coop-cloud/liberaforms
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: coop-cloud:0.1.1+4.0.0
Branches Tags
coop-cloud:main
coop-cloud:0.4.3+4.0.0 coop-cloud:0.4.2+4.0.0 coop-cloud:0.1.1+4.0.0 coop-cloud:0.1.0+4.0.0
...
compare: coop-cloud:main
Branches Tags
coop-cloud:main
coop-cloud:0.4.3+4.0.0 coop-cloud:0.4.2+4.0.0 coop-cloud:0.1.1+4.0.0 coop-cloud:0.1.0+4.0.0

22 Commits
0.1.1+4.0. ... main

Author SHA1 Message Date
brooke
a8167754ba update readme instructions
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-07-02 14:49:20 -04:00
brooke
1fb3025d75 update readme, fix create tables command
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-07-02 14:44:50 -04:00
brooke
5a7febd5f3 add pg backup version to .drone.yml
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-07-02 14:41:16 -04:00
brooke
d519279568 smh
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-07-02 14:40:32 -04:00
brooke
9adf6bbbd6 update .drone.yml
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-07-02 14:39:34 -04:00
brooke
8822497e43 remove quotes from drone.yml env variables
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-07-02 14:38:11 -04:00
Brooke
c1b1a6c0d7 Update README.md
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-07-02 18:36:42 +00:00
brooke
b088285584 chore: publish 0.4.3+4.0.0 release
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/tag Build is passing
Details
2025-07-02 14:31:27 -04:00
brooke
5150b0ea68 add PG_BACKUP_VERSION to abra.sh
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-07-02 14:30:09 -04:00
brooke
27fbd8db7d chore: publish 0.4.2+4.0.0 release
Some checks failed
continuous-integration/drone/tag Build is passing
Details
continuous-integration/drone/push Build is failing
Details
2025-06-19 19:30:52 -04:00
brooke
aba1a4fffb quotes around backup bot label values
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-06-19 19:26:23 -04:00
brooke
2a6e0d8183 put quotes around key version value
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-06-19 19:24:25 -04:00
brooke
eac106922d update readme metadata
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-06-19 19:23:26 -04:00
brooke
db35f14d19 include basic backup labels for liberaforms container 2025-06-19 19:23:15 -04:00
brooke
f3b4e2a70c prettier 2025-06-19 19:18:44 -04:00
brooke
f48996884e move remote storage option to compose file until s3 is officially supported by recipe 2025-06-19 19:15:14 -04:00
brooke
938aa37b73 update postgres backup dir 2025-06-19 19:14:56 -04:00
brooke
da704e31f9 add pg backup script 2025-06-19 19:10:44 -04:00
brooke
79cb1a9d7f fix syntax issues drone.yml
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-06-19 16:38:16 -04:00
brooke
0d5c6ad614 add proper healthcheck to liberaforms container
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-06-19 16:36:26 -04:00
brooke
27351dc8f9 add internal network to drone.yml 2025-06-19 16:29:49 -04:00
brooke
d90c5dd197 update readme meta 2025-06-19 16:28:26 -04:00
8 changed files with 156 additions and 79 deletions
Expand all files Collapse all files

82
.drone.yml
View File

@ -13,46 +13,48 @@ steps:
from_secret: drone_ssh_swarm_test
networks:
- proxy
environment:
- DOMAIN=liberaforms.swarm-test.autonomic.zone
- STACK_NAME=liberaforms
- LETS_ENCRYPT_ENV=production
- ENABLE_LDAP=False
- FLASK_DEBUG=False
- FLASK_CONFIG=production
- DB_HOST=db
- DB_USER=liberaforms
- DB_PASSWORD_FILE=/run/secrets/db_password
- DB_NAME=liberaforms
- BASE_URL=https://${DOMAIN}
- ROOT_USER=${ADMIN_USER}
- TMP_DIR=/tmp
- SECRET_KEY_FILE=/run/secrets/secret_key
- CRYPTO_KEY_FILE=/run/secrets/crypto_key
- SESSION_TYPE=filesystem
- LOG_LEVEL=INFO
- LOG_DIR=/app/logs
- GUNICORN_WORKERS=${GUNICORN_WORKERS:-3}
- SECRET_SECRET_KEY_VERSION=v1
- SECRET_DB_PASSWORD_VERSION=v1
- SECRET_CRYPTO_KEY_VERSION=v1
- ENTRYPOINT_VERSION=v2
- NGINX_CONFIG_VERSION=v1
- TYPE=liberaforms
- ADMIN_USER='you@example.com'
- DEFAULT_LANGUAGE='en'
- E2EE_MODE=ENABLED_BY_DEFAULT
- TOKEN_EXPIRATION=604800
- DEFAULT_TIMEZONE="America/New_York"
- ENABLE_RSS_FEED=True
- ENABLE_PROMETHEUS_METRICS=False
- ENABLE_UPLOADS=True
- ENABLE_REMOTE_STORAGE=False
- TOTAL_UPLOADS_LIMIT="1 GB"
- DEFAULT_USER_UPLOADS_LIMIT="50 MB"
- MAX_MEDIA_SIZE=512000
- MAX_ATTACHMENT_SIZE=1572864
- internal
compose: "compose.yml"
environment:
DOMAIN: liberaforms.swarm-test.autonomic.zone
STACK_NAME: liberaforms
LETS_ENCRYPT_ENV: production
ENABLE_LDAP: False
FLASK_DEBUG: False
FLASK_CONFIG: production
DB_HOST: db
DB_USER: liberaforms
DB_PASSWORD_FILE: /run/secrets/db_password
DB_NAME: liberaforms
BASE_URL: https://${DOMAIN}
ROOT_USER: ${ADMIN_USER}
TMP_DIR: /tmp
SECRET_KEY_FILE: /run/secrets/secret_key
CRYPTO_KEY_FILE: /run/secrets/crypto_key
SESSION_TYPE: filesystem
LOG_LEVEL: INFO
LOG_DIR: /app/logs
GUNICORN_WORKERS: ${GUNICORN_WORKERS:-3}
SECRET_SECRET_KEY_VERSION: v1
SECRET_DB_PASSWORD_VERSION: v1
SECRET_CRYPTO_KEY_VERSION: v1
ENTRYPOINT_VERSION: v2
NGINX_CONFIG_VERSION: v1
PG_BACKUP_VERSION: v1
TYPE: liberaforms
ADMIN_USER: you@example.com
DEFAULT_LANGUAGE: en
E2EE_MODE: ENABLED_BY_DEFAULT
TOKEN_EXPIRATION: 604800
DEFAULT_TIMEZONE: America/New_York
ENABLE_RSS_FEED: True
ENABLE_PROMETHEUS_METRICS: False
ENABLE_UPLOADS: True
ENABLE_REMOTE_STORAGE: False
TOTAL_UPLOADS_LIMIT: 1 GB
DEFAULT_USER_UPLOADS_LIMIT: 50 MB
MAX_MEDIA_SIZE: 512000
MAX_ATTACHMENT_SIZE: 1572864
trigger:
branch:
- main

62
.env.sample
View File

@ -1,42 +1,52 @@
TYPE=liberaforms
DOMAIN=liberaforms.example.com
LETS_ENCRYPT_ENV=production
SECRET_SECRET_KEY_VERSION = v1
SECRET_DB_PASSWORD_VERSION = v1
SECRET_CRYPTO_KEY_VERSION= v1
ADMIN_USER = 'you@example.com'
DEFAULT_LANGUAGE = 'en' # Options: en, eu, es, ca, cs, de, fr, gl, ru, ta
E2EE_MODE=ENABLED_BY_DEFAULT # Options: AVAILABLE, DISABLED, REQUIRED, ENABLED_BY_DEFAULT
TOKEN_EXPIRATION = 604800 # Maximum valid age (in seconds) for password resets, invitations, etc.
#==============================================================================
# SECRETS
#==============================================================================
SECRET_SECRET_KEY_VERSION=v1
SECRET_DB_PASSWORD_VERSION=v1
SECRET_CRYPTO_KEY_VERSION=v1
#==============================================================================
# ADMINISTRATION
#==============================================================================
ADMIN_USER='you@example.com'
DEFAULT_LANGUAGE='en'
DEFAULT_TIMEZONE="America/New_York"
ENABLE_RSS_FEED=True
ENABLE_PROMETHEUS_METRICS=False
#GUNICORN_WORKERS= # Advanced option based on the specs of your server, defaults to 3
#ALERT_MAILS = ["your_email_address", "another_email_address"] # Optional. Recieve Internal Server 500 errors. Good for debugging.
###############
### Uploads ###
###############
#==============================================================================
# SECURITY
#==============================================================================
E2EE_MODE=ENABLED_BY_DEFAULT
TOKEN_EXPIRATION=604800 # 7 days in seconds
#==============================================================================
# FILE UPLOADS
#==============================================================================
ENABLE_UPLOADS=True
ENABLE_REMOTE_STORAGE=False
TOTAL_UPLOADS_LIMIT="1 GB" # site-wide limit
TOTAL_UPLOADS_LIMIT="1 GB"
DEFAULT_USER_UPLOADS_LIMIT="50 MB"
MAX_MEDIA_SIZE=512000 # In Bytes
MAX_ATTACHMENT_SIZE=1572864 # In Bytes
MAX_MEDIA_SIZE=512000 # 500 KB
MAX_ATTACHMENT_SIZE=1572864 # 1.5 MB
###############
#### LDAP #####
###############
#==============================================================================
# PERFORMANCE & MONITORING
#==============================================================================
ENABLE_PROMETHEUS_METRICS=False
#GUNICORN_WORKERS= # Default: 3
#LDAP_SERVER: ldap://localhost
#==============================================================================
# NOTIFICATIONS
#==============================================================================
#ALERT_MAILS=["your_email_address", "another_email_address"]
#==============================================================================
# LDAP
#==============================================================================
#LDAP_SERVER=ldap://localhost
#LDAP_BIND_ACCOUNT="cn=nobody,dc=example,dc=com"
#LDAP_USER_DN_LIST=["uid=%uid,ou=users,o=company,dc=example,dc=com"]
#LDAP_SEARCH_BASE_DN="o=company,dc=example,dc=com"

28
README.md
View File

@ -4,22 +4,26 @@
<!-- metadata -->
* **Category**: Apps
* **Status**: wip
* **Image**: [`liberaforms`](https://fung.uy/mycosystems/-/packages/container/liberaforms/), 1
* **Healthcheck**: Yes
* **Backups**: No
* **Email**: 1
* **Tests**: No
* **SSO**: 3
- **Category**: Apps
- **Status**: 5
- **Image**: [`liberaforms`](https://fung.uy/mycosystems/-/packages/container/liberaforms/), 1
- **Healthcheck**: Yes
- **Backups**: Yes
- **Email**: 1
- **Tests**: Yes
- **SSO**: 3
<!-- endmetadata -->
## Quick start
* `abra app new liberaforms --secrets`
* `abra app config <domain-name>`
* `abra app deploy <domain-name>`
* Create tables `abra app cmd <domain-name> app setup_db` more info in [liberaforms docs](https://gitlab.com/liberaforms/liberaforms/-/blob/main/docs/docker.md?ref_type=heads#create-the-database)
- `abra app new liberaforms --secrets`
- Set an admin email address `abra app config <domain-name>`
- `abra app deploy <domain-name>`
- Create tables `abra app cmd <domain-name> forms setup_db` more info in [liberaforms docs](https://gitlab.com/liberaforms/liberaforms/-/blob/main/docs/docker.md?ref_type=heads#create-the-database)
## Admin account setup
Once liberaforms is deployed, go to the login screen by clicking the text in the top right. Next, click "forgot password" now you can fill in the email you set as your admin email and you will be prompted to set a password.
For more, see [`docs.liberaforms.org`](https://docs.liberaforms.org/).

1
abra.sh
View File

@ -2,6 +2,7 @@
export ENTRYPOINT_VERSION=v2
export NGINX_CONFIG_VERSION=v1
export PG_BACKUP_VERSION=v1
file_env() {
local var="$1"

26
compose.yml
View File

@ -40,6 +40,12 @@ services:
target: /custom-entrypoint.sh
entrypoint: /custom-entrypoint.sh
command: "/usr/bin/supervisord -n"
healthcheck:
test: ["CMD", "python", "-c", "import requests; print(requests.get('http://localhost:5000/').status_code)"]
timeout: 45s
interval: 10s
retries: 10
start_period: 1m
environment:
- ENABLE_LDAP=False
- FLASK_DEBUG=False
@ -64,7 +70,7 @@ services:
- ENABLE_UPLOADS
- TOTAL_UPLOADS_LIMIT
- DEFAULT_USER_UPLOADS_LIMIT
- ENABLE_REMOTE_STORAGE
- ENABLE_REMOTE_STORAGE=False
- MAX_MEDIA_SIZE
- MAX_ATTACHMENT_SIZE
- ENABLE_PROMETHEUS_METRICS
@ -79,6 +85,12 @@ services:
- LDAP_MAIL_ATTRIB
- LDAP_RECOVER_PASSWD_URL
- E2EE_MODE
deploy:
labels:
backupbot.backup: "true"
backupbot.backup.volumes.uploads: "true"
backupbot.backup.volumes.log: "false"
backupbot.backup.volumes.static: "false"
volumes:
- uploads:/app/uploads
- log:/app/logs
@ -92,6 +104,10 @@ services:
db:
image: postgres:17
configs:
- source: pg_backup
target: /pg_backup.sh
mode: 0555
healthcheck:
test: [ "CMD", "pg_isready", "-q", "-d", "postgres", "-U", "liberaforms" ]
timeout: 45s
@ -101,6 +117,11 @@ services:
POSTGRES_USER: liberaforms
POSTGRES_DB: liberaforms
POSTGRES_PASSWORD_FILE: /run/secrets/db_password
deploy:
labels:
backupbot.backup.pre-hook: "/pg_backup.sh backup"
backupbot.backup.volumes.db.path: "backup.sql"
backupbot.restore.post-hook: '/pg_backup.sh restore'
volumes:
- db:/var/lib/postgresql/data
secrets:
@ -139,3 +160,6 @@ configs:
nginx_conf:
name: ${STACK_NAME}_nginx_conf_${NGINX_CONFIG_VERSION}
file: nginx.conf
pg_backup:
name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
file: pg_backup.sh

34
pg_backup.sh Normal file
View File

@ -0,0 +1,34 @@
#!/bin/bash
set -e
BACKUP_FILE='/var/lib/postgresql/data/backup.sql'
function backup {
export PGPASSWORD=$(cat /run/secrets/db_password)
pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE
}
function restore {
cd /var/lib/postgresql/data/
restore_config(){
# Restore allowed connections
cat pg_hba.conf.bak > pg_hba.conf
su postgres -c 'pg_ctl reload'
}
# Don't allow any other connections than local
cp pg_hba.conf pg_hba.conf.bak
echo "local all all trust" > pg_hba.conf
su postgres -c 'pg_ctl reload'
trap restore_config EXIT INT TERM
# Recreate Database
psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);"
createdb -U ${POSTGRES_USER} ${POSTGRES_DB}
psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE
trap - EXIT INT TERM
restore_config
}
$@

1
release/0.4.2+4.0.0 Normal file
View File

@ -0,0 +1 @@
This release adds a proper healthcheck to the Liberaforms service and Backupbot labels for liberaforms uploads and Postgres.

1
release/0.4.3+4.0.0 Normal file
View File

@ -0,0 +1 @@
minor patch, no breaking changes expected.