feat(persistent): data

Author: redgeoff

Dockerfile

@@ -73,8 +73,6 @@ WORKDIR /home/couchdb/couchdb
 
 EXPOSE 5984 6984 4369 9100-9200
 
-VOLUME ["/home/couchdb/couchdb/data"]
-
 COPY couchdb-process.sh /couchdb-process.sh
 COPY discover-process.sh /discover-process.sh
 COPY set-up-process.sh /set-up-process.sh

README.md

@@ -20,11 +20,30 @@ TODO
       -e COUCHDB_PASSWORD="admin" \
       -e COUCHDB_HASHED_PASSWORD="-pbkdf2-b1eb7a68b0778a529c68d30749954e9e430417fb,4da0f8f1d98ce649a9c5a3845241ae24,10" \
       -e COUCHDB_SECRET="mysecret" \
-      -e NODENAME="{{.Service.Name}}{{.Task.Slot}}" \
+      -e NODENAME="couchdb{{.Task.Slot}}" \
       -e SERVICE_NAME="{{.Service.Name}}" \
       -e TASK_SLOT="{{.Task.Slot}}" \
-      -e COUCHDB_CERT_FILE="/common/mydomain.crt" \
-      -e COUCHDB_KEY_FILE="/common/mydomain.key" \
-      -e COUCHDB_CACERT_FILE="/common/mydomain.crt" \
+      -e COUCHDB_CERT_FILE="/common/ssl/mydomain.crt" \
+      -e COUCHDB_KEY_FILE="/common/ssl/mydomain.key" \
+      -e COUCHDB_CACERT_FILE="/common/ssl/mydomain.crt" \
+      -p 6984:6984 \
+      redgeoff/couchdb-service
+
+    docker service create --replicas 2 --name couchdb --network couchdb-network \
+      --hostname="couchdb{{.Task.Slot}}" \
+      --mount type=bind,source=/home/ubuntu/common,destination=/common \
+      -e COUCHDB_COOKIE="mycookie" \
+      -e COUCHDB_USER="admin" \
+      -e COUCHDB_PASSWORD="admin" \
+      -e COUCHDB_HASHED_PASSWORD="-pbkdf2-b1eb7a68b0778a529c68d30749954e9e430417fb,4da0f8f1d98ce649a9c5a3845241ae24,10" \
+      -e COUCHDB_SECRET="mysecret" \
+      -e NODENAME="couchdb{{.Task.Slot}}" \
+      -e SERVICE_NAME="{{.Service.Name}}" \
+      -e TASK_SLOT="{{.Task.Slot}}" \
+      -e COUCHDB_CERT_FILE="/common/ssl/mydomain.co.crt" \
+      -e COUCHDB_KEY_FILE="/common/ssl/mydomain.co.key" \
+      -e COUCHDB_CACERT_FILE="/common/ssl/mydomain.co.crt" \
+      -e COUCHDB_DATA_DIR="/common/data/{{.Service.Name}}{{.Task.Slot}}" \
+      -e COUCHDB_LOCAL_INI="/common/etc/local.ini" \
       -p 6984:6984 \
       redgeoff/couchdb-service

couchdb-process.sh

@@ -2,6 +2,17 @@
 
 set -e
 
+if [ "$COUCHDB_DATA_DIR" ]; then
+  # Create a symbolic link to the CouchDB data so that we can prefix it with the service name and
+  # task slot
+  rm -rf /home/couchdb/couchdb/data
+
+  # Make sure directory exists
+  mkdir -p $COUCHDB_DATA_DIR
+
+  ln -s $COUCHDB_DATA_DIR /home/couchdb/couchdb/data
+fi
+
 # Use sname so that we can specify a short name, like those used by docker, instead of a host
 if [ ! -z "$NODENAME" ] && ! grep "couchdb@" /home/couchdb/couchdb/etc/vm.args; then
   # A cookie is needed so that the nodes can connect to each other using Erlang clustering
@@ -14,21 +25,18 @@ fi
 
 if [ "$COUCHDB_USER" ] && [ "$COUCHDB_PASSWORD" ] && [ -z "$COUCHDB_HASHED_PASSWORD" ]; then
   # Create admin
-  printf "[admins]\n%s = %s\n" "$COUCHDB_USER" "$COUCHDB_PASSWORD" > /home/couchdb/couchdb/etc/local.d/docker.ini
-  chown couchdb:couchdb /home/couchdb/couchdb/etc/local.d/docker.ini
+  printf "[admins]\n%s = %s\n" "$COUCHDB_USER" "$COUCHDB_PASSWORD" >> /home/couchdb/couchdb/etc/local.d/docker.ini
 fi
 
 if [ "$COUCHDB_USER" ] && [ "$COUCHDB_HASHED_PASSWORD" ]; then
   # Create the admin using the hashed password. As per https://stackoverflow.com/q/43958527/2831606
   # we need all nodes to have the exact same password hash.
   printf "[admins]\n%s = %s\n" "$COUCHDB_USER" "$COUCHDB_HASHED_PASSWORD" > /home/couchdb/couchdb/etc/local.d/docker.ini
-  chown couchdb:couchdb /home/couchdb/couchdb/etc/local.d/docker.ini
 fi
 
 if [ "$COUCHDB_SECRET" ]; then
   # Set secret
-  printf "[couch_httpd_auth]\nsecret = %s\n" "$COUCHDB_SECRET" > /home/couchdb/couchdb/etc/local.d/secret.ini
-  chown couchdb:couchdb /home/couchdb/couchdb/etc/local.d/secret.ini
+  printf "[couch_httpd_auth]\nsecret = %s\n" "$COUCHDB_SECRET" >> /home/couchdb/couchdb/etc/local.d/docker.ini
 fi
 
 if [ "$COUCHDB_CERT_FILE" ] && [ "$COUCHDB_KEY_FILE" ] && [ "$COUCHDB_CACERT_FILE" ]; then
@@ -40,8 +48,16 @@ if [ "$COUCHDB_CERT_FILE" ] && [ "$COUCHDB_KEY_FILE" ] && [ "$COUCHDB_CACERT_FIL
   # https://issues.apache.org/jira/browse/COUCHDB-3162, we need the following lines. TODO: remove
   # this in a later version of CouchDB 2.
   printf "ciphers = undefined\ntls_versions = undefined\nsecure_renegotiate = undefined\n" >> /home/couchdb/couchdb/etc/local.d/ssl.ini
+fi
+
+# Set the permissions. This is not needed as we are running couchdb as root
+# if [ -f /home/couchdb/couchdb/etc/local.d/docker.ini ];
+#   chown couchdb:couchdb /home/couchdb/couchdb/etc/local.d/docker.ini
+# fi
 
-  chown couchdb:couchdb /home/couchdb/couchdb/etc/local.d/ssl.ini
+if [ "$COUCHDB_LOCAL_INI" ]; then
+  # If a custom local.ini file is specified, e.g. through a volume, then copy it to CouchDB
+  cp $COUCHDB_LOCAL_INI /home/couchdb/couchdb/etc/local.d/local.ini
 fi
 
 /home/couchdb/couchdb/bin/couchdb