Improves docker compose files (#660)

  - Separates networks of docker containers in order
    to improve isolation.
  - Improves docker container documentation

---------
Co-authored-by: Astitva <[email protected]>
Co-authored-by: prasadtalasila <[email protected]>

client/config/local.js

@@ -1,6 +1,6 @@
 if (typeof window !== 'undefined') {
   window.env = {
-    REACT_APP_ENVIRONMENT: 'dev',
+    REACT_APP_ENVIRONMENT: 'local',
     REACT_APP_URL: 'http://localhost/',
     REACT_APP_URL_BASENAME: '',
     REACT_APP_URL_DTLINK: '/lab',

deploy/config/lib

@@ -1,6 +1,6 @@
 PORT='4001'
 MODE='local'
-LOCAL_PATH ='filepath'
+LOCAL_PATH ='/Users/<Username>/DTaaS/files'
 LOG_LEVEL='debug'
-APOLLO_PATH='/lib' or ''
-GRAPHQL_PLAYGROUND='false' or 'true'
+APOLLO_PATH='/lib'
+GRAPHQL_PLAYGROUND='true'

deploy/config/lib.docker

@@ -1,6 +1,6 @@
 PORT='4001'
 MODE='local'
-LOCAL_PATH ='/dtaas/libms/files'
+LOCAL_PATH ='/Users/<Username>/DTaaS/files'
 LOG_LEVEL='debug'
 APOLLO_PATH='/lib'
 GRAPHQL_PLAYGROUND='true'

docker/.env

@@ -1,4 +1,4 @@
-DTAAS_DIR='/home/Desktop/DTaaS'
+DTAAS_DIR='/Users/<Username>/DTaaS'
 SERVER_DNS='foo.com'
 OAUTH_URL='https://gitlab.foo.com'
 CLIENT_ID='xx'

docker/README.md

@@ -43,7 +43,7 @@ accounts with specific usernames need to be created on gitlab.
 
 The first step is to finish the configuration for
 the traefik forward-auth container.
-The details are in [server docs](../../docs/admin/servers/auth.md).
+The details are in [server docs](../docs/admin/servers/auth.md).
 
 ### Docker Compose
 
@@ -57,13 +57,13 @@ Edit all the fields according to your specific case.
   |:------------|:---------------|:---------------|
   | DTAAS_DIR | '/home/Desktop/DTaaS' | Full path to the DTaaS directory. This is an absolute path with no trailing slash. |
   | SERVER_DNS | <http>_foo.com_</http> or <http>_localhost_</http> | The server DNS, if you are deploying with a dedicated server. Remember not use  <http:>http(s)</http:> at the beginning of the DNS string |
-  | BASE_URL | <http>_gitlab.foo.com_<http/> | The URL of your Gitlab instance |
+  | OAUTH_URL | <http>_gitlab.foo.com_<http/> | The URL of your Gitlab instance |
   | CLIENT_ID | 'xx' | The ID of your OAuth application |
   | CLIENT_SECRET | 'xx' | The Secret of your OAuth application |
   | OAUTH_SECRET | 'random-secret-string' | Any private random string |
   | username1 | 'user1' | The gitlab instance username of a user of DTaaS |
   | username2 | 'user2' | The gitlab instance username of a user of DTaaS |
-  | CLIENT_CONFIG | '/home/Desktop/DTaaS/deploy/config/client/env.js' | Full path to env.js file for client |
+  | CLIENT_CONFIG | '/Users/<Username>/DTaaS/deploy/config/client/env.js' | Full path to env.js file for client |
 
 Note: The Server DNS can also be an IP address.
 However, for proper working it is neccessary to use the
@@ -82,7 +82,7 @@ same convention (IP/DNS) in the `CLIENT_CONFIG` file as well.
   This file has to be configured properly.
 
   Further explanation on the client configuration is available in
-  [client config page](../../docs/admin/client/CLIENT.md).
+  [client config](../../docs/admin/client/CLIENT.md).
 
 ### Lib MS
 

docker/compose.local.yml

@@ -2,6 +2,7 @@ version: '3'
 services:
   traefik:
     image: traefik:v2.10
+    restart: unless-stopped
     command: 
       - "--api.insecure=true"
       - "--providers.docker=true"
@@ -12,9 +13,13 @@ services:
       - "80:80"
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
+    networks:
+      - frontend
+      - users
 
   libms:
     image: intocps/libms:latest
+    restart: unless-stopped
     volumes:
       - ${DTAAS_DIR}/deploy/config/lib.docker:/dtaas/libms/.env
       - ${DTAAS_DIR}/files:/dtaas/libms/files
@@ -24,9 +29,12 @@ services:
       - "traefik.http.services.libms.loadbalancer.server.port=4001"
       - "traefik.http.routers.libms.rule= PathPrefix(`/lib`)"
       - "traefik.http.routers.libms.middlewares=traefik-forward-auth"
+    networks:
+      - frontend
 
   client:
     image: intocps/dtaas-web:latest
+    restart: unless-stopped
     volumes:
       - ${CLIENT_CONFIG}:/dtaas/client/build/env.js
     labels:
@@ -35,9 +43,12 @@ services:
       - "traefik.http.services.client.loadbalancer.server.port=4000"
       - "traefik.http.routers.client.middlewares=traefik-forward-auth"
       - "traefik.http.routers.client.rule=PathPrefix(`/`)"
+    networks:
+      - frontend
 
   user1:
     image: mltooling/ml-workspace-minimal:0.13.2
+    restart: unless-stopped
     volumes:
       - ${DTAAS_DIR}/files/common:/workspace/common
       - ${DTAAS_DIR}/files/${username1}:/workspace
@@ -50,9 +61,12 @@ services:
       - "traefik.http.routers.u1.entryPoints=web"
       - "traefik.http.routers.u1.rule=PathPrefix(`/${username1}`) "
       - "traefik.http.routers.u1.middlewares=traefik-forward-auth"
+    networks:
+      - users
 
   user2:
     image: mltooling/ml-workspace-minimal:0.13.2
+    restart: unless-stopped
     volumes:
       - ${DTAAS_DIR}/files/common:/workspace/common 
       - ${DTAAS_DIR}/files/${username2}:/workspace
@@ -65,9 +79,12 @@ services:
       - "traefik.http.routers.u2.entryPoints=web"
       - "traefik.http.routers.u2.rule=PathPrefix(`/${username2}`) "
       - "traefik.http.routers.u2.middlewares=traefik-forward-auth"
+    networks:
+      - users
 
   traefik-forward-auth:
     image: thomseddon/traefik-forward-auth:latest
+    restart: unless-stopped
     volumes:
       - ${DTAAS_DIR}/docker/conf.local:/conf
     environment:
@@ -92,3 +109,13 @@ services:
       - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181"
       - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
       - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181"
+
+    networks:
+      - frontend
+      - users
+
+networks:
+  frontend:
+    name: dtaas-frontend
+  users:
+    name: dtaas-users

docker/compose.server.yml

@@ -2,6 +2,7 @@ version: '3'
 services:
   traefik:
     image: traefik:v2.10
+    restart: unless-stopped
     command: 
       - "--api.insecure=true"
       - "--providers.docker=true"
@@ -12,9 +13,13 @@ services:
       - "80:80"
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
+    networks:
+      - frontend
+      - users
 
   libms:
     image: intocps/libms:latest
+    restart: unless-stopped
     volumes:
       - ${DTAAS_DIR}/deploy/config/lib.docker:/dtaas/libms/.env
       - ${DTAAS_DIR}/files:/dtaas/libms/files
@@ -24,9 +29,12 @@ services:
       - "traefik.http.services.libms.loadbalancer.server.port=4001"
       - "traefik.http.routers.libms.rule=Host(`${SERVER_DNS}`)&&PathPrefix(`/lib`)"
       - "traefik.http.routers.libms.middlewares=traefik-forward-auth"
+    networks:
+      - frontend
 
   client:
     image: intocps/dtaas-web:latest
+    restart: unless-stopped
     volumes:
       - ${CLIENT_CONFIG}:/dtaas/client/build/env.js
     labels:
@@ -35,9 +43,12 @@ services:
       - "traefik.http.services.client.loadbalancer.server.port=4000"
       - "traefik.http.routers.client.middlewares=traefik-forward-auth"
       - "traefik.http.routers.client.rule=Host(`${SERVER_DNS}`)&&PathPrefix(`/`)"
+    networks:
+      - frontend
 
   user1:
     image: mltooling/ml-workspace-minimal:0.13.2
+    restart: unless-stopped
     volumes:
       - ${DTAAS_DIR}/files/common:/workspace/common
       - ${DTAAS_DIR}/files/${username1}:/workspace
@@ -50,9 +61,12 @@ services:
       - "traefik.http.routers.u1.entryPoints=web"
       - "traefik.http.routers.u1.rule=Host(`${SERVER_DNS}`)&&PathPrefix(`/${username1}`)"
       - "traefik.http.routers.u1.middlewares=traefik-forward-auth"
+    networks:
+      - users
 
   user2:
     image: mltooling/ml-workspace-minimal:0.13.2
+    restart: unless-stopped
     volumes:
       - ${DTAAS_DIR}/files/common:/workspace/common 
       - ${DTAAS_DIR}/files/${username2}:/workspace
@@ -65,9 +79,12 @@ services:
       - "traefik.http.routers.u2.entryPoints=web"
       - "traefik.http.routers.u2.rule=Host(`${SERVER_DNS}`)&&PathPrefix(`/${username2}`)"
       - "traefik.http.routers.u2.middlewares=traefik-forward-auth"
+    networks:
+      - users
 
   traefik-forward-auth:
     image: thomseddon/traefik-forward-auth:latest
+    restart: unless-stopped
     volumes:
       - ${DTAAS_DIR}/docker/conf.server:/conf
     environment:
@@ -92,3 +109,12 @@ services:
       - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181"
       - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
       - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181"
+    networks:
+      - frontend
+      - users
+
+networks:
+  frontend:
+    name: dtaas-frontend
+  users:
+    name: dtaas-users

docker/dev/.env

@@ -1,9 +1,9 @@
-DTAAS_DIR='/home/Desktop/DTaaS'
-SERVER_DNS='foo.com'
-OAUTH_URL='https://gitlab.foo.com'
+DTAAS_DIR='/Users/<Username>/DTaaS'
+SERVER_DNS='localhost'
+OAUTH_URL='https://gitlab.com'
 CLIENT_ID='xx'
 CLIENT_SECRET='xx'
 OAUTH_SECRET='random-secret-string'
-OAUTH_CONF_FILEPATH='/home/Desktop/DTaaS/docker/conf.local'
+OAUTH_CONF_FILEPATH='/Users/<Username>/DTaaS/docker/conf.local'
 username1='user1'
 username2='user2'

docker/dev/README.md

@@ -64,15 +64,24 @@ configuration files to be modified are given for each scenario.
 
 ### Development Environment
 
-This scenario is for software developers:
-
-### Client Website & Lib Configuration
+This scenario is for software developers.
 
 The configuration files to be updated are:
 
+1. docker/dev/.env
+   please see [docker README](../README.md) for help
+   with updating this config file)
+1. docker/conf.local
+   please see [server docs](../docs/admin/servers/auth.md) for help
+   with updating this config file)
 1. client/config/local.js
-1. deploy/config/lib.docker (optional)
+   please see [client config](../../docs/admin/client/CLIENT.md) for help
+   with updating this config file)
+1. servers/lib/config/.env.default
+   please see [lib config](../../docs/admin/servers/lib/LIB-MS.md) for help
+   with updating this config file)
 
+The docker commands need to be executed from this directory (`docker/dev`).
 The relevant docker commands are:
 
 ```bash

docker/dev/compose.dev.yml

@@ -2,6 +2,7 @@ version: '3'
 services:
   traefik:
     image: traefik:v2.10
+    restart: unless-stopped
     command: 
       - "--api.insecure=true"
       - "--providers.docker=true"
@@ -12,11 +13,15 @@ services:
       - "80:80"
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
+    networks:
+      - frontend
+      - users
 
   client:
     build: 
       context: ${DTAAS_DIR}/
       dockerfile: ${DTAAS_DIR}/docker/dev/client.dockerfile
+    restart: unless-stopped
     volumes:
       - "${DTAAS_DIR}/client/config/local.js:/dtaas/client/build/env.js"
     labels:
@@ -25,24 +30,29 @@ services:
       - "traefik.http.services.client.loadbalancer.server.port=4000"
       - "traefik.http.routers.client.middlewares=traefik-forward-auth"
       - "traefik.http.routers.client.rule=PathPrefix(`/`)"
+    networks:
+      - frontend
 
   libms:
-    image: intocps/libms:latest
     build: 
       context: ${DTAAS_DIR}/
-      dockerfile: ${DTAAS_DIR}/docker/libms.dockerfile
+      dockerfile: ${DTAAS_DIR}/docker/dev/libms.dockerfile
+    restart: unless-stopped
     volumes:
-      - ${DTAAS_DIR}/deploy/config/lib.docker:/dtaas/libms/.env
+      - ${DTAAS_DIR}/servers/lib/config/.env.default:/dtaas/libms/.env
       - ${DTAAS_DIR}/files:/dtaas/libms/files
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.libms.entryPoints=web"
       - "traefik.http.services.libms.loadbalancer.server.port=4001"
       - "traefik.http.routers.libms.rule= PathPrefix(`/lib`)"
       - "traefik.http.routers.libms.middlewares=traefik-forward-auth"
+    networks:
+      - frontend
 
   user1:
     image: mltooling/ml-workspace-minimal:0.13.2
+    restart: unless-stopped
     volumes:
       - ${DTAAS_DIR}/files/common:/workspace/common
       - ${DTAAS_DIR}/files/${username1}:/workspace
@@ -55,9 +65,12 @@ services:
       - "traefik.http.routers.u1.entryPoints=web"
       - "traefik.http.routers.u1.rule=PathPrefix(`/${username1}`) "
       - "traefik.http.routers.u1.middlewares=traefik-forward-auth"
+    networks:
+      - users
 
   user2:
     image: mltooling/ml-workspace-minimal:0.13.2
+    restart: unless-stopped
     volumes:
       - ${DTAAS_DIR}/files/common:/workspace/common 
       - ${DTAAS_DIR}/files/${username2}:/workspace
@@ -70,9 +83,12 @@ services:
       - "traefik.http.routers.u2.entryPoints=web"
       - "traefik.http.routers.u2.rule=PathPrefix(`/${username2}`) "
       - "traefik.http.routers.u2.middlewares=traefik-forward-auth"
+    networks:
+      - users
 
   traefik-forward-auth:
     image: thomseddon/traefik-forward-auth:latest
+    restart: unless-stopped
     volumes:
       - ${OAUTH_CONF_FILEPATH}:/conf
     environment:
@@ -97,3 +113,12 @@ services:
       - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181"
       - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
       - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181"
+    networks:
+      - frontend
+      - users
+
+networks:
+  frontend:
+    name: dtaas-frontend
+  users:
+    name: dtaas-users

servers/lib/config/.env.default

@@ -1,6 +1,6 @@
 PORT='4001'
-MODE='local' or 'gitlab'
+MODE='local'
 LOCAL_PATH ='/Users/<Username>/DTaaS/files'
 LOG_LEVEL='debug'
-APOLLO_PATH='/lib' or ''
-GRAPHQL_PLAYGROUND='false' or 'true'
+APOLLO_PATH='/lib'
+GRAPHQL_PLAYGROUND='true'