forked from mpiorowski/late-sh
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathMakefile
More file actions
144 lines (128 loc) · 7.7 KB
/
Makefile
File metadata and controls
144 lines (128 loc) · 7.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
####################################################
# Docker
####################################################
# --- General (Docker/dev containers) ---
RUST_LOG ?= info,late_web=debug,late_ssh=debug,late_core=debug
CARGO_TARGET_DIR ?= /app/target
INSTANCE ?= late # Prefix for container names; bump (e.g. late2) for a parallel clone
# --- SSH ---
LATE_FORCE_ADMIN ?= 1
LATE_SSH_PORT ?= 2222 # SSH server listen port
LATE_API_PORT ?= 4001 # HTTP API listen port
LATE_SSH_OPEN ?= 1 # Allow connections without auth (1=open, 0=require key)
LATE_SSH_KEY_PATH ?= /app/server_key # Path to Ed25519 host key inside container
LATE_MAX_CONNS_GLOBAL ?= 10000 # Max total concurrent SSH connections
LATE_MAX_CONNS_PER_IP ?= 3 # Max concurrent SSH connections from a single IP
LATE_SSH_IDLE_TIMEOUT ?= 3600 # Disconnect idle SSH sessions after N seconds
LATE_FRAME_DROP_LOG_EVERY ?= 100 # Log a warning every Nth dropped TUI frame
LATE_SSH_MAX_ATTEMPTS_PER_IP ?= 30 # Max SSH connect attempts per IP before rate-limited
LATE_SSH_RATE_LIMIT_WINDOW_SECS ?= 60 # Rolling window for SSH rate limiting
LATE_SSH_PROXY_PROTOCOL ?= 0 # Parse PROXY protocol headers for real client IPs
LATE_SSH_PROXY_TRUSTED_CIDRS ?= # Comma-separated trusted proxy CIDRs (e.g. 10.42.0.0/16)
LATE_WS_PAIR_MAX_ATTEMPTS_PER_IP ?= 30 # Max WebSocket pair requests per IP before rate-limited
LATE_WS_PAIR_RATE_LIMIT_WINDOW_SECS ?= 60 # Rolling window for WS pair rate limiting
LATE_ALLOWED_ORIGINS ?= http://localhost:$(LATE_WEB_PORT) # Comma-separated list of allowed CORS origins
# --- Database ---
LATE_DB_HOST ?= postgres # PostgreSQL hostname (docker service name)
LATE_DB_PORT ?= 5432 # PostgreSQL port
LATE_DB_USER ?= postgres # PostgreSQL user
LATE_DB_PASSWORD ?= postgres # PostgreSQL password
LATE_DB_NAME ?= postgres # PostgreSQL database name
LATE_DB_POOL_SIZE ?= 16 # PostgreSQL connection pool size
LATE_PG_HOST_PORT ?= 5433 # Host-side port mapped to postgres 5432
# --- Audio ---
LATE_ICECAST_URL ?= http://icecast:8000 # Icecast streaming server URL
LATE_LIQUIDSOAP_ADDR ?= liquidsoap:1234 # Liquidsoap telnet address for vibe switching
LATE_ICECAST_HOST_PORT ?= 8000 # Host-side port mapped to icecast 8000
LATE_LIQUIDSOAP_HOST_PORT ?= 1234 # Host-side port mapped to liquidsoap 1234
# --- Web ---
LATE_WEB_PORT ?= 3000 # Web server listen port
LATE_WEB_URL ?= http://localhost:$(LATE_WEB_PORT) # Public web URL (used by SSH server)
LATE_SSH_INTERNAL_URL ?= http://service-ssh:$(LATE_API_PORT) # Internal SSH API URL (used by web server)
LATE_SSH_PUBLIC_URL ?= localhost:$(LATE_API_PORT) # Public SSH API URL (used by browser for WS)
LATE_AUDIO_URL ?= http://icecast:8000 # Upstream audio URL used by late-web /stream proxy
LATE_WEB_TUNNEL_TOKEN ?= dev-web-tunnel # Local-only shared token for /play web terminal
# --- Vote ---
LATE_VOTE_SWITCH_INTERVAL_SECS ?= 3600 # Duration of each vote round (60 min)
# --- AI (Gemini - used for @bot and @graybeard chat + URL extraction) ---
LATE_AI_ENABLED ?= 1 # Enable AI-powered features
LATE_AI_API_KEY ?= # Gemini API key for AI features
LATE_AI_MODEL ?= gemini-3.1-pro-preview # Gemini model to use
####################################################
# Targets
####################################################
.PHONY: .env
.env:
@echo "RUST_LOG=$(RUST_LOG)" > .env
@echo "CARGO_TARGET_DIR=$(CARGO_TARGET_DIR)" >> .env
@echo "INSTANCE=$(INSTANCE)" >> .env
@echo "LATE_FORCE_ADMIN=$(LATE_FORCE_ADMIN)" >> .env
@echo "LATE_SSH_PORT=$(LATE_SSH_PORT)" >> .env
@echo "LATE_API_PORT=$(LATE_API_PORT)" >> .env
@echo "LATE_SSH_OPEN=$(LATE_SSH_OPEN)" >> .env
@echo "LATE_SSH_KEY_PATH=$(LATE_SSH_KEY_PATH)" >> .env
@echo "LATE_MAX_CONNS_GLOBAL=$(LATE_MAX_CONNS_GLOBAL)" >> .env
@echo "LATE_MAX_CONNS_PER_IP=$(LATE_MAX_CONNS_PER_IP)" >> .env
@echo "LATE_SSH_IDLE_TIMEOUT=$(LATE_SSH_IDLE_TIMEOUT)" >> .env
@echo "LATE_FRAME_DROP_LOG_EVERY=$(LATE_FRAME_DROP_LOG_EVERY)" >> .env
@echo "LATE_SSH_MAX_ATTEMPTS_PER_IP=$(LATE_SSH_MAX_ATTEMPTS_PER_IP)" >> .env
@echo "LATE_SSH_RATE_LIMIT_WINDOW_SECS=$(LATE_SSH_RATE_LIMIT_WINDOW_SECS)" >> .env
@echo "LATE_SSH_PROXY_PROTOCOL=$(LATE_SSH_PROXY_PROTOCOL)" >> .env
@echo "LATE_SSH_PROXY_TRUSTED_CIDRS=$(LATE_SSH_PROXY_TRUSTED_CIDRS)" >> .env
@echo "LATE_WS_PAIR_MAX_ATTEMPTS_PER_IP=$(LATE_WS_PAIR_MAX_ATTEMPTS_PER_IP)" >> .env
@echo "LATE_WS_PAIR_RATE_LIMIT_WINDOW_SECS=$(LATE_WS_PAIR_RATE_LIMIT_WINDOW_SECS)" >> .env
@echo "LATE_ALLOWED_ORIGINS=$(LATE_ALLOWED_ORIGINS)" >> .env
@echo "LATE_DB_HOST=$(LATE_DB_HOST)" >> .env
@echo "LATE_DB_PORT=$(LATE_DB_PORT)" >> .env
@echo "LATE_DB_USER=$(LATE_DB_USER)" >> .env
@echo "LATE_DB_PASSWORD=$(LATE_DB_PASSWORD)" >> .env
@echo "LATE_DB_NAME=$(LATE_DB_NAME)" >> .env
@echo "LATE_DB_POOL_SIZE=$(LATE_DB_POOL_SIZE)" >> .env
@echo "LATE_PG_HOST_PORT=$(LATE_PG_HOST_PORT)" >> .env
@echo "LATE_ICECAST_URL=$(LATE_ICECAST_URL)" >> .env
@echo "LATE_LIQUIDSOAP_ADDR=$(LATE_LIQUIDSOAP_ADDR)" >> .env
@echo "LATE_ICECAST_HOST_PORT=$(LATE_ICECAST_HOST_PORT)" >> .env
@echo "LATE_LIQUIDSOAP_HOST_PORT=$(LATE_LIQUIDSOAP_HOST_PORT)" >> .env
@echo "LATE_WEB_PORT=$(LATE_WEB_PORT)" >> .env
@echo "LATE_WEB_URL=$(LATE_WEB_URL)" >> .env
@echo "LATE_SSH_INTERNAL_URL=$(LATE_SSH_INTERNAL_URL)" >> .env
@echo "LATE_SSH_PUBLIC_URL=$(LATE_SSH_PUBLIC_URL)" >> .env
@echo "LATE_AUDIO_URL=$(LATE_AUDIO_URL)" >> .env
@echo "LATE_WEB_TUNNEL_TOKEN=$(LATE_WEB_TUNNEL_TOKEN)" >> .env
@echo "LATE_VOTE_SWITCH_INTERVAL_SECS=$(LATE_VOTE_SWITCH_INTERVAL_SECS)" >> .env
@echo "LATE_AI_ENABLED=$(LATE_AI_ENABLED)" >> .env
@echo "LATE_AI_API_KEY=$(LATE_AI_API_KEY)" >> .env
@echo "LATE_AI_MODEL=$(LATE_AI_MODEL)" >> .env
# Recipe for a parallel "instance 2" clone. Run from the second clone:
# make start-instance2 # bring up the stack (foreground)
# make .env-instance2 # just (re)generate .env without starting
# Only ports are overridden; URL/origin vars track the port defaults above.
INSTANCE2_OVERRIDES = \
INSTANCE=late2 \
LATE_SSH_PORT=2223 \
LATE_API_PORT=4001 \
LATE_WEB_PORT=3001 \
LATE_PG_HOST_PORT=5434 \
LATE_ICECAST_HOST_PORT=8001 \
LATE_LIQUIDSOAP_HOST_PORT=1235
.PHONY: .env-instance2
.env-instance2:
@$(MAKE) .env $(INSTANCE2_OVERRIDES)
.PHONY: start-instance2
start-instance2:
@$(MAKE) start $(INSTANCE2_OVERRIDES)
.PHONY: keys
keys:
@if [ ! -f server_key ]; then ssh-keygen -t ed25519 -f server_key -N "" -q; fi
check:
cargo fmt --all -- --check && cargo clippy --workspace --all-targets -- -D warnings && cargo nextest run --workspace --all-targets
start: .env keys
docker compose -f docker-compose.yml up --build
startm: .env keys
docker compose -f docker-compose.yml -f docker-compose.monitoring.yml up --build
down:
docker compose -f docker-compose.yml -f docker-compose.monitoring.yml down
stop:
docker ps -aq | xargs -r docker stop
remove:
docker ps -aq | xargs -r docker rm -f