networks: + - net + - default ports: - - "0.0.0.0:80:80" - - "0.0.0.0:443:443" \ No newline at end of file + - "80:80" + - "443:443" + +networks: + net: + external: true + name: ${NETWORK:-web} \ No newline at end of file