1 Commits

Author SHA1 Message Date
5d0db921e2 update to compliant yaml anchor usage
Some checks failed
continuous-integration/drone/pr Build is failing
2025-03-21 15:11:32 +01:00
8 changed files with 7 additions and 72 deletions

View File

@ -22,7 +22,6 @@ steps:
SECRET_SECRET_COOKIE_TOKEN_VERSION: v1 SECRET_SECRET_COOKIE_TOKEN_VERSION: v1
SECRET_DB_PASSWORD_VERSION: v1 SECRET_DB_PASSWORD_VERSION: v1
SECRET_SMTP_PASSWORD_VERSION: v1 SECRET_SMTP_PASSWORD_VERSION: v1
SECRET_OAUTH_APP_SECRET_VERSION: v1
trigger: trigger:
branch: branch:
- main - main

View File

@ -90,17 +90,3 @@ SECRET_DB_PASSWORD_VERSION=v1
# THEME_ACCENT_COLOR=rgb(0,188,212) # THEME_ACCENT_COLOR=rgb(0,188,212)
# THEME_TEXT_ON_PRIMARY_COLOR=rgb(255,255,255) # THEME_TEXT_ON_PRIMARY_COLOR=rgb(255,255,255)
# THEME_TEXT_ON_ACCENT_COLOR=rgb(255,255,255) # THEME_TEXT_ON_ACCENT_COLOR=rgb(255,255,255)
# env variables needed to enable OAuth2 authentication
# COMPOSE_FILE="$COMPOSE_FILE:compose.oauth.yml"
# OAUTH_ENABLED=1
# OAUTH_AUTH_URL=
# OAUTH_TOKEN_URL=
# OAUTH_PROFILE_URL=
# OAUTH_SCOPE=
# OAUTH_APP_KEY=
# OAUTH_ATTR_UID=
# OAUTH_ATTR_NAME=
# OAUTH_ATTR_EMAIL=
# OAUTH_LOGIN_PROVIDER_NAME=
# SECRET_OAUTH_APP_SECRET_VERSION=v1

View File

@ -21,7 +21,6 @@
* `abra app deploy <app-name>` * `abra app deploy <app-name>`
* Open the configured domain in your browser to create your user account (only works in case mail is configured correctly) * Open the configured domain in your browser to create your user account (only works in case mail is configured correctly)
* Give yourself admin rights by running `abra app cmd <app-name> app make_last_user_admin` * Give yourself admin rights by running `abra app cmd <app-name> app make_last_user_admin`
* Deploy [swarm-cronjob](https://recipes.coopcloud.tech/swarm-cronjob) on your server if it is not running yet. This is needed for loomios cron container to be started to do hourly chores.
## Migration guide ## Migration guide

View File

@ -1,4 +1,4 @@
export LOOMIO_ENTRYPOINT_VERSION=v7 export LOOMIO_ENTRYPOINT_VERSION=v6
# cannot be integrated into entrypoint.sh as it requires the operator to create a user first # cannot be integrated into entrypoint.sh as it requires the operator to create a user first
function make_last_user_admin() function make_last_user_admin()

View File

@ -1,25 +0,0 @@
version: "3.8"
x-oauth-env: &oauth-env
OAUTH_AUTH_URL:
OAUTH_TOKEN_URL:
OAUTH_PROFILE_URL:
OAUTH_SCOPE:
OAUTH_APP_KEY:
OAUTH_APP_SECRET_FILE: /run/secrets/oauth_app_secret
OAUTH_ATTR_UID:
OAUTH_ATTR_NAME:
OAUTH_ATTR_EMAIL:
OAUTH_LOGIN_PROVIDER_NAME:
services:
app:
environment:
*oauth-env
secrets:
- oauth_app_secret
secrets:
oauth_app_secret:
name: ${STACK_NAME}_oauth_app_secret_${SECRET_OAUTH_APP_SECRET_VERSION}
external: true

View File

@ -32,7 +32,7 @@ x-environment: &default-env
services: services:
app: app:
image: loomio/loomio:v3.0.0 image: loomio/loomio:v2.25.3
configs: configs:
- source: entrypoint - source: entrypoint
target: /entrypoint.sh target: /entrypoint.sh
@ -70,16 +70,10 @@ services:
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})" - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
- "coop-cloud.${STACK_NAME}.version=5.1.1+v3.0.0" - "coop-cloud.${STACK_NAME}.version=4.0.0+v2.25.3"
- "backupbot.backup:=${ENABLE_BACKUPS:-true}" - "backupbot.backup:=${ENABLE_BACKUPS:-true}"
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}"
- "traefik.http.middlewares.${STACK_NAME}.headers.accesscontrolallowmethods=GET,OPTIONS,PUT"
- "traefik.http.middlewares.${STACK_NAME}.headers.accesscontrolallowheaders=*"
- "traefik.http.middlewares.${STACK_NAME}.headers.accessControlAllowOriginList=https://*.${DOMAIN}"
- "traefik.http.middlewares.${STACK_NAME}.headers.accesscontrolmaxage=100"
- "traefik.http.middlewares.${STACK_NAME}.headers.addvaryheader=true"
worker: worker:
image: loomio/loomio:v3.0.0 image: loomio/loomio:v2.25.3
configs: configs:
- source: entrypoint - source: entrypoint
target: /entrypoint.sh target: /entrypoint.sh
@ -122,7 +116,7 @@ services:
backupbot.restore: "true" backupbot.restore: "true"
backupbot.restore.post-hook: sh -c 'gzip -d /postgres.dump.gz && pg_restore --clean -U "$$POSTGRES_USER" --dbname="$$POSTGRES_DB" < /postgres.dump && rm -f /postgres.dump' backupbot.restore.post-hook: sh -c 'gzip -d /postgres.dump.gz && pg_restore --clean -U "$$POSTGRES_USER" --dbname="$$POSTGRES_DB" < /postgres.dump && rm -f /postgres.dump'
redis: redis:
image: redis:8.0 image: redis:5.0
networks: networks:
- backend - backend
healthcheck: healthcheck:
@ -139,24 +133,12 @@ services:
image: loomio/loomio_channel_server image: loomio/loomio_channel_server
networks: networks:
- backend - backend
- proxy
depends_on: depends_on:
- redis - redis
environment: environment:
<<: *redis-env <<: *redis-env
VIRTUAL_HOST: channels.${DOMAIN}
deploy:
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.routers.channels${STACK_NAME}.rule=Host(`channels.${DOMAIN}`)"
- "traefik.http.routers.channels${STACK_NAME}.tls=true"
- "traefik.http.routers.channels${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
- "traefik.http.services.channels${STACK_NAME}.loadbalancer.server.port=5000"
- "traefik.http.routers.channels${STACK_NAME}.entrypoints=web-secure"
cron: cron:
image: loomio/loomio:v3.0.0 image: loomio/loomio:v2.25.3
configs: configs:
- source: entrypoint - source: entrypoint
target: /entrypoint.sh target: /entrypoint.sh

View File

@ -25,11 +25,6 @@ file_env "DEVISE_SECRET"
file_env "SECRET_COOKIE_TOKEN" file_env "SECRET_COOKIE_TOKEN"
file_env "POSTGRES_PASSWORD" file_env "POSTGRES_PASSWORD"
file_env "SMTP_PASSWORD" file_env "SMTP_PASSWORD"
{{ if eq (env "OAUTH_ENABLED") "1" }}
file_env "OAUTH_APP_SECRET"
{{ end }}
export DB_HOST="db" export DB_HOST="db"
export DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db/${POSTGRES_DB}" export DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db/${POSTGRES_DB}"

View File

@ -1 +0,0 @@
Add support for OAuth2. To use this feature copy and populate the new oauth2 env variables from the .env.sample to your locale .env config and insert the oauth2_app_secret secret into your recipe: