diff --git a/Dockerfile b/Dockerfile index 7058aed1..e3a8f3ee 100755 --- a/Dockerfile +++ b/Dockerfile @@ -85,6 +85,8 @@ FROM base as app COPY --from=wheelhouse /var/wheels /var/wheels RUN pip install --no-index --find-links=/var/wheels -r $APP/requirements.txt +COPY client_config /var/client_config + # XXX: hacky way of generating a unique key on build, needs to be removed prior to deploy readiness # Generate a Django secret key # Set the Django secret key diff --git a/Makefile b/Makefile index 4657ad10..bca15db1 100755 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ endif DOCKERFILE=Dockerfile DOCKERFILE_TARGET=app DOCKER_REPOSITORY=${DOCKER_REGISTRY}/kreneskyp/ix/sandbox -HASH_FILES=requirements*.txt package.json Dockerfile +HASH_FILES=requirements*.txt package.json Dockerfile client_config IMAGE_TAG=$(shell cat $(HASH_FILES) | ${HASHER} | cut -d ' ' -f 1) IMAGE_URL=$(DOCKER_REPOSITORY):$(IMAGE_TAG) IMAGE_SENTINEL=.sentinel/image diff --git a/client_config/docker-compose.yml b/client_config/docker-compose.yml new file mode 100644 index 00000000..f2d6840b --- /dev/null +++ b/client_config/docker-compose.yml @@ -0,0 +1,76 @@ +version: "3" + +services: + db: + image: ghcr.io/kreneskyp/ix/postgres-pg-vector:15.3 + environment: + POSTGRES_PASSWORD: ix + POSTGRES_USER: ix + POSTGRES_DB: ix + POSTGRES_HOST_AUTH_METHOD: trust + volumes: + - postgres_data:/var/lib/postgresql/data + + web: + image: ghcr.io/kreneskyp/ix/sandbox:${IX_IMAGE_TAG} + #image: ghcr.io/ix:latest + command: uvicorn ix.server.asgi:application --host 0.0.0.0 --port 8001 --reload + ports: + - "8001:8001" + links: + - db + - redis + env_file: + - ${IX_ENV} + volumes: + - static:/var/static/ + - ./certs/:/vault/certs:ro,Z + environment: + DJANGO_SETTINGS_MODULE: "ix.server.settings" + + nginx: + image: nginx:latest + ports: + - "8000:8000" + volumes: + - ./nginx.conf:/etc/nginx/nginx.conf + - static:/var/static/ + depends_on: + - web + + worker: + image: ghcr.io/kreneskyp/ix/sandbox:${IX_IMAGE_TAG} + command: celery.sh + links: + - db + - redis + environment: + - ./certsrm -/:/vault/certs:ro,Z + env_file: + - ${IX_ENV} + + redis: + image: redis/redis-stack-server:latest + + chroma: + image: ghcr.io/chroma-core/chroma:0.4.11 + ports: + - "8020:8000" + + vault: + image: hashicorp/vault:1.14 + volumes: + - ./vault-config.hcl:/vault/config/config.hcl:ro + - ./certs/:/vault/certs:ro,Z + env_file: + - vault.env + command: "server -dev -dev-tls -config=/vault/config/config.hcl" + ports: + - "8200:8200" + cap_add: + - IPC_LOCK + +volumes: + static: + name: agent_ix_static + postgres_data: diff --git a/client_config/ix_env.py b/client_config/ix_env.py new file mode 100644 index 00000000..4a9f1118 --- /dev/null +++ b/client_config/ix_env.py @@ -0,0 +1,40 @@ +IX_ENV = """ +# ================================================================== +# GLOBAL ENVIRONMENT DEFAULTS: +# +# These values are set in the environment of app and worker containers +# They are used by defaults by the corresponding components. +# ================================================================== + +# OpenAI is the default LLM used by predefined agents. +OPENAI_API_KEY={OPENAI_API_KEY} + +# ================================================================== +# OPTIONAL SETUP: +# +# These values are only required when using the corresponding +# features. +# ================================================================== + +# LangSmith logging (requires a LangSmith account) +# LANGCHAIN_TRACING_V2=true +# LANGCHAIN_ENDPOINT=https://api.smith.langchain.com +# LANGCHAIN_API_KEY= +# LANGCHAIN_PROJECT=default + +# llms +GOOGLE_API_KEY= +ANTHROPIC_API_KEY= + +# Pinecone +PINECONE_API_KEY= +PINECONE_ENV= + +# search +GOOGLE_API_KEY= +GOOGLE_CX_ID= +WOLFRAM_APP_ID= + +# METAPHOR +METAPHOR_API_KEY= +""" diff --git a/client_config/nginx.conf b/client_config/nginx.conf new file mode 100644 index 00000000..96620646 --- /dev/null +++ b/client_config/nginx.conf @@ -0,0 +1,55 @@ +user nginx; +worker_processes auto; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + server_tokens off; + + access_log /var/log/nginx/access.log; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + + keepalive_timeout 65; + + gzip on; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + + server { + listen 8000; + server_name 0.0.0.0; + + location /static/ { + root /var/static/; + expires 1d; + rewrite ^/static/(.*)$ /$1 break; + } + + location /graphql-ws/ { + proxy_pass http://web:8001; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location / { + proxy_pass http://web:8001; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} + +} diff --git a/client_config/vault-config.hcl b/client_config/vault-config.hcl new file mode 100644 index 00000000..3a4453fe --- /dev/null +++ b/client_config/vault-config.hcl @@ -0,0 +1,10 @@ +disable_mlock = true + +# vault-config.hcl + + +storage "file" { + path = "/vault/file" +} + +