coop-cloud/liberaforms
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: coop-cloud:0.1.1+4.0.0
Branches Tags
coop-cloud:main
coop-cloud:0.4.3+4.0.0 coop-cloud:0.4.2+4.0.0 coop-cloud:0.1.1+4.0.0 coop-cloud:0.1.0+4.0.0
..
compare: coop-cloud:0.4.2+4.0.0
Branches Tags
coop-cloud:main
coop-cloud:0.4.3+4.0.0 coop-cloud:0.4.2+4.0.0 coop-cloud:0.1.1+4.0.0 coop-cloud:0.1.0+4.0.0

13 Commits
0.1.1+4.0. ... 0.4.2+4.0.

Author SHA1 Message Date
brooke
27fbd8db7d chore: publish 0.4.2+4.0.0 release
Some checks failed
continuous-integration/drone/tag Build is passing
Details
continuous-integration/drone/push Build is failing
Details
2025-06-19 19:30:52 -04:00
brooke
aba1a4fffb quotes around backup bot label values
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-06-19 19:26:23 -04:00
brooke
2a6e0d8183 put quotes around key version value
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-06-19 19:24:25 -04:00
brooke
eac106922d update readme metadata
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-06-19 19:23:26 -04:00
brooke
db35f14d19 include basic backup labels for liberaforms container 2025-06-19 19:23:15 -04:00
brooke
f3b4e2a70c prettier 2025-06-19 19:18:44 -04:00
brooke
f48996884e move remote storage option to compose file until s3 is officially supported by recipe 2025-06-19 19:15:14 -04:00
brooke
938aa37b73 update postgres backup dir 2025-06-19 19:14:56 -04:00
brooke
da704e31f9 add pg backup script 2025-06-19 19:10:44 -04:00
brooke
79cb1a9d7f fix syntax issues drone.yml
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-06-19 16:38:16 -04:00
brooke
0d5c6ad614 add proper healthcheck to liberaforms container
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-06-19 16:36:26 -04:00
brooke
27351dc8f9 add internal network to drone.yml 2025-06-19 16:29:49 -04:00
brooke
d90c5dd197 update readme meta 2025-06-19 16:28:26 -04:00
6 changed files with 147 additions and 78 deletions
Expand all files Collapse all files

78
.drone.yml
View File

@ -13,46 +13,46 @@ steps:
from_secret: drone_ssh_swarm_test from_secret: drone_ssh_swarm_test
networks: networks:
- proxy - proxy
- internal
environment: environment:
- DOMAIN=liberaforms.swarm-test.autonomic.zone DOMAIN: liberaforms.swarm-test.autonomic.zone
- STACK_NAME=liberaforms STACK_NAME: liberaforms
- LETS_ENCRYPT_ENV=production LETS_ENCRYPT_ENV: production
- ENABLE_LDAP=False ENABLE_LDAP: False
- FLASK_DEBUG=False FLASK_DEBUG: False
- FLASK_CONFIG=production FLASK_CONFIG: production
- DB_HOST=db DB_HOST: db
- DB_USER=liberaforms DB_USER: liberaforms
- DB_PASSWORD_FILE=/run/secrets/db_password DB_PASSWORD_FILE: /run/secrets/db_password
- DB_NAME=liberaforms DB_NAME: liberaforms
- BASE_URL=https://${DOMAIN} BASE_URL: https://${DOMAIN}
- ROOT_USER=${ADMIN_USER} ROOT_USER: ${ADMIN_USER}
- TMP_DIR=/tmp TMP_DIR: /tmp
- SECRET_KEY_FILE=/run/secrets/secret_key SECRET_KEY_FILE: /run/secrets/secret_key
- CRYPTO_KEY_FILE=/run/secrets/crypto_key CRYPTO_KEY_FILE: /run/secrets/crypto_key
- SESSION_TYPE=filesystem SESSION_TYPE: filesystem
- LOG_LEVEL=INFO LOG_LEVEL: INFO
- LOG_DIR=/app/logs LOG_DIR: /app/logs
- GUNICORN_WORKERS=${GUNICORN_WORKERS:-3} GUNICORN_WORKERS: ${GUNICORN_WORKERS:-3}
- SECRET_SECRET_KEY_VERSION=v1 SECRET_SECRET_KEY_VERSION: "v1"
- SECRET_DB_PASSWORD_VERSION=v1 SECRET_DB_PASSWORD_VERSION: "v1"
- SECRET_CRYPTO_KEY_VERSION=v1 SECRET_CRYPTO_KEY_VERSION: "v1"
- ENTRYPOINT_VERSION=v2 ENTRYPOINT_VERSION: "v2"
- NGINX_CONFIG_VERSION=v1 NGINX_CONFIG_VERSION: "v1"
- TYPE=liberaforms TYPE: liberaforms
- ADMIN_USER='you@example.com' ADMIN_USER: 'you@example.com'
- DEFAULT_LANGUAGE='en' DEFAULT_LANGUAGE: 'en'
- E2EE_MODE=ENABLED_BY_DEFAULT E2EE_MODE: ENABLED_BY_DEFAULT
- TOKEN_EXPIRATION=604800 TOKEN_EXPIRATION: 604800
- DEFAULT_TIMEZONE="America/New_York" DEFAULT_TIMEZONE: "America/New_York"
- ENABLE_RSS_FEED=True ENABLE_RSS_FEED: True
- ENABLE_PROMETHEUS_METRICS=False ENABLE_PROMETHEUS_METRICS: False
- ENABLE_UPLOADS=True ENABLE_UPLOADS: True
- ENABLE_REMOTE_STORAGE=False ENABLE_REMOTE_STORAGE: False
- TOTAL_UPLOADS_LIMIT="1 GB" TOTAL_UPLOADS_LIMIT: "1 GB"
- DEFAULT_USER_UPLOADS_LIMIT="50 MB" DEFAULT_USER_UPLOADS_LIMIT: "50 MB"
- MAX_MEDIA_SIZE=512000 MAX_MEDIA_SIZE: 512000
- MAX_ATTACHMENT_SIZE=1572864 MAX_ATTACHMENT_SIZE: 1572864
trigger: trigger:
branch: branch:
- main - main

62
.env.sample
View File

@ -1,42 +1,52 @@
TYPE=liberaforms TYPE=liberaforms
DOMAIN=liberaforms.example.com DOMAIN=liberaforms.example.com
LETS_ENCRYPT_ENV=production LETS_ENCRYPT_ENV=production
SECRET_SECRET_KEY_VERSION = v1 #==============================================================================
SECRET_DB_PASSWORD_VERSION = v1 # SECRETS
SECRET_CRYPTO_KEY_VERSION= v1 #==============================================================================
SECRET_SECRET_KEY_VERSION=v1
ADMIN_USER = 'you@example.com' SECRET_DB_PASSWORD_VERSION=v1
DEFAULT_LANGUAGE = 'en' # Options: en, eu, es, ca, cs, de, fr, gl, ru, ta SECRET_CRYPTO_KEY_VERSION=v1
E2EE_MODE=ENABLED_BY_DEFAULT # Options: AVAILABLE, DISABLED, REQUIRED, ENABLED_BY_DEFAULT
TOKEN_EXPIRATION = 604800 # Maximum valid age (in seconds) for password resets, invitations, etc.
#==============================================================================
# ADMINISTRATION
#==============================================================================
ADMIN_USER='you@example.com'
DEFAULT_LANGUAGE='en'
DEFAULT_TIMEZONE="America/New_York" DEFAULT_TIMEZONE="America/New_York"
ENABLE_RSS_FEED=True ENABLE_RSS_FEED=True
ENABLE_PROMETHEUS_METRICS=False #==============================================================================
#GUNICORN_WORKERS= # Advanced option based on the specs of your server, defaults to 3 # SECURITY
#==============================================================================
#ALERT_MAILS = ["your_email_address", "another_email_address"] # Optional. Recieve Internal Server 500 errors. Good for debugging. E2EE_MODE=ENABLED_BY_DEFAULT
TOKEN_EXPIRATION=604800 # 7 days in seconds
###############
### Uploads ###
###############
#==============================================================================
# FILE UPLOADS
#==============================================================================
ENABLE_UPLOADS=True ENABLE_UPLOADS=True
ENABLE_REMOTE_STORAGE=False TOTAL_UPLOADS_LIMIT="1 GB"
TOTAL_UPLOADS_LIMIT="1 GB" # site-wide limit
DEFAULT_USER_UPLOADS_LIMIT="50 MB" DEFAULT_USER_UPLOADS_LIMIT="50 MB"
MAX_MEDIA_SIZE=512000 # In Bytes MAX_MEDIA_SIZE=512000 # 500 KB
MAX_ATTACHMENT_SIZE=1572864 # In Bytes MAX_ATTACHMENT_SIZE=1572864 # 1.5 MB
############### #==============================================================================
#### LDAP ##### # PERFORMANCE & MONITORING
############### #==============================================================================
ENABLE_PROMETHEUS_METRICS=False
#GUNICORN_WORKERS= # Default: 3
#LDAP_SERVER: ldap://localhost #==============================================================================
# NOTIFICATIONS
#==============================================================================
#ALERT_MAILS=["your_email_address", "another_email_address"]
#==============================================================================
# LDAP
#==============================================================================
#LDAP_SERVER=ldap://localhost
#LDAP_BIND_ACCOUNT="cn=nobody,dc=example,dc=com" #LDAP_BIND_ACCOUNT="cn=nobody,dc=example,dc=com"
#LDAP_USER_DN_LIST=["uid=%uid,ou=users,o=company,dc=example,dc=com"] #LDAP_USER_DN_LIST=["uid=%uid,ou=users,o=company,dc=example,dc=com"]
#LDAP_SEARCH_BASE_DN="o=company,dc=example,dc=com" #LDAP_SEARCH_BASE_DN="o=company,dc=example,dc=com"

24
README.md
View File

@ -4,22 +4,22 @@
<!-- metadata --> <!-- metadata -->
* **Category**: Apps - **Category**: Apps
* **Status**: wip - **Status**: 5, wip
* **Image**: [`liberaforms`](https://fung.uy/mycosystems/-/packages/container/liberaforms/), 1 - **Image**: [`liberaforms`](https://fung.uy/mycosystems/-/packages/container/liberaforms/), 1
* **Healthcheck**: Yes - **Healthcheck**: Yes
* **Backups**: No - **Backups**: Yes
* **Email**: 1 - **Email**: 1
* **Tests**: No - **Tests**: Yes
* **SSO**: 3 - **SSO**: 3
<!-- endmetadata --> <!-- endmetadata -->
## Quick start ## Quick start
* `abra app new liberaforms --secrets` - `abra app new liberaforms --secrets`
* `abra app config <domain-name>` - `abra app config <domain-name>`
* `abra app deploy <domain-name>` - `abra app deploy <domain-name>`
* Create tables `abra app cmd <domain-name> app setup_db` more info in [liberaforms docs](https://gitlab.com/liberaforms/liberaforms/-/blob/main/docs/docker.md?ref_type=heads#create-the-database) - Create tables `abra app cmd <domain-name> app setup_db` more info in [liberaforms docs](https://gitlab.com/liberaforms/liberaforms/-/blob/main/docs/docker.md?ref_type=heads#create-the-database)
For more, see [`docs.liberaforms.org`](https://docs.liberaforms.org/). For more, see [`docs.liberaforms.org`](https://docs.liberaforms.org/).

26
compose.yml
View File

@ -40,6 +40,12 @@ services:
target: /custom-entrypoint.sh target: /custom-entrypoint.sh
entrypoint: /custom-entrypoint.sh entrypoint: /custom-entrypoint.sh
command: "/usr/bin/supervisord -n" command: "/usr/bin/supervisord -n"
healthcheck:
test: ["CMD", "python", "-c", "import requests; print(requests.get('http://localhost:5000/').status_code)"]
timeout: 45s
interval: 10s
retries: 10
start_period: 1m
environment: environment:
- ENABLE_LDAP=False - ENABLE_LDAP=False
- FLASK_DEBUG=False - FLASK_DEBUG=False
@ -64,7 +70,7 @@ services:
- ENABLE_UPLOADS - ENABLE_UPLOADS
- TOTAL_UPLOADS_LIMIT - TOTAL_UPLOADS_LIMIT
- DEFAULT_USER_UPLOADS_LIMIT - DEFAULT_USER_UPLOADS_LIMIT
- ENABLE_REMOTE_STORAGE - ENABLE_REMOTE_STORAGE=False
- MAX_MEDIA_SIZE - MAX_MEDIA_SIZE
- MAX_ATTACHMENT_SIZE - MAX_ATTACHMENT_SIZE
- ENABLE_PROMETHEUS_METRICS - ENABLE_PROMETHEUS_METRICS
@ -79,6 +85,12 @@ services:
- LDAP_MAIL_ATTRIB - LDAP_MAIL_ATTRIB
- LDAP_RECOVER_PASSWD_URL - LDAP_RECOVER_PASSWD_URL
- E2EE_MODE - E2EE_MODE
deploy:
labels:
backupbot.backup: "true"
backupbot.backup.volumes.uploads: "true"
backupbot.backup.volumes.log: "false"
backupbot.backup.volumes.static: "false"
volumes: volumes:
- uploads:/app/uploads - uploads:/app/uploads
- log:/app/logs - log:/app/logs
@ -92,6 +104,10 @@ services:
db: db:
image: postgres:17 image: postgres:17
configs:
- source: pg_backup
target: /pg_backup.sh
mode: 0555
healthcheck: healthcheck:
test: [ "CMD", "pg_isready", "-q", "-d", "postgres", "-U", "liberaforms" ] test: [ "CMD", "pg_isready", "-q", "-d", "postgres", "-U", "liberaforms" ]
timeout: 45s timeout: 45s
@ -101,6 +117,11 @@ services:
POSTGRES_USER: liberaforms POSTGRES_USER: liberaforms
POSTGRES_DB: liberaforms POSTGRES_DB: liberaforms
POSTGRES_PASSWORD_FILE: /run/secrets/db_password POSTGRES_PASSWORD_FILE: /run/secrets/db_password
deploy:
labels:
backupbot.backup.pre-hook: "/pg_backup.sh backup"
backupbot.backup.volumes.db.path: "backup.sql"
backupbot.restore.post-hook: '/pg_backup.sh restore'
volumes: volumes:
- db:/var/lib/postgresql/data - db:/var/lib/postgresql/data
secrets: secrets:
@ -139,3 +160,6 @@ configs:
nginx_conf: nginx_conf:
name: ${STACK_NAME}_nginx_conf_${NGINX_CONFIG_VERSION} name: ${STACK_NAME}_nginx_conf_${NGINX_CONFIG_VERSION}
file: nginx.conf file: nginx.conf
pg_backup:
name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
file: pg_backup.sh

34
pg_backup.sh Normal file
View File

@ -0,0 +1,34 @@
#!/bin/bash
set -e
BACKUP_FILE='/var/lib/postgresql/data/backup.sql'
function backup {
export PGPASSWORD=$(cat /run/secrets/db_password)
pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE
}
function restore {
cd /var/lib/postgresql/data/
restore_config(){
# Restore allowed connections
cat pg_hba.conf.bak > pg_hba.conf
su postgres -c 'pg_ctl reload'
}
# Don't allow any other connections than local
cp pg_hba.conf pg_hba.conf.bak
echo "local all all trust" > pg_hba.conf
su postgres -c 'pg_ctl reload'
trap restore_config EXIT INT TERM
# Recreate Database
psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);"
createdb -U ${POSTGRES_USER} ${POSTGRES_DB}
psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE
trap - EXIT INT TERM
restore_config
}
$@

1
release/0.4.2+4.0.0 Normal file
View File

@ -0,0 +1 @@
This release adds a proper healthcheck to the Liberaforms service and Backupbot labels for liberaforms uploads and Postgres.