From 92a1cbe86513d2c21b328ed787b0691a254f2599 Mon Sep 17 00:00:00 2001 From: stevensting Date: Sat, 3 May 2025 14:30:53 +0200 Subject: [PATCH 1/4] make channels container externally available --- compose.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/compose.yml b/compose.yml index 3804883..ec774e9 100644 --- a/compose.yml +++ b/compose.yml @@ -133,10 +133,22 @@ services: image: loomio/loomio_channel_server networks: - backend + - proxy depends_on: - redis environment: <<: *redis-env + VIRTUAL_HOST: channels.${DOMAIN} + deploy: + labels: + - "traefik.enable=true" + - "traefik.docker.network=proxy" + - "traefik.http.routers.channels${STACK_NAME}.rule=Host(`channels.${DOMAIN}`)" + - "traefik.http.routers.channels${STACK_NAME}.tls=true" + - "traefik.http.routers.channels${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" + - "traefik.http.services.channels${STACK_NAME}.loadbalancer.server.port=5000" + - "traefik.http.routers.channels${STACK_NAME}.entrypoints=web-secure" + cron: image: loomio/loomio:v2.25.4 configs: From 5a94634d190cd4eaa715f43e64d50cdecd8423ce Mon Sep 17 00:00:00 2001 From: stevensting Date: Sat, 3 May 2025 15:04:31 +0200 Subject: [PATCH 2/4] add CORS header --- compose.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/compose.yml b/compose.yml index ec774e9..0433f72 100644 --- a/compose.yml +++ b/compose.yml @@ -72,6 +72,12 @@ services: - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - "coop-cloud.${STACK_NAME}.version=4.0.2+v2.25.4" - "backupbot.backup:=${ENABLE_BACKUPS:-true}" + - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}" + - "traefik.http.middlewares.${STACK_NAME}.headers.accesscontrolallowmethods=GET,OPTIONS,PUT" + - "traefik.http.middlewares.${STACK_NAME}.headers.accesscontrolallowheaders=*" + - "traefik.http.middlewares.${STACK_NAME}.headers.accessControlAllowOriginList=*" + - "traefik.http.middlewares.${STACK_NAME}.headers.accesscontrolmaxage=100" + - "traefik.http.middlewares.${STACK_NAME}.headers.addvaryheader=true" worker: image: loomio/loomio:v2.25.4 configs: From 6aeb853a3ab4ee034bfb3affce3cb655f134ec53 Mon Sep 17 00:00:00 2001 From: stevensting Date: Sat, 3 May 2025 15:44:06 +0200 Subject: [PATCH 3/4] add swarm-cronjob to install guide --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 5be47ca..20e5350 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,7 @@ * `abra app deploy ` * Open the configured domain in your browser to create your user account (only works in case mail is configured correctly) * Give yourself admin rights by running `abra app cmd app make_last_user_admin` +* Deploy [swarm-cronjob](https://recipes.coopcloud.tech/swarm-cronjob) on your server if it is not running yet. This is needed for loomios cron container to be started to do hourly chores. ## Migration guide From ca5f94f089eb6788c72ab10c4a2ae3ecaf94bae0 Mon Sep 17 00:00:00 2001 From: stevensting Date: Sun, 4 May 2025 13:48:40 +0200 Subject: [PATCH 4/4] little more security --- compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/compose.yml b/compose.yml index 0433f72..52f91a9 100644 --- a/compose.yml +++ b/compose.yml @@ -75,7 +75,7 @@ services: - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}" - "traefik.http.middlewares.${STACK_NAME}.headers.accesscontrolallowmethods=GET,OPTIONS,PUT" - "traefik.http.middlewares.${STACK_NAME}.headers.accesscontrolallowheaders=*" - - "traefik.http.middlewares.${STACK_NAME}.headers.accessControlAllowOriginList=*" + - "traefik.http.middlewares.${STACK_NAME}.headers.accessControlAllowOriginList=https://*.${DOMAIN}" - "traefik.http.middlewares.${STACK_NAME}.headers.accesscontrolmaxage=100" - "traefik.http.middlewares.${STACK_NAME}.headers.addvaryheader=true" worker: