Add preliminary DigitalOcean DNS support

Minuscule .env tweak
fix: support configurable tfa service
2021-11-19 22:42:41 +02:00 · 2021-10-14 00:44:40 +02:00 · 2021-10-14 00:43:56 +02:00 · 2021-10-12 11:41:56 +02:00
7 changed files with 30 additions and 11 deletions
--- a/.env.sample
+++ b/.env.sample
@ -8,8 +8,7 @@ LETS_ENCRYPT_EMAIL=certs@example.com
 # WARN, INFO etc.
 LOG_LEVEL=WARN
-# This is here so later lines can extend the definition; you likely don't wanna
+# This is here so later lines can extend it; you likely don't wanna edit
 # edit
 COMPOSE_FILE="compose.yml"
 #####################################################################
@ -45,6 +44,11 @@ COMPOSE_FILE="compose.yml"
 #GANDI_ENABLED=1
 #SECRET_GANDIV5_API_KEY_VERSION=v1
 ## DigitalOcean, https://digitalocean.com
 #COMPOSE_FILE="$COMPOSE_FILE:compose.digitalocean.yml"
 #DIGITALOCEAN_ENABLED=1
 #SECRET_DIGITALOCEAN_AUTH_TOKEN_VERSION=v1
 #####################################################################
 # Keycloak log-in                                                   #
 #####################################################################
@ -52,6 +56,7 @@ COMPOSE_FILE="compose.yml"
 ## Enable Keycloak
 #COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml"
 #KEYCLOAK_MIDDLEWARE_ENABLED=1
 #KEYCLOAK_TFA_SERVICE=traefik-forward-auth_app
 #####################################################################
 # Prometheus metrics                                                #
--- a/abra.sh
+++ b/abra.sh
@ -1,3 +1,3 @@
 export TRAEFIK_YML_VERSION=v12
-export FILE_PROVIDER_YML_VERSION=v2
+export FILE_PROVIDER_YML_VERSION=v3
-export ENTRYPOINT_VERSION=v2
+export ENTRYPOINT_VERSION=v3
--- a/compose.digitalocean.yml
+++ b/compose.digitalocean.yml
@ -0,0 +1,15 @@
 version: "3.8"
 services:
  app:
    environment:
      - DO_AUTH_TOKEN_FILE=/run/secrets/digitalocean_auth_token
      - LETS_ENCRYPT_DNS_CHALLENGE_ENABLED
      - LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER
    secrets:
      - digitalocean_auth_token
 secrets:
  digitalocean_auth_token:
    name: ${STACK_NAME}_digitalocean_auth_token_${SECRET_DIGITALOCEAN_AUTH_TOKEN_VERSION}
    external: true
--- a/compose.keycloak.yml
+++ b/compose.keycloak.yml
@ -8,3 +8,4 @@ services:
        - "traefik.http.routers.traefik.middlewares=keycloak@file"
    environment:
      - KEYCLOAK_MIDDLEWARE_ENABLED
      - KEYCLOAK_TFA_SERVICE
--- a/entrypoint.sh.tmpl
+++ b/entrypoint.sh.tmpl
@ -11,4 +11,8 @@ export OVH_APPLICATION_SECRET=$(cat "$OVH_APPLICATION_SECRET_FILE")
 export GANDIV5_API_KEY=$(cat "$GANDIV5_API_KEY_FILE")
 {{ end }}
 {{ if eq (env "DIGITALOCEAN_ENABLED") "1" }}
 export DO_AUTH_TOKEN=$(cat "$DO_AUTH_TOKEN_FILE")
 {{ end }}
 /entrypoint.sh "$@"
--- a/file-provider.yml.tmpl
+++ b/file-provider.yml.tmpl
@ -4,7 +4,7 @@ http:
    {{ if eq (env "KEYCLOAK_MIDDLEWARE_ENABLED") "1" }}
    keycloak:
      forwardAuth:
-        address: "http://traefik-forward-auth:4181"
+        address: "http://{{ env "KEYCLOAK_TFA_SERVICE" }}:4181"
        trustForwardHeader: true
        authResponseHeaders:
          - X-Forwarded-User
--- a/renovate.json
+++ b/renovate.json
@ -1,6 +0,0 @@
 {
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": [
    "config:base"
  ]
 }
Author	SHA1	Message	Date
3wc	bd7e64c029	Add preliminary DigitalOcean DNS support	2021-11-19 22:42:41 +02:00
3wc	8e91a5a3ee	Minuscule .env tweak	2021-10-14 00:44:40 +02:00
decentral1se	3048d09cd8	fix: support configurable tfa service	2021-10-14 00:43:56 +02:00
decentral1se	2c9e980809	chore: remove old file	2021-10-12 11:41:56 +02:00