This docker-compose configuration to be used only for development purpose.
This container is a backend web server, linked to its database.
It provides sub-commands to simplify tasks like updating of mirrors.
Run mirrors-qa-backend --help in the container to see the various sub-commands and options.
This container is a PostgreSQL DB. DB data is kept in a volume, persistent across containers restarts.
This container creates test entries for idle workers (i.e workers who have not been seen in the last IDLE_WORKER_SECONDS environment variable)
This container records the speed results for a particular test.
This container is responsible for starting the task containers, setting up a wireguard interface, collecting the results from the task container and updates the results of the test on the backend API via REST.
docker compose up --buildThe above command only starts the backend, postgresqldb and scheduler
services.
To start the worker-manager, you need to register a worker. Afterwards, run:
docker compose --profile worker up --buildNOTE: Unless otherwise stated, all files and commands are with respective to the dev directory.
- Move the Mullvad configuration files into the
datadirectory. Configuration files should be named in the format<country_code>.confwhere<country_code>is the ISO 3166-1 alpha-2 code of the country. On start, theworker-managerwill select a random file to start up thewireguardcontainer. On receiving a task from the backend scheduler, it will search for a configuration file belonging to that task and reconfigure the wireguard container. If the configuration file does not exist, it will skip the test.
-
Generate a private key:
openssl genrsa -out id_rsa 2048
The key name
id_rsais used as a bind mount in the compose file for the worker container. -
Generate a public key for creating the worker on the database.
openssl rsa -in id_rsa -pubout -out pubkey.pem
-
Assuming the backend service is up (
docker compose up backend), create a worker and assign them a list of countries to test for. If no countries are provided, all available countries in the DB wiil be assigned to the worker. You can update the countries usingmirrors-qa-backend update-worker.In this example, we create a worker named
testto test for mirrors in France, United States and Canada using the public key file namedpubkey.pem.docker exec -i mirrors-qa-backend mirrors-qa-backend create-worker --countries=us,fr,ca test < ./pubkey.pem
-
Set the name of the worker to the
WORKER_IDvariable in the.envfile. -
Start the services with the worker enabled using
docker compose --profile worker up --build
NOTE: All environment variables with a _DURATION suffix accept values that would be valid for humanfriendly
The backend code houses the scheduler and the RESTful API. The following environment variables are shared by both services:
POSTGRES_URI: PostgreSQL DSN stringREQUESTS_TIMEOUT_DURATION: how long before a request to an external API times outPAGE_SIZE- number of rows to return from a request which returns a list of itemsMIRRORS_LIST_URL: the URL to fetch list of mirrors from.EXCLUDED_MIRRORS: hostname of mirror URLs to exclude seperated by commas.
JWT_SECRETMESSAGE_VALIDITY_DURATION: how long should the authentication message be considered as valid from when it was signedTOKEN_EXPIRY_DURATION: how long access tokens should live
SCHEDULER_SLEEP_DURATION: how long the scheduler should sleep after creating tests for idle workersIDLE_WORKER_DURATION: duration since a worker was last seen to be considered "idle". Generally, we want to set this to the same value asSCHEDULER_SLEEP_DURATIONsince a worker that hasn't submitted tests throughoutSCHEDULER_SLEEP_DURATIONis idle.EXPIRE_TEST_DURATION: expire tests whose results are still pending after duration
SLEEP_DURATION: how long the manager should sleep before polling the REST API for pending tests.BACKEND_API_URIDOCKER_SOCKETPRIVATE_KEY_FILE: name of private key fileDOCKER_CLIENT_TIMEOUT_DURATION: how long before a connection to the Docker daemon times outDOCKER_API_RETRIES: how many times to retry requests to the Docker daemonDOCKER_API_RETRY_DURATION: how long to wait before retrying a failed requestWIREGUARD_IMAGEWIREGUARD_PORT: port for routing wireguard traffic in the wireguard container. This is not the exposed port.WIREGUARD_KERNEL_MODULES: where to load wireguard kernel modules from (default/lib/modules)WIREGUARD_HEALTHCHECK_INTERVAL_SECONDSWIREGUARD_HEALTHCHECK_TIMEOUT_SECONDSWIREGUARD_HEALTHCHECK_RETRIESTASK_WORKER_IMAGETEST_FILE_PATH: location of file to run download speed test
REQUESTS_TIMEOUT_SECONDS: how many seconds beore a request times out
docker exec -i mirrors-qa-postgresdb psql -d mirrors_qa -U mirrors_qa < performance_matrix.sql