From 8e4f0a6844991f35457662ca2d0859674e98ea7e Mon Sep 17 00:00:00 2001
From: Rob Watson <rob@netflux.io>
Date: Tue, 21 Nov 2023 23:15:34 +0100
Subject: [PATCH] feat: add docker-compose.yml

---
 Dockerfile         | 32 +++++++++++----------------
 Makefile           |  8 +++++++
 README.md          | 12 ++++++++++-
 dev/README.md      | 14 ++++++++++--
 dev/cert           |  2 +-
 docker-compose.yml | 54 ++++++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 98 insertions(+), 24 deletions(-)
 create mode 100644 Makefile
 create mode 100644 docker-compose.yml

diff --git a/Dockerfile b/Dockerfile
index 0545e38..d4d8e9f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,8 +1,8 @@
-FROM rust:latest as builder
+FROM rust:bookworm as builder
 
 # Create a build directory and copy over all of the files
 WORKDIR /build
-COPY . .
+COPY . ./
 
 # Reuse a cache between builds.
 # I tried to `cargo install`, but it doesn't seem to work with workspaces.
@@ -12,28 +12,20 @@ RUN --mount=type=cache,target=/usr/local/cargo/registry \
     --mount=type=cache,target=/build/target \
     cargo build --release && cp /build/target/release/moq-* /usr/local/cargo/bin
 
-# Special image for moq-pub with ffmpeg and a publish script included.
-FROM rust:latest as moq-pub
+# moq-rs image with just the binaries
+FROM debian:bookworm-slim
 
-# Install required utilities and ffmpeg
 RUN apt-get update && \
-    apt-get install -y ffmpeg wget
-
-# Copy the publish script into the image
-COPY deploy/publish.sh /usr/local/bin/publish
-
-# Copy the compiled binaries
-COPY --from=builder /usr/local/cargo/bin /usr/local/cargo/bin
-CMD [ "publish" ]
-
-# moq-rs image with just the binaries (default)
-FROM rust:latest as moq-rs
+	apt-get install -y --no-install-recommends curl libssl3 && \
+	rm -rf /var/lib/apt/lists/*
 
 LABEL org.opencontainers.image.source=https://github.com/kixelated/moq-rs
 LABEL org.opencontainers.image.licenses="MIT OR Apache-2.0"
 
-# Fly.io entrypoint
-ADD deploy/fly-relay.sh .
+COPY --from=builder /usr/local/cargo/bin /usr/local/bin
 
-# Copy the compiled binaries
-COPY --from=builder /usr/local/cargo/bin /usr/local/cargo/bin
+# Entrypoint to load relay TLS config in Fly:
+COPY deploy/fly-relay.sh .
+
+# Default to moq-relay:
+CMD ["moq-relay"]
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..09a301d
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,8 @@
+export CAROOT ?= $(shell cd dev ; go run filippo.io/mkcert -CAROOT)
+
+.PHONY: run
+run: dev/localhost.crt
+	@docker-compose up --build --remove-orphans
+
+dev/localhost.crt:
+	@dev/cert
diff --git a/README.md b/README.md
index 5a4599d..677ea0f 100644
--- a/README.md
+++ b/README.md
@@ -17,7 +17,17 @@ There's currently no way to view media with this repo; you'll need to use [moq-j
 
 ## Development
 
-Use the [dev helper scripts](dev/README.md) for local development.
+Launch backend containers (including two relays, API and a Redis instance) using docker-compose:
+
+```
+make run
+```
+
+As well as launching the containers, this handles the creation and transfer of TLS certificates.
+
+Then, visit https://quic.video/publish/?server=localhost:4443.
+
+Alternatively, use the [dev helper scripts](dev/README.md).
 
 ## Usage
 
diff --git a/dev/README.md b/dev/README.md
index 1c0d8fb..56a185e 100644
--- a/dev/README.md
+++ b/dev/README.md
@@ -1,8 +1,18 @@
 # Local Development
 
-This is a collection of helpful scripts for local development.
+## Quickstart with Docker
 
-## Setup
+Launch a basic cluster, including provisioning certs and deploying root certificates:
+
+```
+# From repo root:
+make run
+```
+
+
+## Manual setup
+
+This is a collection of helpful scripts for local development.
 
 ### moq-relay
 
diff --git a/dev/cert b/dev/cert
index 5e90ca5..e2e9243 100755
--- a/dev/cert
+++ b/dev/cert
@@ -15,4 +15,4 @@ go run filippo.io/mkcert -ecdsa -install
 # Generate a new certificate for localhost
 # This fork of mkcert supports the -days flag.
 # TODO remove the -days flag when Chrome accepts self-signed certs.
-go run filippo.io/mkcert -ecdsa -days 10 -cert-file "$CRT" -key-file "$KEY" localhost 127.0.0.1 ::1
+go run filippo.io/mkcert -ecdsa -days 10 -cert-file "$CRT" -key-file "$KEY" localhost 127.0.0.1 ::1 relay1 relay2
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..fbeaaa3
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,54 @@
+version: "3.8"
+
+x-relay: &x-relay
+  build: .
+  entrypoint: ["moq-relay"]
+  environment:
+    RUST_LOG: ${RUST_LOG:-debug}
+  volumes:
+  - ./dev/localhost.crt:/etc/tls/cert:ro
+  - ./dev/localhost.key:/etc/tls/key:ro
+  - certs:/etc/ssl/certs
+  depends_on:
+    install-certs:
+      condition: service_completed_successfully
+
+services:
+  redis:
+    image: redis:7
+    ports:
+    - "6400:6379"
+
+  api:
+    build: .
+    entrypoint: moq-api
+    command: --listen [::]:4442 --redis redis://redis:6379
+
+  relay1:
+    <<: *x-relay
+    command: --listen [::]:4443 --tls-cert /etc/tls/cert --tls-key /etc/tls/key --api http://api:4442 --api-node https://relay1:4443 --dev
+    ports:
+    - "4443:4443"
+    - "4443:4443/udp"
+
+  relay2:
+    <<: *x-relay
+    command: --listen [::]:4443 --tls-cert /etc/tls/cert --tls-key /etc/tls/key --api http://api:4442 --api-node https://relay2:4443 --dev
+    ports:
+    - "4444:4443"
+    - "4444:4443/udp"
+
+  install-certs:
+    image: golang:latest
+    working_dir: /work
+    command: go run filippo.io/mkcert -install
+    environment:
+      CAROOT: /work/caroot
+    volumes:
+    - ${CAROOT:-.}:/work/caroot
+    - certs:/etc/ssl/certs
+    - ./dev/go.mod:/work/go.mod:ro
+    - ./dev/go.sum:/work/go.sum:ro
+
+volumes:
+  certs: