Dockerfile and Docker compose

2024-07-16 14:03:13 +02:00
parent 843daf8a35
commit ca84202168
12 changed files with 393 additions and 12 deletions
--- a/config/code_ocean.yml.docker
+++ b/config/code_ocean.yml.docker
@ -0,0 +1,74 @@
+default: &default
+  # The following legal URLs are displayed in the help modal of the application.
+  # legal:
+    # imprint_url: https://open.hpi.de/pages/imprint
+    # privacy_policy_url: https://open.hpi.de/pages/data-protection
+
+  # A public-facing host to be used for the render_file function of the SubmissionsController.
+  # User content will be served from this host. If not set, the default host is used (less secure!).
+  # render_host: codeocean.openhpiusercontent.de
+
+  flowr:
+    # When enabled, flowr can assist learners with related search results from
+    # StackOverflow.com regarding exceptions that occurred during code execution.
+    # The search is initiated through the learners' browser and displayed in the output pane.
+    enabled: false
+    # The number of search results to be displayed
+    answers_per_query: 3
+
+  codeharbor:
+    # When enabled, CodeHarbor is integrated in the teachers' view and allows importing
+    # and exporting exercises from CodeOcean using the ProFormA XML format to CodeHarbor.
+    enabled: false
+    # The root URL of CodeHarbor
+    url: https://codeharbor.openhpi.de
+
+  codeocean_events:
+    # When enabled, learner-specific events within the editor are stored and can be used
+    # as part of learning analytics. This setting enables the JavaScript event handlers.
+    enabled: false
+
+  prometheus_exporter:
+    # When enabled, a dedicated endpoint using the Prometheus format is offered and might
+    # be used by a Prometheus-compatible monitoring system. Exported metrics include absolute
+    # counters of all relations with specific support for Request-for-Comments.
+    enabled: false
+
+  runner_management:
+    # When enabled, CodeOcean delegates the handling and management of (containerized) runners
+    # to a dedicated runner management. Otherwise, code executions are performed locally using
+    # Docker and without pre-warming support (one container per execution).
+    enabled: true
+    # The strategy to use. Possible values are: poseidon, docker_container_pool
+    strategy: poseidon
+    # The root URL of the runner management to use (include any API prefix if required)
+    # If a hostname is specified and the target host is reachable via IPv6, the WebSocket
+    # connection might not use the IPv6-to-IPv4 fallback but rather fail unexpectedly.
+    url: http://127.0.0.1:7200/api/v1
+    # The root certificate authority to trust for TLS connections to the runner management (Poseidon only)
+    # ca_file: /example/certificates/ca.crt
+    # The authorization token for connections to the runner management (Poseidon only)
+    # If TLS support is not enabled, this token is transmitted in clear text!
+    # token: SECRET
+    # The maximum time in seconds a runner may idle at the runner management before it is removed.
+    # Each begin of an interaction with the runner resets this time. Thus, this value should
+    # be truly greater than any permitted execution time of an execution environment.
+    unused_runner_expiration_time: 180
+
+
+development:
+  <<: *default
+  flowr:
+    enabled: true
+  codeharbor:
+    enabled: true
+
+
+production:
+  <<: *default
+  prometheus_exporter:
+    enabled: true
+
+
+test:
+  <<: *default
--- a/config/database.yml.docker
+++ b/config/database.yml.docker
@ -0,0 +1,19 @@
+default: &default
+  adapter: postgresql
+  pool: 16
+  username: <%= ENV['POSTGRES_USER'] %>
+  password: <%= ENV['POSTGRES_PASSWORD'] %>
+  host: db
+
+development:
+  <<: *default
+  database: codeocean_development
+
+production:
+  <<: *default
+  database: codeocean_production
+
+test:
+  <<: *default
+  database: codeocean_test
+
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@ -53,11 +53,11 @@ Rails.application.configure do

  # Assume all access to the app is happening through a SSL-terminating reverse proxy.
  # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies.
-  config.assume_ssl = true
+  config.assume_ssl = false

  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-  config.force_ssl = true
-  config.ssl_options = {hsts: {preload: true}}
+  config.force_ssl = false
+  #config.ssl_options = {hsts: {preload: true}}

  if ENV['RAILS_LOG_TO_STDOUT'].present?
    # Log to STDOUT by default
@ -85,7 +85,7 @@ Rails.application.configure do

  # Ignore bad email addresses and do not raise email delivery errors.
  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
-  # config.action_mailer.raise_delivery_errors = false
+  config.action_mailer.raise_delivery_errors = false

  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
  # the I18n.default_locale when a translation cannot be found).
--- a/config/secrets.yml.docker
+++ b/config/secrets.yml.docker
@ -0,0 +1,26 @@
+# Shared secrets are available across all environments.
+
+# shared:
+#   api_key: a1B2c3D4e5F6
+
+# Environmental secrets are only available for that specific environment.
+
+default: &default
+  secret_key_base: CHANGE_ME
+  admin:
+    email: <%= ENV['ADMIN_MAIL'] %>
+    password: <%= ENV['ADMIN_PASSWORD'] %>
+
+development:
+  <<: *default
+
+test:
+  <<: *default
+
+# Do not keep production secrets in the unencrypted secrets file.
+# Instead, either read values from the environment.
+# Or, use `bin/rails secrets:setup` to configure encrypted secrets
+# and move the `production:` environment over there.
+
+production:
+  <<: *default