From 871dfe045b2971007f5977883ba9a19c70711441 Mon Sep 17 00:00:00 2001
From: Benjamin Kiah Stroud <32469930+bkiahstroud@users.noreply.github.com>
Date: Wed, 22 May 2024 15:24:14 -0700
Subject: [PATCH] copy unmodified Docker files from Manifold repos
Sources:
- https://github.com/ManifoldScholar/manifold-docker-compose/tree/v8.1.1
- docker-compose.yml
- environment/*
- https://github.com/ManifoldScholar/manifold-docker-build/tree/v8.1.1
- dockerfiles/*
---
docker-compose.yml | 94 +++++++++++++++
dockerfiles/manifold-api-dev/Dockerfile | 18 +++
.../manifold-api-dev/scripts/start-and-run | 19 +++
dockerfiles/manifold-api/Dockerfile | 19 +++
.../manifold-api/scripts/start-and-run | 19 +++
dockerfiles/manifold-client/Dockerfile | 5 +
dockerfiles/manifold-nginx/Dockerfile | 16 +++
.../manifold-nginx/config/default.conf | 111 ++++++++++++++++++
.../includes/manifold-client-local | 0
.../includes/manifold-server-local | 0
.../scripts/install-self-signed-cert | 26 ++++
.../manifold-nginx/scripts/start-nginx | 6 +
environment/manifold.env | 30 +++++
environment/rails.env | 7 ++
14 files changed, 370 insertions(+)
create mode 100644 docker-compose.yml
create mode 100644 dockerfiles/manifold-api-dev/Dockerfile
create mode 100755 dockerfiles/manifold-api-dev/scripts/start-and-run
create mode 100644 dockerfiles/manifold-api/Dockerfile
create mode 100755 dockerfiles/manifold-api/scripts/start-and-run
create mode 100644 dockerfiles/manifold-client/Dockerfile
create mode 100644 dockerfiles/manifold-nginx/Dockerfile
create mode 100644 dockerfiles/manifold-nginx/config/default.conf
create mode 100644 dockerfiles/manifold-nginx/includes/manifold-client-local
create mode 100644 dockerfiles/manifold-nginx/includes/manifold-server-local
create mode 100755 dockerfiles/manifold-nginx/scripts/install-self-signed-cert
create mode 100755 dockerfiles/manifold-nginx/scripts/start-nginx
create mode 100644 environment/manifold.env
create mode 100644 environment/rails.env
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000000..da59000143
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,94 @@
+# Copied from github.com/ManifoldScholar/manifold-docker-compose (v8.1.1)
+version: "3"
+services:
+ postgres:
+ image: postgres:11-alpine
+ volumes:
+ - ./data/postgres:/var/lib/postgresql/data
+ environment:
+ POSTGRES_DB: 'manifold_production'
+ POSTGRES_HOST_AUTH_METHOD: 'trust'
+ networks:
+ - network1
+ elasticsearch:
+ image: docker.elastic.co/elasticsearch/elasticsearch:5.6.7
+ environment:
+ ES_JAVA_OPTS: "-Xms512m -Xmx512m"
+ xpack.security.enabled: 'false'
+ networks:
+ - network1
+ redis:
+ image: redis:alpine
+ volumes:
+ - ./data/redis:/data
+ networks:
+ - network1
+ api_cable:
+ image: manifoldscholarship/manifold-api:${MANIFOLD_TAG}
+ volumes:
+ - ./data/api/public:/opt/manifold/api/public
+ - ./data/sockets:/manifold_sockets
+ env_file:
+ - ./environment/manifold.env
+ networks:
+ - network1
+ command: ["./start-and-run", "bin/cable"]
+ api_clockwork:
+ image: manifoldscholarship/manifold-api:${MANIFOLD_TAG}
+ volumes:
+ - ./data/api/public:/opt/manifold/api/public
+ - ./data/sockets:/manifold_sockets
+ env_file:
+ - ./environment/manifold.env
+ - ./environment/rails.env
+ networks:
+ - network1
+ command: ["./start-and-run", "bin/zhong zhong.rb"]
+ api_rails:
+ image: manifoldscholarship/manifold-api:${MANIFOLD_TAG}
+ volumes:
+ - ./data/api/public:/opt/manifold/api/public
+ - ./data/sockets:/manifold_sockets
+ env_file:
+ - ./environment/manifold.env
+ command: ["./start-and-run", "bin/puma -C config/puma.rb"]
+ networks:
+ - network1
+ api_sidekiq:
+ image: manifoldscholarship/manifold-api:${MANIFOLD_TAG}
+ volumes:
+ - ./data/api/public:/opt/manifold/api/public
+ - ./data/sockets:/manifold_sockets
+ env_file:
+ - ./environment/manifold.env
+ networks:
+ - network1
+ command: ["./start-and-run", "bin/sidekiq"]
+ client:
+ image: manifoldscholarship/manifold-client:${MANIFOLD_TAG}
+ env_file:
+ - ./environment/manifold.env
+ volumes:
+ - ./data/api/public:/opt/manifold/api/public
+ - ./data/sockets:/manifold_sockets
+ command: yarn run start-docker
+ networks:
+ - network1
+ proxy:
+ image: manifoldscholarship/manifold-nginx:${MANIFOLD_TAG}
+ volumes:
+ - ./data/nginx/ssl:/etc/nginx/ssl
+ - ./data/api/public:/opt/manifold/api/public
+ - ./data/sockets:/manifold_sockets
+ ports:
+ - "4000:80"
+ - "4001:443"
+ command: ["start-nginx"]
+ networks:
+ - network1
+#volumes:
+# manifold_data:
+# manifold_sockets:
+
+networks:
+ network1:
diff --git a/dockerfiles/manifold-api-dev/Dockerfile b/dockerfiles/manifold-api-dev/Dockerfile
new file mode 100644
index 0000000000..51a72b7400
--- /dev/null
+++ b/dockerfiles/manifold-api-dev/Dockerfile
@@ -0,0 +1,18 @@
+FROM ruby:2.7.8
+RUN apt-get -o Acquire::Check-Valid-Until=false update
+RUN apt-get install -y libicu-dev postgresql-client nano curl software-properties-common ghostscript
+
+# We need Node and Mammoth for Word text ingestion
+RUN curl -sL https://deb.nodesource.com/setup_16.x | bash -
+RUN apt-get install -y nodejs
+RUN npm install -g mammoth@^1.4.16
+
+RUN sed -i '//d' \
+ /etc/ImageMagick-6/policy.xml
+
+COPY manifold-src /opt/manifold
+WORKDIR /opt/manifold/api
+ENV RAILS_LOG_TO_STDOUT=1
+RUN gem install bundler:2.2.19
+RUN bundle install
+COPY dockerfiles/manifold-api/scripts/start-and-run /opt/manifold/api/start-and-run
diff --git a/dockerfiles/manifold-api-dev/scripts/start-and-run b/dockerfiles/manifold-api-dev/scripts/start-and-run
new file mode 100755
index 0000000000..3e20290783
--- /dev/null
+++ b/dockerfiles/manifold-api-dev/scripts/start-and-run
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+# start-and-run [...]
+set -e
+
+CMD="$@"
+
+# Wait for PostgreSQL
+until psql -h ${RAILS_DB_HOST} -U ${RAILS_DB_USER} -c '\q'; do
+ >&2 echo "Postgres is unavailable - sleeping"
+ sleep 1
+done
+
+>&2 echo "Postgres is up - executing command"
+
+# Setup PostgreSQL Database
+bin/rails db:migrate && bin/rails db:seed
+
+# Run additional command(s) added to docker-compose.yml
+exec ${CMD}
\ No newline at end of file
diff --git a/dockerfiles/manifold-api/Dockerfile b/dockerfiles/manifold-api/Dockerfile
new file mode 100644
index 0000000000..45b5edcd19
--- /dev/null
+++ b/dockerfiles/manifold-api/Dockerfile
@@ -0,0 +1,19 @@
+FROM ruby:2.7.8
+RUN apt-get -o Acquire::Check-Valid-Until=false update
+RUN apt-get install -y libicu-dev postgresql-client nano curl software-properties-common ghostscript
+
+# We need Node and Mammoth for Word text ingestion
+RUN curl -sL https://deb.nodesource.com/setup_16.x | bash -
+RUN apt-get install -y nodejs
+RUN npm install -g mammoth@^1.4.16
+ENV MAMMOTH_PATH=/usr/lib/node_modules/mammoth/bin/mammoth
+
+RUN sed -i '//d' \
+ /etc/ImageMagick-6/policy.xml
+
+COPY manifold-src/api /opt/manifold/api
+WORKDIR /opt/manifold/api
+ENV RAILS_LOG_TO_STDOUT=1
+RUN gem install bundler:2.2.17
+RUN bundle install
+COPY dockerfiles/manifold-api/scripts/start-and-run /opt/manifold/api/start-and-run
diff --git a/dockerfiles/manifold-api/scripts/start-and-run b/dockerfiles/manifold-api/scripts/start-and-run
new file mode 100755
index 0000000000..3e20290783
--- /dev/null
+++ b/dockerfiles/manifold-api/scripts/start-and-run
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+# start-and-run [...]
+set -e
+
+CMD="$@"
+
+# Wait for PostgreSQL
+until psql -h ${RAILS_DB_HOST} -U ${RAILS_DB_USER} -c '\q'; do
+ >&2 echo "Postgres is unavailable - sleeping"
+ sleep 1
+done
+
+>&2 echo "Postgres is up - executing command"
+
+# Setup PostgreSQL Database
+bin/rails db:migrate && bin/rails db:seed
+
+# Run additional command(s) added to docker-compose.yml
+exec ${CMD}
\ No newline at end of file
diff --git a/dockerfiles/manifold-client/Dockerfile b/dockerfiles/manifold-client/Dockerfile
new file mode 100644
index 0000000000..04075f4976
--- /dev/null
+++ b/dockerfiles/manifold-client/Dockerfile
@@ -0,0 +1,5 @@
+FROM node:16.16.0
+COPY manifold-src/client /opt/manifold/client
+WORKDIR /opt/manifold/client
+RUN yarn install
+RUN cat /dev/null > /opt/manifold/client/dist/manifold/ssr/ssr.config.js
diff --git a/dockerfiles/manifold-nginx/Dockerfile b/dockerfiles/manifold-nginx/Dockerfile
new file mode 100644
index 0000000000..2bf04eec23
--- /dev/null
+++ b/dockerfiles/manifold-nginx/Dockerfile
@@ -0,0 +1,16 @@
+FROM nginx:1.25
+
+RUN apt-get -o Acquire::Check-Valid-Until=false update
+RUN apt-get install -y openssl
+
+COPY dockerfiles/manifold-nginx/config/default.conf /etc/nginx/conf.d/default.conf
+
+COPY dockerfiles/manifold-nginx/includes/manifold-client-local /etc/nginx/includes/manifold-client-local
+COPY dockerfiles/manifold-nginx/includes/manifold-server-local /etc/nginx/includes/manifold-server-local
+
+COPY dockerfiles/manifold-nginx/scripts/install-self-signed-cert /usr/local/bin/install-self-signed-cert
+COPY dockerfiles/manifold-nginx/scripts/start-nginx /usr/local/bin/start-nginx
+
+VOLUME ["/manifold_sockets","/manifold_data"]
+
+EXPOSE 80 443
diff --git a/dockerfiles/manifold-nginx/config/default.conf b/dockerfiles/manifold-nginx/config/default.conf
new file mode 100644
index 0000000000..5c6c448863
--- /dev/null
+++ b/dockerfiles/manifold-nginx/config/default.conf
@@ -0,0 +1,111 @@
+upstream manifold_api {
+ server unix:/manifold_sockets/manifold-api;
+ }
+
+ upstream manifold_cable {
+ server unix:/manifold_sockets/manifold-cable;
+ }
+
+ upstream manifold_client {
+ server unix:/manifold_sockets/manifold-client;
+ }
+
+server {
+ listen 80;
+ listen 443 ssl;
+ root /opt/manifold/client/dist/build/client/build;
+
+ ssl_certificate /etc/nginx/ssl/manifold.crt;
+ ssl_certificate_key /etc/nginx/ssl/manifold.key;
+ ssl_session_timeout 1d;
+ ssl_session_cache shared:SSL:50m;
+ ssl_session_tickets off;
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256;
+ ssl_ecdh_curve secp384r1;
+ ssl_prefer_server_ciphers on;
+
+ add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";
+ add_header X-Frame-Options DENY;
+ add_header X-Content-Type-Options nosniff;
+
+ include includes/manifold-server-local;
+
+ client_max_body_size 100M;
+ client_body_timeout 600s;
+ proxy_send_timeout 600s;
+ proxy_read_timeout 600s;
+
+ error_page 500 502 503 504 /50x.html;
+
+ location = /50x.html {
+ root /opt/manifold/client/dist/build/client/build/static;
+ }
+
+ location /api {
+
+ location ~ ^/(api/static|api/sidekiq/images|api/sidekiq/stylesheets|api/sidekiq/javascripts)/ {
+ root /opt/manifold/api/public;
+ }
+
+ proxy_set_header X-Forwarded-Host $http_host;
+ proxy_set_header X-Forwarded-For $remote_addr;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Forwarded-Port $server_port;
+ proxy_set_header X-Sendfile-Type X-Accel-Redirect;
+ proxy_set_header X-Accel-Mapping /opt/manifold/api/public=/__send_file_accel/;
+ proxy_pass http://manifold_api;
+ }
+
+ location /__send_file_accel {
+ internal;
+ alias /opt/manifold/api/public;
+ }
+
+ location /system {
+ root /opt/manifold/api/public;
+ }
+
+ location /auth {
+ proxy_set_header X-Forwarded-Host $http_host;
+ proxy_set_header X-Forwarded-For $remote_addr;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Forwarded-Port $server_port;
+ proxy_pass http://manifold_api;
+ }
+
+ location /cable {
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "Upgrade";
+ proxy_set_header X-Forwarded-Host $http_host;
+ proxy_set_header X-Forwarded-For $remote_addr;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Forwarded-Port $server_port;
+ proxy_pass http://manifold_cable;
+ }
+
+ location / {
+
+ include includes/manifold-client-local;
+
+ proxy_set_header X-Forwarded-Host $http_host;
+ proxy_set_header X-Forwarded-For $remote_addr;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Forwarded-Port $server_port;
+
+ if (-f $request_filename/index.html) {
+ rewrite (.*) $1/index.html break;
+ }
+
+ if (-f $request_filename.html) {
+ rewrite (.*) $1.html break;
+ }
+
+ if (!-f $request_filename) {
+ proxy_pass http://manifold_client;
+ break;
+ }
+ }
+}
diff --git a/dockerfiles/manifold-nginx/includes/manifold-client-local b/dockerfiles/manifold-nginx/includes/manifold-client-local
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/dockerfiles/manifold-nginx/includes/manifold-server-local b/dockerfiles/manifold-nginx/includes/manifold-server-local
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/dockerfiles/manifold-nginx/scripts/install-self-signed-cert b/dockerfiles/manifold-nginx/scripts/install-self-signed-cert
new file mode 100755
index 0000000000..35f2555abf
--- /dev/null
+++ b/dockerfiles/manifold-nginx/scripts/install-self-signed-cert
@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+LOCATION="Portland"
+COUNTRY="US"
+STATE="Oregon"
+ORGANIZATION="Manifold Scholarship"
+UNIT="Web"
+COMMONNAME="127.0.0.1"
+KEYNAME="manifold"
+DIR="/etc/nginx/ssl"
+SUBJECT="/C=${COUNTRY}/ST=${STATE}/L=${LOCATION}/O=${ORGANIZATION}/OU=${UNIT}/CN=${COMMONNAME}"
+CERTPATH="${DIR}/${KEYNAME}.crt"
+KEYPATH="${DIR}/${KEYNAME}.key"
+
+
+if [ -f $CERTPATH ]; then
+ exit
+fi
+
+if [ -f $KEYPATH ]; then
+ exit
+fi
+
+mkdir -p $DIR
+echo "Creating self-signed certificate..."
+openssl req -new -newkey rsa:2048 -x509 -sha256 -days 730 -nodes -out $CERTPATH -keyout $KEYPATH -subj "${SUBJECT}"
diff --git a/dockerfiles/manifold-nginx/scripts/start-nginx b/dockerfiles/manifold-nginx/scripts/start-nginx
new file mode 100755
index 0000000000..abe15d1646
--- /dev/null
+++ b/dockerfiles/manifold-nginx/scripts/start-nginx
@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+set -e
+
+install-self-signed-cert
+echo "Starting Nginx..."
+nginx -g 'daemon off;'
\ No newline at end of file
diff --git a/environment/manifold.env b/environment/manifold.env
new file mode 100644
index 0000000000..100f58d61e
--- /dev/null
+++ b/environment/manifold.env
@@ -0,0 +1,30 @@
+##########################################################################################
+# Manifold Service Configuration
+##########################################################################################
+
+DOMAIN=127.0.0.1:4000
+
+CLIENT_BROWSER_API_URL=http://127.0.0.1:4000
+CLIENT_BROWSER_API_CABLE_URL=http://127.0.0.1:4000/cable
+
+SSL_ENABLED=false
+
+API_PORT=3020
+API_SOCKET=/manifold_sockets/manifold-api
+API_CABLE_SOCKET=/manifold_sockets/manifold-cable
+
+CLIENT_SERVER_SOCKET=/manifold_sockets/manifold-client
+CLIENT_SERVER_API_URL=http://api_rails:3020
+NODE_ENV=production
+
+ELASTICSEARCH_URL=http://elasticsearch:9200
+
+CLIENT_SERVER_PROXIES=true
+RAILS_ENV=production
+RAILS_SECRET_KEY=6234a9eada2709680e0db091d48fe7973f6eb23f413d9b5c2b9d17149c9e38e7309a897b6a5231297b89ac6d3c7494d40c7d6454f342c04f8743482f610016aa
+RAILS_DB_USER=postgres
+RAILS_DB_PASS=
+RAILS_DB_HOST=postgres
+RAILS_DB_PORT=5432
+RAILS_DB_NAME=manifold_production
+RAILS_REDIS_URL=redis://redis:6379
diff --git a/environment/rails.env b/environment/rails.env
new file mode 100644
index 0000000000..6cebc44688
--- /dev/null
+++ b/environment/rails.env
@@ -0,0 +1,7 @@
+RAILS_DB_USER=postgres
+RAILS_DB_PASS=
+RAILS_DB_HOST=postgres
+RAILS_DB_PORT=5432
+RAILS_DB_NAME=manifold_production
+RAILS_REDIS_URL=redis://redis:6379
+SERVER_PORT=4000