Skip to content

Commit

Permalink
feat(chaotic-backend): move to its own, not resource restricted conta…
Browse files Browse the repository at this point in the history 
…iner
  • Loading branch information
@dr460nf1r3
dr460nf1r3 committed Jan 3, 2025
1 parent 3d2b622 commit c1bf518
Show file tree
Hide file tree
Showing 7 changed files with 66 additions and 43 deletions.
32 changes: 32 additions & 0 deletions docker-compose/chaotic-backend/docker-compose.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
---
services:
chaotic-backend:
image: ghcr.io/chaotic-cx/chaotic-next:main
container_name: chaotic-backend
deploy:
restart_policy:
condition: always
delay: 30s
environment:
AUTH0_AUDIENCE: http://localhost:3000/auth/auth0
AUTH0_CLIENT_ID: ${AUTH0_CLIENT_ID:-?err}
AUTH0_CLIENT_SECRET: ${AUTH0_CLIENT_SECRET:-?err}
AUTH0_DOMAIN: ${AUTH0_DOMAIN:-?err}
CAUR_DB_KEY: ${CAUR_DB_KEY:-?err}
CAUR_GITLAB_ID_CAUR: 54867625
CAUR_GITLAB_ID_GARUDA: 48461689
CAUR_GITLAB_TOKEN: ${GITLAB_TOKEN_CX:-?err}
CAUR_GITLAB_WEBHOOK_TOKEN: ${CAUR_GITLAB_WEBHOOK_TOKEN:-?err}
CAUR_JWT_SECRET: ${CAUR_JWT_SECRET:-?err}
CAUR_TRUST_PROXY: 172.18.0.1
CAUR_USERS: ${CAUR_USERS:-?err}
NODE_ENV: production
PG_DATABASE: chaotic-aur
PG_HOST: 10.0.5.50
PG_PASSWORD: ${PG_PASSWORD:-?err}
PG_USER: chaotic-aur
REDIS_PASSWORD: ${REDIS_PASSWORD:-?err}
REDIS_SSH_HOST: 10.0.5.140
REDIS_SSH_USER: package-deployer
ports: [3000:3000]
volumes: [./sshkey:/app/sshkey]
42 changes: 1 addition & 41 deletions docker-compose/chaotic-v4/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -140,45 +140,6 @@ services:
extra_hosts: [host.docker.internal:host-gateway]
ports: [127.0.0.1:8080:8080, 127.0.0.1:3030:3030]

# Metadata for the Chaotic website
chaotic-backend:
image: ghcr.io/chaotic-cx/chaotic-next:main
container_name: chaotic-backend
deploy:
restart_policy:
condition: always
delay: 60s
environment:
AUTH0_AUDIENCE: http://localhost:3000/auth/auth0
AUTH0_CLIENT_ID: ${AUTH0_CLIENT_ID:-?err}
AUTH0_CLIENT_SECRET: ${AUTH0_CLIENT_SECRET:-?err}
AUTH0_DOMAIN: ${AUTH0_DOMAIN:-?err}
CAUR_AUTO_COMMIT_AUTHOR: [email protected]
CAUR_DB_KEY: ${CAUR_DB_KEY:-?err}
CAUR_DEPLOY_LOG_ID: '-1001402311166'
CAUR_GITLAB_ID_CAUR: 54867625
CAUR_GITLAB_ID_GARUDA: 48461689
CAUR_GITLAB_TOKEN: ${GITLAB_TOKEN_CX:-?err}
CAUR_GITLAB_WEBHOOK_TOKEN: ${CAUR_GITLAB_WEBHOOK_TOKEN:-?err}
CAUR_JWT_SECRET: ${CAUR_JWT_SECRET:-?err}
CAUR_NEWS_ID: '-1001293714071'
CAUR_TRUST_PROXY: 172.18.0.1
CAUR_USERS: ${CAUR_USERS:-?err}
NODE_ENV: production
PG_DATABASE: chaotic-aur
PG_HOST: 10.0.5.50
PG_PASSWORD: ${PG_PASSWORD:-?err}
PG_USER: chaotic-aur
REDIS_PASSWORD: ${REDIS_PASSWORD:-?err}
REDIS_SSH_HOST: host.docker.internal
REDIS_SSH_USER: package-deployer
TELEGRAM_API_HASH: ${TELEGRAM_API_HASH:-?err}
TELEGRAM_API_ID: ${TELEGRAM_API_ID:-?err}
TELEGRAM_DB_ENCRYPTION_KEY: ${TELEGRAM_DB_ENCRYPTION_KEY:-?err}
ports: [127.0.0.1:3000:3000]
extra_hosts: [host.docker.internal:host-gateway]
volumes: [./tdlib:/app/tdlib, ./sshkey:/app/sshkey]

# Automated container updates
watchtower:
image: containrrr/watchtower:latest
Expand All @@ -187,6 +148,5 @@ services:
restart_policy:
condition: always
delay: 60s
command: --cleanup chaotic-builder chaotic-builder-2 chaotic-manager watchtower
caur-backend --interval 3600
command: --cleanup chaotic-builder chaotic-builder-2 chaotic-manager watchtower --interval 3600
volumes: [/var/run/docker.sock:/var/run/docker.sock]
13 changes: 13 additions & 0 deletions nixos/hosts/chaotic-backend.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{ garuda-lib
, sources
, ...
}: {
imports = sources.defaultModules ++ [ ../modules ];

services.docker-compose-runner.chaotic-backend = {
envfile = garuda-lib.secrets.docker-compose.chaotic-backend;
source = ../../docker-compose/chaotic-backend;
};

system.stateVersion = "25.05";
}
2 changes: 1 addition & 1 deletion nixos/hosts/chaotic-v4.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,7 @@
proxy_pass http://127.0.0.1:8080/api/;
}
location /backend/ {
proxy_pass http://127.0.0.1:3000/;
proxy_pass http://10.0.5.30:3000/;
}
location /logs/ {
proxy_pass http://127.0.0.1:8080/;
Expand Down
17 changes: 17 additions & 0 deletions nixos/hosts/immortalis/containers.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,22 @@
cpuWeight = 20;
ioWeight = 20;
};
chaotic-backend = {
config = import ../chaotic-backend.nix;
extraOptions = {
bindMounts = {
"chaotic" = {
hostPath = "/data_1/containers/chaotic-backend/chaotic";
isReadOnly = false;
mountPoint = "/var/garuda/docker-compose-runner/chaotic-backend";
};
};
enableTun = true;
ephemeral = lib.mkForce true;
};
ipAddress = "10.0.5.30";
needsDocker = true;
};
dev-container = {
config = import ../dev-container.nix;
defaults = false;
Expand All @@ -111,6 +127,7 @@
protocol = "tcp";
}
];
enableTun = true;
ephemeral = lib.mkForce true;
};
ipAddress = "10.0.5.150";
Expand Down
1 change: 1 addition & 0 deletions nixos/modules/garuda-lib.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@ in
};
docker-compose = {
all-in-one = "/var/garuda/secrets/docker-compose/all-in-one.env";
chaotic-backend = "/var/garuda/secrets/docker-compose/chaotic-backend.env";
chaotic-v4 = "/var/garuda/secrets/docker-compose/chaotic-v4.env";
chaotic-v4-builder = "/var/garuda/secrets/docker-compose/chaotic-v4-builder.env";
github-runner = "/var/garuda/secrets/docker-compose/github-runner.env";
Expand Down
2 changes: 1 addition & 1 deletion secrets
Submodule secrets updated from fe489d to 98cf7e

0 comments on commit c1bf518

Please sign in to comment.