2022-01-03 19:36:51 +03:00
|
|
|
# Copyright (c) 2022 Digital Asset (Switzerland) GmbH and/or its affiliates. All rights reserved.
|
2019-06-22 03:15:52 +03:00
|
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
|
|
|
resource "google_compute_network" "hoogle" {
|
|
|
|
name = "hoogle-network"
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_firewall" "hoogle" {
|
|
|
|
name = "hoogle-firewall"
|
2021-02-08 20:25:04 +03:00
|
|
|
network = google_compute_network.hoogle.name
|
2019-06-22 03:15:52 +03:00
|
|
|
target_tags = ["hoogle"]
|
|
|
|
|
|
|
|
source_ranges = ["130.211.0.0/22", "35.191.0.0/16"]
|
|
|
|
|
|
|
|
allow {
|
|
|
|
protocol = "tcp"
|
|
|
|
ports = ["8080", "8081"]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-04-08 17:59:16 +03:00
|
|
|
resource "google_compute_firewall" "hoogle-ssh" {
|
|
|
|
count = 0
|
|
|
|
name = "hoogle-ssh"
|
|
|
|
network = google_compute_network.hoogle.name
|
|
|
|
log_config {
|
|
|
|
metadata = "INCLUDE_ALL_METADATA"
|
|
|
|
}
|
|
|
|
allow {
|
|
|
|
protocol = "tcp"
|
|
|
|
ports = ["22"]
|
|
|
|
}
|
|
|
|
source_ranges = [
|
|
|
|
"35.194.81.56/32", # North Virginia
|
|
|
|
"35.189.40.124/32", # Sydney
|
|
|
|
"35.198.147.95/32", # Frankfurt
|
|
|
|
]
|
|
|
|
}
|
|
|
|
|
2021-04-08 11:07:11 +03:00
|
|
|
locals {
|
|
|
|
h_clusters = [
|
|
|
|
{
|
|
|
|
suffix = "-blue",
|
|
|
|
ubuntu_version = "2004",
|
2022-03-08 19:04:58 +03:00
|
|
|
size = 3,
|
2021-04-08 11:07:11 +03:00
|
|
|
},
|
|
|
|
{
|
|
|
|
suffix = "-green",
|
|
|
|
ubuntu_version = "2004",
|
2022-03-08 19:04:58 +03:00
|
|
|
size = 0,
|
2021-04-08 11:07:11 +03:00
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
|
2019-06-22 03:15:52 +03:00
|
|
|
resource "google_compute_instance_template" "hoogle" {
|
2021-04-08 11:07:11 +03:00
|
|
|
count = length(local.h_clusters)
|
|
|
|
name_prefix = "hoogle${local.h_clusters[count.index].suffix}-"
|
2019-06-22 03:15:52 +03:00
|
|
|
machine_type = "n1-standard-1"
|
|
|
|
tags = ["hoogle"]
|
2021-02-08 20:25:04 +03:00
|
|
|
labels = local.machine-labels
|
2019-06-22 03:15:52 +03:00
|
|
|
|
|
|
|
disk {
|
|
|
|
boot = true
|
|
|
|
disk_size_gb = 20
|
2021-04-08 11:07:11 +03:00
|
|
|
source_image = "ubuntu-os-cloud/ubuntu-${local.h_clusters[count.index].ubuntu_version}-lts"
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
metadata_startup_script = <<STARTUP
|
|
|
|
#! /bin/bash
|
2019-09-27 17:42:31 +03:00
|
|
|
set -euo pipefail
|
2021-08-11 16:52:43 +03:00
|
|
|
export DEBIAN_FRONTEND=noninteractive
|
2019-06-22 03:15:52 +03:00
|
|
|
apt-get update
|
|
|
|
apt-get -y upgrade
|
|
|
|
### stackdriver
|
2022-02-22 21:33:21 +03:00
|
|
|
# Taken from https://cloud.google.com/logging/docs/agent/logging/installation
|
|
|
|
curl -sSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
|
|
|
|
curl -sSL https://dl.google.com/cloudagents/add-logging-agent-repo.sh | bash -s -- --also-install
|
2019-06-22 03:15:52 +03:00
|
|
|
### nginx
|
|
|
|
apt-get -y install nginx
|
|
|
|
cat > /etc/nginx/nginx.conf <<NGINX
|
|
|
|
user www-data;
|
|
|
|
worker_processes auto;
|
|
|
|
pid /run/nginx.pid;
|
|
|
|
events {
|
|
|
|
worker_connections 768;
|
|
|
|
}
|
|
|
|
http {
|
|
|
|
sendfile on;
|
|
|
|
tcp_nopush on;
|
|
|
|
tcp_nodelay on;
|
|
|
|
keepalive_timeout 65;
|
|
|
|
types_hash_max_size 2048;
|
|
|
|
include /etc/nginx/mime.types;
|
|
|
|
default_type application/octet-stream;
|
|
|
|
access_log /var/log/nginx/access.log;
|
|
|
|
error_log /var/log/nginx/error.log;
|
|
|
|
server {
|
|
|
|
listen 8081 default_server;
|
|
|
|
server_name _;
|
2019-09-27 17:42:31 +03:00
|
|
|
return 307 https://hoogle.daml.com\$request_uri;
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
NGINX
|
|
|
|
service nginx restart
|
|
|
|
### hoogle
|
|
|
|
apt-get -y install curl git
|
|
|
|
useradd hoogle
|
|
|
|
mkdir /home/hoogle
|
|
|
|
chown hoogle:hoogle /home/hoogle
|
|
|
|
cd /home/hoogle
|
2021-04-08 17:59:16 +03:00
|
|
|
mkdir /nix
|
|
|
|
chown hoogle:hoogle /nix
|
|
|
|
runuser -l hoogle <<'HOOGLE_SETUP'
|
|
|
|
curl -sSfL https://nixos.org/nix/install | sh
|
|
|
|
. /home/hoogle/.nix-profile/etc/profile.d/nix.sh
|
|
|
|
# Feel free to bump the commit, this was the latest
|
|
|
|
# # at the time of creation.
|
2021-11-04 13:22:30 +03:00
|
|
|
export NIX_PATH=nixpkgs=https://github.com/NixOS/nixpkgs/archive/c50e680b03adecae01fdd1ea4e44c82e641de0cf.tar.gz
|
2021-04-09 15:17:03 +03:00
|
|
|
cat << EOF > /home/hoogle/hoogle_overlay.nix
|
|
|
|
super:
|
|
|
|
{
|
|
|
|
haskellPackages = super.haskellPackages.override {
|
|
|
|
overrides = haskellSelf: haskellSuper: {
|
|
|
|
hoogle = super.haskell.lib.appendPatch haskellSuper.hoogle
|
|
|
|
(super.fetchurl {
|
|
|
|
url = "https://patch-diff.githubusercontent.com/raw/ndmitchell/hoogle/pull/367.patch";
|
|
|
|
sha256 = "1p0xdnfjicl5zp6g0fkqjk9mgm6fqzl7sz0v5m51chzd7lwx181y";
|
|
|
|
});
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|
|
|
|
EOF
|
|
|
|
HOOGLE_PATH=$(nix-build --no-out-link -E '((import /home/hoogle/hoogle_overlay.nix) (import <nixpkgs> {})).haskellPackages.hoogle')
|
2021-04-08 17:59:16 +03:00
|
|
|
mkdir -p /home/hoogle/.local/bin
|
|
|
|
ln -s $HOOGLE_PATH/bin/hoogle /home/hoogle/.local/bin/hoogle
|
2021-04-08 19:45:47 +03:00
|
|
|
cat > /home/hoogle/refresh-db.sh <<MAKE_DB
|
2019-06-22 03:15:52 +03:00
|
|
|
#!/usr/bin/env bash
|
2021-04-08 19:45:47 +03:00
|
|
|
set -euo pipefail
|
2019-06-22 03:15:52 +03:00
|
|
|
log() {
|
2019-06-26 21:42:23 +03:00
|
|
|
echo "[\$(date -Is)] \$1" >> /home/hoogle/cron_log.txt
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
2022-03-08 19:04:58 +03:00
|
|
|
log "Checking for new Daml version..."
|
2021-04-08 19:45:47 +03:00
|
|
|
cd /home/hoogle
|
2019-06-22 03:15:52 +03:00
|
|
|
mkdir new-daml
|
2021-04-08 19:45:47 +03:00
|
|
|
curl -s https://docs.daml.com/hoogle_db.tar.gz --output db.tar.gz
|
|
|
|
tar xzf db.tar.gz -C new-daml --strip-components=1
|
2019-06-22 03:15:52 +03:00
|
|
|
if ! diff -rq daml new-daml; then
|
|
|
|
log "New version detected. Creating database..."
|
|
|
|
rm -rf daml
|
|
|
|
mv new-daml daml
|
2021-04-08 19:45:47 +03:00
|
|
|
rm -f daml.hoo
|
2019-06-22 03:15:52 +03:00
|
|
|
/home/hoogle/.local/bin/hoogle generate --database=daml.hoo --local=daml
|
|
|
|
log "Killing running instance..."
|
2021-04-08 19:45:47 +03:00
|
|
|
killall hoogle || true
|
|
|
|
log "Starting new server..."
|
2019-06-22 03:15:52 +03:00
|
|
|
nohup /home/hoogle/.local/bin/hoogle server --database=daml.hoo --log=.log.txt --port=8080 >> out.txt &
|
|
|
|
log "New server started."
|
|
|
|
else
|
|
|
|
log "No change detected."
|
|
|
|
rm -rf new-daml
|
|
|
|
fi
|
|
|
|
log "Done."
|
2021-04-08 19:45:47 +03:00
|
|
|
MAKE_DB
|
2019-06-26 21:42:23 +03:00
|
|
|
chmod +x /home/hoogle/refresh-db.sh
|
2021-04-08 19:45:47 +03:00
|
|
|
./refresh-db.sh
|
|
|
|
echo "*/5 * * * * /home/hoogle/refresh-db.sh" | crontab -
|
|
|
|
echo "Successfully ran startup script."
|
|
|
|
tail -f cron_log.txt
|
|
|
|
HOOGLE_SETUP
|
2019-06-22 03:15:52 +03:00
|
|
|
STARTUP
|
|
|
|
|
|
|
|
network_interface {
|
2021-02-08 20:25:04 +03:00
|
|
|
network = google_compute_network.hoogle.name
|
|
|
|
access_config {}
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
service_account {
|
|
|
|
email = "log-writer@da-dev-gcp-daml-language.iam.gserviceaccount.com"
|
|
|
|
scopes = ["cloud-platform"]
|
|
|
|
}
|
|
|
|
|
|
|
|
scheduling {
|
|
|
|
automatic_restart = false
|
|
|
|
on_host_maintenance = "TERMINATE"
|
|
|
|
preemptible = true
|
|
|
|
}
|
|
|
|
|
|
|
|
lifecycle {
|
|
|
|
create_before_destroy = true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_instance_group_manager" "hoogle" {
|
2021-02-08 20:25:04 +03:00
|
|
|
provider = google-beta
|
2021-04-08 11:07:11 +03:00
|
|
|
count = length(local.h_clusters)
|
|
|
|
name = "hoogle${local.h_clusters[count.index].suffix}"
|
|
|
|
base_instance_name = "hoogle${local.h_clusters[count.index].suffix}"
|
2021-02-08 20:25:04 +03:00
|
|
|
zone = local.zone
|
2021-04-08 11:07:11 +03:00
|
|
|
target_size = local.h_clusters[count.index].size
|
2019-06-22 03:15:52 +03:00
|
|
|
|
|
|
|
version {
|
2021-04-08 11:07:11 +03:00
|
|
|
name = "hoogle${local.h_clusters[count.index].suffix}"
|
|
|
|
instance_template = google_compute_instance_template.hoogle[count.index].self_link
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
named_port {
|
|
|
|
name = "https"
|
|
|
|
port = "8080"
|
|
|
|
}
|
|
|
|
|
|
|
|
named_port {
|
|
|
|
name = "http"
|
|
|
|
port = "8081"
|
|
|
|
}
|
|
|
|
|
2019-06-27 08:46:01 +03:00
|
|
|
auto_healing_policies {
|
2021-02-08 20:25:04 +03:00
|
|
|
health_check = google_compute_health_check.hoogle-https.self_link
|
2019-06-27 08:46:01 +03:00
|
|
|
|
|
|
|
# Compiling hoogle takes some time
|
2021-04-08 19:45:47 +03:00
|
|
|
initial_delay_sec = 600
|
2019-06-27 08:46:01 +03:00
|
|
|
}
|
|
|
|
|
2019-06-22 03:15:52 +03:00
|
|
|
update_policy {
|
2019-06-27 08:46:01 +03:00
|
|
|
type = "PROACTIVE"
|
|
|
|
minimal_action = "REPLACE"
|
|
|
|
max_unavailable_fixed = 1
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_global_address" "hoogle" {
|
|
|
|
name = "hoogle"
|
|
|
|
ip_version = "IPV4"
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_health_check" "hoogle-http" {
|
|
|
|
name = "hoogle-http"
|
|
|
|
check_interval_sec = 1
|
|
|
|
timeout_sec = 1
|
|
|
|
|
|
|
|
tcp_health_check {
|
|
|
|
port = 8081
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_backend_service" "hoogle-http" {
|
|
|
|
name = "hoogle-http"
|
2021-02-08 20:25:04 +03:00
|
|
|
health_checks = [google_compute_health_check.hoogle-http.self_link]
|
2019-06-22 03:15:52 +03:00
|
|
|
port_name = "http"
|
|
|
|
|
2022-02-22 21:33:21 +03:00
|
|
|
dynamic "backend" {
|
2021-04-08 11:07:11 +03:00
|
|
|
for_each = local.h_clusters
|
|
|
|
content {
|
|
|
|
group = google_compute_instance_group_manager.hoogle[backend.key].instance_group
|
|
|
|
}
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_url_map" "hoogle-http" {
|
|
|
|
name = "hoogle-http"
|
2021-02-08 20:25:04 +03:00
|
|
|
default_service = google_compute_backend_service.hoogle-http.self_link
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_target_http_proxy" "hoogle-http" {
|
|
|
|
name = "hoogle-http"
|
2021-02-08 20:25:04 +03:00
|
|
|
url_map = google_compute_url_map.hoogle-http.self_link
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_global_forwarding_rule" "hoogle_http" {
|
|
|
|
name = "hoogle-http"
|
2021-02-08 20:25:04 +03:00
|
|
|
target = google_compute_target_http_proxy.hoogle-http.self_link
|
|
|
|
ip_address = google_compute_global_address.hoogle.address
|
2019-06-22 03:15:52 +03:00
|
|
|
port_range = "80"
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_health_check" "hoogle-https" {
|
|
|
|
name = "hoogle-https"
|
|
|
|
check_interval_sec = 1
|
|
|
|
timeout_sec = 1
|
|
|
|
|
|
|
|
tcp_health_check {
|
|
|
|
port = 8080
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_backend_service" "hoogle-https" {
|
|
|
|
name = "hoogle-https"
|
2021-02-08 20:25:04 +03:00
|
|
|
health_checks = [google_compute_health_check.hoogle-https.self_link]
|
2019-06-22 03:15:52 +03:00
|
|
|
port_name = "https"
|
|
|
|
|
2022-02-22 21:33:21 +03:00
|
|
|
dynamic "backend" {
|
2021-04-08 11:07:11 +03:00
|
|
|
for_each = local.h_clusters
|
|
|
|
content {
|
|
|
|
group = google_compute_instance_group_manager.hoogle[backend.key].instance_group
|
|
|
|
}
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_url_map" "hoogle-https" {
|
|
|
|
name = "hoogle-https"
|
2021-02-08 20:25:04 +03:00
|
|
|
default_service = google_compute_backend_service.hoogle-https.self_link
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_target_https_proxy" "hoogle-https" {
|
|
|
|
name = "hoogle-https"
|
2021-02-08 20:25:04 +03:00
|
|
|
url_map = google_compute_url_map.hoogle-https.self_link
|
2019-06-22 03:15:52 +03:00
|
|
|
|
2021-02-08 20:25:04 +03:00
|
|
|
ssl_certificates = [local.ssl_certificate_hoogle]
|
2022-06-21 17:37:24 +03:00
|
|
|
ssl_policy = google_compute_ssl_policy.ssl_policy.self_link
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_global_forwarding_rule" "hoogle_https" {
|
|
|
|
name = "hoogle-https"
|
2021-02-08 20:25:04 +03:00
|
|
|
target = google_compute_target_https_proxy.hoogle-https.self_link
|
|
|
|
ip_address = google_compute_global_address.hoogle.address
|
2019-06-22 03:15:52 +03:00
|
|
|
port_range = "443"
|
|
|
|
}
|
|
|
|
|
|
|
|
output "hoogle_address" {
|
2021-02-08 20:25:04 +03:00
|
|
|
value = google_compute_global_address.hoogle.address
|
2019-06-22 03:15:52 +03:00
|
|
|
}
|