diff --git a/.envrc.sample b/.envrc.sample index 7ee9e04..474f0c4 100644 --- a/.envrc.sample +++ b/.envrc.sample @@ -5,3 +5,9 @@ export DOMAIN=wallabag.example.com ## Domain aliases #export EXTRA_DOMAINS=', `www.wallabag.example.com`' export LETS_ENCRYPT_ENV=production + +export DB_PASSWORD_VERSION=v1 +export DB_ROOT_PASSWORD_VERSION=v1 + +# Wallabag options, see https://github.com/wallabag/docker +export SYMFONY__ENV__FOSUSER_REGISTRATION=false diff --git a/README.md b/README.md index b2f2c56..cfd867c 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Wallabag +[![Build Status](https://drone.autonomic.zone/api/badges/compose-stacks/wallabag/status.svg)](https://drone.autonomic.zone/compose-stacks/wallabag) + Self hostable application for saving web pages • https://github.com/wallabag/wallabag ## Basic usage @@ -11,7 +13,18 @@ Self hostable application for saving web pages • https://github.com/wallabag/w 4. Edit `.envrc` - be sure to change `DOMAIN` to something that resolves to your Docker swarm box 5. `direnv allow` (or `. .envrc`) -6. `abra deploy` +6. Generate secrets: +``` +abra secret generate db_password v1 +abra secret generate db_root_password v1 +``` +7. `abra deploy` +8. Initialise database +``` +abra run app bash +cd /var/www/wallabag/ +php bin/console wallabag:install --env=prod -n +``` [`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra [`compose-stacks/traefik`]: https://git.autonomic.zone/compose-stacks/traefik diff --git a/compose.yml b/compose.yml index 662a96c..7e8f752 100644 --- a/compose.yml +++ b/compose.yml @@ -3,9 +3,35 @@ version: "3.8" services: app: - image: nginx:1.19.2 + image: wallabag/wallabag + environment: + # Prevent database creation (handled by MySQL service) + - POPULATE_DATABASE="false" + - SYMFONY__ENV__DATABASE_DRIVER=pdo_mysql + - SYMFONY__ENV__DATABASE_HOST=db + - SYMFONY__ENV__DATABASE_PORT=3306 + - SYMFONY__ENV__DATABASE_NAME=wallabag + - SYMFONY__ENV__DATABASE_USER=wallabag + # FIXME: use Docker secrets, see + # https://github.com/wallabag/docker/issues/186 + - SYMFONY__ENV__DATABASE_PASSWORD=$DB_PASSWORD + - SYMFONY__ENV__DATABASE_CHARSET=utf8mb4 + - SYMFONY__ENV__MAILER_HOST=127.0.0.1 + - SYMFONY__ENV__MAILER_USER=~ + - SYMFONY__ENV__MAILER_PASSWORD=~ + - SYMFONY__ENV__FROM_EMAIL=${FROM_EMAIL} + - SYMFONY__ENV__DOMAIN_NAME=https://${DOMAIN} + - SYMFONY__ENV__FOSUSER_REGISTRATION + ports: + - "80" + volumes: + - images:/var/www/wallabag/web/assets/images networks: - proxy + - internal + secrets: + - db_password + #- admin_password deploy: restart_policy: condition: on-failure @@ -19,13 +45,40 @@ services: #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true" #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}" - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost"] - interval: 30s - timeout: 10s - retries: 10 - start_period: 1m + + db: + image: mariadb + environment: + - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password + - MYSQL_USER=wallabag + - MYSQL_DATABASE=wallabag + - MYSQL_PASSWORD_FILE=/run/secrets/db_password + volumes: + - mariadb:/var/lib/mysql + networks: + - internal + secrets: + - db_password + - db_root_password + + redis: + image: redis:alpine + networks: + - internal + +volumes: + images: + mariadb: networks: proxy: external: true + internal: + +secrets: + db_password: + external: true + name: ${STACK_NAME}_db_password_${DB_PASSWORD_VERSION} + db_root_password: + external: true + name: ${STACK_NAME}_db_root_password_${DB_ROOT_PASSWORD_VERSION}