diff --git a/.env.sample b/.env.sample new file mode 100644 index 0000000..7cbc25e --- /dev/null +++ b/.env.sample @@ -0,0 +1,52 @@ +DOMAIN="open-inventory.example.net" +APP_URL="https://open-inventory.example.net" + +TYPE=open-inventory +LETS_ENCRYPT_ENV=production + +DB_PASSWORD_VERSION=1 +DB_ROOT_PASSWORD_VERSION=1 + +APP_ENV=production +APP_NAME="Open Inventory" +APP_KEY= +APP_DEBUG=false + +LOG_CHANNEL=stdout + +APP_LOCALE="en" +APP_TIMEZONE="Europe/Berlin" + +DB_CONNECTION=mysql +DB_PORT=3306 +DB_HOST=db +DB_DATABASE="open-inventory" +DB_USERNAME="open-inventory" +# DB_PASSWORD is set as a Docker secret, in the compose.yml + +BROADCAST_DRIVER=pusher +CACHE_DRIVER=file +SESSION_DRIVER=file +QUEUE_DRIVER=database + +# TODO: to be added as separate compose.smtp.yml +#MAIL_DRIVER=smtp +#MAIL_HOST="SMTP Host" +#MAIL_PORT=587 +#MAIL_USERNAME="SMTP Username" +#MAIL_PASSWORD="SMTP Password" +#MAIL_ENCRYPTION=tls + +COMPANY_NAME="" +COMPANY_REPRESENTATIVES="" +COMPANY_STREET="" +COMPANY_BUILDING="" +COMPANY_POSTALCODE="" +COMPANY_CITY="" +COMPANY_COUNTRY="" +COMPANY_TELEPHONE="" +COMPANY_EMAIL="" + +EOTL_PATH_DATA="/home/eotl/data" +EOTL_URL_DISPATCH="http://localhost:8082" +EOTL_URL_SEXTANT="http://localhost:8081" diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d7450f9 --- /dev/null +++ b/.gitignore @@ -0,0 +1,391 @@ +.htaccess + +.idea/ + +# CMake +cmake-build-debug/ + +# Mongo Explorer plugin: +.idea/**/mongoSettings.xml + +## File-based project format: +*.iws + +## Plugin-specific files: + +# IntelliJ +out/ + +# mpeltonen/sbt-idea plugin +.idea_modules/ + +# JIRA plugin +atlassian-ide-plugin.xml + +# Cursive Clojure plugin +.idea/replstate.xml + +# Crashlytics plugin (for Android Studio and IntelliJ) +com_crashlytics_export_strings.xml +crashlytics.properties +crashlytics-build.properties +fabric.properties +### VisualStudio template +## Ignore Visual Studio temporary files, build results, and +## files generated by popular Visual Studio add-ons. +## +## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore + +# User-specific files +*.suo +*.user +*.userosscache +*.sln.docstates + +# User-specific files (MonoDevelop/Xamarin Studio) +*.userprefs + +# Build results +[Dd]ebug/ +[Dd]ebugPublic/ +[Rr]elease/ +[Rr]eleases/ +x64/ +x86/ +bld/ +[Bb]in/ +[Oo]bj/ +[Ll]og/ + +# Visual Studio 2015 cache/options directory +.vs/ +# Uncomment if you have tasks that create the project's static files in wwwroot +#wwwroot/ + +# MSTest test Results +[Tt]est[Rr]esult*/ +[Bb]uild[Ll]og.* + +# NUNIT +*.VisualState.xml +TestResult.xml + +# Build Results of an ATL Project +[Dd]ebugPS/ +[Rr]eleasePS/ +dlldata.c + +# Benchmark Results +BenchmarkDotNet.Artifacts/ + +# .NET Core +project.lock.json +project.fragment.lock.json +artifacts/ +**/Properties/launchSettings.json + +*_i.c +*_p.c +*_i.h +*.ilk +*.meta +*.obj +*.pch +*.pdb +*.pgc +*.pgd +*.rsp +*.sbr +*.tlb +*.tli +*.tlh +*.tmp +*.tmp_proj +*.log +*.vspscc +*.vssscc +.builds +*.pidb +*.svclog +*.scc + +# Chutzpah Test files +_Chutzpah* + +# Visual C++ cache files +ipch/ +*.aps +*.ncb +*.opendb +*.opensdf +*.sdf +*.cachefile +*.VC.db +*.VC.VC.opendb + +# Visual Studio profiler +*.psess +*.vsp +*.vspx +*.sap + +# Visual Studio Trace Files +*.e2e + +# TFS 2012 Local Workspace +$tf/ + +# Guidance Automation Toolkit +*.gpState + +# ReSharper is a .NET coding add-in +_ReSharper*/ +*.[Rr]e[Ss]harper +*.DotSettings.user + +# JustCode is a .NET coding add-in +.JustCode + +# TeamCity is a build add-in +_TeamCity* + +# DotCover is a Code Coverage Tool +*.dotCover + +# AxoCover is a Code Coverage Tool +.axoCover/* +!.axoCover/settings.json + +# Visual Studio code coverage results +*.coverage +*.coveragexml + +# NCrunch +_NCrunch_* +.*crunch*.local.xml +nCrunchTemp_* + +# MightyMoose +*.mm.* +AutoTest.Net/ + +# Web workbench (sass) +.sass-cache/ + +# Installshield output folder +[Ee]xpress/ + +# DocProject is a documentation generator add-in +DocProject/buildhelp/ +DocProject/Help/*.HxT +DocProject/Help/*.HxC +DocProject/Help/*.hhc +DocProject/Help/*.hhk +DocProject/Help/*.hhp +DocProject/Help/Html2 +DocProject/Help/html + +# Click-Once directory +publish/ + +# Publish Web Output +*.[Pp]ublish.xml +*.azurePubxml +# Note: Comment the next line if you want to checkin your web deploy settings, +# but database connection strings (with potential passwords) will be unencrypted +*.pubxml +*.publishproj + +# Microsoft Azure Web App publish settings. Comment the next line if you want to +# checkin your Azure Web App publish settings, but sensitive information contained +# in these scripts will be unencrypted +PublishScripts/ + +# NuGet Packages +*.nupkg +# The packages folder can be ignored because of Package Restore +**/[Pp]ackages/* +# except build/, which is used as an MSBuild target. +!**/[Pp]ackages/build/ +# Uncomment if necessary however generally it will be regenerated when needed +#!**/[Pp]ackages/repositories.config +# NuGet v3's project.json files produces more ignorable files +*.nuget.props +*.nuget.targets + +# Microsoft Azure Build Output +csx/ +*.build.csdef + +# Microsoft Azure Emulator +ecf/ +rcf/ + +# Windows Store app package directories and files +AppPackages/ +BundleArtifacts/ +Package.StoreAssociation.xml +_pkginfo.txt +*.appx + +# Visual Studio cache files +# files ending in .cache can be ignored +*.[Cc]ache +# but keep track of directories ending in .cache +!*.[Cc]ache/ + +# Others +ClientBin/ +~$* +*~ +*.dbmdl +*.dbproj.schemaview +*.jfm +*.pfx +*.publishsettings +orleans.codegen.cs + +# Since there are multiple workflows, uncomment next line to ignore bower_components +# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) +#bower_components/ + +# RIA/Silverlight projects +Generated_Code/ + +# Backup & report files from converting an old project file +# to a newer Visual Studio version. Backup files are not needed, +# because we have git ;-) +_UpgradeReport_Files/ +Backup*/ +UpgradeLog*.XML +UpgradeLog*.htm + +# SQL Server files +*.mdf +*.ldf +*.ndf + +# Business Intelligence projects +*.rdl.data +*.bim.layout +*.bim_*.settings + +# Microsoft Fakes +FakesAssemblies/ + +# GhostDoc plugin setting file +*.GhostDoc.xml + +# Node.js Tools for Visual Studio +.ntvs_analysis.dat +node_modules/ + +# Typescript v1 declaration files +typings/ + +# Visual Studio 6 build log +*.plg + +# Visual Studio 6 workspace options file +*.opt + +# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) +*.vbw + +# Visual Studio LightSwitch build output +**/*.HTMLClient/GeneratedArtifacts +**/*.DesktopClient/GeneratedArtifacts +**/*.DesktopClient/ModelManifest.xml +**/*.Server/GeneratedArtifacts +**/*.Server/ModelManifest.xml +_Pvt_Extensions + +# Paket dependency manager +.paket/paket.exe +paket-files/ + +# FAKE - F# Make +.fake/ + +# JetBrains Rider +.idea/ +*.sln.iml + +# CodeRush +.cr/ + +# Python Tools for Visual Studio (PTVS) +__pycache__/ +*.pyc + +# Cake - Uncomment if you are using it +# tools/** +# !tools/packages.config + +# Tabs Studio +*.tss + +# Telerik's JustMock configuration file +*.jmconfig + +# BizTalk build output +*.btp.cs +*.btm.cs +*.odx.cs +*.xsd.cs + +# OpenCover UI analysis results +OpenCover/ +coverage/ + +### macOS template +# General +.DS_Store +.AppleDouble +.LSOverride + +# Icon must end with two \r +Icon + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +======= +# Local +.env +dist +src/ormconfig.json +ormconfig.json +vendor +storage +package-lock.json +public/index.html +public/css/ +public/fixtures/ +public/fontawesome/ +public/fonts/ +public/images/ +public/items/ +public/js/ +public/icons/ +public/zones.geojson +public/config.json +resources/js/ + +data/ diff --git a/README.md b/README.md index 6b30193..aef1e54 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,29 @@ # open-inventory -Recipe for Open Inventory created by EOTL https://codeberg.org/eotl/open-inventory \ No newline at end of file +[![Build Status](https://drone.autonomic.zone/api/badges/coop-cloud/open-inventory/status.svg?ref=refs/heads/main)](https://drone.autonomic.zone/coop-cloud/open-inventory) + + +* **Category**: Apps +* **Status**: 3, stable +* **Image**: [`open-inventory`](codeberg.org/eotl/open-inventory), 4, upstream +* **Healthcheck**: Yes +* **Backups**: No +* **Email**: No +* **Tests**: No +* **SSO**: No + + +## Usage + +### Basic initial setup +1. Set up your server ([tutorial](https://docs.coopcloud.tech/operators/tutorial/#server-setup)) +1. Install `abra` locally ([guide here](https://docs.coopcloud.tech/operators/tutorial/#install-abra)) +1. Deploy [`coop-cloud/traefik`](https://git.autonomic.zone/coop-cloud/traefik) on the server. It acts as proxy, and it handles automagically TLS certificate creation and update (via `Let's Encrypt`). + +### Create `open-inventory` app and deploy +1. `abra app new open-inventory --secrets` (optionally with `--pass` if you'd like to save secrets in pass) +1. `abra app config open-inventory.example.net` + - be sure to change `DOMAIN` to something that resolves to + your server + - `APP_URL` as well needs to be set +1. `abra app deploy open-inventory.example.net` diff --git a/abra.sh b/abra.sh new file mode 100644 index 0000000..8fcf190 --- /dev/null +++ b/abra.sh @@ -0,0 +1,40 @@ +initial_setup() { + cd /app/ + + echo "Generating APP_KEY..." + php artisan key:generate + + echo "DB migrations status:" + php artisan migrate:status + echo "Starting DB migrations..." + php artisan migrate + + create_first_admin_user() +} + +clear_cache() { + php artisan cache:clear + php artisan route:clear + php artisan config:clear + php artisan view:clear +} + +create_first_admin_user() { + echo "Creating the first admin user..." + read -rp "Enter admin name: " ADMIN_NAME + read -rp "Enter admin email: " ADMIN_EMAIL + + while true; do + read -rsp "Enter admin password: " ADMIN_PASSWORD + echo + read -rsp "Confirm admin password: " ADMIN_PASSWORD_CONFIRM + echo + if [ "$ADMIN_PASSWORD" = "$ADMIN_PASSWORD_CONFIRM" ]; then + break + else + echo "Passwords do not match. Please try again." + fi + done + + php artisan user:first "${ADMIN_NAME}" "${ADMIN_EMAIL}" "${ADMIN_PASSWORD}" +} diff --git a/compose.yml b/compose.yml new file mode 100644 index 0000000..3c0902e --- /dev/null +++ b/compose.yml @@ -0,0 +1,65 @@ +version: '3.8' + +services: + app: + # Dockerfile here: + image: codeberg.org/eotl/open-inventory:0.0.8 + depends_on: + - db + networks: + - proxy + - internal + environment: + - DB_PASSWORD_FILE = /run/secrets/db_password + secrets: + - db_password + healthcheck: + test: ["CMD", "curl", "-f", "http://127.0.0.1:8080/fpm-ping"] + interval: 30s + timeout: 10s + retries: 10 + start_period: 1m + deploy: + update_config: + failure_action: rollback + labels: + - "traefik.enable=true" + - "traefik.docker.network=proxy" + - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8080" + - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)" + - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" + - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" + - "coop-cloud.${STACK_NAME}.version=1.0.0+0.0.5" + + + db: + image: mariadb:10.5 + init: true + volumes: + - mariadb:/var/lib/mysql/ + environment: + - MYSQL_DATABASE=open-inventory + - MYSQL_USER=open-inventory + - MYSQL_PASSWORD=open-inventory-db-password + - MYSQL_ROOT_PASSWORD="open-inventory-db-root-password" + deploy: + labels: [ 'coop-cloud.${STACK_NAME}.db.version=10.5-31e52f4d87a' ] + networks: + - internal + +volumes: + mariadb: + driver: local + +networks: + proxy: + external: true + internal: + +secrets: + db_password: + external: true + name: ${STACK_NAME}_db_password_${DB_PASSWORD_VERSION} + db_root_password: + external: true + name: ${STACK_NAME}_db_root_password_${DB_ROOT_PASSWORD_VERSION} diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 0000000..ca0944f --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +# Laravel app (+ nginx) container +export DB_PASSWORD=$(cat /run/secrets/db_password) + +# DB container +export MYSQL_PASSWORD=$(cat /run/secrets/db_password) +export MYSQL_ROOT_PASSWORD=$(cat /run/secrets/db_root_password)