~qeef/damn-deploy

14850af1a7132db1cd3317ad2733f00416c574bc — Jiri Vlasak 3 months ago 16b3212 + ecdd37f v0.9.0
Merge branch 'add-www'
6 files changed, 32 insertions(+), 17 deletions(-)

M .env
M CHANGELOG.md
M README.md
M chat.yml
M clients.yml
M server.yml
M .env => .env +2 -0
@@ 15,6 15,7 @@ OAUTH_CONSUMER_SECRET=osm.org > My Settings > oauth settings > page bottom
# Necessary settings.
#
DOMAIN_NAME=damn-project.org
WWW_REPO=https://git.sr.ht/~qeef/damn-www.git

####################################################
#                                                  #


@@ 46,6 47,7 @@ SERVER_SUB=server
DAMN_SERVER_VERSION=v0.7.0
DAMN_CLIENTS=*,
DB_HOST=damndb_server
WWW_SUB=www

# Optional client settings.
#

M CHANGELOG.md => CHANGELOG.md +5 -0
@@ 12,6 12,11 @@ The format is based on [Keep a Changelog][] and this project adheres to
Unreleased
==========

Added
-----

- Web page service.


0.8.0 - 2020-11-11
==================

M README.md => README.md +9 -0
@@ 43,6 43,13 @@ section for the database periodic upkeep scripts.
Server setup
------------

There are few services within the `server.yml` docker compose file. There is
`db` and `api` services. These are the core services. `db` serves the database
and the `api` is the JSON REST (Fast)API to the database. Then, there is the
`upkeep` that runs periodic tasks on the database. (See the *Damn upkeep*
section.) The next is the `www` service serving the web pages. Finally, the
`traefik` service provides the gate to all the services above.

1. Set environment variables in `.env` file. The following is the meaning:

    - `POSTGRES_PASSWORD`: Password to PostgreSQL database.


@@ 52,6 59,7 @@ Server setup
    - `OAUTH_CONSUMER_SECRET`: API secret, get from osm.org.

    - `DOMAIN_NAME`: Use your domain.
    - `WWW_REPO`: Link to a docker git repository with web pages.

    The following are optinal settings. You don't need to change them. The
    defaults work good.


@@ 60,6 68,7 @@ Server setup
    - `DAMN_SERVER_VERSION`: Choose the version of the server.
    - `DAMN_CLIENTS`: Allow origins clients.
    - `DB_HOST`: Alias of `db` docker service, keep that value.
    - `WWW_SUB`: The subdomain for the web pages.

2. Set proper email address in `traefik.yml` file.


M chat.yml => chat.yml +0 -8
@@ 8,17 8,9 @@ services:
        env_file: .env
        restart: always
        labels:
            - "traefik.http.routers.chat-unsec.entrypoints=web"
            - "traefik.http.routers.chat-unsec.rule=Host(`${CHAT_SUB}.${DOMAIN_NAME}`)"
            - "traefik.http.routers.chat-unsec.middlewares=redir@docker"
            - "traefik.http.routers.chat.entrypoints=web-secure"
            - "traefik.http.routers.chat.rule=Host(`${CHAT_SUB}.${DOMAIN_NAME}`)"
            - "traefik.http.routers.chat.tls=true"
            - "traefik.http.routers.chat.tls.certresolver=le"
            - "traefik.websocket.routers.chat-unsec.entrypoints=web"
            - "traefik.websocket.routers.chat-unsec.rule=Host(`${CHAT_SUB}.${DOMAIN_NAME}`)"
            - "traefik.websocket.routers.chat-unsec.middlewares=redir@docker"
            - "traefik.websocket.routers.chat.entrypoints=web-secure"
            - "traefik.websocket.routers.chat.rule=Host(`${CHAT_SUB}.${DOMAIN_NAME}`)"
            - "traefik.websocket.routers.chat.tls=true"
            - "traefik.websocket.routers.chat.tls.certresolver=le"

M clients.yml => clients.yml +0 -8
@@ 16,10 16,6 @@ services:
        environment:
            - NGINX_HOST=${CLIENT_SUB}.${DOMAIN_NAME}
        labels:
            - "traefik.http.routers.client-unsec.entrypoints=web"
            - "traefik.http.routers.client-unsec.rule=Host(`${CLIENT_SUB}.${DOMAIN_NAME}`)"
            - "traefik.http.routers.client-unsec.middlewares=redir@docker"
            - "traefik.http.routers.client.entrypoints=web-secure"
            - "traefik.http.routers.client.rule=Host(`${CLIENT_SUB}.${DOMAIN_NAME}`)"
            - "traefik.http.routers.client.tls=true"
            - "traefik.http.routers.client.tls.certresolver=le"


@@ 35,10 31,6 @@ services:
        environment:
            - NGINX_HOST=${MANAGER_SUB}.${DOMAIN_NAME}
        labels:
            - "traefik.http.routers.manager-unsec.entrypoints=web"
            - "traefik.http.routers.manager-unsec.rule=Host(`${MANAGER_SUB}.${DOMAIN_NAME}`)"
            - "traefik.http.routers.manager-unsec.middlewares=redir@docker"
            - "traefik.http.routers.manager.entrypoints=web-secure"
            - "traefik.http.routers.manager.rule=Host(`${MANAGER_SUB}.${DOMAIN_NAME}`)"
            - "traefik.http.routers.manager.tls=true"
            - "traefik.http.routers.manager.tls.certresolver=le"

M server.yml => server.yml +16 -1
@@ 29,6 29,18 @@ services:
        env_file: .env
        links:
            - db
    www:
        build:
            context: ${WWW_REPO}
        restart: always
        labels:
            - "traefik.http.routers.www.rule=Host(`${WWW_SUB}.${DOMAIN_NAME}`) || Host(`${DOMAIN_NAME}`)"
            - "traefik.http.routers.www.tls=true"
            - "traefik.http.routers.www.tls.certresolver=le"
            - "traefik.http.routers.www.middlewares=redir-www@docker"
            - "traefik.http.middlewares.redir-www.redirectRegex.regex=^https://${DOMAIN_NAME}/(.*)"
            - "traefik.http.middlewares.redir-www.redirectRegex.replacement=https://${WWW_SUB}.${DOMAIN_NAME}/$${1}"
            - "traefik.http.middlewares.redir-www.redirectRegex.permanent=true"
    traefik:
        image: traefik:v2.0
        restart: always


@@ 40,6 52,9 @@ services:
            - 80:80
            - 443:443
        labels:
            - "traefik.http.middlewares.redir.redirectscheme.scheme=https"
            - "traefik.http.routers.redir-unsec.rule=HostRegexp(`{subdomain:[a-z]+}.${DOMAIN_NAME}`) || Host(`${DOMAIN_NAME}`)"
            - "traefik.http.routers.redir-unsec.middlewares=redir-unsec@docker"
            - "traefik.http.middlewares.redir-unsec.redirectscheme.scheme=https"
            - "traefik.http.middlewares.redir-unsec.redirectscheme.permanent=true"
volumes:
    damndb-volume: