quadratic icon indicating copy to clipboard operation
quadratic copied to clipboard

Published 20 hours ago verified publisher icon quadratichq

MVP of self-hosting

Open ddimaria opened this issue 6 months ago • 3 comments

TODO

  • [x] Remove self-hosting directory (in favor of new self-hosting repo
  • [x] Deploy self-hosting portal on the production domain
  • [x] Update all references to new domain (selfhost.quadratichq.com)
  • [x] Add cloud formation template for production deployment
  • [x] Update URLs to self-hosting portal production domain
  • [x] Usurp self-hosting checks for quadratic production @ddimaria
  • [x] Set ENV vars for preview (@davidkircos)
  • [x] API Code Review @jimniels
  • [x] Client Code Review @davidfig
  • [x] Set ENV vars for production(@davidkircos)
  • [ ] Verify AWS Credentials in production have necessary permissions for creating image repos and pushing.
  • [ ] Update portal to link to different self hosting options
  • [ ] After start print where to access Quadratic. Quadratic Selfhost ASCII Art + "Open Quadratic at [Link]" @ddimaria

After merge

  • [ ] Update repo names to point to prod images https://github.com/quadratichq/quadratic-selfhost/blob/main/docker-compose.yml

Self hosting auth alternative (Ory Kratos support)

  • [x] Add Kratos to docker compose and configure
  • [x] Add kratos-selfservice-ui-node to docker compose and configure
  • [x] Implement AUTH_TYPE in quadratic-api and switch between auth0 and ory based on the selection
    • [x] Mirror auth0 functionality in ory
  • [x] Implement AUTH_TYPE in quadratic-client and switch between auth0 and ory based on the selection
    • [x] Mirror auth0 functionality in ory
  • [x] Host jwks.json in the quadratic-client

Simple file storage

  • [x] Implement file-system storage in quadratic-rust-shared and quadratic-files
  • [x] Implement file-system storage in quadratic-api and quadratic-client

On the API side, you denote the storage method as an env var: STORAGE_TYPE=file-system # s3 or file-system. There is a storage abstraction within API that can switch between S3 and FileSystem. The abstracted functions are:

  • getFileUrl()
  • getPresignedFileUrl() (reuse ENCRYPTION_KEY for uuid encryption in presigned URLs)
  • uploadFile()
  • uploadMiddleware() (express middleware for S3 and FileSystem

On the File Service side, the same env var STORAGE_TYPE is used to turn on a few new routes:

  • GET /storage/:key Get any file in storage, validated by JWT
  • POST /storage/:key Upload any file in storage, validated by JWT
  • GET /storage/presigned/:key Get any file in storage via a presigned key, validated by key decryption

Environment Variables to Add:

quadratic-api

STORAGE_TYPE=s3 # s3 or file-system
QUADRATIC_FILE_URI=

AUTH_TYPE=ory # auth0 or ory
ORY_JWKS_URI='http://localhost:3000/.well-known/jwks.json'
ORY_ADMIN_HOST=http://0.0.0.0:4434

LICENSE_KEY="LICENSE_KEY"
LICENSE_API_URI=https://selfhost.quadratic-preview.com

quadratic-client

VITE_AUTH_TYPE=ory # auth0 or ory
VITE_ORY_HOST=http://localhost:4433

quadratic-files

STORAGE_TYPE=s3 # s3 or file-system
STORAGE_DIR=
STORAGE_ENCRYPTION_KEYS=

ddimaria avatar Aug 15 '24 22:08 ddimaria