aboutsummaryrefslogtreecommitdiff
path: root/genenetwork
AgeCommit message (Collapse)Author
3 daysDefine REQUESTS_CA_BUNDLE envvar for python-requestsFrederick Muriuki Muriithi
Define the `REQUESTS_CA_BUNDLE` for all applications that make use of python's requests library. The library needs to know the location of valid CA certificates in order to work as expected. Expose the CA certificates bundles by adding them to the applications' environments using the mappings objects.
2024-10-29Do not share auth-db with genenetwork3 gunicorn app.Frederick Muriuki Muriithi
GeneNetwork3 should not have direct access to the authorisation database file. * genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps): Do not mount auth-db into genenetwork3 gunicorn app container. Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2024-10-29Add llm-db-path field to genenetwork configuration..Frederick Muriuki Muriithi
* genenetwork/services/genenetwork.scm (<genenetwork-configuration>)[llm-db-path]: New field. (genenetwork-gunicorn-apps): Set LLM_DB_PATH in gn3.conf. Mount LLM database into the container. Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2024-10-29Remove obsolete SSL key configuration.Frederick Muriuki Muriithi
* genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps): Remove SSL_PRIVATE_KEY and AUTH_SERVER_SSL_PUBLIC_KEY. Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2024-10-29Enable AI search in genenetwork service.Frederick Muriuki Muriithi
* genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps): Set AI_SEARCH_ENABLED to True in gn3.conf. Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2024-10-24Add GN3 alias server to genenetwork service.Frederick Muriuki Muriithi
* genenetwork/services/genenetwork.scm (<genenetwork-configuration>)[gn3-alias-server-port]: New field. (genenetwork-nginx-server-blocks): Rewrite URLs for the GN3 alias server. Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2024-10-24Add sanitizer for log-level configuration field.Arun Isaac
* genenetwork/services/genenetwork.scm: Import (guix diagnostics) and (guix i18n). (sanitize-log-level): New function. (<genenetwork-configuration>)[log-level]: Use sanitize-log-level as the sanitizer. (<gn-uploader-configuration>)[log-level]: Use sanitize-log-level as the sanitizer.
2024-10-24Make <gn-uploader-configuration> log-level a symbol.Arun Isaac
* genenetwork/services/genenetwork.scm (<gn-uploader-configuration>)[log-level]: Change default to the symbol 'warning. * genenetwork/services/genenetwork.scm (gn-uploader-gunicorn-app): Pass --log-level to gunicorn.
2024-10-24Re-format and improve indentation.Arun Isaac
* genenetwork/services/genenetwork.scm (<genenetwork-configuration>, <gn-uploader-configuration>, build-xapian-index-cron-gexp): Re-format and re-indent.
2024-10-24Regularize <gn-uploader-configuration> getter functions.Arun Isaac
* genenetwork/services/genenetwork.scm (<gn-uploader-configuration>)[auth-server-url, gn2-server-url, log-level]: Regularize getter function names.
2024-10-24Add log-level field to genenetwork-configuration.Frederick Muriuki Muriithi
* genenetwork/services/genenetwork.scm (<genenetwork-configuration>)[log-level]: New field. * genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps): Pass --log-level to gunicorn. Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2024-10-24Set REAPER_COMMAND in gn3.conf.Frederick Muriuki Muriithi
* genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps): Set REAPER_COMMAND in gn3.conf. Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2024-10-24Set GENOTYPE_FILES in gn3.conf.Frederick Muriuki Muriithi
* genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps): Set GENOTYPE_FILES in gn3.conf. Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2024-10-02Update server root for gn-uploader.Frederick Muriuki Muriithi
2024-08-13Forward the scheme to the client to generate correct URIs.Frederick Muriuki Muriithi
2024-08-13gn-uploader: Configure link to GN2 server.Frederick Muriuki Muriithi
2024-08-07gn-uploader: Add `AUTH_SERVER_URL` to the configurations.Frederick Muriuki Muriithi
2024-08-07gn-uploader: Update ENVVAR nameFrederick Muriuki Muriithi
2024-08-07gn-uploader: Update configuration variable name.Frederick Muriuki Muriithi
2024-07-22gn-uploader: use `gn-uploader-configuration` as default.Frederick Muriuki Muriithi
2024-07-22gn-uploader: make app user owner of upload directory treeFrederick Muriuki Muriithi
Fix the service activation code to make the gn-uploader data directory, and all its children belong to the app user.
2024-07-12Extend the genenetwork-service-type with the mcron indexer serviceFrederick Muriuki Muriithi
Add the scheduled indexer service to the genenetwork-service-type. This will run the indexer script every hour.
2024-07-12Generalise index-genenetwork cron gexpFrederick Muriuki Muriithi
Pass in the configuration to the gexp building function to make the builder function work across environments.
2024-06-28Make secrets dirs writable by relevant services.Frederick Muriuki Muriithi
2024-06-28Remove duplicated, and wrong settings.Frederick Muriuki Muriithi
2024-06-28Fix permissions: Only files are read-onlyFrederick Muriuki Muriithi
Directories need the execute bit set to actually be accessible to the owner.
2024-06-28Make relevant services available to each service.Frederick Muriuki Muriithi
2024-06-28Set secrets as directories for services with multiple secrets.Frederick Muriuki Muriithi
2024-06-28Add JWT SSL keys configurations.Frederick Muriuki Muriithi
2024-06-12gn-uploader: Setup profile pathFrederick Muriuki Muriithi
The profile path is necessary for use retrieving the included bootstrap content.
2024-05-07gn-uploader: Serve static files via nginx.Frederick Muriuki Muriithi
* genenetwork/services/genenetwork.scm: Import nginx from (gnu packages web), python from (gnu packages python), (guix build python-build-system) and (guix packages). (gn-uploader-nginx-server-block): Serve static files via nginx. Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2024-04-12gn-uploader: use installed entry-point.Frederick Muriuki Muriithi
2024-04-12gn-uploader: use defined app in wsgi.py to pick up logging configs.Frederick Muriuki Muriithi
2024-04-12Set up log level in gunicornadd-gunicorn-loggingFrederick Muriuki Muriithi
2024-04-10gn-uploader: Enable changing of log-level for container.Frederick Muriuki Muriithi
This commit enables us to change the logging level of the gn-uploader service within the container: this will help in the instances when we need to debug events in the application that are unexpected.
2024-04-09gn-uploader: Change ownership of data-directoryFrederick Muriuki Muriithi
While the share is technically writable from the container, the service was running as an unprivileged user, and thus could not write to the data-directory. This commit changes the ownership of the data-directory to the same user that runs the service.
2024-04-09gn-uploader: Made datadir writable and set up uploads directory.Frederick Muriuki Muriithi
2024-04-05Document configuration settingsPjotr Prins
2024-04-03Set up SQL_URI for gn-auth.Frederick Muriuki Muriithi
2024-04-03gendev: special machine for PjotrPjotr Prins
2024-04-01Share TMPDIR between GN2 and GN3Pjotr Prins
2024-04-01fallback: have gn2 and gn3 share a source directory so we can update/debug ↵Pjotr Prins
source code for development. See topics/systems/debug-and-developing-code-with-genenetwork-system-container.gmi
2024-03-28gn-uploader: Increment maximum size of uploadable files.Frederick Muriuki Muriithi
2024-03-25Add gn-uploader service.Frederick Muriuki Muriithi
* genenetwork/services/genenetwork.scm (<gn-uploader-configuration>): New type. (gn-uploader-activation, gn-uploader-gunicorn-app, gn-uploader-nginx-server-block): New functions. (gn-uploader-service-type): New variable. * uploader.scm, uploader-deploy.sh: New files. Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2024-03-21Add timeout for proxiesPjotr Prins
2024-03-05Let the gunicorn-gn-auth user own the auth database.Arun Isaac
gn-auth runs as the gunicorn-gn-auth user, not the genenetwork user. * genenetwork/services/genenetwork.scm (genenetwork-activation): Let the gunicorn-gn-auth user own the auth database. Reported-by: Frederick M. Muriithi <fredmanglis@protonmail.com>
2024-03-05Pass on the request scheme to GN2 appFrederick Muriuki Muriithi
This is useful to enable building URIs with the correct scheme in the application. These URIs are important when redirection to and from external services such as the gn-auth service.
2024-03-01Set AUTH_SERVER_URL on production genenetwork2.Arun Isaac
* genenetwork/services/genenetwork.scm (genenetwork-gunicorn-apps): Set AUTH_SERVER_URL on production genenetwork2.
2024-03-01Reverse proxy gn-auth on production.Arun Isaac
* genenetwork/services/genenetwork.scm (<genenetwork-configuration>)[gn-auth-server-name]: New field. * genenetwork/services/genenetwork.scm (genenetwork-nginx-server-block): Rename to ... (genenetwork-nginx-server-blocks): ... this. Return list of reverse proxy blocks including one for gn-auth. * genenetwork/services/genenetwork.scm (genenetwork-service-type): Use genenetwork-nginx-server-blocks instead of genenetwork-nginx-server-block. * production.scm (operating-system)[services]{genenetwork-service-type}: Add gn-auth-server-name.
2024-03-01Set owner-only permissions on secrets files.Arun Isaac
* genenetwork/services/genenetwork.scm (genenetwork-activation): Set owner-only permissions on secrets files.