local docker-compose issues
This ticket contains a few issues I’ve run into when running aura-web through docker-compose. I’m not entirely sure, if they are all valid, so feel free to ignore them or close this ticket entirely if it doesn’t seem helpful.
environment
versions:
my .env file
STEERING_DB_PASS=steering
STEERING_DB_USER=steering
STEERING_DB_NAME=steering
STEERING_SECRET_KEY=abc
DJANGO_SUPERUSER_USERNAME=root
DJANGO_SUPERUSER_PASSWORD=my-password
DJANGO_SUPERUSER_EMAIL=km@roko.li
TANK_DB_PASS=tank
TANK_DB_USER=tank
TANK_DB_NAME=tank
# OIDC client ids should be 6-digit integers
TANK_OIDC_CLIENT_ID=283718
TANK_OIDC_CLIENT_SECRET=tank-oidc-secret
# Point to the path were the tank-store lies. If deploying playout and web together, this can remain unset and docker will use a named volume instead of a configured path.
# TANK_STORE_PATH=
# engine secret should be the same as configured in engine
# via the ENGINE_TANK_SECRET env variable in aura-playout
ENGINE_SECRET=abc
# Set the url to reach engine-api. This is only necessary if engine-api (e.g. aura-playout) is running on another machine than aura-web.
# INTERNAL_ENGINE_API_URL=
# leaving this empty should be ok for production; use http://localhost:8040 for dev
# TANK_CALLBACK_BASE_URL=http://aura.local:8040
TANK_CALLBACK_BASE_URL=
# OIDC client ids should be 6-digit integers
DASHBOARD_OIDC_CLIENT_ID=847165
DASHBOARD_OIDC_CLIENT_SECRET=dashboard-oidc-secret
# leaving this empty should be ok for production; use http://localhost:8080 for dev
# DASHBOARD_CALLBACK_BASE_URL=http://aura.local:8080
DASHBOARD_CALLBACK_BASE_URL=
AURA_HOST=aura.local
# Only needed for production
CERTBOT_EMAIL=
# Set to http if you don't want to use ssl
AURA_PROTO=http
# Disable if you want to handle ssl yourself (e.g if you are deploying behind a reverse proxy)
RUN_CERTBOT=false
# Configure dashboard clock
# Url the dashboard clock will bind to. You also need to provide the port. By default dashboard-clock will only be reachable from the local machine. To make it reachable from everywehere, set to 0.0.0.0:5001.
# DASHBOARD_CLOCK_BIND_URL=127.0.0.1:5001
# Include dashboard clock in the reverse proxy. This will make it reachable under $AURA_HOST/clock and usually it means the studio clock is now world-readable (no matter the bind URL you use above).
# INCLUDE_CLOCK=true
# Url the dashboard clock will be reachable from.
# DASHBOARD_CLOCK_HOST=127.0.0.1:5001
# DASHBOARD_CLOCK_NAME=Studio Clock
# DASHBOARD_CLOCK_LOGO_URL=https://gitlab.servus.at/aura/meta/-/raw/main/assets/images/aura-logo.png
# DASHBOARD_CLOCK_LOGO_SIZE=100px
# Set the engine-api url which is reachable for clients accessing dashboard clock (so usually the ip of the machine running engine-api).
# EXTERNAL_ENGINE_API_URL=
# UNKNOWN_TITLE_STRING=Unknown Title
# NO_CURRENT_TIMESLOT_STRING=No show playing
# NO_NEXT_TIMESLOT_STRING=Nothing scheduled next
# PLAY_OFFSET=3
# CSS=
# FALLBACK_TEXT=
TIMEZONE=Europe/Berlin
# versions/release numbers of the docker images for the components
STEERING_VERSION=unstable
TANK_VERSION=unstable
DASHBOARD_VERSION=unstable
DASHBOARD_CLOCK_VERSION=unstable
# Activate Icecast (either here if it's the only profile, or add to a line with all profiles)
# COMPOSE_PROFILES=icecast
# Include icecast in the reverse proxy, thus making it reachable via $AURA_HOST/icecast.
# INCLUDE_ICECAST=true
# Configure Icecast
# The source PW has to be the same as in engine-core.ini for the source
# ICECAST_SOURCE_PASSWORD=
# ICECAST_ADMIN_PASSWORD=
# ICECAST_PASSWORD=
# ICECAST_RELAY_PASSWORD=
# If you want to use a dev-setup, which exposes some more ports
# and builds the containers locally, uncomment the following
# line
COMPOSE_FILE=docker-compose.yml:docker-compose.dev.yml
Dashboard port
The dashboard dev server seems to start on port 8080
, but the port that is exposed, used in the healthcheck and configured in the nginx configuration is 80
. I guess that should be 8080
and the healthcheck override in docker-compose.dev.yml
can be removed.
NGINX fails
I’ve noticed race conditions between NGINX and other services while resolving my environment issues. I think the depends_on
section of the nginx
service should be changed from
steering:
condition: service_healthy
tank:
condition: service_healthy
dashboard:
condition: service_healthy
to
- steering
- tank
- dashboard
NGINX does not need these containers in healthy condition as it is resilient to their failures. This also seems to be the current philosophy regarding service dependencies.
Dashboard VUE_APP_-environment-variables
When accessing the dashboard I got an error when trying to login. I’ve noticed that there are a lot of VUE_APP_
prefixed variables in the vendor bundle (http://aura.local/js/chunk-vendors.js) that point to URLs with localhost
and different ports in them. I added the following environment variables to the dashboard
service:
VUE_APP_API_STEERING_OIDC_URI: ${AURA_PROTO:-https}://${AURA_HOST}/openid
VUE_APP_API_STEERING: ${AURA_PROTO:-https}://${AURA_HOST}/steering/api/v1/
VUE_APP_API_STEERING_SHOWS: ${AURA_PROTO:-https}://${AURA_HOST}/steering/api/v1/shows/
VUE_APP_BASEURI_STEERING: ${AURA_PROTO:-https}://${AURA_HOST}/steering
VUE_APP_BASEURI_MEDIA: ${AURA_PROTO:-https}://${AURA_HOST}/site_media
VUE_APP_API_TANK: ${AURA_PROTO:-https}://${AURA_HOST}/tank/api/v1/
VUE_APP_TANK: ${AURA_PROTO:-https}://${AURA_HOST}/tank/
VUE_APP_API_STEERING_OIDC_REDIRECT_URI: ${AURA_PROTO:-https}://${AURA_HOST}/oidc_callback.html
VUE_APP_API_STEERING_OIDC_REDIRECT_URI_SILENT: ${AURA_PROTO:-https}://${AURA_HOST}/oidc_callback_silentRenew.html
VUE_APP_API_STEERING_OIDC_REDIRECT_URI_POSTLOGOUT: ${AURA_PROTO:-https}://${AURA_HOST}
It looks like some of these should be removed from the dashboard altogether.