aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/build/alps/Dockerfile21
-rw-r--r--app/build/alps/skipverify.patch55
-rw-r--r--app/build/docker-compose.yml7
-rw-r--r--app/deployment/email.hcl51
-rw-r--r--app/deployment/jitsi.hcl1
-rw-r--r--os/config/roles/nomad/tasks/main.yml2
-rw-r--r--os/config/roles/nomad/templates/nomad.hcl.j27
7 files changed, 143 insertions, 1 deletions
diff --git a/app/build/alps/Dockerfile b/app/build/alps/Dockerfile
new file mode 100644
index 0000000..647d90d
--- /dev/null
+++ b/app/build/alps/Dockerfile
@@ -0,0 +1,21 @@
+FROM golang:1.15.6-buster as builder
+
+ARG VERSION
+
+ENV CGO_ENABLED=0 GOOS=linux GOARCH=amd64
+WORKDIR /tmp/alps
+
+RUN git init && \
+ git remote add origin https://git.sr.ht/~migadu/alps && \
+ git fetch --depth 1 origin ${VERSION} && \
+ git checkout FETCH_HEAD
+
+COPY skipverify.patch skipverify.patch
+
+RUN git apply skipverify.patch && \
+ go build -a -o /usr/local/bin/alps ./cmd/alps
+
+FROM scratch
+COPY --from=builder /usr/local/bin/alps /alps
+COPY --from=builder /tmp/alps/themes /themes
+ENTRYPOINT ["/alps"]
diff --git a/app/build/alps/skipverify.patch b/app/build/alps/skipverify.patch
new file mode 100644
index 0000000..14e14cb
--- /dev/null
+++ b/app/build/alps/skipverify.patch
@@ -0,0 +1,55 @@
+From 47765c10f1af2013556f76dc63dfa056167ae5e8 Mon Sep 17 00:00:00 2001
+From: Quentin <quentin@deuxfleurs.fr>
+Date: Fri, 4 Dec 2020 13:19:24 +0100
+Subject: [PATCH] Skip CA verification
+
+---
+ imap.go | 3 ++-
+ smtp.go | 3 ++-
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/imap.go b/imap.go
+index 7554331..1a4931d 100644
+--- a/imap.go
++++ b/imap.go
+@@ -3,6 +3,7 @@ package alps
+ import (
+ "fmt"
+
++ "crypto/tls"
+ "github.com/emersion/go-imap"
+ imapclient "github.com/emersion/go-imap/client"
+ "github.com/emersion/go-message/charset"
+@@ -16,7 +17,7 @@ func (s *Server) dialIMAP() (*imapclient.Client, error) {
+ var c *imapclient.Client
+ var err error
+ if s.imap.tls {
+- c, err = imapclient.DialTLS(s.imap.host, nil)
++ c, err = imapclient.DialTLS(s.imap.host, &tls.Config{InsecureSkipVerify: true})
+ if err != nil {
+ return nil, fmt.Errorf("failed to connect to IMAPS server: %v", err)
+ }
+diff --git a/smtp.go b/smtp.go
+index 5e178f2..8d22f1d 100644
+--- a/smtp.go
++++ b/smtp.go
+@@ -3,6 +3,7 @@ package alps
+ import (
+ "fmt"
+
++ "crypto/tls"
+ "github.com/emersion/go-smtp"
+ )
+
+@@ -14,7 +15,7 @@ func (s *Server) dialSMTP() (*smtp.Client, error) {
+ var c *smtp.Client
+ var err error
+ if s.smtp.tls {
+- c, err = smtp.DialTLS(s.smtp.host, nil)
++ c, err = smtp.DialTLS(s.smtp.host, &tls.Config{InsecureSkipVerify: true})
+ if err != nil {
+ return nil, fmt.Errorf("failed to connect to SMTPS server: %v", err)
+ }
+--
+2.28.0
+
diff --git a/app/build/docker-compose.yml b/app/build/docker-compose.yml
index b3d51bd..de8ecf5 100644
--- a/app/build/docker-compose.yml
+++ b/app/build/docker-compose.yml
@@ -34,6 +34,13 @@ services:
VERSION: 5.0.0
image: superboum/amd64_sogo:v7
+ alps:
+ build:
+ context: ./alps
+ args:
+ VERSION: 5cef0aaff2b8b6ee3e00b566123517e241d8cfb8
+ image: superboum/amd64_alps:v1
+
# VoIP
jitsi-meet:
build:
diff --git a/app/deployment/email.hcl b/app/deployment/email.hcl
index 898cfbc..9c88852 100644
--- a/app/deployment/email.hcl
+++ b/app/deployment/email.hcl
@@ -407,6 +407,57 @@ job "email" {
}
}
+ group "alps" {
+ count = 1
+ task "main" {
+
+ driver = "docker"
+
+ config {
+ image = "superboum/amd64_alps:v1"
+ readonly_rootfs = true
+ port_map {
+ alps_web_port = 1323
+ }
+ command = "-theme"
+ args = [ "alps", "imaps://imap.deuxfleurs.fr:993", "smtps://smtp.deuxfleurs.fr:465" ]
+ }
+
+ resources {
+ cpu = 50
+ memory = 40
+ network {
+ mbits = 1
+ port "alps_web_port" {}
+ }
+ }
+
+ service {
+ name = "alps"
+ port = "alps_web_port"
+ address_mode = "host"
+ tags = [
+ "alps",
+ "traefik.enable=true",
+ "traefik.frontend.entryPoints=https,http",
+ "traefik.frontend.rule=Host:alps.deuxfleurs.fr"
+ ]
+ check {
+ type = "tcp"
+ port = "alps_web_port"
+ interval = "60s"
+ timeout = "5s"
+ check_restart {
+ limit = 3
+ grace = "5m"
+ ignore_warnings = false
+ }
+ }
+ }
+ }
+ }
+
+
group "sogo" {
count = 1
task "bundle" {
diff --git a/app/deployment/jitsi.hcl b/app/deployment/jitsi.hcl
index 93c87f7..3c8de3a 100644
--- a/app/deployment/jitsi.hcl
+++ b/app/deployment/jitsi.hcl
@@ -185,6 +185,7 @@ job "jitsi" {
env {
#JITSI_DEBUG = 1
JITSI_VIDEO_TCP = 8080
+ VIDEOBRIDGE_MAX_MEMORY = "1450m"
}
artifact {
diff --git a/os/config/roles/nomad/tasks/main.yml b/os/config/roles/nomad/tasks/main.yml
index db519d5..c79013e 100644
--- a/os/config/roles/nomad/tasks/main.yml
+++ b/os/config/roles/nomad/tasks/main.yml
@@ -1,6 +1,6 @@
- name: "Set nomad version"
set_fact:
- nomad_version: 0.12.6
+ nomad_version: 0.12.9
- name: "Download and install Nomad for x86_64"
unarchive:
diff --git a/os/config/roles/nomad/templates/nomad.hcl.j2 b/os/config/roles/nomad/templates/nomad.hcl.j2
index b5d5d46..d1c0720 100644
--- a/os/config/roles/nomad/templates/nomad.hcl.j2
+++ b/os/config/roles/nomad/templates/nomad.hcl.j2
@@ -32,3 +32,10 @@ client {
}
}
+telemetry {
+ collection_interval = "1s"
+ disable_hostname = false
+ prometheus_metrics = true
+ publish_allocation_metrics = true
+ publish_node_metrics = true
+}