init-deployment.sh Script Reference

This reference describes the init-deployment.sh script that initializes a Dioptra deployment. The script is located in the root of the deployment folder generated by the cookiecutter template.

See also

Prepare Your Deployment - Step-by-step guide for creating and customizing your deployment.

Overview

The init-deployment.sh script automates the following initialization steps:

• Generates random passwords used to secure Dioptra’s services

• Copies and bundles extra CA certificates for the containers

• Copies configuration files and certificates into named volumes

• Sets appropriate file and folder access permissions

• Creates Minio S3 accounts and configures their access permissions

• Syncs built-in task plugins from the Dioptra GitHub repository

• Enables SSL/TLS in PostgreSQL (if applicable)

Command-Line Options

Usage: init-deployment.sh [--enable-nginx-ssl] [--enable-postgres-ssl]
                          [--skip-minio-setup] [--branch <branch-name>]
                          [--worker-ssl-service [tfcpu|pytorchcpu]]
                          [--python <cmd>] [-h|--help]

–enable-nginx-ssl

Enable the SSL-enabled configuration settings for the NGINX container. Use this if you copied a server certificate and private key into the ssl/nginx/ folder.

–enable-postgres-ssl

Enable the SSL-enabled configuration settings for the PostgreSQL container. Use this if you copied a server certificate and private key into the ssl/db/ folder.

–skip-minio-setup

Skip Minio service setup. Useful when making configuration changes after the initial deployment, as the script may freeze when trying to reconfigure an already-running Minio container.

–branch <branch-name>

The Dioptra GitHub branch to use when syncing built-in task plugins and frontend files. Replace <branch-name> with the branch you want to use (e.g., main, dev). (default: main)

–python <cmd>

Command for invoking the Python interpreter. Must be Python 3.11 or greater with the jinja2 package installed. (default: python)

–worker-ssl-service [tfcpu|pytorchcpu]

Container image to use when bootstrapping the SSL named volumes for worker containers. (default: tfcpu)

-h, –help

Print the help message and exit.

Examples

Note

Replace <branch-name> with the Dioptra branch that matches your container images (e.g., main for releases, dev for development builds).

Basic initialization:

./init-deployment.sh --branch <branch-name>

With NGINX SSL enabled:

./init-deployment.sh --branch <branch-name> --enable-nginx-ssl

With both NGINX and PostgreSQL SSL enabled:

./init-deployment.sh --branch <branch-name> --enable-nginx-ssl --enable-postgres-ssl

Rerunning after configuration changes:

./init-deployment.sh --branch <branch-name> --skip-minio-setup

Important

You must specify the --enable-nginx-ssl and --enable-postgres-ssl options each time you run the init-deployment.sh script. If you omit them on a subsequent run, SSL/TLS will be disabled for those services.

See also

• Deployment Folder Reference - Deployment folder structure and file descriptions

• Enable SSL/TLS in NGINX and Postgres - Enable SSL/TLS for NGINX and PostgreSQL

• Add Custom CA Certificates - Add custom CA certificates