Lightweight containerized prosody tooling + moved auth scripts + xmpp reconnect/auth stabilization
This commit is contained in:
@@ -27,10 +27,16 @@ ASGI_CONTAINER="$(name_with_stack "asgi_gia")"
|
||||
UR_CONTAINER="$(name_with_stack "ur_gia")"
|
||||
SCHED_CONTAINER="$(name_with_stack "scheduling_gia")"
|
||||
CODEX_WORKER_CONTAINER="$(name_with_stack "codex_worker_gia")"
|
||||
PROSODY_CONTAINER="$(name_with_stack "prosody_gia")"
|
||||
|
||||
REDIS_DATA_DIR="${QUADLET_REDIS_DATA_DIR:-$ROOT_DIR/.podman/gia_redis_data}"
|
||||
WHATSAPP_DATA_DIR="${QUADLET_WHATSAPP_DATA_DIR:-$ROOT_DIR/.podman/gia_whatsapp_data}"
|
||||
SQLITE_DATA_DIR="${QUADLET_SQLITE_DATA_DIR:-$ROOT_DIR/.podman/gia_sqlite_data}"
|
||||
PROSODY_CONFIG_FILE="${QUADLET_PROSODY_CONFIG_FILE:-$ROOT_DIR/utilities/prosody/prosody.cfg.lua}"
|
||||
PROSODY_CERTS_DIR="${QUADLET_PROSODY_CERTS_DIR:-$ROOT_DIR/.podman/gia_prosody_certs}"
|
||||
PROSODY_DATA_DIR="${QUADLET_PROSODY_DATA_DIR:-$ROOT_DIR/.podman/gia_prosody_data}"
|
||||
PROSODY_LOGS_DIR="${QUADLET_PROSODY_LOGS_DIR:-$ROOT_DIR/.podman/gia_prosody_logs}"
|
||||
PROSODY_ENABLED="${PROSODY_ENABLED:-false}"
|
||||
if [[ -n "${STACK_ID}" ]]; then
|
||||
VRUN_DIR="/code/vrun/${STACK_ID}"
|
||||
else
|
||||
@@ -41,6 +47,7 @@ load_env() {
|
||||
set -a
|
||||
. "$STACK_ENV"
|
||||
set +a
|
||||
PROSODY_ENABLED="${PROSODY_ENABLED:-false}"
|
||||
}
|
||||
|
||||
is_remote() {
|
||||
@@ -64,7 +71,7 @@ require_podman() {
|
||||
}
|
||||
|
||||
ensure_dirs() {
|
||||
mkdir -p "$REDIS_DATA_DIR" "$WHATSAPP_DATA_DIR" "$SQLITE_DATA_DIR" "$VRUN_DIR" "$ROOT_DIR/signal-cli-config"
|
||||
mkdir -p "$REDIS_DATA_DIR" "$WHATSAPP_DATA_DIR" "$SQLITE_DATA_DIR" "$VRUN_DIR" "$ROOT_DIR/signal-cli-config" "$PROSODY_CERTS_DIR" "$PROSODY_DATA_DIR" "$PROSODY_LOGS_DIR"
|
||||
chmod 0777 "$SQLITE_DATA_DIR" 2>/dev/null || true
|
||||
# Container runs as uid 1000 (xf); rootless Podman remaps uids so plain
|
||||
# chown won't work — podman unshare translates to the correct host uid.
|
||||
@@ -153,6 +160,7 @@ down_stack() {
|
||||
rm_if_exists "$UR_CONTAINER"
|
||||
rm_if_exists "$SCHED_CONTAINER"
|
||||
rm_if_exists "$CODEX_WORKER_CONTAINER"
|
||||
rm_if_exists "$PROSODY_CONTAINER"
|
||||
}
|
||||
|
||||
start_stack() {
|
||||
@@ -179,8 +187,21 @@ start_stack() {
|
||||
port_offset="${port_offset:-0}"
|
||||
local app_port="${APP_PORT:-$((5006 + port_offset))}"
|
||||
local signal_port="${SIGNAL_PUBLIC_PORT:-$((8080 + port_offset))}"
|
||||
local prosody_c2s_port="${PROSODY_PUBLIC_C2S_PORT:-5222}"
|
||||
local prosody_s2s_port="${PROSODY_PUBLIC_S2S_PORT:-5269}"
|
||||
local prosody_component_port="${PROSODY_PUBLIC_COMPONENT_PORT:-8888}"
|
||||
local prosody_http_port="${PROSODY_PUBLIC_HTTP_PORT:-5280}"
|
||||
|
||||
podman pod create --name "$POD_NAME" -p "${app_port}:8000" -p "${signal_port}:8080" >/dev/null
|
||||
local pod_args=(--name "$POD_NAME" -p "${app_port}:8000" -p "${signal_port}:8080")
|
||||
if [[ "$PROSODY_ENABLED" == "true" ]]; then
|
||||
pod_args+=(
|
||||
-p "${prosody_c2s_port}:5222"
|
||||
-p "${prosody_s2s_port}:5269"
|
||||
-p "${prosody_component_port}:8888"
|
||||
-p "${prosody_http_port}:5280"
|
||||
)
|
||||
fi
|
||||
podman pod create "${pod_args[@]}" >/dev/null
|
||||
|
||||
podman run -d \
|
||||
--replace \
|
||||
@@ -200,6 +221,19 @@ start_stack() {
|
||||
-v "$ROOT_DIR/signal-cli-config:/home/.local/share/signal-cli" \
|
||||
docker.io/bbernhard/signal-cli-rest-api:latest >/dev/null
|
||||
|
||||
if [[ "$PROSODY_ENABLED" == "true" ]]; then
|
||||
podman run -d \
|
||||
--replace \
|
||||
--name "$PROSODY_CONTAINER" \
|
||||
--pod "$POD_NAME" \
|
||||
-v "$PROSODY_CONFIG_FILE:/etc/prosody/prosody.cfg.lua:ro" \
|
||||
-v "$PROSODY_CERTS_DIR:/etc/prosody/certs" \
|
||||
-v "$PROSODY_DATA_DIR:/var/lib/prosody" \
|
||||
-v "$PROSODY_LOGS_DIR:/var/log/prosody" \
|
||||
-v "$REPO_DIR:/code" \
|
||||
docker.io/prosody/prosody:0.12 >/dev/null
|
||||
fi
|
||||
|
||||
wait_for_redis_socket
|
||||
|
||||
run_oneshot_container "$MIGRATION_CONTAINER" ". /venv/bin/activate && python manage.py migrate --noinput"
|
||||
@@ -238,15 +272,21 @@ case "${1:-}" in
|
||||
;;
|
||||
status)
|
||||
require_podman
|
||||
load_env
|
||||
podman pod ps --format "table {{.Name}}\t{{.Status}}" | grep -E "^$POD_NAME\b" || true
|
||||
podman ps --format "table {{.Names}}\t{{.Status}}" | grep -E "^($APP_CONTAINER|$ASGI_CONTAINER|$UR_CONTAINER|$SCHED_CONTAINER|$CODEX_WORKER_CONTAINER|$REDIS_CONTAINER|$SIGNAL_CONTAINER)\b" || true
|
||||
podman ps --format "table {{.Names}}\t{{.Status}}" | grep -E "^($APP_CONTAINER|$ASGI_CONTAINER|$UR_CONTAINER|$SCHED_CONTAINER|$CODEX_WORKER_CONTAINER|$REDIS_CONTAINER|$SIGNAL_CONTAINER|$PROSODY_CONTAINER)\b" || true
|
||||
;;
|
||||
logs)
|
||||
require_podman
|
||||
load_env
|
||||
if is_remote; then
|
||||
podman logs -f "$APP_CONTAINER"
|
||||
else
|
||||
podman logs -f "$APP_CONTAINER" "$ASGI_CONTAINER" "$UR_CONTAINER" "$SCHED_CONTAINER" "$CODEX_WORKER_CONTAINER" "$REDIS_CONTAINER" "$SIGNAL_CONTAINER"
|
||||
local log_targets=("$APP_CONTAINER" "$ASGI_CONTAINER" "$UR_CONTAINER" "$SCHED_CONTAINER" "$CODEX_WORKER_CONTAINER" "$REDIS_CONTAINER" "$SIGNAL_CONTAINER")
|
||||
if [[ "$PROSODY_ENABLED" == "true" ]]; then
|
||||
log_targets+=("$PROSODY_CONTAINER")
|
||||
fi
|
||||
podman logs -f "${log_targets[@]}"
|
||||
fi
|
||||
;;
|
||||
watch)
|
||||
|
||||
Reference in New Issue
Block a user