Reorganize app/ and add script for secret management #29
188 changed files with 52 additions and 112 deletions
|
@ -1,6 +1,6 @@
|
||||||
# Blacklist everything cleverly
|
# Blacklist everything cleverly
|
||||||
*
|
*/secrets/*
|
||||||
!*/
|
!*/secrets/*/
|
||||||
|
|
||||||
# Whitelist some patterns
|
# Whitelist some patterns
|
||||||
!*.sample
|
!*.sample
|
|
@ -1,16 +0,0 @@
|
||||||
FROM amd64/debian:stretch as builder
|
|
||||||
|
|
||||||
COPY ./quentin.dufour.io/Gemfile /root/quentin.dufour.io/Gemfile
|
|
||||||
|
|
||||||
WORKDIR /root/quentin.dufour.io
|
|
||||||
|
|
||||||
RUN apt-get update && \
|
|
||||||
apt-get install -y ruby-dev gem build-essential bundler zlib1g-dev libxml2-dev && \
|
|
||||||
bundle install
|
|
||||||
|
|
||||||
COPY ./quentin.dufour.io/ /root/quentin.dufour.io/
|
|
||||||
RUN bundle exec jekyll build
|
|
||||||
|
|
||||||
FROM superboum/amd64_webserver:v2
|
|
||||||
COPY --from=builder /root/quentin.dufour.io/_site /srv/http
|
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
sudo docker build -t superboum/amd64_blog:v19 .
|
|
|
@ -1,8 +0,0 @@
|
||||||
FROM amd64/debian:buster
|
|
||||||
|
|
||||||
RUN apt-get update && \
|
|
||||||
apt-get dist-upgrade -y && \
|
|
||||||
apt-get install -y \
|
|
||||||
coturn
|
|
||||||
|
|
||||||
CMD ["/usr/bin/turnserver"]
|
|
|
@ -1,17 +0,0 @@
|
||||||
|
|
||||||
## Génère l'image
|
|
||||||
```
|
|
||||||
sudo docker build -t registry.gitlab.com/superboum/ankh-morpork/amd64_coturn:v1 .
|
|
||||||
```
|
|
||||||
|
|
||||||
## Run bash dans le container
|
|
||||||
```
|
|
||||||
sudo docker run --rm -t -i registry.gitlab.com/superboum/ankh-morpork/amd64_coturn:v1 bash
|
|
||||||
sudo docker run --rm -t -i -p 3478:3478/udp -p 3479:3479/udp -p 3478:3478/tcp -p 3479:3479/tcp registry.gitlab.com/superboum/ankh-morpork/amd64_coturn:v1
|
|
||||||
```
|
|
||||||
|
|
||||||
## Used ports
|
|
||||||
- udp/tcp 3478 3479
|
|
||||||
|
|
||||||
## Publish
|
|
||||||
sudo docker push registry.gitlab.com/superboum/ankh-morpork/amd64_coturn:v1
|
|
|
@ -1,3 +0,0 @@
|
||||||
```
|
|
||||||
docker build -t superboum/amd64_landing:v8 .
|
|
||||||
```
|
|
|
@ -1,9 +0,0 @@
|
||||||
FROM golang:1.11.1-stretch as builder
|
|
||||||
|
|
||||||
COPY ./goStatic /goStatic
|
|
||||||
WORKDIR /goStatic
|
|
||||||
RUN CGO_ENABLED=0 go build -a -o web-server .
|
|
||||||
|
|
||||||
FROM scratch
|
|
||||||
COPY --from=builder /goStatic/web-server /
|
|
||||||
ENTRYPOINT ["/web-server"]
|
|
|
@ -1,5 +0,0 @@
|
||||||
|
|
||||||
```
|
|
||||||
sudo docker build -t superboum/amd64_webserver:v3 .
|
|
||||||
sudo docker push superboum/amd64_webserver:v3
|
|
||||||
```
|
|
|
@ -1 +0,0 @@
|
||||||
Subproject commit 3f97f57aaee09a142afe3ca0f1a5d51acd856436
|
|
|
@ -35,7 +35,7 @@ job "directory" {
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/directory/bottin/config.json")
|
data = file("../config/bottin/config.json")
|
||||||
destination = "secrets/config.json"
|
destination = "secrets/config.json"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -78,7 +78,7 @@ job "directory" {
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/directory/guichet/config.json.tpl")
|
data = file("../config/guichet/config.json.tpl")
|
||||||
destination = "secrets/config.json"
|
destination = "secrets/config.json"
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,7 @@ services:
|
||||||
|
|
||||||
mariadb:
|
mariadb:
|
||||||
build:
|
build:
|
||||||
context: ./mariadb
|
context: ./seafile/build/mariadb
|
||||||
args:
|
args:
|
||||||
VERSION: 4 # fake for now
|
VERSION: 4 # fake for now
|
||||||
image: superboum/amd64_mariadb:v4
|
image: superboum/amd64_mariadb:v4
|
||||||
|
@ -11,7 +11,7 @@ services:
|
||||||
# Instant Messaging
|
# Instant Messaging
|
||||||
riot:
|
riot:
|
||||||
build:
|
build:
|
||||||
context: ./riotweb
|
context: ./im/build/riotweb
|
||||||
args:
|
args:
|
||||||
# https://github.com/vector-im/riot-web/releases
|
# https://github.com/vector-im/riot-web/releases
|
||||||
VERSION: 1.7.16
|
VERSION: 1.7.16
|
||||||
|
@ -19,7 +19,7 @@ services:
|
||||||
|
|
||||||
synapse:
|
synapse:
|
||||||
build:
|
build:
|
||||||
context: ./matrix-synapse
|
context: ./im/build/matrix-synapse
|
||||||
args:
|
args:
|
||||||
# https://github.com/matrix-org/synapse/releases
|
# https://github.com/matrix-org/synapse/releases
|
||||||
VERSION: 1.25.0
|
VERSION: 1.25.0
|
||||||
|
@ -28,7 +28,7 @@ services:
|
||||||
# Email
|
# Email
|
||||||
sogo:
|
sogo:
|
||||||
build:
|
build:
|
||||||
context: ./sogo
|
context: ./email/build/sogo
|
||||||
args:
|
args:
|
||||||
# fake for now
|
# fake for now
|
||||||
VERSION: 5.0.0
|
VERSION: 5.0.0
|
||||||
|
@ -36,7 +36,7 @@ services:
|
||||||
|
|
||||||
alps:
|
alps:
|
||||||
build:
|
build:
|
||||||
context: ./alps
|
context: ./email/build/alps
|
||||||
args:
|
args:
|
||||||
VERSION: 5cef0aaff2b8b6ee3e00b566123517e241d8cfb8
|
VERSION: 5cef0aaff2b8b6ee3e00b566123517e241d8cfb8
|
||||||
image: superboum/amd64_alps:v1
|
image: superboum/amd64_alps:v1
|
||||||
|
@ -44,7 +44,7 @@ services:
|
||||||
# VoIP
|
# VoIP
|
||||||
jitsi-meet:
|
jitsi-meet:
|
||||||
build:
|
build:
|
||||||
context: ./jitsi-meet
|
context: ./jitsi/build/jitsi-meet
|
||||||
args:
|
args:
|
||||||
# https://github.com/jitsi/jitsi-meet
|
# https://github.com/jitsi/jitsi-meet
|
||||||
PREFIXV: stable/jitsi-meet_
|
PREFIXV: stable/jitsi-meet_
|
||||||
|
@ -53,7 +53,7 @@ services:
|
||||||
|
|
||||||
jitsi-conference-focus:
|
jitsi-conference-focus:
|
||||||
build:
|
build:
|
||||||
context: ./jitsi-conference-focus
|
context: ./jitsi/build/jitsi-conference-focus
|
||||||
args:
|
args:
|
||||||
# https://github.com/jitsi/jicofo
|
# https://github.com/jitsi/jicofo
|
||||||
PREFIXV: stable/jitsi-meet_
|
PREFIXV: stable/jitsi-meet_
|
||||||
|
@ -62,7 +62,7 @@ services:
|
||||||
|
|
||||||
jitsi-videobridge:
|
jitsi-videobridge:
|
||||||
build:
|
build:
|
||||||
context: ./jitsi-videobridge
|
context: ./jitsi/build/jitsi-videobridge
|
||||||
args:
|
args:
|
||||||
# https://github.com/jitsi/jitsi-videobridge
|
# https://github.com/jitsi/jitsi-videobridge
|
||||||
PREFIXV: stable/jitsi-meet_
|
PREFIXV: stable/jitsi-meet_
|
||||||
|
@ -71,21 +71,21 @@ services:
|
||||||
|
|
||||||
jitsi-xmpp:
|
jitsi-xmpp:
|
||||||
build:
|
build:
|
||||||
context: ./jitsi-xmpp
|
context: ./jitsi/build/jitsi-xmpp
|
||||||
args:
|
args:
|
||||||
VERSION: 0.11.2-1
|
VERSION: 0.11.2-1
|
||||||
image: superboum/amd64_jitsi_xmpp:v8
|
image: superboum/amd64_jitsi_xmpp:v8
|
||||||
|
|
||||||
plume:
|
plume:
|
||||||
build:
|
build:
|
||||||
context: ./plume
|
context: ./plume/build/plume
|
||||||
args:
|
args:
|
||||||
VERSION: 0.6.0
|
VERSION: 0.6.0
|
||||||
image: superboum/plume:v2
|
image: superboum/plume:v2
|
||||||
|
|
||||||
postfix:
|
postfix:
|
||||||
build:
|
build:
|
||||||
context: ./postfix
|
context: ./email/build/postfix
|
||||||
args:
|
args:
|
||||||
# https://packages.debian.org/fr/buster/postfix
|
# https://packages.debian.org/fr/buster/postfix
|
||||||
VERSION: 3.4.14-0+deb10u1
|
VERSION: 3.4.14-0+deb10u1
|
|
@ -131,7 +131,7 @@ job "email" {
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/dovecot/dovecot-ldap.conf.tpl")
|
data = file("../config/dovecot/dovecot-ldap.conf.tpl")
|
||||||
destination = "secrets/conf/dovecot-ldap.conf"
|
destination = "secrets/conf/dovecot-ldap.conf"
|
||||||
perms = "400"
|
perms = "400"
|
||||||
}
|
}
|
||||||
|
@ -200,15 +200,15 @@ job "email" {
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/dkim/keytable")
|
data = file("../config/dkim/keytable")
|
||||||
destination = "secrets/dkim/keytable"
|
destination = "secrets/dkim/keytable"
|
||||||
}
|
}
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/dkim/signingtable")
|
data = file("../config/dkim/signingtable")
|
||||||
destination = "secrets/dkim/signingtable"
|
destination = "secrets/dkim/signingtable"
|
||||||
}
|
}
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/dkim/trusted")
|
data = file("../config/dkim/trusted")
|
||||||
destination = "secrets/dkim/trusted"
|
destination = "secrets/dkim/trusted"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -329,42 +329,42 @@ job "email" {
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/postfix/ldap-account.cf.tpl")
|
data = file("../config/postfix/ldap-account.cf.tpl")
|
||||||
destination = "secrets/postfix/ldap-account.cf"
|
destination = "secrets/postfix/ldap-account.cf"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/postfix/ldap-alias.cf.tpl")
|
data = file("../config/postfix/ldap-alias.cf.tpl")
|
||||||
destination = "secrets/postfix/ldap-alias.cf"
|
destination = "secrets/postfix/ldap-alias.cf"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/postfix/ldap-virtual-domains.cf.tpl")
|
data = file("../config/postfix/ldap-virtual-domains.cf.tpl")
|
||||||
destination = "secrets/postfix/ldap-virtual-domains.cf"
|
destination = "secrets/postfix/ldap-virtual-domains.cf"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/postfix/dynamicmaps.cf")
|
data = file("../config/postfix/dynamicmaps.cf")
|
||||||
destination = "secrets/postfix/dynamicmaps.cf"
|
destination = "secrets/postfix/dynamicmaps.cf"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/postfix/header_checks")
|
data = file("../config/postfix/header_checks")
|
||||||
destination = "secrets/postfix/header_checks"
|
destination = "secrets/postfix/header_checks"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/postfix/main.cf")
|
data = file("../config/postfix/main.cf")
|
||||||
destination = "secrets/postfix/main.cf"
|
destination = "secrets/postfix/main.cf"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/postfix/master.cf")
|
data = file("../config/postfix/master.cf")
|
||||||
destination = "secrets/postfix/master.cf"
|
destination = "secrets/postfix/master.cf"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/postfix/transport")
|
data = file("../config/postfix/transport")
|
||||||
destination = "secrets/postfix/transport"
|
destination = "secrets/postfix/transport"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -450,7 +450,7 @@ job "email" {
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/email/sogo/sogo.conf.tpl")
|
data = file("../config/sogo/sogo.conf.tpl")
|
||||||
destination = "secrets/sogo.conf"
|
destination = "secrets/sogo.conf"
|
||||||
}
|
}
|
||||||
|
|
|
@ -32,7 +32,7 @@ job "garage" {
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/garage/garage.toml")
|
data = file("../config/garage.toml")
|
||||||
destination = "secrets/garage.toml"
|
destination = "secrets/garage.toml"
|
||||||
}
|
}
|
||||||
|
|
|
@ -35,27 +35,27 @@ job "im" {
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/chat/synapse/homeserver.yaml")
|
data = file("../config/synapse/homeserver.yaml")
|
||||||
destination = "secrets/conf/homeserver.yaml"
|
destination = "secrets/conf/homeserver.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/chat/easybridge/registration.yaml.tpl")
|
data = file("../config/easybridge/registration.yaml.tpl")
|
||||||
destination = "secrets/conf/easybridge_registration.yaml"
|
destination = "secrets/conf/easybridge_registration.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/chat/synapse/log.yaml")
|
data = file("../config/synapse/log.yaml")
|
||||||
destination = "secrets/conf/log.yaml"
|
destination = "secrets/conf/log.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/chat/synapse/conf.d/server_name.yaml")
|
data = file("../config/synapse/conf.d/server_name.yaml")
|
||||||
destination = "secrets/conf/server_name.yaml"
|
destination = "secrets/conf/server_name.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/chat/synapse/conf.d/report_stats.yaml")
|
data = file("../config/synapse/conf.d/report_stats.yaml")
|
||||||
destination = "secrets/conf/report_stats.yaml"
|
destination = "secrets/conf/report_stats.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -152,12 +152,12 @@ job "im" {
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/chat/easybridge/registration.yaml.tpl")
|
data = file("../config/easybridge/registration.yaml.tpl")
|
||||||
destination = "secrets/conf/registration.yaml"
|
destination = "secrets/conf/registration.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/chat/easybridge/config.json.tpl")
|
data = file("../config/easybridge/config.json.tpl")
|
||||||
destination = "secrets/conf/config.json"
|
destination = "secrets/conf/config.json"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -228,7 +228,7 @@ job "im" {
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = file("../config/configuration/chat/riot_web/config.json")
|
data = file("../config/riot_web/config.json")
|
||||||
destination = "secrets/config.json"
|
destination = "secrets/config.json"
|
||||||
}
|
}
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Reference in a new issue