Add Podman files

Dockerfile

@@ -0,0 +1,30 @@
+# syntax=docker/dockerfile:1
+FROM python:3.11
+ARG OPERATION
+
+RUN useradd -d /code xf
+RUN mkdir -p /code
+RUN chown -R xf:xf /code
+
+RUN mkdir -p /conf/static
+RUN chown -R xf:xf /conf
+
+RUN mkdir /venv
+RUN chown xf:xf /venv
+
+RUN apt-get update && apt-get install -y cargo rustc
+
+USER xf
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+WORKDIR /code
+COPY requirements.txt /code/
+RUN python -m venv /venv
+RUN . /venv/bin/activate && pip install -r requirements.txt
+
+# CMD . /venv/bin/activate && uwsgi --ini /conf/uwsgi.ini
+
+CMD if [ "$OPERATION" = "uwsgi" ] ; then . /venv/bin/activate && uwsgi --ini /conf/uwsgi.ini ; else . /venv/bin/activate && exec python manage.py runserver 0.0.0.0:8000; fi
+
+# CMD . /venv/bin/activate && uvicorn --reload --reload-include *.html --workers 2 --uds /var/run/socks/app.sock app.asgi:application
+# CMD . /venv/bin/activate && gunicorn -b 0.0.0.0:8000 --reload app.asgi:application -k uvicorn.workers.UvicornWorker

Makefile

@@ -0,0 +1,26 @@
+run:
+	docker-compose --env-file=stack.env up -d
+
+build:
+	docker-compose --env-file=stack.env build
+
+stop:
+	docker-compose --env-file=stack.env down
+
+log:
+	docker-compose --env-file=stack.env logs -f --names
+
+test:
+	docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py test $(MODULES) -v 2"
+
+migrate:
+	docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py migrate"
+
+makemigrations:
+	docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py makemigrations"
+
+auth:
+	docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py createsuperuser"
+
+token:
+	docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py addstatictoken m"

docker-compose.yml

@@ -0,0 +1,252 @@
+version: "2.2"
+   
+services:
+  app:
+    image: xf/gia:prod
+    container_name: gia
+    build:
+      context: .
+      args:
+        OPERATION: ${OPERATION}
+    volumes:
+      - ${REPO_DIR}:/code
+      - ${REPO_DIR}/docker/uwsgi.ini:/conf/uwsgi.ini
+      - ${APP_DATABASE_FILE}:/conf/db.sqlite3
+      - type: bind
+        source: /code/vrun
+        target: /var/run
+    environment: 
+      APP_PORT: "${APP_PORT}"
+      REPO_DIR: "${REPO_DIR}"
+      APP_LOCAL_SETTINGS: "${APP_LOCAL_SETTINGS}"
+      APP_DATABASE_FILE: "${APP_DATABASE_FILE}"
+      DOMAIN: "${DOMAIN}"
+      URL: "${URL}"
+      ALLOWED_HOSTS: "${ALLOWED_HOSTS}"
+      NOTIFY_TOPIC: "${NOTIFY_TOPIC}"
+      CSRF_TRUSTED_ORIGINS: "${CSRF_TRUSTED_ORIGINS}"
+      DEBUG: "${DEBUG}"
+      SECRET_KEY: "${SECRET_KEY}"
+      STATIC_ROOT: "${STATIC_ROOT}"
+      REGISTRATION_OPEN: "${REGISTRATION_OPEN}"
+      OPERATION: "${OPERATION}"
+    depends_on:
+      redis:
+        condition: service_healthy
+      migration:
+        condition: service_started
+      collectstatic:
+        condition: service_started
+    # deploy:
+    #   resources:
+    #     limits:
+    #       cpus: '0.1'
+    #       memory: 0.25G
+    #network_mode: host
+
+  db:
+    image: manticoresearch/manticore:dev
+    container_name: giadb
+    restart: always
+    environment:
+      - EXTRA=1
+    volumes:
+      - ./docker/data:/var/lib/manticore
+      #- ./docker/manticore.conf:/etc/manticoresearch/manticore.conf
+    # network_mode: host
+
+  signal-cli-rest-api:
+    image: bbernhard/signal-cli-rest-api:latest
+    container_name: signal
+    environment:
+      - MODE=json-rpc #supported modes: json-rpc, native, normal
+      # - AUTO_RECEIVE_SCHEDULE=0 22 * * *
+    # ports:
+    #   - "8080:8080"
+    volumes:
+      - "./signal-cli-config:/home/.local/share/signal-cli"
+
+  processing:
+    image: xf/gia:prod
+    container_name: processing_gia
+    build:
+      context: .
+      args:
+        OPERATION: ${OPERATION}
+    command: sh -c '. /venv/bin/activate && python manage.py processing'
+    volumes:
+      - ${REPO_DIR}:/code
+      - ${REPO_DIR}/docker/uwsgi.ini:/conf/uwsgi.ini
+      - ${APP_DATABASE_FILE}:/conf/db.sqlite3
+      - type: bind
+        source: /code/vrun
+        target: /var/run
+    environment: 
+      APP_PORT: "${APP_PORT}"
+      REPO_DIR: "${REPO_DIR}"
+      APP_LOCAL_SETTINGS: "${APP_LOCAL_SETTINGS}"
+      APP_DATABASE_FILE: "${APP_DATABASE_FILE}"
+      DOMAIN: "${DOMAIN}"
+      URL: "${URL}"
+      ALLOWED_HOSTS: "${ALLOWED_HOSTS}"
+      NOTIFY_TOPIC: "${NOTIFY_TOPIC}"
+      CSRF_TRUSTED_ORIGINS: "${CSRF_TRUSTED_ORIGINS}"
+      DEBUG: "${DEBUG}"
+      SECRET_KEY: "${SECRET_KEY}"
+      STATIC_ROOT: "${STATIC_ROOT}"
+      REGISTRATION_OPEN: "${REGISTRATION_OPEN}"
+      OPERATION: "${OPERATION}"
+    depends_on:
+      redis:
+        condition: service_healthy
+      migration:
+        condition: service_started
+      collectstatic:
+        condition: service_started
+    # deploy:
+    #   resources:
+    #     limits:
+    #       cpus: '0.25'
+    #       memory: 0.25G
+    #network_mode: host
+
+  scheduling:
+    image: xf/gia:prod
+    container_name: scheduling_gia
+    build:
+      context: .
+      args:
+        OPERATION: ${OPERATION}
+    command: sh -c '. /venv/bin/activate && python manage.py scheduling'
+    volumes:
+      - ${REPO_DIR}:/code
+      - ${REPO_DIR}/docker/uwsgi.ini:/conf/uwsgi.ini
+      - ${APP_DATABASE_FILE}:/conf/db.sqlite3
+      - type: bind
+        source: /code/vrun
+        target: /var/run
+    environment: 
+      APP_PORT: "${APP_PORT}"
+      REPO_DIR: "${REPO_DIR}"
+      APP_LOCAL_SETTINGS: "${APP_LOCAL_SETTINGS}"
+      APP_DATABASE_FILE: "${APP_DATABASE_FILE}"
+      DOMAIN: "${DOMAIN}"
+      URL: "${URL}"
+      ALLOWED_HOSTS: "${ALLOWED_HOSTS}"
+      NOTIFY_TOPIC: "${NOTIFY_TOPIC}"
+      CSRF_TRUSTED_ORIGINS: "${CSRF_TRUSTED_ORIGINS}"
+      DEBUG: "${DEBUG}"
+      SECRET_KEY: "${SECRET_KEY}"
+      STATIC_ROOT: "${STATIC_ROOT}"
+      REGISTRATION_OPEN: "${REGISTRATION_OPEN}"
+      OPERATION: "${OPERATION}"
+    depends_on:
+      redis:
+        condition: service_healthy
+      migration:
+        condition: service_started
+      collectstatic:
+        condition: service_started
+    # deploy:
+    #   resources:
+    #     limits:
+    #       cpus: '0.25'
+    #       memory: 0.25G
+    #network_mode: host
+
+  migration:
+    image: xf/gia:prod
+    container_name: migration_gia
+    build:
+      context: .
+      args:
+        OPERATION: ${OPERATION}
+    command: sh -c '. /venv/bin/activate && python manage.py migrate --noinput'
+    volumes:
+      - ${REPO_DIR}:/code
+      - ${APP_DATABASE_FILE}:/conf/db.sqlite3
+      - type: bind
+        source: /code/vrun
+        target: /var/run
+    environment: 
+      APP_PORT: "${APP_PORT}"
+      REPO_DIR: "${REPO_DIR}"
+      APP_LOCAL_SETTINGS: "${APP_LOCAL_SETTINGS}"
+      APP_DATABASE_FILE: "${APP_DATABASE_FILE}"
+      DOMAIN: "${DOMAIN}"
+      URL: "${URL}"
+      ALLOWED_HOSTS: "${ALLOWED_HOSTS}"
+      NOTIFY_TOPIC: "${NOTIFY_TOPIC}"
+      CSRF_TRUSTED_ORIGINS: "${CSRF_TRUSTED_ORIGINS}"
+      DEBUG: "${DEBUG}"
+      SECRET_KEY: "${SECRET_KEY}"
+      STATIC_ROOT: "${STATIC_ROOT}"
+      REGISTRATION_OPEN: "${REGISTRATION_OPEN}"
+      OPERATION: "${OPERATION}"
+    # deploy:
+    #   resources:
+    #     limits:
+    #       cpus: '0.25'
+    #       memory: 0.25G
+    #network_mode: host
+
+  collectstatic:
+    image: xf/gia:prod
+    container_name: collectstatic_gia
+    build:
+      context: .
+      args:
+        OPERATION: ${OPERATION}
+    command: sh -c '. /venv/bin/activate && python manage.py collectstatic --noinput'
+    volumes:
+      - ${REPO_DIR}:/code
+      - ${APP_DATABASE_FILE}:/conf/db.sqlite3
+      - type: bind
+        source: /code/vrun
+        target: /var/run
+    environment: 
+      APP_PORT: "${APP_PORT}"
+      REPO_DIR: "${REPO_DIR}"
+      APP_LOCAL_SETTINGS: "${APP_LOCAL_SETTINGS}"
+      APP_DATABASE_FILE: "${APP_DATABASE_FILE}"
+      DOMAIN: "${DOMAIN}"
+      URL: "${URL}"
+      ALLOWED_HOSTS: "${ALLOWED_HOSTS}"
+      NOTIFY_TOPIC: "${NOTIFY_TOPIC}"
+      CSRF_TRUSTED_ORIGINS: "${CSRF_TRUSTED_ORIGINS}"
+      DEBUG: "${DEBUG}"
+      SECRET_KEY: "${SECRET_KEY}"
+      STATIC_ROOT: "${STATIC_ROOT}"
+      REGISTRATION_OPEN: "${REGISTRATION_OPEN}"
+      OPERATION: "${OPERATION}"
+    # deploy:
+    #   resources:
+    #     limits:
+    #       cpus: '0.25'
+    #       memory: 0.25G
+    #network_mode: host
+
+  redis:
+    image: redis
+    container_name: redis_gia
+    command: redis-server /etc/redis.conf
+    volumes:
+      - ${REPO_DIR}/docker/redis.conf:/etc/redis.conf
+      - gia_redis_data:/data
+      - type: bind
+        source: /code/vrun
+        target: /var/run
+    healthcheck:
+      test: "redis-cli ping"
+      interval: 2s
+      timeout: 2s
+      retries: 15
+    # deploy:
+    #   resources:
+    #     limits:
+    #       cpus: '0.25'
+    #       memory: 0.25G
+    #network_mode: host
+
+volumes:
+  gia_redis_data: {}

docker/nginx/conf.d/dev.conf

@@ -0,0 +1,24 @@
+upstream django {
+    #server app:8000;
+    server unix:///var/run/uwsgi-gia.sock;
+}
+
+server {
+  listen 9999;
+
+  location = /favicon.ico { access_log off; log_not_found off; }
+
+  location /static/ {
+    root /conf;
+  }
+
+  location / {
+      include     /etc/nginx/uwsgi_params; # the uwsgi_params file you installed
+      uwsgi_pass  django;
+      uwsgi_param Host $host;
+      uwsgi_param X-Real-IP $remote_addr;
+      uwsgi_param X-Forwarded-For $proxy_add_x_forwarded_for;
+      uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
+  }
+
+}

docker/nginx/conf.d/uwsgi.conf

@@ -0,0 +1,24 @@
+upstream django {
+    server app:8000;
+    #server unix:///var/run/socks/app.sock;
+}
+
+server {
+  listen 9999;
+
+  location = /favicon.ico { access_log off; log_not_found off; }
+
+  location /static/ {
+    root /conf;
+  }
+
+  location / {
+      include     /etc/nginx/uwsgi_params; # the uwsgi_params file you installed
+      uwsgi_pass  django;
+      uwsgi_param Host $host;
+      uwsgi_param X-Real-IP $remote_addr;
+      uwsgi_param X-Forwarded-For $proxy_add_x_forwarded_for;
+      uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
+  }
+
+}

docker/redis.conf

@@ -0,0 +1,3 @@
+unixsocket /var/run/gia-redis.sock
+unixsocketperm 777
+port 0

docker/uwsgi.ini

@@ -0,0 +1,22 @@
+[uwsgi]
+chdir=/code
+module=app.wsgi:application
+env=DJANGO_SETTINGS_MODULE=app.settings
+master=1
+pidfile=/tmp/project-master.pid
+#socket=0.0.0.0:8000
+socket=/var/run/uwsgi-gia.sock
+# socket 777
+chmod-socket=777
+harakiri=200
+#max-requests=100000
+# Set a lower value for max-requests to prevent memory leaks from building up over time
+max-requests=1000
+# Ensure old worker processes are cleaned up properly
+reload-on-as=512
+reload-on-rss=256
+vacuum=1
+home=/venv
+processes=4
+threads=2
+log-level=debug