feat(table-editor): Add table-editor container setup script with database configuration, directory creation, and service management
Some checks are pending
GBCI / build (push) Waiting to run
Some checks are pending
GBCI / build (push) Waiting to run
This commit is contained in:
Rodrigo Rodriguez (Pragmatismo)
parent
d722849a7b
commit
3068790f7d
4 changed files with 181 additions and 33 deletions
|
|
@ -14,4 +14,7 @@ systemctl enable fail2ban
|
|||
apt update && apt install -y fail2ban iptables-persistent
|
||||
|
||||
systemctl enable fail2ban
|
||||
systemctl enable netfilter-persistent
|
||||
systemctl enable netfilter-persistent
|
||||
|
||||
# Add
|
||||
Docusign: https://www.docuseal.com/on-premises
|
||||
|
|
@ -41,7 +41,52 @@ set -e
|
|||
useradd --system --no-create-home --shell /bin/false gbuser
|
||||
|
||||
# Update and install dependencies
|
||||
apt-get update && apt-get install -y wget || { echo 'Package installation failed'; exit 1; }
|
||||
apt-get update && apt-get install -y wget git || { echo 'Package installation failed'; exit 1; }
|
||||
|
||||
sudo apt update
|
||||
sudo apt install -y curl gnupg ca-certificates git
|
||||
apt-get update && apt-get install -y \
|
||||
build-essential cmake git pkg-config libjpeg-dev libtiff-dev \
|
||||
libpng-dev libavcodec-dev libavformat-dev libswscale-dev \
|
||||
libv4l-dev libatlas-base-dev gfortran python3-dev cpulimit \
|
||||
expect libxtst-dev libpng-dev
|
||||
|
||||
sudo apt-get install -y libcairo2-dev libpango1.0-dev libgif-dev librsvg2-dev
|
||||
sudo apt install xvfb -y
|
||||
|
||||
sudo apt install -y \
|
||||
libnss3 \
|
||||
libatk1.0-0 \
|
||||
libatk-bridge2.0-0 \
|
||||
libcups2 \
|
||||
libdrm2 \
|
||||
libxkbcommon0 \
|
||||
libxcomposite1 \
|
||||
libxdamage1 \
|
||||
libxfixes3 \
|
||||
libxrandr2 \
|
||||
libgbm1 \
|
||||
libasound2 \
|
||||
libpangocairo-1.0-0
|
||||
|
||||
export OPENCV4NODEJS_DISABLE_AUTOBUILD=1
|
||||
export OPENCV_LIB_DIR=/usr/lib/x86_64-linux-gnu
|
||||
|
||||
# Install Node.js 22.x
|
||||
curl -fsSL https://deb.nodesource.com/setup_22.x | sudo bash -
|
||||
sudo apt install -y nodejs
|
||||
|
||||
sudo apt install -y curl gnupg ca-certificates git
|
||||
|
||||
# Install Node.js 22.x
|
||||
curl -fsSL https://deb.nodesource.com/setup_22.x | sudo bash -
|
||||
sudo apt install -y nodejs
|
||||
|
||||
# Install Xvfb and other dependencies
|
||||
sudo apt install -y xvfb libgbm-dev
|
||||
|
||||
|
||||
|
||||
|
||||
# Create directories
|
||||
mkdir -p \"$BIN_PATH\" /opt/gbo/data /opt/gbo/conf /opt/gbo/logs || { echo 'Directory creation failed'; exit 1; }
|
||||
|
|
@ -76,6 +121,16 @@ lxc config device add "$CONTAINER_NAME" almdata disk source="$HOST_DATA" path=/o
|
|||
lxc config device add "$CONTAINER_NAME" almconf disk source="$HOST_CONF" path=/opt/gbo/conf || exit 1
|
||||
lxc config device add "$CONTAINER_NAME" almlogs disk source="$HOST_LOGS" path=/opt/gbo/logs || exit 1
|
||||
|
||||
LXC_BOT="/opt/gbo/tenants/$PARAM_TENANT/bot/data"
|
||||
LXC_PROXY="/opt/gbo/tenants/$PARAM_TENANT/proxy/data/websites"
|
||||
#LXC_GB6="/opt/gbo/tenants/$PARAM_TENANT/gb6/bin"
|
||||
|
||||
lxc config device add "$CONTAINER_NAME" almbot disk source="$LXC_BOT" path=/opt/gbo/bin/bot
|
||||
lxc config device add "$CONTAINER_NAME" almproxy disk source="$LXC_PROXY" path=/opt/gbo/bin/proxy
|
||||
#lxc config device add "$CONTAINER_NAME" almgb6 disk source="$LXC_GB6" path=/opt/gbo/bin/gb6 || exit 1
|
||||
|
||||
|
||||
|
||||
lxc exec "$CONTAINER_NAME" -- bash -c "
|
||||
# Create systemd service
|
||||
cat > /etc/systemd/system/alm-ci.service <<EOF
|
||||
|
|
|
|||
|
|
@ -3,52 +3,47 @@
|
|||
# Define container limits in an associative array
|
||||
declare -A container_limits=(
|
||||
# Pattern Memory CPU Allowance
|
||||
["*tables*"]="2048MB:33ms/100ms"
|
||||
["*alm*"]="5126MB:15ms/100ms"
|
||||
["*email*"]="4024MB:100ms/100ms"
|
||||
["*webmail*"]="1024MB:20ms/100ms"
|
||||
["*bot*"]="2048MB:20ms/100ms"
|
||||
["*drive*"]="1024MB:20ms/100ms"
|
||||
["*tables*"]="2048MB:25ms/100ms"
|
||||
["*proxy*"]="512MB:25ms/100ms"
|
||||
["*directory*"]="512MB:25ms/100ms"
|
||||
["*drive*"]="1024MB:25ms/100ms"
|
||||
["*email*"]="1024MB:20ms/100ms"
|
||||
["*webmail*"]="1024MB:20ms/100ms"
|
||||
["*bot*"]="2048MB:50ms/100ms"
|
||||
["*meeting*"]="1024MB:20ms/100ms"
|
||||
["*alm*"]="512MB:20ms/100ms"
|
||||
["*alm-ci*"]="1024MB:20ms/100ms"
|
||||
)
|
||||
|
||||
# Default values (for containers that don't match any pattern)
|
||||
DEFAULT_MEMORY="1024MB"
|
||||
DEFAULT_CPU_ALLOWANCE="15ms/100ms"
|
||||
CPU_COUNT=1
|
||||
CPU_PRIORITY=10
|
||||
CPU_COUNT=2
|
||||
CPU_PRIORITY=5
|
||||
|
||||
# Configure all containers
|
||||
for container in $(lxc list -c n --format csv); do
|
||||
for pattern in "${!container_limits[@]}"; do
|
||||
echo "Configuring $container..."
|
||||
|
||||
memory=$DEFAULT_MEMORY
|
||||
cpu_allowance=$DEFAULT_CPU_ALLOWANCE
|
||||
|
||||
# Configure all containers
|
||||
for container in $(lxc list -c n --format csv); do
|
||||
# Check if container matches any pattern
|
||||
for pattern in "${!container_limits[@]}"; do
|
||||
if [[ $container == $pattern ]]; then
|
||||
IFS=':' read -r memory cpu_allowance <<< "${container_limits[$pattern]}"
|
||||
|
||||
# Apply configuration
|
||||
lxc config set "$container" limits.memory "$memory"
|
||||
lxc config set "$container" limits.cpu.allowance "$cpu_allowance"
|
||||
lxc config set "$container" limits.cpu "$CPU_COUNT"
|
||||
lxc config set "$container" limits.cpu.priority "$CPU_PRIORITY"
|
||||
|
||||
echo "Restarting $container..."
|
||||
lxc restart "$container"
|
||||
|
||||
lxc config show "$container" | grep -E "memory|cpu"
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
# Apply configuration
|
||||
lxc config set "$container" limits.memory "$memory"
|
||||
lxc config set "$container" limits.cpu.allowance "$cpu_allowance"
|
||||
lxc config set "$container" limits.cpu "$CPU_COUNT"
|
||||
lxc config set "$container" limits.cpu.priority "$CPU_PRIORITY"
|
||||
done
|
||||
|
||||
# Restart all containers
|
||||
echo "Restarting containers..."
|
||||
for container in $(lxc list -c n --format csv); do
|
||||
echo "Restarting $container..."
|
||||
lxc restart "$container"
|
||||
done
|
||||
|
||||
# Verify configuration
|
||||
echo "Verifying limits..."
|
||||
for container in $(lxc list -c n --format csv); do
|
||||
echo "--- $container ---"
|
||||
lxc config show "$container" | grep -E "memory|cpu"
|
||||
done
|
||||
|
|
@ -0,0 +1,95 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Fixed container name
|
||||
CONTAINER_NAME="table-editor"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Database configuration
|
||||
PARAM_TABLES_HOST = PARAM_TABLES_HOST="10.16.164.45"
|
||||
PARAM_TABLES_PORT = PARAM_TABLES_PORT=4444
|
||||
PARAM_TABLES_USER = PARAM_TABLES_USER="postgres"
|
||||
PARAM_TABLES_PASSWORD = PARAM_TABLES_PASSWORD="67a690df"
|
||||
|
||||
|
||||
# Port configuration
|
||||
TABLE_EDITOR_PORT="5757"
|
||||
|
||||
# Paths
|
||||
HOST_BASE="/opt/gbo/tenants/table-editor"
|
||||
HOST_DATA="$HOST_BASE/data"
|
||||
HOST_CONF="$HOST_BASE/conf"
|
||||
HOST_LOGS="$HOST_BASE/logs"
|
||||
BIN_PATH="/opt/gbo/bin"
|
||||
|
||||
# Create host directories
|
||||
mkdir -p "$HOST_DATA" "$HOST_CONF" "$HOST_LOGS"
|
||||
chmod -R 750 "$HOST_BASE"
|
||||
|
||||
# Launch container
|
||||
lxc launch images:debian/12 "$CONTAINER_NAME" -c security.privileged=true
|
||||
|
||||
# Wait for container to be ready
|
||||
sleep 10
|
||||
|
||||
# Container setup
|
||||
lxc exec "$CONTAINER_NAME" -- bash -c "
|
||||
useradd --system --no-create-home --shell /bin/false gbuser
|
||||
apt-get update
|
||||
apt-get install -y wget curl
|
||||
|
||||
# Create directories
|
||||
mkdir -p \"$BIN_PATH\" /opt/gbo/data /opt/gbo/conf /opt/gbo/logs
|
||||
|
||||
# Download and install NocoDB binary
|
||||
cd \"$BIN_PATH\"
|
||||
curl http://get.nocodb.com/linux-x64 -o nocodb -L
|
||||
chmod +x nocodb
|
||||
|
||||
|
||||
# Set permissions
|
||||
TE_UID=$(lxc exec "$CONTAINER_NAME" -- id -u gbuser)
|
||||
TE_GID=$(lxc exec "$CONTAINER_NAME" -- id -g gbuser)
|
||||
HOST_TE_UID=$((100000 + TE_UID))
|
||||
HOST_TE_GID=$((100000 + TE_GID))
|
||||
chown -R "$HOST_TE_UID:$HOST_TE_GID" "$HOST_BASE"
|
||||
|
||||
# Add directory mappings
|
||||
lxc config device add "$CONTAINER_NAME" tedata disk source="$HOST_DATA" path=/opt/gbo/data
|
||||
lxc config device add "$CONTAINER_NAME" teconf disk source="$HOST_CONF" path=/opt/gbo/conf
|
||||
lxc config device add "$CONTAINER_NAME" telogs disk source="$HOST_LOGS" path=/opt/gbo/logs
|
||||
|
||||
# Create systemd service
|
||||
lxc exec "$CONTAINER_NAME" -- bash -c "
|
||||
cat > /etc/systemd/system/table-editor.service <<EOF
|
||||
[Unit]
|
||||
Description=NocoDB Table Editor
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=gbuser
|
||||
Group=gbuser
|
||||
WorkingDirectory=$BIN_PATH
|
||||
Environment=NC_PORT=${PARAM_TABLE_EDITOR_PORT}
|
||||
Environment=NC_DB=pg://${PARAM_TABLES_HOST}:${PARAM_TABLES_PORT}?u=${PARAM_TABLES_USER}&p=${PARAM_TABLES_PASSWORD}&d=${PARAM_TABLE_EDITOR_DATABASE}
|
||||
EnvironmentFile=/opt/gbo/conf/nocodb.env
|
||||
ExecStart=$BIN_PATH/nocodb
|
||||
Restart=always
|
||||
StandardOutput=append:/opt/gbo/logs/out.log
|
||||
StandardError=append:/opt/gbo/logs/err.log
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
|
||||
systemctl daemon-reload
|
||||
systemctl enable table-editor
|
||||
systemctl start table-editor
|
||||
"
|
||||
|
||||
# Expose the NocoDB port
|
||||
lxc config device add "$CONTAINER_NAME" http proxy listen=tcp:0.0.0.0:$TABLE_EDITOR_PORT connect=tcp:127.0.0.1:$TABLE_EDITOR_PORT
|
||||
Loading…
Add table
Reference in a new issue