forked from Deuxfleurs/nixcfg
staging plume: cleanup and update
This commit is contained in:
parent
5c7a8c72d8
commit
2488ad0ac2
8 changed files with 12 additions and 104 deletions
|
@ -4,5 +4,5 @@ services:
|
||||||
build:
|
build:
|
||||||
context: ./plume
|
context: ./plume
|
||||||
args:
|
args:
|
||||||
VERSION: 24d3b289da085261966fb338113610905dfca8c9
|
VERSION: 61e65a55ad1f5094321c111e395d00dddcb05e96
|
||||||
image: lxpz/plume_dev:v1
|
image: lxpz/plume_dev:v1
|
||||||
|
|
|
@ -30,6 +30,7 @@ RUN git clone -n https://git.joinplu.me/lx/Plume.git plume
|
||||||
|
|
||||||
WORKDIR /opt/plume
|
WORKDIR /opt/plume
|
||||||
RUN git checkout ${PLUME_VERSION}
|
RUN git checkout ${PLUME_VERSION}
|
||||||
|
RUN git merge 397e3b4d9720475257817b322c05323d12918216
|
||||||
RUN rm rust-toolchain
|
RUN rm rust-toolchain
|
||||||
|
|
||||||
WORKDIR /opt/plume/script
|
WORKDIR /opt/plume/script
|
||||||
|
|
|
@ -16,6 +16,8 @@ S3_REGION=garage-staging
|
||||||
S3_HOSTNAME={{ env "attr.unique.network.ip-address" }}:3990
|
S3_HOSTNAME={{ env "attr.unique.network.ip-address" }}:3990
|
||||||
S3_PROTOCOL=http
|
S3_PROTOCOL=http
|
||||||
S3_PATH_STYLE=true
|
S3_PATH_STYLE=true
|
||||||
|
S3_DIRECT_DOWNLOAD=true
|
||||||
|
S3_ALIAS_HOST=plume.web.staging.deuxfleurs.org
|
||||||
|
|
||||||
# DATABASE SETUP
|
# DATABASE SETUP
|
||||||
DATABASE_URL=/ephemeral/plume.db
|
DATABASE_URL=/ephemeral/plume.db
|
||||||
|
@ -35,4 +37,4 @@ LDAP_USER_MAIL_ATTR=mail
|
||||||
LDAP_TLS=false
|
LDAP_TLS=false
|
||||||
|
|
||||||
RUST_BACKTRACE=1
|
RUST_BACKTRACE=1
|
||||||
RUST_LOG=debug
|
RUST_LOG=info
|
||||||
|
|
|
@ -46,21 +46,14 @@ job "plume-blog" {
|
||||||
}
|
}
|
||||||
|
|
||||||
task "plume" {
|
task "plume" {
|
||||||
constraint {
|
|
||||||
attribute = "${attr.unique.hostname}"
|
|
||||||
operator = "="
|
|
||||||
value = "carcajou"
|
|
||||||
}
|
|
||||||
|
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
config {
|
config {
|
||||||
image = "lxpz/devplume:v3"
|
image = "lxpz/devplume:v5"
|
||||||
network_mode = "host"
|
network_mode = "host"
|
||||||
ports = [ "web_port" ]
|
ports = [ "web_port" ]
|
||||||
command = "sh"
|
command = "sh"
|
||||||
args = [ "-c", "plm search init; plm search refill; plume" ]
|
args = [ "-c", "plm search init; plm search refill; plume" ]
|
||||||
volumes = [
|
volumes = [
|
||||||
"/mnt/ssd/plume/search_index:/app/search_index",
|
|
||||||
"../alloc/data:/ephemeral"
|
"../alloc/data:/ephemeral"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,31 +0,0 @@
|
||||||
{
|
|
||||||
"suffix": "dc=deuxfleurs,dc=fr",
|
|
||||||
"bind": "0.0.0.0:389",
|
|
||||||
"consul_host": "http://consul:8500",
|
|
||||||
"log_level": "debug",
|
|
||||||
"acl": [
|
|
||||||
"*,dc=deuxfleurs,dc=fr::read:*:* !userpassword",
|
|
||||||
"*::read modify:SELF:*",
|
|
||||||
"ANONYMOUS::bind:*,ou=users,dc=deuxfleurs,dc=fr:",
|
|
||||||
"ANONYMOUS::bind:cn=admin,dc=deuxfleurs,dc=fr:",
|
|
||||||
"*,ou=services,ou=users,dc=deuxfleurs,dc=fr::bind:*,ou=users,dc=deuxfleurs,dc=fr:*",
|
|
||||||
"*,ou=services,ou=users,dc=deuxfleurs,dc=fr::read:*:*",
|
|
||||||
|
|
||||||
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:add:*,ou=invitations,dc=deuxfleurs,dc=fr:*",
|
|
||||||
"ANONYMOUS::bind:*,ou=invitations,dc=deuxfleurs,dc=fr:",
|
|
||||||
"*,ou=invitations,dc=deuxfleurs,dc=fr::delete:SELF:*",
|
|
||||||
|
|
||||||
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:add:*,ou=users,dc=deuxfleurs,dc=fr:*",
|
|
||||||
"*,ou=invitations,dc=deuxfleurs,dc=fr::add:*,ou=users,dc=deuxfleurs,dc=fr:*",
|
|
||||||
|
|
||||||
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=email,ou=groups,dc=deuxfleurs,dc=fr:*",
|
|
||||||
"*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=email,ou=groups,dc=deuxfleurs,dc=fr:*",
|
|
||||||
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=seafile,ou=groups,dc=deuxfleurs,dc=fr:*",
|
|
||||||
"*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=seafile,ou=groups,dc=deuxfleurs,dc=fr:*",
|
|
||||||
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=nextcloud,ou=groups,dc=deuxfleurs,dc=fr:*",
|
|
||||||
"*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=seafile,ou=nextcloud,dc=deuxfleurs,dc=fr:*",
|
|
||||||
|
|
||||||
"cn=admin,dc=deuxfleurs,dc=fr::read add modify delete:*:*",
|
|
||||||
"*:cn=admin,ou=groups,dc=deuxfleurs,dc=fr:read add modify delete:*:*"
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,28 +0,0 @@
|
||||||
version: '3.4'
|
|
||||||
services:
|
|
||||||
plume:
|
|
||||||
image: superboum/plume:v1
|
|
||||||
env_file:
|
|
||||||
- plume.env
|
|
||||||
depends_on:
|
|
||||||
- consul
|
|
||||||
- postgres
|
|
||||||
ports:
|
|
||||||
- "7878:7878"
|
|
||||||
|
|
||||||
postgres:
|
|
||||||
image: postgres:9.6.19
|
|
||||||
environment:
|
|
||||||
- POSTGRES_DB=plume
|
|
||||||
- POSTGRES_USER=plume
|
|
||||||
- POSTGRES_PASSWORD=plume
|
|
||||||
|
|
||||||
bottin:
|
|
||||||
image: lxpz/bottin_amd64:14
|
|
||||||
depends_on:
|
|
||||||
- consul
|
|
||||||
volumes:
|
|
||||||
- ./bottin.json:/config.json
|
|
||||||
|
|
||||||
consul:
|
|
||||||
image: consul:1.8.4
|
|
|
@ -1,31 +0,0 @@
|
||||||
BASE_URL=integration.env
|
|
||||||
# generate one with openssl rand -base64 32
|
|
||||||
ROCKET_SECRET_KEY=cXZbKoxWIBo0wdaD8tbA1B3BlH2LBSUmgzdyZZr8QxI=
|
|
||||||
|
|
||||||
# Mail settings
|
|
||||||
#MAIL_SERVER=smtp.example.org
|
|
||||||
#MAIL_USER=example
|
|
||||||
#MAIL_PASSWORD=123456
|
|
||||||
#MAIL_HELO_NAME=example.org
|
|
||||||
|
|
||||||
# DATABASE SETUP
|
|
||||||
POSTGRES_PASSWORD=plume
|
|
||||||
POSTGRES_USER=plume
|
|
||||||
POSTGRES_DB=plume
|
|
||||||
DATABASE_URL=postgres://plume:plume@postgres:5432/plume
|
|
||||||
MIGRATION_DIRECTORY=migrations/postgres
|
|
||||||
|
|
||||||
USE_HTTPS=0
|
|
||||||
ROCKET_ADDRESS=0.0.0.0
|
|
||||||
ROCKET_PORT=7878
|
|
||||||
|
|
||||||
MEDIA_UPLOAD_DIRECTORY=/app/static/media
|
|
||||||
SEARCH_INDEX=/app/search_index
|
|
||||||
DOMAIN_NAME="integration.env"
|
|
||||||
INSTANCE_NAME="Integration Instance"
|
|
||||||
|
|
||||||
LDAP_ADDR=ldap://bottin:389
|
|
||||||
LDAP_BASE_DN=ou=users,dc=deuxfleurs,dc=fr
|
|
||||||
LDAP_USER_NAME_ATTR=cn
|
|
||||||
LDAP_USER_MAIL_ATTR=mail
|
|
||||||
LDAP_TLS=false
|
|
|
@ -1,10 +1,12 @@
|
||||||
[service_user."plume"]
|
|
||||||
password_secret = "plume/pgsql_pw"
|
|
||||||
|
|
||||||
|
|
||||||
[secrets."plume/secret_key"]
|
[secrets."plume/secret_key"]
|
||||||
type = 'command'
|
type = 'command'
|
||||||
rotate = true
|
rotate = true
|
||||||
command = 'openssl rand -base64 32'
|
command = 'openssl rand -base64 32'
|
||||||
|
|
||||||
|
[secrets."plume/s3_access_key"]
|
||||||
|
type = 'user'
|
||||||
|
description = 'S3 access key ID for database and media storage'
|
||||||
|
|
||||||
|
[secrets."plume/s3_secret_key"]
|
||||||
|
type = 'user'
|
||||||
|
description = 'S3 secret key for database and media storage'
|
||||||
|
|
Loading…
Reference in a new issue