Change everything for releases
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
parent
1c3f607eb5
commit
496debd6f3
@ -17,3 +17,4 @@ SECURITY.md
|
||||
ssh_match_hostname
|
||||
support
|
||||
.js/package-lock.json
|
||||
js/node_modules
|
1
.gitignore
vendored
1
.gitignore
vendored
@ -14,7 +14,6 @@ erl_crash.dump
|
||||
# secrets files as long as you replace their contents by environment
|
||||
# variables.
|
||||
/config/*.secret.exs
|
||||
/config/releases.exs
|
||||
|
||||
/setup_db.psql
|
||||
|
||||
|
@ -183,7 +183,7 @@ pages:
|
||||
- mkdir -p /kaniko/.docker
|
||||
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$CI_REGISTRY_AUTH\",\"email\":\"$CI_REGISTRY_EMAIL\"}}}" > /kaniko/.docker/config.json
|
||||
script:
|
||||
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/docker/production/Dockerfile --destination $DOCKER_IMAGE_NAME
|
||||
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/docker/production/Dockerfile --destination $DOCKER_IMAGE_NAME --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP --build-arg CI_COMMIT_TAG=$CI_COMMIT_TAG
|
||||
|
||||
build-docker-master:
|
||||
<<: *docker
|
||||
@ -210,7 +210,6 @@ package-app:
|
||||
script:
|
||||
- mix local.hex --force
|
||||
- mix local.rebar --force
|
||||
- cp docker/production/releases.exs ./config/
|
||||
- mix deps.get
|
||||
- mix phx.digest
|
||||
- mix release
|
||||
|
@ -8,7 +8,7 @@ import Config
|
||||
# General application configuration
|
||||
config :mobilizon,
|
||||
ecto_repos: [Mobilizon.Storage.Repo],
|
||||
env: Mix.env()
|
||||
env: config_env()
|
||||
|
||||
config :mobilizon, Mobilizon.Storage.Repo, types: Mobilizon.Storage.PostgresTypes
|
||||
|
||||
@ -142,24 +142,6 @@ config :ueberauth,
|
||||
|
||||
config :mobilizon, :auth, oauth_consumer_strategies: []
|
||||
|
||||
config :mobilizon, :ldap,
|
||||
enabled: System.get_env("LDAP_ENABLED") == "true",
|
||||
host: System.get_env("LDAP_HOST") || "localhost",
|
||||
port: String.to_integer(System.get_env("LDAP_PORT") || "389"),
|
||||
ssl: System.get_env("LDAP_SSL") == "true",
|
||||
sslopts: [],
|
||||
tls: System.get_env("LDAP_TLS") == "true",
|
||||
tlsopts: [],
|
||||
base: System.get_env("LDAP_BASE") || "dc=example,dc=com",
|
||||
uid: System.get_env("LDAP_UID") || "cn",
|
||||
require_bind_for_search: !(System.get_env("LDAP_REQUIRE_BIND_FOR_SEARCH") == "false"),
|
||||
# The full CN to filter by `memberOf`, or `false` if disabled
|
||||
group: false,
|
||||
# Either the admin UID matching the field in `uid`,
|
||||
# Either a tuple with the fully qualified DN: {:full, uid=admin,dc=example.com,dc=local}
|
||||
bind_uid: System.get_env("LDAP_BIND_UID"),
|
||||
bind_password: System.get_env("LDAP_BIND_PASSWORD")
|
||||
|
||||
config :geolix,
|
||||
databases: [
|
||||
%{
|
||||
@ -313,4 +295,4 @@ config :mobilizon, :external_resource_providers, %{
|
||||
|
||||
# Import environment specific config. This must remain at the bottom
|
||||
# of this file so it overrides the configuration defined above.
|
||||
import_config "#{Mix.env()}.exs"
|
||||
import_config "#{config_env()}.exs"
|
||||
|
@ -3,10 +3,10 @@
|
||||
import Config
|
||||
|
||||
config :mobilizon, Mobilizon.Web.Endpoint,
|
||||
server: true,
|
||||
url: [host: System.get_env("MOBILIZON_INSTANCE_HOST", "mobilizon.lan")],
|
||||
http: [port: System.get_env("MOBILIZON_INSTANCE_PORT", "4000")],
|
||||
secret_key_base: System.get_env("MOBILIZON_INSTANCE_SECRET_KEY_BASE", "changethis")
|
||||
server: true,
|
||||
url: [host: System.get_env("MOBILIZON_INSTANCE_HOST", "mobilizon.lan")],
|
||||
http: [port: System.get_env("MOBILIZON_INSTANCE_PORT", "4000")],
|
||||
secret_key_base: System.get_env("MOBILIZON_INSTANCE_SECRET_KEY_BASE", "changethis")
|
||||
|
||||
config :mobilizon, Mobilizon.Web.Auth.Guardian,
|
||||
secret_key: System.get_env("MOBILIZON_INSTANCE_SECRET_KEY", "changethis")
|
||||
@ -22,11 +22,9 @@ config :mobilizon, :instance,
|
||||
email_from: System.get_env("MOBILIZON_INSTANCE_EMAIL", "noreply@mobilizon.lan"),
|
||||
email_reply_to: System.get_env("MOBILIZON_REPLY_EMAIL", "noreply@mobilizon.lan")
|
||||
|
||||
|
||||
config :mobilizon, Mobilizon.Web.Upload.Uploader.Local,
|
||||
uploads: System.get_env("MOBILIZON_UPLOADS", "/app/uploads")
|
||||
|
||||
|
||||
config :mobilizon, Mobilizon.Storage.Repo,
|
||||
adapter: Ecto.Adapters.Postgres,
|
||||
username: System.get_env("MOBILIZON_DATABASE_USERNAME", "username"),
|
||||
@ -49,3 +47,14 @@ config :mobilizon, Mobilizon.Web.Email.Mailer,
|
||||
retries: 1,
|
||||
no_mx_lookups: false,
|
||||
auth: :if_available
|
||||
|
||||
config :geolix,
|
||||
databases: [
|
||||
%{
|
||||
id: :city,
|
||||
adapter: Geolix.Adapter.MMDB2,
|
||||
source: "/var/lib/mobilizon/geo_db/GeoLite2-City.mmdb"
|
||||
}
|
||||
]
|
||||
|
||||
config :mobilizon, Mobilizon.Web.Upload.Uploader.Local, uploads: "/var/lib/mobilizon/uploads"
|
@ -36,6 +36,24 @@ config :mobilizon, Mobilizon.Storage.Repo,
|
||||
port: System.get_env("MOBILIZON_DATABASE_PORT") || "5432",
|
||||
pool: Ecto.Adapters.SQL.Sandbox
|
||||
|
||||
config :mobilizon, :ldap,
|
||||
enabled: System.get_env("LDAP_ENABLED") == "true",
|
||||
host: System.get_env("LDAP_HOST") || "localhost",
|
||||
port: String.to_integer(System.get_env("LDAP_PORT") || "389"),
|
||||
ssl: System.get_env("LDAP_SSL") == "true",
|
||||
sslopts: [],
|
||||
tls: System.get_env("LDAP_TLS") == "true",
|
||||
tlsopts: [],
|
||||
base: System.get_env("LDAP_BASE") || "dc=example,dc=com",
|
||||
uid: System.get_env("LDAP_UID") || "cn",
|
||||
require_bind_for_search: !(System.get_env("LDAP_REQUIRE_BIND_FOR_SEARCH") == "false"),
|
||||
# The full CN to filter by `memberOf`, or `false` if disabled
|
||||
group: false,
|
||||
# Either the admin UID matching the field in `uid`,
|
||||
# Either a tuple with the fully qualified DN: {:full, uid=admin,dc=example.com,dc=local}
|
||||
bind_uid: System.get_env("LDAP_BIND_UID"),
|
||||
bind_password: System.get_env("LDAP_BIND_PASSWORD")
|
||||
|
||||
config :mobilizon, Mobilizon.Web.Email.Mailer, adapter: Bamboo.TestAdapter
|
||||
|
||||
config :mobilizon, Mobilizon.Web.Upload, filters: [], link_name: false
|
||||
|
@ -20,9 +20,8 @@ RUN mix local.hex --force \
|
||||
|
||||
COPY lib ./lib
|
||||
COPY priv ./priv
|
||||
COPY config ./config
|
||||
COPY config/config.exs config/prod.exs config/releases.exs ./config/
|
||||
COPY rel ./rel
|
||||
COPY docker/production/releases.exs ./config/
|
||||
COPY --from=assets ./priv/static ./priv/static
|
||||
|
||||
RUN mix phx.digest \
|
||||
@ -31,13 +30,30 @@ RUN mix phx.digest \
|
||||
# Finally setup the app
|
||||
FROM alpine
|
||||
|
||||
ARG BUILD_DATE
|
||||
ARG VCS_REF
|
||||
ARG CI_COMMIT_TAG
|
||||
ARG MOBILIZON_VERSION=${CI_COMMIT_TAG}
|
||||
|
||||
LABEL org.opencontainers.image.title="mobilizon" \
|
||||
org.opencontainers.image.description="Mobilizon for Docker" \
|
||||
org.opencontainers.image.vendor="joinmobilizon.org" \
|
||||
org.opencontainers.image.documentation="https://docs.joinmobilizon.org" \
|
||||
org.opencontainers.image.licenses="AGPL-3.0" \
|
||||
org.opencontainers.image.url="https://joinmobilizon.org" \
|
||||
org.opencontainers.image.revision=$VCS_REF \
|
||||
org.opencontainers.image.created=$BUILD_DATE
|
||||
|
||||
RUN apk add --no-cache openssl ncurses-libs file postgresql-client
|
||||
|
||||
RUN mkdir -p /app/uploads && chown nobody:nobody /app/uploads
|
||||
RUN mkdir -p /etc/mobilizon && chown nobody:nobody /etc/mobilizon
|
||||
|
||||
USER nobody
|
||||
EXPOSE 4000
|
||||
|
||||
ENV MOBILIZON_DOCKER=true
|
||||
|
||||
COPY --from=builder --chown=nobody:nobody _build/prod/rel/mobilizon ./
|
||||
COPY docker/production/docker-entrypoint.sh ./
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
FROM elixir:latest
|
||||
LABEL maintainer="Thomas Citharel <tcit@tcit.fr>"
|
||||
|
||||
ENV REFRESHED_AT=2020-10-22
|
||||
ENV REFRESHED_AT=2021-02-01
|
||||
RUN apt-get update -yq && apt-get install -yq build-essential inotify-tools postgresql-client git curl gnupg xvfb libgtk-3-dev libnotify-dev libgconf-2-4 libnss3 libxss1 libasound2 cmake exiftool
|
||||
RUN curl -sL https://deb.nodesource.com/setup_12.x | bash && apt-get install nodejs -yq
|
||||
RUN npm install -g yarn wait-on
|
||||
|
34
lib/config_provider.ex
Normal file
34
lib/config_provider.ex
Normal file
@ -0,0 +1,34 @@
|
||||
defmodule Mobilizon.ConfigProvider do
|
||||
@moduledoc """
|
||||
Module to provide configuration from a custom file
|
||||
"""
|
||||
@behaviour Config.Provider
|
||||
|
||||
def init(path) when is_binary(path), do: path
|
||||
|
||||
def load(config, path) do
|
||||
config_path = System.get_env("MOBILIZON_CONFIG_PATH") || path
|
||||
|
||||
cond do
|
||||
File.exists?(config_path) ->
|
||||
runtime_config = Config.Reader.read!(config_path)
|
||||
|
||||
Config.Reader.merge(config, runtime_config)
|
||||
|
||||
is_nil(System.get_env("MOBILIZON_DOCKER")) ->
|
||||
warning = [
|
||||
IO.ANSI.red(),
|
||||
IO.ANSI.bright(),
|
||||
"!!! #{config_path} not found! Please ensure it exists and that MOBILIZON_CONFIG_PATH is unset or points to an existing file",
|
||||
IO.ANSI.reset()
|
||||
]
|
||||
|
||||
IO.puts(warning)
|
||||
config
|
||||
|
||||
true ->
|
||||
IO.puts("No runtime config file found, but using environment variables for Docker")
|
||||
config
|
||||
end
|
||||
end
|
||||
end
|
@ -61,7 +61,7 @@ defmodule Mix.Tasks.Mobilizon.Instance do
|
||||
|
||||
paths =
|
||||
[config_path, psql_path] = [
|
||||
Keyword.get(options, :output, "config/prod.secret.exs"),
|
||||
Keyword.get(options, :output, "config/runtime.exs"),
|
||||
Keyword.get(options, :output_psql, "setup_db.psql")
|
||||
]
|
||||
|
||||
@ -146,7 +146,6 @@ defmodule Mix.Tasks.Mobilizon.Instance do
|
||||
database_port: Keyword.get(options, :dbport, 5432),
|
||||
database_username: dbuser,
|
||||
database_password: dbpass,
|
||||
version: Mobilizon.Mixfile.project() |> Keyword.get(:version),
|
||||
instance_secret: instance_secret,
|
||||
auth_secret: auth_secret,
|
||||
listen_port: listen_port
|
||||
@ -160,22 +159,22 @@ defmodule Mix.Tasks.Mobilizon.Instance do
|
||||
database_password: dbpass
|
||||
)
|
||||
|
||||
shell_info("Writing config to #{config_path}.")
|
||||
|
||||
File.write(config_path, result_config)
|
||||
shell_info("Writing #{psql_path}.")
|
||||
File.write(psql_path, result_psql)
|
||||
|
||||
shell_info(
|
||||
"\n" <>
|
||||
"""
|
||||
To get started:
|
||||
1. Check the contents of the generated files.
|
||||
2. Run `sudo -u postgres psql -f #{escape_sh_path(psql_path)} && rm #{
|
||||
escape_sh_path(psql_path)
|
||||
}`.
|
||||
"""
|
||||
)
|
||||
with :ok <- write_config(config_path, result_config),
|
||||
:ok <- write_psql(psql_path, result_psql) do
|
||||
shell_info(
|
||||
"\n" <>
|
||||
"""
|
||||
To get started:
|
||||
1. Check the contents of the generated files.
|
||||
2. Run `sudo -u postgres psql -f #{escape_sh_path(psql_path)} && rm #{
|
||||
escape_sh_path(psql_path)
|
||||
}`.
|
||||
"""
|
||||
)
|
||||
else
|
||||
{:error, err} -> exit(err)
|
||||
_ -> exit(:unknown_error)
|
||||
end
|
||||
else
|
||||
shell_error(
|
||||
"The task would have overwritten the following files:\n" <>
|
||||
@ -184,4 +183,36 @@ defmodule Mix.Tasks.Mobilizon.Instance do
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
defp write_config(config_path, result_config) do
|
||||
shell_info("Writing config to #{config_path}.")
|
||||
|
||||
case File.write(config_path, result_config) do
|
||||
:ok ->
|
||||
:ok
|
||||
|
||||
{:error, err} ->
|
||||
shell_error(
|
||||
"\nERROR: Unable to write config file to #{config_path}. Make sure you have permissions on the destination.\n"
|
||||
)
|
||||
|
||||
{:error, err}
|
||||
end
|
||||
end
|
||||
|
||||
defp write_psql(psql_path, result_psql) do
|
||||
shell_info("Writing #{psql_path}.")
|
||||
|
||||
case File.write(psql_path, result_psql) do
|
||||
:ok ->
|
||||
:ok
|
||||
|
||||
{:error, err} ->
|
||||
shell_error(
|
||||
"\nERROR: Unable to write psql file to #{psql_path}. Make sure you have permissions on the destination.\n"
|
||||
)
|
||||
|
||||
{:error, err}
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -11,6 +11,6 @@ defmodule Mobilizon.Storage.Repo do
|
||||
Dynamically loads the repository url from the DATABASE_URL environment variable.
|
||||
"""
|
||||
def init(_, opts) do
|
||||
{:ok, Keyword.put(opts, :url, System.get_env("DATABASE_URL"))}
|
||||
{:ok, opts}
|
||||
end
|
||||
end
|
||||
|
3
mix.exs
3
mix.exs
@ -31,7 +31,8 @@ defmodule Mobilizon.Mixfile do
|
||||
docs: docs(),
|
||||
releases: [
|
||||
mobilizon: [
|
||||
applications: [eldap: :transient]
|
||||
applications: [eldap: :transient],
|
||||
config_providers: [{Mobilizon.ConfigProvider, "/etc/mobilizon/config.exs"}]
|
||||
]
|
||||
]
|
||||
]
|
||||
|
@ -3,6 +3,7 @@
|
||||
import Config
|
||||
|
||||
config :mobilizon, Mobilizon.Web.Endpoint,
|
||||
server: true,
|
||||
url: [host: "<%= instance_domain %>"],
|
||||
http: [port: <%= listen_port %>],
|
||||
secret_key_base: "<%= instance_secret %>"
|
||||
|
Loading…
x
Reference in New Issue
Block a user