Age | Commit message (Collapse) | Author |
|
Add the uacme service to the public-sparql container and update the
services in order to automate the retrieval and update of HTTPS
certificates within the container.
|
|
|
|
Bind a host directory to container's /tmp to provide more space for
the /tmp and prevent the container from running out of space.
|
|
Not needed for the virtuoso daemon.
|
|
This helps avoid having a long list of directories to track and manage.
|
|
Explicitly name the public virtuoso's Database and transaction files
to prevent any possible conflicts with other virtuoso instances.
|
|
|
|
Define the `REQUESTS_CA_BUNDLE` for all applications that make use of
python's requests library. The library needs to know the location of
valid CA certificates in order to work as expected.
Expose the CA certificates bundles by adding them to the applications'
environments using the mappings objects.
|
|
Since the /tmp directory is used for a lot of things in the code, we
bind a host directory to it, so as to allow easier cleanup, and also
ensure the container does not run out of disk space.
|
|
|
|
GeneNetwork3 should not have direct access to the authorisation
database file.
* genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps):
Do not mount auth-db into genenetwork3 gunicorn app container.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
*
production.scm (operating-system)[services]{genenetwork-service-type}:
Add llm-db-path.
* production-deploy.sh: Share
/export2/guix-containers/genenetwork/var/lib/genenetwork-gnqa with
container.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
*
genenetwork/services/genenetwork.scm (<genenetwork-configuration>)[llm-db-path]:
New field.
(genenetwork-gunicorn-apps): Set LLM_DB_PATH in gn3.conf. Mount LLM
database into the container.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
* genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps):
Remove SSL_PRIVATE_KEY and AUTH_SERVER_SSL_PUBLIC_KEY.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
* genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps):
Set AI_SEARCH_ENABLED to True in gn3.conf.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
* production.scm (operating-system)[services]{virtuoso-service-type}:
Add dirs-allowed, number-of-buffers and maximum-dirty-buffers.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
* production-deploy.sh: Update paths for mysql, xapian and
genenetwork-sqlite directories. Share path to redis state directory.
* production.scm (operating-system)[services]{virtuoso-service-type}:
Update server-port and http-server-port.
{forge-nginx-service-type}: Update http and https ports.
{redis-service-type}: New service.
{genenetwork-service-type}: Update server-name, gn-auth-server-name,
gn2-port, gn3-port, gn-auth-port, xapian-db, sparql-endpoint and
gn3-data-directory. Add auth-db, log-level and gn3-alias-server-port.
Remove genotype-files.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
*
genenetwork/services/genenetwork.scm (<genenetwork-configuration>)[gn3-alias-server-port]:
New field.
(genenetwork-nginx-server-blocks): Rewrite URLs for the GN3 alias
server.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
* genenetwork/services/genenetwork.scm: Import (guix diagnostics)
and (guix i18n).
(sanitize-log-level): New function.
(<genenetwork-configuration>)[log-level]: Use sanitize-log-level as
the sanitizer.
(<gn-uploader-configuration>)[log-level]: Use sanitize-log-level as
the sanitizer.
|
|
*
genenetwork/services/genenetwork.scm (<gn-uploader-configuration>)[log-level]:
Change default to the symbol 'warning.
* genenetwork/services/genenetwork.scm (gn-uploader-gunicorn-app):
Pass --log-level to gunicorn.
|
|
* genenetwork/services/genenetwork.scm (<genenetwork-configuration>,
<gn-uploader-configuration>, build-xapian-index-cron-gexp): Re-format
and re-indent.
|
|
*
genenetwork/services/genenetwork.scm (<gn-uploader-configuration>)[auth-server-url,
gn2-server-url, log-level]: Regularize getter function names.
|
|
*
genenetwork/services/genenetwork.scm (<genenetwork-configuration>)[log-level]:
New field.
* genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps):
Pass --log-level to gunicorn.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
* genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps):
Set REAPER_COMMAND in gn3.conf.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
* genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps):
Set GENOTYPE_FILES in gn3.conf.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
* genenetwork-development.scm (set-build-directory-permissions-gexp):
New variable.
* genenetwork-development.scm (operating-system)[services]: Use
set-build-directory-permissions-gexp.
|
|
* genenetwork-development.scm (gn-gemtext-threads-project)[ci-jobs]:
Set LC_ALL environment variable.
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
|
|
This fixes an issue where gn3 auth defaults to "auth.genenetwork.org" during
query execution. Instead we explicitly set AUTH_SERVER_URL to
"auth-cd.genenetwork.org"
|
|
* slurm.scm (slurm): Upgrade to 24.05.3.
[arguments]: Remove Unix socket disabling.
|
|
|
|
|
|
|
|
* slurm.scm (slurm)[arguments]: Add --with-yaml configure flag.
|
|
* slurm-worker-deploy.sh: Install slurmrestd too.
|
|
* slurm-deploy.sh: Delete file.
* slurm-head-deploy.sh, slurm-worker-deploy.sh: New files.
* slurm.scm: Replace tux04 with octopus in comment.
|
|
* slurm.scm: Import http-parser from (gnu packages web).
(http-parser): Delete variable.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Fix the service activation code to make the gn-uploader data
directory, and all its children belong to the app user.
|
|
|
|
Make the container's logs available of the host to help with
troubleshooting and some stickiness for the logs.
|
|
While it is a tiny change, it does help to have an explicit indication
of what container you are currently working with, especially when you
need to do specific tasks inside the container itself with something
like `nsenter …` or `guix container exec …`.
With this commit, instead of a generic prompt like:
`root@genenetwork /#`,
you get a more specific prompt such as
`root@genenetwork-production /#`
which goes some ways in avoiding mistakes.
|
|
|
|
Add the scheduled indexer service to the
genenetwork-service-type. This will run the indexer script every hour.
|