add one underscore

add three variables
newline issue, quoted vars
2021-10-28 16:03:01 -04:00 · 2021-10-28 16:00:30 -04:00 · 2021-10-28 15:54:17 -04:00 · 2021-10-28 15:48:55 -04:00 · 2021-10-28 15:35:11 -04:00 · 2021-10-28 15:29:41 -04:00
2 changed files with 233 additions and 13 deletions
--- a/.env.sample
+++ b/.env.sample
@ -1,7 +1,175 @@
-TYPE={{ .Name }}
+TYPE=outline

-DOMAIN={{ .Name }}.example.com
+DOMAIN=outline.example.com

 ## Domain aliases
-#EXTRA_DOMAINS=', `www.{{ .Name }}.example.com`'
+#EXTRA_DOMAINS=', `www.outline.example.com`'
 LETS_ENCRYPT_ENV=production
+
+
+
+
+#hard coded, secret or.... legit exposed as config options. Or things we might want to make optional configuration with separate compose file
+
+
+# 👋 Welcome, we're glad you're setting up an installation of Outline. Copy this
+# file to .env or set the variables in your local environment manually. For
+# development with docker this should mostly work out  of the box other than
+# setting the Slack keys and the SECRET_KEY.
+
+
+
+
+# –––––––––––––––– REQUIRED ––––––––––––––––
+
+# Generate a hex-encoded 32-byte random key. You should use `openssl rand -hex 32`
+# in your terminal to generate a random value.
+SECRET_KEY=generate_a_new_key
+
+# Generate a unique random key. The format is not important but you could still use
+# `openssl rand -hex 32` in your terminal to produce this.
+UTILS_SECRET=generate_a_new_key
+
+# For production point these at your databases, in development the default
+# should work out of the box.
+# Uncomment this to disable SSL for connecting to Postgres
+# PGSSLMODE=disable
+
+
+# URL should point to the fully qualified, publicly accessible URL. If using a
+# proxy the port in URL and PORT may be different.
+
+# See [documentation](docs/SERVICES.md) on running a separate collaboration
+# server, for normal operation this does not need to be set.
+COLLABORATION_URL=
+
+# To support uploading of images for avatars and document attachments an
+# s3-compatible storage must be provided. AWS S3 is recommended for redundency
+# however if you want to keep all file storage local an alternative such as
+# minio (https://github.com/minio/minio) can be used.
+
+# A more detailed guide on setting up S3 is available here:
+# => https://wiki.generaloutline.com/share/125de1cc-9ff6-424b-8415-0d58c809a40f
+#
+AWS_ACCESS_KEY_ID=get_a_key_from_aws
+AWS_SECRET_ACCESS_KEY=get_the_secret_of_above_key
+AWS_REGION=xx-xxxx-x
+AWS_S3_UPLOAD_BUCKET_URL=http://s3:4569
+AWS_S3_UPLOAD_BUCKET_NAME=bucket_name_here
+AWS_S3_UPLOAD_MAX_SIZE=26214400
+AWS_S3_FORCE_PATH_STYLE=true
+AWS_S3_ACL=private
+
+
+# –––––––––––––– AUTHENTICATION ––––––––––––––
+
+# Third party signin credentials, at least ONE OF EITHER Google, Slack,
+# or Microsoft is required for a working installation or you'll have no sign-in
+# options.
+
+# To configure Slack auth, you'll need to create an Application at
+# => https://api.slack.com/apps
+#
+# When configuring the Client ID, add a redirect URL under "OAuth & Permissions":
+# https://<URL>/auth/slack.callback
+SLACK_KEY=get_a_key_from_slack
+SLACK_SECRET=get_the_secret_of_above_key
+
+# To configure Google auth, you'll need to create an OAuth Client ID at
+# => https://console.cloud.google.com/apis/credentials
+#
+# When configuring the Client ID, add an Authorized redirect URI:
+# https://<URL>/auth/google.callback
+GOOGLE_CLIENT_ID=
+GOOGLE_CLIENT_SECRET=
+
+# To configure Microsoft/Azure auth, you'll need to create an OAuth Client. See
+# the guide for details on setting up your Azure App:
+# => https://wiki.generaloutline.com/share/dfa77e56-d4d2-4b51-8ff8-84ea6608faa4
+AZURE_CLIENT_ID=
+AZURE_CLIENT_SECRET=
+AZURE_RESOURCE_APP_ID=
+
+# To configure generic OIDC auth, you'll need some kind of identity provider.
+# See documentation for whichever IdP you use to acquire the following info:
+# Redirect URI is https://<URL>/auth/oidc.callback
+OIDC_CLIENT_ID=
+OIDC_CLIENT_SECRET=
+OIDC_AUTH_URI=
+OIDC_TOKEN_URI=
+OIDC_USERINFO_URI=
+
+# Specify which claims to derive user information from
+# Supports any valid JSON path with the JWT payload
+OIDC_USERNAME_CLAIM=preferred_username
+
+# Display name for OIDC authentication
+OIDC_DISPLAY_NAME="OpenID Connect"
+
+# Space separated auth scopes.
+OIDC_SCOPES="openid profile email"
+
+
+# –––––––––––––––– OPTIONAL ––––––––––––––––
+
+# If using a Cloudfront/Cloudflare distribution or similar it can be set below.
+# This will cause paths to javascript, stylesheets, and images to be updated to
+# the hostname defined in CDN_URL. In your CDN configuration the origin server
+# should be set to the same as URL.
+CDN_URL=
+
+# Auto-redirect to https in production. The default is true but you may set to
+# false if you can be sure that SSL is terminated at an external loadbalancer.
+FORCE_HTTPS=true
+
+# Have the installation check for updates by sending anonymized statistics to
+# the maintainers
+ENABLE_UPDATES=true
+
+# How many processes should be spawned. As a reasonable rule divide your servers
+# available memory by 512 for a rough estimate
+WEB_CONCURRENCY=1
+
+# Override the maxium size of document imports, could be required if you have
+# especially large Word documents with embedded imagery
+MAXIMUM_IMPORT_SIZE=5120000
+
+# You can remove this line if your reverse proxy already logs incoming http
+# requests and this ends up being duplicative
+DEBUG=http
+
+# Comma separated list of domains to be allowed to signin to the wiki. If not
+# set, all domains are allowed by default when using Google OAuth to signin
+ALLOWED_DOMAINS=
+
+# For a complete Slack integration with search and posting to channels the
+# following configs are also needed, some more details
+# => https://wiki.generaloutline.com/share/be25efd1-b3ef-4450-b8e5-c4a4fc11e02a
+#
+SLACK_VERIFICATION_TOKEN=your_token
+SLACK_APP_ID=A0XXXXXXX
+SLACK_MESSAGE_ACTIONS=true
+
+# Optionally enable google analytics to track pageviews in the knowledge base
+GOOGLE_ANALYTICS_ID=
+
+# Optionally enable Sentry (sentry.io) to track errors and performance
+SENTRY_DSN=
+
+# To support sending outgoing transactional emails such as "document updated" or
+# "you've been invited" you'll need to provide authentication for an SMTP server
+SMTP_HOST=
+SMTP_PORT=
+SMTP_USERNAME=
+SMTP_PASSWORD=
+SMTP_FROM_EMAIL=
+SMTP_REPLY_EMAIL=
+SMTP_TLS_CIPHERS=
+SMTP_SECURE=true
+
+# Custom logo that displays on the authentication screen, scaled to height: 60px
+# TEAM_LOGO=https://example.com/images/logo.png
+
+# The default interface language. See translate.getoutline.com for a list of
+# available language codes and their rough percentage translated.
+DEFAULT_LANGUAGE=en_US
--- a/compose.yml
+++ b/compose.yml
@ -3,15 +3,44 @@ version: "3.8"

 services:
  app:
-    image: nginx:1.19.2
    networks:
+      - backend
      - proxy
+    image: outlinewiki/outline:0.59.0
+    volumes:
+      - outline_data:/opt/outline
+    depends_on:
+      - postgres
+      - redis
+      - s3
+    environment:
+      - DATABASE_URL=postgres://user:pass@${STACK_NAME}_postgres:5532/outline
+      - DATABASE_URL_TEST=postgres://user:pass@${STACK_NAME}_postgres:5532/outline-test
+      - REDIS_URL=redis://${STACK_NAME}_redis:6479
+      - URL=https://$DOMAIN
+      - FORCE_HTTPS=true
+      - SECRET_KEY
+      - UTILS_SECRET
+      - AWS_ACCESS_KEY_ID
+      - AWS_SECRET_ACCESS_KEY
+      - AWS_REGION
+      - AWS_S3_UPLOAD_BUCKET_URL
+      - AWS_S3_UPLOAD_BUCKET_NAME
+      - AWS_S3_UPLOAD_MAX_SIZE
+      - AWS_S3_FORCE_PATH_STYLE
+      - AWS_S3_ACL
+      - OIDC_CLIENT_ID
+      - OIDC_CLIENT_SECRET
+      - OIDC_AUTH_URI
+      - OIDC_TOKEN_URI
+      - OIDC_USERINFO_URI
+      - OIDC_USERNAME_CLAIM
+      - OIDC_DISPLAY_NAME
+      - OIDC_SCOPES
    deploy:
-      restart_policy:
-        condition: on-failure
      labels:
        - "traefik.enable=true"
-        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
+        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=3000"
        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
@ -19,13 +48,36 @@ services:
        #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost"]
-      interval: 30s
-      timeout: 10s
-      retries: 10
-      start_period: 1m
+  redis:
+    image: redis
+    networks:
+      - backend
+  postgres:
+    image: postgres
+    networks:
+      - backend
+    environment:
+      POSTGRES_USER: user
+      POSTGRES_PASSWORD: pass
+      POSTGRES_DB: outline
+  s3:
+    image: lphoward/fake-s3
+    networks:
+      - backend
+    volumes:
+      - fakes3_data:/fakes3_root
+    #healthcheck:
+    #  test: ["CMD", "curl", "-f", "http://localhost:4569"]
+    #  interval: 30s
+    #  timeout: 10s
+    #  retries: 10
+    #  start_period: 1m

 networks:
  proxy:
    external: true
+  backend:
+    
+volumes:
+  outline_data:
+  fakes3_data:
Author	SHA1	Message	Date
trav	9e02395442	add one underscore	2021-10-28 16:03:01 -04:00
trav	b2052c6d67	add three variables	2021-10-28 16:00:30 -04:00
trav	e177a81579	newline issue, quoted vars	2021-10-28 15:54:17 -04:00
trav	6de8b27157	compose and env sample add recommended bits	2021-10-28 15:48:55 -04:00
trav	c8747f89a1	remove dev bits in compose	2021-10-28 15:35:11 -04:00
trav	418cbace24	add two networks	2021-10-28 15:29:41 -04:00
trav	b9cec206c2	add one comment	2021-10-28 15:16:40 -04:00
trav	e998b3f396	add one port number	2021-10-28 15:13:42 -04:00
trav	39be243a0a	add one space	2021-10-28 15:02:12 -04:00
trav	5e4c53d5ca	env sample	2021-10-28 14:54:53 -04:00
trav	201172cb86	compose.yml	2021-10-28 14:53:04 -04:00