aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--genenetwork/services/genenetwork.scm77
-rwxr-xr-xproduction-deploy.sh23
-rw-r--r--production.scm8
-rwxr-xr-xpublic-sparql-deploy.sh8
-rw-r--r--public-sparql.scm2
-rw-r--r--uploader.scm3
-rwxr-xr-xvirtuoso-deploy.sh1
-rw-r--r--virtuoso.scm2
8 files changed, 84 insertions, 40 deletions
diff --git a/genenetwork/services/genenetwork.scm b/genenetwork/services/genenetwork.scm
index f1a1c88..3b39f6c 100644
--- a/genenetwork/services/genenetwork.scm
+++ b/genenetwork/services/genenetwork.scm
@@ -119,6 +119,10 @@
(default 8091))
(gn-doc-git-checkout genenetwork-configuration-gn-doc-git-checkout
(default "/export/data/gn-docs"))
+ (gn-virtuoso-ttl-directory genenetwork-configuration-gn-virtuoso-ttl-directory
+ (default "/export/data/virtuoso/ttl"))
+ (gn-tmpdir genenetwork-configuration-gn-tmpdir
+ (default "/opt/gn/tmp"))
(log-level genenetwork-configuration-log-level
(default 'warning)
(sanitize sanitize-log-level)))
@@ -170,6 +174,8 @@
(genenetwork3 (genenetwork-configuration-genenetwork3 config))
(xapian-directory (genenetwork-configuration-xapian-db config))
(sparql-endpoint (genenetwork-configuration-sparql-endpoint config))
+ (virtuoso-ttl-directory
+ (genenetwork-configuration-gn-virtuoso-ttl-directory config))
(xapian-build-directory (string-append xapian-directory "/build"))
(herd (file-append shepherd "/bin/herd"))
(index-genenetwork (file-append genenetwork3 "/bin/index-genenetwork"))
@@ -203,7 +209,9 @@
"is-data-modified"
#$xapian-directory
#$sql-uri
- #$sparql-endpoint))))
+ #$sparql-endpoint
+ "--virtuoso-ttl-directory"
+ #$virtuoso-ttl-directory))))
(dynamic-wind
(const #t)
;; build the index
@@ -212,7 +220,9 @@
"create-xapian-index"
#$xapian-build-directory
#$sql-uri
- #$sparql-endpoint)
+ #$sparql-endpoint
+ "--virtuoso-ttl-directory"
+ #$virtuoso-ttl-directory)
(dynamic-wind
;; stop GN3: Here there is magic!!!
;; The name `gunicorn-genenetwork' is magical. It is not set
@@ -242,7 +252,7 @@
(define (genenetwork-activation config)
(match-record config <genenetwork-configuration>
- (gn2-secrets gn3-secrets gn-auth-secrets auth-db llm-db-path)
+ (gn2-secrets gn3-secrets gn-auth-secrets auth-db llm-db-path genotype-files gn-tmpdir gn-doc-git-checkout)
(with-imported-modules '((guix build utils))
#~(begin
(use-modules (guix build utils))
@@ -262,6 +272,8 @@
(passwd:uid (getpw "gunicorn-genenetwork2"))
(passwd:gid (getpw "gunicorn-genenetwork2"))))
(append (list #$gn2-secrets)
+ (find-files #$genotype-files
+ #:directories? #t)
(find-files #$gn2-secrets
#:directories? #t)))
(for-each (lambda (file)
@@ -278,7 +290,31 @@
(find-files #$gn2-secrets
#:directories? #f)
(find-files #$gn-auth-secrets
- #:directories? #f)))))))
+ #:directories? #f)))
+ ;; Make sub-directories for various apps under gn-tmpdir and assign
+ ;; appropriate permissions
+ (for-each (match-lambda
+ ((subdir user)
+ (let ((full-path
+ (string-append #$gn-tmpdir "/" subdir)))
+ (unless (file-exists? full-path)
+ (mkdir full-path #o755))
+ (for-each (lambda (file)
+ (chown file
+ (passwd:uid (getpw user))
+ (passwd:gid (getpw user))))
+ (find-files full-path
+ #:directories? #t)))))
+ '(("gn2-tmpdir" "gunicorn-genenetwork2")
+ ("gn3-tmpdir" "gunicorn-genenetwork3")))
+
+ ;; setup correct ownership for gn-docs
+ (for-each (lambda (file)
+ (chown file
+ (passwd:uid (getpw "genenetwork"))
+ (passwd:gid (getpw "genenetwork"))))
+ (find-files #$gn-doc-git-checkout
+ #:directories? #t))))))
(define (configuration-file-gexp alist)
"Return a G-expression that constructs a configuration file of
@@ -309,7 +345,7 @@ G-expressions or numbers."
described by @var{config}, a @code{<genenetwork-configuration>}
object."
(match-record config <genenetwork-configuration>
- (genenetwork2 genenetwork3 gn-auth server-name gn-auth-server-name gn2-port gn3-port gn-auth-port sql-uri auth-db xapian-db genotype-files sparql-endpoint gn-sourcecode-directory gn3-data-directory gn2-secrets gn3-secrets gn-auth-secrets llm-db-path log-level)
+ (genenetwork2 genenetwork3 gn-auth server-name gn-auth-server-name gn2-port gn3-port gn-auth-port sql-uri auth-db xapian-db genotype-files sparql-endpoint gn-sourcecode-directory gn3-data-directory gn2-secrets gn3-secrets gn-auth-secrets llm-db-path gn-tmpdir log-level)
;; If we mapped only the mysqld.sock socket file, it would break
;; when the external mysqld server is restarted.
(let* ((database-mapping (file-system-mapping
@@ -358,9 +394,9 @@ object."
(configuration-file-gexp
`(("GN_AUTH_SECRETS" ,(string-append gn-auth-secrets "/gn-auth-secrets.py"))
("AUTH_DB" ,auth-db)
- ("SQL_URI" ,sql-uri)
- ("CLIENTS_SSL_PUBLIC_KEYS_DIR" ,(string-append gn-auth-secrets "/clients-public-keys"))
- ("SSL_PRIVATE_KEY" ,(string-append gn-auth-secrets "/gn-auth-ssl-private-key.pem")))))))
+ ("SQL_URI" ,sql-uri)))))
+ (gn2-tmpdir (string-append gn-tmpdir "/gn2-tmpdir"))
+ (gn3-tmpdir (string-append gn-tmpdir "/gn3-tmpdir")))
(list (gunicorn-app
(name "genenetwork2")
(package genenetwork2)
@@ -375,7 +411,7 @@ object."
(value gn2-profile))
(environment-variable
(name "TMPDIR")
- (value "/tmp"))
+ (value gn2-tmpdir))
(environment-variable
(name "GN2_SETTINGS")
(value gn2-conf))
@@ -388,13 +424,17 @@ object."
(mappings (list database-mapping
(file-system-mapping
(source genotype-files)
- (target source))
+ (target source)
+ (writable? #t))
(file-system-mapping
(source gn-sourcecode-directory)
(target source))
- (file-system-mapping ; GN2 and GN3 need to share TMPDIR
- (source "/tmp")
- (target "/tmp")
+ (file-system-mapping ; GN2 and GN3 need to communicate via TMPDIR
+ (source gn-tmpdir)
+ (target source))
+ (file-system-mapping
+ (source gn2-tmpdir)
+ (target source)
(writable? #t))
(file-system-mapping
(source gn2-conf)
@@ -429,7 +469,7 @@ object."
(value gn3-conf))
(environment-variable
(name "TMPDIR")
- (value "/tmp"))
+ (value gn3-tmpdir))
(environment-variable
(name "GN3_SECRETS")
(value gn3-secrets))
@@ -455,9 +495,12 @@ object."
(file-system-mapping
(source gn3-data-directory)
(target source)) ; Rqtl usese this
- (file-system-mapping ; GN2 and GN3 need to share TMPDIR
- (source "/tmp")
- (target "/tmp")
+ (file-system-mapping ; GN2 and GN3 need to communicate via TMPDIR
+ (source gn-tmpdir)
+ (target source))
+ (file-system-mapping
+ (source gn3-tmpdir)
+ (target source)
(writable? #t))
(file-system-mapping
(source xapian-db)
diff --git a/production-deploy.sh b/production-deploy.sh
index bd95814..6de5ebe 100755
--- a/production-deploy.sh
+++ b/production-deploy.sh
@@ -26,19 +26,20 @@ container_script=$(guix system container \
--network \
--load-path=. \
--verbosity=3 \
- --share=/export2/guix-containers/genenetwork/var/genenetwork=/var/genenetwork \
- --share=/export2/guix-containers/genenetwork/var/lib/acme=/var/lib/acme \
- --share=/export2/guix-containers/genenetwork/var/lib/redis=/var/lib/redis \
- --share=/export/mysql/database=/var/lib/mysql \
- --share=/export2/guix-containers/genenetwork/var/lib/virtuoso=/var/lib/virtuoso \
- --share=/export2/guix-containers/genenetwork/var/log=/var/log \
- --share=/export2/guix-containers/genenetwork/etc/genenetwork=/etc/genenetwork \
- --share=/export2/guix-containers/genenetwork/var/lib/xapian=/var/lib/xapian \
- --share=/export2/guix-containers/genenetwork/var/lib/genenetwork-sqlite=/var/lib/genenetwork-sqlite \
- --share=/export2/guix-containers/genenetwork/var/lib/genenetwork-gnqa=/var/lib/genenetwork-gnqa \
+ --share=/export/guix-containers/genenetwork/var/genenetwork=/var/genenetwork \
+ --share=/export/guix-containers/genenetwork/var/lib/acme=/var/lib/acme \
+ --share=/export/guix-containers/genenetwork/var/lib/redis=/var/lib/redis \
+ --share=/export/guix-containers/genenetwork/var/lib/virtuoso=/var/lib/virtuoso \
+ --share=/export/guix-containers/genenetwork/var/log=/var/log \
+ --share=/export/guix-containers/genenetwork/etc/genenetwork=/etc/genenetwork \
+ --share=/export/guix-containers/genenetwork/var/lib/xapian=/var/lib/xapian \
+ --share=/export/guix-containers/genenetwork/var/lib/genenetwork-sqlite=/var/lib/genenetwork-sqlite \
+ --share=/export/guix-containers/genenetwork/var/lib/genenetwork-gnqa=/var/lib/genenetwork-gnqa \
--share=/var/run/mysqld=/run/mysqld \
--share=/export/data/gn-docs/ \
- --share=/export2/guix-containers/genenetwork/tmp=/tmp \
+ --share=/export/guix-containers/genenetwork/tmp=/opt/gn/tmp \
+ --expose=/export/guix-containers/genenetwork/data/virtuoso=/export/data/virtuoso/ \
+ --share=/export/guix-containers/genenetwork/var/lib/gn-docs=/export/data/gn-docs \
production.scm)
echo $container_script
diff --git a/production.scm b/production.scm
index dfa4f3d..9e629f0 100644
--- a/production.scm
+++ b/production.scm
@@ -44,14 +44,11 @@
"@include " %sudoers-specification
"\nacme ALL = NOPASSWD: " (file-append shepherd "/bin/herd") " restart nginx\n"))
(packages %base-packages)
- (services (cons* (service mysql-service-type
- (mysql-configuration
- (auto-upgrade? #f)))
- (service virtuoso-service-type
+ (services (cons* (service virtuoso-service-type
(virtuoso-configuration
(server-port 9892)
(http-server-port 9893)
- (dirs-allowed "/var/lib/virtuoso")
+ (dirs-allowed (list "/export/data/virtuoso"))
(number-of-buffers 4000000)
(maximum-dirty-buffers 3000000)
(database-file "/var/lib/virtuoso/genenetwork-virtuoso.db")
@@ -90,5 +87,6 @@
(auth-db "/var/lib/genenetwork-sqlite/auth.db")
(llm-db-path "/var/lib/genenetwork-gnqa/llm.db")
(gn3-alias-server-port 9800)
+ (gn-tmpdir "/opt/gn/tmp")
(log-level 'debug)))
%base-services)))
diff --git a/public-sparql-deploy.sh b/public-sparql-deploy.sh
index bee9abf..bc4348d 100755
--- a/public-sparql-deploy.sh
+++ b/public-sparql-deploy.sh
@@ -22,10 +22,10 @@
container_script=$(guix system container \
--network \
--verbosity=3 \
- --share=/export2/guix-containers/public-sparql/var/lib/virtuoso=/var/lib/virtuoso \
- --share=/export2/guix-containers/public-sparql/tmp=/tmp \
- --share=/export2/guix-containers/public-sparql/var/log=/var/log \
- --share=/export2/guix-containers/public-sparql/var/lib/acme=/var/lib/acme \
+ --share=/export/guix-containers/public-sparql/var/lib/virtuoso=/var/lib/virtuoso \
+ --share=/export/guix-containers/public-sparql/tmp=/tmp \
+ --share=/export/guix-containers/public-sparql/var/log=/var/log \
+ --share=/export/guix-containers/public-sparql/var/lib/acme=/var/lib/acme \
public-sparql.scm)
echo $container_script
diff --git a/public-sparql.scm b/public-sparql.scm
index f6efb15..4f5ad13 100644
--- a/public-sparql.scm
+++ b/public-sparql.scm
@@ -56,7 +56,7 @@ SPARQL endpoint is listening on."
(server-port %virtuoso-port)
(http-server-port %sparql-port)
(number-of-buffers 4000000)
- (dirs-allowed "/var/lib/virtuoso")
+ (dirs-allowed (list "/var/lib/virtuoso"))
(maximum-dirty-buffers 3000000)
(database-file "/var/lib/virtuoso/public-virtuoso.db")
(transaction-file "/var/lib/virtuoso/public-virtuoso.trx")))
diff --git a/uploader.scm b/uploader.scm
index 3cbe53f..551a2c2 100644
--- a/uploader.scm
+++ b/uploader.scm
@@ -81,7 +81,8 @@
(server-name "staging-uploader.genenetwork.org")
(port 10897)
(secrets "/etc/genenetwork/gn-uploader/gn-uploader-secrets.py")
- (sql-uri "mysql://webqtlout:webqtlout@127.0.0.1:3307/db_webqtl")
+ (sql-uri
+ "mysql://webqtlout:webqtlout@localhost/db_webqtl?unix_socket=/run/mysqld/mysqld.sock&charset=utf8")
(data-directory "/export/data/uploader/gn-uploader")
(log-level 'debug)
(auth-server-url "https://staging-auth.genenetwork.org/")
diff --git a/virtuoso-deploy.sh b/virtuoso-deploy.sh
index 0414a65..0dd2509 100755
--- a/virtuoso-deploy.sh
+++ b/virtuoso-deploy.sh
@@ -25,6 +25,7 @@ container_script=$(guix system container \
--network \
--verbosity=3 \
--share=/export2/guix-containers/virtuoso/var/lib/virtuoso=/var/lib/virtuoso \
+ --share=/export2/guix-containers/genenetwork/data/virtuoso=/export/data/virtuoso \
virtuoso.scm)
echo $container_script
diff --git a/virtuoso.scm b/virtuoso.scm
index edcd575..3272f41 100644
--- a/virtuoso.scm
+++ b/virtuoso.scm
@@ -34,5 +34,5 @@
(virtuoso-configuration
(server-port 8891)
(http-server-port 8892)
- (dirs-allowed "/var/lib/virtuoso")))
+ (dirs-allowed (list "/export/data/virtuoso"))))
%base-services)))
generated by cgit v1.2.3 (git 2.47.1) at 2025-03-07 14:30:21 +0000