From 1f8dd40ba2bc531c7deb6ec2ed0d62923d008598 Mon Sep 17 00:00:00 2001
From: Martin Weise <martin.weise@tuwien.ac.at>
Date: Mon, 20 Nov 2023 22:12:37 +0100
Subject: [PATCH] Updated docs
---
.docs/system-services-upload.md | 55 +++++++++++++++++++++++++++++++++
docker-compose.prod.yml | 28 ++++++++++++++++-
mkdocs.yml | 1 +
3 files changed, 83 insertions(+), 1 deletion(-)
create mode 100644 .docs/system-services-upload.md
diff --git a/.docs/system-services-upload.md b/.docs/system-services-upload.md
new file mode 100644
index 0000000000..287d3a3717
--- /dev/null
+++ b/.docs/system-services-upload.md
@@ -0,0 +1,55 @@
+---
+author: Martin Weise
+---
+
+# Upload Service
+
+## tl;dr
+
+!!! debug "Debug Information"
+
+ Image: [tusproject/tusd:v1.12`](https://hub.docker.com/r/tusproject/tusd)
+
+ * Ports: 1080/tcp
+ * Prometheus: `http://<hostname>:1080/api/upload/metrics`
+ * API: `http://<hostname>:1080/api/upload`
+
+## Overview
+
+We use the [TUS](https://tus.io/) open protocol for resumable file uploads which based entirely on HTTP.
+
+### Examples
+
+Upload a CSV-file into the `dbrepo-upload` bucket with the console
+via `http://<hostname>/admin/storage/browser/dbrepo-upload`.
+
+
+
+We recommend using a TUS-compatible client:
+
+* [tus-java-client](https://github.com/tus/tus-java-client) (Java)
+* [tus-js-client](https://github.com/tus/tus-js-client) (JavaScript/Node.js)
+* [tusd](https://github.com/tus/tusd) (Go)
+
+## Limitations
+
+* No support for authentication.
+
+!!! question "Do you miss functionality? Do these limitations affect you?"
+
+ We strongly encourage you to help us implement it as we are welcoming contributors to open-source software and get
+ in [contact](../contact) with us, we happily answer requests for collaboration with attached CV and your programming
+ experience!
+
+## Security
+
+1. We strongly encourage to limit the clients allowed to upload by adding your subnet, e.g. `128.130.0.0/16`
+ (=TU Wien subnet) to the [Gateway Service](../system-services-gateway) configuration file like this:
+
+ ```nginx title="dbrepo.conf"
+ location /api/upload {
+ allow 128.130.0.0/16;
+ deny all;
+ ...
+ }
+ ```
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index a703eadeab..58e2f0cea5 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -179,7 +179,7 @@ services:
environment:
S3_STORAGE_ENDPOINT: "${STORAGE_ENDPOINT:-http://storage-service:9000}"
S3_ACCESS_KEY_ID: "${STORAGE_USERNAME:-minioadmin}"
- S3_SECRET_ACCESS_KEY: ${STORAGE_PASSWORD:-minioadmin}
+ S3_SECRET_ACCESS_KEY: "${STORAGE_PASSWORD:-minioadmin}"
volumes:
- "${SHARED_FILESYSTEM:-/tmp}:/tmp"
healthcheck:
@@ -361,6 +361,32 @@ services:
logging:
driver: json-file
+ dbrepo-upload-service:
+ restart: "no"
+ container_name: dbrepo-upload-service
+ hostname: upload-service
+ image: docker.io/tusproject/tusd:v1.12
+ ports:
+ - "1080:1080"
+ command:
+ - "--base-path=/api/upload/files/"
+ - "-s3-endpoint=${STORAGE_ENDPOINT:-http://storage-service:9000}"
+ - "-s3-bucket=dbrepo-upload"
+ environment:
+ AWS_ACCESS_KEY_ID: "${STORAGE_USERNAME:-minioadmin}"
+ AWS_SECRET_ACCESS_KEY: "${STORAGE_PASSWORD:-minioadmin}"
+ AWS_REGION: "${STORAGE_REGION_NAME:-eu-west-1}"
+ depends_on:
+ dbrepo-storage-service:
+ condition: service_healthy
+ healthcheck:
+ test: wget -qO- localhost:1080/metrics | grep "tusd" || exit 1
+ interval: 10s
+ timeout: 5s
+ retries: 12
+ logging:
+ driver: json-file
+
dbrepo-mirror-service:
restart: "no"
container_name: dbrepo-mirror-service
diff --git a/mkdocs.yml b/mkdocs.yml
index 9549ef6201..a632fe06c9 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -22,6 +22,7 @@ nav:
- Data Service: system-services-data.md
- Metadata Service: system-services-metadata.md
- Mirror Service: system-services-mirror.md
+ - Upload Service: system-services-upload.md
- Storage Service: system-services-storage.md
- Databases:
- Auth Database: system-databases-auth.md
--
GitLab