Deploying to production
Prerequisites
- A Linux server with a working installation of Docker and Docker Compose.
- Git
Setup
Switch to the user you want to be running the service as. Then clone the repository:
Configure authorization
Provide the configuration for authorization in secrets/oauth.prod.env
:
SESSION_FILE = <LOCATION_OF_SESSION_STORE_DB_FILE>
CALLBACK_ROUTE = <CALLBACK_ENDPOINT_REGISTERED_WITH_PROVIDER>
OIDC_CLIENT_ID = <OIDC_CLIENT_ID>
OIDC_CLIENT_SECRET = <OIDC_CLIENT_SECRET>
CONF_URL = <OIDC_WELL_KNOWN_CONFIGURATION_URL>
SCOPE = <SCOPES>
DEFAULT_SCOPE = <DEFAULT_SCOPES>
LOGIN_REDIRECT_URL = <URL_WHERE_USER_LOGS_IN>
In case you want to use gpbuilder without any authentication (not recommended), simply provide an empty oauth.prod.env
file.
See also Authentication and authorization.
Setup coverage and segmental duplications
The files containing coverage and segmental duplications (segdup) information should be generated using the scripts in scripts/genomic-data/
. The frontend's configuration is stored in a JSON file under gpbuilder/resources/
(see example_settings.json
for an example).
See Coverage and Segmental Duplications for further details.
Build Docker images
You can now build the Docker images:
Running the service
Start the service,
If you opted out of using authentication, you should start the service with the USE_OAUTH
environment variable set to False
:
You now should be able to update coverage and segdup information (follow the instructions in the README).
Exposing the service through a web proxy
You should expose the service through a web proxy. If you use nginx, this is a good starting point (assuming your domain is gpb.your.doma.in
):
server {
listen 80;
listen [::]:80;
server_name gpb.your.doma.in;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_pass http://127.0.0.1:3000;
}
location ~* ^/(api/auth|api/v1|docs|openapi.json) {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:8000;
}
}