diff --git a/docker-compose.example.yml b/docker-compose.example.yml index 2f3b633..21aff76 100644 --- a/docker-compose.example.yml +++ b/docker-compose.example.yml @@ -1,4 +1,5 @@ -# docker-compose.yml +# docker-compose.yml - Example configuration for KohakuHub +# Copy this to docker-compose.yml and customize for your deployment services: hub-ui: @@ -6,47 +7,64 @@ services: container_name: hub-ui restart: always ports: - - "28080:80" # Expose Web UI on host port 28080 + - "28080:80" # Public web interface volumes: - - ./src/kohaku-hub-ui/dist:/usr/share/nginx/html # Mount the built main frontend assets - - ./src/kohaku-hub-admin/dist:/usr/share/nginx/html-admin # Mount the built admin frontend assets - - ./docker/nginx/default.conf:/etc/nginx/conf.d/default.conf # Mount the Nginx configuration + - ./src/kohaku-hub-ui/dist:/usr/share/nginx/html + - ./src/kohaku-hub-admin/dist:/usr/share/nginx/html-admin + - ./docker/nginx/default.conf:/etc/nginx/conf.d/default.conf depends_on: - hub-api hub-api: - build: . # Build the image from the Dockerfile in the current directory + build: . container_name: hub-api restart: always ports: - - "48888:48888" # Map host port to container port + - "48888:48888" # Internal API port (optional, for debugging) depends_on: - postgres - lakefs - minio environment: - ## S3 Configuration (linking to the 'minio' service) - - KOHAKU_HUB_S3_PUBLIC_ENDPOINT=http://127.0.0.1:29001 + ## ===== CRITICAL: Endpoint Configuration (MUST CHANGE) ===== + ## These determine how users access your KohakuHub instance + - KOHAKU_HUB_BASE_URL=http://127.0.0.1:28080 # Change to your public URL (e.g., https://hub.example.com) + - KOHAKU_HUB_S3_PUBLIC_ENDPOINT=http://127.0.0.1:29001 # Change to your S3 public URL + + ## ===== CRITICAL: Security Configuration (MUST CHANGE) ===== + - KOHAKU_HUB_SESSION_SECRET=change-this-to-random-string-in-production + - KOHAKU_HUB_ADMIN_SECRET_TOKEN=change-this-to-random-admin-token-in-production + + ## ===== Performance Configuration ===== + - KOHAKU_HUB_WORKERS=4 # Number of worker processes (1-8, recommend: CPU cores) + + ## ===== Database Configuration ===== + - KOHAKU_HUB_DB_BACKEND=postgres + - KOHAKU_HUB_DATABASE_URL=postgresql://hub:hubpass@postgres:5432/kohakuhub + + ## ===== S3 Storage Configuration ===== - KOHAKU_HUB_S3_ENDPOINT=http://minio:9000 - KOHAKU_HUB_S3_ACCESS_KEY=minioadmin - KOHAKU_HUB_S3_SECRET_KEY=minioadmin - KOHAKU_HUB_S3_BUCKET=hub-storage - ## LakeFS Configuration (linking to the 'lakefs' service) - # uncomment the following lines if you want to manually configure LakeFS - # by default the hub-api docker container will try to setup lakefs automatically - # -KOHAKU_HUB_LAKEFS_ACCESS_KEY=xxx - # -KOHAKU_HUB_LAKEFS_SECRET_KEY=xxx + + ## ===== LakeFS Configuration ===== - KOHAKU_HUB_LAKEFS_ENDPOINT=http://lakefs:28000 - KOHAKU_HUB_LAKEFS_REPO_NAMESPACE=hf - ## Application Configuration - - KOHAKU_HUB_BASE_URL=http://127.0.0.1:28080 # Web UI will proxy requests to hub-api, we use hub-ui url here - - KOHAKU_HUB_DB_BACKEND=postgres - - KOHAKU_HUB_DATABASE_URL=postgresql://hub:hubpass@postgres:5432/kohakuhub # Linking to the 'postgres' service + # LakeFS credentials auto-generated on first start + + ## ===== Application Configuration ===== + - KOHAKU_HUB_SITE_NAME=KohakuHub - KOHAKU_HUB_LFS_THRESHOLD_BYTES=1000000 - KOHAKU_HUB_LFS_KEEP_VERSIONS=5 - KOHAKU_HUB_LFS_AUTO_GC=true - - KOHAKU_HUB_SITE_NAME=KohakuHub - ## SMTP Configuration (Email Verification - Optional) + + ## ===== Auth & SMTP Configuration ===== + - KOHAKU_HUB_REQUIRE_EMAIL_VERIFICATION=false + - KOHAKU_HUB_SESSION_EXPIRE_HOURS=168 + - KOHAKU_HUB_TOKEN_EXPIRE_DAYS=365 + - KOHAKU_HUB_ADMIN_ENABLED=true + # SMTP (Optional - for email verification) - KOHAKU_HUB_SMTP_ENABLED=false - KOHAKU_HUB_SMTP_HOST=smtp.gmail.com - KOHAKU_HUB_SMTP_PORT=587 @@ -54,26 +72,12 @@ services: - KOHAKU_HUB_SMTP_PASSWORD= - KOHAKU_HUB_SMTP_FROM=noreply@kohakuhub.local - KOHAKU_HUB_SMTP_TLS=true - ## Auth Configuration - - KOHAKU_HUB_REQUIRE_EMAIL_VERIFICATION=false - - KOHAKU_HUB_SESSION_SECRET=change-this-to-random-string-in-production - - KOHAKU_HUB_SESSION_EXPIRE_HOURS=168 - - KOHAKU_HUB_TOKEN_EXPIRE_DAYS=365 - ## Admin API Configuration - - KOHAKU_HUB_ADMIN_ENABLED=true - - KOHAKU_HUB_ADMIN_SECRET_TOKEN=change-this-to-random-admin-token-in-production - # ## Storage Quota Configuration (NULL/unlimited = no limit) - # # Default quotas for new users - # - KOHAKU_HUB_DEFAULT_USER_PRIVATE_QUOTA_BYTES=unlimited # Unlimited private storage for users - # - KOHAKU_HUB_DEFAULT_USER_PUBLIC_QUOTA_BYTES=unlimited # Unlimited public storage for users - # # Default quotas for new organizations - # - KOHAKU_HUB_DEFAULT_ORG_PRIVATE_QUOTA_BYTES=unlimited # Unlimited private storage for orgs - # - KOHAKU_HUB_DEFAULT_ORG_PUBLIC_QUOTA_BYTES=unlimited # Unlimited public storage for orgs - # # Examples (uncomment and modify as needed): - - KOHAKU_HUB_DEFAULT_USER_PRIVATE_QUOTA_BYTES=10_000_000 # 10MB for user private repos - - KOHAKU_HUB_DEFAULT_USER_PUBLIC_QUOTA_BYTES=100_000_000 # 20MB for user public repos - - KOHAKU_HUB_DEFAULT_ORG_PRIVATE_QUOTA_BYTES=10_000_000 # 10MB for org private repos - - KOHAKU_HUB_DEFAULT_ORG_PUBLIC_QUOTA_BYTES=100_000_000 # 100MB for org public repos + + ## ===== Storage Quota Configuration (Optional) ===== + - KOHAKU_HUB_DEFAULT_USER_PRIVATE_QUOTA_BYTES=10_000_000 + - KOHAKU_HUB_DEFAULT_USER_PUBLIC_QUOTA_BYTES=100_000_000 + - KOHAKU_HUB_DEFAULT_ORG_PRIVATE_QUOTA_BYTES=10_000_000 + - KOHAKU_HUB_DEFAULT_ORG_PUBLIC_QUOTA_BYTES=100_000_000 volumes: - ./hub-meta/hub-api:/hub-api-creds @@ -99,15 +103,15 @@ services: - LAKEFS_DATABASE_LOCAL_PATH=/var/lakefs/data/metadata.db - LAKEFS_BLOCKSTORE_TYPE=s3 - LAKEFS_BLOCKSTORE_S3_ENDPOINT=http://minio:9000 - - LAKEFS_BLOCKSTORE_S3_FORCE_PATH_STYLE=true # Use path-style for non-AWS S3 + - LAKEFS_BLOCKSTORE_S3_FORCE_PATH_STYLE=true - LAKEFS_BLOCKSTORE_S3_CREDENTIALS_ACCESS_KEY_ID=minioadmin - LAKEFS_BLOCKSTORE_S3_CREDENTIALS_SECRET_ACCESS_KEY=minioadmin - - LAKEFS_AUTH_ENCRYPT_SECRET_KEY=a_very_secret_key_change_me # IMPORTANT: Change this key + - LAKEFS_AUTH_ENCRYPT_SECRET_KEY=change-me-in-production - LAKEFS_LOGGING_FORMAT=text - LAKEFS_LISTEN_ADDRESS=0.0.0.0:28000 ports: - - "28000:28000" # lakeFS Web + API - user: "${UID}:${GID}" # May be crucial for permissions + - "28000:28000" # LakeFS admin UI (optional) + user: "${UID}:${GID}" depends_on: - minio volumes: @@ -123,10 +127,10 @@ services: - POSTGRES_PASSWORD=hubpass - POSTGRES_DB=kohakuhub ports: - - "25432:5432" + - "25432:5432" # Optional: for external access volumes: - ./hub-meta/postgres-data:/var/lib/postgresql/data networks: default: - name: hub-net \ No newline at end of file + name: hub-net diff --git a/docker/startup.py b/docker/startup.py index 4adae78..5986cf3 100644 --- a/docker/startup.py +++ b/docker/startup.py @@ -105,13 +105,15 @@ def main(): os.environ["KOHAKU_HUB_LAKEFS_ACCESS_KEY"] = access_key os.environ["KOHAKU_HUB_LAKEFS_SECRET_KEY"] = secret_key - print("[startup] Starting API server...") + # Get worker count from environment + workers = int(os.getenv("KOHAKU_HUB_WORKERS", "4")) + print(f"[startup] Starting API server with {workers} worker(s)...") subprocess.run( [ "uvicorn", "kohakuhub.main:app", "--workers", - "4", + str(workers), "--host", "0.0.0.0", "--port",