diff --git a/.gitmodules b/.gitmodules index a96849a93..e2d357619 100644 --- a/.gitmodules +++ b/.gitmodules @@ -13,3 +13,7 @@ [submodule "openslides-autoupdate-service"] path = openslides-autoupdate-service url = git@github.com:OpenSlides/openslides-autoupdate-service.git +[submodule "openslides-auth-service"] + path = openslides-auth-service + url = git@github.com:OpenSlides/openslides-auth-service.git + branch = master diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index 54ac8ea68..eb99c1bca 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -1,34 +1,38 @@ -version: '3' +version: "3" services: - datastore-reader: - image: openslides-datastore-reader-dev - volumes: - - ./openslides-datastore-service/shared/shared:/app/shared - - ./openslides-datastore-service/reader/reader:/app/reader - datastore-writer: - image: openslides-datastore-writer-dev - volumes: - - ./openslides-datastore-service/shared/shared:/app/shared - - ./openslides-datastore-service/writer/writer:/app/writer - - ./openslides-datastore-service/cli:/app/cli - environment: - - DATASTORE_ENABLE_DEV_ENVIRONMENT=1 - - COMMAND=create_initial_data - - DATASTORE_INITIAL_DATA_FILE=https://raw.githubusercontent.com/OpenSlides/OpenSlides/openslides4-dev/docs/example-data.json - client: - image: openslides-client-dev - volumes: - - ./openslides-client/client/src:/app/src - backend: - image: openslides-backend-dev - volumes: - - ./openslides-backend/openslides_backend:/srv/code/openslides_backend - autoupdate: - image: openslides-autoupdate-dev - volumes: - - ./openslides-autoupdate-service/cmd:/root/cmd - - ./openslides-autoupdate-service/internal:/root/internal - haproxy: - image: openslides-haproxy-dev - volumes: - - ./haproxy/src:/usr/local/etc/haproxy \ No newline at end of file + datastore-reader: + image: openslides-datastore-reader-dev + volumes: + - ./openslides-datastore-service/shared/shared:/app/shared + - ./openslides-datastore-service/reader/reader:/app/reader + datastore-writer: + image: openslides-datastore-writer-dev + volumes: + - ./openslides-datastore-service/shared/shared:/app/shared + - ./openslides-datastore-service/writer/writer:/app/writer + - ./openslides-datastore-service/cli:/app/cli + environment: + - DATASTORE_ENABLE_DEV_ENVIRONMENT=1 + - COMMAND=create_initial_data + - DATASTORE_INITIAL_DATA_FILE=https://raw.githubusercontent.com/OpenSlides/OpenSlides/openslides4-dev/docs/example-data.json + client: + image: openslides-client-dev + volumes: + - ./openslides-client/client/src:/app/src + backend: + image: openslides-backend-dev + volumes: + - ./openslides-backend/openslides_backend:/srv/code/openslides_backend + autoupdate: + image: openslides-autoupdate-dev + volumes: + - ./openslides-autoupdate-service/cmd:/root/cmd + - ./openslides-autoupdate-service/internal:/root/internal + auth: + image: openslides-auth-dev + volumes: + - ./openslides-auth-service/auth:/app/auth + haproxy: + image: openslides-haproxy-dev + volumes: + - ./haproxy/src:/usr/local/etc/haproxy diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index 8327e75eb..f5084faf9 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -1,74 +1,92 @@ -version: '3' +version: "3" services: - datastore-reader: - build: - context: "https://github.com/OpenSlides/openslides-datastore-service.git" - args: - GIT_CHECKOUT: "${OPENSLIDES_DATASTORE_SERVICE_COMMIT_HASH}" - MODULE: "reader" - PORT: "${OPENSLIDES_DATASTORE_READER_PORT}" - image: openslides-datastore-reader - networks: - - backend - - datastore-postgresql + datastore-reader: + build: + context: "https://github.com/OpenSlides/openslides-datastore-service.git" + args: + GIT_CHECKOUT: "${OPENSLIDES_DATASTORE_SERVICE_COMMIT_HASH}" + MODULE: "reader" + PORT: "${OPENSLIDES_DATASTORE_READER_PORT}" + image: openslides-datastore-reader + networks: + - backend + - datastore-reader + - datastore-postgresql - datastore-writer: - build: - context: "https://github.com/OpenSlides/openslides-datastore-service.git" - args: - GIT_CHECKOUT: "${OPENSLIDES_DATASTORE_SERVICE_COMMIT_HASH}" - MODULE: "writer" - PORT: "${OPENSLIDES_DATASTORE_WRITER_PORT}" - image: openslides-datastore-writer - networks: - - backend - - datastore-postgresql - - message-bus + datastore-writer: + build: + context: "https://github.com/OpenSlides/openslides-datastore-service.git" + args: + GIT_CHECKOUT: "${OPENSLIDES_DATASTORE_SERVICE_COMMIT_HASH}" + MODULE: "writer" + PORT: "${OPENSLIDES_DATASTORE_WRITER_PORT}" + image: openslides-datastore-writer + networks: + - backend + - datastore-postgresql + - message-bus - datastore-postgresql: - networks: - - datastore-postgresql + datastore-postgresql: + networks: + - datastore-postgresql - client: - build: - context: "https://github.com/OpenSlides/openslides-client.git" - args: - GIT_CHECKOUT: "${OPENSLIDES_CLIENT_COMMIT_HASH}" - image: openslides-client - networks: - - frontend + client: + build: + context: "https://github.com/OpenSlides/openslides-client.git" + args: + GIT_CHECKOUT: "${OPENSLIDES_CLIENT_COMMIT_HASH}" + image: openslides-client + networks: + - frontend - backend: - networks: - - frontend - - backend + backend: + networks: + - frontend + - backend - autoupdate: - networks: - - frontend - - backend - - message-bus + autoupdate: + networks: + - frontend + - backend + - message-bus - message-bus: - networks: - - message-bus + auth: + build: + context: "https://github.com/OpenSlides/openslides-auth-service.git" + args: + GIT_CHECKOUT: "${OPENSLDIES_AUTH_SERVICE_COMMIT_HASH}" + PORT: "${OPENSLDIES_AUTH_SERVICE_PORT}" + image: openslides-auth + networks: + - datastore-reader + - auth + cache: + networks: + - auth + message-bus: + networks: + - message-bus - haproxy: - build: ./haproxy - image: openslides-haproxy - networks: - - uplink - - frontend + haproxy: + build: ./haproxy + image: openslides-haproxy + networks: + - uplink + - frontend # Setup: host <-uplink-> haproxy <-frontend-> services that are reachable from the client <-backend-> services that are internal-only # There are special networks for some services only, e.g. datastore-postgresql only for the postgresql, datastore reader and datastore writer networks: - uplink: - frontend: - internal: true - backend: - internal: true - datastore-postgresql: - internal: true - message-bus: - internal: true \ No newline at end of file + uplink: + frontend: + internal: true + backend: + internal: true + datastore-postgresql: + internal: true + datastore-reader: + internal: true + message-bus: + internal: true + auth: + internal: true diff --git a/docker-compose.yml b/docker-compose.yml index 4ece8dc11..1bdfdf5c6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,55 +1,64 @@ -version: '3' +version: "3" services: - # DATASTORE SECTION - datastore-reader: - depends_on: - - datastore-postgresql - env_file: services.env - environment: - - NUM_WORKERS=8 - datastore-writer: - depends_on: - - datastore-postgresql - - message-bus - env_file: services.env - datastore-postgresql: - image: sameersbn/postgresql:10 - labels: - org.openslides.role: "postgres" - environment: - - DB_USER=openslides - - DB_PASS=openslides - - DB_NAME=openslides - - # CLIENT - client: - depends_on: - - backend - - autoupdate + # DATASTORE SECTION + datastore-reader: + depends_on: + - datastore-postgresql + env_file: services.env + environment: + - NUM_WORKERS=8 + datastore-writer: + depends_on: + - datastore-postgresql + - message-bus + env_file: services.env + datastore-postgresql: + image: sameersbn/postgresql:10 + labels: + org.openslides.role: "postgres" + environment: + - DB_USER=openslides + - DB_PASS=openslides + - DB_NAME=openslides - # BACKEND - backend: - depends_on: - - datastore-reader - - datastore-writer - env_file: services.env + # CLIENT + client: + depends_on: + - backend + - autoupdate - # AUTOUPDATE - autoupdate: - depends_on: - - datastore-reader - - message-bus - env_file: services.env + # BACKEND + backend: + depends_on: + - datastore-reader + - datastore-writer + env_file: services.env - # SHARED - message-bus: - image: redis:alpine + # AUTOUPDATE + autoupdate: + depends_on: + - datastore-reader + - message-bus + env_file: services.env - # UPLINK - haproxy: - depends_on: - - client - - backend - - autoupdate - ports: - - "8000:8000" + # AUTH + auth: + depends_on: + - datastore-reader + - cache + env_file: services.env + cache: + image: redis:alpine + + # SHARED + message-bus: + image: redis:alpine + + # UPLINK + haproxy: + depends_on: + - client + - backend + - autoupdate + ports: + - "8000:8000" diff --git a/haproxy/src/haproxy.cfg b/haproxy/src/haproxy.cfg index 8e991d65e..3c1862444 100644 --- a/haproxy/src/haproxy.cfg +++ b/haproxy/src/haproxy.cfg @@ -16,6 +16,9 @@ frontend http acl autoupdate path_beg -i /system/autoupdate use_backend backend_autoupdate if autoupdate + acl auth path_beg -i /system/auth + use_backend backend_auth if auth + stats enable stats uri /stats stats refresh 10s @@ -41,3 +44,9 @@ backend backend_autoupdate server autoupdate autoupdate:9012 resolvers docker_resolver check timeout connect 60s timeout server 60s + +backend backend_auth + mode http + server auth auth:9004 resolvers docker_resolver check + timeout connect 60s + timeout server 60s \ No newline at end of file diff --git a/openslides-auth-service b/openslides-auth-service new file mode 160000 index 000000000..7258d3f3b --- /dev/null +++ b/openslides-auth-service @@ -0,0 +1 @@ +Subproject commit 7258d3f3b581d4dc57c2a25c656e5caa73dd03fc diff --git a/services.env b/services.env index 71a00f2ac..846f2214f 100644 --- a/services.env +++ b/services.env @@ -11,4 +11,9 @@ DATASTORE_DATABASE_HOST=datastore-postgresql ACTION_HOST=backend ACTION_PORT=9002 PRESENTER_HOST=backend -PRESENTER_PORT=9003 \ No newline at end of file +PRESENTER_PORT=9003 + +AUTH_HOST=auth +AUTH_PORT=9004 +CACHE_HOST=cache +CACHE_PORT=6379 \ No newline at end of file