From 3eeb651a3c3a92f4d2d5ef4f6b7501effbd1603a Mon Sep 17 00:00:00 2001 From: Philipp Rothmann Date: Fri, 9 Jun 2023 11:14:21 +0200 Subject: [PATCH] init --- .env.sample | 11 +++++++ README.md | 9 ++++++ abra.sh | 1 + compose.yml | 85 +++++++++++++++++++++++++++++++++++++++++++------ pretix.cfg.tmpl | 63 ++++++++++++++++++++++++++++++++++++ 5 files changed, 159 insertions(+), 10 deletions(-) create mode 100644 abra.sh create mode 100644 pretix.cfg.tmpl diff --git a/.env.sample b/.env.sample index 4711036..6f16858 100644 --- a/.env.sample +++ b/.env.sample @@ -6,3 +6,14 @@ DOMAIN=pretix.example.com #EXTRA_DOMAINS=', `www.pretix.example.com`' LETS_ENCRYPT_ENV=production + +SECRET_DB_PASSWORD_VERSION=v1 +SECRET_DJANGO_SECRET_KEY_VERSION=v1 + +SECRET_SMTP_PASSWORD_VERSION=v1 +SMTP_FROM=hello@localhost +SMTP_HOST=127.0.0.71 +SMTP_USER=pretix +SMTP_PORT=1025 +SMTP_TLS=on +SMTP_SSL=off \ No newline at end of file diff --git a/README.md b/README.md index c083a67..8601d73 100644 --- a/README.md +++ b/README.md @@ -22,3 +22,12 @@ * `abra app deploy ` For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech). + + +## TODO + +* [ ] mail +* [ ] healthchecks +* [ ] cronjob: 15,45 * * * * /usr/bin/docker exec pretix.service pretix cron +* [ ] backups https://docs.pretix.eu/en/latest/admin/maintainance.html#maintainance +* [ ] plugins diff --git a/abra.sh b/abra.sh new file mode 100644 index 0000000..59c0156 --- /dev/null +++ b/abra.sh @@ -0,0 +1 @@ +export PRETIX_CONFIG_VERSION=v1 \ No newline at end of file diff --git a/compose.yml b/compose.yml index a2c3805..4165936 100644 --- a/compose.yml +++ b/compose.yml @@ -3,9 +3,19 @@ version: "3.8" services: app: - image: nginx:1.20.0 + image: 'pretix/standalone:4.20.0' networks: - proxy + - internal + volumes: + - app:/data + configs: + - source: pretix_config + target: /etc/pretix/pretix.cfg + secrets: + - db_password + - smtp_password + - django_secret_key deploy: restart_policy: condition: on-failure @@ -15,18 +25,73 @@ services: - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - ## Redirect from EXTRA_DOMAINS to DOMAIN - #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" - #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true" - #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}" - "coop-cloud.${STACK_NAME}.version=" + # healthcheck: + # test: ["CMD", "curl", "-f", "http://localhost"] + # interval: 30s + # timeout: 10s + # retries: 10 + # start_period: 1m + + db: + image: postgres:12 + volumes: + - "postgres:/var/lib/postgresql/data" + networks: + - internal + environment: + POSTGRES_USER: pretix + POSTGRES_PASSWORD_FILE: /run/secrets/db_password + POSTGRES_DB: pretix + secrets: + - db_password healthcheck: - test: ["CMD", "curl", "-f", "http://localhost"] - interval: 30s - timeout: 10s - retries: 10 - start_period: 1m + test: ["CMD-SHELL", "pg_isready"] + interval: 10s + timeout: 5s + retries: 5 + deploy: + labels: + backupbot.backup: "true" + backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/backup.sql" + backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/backup.sql" + + redis: + image: redis:7.0.10-alpine + volumes: + - "redis:/data" + healthcheck: + test: ["CMD", "redis-cli", "ping"] + interval: 3s + timeout: 5s + retries: 20 + networks: + - internal + +volumes: + app: + postgres: + redis: + +configs: + pretix_config: + name: ${STACK_NAME}_pretix_config_${PRETIX_CONFIG_VERSION} + file: pretix.cfg.tmpl + template_driver: golang networks: proxy: external: true + internal: + + +secrets: + db_password: + external: true + name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION} + smtp_password: + external: true + name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION} + django_secret_key: + external: true + name: ${STACK_NAME}_django_secret_key_${SECRET_DJANGO_SECRET_KEY_VERSION} diff --git a/pretix.cfg.tmpl b/pretix.cfg.tmpl new file mode 100644 index 0000000..dc2784d --- /dev/null +++ b/pretix.cfg.tmpl @@ -0,0 +1,63 @@ +; see https://docs.pretix.eu/en/latest/admin/config.html# + +[pretix] +instance_name={{ env "DOMAIN" }} +url=https://{{ env "DOMAIN" }} +currency=EUR +datadir=/data +plugins_default=pretix.plugins.sendmail,pretix.plugins.statistics +cookie_domain=.pretix.de +loglevel=INFO +trust_x_forwarded_for=on +trust_x_forwarded_proto=on + + +[locale] +default=de +timezone=Europe/Berlin + + +[database] +backend=postgresql +name=pretix +user=pretix +password={{ secret "db_password" }} +host=db +port=3306 + +[mail] +from={{ env "SMTP_FROM" }} +host={{ env "SMTP_HOST" }} +user={{ env "SMTP_USER" }} +password={{ secret "smtp_password" }} +port={{ env "SMTP_PORT" }} +tls={{ env "SMTP_TLS" }} +ssl={{ env "SMTP_SSL" }} + +[django] +secret={{ secret "django_secret_key" }} +debug=off + +[redis] +location=redis://redis:6379/1 +sessions=true + +[languages] +enabled=en,de + +[celery] +backend=redis://redis:6379/1 +broker=redis://redis:6379/1 + +[pretix_file_upload] +; Max upload size for images in MiB, defaults to 10 MiB +max_size_image = 12 +; Max upload size for favicons in MiB, defaults to 1 MiB +max_size_favicon = 2 +; Max upload size for email attachments of manually sent emails in MiB, defaults to 10 MiB +max_size_email_attachment = 15 +; Max upload size for email attachments of automatically sent emails in MiB, defaults to 1 MiB +max_size_email_auto_attachment = 2 +; Max upload size for other files in MiB, defaults to 10 MiB +; This includes all file upload type order questions +max_size_other = 100