From 3587172e5f8cc8e893db72c7ed8c91c59d48f51c Mon Sep 17 00:00:00 2001 From: stevensting Date: Sun, 9 Feb 2025 19:48:48 +0100 Subject: [PATCH] use docker secret for mail and seperate compose file --- .env.sample | 15 ++++++++------- README.md | 2 +- abra.sh | 2 +- compose.smtp.yml | 28 ++++++++++++++++++++++++++++ compose.yml | 7 ------- entrypoint.sh | 1 + 6 files changed, 39 insertions(+), 16 deletions(-) create mode 100644 compose.smtp.yml diff --git a/.env.sample b/.env.sample index 8153850..5ab70b6 100644 --- a/.env.sample +++ b/.env.sample @@ -1,28 +1,28 @@ TYPE=loomio +COMPOSE_FILE="compose.yml" DOMAIN=loomio.example.com ## Domain aliases #EXTRA_DOMAINS=', `www.loomio.example.com`' LETS_ENCRYPT_ENV=production -# the number of dots in your hostname -TLD_LENGTH=3 -# TODO 3wc: is this needed? - +# mail setup +COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml" SUPPORT_EMAIL=noreply@example.com SMTP_AUTH=plain SMTP_DOMAIN=example.com SMTP_SERVER=example.com SMTP_PORT=587 SMTP_USERNAME=noreply@example.com -SMTP_PASSWORD=password SMTP_USE_SSL=1 # to disable SSL comment out line rather than changing to 0 +SECRET_SMTP_PASSWORD_VERSION=v1 -# Whyyyy does this need to be set separately +# From field for notification e-mails NOTIFICATIONS_EMAIL_ADDRESS=noreply@example.com -REPLY_HOSTNAME=loomio.example.com +# reply-to in email notifications +REPLY_HOSTNAME=$DOMAIN # helper bot is the account which welcomes people to their groups. HELPER_BOT_EMAIL=noreply@loomio.example.com @@ -43,6 +43,7 @@ USE_RACK_ATTACK=1 SECRET_DEVISE_SECRET_VERSION=v1 #length=64 SECRET_SECRET_COOKIE_TOKEN_VERSION=v1 #length=64 SECRET_DB_PASSWORD_VERSION=v1 +SECRET_SMTP_PASSWORD_VERSION=v1 # Send catch up email (missed yesterday) weekly # EMAIL_CATCH_UP_WEEKLY=1 diff --git a/README.md b/README.md index 21e2c59..8a400f5 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ * **Category**: Apps * **Status**: 0, work-in-progress * **Image**: [`loomio/*`](https://hub.docker.com/r/loomio) -* **Healthcheck**: No +* **Healthcheck**: Yes * **Backups**: No * **Email**: Outgoing yes, incoming no * **Tests**: No diff --git a/abra.sh b/abra.sh index 63638e7..aa94473 100644 --- a/abra.sh +++ b/abra.sh @@ -1,4 +1,4 @@ -export LOOMIO_ENTRYPOINT_VERSION=v4 +export LOOMIO_ENTRYPOINT_VERSION=v5 function make_last_user_admin() { diff --git a/compose.smtp.yml b/compose.smtp.yml new file mode 100644 index 0000000..20205fc --- /dev/null +++ b/compose.smtp.yml @@ -0,0 +1,28 @@ +version: "3.8" + +x-mail-env: &mail-env + SMTP_AUTH: ${SMTP_AUTH} + SMTP_DOMAIN: ${SMTP_DOMAIN} + SMTP_SERVER: ${SMTP_SERVER} + SMTP_PORT: ${SMTP_PORT} + SMTP_USERNAME: ${SMTP_USERNAME} + SMTP_PASSWORD: + SMTP_PASSWORD_FILE: /run/secrets/smtp_password + SMTP_USE_SSL: ${SMTP_USE_SSL} + +services: + app: + secrets: + - smtp_password + environment: + *mail-env + worker: + secrets: + - smtp_password + environment: + *mail-env + +secrets: + smtp_password: + name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION} + external: true \ No newline at end of file diff --git a/compose.yml b/compose.yml index 5c4b195..ba7f221 100644 --- a/compose.yml +++ b/compose.yml @@ -14,13 +14,6 @@ x-environment: &default-env CHANNELS_URI: wss://channels.${DOMAIN} TLD_LENGTH: ${TLD_LENGTH} SUPPORT_EMAIL: ${SUPPORT_EMAIL} - SMTP_AUTH: ${SMTP_AUTH} - SMTP_DOMAIN: ${SMTP_DOMAIN} - SMTP_SERVER: ${SMTP_SERVER} - SMTP_PORT: ${SMTP_PORT} - SMTP_USERNAME: ${SMTP_USERNAME} - SMTP_PASSWORD: ${SMTP_PASSWORD} - SMTP_USE_SSL: ${SMTP_USE_SSL} NOTIFICATIONS_EMAIL_ADDRESS: ${NOTIFICATIONS_EMAIL_ADDRESS} REPLY_HOSTNAME: ${REPLY_HOSTNAME} HELPER_BOT_EMAIL: ${HELPER_BOT_EMAIL} diff --git a/entrypoint.sh b/entrypoint.sh index 1e3120d..b6436e5 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -24,6 +24,7 @@ file_env() { file_env "DEVISE_SECRET" file_env "SECRET_COOKIE_TOKEN" file_env "POSTGRES_PASSWORD" +file_env "SMTP_PASSWORD" export DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db/${POSTGRES_DB}" if [ -n "$1" ]; then