diff options
Diffstat (limited to 'genenetwork/services/genenetwork.scm')
| -rw-r--r-- | genenetwork/services/genenetwork.scm | 123 |
1 files changed, 99 insertions, 24 deletions
diff --git a/genenetwork/services/genenetwork.scm b/genenetwork/services/genenetwork.scm index 34d70df..b93654f 100644 --- a/genenetwork/services/genenetwork.scm +++ b/genenetwork/services/genenetwork.scm @@ -30,7 +30,9 @@ #:use-module (gnu system file-systems) #:use-module (gnu system shadow) #:use-module (guix build python-build-system) + #:use-module (guix diagnostics) #:use-module (guix gexp) + #:use-module (guix i18n) #:use-module (guix packages) #:use-module (guix profiles) #:use-module (guix records) @@ -83,10 +85,14 @@ (default 8083)) (gn-auth-port genenetwork-configuration-gn-auth-port (default 8084)) + (gn3-alias-server-port genenetwork-gn3-alias-server-port + (default 8000)) (sql-uri genenetwork-configuration-sql-uri (default "mysql://username:password@localhost/database")) (auth-db genenetwork-configuration-auth-db (default "/var/genenetwork/auth.db")) + (llm-db-path genenetwork-configuration-llm-db-path + (default "/var/genenetwork/llm.db")) (xapian-db genenetwork-configuration-xapian-db (default "/var/genenetwork/xapian")) (genotype-files genenetwork-configuration-genotype-files @@ -94,7 +100,7 @@ (sparql-endpoint genenetwork-configuration-sparql-endpoint (default "http://localhost:8081/sparql")) (gn-sourcecode-directory genenetwork-configuration-gn-sourcecode-directory - (default "/var/empty")) + (default "/var/empty")) (gn3-data-directory genenetwork-configuration-gn3-data-directory (default "/var/genenetwork")) (gn2-secrets genenetwork-configuration-gn2-secrets @@ -102,7 +108,10 @@ (gn3-secrets genenetwork-configuration-gn3-secrets (default "/etc/genenetwork/gn3-secrets.py")) (gn-auth-secrets genenetwork-configuration-gn-auth-secrets - (default "/etc/genenetwork"))) + (default "/etc/genenetwork")) + (log-level genenetwork-configuration-log-level + (default 'warning) + (sanitize sanitize-log-level))) (define-record-type* <gn-uploader-configuration> gn-uploader-configuration make-gn-uploader-configuration @@ -119,11 +128,20 @@ (default "/var/genenetwork")) (secrets gn-uploader-configuration-secrets (default "/etc/genenetwork/gn-uploader-secrets.py")) - (auth-server-url gn-uploader-auth-server-url + (auth-server-url gn-uploader-configuration-auth-server-url (default "https://auth.genenetwork.org")) - (gn2-server-url gn-uploader-gn2-server-url + (gn2-server-url gn-uploader-configuration-gn2-server-url (default "https://genenetwork.org")) - (log-level gn-uploader-log-level (default "WARNING"))) + (log-level gn-uploader-configuration-log-level + (default 'warning) + (sanitize sanitize-log-level))) + +(define (sanitize-log-level log-level) + (case log-level + ((fatal error warning info debug trace) log-level) + (else + (leave (G_ "Log level ~a is invalid. It must be one of the following symbols---fatal, error, warn, info, debug or trace.~%") + log-level)))) (define %genenetwork-accounts (list (user-group @@ -146,8 +164,8 @@ (herd (file-append shepherd "/bin/herd")) (index-genenetwork (file-append genenetwork3 "/bin/index-genenetwork")) (gn3-profile (profile - (content (package->development-manifest genenetwork3)) - (allow-collisions? #t))) + (content (package->development-manifest genenetwork3)) + (allow-collisions? #t))) (python3-version (python-version (package-version python)))) (with-imported-modules '((guix build utils)) #~(begin @@ -277,7 +295,7 @@ G-expressions or numbers." described by @var{config}, a @code{<genenetwork-configuration>} object." (match-record config <genenetwork-configuration> - (genenetwork2 genenetwork3 gn-auth server-name gn-auth-server-name gn2-port gn3-port gn-auth-port sql-uri auth-db xapian-db genotype-files sparql-endpoint gn-sourcecode-directory gn3-data-directory gn2-secrets gn3-secrets gn-auth-secrets) + (genenetwork2 genenetwork3 gn-auth server-name gn-auth-server-name gn2-port gn3-port gn-auth-port sql-uri auth-db xapian-db genotype-files sparql-endpoint gn-sourcecode-directory gn3-data-directory gn2-secrets gn3-secrets gn-auth-secrets llm-db-path log-level) ;; If we mapped only the mysqld.sock socket file, it would break ;; when the external mysqld server is restarted. (let* ((database-mapping (file-system-mapping @@ -287,6 +305,7 @@ object." (gn2-profile (profile (content (package->development-manifest genenetwork2)) (allow-collisions? #t))) + (gn2-ca-bundle (file-append gn2-profile "/etc/ssl/certs/ca-certificates.crt")) (gn2-conf (computed-file "gn2.conf" (configuration-file-gexp `(("GN2_SECRETS" ,(string-append gn2-secrets "/gn2-secrets.py")) @@ -300,16 +319,27 @@ object." ("JS_GUIX_PATH" ,(file-append gn2-profile "/share/genenetwork2/javascript")) ("PLINK_COMMAND" ,(file-append gn2-profile "/bin/plink2")) ("SQL_URI" ,sql-uri) - ("SSL_PRIVATE_KEY" ,(string-append gn2-secrets "/gn2-ssl-private-key.pem")) - ("AUTH_SERVER_SSL_PUBLIC_KEY" ,(string-append gn2-secrets "/gn-auth-ssl-public-key.pem")))))) + ("AI_SEARCH_ENABLED" "True"))))) + (gn3-profile (profile + (content (package->development-manifest genenetwork3)) + (allow-collisions? #t))) + (gn3-ca-bundle (file-append gn3-profile "/etc/ssl/certs/ca-certificates.crt")) (gn3-conf (computed-file "gn3.conf" (configuration-file-gexp `(("AUTH_DB" ,auth-db) + ("AUTH_SERVER_URL" ,(string-append "https://" gn-auth-server-name "/")) ("DATA_DIR" ,gn3-data-directory) ("SOURCE_DIR" ,gn-sourcecode-directory) ("SPARQL_ENDPOINT" ,sparql-endpoint) ("SQL_URI" ,sql-uri) - ("XAPIAN_DB_PATH" ,xapian-db))))) + ("XAPIAN_DB_PATH" ,xapian-db) + ("GENOTYPE_FILES" ,genotype-files) + ("REAPER_COMMAND" ,(file-append gn2-profile "/bin/qtlreaper")) + ("LLM_DB_PATH" ,llm-db-path))))) + (gn-auth-profile (profile + (content (package->development-manifest gn-auth)) + (allow-collisions? #t))) + (gn-auth-ca-bundle (file-append gn-auth-profile "/etc/ssl/certs/ca-certificates.crt")) (gn-auth-conf (computed-file "gn-auth.conf" (configuration-file-gexp `(("GN_AUTH_SECRETS" ,(string-append gn-auth-secrets "/gn-auth-secrets.py")) @@ -337,7 +367,10 @@ object." (value gn2-conf)) (environment-variable (name "HOME") - (value "/tmp")))) + (value "/tmp")) + (environment-variable + (name "REQUESTS_CA_BUNDLE") + (value gn2-ca-bundle)))) (mappings (list database-mapping (file-system-mapping (source genotype-files) @@ -358,7 +391,13 @@ object." (file-system-mapping (source gn2-secrets) (target source) - (writable? #t))))) + (writable? #t)) + (file-system-mapping + (source gn2-ca-bundle) + (target source)))) + (extra-cli-arguments + (list "--log-level" + (string-upcase (symbol->string log-level))))) (gunicorn-app (name "genenetwork3") (package genenetwork3) @@ -382,7 +421,10 @@ object." (value gn3-secrets)) (environment-variable (name "HOME") - (value "/tmp")))) + (value "/tmp")) + (environment-variable + (name "REQUESTS_CA_BUNDLE") + (value gn3-ca-bundle)))) (mappings (list database-mapping (file-system-mapping (source gn3-conf) @@ -407,9 +449,15 @@ object." (source xapian-db) (target source)) (file-system-mapping - (source auth-db) + (source llm-db-path) (target source) - (writable? #t))))) + (writable? #t)) + (file-system-mapping + (source gn3-ca-bundle) + (target source)))) + (extra-cli-arguments + (list "--log-level" + (string-upcase (symbol->string log-level))))) (gunicorn-app (name "gn-auth") (package gn-auth) @@ -426,7 +474,10 @@ object." (value "/tmp")) (environment-variable (name "AUTHLIB_INSECURE_TRANSPORT") - (value "true")))) + (value "true")) + (environment-variable + (name "REQUESTS_CA_BUNDLE") + (value gn-auth-ca-bundle)))) (mappings (list database-mapping (file-system-mapping (source gn-auth-conf) @@ -438,14 +489,20 @@ object." (file-system-mapping (source gn-auth-secrets) (target source) - (writable? #t))))))))) + (writable? #t)) + (file-system-mapping + (source gn-auth-ca-bundle) + (target source)))) + (extra-cli-arguments + (list "--log-level" + (string-upcase (symbol->string log-level))))))))) (define (genenetwork-nginx-server-blocks config) "Return a list of @code{<nginx-server-configuration>} records specifying reverse proxies for the genenetwork service described by @var{config}, a @code{<genenetwork-configuration>} record." (match-record config <genenetwork-configuration> - (server-name gn-auth-server-name gn2-port gn3-port gn-auth-port) + (server-name gn-auth-server-name gn2-port gn3-port gn-auth-port gn3-alias-server-port) (list (nginx-server-configuration (server-name (list server-name)) (locations @@ -461,7 +518,16 @@ a @code{<genenetwork-configuration>} record." (body (list "rewrite /api3/(.*) /api/$1 break;" (string-append "proxy_pass http://localhost:" (number->string gn3-port) ";") - "proxy_set_header Host $host;")))))) + "proxy_set_header Host $host;"))) + (nginx-location-configuration + (uri "/gn3/") + (body + (list "rewrite /gn3/(.*) /$1 break;" + (string-append "proxy_pass http://localhost:" + (number->string gn3-alias-server-port) + ";") + "proxy_redirect off;" + "proxy_set_header Host $host;")))))) (nginx-server-configuration (server-name (list gn-auth-server-name)) (locations @@ -535,7 +601,8 @@ a @code{<genenetwork-configuration>} record." ("GN2_SERVER_URL" ,gn2-server-url))))) (gn-uploader-profile (profile (content (package->development-manifest gn-uploader)) - (allow-collisions? #t)))) + (allow-collisions? #t))) + (gn-uploader-ca-bundle (file-append gn-uploader-profile "/etc/ssl/certs/ca-certificates.crt"))) (list (gunicorn-app (name "gn-uploader") (package gn-uploader) @@ -552,7 +619,10 @@ a @code{<genenetwork-configuration>} record." (value "/tmp")) (environment-variable (name "GN_UPLOADER_ENVIRONMENT") - (value gn-uploader-profile)))) + (value gn-uploader-profile)) + (environment-variable + (name "REQUESTS_CA_BUNDLE") + (value gn-uploader-ca-bundle)))) (mappings (list database-mapping (file-system-mapping (source gn-uploader-conf) @@ -566,8 +636,13 @@ a @code{<genenetwork-configuration>} record." (writable? #t)) (file-system-mapping (source gn-uploader-profile) + (target source)) + (file-system-mapping + (source gn-uploader-ca-bundle) (target source)))) - (extra-cli-arguments (list "--log-level" log-level))))))) + (extra-cli-arguments + (list "--log-level" + (string-upcase (symbol->string log-level))))))))) (define (gn-uploader-nginx-server-block config) (match-record config <gn-uploader-configuration> @@ -582,7 +657,7 @@ a @code{<genenetwork-configuration>} record." #$(file-append gn-uploader "/lib/python" (python-version (package-version python)) - "/site-packages/qc_app;"))))) + "/site-packages/uploader;"))))) (nginx-location-configuration (uri "/") (body (list (string-append "proxy_pass http://localhost:" |