Compare commits
11 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 10ac881e42 | |||
| ccfb3c8953 | |||
| c23648b5df | |||
| 190c2c0578 | |||
| 9c60390d76 | |||
| 0aa164cdbf | |||
| 314f811457 | |||
| 8a9434ae32 | |||
| a466c6e15a | |||
| 0c14bac684 | |||
| 958df4da59 |
@ -18,7 +18,6 @@ steps:
|
||||
STACK_NAME: hedgedoc
|
||||
LETS_ENCRYPT_ENV: production
|
||||
SECRET_DB_PASSWORD_VERSION: v1
|
||||
SECRET_SESSION_SECRET_VERSION: v1
|
||||
ENTRYPOINT_CONF_VERSION: v1
|
||||
PG_BACKUP_VERSION: v1
|
||||
trigger:
|
||||
@ -36,7 +35,7 @@ steps:
|
||||
from_secret: drone_abra-bot_token
|
||||
fork: true
|
||||
repositories:
|
||||
- toolshed/auto-recipes-catalogue-json
|
||||
- coop-cloud/auto-recipes-catalogue-json
|
||||
|
||||
trigger:
|
||||
event: tag
|
||||
|
||||
@ -26,7 +26,6 @@ COMPOSE_FILE="compose.yml"
|
||||
#CMD_OAUTH2_TOKEN_URL="https://keycloak.example.com/auth/realms/realmname/protocol/openid-connect/token"
|
||||
#CMD_OAUTH2_USER_PROFILE_URL="https://keycloak.example.com/auth/realms/realmname/protocol/openid-connect/userinfo"
|
||||
#CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=ocs.data.id
|
||||
#CMD_OAUTH2_USER_PROFILE_ID_ATTR=
|
||||
#CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=ocs.data.display-name
|
||||
#CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=ocs.data.email
|
||||
#CMD_OAUTH2_PROVIDERNAME=Keycloak
|
||||
|
||||
2
abra.sh
2
abra.sh
@ -1,2 +1,2 @@
|
||||
export ENTRYPOINT_CONF_VERSION=v13
|
||||
export ENTRYPOINT_CONF_VERSION=v11
|
||||
export PG_BACKUP_VERSION=v1
|
||||
|
||||
@ -13,7 +13,6 @@ services:
|
||||
- CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR
|
||||
- CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR
|
||||
- CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR
|
||||
- CMD_OAUTH2_USER_PROFILE_ID_ATTR
|
||||
- CMD_OAUTH2_SCOPE
|
||||
secrets:
|
||||
- oauth_key
|
||||
|
||||
@ -2,7 +2,7 @@ version: "3.8"
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- CMD_DB_TYPE=postgres
|
||||
- CMD_DB_URL=
|
||||
- CMD_DB_NAME=codimd
|
||||
- CMD_DB_USER=codimd
|
||||
- CMD_DB_HOST=db
|
||||
@ -14,7 +14,7 @@ services:
|
||||
secrets:
|
||||
- db_password
|
||||
db:
|
||||
image: pgautoupgrade/pgautoupgrade:16-alpine
|
||||
image: postgres:16.4-alpine
|
||||
environment:
|
||||
- POSTGRES_USER=codimd
|
||||
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
image: quay.io/hedgedoc/hedgedoc:1.10.3
|
||||
image: quay.io/hedgedoc/hedgedoc:1.10.0
|
||||
environment:
|
||||
- CMD_USECDN=false
|
||||
- CMD_URL_ADDPORT=false
|
||||
@ -51,10 +51,10 @@ services:
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.scheme=https"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.permanent=true"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||
- "coop-cloud.${STACK_NAME}.version=3.0.2+1.10.3"
|
||||
- "coop-cloud.${STACK_NAME}.version=1.3.1+1.10.0"
|
||||
- "backupbot.backup=${ENABLE_BACKUPS:-true}"
|
||||
healthcheck:
|
||||
test: "nodejs -e \"http.get('http://localhost:3000', (res) => { console.log('status: ', res.statusCode); if (res.statusCode == 200) { process.exit(0); } else { process.exit(1); } });\""
|
||||
|
||||
@ -22,9 +22,7 @@ file_env() {
|
||||
}
|
||||
|
||||
load_vars() {
|
||||
if [ -n "${CMD_DB_PASSWORD_FILE:-""}" ] ; then
|
||||
file_env "CMD_DB_PASSWORD"
|
||||
fi
|
||||
file_env "CMD_DB_PASSWORD"
|
||||
file_env "CMD_OAUTH2_CLIENT_SECRET"
|
||||
file_env "CMD_SESSION_SECRET"
|
||||
}
|
||||
@ -42,9 +40,7 @@ main() {
|
||||
|
||||
main
|
||||
|
||||
if [ -n "${CMD_DB_PASSWORD:-""}" ] ; then
|
||||
export CMD_DB_URL="${CMD_DB_TYPE}://$CMD_DB_USER:$CMD_DB_PASSWORD@$CMD_DB_HOST:5432/$CMD_DB_NAME"
|
||||
fi
|
||||
export CMD_DB_URL="${CMD_DB_URL:-postgres://$CMD_DB_USER:$CMD_DB_PASSWORD@$CMD_DB_HOST:5432/$CMD_DB_NAME}"
|
||||
|
||||
# 3wc: `source /docker-entrypoint.sh -e` to load CMD_DB_URL for CLI scripts
|
||||
if [ ! "${1-}" == "-e" ]; then
|
||||
|
||||
@ -1,5 +0,0 @@
|
||||
Upgrade to fix GHSA-6w39-x2c6-6mpf
|
||||
|
||||
BREAKING CHANGE!! new secret "session_secret" added, run:
|
||||
|
||||
abra app secret generate <app_domain> session_secret v1
|
||||
@ -1 +0,0 @@
|
||||
This release adds SQLite support by default, if you were using PostgreSQL make sure to update the env file!
|
||||
1
release/1.3.1+1.10.0
Normal file
1
release/1.3.1+1.10.0
Normal file
@ -0,0 +1 @@
|
||||
holu
|
||||
@ -1 +0,0 @@
|
||||
This release switches to `pgaautoupgrade` for easier Postgresql upgrades. If you are using Postgres, please take extra care to take a backup before upgrading.
|
||||
@ -1 +0,0 @@
|
||||
Security upgrade for GHSA-3983-rrqh-mvx5
|
||||
@ -1 +0,0 @@
|
||||
CRITICAL FIX: since version 3 this recipe uses always sqlite as database. This patch fixes instances running postgres
|
||||
Reference in New Issue
Block a user