diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..f30df9f --- /dev/null +++ b/.dockerignore @@ -0,0 +1,21 @@ +# flyctl launch added from .gitignore +**/.DS_Store +**/debug +**/target +**/.vim +**/.direnv +**/.env +**/.fedimint-test-dir +**/.test + +# These are backup files generated by rustfmt +**/**/*.rs.bk + +# Clippy compile errors keep generating this +**/rustc-ice-* + +# MSVC Windows builds of rustc generate these, which store debugging information +**/*.pdb + +**/*/bacon.toml +fly.toml diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..edfe80d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,44 @@ +FROM rust:1.67-bookworm as builder + +WORKDIR /usr/src/app +COPY . . + +# Get the target triple of the current build environment +RUN echo "$(rustc -vV | sed -n 's|host: ||p')" > rust_target + +# cargo under QEMU building for ARM can consumes 10s of GBs of RAM... +# Solution: https://users.rust-lang.org/t/cargo-uses-too-much-memory-being-run-in-qemu/76531/2 +ENV CARGO_NET_GIT_FETCH_WITH_CLI true + +# Install clang and other required tools for compiling Rust projects with native dependencies +RUN apt update && apt install --no-install-recommends -y \ + build-essential \ + pkg-config \ + libssl-dev \ + musl-dev \ + clang + +# Will build and cache the binary and dependent crates in release mode +RUN --mount=type=cache,target=/usr/local/cargo,from=rust:latest,source=/usr/local/cargo \ + --mount=type=cache,target=target \ + cargo build --target $(cat rust_target) --release && mv ./target/$(cat rust_target)/release/blinded-hermes ./blinded-hermes + +# Runtime image +FROM debian:bookworm-slim + +RUN apt update && apt install -y openssl libpq-dev pkg-config libc6 clang + +# Run as "app" user +RUN useradd -ms /bin/bash app + +USER app +WORKDIR /app + +# Get compiled binaries from builder's cargo install directory +COPY --from=builder /usr/src/app/blinded-hermes /app/blinded-hermes + +ENV HERMES_PORT=8080 +EXPOSE $HERMES_PORT + +# Run the app +CMD ["./blinded-hermes"] diff --git a/README.md b/README.md index 7d2e453..445a55a 100644 --- a/README.md +++ b/README.md @@ -44,4 +44,10 @@ Any time you change a migration, you should run this locally, this will set up t diesel migration run ``` -Migrations are embedded into the code, so when they deploy somewhere after they have been init'd properly (`diesel setup`), there's no additional things to do on a server unless you need to revert things. Then you the deisel CLI tool for that. You do have to at least create the database first, though `diesel setup` will also do that for you. +Migrations are NOT embedded into the code. You must shut down the server, run the below command locally, and then spin the server back up with the new version. + +``` +diesel migration run --database-url {PROD_DB_CONNECTION} +``` + +Replace PROD_DB_CONNECTION with the database config for production. diff --git a/flake.nix b/flake.nix index 5bf33df..6ebf70a 100644 --- a/flake.nix +++ b/flake.nix @@ -32,6 +32,7 @@ pkgs.pkg-config pkgs.libclang.lib pkgs.clang + pkgs.flyctl ] ++ pkgs.lib.optionals pkgs.stdenv.isDarwin [ pkgs.libiconv ]; @@ -86,6 +87,7 @@ pkgs.pkg-config pkgs.libclang.lib pkgs.clang + pkgs.flyctl ]; shellHook = '' export LIBCLANG_PATH="${pkgs.libclang.lib}/lib" diff --git a/fly.toml b/fly.toml new file mode 100644 index 0000000..ed00cd7 --- /dev/null +++ b/fly.toml @@ -0,0 +1,39 @@ +# fly.toml app configuration file generated for hermes-blinded-staging on 2024-03-26T00:55:46-05:00 +# +# See https://fly.io/docs/reference/configuration/ for information about how to use this file. +# + +app = 'hermes-blinded-staging' +primary_region = 'dfw' + +[build] + +[env] + DOMAIN_URL = 'https://mutinyvip.com' + FM_DB_PATH = '/data' + HERMES_PORT = '8080' + RUST_LOG = 'debug' + +[mounts] + source="hermes_data" + destination="/data" + +[http_service] + internal_port = 8080 + force_https = true + auto_stop_machines = false + auto_start_machines = false + min_machines_running = 1 + processes = ['app'] + +[[http_service.checks]] + interval = '5s' + timeout = '5s' + grace_period = '10s' + method = 'GET' + path = '/health-check' + +[[vm]] + memory = '1gb' + cpu_kind = 'shared' + cpus = 1