Initial release

Author: ajhai

.dockerignore

@@ -1,20 +1,24 @@
-.DS_Store
 .env
 .env.dev
+.env.prod
 .git
 .github
 .gitignore
 .idea
 .jekyll-cache
 .jekyll-metadata
 .sass-cache
-tests
-__pycache__
 _releaser
 _site
+**/.DS_Store
+**/__pycache__
+**/node_modules
 CONTRIBUTING.md
 db.sqlite3
 Dockerfile
 docker-compose.yml
-client/node_modules
-/vendor
+docker-compose.dev.yml
+fixtures
+nginx
+tests
+web

.env.dev

@@ -1,25 +1,30 @@
-DJANGO_SECRET_KEY='3!4^11rgx0-53)!n#18(1_^)&pj-3n^Afpc#mbm(+!fj4r$rp7ea!s'
 DEBUG=True
+LOG_LEVEL=INFO
+SECRET_KEY='3!4^11rgx0-53)!n#18(1_^)&pj-3n^Afpc#mbm(+!fj4r$rp7ea!s'
+CIPHER_KEY_SALT=salt
 SINGLE_THREAD=False
 AUTORELOAD=True
-LOG_LEVEL=INFO
-DJANGO_LOG_LEVEL=INFO
-DJANGO_ALLOWED_HOSTS=*
-CORS_ORIGIN_WHITELIST=http://localhost:3000,http://localhost:9000
-
+ALLOWED_HOSTS=*
 DATABASE_ENGINE=postgresql
 DATABASE_NAME=postgres
 DATABASE_USERNAME=postgres
 DATABASE_PASSWORD=
 DATABASE_HOST=postgres
 DATABASE_PORT=5432
-DJANGO_MANAGEPY_MIGRATE=off
-DJANGO_MANAGEPY_COLLECTSTATIC=on
-DJANGO_MANAGEPY_CREATECACHETABLE=on
-DJANGO_MANAGEPY_CLEARCACHE=on
-DJANGO_MANAGEPY_CLEARCACHE=on
-DJANGO_CIPHER_KEY_SALT=salt
-DJANGO_STATIC_URL=static/
 REDIS_PORT=6379
 REDIS_HOST=redis
-REDIS_DB=0
+REDIS_DB=0
+STATIC_URL=static/
+
+# Persistent volumes
+POSTGRES_VOLUME=/tmp/postgres_llmstack_dev
+REDIS_VOLUME=/tmp/redis_llmstack_dev
+WEAVIATE_VOLUME=/tmp/weaviate_llmstack_dev
+
+# Platform keys
+DEFAULT_OPENAI_API_KEY=
+DEFAULT_DREAMSTUDIO_API_KEY=
+DEFAULT_AZURE_OPENAI_API_KEY=
+DEFAULT_COHERE_API_KEY=
+DEFAULT_FOREFRONTAI_API_KEY=
+DEFAULT_ELEVENLABS_API_KEY=

.env.prod

@@ -0,0 +1,16 @@
+SECRET_KEY='3!4^11rgx0-53)!n#18(1_^)&pj-3n^Afpc#mbm(+!fj4r$rp7ea!s'
+CIPHER_KEY_SALT=salt
+DATABASE_PASSWORD=llmstack
+
+# Persistent volumes
+POSTGRES_VOLUME=/tmp/postgres_llmstack
+REDIS_VOLUME=/tmp/redis_llmstack
+WEAVIATE_VOLUME=/tmp/weaviate_llmstack
+
+# Platform keys
+DEFAULT_OPENAI_API_KEY=
+DEFAULT_DREAMSTUDIO_API_KEY=
+DEFAULT_AZURE_OPENAI_API_KEY=
+DEFAULT_COHERE_API_KEY=
+DEFAULT_FOREFRONTAI_API_KEY=
+DEFAULT_ELEVENLABS_API_KEY=

.github/workflows/docker-images.yml

@@ -0,0 +1,127 @@
+name: Docker Images CI
+
+on:
+  push:
+    branches: ["main"]
+    # Publish semver tags as releases.
+    tags: ["v*.*.*"]
+
+env:
+  REGISTRY: ghcr.io
+  ORG: trypromptly
+  IMAGE_NAME_API: "llmstack-api"
+  IMAGE_NAME_NGINX: "llmstack-nginx"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      packages: write
+      # This is used to complete the identity challenge
+      # with sigstore/fulcio when running outside of PRs.
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Install the cosign tool except on PR
+      # https://github.com/sigstore/cosign-installer
+      - name: Install cosign
+        if: github.event_name != 'pull_request'
+        uses: sigstore/[email protected]
+        with:
+          cosign-release: "v2.1.1"
+
+      # Setup QEMU for cross compilation
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      # Setup Docker Buildx
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      # Login against a Docker registry except on PR
+      # https://github.com/docker/login-action
+      - name: Log into registry ${{ env.REGISTRY }}
+        if: github.event_name != 'pull_request'
+        uses: docker/[email protected]
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata for API
+        id: meta-api
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.ORG }}/${{ env.IMAGE_NAME_API }}
+          tags: |
+            type=raw,value=latest,event=push,enabled={{is_default_branch}}
+            type=semver,enabled={{starts_with(github.ref, 'refs/tags/v')}},pattern={{version}}
+
+      - name: Extract Docker metadata for nginx
+        id: meta-nginx
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.ORG }}/${{ env.IMAGE_NAME_NGINX }}
+          tags: |
+            type=raw,value=latest,event=push,enabled={{is_default_branch}}
+            type=semver,enabled={{starts_with(github.ref, 'refs/tags/v')}},pattern={{version}}
+
+      # Build client
+      - name: Build client
+        run: |
+          cd client
+          npm install
+          npm run build
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push LLMStack API Docker image
+        id: build-and-push-api
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta-api.outputs.tags }}
+          labels: ${{ steps.meta-api.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+
+      - name: Build and push LLMStack nginx Docker image
+        id: build-and-push-nginx
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta-nginx.outputs.tags }}
+          labels: ${{ steps.meta-nginx.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          file: Dockerfile.nginx
+          platforms: linux/amd64,linux/arm64
+          build-args: REGISTRY=${{ env.REGISTRY }}/${{ env.ORG }}/
+
+      - name: Sign the published LLMStack API Docker image
+        if: ${{ github.event_name != 'pull_request' }}
+        env:
+          # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
+          TAGS: ${{ steps.meta-api.outputs.tags }}
+          DIGEST: ${{ steps.build-and-push-api.outputs.digest }}
+        # This step uses the identity token to provision an ephemeral certificate
+        # against the sigstore community Fulcio instance.
+        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
+
+      - name: Sign the published LLMStack nginx Docker image
+        if: ${{ github.event_name != 'pull_request' }}
+        env:
+          TAGS: ${{ steps.meta-nginx.outputs.tags }}
+          DIGEST: ${{ steps.build-and-push-nginx.outputs.digest }}
+        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

.gitignore

@@ -159,6 +159,9 @@ cython_debug/
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 #.idea/
 
+# Vscode 
+.vscode 
+
 # LLMStack
 static/css
 static/js

Dockerfile

@@ -1,15 +1,32 @@
-FROM python:3.9
+# Stage 1: Compile and build code
+FROM python:3.9 AS builder
+
+ADD requirements_base.txt /requirements_base.txt
+RUN pip install --no-cache-dir -r /requirements_base.txt
+RUN playwright install chromium
+
+ADD requirements_datasources.txt /requirements_datasources.txt
+RUN pip install --no-cache-dir -r /requirements_datasources.txt
+
+ADD requirements_processors.txt /requirements_processors.txt.txt
+RUN pip install --no-cache-dir -r /requirements_processors.txt.txt
+
+RUN mkdir /code/
+WORKDIR /code/
+ADD . /code/
+
+ENV DJANGO_SETTINGS_MODULE=llmstack.settings
+RUN python manage.py collectstatic --noinput --clear
+
+# Stage 2: Build final image
+FROM python:3.9-slim
 
-# Create a group and user to run our app
 ARG APP_USER=appuser
 RUN groupadd -r ${APP_USER} && useradd --no-log-init -r -g ${APP_USER} ${APP_USER} \
     && mkdir -p /home/${APP_USER} \
     && chown -R ${APP_USER}:${APP_USER} /home/${APP_USER}
 
-# Install packages needed to run your application
-RUN set -ex \
-    && RUN_DEPS=" \
-    libpcre3 \
+RUN apt-get update && apt-get install -y libpcre3 \
     mime-support \
     ffmpeg \
     postgresql-client \
@@ -19,44 +36,24 @@ RUN set -ex \
     libcups2-dev \
     libxkbcommon-x11-0 \
     libxcomposite-dev \
-    libxdamage-dev \
-    " \
-    && seq 1 8 | xargs -I{} mkdir -p /usr/share/man/man{} \
-    && apt-get update && apt-get install -y --no-install-recommends $RUN_DEPS \
-    && rm -rf /var/lib/apt/lists/*
-
-# Copy requirements files and build them
-ADD requirements_base.txt /requirements_base.txt
-RUN pip install --no-cache-dir -r /requirements_base.txt
+    libxdamage-dev && rm -rf /var/lib/apt/lists/*    
 
-ADD requirements_datasources.txt /requirements_datasources.txt
-RUN pip install --no-cache-dir -r /requirements_datasources.txt
+COPY --from=builder /code/ /code/
+COPY --from=builder /root/.cache/pip /root/.cache/pip
+COPY --from=builder /usr/local/lib/python3.9/site-packages/ /usr/local/lib/python3.9/site-packages/
+COPY --from=builder /usr/local/bin/ /usr/local/bin/
 
-ADD requirements_processors.txt /requirements_processors.txt.txt
-RUN pip install --no-cache-dir -r /requirements_processors.txt.txt
+COPY --from=builder /root/.cache/ms-playwright /home/${APP_USER}/.cache/ms-playwright
+RUN chown -R ${APP_USER}:${APP_USER} /home/${APP_USER}/.cache
 
-# Copy app code
-RUN mkdir /code/
 WORKDIR /code/
-ADD . /code/
-
-# aWSGI will listen on this port
-EXPOSE 9000
 
-# Static environment variables needed by Django
 ENV DJANGO_SETTINGS_MODULE=llmstack.settings
 
-# Collect static
-RUN python manage.py collectstatic --noinput --clear
+EXPOSE 9000
 
-# Change to a non-root user
 USER ${APP_USER}:${APP_USER}
 
-# Install playwright  browser 
-RUN playwright install chromium
-
-# Run entrypoint script
 ENTRYPOINT ["/code/docker-entrypoint.sh"]
 
-# Start aWSGI
 CMD ["/usr/local/bin/gunicorn", "promptly.asgi:application", "-w", "2", "-t", "120", "-b", ":9000", "-k", "uvicorn.workers.UvicornWorker"]

Dockerfile.nginx

@@ -0,0 +1,9 @@
+ARG REGISTRY
+FROM ${REGISTRY:-}llmstack-api:${TAG:-latest} as builder
+FROM nginx:stable-alpine3.17-slim
+
+RUN rm /etc/nginx/conf.d/default.conf
+COPY nginx.conf /etc/nginx/conf.d
+
+# Copy static files from Django to nginx
+COPY --from=builder /code/static /usr/share/nginx/html/static