Compare commits
22 Commits
0.2.0+0.16
...
main
Author | SHA1 | Date |
---|---|---|
3wordchant | da168a62cc | |
Cassowary | d450ef32f0 | |
Cassowary | daa00ec73c | |
Cassowary | 7f5744f02e | |
Cassowary | da957caf81 | |
3wc | db29a2ec3c | |
3wc | e1e9a05be3 | |
3wc | a9bb848aba | |
3wc | 30d9f2976e | |
3wc | f4f7f6d720 | |
3wc | 89e09081cf | |
3wc | 09dd23d512 | |
3wc | 4457cc7d28 | |
3wc | 0815a8ed69 | |
3wc | d970a329fb | |
3wc | 5b4591fb8b | |
3wc | abbbb96751 | |
3wc | 9a7455acc0 | |
3wc | 2c8a827d52 | |
3wc | 64fdb022be | |
3wc | c2ba0d9cca | |
3wc | cd23e770e0 |
|
@ -0,0 +1,39 @@
|
||||||
|
---
|
||||||
|
kind: pipeline
|
||||||
|
name: deploy to swarm-test.autonomic.zone
|
||||||
|
steps:
|
||||||
|
- name: deployment
|
||||||
|
image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
|
||||||
|
settings:
|
||||||
|
host: swarm-test.autonomic.zone
|
||||||
|
stack: n8n
|
||||||
|
generate_secrets: true
|
||||||
|
purge: true
|
||||||
|
deploy_key:
|
||||||
|
from_secret: drone_ssh_swarm_test
|
||||||
|
networks:
|
||||||
|
- proxy
|
||||||
|
environment:
|
||||||
|
DOMAIN: n8n.swarm-test.autonomic.zone
|
||||||
|
STACK_NAME: n8n
|
||||||
|
LETS_ENCRYPT_ENV: production
|
||||||
|
SECRET_DB_PASSWORD_VERSION: v1
|
||||||
|
trigger:
|
||||||
|
branch:
|
||||||
|
- main
|
||||||
|
---
|
||||||
|
kind: pipeline
|
||||||
|
name: generate recipe catalogue
|
||||||
|
steps:
|
||||||
|
- name: release a new version
|
||||||
|
image: plugins/downstream
|
||||||
|
settings:
|
||||||
|
server: https://build.coopcloud.tech
|
||||||
|
token:
|
||||||
|
from_secret: drone_abra-bot_token
|
||||||
|
fork: true
|
||||||
|
repositories:
|
||||||
|
- coop-cloud/auto-recipes-catalogue-json
|
||||||
|
|
||||||
|
trigger:
|
||||||
|
event: tag
|
25
.env.sample
25
.env.sample
|
@ -6,13 +6,30 @@ DOMAIN=n8n.example.com
|
||||||
#EXTRA_DOMAINS=', `www.n8n.example.com`'
|
#EXTRA_DOMAINS=', `www.n8n.example.com`'
|
||||||
LETS_ENCRYPT_ENV=production
|
LETS_ENCRYPT_ENV=production
|
||||||
|
|
||||||
# Only required if you're not using SSO
|
# Change to `true` to enable sending "anonymous" telemetry data to n8n
|
||||||
N8N_BASIC_AUTH_USER=username
|
# https://docs.n8n.io/reference/data-collection/
|
||||||
|
N8N_DIAGNOSTICS_ENABLED=false
|
||||||
|
|
||||||
SECRET_DB_PASSWORD_VERSION=v1
|
# Change to `true` to enable questionnaire-based customisation of the UI
|
||||||
SECRET_ADMIN_PASSWORD_VERSION=v1
|
N8N_PERSONALIZATION_ENABLED=false
|
||||||
|
|
||||||
|
# "Permit users to import specific built-in modules in the Code node"
|
||||||
|
#NODE_FUNCTION_ALLOW_BUILTIN=*
|
||||||
|
|
||||||
COMPOSE_FILE="compose.yml"
|
COMPOSE_FILE="compose.yml"
|
||||||
|
|
||||||
# SSO using traefik-forward-auth
|
# SSO using traefik-forward-auth
|
||||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.sso.yml"
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.sso.yml"
|
||||||
|
|
||||||
|
# Disable user management completely, useful for SSO
|
||||||
|
#N8N_USER_MANAGEMENT_DISABLED=false
|
||||||
|
|
||||||
|
# Basic auth
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.basicauth.yml"
|
||||||
|
#N8N_BASIC_AUTH_ACTIVE=true
|
||||||
|
#N8N_BASIC_AUTH_USER=username
|
||||||
|
#SECRET_ADMIN_PASSWORD_VERSION=v1
|
||||||
|
|
||||||
|
# Use Postgres instead of SQLite
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.postgres.yml"
|
||||||
|
#SECRET_DB_PASSWORD_VERSION=v1
|
||||||
|
|
10
README.md
10
README.md
|
@ -6,7 +6,7 @@ Extensible environment for interactive and reproducible computing
|
||||||
|
|
||||||
* **Category**: Utilities
|
* **Category**: Utilities
|
||||||
* **Status**: 1
|
* **Status**: 1
|
||||||
* **Image**: `n8nio/n8n`
|
* **Image**: [`n8nio/n8n`](https://hub.docker.com/n8nio/n8n), 4, upstream
|
||||||
* **Healthcheck**: No
|
* **Healthcheck**: No
|
||||||
* **Backups**: No
|
* **Backups**: No
|
||||||
* **Email**: N/A
|
* **Email**: N/A
|
||||||
|
@ -21,19 +21,19 @@ Extensible environment for interactive and reproducible computing
|
||||||
2. Deploy [`coop-cloud/traefik`]
|
2. Deploy [`coop-cloud/traefik`]
|
||||||
3. `abra app new ${REPO_NAME} --secrets` (optionally with `--pass` if you'd like
|
3. `abra app new ${REPO_NAME} --secrets` (optionally with `--pass` if you'd like
|
||||||
to save secrets in `pass`)
|
to save secrets in `pass`)
|
||||||
4. `abra app YOURAPPDOMAIN config` - be sure to change `$DOMAIN` to something that resolves to
|
4. `abra app config YOURAPPDOMAIN` - be sure to change `$DOMAIN` to something that resolves to
|
||||||
your Docker swarm box
|
your Docker swarm box
|
||||||
5. `abra app YOURAPPDOMAIN deploy`
|
5. `abra app deploy YOURAPPDOMAIN`
|
||||||
6. Open the configured domain in your browser to finish set-up
|
6. Open the configured domain in your browser to finish set-up
|
||||||
|
|
||||||
Currently, you have to manually run a command to generate an initial
|
Currently, you have to manually run a command to generate an initial
|
||||||
configuration (see #1):
|
configuration (see #1):
|
||||||
|
|
||||||
`abra app YOURAPPDOMAIN run app jupyter notebook --generate-config`
|
`abra app run YOURAPPDOMAIN app jupyter notebook --generate-config`
|
||||||
|
|
||||||
And then run this command to get a token for initial login:
|
And then run this command to get a token for initial login:
|
||||||
|
|
||||||
`abra app YOURAPPDOMAIN run app jupyter notebook list`
|
`abra app run YOURAPPDOMAIN app jupyter notebook list`
|
||||||
|
|
||||||
You can enter this token at the bottom of the login page to set a password
|
You can enter this token at the bottom of the login page to set a password
|
||||||
instead (see #2).
|
instead (see #2).
|
||||||
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
version: '3.8'
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
environment:
|
||||||
|
- N8N_BASIC_AUTH_ACTIVE=true
|
||||||
|
- N8N_BASIC_AUTH_USER
|
||||||
|
- N8N_BASIC_AUTH_PASSWORD_FILE=/run/secrets/admin_password
|
||||||
|
secrets:
|
||||||
|
- admin_password
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
admin_password:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_admin_password_${SECRET_ADMIN_PASSWORD_VERSION}
|
|
@ -0,0 +1,60 @@
|
||||||
|
---
|
||||||
|
version: '3.8'
|
||||||
|
|
||||||
|
# Compose for PostGres mode instead of the default sqlite mode.
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
environment:
|
||||||
|
- DB_TYPE=postgresdb
|
||||||
|
- DB_POSTGRESDB_HOST=${STACK_NAME}_db
|
||||||
|
- DB_POSTGRESDB_PORT=5432
|
||||||
|
- DB_POSTGRESDB_DATABASE=n8n
|
||||||
|
- DB_POSTGRESDB_USER=root
|
||||||
|
- DB_POSTGRESDB_PASSWORD_FILE=/run/secrets/db_password
|
||||||
|
depends_on:
|
||||||
|
- db
|
||||||
|
secrets:
|
||||||
|
- db_password
|
||||||
|
|
||||||
|
db:
|
||||||
|
image: postgres:16
|
||||||
|
networks:
|
||||||
|
- internal_network
|
||||||
|
environment:
|
||||||
|
- POSTGRES_USER=root
|
||||||
|
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
|
||||||
|
- POSTGRES_DB=n8n
|
||||||
|
configs:
|
||||||
|
- source: db_entrypoint
|
||||||
|
target: /docker-entrypoint.sh
|
||||||
|
mode: 0555
|
||||||
|
secrets:
|
||||||
|
- db_password
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "pg_isready", "-U", "root", "-d", "n8n"]
|
||||||
|
volumes:
|
||||||
|
- 'postgresql_data:/var/lib/postgresql/data'
|
||||||
|
entrypoint: /docker-entrypoint.sh
|
||||||
|
deploy:
|
||||||
|
labels:
|
||||||
|
backupbot.backup: "true"
|
||||||
|
backupbot.backup.pre-hook: "bash -c 'PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /tmp/backup.sql'"
|
||||||
|
backupbot.backup.post-hook: "rm -rf /tmp/backup.sql"
|
||||||
|
backupbot.backup.path: "/tmp/backup.sql"
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
# db_non_root_password:
|
||||||
|
# external: true
|
||||||
|
# name: ${STACK_NAME}_db_non_root_password_${SECRET_DB_NON_ROOT_PASSWORD_VERSION}
|
||||||
|
db_password:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
postgresql_data:
|
||||||
|
|
||||||
|
configs:
|
||||||
|
db_entrypoint:
|
||||||
|
name: ${STACK_NAME}_db_entrypoint_${DB_ENTRYPOINT_VERSION}
|
||||||
|
file: entrypoint.postgres.sh.tmpl
|
||||||
|
template_driver: golang
|
|
@ -4,7 +4,6 @@ version: '3.8'
|
||||||
|
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
image: n8nio/n8n
|
|
||||||
environment:
|
environment:
|
||||||
- N8N_BASIC_AUTH_ACTIVE=false
|
- N8N_BASIC_AUTH_ACTIVE=false
|
||||||
deploy:
|
deploy:
|
||||||
|
|
54
compose.yml
54
compose.yml
|
@ -1,32 +1,21 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
version: '3.8'
|
version: '3.8'
|
||||||
|
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
image: n8nio/n8n:0.162.0
|
image: n8nio/n8n:0.237.0
|
||||||
environment:
|
environment:
|
||||||
- DB_TYPE=postgresdb
|
- N8N_PERSONALIZATION_ENABLED
|
||||||
- DB_POSTGRESDB_HOST=${STACK_NAME}_db
|
- N8N_DIAGNOSTICS_ENABLED
|
||||||
- DB_POSTGRESDB_PORT=5432
|
- N8N_USER_MANAGEMENT_DISABLED
|
||||||
- DB_POSTGRESDB_DATABASE=n8n
|
- N8N_BASIC_AUTH_ACTIVE=false
|
||||||
- DB_POSTGRESDB_USER=root
|
|
||||||
- DB_POSTGRESDB_PASSWORD_FILE=/run/secrets/db_password
|
|
||||||
- N8N_BASIC_AUTH_ACTIVE=true
|
|
||||||
- N8N_BASIC_AUTH_USER
|
|
||||||
- N8N_BASIC_AUTH_PASSWORD_FILE=/run/secrets/admin_password
|
|
||||||
- WEBHOOK_URL=https://${DOMAIN}
|
- WEBHOOK_URL=https://${DOMAIN}
|
||||||
- NODE_FUNCTION_ALLOW_EXTERNAL=moment
|
- NODE_FUNCTION_ALLOW_EXTERNAL=moment
|
||||||
depends_on:
|
|
||||||
- db
|
|
||||||
networks:
|
networks:
|
||||||
- proxy
|
- proxy
|
||||||
- internal_network
|
- internal_network
|
||||||
volumes:
|
volumes:
|
||||||
- n8n:/home/node/.n8n
|
- n8n:/home/node/.n8n
|
||||||
secrets:
|
|
||||||
- db_password
|
|
||||||
- admin_password
|
|
||||||
deploy:
|
deploy:
|
||||||
update_config:
|
update_config:
|
||||||
failure_action: rollback
|
failure_action: rollback
|
||||||
|
@ -41,39 +30,12 @@ services:
|
||||||
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||||
- "coop-cloud.${STACK_NAME}.version=0.2.0+0.162.0"
|
- "coop-cloud.${STACK_NAME}.version=0.7.0+0.237.0"
|
||||||
|
- "backupbot.backup=true"
|
||||||
db:
|
- "backupbot.backup.path=/home/node/.n8n"
|
||||||
image: postgres:11
|
|
||||||
networks:
|
|
||||||
- internal_network
|
|
||||||
environment:
|
|
||||||
- POSTGRES_USER=root
|
|
||||||
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
|
|
||||||
- POSTGRES_DB=n8n
|
|
||||||
secrets:
|
|
||||||
- db_password
|
|
||||||
healthcheck:
|
|
||||||
test: ["CMD", "pg_isready", "-U", "root", "-d", "n8n"]
|
|
||||||
volumes:
|
|
||||||
- 'postgresql_data:/var/lib/postgresql/data'
|
|
||||||
# - ./init-data.sh:/docker-entrypoint-initdb.d/init-data.sh
|
|
||||||
|
|
||||||
|
|
||||||
secrets:
|
|
||||||
# db_non_root_password:
|
|
||||||
# external: true
|
|
||||||
# name: ${STACK_NAME}_db_non_root_password_${SECRET_DB_NON_ROOT_PASSWORD_VERSION}
|
|
||||||
db_password:
|
|
||||||
external: true
|
|
||||||
name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
|
|
||||||
admin_password:
|
|
||||||
external: true
|
|
||||||
name: ${STACK_NAME}_admin_password_${SECRET_ADMIN_PASSWORD_VERSION}
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
n8n:
|
n8n:
|
||||||
postgresql_data:
|
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
proxy:
|
proxy:
|
||||||
|
|
|
@ -0,0 +1,44 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
MIGRATION_MARKER=$PGDATA/migration_in_progress
|
||||||
|
OLDDATA=$PGDATA/old_data
|
||||||
|
NEWDATA=$PGDATA/new_data
|
||||||
|
|
||||||
|
if [ -e $MIGRATION_MARKER ]; then
|
||||||
|
echo "FATAL: migration was started but did not complete in a previous run. manual recovery necessary"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f $PGDATA/PG_VERSION ]; then
|
||||||
|
DATA_VERSION=$(cat $PGDATA/PG_VERSION)
|
||||||
|
|
||||||
|
if [ -n "$DATA_VERSION" -a "$PG_MAJOR" != "$DATA_VERSION" ]; then
|
||||||
|
echo "postgres data version $DATA_VERSION found, but need $PG_MAJOR. Starting migration"
|
||||||
|
echo "Installing postgres $DATA_VERSION"
|
||||||
|
sed -i "s/$/ $DATA_VERSION/" /etc/apt/sources.list.d/pgdg.list
|
||||||
|
apt-get update && apt-get install -y --no-install-recommends \
|
||||||
|
postgresql-$DATA_VERSION \
|
||||||
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
echo "shuffling around"
|
||||||
|
gosu postgres mkdir $OLDDATA $NEWDATA
|
||||||
|
chmod 700 $OLDDATA $NEWDATA
|
||||||
|
mv $PGDATA/* $OLDDATA/ || true
|
||||||
|
touch $MIGRATION_MARKER
|
||||||
|
echo "running initdb"
|
||||||
|
# abuse entrypoint script for initdb by making server error out
|
||||||
|
gosu postgres bash -c "export PGDATA=$NEWDATA ; /usr/local/bin/docker-entrypoint.sh --invalid-arg || true"
|
||||||
|
echo "running pg_upgrade"
|
||||||
|
cd /tmp
|
||||||
|
gosu postgres pg_upgrade --link -b /usr/lib/postgresql/$DATA_VERSION/bin -d $OLDDATA -D $NEWDATA -U $POSTGRES_USER
|
||||||
|
cp $OLDDATA/pg_hba.conf $NEWDATA/
|
||||||
|
mv $NEWDATA/* $PGDATA
|
||||||
|
rm -rf $OLDDATA
|
||||||
|
rmdir $NEWDATA
|
||||||
|
rm $MIGRATION_MARKER
|
||||||
|
echo "migration complete"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
/usr/local/bin/docker-entrypoint.sh postgres
|
|
@ -0,0 +1,9 @@
|
||||||
|
ALERTA ALERTA
|
||||||
|
|
||||||
|
N8N recipe is switching from deploying a PostgreSQL and setting it as the database to using the
|
||||||
|
built-in SQLite database instead. PostgreSQL can still be enabled, see .env.sample for the
|
||||||
|
lines to add to your configuration to enable it (should retain data that was in Postgres).
|
||||||
|
|
||||||
|
There is no clean migration path between sqlite and postgres. Committing to one pretty much
|
||||||
|
sticks you to that one (there are hacks but it is involved and incomplete).
|
||||||
|
|
Loading…
Reference in New Issue