From 73de12d12f3f321736a67ad394df78efe25974dc Mon Sep 17 00:00:00 2001 From: Simon Thiessen Date: Thu, 14 Dec 2023 12:29:37 +0100 Subject: [PATCH] add support for local storage --- .drone.yml | 1 - .env.sample | 23 +++++++++++++++-------- compose.aws.yml | 22 ++++++++++++++++++++++ compose.local.yml | 13 +++++++++++++ compose.yml | 14 +------------- entrypoint.sh.tmpl | 2 ++ 6 files changed, 53 insertions(+), 22 deletions(-) create mode 100644 compose.aws.yml create mode 100644 compose.local.yml diff --git a/.drone.yml b/.drone.yml index b5a328a..ebf2d6e 100644 --- a/.drone.yml +++ b/.drone.yml @@ -21,7 +21,6 @@ steps: SECRET_DB_PASSWORD_VERSION: v1 SECRET_SECRET_KEY_VERSION: v1 # length=64 SECRET_UTILS_SECRET_VERSION: v1 # length=64 - SECRET_AWS_SECRET_KEY_VERSION: v1 trigger: branch: - main diff --git a/.env.sample b/.env.sample index b352ff4..310deeb 100644 --- a/.env.sample +++ b/.env.sample @@ -15,15 +15,9 @@ COMPOSE_FILE="compose.yml" SECRET_DB_PASSWORD_VERSION=v1 SECRET_SECRET_KEY_VERSION=v1 # length=64 SECRET_UTILS_SECRET_VERSION=v1 # length=64 -SECRET_AWS_SECRET_KEY_VERSION=v1 -AWS_ACCESS_KEY_ID= -AWS_REGION= -AWS_S3_UPLOAD_BUCKET_URL= -AWS_S3_UPLOAD_BUCKET_NAME= -AWS_S3_UPLOAD_MAX_SIZE=26214400 -AWS_S3_FORCE_PATH_STYLE=true -AWS_S3_ACL=private +# Set to s3 to use AWS S3 bucket +FILE_STORAGE=local # –––––––––––––––– OPTIONAL –––––––––––––––– @@ -85,3 +79,16 @@ ALLOWED_DOMAINS= #GOOGLE_ENABLED=1 #GOOGLE_CLIENT_ID= #SECRET_GOOGLE_CLIENT_SECRET_VERSION=v1 + +COMPOSE_FILE="$COMPOSE_FILE:compose.local.yml" +FILE_STORAGE_UPLOAD_MAX_SIZE=26214400 + +#COMPOSE_FILE="$COMPOSE_FILE:compose.aws.yml" +#AWS_ACCESS_KEY_ID= +#AWS_REGION= +#AWS_S3_UPLOAD_BUCKET_URL= +#AWS_S3_UPLOAD_BUCKET_NAME= +#AWS_S3_UPLOAD_MAX_SIZE=26214400 +#AWS_S3_FORCE_PATH_STYLE=true +#AWS_S3_ACL=private +#SECRET_AWS_SECRET_KEY_VERSION=v1 diff --git a/compose.aws.yml b/compose.aws.yml new file mode 100644 index 0000000..ff404b6 --- /dev/null +++ b/compose.aws.yml @@ -0,0 +1,22 @@ +--- +version: "3.8" + +services: + app: + secrets: + - aws_secret_key + environment: + - AWS_ACCESS_KEY_ID + - AWS_REGION + - AWS_S3_ACL + - AWS_S3_FORCE_PATH_STYLE + - AWS_S3_UPLOAD_BUCKET_NAME + - AWS_S3_UPLOAD_BUCKET_URL + - AWS_S3_UPLOAD_MAX_SIZE + - AWS_SDK_LOAD_CONFIG=0 + - AWS_SECRET_KEY_FILE=/run/secrets/aws_secret_key + +secrets: + aws_secret_key: + name: ${STACK_NAME}_aws_secret_key_${SECRET_AWS_SECRET_KEY_VERSION} + external: true \ No newline at end of file diff --git a/compose.local.yml b/compose.local.yml new file mode 100644 index 0000000..838fd5b --- /dev/null +++ b/compose.local.yml @@ -0,0 +1,13 @@ +--- +version: "3.8" + +services: + app: + volumes: + - storage-data:/var/lib/outline/data + environment: + - FILE_STORAGE + - FILE_STORAGE_UPLOAD_MAX_SIZE + +volumes: + storage-data: diff --git a/compose.yml b/compose.yml index 54feb86..468efe3 100644 --- a/compose.yml +++ b/compose.yml @@ -8,7 +8,6 @@ services: - proxy image: outlinewiki/outline:0.73.1 secrets: - - aws_secret_key - db_password - secret_key - utils_secret @@ -17,15 +16,7 @@ services: target: /docker-entrypoint.sh mode: 0555 environment: - - AWS_ACCESS_KEY_ID - - AWS_REGION - - AWS_S3_ACL - - AWS_S3_FORCE_PATH_STYLE - - AWS_S3_UPLOAD_BUCKET_NAME - - AWS_S3_UPLOAD_BUCKET_URL - - AWS_S3_UPLOAD_MAX_SIZE - - AWS_SDK_LOAD_CONFIG=0 - - AWS_SECRET_KEY_FILE=/run/secrets/aws_secret_key + - FILE_STORAGE - DATABASE_PASSWORD_FILE=/run/secrets/db_password - FORCE_HTTPS=true - PGSSLMODE=disable @@ -85,9 +76,6 @@ secrets: utils_secret: name: ${STACK_NAME}_utils_secret_${SECRET_UTILS_SECRET_VERSION} external: true - aws_secret_key: - name: ${STACK_NAME}_aws_secret_key_${SECRET_AWS_SECRET_KEY_VERSION} - external: true db_password: name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION} external: true diff --git a/entrypoint.sh.tmpl b/entrypoint.sh.tmpl index f86a99b..31321f3 100644 --- a/entrypoint.sh.tmpl +++ b/entrypoint.sh.tmpl @@ -1,6 +1,8 @@ #!/bin/sh +{{ if eq (env "FILE_STORAGE") "s3" }} export AWS_SECRET_ACCESS_KEY=$(cat /run/secrets/aws_secret_key) +{{ end }} {{ if eq (env "SMTP_ENABLED") "1" }} export SMTP_PASSWORD=$(cat /run/secrets/smtp_password)