From 907b30371686fc18c3c0fd5a8777c4a8a3797983 Mon Sep 17 00:00:00 2001 From: Sam Ruby Date: Sun, 30 Jun 2024 17:52:25 -0400 Subject: [PATCH] Docker compose improvements * use volumes to persist logs and storage (and possibly db) * expose Rails' master key as a docker compose secret * give PostgreSQL and MySQL separate persistence paths --- lib/generators/dockerfile_generator.rb | 13 +++++++++++ .../templates/docker-compose.yml.erb | 23 +++++++++++-------- test/results/api/docker-compose.yml | 14 ++++++++--- test/results/bun/docker-compose.yml | 14 ++++++++--- test/results/esbuild/docker-compose.yml | 14 ++++++++--- test/results/mysql/docker-compose.yml | 14 +++++++++-- test/results/postgresql/docker-compose.yml | 16 +++++++++---- .../private_gemserver/docker-compose.yml | 14 ++++++++--- .../docker-compose.yml | 14 ++++++++--- test/results/redis/docker-compose.yml | 14 ++++++++--- test/results/sidekiq/docker-compose.yml | 16 +++++++++---- test/results/solid_queue/docker-compose.yml | 16 +++++++++---- test/results/sqlite3/docker-compose.yml | 14 ++++++++--- test/results/trilogy/docker-compose.yml | 14 +++++++++-- 14 files changed, 164 insertions(+), 46 deletions(-) diff --git a/lib/generators/dockerfile_generator.rb b/lib/generators/dockerfile_generator.rb index 9054273..5fde7a0 100644 --- a/lib/generators/dockerfile_generator.rb +++ b/lib/generators/dockerfile_generator.rb @@ -1252,6 +1252,19 @@ def more_docker_ignores more end + def compose_web_volumes + volumes = %w[ log storage ] + + if deploy_database == "sqlite3" + database = YAML.load_file("config/database.yml", aliases: true).dig("production", "database") + if database && database =~ /^\w/ + volumes << File.dirname(database) + end + end + + volumes.uniq.sort + end + def max_idle option = options["max-idle"] diff --git a/lib/generators/templates/docker-compose.yml.erb b/lib/generators/templates/docker-compose.yml.erb index 3ec87ab..767b88f 100644 --- a/lib/generators/templates/docker-compose.yml.erb +++ b/lib/generators/templates/docker-compose.yml.erb @@ -1,4 +1,5 @@ version: "3.8" + services: web: <% if all_args.empty? -%> @@ -18,11 +19,14 @@ services: secrets: - gemserver_credentials <% end -%> +<% end -%> + volumes: +<% compose_web_volumes.each do |path| -%> + - ./<%= path %>:/rails/<%= path %> <% end -%> ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY <% if using_redis? -%> - REDIS_URL=redis://redis-db:6379 <% end -%> @@ -35,10 +39,9 @@ services: - DATABASE_URL=mysql2://root:password@mysql-db/ <% end -%> <% end -%> -<% if deploy_database == 'sqlite3' -%> - volumes: - - ./db:/rails/db -<% end -%> + secrets: + - source: master_key + target: /rails/config/master.key <% if using_redis? or deploy_database != 'sqlite3' -%> depends_on: <% if using_redis? -%> @@ -60,9 +63,7 @@ services: POSTGRES_USER: root POSTGRES_PASSWORD: password volumes: - - ./tmp/db:/var/lib/postgresql/data - ports: - - "5432:5432" + - ./tmp/postgres-db:/var/lib/postgresql/data healthcheck: test: pg_isready interval: 2s @@ -77,7 +78,7 @@ services: environment: MYSQL_ROOT_PASSWORD: password volumes: - - ./tmp/db:/var/lib/mysql + - ./tmp/mysql-db:/var/lib/mysql healthcheck: test: mysqladmin ping -h 127.0.0.1 -u root --password=password interval: 2s @@ -132,3 +133,7 @@ secrets: gemserver_credentials: file: ./GEMSERVER_CREDENTIALS.secret.txt <% end -%> + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/api/docker-compose.yml b/test/results/api/docker-compose.yml index b53ceca..fc66e86 100644 --- a/test/results/api/docker-compose.yml +++ b/test/results/api/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -6,9 +7,16 @@ services: args: UID: ${UID:-1000} GID: ${GID:-${UID:-1000}} + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - volumes: - - ./db:/rails/db + secrets: + - source: master_key + target: /rails/config/master.key + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/bun/docker-compose.yml b/test/results/bun/docker-compose.yml index b53ceca..fc66e86 100644 --- a/test/results/bun/docker-compose.yml +++ b/test/results/bun/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -6,9 +7,16 @@ services: args: UID: ${UID:-1000} GID: ${GID:-${UID:-1000}} + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - volumes: - - ./db:/rails/db + secrets: + - source: master_key + target: /rails/config/master.key + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/esbuild/docker-compose.yml b/test/results/esbuild/docker-compose.yml index b53ceca..fc66e86 100644 --- a/test/results/esbuild/docker-compose.yml +++ b/test/results/esbuild/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -6,9 +7,16 @@ services: args: UID: ${UID:-1000} GID: ${GID:-${UID:-1000}} + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - volumes: - - ./db:/rails/db + secrets: + - source: master_key + target: /rails/config/master.key + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/mysql/docker-compose.yml b/test/results/mysql/docker-compose.yml index a08a2c3..429bfe7 100644 --- a/test/results/mysql/docker-compose.yml +++ b/test/results/mysql/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -6,11 +7,16 @@ services: args: UID: ${UID:-1000} GID: ${GID:-${UID:-1000}} + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - DATABASE_URL=mysql2://root:password@mysql-db/ + secrets: + - source: master_key + target: /rails/config/master.key depends_on: mysql-db: condition: service_healthy @@ -22,9 +28,13 @@ services: environment: MYSQL_ROOT_PASSWORD: password volumes: - - ./tmp/db:/var/lib/mysql + - ./tmp/mysql-db:/var/lib/mysql healthcheck: test: mysqladmin ping -h 127.0.0.1 -u root --password=password interval: 2s timeout: 5s retries: 30 + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/postgresql/docker-compose.yml b/test/results/postgresql/docker-compose.yml index 91cf96c..671c691 100644 --- a/test/results/postgresql/docker-compose.yml +++ b/test/results/postgresql/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -6,11 +7,16 @@ services: args: UID: ${UID:-1000} GID: ${GID:-${UID:-1000}} + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - DATABASE_URL=postgres://root:password@postgres-db/ + secrets: + - source: master_key + target: /rails/config/master.key depends_on: postgres-db: condition: service_healthy @@ -21,11 +27,13 @@ services: POSTGRES_USER: root POSTGRES_PASSWORD: password volumes: - - ./tmp/db:/var/lib/postgresql/data - ports: - - "5432:5432" + - ./tmp/postgres-db:/var/lib/postgresql/data healthcheck: test: pg_isready interval: 2s timeout: 5s retries: 30 + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/private_gemserver/docker-compose.yml b/test/results/private_gemserver/docker-compose.yml index 5ae665f..c938625 100644 --- a/test/results/private_gemserver/docker-compose.yml +++ b/test/results/private_gemserver/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -8,13 +9,20 @@ services: GID: ${GID:-${UID:-1000}} secrets: - gemserver_credentials + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - volumes: - - ./db:/rails/db + secrets: + - source: master_key + target: /rails/config/master.key secrets: gemserver_credentials: file: ./GEMSERVER_CREDENTIALS.secret.txt + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/private_gemserver_with_cache/docker-compose.yml b/test/results/private_gemserver_with_cache/docker-compose.yml index 5ae665f..c938625 100644 --- a/test/results/private_gemserver_with_cache/docker-compose.yml +++ b/test/results/private_gemserver_with_cache/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -8,13 +9,20 @@ services: GID: ${GID:-${UID:-1000}} secrets: - gemserver_credentials + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - volumes: - - ./db:/rails/db + secrets: + - source: master_key + target: /rails/config/master.key secrets: gemserver_credentials: file: ./GEMSERVER_CREDENTIALS.secret.txt + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/redis/docker-compose.yml b/test/results/redis/docker-compose.yml index 7ad76b1..55bae6d 100644 --- a/test/results/redis/docker-compose.yml +++ b/test/results/redis/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -6,16 +7,23 @@ services: args: UID: ${UID:-1000} GID: ${GID:-${UID:-1000}} + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - REDIS_URL=redis://redis-db:6379 - volumes: - - ./db:/rails/db + secrets: + - source: master_key + target: /rails/config/master.key depends_on: redis-db: condition: service_started redis-db: image: redis + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/sidekiq/docker-compose.yml b/test/results/sidekiq/docker-compose.yml index c735d23..e83cabf 100644 --- a/test/results/sidekiq/docker-compose.yml +++ b/test/results/sidekiq/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -6,12 +7,17 @@ services: args: UID: ${UID:-1000} GID: ${GID:-${UID:-1000}} + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - REDIS_URL=redis://redis-db:6379 - DATABASE_URL=postgres://root:password@postgres-db/ + secrets: + - source: master_key + target: /rails/config/master.key depends_on: redis-db: condition: service_started @@ -24,9 +30,7 @@ services: POSTGRES_USER: root POSTGRES_PASSWORD: password volumes: - - ./tmp/db:/var/lib/postgresql/data - ports: - - "5432:5432" + - ./tmp/postgres-db:/var/lib/postgresql/data healthcheck: test: pg_isready interval: 2s @@ -48,3 +52,7 @@ services: condition: service_started postgres-db: condition: service_healthy + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/solid_queue/docker-compose.yml b/test/results/solid_queue/docker-compose.yml index 68822c0..7f46326 100644 --- a/test/results/solid_queue/docker-compose.yml +++ b/test/results/solid_queue/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -6,11 +7,16 @@ services: args: UID: ${UID:-1000} GID: ${GID:-${UID:-1000}} + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - DATABASE_URL=postgres://root:password@postgres-db/ + secrets: + - source: master_key + target: /rails/config/master.key depends_on: postgres-db: condition: service_healthy @@ -21,9 +27,7 @@ services: POSTGRES_USER: root POSTGRES_PASSWORD: password volumes: - - ./tmp/db:/var/lib/postgresql/data - ports: - - "5432:5432" + - ./tmp/postgres-db:/var/lib/postgresql/data healthcheck: test: pg_isready interval: 2s @@ -42,3 +46,7 @@ services: condition: service_started postgres-db: condition: service_healthy + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/sqlite3/docker-compose.yml b/test/results/sqlite3/docker-compose.yml index b53ceca..fc66e86 100644 --- a/test/results/sqlite3/docker-compose.yml +++ b/test/results/sqlite3/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -6,9 +7,16 @@ services: args: UID: ${UID:-1000} GID: ${GID:-${UID:-1000}} + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - volumes: - - ./db:/rails/db + secrets: + - source: master_key + target: /rails/config/master.key + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file diff --git a/test/results/trilogy/docker-compose.yml b/test/results/trilogy/docker-compose.yml index 79aade6..7f0918a 100644 --- a/test/results/trilogy/docker-compose.yml +++ b/test/results/trilogy/docker-compose.yml @@ -1,4 +1,5 @@ version: "3.8" + services: web: build: @@ -6,11 +7,16 @@ services: args: UID: ${UID:-1000} GID: ${GID:-${UID:-1000}} + volumes: + - ./log:/rails/log + - ./storage:/rails/storage ports: - "3000:3000" environment: - - RAILS_MASTER_KEY=$RAILS_MASTER_KEY - DATABASE_URL=trilogy://root:password@mysql-db/ + secrets: + - source: master_key + target: /rails/config/master.key depends_on: mysql-db: condition: service_healthy @@ -22,9 +28,13 @@ services: environment: MYSQL_ROOT_PASSWORD: password volumes: - - ./tmp/db:/var/lib/mysql + - ./tmp/mysql-db:/var/lib/mysql healthcheck: test: mysqladmin ping -h 127.0.0.1 -u root --password=password interval: 2s timeout: 5s retries: 30 + +secrets: + master_key: + file: ./config/master.key \ No newline at end of file