Age | Commit message (Collapse) | Author |
|
Make the container's logs available of the host to help with
troubleshooting and some stickiness for the logs.
|
|
*
production.scm (operating-system)[services]{genenetwork-service-type}:
Remove auth-db field.
* production-deploy.sh (container_script): Mount /var/genenetwork.
|
|
* genenetwork/services/genenetwork.scm (genenetwork-activation): Set
ownership of secrets files.
* production-deploy.sh: Mount secrets files read-write.
|
|
guix requires "=" between argument names and values.
* production-deploy.sh: Add "=" before --load-path argument value.
|
|
* production.scm: Import (genenetwork services genenetwork), (forge
acme), (forge nginx) and (forge socket). Import shepherd from (gnu
packages admin).
(operating-system)[sudoers-file]: Allow acme user to restart nginx.
(services): Add forge-nginx, acme and genenetwork services.
|
|
We don't want the Guix garbage collector accidentally clearing away
store items required by the container. So, register them as garbage
collector roots.
* genenetwork-development-deploy.sh, production-deploy.sh,
public-sparql-deploy.sh, virtuoso-deploy.sh: Register containers as
garbage collector roots.
|
|
We prefer /export2 to house really large data.
* genenetwork-development-deploy.sh, production-deploy.sh,
public-sparql-deploy.sh, virtuoso-deploy.sh: Move guix container state
to /export2.
|
|
* production.scm: Import (gnu services databases).
(operating-system)[services]: Add mysql-service-type.
* production-deploy.sh: Share mysql directory with container.
|
|
The production container need interact with the outside world only
through a single Unix socket file on which the GeneNetwork web server
listens. Hide all other interfaces to it.
* production-deploy.sh (container_script): Remove --network flag.
|
|
* production-deploy.sh, production.scm: New files.
|