From 403636c50d39ed73c4a9c06304f903c9b28a134d Mon Sep 17 00:00:00 2001
From: 3wc <3wc@doesthisthing.work>
Date: Sun, 21 Nov 2021 21:27:03 +0200
Subject: [PATCH] Initial import

---
 .env.sample |  89 +++++++++++++++++++++++++++++++++++++++++++
 README.md   |  30 +++++++++++++++
 compose.yml | 106 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 225 insertions(+)
 create mode 100644 .env.sample
 create mode 100644 README.md
 create mode 100644 compose.yml

diff --git a/.env.sample b/.env.sample
new file mode 100644
index 0000000..79ff32e
--- /dev/null
+++ b/.env.sample
@@ -0,0 +1,89 @@
+TYPE=singlelink
+
+DOMAIN=singlelink.example.com
+
+## Domain aliases
+#EXTRA_DOMAINS=', `www.singlelink.example.com`'
+LETS_ENCRYPT_ENV=production
+
+##############################################################################
+# Editor variables                                                           #
+##############################################################################
+
+# The url where the api is hosted
+API_URL=https://editor.$DOMAIN
+
+# OPTIONAL
+
+# The editor's host IP
+SERVER_HOST=
+
+# The port
+PORT=
+
+META_TITLE=
+META_DESCRIPTION=
+HOSTNAME=
+FAVICON=
+APP_NAME=
+LOGO_URL=
+LOGO_WIDTH=
+ICON_URL=
+ICON_WIDTH=
+ORGANIZATION=
+QR_API=
+
+##############################################################################
+# API variables                                                              #
+##############################################################################
+
+# The domain where you are hosting the editor (used for emails)
+EDITOR_URL=https://$DOMAIN
+
+# A secret string that is used to encode JWTs. Make sure it's randomly generated for maximum security.
+SECRET=HereIsARandomStringPleaseChangeMeOrYouWillBeHacked
+
+# A contact email for support requests (and other things)
+CONTACT_EMAIL=example@example.com
+
+# The sending email address when emails are sent from Singlelink
+AWS_SENDER_EMAIL_ADDRESS=
+
+# The AWS region
+AWS_REGION=
+
+# The AWS Access key
+AWS_ACCESS_KEY=
+
+# The AWS Secret key
+AWS_SECRET_KEY=
+
+# An S3 Bucket endpoint (used for file storage)
+S3_ENDPOINT=
+
+# The S3 Bucket name
+S3_BUCKETNAME=
+
+# The S3 bucket's port
+S3_PORT=
+
+# Should the S3 bucket use SSL?
+S3_USE_SSL=
+
+# The S3 bucket's access key
+S3_ACCESS_KEY=
+
+# The S3 bucket's secret key
+S3_SECRET_KEY=
+
+# A mixpanel token for recording analytics with mixpanel (disables if not provided)
+MIXPANEL_TOKEN=
+
+# How many installs should a marketplace addon reach before it can't be deleted anymore? (Can only be hidden)
+DELETE_ADDON_INSTALLS_THRESHOLD=10
+
+# Pass the X-Forwarded-For header through? DO NOT ENABLE if you are allowing direct connections and are not using a reverse proxy!
+ALLOW_X_FORWARD_HEADER=
+
+# Should we validate email addresses?
+VALIDATE_EMAILS=true
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..201e04c
--- /dev/null
+++ b/README.md
@@ -0,0 +1,30 @@
+# singlelink
+
+TODO
+
+<!-- metadata -->
+
+* **Category**: Apps
+* **Status**: 0, work-in-progress
+* **Image**:
+* **Healthcheck**:
+* **Backups**:
+* **Email**:
+* **Tests**:
+* **SSO**:
+
+<!-- endmetadata -->
+
+## Basic usage
+
+1. Set up Docker Swarm and [`abra`]
+2. Deploy [`coop-cloud/traefik`]
+3. `abra app new ${REPO_NAME} --secrets` (optionally with `--pass` if you'd like
+   to save secrets in `pass`)
+4. `abra app YOURAPPDOMAIN config` - be sure to change `$DOMAIN` to something that resolves to
+   your Docker swarm box
+5. `abra app YOURAPPDOMAIN deploy`
+6. Open the configured domain in your browser to finish set-up
+
+[`abra`]: https://git.coopcloud.tech/coop-cloud/abra
+[`coop-cloud/traefik`]: https://git.coopcloud.tech/coop-cloud/traefik
diff --git a/compose.yml b/compose.yml
new file mode 100644
index 0000000..448d9d1
--- /dev/null
+++ b/compose.yml
@@ -0,0 +1,106 @@
+---
+version: "3.8"
+
+services:
+  app:
+    image: neutroncreative/singlelink-editor:latest
+    depends_on:
+      - backend
+    environment:
+      - HOSTNAME=$DOMAIN
+      - API_URL=https://api.$DOMAIN
+    networks:
+      - proxy
+    deploy:
+      restart_policy:
+        condition: on-failure
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
+        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
+        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
+        ## Redirect from EXTRA_DOMAINS to DOMAIN
+        #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
+        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
+        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
+    # healthcheck:
+    #   test: ["CMD", "curl", "-f", "http://localhost"]
+    #   interval: 30s
+    #   timeout: 10s
+    #   retries: 10
+    #   start_period: 1m
+
+  backend:
+    image: neutroncreative/singlelink-server:latest
+    entrypoint: ['tail', '-f', '/dev/null']
+    environment:
+      - DATABASE=postgresql://singlelink:singlelink@db:5432/singlelink
+      - SECRET
+      - HOST=0.0.0.0
+      - PORT=80
+      - API_URL=https://api.$DOMAIN
+      - EDITOR_URL=https://$DOMAIN
+      - RENDERER_URL=https://render.$DOMAIN
+      - CONTACT_EMAIL
+      - AWS_SENDER_EMAIL_ADDRESS
+      - AWS_REGION
+      - AWS_ACCESS_KEY
+      - AWS_SECRET_KEY
+      - S3_ENDPOINT
+      - S3_BUCKETNAME
+      - S3_PORT
+      - S3_USE_SSL
+      - S3_ACCESS_KEY
+      - S3_SECRET_KEY
+      - MIXPANEL_TOKEN
+      - DELETE_ADDON_INSTALLS_THRESHOLD
+    networks:
+      - internal
+      - proxy
+    deploy:
+      restart_policy:
+        condition: on-failure
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.services.${STACK_NAME}_api.loadbalancer.server.port=80"
+        - "traefik.http.routers.${STACK_NAME}_api.rule=Host(`api.${DOMAIN}`)"
+        - "traefik.http.routers.${STACK_NAME}_api.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}_api.tls.certresolver=${LETS_ENCRYPT_ENV}"
+
+  renderer:
+    image: neutroncreative/singlelink-renderer:latest
+    environment:
+      - API_URL=https://api.$DOMAIN
+      - HOST=0.0.0.0
+      - PORT=80
+    networks:
+      - proxy
+    deploy:
+      restart_policy:
+        condition: on-failure
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.services.${STACK_NAME}_render.loadbalancer.server.port=80"
+        - "traefik.http.routers.${STACK_NAME}_render.rule=Host(`render.${DOMAIN}`)"
+        - "traefik.http.routers.${STACK_NAME}_render.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}_render.tls.certresolver=${LETS_ENCRYPT_ENV}"
+
+  db:
+    image: postgres:10-alpine
+    environment:
+      - POSTGRES_USER=singlelink
+      - POSTGRES_DB=singlelink
+      - POSTGRES_PASSWORD=singlelink
+    volumes:
+      - postgres-data:/var/lib/postgresql/data
+    networks:
+      - internal
+
+volumes:
+  postgres-data:
+
+networks:
+  proxy:
+    external: true
+  internal: