aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--genenetwork-local-container.scm202
1 files changed, 111 insertions, 91 deletions
diff --git a/genenetwork-local-container.scm b/genenetwork-local-container.scm
index 2e3eafb..14403ab 100644
--- a/genenetwork-local-container.scm
+++ b/genenetwork-local-container.scm
@@ -83,74 +83,86 @@
server described by CONFIG, a <genenetwork-configuration> object."
(match-record config <genenetwork-configuration>
(gn2-port gn2-secrets gn3-port gn-auth-port genotype-files)
- (with-packages (list coreutils git-minimal gunicorn nss-certs)
- (with-imported-modules '((guix build utils))
- #~(begin
- (use-modules (guix build utils)
- (ice-9 match))
-
- ;; Override the genenetwork3 used by genenetwork2.
- (setenv "GN3_PYTHONPATH" "/genenetwork3")
- ;; Set other environment variables required by
- ;; genenetwork2.
- (setenv "GN2_PROFILE" #$(profile
- (content (package->development-manifest genenetwork2))
- (allow-collisions? #t)))
- (setenv
- "GN2_SETTINGS"
- #$(mixed-text-file "gn2.conf"
- "GN2_SECRETS=\"" gn2-secrets "\"\n"
- "AI_SEARCH_ENABLED=True\n"
- "TEST_FEATURE_SWITCH=True\n"
- "GN3_LOCAL_URL=\""
- (string-append "http://localhost:"
- (number->string gn3-port))
- "\"\n"
- "GN_SERVER_URL=\""
- (string-append "http://localhost:"
- (number->string gn3-port))
- "/api/\"\n"
- "AUTH_SERVER_URL=\""
- (string-append "http://localhost:"
- (number->string gn-auth-port))
- "\"\n"
- "SQL_URI=\"mysql://webqtlout:webqtlout@localhost/db_webqtl?unix_socket=/run/mysqld/mysqld.sock&charset=utf8\"\n"
- "SSL_PRIVATE_KEY=\"/etc/genenetwork/conf/gn2/private.pem\"\n"
- "AUTH_SERVER_SSL_PUBLIC_KEY=\"/etc/genenetwork/conf/gn-auth/clients-public-keys/gn-auth.pem\"\n"))
+ (with-packages
+ (list coreutils git-minimal gunicorn nss-certs)
+ (with-imported-modules '((guix build utils))
+ #~(begin
+ (use-modules (guix build utils)
+ (ice-9 ftw)
+ (ice-9 match))
- ;; Start genenetwork2.
- (with-directory-excursion "/genenetwork2"
- (invoke #$(file-append bash "/bin/sh")
- "bin/genenetwork2" "gn2/default_settings.py" "-gunicorn-dev")))))))
+ ;; Override the genenetwork3 used by genenetwork2.
+ (setenv "GN3_PYTHONPATH" "/genenetwork3")
+ (setenv "GN2_PROFILE" #$(profile
+ (content (package->development-manifest genenetwork2))
+ (allow-collisions? #t)))
+ (unless (file-exists? "/etc/genenetwork/conf/gn2.conf")
+ (with-output-to-file "/etc/genenetwork/conf/gn2.conf"
+ (lambda ()
+ (display #$(string-append
+ "GN2_SECRETS=\"" gn2-secrets "\"\n"
+ "AI_SEARCH_ENABLED=True\n"
+ "TEST_FEATURE_SWITCH=True\n"
+ "GN3_LOCAL_URL=\"http://localhost:" (number->string gn3-port) "\"\n"
+ "GN_SERVER_URL=\"http://localhost:" (number->string gn3-port) "/api/\"\n"
+ "AUTH_SERVER_URL=\"http://localhost:" (number->string gn-auth-port) "\"\n"
+ "SQL_URI=\"mysql://webqtlout:webqtlout@localhost/db_webqtl?unix_socket=/run/mysqld/mysqld.sock&charset=utf8\"\n"
+ "SSL_PRIVATE_KEY=\"/etc/genenetwork/conf/gn2/private.pem\"\n"
+ "AUTH_SERVER_SSL_PUBLIC_KEY=\"/etc/genenetwork/conf/gn-auth/clients-public-keys/gn-auth.pem\"\n"))
+ ;; We actually set here twice so that we can refer to it
+ ;; when running things manually.
+ (display "GN2_PROFILE=\"")
+ (display #$(file-append (profile
+ (content (package->development-manifest genenetwork2))
+ (allow-collisions? #t))
+ "\"\n")))))
+ (setenv "GN2_SETTINGS" "/etc/genenetwork/conf/gn2.conf")
+ ;; Start genenetwork2.
+ (with-directory-excursion "/genenetwork2"
+ (invoke #$(file-append bash "/bin/sh")
+ "bin/genenetwork2" "gn2/default_settings.py" "-gunicorn-dev")))))))
(define (genenetwork3-gexp config)
"Return a G-expression that runs the latest genenetwork3 development
server described by CONFIG, a <genenetwork-configuration> object."
(match-record config <genenetwork-configuration>
- (gn3-port gn3-secrets sparql-endpoint data-directory xapian-db-path auth-db-path llm-db-path)
+ (gn3-port gn3-secrets gn-auth-port sparql-endpoint data-directory xapian-db-path auth-db-path llm-db-path)
(with-manifest (package->development-manifest genenetwork3)
(with-imported-modules '((guix build utils))
#~(begin
- (use-modules (guix build utils)
- (ice-9 match))
-
+ (use-modules (guix build utils))
;; Configure genenetwork3.
- (setenv "GN3_CONF"
- #$(mixed-text-file "gn3.conf"
- "SPARQL_ENDPOINT=\"" sparql-endpoint "\"\n"
- "DATA_DIR=\"" data-directory "\"\n"
- "AUTH_SERVER_URL=\"http://localhost:8084/\"\n"
- "XAPIAN_DB_PATH=\"" xapian-db-path "\"\n"
- "AUTH_DB=\"" auth-db-path "\"\n"
- "LLM_DB_PATH=\"" llm-db-path "\"\n"))
- (setenv "GN3_SECRETS" #$gn3-secrets)
- (setenv "HOME" "/tmp")
- (setenv "SQL_URI" "mysql://webqtlout:webqtlout@localhost/db_webqtl?unix_socket=/run/mysqld/mysqld.sock")
(setenv "RSCRIPT" #$(file-append
(profile
(content (package->development-manifest genenetwork3))
(allow-collisions? #t))
"/bin/Rscript"))
+ (unless (file-exists? "/etc/genenetwork/conf/gn3.conf")
+ (with-output-to-file "/etc/genenetwork/conf/gn3.conf"
+ (lambda ()
+ (display #$(string-append
+ "SPARQL_ENDPOINT=\"" sparql-endpoint "\"\n"
+ "DATA_DIR=\"" data-directory "\"\n"
+ "AUTH_SERVER_URL=\"http://localhost:8084/\"\n"
+ "XAPIAN_DB_PATH=\"" xapian-db-path "\"\n"
+ "AUTH_DB=\"" auth-db-path "\"\n"
+ "LLM_DB_PATH=\"" llm-db-path "\"\n"))
+ (display "GN3_PROFILE=\"")
+ (display #$(file-append (profile
+ (content (package->development-manifest genenetwork3))
+ (allow-collisions? #t))
+ "\"\n"))
+ (display "R_SCRIPT=\"")
+ (display #$(file-append
+ (profile
+ (content (package->development-manifest genenetwork3))
+ (allow-collisions? #t))
+ "/bin/Rscript\"\n")))))
+ (setenv "GN3_CONF" "/etc/genenetwork/conf/gn3.conf")
+ (setenv "GN3_SECRETS" #$gn3-secrets)
+ (setenv "HOME" "/tmp")
+ (setenv "SQL_URI" "mysql://webqtlout:webqtlout@localhost/db_webqtl?unix_socket=/run/mysqld/mysqld.sock")
+
(setenv "FLASK_ENV" "development")
(setenv "FLASK_DEBUG" "1")
;; Run genenetwork3.
@@ -168,18 +180,24 @@ server described by CONFIG, a <genenetwork-configuration> object."
(with-packages (list git-minimal nss-certs)
(with-imported-modules '((guix build utils))
#~(begin
- (use-modules (guix build utils)
- (ice-9 match))
+ (use-modules (guix build utils))
;; Configure gn-auth.
- (setenv "GN_AUTH_CONF"
- #$(mixed-text-file
- "gn-auth.conf"
+ (unless (file-exists? "/etc/genenetwork/conf/gn-auth.conf")
+ (with-output-to-file "/etc/genenetwork/conf/gn-auth.conf"
+ (lambda ()
+ (display #$(string-append
"LOGLEVEL=\"DEBUG\"\n"
"SQL_URI=\"mysql://webqtlout:webqtlout@localhost/db_webqtl?unix_socket=/run/mysqld/mysqld.sock\"\n"
"AUTH_DB=\"" auth-db-path "\"\n"
"GN_AUTH_SECRETS=\"" gn-auth-secrets "\"\n"
"CLIENTS_SSL_PUBLIC_KEYS_DIR=\"/etc/genenetwork/conf/gn-auth/clients-public-keys/\"\n"
"SSL_PRIVATE_KEY=\"/etc/genenetwork/conf/gn-auth/private.pem\"\n"))
+ (display "GN_AUTH_PROFILE=\"")
+ (display #$(file-append (profile
+ (content (package->development-manifest gn-auth))
+ (allow-collisions? #t))
+ "\"\n")))))
+ (setenv "GN_AUTH_CONF" "/etc/genenetwork/conf/gn-auth.conf")
(setenv "HOME" "/tmp")
(setenv "AUTHLIB_INSECURE_TRANSPORT" "true")
;; Run gn-auth.
@@ -190,40 +208,42 @@ server described by CONFIG, a <genenetwork-configuration> object."
"gn_auth.wsgi:app"))))))))
(define (genenetwork-activation config)
- (match-record config <genenetwork-configuration>
- (gn2-secrets gn3-secrets auth-db-path gn-auth-secrets gn-doc-git-checkout)
+ (match-record
+ config <genenetwork-configuration>
+ (gn2-secrets gn3-secrets gn3-port gn-auth-port auth-db-path gn-auth-secrets gn-doc-git-checkout)
(with-imported-modules '((guix build utils))
- #~(begin
- (use-modules (guix build utils))
- ;; Set ownership of files.
- (for-each (lambda (file)
- (when (eq? (stat:type (stat file)) 'directory)
- (chmod file #o755))
- (chown file
- (passwd:uid (getpw "genenetwork"))
- (passwd:gid (getpw "genenetwork"))))
- (append
- '("/etc/genenetwork/conf" "/genenetwork2/flask_session")
- (find-files #$(dirname gn-auth-secrets)
- #:directories? #t)
- (find-files #$(dirname gn2-secrets)
- #:directories? #t)
- (find-files #$(dirname gn3-secrets)
- #:directories? #t)
- (find-files #$(dirname auth-db-path)
- #:directories? #t)
- (find-files #$(dirname gn-doc-git-checkout)
- #:directories? #t)))
- ;; Prevent other users from reading secret files.
- (for-each (lambda (file)
- (chmod file #o600))
- (append
- (find-files #$gn-auth-secrets
- #:directories? #f)
- (find-files #$gn2-secrets
- #:directories? #f)
- (find-files #$gn3-secrets
- #:directories? #f)))))))
+ #~(begin
+ (use-modules (guix build utils)
+ (ice-9 ftw))
+ ;; Set ownership of files.
+ (for-each (lambda (file)
+ (when (eq? (stat:type (stat file)) 'directory)
+ (chmod file #o755))
+ (chown file
+ (passwd:uid (getpw "genenetwork"))
+ (passwd:gid (getpw "genenetwork"))))
+ (append
+ '("/etc/genenetwork/conf" "/genenetwork2/flask_session")
+ (find-files #$(dirname gn-auth-secrets)
+ #:directories? #t)
+ (find-files #$(dirname gn2-secrets)
+ #:directories? #t)
+ (find-files #$(dirname gn3-secrets)
+ #:directories? #t)
+ (find-files #$(dirname auth-db-path)
+ #:directories? #t)
+ (find-files #$(dirname gn-doc-git-checkout)
+ #:directories? #t)))
+ ;; Prevent other users from reading secret files.
+ (for-each (lambda (file)
+ (chmod file #o600))
+ (append
+ (find-files #$gn-auth-secrets
+ #:directories? #f)
+ (find-files #$gn2-secrets
+ #:directories? #f)
+ (find-files #$gn3-secrets
+ #:directories? #f)))))))
(define (gn-guile-gexp gn-guile-port)
(with-imported-modules '((guix build utils))
generated by cgit v1.2.3 (git 2.47.1) at 2025-06-11 09:59:22 +0000