jyapayne/langflow
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

ci: update docker image configuration for secure deployments (#5259)

Browse source 
* changes required for openshift to work with read-only dirs
This commit is contained in:
Jordan Frazier 2024-12-13 14:38:55 -08:00 committed by GitHub
commit ba6f5183be
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 62 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docker/build_and_push_ep.Dockerfile
View file

@ -88,4 +88,4 @@ ENV LANGFLOW_HOST=0.0.0.0
ENV LANGFLOW_PORT=7860
USER 1000
ENTRYPOINT ["python", "-m", "langflow", "run", "--host", "0.0.0.0", "--backend-only"]
CMD ["python", "-m", "langflow", "run", "--host", "0.0.0.0", "--backend-only"]

2
docker/frontend/build_and_push_frontend.Dockerfile
View file

@ -23,7 +23,7 @@ LABEL org.opencontainers.image.url=https://github.com/langflow-ai/langflow
LABEL org.opencontainers.image.source=https://github.com/langflow-ai/langflow
COPY --from=builder-base --chown=nginx /frontend/build /usr/share/nginx/html
COPY --chown=nginx ./docker/frontend/nginx.conf /etc/nginx/conf.d/default.conf
COPY --chown=nginx ./docker/frontend/start-nginx.sh /start-nginx.sh
COPY --chown=nginx ./docker/frontend/default.conf.template /etc/nginx/conf.d/default.conf.template
RUN chmod +x /start-nginx.sh
ENTRYPOINT ["/start-nginx.sh"]

43
docker/frontend/default.conf.template Normal file
View file

@ -0,0 +1,43 @@
worker_processes auto;
pid /tmp/nginx.pid;
events {}
http {
include /etc/nginx/mime.types;
default_type text/plain;
types {
text/html html;
text/css css;
application/javascript js;
}
server {
gzip on;
gzip_comp_level 2;
gzip_min_length 1000;
gzip_types text/xml text/css;
gzip_http_version 1.1;
gzip_vary on;
gzip_disable "MSIE [4-6] \.";
listen ${FRONTEND_PORT};
location / {
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri $uri/ /index.html =404;
}
location /api {
proxy_pass ${BACKEND_URL};
}
location /health_check {
proxy_pass ${BACKEND_URL};
}
location /health {
proxy_pass ${BACKEND_URL};
}
include /etc/nginx/extra-conf.d/*.conf;
}
}

21
docker/frontend/start-nginx.sh
View file

@ -1,6 +1,11 @@
#!/bin/sh
set -e
trap 'kill -TERM $PID' TERM INT
# Define writable directory for the final config
CONFIG_DIR="/tmp/nginx"
mkdir -p $CONFIG_DIR
# Check and set environment variables
if [ -z "$BACKEND_URL" ]; then
BACKEND_URL="$1"
fi
@ -14,12 +19,12 @@ if [ -z "$BACKEND_URL" ]; then
echo "BACKEND_URL must be set as an environment variable or as first parameter. (e.g. http://localhost:7860)"
exit 1
fi
echo "BACKEND_URL: $BACKEND_URL"
echo "FRONTEND_PORT: $FRONTEND_PORT"
sed -i "s|__BACKEND_URL__|$BACKEND_URL|g" /etc/nginx/conf.d/default.conf
sed -i "s|__FRONTEND_PORT__|$FRONTEND_PORT|g" /etc/nginx/conf.d/default.conf
cat /etc/nginx/conf.d/default.conf
# Export variables for envsubst
export BACKEND_URL FRONTEND_PORT
# Start nginx
exec nginx -g 'daemon off;'
# Use envsubst to substitute environment variables in the template
envsubst '${BACKEND_URL} ${FRONTEND_PORT}' < /etc/nginx/conf.d/default.conf.template > $CONFIG_DIR/default.conf
# Start nginx with the new configuration
exec nginx -c $CONFIG_DIR/default.conf -g 'daemon off;'

4
src/backend/base/langflow/services/database/service.py
View file

@ -62,6 +62,10 @@ class DatabaseService(Service):
else:
# Construct the path using the langflow directory.
self.alembic_log_path = Path(langflow_dir) / alembic_log_file
# Ensure the directory and file for the alembic log file exists
self.alembic_log_path.parent.mkdir(parents=True, exist_ok=True)
self.alembic_log_path.touch(exist_ok=True)
self._logged_pragma = False
def reload_engine(self) -> None: