diff --git a/docs/self-hosting/faq.mdx b/docs/self-hosting/faq.mdx index 6cef86b9ca..6299b82404 100644 --- a/docs/self-hosting/faq.mdx +++ b/docs/self-hosting/faq.mdx @@ -6,7 +6,7 @@ description: "Frequently Asked Questions about Infisical self hosting" Frequently asked questions about self hosted instance of Infisical can be found on this page. If you can't find the answer you are looking for, please create an issue on our GitHub repository or join our Slack channel for additional support. - + This issue is typically seen when you haven't set up SSL for your self hosted instance of Infisical. When SSL is not enabled, you can't receive secure cookies, preventing the session data to not be saved. To fix this, we highly recommend that you set up SSL for your instance. @@ -25,3 +25,89 @@ However, in the event you choose to use Infisical without SSL, you can do so by To further increase data redundancy, we recommend that you use a managed MongoDB service for your self hosted instance of Infisical. + + +The Alpine Linux CDN may be unavailable/down in your region infrequently (eg. there is an unplanned outage). One possible fix is to add a retry mechanism and a fallback mirrors array to the Dockerfile. You can also use this as an opportunity to pin the Alpine Linux version for Docker to use in case there are issues with the latest version. Ensure to use https for the mirrors. + +#### Make the following changes to the backend Dockerfile +```bash +# Pin Alpine version from list: https://dl-cdn.alpinelinux.org/alpine/ +ARG ALPINE_VERSION=3.17 +ARG ALPINE_APPEND=v3.17/main + +# Specify number of retries for each mirror +ARG MAX_RETRIES=3 + +# Define base Alpine mirror URLs in attempt order from list: https://dl-cdn.alpinelinux.org/alpine/MIRRORS.txt +ARG BASE_ALPINE_MIRRORS="https://dl-cdn.alpinelinux.org/alpine https://ftp.halifax.rwth-aachen.de/alpine https://uk.alpinelinux.org/alpine" + +# Build stage +# Add the Alpine version arg +FROM node:16-alpine$ALPINE_VERSION AS build + +WORKDIR /app + +COPY package*.json ./ +RUN npm ci --only-production + +COPY . . +RUN npm run build + +# Production stage +# Add the Alpine version arg +FROM node:16-alpine$ALPINE_VERSION + +WORKDIR /app + +ENV npm_config_cache /home/node/.npm + +COPY package*.json ./ +RUN npm ci --only-production + +COPY --from=build /app . + +# Add retry mechanism and loop through the specified mirrors +RUN retries_left=$MAX_RETRIES; \ + for mirror in $ALPINE_MIRRORS; do \ + full_mirror="$mirror/$ALPINE_APPEND"; \ + echo "Trying mirror: $full_mirror"; \ + echo >>/etc/apk/repositories "$full_mirror"; \ + for i in $(seq $retries_left); do \ + echo "Retrying... Attempt $i (Retries Left: $((retries_left - i)))"; \ + if apk add --no-cache bash curl git && \ + curl -1sLf 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.alpine.sh' | bash && \ + apk add --no-cache infisical=0.8.1; then \ + break; \ + fi; \ + sleep 10; \ + done; \ + if [ $? -eq 0 ]; then \ + break; \ + fi; \ + done + +HEALTHCHECK --interval=10s --timeout=3s --start-period=10s \ + CMD node healthcheck.js + +EXPOSE 4000 + +CMD ["npm", "run", "start"] + ``` + + + [Alpine Linux (mirrors) - official site](https://dl-cdn.alpinelinux.org/alpine/MIRRORS.txt) + + + + [Alpine Linux (mirrors) - archived site](https://web.archive.org/web/20230914123159/https://dl-cdn.alpinelinux.org/alpine/MIRRORS.txt) + + + + [Alpine Linux (versions) - official site](https://dl-cdn.alpinelinux.org/alpine/) + + + + [Alpine Linux (versions) - archived site](https://web.archive.org/web/20230914123455/https://dl-cdn.alpinelinux.org/alpine/) + + +