amras/szurubooru
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

additional configuration options added

Browse Source
This commit is contained in:
Sarma
2023-09-03 21:28:43 +00:00
parent 71ee8bbce8
commit 2f6a9c7c15
5 changed files with 209 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
.env.sample
View File

@ -1,30 +1,43 @@
TYPE=szurubooru
# Database credentials
POSTGRES_USER=szuru
DOMAIN={{ .Domain }}
# EXTRA_DOMAINS=,
LETS_ENCRYPT_ENV=production
# This shows up on the homescreen, indicating build information
BUILD_INFO=latest
# Shown in the website title and on the front page
WEBSITE_NAME=szurubooru
# Port to expose HTTP service
# Set to 127.0.0.1:8080 if you wish to reverse-proxy the docker's port,
# otherwise the port specified here will be publicly accessible
PORT=8080
# How many waitress threads to start
# 4 is the default amount of threads. If you experience performance
# degradation with a large number of posts, increasing this may
# improve performance, since waitress is most likely clogging up with Tasks.
THREADS=4
# URL base to run szurubooru under
# See "Additional Features" section in INSTALL.md
BASE_URL=/
# Directory to store image data
MOUNT_DATA=/var/local/szurubooru/data
# Backend container - not supported by recipe yet
# DATA_URL=
# Directory to store database files
MOUNT_SQL=/var/local/szurubooru/sql
# Password Reset - if SMTP_HOST is empty, password reset will be disabled
# --------------
SMTP_HOST=
SMTP_PORT=
SMTP_USER=
SMTP_FROM=
# Manual Password Reset
# ---------------------
CONTACT_EMAIL=
# Secrets
# -------
SECRET_DB_PASSWORD_VERSION: v1
SECRET_SMTP_PASSWORD_VERSION: v1
SECRET_SALT_VERSION: v1
# External Services
# =================
# Postgres
DB_HOST=db
DB_USER=szuru
DB_NAME=szuru
DB_PORT=5432
LOG_SQL=0

6
abra.sh
View File

@ -1,2 +1,8 @@
export SERVER_CONFIG_VERSION=v1
export SERVER_ENTRYPOINT_VERSION=v1
secrets() {
abra app secret generate "$APP_NAME" db_password v1
abra app secret generate "$APP_NAME" salt v1
echo "don't forget to insert your smtp_password! your deployment won't work without it"
echo "run \"abra app secret insert $APP_NAME smtp_password v1 YOURSMTPPASSWORD\""
}

22
compose.yml
View File

@ -8,6 +8,7 @@ services:
environment:
- BACKEND_HOST=server
- BASE_URL
- BUILD_INFO=2.5
volumes:
- app:/data:ro
deploy:
@ -15,7 +16,7 @@ services:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
- "coop-cloud.${STACK_NAME}.version=0.0.1+2.5"
@ -23,26 +24,30 @@ services:
server:
image: szurubooru/server:2.5
depends_on:
- sql
- db
volumes:
- server:/data
- "./config.yaml:/opt/app/config.yaml"
configs:
- source: server_config
target: /opt/app/config.yaml
- source: server_entrypoint
target: /docker-entrypoint.sh
target: /usr/local/bin/entrypoint.sh
mode: 0555
entrypoint: /usr/local/bin/entrypoint.sh
secrets:
- db_password
- smtp_password
- salt
environment:
- POSTGRES_HOST=sql
- POSTGRES_HOST=${DB_HOST}
- POSTGRES_USER=${DB_USER}
- POSTGRES_DB=${DB_NAME}
- POSTGRES_PORT=${DB_PORT}
- LOG_SQL
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
- THREADS
sql:
db:
image: postgres:11-alpine
secrets:
- db_password
@ -55,7 +60,7 @@ services:
configs:
server_config:
name: ${STACK_NAME}_server_config_${SERVER_CONFIG_VERSION}
file: server.conf.tml
file: server.conf.tmpl
template_driver: golang
server_entrypoint:
name: ${STACK_NAME}_server_entrypoint_${SERVER_ENTRYPOINT_VERSION}
@ -69,6 +74,9 @@ secrets:
smtp_password:
external: true
name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
salt:
external: true
name: ${STACK_NAME}_salt_${SECRET_SALT_VERSION}
volumes:
app:

2
entrypoint.sh.tmpl
View File

@ -25,4 +25,4 @@ file_env() {
# for sidekiq service bundle exec env var threading
file_env "SMTP_PASSWORD"
file_env "DB_PASSWORD"
file_env "POSTGRES_PASSWORD"

162
server.conf.tmpl
View File

@ -1,11 +1,159 @@
name: $NAME
domain: $DOMAIN
name: {{ env "WEBSITE_NAME" }}
domain: https://{{ env "DOMAIN" }}
# used to salt the users' password hashes and generate filenames for static content
# secret: {{ secret "salt" }}
thumbnails:
# avatar_width: 300
# avatar_height: 300
# post_width: 300
# post_height: 300
# settings used to download files from the web on behalf of the api users
# user_agent:
# max_dl_filesize: 25.0E+6 # maximum filesize limit in bytes
# automatically convert animated GIF uploads to video formats
convert:
# gif:
# to_webm: false
# to_mp4: false
# allow posts to be uploaded even if some image processing errors occur
# allow_broken_uploads: false
smtp:
host: $SMTP_HOST
port: $SMTP_PORT
user: $SMTP_USER
host: {{ env "SMTP_HOST" }}
port: {{ env "SMTP_PORT" }}
user: {{ env "SMTP_USER" }}
from: {{ env "SMTP_FROM" }}
pass: {{ secret "smtp_password" }}
from: $SMTP_FROM
contact_email: $CONTACT_EMAIL
# example: bob@example.com. Meant for manual password reset procedures
contact_email: {{ env "CONTACT_EMAIL" }}
# enable_safety: yes
# tag_name_regex: ^\S+$
# tag_category_name_regex: ^[^\s%+#/]+$
# pool_name_regex: ^\S+$
# pool_category_name_regex: ^[^\s%+#/]+$
# it is not advised to change username or password restrictions;,
# if you do, make sure to update the instructions in the registration
# form template as well.
# password_regex: '^.{5,}$'
# user_name_regex: '^[a-zA-Z0-9_-]{1,32}$'
# webhooks to call when events occur (such as post/tag/user/etc. changes)
# the listed urls will be called with a HTTP POST request with a payload
# containing a snapshot resource as JSON. See doc/API.md for details
webhooks:
# - https://api.example.com/webhooks/
# default_rank: regular
privileges:
# 'users:create:self': anonymous # Registration permission
# 'users:create:any': administrator
# 'users:list': regular
# 'users:view': regular
# 'users:edit:any:name': moderator
# 'users:edit:any:pass': moderator
# 'users:edit:any:email': moderator
# 'users:edit:any:avatar': moderator
# 'users:edit:any:rank': moderator
# 'users:edit:self:name': regular
# 'users:edit:self:pass': regular
# 'users:edit:self:email': regular
# 'users:edit:self:avatar': regular
# 'users:edit:self:rank': moderator # one can't promote themselves or anyone to upper rank than their own.
# 'users:delete:any': administrator
# 'users:delete:self': regular
# 'user_tokens:list:any': administrator
# 'user_tokens:list:self': regular
# 'user_tokens:create:any': administrator
# 'user_tokens:create:self': regular
# 'user_tokens:edit:any': administrator
# 'user_tokens:edit:self': regular
# 'user_tokens:delete:any': administrator
# 'user_tokens:delete:self': regular
# 'posts:create:anonymous': regular
# 'posts:create:identified': regular
# 'posts:list': anonymous
# 'posts:reverse_search': regular
# 'posts:view': anonymous
# 'posts:view:featured': anonymous
# 'posts:edit:content': power
# 'posts:edit:flags': regular
# 'posts:edit:notes': regular
# 'posts:edit:relations': regular
# 'posts:edit:safety': power
# 'posts:edit:source': regular
# 'posts:edit:tags': regular
# 'posts:edit:thumbnail': power
# 'posts:feature': moderator
# 'posts:delete': moderator
# 'posts:score': regular
# 'posts:merge': moderator
# 'posts:favorite': regular
# 'posts:bulk-edit:tags': power
# 'posts:bulk-edit:safety': power
# 'posts:bulk-edit:delete': power
# 'tags:create': regular
# 'tags:edit:names': power
# 'tags:edit:category': power
# 'tags:edit:description': power
# 'tags:edit:implications': power
# 'tags:edit:suggestions': power
# 'tags:list': regular
# 'tags:view': anonymous
# 'tags:merge': moderator
# 'tags:delete': moderator
# 'tag_categories:create': moderator
# 'tag_categories:edit:name': moderator
# 'tag_categories:edit:color': moderator
# 'tag_categories:edit:order': moderator
# 'tag_categories:list': anonymous
# 'tag_categories:view': anonymous
# 'tag_categories:delete': moderator
# 'tag_categories:set_default': moderator
# 'pools:create': regular
# 'pools:edit:names': power
# 'pools:edit:category': power
# 'pools:edit:description': power
# 'pools:edit:posts': power
# 'pools:list': regular
# 'pools:view': anonymous
# 'pools:merge': moderator
# 'pools:delete': moderator
# 'pool_categories:create': moderator
# 'pool_categories:edit:name': moderator
# 'pool_categories:edit:color': moderator
# 'pool_categories:list': anonymous
# 'pool_categories:view': anonymous
# 'pool_categories:delete': moderator
# 'pool_categories:set_default': moderator
# 'comments:create': regular
# 'comments:delete:any': moderator
# 'comments:delete:own': regular
# 'comments:edit:any': moderator
# 'comments:edit:own': regular
# 'comments:list': regular
# 'comments:view': regular
# 'comments:score': regular
# 'snapshots:list': power
# 'uploads:create': regular
# 'uploads:use_downloader': power