{% from "macros/caddyfile.conf.jinja" import caddyfile %} {% set tpl = ix_lib.base.render.Render(values) %} {% set perm_container = tpl.deps.perms(values.consts.perms_container_name) %} {% set perms_config = {"uid": values.consts.run_as_user, "gid": values.consts.run_as_group, "mode": "check"} %} {% set pg_config = { "user": values.consts.db_user, "password": values.windmill.db_password, "database": values.consts.db_name, "volume": values.storage.postgres_data } %} {% set postgres = tpl.deps.postgres( values.consts.postgres_container_name, values.windmill.postgres_image_selector, pg_config, perm_container ) %} {# Windmill Server Container #} {% set server = tpl.add_container(values.consts.server_container_name, "image") %} {% do server.set_user(values.consts.run_as_user, values.consts.run_as_group) %} {% do server.healthcheck.set_test("wget", {"port": values.consts.server_internal_port, "path": "/api/version"}) %} {% do server.environment.add_env("DATABASE_URL", postgres.get_url("postgres")) %} {% do server.environment.add_env("MODE", "server") %} {% do server.environment.add_env("PORT", values.consts.server_internal_port) %} {% do server.environment.add_user_envs(values.windmill.additional_envs) %} {% do server.depends.add_dependency(values.consts.postgres_container_name, "service_healthy") %} {% do server.add_storage("/tmp/windmill/logs", values.storage.worker_logs) %} {# Windmill Worker Container #} {% set worker = tpl.add_container(values.consts.worker_container_name, "image") %} {% do worker.set_user(values.consts.run_as_user, values.consts.run_as_group) %} {% do worker.healthcheck.set_test("wget" , {"port": values.consts.worker_internal_port, "path": "/api/version"}) %} {% do worker.environment.add_env("DATABASE_URL", postgres.get_url("postgres")) %} {% do worker.environment.add_env("PORT", values.consts.worker_internal_port) %} {% do worker.environment.add_env("MODE", "worker") %} {% do worker.environment.add_env("WORKER_GROUP", "default") %} {% do worker.environment.add_user_envs(values.windmill.additional_envs) %} {% do worker.depends.add_dependency(values.consts.server_container_name, "service_healthy") %} {% do worker.depends.add_dependency(values.consts.postgres_container_name, "service_healthy") %} {% do worker.add_storage("/tmp/windmill/cache", values.storage.worker_cache) %} {% do worker.add_storage("/tmp/windmill/logs", values.storage.worker_logs) %} {% if values.windmill.mount_docker_socket %} {% do worker.add_docker_socket(read_only=False) %} {% endif %} {# Windmill Worker Native Container #} {% set worker_native = tpl.add_container(values.consts.worker_native_container_name, "image") %} {% do worker_native.set_user(values.consts.run_as_user, values.consts.run_as_group) %} {% do worker_native.healthcheck.set_test("wget" , {"port": values.consts.worker_native_internal_port, "path": "/api/version"}) %} {% do worker_native.environment.add_env("DATABASE_URL", postgres.get_url("postgres")) %} {% do worker_native.environment.add_env("PORT", values.consts.worker_native_internal_port) %} {% do worker_native.environment.add_env("MODE", "worker") %} {% do worker_native.environment.add_env("WORKER_GROUP", "native") %} {% do worker_native.environment.add_env("NUM_WORKERS", values.windmill.native_workers) %} {% do worker_native.environment.add_user_envs(values.windmill.additional_envs) %} {% do worker_native.depends.add_dependency(values.consts.worker_container_name, "service_healthy") %} {% do worker_native.depends.add_dependency(values.consts.postgres_container_name, "service_healthy") %} {% do worker_native.add_storage("/tmp/windmill/logs", values.storage.worker_logs) %} {# Windmill Worker Reports Container #} {% if values.windmill.enable_report_workers %} {% set worker_reports = tpl.add_container(values.consts.worker_reports_container_name, "image") %} {% do worker_reports.set_user(0, 0) %} {% do worker_reports.add_caps(["SETUID", "SETGID", "DAC_OVERRIDE", "FOWNER", "CHOWN"]) %} {% do worker_reports.healthcheck.set_test("wget" , {"port": values.consts.worker_reports_internal_port, "path": "/api/version"}) %} {% do worker_reports.environment.add_env("DATABASE_URL", postgres.get_url("postgres")) %} {% do worker_reports.environment.add_env("PORT", values.consts.worker_reports_internal_port) %} {% do worker_reports.environment.add_env("MODE", "worker") %} {% do worker_reports.environment.add_env("WORKER_GROUP", "reports") %} {% do worker_reports.environment.add_env("NUM_WORKERS", values.windmill.reports_workers) %} {% do worker_reports.environment.add_user_envs(values.windmill.additional_envs) %} {% do worker_reports.depends.add_dependency(values.consts.worker_container_name, "service_healthy") %} {% do worker_reports.depends.add_dependency(values.consts.postgres_container_name, "service_healthy") %} {% do worker_reports.add_storage("/tmp/windmill/logs", values.storage.worker_logs) %} {% if values.windmill.mount_docker_socket %} {% do worker_reports.add_docker_socket(read_only=False) %} {% endif %} {% endif %} {# LSP Container #} {% set lsp = tpl.add_container(values.consts.lsp_container_name, "lsp_image") %} {% do lsp.set_user(values.consts.run_as_user, values.consts.run_as_group) %} {% do lsp.healthcheck.set_test("wget", {"port": values.consts.lsp_internal_port, "path": "/health", "spider": false}) %} {% do lsp.environment.add_env("PORT", values.consts.lsp_internal_port) %} {% do lsp.environment.add_user_envs(values.windmill.additional_envs) %} {% do lsp.add_storage("/pyls/.cache", values.storage.lsp_cache) %} {# Caddy Container #} {% set caddy = tpl.add_container(values.consts.caddy_container_name, "caddy_image") %} {% do caddy.healthcheck.set_test("wget", {"port": values.network.web_port.port_number, "path": "/health"}) %} {% do caddy.set_user(values.consts.run_as_user, values.consts.run_as_group) %} {% do caddy.add_caps(["NET_BIND_SERVICE"]) %} {% do caddy.configs.add("caddyfile", caddyfile(values), "/etc/caddy/Caddyfile") %} {% do caddy.depends.add_dependency(values.consts.server_container_name, "service_healthy") %} {% do caddy.depends.add_dependency(values.consts.lsp_container_name, "service_healthy") %} {% do caddy.add_port(values.network.web_port) %} {% do caddy.add_port(values.network.smtp_port) %} {% do caddy.add_storage("/data", values.storage.caddy_data) %} {% do perm_container.add_or_skip_action("caddy_data", values.storage.caddy_data, perms_config) %} {% do perm_container.add_or_skip_action("lsp_cache", values.storage.lsp_cache, perms_config) %} {% do perm_container.add_or_skip_action("worker_cache", values.storage.worker_cache, perms_config) %} {% do perm_container.add_or_skip_action("worker_logs", values.storage.worker_logs, perms_config) %} {% for store in values.storage.additional_storage %} {% do server.add_storage(store.mount_path, store) %} {% do worker.add_storage(store.mount_path, store) %} {% do worker_native.add_storage(store.mount_path, store) %} {% if values.windmill.enable_report_workers %} {% do worker_reports.add_storage(store.mount_path, store) %} {% endif %} {% do perm_container.add_or_skip_action(store.mount_path, store, perms_config) %} {% endfor %} {% if perm_container.has_actions() %} {% do perm_container.activate() %} {% do server.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %} {% do worker.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %} {% if values.windmill.enable_report_workers %} {% do worker_reports.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %} {% endif %} {% do worker_native.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %} {% do lsp.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %} {% do caddy.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %} {% do postgres.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %} {% endif %} {% do tpl.portals.add(values.network.web_port) %} {{ tpl.render() | tojson }}