revolt init + grafana monitoring

2024-07-18 15:15:59 -06:00 · 2024-07-18 15:15:59 -06:00 · 019b71610e
commit 019b71610e
parent d3571e2bc7
10 changed files with 488 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+Revolt/data
--- a/Revolt/.env
+++ b/Revolt/.env
@ -0,0 +1,108 @@
+##
+## Quark configuration
+##
+
+# MongoDB
+MONGODB=mongodb://database
+
+# Redis
+REDIS_URI=redis://redis/
+
+# Hostname used for Caddy
+# This should in most cases match REVOLT_APP_URL
+HOSTNAME=http://local.revolt.chat
+
+# URL to where the Revolt app is publicly accessible
+REVOLT_APP_URL=http://local.revolt.chat
+
+# VITE_xxx variables are used in the new frontend https://github.com/revoltchat/frontend
+
+# URL to where the API is publicly accessible
+REVOLT_PUBLIC_URL=http://local.revolt.chat/api
+VITE_API_URL=http://local.revolt.chat/api
+
+# URL to where the WebSocket server is publicly accessible
+REVOLT_EXTERNAL_WS_URL=ws://local.revolt.chat/ws
+VITE_WS_URL=ws://local.revolt.chat/ws
+
+# URL to where Autumn is publicly available
+AUTUMN_PUBLIC_URL=http://local.revolt.chat/autumn
+VITE_MEDIA_URL=http://local.revolt.chat/autumn
+
+# URL to where January is publicly available
+JANUARY_PUBLIC_URL=http://local.revolt.chat/january
+VITE_PROXY_URL=http://local.revolt.chat/january
+
+
+##
+## hCaptcha Settings
+##
+
+# If you are sure that you don't want to use hCaptcha, set to 1.
+REVOLT_UNSAFE_NO_CAPTCHA=1
+
+# hCaptcha API key (This is the "Secret key" from your User Settings page)
+# REVOLT_HCAPTCHA_KEY=0x0000000000000000000000000000000000000000
+
+# hCaptcha site key
+# REVOLT_HCAPTCHA_SITEKEY=10000000-ffff-ffff-ffff-000000000001
+
+
+##
+## Email Settings
+##
+
+# If you are sure that you don't want to use email verification, set to 1.
+REVOLT_UNSAFE_NO_EMAIL=1
+
+# SMTP host
+# REVOLT_SMTP_HOST=smtp.example.com
+
+# SMTP username
+# REVOLT_SMTP_USERNAME=noreply@example.com
+
+# SMTP password
+# REVOLT_SMTP_PASSWORD=CHANGEME
+
+# SMTP From header
+# REVOLT_SMTP_FROM=Revolt <noreply@example.com>
+
+
+##
+## Application Settings
+##
+
+# Whether to only allow users to sign up if they have an invite code
+REVOLT_INVITE_ONLY=0
+
+# Maximum number of people that can be in a group chat
+REVOLT_MAX_GROUP_SIZE=150
+
+# VAPID keys for push notifications
+# Generate using this guide: https://gitlab.insrt.uk/revolt/delta/-/wikis/vapid
+# --> Please replace these keys before going into production! <--
+REVOLT_VAPID_PRIVATE_KEY=LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUJSUWpyTWxLRnBiVWhsUHpUbERvcEliYk1yeVNrNXpKYzVYVzIxSjJDS3hvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFWnkrQkg2TGJQZ2hEa3pEempXOG0rUXVPM3pCajRXT1phdkR6ZU00c0pqbmFwd1psTFE0WAp1ZDh2TzVodU94QWhMQlU3WWRldVovWHlBdFpWZmNyQi9BPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
+REVOLT_VAPID_PUBLIC_KEY=BGcvgR-i2z4IQ5Mw841vJvkLjt8wY-FjmWrw83jOLCY52qcGZS0OF7nfLzuYbjsQISwVO2HXrmf18gLWVX3Kwfw=
+
+
+##
+## Autumn configuration
+##
+
+# S3 Region
+AUTUMN_S3_REGION=minio
+
+# S3 Endpoint
+AUTUMN_S3_ENDPOINT=http://minio:9000
+
+# MinIO Root User
+MINIO_ROOT_USER=minioautumn
+
+# MinIO Root Password
+MINIO_ROOT_PASSWORD=minioautumn
+
+# AWS Access Key ID
+AWS_ACCESS_KEY_ID=minioautumn
+
+# AWS Secret Key
+AWS_SECRET_ACCESS_KEY=minioautumn
--- a/Revolt/.env.caddy
+++ b/Revolt/.env.caddy
@ -0,0 +1 @@
+HOSTNAME=http://local.revolt.chat
--- a/Revolt/Caddyfile
+++ b/Revolt/Caddyfile
@ -0,0 +1,42 @@
+{
+	admin :2019
+
+	servers {
+		metrics
+	}
+}
+
+// {$HOSTNAME} {
+:80 {
+	route /api* {
+		uri strip_prefix /api
+		reverse_proxy http://api:8000
+	}
+
+	route /ws {
+		@upgrade {
+			header Connection *Upgrade*
+			header Upgrade websocket
+		}
+
+		uri strip_prefix /ws
+		reverse_proxy @upgrade http://events:9000
+	}
+
+	route /autumn* {
+		uri strip_prefix /autumn
+		reverse_proxy http://autumn:3000
+	}
+
+	route /january* {
+		uri strip_prefix /january
+		reverse_proxy http://january:7000
+	}
+
+	route /stats* {
+		uri strip_prefix /stats
+		reverse_proxy http://grafana:3000
+	}
+
+	reverse_proxy http://web:5000
+}
--- a/Revolt/README.md
+++ b/Revolt/README.md
@ -0,0 +1,13 @@
+Run a revolt server with fancy monitoring (WIP)
+
+
+# Prep
+
+You may need to run
+```bash
+sudo mount --make-rshared /
+```
+
+# Before Prod
+- [ ] Change .env.grafana file usernames and passwords
+- [ ] Change .env file urls
--- a/Revolt/Revolt.toml
+++ b/Revolt/Revolt.toml
@ -0,0 +1,97 @@
+[database]
+mongodb = "mongodb://database"
+redis = "redis://redis/"
+
+[hosts]
+app = "http://local.revolt.chat"
+api = "http://local.revolt.chat/api"
+events = "ws://local.revolt.chat/ws"
+autumn = "http://local.revolt.chat/autumn"
+january = "http://local.revolt.chat/january"
+voso_legacy = ""
+voso_legacy_ws = ""
+
+[api]
+
+[api.registration]
+invite_only = false
+
+[api.smtp]
+host = ""
+username = ""
+password = ""
+from_address = ""
+
+[api.vapid]
+private_key = "LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUJSUWpyTWxLRnBiVWhsUHpUbERvcEliYk1yeVNrNXpKYzVYVzIxSjJDS3hvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFWnkrQkg2TGJQZ2hEa3pEempXOG0rUXVPM3pCajRXT1phdkR6ZU00c0pqbmFwd1psTFE0WAp1ZDh2TzVodU94QWhMQlU3WWRldVovWHlBdFpWZmNyQi9BPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo"
+public_key = "BGcvgR-i2z4IQ5Mw841vJvkLjt8wY-FjmWrw83jOLCY52qcGZS0OF7nfLzuYbjsQISwVO2HXrmf18gLWVX3Kwfw="
+
+[api.fcm]
+api_key = ""
+
+[api.apn]
+pkcs8 = ""
+key_id = ""
+team_id = ""
+
+[api.security]
+authifier_shield_key = ""
+voso_legacy_token = ""
+trust_cloudflare = false
+
+[api.security.captcha]
+hcaptcha_key = ""
+hcaptcha_sitekey = ""
+
+[api.workers]
+max_concurrent_connections = 50
+
+[features]
+webhooks_enabled = false
+
+[features.limits]
+
+[features.limits.global]
+group_size = 100
+message_embeds = 5
+message_replies = 5
+message_reactions = 20
+server_emoji = 100
+server_roles = 200
+server_channels = 200
+
+new_user_days = 3
+
+[features.limits.new_user]
+outgoing_friend_requests = 5
+
+bots = 2
+message_length = 2000
+message_attachments = 5
+servers = 100
+
+attachment_size = 20000000
+avatar_size = 4000000
+background_size = 6000000
+icon_size = 2500000
+banner_size = 6000000
+emoji_size = 500000
+
+[features.limits.default]
+outgoing_friend_requests = 10
+
+bots = 5
+message_length = 2000
+message_attachments = 5
+servers = 100
+
+attachment_size = 20000000
+avatar_size = 4000000
+background_size = 6000000
+icon_size = 2500000
+banner_size = 6000000
+emoji_size = 500000
+
+[sentry]
+api = ""
+events = ""
--- a/Revolt/compose.yaml
+++ b/Revolt/compose.yaml
@ -0,0 +1,183 @@
+services:
+  # r-proxy, log generator
+  caddy:
+    image: caddy:latest
+    restart: always
+    env_file: .env.caddy
+    ports:
+      - '8880:80'
+      - '4443:443'
+    volumes:
+      - './Caddyfile:/etc/caddy/Caddyfile'
+      - './data/caddy-data:/data'
+      - './data/caddy-config:/config'
+
+  ##########################################
+  #    Monitoring
+  #####
+
+  # log collector
+  prometheus:
+    image: prom/prometheus:latest
+    restart: always
+    volumes:
+      - ./prometheus/:/etc/prometheus/
+      - prometheus_storage:/prometheus
+    command:
+      - '--config.file=/etc/prometheus/prometheus.yml'
+      - '--storage.tsdb.path=/prometheus'
+      - '--web.console.libraries=/usr/share/prometheus/console_libraries'
+      - '--web.console.templates=/usr/share/prometheus/consoles'
+    ports:
+      - 9090:9090
+    # links:
+      # - cadvisor:cadvisor
+    depends_on:
+      - cadvisor
+      - caddy
+
+  # log viewer
+  grafana:
+    image: grafana/grafana:latest
+    user: "472"
+    restart: always
+    ports:
+      - 3000:3000
+    volumes:
+      - './grafana/provisioning/:/etc/grafana/provisioning/'
+      - 'grafana_storage:/var/lib/grafana'
+    env_file:
+      - ./grafana/.env.grafana
+    depends_on:
+      - prometheus
+
+  node-exporter:
+    image: quay.io/prometheus/node-exporter:latest
+    volumes:
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+      - /:/rootfs:ro
+      - /:/host:ro,rslave
+    command: 
+      - '--path.rootfs=/host'
+      - '--path.procfs=/host/proc' 
+      - '--path.sysfs=/host/sys'
+      - --collector.filesystem.mount-points-exclude
+      - "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)"
+    ports:
+      - 9100:9100
+    restart: always
+    deploy:
+      mode: global
+
+  cadvisor:
+    image: gcr.io/cadvisor/cadvisor
+    volumes:
+      - /:/rootfs:ro
+      - /var/run:/var/run:rw
+      - /sys:/sys:ro
+      - /var/lib/docker/:/var/lib/docker:ro
+    ports:
+      - 8080:8080
+    restart: always
+    deploy:
+      mode: global
+
+  ##########################################
+  #    Revolt
+  #####
+
+  # MongoDB database
+  database:
+    image: mongo
+    restart: always
+    volumes:
+      - './data/db:/data/db'
+
+  # Redis server
+  redis:
+    image: eqalpha/keydb
+    restart: always
+
+  # S3-compatible storage server
+  minio:
+    image: minio/minio
+    command: server /data
+    env_file: .env
+    volumes:
+      - './data/minio:/data'
+    restart: always
+
+  # API server (delta)
+  api:
+    image: ghcr.io/revoltchat/server:latest
+    env_file: .env
+    depends_on:
+      - database
+      - redis
+      - caddy
+    restart: always
+    volumes:
+      - './Revolt.toml:/Revolt.toml'
+
+  # Events service (quark)
+  events:
+    image: ghcr.io/revoltchat/bonfire:latest
+    env_file: .env
+    depends_on:
+      - database
+      - redis
+      - caddy
+    restart: always
+    volumes:
+      - './Revolt.toml:/Revolt.toml'
+
+  # Web App (revite)
+  web:
+    image: ghcr.io/revoltchat/client:master
+    env_file: .env
+    depends_on:
+      - caddy
+    restart: always
+
+  # File server (autumn)
+  autumn:
+    image: ghcr.io/revoltchat/autumn:latest
+    env_file: .env
+    depends_on:
+      - database
+      - createbuckets
+      - caddy
+    environment:
+      - AUTUMN_MONGO_URI=mongodb://database
+    restart: always
+
+  # Metadata and image proxy (january)
+  january:
+    image: ghcr.io/revoltchat/january:latest
+    depends_on:
+      - caddy
+    restart: always
+
+  # Create buckets for minio.
+  createbuckets:
+    image: minio/mc
+    depends_on:
+      - minio
+    env_file: .env
+    entrypoint: >
+      /bin/sh -c "
+      /usr/bin/mc config host add minio http://minio:9000 $MINIO_ROOT_USER $MINIO_ROOT_PASSWORD;
+      while ! /usr/bin/mc ready minio; do echo 'Waiting minio...' && sleep 1; done;
+      /usr/bin/mc mb minio/attachments;
+      /usr/bin/mc mb minio/avatars;
+      /usr/bin/mc mb minio/backgrounds;
+      /usr/bin/mc mb minio/icons;
+      /usr/bin/mc mb minio/banners;
+      /usr/bin/mc mb minio/emojis;
+      exit 0;
+      "
+
+volumes:
+  grafana_storage: {}
+  prometheus_storage: {}
--- a/Revolt/grafana/.env.grafana
+++ b/Revolt/grafana/.env.grafana
@ -0,0 +1,4 @@
+GF_AUTH_ANONYMOUS_ENABLED=true
+GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
+GF_AUTH_DISABLE_LOGIN_FORM=true
+GF_FEATURE_TOGGLES_ENABLE=traceqlEditor
--- a/Revolt/grafana/provisioning/datasources/datasources.yaml
+++ b/Revolt/grafana/provisioning/datasources/datasources.yaml
@ -0,0 +1,15 @@
+apiVersion: 1
+
+datasources:
+- name: Prometheus
+  type: prometheus
+  uid: prometheus
+  access: proxy
+  orgId: 1
+  url: http://prometheus:9090
+  basicAuth: false
+  isDefault: false
+  version: 1
+  editable: false
+  jsonData:
+    httpMethod: GET
--- a/Revolt/prometheus/prometheus.yml
+++ b/Revolt/prometheus/prometheus.yml
@ -0,0 +1,24 @@
+global:
+  scrape_interval: 15s
+  external_labels:
+      monitor: 'Revolt'
+
+scrape_configs:
+  - job_name: caddy
+    static_configs:
+      # docker networking
+      - targets: ['caddy:2019']
+
+  - job_name: 'prometheus'
+    static_configs:
+      - targets: ['localhost:9090']
+
+  - job_name: 'cadvisor'
+    static_configs:
+      - targets: ['cadvisor:8080']
+
+  - job_name: 'node-exporter'
+    static_configs:
+      - targets: ['node-exporter:9100']
+
+