Commit Graph

175 Commits

Author SHA1 Message Date
Michael Manganiello
9997b69ff6 feat: Add support for _FILE suffix in environment variables
This change allows setting environment variables with a `_FILE` suffix,
which will be used to load the contents of the file specified in the
variable into the variable without the suffix.

For example, setting `ROMM_AUTH_SECRET_KEY_FILE=/run/secrets/romm_auth_secret_key`
and creating a file with the secret key at the specified path will set
`ROMM_AUTH_SECRET_KEY` to the contents of the file.

A common use case for this is to use secrets in Docker Compose [1], to
avoid exposing secrets in the `docker-compose.yml` or `env` files.

[1] https://docs.docker.com/compose/how-tos/use-secrets/
2024-12-08 20:05:06 -03:00
Michael Manganiello
477d9b1744 feat: Add streaming support for 7zip hashing
At the moment, 7zip files are generating memory issues and even OOM
errors on user installations. This is because the current stable release
of `py7zr` does not support decompression streaming, and RomM needs to
decompress the each 7zip file in the library into memory to be able to
calculate hashes.

This change introduces a `py7zr` fork I created to have a stable commit
SHA to refer to in case upstream gets any forced pushes. It includes the
contents of the pull request the `py7zr` creator is working on to
support decompression streaming [1].

The way decompression streaming is implemented in `py7zr` is different
than the other compression utilities. Instead of being able to provide a
`bytes` iterator, we need to provide a `Py7zIO` implementation that
will call a callback on each read and write operation.

[1] https://github.com/miurahr/py7zr/pull/620
2024-11-08 21:31:11 -03:00
Michael Manganiello
26dcefa9f0 misc: Use tini as container entrypoint
Use tini [1] as the container entrypoint to ensure that the container
process is properly reaped when the container is stopped.

This is needed as the main container command is a shell script.

A simple way to test this change is to:

1. Build the container image and run it using `docker compose up`.
2. Within the same terminal, stop the container using `Ctrl+C`.
3. Verify that the container is properly stopped right away.

Without `tini`, the container takes a few seconds to stop, and it makes
one CPU core to be used at 100% during that time.

[1] https://github.com/krallin/tini
2024-10-30 09:15:02 -03:00
Michael Manganiello
b59411ccb7 misc: Upgrade RALibretro to v1.8.0 2024-10-11 22:45:05 -03:00
Michael Manganiello
cf3932f14a Merge pull request #1206 from rommapp/feat/add-rahasher
feat: Add RAHasher and util to calculate RetroAchievements hashes
2024-09-23 08:09:03 -03:00
Michael Manganiello
a82489a9c4 feat: Add RAHasher and util to calculate RetroAchievements hashes
Build and include the `RAHasher` binary in the Docker image, to
calculate hashes for RetroAchievements. Also, add a service to
run `RAHasher` from Python.

Example usage:

```python
from adapters.services.rahasher import RAHasherError, RAHasherService

rahasher = RAHasherService()
try:
    hash = await rahasher.calculate_hash("nes", Path("path/to/rom.nes"))
except RAHasherError:
    # Handle error
    hash = None
```
2024-09-22 23:40:25 -03:00
Michael Manganiello
66e5939b2b misc: Use bundled Valkey instead of Redis server
This change replaces the bundled Redis server with Valkey. No breaking
changes are introduced, as considered environment variables still
maintain the `REDIS_` prefix.

Fixes #925.
2024-09-22 13:27:18 -03:00
Georges-Antoine Assi
d2ab0f4b16 Try to fix nginx proxy buffering on upload 2024-09-21 10:47:24 -04:00
Michael Manganiello
0680063ebc misc: Add comments to Dockerfile about mod_zip 2024-08-21 00:08:25 -03:00
Michael Manganiello
0fad8ac282 feat: Use nginx mod_zip to generate multi-file zip downloads
This change installs and configures the `mod_zip` nginx module [1],
which allows nginx to stream ZIP files directly.

It includes a workaround needed to correctly calculate CRC-32 values for
included files, by including a new `server` section listening at port
8081, only used for the file requests to be upstream subrequests that
correctly trigger the CRC-32 calculation logic.

Also, to be able to provide a `m3u` file generated on the fly, we add a
`/decode` endpoint fully implemented in nginx using NJS, which receives
a `value` URL param, and decodes it using base64. The decoded value is
returned as the response.

That way, the contents of the `m3u` file is base64-encoded, and set as
part of the response, for `mod_zip` to include it in the ZIP file.

[1] https://github.com/evanmiller/mod_zip
2024-08-20 22:39:33 -03:00
Michael Manganiello
0c3afc0ebc misc: Pin Node version to v20
Avoid the stack being automatically upgraded to a new Node version, when
a different LTS is released.
2024-08-16 10:18:03 -03:00
Georges-Antoine Assi
e8e5a878c5 Merge branch 'master' into feat/implement-x-accel-redirect 2024-08-15 23:55:02 -04:00
Michael Manganiello
0fdbbe4625 misc: Upgrade Python to v3.12 and Alpine to v3.20
Included upgrades:
* Python: v3.12
* Alpine: v3.20 (which uses Python 3.12)
* nginx: v1.27.1
2024-08-15 20:14:32 -03:00
Georges-Antoine Assi
9281760975 merge gzip changes into branch 2024-08-13 00:31:48 -04:00
Michael Manganiello
d20f4ad935 feat: Use X-Accel-Redirect to improve file download speed
Instead of making FastAPI handle file download, which has serious
performance issues on big files [1], this change uses nginx's `X-Accel`
feature to delegate single-file downloads to nginx.

Partial fix for #1079, as it solves the CPU usage issue for single-file
downloads.

[1] https://github.com/fastapi/fastapi/discussions/6050
2024-08-12 20:01:00 -03:00
Georges-Antoine Assi
896d48108b Merge branch 'master' into calc-file-hashes-roms 2024-08-11 19:08:25 -04:00
Georges-Antoine Assi
bc38b40159 Merge branch 'master' into ruffle-flash-emulator 2024-08-09 18:54:36 -04:00
Georges-Antoine Assi
90e0e688b7 Merge branch 'master' into calc-file-hashes-roms 2024-08-09 11:36:50 -04:00
Michael Manganiello
27ba5a1159 fix: Set Gunicorn option forwarded-allow-ips
Currently, the `request.url_for` and `URLPath.make_absolute_url` methods
always build URLs with "http" scheme, even when the original requested
URL is using "https".

The reason for this is that Gunicorn does not allow IPs other than
127.0.0.1 to set secure headers by default. As regular RomM
installations don't know which frontend IPs will try to set security
headers in advance, we can disable this validation, and fix URL
building.

A simple way to test this change is to access any of the `feed` endpoints,
which generate URLs using the mentioned methods. Accessing the endpoint
using "https" scheme must generate "https" URLs.

Reference:
* https://github.com/encode/starlette/issues/538#issuecomment-2054013679
* https://docs.gunicorn.org/en/stable/settings.html#forwarded-allow-ips
2024-08-09 01:20:17 -03:00
Michael Manganiello
45aeaf3265 fix: Backend URL redirection logic
Fix FastAPI and nginx configuration, to make the application correctly
redirect URLs. This is specially useful when URLs ended with forward
slash are redirected to their stripped version.

Included changes:
* Stop removing the `/api` prefix in nginx rewrite rules, so FastAPI
  knows what's the original URL path being requested.
* Use `$http_host` in nginx, so FastAPI receives both the original host
  and port, to build the redirect URL (as `$host` does not include the
  port, if present).
* Make all FastAPI included routers know their prefix, to correctly
  route incoming requests.

This fix was found based on a report that redirects from URLs ended with
forward slash were not working [1].

[1] https://github.com/rommapp/romm/issues/1051#issuecomment-2269049762
2024-08-05 11:15:52 -03:00
Georges-Antoine Assi
5529b76952 start work on ruffle flash emulator 2024-07-29 20:55:06 -04:00
Georges-Antoine Assi
9386ca9e4a changes from self-review 2024-07-27 16:31:32 -04:00
Georges-Antoine Assi
ecc021e824 Merge branch 'master' into calc-file-hashes-roms 2024-07-27 12:17:18 -04:00
Zurdi
4872141de1 fixed scrappers assets on build 2024-07-08 16:30:23 +02:00
Michael Manganiello
7611e57811 misc: Fix FromAsCasing warning during Docker build
Fix recently introduced `FromAsCasing` [1] Docker build check.

[1] https://docs.docker.com/reference/build-checks/from-as-casing/
2024-07-06 20:37:41 -03:00
Zurdi
7c39d211fb fixed dockerfile for arm64 2024-07-06 23:59:52 +02:00
Georges-Antoine Assi
0546cee67d Merge branch 'master' into fix/improve-docker-layer-caching-on-frontend-changes 2024-06-23 10:24:02 -04:00
Michael Manganiello
32ef612b0a fix: Improve Docker layer caching on frontend changes
Avoid any changes in the `frontend/` folder to trigger `npm install`.
Instead, split the copies to have separate steps for install and build.
2024-06-22 20:29:52 -03:00
Michael Manganiello
0daa708a05 misc: Simplify backend environment configuration in Docker image
This change moves the virtualenv creation in the `Dockerfile` to a
separate stage, to simplify isolating the process and reduce the need
for uninstalling build dependencies.

The approach is similar to the one explained in [1]. It relies on
building a virtualenv folder, and copying it in the final stage.
Changing the `PATH` environment variable makes the virtualenv usable by
default, without affecting the default Python installation.

Also, added Dockerfile arguments for Alpine, nginx, and Python versions,
as some of them are reused, and also simplifies testing new versions.

An extra side effect is that the image size for the final stage is
reduced from 315MB to 262MB.

[1] https://scribe.rip/@albertazzir/blazing-fast-python-docker-builds-with-poetry-a78a66f5aed0
2024-06-22 18:19:16 -03:00
Georges-Antoine Assi
b16c58e4bb update redis build and update nginx 2024-06-21 13:03:50 -04:00
Georges-Antoine Assi
896cb57420 Install redis instead of building it 2024-06-21 12:48:42 -04:00
Georges-Antoine Assi
eb2778086f changes from self review 2024-06-02 23:22:14 -04:00
Georges-Antoine Assi
05a4c42f78 Merge branch 'master' into trunk-io 2024-05-31 23:37:54 -04:00
Georges-Antoine Assi
c4ef4d92d2 run truck fixes 2024-05-31 19:00:04 -04:00
Georges-Antoine Assi
9b62641d55 Merge branch 'master' into trunk-io 2024-05-31 18:42:43 -04:00
Georges-Antoine Assi
381f13e4b9 more tweaking 2024-05-31 18:30:42 -04:00
Georges-Antoine Assi
0efbd9f113 label final stage 2024-05-31 18:11:17 -04:00
Georges-Antoine Assi
ed68c01fe2 ask chatgpt 2024-05-31 18:05:13 -04:00
Zurdi
44f10a560c Solve merge into release conflicts 2024-05-31 16:46:35 +02:00
Georges-Antoine Assi
ca1363a93c run chech 2024-05-23 10:14:04 -04:00
Georges-Antoine Assi
10479bdc9f run formatter 2024-05-23 10:06:43 -04:00
Georges-Antoine Assi
fcb34f9088 Merge branch 'master' into trunk-io 2024-05-23 10:06:13 -04:00
Georges-Antoine Assi
b2085f87a8 bunch of fixes for trunk 2024-05-21 17:10:11 -04:00
Georges-Antoine Assi
a7cf0d389a run trunk format on all files 2024-05-21 10:18:13 -04:00
Georges-Antoine Assi
e72a1d8851 Merge branch 'master' into platform-fetch-perf-improvements 2024-05-19 14:28:53 -04:00
Georges-Antoine Assi
66510c0327 Improve fetch times of platforms endpoint 2024-05-18 17:24:07 -04:00
Georges-Antoine Assi
880345f20c ruff-only pre-commit 2024-05-18 12:05:57 -04:00
Georges-Antoine Assi
07dc02aa6a typo 2024-04-28 13:27:00 +00:00
Georges-Antoine Assi
2baa5f2fec Merge branch 'gunicorn-socket-handling' of github.com:zurdi15/romm into gunicorn-socket-handling 2024-04-28 13:10:56 +00:00
Georges-Antoine Assi
f2f2b3b0cd clear leftover pid files 2024-04-28 09:10:10 -04:00