Hugging Face's logo

Spaces:
expressapi
/
chroma
Sleeping

App Files Community
chroma
File size: 3,147 Bytes 
287a0bc
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
 
terraform {
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "~> 4.80.0"
    }
  }
}

resource "google_compute_instance" "chroma" {
  project      = var.project_id
  name         = "chroma-1"
  machine_type = var.machine_type
  zone         = var.zone

  tags = local.tags

  labels = var.labels


  boot_disk {
    initialize_params {
      image = var.image
      size  = var.chroma_instance_volume_size #size in GB
    }
  }

  attached_disk {
    source      = google_compute_disk.chroma.id
    device_name = var.chroma_data_volume_device_name
    mode        = "READ_WRITE"
  }

  network_interface {
    network = "default"

    access_config {
      // Ephemeral public IP
    }
  }

  metadata = {
    ssh-keys = "${var.vm_user}:${file(var.ssh_public_key)}"
  }

  metadata_startup_script = templatefile("${path.module}/startup.sh", {
    chroma_release         = var.chroma_release,
    enable_auth            = var.enable_auth,
    auth_type              = var.auth_type,
    basic_auth_credentials = "${local.basic_auth_credentials.username}:${local.basic_auth_credentials.password}",
    token_auth_credentials = random_password.chroma_token.result,
  })

  provisioner "remote-exec" {
    inline = [
      "export VOLUME_ID=${var.chroma_data_volume_device_name} && sudo mkfs -t ext4 /dev/$(lsblk -o +SERIAL | grep $VOLUME_ID | awk '{print $1}')",
      "sudo mkdir /chroma-data",
      "export VOLUME_ID=${var.chroma_data_volume_device_name} && sudo mount /dev/$(lsblk -o +SERIAL | grep $VOLUME_ID | awk '{print $1}') /chroma-data"
    ]

    connection {
      host = google_compute_instance.chroma.network_interface[0].access_config[0].nat_ip
      type = "ssh"
      user = var.vm_user
      private_key = file(var.ssh_private_key)
    }
  }
}


resource "google_compute_disk" "chroma" {
  project = var.project_id
  name    = "chroma-data"
  type    = var.disk_type
  zone    = var.zone
  labels  = var.labels
  size    = var.chroma_data_volume_size #size in GB

  lifecycle {
    prevent_destroy = false #WARNING: You need to configure this manually as the provider does not support it yet
  }
}

#resource "google_compute_attached_disk" "vm_attached_disk" {
#  disk     = google_compute_disk.chroma.id
#  instance = google_compute_instance.chroma.self_link
#
#}



resource "google_compute_firewall" "default" {
  project = var.project_id
  name    = "chroma-firewall"
  network = "default"

  allow {
    protocol = "icmp" #allow ping
  }

  dynamic "allow" {
    for_each = var.public_access ? [1] : []
    content {
      protocol = "tcp"
      ports    = [var.chroma_port]
    }
  }

  source_ranges = var.source_ranges

  target_tags = local.tags
}


output "instance_public_ip" {
  description = "The public IP address of the instance."
  value       = google_compute_instance.chroma.network_interface[0].access_config[0].nat_ip
}

output "chroma_auth_token" {
  value     = random_password.chroma_token.result
  sensitive = true
}


output "chroma_auth_basic" {
  value     = "${local.basic_auth_credentials.username}:${local.basic_auth_credentials.password}"
  sensitive = true
}