coop-cloud/zulip
coop-cloud/zulip
1
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

initial commit

Browse Source
This commit is contained in:
brooke 2025-02-11 19:55:44 -05:00
commit 090874acca
7 changed files with 235 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
.drone.yml Normal file
View File

@ -0,0 +1,38 @@
---
kind: pipeline
name: deploy to swarm-test.autonomic.zone
steps:
- name: deployment
image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
settings:
host: swarm-test.autonomic.zone
stack: example_com # UPDATE ME
generate_secrets: true
purge: true
deploy_key:
from_secret: drone_ssh_swarm_test
networks:
- proxy
environment:
DOMAIN: example.swarm-test.autonomic.zone # UPDATE ME
STACK_NAME: example_com # UPDATE ME
LETS_ENCRYPT_ENV: production
trigger:
branch:
- main
---
kind: pipeline
name: generate recipe catalogue
steps:
- name: release a new version
image: plugins/downstream
settings:
server: https://build.coopcloud.tech
token:
from_secret: drone_abra-bot_token
fork: true
repositories:
- coop-cloud/auto-recipes-catalogue-json
trigger:
event: tag

11
.env.sample Normal file
View File

@ -0,0 +1,11 @@
TYPE=zulip
DOMAIN=zulip.example.com
## Domain aliases
#EXTRA_DOMAINS=', `www.zulip.example.com`'
LETS_ENCRYPT_ENV=production
SECRET_DB_PASSWORD_VERSION=v1
SECRET_RABBITMQ_PASSWORD_VERSION=v1

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.envrc

24
README.md Normal file
View File

@ -0,0 +1,24 @@
# zulip
> One line description of the recipe
<!-- metadata -->
* **Category**: Apps
* **Status**: 0
* **Image**: [`zulip`](https://hub.docker.com/r/zulip), 4, upstream
* **Healthcheck**: No
* **Backups**: No
* **Email**: No
* **Tests**: No
* **SSO**: No
<!-- endmetadata -->
## Quick start
* `abra app new zulip --secrets`
* `abra app config <app-name>`
* `abra app deploy <app-name>`
For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).

127
compose.yml Normal file
View File

@ -0,0 +1,127 @@
---
version: "3.8"
services:
app:
image: "zulip/docker-zulip:9.4-0"
ports:
- "80:80"
environment:
DB_HOST: "database"
DB_HOST_PORT: "5432"
DB_USER: "zulip"
SSL_CERTIFICATE_GENERATION: "self-signed"
SETTING_MEMCACHED_LOCATION: "memcached:11211"
SETTING_RABBITMQ_HOST: "rabbitmq"
SETTING_REDIS_HOST: "redis"
SECRETS_email_password: "123456789"
SECRETS_rabbitmq_password: "REPLACE_WITH_SECURE_RABBITMQ_PASSWORD"
SECRETS_postgres_password: "REPLACE_WITH_SECURE_POSTGRES_PASSWORD"
SECRETS_memcached_password: "REPLACE_WITH_SECURE_MEMCACHED_PASSWORD"
SECRETS_redis_password: "REPLACE_WITH_SECURE_REDIS_PASSWORD"
SECRETS_secret_key: "REPLACE_WITH_SECURE_SECRET_KEY"
SETTING_EXTERNAL_HOST: "localhost.localdomain"
SETTING_ZULIP_ADMINISTRATOR: "admin@example.com"
SETTING_EMAIL_HOST: ""
SETTING_EMAIL_HOST_USER: "noreply@example.com"
SETTING_EMAIL_PORT: "587"
SETTING_EMAIL_USE_SSL: "False"
SETTING_EMAIL_USE_TLS: "True"
ZULIP_AUTH_BACKENDS: "EmailAuthBackend"
volumes:
- "zulip:/data:rw"
ulimits:
nofile:
soft: 1000000
hard: 1048576
database:
image: "zulip/zulip-postgresql:17.2"
deploy:
labels:
backupbot.backup.pre-hook: "/pg_backup.sh backup"
backupbot.backup.path: "/var/lib/postgresql/data/backup.sql"
backupbot.restore.post-hook: "/pg_backup.sh restore"
environment:
POSTGRES_DB: "zulip"
POSTGRES_USER: "zulip"
POSTGRES_PASSWORD_FILE: "/run/secrets/db_password"
secrets:
- db_password
volumes:
- "db:/var/lib/postgresql/data:rw"
networks:
- internal
configs:
- source: pg_backup
target: /pg_backup.sh
mode: 0555
healthcheck:
test: [ "CMD-SHELL", "pg_isready" ]
interval: 10s
timeout: 5s
retries: 5
memcached:
image: "memcached:alpine"
command:
- "sh"
- "-euc"
- |
echo 'mech_list: plain' > "$$SASL_CONF_PATH"
echo "zulip@$$HOSTNAME:$$MEMCACHED_PASSWORD" > "$$MEMCACHED_SASL_PWDB"
echo "zulip@localhost:$$MEMCACHED_PASSWORD" >> "$$MEMCACHED_SASL_PWDB"
exec memcached -S
environment:
SASL_CONF_PATH: "/home/memcache/memcached.conf"
MEMCACHED_SASL_PWDB: "/home/memcache/memcached-sasl-db"
MEMCACHED_PASSWORD: "REPLACE_WITH_SECURE_MEMCACHED_PASSWORD"
rabbitmq:
image: "rabbitmq:3.12.14"
environment:
RABBITMQ_DEFAULT_USER: "zulip"
RABBITMQ_DEFAULT_PASS_FILE: "/run/secrets/rabbitmq_password"
secrets:
- rabbitmq_password
volumes:
- "rabbitmq:/var/lib/rabbitmq:rw"
redis:
image: "redis:alpine"
command:
- "sh"
- "-euc"
- |
echo "requirepass '$$REDIS_PASSWORD'" > /etc/redis.conf
exec redis-server /etc/redis.conf
environment:
REDIS_PASSWORD: "REPLACE_WITH_SECURE_REDIS_PASSWORD"
volumes:
- "redis:/data:rw"
secrets:
db_password:
name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
external: true
rabbitmq_password:
name: ${STACK_NAME}_rabbitmq_password_${SECRET_RABBITMQ_PASSWORD_VERSION}
external: true
configs:
pg_backup:
name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
file: pg_backup.sh
volumes:
zulip:
db:
rabbitmq:
redis:
networks:
internal:
proxy:
external: true

34
pg_backup.sh Normal file
View File

@ -0,0 +1,34 @@
#!/bin/bash
set -e
BACKUP_FILE='/var/lib/postgresql/data/backup.sql'
function backup {
export PGPASSWORD=$(cat $POSTGRES_PASSWORD_FILE)
pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE
}
function restore {
cd /var/lib/postgresql/data/
restore_config(){
# Restore allowed connections
cat pg_hba.conf.bak > pg_hba.conf
su postgres -c 'pg_ctl reload'
}
# Don't allow any other connections than local
cp pg_hba.conf pg_hba.conf.bak
echo "local all all trust" > pg_hba.conf
su postgres -c 'pg_ctl reload'
trap restore_config EXIT INT TERM
# Recreate Database
psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);"
createdb -U ${POSTGRES_USER} ${POSTGRES_DB}
psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE
trap - EXIT INT TERM
restore_config
}
$@

0
release/.git-keep-me Normal file
View File