merge

2022-04-12 12:20:39 +02:00 · 2022-04-12 12:20:39 +02:00 · 39fe337f38
parent 964610022b a02f7f2f20
commit 39fe337f38
8 changed files with 58 additions and 139 deletions
--- a/.env.sample
+++ b/.env.sample
@ -1,11 +1,10 @@
 TYPE=foodsoft

 DOMAIN=order.example.org
+#EXTRA_DOMAINS=', `www.order.example.com`'
 LETS_ENCRYPT_ENV=production
 COMPOSE_FILE="compose.yml"

-LOG_LEVEL=":info"
-
 # app settings
 FOODCOOP_MULTI_INSTALL=true  # Best for now, see https://github.com/foodcoops/foodsoft/pull/841
 FOODCOOP_NAME=example
@ -18,9 +17,12 @@ FOODCOOP_ZIP_CODE=XXX
 FOODCOOP_HOMEPAGE=https://order.example.org
 FOODCOOP_HELP_URL=https://order.example.org
 FOODCOOP_TIME_ZONE=Amsterdam
-FOODCOOP_FOOTER=""
 FOODCOOP_USE_NICK=true
 FOODCOOP_LANGUAGE=en
+FOODCOOP_FOOTER='<a href="https://example.org/">example</a> hosted by <a href="https://yourhoster.org">Your Tech Co-op</a>.'
+USE_APPLE_POINTS=false
+STOP_ORDERING_UNDER=75
+MINIMUM_BALANCE=0

 # database settings
 MYSQL_DB=foodsoft
--- a/README.md
+++ b/README.md
@ -6,4 +6,17 @@

 Configuration based on the good work of [foodcoops.net](https://github.com/foodcoops/foodcoops.net).

- New instances automatically set the initial administrator login to username: `admin` / password: `secret`.
+New instances automatically set the initial administrator login to username: `admin` / password: `secret`.
+
+<!-- metadata -->
+
+* **Category**: Apps
+* **Status**:
+* **Image**: [`foodcoops/foodsoft`](https://hub.docker.com/r/foodcoops/foodsoft), 4, upstream
+* **Healthcheck**:
+* **Backups**:
+* **Email**:
+* **Tests**:
+* **SSO**:
+
+<!-- endmetadata -->
--- a/abra.sh
+++ b/abra.sh
@ -1,4 +1,4 @@
-export APP_CONFIG_VERSION=v2
+export APP_CONFIG_VERSION=v5
 export DB_CONFIG_VERSION=v1
 export ENTRYPOINT_VERSION=v1
 export PRODUCTION_ENV_VERSION=v1
--- a/app_config.yml.tmpl
+++ b/app_config.yml.tmpl
@ -59,14 +59,14 @@ default: &defaults

  # Ordergroups, which have less than 75 apples should not be allowed to make new orders
  # Comment out this option to activate this restriction
-  #stop_ordering_under: 75
+  stop_ordering_under: {{ env "STOP_ORDERING_UNDER" }}

  # Comment out to completely hide apple points (be sure to comment stop_ordering_under)
-  #use_apple_points: false
+  use_apple_points: {{ env "USE_APPLE_POINTS" }}

  # ordergroups can only order when their balance is higher than or equal to this
  # not fully enforced right now, since the check is only client-side
-  #minimum_balance: 0
+  minimum_balance: {{ env "MINIMUM_BALANCE" }}

  # how many days there are between two periodic tasks
  #tasks_period_days: 7
@ -112,7 +112,7 @@ default: &defaults
  #  order_by_articles: true

  # Page footer (html allowed). Default is a Foodsoft footer. Set to `blank` for no footer.
-  page_footer: "{{ env "FOODCOOP_FOOTER" }}"
+  page_footer: {{ env "FOODCOOP_FOOTER" }}

  # Custom CSS for the foodcoop
  #custom_css: 'body { background-color: #fcffba; }'
--- a/compose.groupOrderInvoice.yml
+++ b/compose.groupOrderInvoice.yml
@ -8,4 +8,5 @@ services:
    image: viehlieb/foodsoft:2022-04-07_2
  worker:
    image: viehlieb/foodsoft:2022-04-07_2
-
+  smtp:
+    image: viehlieb/foodsoft:2022-04-07_2
--- a/compose.yml
+++ b/compose.yml
@ -1,3 +1,4 @@
+---
 version: "3.8"

 x-env: &env
@ -35,14 +36,14 @@ x-env: &env
  SMTP_PASSWORD_FILE: /run/secrets/smtp_password
  SMTP_PORT:
  SMTP_USER_NAME:
+  STOP_ORDERING_UNDER:
+  USE_APPLE_POINTS:

 x-configs: &configs
  - source: app_config
    target: /usr/src/app/config/app_config.yml
  - source: db_config
    target: /usr/src/app/config/database.yml
-  - source: production_env
-    target: /usr/src/app/config/environments/production.rb
  - source: entrypoint
    target: /usr/src/app/docker-entrypoint.sh
    mode: 0555
@ -60,7 +61,7 @@ services:
      - proxy
    secrets: *secrets
    configs: *configs
-    entrypoint: /usr/src/app/docker-entrypoint.sh
+    entrypoint: &entrypoint /usr/src/app/docker-entrypoint.sh
    environment:
      <<: *env
      FOODSOFT_SERVICE: app
@ -76,16 +77,17 @@ services:
        order: start-first
      labels:
        - "traefik.enable=true"
-        - "traefik.http.routers.foodsoft.rule=Host(`${DOMAIN}`)"
-        - "traefik.http.routers.foodsoft.entrypoints=web-secure"
-        - "traefik.http.services.foodsoft.loadbalancer.server.port=3000"
-        - "traefik.http.routers.foodsoft.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - coop-cloud.${STACK_NAME}.app.version=4.7.1-
+        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
+        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
+        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=3000"
+        - "coop-cloud.${STACK_NAME}.version=1.0.0+4.7.1"
+
  cron:
    image: foodcoops/foodsoft:4.7.1
    secrets: *secrets
    configs: *configs
-    entrypoint: /usr/src/app/docker-entrypoint.sh
+    entrypoint: *entrypoint
    environment:
      <<: *env
      FOODSOFT_SERVICE: cron
@ -96,13 +98,33 @@ services:
    image: foodcoops/foodsoft:4.7.1
    secrets: *secrets
    configs: *configs
-    entrypoint: /usr/src/app/docker-entrypoint.sh
+    entrypoint: *entrypoint
    environment:
      <<: *env
      FOODSOFT_SERVICE: worker
    networks:
      - internal

+  smtp:
+    image: foodcoops/foodsoft:4.7.1
+    configs: *configs
+    entrypoint: *entrypoint
+    secrets: *secrets
+    environment:
+      <<: *env
+      FOODSOFT_SERVICE: smtp
+      SMTP_SERVER_HOST:
+      SMTP_SERVER_PORT:
+    networks:
+      - proxy
+      - internal
+    deploy:
+      labels:
+        - "traefik.enable=true"
+        - "traefik.tcp.routers.foodsoft-smtp.rule=HostSNI(`*`)"
+        - "traefik.tcp.routers.foodsoft-smtp.entrypoints=foodsoft-smtp"
+        - "traefik.tcp.services.foodsoft-smtp.loadbalancer.server.port=${SMTP_SERVER_PORT}"
+
  db:
    image: "mariadb:10.6"
    command: "mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_520_ci"
@ -150,10 +172,6 @@ configs:
    name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_VERSION}
    file: entrypoint.sh.tmpl
    template_driver: golang
-  production_env:
-    name: ${STACK_NAME}_production_env_${PRODUCTION_ENV_VERSION}
-    file: production.rb.tmpl
-    template_driver: golang

 secrets:
  db_password:
--- a/production.rb.tmpl
+++ b/production.rb.tmpl
@ -1,112 +0,0 @@
-# Foodsoft production configuration.
-#
-# This file is in the public domain.
-
-Rails.application.configure do
-  # Settings specified here will take precedence over those in config/application.rb.
-
-  # Code is not reloaded between requests.
-  config.cache_classes = true
-
-  # Eager load code on boot. This eager loads most of Rails and
-  # your application in memory, allowing both threaded web servers
-  # and those relying on copy on write to perform better.
-  # Rake tasks automatically ignore this option for performance.
-  config.eager_load = true
-
-  # Full error reports are disabled and caching is turned on.
-  config.consider_all_requests_local       = false
-  config.action_controller.perform_caching = true
-
-  # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
-  # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
-  # config.require_master_key = true
-
-  # Disable serving static files from the `/public` folder by default since
-  # Apache or NGINX already handles this.
-  config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
-
-  # Compress JavaScripts and CSS.
-  config.assets.js_compressor = :uglifier
-  config.assets.css_compressor = :sass
-
-  # Do not fallback to assets pipeline if a precompiled asset is missed.
-  config.assets.compile = false
-
-  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
-  # config.action_controller.asset_host = 'http://assets.example.com'
-
-  # Specifies the header that your server uses for sending files.
-  # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
-  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
-
-  # Mount Action Cable outside main process or domain
-  # config.action_cable.mount_path = nil
-  # config.action_cable.url = 'wss://example.com/cable'
-  # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
-
-  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-  config.force_ssl = ENV["RAILS_FORCE_SSL"] != "false"
-
-  # Set to :debug to see everything in the log.
-  config.log_level = {{ env "LOG_LEVEL" }}
-
-  # Prepend all log lines with the following tags.
-  config.log_tags = [:request_id]
-
-  # Don't dump schema in production (especially useful for Docker)
-  config.active_record.dump_schema_after_migration = false
-
-  # Use a different cache store in production.
-  # config.cache_store = :mem_cache_store
-
-  config.action_mailer.perform_caching = false
-
-  # Ignore bad email addresses and do not raise email delivery errors.
-  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
-  # config.action_mailer.raise_delivery_errors = false
-
-  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
-  # the I18n.default_locale when a translation cannot be found).
-  config.i18n.fallbacks = true
-
-  # Send deprecation notices to registered listeners.
-  config.active_support.deprecation = :notify
-
-  # Disable automatic flushing of the log to improve performance.
-  # config.autoflush_log = false
-
-  # Configure hostname for action mailer (can be overridden in foodcoop config)
-  config.action_mailer.default_url_options = { host: `hostname -f`, protocol: 'https' }
-
-  if ENV['SMTP_ADDRESS'].present?
-    config.action_mailer.delivery_method = :smtp
-    config.action_mailer.smtp_settings = { address: ENV['SMTP_ADDRESS'] }
-    config.action_mailer.smtp_settings[:port] = ENV['SMTP_PORT'] if ENV['SMTP_PORT'].present?
-    config.action_mailer.smtp_settings[:domain] = ENV['SMTP_DOMAIN'] if ENV['SMTP_DOMAIN'].present?
-    config.action_mailer.smtp_settings[:user_name] = ENV['SMTP_USER_NAME'] if ENV['SMTP_USER_NAME'].present?
-    config.action_mailer.smtp_settings[:password] = ENV['SMTP_PASSWORD'] if ENV['SMTP_PASSWORD'].present?
-    config.action_mailer.smtp_settings[:authentication] = ENV['SMTP_AUTHENTICATION'] if ENV['SMTP_AUTHENTICATION'].present?
-    config.action_mailer.smtp_settings[:enable_starttls_auto] = ENV['SMTP_ENABLE_STARTTLS_AUTO'] == 'true' if ENV['SMTP_ENABLE_STARTTLS_AUTO'].present?
-    config.action_mailer.smtp_settings[:openssl_verify_mode] = ENV['SMTP_OPENSSL_VERIFY_MODE'] if ENV['SMTP_OPENSSL_VERIFY_MODE'].present?
-  else
-    # Use sendmail as default to avoid ssl cert problems
-    config.action_mailer.delivery_method = :sendmail
-  end
-
-  # Use default logging formatter so that PID and timestamp are not suppressed.
-  config.log_formatter = ::Logger::Formatter.new
-
-  # Use a different logger for distributed setups.
-  # require 'syslog/logger'
-  # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
-
-  if ENV["RAILS_LOG_TO_STDOUT"].present?
-    logger           = ActiveSupport::Logger.new(STDOUT)
-    logger.formatter = config.log_formatter
-    config.logger    = ActiveSupport::TaggedLogging.new(logger)
-  end
-
-  # Do not dump schema after migrations.
-  config.active_record.dump_schema_after_migration = false
-end
--- a/renovate.json
+++ b/renovate.json
@ -1,3 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json"
-}