Add dockerfile and compose for production
This commit is contained in:
parent
8fae56965e
commit
3329745650
123
.gitlab-ci.yml
123
.gitlab-ci.yml
@ -1,123 +0,0 @@
|
|||||||
image: tcitworld/mobilizon-ci
|
|
||||||
|
|
||||||
stages:
|
|
||||||
- check
|
|
||||||
- test
|
|
||||||
- deploy
|
|
||||||
|
|
||||||
variables:
|
|
||||||
MIX_ENV: "test"
|
|
||||||
# DB Variables for Postgres / Postgis
|
|
||||||
POSTGRES_DB: mobilizon_test
|
|
||||||
POSTGRES_USER: postgres
|
|
||||||
POSTGRES_PASSWORD: ""
|
|
||||||
POSTGRES_HOST: postgres
|
|
||||||
# DB Variables for Mobilizon
|
|
||||||
MOBILIZON_DATABASE_USERNAME: $POSTGRES_USER
|
|
||||||
MOBILIZON_DATABASE_PASSWORD: $POSTGRES_PASSWORD
|
|
||||||
MOBILIZON_DATABASE_DBNAME: $POSTGRES_DB
|
|
||||||
MOBILIZON_DATABASE_HOST: $POSTGRES_HOST
|
|
||||||
GEOLITE_CITIES_PATH: "/usr/share/GeoIP/GeoLite2-City.mmdb"
|
|
||||||
MOBILIZON_INSTANCE_REGISTRATIONS_OPEN: "true"
|
|
||||||
|
|
||||||
cache:
|
|
||||||
key: ${CI_COMMIT_REF_SLUG}
|
|
||||||
paths:
|
|
||||||
- ~/.cache/Cypress
|
|
||||||
- _build/
|
|
||||||
- deps/
|
|
||||||
- js/node_modules
|
|
||||||
- cache/Cypress
|
|
||||||
|
|
||||||
lint:
|
|
||||||
stage: check
|
|
||||||
script:
|
|
||||||
- export EXITVALUE=0
|
|
||||||
- mix deps.get
|
|
||||||
- mix credo --strict -a || export EXITVALUE=1
|
|
||||||
- mix format --check-formatted --dry-run || export EXITVALUE=1
|
|
||||||
- cd js
|
|
||||||
- yarn install
|
|
||||||
#- yarn run lint || export EXITVALUE=1
|
|
||||||
- yarn run prettier --ignore-path="src/i18n/*" -c . || export EXITVALUE=1
|
|
||||||
- yarn run build
|
|
||||||
- cd ../
|
|
||||||
- exit $EXITVALUE
|
|
||||||
artifacts:
|
|
||||||
expire_in: 1 day
|
|
||||||
when: on_success
|
|
||||||
paths:
|
|
||||||
- priv/static
|
|
||||||
|
|
||||||
deps:
|
|
||||||
stage: check
|
|
||||||
script:
|
|
||||||
- export EXITVALUE=0
|
|
||||||
- mix deps.get
|
|
||||||
- mix hex.outdated || export EXITVALUE=1
|
|
||||||
- cd js
|
|
||||||
- yarn outdated || export EXITVALUE=1
|
|
||||||
- exit $EXITVALUE
|
|
||||||
allow_failure: true
|
|
||||||
|
|
||||||
exunit:
|
|
||||||
stage: test
|
|
||||||
services:
|
|
||||||
- name: mdillon/postgis:11
|
|
||||||
alias: postgres
|
|
||||||
before_script:
|
|
||||||
- cd js
|
|
||||||
- yarn install
|
|
||||||
- yarn run build
|
|
||||||
- cd ../
|
|
||||||
- mix deps.get
|
|
||||||
- MIX_ENV=test mix ecto.create
|
|
||||||
- MIX_ENV=test mix ecto.migrate
|
|
||||||
dependencies:
|
|
||||||
- lint
|
|
||||||
script:
|
|
||||||
- mix coveralls
|
|
||||||
# cypress:
|
|
||||||
# stage: test
|
|
||||||
# services:
|
|
||||||
# - name: mdillon/postgis:11
|
|
||||||
# alias: postgres
|
|
||||||
# script:
|
|
||||||
# - mix deps.get
|
|
||||||
# - cd js
|
|
||||||
# - yarn install
|
|
||||||
# - npx cypress install # just to be sure
|
|
||||||
# - yarn run build
|
|
||||||
# - cd ../
|
|
||||||
# - MIX_ENV=e2e mix ecto.create
|
|
||||||
# - MIX_ENV=e2e mix ecto.migrate
|
|
||||||
# - MIX_ENV=e2e mix run priv/repo/e2e.seed.exs
|
|
||||||
# - MIX_ENV=e2e mix phx.server &
|
|
||||||
# - cd js
|
|
||||||
# - npx wait-on http://localhost:4000
|
|
||||||
# - if [ -z "$CYPRESS_KEY" ]; then npx cypress run; else npx cypress run --record --parallel --key $CYPRESS_KEY; fi
|
|
||||||
# artifacts:
|
|
||||||
# expire_in: 2 day
|
|
||||||
# paths:
|
|
||||||
# - js/tests/e2e/screenshots/**/*.png
|
|
||||||
# - js/tests/e2e/videos/**/*.mp4
|
|
||||||
|
|
||||||
# pages:
|
|
||||||
# stage: deploy
|
|
||||||
# script:
|
|
||||||
# # - mkdir public
|
|
||||||
# # Mobilizon documentation is now on https://framagit.org/framasoft/joinmobilizon/documentation
|
|
||||||
# # Mix docs disabled because of https://github.com/elixir-lang/ex_doc/issues/1172
|
|
||||||
# # - mix deps.get
|
|
||||||
# # - mix docs
|
|
||||||
# # - mv doc public/backend
|
|
||||||
# #- cd js
|
|
||||||
# #- yarn install
|
|
||||||
# #- yarn run styleguide:build
|
|
||||||
# #- mv styleguide ../public/frontend
|
|
||||||
# only:
|
|
||||||
# - master
|
|
||||||
# artifacts:
|
|
||||||
# expire_in: 1 hour
|
|
||||||
# paths:
|
|
||||||
# - public
|
|
10
Dockerfile
10
Dockerfile
@ -1,10 +0,0 @@
|
|||||||
FROM bitwalker/alpine-elixir:latest
|
|
||||||
|
|
||||||
RUN apk add inotify-tools postgresql-client yarn file
|
|
||||||
RUN apk add --no-cache make gcc libc-dev argon2 imagemagick
|
|
||||||
|
|
||||||
RUN mix local.hex --force && mix local.rebar --force
|
|
||||||
|
|
||||||
WORKDIR /app
|
|
||||||
|
|
||||||
EXPOSE 4000
|
|
1
Dockerfile
Symbolic link
1
Dockerfile
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
./docker/production/Dockerfile
|
62
docker/production/Dockerfile
Normal file
62
docker/production/Dockerfile
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
FROM elixir:slim
|
||||||
|
|
||||||
|
# Install dependencies, NodeJS, YARN & clean apt
|
||||||
|
RUN apt update \
|
||||||
|
&& apt -y dist-upgrade \
|
||||||
|
&& apt -y install build-essential \
|
||||||
|
curl \
|
||||||
|
wget \
|
||||||
|
unzip \
|
||||||
|
vim \
|
||||||
|
openssl \
|
||||||
|
git \
|
||||||
|
cmake \
|
||||||
|
imagemagick \
|
||||||
|
webp \
|
||||||
|
gifsicle \
|
||||||
|
jpegoptim \
|
||||||
|
optipng \
|
||||||
|
pngquant \
|
||||||
|
postgresql-client \
|
||||||
|
&& curl -sL https://deb.nodesource.com/setup_12.x | bash - \
|
||||||
|
&& apt -y install nodejs \
|
||||||
|
&& curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
|
||||||
|
&& echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list \
|
||||||
|
&& apt -y update && apt -y install yarn \
|
||||||
|
&& apt -y clean \
|
||||||
|
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||||
|
|
||||||
|
# Add mobilizon user
|
||||||
|
RUN groupadd -r mobilizon \
|
||||||
|
&& useradd -r -g mobilizon -m mobilizon
|
||||||
|
|
||||||
|
USER mobilizon
|
||||||
|
|
||||||
|
# ENV
|
||||||
|
ENV MIX_ENV=prod
|
||||||
|
|
||||||
|
# PORT
|
||||||
|
EXPOSE 4000
|
||||||
|
|
||||||
|
# Copy repo
|
||||||
|
COPY . /app
|
||||||
|
WORKDIR /app
|
||||||
|
|
||||||
|
# Compile dependencies, Mobilizon and build front-end
|
||||||
|
RUN mix local.hex --force && mix local.rebar --force \
|
||||||
|
&& HEX_HTTP_CONCURRENCY=4 HEX_HTTP_TIMEOUT=60 mix do deps.get, compile \
|
||||||
|
&& cd js && NODE_BUILD_MEMORY=2024 yarn install && NODE_BUILD_MEMORY=2024 yarn run build \
|
||||||
|
# free space
|
||||||
|
&& rm -rf js doc deps docs support \
|
||||||
|
&& rm -rf /home/mobilizon/.cache/* \
|
||||||
|
# copy config secret env based file
|
||||||
|
&& cp docker/production/prod.secret config/ \
|
||||||
|
# set start script mod
|
||||||
|
&& chmod +x /app/docker/production/start.sh
|
||||||
|
|
||||||
|
CMD /app/docker/production/start.sh
|
||||||
|
|
||||||
|
## start.sh:
|
||||||
|
# !/bin/bash
|
||||||
|
# mix ecto.migrate
|
||||||
|
# mix phx.server
|
50
docker/production/README.md
Normal file
50
docker/production/README.md
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
# Build and deploy Mobilizon with docker
|
||||||
|
|
||||||
|
You will need to :
|
||||||
|
- build the image
|
||||||
|
- adapte env file
|
||||||
|
- run docker-compose
|
||||||
|
|
||||||
|
## Build the image
|
||||||
|
|
||||||
|
docker build -t mymobilizon -f docker/prod/Dockerfile .
|
||||||
|
|
||||||
|
## Adapt env file
|
||||||
|
|
||||||
|
cp env .env
|
||||||
|
|
||||||
|
- Edit .env content with your params.
|
||||||
|
- Edit docker-compose file with your params (environment section for mobilizon & posgres).
|
||||||
|
|
||||||
|
You can generate `MOBILIZON_INSTANCE_SECRET_KEY_BASE` and `MOBILIZON_INSTANCE_SECRET_KEY` with:
|
||||||
|
|
||||||
|
gpg --gen-random --armor 1 50
|
||||||
|
|
||||||
|
## run docker-compose
|
||||||
|
|
||||||
|
docker-compose -f docker-compose-simple.yml up
|
||||||
|
# set user for volumes
|
||||||
|
sudo chown 999:999 db public wal public/upload
|
||||||
|
# in another shell
|
||||||
|
docker-compose -f docker-compose-simple.yml exec -u 0 mobilizon bash
|
||||||
|
su - mobilizon
|
||||||
|
# backup secret
|
||||||
|
mv config/prod.secret.exs config/prod.secret.exs.env
|
||||||
|
# run config generation
|
||||||
|
MIX_ENV=prod mix mobilizon.instance gen -f
|
||||||
|
# reply anything (not used after) except for :
|
||||||
|
# - What is the name of your database? [mobilizon_prod]
|
||||||
|
# - What is the user used to connect to your database? [mobilizon]
|
||||||
|
# - What is the password used to connect to your database? [autogenerated]
|
||||||
|
# get secret env based bak
|
||||||
|
mv config/prod.secret.exs.env config/prod.secret.exs
|
||||||
|
# run the db init script as root
|
||||||
|
exit
|
||||||
|
psql -U postgres -p 5432 -h postgres -f setup_db.psql
|
||||||
|
# delete db init sript
|
||||||
|
rm setup_db.psql
|
||||||
|
# create an admin with mobilizon user
|
||||||
|
su - mobilizon
|
||||||
|
cd /app
|
||||||
|
MIX_ENV=prod mix mobilizon.users.new pascoual@tedomum.fr --password mobilizon
|
||||||
|
# exit with ctrl+d (twice times)
|
44
docker/production/docker-compose.yml
Normal file
44
docker/production/docker-compose.yml
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
version: "2.1"
|
||||||
|
|
||||||
|
services:
|
||||||
|
mobilizon:
|
||||||
|
image: mobilizon
|
||||||
|
environment:
|
||||||
|
- MOBILIZON_INSTANCE_NAME="My Mobilizon Instance"
|
||||||
|
- MOBILIZON_INSTANCE_HOST=mobilizon.lan
|
||||||
|
- MOBILIZON_INSTANCE_EMAIL=noreply@mobilizon.lan
|
||||||
|
- MOBILIZON_INSTANCE_REGISTRATIONS_OPEN=true
|
||||||
|
- MOBILIZON_DATABASE_USERNAME
|
||||||
|
- MOBILIZON_DATABASE_PASSWORD
|
||||||
|
- MOBILIZON_DATABASE_DBNAME=mobilizon_prod
|
||||||
|
- MOBILIZON_DATABASE_HOST=postgres
|
||||||
|
- MOBILIZON_INSTANCE_SECRET_KEY_BASE
|
||||||
|
- MOBILIZON_INSTANCE_SECRET_KEY
|
||||||
|
- MOBILIZON_ADMIN_EMAIL=your@email.com
|
||||||
|
- MOBILIZON_SMPT_SERVER=yoursmtpserver
|
||||||
|
- MOBILIZON_SMPT_MOBILIZON_SMPT_HOSTNAME=your.smtp.domain
|
||||||
|
- MOBILIZON_SMPT_PORT=25
|
||||||
|
- MOBILIZON_SMPT_USERNAME
|
||||||
|
- MOBILIZON_SMPT_PASSWORD
|
||||||
|
- MOBILIZON_SMPT_SSL=false
|
||||||
|
volumes:
|
||||||
|
- ./public/upload:/app/upload
|
||||||
|
ports:
|
||||||
|
- "4000:4000"
|
||||||
|
depends_on:
|
||||||
|
- postgres
|
||||||
|
|
||||||
|
postgres:
|
||||||
|
image: postgis/postgis
|
||||||
|
volumes:
|
||||||
|
- ./db:/var/lib/postgresql/data
|
||||||
|
- ./wal:/wal
|
||||||
|
- ./postgresql.conf:/var/lib/postgresql/data/postgresql.conf
|
||||||
|
environment:
|
||||||
|
- POSTGRES_PASSWORD
|
||||||
|
- PGDATA=/var/lib/postgresql/data/pgdata
|
||||||
|
|
||||||
|
networks:
|
||||||
|
default:
|
||||||
|
ipam:
|
||||||
|
driver: default
|
10
docker/production/env
Normal file
10
docker/production/env
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
# You need to:
|
||||||
|
# cp env .env
|
||||||
|
# edite .env with your settings
|
||||||
|
MOBILIZON_DATABASE_PASSWORD=postgres
|
||||||
|
MOBILIZON_DATABASE_USERNAME=postgres
|
||||||
|
MOBILIZON_INSTANCE_SECRET_KEY_BASE=MmU1NWQyYWQtM2MzZC00ZTU5LTg0MmItMmY5NDZlMmNhNmEwCg
|
||||||
|
MOBILIZON_INSTANCE_SECRET_KEY=NjJhMGU5MDctZGNkOC00NGM0LWI5OWItZDEyY2FkNjRlODYyCg
|
||||||
|
MOBILIZON_SMPT_USERNAME=username
|
||||||
|
MOBILIZON_SMPT_PASSWORD=password
|
||||||
|
POSTGRES_PASSWORD=postgres
|
49
docker/production/prod.secret.exs
Normal file
49
docker/production/prod.secret.exs
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
# Mobilizon instance configuration
|
||||||
|
|
||||||
|
import Config
|
||||||
|
|
||||||
|
config :mobilizon, Mobilizon.Web.Endpoint,
|
||||||
|
url: [host: System.get_env("MOBILIZON_INSTANCE_HOST", "mobilizon.lan")],
|
||||||
|
http: [port: 4000],
|
||||||
|
secret_key_base: System.get_env("MOBILIZON_INSTANCE_SECRET_KEY_BASE", "ZcvexeC7cnwtKR8ADMBDwrYu2aYHUyjrOu4yA181Z112HNu/I5jyRleo4hoxOMqQ")
|
||||||
|
|
||||||
|
config :mobilizon, Mobilizon.Web.Auth.Guardian,
|
||||||
|
secret_key: System.get_env("MOBILIZON_INSTANCE_SECRET_KEY", "KsdUIvp6hQ7b97yxUZcDQyGH0g4LS3fF0OvIsIATpkKzd1MDvSS4KexWXsjXeMQZ")
|
||||||
|
|
||||||
|
config :mobilizon, :instance,
|
||||||
|
name: System.get_env("MOBILIZON_INSTANCE_NAME", "Mobilizon"),
|
||||||
|
description: "Change this to a proper description of your instance",
|
||||||
|
hostname: System.get_env("MOBILIZON_INSTANCE_HOST", "mobilizon.lan"),
|
||||||
|
registrations_open: System.get_env("MOBILIZON_INSTANCE_REGISTRATIONS_OPEN", "false"),
|
||||||
|
demo: false,
|
||||||
|
allow_relay: true,
|
||||||
|
federating: true,
|
||||||
|
email_from: System.get_env("MOBILIZON_INSTANCE_EMAIL", "noreply@mobilizon.lan"),
|
||||||
|
email_reply_to: System.get_env("MOBILIZON_INSTANCE_EMAIL", "noreply@mobilizon.lan")
|
||||||
|
|
||||||
|
config :mobilizon, Mobilizon.Storage.Repo,
|
||||||
|
adapter: Ecto.Adapters.Postgres,
|
||||||
|
username: System.get_env("MOBILIZON_DATABASE_USERNAME", "username"),
|
||||||
|
password: System.get_env("MOBILIZON_DATABASE_PASSWORD", "password"),
|
||||||
|
database: System.get_env("MOBILIZON_DATABASE_DBNAME", "mobilizon"),
|
||||||
|
hostname: System.get_env("MOBILIZON_DATABASE_HOST", "postgres"),
|
||||||
|
port: "5432",
|
||||||
|
pool_size: 10
|
||||||
|
|
||||||
|
config :mobilizon, Mobilizon.Web.Email.Mailer,
|
||||||
|
adapter: Bamboo.SMTPAdapter,
|
||||||
|
server: System.get_env("MOBILIZON_SMPT_SERVER", "localhost"),
|
||||||
|
hostname: System.get_env("MOBILIZON_SMPT_HOSTNAME", "localhost"),
|
||||||
|
port: System.get_env("MOBILIZON_SMPT_PORT", "25"),
|
||||||
|
username: System.get_env("MOBILIZON_SMPT_USERNAME", nil),
|
||||||
|
password: System.get_env("MOBILIZON_SMPT_PASSWORD", nil),
|
||||||
|
# can be `:always` or `:never`
|
||||||
|
tls: :if_available,
|
||||||
|
allowed_tls_versions: [:tlsv1, :"tlsv1.1", :"tlsv1.2"],
|
||||||
|
# can be `true`
|
||||||
|
ssl: System.get_env("MOBILIZON_SMPT_SSL", "false"),
|
||||||
|
retries: 1,
|
||||||
|
# can be `true`
|
||||||
|
no_mx_lookups: false,
|
||||||
|
# can be `:always`. If your smtp relay requires authentication set it to `:always`.
|
||||||
|
auth: :if_available
|
3
docker/production/start.sh
Executable file
3
docker/production/start.sh
Executable file
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
mix ecto.migrate
|
||||||
|
mix phx.server
|
Loading…
Reference in New Issue
Block a user