Move the Dockerfile to server, delete and add docker-compose.yml and nginx.conf to the server/README.md, move the docker.yml workflow in doc.yml and use buildx. Fix the path of the URL generated in the YASGUI interface to take into account when the server is deployed on a subpath (e.g. http://oxigraph.org/sparql)

pull/186/head
Vincent Emonet 3 years ago committed by Thomas Tanon
parent 3cbdda9a33
commit d2eea24c96
  1. 48
      .github/workflows/doc.yml
  2. 53
      .github/workflows/docker.yml
  3. 21
      docker-compose.yml
  4. 20
      nginx.conf
  5. 0
      server/Dockerfile
  6. 70
      server/README.md
  7. 6
      server/templates/query.html

@ -1,9 +1,11 @@
name: doc name: doc and docker
on: on:
push: push:
branches: branches:
- master - master
release:
types: [published]
jobs: jobs:
python: python:
@ -37,3 +39,47 @@ jobs:
git diff-index --quiet HEAD || git commit -m "Updates pyoxigraph documentation" git diff-index --quiet HEAD || git commit -m "Updates pyoxigraph documentation"
git push git push
working-directory: ./website working-directory: ./website
docker:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: 'recursive'
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
- name: Generate image ID and version
run: |
IMAGE_ID=ghcr.io/${{ github.repository_owner }}/oxigraph
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
[[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo "IMAGE_ID=$IMAGE_ID" >> $GITHUB_ENV
echo "VERSION=$VERSION" >> $GITHUB_ENV
# Cache: https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md#github-cache
- name: Build and publish Docker image
uses: docker/build-push-action@v2
with:
context: ./
file: ./server/Dockerfile
builder: ${{ steps.buildx.outputs.name }}
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
cache-from: type=gha
cache-to: type=gha,mode=max

@ -1,53 +0,0 @@
name: Publish Docker image
on:
workflow_dispatch:
push:
# Publish `master` branch as Docker `latest` image.
branches:
- master
paths:
- 'Dockerfile'
- 'lib/**'
- 'server/**'
- '.github/workflows/docker.yml'
# Publish `v0.1.2` release as image tag `0.1.2`.
release:
types: [published]
jobs:
build-and-publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: 'recursive'
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
- name: Generate image ID and version
run: |
IMAGE_ID=ghcr.io/${{ github.repository_owner }}/oxigraph
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
[[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo "IMAGE_ID=$IMAGE_ID" >> $GITHUB_ENV
echo "VERSION=$VERSION" >> $GITHUB_ENV
- name: Build docker image
run: |
docker build -t $IMAGE_ID:$VERSION .
- name: Push docker image
run: |
docker push $IMAGE_ID:$VERSION

@ -1,22 +1,23 @@
version: "3" version: "3"
services: services:
oxigraph: oxigraph:
# image: oxigraph/oxigraph # image: ghcr.io/oxigraph/oxigraph
build: . ## To build from local source code:
build:
context: .
dockerfile: server/Dockerfile
volumes: volumes:
- ./data:/data - ./data:/data
nginx-auth: nginx-auth:
image: nginx:1.21.4 image: nginx:1.21.4
environment:
- OXIGRAPH_USER=oxigraph
- OXIGRAPH_PASSWORD=oxigraphy
volumes: volumes:
- ./server/nginx.conf:/etc/nginx/nginx.conf - ./nginx.conf:/etc/nginx/nginx.conf
## For multiple users: uncomment this line to use your local .htpasswd file: ## For multiple users: uncomment this line to mount a pre-generated .htpasswd
# - ./.htpasswd:/etc/nginx/.htpasswd # - ./.htpasswd:/etc/nginx/.htpasswd
ports: ports:
- 7878:7878 - 7878:7878
environment: entrypoint: "bash -c 'echo -n $OXIGRAPH_USER: >> /etc/nginx/.htpasswd && echo $OXIGRAPH_PASSWORD | openssl passwd -stdin -apr1 >> /etc/nginx/.htpasswd && /docker-entrypoint.sh nginx'"
- OXIGRAPH_USER=${OXIGRAPH_USER:-oxigraph}
- OXIGRAPH_PASSWORD=${OXIGRAPH_PASSWORD:-oxigraphy}
entrypoint: "bash -c 'echo -n $OXIGRAPH_USER: >> /etc/nginx/.htpasswd && echo $OXIGRAPH_PASSWORD | openssl passwd -stdin -apr1 >> /etc/nginx/.htpasswd && /docker-entrypoint.sh nginx'"

@ -1,38 +1,26 @@
daemon off;
events { events {
worker_connections 1024; worker_connections 1024;
} }
daemon off;
http { http {
server { server {
server_name localhost; server_name localhost;
listen 7878; listen 7878;
rewrite ^/(.*) /$1 break; rewrite ^/(.*) /$1 break;
proxy_ignore_client_abort on; proxy_ignore_client_abort on;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host; proxy_set_header Host $http_host;
# Enable CORS requests
proxy_set_header Access-Control-Allow-Origin "*"; proxy_set_header Access-Control-Allow-Origin "*";
location ~ ^(/|/query)$ { location ~ ^(/|/query)$ {
# limit_except GET POST OPTIONS {
# deny all;
# }
proxy_pass http://oxigraph:7878; proxy_pass http://oxigraph:7878;
proxy_pass_request_headers on; proxy_pass_request_headers on;
} }
location ~ ^(/update|/store)$ {
location /update { auth_basic "Oxigraph Administrator's Area";
# Auth: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/
limit_except GET POST {
deny all;
}
auth_basic "Oxygraph Administrator's Area";
auth_basic_user_file /etc/nginx/.htpasswd; auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://oxigraph:7878; proxy_pass http://oxigraph:7878;
proxy_pass_request_headers on; proxy_pass_request_headers on;
} }
} }
} }

@ -98,22 +98,72 @@ curl -X POST -H 'Content-Type: application/sparql-update' --data 'DELETE WHERE {
It can be useful to make Oxigraph SPARQL endpoint available publicly, with a layer of authentication on `/update` to be able to add data. It can be useful to make Oxigraph SPARQL endpoint available publicly, with a layer of authentication on `/update` to be able to add data.
To quickly use a single user/password you can define them in a `.env` file alongside the `docker-compose.yaml`: You can do so by using a nginx basic authentication in an additional docker container with `docker-compose`. First create a `nginx.conf` file:
```nginx
daemon off;
events {
worker_connections 1024;
}
http {
server {
server_name localhost;
listen 7878;
rewrite ^/(.*) /$1 break;
proxy_ignore_client_abort on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header Access-Control-Allow-Origin "*";
location ~ ^(/|/query)$ {
proxy_pass http://oxigraph:7878;
proxy_pass_request_headers on;
}
location ~ ^(/update|/store)$ {
auth_basic "Oxigraph Administrator's Area";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://oxigraph:7878;
proxy_pass_request_headers on;
}
}
}
```
```sh Then a `docker-compose.yml` in the same folder, you can change the default user and password in the `environment` section:
cat << EOF > .env
OXIGRAPH_USER=oxigraph ```yaml
OXIGRAPH_PASSWORD=oxigraphy version: "3"
EOF services:
oxigraph:
image: ghcr.io/oxigraph/oxigraph
## To build from local source code:
# build:
# context: .
# dockerfile: server/Dockerfile
volumes:
- ./data:/data
nginx-auth:
image: nginx:1.21.4
environment:
- OXIGRAPH_USER=oxigraph
- OXIGRAPH_PASSWORD=oxigraphy
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
## For multiple users: uncomment this line to mount a pre-generated .htpasswd
# - ./.htpasswd:/etc/nginx/.htpasswd
ports:
- 7878:7878
entrypoint: "bash -c 'echo -n $OXIGRAPH_USER: >> /etc/nginx/.htpasswd && echo $OXIGRAPH_PASSWORD | openssl passwd -stdin -apr1 >> /etc/nginx/.htpasswd && /docker-entrypoint.sh nginx'"
``` ```
Start the Oxigraph server and nginx proxy for authentication with `docker-compose`: Once the `docker-compose.yaml` and `nginx.conf` are ready, start the Oxigraph server and nginx proxy for authentication on http://localhost:7878:
```sh ```sh
docker-compose up docker-compose up
``` ```
To make an update, first change `$OXIGRAPH_USER` and `$OXIGRAPH_PASSWORD`, or set the environment variables, then run: To make an update to the graph, first change `$OXIGRAPH_USER` and `$OXIGRAPH_PASSWORD`, or set the environment variables, then run:
```sh ```sh
curl -X POST -u $OXIGRAPH_USER:$OXIGRAPH_PASSWORD -H 'Content-Type: application/sparql-update' --data 'INSERT DATA { <http://example.com/s> <http://example.com/p> <http://example.com/o> }' http://localhost:7878/update curl -X POST -u $OXIGRAPH_USER:$OXIGRAPH_PASSWORD -H 'Content-Type: application/sparql-update' --data 'INSERT DATA { <http://example.com/s> <http://example.com/p> <http://example.com/o> }' http://localhost:7878/update
@ -125,8 +175,6 @@ In case you want to have multiple users, you can comment the `entrypoint:` line
htpasswd -Bbn $OXIGRAPH_USER $OXIGRAPH_PASSWORD >> .htpasswd htpasswd -Bbn $OXIGRAPH_USER $OXIGRAPH_PASSWORD >> .htpasswd
``` ```
> You can find the nginx configuration in `server/nginx.conf`
### Build the image ### Build the image
You could easily build your own Docker image by cloning this repository with its submodules, and going to the root folder: You could easily build your own Docker image by cloning this repository with its submodules, and going to the root folder:
@ -139,7 +187,7 @@ cd oxigraph
Then run this command to build the image locally: Then run this command to build the image locally:
````sh ````sh
docker build -t oxigraph/oxigraph . docker build -t oxigraph/oxigraph -f server/Dockerfile .
```` ````
## Homebrew ## Homebrew

@ -11,12 +11,12 @@
<div id="yasgui"></div> <div id="yasgui"></div>
<script> <script>
new Yasgui(document.getElementById("yasgui"), { new Yasgui(document.getElementById("yasgui"), {
requestConfig: { endpoint: window.location.protocol + '//' + window.location.host + "/query" }, requestConfig: { endpoint: window.location.protocol + '//' + window.location.host + window.location.pathname + "/query" },
endpointCatalogueOptions: { endpointCatalogueOptions: {
getData: function () { getData: function () {
return [ return [
{ endpoint: window.location.protocol + '//' + window.location.host + "/query" }, { endpoint: window.location.protocol + '//' + window.location.host + window.location.pathname + "/query" },
{ endpoint: window.location.protocol + '//' + window.location.host + "/update" }, { endpoint: window.location.protocol + '//' + window.location.host + window.location.pathname + "/update" },
]; ];
}, },
keys: [], keys: [],

Loading…
Cancel
Save