NextGraph
/
oxigraph
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Activity

Move the Dockerfile to server, delete and add docker-compose.yml and nginx.conf to the server/README.md, move the docker.yml workflow in doc.yml and use buildx. Fix the path of the URL generated in the YASGUI interface to take into account when the server is deployed on a subpath (e.g. http://oxigraph.org/sparql)

Browse Source
pull/186/head
Vincent Emonet 3 years ago committed by Thomas Tanon
parent 3cbdda9a33
commit d2eea24c96
7 changed files with 124 additions and 94 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 48
      .github/workflows/doc.yml
  2. 53
      .github/workflows/docker.yml
  3. 21
      docker-compose.yml
  4. 20
      nginx.conf
  5. 0
      server/Dockerfile
  6. 70
      server/README.md
  7. 6
      server/templates/query.html

48
.github/workflows/doc.yml
Unescape View File

@ -1,9 +1,11 @@
name: doc
name: doc and docker
on:
push:
branches:
- master
release:
types: [published]
jobs:
python:
@ -37,3 +39,47 @@ jobs:
git diff-index --quiet HEAD || git commit -m "Updates pyoxigraph documentation"
git push
working-directory: ./website
docker:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: 'recursive'
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
- name: Generate image ID and version
run: |
IMAGE_ID=ghcr.io/${{ github.repository_owner }}/oxigraph
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
[[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo "IMAGE_ID=$IMAGE_ID" >> $GITHUB_ENV
echo "VERSION=$VERSION" >> $GITHUB_ENV
# Cache: https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md#github-cache
- name: Build and publish Docker image
uses: docker/build-push-action@v2
with:
context: ./
file: ./server/Dockerfile
builder: ${{ steps.buildx.outputs.name }}
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
cache-from: type=gha
cache-to: type=gha,mode=max

53
.github/workflows/docker.yml
Unescape View File

@ -1,53 +0,0 @@
name: Publish Docker image
on:
workflow_dispatch:
push:
# Publish `master` branch as Docker `latest` image.
branches:
- master
paths:
- 'Dockerfile'
- 'lib/**'
- 'server/**'
- '.github/workflows/docker.yml'
# Publish `v0.1.2` release as image tag `0.1.2`.
release:
types: [published]
jobs:
build-and-publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: 'recursive'
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
- name: Generate image ID and version
run: |
IMAGE_ID=ghcr.io/${{ github.repository_owner }}/oxigraph
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
[[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo "IMAGE_ID=$IMAGE_ID" >> $GITHUB_ENV
echo "VERSION=$VERSION" >> $GITHUB_ENV
- name: Build docker image
run: |
docker build -t $IMAGE_ID:$VERSION .
- name: Push docker image
run: |
docker push $IMAGE_ID:$VERSION

21
docker-compose.yml
Unescape View File

@ -1,22 +1,23 @@
version: "3"
services:
oxigraph:
# image: oxigraph/oxigraph
build: .
# image: ghcr.io/oxigraph/oxigraph
## To build from local source code:
build:
context: .
dockerfile: server/Dockerfile
volumes:
- ./data:/data
nginx-auth:
image: nginx:1.21.4
environment:
- OXIGRAPH_USER=oxigraph
- OXIGRAPH_PASSWORD=oxigraphy
volumes:
- ./server/nginx.conf:/etc/nginx/nginx.conf
## For multiple users: uncomment this line to use your local .htpasswd file:
- ./nginx.conf:/etc/nginx/nginx.conf
## For multiple users: uncomment this line to mount a pre-generated .htpasswd
# - ./.htpasswd:/etc/nginx/.htpasswd
ports:
- 7878:7878
environment:
- OXIGRAPH_USER=${OXIGRAPH_USER:-oxigraph}
- OXIGRAPH_PASSWORD=${OXIGRAPH_PASSWORD:-oxigraphy}
entrypoint: "bash -c 'echo -n $OXIGRAPH_USER: >> /etc/nginx/.htpasswd && echo $OXIGRAPH_PASSWORD | openssl passwd -stdin -apr1 >> /etc/nginx/.htpasswd && /docker-entrypoint.sh nginx'"
entrypoint: "bash -c 'echo -n $OXIGRAPH_USER: >> /etc/nginx/.htpasswd && echo $OXIGRAPH_PASSWORD | openssl passwd -stdin -apr1 >> /etc/nginx/.htpasswd && /docker-entrypoint.sh nginx'"

20
server/nginx.conf → nginx.conf
Unescape View File

@ -1,38 +1,26 @@
daemon off;
events {
worker_connections 1024;
}
daemon off;
http {
server {
server_name localhost;
listen 7878;
rewrite ^/(.*) /$1 break;
proxy_ignore_client_abort on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
# Enable CORS requests
proxy_set_header Access-Control-Allow-Origin "*";
location ~ ^(/|/query)$ {
# limit_except GET POST OPTIONS {
# deny all;
# }
proxy_pass http://oxigraph:7878;
proxy_pass_request_headers on;
}
location /update {
# Auth: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/
limit_except GET POST {
deny all;
}
auth_basic "Oxygraph Administrator's Area";
location ~ ^(/update|/store)$ {
auth_basic "Oxigraph Administrator's Area";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://oxigraph:7878;
proxy_pass_request_headers on;
}
}
}
}

0
Dockerfile → server/Dockerfile
Unescape View File

70
server/README.md
Unescape View File

@ -98,22 +98,72 @@ curl -X POST -H 'Content-Type: application/sparql-update' --data 'DELETE WHERE {
It can be useful to make Oxigraph SPARQL endpoint available publicly, with a layer of authentication on `/update` to be able to add data.
To quickly use a single user/password you can define them in a `.env` file alongside the `docker-compose.yaml`:
You can do so by using a nginx basic authentication in an additional docker container with `docker-compose`. First create a `nginx.conf` file:
```nginx
daemon off;
events {
worker_connections 1024;
}
http {
server {
server_name localhost;
listen 7878;
rewrite ^/(.*) /$1 break;
proxy_ignore_client_abort on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header Access-Control-Allow-Origin "*";
location ~ ^(/|/query)$ {
proxy_pass http://oxigraph:7878;
proxy_pass_request_headers on;
}
location ~ ^(/update|/store)$ {
auth_basic "Oxigraph Administrator's Area";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://oxigraph:7878;
proxy_pass_request_headers on;
}
}
}
```
```sh
cat << EOF > .env
OXIGRAPH_USER=oxigraph
OXIGRAPH_PASSWORD=oxigraphy
EOF
Then a `docker-compose.yml` in the same folder, you can change the default user and password in the `environment` section:
```yaml
version: "3"
services:
oxigraph:
image: ghcr.io/oxigraph/oxigraph
## To build from local source code:
# build:
# context: .
# dockerfile: server/Dockerfile
volumes:
- ./data:/data
nginx-auth:
image: nginx:1.21.4
environment:
- OXIGRAPH_USER=oxigraph
- OXIGRAPH_PASSWORD=oxigraphy
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
## For multiple users: uncomment this line to mount a pre-generated .htpasswd
# - ./.htpasswd:/etc/nginx/.htpasswd
ports:
- 7878:7878
entrypoint: "bash -c 'echo -n $OXIGRAPH_USER: >> /etc/nginx/.htpasswd && echo $OXIGRAPH_PASSWORD | openssl passwd -stdin -apr1 >> /etc/nginx/.htpasswd && /docker-entrypoint.sh nginx'"
```
Start the Oxigraph server and nginx proxy for authentication with `docker-compose`:
Once the `docker-compose.yaml` and `nginx.conf` are ready, start the Oxigraph server and nginx proxy for authentication on http://localhost:7878:
```sh
docker-compose up
```
To make an update, first change `$OXIGRAPH_USER` and `$OXIGRAPH_PASSWORD`, or set the environment variables, then run:
To make an update to the graph, first change `$OXIGRAPH_USER` and `$OXIGRAPH_PASSWORD`, or set the environment variables, then run:
```sh
curl -X POST -u $OXIGRAPH_USER:$OXIGRAPH_PASSWORD -H 'Content-Type: application/sparql-update' --data 'INSERT DATA { <http://example.com/s> <http://example.com/p> <http://example.com/o> }' http://localhost:7878/update
@ -125,8 +175,6 @@ In case you want to have multiple users, you can comment the `entrypoint:` line
htpasswd -Bbn $OXIGRAPH_USER $OXIGRAPH_PASSWORD >> .htpasswd
```
> You can find the nginx configuration in `server/nginx.conf`
### Build the image
You could easily build your own Docker image by cloning this repository with its submodules, and going to the root folder:
@ -139,7 +187,7 @@ cd oxigraph
Then run this command to build the image locally:
````sh
docker build -t oxigraph/oxigraph .
docker build -t oxigraph/oxigraph -f server/Dockerfile .
````
## Homebrew

6
server/templates/query.html
Unescape View File

@ -11,12 +11,12 @@
<div id="yasgui"></div>
<script>
new Yasgui(document.getElementById("yasgui"), {
requestConfig: { endpoint: window.location.protocol + '//' + window.location.host + "/query" },
requestConfig: { endpoint: window.location.protocol + '//' + window.location.host + window.location.pathname + "/query" },
endpointCatalogueOptions: {
getData: function () {
return [
{ endpoint: window.location.protocol + '//' + window.location.host + "/query" },
{ endpoint: window.location.protocol + '//' + window.location.host + "/update" },
{ endpoint: window.location.protocol + '//' + window.location.host + window.location.pathname + "/query" },
{ endpoint: window.location.protocol + '//' + window.location.host + window.location.pathname + "/update" },
];
},
keys: [],

Write Preview
Loading…
Cancel
Save