forked from Deuxfleurs/nixcfg
staging plume: cleanup and update
This commit is contained in:
parent
5c7a8c72d8
commit
2488ad0ac2
8 changed files with 12 additions and 104 deletions
|
@ -4,5 +4,5 @@ services:
|
|||
build:
|
||||
context: ./plume
|
||||
args:
|
||||
VERSION: 24d3b289da085261966fb338113610905dfca8c9
|
||||
VERSION: 61e65a55ad1f5094321c111e395d00dddcb05e96
|
||||
image: lxpz/plume_dev:v1
|
||||
|
|
|
@ -30,6 +30,7 @@ RUN git clone -n https://git.joinplu.me/lx/Plume.git plume
|
|||
|
||||
WORKDIR /opt/plume
|
||||
RUN git checkout ${PLUME_VERSION}
|
||||
RUN git merge 397e3b4d9720475257817b322c05323d12918216
|
||||
RUN rm rust-toolchain
|
||||
|
||||
WORKDIR /opt/plume/script
|
||||
|
|
|
@ -16,6 +16,8 @@ S3_REGION=garage-staging
|
|||
S3_HOSTNAME={{ env "attr.unique.network.ip-address" }}:3990
|
||||
S3_PROTOCOL=http
|
||||
S3_PATH_STYLE=true
|
||||
S3_DIRECT_DOWNLOAD=true
|
||||
S3_ALIAS_HOST=plume.web.staging.deuxfleurs.org
|
||||
|
||||
# DATABASE SETUP
|
||||
DATABASE_URL=/ephemeral/plume.db
|
||||
|
@ -35,4 +37,4 @@ LDAP_USER_MAIL_ATTR=mail
|
|||
LDAP_TLS=false
|
||||
|
||||
RUST_BACKTRACE=1
|
||||
RUST_LOG=debug
|
||||
RUST_LOG=info
|
||||
|
|
|
@ -46,21 +46,14 @@ job "plume-blog" {
|
|||
}
|
||||
|
||||
task "plume" {
|
||||
constraint {
|
||||
attribute = "${attr.unique.hostname}"
|
||||
operator = "="
|
||||
value = "carcajou"
|
||||
}
|
||||
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "lxpz/devplume:v3"
|
||||
image = "lxpz/devplume:v5"
|
||||
network_mode = "host"
|
||||
ports = [ "web_port" ]
|
||||
command = "sh"
|
||||
args = [ "-c", "plm search init; plm search refill; plume" ]
|
||||
volumes = [
|
||||
"/mnt/ssd/plume/search_index:/app/search_index",
|
||||
"../alloc/data:/ephemeral"
|
||||
]
|
||||
}
|
||||
|
|
|
@ -1,31 +0,0 @@
|
|||
{
|
||||
"suffix": "dc=deuxfleurs,dc=fr",
|
||||
"bind": "0.0.0.0:389",
|
||||
"consul_host": "http://consul:8500",
|
||||
"log_level": "debug",
|
||||
"acl": [
|
||||
"*,dc=deuxfleurs,dc=fr::read:*:* !userpassword",
|
||||
"*::read modify:SELF:*",
|
||||
"ANONYMOUS::bind:*,ou=users,dc=deuxfleurs,dc=fr:",
|
||||
"ANONYMOUS::bind:cn=admin,dc=deuxfleurs,dc=fr:",
|
||||
"*,ou=services,ou=users,dc=deuxfleurs,dc=fr::bind:*,ou=users,dc=deuxfleurs,dc=fr:*",
|
||||
"*,ou=services,ou=users,dc=deuxfleurs,dc=fr::read:*:*",
|
||||
|
||||
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:add:*,ou=invitations,dc=deuxfleurs,dc=fr:*",
|
||||
"ANONYMOUS::bind:*,ou=invitations,dc=deuxfleurs,dc=fr:",
|
||||
"*,ou=invitations,dc=deuxfleurs,dc=fr::delete:SELF:*",
|
||||
|
||||
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:add:*,ou=users,dc=deuxfleurs,dc=fr:*",
|
||||
"*,ou=invitations,dc=deuxfleurs,dc=fr::add:*,ou=users,dc=deuxfleurs,dc=fr:*",
|
||||
|
||||
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=email,ou=groups,dc=deuxfleurs,dc=fr:*",
|
||||
"*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=email,ou=groups,dc=deuxfleurs,dc=fr:*",
|
||||
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=seafile,ou=groups,dc=deuxfleurs,dc=fr:*",
|
||||
"*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=seafile,ou=groups,dc=deuxfleurs,dc=fr:*",
|
||||
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=nextcloud,ou=groups,dc=deuxfleurs,dc=fr:*",
|
||||
"*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=seafile,ou=nextcloud,dc=deuxfleurs,dc=fr:*",
|
||||
|
||||
"cn=admin,dc=deuxfleurs,dc=fr::read add modify delete:*:*",
|
||||
"*:cn=admin,ou=groups,dc=deuxfleurs,dc=fr:read add modify delete:*:*"
|
||||
]
|
||||
}
|
|
@ -1,28 +0,0 @@
|
|||
version: '3.4'
|
||||
services:
|
||||
plume:
|
||||
image: superboum/plume:v1
|
||||
env_file:
|
||||
- plume.env
|
||||
depends_on:
|
||||
- consul
|
||||
- postgres
|
||||
ports:
|
||||
- "7878:7878"
|
||||
|
||||
postgres:
|
||||
image: postgres:9.6.19
|
||||
environment:
|
||||
- POSTGRES_DB=plume
|
||||
- POSTGRES_USER=plume
|
||||
- POSTGRES_PASSWORD=plume
|
||||
|
||||
bottin:
|
||||
image: lxpz/bottin_amd64:14
|
||||
depends_on:
|
||||
- consul
|
||||
volumes:
|
||||
- ./bottin.json:/config.json
|
||||
|
||||
consul:
|
||||
image: consul:1.8.4
|
|
@ -1,31 +0,0 @@
|
|||
BASE_URL=integration.env
|
||||
# generate one with openssl rand -base64 32
|
||||
ROCKET_SECRET_KEY=cXZbKoxWIBo0wdaD8tbA1B3BlH2LBSUmgzdyZZr8QxI=
|
||||
|
||||
# Mail settings
|
||||
#MAIL_SERVER=smtp.example.org
|
||||
#MAIL_USER=example
|
||||
#MAIL_PASSWORD=123456
|
||||
#MAIL_HELO_NAME=example.org
|
||||
|
||||
# DATABASE SETUP
|
||||
POSTGRES_PASSWORD=plume
|
||||
POSTGRES_USER=plume
|
||||
POSTGRES_DB=plume
|
||||
DATABASE_URL=postgres://plume:plume@postgres:5432/plume
|
||||
MIGRATION_DIRECTORY=migrations/postgres
|
||||
|
||||
USE_HTTPS=0
|
||||
ROCKET_ADDRESS=0.0.0.0
|
||||
ROCKET_PORT=7878
|
||||
|
||||
MEDIA_UPLOAD_DIRECTORY=/app/static/media
|
||||
SEARCH_INDEX=/app/search_index
|
||||
DOMAIN_NAME="integration.env"
|
||||
INSTANCE_NAME="Integration Instance"
|
||||
|
||||
LDAP_ADDR=ldap://bottin:389
|
||||
LDAP_BASE_DN=ou=users,dc=deuxfleurs,dc=fr
|
||||
LDAP_USER_NAME_ATTR=cn
|
||||
LDAP_USER_MAIL_ATTR=mail
|
||||
LDAP_TLS=false
|
|
@ -1,10 +1,12 @@
|
|||
[service_user."plume"]
|
||||
password_secret = "plume/pgsql_pw"
|
||||
|
||||
|
||||
[secrets."plume/secret_key"]
|
||||
type = 'command'
|
||||
rotate = true
|
||||
command = 'openssl rand -base64 32'
|
||||
|
||||
[secrets."plume/s3_access_key"]
|
||||
type = 'user'
|
||||
description = 'S3 access key ID for database and media storage'
|
||||
|
||||
[secrets."plume/s3_secret_key"]
|
||||
type = 'user'
|
||||
description = 'S3 secret key for database and media storage'
|
||||
|
|
Loading…
Reference in a new issue