Commit Graph

203 Commits

Author SHA1 Message Date
Michael Manganiello
fbff92403f feat: Allow configuring app port using ROMM_PORT environment variable
By using the `ROMM_PORT` environment variable, users can now configure
the port on which the application listens, which defaults to `8080`.
2025-02-19 01:02:25 -03:00
Michael Manganiello
f6be1a6df3 Merge pull request #1632 from rommapp/misc/nginx-templates
misc: Use nginx templates to allow for environment variable usage
2025-02-19 00:55:34 -03:00
Michael Manganiello
9602d58865 misc: Add support for WEB_CONCURRENCY environment variable
The `WEB_CONCURRENCY` environment variable is a more common way to
configure the number of workers for Gunicorn [1] or other web servers.

This change maintains `GUNICORN_WORKERS` compatibility, while notifying
users that it is deprecated and should be replaced with
`WEB_CONCURRENCY`.

It would also allow us to replace Gunicorn with another web server in
the future without changing the variable name.

[1] https://docs.gunicorn.org/en/stable/settings.html#workers
2025-02-19 00:31:34 -03:00
Michael Manganiello
98254d50b8 misc: Use nginx templates to allow for environment variable usage
Using the `envsubst` command, we can replace environment variables in
the nginx template files. This allows for more flexibility when
configuring the nginx server.

The Docker image we use as base for Nginx does provide the
`20-envsubst-on-templates.sh` script that will replace environment
variables in the template files.

This change does not include any behavior change, but unblocks future
changes that require environment variables in the nginx configuration.
2025-02-18 22:36:51 -03:00
Georges-Antoine Assi
d94dd9a7db Merge branch 'master' into ui-theme-redesign 2025-01-25 22:30:08 -05:00
Michael Manganiello
b683934e09 misc: Migrate optional dependencies to standard pyproject format 2025-01-12 13:55:50 -03:00
Georges-Antoine Assi
6660a9c147 Merge branch 'master' into ui-theme-redesign 2025-01-11 22:45:33 -05:00
Michael Manganiello
573ec47159 misc: Move to py7zr v1.0.0rc2
Stop using `py7zr` fork and move to `1.0.0rc2` release, which includes
decompression streaming support.
2025-01-11 21:36:47 -03:00
Georges-Antoine Assi
d5e2ed0a90 Merge branch 'master' into ui-theme-redesign 2025-01-10 13:50:11 -05:00
Georges-Antoine Assi
ab85bf7cd6 Bump emulatorjs to 4.2.1 2025-01-10 11:01:30 -05:00
Georges-Antoine Assi
a62b4a2612 add new logos to repo 2025-01-07 20:35:51 -05:00
Georges-Antoine Assi
e5f7a0f335 fix trunk check issue in init script 2025-01-07 10:50:19 -05:00
Michael Manganiello
96d7e262ac feat: Stop installing development dependencies in Docker images
This change removes the installation of `dev` and `test` Poetry
dependency groups from the published Docker images.

Developers are still able to use images with development dependencies
installed, by either using the `dev-slim` or `dev-full` targets.

Image size comparison:

* `slim-image`: Down from 455 MiB to 355 MiB.
* `full-image`: Down from 760 MiB to 660 MiB.
2025-01-05 15:51:08 -03:00
Georges-Antoine Assi
4223a6d2c0 copy assets as well 2025-01-04 10:57:29 -05:00
Georges-Antoine Assi
252cbaa5a0 fix it one more time 2025-01-03 22:39:07 -05:00
Georges-Antoine Assi
9abfa13eab fix it second time 2025-01-03 22:14:48 -05:00
Georges-Antoine Assi
3f4704dc9e fix issues from review 2025-01-03 22:09:54 -05:00
Georges-Antoine Assi
44ab32ca5f attempt to load emujs local and fallback to cdn 2025-01-02 20:51:08 -05:00
Georges-Antoine Assi
2a514ac9b5 Merge branch 'master' into docker-slim-images 2025-01-01 13:24:19 -05:00
Michael Manganiello
b9b7a8ccda fix: Make migrations compatible with PostgreSQL
This change only verifies that Alembic can upgrade and downgrade through
all the current migrations. It does not verify that the application
works correctly with PostgreSQL.
2024-12-30 08:36:05 -03:00
Georges-Antoine Assi
85a4d99aa7 fix dockerfile slim build 2024-12-29 14:11:41 -05:00
Georges-Antoine Assi
766c8a1b73 mini refactor 2024-12-29 13:52:27 -05:00
Georges-Antoine Assi
3841ce669b pass slim iamge as env var 2024-12-29 10:06:07 -05:00
Georges-Antoine Assi
78715334fc merge into 1 build file 2024-12-29 00:11:52 -05:00
Michael Manganiello
cfce52e7e5 fix: Copy dashboard-icons to Docker image 2024-12-29 01:25:17 -03:00
Georges-Antoine Assi
f064946adb generate slim and full images in docker build 2024-12-27 23:40:18 -05:00
Michael Manganiello
3b42f5cec8 misc: Improve Docker layer caching by installing dependencies before copying
This commit improves Docker layer caching by installing the required
packages in the `production-stage` stage, before copying files from
other stages.

This way, dependency installation will remain cached unless there's a
change in the required `apk` packages (or the stage's base image).
2024-12-27 00:53:45 -03:00
Mikhail Vazhnov
f5bd75cced fix: Handle terminate signals in init script
`tini` does not wait for child processes to close, so all processes will be killed immediately. This is why the container stops so fast.

This fix makes the `init` script listen and handle terminate signals. It also ensures that child processes are shut down in reverse order with proper waiting for completion.
2024-12-27 01:02:19 +03:00
Michael Manganiello
9997b69ff6 feat: Add support for _FILE suffix in environment variables
This change allows setting environment variables with a `_FILE` suffix,
which will be used to load the contents of the file specified in the
variable into the variable without the suffix.

For example, setting `ROMM_AUTH_SECRET_KEY_FILE=/run/secrets/romm_auth_secret_key`
and creating a file with the secret key at the specified path will set
`ROMM_AUTH_SECRET_KEY` to the contents of the file.

A common use case for this is to use secrets in Docker Compose [1], to
avoid exposing secrets in the `docker-compose.yml` or `env` files.

[1] https://docs.docker.com/compose/how-tos/use-secrets/
2024-12-08 20:05:06 -03:00
Michael Manganiello
477d9b1744 feat: Add streaming support for 7zip hashing
At the moment, 7zip files are generating memory issues and even OOM
errors on user installations. This is because the current stable release
of `py7zr` does not support decompression streaming, and RomM needs to
decompress the each 7zip file in the library into memory to be able to
calculate hashes.

This change introduces a `py7zr` fork I created to have a stable commit
SHA to refer to in case upstream gets any forced pushes. It includes the
contents of the pull request the `py7zr` creator is working on to
support decompression streaming [1].

The way decompression streaming is implemented in `py7zr` is different
than the other compression utilities. Instead of being able to provide a
`bytes` iterator, we need to provide a `Py7zIO` implementation that
will call a callback on each read and write operation.

[1] https://github.com/miurahr/py7zr/pull/620
2024-11-08 21:31:11 -03:00
Michael Manganiello
26dcefa9f0 misc: Use tini as container entrypoint
Use tini [1] as the container entrypoint to ensure that the container
process is properly reaped when the container is stopped.

This is needed as the main container command is a shell script.

A simple way to test this change is to:

1. Build the container image and run it using `docker compose up`.
2. Within the same terminal, stop the container using `Ctrl+C`.
3. Verify that the container is properly stopped right away.

Without `tini`, the container takes a few seconds to stop, and it makes
one CPU core to be used at 100% during that time.

[1] https://github.com/krallin/tini
2024-10-30 09:15:02 -03:00
Michael Manganiello
b59411ccb7 misc: Upgrade RALibretro to v1.8.0 2024-10-11 22:45:05 -03:00
Michael Manganiello
cf3932f14a Merge pull request #1206 from rommapp/feat/add-rahasher
feat: Add RAHasher and util to calculate RetroAchievements hashes
2024-09-23 08:09:03 -03:00
Michael Manganiello
a82489a9c4 feat: Add RAHasher and util to calculate RetroAchievements hashes
Build and include the `RAHasher` binary in the Docker image, to
calculate hashes for RetroAchievements. Also, add a service to
run `RAHasher` from Python.

Example usage:

```python
from adapters.services.rahasher import RAHasherError, RAHasherService

rahasher = RAHasherService()
try:
    hash = await rahasher.calculate_hash("nes", Path("path/to/rom.nes"))
except RAHasherError:
    # Handle error
    hash = None
```
2024-09-22 23:40:25 -03:00
Michael Manganiello
66e5939b2b misc: Use bundled Valkey instead of Redis server
This change replaces the bundled Redis server with Valkey. No breaking
changes are introduced, as considered environment variables still
maintain the `REDIS_` prefix.

Fixes #925.
2024-09-22 13:27:18 -03:00
Georges-Antoine Assi
d2ab0f4b16 Try to fix nginx proxy buffering on upload 2024-09-21 10:47:24 -04:00
Michael Manganiello
0680063ebc misc: Add comments to Dockerfile about mod_zip 2024-08-21 00:08:25 -03:00
Michael Manganiello
0fad8ac282 feat: Use nginx mod_zip to generate multi-file zip downloads
This change installs and configures the `mod_zip` nginx module [1],
which allows nginx to stream ZIP files directly.

It includes a workaround needed to correctly calculate CRC-32 values for
included files, by including a new `server` section listening at port
8081, only used for the file requests to be upstream subrequests that
correctly trigger the CRC-32 calculation logic.

Also, to be able to provide a `m3u` file generated on the fly, we add a
`/decode` endpoint fully implemented in nginx using NJS, which receives
a `value` URL param, and decodes it using base64. The decoded value is
returned as the response.

That way, the contents of the `m3u` file is base64-encoded, and set as
part of the response, for `mod_zip` to include it in the ZIP file.

[1] https://github.com/evanmiller/mod_zip
2024-08-20 22:39:33 -03:00
Michael Manganiello
0c3afc0ebc misc: Pin Node version to v20
Avoid the stack being automatically upgraded to a new Node version, when
a different LTS is released.
2024-08-16 10:18:03 -03:00
Georges-Antoine Assi
e8e5a878c5 Merge branch 'master' into feat/implement-x-accel-redirect 2024-08-15 23:55:02 -04:00
Michael Manganiello
0fdbbe4625 misc: Upgrade Python to v3.12 and Alpine to v3.20
Included upgrades:
* Python: v3.12
* Alpine: v3.20 (which uses Python 3.12)
* nginx: v1.27.1
2024-08-15 20:14:32 -03:00
Georges-Antoine Assi
9281760975 merge gzip changes into branch 2024-08-13 00:31:48 -04:00
Michael Manganiello
d20f4ad935 feat: Use X-Accel-Redirect to improve file download speed
Instead of making FastAPI handle file download, which has serious
performance issues on big files [1], this change uses nginx's `X-Accel`
feature to delegate single-file downloads to nginx.

Partial fix for #1079, as it solves the CPU usage issue for single-file
downloads.

[1] https://github.com/fastapi/fastapi/discussions/6050
2024-08-12 20:01:00 -03:00
Georges-Antoine Assi
896d48108b Merge branch 'master' into calc-file-hashes-roms 2024-08-11 19:08:25 -04:00
Georges-Antoine Assi
bc38b40159 Merge branch 'master' into ruffle-flash-emulator 2024-08-09 18:54:36 -04:00
Georges-Antoine Assi
90e0e688b7 Merge branch 'master' into calc-file-hashes-roms 2024-08-09 11:36:50 -04:00
Michael Manganiello
27ba5a1159 fix: Set Gunicorn option forwarded-allow-ips
Currently, the `request.url_for` and `URLPath.make_absolute_url` methods
always build URLs with "http" scheme, even when the original requested
URL is using "https".

The reason for this is that Gunicorn does not allow IPs other than
127.0.0.1 to set secure headers by default. As regular RomM
installations don't know which frontend IPs will try to set security
headers in advance, we can disable this validation, and fix URL
building.

A simple way to test this change is to access any of the `feed` endpoints,
which generate URLs using the mentioned methods. Accessing the endpoint
using "https" scheme must generate "https" URLs.

Reference:
* https://github.com/encode/starlette/issues/538#issuecomment-2054013679
* https://docs.gunicorn.org/en/stable/settings.html#forwarded-allow-ips
2024-08-09 01:20:17 -03:00
Michael Manganiello
45aeaf3265 fix: Backend URL redirection logic
Fix FastAPI and nginx configuration, to make the application correctly
redirect URLs. This is specially useful when URLs ended with forward
slash are redirected to their stripped version.

Included changes:
* Stop removing the `/api` prefix in nginx rewrite rules, so FastAPI
  knows what's the original URL path being requested.
* Use `$http_host` in nginx, so FastAPI receives both the original host
  and port, to build the redirect URL (as `$host` does not include the
  port, if present).
* Make all FastAPI included routers know their prefix, to correctly
  route incoming requests.

This fix was found based on a report that redirects from URLs ended with
forward slash were not working [1].

[1] https://github.com/rommapp/romm/issues/1051#issuecomment-2269049762
2024-08-05 11:15:52 -03:00
Georges-Antoine Assi
5529b76952 start work on ruffle flash emulator 2024-07-29 20:55:06 -04:00
Georges-Antoine Assi
9386ca9e4a changes from self-review 2024-07-27 16:31:32 -04:00