feat: replace nginx supervisor proxy with modern supervisor-ui
- Replaced nginx:alpine proxy with dev.pivoine.art/valknar/supervisor-ui:latest - Modern Next.js UI with real-time SSE updates, batch operations, and charts - Changed service port from 80 (nginx) to 3000 (Next.js) - Removed supervisor-nginx.conf (no longer needed) - Kept same URL (supervisor.ai.pivoine.art) and Authelia SSO protection - Added health check for /api/health endpoint - Service connects to RunPod Supervisor via Tailscale (SUPERVISOR_HOST/PORT)
This commit is contained in:
@@ -235,20 +235,26 @@ services:
|
|||||||
# Watchtower
|
# Watchtower
|
||||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||||
|
|
||||||
# Supervisor - Process manager web UI (proxies to RunPod GPU)
|
# Supervisor UI - Modern web interface for RunPod process management
|
||||||
supervisor:
|
supervisor-ui:
|
||||||
image: nginx:alpine
|
image: dev.pivoine.art/valknar/supervisor-ui:latest
|
||||||
container_name: ${AI_COMPOSE_PROJECT_NAME}_supervisor
|
container_name: ${AI_COMPOSE_PROJECT_NAME}_supervisor_ui
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
environment:
|
environment:
|
||||||
TZ: ${TIMEZONE:-Europe/Berlin}
|
TZ: ${TIMEZONE:-Europe/Berlin}
|
||||||
SUPERVISOR_BACKEND_HOST: ${GPU_TAILSCALE_IP}
|
NODE_ENV: production
|
||||||
SUPERVISOR_BACKEND_PORT: ${SUPERVISOR_BACKEND_PORT:-9001}
|
# Connect to RunPod Supervisor via Tailscale
|
||||||
volumes:
|
SUPERVISOR_HOST: ${GPU_TAILSCALE_IP}
|
||||||
- ./supervisor-nginx.conf:/etc/nginx/nginx.conf.template:ro
|
SUPERVISOR_PORT: ${SUPERVISOR_BACKEND_PORT:-9001}
|
||||||
command: /bin/sh -c "envsubst '$${SUPERVISOR_BACKEND_HOST},$${SUPERVISOR_BACKEND_PORT}' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && exec nginx -g 'daemon off;'"
|
# No auth needed - Supervisor has auth disabled (protected by Authelia)
|
||||||
networks:
|
networks:
|
||||||
- compose_network
|
- compose_network
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000/api/health"]
|
||||||
|
interval: 30s
|
||||||
|
timeout: 10s
|
||||||
|
retries: 3
|
||||||
|
start_period: 10s
|
||||||
labels:
|
labels:
|
||||||
- 'traefik.enable=${AI_SUPERVISOR_TRAEFIK_ENABLED:-true}'
|
- 'traefik.enable=${AI_SUPERVISOR_TRAEFIK_ENABLED:-true}'
|
||||||
# HTTP to HTTPS redirect
|
# HTTP to HTTPS redirect
|
||||||
@@ -262,8 +268,8 @@ services:
|
|||||||
- 'traefik.http.routers.${AI_COMPOSE_PROJECT_NAME}-supervisor-web-secure.entrypoints=web-secure'
|
- 'traefik.http.routers.${AI_COMPOSE_PROJECT_NAME}-supervisor-web-secure.entrypoints=web-secure'
|
||||||
- 'traefik.http.middlewares.${AI_COMPOSE_PROJECT_NAME}-supervisor-web-secure-compress.compress=true'
|
- 'traefik.http.middlewares.${AI_COMPOSE_PROJECT_NAME}-supervisor-web-secure-compress.compress=true'
|
||||||
- 'traefik.http.routers.${AI_COMPOSE_PROJECT_NAME}-supervisor-web-secure.middlewares=${AI_COMPOSE_PROJECT_NAME}-supervisor-web-secure-compress,net-authelia,security-headers@file'
|
- 'traefik.http.routers.${AI_COMPOSE_PROJECT_NAME}-supervisor-web-secure.middlewares=${AI_COMPOSE_PROJECT_NAME}-supervisor-web-secure-compress,net-authelia,security-headers@file'
|
||||||
# Service
|
# Service (port 3000 for Next.js app)
|
||||||
- 'traefik.http.services.${AI_COMPOSE_PROJECT_NAME}-supervisor-web-secure.loadbalancer.server.port=80'
|
- 'traefik.http.services.${AI_COMPOSE_PROJECT_NAME}-supervisor-web-secure.loadbalancer.server.port=3000'
|
||||||
- 'traefik.docker.network=${NETWORK_NAME}'
|
- 'traefik.docker.network=${NETWORK_NAME}'
|
||||||
# Watchtower
|
# Watchtower
|
||||||
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
||||||
|
|||||||
@@ -1,38 +0,0 @@
|
|||||||
events {
|
|
||||||
worker_connections 1024;
|
|
||||||
}
|
|
||||||
|
|
||||||
http {
|
|
||||||
# Proxy settings
|
|
||||||
proxy_http_version 1.1;
|
|
||||||
proxy_buffering off;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
|
|
||||||
# Timeouts for Supervisor web UI (quick responses)
|
|
||||||
proxy_connect_timeout 60;
|
|
||||||
proxy_send_timeout 60;
|
|
||||||
proxy_read_timeout 60;
|
|
||||||
send_timeout 60;
|
|
||||||
|
|
||||||
server {
|
|
||||||
listen 80;
|
|
||||||
server_name _;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
# Proxy to Supervisor on RunPod via Tailscale
|
|
||||||
proxy_pass http://${SUPERVISOR_BACKEND_HOST}:${SUPERVISOR_BACKEND_PORT};
|
|
||||||
|
|
||||||
# Proxy headers
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
|
|
||||||
# Disable buffering for real-time updates
|
|
||||||
proxy_buffering off;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Reference in New Issue
Block a user