Merge pull request 'First simple version of the recipe' (#1) from create-recipe-first-version into main

Reviewed-on: #1

.env.sample

@@ -0,0 +1,52 @@
+DOMAIN="open-inventory.example.net"
+APP_URL="https://open-inventory.example.net"
+
+TYPE=open-inventory
+LETS_ENCRYPT_ENV=production
+
+DB_PASSWORD_VERSION=1
+DB_ROOT_PASSWORD_VERSION=1
+
+APP_ENV=production
+APP_NAME="Open Inventory"
+APP_KEY=
+APP_DEBUG=false
+
+LOG_CHANNEL=stdout
+
+APP_LOCALE="en"
+APP_TIMEZONE="Europe/Berlin"
+
+DB_CONNECTION=mysql
+DB_PORT=3306
+DB_HOST=db
+DB_DATABASE="open-inventory"
+DB_USERNAME="open-inventory"
+# DB_PASSWORD is set as a Docker secret, in the compose.yml
+
+BROADCAST_DRIVER=pusher
+CACHE_DRIVER=file
+SESSION_DRIVER=file
+QUEUE_DRIVER=database
+
+# TODO: to be added as separate compose.smtp.yml
+#MAIL_DRIVER=smtp
+#MAIL_HOST="SMTP Host"
+#MAIL_PORT=587
+#MAIL_USERNAME="SMTP Username"
+#MAIL_PASSWORD="SMTP Password"
+#MAIL_ENCRYPTION=tls
+
+COMPANY_NAME=""
+COMPANY_REPRESENTATIVES=""
+COMPANY_STREET=""
+COMPANY_BUILDING=""
+COMPANY_POSTALCODE=""
+COMPANY_CITY=""
+COMPANY_COUNTRY=""
+COMPANY_TELEPHONE=""
+COMPANY_EMAIL=""
+
+EOTL_PATH_DATA="/home/eotl/data"
+EOTL_URL_DISPATCH="http://localhost:8082"
+EOTL_URL_SEXTANT="http://localhost:8081"

.gitignore

@@ -0,0 +1,391 @@
+.htaccess
+
+.idea/
+
+# CMake
+cmake-build-debug/
+
+# Mongo Explorer plugin:
+.idea/**/mongoSettings.xml
+
+## File-based project format:
+*.iws
+
+## Plugin-specific files:
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+### VisualStudio template
+## Ignore Visual Studio temporary files, build results, and
+## files generated by popular Visual Studio add-ons.
+##
+## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
+
+# User-specific files
+*.suo
+*.user
+*.userosscache
+*.sln.docstates
+
+# User-specific files (MonoDevelop/Xamarin Studio)
+*.userprefs
+
+# Build results
+[Dd]ebug/
+[Dd]ebugPublic/
+[Rr]elease/
+[Rr]eleases/
+x64/
+x86/
+bld/
+[Bb]in/
+[Oo]bj/
+[Ll]og/
+
+# Visual Studio 2015 cache/options directory
+.vs/
+# Uncomment if you have tasks that create the project's static files in wwwroot
+#wwwroot/
+
+# MSTest test Results
+[Tt]est[Rr]esult*/
+[Bb]uild[Ll]og.*
+
+# NUNIT
+*.VisualState.xml
+TestResult.xml
+
+# Build Results of an ATL Project
+[Dd]ebugPS/
+[Rr]eleasePS/
+dlldata.c
+
+# Benchmark Results
+BenchmarkDotNet.Artifacts/
+
+# .NET Core
+project.lock.json
+project.fragment.lock.json
+artifacts/
+**/Properties/launchSettings.json
+
+*_i.c
+*_p.c
+*_i.h
+*.ilk
+*.meta
+*.obj
+*.pch
+*.pdb
+*.pgc
+*.pgd
+*.rsp
+*.sbr
+*.tlb
+*.tli
+*.tlh
+*.tmp
+*.tmp_proj
+*.log
+*.vspscc
+*.vssscc
+.builds
+*.pidb
+*.svclog
+*.scc
+
+# Chutzpah Test files
+_Chutzpah*
+
+# Visual C++ cache files
+ipch/
+*.aps
+*.ncb
+*.opendb
+*.opensdf
+*.sdf
+*.cachefile
+*.VC.db
+*.VC.VC.opendb
+
+# Visual Studio profiler
+*.psess
+*.vsp
+*.vspx
+*.sap
+
+# Visual Studio Trace Files
+*.e2e
+
+# TFS 2012 Local Workspace
+$tf/
+
+# Guidance Automation Toolkit
+*.gpState
+
+# ReSharper is a .NET coding add-in
+_ReSharper*/
+*.[Rr]e[Ss]harper
+*.DotSettings.user
+
+# JustCode is a .NET coding add-in
+.JustCode
+
+# TeamCity is a build add-in
+_TeamCity*
+
+# DotCover is a Code Coverage Tool
+*.dotCover
+
+# AxoCover is a Code Coverage Tool
+.axoCover/*
+!.axoCover/settings.json
+
+# Visual Studio code coverage results
+*.coverage
+*.coveragexml
+
+# NCrunch
+_NCrunch_*
+.*crunch*.local.xml
+nCrunchTemp_*
+
+# MightyMoose
+*.mm.*
+AutoTest.Net/
+
+# Web workbench (sass)
+.sass-cache/
+
+# Installshield output folder
+[Ee]xpress/
+
+# DocProject is a documentation generator add-in
+DocProject/buildhelp/
+DocProject/Help/*.HxT
+DocProject/Help/*.HxC
+DocProject/Help/*.hhc
+DocProject/Help/*.hhk
+DocProject/Help/*.hhp
+DocProject/Help/Html2
+DocProject/Help/html
+
+# Click-Once directory
+publish/
+
+# Publish Web Output
+*.[Pp]ublish.xml
+*.azurePubxml
+# Note: Comment the next line if you want to checkin your web deploy settings,
+# but database connection strings (with potential passwords) will be unencrypted
+*.pubxml
+*.publishproj
+
+# Microsoft Azure Web App publish settings. Comment the next line if you want to
+# checkin your Azure Web App publish settings, but sensitive information contained
+# in these scripts will be unencrypted
+PublishScripts/
+
+# NuGet Packages
+*.nupkg
+# The packages folder can be ignored because of Package Restore
+**/[Pp]ackages/*
+# except build/, which is used as an MSBuild target.
+!**/[Pp]ackages/build/
+# Uncomment if necessary however generally it will be regenerated when needed
+#!**/[Pp]ackages/repositories.config
+# NuGet v3's project.json files produces more ignorable files
+*.nuget.props
+*.nuget.targets
+
+# Microsoft Azure Build Output
+csx/
+*.build.csdef
+
+# Microsoft Azure Emulator
+ecf/
+rcf/
+
+# Windows Store app package directories and files
+AppPackages/
+BundleArtifacts/
+Package.StoreAssociation.xml
+_pkginfo.txt
+*.appx
+
+# Visual Studio cache files
+# files ending in .cache can be ignored
+*.[Cc]ache
+# but keep track of directories ending in .cache
+!*.[Cc]ache/
+
+# Others
+ClientBin/
+~$*
+*~
+*.dbmdl
+*.dbproj.schemaview
+*.jfm
+*.pfx
+*.publishsettings
+orleans.codegen.cs
+
+# Since there are multiple workflows, uncomment next line to ignore bower_components
+# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
+#bower_components/
+
+# RIA/Silverlight projects
+Generated_Code/
+
+# Backup & report files from converting an old project file
+# to a newer Visual Studio version. Backup files are not needed,
+# because we have git ;-)
+_UpgradeReport_Files/
+Backup*/
+UpgradeLog*.XML
+UpgradeLog*.htm
+
+# SQL Server files
+*.mdf
+*.ldf
+*.ndf
+
+# Business Intelligence projects
+*.rdl.data
+*.bim.layout
+*.bim_*.settings
+
+# Microsoft Fakes
+FakesAssemblies/
+
+# GhostDoc plugin setting file
+*.GhostDoc.xml
+
+# Node.js Tools for Visual Studio
+.ntvs_analysis.dat
+node_modules/
+
+# Typescript v1 declaration files
+typings/
+
+# Visual Studio 6 build log
+*.plg
+
+# Visual Studio 6 workspace options file
+*.opt
+
+# Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
+*.vbw
+
+# Visual Studio LightSwitch build output
+**/*.HTMLClient/GeneratedArtifacts
+**/*.DesktopClient/GeneratedArtifacts
+**/*.DesktopClient/ModelManifest.xml
+**/*.Server/GeneratedArtifacts
+**/*.Server/ModelManifest.xml
+_Pvt_Extensions
+
+# Paket dependency manager
+.paket/paket.exe
+paket-files/
+
+# FAKE - F# Make
+.fake/
+
+# JetBrains Rider
+.idea/
+*.sln.iml
+
+# CodeRush
+.cr/
+
+# Python Tools for Visual Studio (PTVS)
+__pycache__/
+*.pyc
+
+# Cake - Uncomment if you are using it
+# tools/**
+# !tools/packages.config
+
+# Tabs Studio
+*.tss
+
+# Telerik's JustMock configuration file
+*.jmconfig
+
+# BizTalk build output
+*.btp.cs
+*.btm.cs
+*.odx.cs
+*.xsd.cs
+
+# OpenCover UI analysis results
+OpenCover/
+coverage/
+
+### macOS template
+# General
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+=======
+# Local
+.env
+dist
+src/ormconfig.json
+ormconfig.json
+vendor
+storage
+package-lock.json
+public/index.html
+public/css/
+public/fixtures/
+public/fontawesome/
+public/fonts/
+public/images/
+public/items/
+public/js/
+public/icons/
+public/zones.geojson
+public/config.json
+resources/js/
+
+data/

README.md

@@ -1,3 +1,29 @@
 # open-inventory
 
-Recipe for Open Inventory created by EOTL https://codeberg.org/eotl/open-inventory
+[![Build Status](https://drone.autonomic.zone/api/badges/coop-cloud/open-inventory/status.svg?ref=refs/heads/main)](https://drone.autonomic.zone/coop-cloud/open-inventory)
+
+<!-- metadata -->
+* **Category**: Apps
+* **Status**: 3, stable
+* **Image**: [`open-inventory`](codeberg.org/eotl/open-inventory), 4, upstream
+* **Healthcheck**: Yes
+* **Backups**: No
+* **Email**: No
+* **Tests**: No
+* **SSO**: No
+<!-- endmetadata -->
+
+## Usage
+
+### Basic initial setup
+1. Set up your server ([tutorial](https://docs.coopcloud.tech/operators/tutorial/#server-setup))
+1. Install `abra` locally ([guide here](https://docs.coopcloud.tech/operators/tutorial/#install-abra))
+1. Deploy [`coop-cloud/traefik`](https://git.autonomic.zone/coop-cloud/traefik) on the server. It acts as proxy, and it handles automagically TLS certificate creation and update (via `Let's Encrypt`).
+
+### Create `open-inventory` app and deploy 
+1. `abra app new open-inventory --secrets` (optionally with `--pass` if you'd like to save secrets in pass)
+1. `abra app config open-inventory.example.net`
+      - be sure to change `DOMAIN` to something that resolves to
+      your server
+      - `APP_URL` as well needs to be set
+1. `abra app deploy open-inventory.example.net`

abra.sh

@@ -0,0 +1,40 @@
+initial_setup() {
+  cd /app/
+
+  echo "Generating APP_KEY..."
+  php artisan key:generate
+
+  echo "DB migrations status:"
+  php artisan migrate:status
+  echo "Starting DB migrations..."
+  php artisan migrate
+
+  create_first_admin_user()
+}
+
+clear_cache() {
+  php artisan cache:clear
+  php artisan route:clear
+  php artisan config:clear
+  php artisan view:clear
+}
+
+create_first_admin_user() {
+  echo "Creating the first admin user..."
+  read -rp "Enter admin name: " ADMIN_NAME
+  read -rp "Enter admin email: " ADMIN_EMAIL
+
+  while true; do
+    read -rsp "Enter admin password: " ADMIN_PASSWORD
+    echo
+    read -rsp "Confirm admin password: " ADMIN_PASSWORD_CONFIRM
+    echo
+    if [ "$ADMIN_PASSWORD" = "$ADMIN_PASSWORD_CONFIRM" ]; then
+      break
+    else
+      echo "Passwords do not match. Please try again."
+    fi
+  done
+
+  php artisan user:first "${ADMIN_NAME}" "${ADMIN_EMAIL}" "${ADMIN_PASSWORD}"
+}

compose.yml

@@ -0,0 +1,65 @@
+version: '3.8'
+
+services:
+  app:
+    # Dockerfile here:
+    image: codeberg.org/eotl/open-inventory:0.0.8
+    depends_on:
+      - db
+    networks:
+      - proxy
+      - internal
+    environment:
+      - DB_PASSWORD_FILE = /run/secrets/db_password
+    secrets:
+      - db_password
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://127.0.0.1:8080/fpm-ping"]
+      interval: 30s
+      timeout: 10s
+      retries: 10
+      start_period: 1m
+    deploy:
+      update_config:
+        failure_action: rollback
+      labels:
+        - "traefik.enable=true"
+        - "traefik.docker.network=proxy"
+        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8080"
+        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
+        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
+        - "coop-cloud.${STACK_NAME}.version=1.0.0+0.0.5"
+
+
+  db:
+    image: mariadb:10.5
+    init: true
+    volumes:
+      - mariadb:/var/lib/mysql/
+    environment:
+      - MYSQL_DATABASE=open-inventory
+      - MYSQL_USER=open-inventory
+      - MYSQL_PASSWORD=open-inventory-db-password
+      - MYSQL_ROOT_PASSWORD="open-inventory-db-root-password"
+    deploy:
+      labels: [ 'coop-cloud.${STACK_NAME}.db.version=10.5-31e52f4d87a' ]
+    networks:
+      - internal
+
+volumes:
+  mariadb:
+    driver: local
+
+networks:
+  proxy:
+    external: true
+  internal:
+
+secrets:
+  db_password:
+    external: true
+    name: ${STACK_NAME}_db_password_${DB_PASSWORD_VERSION}
+  db_root_password:
+    external: true
+    name: ${STACK_NAME}_db_root_password_${DB_ROOT_PASSWORD_VERSION}

entrypoint.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+# Laravel app (+ nginx) container
+export DB_PASSWORD=$(cat /run/secrets/db_password)
+
+# DB container
+export MYSQL_PASSWORD=$(cat /run/secrets/db_password)
+export MYSQL_ROOT_PASSWORD=$(cat /run/secrets/db_root_password)