Merge branch 'master' of http://git.choozmo.com:3000/ai-anchor/video-maker

cloud-docker-stack.yml

@@ -0,0 +1,142 @@
+networks:
+  traefik-public:
+    external: true
+services:
+  backend:
+    build:
+      args:
+        INSTALL_DEV: "true"
+        INSTALL_JUPYTER: "false"
+      context: /root/video-maker/backend
+      dockerfile: backend.dockerfile
+    command: /start-reload.sh
+    deploy:
+      labels:
+        traefik.constraint-label-stack: cloud.choozmo.com
+        traefik.enable: "true"
+        traefik.http.routers.ai-anchor-com-backend-http.rule: PathPrefix(`/api`) ||
+          PathPrefix(`/docs`) || PathPrefix(`/redoc`)
+        traefik.http.services.ai-anchor-com-backend.loadbalancer.server.port: '80'
+    environment:
+      BACKEND_CORS_ORIGINS: '["https://cloud.choozmo:8080", "http://cloud.choozmo.com:8080",
+        "https://cloud.choozmo.com", "http://cloud.choozmo.com","http://172.105.219.42",
+        "http://local.ai-anchor.com:5173", "http://local.ai-anchor.com:8080", "http://localhost",
+        "http://localhost:4200", "http://localhost:3000", "http://localhost:5173",
+        "http://localhost:8080", "https://localhost", "https://localhost:4200", "https://localhost:3000",
+        "https://localhost:8080", "http://dev.ai-anchor.com:3000", "http://dev.ai-anchor.com:5173",
+        "http://dev.ai-anchor.com:8080", "https://stag.ai-anchor.com", "https://ai-anchor.com",
+        "http://local.dockertoolbox.tiangolo.com", "http://localhost.tiangolo.com"]'
+      BACKEND_VIDEO_STORAGE: backend_storage/videos
+      BACKEND_ZIP_STORAGE: backend_storage/zips
+      CELERY_VIDEO_STORAGE: celery_storage/videos
+      CELERY_ZIP_STORAGE: celery_storage/zips
+      DOCKER_IMAGE_BACKEND: backend
+      DOCKER_IMAGE_CELERYWORKER: gpuceleryworker
+      DOCKER_IMAGE_FRONTEND: frontend
+      DOMAIN: cloud.choozmo.com:8080
+      EMAILS_FROM_EMAIL: info@ai-anchor.com
+      FIRST_SUPERUSER: admin@ai-anchor.com
+      FIRST_SUPERUSER_PASSWORD: password
+      FLOWER_BASIC_AUTH: admin:password
+      LOCAL_VIDEO_STORAGE: local_storage/videos
+      LOCAL_ZIP_STORAGE: local_storage/zips
+      MEMBERSHIP_STATUS: '["normal", "infinite"]'
+      PGADMIN_DEFAULT_EMAIL: admin@ai-anchor.com
+      PGADMIN_DEFAULT_PASSWORD: password
+      PGADMIN_LISTEN_PORT: '5050'
+      POSTGRES_DB: app
+      POSTGRES_PASSWORD: password
+      POSTGRES_SERVER: db
+      POSTGRES_USER: postgres
+      PROGRESS_STATE: '["waiting", "processing", "completed", "failed"]'
+      PROJECT_NAME: AI anchor
+      SECRET_KEY: 1df1f2180c7b2550e76a8ccf5e67a76e5321d8c2d3fee4a725f8b80baf9a0c91
+      SENTRY_DSN: ''
+      SERVER_ADDRESS: http://localhost
+      SERVER_HOST: http://cloud.choozmo.com
+      SERVER_NAME: cloud.choozmo.com
+      SMTP_HOST: smtp.gmail.com
+      SMTP_PASSWORD: hlmaxzjnvpeaulhw
+      SMTP_PORT: '587'
+      SMTP_TLS: "True"
+      SMTP_USER: verify@choozmo.com
+      STACK_NAME: ai-anchor-com
+      TRAEFIK_PUBLIC_NETWORK: traefik-public
+      TRAEFIK_PUBLIC_TAG: traefik-public
+      TRAEFIK_TAG: ai-anchor.com
+      USERS_OPEN_REGISTRATION: "True"
+    image: backend:cloud
+    labels:
+      traefik.constraint-label-stack: cloud.choozmo.com
+      traefik.enable: "true"
+      traefik.http.routers.ai-anchor-com-backend-http.rule: PathPrefix(`/api`) ||
+        PathPrefix(`/docs`) || PathPrefix(`/redoc`)
+      traefik.http.services.ai-anchor-com-backend.loadbalancer.server.port: '80'
+    volumes:
+    - /root/video-maker/backend/app:/app:rw
+    - /backend_storage/videos:/app/backend_storage/videos:rw
+    - /backend_storage/zips:/app/backend_storage/zips:rw
+  frontend:
+    build:
+      args:
+        FRONTEND_ENV: dev
+      context: /root/video-maker/frontend
+    deploy:
+      labels:
+        traefik.constraint-label-stack: cloud.choozmo.com
+        traefik.enable: "true"
+        traefik.http.routers.ai-anchor-com-frontend-http.rule: PathPrefix(`/`)
+        traefik.http.services.ai-anchor-com-frontend.loadbalancer.server.port: '80'
+    image: frontend:cloud
+    labels:
+      traefik.constraint-label-stack: cloud.choozmo.com
+      traefik.enable: "true"
+      traefik.http.routers.ai-anchor-com-frontend-http.rule: PathPrefix(`/`)
+      traefik.http.services.ai-anchor-com-frontend.loadbalancer.server.port: '80'
+  proxy:
+    command:
+    - --providers.docker
+    - --providers.docker.constraints=Label(`traefik.constraint-label-stack`, `cloud.choozmo.com`)
+    - --providers.docker.exposedbydefault=false
+    - --accesslog
+    - --log
+    - --api
+    - --api.insecure=true
+    deploy:
+      labels:
+        traefik.constraint-label: traefik-public
+        traefik.docker.network: traefik-public
+        traefik.enable: "true"
+        traefik.http.middlewares.ai-anchor-com-https-redirect.redirectscheme.permanent: "true"
+        traefik.http.middlewares.ai-anchor-com-https-redirect.redirectscheme.scheme: https
+        traefik.http.middlewares.ai-anchor-com-www-redirect.redirectregex.regex: ^https?://(www.)?(cloud.choozmo.com)/(.*)
+        traefik.http.middlewares.ai-anchor-com-www-redirect.redirectregex.replacement: https://cloud.choozmo.com/$${3}
+        traefik.http.routers.ai-anchor-com-proxy-http.entrypoints: http
+        traefik.http.routers.ai-anchor-com-proxy-http.middlewares: ai-anchor-com-www-redirect,ai-anchor-com-https-redirect
+        traefik.http.routers.ai-anchor-com-proxy-http.rule: Host(`cloud.choozmo.com`)
+          || Host(`www.cloud.choozmo.com`)
+        traefik.http.routers.ai-anchor-com-proxy-https.entrypoints: https
+        traefik.http.routers.ai-anchor-com-proxy-https.middlewares: ai-anchor-com-www-redirect
+        traefik.http.routers.ai-anchor-com-proxy-https.rule: Host(`cloud.choozmo.com`)
+          || Host(`www.cloud.choozmo.com`)
+        traefik.http.routers.ai-anchor-com-proxy-https.tls: "true"
+        traefik.http.routers.ai-anchor-com-proxy-https.tls.certresolver: le
+        traefik.http.services.ai-anchor-com-proxy.loadbalancer.server.port: '80'
+      placement:
+        constraints:
+        - node.role == manager
+    image: traefik:v2.9
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.ai-anchor-com-traefik-public-http.rule: Host(`cloud.choozmo.com`)
+      traefik.http.services.ai-anchor-com-traefik-public.loadbalancer.server.port: '80'
+    networks:
+      default: {}
+      traefik-public: {}
+    ports:
+    - published: 80
+      target: 80
+    volumes:
+    - /var/run/docker.sock:/var/run/docker.sock:rw
+version: '3.3'
+

frontend/src/api.ts

@@ -69,6 +69,6 @@ export const api = {
     return axios.get<Video[]>(`${apiUrl}/api/v1/videos/`, authHeaders(token));
   },
   async googleLogin(access_token: string){
-    return axios.post(`${apiUrl}/api/v1/login/google/access-token/${access_token}`, )
+    return axios.post(`${apiUrl}/api/v1/login/google/access-token/${access_token}`)
   },
-};
+};

scripts/cloud-build.sh

@@ -0,0 +1,11 @@
+#! /usr/bin/env sh
+
+# Exit in case of error
+set -e
+
+TAG=cloud \
+FRONTEND_ENV=staging-production \
+docker-compose \
+-f cloud-docker-compose.yml \
+-f cloud-docker-compose.override.yml \
+build

scripts/cloud-deploy.sh

@@ -3,10 +3,10 @@
 # Exit in case of error
 set -e
 
-DOMAIN=${DOMAIN?Variable not set} \
-TRAEFIK_TAG=${TRAEFIK_TAG?Variable not set} \
-STACK_NAME=${STACK_NAME?Variable not set} \
-TAG=${TAG?Variable not set} \
+DOMAIN=cloud.choozmo.com \
+TRAEFIK_TAG=cloud.choozmo.com \
+STACK_NAME=ai-anchor-com \
+TAG=cloud \
 docker-compose \
 -f cloud-docker-compose.yml \
 -f cloud-docker-compose.override.yml \
@@ -14,4 +14,4 @@ config > cloud-docker-stack.yml
 
 docker-auto-labels cloud-docker-stack.yml
 
-# docker stack deploy -c cloud-docker-stack.yml --with-registry-auth "${STACK_NAME?Variable not set}"
+docker stack deploy -c cloud-docker-stack.yml --with-registry-auth "ai-anchor-com"

traefik.yml

@@ -0,0 +1,98 @@
+version: '3.3'
+
+services:
+
+  traefik:
+    # Use the latest v2.2.x Traefik image available
+    image: traefik:v2.2
+    ports:
+      # Listen on port 80, default for HTTP, necessary to redirect to HTTPS
+      - 8080:80
+      # Listen on port 443, default for HTTPS
+      - 443:443
+    deploy:
+      placement:
+        constraints:
+          # Make the traefik service run only on the node with this label
+          # as the node with it has the volume for the certificates
+          - node.labels.traefik-public.traefik-public-certificates == true
+      labels:
+        # Enable Traefik for this service, to make it available in the public network
+        - traefik.enable=true
+        # Use the traefik-public network (declared below)
+        - traefik.docker.network=traefik-public
+        # Use the custom label "traefik.constraint-label=traefik-public"
+        # This public Traefik will only use services with this label
+        # That way you can add other internal Traefik instances per stack if needed
+        - traefik.constraint-label=traefik-public
+        # admin-auth middleware with HTTP Basic auth
+        # Using the environment variables USERNAME and HASHED_PASSWORD
+        - traefik.http.middlewares.admin-auth.basicauth.users=${USERNAME?Variable not set}:${HASHED_PASSWORD?Variable not set}
+        # https-redirect middleware to redirect HTTP to HTTPS
+        # It can be re-used by other stacks in other Docker Compose files
+        - traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
+        - traefik.http.middlewares.https-redirect.redirectscheme.permanent=true
+        # traefik-http set up only to use the middleware to redirect to https
+        # Uses the environment variable DOMAIN
+        - traefik.http.routers.traefik-public-http.rule=Host(`${DOMAIN?Variable not set}`)
+        - traefik.http.routers.traefik-public-http.entrypoints=http
+        - traefik.http.routers.traefik-public-http.middlewares=https-redirect
+        # traefik-https the actual router using HTTPS
+        # Uses the environment variable DOMAIN
+        - traefik.http.routers.traefik-public-https.rule=Host(`${DOMAIN?Variable not set}`)
+        - traefik.http.routers.traefik-public-https.entrypoints=https
+        - traefik.http.routers.traefik-public-https.tls=true
+        # Use the special Traefik service api@internal with the web UI/Dashboard
+        - traefik.http.routers.traefik-public-https.service=api@internal
+        # Use the "le" (Let's Encrypt) resolver created below
+        - traefik.http.routers.traefik-public-https.tls.certresolver=le
+        # Enable HTTP Basic auth, using the middleware created above
+        - traefik.http.routers.traefik-public-https.middlewares=admin-auth
+        # Define the port inside of the Docker service to use
+        - traefik.http.services.traefik-public.loadbalancer.server.port=8080
+    volumes:
+      # Add Docker as a mounted volume, so that Traefik can read the labels of other services
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      # Mount the volume to store the certificates
+      - traefik-public-certificates:/certificates
+    command:
+      # Enable Docker in Traefik, so that it reads labels from Docker services
+      - --providers.docker
+      # Add a constraint to only use services with the label "traefik.constraint-label=traefik-public"
+      - --providers.docker.constraints=Label(`traefik.constraint-label`, `traefik-public`)
+      # Do not expose all Docker services, only the ones explicitly exposed
+      - --providers.docker.exposedbydefault=false
+      # Enable Docker Swarm mode
+      - --providers.docker.swarmmode
+      # Create an entrypoint "http" listening on port 80
+      - --entrypoints.http.address=:80
+      # Create an entrypoint "https" listening on port 443
+      - --entrypoints.https.address=:443
+      # Create the certificate resolver "le" for Let's Encrypt, uses the environment variable EMAIL
+      - --certificatesresolvers.le.acme.email=${EMAIL?Variable not set}
+      # Store the Let's Encrypt certificates in the mounted volume
+      - --certificatesresolvers.le.acme.storage=/certificates/acme.json
+      # Use the TLS Challenge for Let's Encrypt
+      - --certificatesresolvers.le.acme.tlschallenge=true
+      # Enable the access log, with HTTP requests
+      - --accesslog
+      # Enable the Traefik log, for configurations and errors
+      - --log
+      # Enable the Dashboard and API
+      - --api
+    networks:
+      # Use the public network created to be shared between Traefik and
+      # any other service that needs to be publicly available with HTTPS
+      - traefik-public
+
+volumes:
+  # Create a volume to store the certificates, there is a constraint to make sure
+  # Traefik is always deployed to the same Docker node with the same volume containing
+  # the HTTPS certificates
+  traefik-public-certificates:
+
+networks:
+  # Use the previously created public network "traefik-public", shared with other
+  # services that need to be publicly available via this Traefik
+  traefik-public:
+    external: true