aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2025-03-20 09:40:37 -0500
committerFrederick Muriuki Muriithi2025-03-21 08:40:11 -0500
commitca0261afa441586805ca9754e4bd3f761aece10a (patch)
tree99b3cbd1cd0ee882268914c7f68ef0b7eb59f54d
parentc3e801bb4f8bdefab80c08c3e34e107ba0d08041 (diff)
downloadgn-machines-main.tar.gz
uploader-container: Define directory to store sessions in.HEADmain
Redis is being phased out, and part of that is moving the storage of sessions to the file system, rather than in Redis. This commit allows configuration of the path to the directory where the session files will be stored.
-rw-r--r--genenetwork/services/genenetwork.scm25
1 files changed, 18 insertions, 7 deletions
diff --git a/genenetwork/services/genenetwork.scm b/genenetwork/services/genenetwork.scm
index 8a3499e..a403f21 100644
--- a/genenetwork/services/genenetwork.scm
+++ b/genenetwork/services/genenetwork.scm
@@ -148,6 +148,8 @@
(default "https://auth.genenetwork.org"))
(gn2-server-url gn-uploader-configuration-gn2-server-url
(default "https://genenetwork.org"))
+ (sessions-dir gn-uploader-sessions-dir
+ (default "/var/genenetwork/sessions/gn-uploader"))
(log-level gn-uploader-configuration-log-level
(default 'warning)
(sanitize sanitize-log-level)))
@@ -682,14 +684,18 @@ a @code{<genenetwork-configuration>} record."
(define (gn-uploader-activation config)
(match-record config <gn-uploader-configuration>
- (secrets data-directory)
+ (secrets data-directory sessions-dir)
(with-imported-modules '((guix build utils))
#~(begin
(use-modules (guix build utils))
;; Let service user own their own secrets files.
- (chown #$secrets
- (passwd:uid (getpw "gunicorn-gn-uploader"))
- (passwd:gid (getpw "gunicorn-gn-uploader")))
+ (for-each (lambda (file)
+ (chown file
+ (passwd:uid (getpw "gunicorn-gn-uploader"))
+ (passwd:gid (getpw "gunicorn-gn-uploader"))))
+ (append (list #$secrets)
+ (find-files #$sessions-dir
+ #:directories? #t)))
;; Set owner-only permissions on secrets files.
(for-each (lambda (file)
(chmod file #o600))
@@ -705,7 +711,7 @@ a @code{<genenetwork-configuration>} record."
(define (gn-uploader-gunicorn-app config)
(match-record config <gn-uploader-configuration>
- (gn-uploader sql-uri port data-directory secrets log-level auth-server-url gn2-server-url)
+ (gn-uploader sql-uri port data-directory secrets log-level auth-server-url gn2-server-url sessions-dir)
;; If we mapped only the mysqld.sock socket file, it would break
;; when the external mysqld server is restarted.
(let* ((database-mapping (file-system-mapping
@@ -719,7 +725,8 @@ a @code{<genenetwork-configuration>} record."
("UPLOAD_FOLDER" ,(string-append data-directory
"/uploads"))
("AUTH_SERVER_URL" ,auth-server-url)
- ("GN2_SERVER_URL" ,gn2-server-url)))))
+ ("GN2_SERVER_URL" ,gn2-server-url)
+ ("SESSION_FILESYSTEM_CACHE_PATH" ,sessions-dir)))))
(gn-uploader-profile (profile
(content (package->development-manifest gn-uploader))
(allow-collisions? #t)))
@@ -760,7 +767,11 @@ a @code{<genenetwork-configuration>} record."
(target source))
(file-system-mapping
(source gn-uploader-ca-bundle)
- (target source))))
+ (target source))
+ (file-system-mapping
+ (source sessions-dir)
+ (target source)
+ (writable? #t))))
(extra-cli-arguments
(list "--log-level"
(string-upcase (symbol->string log-level)))))))))