swap nginx conf file

.env.sample

@@ -1,49 +1,50 @@
 TYPE=taiga
-TIMEOUT=60
+#TIMEOUT=900
 ENABLE_AUTO_UPDATE=true
 ENABLE_BACKUPS=true
 
 DOMAIN=taiga.example.com
 ## Domain aliases
-#EXTRA_DOMAINS=', `www.taiga.example.com`'
+#EXTRA_DOMAINS=', `www.nextcloud.example.com`'
 LETS_ENCRYPT_ENV=production
 
-COMPOSE_FILE="compose.yml"
-# Set the subpath that taiga resides
-# TAIGA_SUBPATH=""
 
-# Djano superuser settings to create initial superuser
-DJANGO_SUPERUSER_USERNAME=admin
-DJANGO_SUPERUSER_EMAIL=admin@example.com
-SECRET_DJANGO_PASSWORD_VERSION=v1
-DJANGO_SUPERUSER_PASSWORD_FILE=/run/secrets/django_password
+# Taiga's URLs - Variables to define where Taiga should be served
+TAIGA_SCHEME=http  # serve Taiga using "http" or "https" (secured) connection
+TAIGA_DOMAIN=localhost:9000  # Taiga's base URL
+SUBPATH="" # it'll be appended to the TAIGA_DOMAIN (use either "" or a "/subpath")
+WEBSOCKETS_SCHEME=ws  # events connection protocol (use either "ws" or "wss")
 
 # Taiga's Secret Key - Variable to provide cryptographic signing
+SECRET_KEY="taiga-secret-key"  # Please, change it to an unpredictable value!!
 SECRET_TAIGA_SECRET_VERSION=v1
 SECRET_POSTGRES_PASSWORD_VERSION=v1
 SECRET_RABBITMQ_PASSWORD_VERSION=v1
-POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
-TAIGA_SECRET_KEY_FILE=/run/secrets/taiga_secret
-RABBITMQ_PASS_FILE=/run/secrets/rabbitmq_password
+# Taiga's Database settings - Variables to create the Taiga database and connect to it
+POSTGRES_USER=taiga  # user to connect to PostgreSQL
+POSTGRES_PASSWORD=taiga  # database user's password
+POSTGRES_HOST=taiga
+POSTGRES_DB=taiga-db
+
+# Taiga's SMTP settings - Variables to send Taiga's emails to the users
+EMAIL_BACKEND=console  # use an SMTP server or display the emails in the console (either "smtp" or "console")
+EMAIL_HOST=smtp.host.example.com  # SMTP server address
+EMAIL_PORT=587   # default SMTP port
+EMAIL_HOST_USER=user  # user to connect the SMTP server
+EMAIL_HOST_PASSWORD=password  # SMTP user's password
+EMAIL_DEFAULT_FROM=changeme@example.com  # default email address for the automated emails
+# EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True)
+EMAIL_USE_TLS=True  # use TLS (secure) connection with the SMTP server
+EMAIL_USE_SSL=False  # use implicit TLS (secure) connection with the SMTP server
 
 # Taiga's RabbitMQ settings - Variables to leave messages for the realtime and asynchronous events
-# RABBITMQ_ERLANG_COOKIE=secret-erlang-cookie  # unique value shared by any connected instance of RabbitMQ
+RABBITMQ_USER=taiga  # user to connect to RabbitMQ
+RABBITMQ_PASS=taiga  # RabbitMQ user's password
+RABBITMQ_VHOST=taiga  # RabbitMQ container name
+RABBITMQ_ERLANG_COOKIE=secret-erlang-cookie  # unique value shared by any connected instance of RabbitMQ
 
 # Taiga's Attachments - Variable to define how long the attachments will be accesible
 ATTACHMENTS_MAX_AGE=360  # token expiration date (in seconds)
 
 # Taiga's Telemetry - Variable to enable or disable the anonymous telemetry
 ENABLE_TELEMETRY=True
-
-# COMPOSE_FILE="$COMPOSE_FILE:compose.email.yml"
-# Taiga's SMTP settings - Variables to send Taiga's emails to the users
-
-# EMAIL_BACKEND=console # use an SMTP server or display the emails in the console (either "smtp" or "console")
-# EMAIL_HOST=smtp.host.example.com  # SMTP server address
-# EMAIL_PORT=587   # default SMTP port
-# EMAIL_HOST_USER=user  # user to connect the SMTP server
-# EMAIL_HOST_PASSWORD=password  # SMTP user's password
-# EMAIL_DEFAULT_FROM=changeme@example.com  # default email address for the automated emails
-# EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True)
-# EMAIL_USE_TLS=True  # use TLS (secure) connection with the SMTP server
-# EMAIL_USE_SSL=False  # use implicit TLS (secure) connection with the SMTP server

README.md

@@ -1,15 +1,15 @@
 # taiga
 
-> Tagia server
+> One line description of the recipe
 
 <!-- metadata -->
 
 * **Category**: Apps
 * **Status**: 0
-* **Image**: [`taigaio`](https://hub.docker.com/u/taigaio), 4, upstream
+* **Image**: [`taiga`](https://hub.docker.com/r/taiga), 4, upstream
 * **Healthcheck**: No
 * **Backups**: No
-* **Email**: Yes
+* **Email**: No
 * **Tests**: No
 * **SSO**: No
 
@@ -17,9 +17,8 @@
 
 ## Quick start
 
-- `abra app new taiga --secrets`
-- `abra app config <app-name>`
-- `abra app deploy <app-name>`
-- You can login to the admin interface. The username is `admin` and the password is the generated secret `django_password`
+* `abra app new taiga --secrets`
+* `abra app config <app-name>`
+* `abra app deploy <app-name>`
 
 For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).

abra.sh

@@ -3,7 +3,3 @@
 
 export NGINX_CONF_VERSION=v1
 export TAIGA_ENTRYPOINT_VERSION=v1
-export TAIGA_EVENTS_ENTRYPOINT_VERSION=v1
-export CREATE_SUPERUSER_VERSION=v1
-export PG_BACKUP_VERSION=v1
-export NGINX_ENTRYPOINT_VERSION=v1

compose.email.yml

@@ -1,22 +0,0 @@
-version: "3.8"
-services:
-  app:
-    environment:
-      - EMAIL_BACKEND=django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend
-      - EMAIL_DEFAULT_FROM
-      - EMAIL_USE_TLS
-      - EMAIL_USE_SSL
-      - EMAIL_HOST
-      - EMAIL_PORT
-      - EMAIL_HOST_USER
-      - EMAIL_HOST_PASSWORD
-  app-async:
-    environment:
-      - EMAIL_BACKEND=django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend
-      - EMAIL_DEFAULT_FROM
-      - EMAIL_USE_TLS
-      - EMAIL_USE_SSL
-      - EMAIL_HOST
-      - EMAIL_PORT
-      - EMAIL_HOST_USER
-      - EMAIL_HOST_PASSWORD

compose.yml

@@ -1,26 +1,14 @@
-version: "3.8"
-
-services: 
-  db:
+services:
+  taiga-db:
     image: postgres:12.3
-    deploy:
-      labels:
-        backupbot.backup: "${ENABLE_BACKUPS:-true}"
-        backupbot.backup.pre-hook: "/pg_backup.sh backup"
-        backupbot.backup.volumes.db.path: "backup.sql"
-        backupbot.restore.post-hook: '/pg_backup.sh restore'
-    configs:
-      - source: pg_backup
-        target: /pg_backup.sh
-        mode: 0555
     secrets:
       - postgres_password
     environment:
       - POSTGRES_DB=taiga
-      - POSTGRES_USER=taiga
-      - POSTGRES_PASSWORD_FILE
+      - POSTGRES_USER=${POSTGRES_USER}
+      - POSTGRES_PASSWORD=/run/secrets/postgres_password
     healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U taiga"]
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
       interval: 2s
       timeout: 15s
       retries: 5
@@ -28,59 +16,41 @@ services:
     volumes:
       - taiga-db-data:/var/lib/postgresql/data
     networks:
-      - internal
+      - taiga
 
-  app-admin-init:
-    image: taigaio/taiga-back:6.9.0
-    secrets:
-      - taiga_secret
-      - postgres_password
-      - rabbitmq_password
-      - django_password
-    configs: 
-      - source: create_superuser
-        target: /create-superuser.sh
-        mode: 0555
-    entrypoint: /create-superuser.sh
-    environment:
-      - POSTGRES_DB=taiga
-      - POSTGRES_USER=taiga
-      - POSTGRES_PASSWORD_FILE
-      - POSTGRES_HOST=db
-      - TAIGA_SECRET_KEY_FILE
-      - SECRET_KEY_FILE=${TAIGA_SECRET_KEY_FILE}
-      - TAIGA_SITES_SCHEME=https
-      - TAIGA_SITES_DOMAIN=${DOMAIN}
-      - TAIGA_SUBPATH
-      - RABBITMQ_USER=taiga
-      - RABBITMQ_PASS_FILE
-      - DJANGO_SUPERUSER_USERNAME
-      - DJANGO_SUPERUSER_PASSWORD_FILE
-      - DJANGO_SUPERUSER_EMAIL
-    networks:
-      - internal
-    deploy:
-      replicas: 1
-      restart_policy:
-        condition: none
-
-  app:
-    image: taigaio/taiga-back:6.9.0
+  taiga-back:
+    image: taigaio/taiga-back:latest
     secrets:
       - taiga_secret
       - postgres_password
       - rabbitmq_password
     environment:
-      - RABBITMQ_PASS_FILE
+      # These environment variables will be used by taiga-back and taiga-async.
+      # Database settings
       - POSTGRES_DB=taiga
-      - POSTGRES_USER=taiga
-      - POSTGRES_HOST=db
-      - TAIGA_SITES_SCHEME=https
-      - TAIGA_SITES_DOMAIN=${DOMAIN}
+      - POSTGRES_USER=${POSTGRES_USER}
+      - POSTGRES_PASSWORD=/run/secrets/postgres_password
+      - POSTGRES_HOST=taiga-db
+      # Taiga settings
+      - TAIGA_SECRET_KEY=/run/secrets/taiga_secret
+      - TAIGA_SITES_SCHEME=${TAIGA_SCHEME}
+      - TAIGA_SITES_DOMAIN=${TAIGA_DOMAIN}
+      - TAIGA_SUBPATH=${SUBPATH}
+      # Email settings.
       - EMAIL_BACKEND=django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend
-      - RABBITMQ_USER=taiga
-      - ENTRYPOINT=/taiga-back/docker/entrypoint.sh
-    hostname: "taiga-back"
+      - DEFAULT_FROM_EMAIL=${EMAIL_DEFAULT_FROM}
+      - EMAIL_USE_TLS=${EMAIL_USE_TLS}
+      - EMAIL_USE_SSL=${EMAIL_USE_SSL}
+      - EMAIL_HOST=${EMAIL_HOST}
+      - EMAIL_PORT=${EMAIL_PORT}
+      - EMAIL_HOST_USER=${EMAIL_HOST_USER}
+      - EMAIL_HOST_PASSWORD=${EMAIL_HOST_PASSWORD}
+      # Rabbitmq settings
+      - RABBITMQ_USER=${RABBITMQ_USER}
+      - RABBITMQ_PASS=/run/secrets/rabbitmq_password
+      # Telemetry settings
+      - ENABLE_TELEMETRY=${ENABLE_TELEMETRY}
+      # ...your customizations go here
     configs:
       - source: taiga_entrypoint
         target: /custom-entrypoint.sh
@@ -90,157 +60,125 @@ services:
       - taiga-static-data:/taiga-back/static
       - taiga-media-data:/taiga-back/media
     networks:
-      - internal
-    deploy:
-      update_config:
-        failure_action: rollback
-        order: start-first
-      labels:
-        - "coop-cloud.${STACK_NAME}.version=0.1.1+6.9.0"
-        - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT}"
-    healthcheck:
-      test: ["CMD-SHELL", "python -m http.client -c 'GET /api/v1/' -H 'Host: localhost' || exit 1"]      
-      interval: 30s
-      timeout: 10s
-      retries: 10
-      start_period: 1m
-    
+      - taiga
 
-  app-async:
-    image: taigaio/taiga-back:6.9.0
-    configs: 
-      - source: taiga_entrypoint
-        target: /custom-entrypoint.sh
-        mode: 0555
-    entrypoint: /custom-entrypoint.sh
-    hostname: "taiga-back-async"
+  taiga-back-async:
+    image: taigaio/taiga-back:latest
+    entrypoint: ["/taiga-back/docker/async_entrypoint.sh"]
     secrets:
       - taiga_secret
       - postgres_password
       - rabbitmq_password
     environment:
-      - TAIGA_SECRET_KEY_FILE
-      - POSTGRES_PASSWORD_FILE
-      - RABBITMQ_PASS_FILE
+          # These environment variables will be used by taiga-back and taiga-async.
+      # Database settings
       - POSTGRES_DB=taiga
-      - POSTGRES_USER=taiga
-      - POSTGRES_HOST=db
-      - TAIGA_SITES_SCHEME=https
-      - TAIGA_SITES_DOMAIN=${DOMAIN}
+      - POSTGRES_USER=${POSTGRES_USER}
+      - POSTGRES_PASSWORD=/run/secrets/postgres_password
+      - POSTGRES_HOST=taiga-db
+      # Taiga settings
+      - TAIGA_SECRET_KEY=/run/secrets/taiga_secret
+      - TAIGA_SITES_SCHEME=${TAIGA_SCHEME}
+      - TAIGA_SITES_DOMAIN=${TAIGA_DOMAIN}
+      - TAIGA_SUBPATH=${SUBPATH}
+      # Email settings.
       - EMAIL_BACKEND=django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend
-      - RABBITMQ_USER=taiga
-      - ENTRYPOINT=/taiga-back/docker/async_entrypoint.sh
+      - DEFAULT_FROM_EMAIL=${EMAIL_DEFAULT_FROM}
+      - EMAIL_USE_TLS=${EMAIL_USE_TLS}
+      - EMAIL_USE_SSL=${EMAIL_USE_SSL}
+      - EMAIL_HOST=${EMAIL_HOST}
+      - EMAIL_PORT=${EMAIL_PORT}
+      - EMAIL_HOST_USER=${EMAIL_HOST_USER}
+      - EMAIL_HOST_PASSWORD=${EMAIL_HOST_PASSWORD}
+      # Rabbitmq settings
+      - RABBITMQ_USER=${RABBITMQ_USER}
+      - RABBITMQ_PASS=/run/secrets/rabbitmq_password
+      # Telemetry settings
+      - ENABLE_TELEMETRY=${ENABLE_TELEMETRY}
+      # ...your customizations go here
     volumes:
       - taiga-static-data:/taiga-back/static
       - taiga-media-data:/taiga-back/media
     networks:
-      - internal
+      - taiga
      
-  rabbitmq-async:
-    image: rabbitmq:3.13-management-alpine
+  taiga-async-rabbitmq:
+    image: rabbitmq:3.8-management-alpine
     secrets:
       - rabbitmq_password
     environment:
-      - RABBITMQ_ERLANG_COOKIE
-      - RABBITMQ_DEFAULT_USER=taiga
-      - RABBITMQ_DEFAULT_PASS_FILE=${RABBITMQ_PASS_FILE}
-      - RABBITMQ_DEFAULT_VHOST=taiga
+      - RABBITMQ_ERLANG_COOKIE=${RABBITMQ_ERLANG_COOKIE}
+      - RABBITMQ_DEFAULT_USER=${RABBITMQ_USER}
+      - RABBITMQ_DEFAULT_PASS=/run/secrets/rabbitmq_password
+      - RABBITMQ_DEFAULT_VHOST=${RABBITMQ_VHOST}
     hostname: "taiga-async-rabbitmq"
     volumes:
       - taiga-async-rabbitmq-data:/var/lib/rabbitmq
     networks:
-      - internal
-    healthcheck:
-      test: rabbitmq-diagnostics -q ping
-      interval: 30s
-      timeout: 10s
-      retries: 10
-      start_period: 1m
+      - taiga
 
   taiga-front:
-    image: taigaio/taiga-front:6.9.0
+    image: taigaio/taiga-front:latest
     environment:
-      - TAIGA_URL=https://${DOMAIN}
-      - TAIGA_WEBSOCKETS_URL=wss://${DOMAIN}
+      - TAIGA_URL=${TAIGA_SCHEME}://${TAIGA_DOMAIN}
+      - TAIGA_WEBSOCKETS_URL=${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}
+      - TAIGA_SUBPATH=${SUBPATH}
+      # ...your customizations go here
     networks:
-      - internal
+      - taiga
+    # volumes:
+    #   - ./conf.json:/usr/share/nginx/html/conf.json
 
-  events:
-    image: taigaio/taiga-events:6.9.0
-    configs: 
-      - source: taiga_events_entrypoint
-        target: /custom-entrypoint.sh
-        mode: 0555
-    entrypoint: /custom-entrypoint.sh
+  taiga-events:
+    image: taigaio/taiga-events:latest
     secrets:
       - taiga_secret
       - rabbitmq_password
     environment:
-      - RABBITMQ_USER=taiga
-      - RABBITMQ_PASS_FILE
-      - TAIGA_SECRET_KEY_FILE
-      - ENTRYPOINT=/taiga-events/docker/entrypoint.sh
+      - RABBITMQ_USER=${RABBITMQ_USER}
+      - RABBITMQ_PASS=/run/secrets/rabbitmq_password
+      - TAIGA_SECRET_KEY=/run/secrets/taiga_secret
     networks:
-      - internal 
-    healthcheck:
-      test: ["CMD", "wget", "-q", "-O", "-", "http://localhost:3023/healthz"]
-      interval: 10s
-      timeout: 3s
-      retries: 5
+      - taiga 
 
-  rabbitmq:
-    image: rabbitmq:3.13-management-alpine
+  taiga-events-rabbitmq:
+    image: rabbitmq:3.8-management-alpine
     secrets:
       - rabbitmq_password
     environment:
-      - RABBITMQ_ERLANG_COOKIE
-      - RABBITMQ_DEFAULT_USER=taiga
-      - RABBITMQ_DEFAULT_PASS_FILE=${RABBITMQ_PASS_FILE}
-      - RABBITMQ_DEFAULT_VHOST=taiga
+      - RABBITMQ_ERLANG_COOKIE=${RABBITMQ_ERLANG_COOKIE}
+      - RABBITMQ_DEFAULT_USER=${RABBITMQ_USER}
+      - RABBITMQ_DEFAULT_PASS=/run/secrets/rabbitmq_password
+      - RABBITMQ_DEFAULT_VHOST=${RABBITMQ_VHOST}
     hostname: "taiga-events-rabbitmq"
     volumes:
       - taiga-events-rabbitmq-data:/var/lib/rabbitmq
     networks:
-      - internal
-    healthcheck:
-      test: rabbitmq-diagnostics -q ping
-      interval: 30s
-      timeout: 10s
-      retries: 10
-      start_period: 1m
+      - taiga
 
   taiga-protected:
-    image: taigaio/taiga-protected:6.9.0
-    configs:
-      - source: taiga_entrypoint
-        target: /custom-entrypoint.sh
-        mode: 0555
-    entrypoint: /custom-entrypoint.sh
+    image: taigaio/taiga-protected:latest
     secrets:
       - taiga_secret
     environment:
-      - POSTGRES_HOST=db
       - MAX_AGE=${ATTACHMENTS_MAX_AGE}
-      - SECRET_KEY_FILE=${TAIGA_SECRET_KEY_FILE}
-      - ENTRYPOINT=/taiga-protected/docker/entrypoint.sh
+      - SECRET_KEY=/run/secrets/taiga_secret
     networks:
-      - internal
+      - taiga
 
-  web:
+  taiga-gateway:
     image: nginx:1.19-alpine
+    ports:
+      - "9000:80"
     configs:
       - source: nginx_conf
         target: /etc/nginx/conf.d/default.conf
-      - source: nginx_entrypoint
-        target: /custom-entrypoint.sh
-        mode: 0555
-    entrypoint: /custom-entrypoint.sh
     volumes:
       - taiga-static-data:/taiga/static
       - taiga-media-data:/taiga/media
     networks:
       - proxy
-      - internal 
+      - taiga 
     deploy:
       restart_policy:
         condition: on-failure
@@ -254,12 +192,6 @@ services:
         - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
         - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.scheme=https"
         - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.permanent=true" 
-    healthcheck:
-      test: curl -f taiga-back:8000/api/v1/ || exit 1 
-      interval: 30s
-      timeout: 10s
-      retries: 10
-      start_period: 1m
 
 secrets:
   taiga_secret:
@@ -271,34 +203,16 @@ secrets:
   rabbitmq_password:
     external: true
     name: ${STACK_NAME}_rabbitmq_password_${SECRET_RABBITMQ_PASSWORD_VERSION}
-  django_password:
-    external: true
-    name: ${STACK_NAME}_django_password_${SECRET_DJANGO_PASSWORD_VERSION}
 
 configs:
   nginx_conf:
     name: ${STACK_NAME}_nginx_${NGINX_CONF_VERSION}
-    file: nginx.conf
+    file: ./taiga-gateway/nginx.conf
     template_driver: golang
   taiga_entrypoint:
     name: ${STACK_NAME}_taiga_entrypoint_${TAIGA_ENTRYPOINT_VERSION}
     file: entrypoint.sh.tmpl
     template_driver: golang
-  taiga_events_entrypoint:
-    name: ${STACK_NAME}_taiga_events_entrypoint_${TAIGA_EVENTS_ENTRYPOINT_VERSION}
-    file: entrypoint-events.sh.tmpl
-    template_driver: golang
-  nginx_entrypoint:
-    name: ${STACK_NAME}_nginx_entrypoint_${NGINX_ENTRYPOINT_VERSION}
-    file: entrypoint-nginx.sh.tmpl
-    template_driver: golang
-  create_superuser:
-    name: ${STACK_NAME}_create_superuser_${CREATE_SUPERUSER_VERSION}
-    file: create-superuser.sh.tmpl
-    template_driver: golang
-  pg_backup:
-    name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
-    file: pg_backup.sh
 
 volumes:
   taiga-static-data:
@@ -308,6 +222,6 @@ volumes:
   taiga-events-rabbitmq-data:
 
 networks:
-  internal:
+  taiga:
   proxy:
     external: true

create-superuser.sh.tmpl

@@ -1,59 +0,0 @@
-#!/bin/bash
-set -e
-
-file_env() {
-  var="$1"
-  fileVar="${var}_FILE"
-  def="${2:-}"
-
-  eval "var_val=\${$var}"
-  eval "file_val=\${$fileVar}"
-
-  if [ -n "$var_val" ] && [ -n "$file_val" ]; then
-    echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-    exit 1
-  fi
-
-  val="$def"
-
-  if [ -n "$var_val" ]; then
-    val="$var_val"
-  elif [ -n "$file_val" ]; then
-    val="$(cat "$file_val")"
-  fi
-
-  export "$var=$val"
-  unset "$fileVar"
-}
-
-file_env "POSTGRES_PASSWORD"
-file_env "RABBITMQ_PASS"
-file_env "TAIGA_SECRET_KEY"
-file_env "SECRET_KEY"
-
-
-echo "Waiting for Postgres..."
-
-TIMEOUT=30
-i=0
-until (echo > /dev/tcp/$POSTGRES_HOST/5432) 2>/dev/null; do
-  i=$((i+1))
-  if [ $i -ge $TIMEOUT ]; then
-    echo "Postgres did not start within $TIMEOUT seconds."
-    exit 1
-  fi
-  sleep 1
-done
-
-echo "Waiting for Taiga Back..."
-until python -m http.client -c 'GET /api/v1/' -H 'Host: http://taiga-back:8000' >/dev/null; do sleep 3; done
-sleep 30 # otherwise there can be some django error
-
-python manage.py shell <<EOF
-from django.contrib.auth import get_user_model
-User = get_user_model()
-if not User.objects.filter(username="${DJANGO_SUPERUSER_USERNAME}").exists():
-    User.objects.create_superuser('${DJANGO_SUPERUSER_USERNAME}','${DJANGO_SUPERUSER_EMAIL}', '{{ secret "django_password" }}')
-EOF
-
-echo "Django superuser created or found"

entrypoint-events.sh.tmpl

@@ -1,34 +0,0 @@
-#!/bin/sh
-set -e
-
-echo "Entrypoint running"
-
-file_env() {
-  var="$1"
-  fileVar="${var}_FILE"
-  def="${2:-}"
-
-  eval "var_val=\${$var}"
-  eval "file_val=\${$fileVar}"
-
-  if [ -n "$var_val" ] && [ -n "$file_val" ]; then
-    echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-    exit 1
-  fi
-
-  val="$def"
-
-  if [ -n "$var_val" ]; then
-    val="$var_val"
-  elif [ -n "$file_val" ]; then
-    val="$(cat "$file_val")"
-  fi
-
-  export "$var=$val"
-  unset "$fileVar"
-}
-
-file_env "RABBITMQ_PASS"
-file_env "TAIGA_SECRET_KEY"
-
-/taiga-events/docker/entrypoint.sh

entrypoint-nginx.sh.tmpl

@@ -1,19 +0,0 @@
-#!/bin/sh
-set -e
-
-wait() {
-  host="$1"
-  port="$2"
-  name="$3"
-
-  echo "Waiting for $name ($host:$port)..."
-  while ! nc -z "$host" "$port"; do
-    sleep 1
-  done
-  echo "$name is up"
-}
-wait taiga-front 80 "taiga-front"
-wait taiga-back 8000 "taiga-back"
-
-echo "Starting nginx"
-exec nginx -g "daemon off;"

entrypoint.sh.tmpl

@@ -24,26 +24,6 @@ file_env() {
    unset "$fileVar"
 }
 
-file_env "POSTGRES_PASSWORD"
-file_env "RABBITMQ_PASS"
+echo "Giving the db container some time to come up"; sleep 30
 
-# these two should be the same
-# the naming is different in the services
-file_env "TAIGA_SECRET_KEY"
-file_env "SECRET_KEY"
-
-
-echo "Waiting for Postgres..."
-TIMEOUT=30
-i=0
-until (echo > /dev/tcp/$POSTGRES_HOST/5432) 2>/dev/null; do
-  i=$((i+1))
-  if [ $i -ge $TIMEOUT ]; then
-    echo "Postgres did not start within $TIMEOUT seconds."
-    exit 1
-  fi
-  sleep 1
-done
-echo "Postgres is ready!"
-
-"$ENTRYPOINT" "$@"
+/taiga-back/docker/entrypoint.sh

pg_backup.sh

@@ -1,34 +0,0 @@
-!/bin/bash
-
-set -e
-
-BACKUP_FILE='/var/lib/postgresql/data/backup.sql'
-
-function backup {
-  export PGPASSWORD=$(cat /run/secrets/postgres_password)
-  pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE
-}
-
-function restore {
-    cd /var/lib/postgresql/data/
-    restore_config(){
-        # Restore allowed connections
-        cat pg_hba.conf.bak > pg_hba.conf
-        su postgres -c 'pg_ctl reload'
-    }
-    # Don't allow any other connections than local
-    cp pg_hba.conf pg_hba.conf.bak
-    echo "local all all trust" > pg_hba.conf
-    su postgres -c 'pg_ctl reload'
-    trap restore_config EXIT INT TERM
-
-    # Recreate Database
-    psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);" 
-    createdb -U ${POSTGRES_USER} ${POSTGRES_DB}
-    psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE
-
-    trap - EXIT INT TERM
-    restore_config
-}
-
-$@

release/0.1.1+6.9.0

@@ -1 +0,0 @@
-Default to not using email compose as a part of app.

renovate.json

@@ -1,6 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": [
-    "config:recommended"
-  ]
-}

taiga-gateway/nginx.conf

@@ -0,0 +1,89 @@
+server {
+    listen 80 default_server;
+    server_name taiga.mirnet.org;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 default_server;
+    server_name taiga.mirnet.org;  #  See http://nginx.org/en/docs/http/server_names.html
+
+    large_client_header_buffers 4 32k;
+    client_max_body_size 50M;
+    charset utf-8;
+
+    access_log /home/taiga/logs/nginx.access.log;
+    error_log /home/taiga/logs/nginx.error.log;
+
+    # TLS: Configure your TLS following the best practices inside your company
+    # Other configurations
+
+    # Frontend
+    location / {
+        alias /home/taiga/taiga-front-dist/dist/;
+        index index.html;
+        try_files $uri $uri/ index.html =404;
+    }
+
+    # API
+    location /api/ {
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Scheme $scheme;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_pass http://127.0.0.1:8001/api/;
+        proxy_redirect off;
+    }
+
+    # Admin
+    location /admin/ {
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Scheme $scheme;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_pass http://127.0.0.1:8001/admin/;
+        proxy_redirect off;
+    }
+
+    # Static files
+    location /static/ {
+        alias /home/taiga/taiga-back/static/;
+    }
+
+    # Media
+    location /_protected/ {
+        internal;
+        alias /home/taiga/taiga-back/media/;
+        add_header Content-disposition "attachment";
+    }
+
+    # Unprotected section
+    location /media/exports/ {
+        alias /home/taiga/taiga-back/media/exports/;
+        add_header Content-disposition "attachment";
+    }
+
+    location /media/ {
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Scheme $scheme;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_pass http://127.0.0.1:8003/;
+        proxy_redirect off;
+    }
+
+    # Events
+    location /events {
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_connect_timeout 7d;
+        proxy_send_timeout 7d;
+        proxy_read_timeout 7d;
+        proxy_pass http://127.0.0.1:8888/events;
+    }
+
+}

taiga-gateway/taiga.conf

@@ -3,6 +3,7 @@ server {
 
     client_max_body_size 100M;
     charset utf-8;
+
     # Frontend
     location / {
         proxy_pass http://taiga-front/;
@@ -12,6 +13,7 @@ server {
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Scheme $scheme;
     }
+
     # API
     location /api/ {
         proxy_pass http://taiga-back:8000/api/;
@@ -62,7 +64,7 @@ server {
 
     # Events
     location /events {
-        proxy_pass http://events:8888/events;
+        proxy_pass http://taiga-events:8888/events;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";

working-compose.yml

@@ -0,0 +1,171 @@
+x-environment:
+  &default-back-environment
+  # These environment variables will be used by taiga-back and taiga-async.
+  # Database settings
+  POSTGRES_DB: "taiga"
+  POSTGRES_USER: "${POSTGRES_USER}"
+  POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
+  POSTGRES_HOST: "taiga-db"
+  # Taiga settings
+  TAIGA_SECRET_KEY: "${SECRET_KEY}"
+  TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}"
+  TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}"
+  TAIGA_SUBPATH: "${SUBPATH}"
+  # Email settings.
+  EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend"
+  DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}"
+  EMAIL_USE_TLS: "${EMAIL_USE_TLS}"
+  EMAIL_USE_SSL: "${EMAIL_USE_SSL}"
+  EMAIL_HOST: "${EMAIL_HOST}"
+  EMAIL_PORT: "${EMAIL_PORT}"
+  EMAIL_HOST_USER: "${EMAIL_HOST_USER}"
+  EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}"
+  # Rabbitmq settings
+  RABBITMQ_USER: "${RABBITMQ_USER}"
+  RABBITMQ_PASS: "${RABBITMQ_PASS}"
+  # Telemetry settings
+  ENABLE_TELEMETRY: "${ENABLE_TELEMETRY}"
+  # ...your customizations go here
+
+x-volumes:
+  &default-back-volumes
+  # These volumens will be used by taiga-back and taiga-async.
+  - taiga-static-data:/taiga-back/static
+  - taiga-media-data:/taiga-back/media
+  # - ./config.py:/taiga-back/settings/config.py
+
+services:
+  taiga-db:
+    image: postgres:12.3
+    environment:
+      POSTGRES_DB: "taiga"
+      POSTGRES_USER: "${POSTGRES_USER}"
+      POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
+      interval: 2s
+      timeout: 15s
+      retries: 5
+      start_period: 3s
+    volumes:
+      - taiga-db-data:/var/lib/postgresql/data
+    networks:
+      - taiga
+
+  taiga-back:
+    image: taigaio/taiga-back:latest
+    environment: *default-back-environment
+    volumes: *default-back-volumes
+    networks:
+      - taiga
+    depends_on:
+      taiga-db:
+        condition: service_healthy
+      taiga-events-rabbitmq:
+        condition: service_started
+      taiga-async-rabbitmq:
+        condition: service_started
+
+  taiga-async:
+    image: taigaio/taiga-back:latest
+    entrypoint: ["/taiga-back/docker/async_entrypoint.sh"]
+    environment: *default-back-environment
+    volumes: *default-back-volumes
+    networks:
+      - taiga
+    depends_on:
+      taiga-db:
+        condition: service_healthy
+      taiga-events-rabbitmq:
+        condition: service_started
+      taiga-async-rabbitmq:
+        condition: service_started
+
+  taiga-async-rabbitmq:
+    image: rabbitmq:3.8-management-alpine
+    environment:
+      RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
+      RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
+      RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
+      RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
+    hostname: "taiga-async-rabbitmq"
+    volumes:
+      - taiga-async-rabbitmq-data:/var/lib/rabbitmq
+    networks:
+      - taiga
+
+  taiga-front:
+    image: taigaio/taiga-front:latest
+    environment:
+      TAIGA_URL: "${TAIGA_SCHEME}://${TAIGA_DOMAIN}"
+      TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}"
+      TAIGA_SUBPATH: "${SUBPATH}"
+      # ...your customizations go here
+    networks:
+      - taiga
+    # volumes:
+    #   - ./conf.json:/usr/share/nginx/html/conf.json
+
+  taiga-events:
+    image: taigaio/taiga-events:latest
+    environment:
+      RABBITMQ_USER: "${RABBITMQ_USER}"
+      RABBITMQ_PASS: "${RABBITMQ_PASS}"
+      TAIGA_SECRET_KEY: "${SECRET_KEY}"
+    networks:
+      - taiga
+    depends_on:
+      taiga-events-rabbitmq:
+        condition: service_started
+
+  taiga-events-rabbitmq:
+    image: rabbitmq:3.8-management-alpine
+    environment:
+      RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
+      RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
+      RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
+      RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
+    hostname: "taiga-events-rabbitmq"
+    volumes:
+      - taiga-events-rabbitmq-data:/var/lib/rabbitmq
+    networks:
+      - taiga
+
+  taiga-protected:
+    image: taigaio/taiga-protected:latest
+    environment:
+      MAX_AGE: "${ATTACHMENTS_MAX_AGE}"
+      SECRET_KEY: "${SECRET_KEY}"
+    networks:
+      - taiga
+
+  taiga-gateway:
+    image: nginx:1.19-alpine
+    ports:
+      - "9000:80"
+    configs:
+      - source: taiga_conf
+        target: /etc/nginx/conf.d/default.conf
+    volumes:
+      - taiga-static-data:/taiga/static
+      - taiga-media-data:/taiga/media
+    networks:
+      - taiga
+    depends_on:
+      - taiga-front
+      - taiga-back
+      - taiga-events
+configs:
+  taiga_conf:
+    name: ${STACK_NAME}_nginx_${NGINX_CONF_VERSION}
+    file: ./taiga-gateway/taiga.conf
+      #    template_driver: golang
+volumes:
+  taiga-static-data:
+  taiga-media-data:
+  taiga-db-data:
+  taiga-async-rabbitmq-data:
+  taiga-events-rabbitmq-data:
+
+networks:
+  taiga: