From 6d942555ff75bf8bb3f9b686aa5f4af3d52063c7 Mon Sep 17 00:00:00 2001 From: Ariel Rin Date: Wed, 8 Nov 2023 21:11:38 +1000 Subject: [PATCH 1/7] add healthchecks --- docker/docker-compose.yml | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index b9f76866..4392b93c 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -46,11 +46,9 @@ services: - ./setup.sql:/docker-entrypoint-initdb.d/setup.sql environment: - MYSQL_ROOT_PASSWORD=${AA_DB_ROOT_PASSWORD?err} + - MARIADB_MYSQL_LOCALHOST_USER=1 healthcheck: - test: ["CMD", "mysqladmin", "-uroot", "-proot", "-h", "localhost", "ping"] - interval: 5s - timeout: 10s - retries: 3 + test: ["CMD", "healthcheck.sh", "--su=mysql", "--connect", "--innodb_initialized"] restart: unless-stopped nginx: @@ -68,6 +66,9 @@ services: restart: always volumes: - "redis-data:/data" + - ./conf/redis_healthcheck.sh:/redis_healthcheck.sh + healthcheck: + test: ["CMD", "redis_healthcheck.sh"] allianceauth_gunicorn: ports: @@ -124,21 +125,17 @@ services: GF_AUTH_DATABASE_PASSWORD: ${GRAFANA_DB_PASSWORD} proxy: - image: 'jc21/nginx-proxy-manager:latest' + image: jc21/nginx-proxy-manager:latest restart: always ports: - - '${PROXY_HTTP_PORT:-80}:80' - - '${PROXY_DASH_PORT:-81}:81' - - '${PROXY_HTTPS_PORT:-443}:443' - environment: - DB_MYSQL_HOST: "proxy-db" - DB_MYSQL_PORT: 3306 - DB_MYSQL_USER: "npm" - DB_MYSQL_PASSWORD: "${PROXY_MYSQL_PASS?err}" - DB_MYSQL_NAME: "npm" + - ${PROXY_HTTP_PORT:-80}:80 + - ${PROXY_DASH_PORT:-81}:81 + - ${PROXY_HTTPS_PORT:-443}:443 volumes: - proxy-data:/data - proxy-le:/etc/letsencrypt + healthcheck: + test: ["CMD", "/bin/check-health"] proxy-db: image: 'jc21/mariadb-aria:latest' From 59e47c24c2083dc7218601f964552f458e8f90ea Mon Sep 17 00:00:00 2001 From: Ariel Rin Date: Wed, 8 Nov 2023 21:19:36 +1000 Subject: [PATCH 2/7] loosen redis to 7 major (allow 7.2) --- docker/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 4392b93c..ce6569f4 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -61,7 +61,7 @@ services: - allianceauth_gunicorn redis: - image: redis:7.0 + image: redis:7 command: redis-server restart: always volumes: From 3d9200806997e0e8827b5193e8f8017ace105372 Mon Sep 17 00:00:00 2001 From: Ariel Rin Date: Wed, 8 Nov 2023 21:20:23 +1000 Subject: [PATCH 3/7] use SQLite by default, leave framework for mariadb backed npm --- docker/docker-compose.yml | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index ce6569f4..f6725995 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -131,24 +131,32 @@ services: - ${PROXY_HTTP_PORT:-80}:80 - ${PROXY_DASH_PORT:-81}:81 - ${PROXY_HTTPS_PORT:-443}:443 + # Uncomment this section to use a dedicated database for Nginx Proxy Manager + # environment: + # DB_MYSQL_HOST: "proxy-db" + # DB_MYSQL_PORT: 3306 + # DB_MYSQL_USER: "npm" + # DB_MYSQL_PASSWORD: "${PROXY_MYSQL_PASS?err}" + # DB_MYSQL_NAME: "npm" volumes: - proxy-data:/data - proxy-le:/etc/letsencrypt healthcheck: test: ["CMD", "/bin/check-health"] - proxy-db: - image: 'jc21/mariadb-aria:latest' - restart: always - environment: - MYSQL_ROOT_PASSWORD: "${PROXY_MYSQL_PASS_ROOT?err}" - MYSQL_DATABASE: 'npm' - MYSQL_USER: 'npm' - MYSQL_PASSWORD: "${PROXY_MYSQL_PASS?err}" - ports: - - 3306 - volumes: - - proxy-db:/var/lib/mysql + # Uncomment this section to use a dedicated database for Nginx Proxy Manager + # proxy-db: + # image: 'jc21/mariadb-aria:latest' + # restart: always + # environment: + # MYSQL_ROOT_PASSWORD: "${PROXY_MYSQL_PASS_ROOT?err}" + # MYSQL_DATABASE: 'npm' + # MYSQL_USER: 'npm' + # MYSQL_PASSWORD: "${PROXY_MYSQL_PASS?err}" + # ports: + # - 3306 + # volumes: + # - proxy-db:/var/lib/mysql volumes: redis-data: From 28fd1b07eaf698a036b2949feefd0f88584a7f67 Mon Sep 17 00:00:00 2001 From: Ariel Rin Date: Thu, 9 Nov 2023 18:12:36 +1000 Subject: [PATCH 4/7] add log rotation --- docker/docker-compose.yml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index f6725995..bdfcb25c 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -22,6 +22,11 @@ x-allianceauth-base: &allianceauth-base - auth_mysql working_dir: /home/allianceauth/myauth/ stop_grace_period: 10m + logging: + driver: "json-file" + options: + max-size: "10Mb" + max-file: "5" x-allianceauth-health-check: &allianceauth-health-checks healthcheck: @@ -50,6 +55,11 @@ services: healthcheck: test: ["CMD", "healthcheck.sh", "--su=mysql", "--connect", "--innodb_initialized"] restart: unless-stopped + logging: + driver: "json-file" + options: + max-size: "1Mb" + max-file: "5" nginx: image: nginx:1.25 @@ -59,6 +69,11 @@ services: - static-volume:/var/www/myauth/static depends_on: - allianceauth_gunicorn + logging: + driver: "json-file" + options: + max-size: "1Mb" + max-file: "5" redis: image: redis:7 @@ -69,6 +84,11 @@ services: - ./conf/redis_healthcheck.sh:/redis_healthcheck.sh healthcheck: test: ["CMD", "redis_healthcheck.sh"] + logging: + driver: "json-file" + options: + max-size: "1Mb" + max-file: "5" allianceauth_gunicorn: ports: @@ -123,6 +143,11 @@ services: environment: GF_INSTALL_PLUGINS: grafana-piechart-panel,grafana-clock-panel,grafana-simple-json-datasource GF_AUTH_DATABASE_PASSWORD: ${GRAFANA_DB_PASSWORD} + logging: + driver: "json-file" + options: + max-size: "1Mb" + max-file: "5" proxy: image: jc21/nginx-proxy-manager:latest @@ -143,6 +168,11 @@ services: - proxy-le:/etc/letsencrypt healthcheck: test: ["CMD", "/bin/check-health"] + logging: + driver: "json-file" + options: + max-size: "1Mb" + max-file: "5" # Uncomment this section to use a dedicated database for Nginx Proxy Manager # proxy-db: @@ -157,6 +187,11 @@ services: # - 3306 # volumes: # - proxy-db:/var/lib/mysql + # logging: + # driver: "json-file" + # options: + # max-size: "1Mb" + # max-file: "5" volumes: redis-data: From 18fec5f614de329958cd60462431912b4583a98b Mon Sep 17 00:00:00 2001 From: Ariel Rin Date: Thu, 9 Nov 2023 18:54:19 +1000 Subject: [PATCH 5/7] redis healthcheck script --- docker/conf/redis_healthcheck.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 docker/conf/redis_healthcheck.sh diff --git a/docker/conf/redis_healthcheck.sh b/docker/conf/redis_healthcheck.sh new file mode 100644 index 00000000..7cc6b609 --- /dev/null +++ b/docker/conf/redis_healthcheck.sh @@ -0,0 +1,10 @@ +#!/bin/bash +set -eo pipefail + +host="$(hostname -i || echo '127.0.0.1')" + +if ping="$(redis-cli -h "$host" ping)" && [ "$ping" = 'PONG' ]; then + exit 0 +fi + +exit 1 From 115263eb5a925934a2082fe50f6c2389063fa089 Mon Sep 17 00:00:00 2001 From: Ariel Rin Date: Thu, 9 Nov 2023 20:42:45 +1000 Subject: [PATCH 6/7] scale up logsizes --- docker/docker-compose.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index bdfcb25c..f8c65685 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -25,7 +25,7 @@ x-allianceauth-base: &allianceauth-base logging: driver: "json-file" options: - max-size: "10Mb" + max-size: "50Mb" max-file: "5" x-allianceauth-health-check: &allianceauth-health-checks @@ -58,7 +58,7 @@ services: logging: driver: "json-file" options: - max-size: "1Mb" + max-size: "10Mb" max-file: "5" nginx: @@ -72,7 +72,7 @@ services: logging: driver: "json-file" options: - max-size: "1Mb" + max-size: "10Mb" max-file: "5" redis: @@ -87,7 +87,7 @@ services: logging: driver: "json-file" options: - max-size: "1Mb" + max-size: "10Mb" max-file: "5" allianceauth_gunicorn: @@ -146,7 +146,7 @@ services: logging: driver: "json-file" options: - max-size: "1Mb" + max-size: "10Mb" max-file: "5" proxy: @@ -171,7 +171,7 @@ services: logging: driver: "json-file" options: - max-size: "1Mb" + max-size: "10Mb" max-file: "5" # Uncomment this section to use a dedicated database for Nginx Proxy Manager From cadbb7e61c1de16fe2bae61af6f2cdff841e90c5 Mon Sep 17 00:00:00 2001 From: Ariel Rin Date: Thu, 9 Nov 2023 20:43:12 +1000 Subject: [PATCH 7/7] correct redis healthcheck path --- docker/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index f8c65685..a4d73187 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -81,9 +81,9 @@ services: restart: always volumes: - "redis-data:/data" - - ./conf/redis_healthcheck.sh:/redis_healthcheck.sh + - ./conf/redis_healthcheck.sh:/usr/local/bin/redis_healthcheck.sh healthcheck: - test: ["CMD", "redis_healthcheck.sh"] + test: ["CMD", "bash", "/usr/local/bin/redis_healthcheck.sh"] logging: driver: "json-file" options: