Don't clobber Traefik's service name for SSO

Goodbye, emojis! 😢
[ci skip]
2021-11-23 12:21:11 +02:00 · 2021-11-23 12:19:04 +02:00 · 2021-11-21 21:47:35 +02:00
10 changed files with 17 additions and 163 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -3,37 +3,27 @@ kind: pipeline
 name: deploy to swarm-test.autonomic.zone
 steps:
  - name: deployment
-    image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
+    image: decentral1se/stack-ssh-deploy:latest
    settings:
      host: swarm-test.autonomic.zone
      stack: custom_html
      purge: true
      networks:
        - proxy
      deploy_key:
        from_secret: drone_ssh_swarm_test
    environment:
      DOMAIN: custom-html.swarm-test.autonomic.zone
      STACK_NAME: custom_html
      LETS_ENCRYPT_ENV: production
      NGINX_DEFAULT_CONF_VERSION: v1
      ENTRYPOINT_CONF_VERSION: v1
 trigger:
  branch:
    - main
 ---
 kind: pipeline
-name: generate recipe catalogue
+name: recipe release
 steps:
  - name: release a new version
-    image: plugins/downstream
+    image: thecoopcloud/drone-abra:latest
    settings:
-      server: https://build.coopcloud.tech
+      command: recipe custom-html release
-      token:
+      deploy_key:
-        from_secret: drone_abra-bot_token
+        from_secret: abra_bot_deploy_key
      fork: true
      repositories:
        - toolshed/auto-recipes-catalogue-json
 trigger:
  event: tag
--- a/.env.sample
+++ b/.env.sample
@ -9,24 +9,3 @@ COMPOSE_FILE="compose.yml"
 # Single Sign On via Traefik "file provider"
 #COMPOSE_FILE="$COMPOSE_FILE:compose.sso.yml"
 # Git-pull regularly
 #COMPOSE_FILE="$COMPOSE_FILE:compose.git-pull.yml"
 #GIT_REPO_URL="https://git.coopcloud.tech/dalmationer/hexbomb.gay"
 #CRON_SCHEDULE="*/1 * * * *"
 # Optionally redirect the entire domain or a sub-path:
 # path under which you want to redirect all URLs (with trailing slash):
 #REDIRECT_FROM_PATH=/
 # full URL of target domain (and optionally path) with trailing slash:
 #REDIRECT_TO_URL=https://coopcloud.tech/
 # temporary or permanent redirect? (uncomment one)
 #REDIRECT_TYPE=redirect
 #REDIRECT_TYPE=permanent
 # Optionally handle all URL requests using a single file (commonly index.html)
 #SINGLE_PAGE_SITE_HANDLER=/index.html
 # Enable an SSH server to allow SFTP uploads to the web root
 #COMPOSE_FILE="$COMPOSE_FILE:compose.sftp.yml"
 #PUBLIC_KEY="ssh-ed25519 AAAAC3NzaJ1lZDI1NTE5AAAAIXqf4nxUxuGmLOaxXXXXXXXXoM/GwhcrAgmtbgXToaYmCJ user@host" # Replace with a public key you generate
--- a/README.md
+++ b/README.md
@ -1,11 +1,9 @@
 # Custom HTML
 [![Build Status](https://build.coopcloud.tech/api/badges/coop-cloud/custom-html/status.svg)](https://build.coopcloud.tech/coop-cloud/custom-html)
 Custom HTML website, served using Nginx.
 <!-- metadata -->
-* **Category**: Development
+* **Category**: Apps
 * **Status**: 2, beta
 * **Image**: [`nginx`](https://hub.docker.com/_/nginx), 4, upstream
 * **Healthcheck**: No
@ -20,28 +18,13 @@ Custom HTML website, served using Nginx.
 1. Set up Docker Swarm and [`abra`]
 2. Deploy [`coop-cloud/traefik`]
 3. `abra app new custom-html`
-4. `abra app config YOURAPPDOMAIN` - be sure to change `$DOMAIN` to something that resolves to
+4. `abra app YOURAPPDOMAIN config` - be sure to change `$DOMAIN` to something that resolves to
   your Docker swarm box
-5. `abra app deploy YOURAPPDOMAIN`
+5. `abra app YOURAPPDOMAIN deploy`
 6. Copy your files to the container, using something like
 ```
-abra app cp YOURAPPDOMAIN index.html app:/usr/share/nginx/html
+abra app YOURAPPDOMAIN cp index.html app:/usr/share/nginx/html
 ```
 ## Allowing upload via SSH/SFTP
 To allow management of your site's files using scp, rsync or other SSH-based tools:
 1. If you don't already have one, generate an SSH keypair using `ssh-keygen`
 1. `abra app config YOURAPPDOMAIN`
 2. Uncomment these lines and add your public key:
 ```
 #COMPOSE_FILE="$COMPOSE_FILE:compose.sftp.yml"
 #PUBLIC_KEY="ssh-ed25519 AAAAC3NzaJ1lZDI1NTE5AAAAIXqf4nxUxuGmLOaxXXXXXXXXoM/GwhcrAgmtbgXToaYmCJ user@host" # Replace with a public key you generate
 ```
 3. `abra app undeploy YOURAPPDOMAIN`
 3. `abra app deploy YOURAPPDOMAIN`
 4. Test the SSH connection: `ssh -p 2220 sftp@YOURAPPDOMAIN`
 5. You can copy local files into the server's web root with a command like: `scp -r -P 2220 * sftp@YOURAPPDOMAIN:/content`
 [`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
 [`coop-cloud/traefik`]: https://git.autonomic.zone/coop-cloud/traefik
--- a/abra.sh
+++ b/abra.sh
@ -1,2 +1 @@
-export NGINX_DEFAULT_CONF_VERSION=v6
+export NGINX_DEFAULT_CONF_VERSION=v1
 export ENTRYPOINT_CONF_VERSION=v3
--- a/compose.git-pull.yml
+++ b/compose.git-pull.yml
@ -1,26 +0,0 @@
 version: "3.8"
 services:
  git:
    environment:
      - GIT_REPO_URL
    image: alpine/git:v2.47.2
    entrypoint: /docker-entrypoint.sh
    volumes:
      - content:/git
    configs:
      - source: entrypoint_conf
        target: /docker-entrypoint.sh
        mode: 0555
    deploy:
      mode: replicated
      replicas: 0
      labels:
        - "swarm.cronjob.enable=true"
        - "swarm.cronjob.schedule=${CRON_SCHEDULE:-*/5 * * * *}"
      restart_policy:
        condition: none
 configs:
  entrypoint_conf:
    name: ${STACK_NAME}_entrypoint_conf_${ENTRYPOINT_CONF_VERSION}
    file: entrypoint.git-pull.sh
--- a/compose.sftp.yml
+++ b/compose.sftp.yml
@ -1,41 +0,0 @@
 version: "3.8"
 services:
  ssh:
    image: lscr.io/linuxserver/openssh-server:latest
    networks:
      - proxy
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      - USER_NAME=sftp
      - PUBLIC_KEY
    volumes:
      - content:/content:rw
    ports:
      - 2220:2222
    deploy:
      restart_policy:
        condition: on-failure
  # The following is an admittedly hacky way of setting the owner
  # of the `content` volume to the unprivileged `sftp` user, so
  # that content can be transferred through the unprivileged sshd process
  # using `scp` etc.
  sshstart:
    image: lscr.io/linuxserver/openssh-server:latest
    user: root
    depends_on:
      - ssh
    deploy:
      restart_policy:
        condition: none
    volumes:
      - content:/content:rw
    entrypoint: [ "bash", "-c", "sleep 10 && chown -R 1000:1000 /content"]
 volumes:
  content:
 networks:
  proxy:
    external: true
--- a/compose.yml
+++ b/compose.yml
@ -3,7 +3,7 @@ version: "3.8"
 services:
  app:
-    image: nginx:1.28.0
+    image: nginx:1.21.3
    networks:
      - proxy
    deploy:
@ -19,14 +19,9 @@ services:
        - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
-        - "coop-cloud.${STACK_NAME}.version=1.10.0+1.28.0"
+        - "coop-cloud.${STACK_NAME}.version=1.1.0+1.21.3"
        - "backupbot.backup=true"
        - "backupbot.backup.path=/usr/share/nginx/html"
    environment:
-      - DEFAULT_CONF_FILE=/etc/nginx/conf.d/default.conf
+      DEFAULT_CONF_FILE: /etc/nginx/conf.d/default.conf
      - REDIRECT_FROM_PATH
      - REDIRECT_TO_URL
      - REDIRECT_TYPE
    volumes:
      - content:/usr/share/nginx/html
    configs:
@ -45,8 +40,7 @@ volumes:
 configs:
  nginx_default_conf:
    name: ${STACK_NAME}_nginx_default_conf_${NGINX_DEFAULT_CONF_VERSION}
-    file: default.conf.tmpl
+    file: default.conf
    template_driver: golang
 networks:
  proxy:
--- a/default.conf.tmpl
+++ b/default.conf.tmpl
@ -10,22 +10,10 @@ server {
    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
-       
+				try_files $uri $uri/ $uri.html;
        {{ if env "REDIRECT_TO_URL" }}
            rewrite ^{{ env "REDIRECT_FROM_PATH" }}(.*)$ {{ env "REDIRECT_TO_URL" }}$1 {{ env "REDIRECT_TYPE" }}; 
        {{ end }}
        {{ if env "SINGLE_PAGE_SITE_HANDLER" }}
 		try_files $uri $uri/ {{ env "SINGLE_PAGE_SITE_HANDLER" }} =404;
        {{ else }}
        try_files $uri $uri/ $uri.html =404;
        {{ end }}
    }
-    error_page  404              /404.html;
+    #error_page  404              /404.html;
    location = /404.html {
        root   /usr/share/nginx/html;
    }
    # redirect server error pages to the static page /50x.html
    #
--- a/entrypoint.git-pull.sh
+++ b/entrypoint.git-pull.sh
@ -1,11 +0,0 @@
 #!/bin/sh
 if [ ! -d /git/.git ]; then
 	echo "No repo found, emptying /git/ directory"
 	rm -r /git/*
 	echo "Cloning $GIT_REPO_URL into /git"
 	git clone "$GIT_REPO_URL" /git
 else
 	echo "Updating /git"
 	git pull
 fi
--- a/release/1.10.0+1.28.0
+++ b/release/1.10.0+1.28.0
@ -1 +0,0 @@
 Adds optional sftp support
Author	SHA1	Message	Date
3wc	20067dbe93	Don't clobber Traefik's service name for SSO	2021-11-23 12:21:11 +02:00
3wc	3d447a72c8	Goodbye, emojis! 😢 [ci skip]	2021-11-23 12:19:04 +02:00
3wc	0a04bae1f5	WIP: traefik-forward-auth/keycloak support	2021-11-21 21:47:35 +02:00
`@ -1,2 +1 @@`
	`export NGINX_DEFAULT_CONF_VERSION=v6`	`export NGINX_DEFAULT_CONF_VERSION=v1`
	`export ENTRYPOINT_CONF_VERSION=v3`