diff --git a/.gitmodules b/.gitmodules index 4665e0d..84b2421 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,21 +1,9 @@ -[submodule "backend-bite"] - path = backend-bite - url = git@makerforce.io:beep/backend-bite.git [submodule "backend-core"] path = backend-core url = git@makerforce.io:beep/backend-core.git -[submodule "backend-publish"] - path = backend-publish - url = git@makerforce.io:beep/backend-publish.git -[submodule "backend-signal"] - path = backend-signal - url = git@makerforce.io:beep/backend-signal.git [submodule "backend-store"] path = backend-store url = git@makerforce.io:beep/backend-store.git -[submodule "backend-subscribe"] - path = backend-subscribe - url = git@makerforce.io:beep/backend-subscribe.git [submodule "backend-transcription"] path = backend-transcription url = git@makerforce.io:beep/backend-transcription.git diff --git a/README.md b/README.md index 8002a90..5608872 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,7 @@ The microservices of Beep rely on a few background services, listed below. All o | `postgres` | [https://www.postgresql.org/] | | `redis` | [https://redis.io/] | | `nats` | [https://nats.io/] | +| `minio` | [https://min.io]| ## Services @@ -52,45 +53,51 @@ URL: `/core` `core` relies on a running `postgres` instance. Is insecure if not behind `traefik` calling `auth`. +### Heartbeat + +URL: `/heartbeat` + +`heartbeat` handles "last seen" timings for users. A user pings the server periodically via a specific endpoint, which then caches the time of the ping while also updating subscribed clients. Clients subscribe through an EventSource endpoint. On first subscribe, the last cached time of the user in question is pushed to the EventSource stream. + +`heartbeat` relies on a running `redis` instance. Is insecure if not behind `traefik` calling `auth`. + +### Pictures + +URL: `/pictures` + +`pictures` is a simple file upload server whose intended function is to just be a place to park user and group profile pictures. + +`pictures` relies on a running `minio` instance. Is insecure if not behind `traefik` calling `auth`. + +### Permissions + +`permissions` is an internal system meant to check a user's permission to access something. Currently uses a `user-scope` system, i.e. user-conversation. Since most things in the backend are related to conversations, the working basis of the permissions model is that if a user is in a conversation, they are pretty much good to go. Caches permissions in redis in a misguided attempt at reducing latency. + +`permissions` relies on a running `redis` instance. + ### Bite pipeline -Audio data in Beep is stored in discrete packets called "bites". The Bite pipeline takes in bites and processes them, doing things like storage and transcription to text. `publish` receives the bites, publishing them to `nats`, from which the processing services receive bite events. Output is then published again to `nats`, received by `subscribe` which pushes them as Server Sent Events. +Audio data in Beep is stored in discrete packets called "bites". The Bite pipeline takes in bites and processes them, doing things like storage and transcription to text. Currently, in an downright terrible implementation, bites are just discrete 1400 byte chunks separated with absolutely no regard whatsoever to their content. -#### `publish` +#### `webrtc` -URL: `/publish` +URL: `/webrtc` -`publish` accepts a POST request, containing a bite, and publishes it to NATs, to be received by services such as `bite` or `transcription`. +`webrtc` is a WebRTC Selective Forwarding Unit (SFU) router, keeping track of which conversation a user is in and routing based on that. At the same time, it also diverts the bites to the bite pipeline and issues a store request to `store` at the same time. -`publish` relies on a running `nats` instance. Is insecure if not behind `traefik` calling `auth`. - -#### `subscribe` - -URL: `/subscribe` - -`subscribe` sits on the other end of the bite pipeline, waiting for responses returned by services along it. Each request pushed to the pipeline stores the user/client ID of the requester, and the client can subscribe to `subscribe` to receive the response. - -`subscribe` relies on a running `nats` instance. Is insecure if not behind `traefik` calling `auth`. +`webrtc` relies on a running `nats` instance. Is insecure if not behind `traefik` calling `auth`. #### `store` -`store` is a wrapper around [badger](https://github.com/dgraph-io/badger). Receives data through `nats`, generating keys based on a label supplied with the data. Also supports retrieval of specific data based on key, and scanning a range of keys based on timestamp. +URL: `/bite` - -`bite` stores raw audio data via `store`. Basically just acts as a forwarder to `store`, adding labels to the data and accepting HTTP requests to retrieve the data. - -`bite` relies on a running `nats` instance. Is insecure if not behind `traefik` calling `auth`. +`store` relies on a running `nats` instance. Is insecure if not behind `traefik` calling `auth`. #### `transcription` -URL: `/transcription` - -`transcription` takes the raw audio data, packages it and then sends it to the [Google Cloud Speech-to-Text](https://cloud.google.com/speech-to-text/). Sends the transcripted result to `store` to be stored. Handles HTTP requests to retrieve transcriptions too. +`transcription` takes the raw audio data, packages it and then sends it to the [Google Cloud Speech-to-Text](https://cloud.google.com/speech-to-text/). Sends the transcripted result to `store` to be stored. `transcription` relies on a running `nats` instance. Is insecure if not behind `traefik` calling `auth`. diff --git a/backend-bite b/backend-bite deleted file mode 160000 index f847fe3..0000000 --- a/backend-bite +++ /dev/null @@ -1 +0,0 @@ -Subproject commit f847fe3402a2d0e5c1de50464a285cf7c91f8476 diff --git a/backend-publish b/backend-publish deleted file mode 160000 index 42e1b65..0000000 --- a/backend-publish +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 42e1b651d46f8e7cc2b084a8d84e312751e8c267 diff --git a/backend-signal b/backend-signal deleted file mode 160000 index a5540df..0000000 --- a/backend-signal +++ /dev/null @@ -1 +0,0 @@ -Subproject commit a5540dff2283b4bc7e847962403d61f37a177816 diff --git a/backend-subscribe b/backend-subscribe deleted file mode 160000 index 40da1b0..0000000 --- a/backend-subscribe +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 40da1b00bc771840446b887979bd0c69b483fc1f diff --git a/docker-compose.yml b/docker-compose.yml index ffaa976..f95f737 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,14 +5,11 @@ services: command: --configfile=/traefik.toml depends_on: - core - - signal - heartbeat - - bite - - publish - - subscribe - auth - pictures - webrtc + - store ports: - "80:80" - "443:443" @@ -77,15 +74,6 @@ services: - pgnet - traefiknet - signal: - build: ./backend-signal - tty: false - restart: unless-stopped - environment: - - PORT=80 - networks: - - traefiknet - heartbeat: build: ./backend-heartbeat tty: true @@ -99,19 +87,6 @@ services: - redisnet - traefiknet - webrtc: - build: ./backend-webrtc - tty: true - restart: unless-stopped - depends_on: - - nats - environment: - - LISTEN=:80 - - NATS=nats://nats:4222 - networks: - - traefiknet - - natsnet - login: build: ./backend-login tty: true @@ -186,8 +161,8 @@ services: - permissionsnet # Pipeline - bite: - build: ./backend-bite + webrtc: + build: ./backend-webrtc tty: true restart: unless-stopped depends_on: @@ -196,22 +171,8 @@ services: - LISTEN=:80 - NATS=nats://nats:4222 networks: - - natsnet - traefiknet - - publish: - build: ./backend-publish - tty: true - restart: unless-stopped - depends_on: - - nats - environment: - - LISTEN=:80 - - NATS=nats://nats:4222 - - SECRET=secret - networks: - natsnet - - traefiknet store: build: ./backend-store @@ -225,19 +186,6 @@ services: networks: - natsnet - subscribe: - build: ./backend-subscribe - tty: true - restart: unless-stopped - depends_on: - - nats - environment: - - LISTEN=:80 - - NATS=nats://nats:4222 - networks: - - natsnet - - traefiknet - transcription: build: ./backend-transcription tty: true diff --git a/traefik.toml b/traefik.toml index 32642c1..fcd105f 100644 --- a/traefik.toml +++ b/traefik.toml @@ -51,22 +51,6 @@ entrypoints = ["http", "https"] [frontends.core.routes.one] rule = "PathPrefixStrip: /core/" -# Signal -[backends.signal] - [backends.signal.servers.one] - url = "http://signal" - -[frontends.signal] -backend = "signal" -entrypoints = ["http", "https"] - [frontends.signal.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.signal.routes.one] - rule = "PathPrefixStrip: /signal/" - # Heartbeat [backends.heartbeat] [backends.heartbeat.servers.one] @@ -83,54 +67,6 @@ entrypoints = ["http", "https"] [frontends.heartbeat.routes.one] rule = "PathPrefixStrip: /heartbeat/" -# Bite -[backends.bite] - [backends.bite.servers.one] - url = "http://bite" - -[frontends.bite] -backend = "bite" -entrypoints = ["http", "https"] - [frontends.bite.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.bite.routes.one] - rule = "PathPrefixStrip: /bite/" - -# Publish -[backends.publish] - [backends.publish.servers.one] - url = "http://publish" - -[frontends.publish] -backend = "publish" -entrypoints = ["http", "https"] - [frontends.publish.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.publish.routes.one] - rule = "PathPrefixStrip: /publish/" - -# Subscribe -[backends.subscribe] - [backends.subscribe.servers.one] - url = "http://subscribe" - -[frontends.subscribe] -backend = "subscribe" -entrypoints = ["http", "https"] - [frontends.subscribe.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.subscribe.routes.one] - rule = "PathPrefixStrip: /subscribe/" - # pictures [backends.pictures] [backends.pictures.servers.one] @@ -151,6 +87,10 @@ entrypoints = ["http", "https"] [backends.webrtc] [backends.webrtc.servers.one] url = "http://webrtc" + +[frontends.webrtc] +backend = "webrtc" +entrypoints = ["http", "https"] [frontends.webrtc.headers.customresponseheaders] Access-Control-Allow-Origin = "*" Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" @@ -159,10 +99,21 @@ entrypoints = ["http", "https"] [frontends.webrtc.routes.one] rule = "PathPrefixStrip: /webrtc/" -[frontends.webrtc] -backend = "webrtc" +# store +[backends.store] + [backends.store.servers.one] + url = "http://store" + +[frontends.store] +backend = "store" entrypoints = ["http", "https"] - + [frontends.store.headers.customresponseheaders] + Access-Control-Allow-Origin = "*" + Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" + Access-Control-Allow-Credentials = "true" + Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" + [frontends.store.routes.one] + rule = "PathPrefixStrip: /store/" # login [backends.login]