giles
389cf96838
The Datalog/relations saturation is CPU-bound and JITs cleanly: host conformance 271/271 under JIT, 5.4x faster (1m43s -> 19s, same binary); live /tags 2.5s -> 0.76s. loops/host now carries the merged sx-vm-extensions kernel (the JIT engine + gate), built into the binary the container bind-mounts. - docker-compose: SX_SERVING_JIT=1 (default-OFF gate; opt-in here). - serve.sh: when JIT is on, (jit-exclude! "host/*" "dream-*" "dr/*"). The host app + Dream framework MISCOMPILE on first call in the http-listen + cek_run_with_io path (map/rest emit wrong CALL_PRIM args -> 500; the JIT->CEK fallback marks the fn failed but does NOT recover the failed call). They're IO-bound, so CEK is no slower — but the miscompile is a real kernel-JIT bug to fix upstream (see plans/HANDOFF-jit-miscompile.md), after which this exclude can be dropped. Verified live: cold pages 200 (no first-hit 500), relate picker lists candidates, relate round-trip works, /tags fast, datalog still JITs (78 dl-* compiles). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
56 lines
2.5 KiB
YAML
56 lines
2.5 KiB
YAML
# host-on-sx live service — the SX web host (lib/host) served by the native
|
|
# http-listen server via lib/host/serve.sh. Joins the sx-dev project + externalnet
|
|
# so Caddy can reverse_proxy a subdomain to it (blog.rose-ash.com). Isolated from
|
|
# the sx_docs server: separate container, separate port.
|
|
#
|
|
# Usage:
|
|
# docker compose -p sx-dev -f docker-compose.dev-sx-host.yml up -d sx_host
|
|
# docker compose -p sx-dev -f docker-compose.dev-sx-host.yml logs -f sx_host
|
|
# docker compose -p sx-dev -f docker-compose.dev-sx-host.yml down
|
|
|
|
services:
|
|
sx_host:
|
|
image: registry.rose-ash.com:5000/sx_docs:latest
|
|
container_name: sx-dev-sx_host-1
|
|
entrypoint: ["bash", "/app/lib/host/serve.sh"]
|
|
working_dir: /app
|
|
environment:
|
|
SX_PROJECT_DIR: /app
|
|
SX_SERVER: /app/bin/sx_server
|
|
HOST_PORT: "8000"
|
|
# Bind all interfaces so Caddy (on externalnet) can reach it.
|
|
SX_HTTP_HOST: "0.0.0.0"
|
|
# Durable persist store root — on a named volume so data survives restarts.
|
|
SX_PERSIST_DIR: /data/persist
|
|
# Blog write auth: admin login + session-cookie signing secret. The blog
|
|
# write routes (POST /new, POST/PUT/DELETE /posts) are guarded by a session
|
|
# login or Bearer token, so these gate publishing. Not a real site — these
|
|
# are demo creds; rotate by editing here and recreating the container.
|
|
SX_ADMIN_USER: admin
|
|
SX_ADMIN_PASSWORD: "sx-host-camper-van-2026"
|
|
SX_SESSION_SECRET: "ra-host-sess-7c1f9b3e2a8d4056"
|
|
# Serving-mode JIT: bytecode-compile hot SX (esp. the Datalog/relations path)
|
|
# on the epoch serving channel. Validated: host conformance 271/271 under JIT,
|
|
# 5.4x faster (1m43s -> 19s). Default-OFF gate, opt in here.
|
|
SX_SERVING_JIT: "1"
|
|
OCAMLRUNPARAM: "b"
|
|
volumes:
|
|
# SX source (hot-reload on container restart)
|
|
- ./spec:/app/spec:ro
|
|
- ./lib:/app/lib:ro
|
|
- ./web:/app/web:ro
|
|
# OCaml server binary — this worktree's build (has the SX_HTTP_HOST bind fix)
|
|
- ./hosts/ocaml/_build/default/bin/sx_server.exe:/app/bin/sx_server:ro
|
|
# Durable persist store (the SX op-log/kv on disk) — survives restarts.
|
|
# Host dir, chowned to the image's appuser (uid 10001) so the non-root
|
|
# server can write: sudo mkdir -p /root/sx-host-persist && sudo chown 10001:10001 /root/sx-host-persist
|
|
- /root/sx-host-persist:/data/persist
|
|
networks:
|
|
- externalnet
|
|
- default
|
|
restart: unless-stopped
|
|
|
|
networks:
|
|
externalnet:
|
|
external: true
|