From 59003593b6ae7087d72957102abd7987f6acbae5 Mon Sep 17 00:00:00 2001 From: Patrick Jentsch Date: Tue, 9 Jun 2020 12:46:08 +0200 Subject: [PATCH] All configuration via .env file. (This replaces the nopaque.env file) --- .env.tpl | 68 ++++++++++++++++++++++++++++++++++++++---- .gitignore | 1 + daemon/Dockerfile | 12 ++++---- daemon/nopaqued.py.bak | 6 ++-- daemon/tasks/notify.py | 6 ++-- docker-compose.yml | 62 +++++++------------------------------- nopaque.env.tpl | 35 ---------------------- web/Dockerfile | 8 ++--- 8 files changed, 89 insertions(+), 109 deletions(-) delete mode 100644 nopaque.env.tpl diff --git a/.env.tpl b/.env.tpl index 26e41eb5..3a8c84e1 100644 --- a/.env.tpl +++ b/.env.tpl @@ -1,6 +1,62 @@ -# docker GID (getent group docker | cut -d: -f3) -docker_gid= -# GID (id -g) -gid= -# UID (id -u) -uid= +### Build ### +# Bash: getent group docker | cut -d: -f3 +DOCKER_GID= +# Bash: id -g +GID= +# Bash: id -u +UID= + + + +### Runtime ### +# Fill out these variables to use the Docker HTTP socket. When doing this, you +# can remove the Docker UNIX socket mount from the docker-compose file. +# Example: /home/nopaqued/.docker +# DOCKER_CERT_PATH= +# Example: host.docker.internal +# DOCKER_HOST= +# Choose one: False, True +# DOCKER_TLS_VERIFY= + +# Choose one: development, production, testing +FLASK_CONFIG= +# Bash: python -c "import uuid; print(uuid.uuid4().hex)" +SECRET_KEY= + +# Example: - +GITLAB_USERNAME= +# Example: - +GITLAB_PASSWORD= + +# Example: smtp.example.com +MAIL_SERVER= +# Example: 587 +MAIL_PORT= +# Choose one: False, True +MAIL_USE_TLS= +# Example: nopaque@example.com +MAIL_USERNAME= +# Example: - +MAIL_PASSWORD= + +# Example: nopaque@example.com +NOPAQUE_ADMIN= +# Example: nopaque@example.com +NOPAQUE_CONTACT= +# Example: nopaque.localhost +NOPAQUE_DOMAIN= +# Choose one: CRITICAL, ERROR, WARNING, INFO, DEBUG +NOPAQUE_LOG_LEVEL= +# Example: nopaque Admin +NOPAQUE_MAIL_SENDER= +# Choose one: http, https +NOPAQUE_PROTOCOL= +# Example: /mnt/nopaque +NOPAQUE_STORAGE= + +# Example: nopaque +POSTGRES_DB_NAME= +# Example: - +POSTGRES_USER= +# Example: - +POSTGRES_PASSWORD= diff --git a/.gitignore b/.gitignore index b579273f..8ef892c5 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +docker-compose.override.yml nopaque.log nopaqued.log .DS_Store diff --git a/daemon/Dockerfile b/daemon/Dockerfile index a58d2bda..91bded0f 100644 --- a/daemon/Dockerfile +++ b/daemon/Dockerfile @@ -4,9 +4,9 @@ FROM python:3.6-slim-stretch LABEL maintainer="inf_sfb1288@lists.uni-bielefeld.de" -ARG docker_gid=999 -ARG gid=1000 -ARG uid=1000 +ARG DOCKER_GID +ARG GID +ARG UID ENV LANG=C.UTF-8 @@ -18,9 +18,9 @@ RUN apt-get update \ && rm -rf /var/lib/apt/lists/* -RUN groupadd --gid ${docker_gid} --system docker \ - && groupadd --gid ${gid} --system nopaqued \ - && useradd --create-home --gid ${gid} --groups ${docker_gid} --no-log-init --system --uid ${uid} nopaqued +RUN groupadd --gid ${DOCKER_GID} --system docker \ + && groupadd --gid ${GID} --system nopaqued \ + && useradd --create-home --gid ${GID} --groups ${DOCKER_GID} --no-log-init --system --uid ${UID} nopaqued USER nopaqued WORKDIR /home/nopaqued diff --git a/daemon/nopaqued.py.bak b/daemon/nopaqued.py.bak index b1c71739..500568aa 100644 --- a/daemon/nopaqued.py.bak +++ b/daemon/nopaqued.py.bak @@ -340,10 +340,10 @@ def create_mail_notifications(notification_service): data.job.user.email) subject_template = '[nopaque] Status update for your Job/Corpora: {title}!' subject_template_values_dict = {'title': data.job.title} + protocol = os.environ.get('NOPAQUE_PROTOCOL') domain = os.environ.get('NOPAQUE_DOMAIN') - url = '{domain}/{jobs}/{id}'.format(domain=domain, - jobs='jobs', - id=data.job.id) + url = '{protocol}://{domain}/{jobs}/{id}'.format( + protocol=protocol, domain=domain, jobs='jobs', id=data.job.id) body_template_values_dict = {'username': data.job.user.username, 'id': data.job.id, 'title': data.job.title, diff --git a/daemon/tasks/notify.py b/daemon/tasks/notify.py index a24dd19b..4d85be4f 100644 --- a/daemon/tasks/notify.py +++ b/daemon/tasks/notify.py @@ -47,10 +47,10 @@ def __create_mail_notifications(notification_service): data.job.user.email) subject_template = '[nopaque] Status update for your Job/Corpora: {title}!' subject_template_values_dict = {'title': data.job.title} + protocol = os.environ.get('NOPAQUE_PROTOCOL') domain = os.environ.get('NOPAQUE_DOMAIN') - url = '{domain}/{jobs}/{id}'.format(domain=domain, - jobs='jobs', - id=data.job.id) + url = '{protocol}://{domain}/{jobs}/{id}'.format( + protocol=protocol, domain=domain, jobs='jobs', id=data.job.id) body_template_values_dict = {'username': data.job.user.username, 'id': data.job.id, 'title': data.job.title, diff --git a/docker-compose.yml b/docker-compose.yml index f99321b0..6851a14e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,10 +1,5 @@ version: '3.5' -networks: - reverse-proxy: - external: - name: reverse-proxy - volumes: redis-trash1: @@ -12,72 +7,35 @@ services: web: build: args: - gid: ${gid} - uid: ${uid} + GID: ${GID} + UID: ${UID} context: ./web depends_on: - db - redis - env_file: nopaque.env + env_file: .env image: nopaque/web - labels: - - "traefik.docker.network=reverse-proxy" - - "traefik.enable=true" - ### ### - - "traefik.http.middlewares.nopaque-header.headers.customrequestheaders.X-Forwarded-Proto=http" - - "traefik.http.routers.nopaque.entrypoints=web" - - "traefik.http.routers.nopaque.middlewares=nopaque-header, redirect-to-https@file" - - "traefik.http.routers.nopaque.rule=Host(`nopaque.localhost`)" - ### ### - ### ### - - "traefik.http.middlewares.nopaque-secure-header.headers.customrequestheaders.X-Forwarded-Proto=https" - - "traefik.http.routers.nopaque-secure.entrypoints=web-secure" - - "traefik.http.routers.nopaque-secure.middlewares=hsts-header@file, nopaque-secure-header" - - "traefik.http.routers.nopaque-secure.rule=Host(`nopaque.localhost`)" - - "traefik.http.routers.nopaque-secure.tls.options=intermediate@file" - ### ### - ### ### - # - "traefik.http.middlewares.nopaque-basicauth.basicauth.users=name:hashed-password" - # - "traefik.http.routers.nopaque.middlewares=nopaque-basicauth, nopaque-header, redirect-to-https@file" - # - "traefik.http.routers.nopaque-secure.middlewares=nopaque-basicauth, hsts-header@file, nopaquesecure-header" - ### ### - networks: - - default - - reverse-proxy volumes: - - "/mnt/dind-swarm/nopaque:/mnt/dind-swarm/nopaque" - "./logs:/home/nopaque/logs" - - "./web/app:/home/nopaque/app" - - "./web/migrations:/home/nopaque/migrations" - - "./web/tests:/home/nopaque/tests" - - "./web/config.py:/home/nopaque/config.py" - - "./web/docker-entrypoint.sh:/home/nopaque/docker-entrypoint.sh" - - "./web/nopaque.py:/home/nopaque/nopaque.py" - - "./web/requirements.txt:/home/nopaque/requirements.txt" + - "${NOPAQUE_STORAGE}:${NOPAQUE_STORAGE}" daemon: build: args: - docker_gid: ${docker_gid} - gid: ${gid} - uid: ${uid} + DOCKER_GID: ${DOCKER_GID} + GID: ${GID} + UID: ${UID} context: ./daemon depends_on: - db - web - env_file: nopaque.env + env_file: .env image: nopaque/daemon volumes: - - "/mnt/dind-swarm/nopaque:/mnt/dind-swarm/nopaque" - "/var/run/docker.sock:/var/run/docker.sock" - "./logs:/home/nopaqued/logs" - - "./daemon/logger:/home/nopaqued/logger" - - "./daemon/notify:/home/nopaqued/notify" - - "./daemon/tasks:/home/nopaqued/tasks" - - "./daemon/docker-entrypoint.sh:/home/nopaqued/docker-entrypoint.sh" - - "./daemon/nopaqued.py:/home/nopaqued/nopaqued.py" - - "./daemon/requirements.txt:/home/nopaqued/requirements.txt" + - "${NOPAQUE_STORAGE}:${NOPAQUE_STORAGE}" db: - env_file: nopaque.env + env_file: .env image: postgres:11 volumes: - "/srv/nopaque/db:/var/lib/postgresql/data" diff --git a/nopaque.env.tpl b/nopaque.env.tpl deleted file mode 100644 index 25cc5587..00000000 --- a/nopaque.env.tpl +++ /dev/null @@ -1,35 +0,0 @@ -### Docker ### -# Fill out these variables to use the Docker HTTP socket. When doing this, you -# can remove the Docker UNIX socket mount from the docker-compose file. -# DOCKER_CERT_PATH= -# DOCKER_HOST= -# DOCKER_TLS_VERIFY= - -### Flask ### -FLASK_CONFIG= -SECRET_KEY= - -### GitLab Registry ### -GITLAB_USERNAME= -GITLAB_PASSWORD= - -### Flask-Mail ### -MAIL_SERVER= -MAIL_PORT= -MAIL_USE_TLS= -MAIL_USERNAME= -MAIL_PASSWORD= - -### nopaque ### -NOPAQUE_ADMIN= -NOPAQUE_CONTACT= -NOPAQUE_DOMAIN= -NOPAQUE_LOG_LEVEL= -NOPAQUE_MAIL_SENDER= -NOPAQUE_STORAGE= -NOPAQUE_EXECUTE_NOTIFICATIONS= - -### PostgreSQL ### -POSTGRES_DB_NAME= -POSTGRES_USER= -POSTGRES_PASSWORD= diff --git a/web/Dockerfile b/web/Dockerfile index 6fe12f75..57c19cbd 100644 --- a/web/Dockerfile +++ b/web/Dockerfile @@ -4,8 +4,8 @@ FROM python:3.6-slim-stretch LABEL maintainer="inf_sfb1288@lists.uni-bielefeld.de" -ARG uid=1000 -ARG gid=1000 +ARG UID +ARG GID ENV FLASK_APP=nopaque.py ENV LANG=C.UTF-8 @@ -21,8 +21,8 @@ RUN apt-get update \ && rm -rf /var/lib/apt/lists/* -RUN groupadd --gid "${gid}" --system nopaque \ - && useradd --create-home --gid "${gid}" --no-log-init --system --uid "${uid}" nopaque +RUN groupadd --gid ${GID} --system nopaque \ + && useradd --create-home --gid ${GID} --no-log-init --system --uid ${UID} nopaque USER nopaque WORKDIR /home/nopaque