From 1dba5c4fd0f923f708f62778596463a14b7c988a Mon Sep 17 00:00:00 2001 From: gyurix Date: Thu, 2 Jan 2025 15:17:50 +0100 Subject: [PATCH] added outline project and remove openproject --- applications-tree.json | 6 +- openproject/openproject-secret.json | 10 -- .../domain-outline.json | 4 +- outline/env | 170 ++++++++++++++++++ .../firewall-outline-dns.json | 4 +- .../firewall-outline-smtp.json | 2 +- .../firewall-outline.json | 6 +- outline/outline-secret.json | 10 ++ outline/service-outline.json | 159 ++++++++++++++++ {openproject => outline}/template.json | 6 +- 10 files changed, 353 insertions(+), 24 deletions(-) delete mode 100644 openproject/openproject-secret.json rename openproject/domain-openproject.json => outline/domain-outline.json (95%) create mode 100644 outline/env rename openproject/firewall-openproject-dns.json => outline/firewall-outline-dns.json (94%) rename openproject/firewall-openproject-smtp.json => outline/firewall-outline-smtp.json (97%) rename openproject/firewall-openproject.json => outline/firewall-outline.json (92%) create mode 100644 outline/outline-secret.json create mode 100644 outline/service-outline.json rename {openproject => outline}/template.json (87%) diff --git a/applications-tree.json b/applications-tree.json index cc27ac5..ed23664 100644 --- a/applications-tree.json +++ b/applications-tree.json @@ -21,8 +21,8 @@ "version": "latest" }, { - "name": "openproject", - "version": "15" + "name": "outline", + "version": "latest" } ] -} \ No newline at end of file +} diff --git a/openproject/openproject-secret.json b/openproject/openproject-secret.json deleted file mode 100644 index 78aec12..0000000 --- a/openproject/openproject-secret.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "openprojectpostgres": { - "POSTGRES_DB": "#DB_NAME", - "POSTGRES_USER": "#DB_USER", - "POSTGRES_PASSWORD": "#DB_PASSWORD" - }, - "openprojectapp": { - "DATABASE_URL": "postgres://#DB_USER:#DB_PASSWORD@openprojectpostgres-db:5432/#DB_NAME?pool=20&encoding=unicode&reconnect=true" - } -} \ No newline at end of file diff --git a/openproject/domain-openproject.json b/outline/domain-outline.json similarity index 95% rename from openproject/domain-openproject.json rename to outline/domain-outline.json index bd437ce..4d8273d 100644 --- a/openproject/domain-openproject.json +++ b/outline/domain-outline.json @@ -23,10 +23,10 @@ "PROXY": "smarthostloadbalancer" }, { - "TARGET": "openprojectapp-web" + "TARGET": "outline" }, { - "PORT": "8080" + "PORT": "3000" }, { "DOMAIN": "#OPENPROJECT_DOMAIN" diff --git a/outline/env b/outline/env new file mode 100644 index 0000000..ed1eb59 --- /dev/null +++ b/outline/env @@ -0,0 +1,170 @@ + NODE_ENV=production + +# Generate a hex-encoded 32-byte random key. You should use `openssl rand -hex 32` +# in your terminal to generate a random value. +SECRET_KEY=generate_a_new_key + +# Generate a unique random key. The format is not important but you could still use +# `openssl rand -hex 32` in your terminal to produce this. +UTILS_SECRET=generate_a_new_key + +# For production point these at your databases, in development the default +# should work out of the box. +DATABASE_URL=postgres://user:pass@localhost:5432/outline +DATABASE_CONNECTION_POOL_MIN= +DATABASE_CONNECTION_POOL_MAX= +# Uncomment this to disable SSL for connecting to Postgres +# PGSSLMODE=disable + +# For redis you can either specify an ioredis compatible url like this +REDIS_URL=redis://localhost:6379 +# or alternatively, if you would like to provide additional connection options, +# use a base64 encoded JSON connection option object. Refer to the ioredis documentation +# for a list of available options. +# Example: Use Redis Sentinel for high availability +# {"sentinels":[{"host":"sentinel-0","port":26379},{"host":"sentinel-1","port":26379}],"name":"mymaster"} +# REDIS_URL=ioredis://eyJzZW50aW5lbHMiOlt7Imhvc3QiOiJzZW50aW5lbC0wIiwicG9ydCI6MjYzNzl9LHsiaG9zdCI6InNlbnRpbmVsLTEiLCJwb3J0IjoyNjM3OX1dLCJuYW1lIjoibXltYXN0ZXIifQ== + +# URL should point to the fully qualified, publicly accessible URL. If using a +# proxy the port in URL and PORT may be different. +URL= +PORT=3000 + +# See [documentation](docs/SERVICES.md) on running a separate collaboration +# server, for normal operation this does not need to be set. +COLLABORATION_URL= + +# Specify what storage system to use. Possible value is one of "s3" or "local". +# For "local", the avatar images and document attachments will be saved on local disk. +FILE_STORAGE=local + +# If "local" is configured for FILE_STORAGE above, then this sets the parent directory under +# which all attachments/images go. Make sure that the process has permissions to create +# this path and also to write files to it. +FILE_STORAGE_LOCAL_ROOT_DIR=/var/lib/outline/data + +# Maximum allowed size for the uploaded attachment. +FILE_STORAGE_UPLOAD_MAX_SIZE=262144000 + +# Override the maximum size of document imports, generally this should be lower +# than the document attachment maximum size. +FILE_STORAGE_IMPORT_MAX_SIZE= + +# Override the maximum size of workspace imports, these can be especially large +# and the files are temporary being automatically deleted after a period of time. +FILE_STORAGE_WORKSPACE_IMPORT_MAX_SIZE= + +# To support uploading of images for avatars and document attachments in a distributed +# architecture an s3-compatible storage can be configured if FILE_STORAGE=s3 above. +AWS_ACCESS_KEY_ID=get_a_key_from_aws +AWS_SECRET_ACCESS_KEY=get_the_secret_of_above_key +AWS_REGION=xx-xxxx-x +AWS_S3_ACCELERATE_URL= +AWS_S3_UPLOAD_BUCKET_URL=http://s3:4569 +AWS_S3_UPLOAD_BUCKET_NAME=bucket_name_here +AWS_S3_FORCE_PATH_STYLE=true +AWS_S3_ACL=private + +# –––––––––––––– AUTHENTICATION –––––––––––––– + +# Third party signin credentials, at least ONE OF EITHER Google, Slack, +# or Microsoft is required for a working installation or you'll have no sign-in +# options. + +# To configure Slack auth, you'll need to create an Application at +# => https://api.slack.com/apps +# +# When configuring the Client ID, add a redirect URL under "OAuth & Permissions": +# https:///auth/slack.callback +SLACK_CLIENT_ID=get_a_key_from_slack +SLACK_CLIENT_SECRET=get_the_secret_of_above_key + +# To configure Google auth, you'll need to create an OAuth Client ID at +# => https://console.cloud.google.com/apis/credentials +# +# When configuring the Client ID, add an Authorized redirect URI: +# https:///auth/google.callback +GOOGLE_CLIENT_ID= +GOOGLE_CLIENT_SECRET= + +# To configure Microsoft/Azure auth, you'll need to create an OAuth Client. See +# the guide for details on setting up your Azure App: +# => https://wiki.generaloutline.com/share/dfa77e56-d4d2-4b51-8ff8-84ea6608faa4 +AZURE_CLIENT_ID= +AZURE_CLIENT_SECRET= +AZURE_RESOURCE_APP_ID= + +# To configure generic OIDC auth, you'll need some kind of identity provider. +# See documentation for whichever IdP you use to acquire the following info: +# Redirect URI is https:///auth/oidc.callback +OIDC_CLIENT_ID= +OIDC_CLIENT_SECRET= +OIDC_AUTH_URI= +OIDC_TOKEN_URI= +OIDC_USERINFO_URI= +OIDC_LOGOUT_URI= + +# Specify which claims to derive user information from +# Supports any valid JSON path with the JWT payload +OIDC_USERNAME_CLAIM=preferred_username + +# Display name for OIDC authentication +OIDC_DISPLAY_NAME=OpenID Connect + +# Space separated auth scopes. +OIDC_SCOPES=openid profile email + +# To configure the GitHub integration, you'll need to create a GitHub App at +# => https://github.com/settings/apps +# +# When configuring the Client ID, add a redirect URL under "Permissions & events": +# https:///api/github.callback +GITHUB_CLIENT_ID= +GITHUB_CLIENT_SECRET= +GITHUB_APP_NAME= +GITHUB_APP_ID= +GITHUB_APP_PRIVATE_KEY= + +# To configure Discord auth, you'll need to create a Discord Application at +# => https://discord.com/developers/applications/ +# +# When configuring the Client ID, add a redirect URL under "OAuth2": +# https:///auth/discord.callback +DISCORD_CLIENT_ID= +DISCORD_CLIENT_SECRET= + + {"SECRET_KEY": "generate_a_new_key"}, + {"UTILS_SECRET": "generate_a_new_key"}, + {"DATABASE_URL": "postgres://user:pass@localhost:5432/outline"}, + {"AWS_ACCESS_KEY_ID": "get_a_key_from_aws"}, + {"AWS_SECRET_ACCESS_KEY": "get_the_secret_of_above_key"}, + {"AWS_REGION": "xx-xxxx-x"}, + {"AWS_S3_ACCELERATE_URL": ""}, + {"AWS_S3_UPLOAD_BUCKET_URL": "http://s3:4569"}, + {"AWS_S3_UPLOAD_BUCKET_NAME": "bucket_name_here"}, + {"AWS_S3_FORCE_PATH_STYLE": true}, + {"AWS_S3_ACL": "private"}, + {"SLACK_CLIENT_ID": "get_a_key_from_slack"}, + {"SLACK_CLIENT_SECRET": "get_the_secret_of_above_key"}, + {"GOOGLE_CLIENT_ID": ""}, + {"GOOGLE_CLIENT_SECRET": ""}, + {"AZURE_CLIENT_ID": ""}, + {"AZURE_CLIENT_SECRET": ""}, + {"AZURE_RESOURCE_APP_ID": ""}, + {"OIDC_CLIENT_ID": ""}, + {"OIDC_CLIENT_SECRET": ""}, + {"OIDC_AUTH_URI": ""}, + {"OIDC_TOKEN_URI": ""}, + {"OIDC_USERINFO_URI": ""}, + {"OIDC_LOGOUT_URI": ""}, + {"OIDC_USERNAME_CLAIM": "preferred_username"}, + {"OIDC_DISPLAY_NAME": "OpenID Connect"}, + {"OIDC_SCOPES": "openid profile email"}, + {"GITHUB_CLIENT_ID": ""}, + {"GITHUB_CLIENT_SECRET": ""}, + {"GITHUB_APP_NAME": ""}, + {"GITHUB_APP_ID": ""}, + {"GITHUB_APP_PRIVATE_KEY": ""}, + {"DISCORD_CLIENT_ID": ""}, + {"DISCORD_CLIENT_SECRET": ""} + diff --git a/openproject/firewall-openproject-dns.json b/outline/firewall-outline-dns.json similarity index 94% rename from openproject/firewall-openproject-dns.json rename to outline/firewall-outline-dns.json index 610c9e0..8442697 100644 --- a/openproject/firewall-openproject-dns.json +++ b/outline/firewall-outline-dns.json @@ -52,7 +52,7 @@ "SOURCE": "coredns" }, { - "TARGET": "openprojectapp-web" + "TARGET": "outline" }, { "TYPE": "udp" @@ -61,7 +61,7 @@ "TARGET_PORT": "53" }, { - "COMMENT": "dns for openproject" + "COMMENT": "dns for outline" } ], "EXTRA": "--privileged --rm", diff --git a/openproject/firewall-openproject-smtp.json b/outline/firewall-outline-smtp.json similarity index 97% rename from openproject/firewall-openproject-smtp.json rename to outline/firewall-outline-smtp.json index 1685301..f31df56 100644 --- a/openproject/firewall-openproject-smtp.json +++ b/outline/firewall-outline-smtp.json @@ -49,7 +49,7 @@ "CHAIN": "DOCKER-USER" }, { - "SOURCE": "openprojectapp-web" + "SOURCE": "outline" }, { "TARGET": "smtp" diff --git a/openproject/firewall-openproject.json b/outline/firewall-outline.json similarity index 92% rename from openproject/firewall-openproject.json rename to outline/firewall-outline.json index 922c400..2f1234b 100644 --- a/openproject/firewall-openproject.json +++ b/outline/firewall-outline.json @@ -52,16 +52,16 @@ "SOURCE": "smarthostbackend" }, { - "TARGET": "openprojectapp-web" + "TARGET": "outline" }, { "TYPE": "tcp" }, { - "TARGET_PORT": "8080" + "TARGET_PORT": "3000" }, { - "COMMENT": "proxy for openproject" + "COMMENT": "proxy for outline" } ], "EXTRA": "--privileged --rm", diff --git a/outline/outline-secret.json b/outline/outline-secret.json new file mode 100644 index 0000000..6ad7686 --- /dev/null +++ b/outline/outline-secret.json @@ -0,0 +1,10 @@ +{ + "outlinepostgres": { + "POSTGRES_DB": "#DB_NAME", + "POSTGRES_USER": "#DB_USER", + "POSTGRES_PASSWORD": "#DB_PASSWORD" + }, + "outlineapp": { + "DATABASE_URL": "postgres://#DB_USER:#DB_PASSWORD@outlinepostgres-db:5432/#DB_NAME" + } +} \ No newline at end of file diff --git a/outline/service-outline.json b/outline/service-outline.json new file mode 100644 index 0000000..ff8e651 --- /dev/null +++ b/outline/service-outline.json @@ -0,0 +1,159 @@ +{ + "main": { + "SERVICE_NAME": "outline", + "DOMAIN": "#OUTLINE_DOMAIN" + }, + "containers": [ + { + "IMAGE": "alpine:latest", + "UPDATE": "true", + "NAME": "outline-init", + "NETWORK": "host", + "MEMORY": "64M", + "VOLUMES": [ + { + "SOURCE": "USER_DATA", + "DEST": "/etc/user/data", + "TYPE": "rw" + }, + { + "SOURCE": "SYSTEM_LOG", + "DEST": "/etc/system/log", + "TYPE": "rw" + } + ], + "EXTRA": "--rm", + "DEPEND": "null", + "START_ON_BOOT": "false", + "ENTRYPOINT": "sh -c", + "CMD": "mkdir -p /etc/user/data/outline/data && mkdir -p /etc/user/data/outline/db", + "PRE_START": "null", + "POST_START": "null" + }, + { + "IMAGE": "postgres:13-alpine", + "UPDATE": "true", + "NAME": "outlinepostgres-db", + "MEMORY": "256M", + "NETWORK": "outline-net", + "SELECTOR": "outlinepostgres-db", + "VOLUMES": [ + { + "SOURCE": "/etc/user/data/outline/db", + "DEST": "/var/lib/postgresql/data", + "TYPE": "rw" + } + ], + "PORTS": [ + { + "SOURCE": "null", + "DEST": "5432", + "TYPE": "tcp" + } + ], + "ENV_FILES": [ + "/etc/user/secret/outline/outline.json" + ], + "EXTRA": "--restart unless-stopped", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + }, + { + "IMAGE": "redis:latest", + "UPDATE": "true", + "NAME": "outlineredis-app", + "MEMORY": "128M", + "NETWORK": "outline-net", + "SELECTOR": "outlineredis", + "PORTS": [ + { + "SOURCE": "null", + "DEST": "6379", + "TYPE": "tcp" + } + ], + "EXTRA": "--restart always", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + }, + { + "IMAGE": "outlinewiki/outline:latest", + "UPDATE": "true", + "NAME": "outlineapp", + "NETWORK": "outline-net", + "SELECTOR": "outline", + "VOLUMES": [ + { + "SOURCE": "/etc/user/data/outline/data", + "DEST": "/var/lib/outline/data", + "TYPE": "rw" + } + ], + "PORTS": [ + { + "SOURCE": "null", + "DEST": "3000", + "TYPE": "tcp" + } + ], + "ENVS": [ + { + "NODE_ENV": "production" + }, + { + "DATABASE_CONNECTION_POOL_MIN": "" + }, + { + "DATABASE_CONNECTION_POOL_MAX": "" + }, + { + "REDIS_URL": "redis://outlineredis-app:6379" + }, + { + "URL": "" + }, + { + "PORT": 3000 + }, + { + "COLLABORATION_URL": "" + }, + { + "FILE_STORAGE": "local" + }, + { + "FILE_STORAGE_LOCAL_ROOT_DIR": "/var/lib/outline/data" + }, + { + "FILE_STORAGE_UPLOAD_MAX_SIZE": 262144000 + }, + { + "FILE_STORAGE_IMPORT_MAX_SIZE": "" + }, + { + "FILE_STORAGE_WORKSPACE_IMPORT_MAX_SIZE": "" + } + ], + "ENV_FILES": [ + "/etc/user/secret/outline/outline.json" + ], + "EXTRA": "--restart unless-stopped", + "DEPEND": [], + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": [ + "firewall-outline", + "domain-outline", + "firewall-outline-dns", + "firewall-outline-smtp" + ] + } + ] +} \ No newline at end of file diff --git a/openproject/template.json b/outline/template.json similarity index 87% rename from openproject/template.json rename to outline/template.json index 286997d..de90321 100644 --- a/openproject/template.json +++ b/outline/template.json @@ -1,5 +1,5 @@ { - "name": "openproject", + "name": "outline", "fields": [ { "description": "Postgres database name", @@ -30,8 +30,8 @@ "generated": "random|sha256|20" }, { - "description": "Please add OpenProject domain:", - "key": "OPENPROJECT_DOMAIN", + "description": "Please add Outline domain:", + "key": "OUTLINE_DOMAIN", "value": "", "required": "true" }