malhuda/jikan-rest
1
0
Fork 0
mirror of https://github.com/jikan-me/jikan-rest.git synced 2025-02-20 11:23:35 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fixed mongodb setup

Browse Source
This commit is contained in:
pushrbx 2023-10-24 23:10:14 +01:00
parent 201883d987
commit 7b6a0c6d25
5 changed files with 70 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -18,6 +18,8 @@ composer.phar
.DS_Store .DS_Store
*.cache *.cache
db_username.txt db_username.txt
db_admin_username.txt
db_password.txt db_password.txt
db_admin_password.txt
redis_password.txt redis_password.txt
typesense_api_key.txt typesense_api_key.txt

33
container-setup.sh
View File

@ -3,7 +3,12 @@
_JIKAN_API_VERSION=v4.0.0 _JIKAN_API_VERSION=v4.0.0
SUBSTITUTE_VERSION=$_JIKAN_API_VERSION SUBSTITUTE_VERSION=$_JIKAN_API_VERSION
if [ -x "$(command -v git)" ]; then if [ -x "$(command -v git)" ]; then
git symbolic-ref HEAD &> /dev/null
if [ $? -ne 0 ]; then
SUBSTITUTE_VERSION=$(git describe --tags)
else
SUBSTITUTE_VERSION=$(git describe --tags | sed -e "s/-[a-z0-9]\{8\}/-$(git rev-parse --short HEAD)/g") SUBSTITUTE_VERSION=$(git describe --tags | sed -e "s/-[a-z0-9]\{8\}/-$(git rev-parse --short HEAD)/g")
fi
fi fi
export _JIKAN_API_VERSION=${JIKAN_API_VERSION:-$SUBSTITUTE_VERSION} export _JIKAN_API_VERSION=${JIKAN_API_VERSION:-$SUBSTITUTE_VERSION}
@ -76,7 +81,29 @@ build_image() {
} }
ensure_secrets() { ensure_secrets() {
declare -a secrets=("db_password" "db_username" "redis_password" "typesense_api_key") declare -a secrets=("db_password" "db_admin_password" "redis_password" "typesense_api_key")
if [ ! -f "db_username.txt" ]; then
echo "db_username.txt not found, please provide a db_username [default is jikan]:"
read -r db_username
if [ -z "$db_username" ]; then
db_username="jikan"
fi
echo -n "$db_username" > "db_username.txt"
else
echo -e "db_username.txt found, using it's value. \xE2\x9C\x94"
fi
if [ ! -f "db_admin_username.txt" ]; then
echo "db_admin_username.txt not found, please provide a db_admin_username [default is jikan_admin]:"
read -r db_admin_username
if [ -z "$db_admin_username" ]; then
db_admin_username="jikan_admin"
fi
echo -n "$db_admin_username" > "db_admin_username.txt"
else
echo -e "db_admin_username.txt found, using it's value. \xE2\x9C\x94"
fi
for secret_name in "${secrets[@]}" for secret_name in "${secrets[@]}"
do do
@ -84,7 +111,7 @@ ensure_secrets() {
if [ "$secret_name" == "db_username" ]; then if [ "$secret_name" == "db_username" ]; then
generated_secret="jikan" generated_secret="jikan"
else else
generated_secret=$(LC_ALL=c tr -dc 'A-Za-z0-9!"#$%&'\''()*+,-./:;<=>?@[\]^_{|}~' </dev/urandom | head -c 16 ; echo) generated_secret=$(LC_ALL=c tr -dc 'A-Za-z0-9!'\''()*+,-;<=>_' </dev/urandom | head -c 16 ; echo)
fi fi
echo "$secret_name.txt not found, please provide a $secret_name [default is $generated_secret]:" echo "$secret_name.txt not found, please provide a $secret_name [default is $generated_secret]:"
# prompt for secret and save it in file # prompt for secret and save it in file
@ -92,7 +119,7 @@ ensure_secrets() {
if [ -z "$secret_value" ]; then if [ -z "$secret_value" ]; then
secret_value=$generated_secret secret_value=$generated_secret
fi fi
echo "$secret_value" > "$secret_name.txt" echo -n "$secret_value" > "$secret_name.txt"
else else
echo -e "$secret_name.txt found, using it's value. \xE2\x9C\x94" echo -e "$secret_name.txt found, using it's value. \xE2\x9C\x94"
fi fi

20
docker-compose.yml
View File

@ -12,6 +12,10 @@ secrets:
file: db_username.txt file: db_username.txt
db_password: db_password:
file: db_password.txt file: db_password.txt
db_admin_username:
file: db_admin_username.txt
db_admin_password:
file: db_admin_password.txt
redis_password: redis_password:
file: redis_password.txt file: redis_password.txt
typesense_api_key: typesense_api_key:
@ -40,9 +44,9 @@ services:
interval: 2s interval: 2s
timeout: 2s timeout: 2s
links: links:
- mongodb - mongodb:mongodb
- redis - redis:redis
- typesense - typesense:typesense
depends_on: depends_on:
mongodb: { condition: service_healthy } mongodb: { condition: service_healthy }
redis: { condition: service_healthy } redis: { condition: service_healthy }
@ -53,17 +57,21 @@ services:
hostname: mongodb hostname: mongodb
volumes: volumes:
- mongo-data:/data/db - mongo-data:/data/db
- ./docker/mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
ports: ports:
- '27017/tcp' - 27017/tcp
command: "--wiredTigerCacheSizeGB ${MONGO_CACHE_SIZE_GB:-1.0}" command: "--wiredTigerCacheSizeGB ${MONGO_CACHE_SIZE_GB:-1.0}"
networks: networks:
- jikan_network - jikan_network
secrets: secrets:
- db_username - db_username
- db_password - db_password
- db_admin_username
- db_admin_password
environment: environment:
MONGO_INITDB_ROOT_USERNAME_FILE: /run/secrets/db_username MONGO_INITDB_ROOT_USERNAME_FILE: /run/secrets/db_admin_username
MONGO_INITDB_ROOT_PASSWORD_FILE: /run/secrets/db_password MONGO_INITDB_ROOT_PASSWORD_FILE: /run/secrets/db_admin_password
MONGO_INITDB_DATABASE: jikan_admin
healthcheck: healthcheck:
test: echo 'db.runCommand("ping").ok' | mongosh mongodb://localhost:27017 --quiet test: echo 'db.runCommand("ping").ok' | mongosh mongodb://localhost:27017 --quiet
interval: 30s interval: 30s

7
docker-entrypoint.php
View File

@ -19,6 +19,8 @@ $safe_defaults = [
"DB_PASSWORD" => "" "DB_PASSWORD" => ""
]; ];
// get a copy of the current env vars.
// these are the ones that are set during the container creation
$current_env = $_ENV; $current_env = $_ENV;
if (!file_exists(".env")) { if (!file_exists(".env")) {
@ -34,6 +36,8 @@ if (!file_exists(".env")) {
// We'd like to support Container secrets. So we'll check if any of the env vars has a __FILE suffix // We'd like to support Container secrets. So we'll check if any of the env vars has a __FILE suffix
// then we'll try to load the file and set the env var to the contents of the file. // then we'll try to load the file and set the env var to the contents of the file.
// https://docs.docker.com/engine/swarm/secrets/ // https://docs.docker.com/engine/swarm/secrets/
// Additionally we need to write the secrets to the .env file so the workers in roadrunner can access them.
// (it might just pass down the global env vars, but haven't tested that yet)
$envWriter = new \MirazMac\DotEnv\Writer(__DIR__ . '/' . '.env'); $envWriter = new \MirazMac\DotEnv\Writer(__DIR__ . '/' . '.env');
$itemsWritten = 0; $itemsWritten = 0;
foreach (array_keys($current_env) as $env_key) { foreach (array_keys($current_env) as $env_key) {
@ -45,7 +49,8 @@ foreach (array_keys($current_env) as $env_key) {
continue; continue;
} }
$originalKey = str_replace("__FILE", "", $env_key); $originalKey = str_replace("__FILE", "", $env_key);
$envWriter->set($originalKey, file_get_contents($current_env[$env_key])); $secretsFileContents = file_get_contents($current_env[$env_key]);
$envWriter->set($originalKey, str_replace(["\n", "\r"], "", $secretsFileContents));
$itemsWritten++; $itemsWritten++;
} }

17
docker/mongo-init.js Normal file
View File

@ -0,0 +1,17 @@
const userToCreate = fs.readFileSync('/run/secrets/db_username', 'utf8');
const userPassword = fs.readFileSync('/run/secrets/db_password', 'utf8');
db = db.getSiblingDB("admin");
db.createUser({
user: userToCreate,
pwd: userPassword,
roles: [{ role: "readWrite", db: "jikan" }],
});
db = db.getSiblingDB("jikan");
db.createUser({
user: userToCreate,
pwd: userPassword,
roles: [{ role: "readWrite", db: "jikan" }],
});