forked from coop-cloud/federatedwiki
Keep up #2
12
.env.sample
12
.env.sample
|
|
@ -13,14 +13,12 @@ FEDWIKI_VOLUME="fedwiki"
|
|||
# custom wiki.cafe image, for working oauth2 support
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.wikicafe.yml"
|
||||
|
||||
# Predefined "owner" security
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.owner.yml"
|
||||
|
||||
# persistent lib volume / node_modules directory, e.g. for plugmatic
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.lib.yml"
|
||||
|
||||
COOKIE_SECRET="asflkjqpweoriuwpeogdjgbpdofigh"
|
||||
AUTHOR="Baja Colorado"
|
||||
ADMIN_KEY="<paste from a .wiki/DOMAIN/status/owner.json file>"
|
||||
# Note(3wc): If you change this after initial deployment, you will need to
|
||||
# manually copy the new value from `conf/config.initial.json`
|
||||
SECRET_COOKIE_SECRET_VERSION=v1 # length=30
|
||||
|
||||
FEDWIKI_IS_PRIVATE=0
|
||||
# Disable SSL encryption (not recommended)
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.insecure.yml"
|
||||
|
|
|
|||
25
abra.sh
25
abra.sh
|
|
@ -1,23 +1,2 @@
|
|||
export INSTALL_SH_VERSION=v9
|
||||
export CONFIG_JSON_VERSION=v7
|
||||
export CONFIG_OWNER_JSON_VERSION=v4
|
||||
|
||||
abra_backup_app() {
|
||||
_abra_backup_dir "app:/home/node/.wiki"
|
||||
}
|
||||
|
||||
abra_restore_app() {
|
||||
# shellcheck disable=SC2034
|
||||
{
|
||||
abra__src_="-"
|
||||
abra__dst_="app:/home/node/.wiki"
|
||||
}
|
||||
|
||||
zcat "$@" | sub_app_cp
|
||||
|
||||
success "Restored 'app'"
|
||||
}
|
||||
|
||||
abra_backup() {
|
||||
abra_backup_app
|
||||
}
|
||||
export ENTRYPOINT_SH_VERSION=v1
|
||||
export CONFIG_INITIAL_JSON_VERSION=v1
|
||||
|
|
|
|||
|
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
deploy:
|
||||
labels:
|
||||
- "traefik.http.services.${STACK_NAME}-non-tls.loadbalancer.server.port=3000"
|
||||
- "traefik.http.routers.${STACK_NAME}-non-tls.rule=Host(`${DOMAIN}`) || HostRegexp(`{subdomain:\\w+}.${DOMAIN}`) || HostRegexp(`{subsubdomain:\\w+}.{subdomain:\\w+}.${DOMAIN}`)"
|
||||
- "traefik.http.routers.${STACK_NAME}-non-tls.entrypoints=web"
|
||||
- "caddy=https://${DOMAIN}, https://*.${DOMAIN}, https://*.*.${DOMAIN}, https://*.*.*.${DOMAIN}, http://${DOMAIN}, http://*.${DOMAIN}, http://*.*.${DOMAIN}, http://*.*.*.${DOMAIN}"
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
configs:
|
||||
- source: config_owner_json_conf
|
||||
target: /home/node/config/config.owner.json
|
||||
|
||||
configs:
|
||||
config_owner_json_conf:
|
||||
name: ${STACK_NAME}_config_owner_json_${CONFIG_OWNER_JSON_VERSION}
|
||||
file: config.owner.json.tmpl
|
||||
template_driver: golang
|
||||
51
compose.yml
51
compose.yml
|
|
@ -3,24 +3,27 @@ version: "3.8"
|
|||
|
||||
services:
|
||||
app:
|
||||
image: dobbs/farm:1.0.18
|
||||
command: /bin/sh config/install.sh
|
||||
image: dobbs/farm:1.0.25
|
||||
command: /bin/sh entrypoint.sh
|
||||
volumes:
|
||||
- "fedwiki_friends:/home/node/config"
|
||||
- "${FEDWIKI_VOLUME}:/home/node/.wiki"
|
||||
networks:
|
||||
- proxy
|
||||
configs:
|
||||
- source: install_sh_conf
|
||||
target: /home/node/config/install.sh
|
||||
- source: config_json_conf
|
||||
target: /home/node/config/config.json
|
||||
- source: entrypoint_sh_conf
|
||||
target: /home/node/entrypoint.sh
|
||||
- source: config_json_initial_conf
|
||||
target: /home/node/initial-config/config.json
|
||||
secrets:
|
||||
- cookie_secret
|
||||
environment:
|
||||
- DOMAIN
|
||||
- COOKIE_SECRET
|
||||
- AUTHOR
|
||||
- ADMIN_KEY
|
||||
deploy:
|
||||
update_config:
|
||||
order: start-first
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
labels:
|
||||
|
|
@ -37,27 +40,33 @@ services:
|
|||
- "caddy.tls.on_demand="
|
||||
- "backupbot.backup=true"
|
||||
- "backupbot.backup.path=/home/node/.wiki"
|
||||
- "coop-cloud.${STACK_NAME}.version=1.0.1+1.0.18"
|
||||
# healthcheck:
|
||||
# test: ["CMD", "curl", "-f", "http://localhost"]
|
||||
# interval: 30s
|
||||
# timeout: 10s
|
||||
# retries: 10
|
||||
# start_period: 1m
|
||||
- "coop-cloud.${STACK_NAME}.version=2.1.1+1.0.25"
|
||||
healthcheck:
|
||||
test: "node -e 'var http = require(\"http\"); var options = { host : \"localhost\", port : \"3000\", timeout : 2000, path : \"/view/welcome-visitors\", headers: { \"Host\": \"${DOMAIN}\" } }; var request = http.request(options, (res)
|
||||
=> { console.log(`STATUS: $${res.statusCode}`); if (res.statusCode == 200) { process.exit(0); } else { process.exit(1); } }); request.on(\"error\", function(err) { console.log('ERROR');
|
||||
process.exit(1); }); request.end();'"
|
||||
interval: 10s
|
||||
timeout: 2s
|
||||
retries: 2
|
||||
start_period: 30s
|
||||
|
||||
volumes:
|
||||
fedwiki:
|
||||
fedwiki_friends:
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
||||
|
||||
secrets:
|
||||
cookie_secret:
|
||||
external: true
|
||||
name: ${STACK_NAME}_cookie_secret_${SECRET_COOKIE_SECRET_VERSION}
|
||||
|
||||
configs:
|
||||
install_sh_conf:
|
||||
name: ${STACK_NAME}_install_sh_${INSTALL_SH_VERSION}
|
||||
file: install.sh
|
||||
config_json_conf:
|
||||
name: ${STACK_NAME}_config_json_${CONFIG_JSON_VERSION}
|
||||
file: config.json.tmpl
|
||||
entrypoint_sh_conf:
|
||||
name: ${STACK_NAME}_entrypoint_sh_${ENTRYPOINT_SH_VERSION}
|
||||
file: entrypoint.sh
|
||||
config_json_initial_conf:
|
||||
name: ${STACK_NAME}_config_initial_json_${CONFIG_INITIAL_JSON_VERSION}
|
||||
file: config.initial.json.tmpl
|
||||
template_driver: golang
|
||||
|
|
|
|||
|
|
@ -0,0 +1,6 @@
|
|||
{
|
||||
"farm": true,
|
||||
"cookieSecret": "{{ secret "cookie_secret" }}",
|
||||
"secure_cookie": true,
|
||||
"security_type": "friends"
|
||||
}
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
{
|
||||
"admin": "{{ env "ADMIN_KEY" }}",
|
||||
"farm": true,
|
||||
"cookieSecret": "{{ env "COOKIE_SECRET" }}",
|
||||
"secure_cookie": true,
|
||||
"security_type": "friends"
|
||||
{{ if eq (env "FEDWIKI_IS_PRIVATE") "1" }},
|
||||
"wikiDomains": {
|
||||
"$DOMAIN": {
|
||||
"id": "/home/node/.wiki/config.owner.json"
|
||||
}
|
||||
}
|
||||
{{ end }}
|
||||
}
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
{
|
||||
"name": "{{ env "AUTHOR" }}",
|
||||
"friend": {
|
||||
"secret": "{{ env "PASSWORD" }}"
|
||||
}
|
||||
}
|
||||
|
|
@ -4,8 +4,4 @@ if [ ! -f .wiki/config.json ]; then
|
|||
cp config/config.json .wiki/config.json
|
||||
fi
|
||||
|
||||
if [ ! -f .wiki/config.owner.json ]; then
|
||||
cp config/config.owner.json .wiki/config.owner.json
|
||||
fi
|
||||
|
||||
wiki --farm
|
||||
|
|
@ -0,0 +1,11 @@
|
|||
COOKIE_SECRET is now a Docker secret, and several config options have been
|
||||
dropped from the recipe -- this shouldn't affect running deplyoments, as
|
||||
the recipe currently just installs the generated `config.json` if there isn't
|
||||
one already -- but you will likely still need to run
|
||||
`abra app secret generate ...` before deploying, in preparation for moving to
|
||||
ennvironment variables for config in a future release.
|
||||
|
||||
Additionally, there is now a healthcheck, which may require tuning, especially
|
||||
on slower systems; please open a ticket on [the issue
|
||||
tracker](https://git.coopcloud.tech/coop-cloud/federatedwiki/issues) if you
|
||||
notice problems with the containers starting up.
|
||||
Loading…
Reference in New Issue