diff --git a/.env.sample b/.env.sample index ffe1c2c..addf0e0 100644 --- a/.env.sample +++ b/.env.sample @@ -10,6 +10,7 @@ LETS_ENCRYPT_EMAIL=certs@example.com # DASHBOARD_ENABLED=true # WARN, INFO etc. LOG_LEVEL=WARN +LOG_MAX_AGE=1 # This is here so later lines can extend it; you likely don't wanna edit COMPOSE_FILE="compose.yml" @@ -58,6 +59,17 @@ COMPOSE_FILE="compose.yml" #DIGITALOCEAN_ENABLED=1 #SECRET_DIGITALOCEAN_AUTH_TOKEN_VERSION=v1 +## Azure, https://azure.com +## To insert your Azure client secret: +## abra app secret insert {myapp.example.coop} azure_secret v1 "" +#COMPOSE_FILE="$COMPOSE_FILE:compose.azure.yml" +#AZURE_ENABLED=1 +#AZURE_TENANT_ID= +#AZURE_CLIENT_ID= +#AZURE_SUBSCRIPTION_ID= +#AZURE_RESOURCE_GROUP= +#SECRET_AZURE_SECRET_VERSION=v1 + ##################################################################### # Manual wildcard certificate insertion # ##################################################################### diff --git a/abra.sh b/abra.sh index dcd1537..4a149d7 100644 --- a/abra.sh +++ b/abra.sh @@ -1,3 +1,3 @@ -export TRAEFIK_YML_VERSION=v23 +export TRAEFIK_YML_VERSION=v24 export FILE_PROVIDER_YML_VERSION=v10 export ENTRYPOINT_VERSION=v4 diff --git a/compose.azure.yml b/compose.azure.yml new file mode 100644 index 0000000..3c391f8 --- /dev/null +++ b/compose.azure.yml @@ -0,0 +1,17 @@ +version: "3.8" + +services: + app: + environment: + - AZURE_TENANT_ID + - AZURE_CLIENT_ID + - AZURE_SUBSCRIPTION_ID + - AZURE_RESOURCE_GROUP + - AZURE_CLIENT_SECRET_FILE=/run/secrets/azure_secret + secrets: + - azure_secret + +secrets: + azure_secret: + name: ${STACK_NAME}_azure_secret_${SECRET_AZURE_SECRET_VERSION} + external: true diff --git a/compose.yml b/compose.yml index 3b9b9f7..e8ed964 100644 --- a/compose.yml +++ b/compose.yml @@ -27,6 +27,7 @@ services: environment: - DASHBOARD_ENABLED - LOG_LEVEL + - ${LOG_MAX_AGE:-0} healthcheck: test: ["CMD", "traefik", "healthcheck"] interval: 30s @@ -47,7 +48,7 @@ services: - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - "traefik.http.routers.${STACK_NAME}.service=api@internal" - "traefik.http.routers.${STACK_NAME}.middlewares=security@file" - - "coop-cloud.${STACK_NAME}.version=3.4.2+v3.4.5" + - "coop-cloud.${STACK_NAME}.version=3.5.0+v3.4.5" - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}" - "backupbot.backup=${ENABLE_BACKUPS:-true}" diff --git a/entrypoint.sh.tmpl b/entrypoint.sh.tmpl index f4e6232..8da044b 100644 --- a/entrypoint.sh.tmpl +++ b/entrypoint.sh.tmpl @@ -11,4 +11,8 @@ export OVH_APPLICATION_SECRET=$(cat "$OVH_APPLICATION_SECRET_FILE") export DO_AUTH_TOKEN=$(cat "$DO_AUTH_TOKEN_FILE") {{ end }} +{{ if eq (env "AZURE_ENABLED") "1" }} +export AZURE_CLIENT_SECRET=$(cat "$AZURE_CLIENT_SECRET_FILE") +{{ end }} + /entrypoint.sh "$@" diff --git a/release/3.5.0+v3.4.5 b/release/3.5.0+v3.4.5 new file mode 100644 index 0000000..35aa32d --- /dev/null +++ b/release/3.5.0+v3.4.5 @@ -0,0 +1 @@ +Add support to azure DNS-01 acme challenge \ No newline at end of file diff --git a/release/3.6.0+v3.4.5 b/release/3.6.0+v3.4.5 new file mode 100644 index 0000000..8b9f916 --- /dev/null +++ b/release/3.6.0+v3.4.5 @@ -0,0 +1 @@ +Expose log_max_age option. This option controls Traefik's maximum retention for log files in number of days. By default (when LOG_MAX_AGE=0), files are not removed based on age. \ No newline at end of file diff --git a/traefik.yml.tmpl b/traefik.yml.tmpl index 5d06f6d..b1ba638 100644 --- a/traefik.yml.tmpl +++ b/traefik.yml.tmpl @@ -4,6 +4,7 @@ core: log: level: {{ env "LOG_LEVEL" }} + maxAge: {{ env "LOG_MAX_AGE" }} providers: swarm: