update docker deployment things

2026-03-11 17:34:08 -05:00 · 2025-10-07 19:06:03 +08:00
parent 0331e5574d
commit 9a21e1ff8b
2 changed files with 43 additions and 7 deletions
--- a/docker-compose.example.yml
+++ b/docker-compose.example.yml
@@ -8,7 +8,8 @@ services:
    ports:
      - "28080:80" # Expose Web UI on host port 28080
    volumes:
-      - ./src/kohaku-hub-ui/dist:/usr/share/nginx/html # Mount the built frontend assets
+      - ./src/kohaku-hub-ui/dist:/usr/share/nginx/html # Mount the built main frontend assets
+      - ./src/kohaku-hub-admin/dist:/usr/share/nginx/html-admin # Mount the built admin frontend assets
      - ./docker/nginx/default.conf:/etc/nginx/conf.d/default.conf # Mount the Nginx configuration
    depends_on:
      - hub-api
@@ -58,6 +59,21 @@ services:
      - KOHAKU_HUB_SESSION_SECRET=change-this-to-random-string-in-production
      - KOHAKU_HUB_SESSION_EXPIRE_HOURS=168
      - KOHAKU_HUB_TOKEN_EXPIRE_DAYS=365
+      ## Admin API Configuration
+      - KOHAKU_HUB_ADMIN_ENABLED=true
+      - KOHAKU_HUB_ADMIN_SECRET_TOKEN=change-this-to-random-admin-token-in-production
+      # ## Storage Quota Configuration (NULL/unlimited = no limit)
+      # # Default quotas for new users
+      # - KOHAKU_HUB_DEFAULT_USER_PRIVATE_QUOTA_BYTES=unlimited  # Unlimited private storage for users
+      # - KOHAKU_HUB_DEFAULT_USER_PUBLIC_QUOTA_BYTES=unlimited   # Unlimited public storage for users
+      # # Default quotas for new organizations
+      # - KOHAKU_HUB_DEFAULT_ORG_PRIVATE_QUOTA_BYTES=unlimited   # Unlimited private storage for orgs
+      # - KOHAKU_HUB_DEFAULT_ORG_PUBLIC_QUOTA_BYTES=unlimited    # Unlimited public storage for orgs
+      # # Examples (uncomment and modify as needed):
+      - KOHAKU_HUB_DEFAULT_USER_PRIVATE_QUOTA_BYTES=10_000_000     # 10MB for user private repos
+      - KOHAKU_HUB_DEFAULT_USER_PUBLIC_QUOTA_BYTES=100_000_000      # 20MB for user public repos
+      - KOHAKU_HUB_DEFAULT_ORG_PRIVATE_QUOTA_BYTES=10_000_000      # 10MB for org private repos
+      - KOHAKU_HUB_DEFAULT_ORG_PUBLIC_QUOTA_BYTES=100_000_000      # 100MB for org public repos
    volumes:
      - ./hub-meta/hub-api:/hub-api-creds

--- a/docker/nginx/default.conf
+++ b/docker/nginx/default.conf
@@ -27,7 +27,17 @@ server {
        proxy_set_header X-Forwarded-Proto $scheme;
    }

-    # 2. Organization API endpoints (mounted at /org/)
+    # 2. Admin API endpoints (mounted at /admin/api/)
+    # Covers: /admin/api/users/*, /admin/api/quota/*, /admin/api/stats
+    location /admin/api/ {
+        proxy_pass http://hub-api:48888;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # 3. Organization API endpoints (mounted at /org/)
    # Covers: /org/create, /org/{name}, /org/{name}/members, /org/users/{username}/orgs
    location /org/ {
        proxy_pass http://hub-api:48888;
@@ -37,7 +47,7 @@ server {
        proxy_set_header X-Forwarded-Proto $scheme;
    }

-    # 3. Git LFS endpoints
+    # 4. Git LFS endpoints
    # Covers: /{type}s/{namespace}/{name}.git/info/lfs/* and /{namespace}/{name}.git/info/lfs/*
    location ~ \.git/info/lfs/ {
        proxy_pass http://hub-api:48888;
@@ -50,7 +60,7 @@ server {
        client_body_buffer_size 128k;
    }

-    # 4. Public file resolution routes (no /api prefix)
+    # 5. Public file resolution routes (no /api prefix)
    # These are public-facing download endpoints
    # Pattern: /{type}s/{namespace}/{name}/resolve/{revision}/{path}
    location ~ ^/(models|datasets|spaces)/[^/]+/[^/]+/resolve/ {
@@ -61,7 +71,7 @@ server {
        proxy_set_header X-Forwarded-Proto $scheme;
    }

-    # 5. Legacy public file resolution route (no /api prefix, no type prefix)
+    # 6. Legacy public file resolution route (no /api prefix, no type prefix)
    # Pattern: /{namespace}/{name}/resolve/{revision}/{path}
    # Must come AFTER the specific routes to avoid catching frontend routes
    location ~ ^/[^/]+/[^/]+/resolve/ {
@@ -74,10 +84,20 @@ server {


    # =================================================================
-    # FRONTEND SINGLE PAGE APP (SPA)
+    # ADMIN FRONTEND SPA
+    #
+    # Serve admin portal at /admin (before main SPA fallback)
+    # =================================================================
+    location /admin {
+        alias /usr/share/nginx/html-admin/;
+        try_files $uri $uri/ /admin/index.html;
+    }
+
+    # =================================================================
+    # MAIN FRONTEND SINGLE PAGE APP (SPA)
    #
    # This is the final fallback. If no API rule above matched,
-    # Nginx assumes it's a frontend route and serves the SPA.
+    # Nginx assumes it's a frontend route and serves the main SPA.
    # =================================================================
    location / {
        try_files $uri $uri/ /index.html;