From 7a566c97fdd1ad57bc5cadec92e9ad8aa2bbe622 Mon Sep 17 00:00:00 2001 From: "Aode (lion)" Date: Tue, 9 Nov 2021 16:21:37 -0500 Subject: [PATCH] Conduit --- conduit/Dockerfile | 55 +++++++++++++++++++++++++ conduit/build-image.sh | 37 +++++++++++++++++ conduit/deploy.sh | 67 +++++++++++++++++++++++++++++++ conduit/manifest.sh | 39 ++++++++++++++++++ conduit/root/opt/app/conduit.toml | 23 +++++++++++ 5 files changed, 221 insertions(+) create mode 100644 conduit/Dockerfile create mode 100755 conduit/build-image.sh create mode 100755 conduit/deploy.sh create mode 100755 conduit/manifest.sh create mode 100644 conduit/root/opt/app/conduit.toml diff --git a/conduit/Dockerfile b/conduit/Dockerfile new file mode 100644 index 0000000..cd5bfc7 --- /dev/null +++ b/conduit/Dockerfile @@ -0,0 +1,55 @@ +ARG REPO_ARCH=amd64 + +# cross-build environment +FROM asonix/rust-builder:$REPO_ARCH-latest AS builder + +ARG TAG=main +ARG BINARY=conduit +ARG PROJECT=conduit +ARG GIT_REPOSITORY=https://gitlab.com/famedly/$PROJECT + +ENV\ + BINARY=${BINARY} + +USER root +RUN \ + apt install git +USER build + +RUN \ + git clone $GIT_REPOSITORY $PROJECT + +WORKDIR /opt/build/$PROJECT + +RUN \ + git checkout $TAG && \ + rm rust-toolchain && \ + build + +# production environment +FROM asonix/rust-runner:$REPO_ARCH-latest + +ENV CONDUIT_CONFIG="/opt/app/conduit.toml" + +USER root + +RUN \ + apk add --no-cache \ + ca-certificates \ + curl \ + libgcc + +COPY --from=builder \ + /opt/build/binary \ + /usr/local/bin/conduit + +RUN \ + chown -R app:app /mnt + +COPY root/ / + +VOLUME /mnt +USER app +EXPOSE 8080 +ENTRYPOINT ["/sbin/tini", "--"] +CMD /usr/local/bin/conduit diff --git a/conduit/build-image.sh b/conduit/build-image.sh new file mode 100755 index 0000000..2782f1e --- /dev/null +++ b/conduit/build-image.sh @@ -0,0 +1,37 @@ +#!/usr/bin/env bash + +function require() { + if [ "$1" = "" ]; then + echo "input '$2' required" + print_help + exit 1 + fi +} + +function print_help() { + echo "deploy.sh" + echo "" + echo "Usage:" + echo " deploy.sh [repo] [tag] [arch]" + echo "" + echo "Args:" + echo " repo: The docker repository to publish the image" + echo " tag: The tag applied to the docker image" + echo " arch: The architecuture of the doker image" +} + +REPO=$1 +TAG=$2 +ARCH=$3 + +require "$REPO" repo +require "$TAG" tag +require "$ARCH" arch + +sudo docker build \ + --pull \ + --build-arg TAG=$TAG \ + --build-arg REPO_ARCH=$ARCH \ + -t $REPO:$ARCH-$TAG \ + -f Dockerfile \ + . diff --git a/conduit/deploy.sh b/conduit/deploy.sh new file mode 100755 index 0000000..9ea25e4 --- /dev/null +++ b/conduit/deploy.sh @@ -0,0 +1,67 @@ +#!/usr/bin/env bash + +function require() { + if [ "$1" = "" ]; then + echo "input '$2' required" + print_help + exit 1 + fi +} + +function print_help() { + echo "deploy.sh" + echo "" + echo "Usage:" + echo " deploy.sh [tag] [push]" + echo "" + echo "Args:" + echo " tag: The git tag to be applied to the repository and docker build" + echo " push: Whether or not to push the image" + echo "" + echo "Examples:" + echo " ./deploy.sh v0.2.0-r0 main true" + echo " ./deploy.sh v0.2.0-r0 asonix/shell-out false" +} + +function build_image() { + tag=$1 + arch=$2 + push=$3 + + ./build-image.sh asonix/conduit $tag $arch + + sudo docker tag asonix/conduit:$arch-$tag asonix/conduit:$arch-latest + + if [ "$push" == "true" ]; then + sudo docker push asonix/conduit:$arch-$tag + sudo docker push asonix/conduit:$arch-latest + fi +} + +# Creating the new tag +tag="$1" +push=$2 + +require "$tag" "tag" +require "$push" "push" + +if ! sudo docker run --rm -it arm64v8/alpine:3.11 /bin/sh -c 'echo "docker is configured correctly"' +then + echo "docker is not configured to run on qemu-emulated architectures, fixing will require sudo" + sudo docker run --rm --privileged multiarch/qemu-user-static --reset -p yes +fi + +set -xe + +# Build for arm64v8, arm32v7 and amd64 +build_image $tag arm64v8 $push +# build_image $tag arm32v7 $push +build_image $tag amd64 $push + +# Build for other archs +# TODO + +if [ "$push" == "true" ]; then + ./manifest.sh conduit $tag + ./manifest.sh conduit latest +fi diff --git a/conduit/manifest.sh b/conduit/manifest.sh new file mode 100755 index 0000000..e0ada69 --- /dev/null +++ b/conduit/manifest.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash + +function require() { + if [ "$1" = "" ]; then + echo "input '$2' required" + print_help + exit 1 + fi +} +function print_help() { + echo "deploy.sh" + echo "" + echo "Usage:" + echo " manifest.sh [repo] [tag]" + echo "" + echo "Args:" + echo " repo: The docker repository to update" + echo " tag: The git tag to be applied to the image manifest" +} + +REPO=$1 +TAG=$2 + +require "$REPO" "repo" +require "$TAG" "tag" + +set -xe + +sudo docker manifest create asonix/$REPO:$TAG \ + -a asonix/$REPO:arm64v8-$TAG \ + -a asonix/$REPO:amd64-$TAG + +sudo docker manifest annotate asonix/$REPO:$TAG \ + asonix/$REPO:arm64v8-$TAG --os linux --arch arm64 --variant v8 + +sudo docker manifest annotate asonix/$REPO:$TAG \ + asonix/$REPO:amd64-$TAG --os linux --arch amd64 + +sudo docker manifest push asonix/$REPO:$TAG --purge diff --git a/conduit/root/opt/app/conduit.toml b/conduit/root/opt/app/conduit.toml new file mode 100644 index 0000000..fe38fed --- /dev/null +++ b/conduit/root/opt/app/conduit.toml @@ -0,0 +1,23 @@ +[global] +# This is the only directory where Conduit will save its data +database_path = "/mnt/conduit_db" + +# The port Conduit will be running on. You need to set up a reverse proxy in +# your web server (e.g. apache or nginx), so all requests to /_matrix on port +# 443 and 8448 will be forwarded to the Conduit instance running on this port +port = 6167 + +# Max size for uploads +max_request_size = 40_000_000 # in bytes + +# Enables registration. If set to false, no users can register on this server. +allow_registration = true + +# Disable encryption, so no new encrypted rooms can be created +# Note: existing rooms will continue to work +allow_encryption = true +allow_federation = true + +trusted_servers = ["matrix.org"] + +address = "0.0.0.0"