diff --git a/.env.sample b/.env.sample new file mode 100644 index 0000000..1d1d6f7 --- /dev/null +++ b/.env.sample @@ -0,0 +1,9 @@ +# Local development +export MASTODON_ACCESS_TOKEN=foobar +export MASTODON_API_BASE_URL=social.lumbung.space +export APP_LOG_LEVEL=info + +# Deployment +export DOMAIN=publish.lumbung.space +export ENTRYPOINT_CONF_VERSION=v1 +export SECRET_MASTODON_ACCESS_TOKEN=v1 diff --git a/README.md b/README.md index 7f4d14c..3f520cf 100644 --- a/README.md +++ b/README.md @@ -21,3 +21,20 @@ A service to facilitate collective digital publishing practices. - **cloud.lumbung.space**: Using [Nextcloud flows](https://nextcloud.com/blog/nextcloud-flow-makes-it-easy-to-automate-actions-and-workflows/), we can trigger an outgoing HTTP request towards `pubspace` - **tv.lumbung.space**: Using [a federation client](https://mastodonpy.readthedocs.io/) we can watch for specific hashtags to trigger publishing - **social.lumbung.space**: Using [a federation client](https://mastodonpy.readthedocs.io/), we can watch for specific hashtags to trigger publishing + +## Nextcloud flow script + +```bash +echo "TODO" +``` + +## Deployment + +> Work In Progress + +``` +$ printf $YOURMASTODONACCESSTOKEN | docker secret create publish_lumbung_space_access_token_v1 - +$ cp .env.sample .env # and update the values to match the environment +$ set -a && source .env && set +a +$ docker stack deploy -c compose.yml publish_lumbung_space +``` diff --git a/compose.yml b/compose.yml new file mode 100644 index 0000000..6d42be0 --- /dev/null +++ b/compose.yml @@ -0,0 +1,50 @@ +--- +version: "3.8" + +services: + app: + image: "decentral1se/pubspace:latest" + environment: + - MASTODON_ACCESS_TOKEN_FILE=/run/secrets/access_token + secrets: + - access_token + networks: + - proxy + configs: + - source: entrypoint_sh + target: /usr/local/bin/entrypoint.sh + mode: 0555 + entrypoint: /usr/local/bin/entrypoint.sh + healthcheck: + test: curl --fail 0.0.0.0:8000/healthz || exit 1 + deploy: + update_config: + failure_action: rollback + order: start-first + labels: + - "traefik.enable=true" + - "traefik.http.services.kcp.loadbalancer.server.port=8000" + - "traefik.http.routers.kcp.rule=Host(`${DOMAIN}`)" + - "traefik.http.routers.kcp.entrypoints=web-secure" + - "traefik.http.routers.kcp.tls.certresolver=production" + command: | + uvicorn + --host 0.0.0.0 + --forwarded-allow-ips="*" + --proxy-headers + pubspace:app + +networks: + proxy: + external: true + +configs: + entrypoint_sh: + name: ${STACK_NAME}_entrypoint_conf_${ENTRYPOINT_CONF_VERSION} + file: entrypoint.sh.tmpl + template_driver: golang + +secrets: + access_token: + external: true + name: ${STACK_NAME}_access_token_${SECRET_MASTODON_ACCESS_TOKEN} diff --git a/makefile b/makefile index d113ab1..6f99ccf 100644 --- a/makefile +++ b/makefile @@ -1,5 +1,5 @@ .DEFAULT: run -.PHONY: run +.PHONY: run build push run: @if [ ! -d ".venv" ]; then \ @@ -8,3 +8,9 @@ run: .venv/bin/poetry install; \ fi .venv/bin/poetry run uvicorn pubspace:app --reload + +build: + @docker build -t decentral1se/pubspace . + +push: build + @docker push decentral1se/pubspace diff --git a/pubspace.py b/pubspace.py index 72d6979..98e31d9 100644 --- a/pubspace.py +++ b/pubspace.py @@ -38,3 +38,8 @@ mastodon.stream_hashtag("pubspace", PubspaceListener(), run_async=True) @app.get("/") async def home(request: Request): app.state.log.info(await request.json()) + + +@app.get("/healthz") +async def healthz(request: Request): + return {"detail": "ALL ENGINES FIRING"}