Commit 5124b8b9 authored by Michał 'rysiek' Woźniak's avatar Michał 'rysiek' Woźniak
Browse files

upstream change: webschleuder3 -> schleuder-web

parent f05d68fe
...@@ -10,17 +10,17 @@ RUN apt-get update && apt-get install -y \ ...@@ -10,17 +10,17 @@ RUN apt-get update && apt-get install -y \
git-core \ git-core \
--no-install-recommends && rm -rf /var/lib/apt/lists/* --no-install-recommends && rm -rf /var/lib/apt/lists/*
RUN git clone https://git.codecoop.org/schleuder/webschleuder3.git /opt/webschleuder3 && \ RUN git clone https://git.codecoop.org/schleuder/schleuder-web.git /opt/schleuder-web && \
cd /opt/webschleuder3 && \ cd /opt/schleuder-web && \
bin/setup bin/setup
# remove the default config files # remove the default config files
RUN rm /opt/webschleuder3/config/webschleuder.yml /opt/webschleuder3/config/secrets.yml /opt/webschleuder3/config/database.yml RUN rm /opt/schleuder-web/config/webschleuder.yml /opt/schleuder-web/config/secrets.yml /opt/schleuder-web/config/database.yml
COPY entrypoint.sh /sbin/entrypoint.sh COPY entrypoint.sh /sbin/entrypoint.sh
RUN chmod a+x /sbin/entrypoint.sh RUN chmod a+x /sbin/entrypoint.sh
WORKDIR /opt/webschleuder3 WORKDIR /opt/schleuder-web
EXPOSE 3000 EXPOSE 3000
ENTRYPOINT ["/sbin/entrypoint.sh"] ENTRYPOINT ["/sbin/entrypoint.sh"]
CMD ["bundle", "exec", "rails", "server", "-b", "$WEBSCHLOCKER_BIND_ADDRESS", "-p", "$WEBSCHLOCKER_BIND_PORT", "-e", "production"] CMD ["bundle", "exec", "rails", "server", "-b", "$WEBSCHLOCKER_BIND_ADDRESS", "-p", "$WEBSCHLOCKER_BIND_PORT", "-e", "production"]
\ No newline at end of file
# [Webschleuder](https://git.codecoop.org/schleuder/webschleuder3) on `docker` # [Webschleuder](https://git.codecoop.org/schleuder/webschleuder3) on `docker`
This repo contains `docker` configuration for `webschleuder3`, a web interface for an encrypted group email system `schleuder3`. This repo contains `docker` configuration for `schleuder-web`, a web interface for an encrypted group email system `schleuder3`.
Uses `schleuder3 beta`, because it seems to actually be installable on modern systems. See: Uses `schleuder3 beta`, because it seems to actually be installable on modern systems. See:
...@@ -13,7 +13,7 @@ If a valid database is not found, `rake db:setup` is run inside the container to ...@@ -13,7 +13,7 @@ If a valid database is not found, `rake db:setup` is run inside the container to
This image requires a `schleuderd` running somewhere and accessible via `TCP/IP` -- one option is to run the [`schlocker3` docker image](https://git.occrp.org/libre/schlocker3/). You can configure the `schleuderd` URI with the `WEBSCHLOCKER_CONFIG_SCHLEUDERD_URI` environment variable described below. This image requires a `schleuderd` running somewhere and accessible via `TCP/IP` -- one option is to run the [`schlocker3` docker image](https://git.occrp.org/libre/schlocker3/). You can configure the `schleuderd` URI with the `WEBSCHLOCKER_CONFIG_SCHLEUDERD_URI` environment variable described below.
**Please be advised that `schleuderd` does not, at this time, offer authentication, nor does it support `TLS`-encrypted connections. This means that `webschleuder3` should be run on the same physical machine, or at least on a connection that precludes the possibility of malicious connections being made to `schleuderd`.** You have been warned! **Please be advised that `schleuderd` does not, at this time, offer authentication, nor does it support `TLS`-encrypted connections. This means that `schleuder-web` should be run on the same physical machine, or at least on a connection that precludes the possibility of malicious connections being made to `schleuderd`.** You have been warned!
## Running and testing ## Running and testing
...@@ -33,7 +33,7 @@ Once you have that, navigate your browser to `http://<IP-of-the-container>:3000/ ...@@ -33,7 +33,7 @@ Once you have that, navigate your browser to `http://<IP-of-the-container>:3000/
- `WEBSCHLOCKER_CONFIG_HOSTNAME` (default: container's hostname) - `WEBSCHLOCKER_CONFIG_HOSTNAME` (default: container's hostname)
The hostname `webschleuder3` will run under, used among others in confirmation links sent to users. The hostname `schleuder-web` will run under, used among others in confirmation links sent to users.
- `WEBSCHLOCKER_BIND_ADDRESS` (default: `0.0.0.0`) - `WEBSCHLOCKER_BIND_ADDRESS` (default: `0.0.0.0`)
- `WEBSCHLOCKER_BIND_PORT` (default: `3000`) - `WEBSCHLOCKER_BIND_PORT` (default: `3000`)
...@@ -50,7 +50,7 @@ Sender address for all the e-mails originating from the web interface (i.e. conf ...@@ -50,7 +50,7 @@ Sender address for all the e-mails originating from the web interface (i.e. conf
- `WEBSCHLOCKER_CONFIG_DELIVERY_METHOD` (default: `smtp`) - `WEBSCHLOCKER_CONFIG_DELIVERY_METHOD` (default: `smtp`)
Delivery method to use for outgoing e-mail; `webschleuder3` uses [`ActionMailer`](http://api.rubyonrails.org/classes/ActionMailer/Base.html) to send mail. Delivery method to use for outgoing e-mail; `schleuder-web` uses [`ActionMailer`](http://api.rubyonrails.org/classes/ActionMailer/Base.html) to send mail.
- `WEBSCHLOCKER_CONFIG_SENDMAIL_ARGUMENTS` (default: `-t -i -f`) - `WEBSCHLOCKER_CONFIG_SENDMAIL_ARGUMENTS` (default: `-t -i -f`)
...@@ -71,7 +71,7 @@ Secret used to verify encrypted cookies; can be changed at any time (change caus ...@@ -71,7 +71,7 @@ Secret used to verify encrypted cookies; can be changed at any time (change caus
### Database settings ### Database settings
Separate databases are used by `schleuder3` and `webschleuder3`; these settings should thus be different from the ones used for [`schlocker3`](https://git.occrp.org/libre/schlocker3/). Separate databases are used by `schleuder3` and `schleuder-web`; these settings should thus be different from the ones used for [`schlocker3`](https://git.occrp.org/libre/schlocker3/).
- `WEBSCHLOCKER_DB_ADAPTER` (default: `sqlite3`) - `WEBSCHLOCKER_DB_ADAPTER` (default: `sqlite3`)
......
...@@ -21,7 +21,7 @@ function abort { ...@@ -21,7 +21,7 @@ function abort {
[ -z ${WEBSCHLOCKER_BIND_ADDRESS+x} ] && WEBSCHLOCKER_BIND_ADDRESS="0.0.0.0" [ -z ${WEBSCHLOCKER_BIND_ADDRESS+x} ] && WEBSCHLOCKER_BIND_ADDRESS="0.0.0.0"
[ -z ${WEBSCHLOCKER_BIND_PORT+x} ] && WEBSCHLOCKER_BIND_PORT="3000" [ -z ${WEBSCHLOCKER_BIND_PORT+x} ] && WEBSCHLOCKER_BIND_PORT="3000"
# webschleuder config # schleuder-web config
[ -z ${WEBSCHLOCKER_CONFIG_HOSTNAME+x} ] && WEBSCHLOCKER_CONFIG_HOSTNAME=$( hostname ) [ -z ${WEBSCHLOCKER_CONFIG_HOSTNAME+x} ] && WEBSCHLOCKER_CONFIG_HOSTNAME=$( hostname )
[ -z ${WEBSCHLOCKER_CONFIG_SCHLEUDERD_URI+x} ] && WEBSCHLOCKER_CONFIG_SCHLEUDERD_URI="http://localhost:4567/" [ -z ${WEBSCHLOCKER_CONFIG_SCHLEUDERD_URI+x} ] && WEBSCHLOCKER_CONFIG_SCHLEUDERD_URI="http://localhost:4567/"
[ -z ${WEBSCHLOCKER_CONFIG_MAILER_FROM+x} ] && WEBSCHLOCKER_CONFIG_MAILER_FROM="noreply@$WEBSCHLOCKER_CONFIG_HOSTNAME" [ -z ${WEBSCHLOCKER_CONFIG_MAILER_FROM+x} ] && WEBSCHLOCKER_CONFIG_MAILER_FROM="noreply@$WEBSCHLOCKER_CONFIG_HOSTNAME"
...@@ -33,7 +33,7 @@ function abort { ...@@ -33,7 +33,7 @@ function abort {
# db settings # db settings
[ -z ${WEBSCHLOCKER_DB_ADAPTER+x} ] && WEBSCHLOCKER_DB_ADAPTER="sqlite3" [ -z ${WEBSCHLOCKER_DB_ADAPTER+x} ] && WEBSCHLOCKER_DB_ADAPTER="sqlite3"
[ -z ${WEBSCHLOCKER_DB_DATABASE+x} ] && WEBSCHLOCKER_DB_DATABASE="/var/webschleuder/db.sqlite3" [ -z ${WEBSCHLOCKER_DB_DATABASE+x} ] && WEBSCHLOCKER_DB_DATABASE="/var/schleuder-web/db.sqlite3"
# these are unused by default, only useful with mysql/postgresql/etc # these are unused by default, only useful with mysql/postgresql/etc
[ -z ${WEBSCHLOCKER_DB_ENCODING+x} ] && WEBSCHLOCKER_DB_ENCODING="" [ -z ${WEBSCHLOCKER_DB_ENCODING+x} ] && WEBSCHLOCKER_DB_ENCODING=""
[ -z ${WEBSCHLOCKER_DB_USERNAME+x} ] && WEBSCHLOCKER_DB_USERNAME="" [ -z ${WEBSCHLOCKER_DB_USERNAME+x} ] && WEBSCHLOCKER_DB_USERNAME=""
...@@ -44,9 +44,9 @@ function abort { ...@@ -44,9 +44,9 @@ function abort {
[ -z ${WEBSCHLOCKER_SECRET_KEY_BASE+x} ] && WEBSCHLOCKER_SECRET_KEY_BASE="$( echo $RANDOM | sha256sum | sed -r -e 's/\s+-//' )$( echo $RANDOM | sha256sum | sed -r -e 's/\s+-//' )" [ -z ${WEBSCHLOCKER_SECRET_KEY_BASE+x} ] && WEBSCHLOCKER_SECRET_KEY_BASE="$( echo $RANDOM | sha256sum | sed -r -e 's/\s+-//' )$( echo $RANDOM | sha256sum | sed -r -e 's/\s+-//' )"
# only internal use for the time being # only internal use for the time being
WEBSCHLOCKER_CONFIG_DIR="/opt/webschleuder3/config" WEBSCHLOCKER_CONFIG_DIR="/opt/schleuder-web/config"
WEBSCHLOCKER_LOG_DIR="/opt/webschleuder3/log" WEBSCHLOCKER_LOG_DIR="/opt/schleuder-web/log"
WEBSCHLOCKER_TMP_DIR="/opt/webschleuder3/tmp" WEBSCHLOCKER_TMP_DIR="/opt/schleuder-web/tmp"
# #
# inform # inform
...@@ -140,7 +140,7 @@ fi ...@@ -140,7 +140,7 @@ fi
# #
# create the webschlocker config file, if it doesn't exist # create the webschlocker config file, if it doesn't exist
# see: https://git.codecoop.org/schleuder/webschleuder3/blob/master/config/webschleuder.yml # see: https://git.codecoop.org/schleuder/schleuder-web/blob/master/config/webschleuder.yml
if [ ! -e "$WEBSCHLOCKER_CONFIG_DIR/webschleuder.yml" ]; then if [ ! -e "$WEBSCHLOCKER_CONFIG_DIR/webschleuder.yml" ]; then
echo "+-- no config file found in '$WEBSCHLOCKER_CONFIG_DIR/webschleuder.yml', creating one..." echo "+-- no config file found in '$WEBSCHLOCKER_CONFIG_DIR/webschleuder.yml', creating one..."
...@@ -172,7 +172,7 @@ fi ...@@ -172,7 +172,7 @@ fi
# #
# create the database config file, if it doesn't exist # create the database config file, if it doesn't exist
# see: https://git.codecoop.org/schleuder/webschleuder3/blob/master/config/database.yml # see: https://git.codecoop.org/schleuder/schleuder-web/blob/master/config/database.yml
if [ ! -e "$WEBSCHLOCKER_CONFIG_DIR/database.yml" ]; then if [ ! -e "$WEBSCHLOCKER_CONFIG_DIR/database.yml" ]; then
echo "+-- no database config file found in '$WEBSCHLOCKER_CONFIG_DIR/database.yml', creating one..." echo "+-- no database config file found in '$WEBSCHLOCKER_CONFIG_DIR/database.yml', creating one..."
...@@ -203,7 +203,7 @@ fi ...@@ -203,7 +203,7 @@ fi
# #
# secrets file # secrets file
# see: https://git.codecoop.org/schleuder/webschleuder3/blob/master/config/secrets.yml # see: https://git.codecoop.org/schleuder/schleuder-web/blob/master/config/secrets.yml
if [ ! -e "$WEBSCHLOCKER_CONFIG_DIR/secrets.yml" ]; then if [ ! -e "$WEBSCHLOCKER_CONFIG_DIR/secrets.yml" ]; then
echo "+-- no secrets file found in $WEBSCHLOCKER_CONFIG_DIR/secrets.yml, creating one..." echo "+-- no secrets file found in $WEBSCHLOCKER_CONFIG_DIR/secrets.yml, creating one..."
WEBSCHLOCKER_SECRETS=" WEBSCHLOCKER_SECRETS="
...@@ -242,7 +242,7 @@ fi ...@@ -242,7 +242,7 @@ fi
export WEBSCHLOCKER_BIND_ADDRESS WEBSCHLOCKER_BIND_PORT export WEBSCHLOCKER_BIND_ADDRESS WEBSCHLOCKER_BIND_PORT
# inform the user # inform the user
echo "+-- webschleuder is available on port $WEBSCHLOCKER_BIND_PORT at:" echo "+-- schleuder-web is available on port $WEBSCHLOCKER_BIND_PORT at:"
if [ "$WEBSCHLOCKER_BIND_ADDRESS" == "0.0.0.0" ]; then if [ "$WEBSCHLOCKER_BIND_ADDRESS" == "0.0.0.0" ]; then
ip -4 addr show scope global | grep inet | sed -r -e 's%inet.? (.+)/[0-9]{2,}.+%\1%' ip -4 addr show scope global | grep inet | sed -r -e 's%inet.? (.+)/[0-9]{2,}.+%\1%'
else else
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment