fix: removes default movies & tvshows paths from .env

.env

@@ -38,6 +38,3 @@ MESSENGER_TRANSPORT_DSN=doctrine://default?auto_setup=0
 ###< symfony/messenger ###
 
 REDIS_HOST=redis://redis
-
-MOVIES_PATH=/var/download/movies
-TVSHOWS_PATH=/var/download/tvshows

.gitignore

@@ -1,4 +1,5 @@
 .idea
+bolt.db
 ###> symfony/framework-bundle ###
 /.env.local
 /.env.local.php

Dockerfile

@@ -12,3 +12,5 @@ RUN install-php-extensions \
 	opcache
 
 HEALTHCHECK --interval=3s --timeout=3s --retries=10 CMD [ "php", "/app/bin/console", "startup:status" ]
+
+COPY docker/app/Caddyfile /etc/frankenphp/Caddyfile

Dockerfile.prod

@@ -1,11 +0,0 @@
-FROM registry.caldwell.digital/library/php:8.4-apache
-
-RUN apt-get update && \
-    apt-get install libldap2-dev -y && \
-    rm -rf /var/lib/apt/lists/* && \
-    docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \
-    docker-php-ext-install ldap
-
-COPY --chown=www-data:www-data . /var/www
-COPY bash/nginx.conf /etc/apache2/sites-enabled/vhost.conf
-RUN rm /etc/apache2/sites-enabled/000-default.conf

bash/app/wget_download.sh

@@ -1,2 +0,0 @@
-# $1 = movies/tvshows/etc, $2 = title of media, $3 = URL of download
-cd /var/download/${1} && if [ ! -d "${2}" ]; then mkdir "${2}"; fi && cd "${2}" && wget "${3}"

bash/nginx.conf

@@ -1,32 +0,0 @@
-server {
-    listen       80;
-    listen  [::]:80;
-    server_name  localhost;
-
-    root /var/www/public;
-
-    location /hub/ {
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header Host $host;
-        proxy_redirect   off;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_pass http://mercure/;
-    }
-
-
-    location / {
-        # try to serve file directly, fallback to index.php
-        try_files $uri /index.php$is_args$args;
-    }
-
-    location ~ \.php$ {
-        fastcgi_pass unix:/run/php-fpm.sock;
-        fastcgi_split_path_info ^(.+\.php)(/.*)$;
-        fastcgi_buffers 16 16k;
-        fastcgi_buffer_size 32k;
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
-        fastcgi_param DOCUMENT_ROOT $realpath_root;
-        internal;
-    }
-}

compose.yml

@@ -12,25 +12,40 @@ services:
       - $PWD/bash/caddy:/etc/caddy
       - $PWD/bash/certs:/etc/ssl
 
+
   app:
     build: .
     restart: unless-stopped
-    environment:
-      FRANKENPHP_CONFIG: "worker /app/public/index.php"
     volumes:
       - $PWD:/app
+      - mercure_data:/data
+      - mercure_config:/config
     tty: true
+    environment:
+      MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
+      MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
     depends_on:
       database:
         condition: service_healthy
 
+
   worker:
     build: .
     restart: unless-stopped
     volumes:
       - $PWD:/app
     tty: true
-    command: php /app/bin/console messenger:consume async -vv
+    command: php /app/bin/console messenger:consume async -vv --time-limit=3600 limit=10
+
+
+  scheduler:
+    build: .
+    restart: unless-stopped
+    volumes:
+      - $PWD:/app
+    command: php /app/bin/console messenger:consume scheduler_monitor -vv
+    tty: true
+
 
   redis:
     image: redis:latest
@@ -39,23 +54,6 @@ services:
     command: redis-server --maxmemory 512MB
     restart: unless-stopped
 
-  mercure:
-    image: dunglas/mercure
-    restart: unless-stopped
-    ports:
-      - "3000:80"
-    environment:
-      SERVER_NAME: ':80'
-      MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
-      MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
-      MERCURE_EXTRA_DIRECTIVES: |
-        cors_origins *
-        anonymous
-    command: /usr/bin/caddy run --config /etc/caddy/dev.Caddyfile
-    volumes:
-      - mercure_data:/data
-      - mercure_config:/config
-
 
   database:
     image: mariadb:10.11.2
@@ -74,11 +72,13 @@ services:
       timeout: 5s
       retries: 10
 
+
   adminer:
     image: adminer
     ports:
       - "8081:8080"
 
+
 volumes:
   mysql:
   mercure_data:

config/services.yaml

@@ -11,8 +11,8 @@ parameters:
     media.tvshows_path: '/var/download/%env(default:media.default_tvshows_dir:TVSHOWS_PATH)%'
 
     # Mercure
-    app.mercure.url: 'http://mercure/.well-known/mercure'
-    app.mercure.public_url: '%env(APP_URL)%/hub/.well-known/mercure'
+    app.mercure.url: 'http://app/.well-known/mercure'
+    app.mercure.public_url: '%env(APP_URL)%/.well-known/mercure'
 
     # Cache
     app.cache.adapter: '%env(default:app.cache.adapter.default:CACHE_ADAPTER)%'

deploy.compose.yml

@@ -3,8 +3,16 @@ services:
     image: registry.caldwell.digital/home/torsearch-app:${TAG}
     ports:
       - '8001:80'
+    environment:
+      MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
+      MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
     deploy:
       replicas: 2
+    volumes:
+      - /mnt/media/downloads/movies:/var/download/movies
+      - /mnt/media/downloads/tvshows:/var/download/tvshows
+      - mercure_data:/data
+      - mercure_config:/config
     depends_on:
       - database
 
@@ -15,9 +23,9 @@ services:
       - /mnt/media/downloads/movies:/var/download/movies
       - /mnt/media/downloads/tvshows:/var/download/tvshows
     restart: always
-    command: -vv
+    command: -vv --time-limit=3600 --limit=10
     deploy:
-      replicas: 4
+      replicas: 2
     depends_on:
       - app
 
@@ -25,44 +33,14 @@ services:
   scheduler:
     image: registry.caldwell.digital/home/torsearch-scheduler:${TAG}
     volumes:
-      - ./downloads:/var/download
+      - /mnt/media/downloads/movies:/var/download/movies
+      - /mnt/media/downloads/tvshows:/var/download/tvshows
     restart: always
+    command: -vv
     depends_on:
       - app
 
 
-  mercure:
-    image: dunglas/mercure
-    restart: unless-stopped
-    environment:
-      SERVER_NAME: ':80'
-      MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
-      MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
-      MERCURE_EXTRA_DIRECTIVES: |
-        cors_origins *
-        anonymous
-    command: /usr/bin/caddy run --config /etc/caddy/dev.Caddyfile
-    volumes:
-      - mercure_data:/data
-      - mercure_config:/config
-
-
-  database:
-    image: mariadb:10.11.2
-    volumes:
-      - mysql:/var/lib/mysql
-    environment:
-      MYSQL_DATABASE: app
-      MYSQL_USERNAME: app
-      MYSQL_PASSWORD: password
-      MYSQL_ROOT_PASSWORD: password
-    healthcheck:
-      test: [ "CMD", "mysqladmin" ,"ping", "-h", "localhost" ]
-      interval: 5s
-      timeout: 5s
-      retries: 10
-
-
   redis:
     image: redis:latest
     volumes:

docker/Dockerfile.app

@@ -1,6 +1,5 @@
 FROM dunglas/frankenphp
 
-ENV FRANKENPHP_CONFIG="worker /app/public/index.php 20"
 ENV SERVER_NAME=":80"
 ENV CADDY_GLOBAL_OPTIONS="auto_https off"
 ENV APP_RUNTIME="Runtime\\FrankenPhpSymfony\\Runtime"
@@ -13,10 +12,11 @@ RUN install-php-extensions \
 	opcache
 
 COPY . /app
-COPY --chmod=775 ./bash/entrypoint.sh /usr/local/bin/docker-entrypoint
+COPY --chmod=775 docker/app/entrypoint.sh /usr/local/bin/docker-entrypoint
+COPY docker/app/Caddyfile /etc/frankenphp/Caddyfile
 
 ENTRYPOINT [ "/usr/local/bin/docker-entrypoint" ]
 
-CMD [ "frankenphp", "run", "--config", "/etc/caddy/Caddyfile" ]
+CMD [ "frankenphp", "run", "--config", "/etc/frankenphp/Caddyfile" ]
 
 HEALTHCHECK --interval=3s --timeout=3s --retries=10 CMD [ "php", "/app/bin/console", "startup:status" ]

docker/Dockerfile.scheduler

@@ -1,4 +1,4 @@
-FROM dunglas/frankenphp
+FROM dunglas/frankenphp:php8.4-alpine
 
 ENV SERVER_NAME=":80"
 ENV CADDY_GLOBAL_OPTIONS="auto_https off"
@@ -13,4 +13,6 @@ RUN install-php-extensions \
 
 COPY . /app
 
-ENTRYPOINT [ "php", "/app/bin/console", "messenger:consume", "schedule_monitor" ]
+ENTRYPOINT [ "php", "/app/bin/console", "messenger:consume", "scheduler_monitor" ]
+
+HEALTHCHECK --interval=3s --timeout=3s --retries=10 CMD return 0

docker/app/Caddyfile

@@ -0,0 +1,61 @@
+{
+	{$CADDY_GLOBAL_OPTIONS}
+
+	frankenphp {
+		{$FRANKENPHP_CONFIG}
+
+
+	}
+}
+
+{$CADDY_EXTRA_CONFIG}
+
+{$SERVER_NAME:localhost} {
+	log {
+		{$CADDY_SERVER_LOG_OPTIONS}
+		# Redact the authorization query parameter that can be set by Mercure
+		format filter {
+			request>uri query {
+				replace authorization REDACTED
+			}
+		}
+	}
+
+	root /app/public
+	encode zstd br gzip
+
+	mercure {
+		# Publisher JWT key
+		publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG}
+		# Subscriber JWT key
+		subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG}
+		# Allow anonymous subscribers (double-check that it's what you want)
+		anonymous
+		# Enable the subscription API (double-check that it's what you want)
+		subscriptions
+		# Custmo cors
+		cors_origins *
+		# Extra directives
+		{$MERCURE_EXTRA_DIRECTIVES}
+	}
+
+	vulcain
+
+	{$CADDY_SERVER_EXTRA_DIRECTIVES}
+
+	# Disable Topics tracking if not enabled explicitly: https://github.com/jkarlin/topics
+	header ?Permissions-Policy "browsing-topics=()"
+
+	@phpRoute {
+		not path /.well-known/mercure*
+		not file {path}
+	}
+	rewrite @phpRoute index.php
+
+	@frontController path index.php
+	php @frontController
+
+	file_server {
+		hide *.php
+	}
+}

docker/app/supervisord.conf

@@ -1,9 +0,0 @@
-[program:messenger-consume]
-command=php /var/www/bin/console messenger:consume async --time-limit=3600
-user=nobody
-numprocs=2
-startsecs=0
-autostart=true
-autorestart=true
-startretries=10
-process_name=%(program_name)s_%(process_num)02d

nomad.deploy.hcl

@@ -0,0 +1,129 @@
+variable "image_tag" {
+  type        = string
+  description = "Docker image tag to deploy."
+  default     = "latest"
+}
+
+job "torsearch" {
+  datacenters = [ "home" ]
+  type = "service"
+
+  group "app" {
+    count = 2
+
+    update {
+      max_parallel     = 4
+      min_healthy_time = "30s"
+      healthy_deadline = "3m"
+      auto_revert = true
+    }
+
+    network {
+      port "app" {
+        to = 80
+      }
+    }
+
+    task "app" {
+      driver = "docker"
+
+      config {
+        image = "registry.caldwell.digital/home/torsearch-app:${var.image_tag}"
+        ports = ["app"]
+      }
+
+      env {
+        MERCURE_PUBLISHER_JWT_KEY = "!ChangeThisMercureHubJWTSecretKey!"
+        MERCURE_SUBSCRIBER_JWT_KEY = "!ChangeThisMercureHubJWTSecretKey!"
+      }
+
+      service {
+        name = "torsearch-app"
+        provider = "nomad"
+        port = "app"
+
+        meta {
+          nomad_ingress_enabled  = true
+          nomad_ingress_hostname = "torsearch-nomad.caldwell.digital"
+        }
+      }
+    }
+  }
+
+  group "worker" {
+    count = 2
+    update {
+      max_parallel     = 4
+      min_healthy_time = "30s"
+      healthy_deadline = "3m"
+      auto_revert = true
+    }
+
+    volume "media" {
+      type = "host"
+      source = "media"
+      read_only = false
+    }
+
+    task "worker" {
+      driver = "docker"
+
+      volume_mount {
+        volume      = "media"
+        destination = "/var/download"
+        read_only = false
+      }
+
+      config {
+        image = "registry.caldwell.digital/home/torsearch-worker:${var.image_tag}"
+        args = [
+          "-vv"
+        ]
+      }
+
+      service {
+        name = "torsearch-worker"
+        provider = "nomad"
+      }
+    }
+  }
+
+  group "scheduler" {
+    count = 1
+
+    update {
+      max_parallel     = 2
+      min_healthy_time = "30s"
+      healthy_deadline = "3m"
+      auto_revert = true
+    }
+
+    volume "media" {
+      type = "host"
+      source = "media"
+      read_only = false
+    }
+
+    task "scheduler" {
+      driver = "docker"
+
+      volume_mount {
+        volume      = "media"
+        destination = "/var/download"
+        read_only = false
+      }
+
+      config {
+        image = "registry.caldwell.digital/home/torsearch-scheduler:${var.image_tag}"
+        args = [
+          "-vv"
+        ]
+      }
+
+      service {
+        name = "torsearch-scheduler"
+        provider = "nomad"
+      }
+    }
+  }
+}