diff --git a/.Dockerignore b/.Dockerignore deleted file mode 100644 index 6b8710a..0000000 --- a/.Dockerignore +++ /dev/null @@ -1 +0,0 @@ -.git diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..03c719b --- /dev/null +++ b/.dockerignore @@ -0,0 +1,16 @@ +# Git +.git +.gitignore +# Python +.venv/ +__pycache__/ +# Temporary unit testing artefacts +_trial_temp/ +.coverage +*.py,cover +# Docker +.Dockerignore +Dockerfile +compose.yml +# Documentation +readme.md diff --git a/Dockerfile b/Dockerfile index f02049c..d69113b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,27 +1,35 @@ -FROM ubuntu:focal - -ENV DEBIAN_FRONTEND=noninteractive - -RUN apt-get -y update && apt-get -y upgrade - -RUN apt-get install -y -q tini curl python3 python3-pip - -ENV PYTHONDONTWRITEBYTECODE 1 - -ENV PYTHONUNBUFFERED 1 - -WORKDIR /usr/src/app - -ADD requirements.txt /usr/src/app - -RUN pip3 install --no-cache-dir -r requirements.txt - -ADD . /usr/src/app - -RUN useradd remote - -USER remote - -EXPOSE 6837 - -ENTRYPOINT ["tini", "--", "python3", "server.py", "--certificate=certificate/cert", "--privkey=certificate/key", "--chain=certificate/chain"] +FROM ghcr.io/astral-sh/uv:0.8.2-python3.13-alpine + +# We need to set this here even though it is default, +# because if watch is enabled, this part of the Dockerfile may be re-run as remoteUser +# which doesn't have the necessary permissions to update bind mounts. +USER root + +# Increases performance, but slows down start-up time +ENV UV_COMPILE_BYTECODE=1 +# Keeps Python from buffering stdout and stderr +# to avoid situations where the application crashes without emitting any logs due to buffering. +ENV PYTHONUNBUFFERED=1 +# Copy from the cache instead of linking since it's a mounted volume +ENV UV_LINK_MODE=copy + +WORKDIR /app + +# Install dependencies +RUN --mount=type=cache,target=/root/.cache/uv \ + --mount=type=bind,source=uv.lock,target=uv.lock \ + --mount=type=bind,source=pyproject.toml,target=pyproject.toml \ + uv sync --locked --no-install-project --no-dev + +# Copy over the server +COPY . /app + +# Make sure everything is synched +RUN --mount=type=cache,target=/root/.cache/uv \ + uv sync --locked + +RUN addgroup -S remotegroup && adduser -S remoteuser -G remotegroup +USER remoteuser +EXPOSE 6837 +# Run the server +CMD ["uv", "run", "server.py"] diff --git a/compose.yml b/compose.yml new file mode 100644 index 0000000..1bd59db --- /dev/null +++ b/compose.yml @@ -0,0 +1,15 @@ +services: + remote_server: + build: . + ports: + - "6837:6837" + develop: + watch: + # Restart whenever code changes are detected + - action: sync+restart + path: . + target: /app + ignore: + - .venv + - action: rebuild + path: ./uv.lock diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100644 index 66f2932..0000000 --- a/docker-compose.yml +++ /dev/null @@ -1,10 +0,0 @@ -version: "3.9" - -services: - remote_server: - build: "." - image: "remote_server:latest" - volumes: - - ./certificate:/usr/src/app/certificate - ports: - - "6837:6837" diff --git a/pyproject.toml b/pyproject.toml index 72883e4..2df927c 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -3,7 +3,7 @@ name = "remote-server" version = "0.1.0" description = "NVDA Remote Access remote relay server." readme = "README.md" -requires-python = "~=3.13" +requires-python = "~=3.13.0" dependencies = [ "pyopenssl~=25.1", "service-identity~=24.2", diff --git a/readme.md b/readme.md index dce6fe1..9920ea1 100644 --- a/readme.md +++ b/readme.md @@ -1,33 +1,38 @@ -# NVDA Remote Server Relay - -This is a simple server used to relay connections for [NVDA Remote](https://nvdaremote.com) - -## Basic Usage - -This is currently only tested on Linux. - -1. [Install uv](https://docs.astral.sh/uv/getting-started/installation/) -2. Obtain your TLS certificates. - - By default, the server looks for the certificate at `./cert`, the private key at `./privkey`, and the chain of trust at `./chain`. - - TBD - update documentation on this/remove this feature in favour of using the web server to handle TLS -3. run the server with `uv run server.py`. - -## Development - -This project uses [pre-commit](https://pre-commit.com/) hooks to help ensure code quality. -These run automatically on pull requests, however it is still recommended to set them up locally. - - -```sh -uvx pre-commit install -``` - -## Docker - -```sh -docker-compose up --build -``` - - -This will expose the server on port 6837, the default. -You must create a folder called certificate along-side the docker-compose.yml which contains the certificate, private key, and root chain named as cert, key, and chain respectively. +# NVDA Remote Server Relay + +This is a simple server used to relay connections for [NVDA Remote](https://nvdaremote.com) + +## Basic Usage + +This is currently only tested on Linux. + +1. [Install uv](https://docs.astral.sh/uv/getting-started/installation/) +2. Obtain your TLS certificates. + - By default, the server looks for the certificate at `./cert`, the private key at `./privkey`, and the chain of trust at `./chain`. + - TBD - update documentation on this/remove this feature in favour of using the web server to handle TLS +3. run the server with `uv run server.py`. + +## Development + +This project uses [pre-commit](https://pre-commit.com/) hooks to help ensure code quality. +These run automatically on pull requests, however it is still recommended to set them up locally. + +```sh +uvx pre-commit install +``` + +## Docker + +To run in Docker, use `docker compose`: + +```sh +docker compose up +``` + +This will expose the server on port 6837, the default. + +The project is pre-configured to support [Compose Watch](https://docs.docker.com/compose/how-tos/file-watch) to make developing in Docker easier. +To enable Watch, either press `w` when `docker compose up` has completed building and starting the container; or run `docker compose watch` to avoid mixing the application and Compose Watch logs. + +* Changes will be synchronised and the server restarted whenever the code changes. +* Changes will be synchronised and the image rebuilt whenever dependencies change. diff --git a/uv.lock b/uv.lock index 4bdfa8a..709b895 100644 --- a/uv.lock +++ b/uv.lock @@ -1,6 +1,6 @@ version = 1 revision = 2 -requires-python = ">=3.13, <4" +requires-python = "==3.13.*" [[package]] name = "attrs"