From c6c103c3dd224101db606b5e2904c7262480dabf Mon Sep 17 00:00:00 2001 From: Ole-Morten Date: Wed, 9 Apr 2025 11:29:55 +0200 Subject: [PATCH 01/10] Rename hub/documentation/operations/files/docker-compose.yaml to hub/documentation/operations/files/standard/docker-compose.yaml --- .../operations/files/{ => standard}/docker-compose.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename hub/documentation/operations/files/{ => standard}/docker-compose.yaml (100%) diff --git a/hub/documentation/operations/files/docker-compose.yaml b/hub/documentation/operations/files/standard/docker-compose.yaml similarity index 100% rename from hub/documentation/operations/files/docker-compose.yaml rename to hub/documentation/operations/files/standard/docker-compose.yaml From 561b8a9294175856f8c605681c07659672615d19 Mon Sep 17 00:00:00 2001 From: Ole-Morten Date: Wed, 9 Apr 2025 11:32:00 +0200 Subject: [PATCH 02/10] Create docker-compose.yaml --- .../files/selfcert/docker-compose.yaml | 96 +++++++++++++++++++ 1 file changed, 96 insertions(+) create mode 100644 hub/documentation/operations/files/selfcert/docker-compose.yaml diff --git a/hub/documentation/operations/files/selfcert/docker-compose.yaml b/hub/documentation/operations/files/selfcert/docker-compose.yaml new file mode 100644 index 0000000000..4c39d37b81 --- /dev/null +++ b/hub/documentation/operations/files/selfcert/docker-compose.yaml @@ -0,0 +1,96 @@ +# IMAGE TAGS, USER_ID and HOST names is found in .env file +services: + watchtower: + image: containrrr/watchtower + container_name: watchtower + restart: always + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /home/sesam/.docker/config.json:/config.json + command: sesam-node fluentbit traefik + environment: + - WATCHTOWER_CLEANUP=true # Removes old images after updating + - WATCHTOWER_POLL_INTERVAL=3600 # Check for updates every 60 minutes + - WATCHTOWER_ROLLING_RESTART=true # Enable rolling restarts to minimize downtime + + traefik: + image: traefik:${TRAEFIK_DOCKER_IMAGE_TAG} + container_name: traefik + restart: always + command: + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + - "--entrypoints.websecure.address=:443" + - "--entrypoints.web.http.redirections.entryPoint.to=websecure" + - "--entrypoints.web.http.redirections.entryPoint.scheme=https" + ports: + - "80:80" + - "443:443" + volumes: + - "/var/run/docker.sock:/var/run/docker.sock:ro" + - "/srv/data/traefik/traefik.yml:/etc/traefik/traefik.yml:ro" + - "/srv/data/traefik/certs:/certs:ro" + networks: + - sesam + - microservices + + sesam-node: + image: sesam/sesam-node:${SESAM_NODE_IMAGE_TAG} + container_name: sesam-node + restart: always + networks: + - sesam + - microservices + volumes: + - /srv/data/sesam/node-00/data:/sesam/data:rprivate + - sesam-node-tmp:/tmp:z + - /sesam/node-00:/sesam:rprivate + - /var/run/docker.sock:/var/run/docker.sock:rprivate + environment: + - SESAM_UID=${USER_ID} + - SESAM_GID=${USER_ID} + - ORACLE_HOME=/opt/instantclient_21_1 + - LD_LIBRARY_PATH=/opt/instantclient_21_1 + - SESAM_IMAGE_VERSION=2 + entrypoint: ["/entrypoint.sh"] + command: + - sh + - -c + - "chown -R -H ${USER_ID}:${USER_ID} /sesam/logs /sesam/data && exec gosu ${USER_ID} lake -l /sesam/logs -d /sesam/data --microservices=engine --enforce-license --sesam-portal-url https://portal.sesam.io/unified/ --redirect-portal-gui 1 -b /sesam/data/backup --backup-use-checkpoints" + labels: + - "traefik.enable=true" + - "traefik.http.routers.sesam-node.rule=Host(`${NODE_DOMAIN}`)" + - "traefik.http.routers.sesam-node.entrypoints=websecure" + - "traefik.http.routers.sesam-node.tls=true" + - "traefik.http.routers.sesam-node.tls.certresolver=myleresolver" + - "traefik.http.services.sesam-node.loadbalancer.server.port=9042" + + fluentbit: + image: sesam/fluent-bit:${FLUENTBIT_IMAGE_TAG} + container_name: fluentbit + restart: always + volumes: + - /sesam/node-00/logs:/logs/node/logs:rw + - /var/log:/system-logs/logs:rw + - /sesam/fluentbit/data:/data:rw + environment: + - APPLIANCE_ID=${APPLIANCE_ID} + - SUBSCRIPTION_ID=${SUBSCRIPTION_ID} + entrypoint: + - /fluent-bit/bin/fluent-bit + command: + - /fluent-bit/bin/fluent-bit + - -c + - /fluent-bit/etc/fluent-bit.conf + +volumes: + # Docker Volume definition for sesam-node-tmp + sesam-node-tmp: + driver: local + +networks: + sesam: + external: true + microservices: + external: true From 1fc34e41e4c483bdd5a6c6bd5f79bb6f6ab580ba Mon Sep 17 00:00:00 2001 From: Ole-Morten Date: Wed, 9 Apr 2025 11:32:26 +0200 Subject: [PATCH 03/10] Create traefik.yaml --- .../operations/files/selfcert/traefik.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 hub/documentation/operations/files/selfcert/traefik.yaml diff --git a/hub/documentation/operations/files/selfcert/traefik.yaml b/hub/documentation/operations/files/selfcert/traefik.yaml new file mode 100644 index 0000000000..ef7cb46444 --- /dev/null +++ b/hub/documentation/operations/files/selfcert/traefik.yaml @@ -0,0 +1,12 @@ +entryPoints: + web: + address: ":80" + websecure: + address: ":443" +providers: + docker: + exposedByDefault: false +tls: + certificates: + - certFile: "/certs/example.com.crt" + keyFile: "/certs/example.com.key" From 9357b39cb2459df5e6cb94e0113cbddf8157345b Mon Sep 17 00:00:00 2001 From: Ole-Morten Date: Wed, 9 Apr 2025 11:44:15 +0200 Subject: [PATCH 04/10] Update self-hosted.rst --- hub/documentation/operations/self-hosted.rst | 38 ++++++++++++++++++-- 1 file changed, 36 insertions(+), 2 deletions(-) diff --git a/hub/documentation/operations/self-hosted.rst b/hub/documentation/operations/self-hosted.rst index 3783024747..1fdbd690d5 100644 --- a/hub/documentation/operations/self-hosted.rst +++ b/hub/documentation/operations/self-hosted.rst @@ -200,10 +200,10 @@ Docker compose configuration -------------- -2. Docker Setup +2 A. Docker Setup with letsencrypt --------------- -1. Place the :download:`docker-compose.yaml` and :download:`env` files in the ``/srv/data`` directory: +1. Place the :download:`docker-compose.yaml` and :download:`env` files in the ``/srv/data`` directory: .. code:: bash @@ -226,6 +226,40 @@ Docker compose configuration docker network create sesam docker network create microservices + + +2 B. Docker Setup with self provided certificates +--------------- + + +1. Place the :download:`docker-compose.yaml` and :download:`env` files in the ``/srv/data`` directory, download `traefik.yaml` and place in ``/srv/data/traefik/`` : + + .. code:: bash + + /srv/data/docker-compose.yml + /srv/data/.env + /srv/data/traefik/traefik.yaml + /srv/data/traefik/certs/example.cert + /srv/data/traefik/certs/example.key + +2. Create a new unique identifier to use as APPLIANCE_ID + + .. code:: bash + + uuidgen + + +3. Edit the ``.env`` file with the correct values + +4. Edit the ``traefik/traefik.yaml`` file with the correct values + +5. Create the needed networks + + .. code:: bash + + docker network create sesam + docker network create microservices + -------------- 3. Start Services From 7a242acc10588d5e1670d76519a237cf62af8c59 Mon Sep 17 00:00:00 2001 From: Ole-Morten Date: Wed, 9 Apr 2025 11:48:35 +0200 Subject: [PATCH 05/10] Update self-hosted.rst --- hub/documentation/operations/self-hosted.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hub/documentation/operations/self-hosted.rst b/hub/documentation/operations/self-hosted.rst index 1fdbd690d5..b63565710b 100644 --- a/hub/documentation/operations/self-hosted.rst +++ b/hub/documentation/operations/self-hosted.rst @@ -201,7 +201,7 @@ Docker compose configuration -------------- 2 A. Docker Setup with letsencrypt ---------------- +----------------------------------- 1. Place the :download:`docker-compose.yaml` and :download:`env` files in the ``/srv/data`` directory: @@ -229,7 +229,7 @@ Docker compose configuration 2 B. Docker Setup with self provided certificates ---------------- +-------------------------------------------------- 1. Place the :download:`docker-compose.yaml` and :download:`env` files in the ``/srv/data`` directory, download `traefik.yaml` and place in ``/srv/data/traefik/`` : From ccbc14c34cf6708d0153a2172a1ff958f3b48a06 Mon Sep 17 00:00:00 2001 From: Ole-Morten Date: Wed, 9 Apr 2025 11:52:36 +0200 Subject: [PATCH 06/10] Update self-hosted.rst --- hub/documentation/operations/self-hosted.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hub/documentation/operations/self-hosted.rst b/hub/documentation/operations/self-hosted.rst index b63565710b..1cae5b1412 100644 --- a/hub/documentation/operations/self-hosted.rst +++ b/hub/documentation/operations/self-hosted.rst @@ -232,7 +232,7 @@ Docker compose configuration -------------------------------------------------- -1. Place the :download:`docker-compose.yaml` and :download:`env` files in the ``/srv/data`` directory, download `traefik.yaml` and place in ``/srv/data/traefik/`` : +1. Place the :download:`docker-compose.yaml` and :download:`env` files in the ``/srv/data`` directory, download `traefik.yaml` and place in ``/srv/data/traefik/``. Place your certificates to ``/srv/data/traefik/certs``: .. code:: bash From 3d66f74bf6cc8f07ff1db8c5fdcc040424abf444 Mon Sep 17 00:00:00 2001 From: Ole-Morten Date: Wed, 9 Apr 2025 12:13:29 +0200 Subject: [PATCH 07/10] Update docker-compose.yaml --- .../operations/files/selfcert/docker-compose.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/hub/documentation/operations/files/selfcert/docker-compose.yaml b/hub/documentation/operations/files/selfcert/docker-compose.yaml index 4c39d37b81..fbd01a5efd 100644 --- a/hub/documentation/operations/files/selfcert/docker-compose.yaml +++ b/hub/documentation/operations/files/selfcert/docker-compose.yaml @@ -49,10 +49,6 @@ services: - /var/run/docker.sock:/var/run/docker.sock:rprivate environment: - SESAM_UID=${USER_ID} - - SESAM_GID=${USER_ID} - - ORACLE_HOME=/opt/instantclient_21_1 - - LD_LIBRARY_PATH=/opt/instantclient_21_1 - - SESAM_IMAGE_VERSION=2 entrypoint: ["/entrypoint.sh"] command: - sh From a085c2d44faa684dee5bd5c0e82bdc0a8b265a08 Mon Sep 17 00:00:00 2001 From: Ole-Morten Date: Wed, 9 Apr 2025 12:14:20 +0200 Subject: [PATCH 08/10] Update docker-compose.yaml --- .../operations/files/standard/docker-compose.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/hub/documentation/operations/files/standard/docker-compose.yaml b/hub/documentation/operations/files/standard/docker-compose.yaml index dde6efda0f..c1817d76f2 100644 --- a/hub/documentation/operations/files/standard/docker-compose.yaml +++ b/hub/documentation/operations/files/standard/docker-compose.yaml @@ -52,10 +52,6 @@ services: - /var/run/docker.sock:/var/run/docker.sock:rprivate environment: - SESAM_UID=${USER_ID} - - SESAM_GID=${USER_ID} - - ORACLE_HOME=/opt/instantclient_21_1 - - LD_LIBRARY_PATH=/opt/instantclient_21_1 - - SESAM_IMAGE_VERSION=2 entrypoint: ["/entrypoint.sh"] command: - sh From ced00f3787546cd01c315fdd986a9394f6f161e6 Mon Sep 17 00:00:00 2001 From: Ole-Morten Date: Wed, 9 Apr 2025 12:17:54 +0200 Subject: [PATCH 09/10] Update docker-compose.yaml --- hub/documentation/operations/files/selfcert/docker-compose.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/hub/documentation/operations/files/selfcert/docker-compose.yaml b/hub/documentation/operations/files/selfcert/docker-compose.yaml index fbd01a5efd..3060dd5e6c 100644 --- a/hub/documentation/operations/files/selfcert/docker-compose.yaml +++ b/hub/documentation/operations/files/selfcert/docker-compose.yaml @@ -49,6 +49,7 @@ services: - /var/run/docker.sock:/var/run/docker.sock:rprivate environment: - SESAM_UID=${USER_ID} + - SESAM_GID=${USER_ID} entrypoint: ["/entrypoint.sh"] command: - sh From 15c63796b503173d4645242bbc2d717abf1fcfd3 Mon Sep 17 00:00:00 2001 From: Ole-Morten Date: Wed, 9 Apr 2025 12:18:34 +0200 Subject: [PATCH 10/10] Update docker-compose.yaml --- hub/documentation/operations/files/standard/docker-compose.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/hub/documentation/operations/files/standard/docker-compose.yaml b/hub/documentation/operations/files/standard/docker-compose.yaml index c1817d76f2..698ebfbc2f 100644 --- a/hub/documentation/operations/files/standard/docker-compose.yaml +++ b/hub/documentation/operations/files/standard/docker-compose.yaml @@ -52,6 +52,7 @@ services: - /var/run/docker.sock:/var/run/docker.sock:rprivate environment: - SESAM_UID=${USER_ID} + - SESAM_GID=${USER_ID} entrypoint: ["/entrypoint.sh"] command: - sh