diff options
-rw-r--r-- | app/build/alps/Dockerfile | 21 | ||||
-rw-r--r-- | app/build/alps/skipverify.patch | 55 | ||||
-rw-r--r-- | app/build/docker-compose.yml | 7 | ||||
-rw-r--r-- | app/deployment/email.hcl | 51 | ||||
-rw-r--r-- | app/deployment/jitsi.hcl | 1 | ||||
-rw-r--r-- | os/config/roles/nomad/tasks/main.yml | 2 | ||||
-rw-r--r-- | os/config/roles/nomad/templates/nomad.hcl.j2 | 7 |
7 files changed, 143 insertions, 1 deletions
diff --git a/app/build/alps/Dockerfile b/app/build/alps/Dockerfile new file mode 100644 index 0000000..647d90d --- /dev/null +++ b/app/build/alps/Dockerfile @@ -0,0 +1,21 @@ +FROM golang:1.15.6-buster as builder + +ARG VERSION + +ENV CGO_ENABLED=0 GOOS=linux GOARCH=amd64 +WORKDIR /tmp/alps + +RUN git init && \ + git remote add origin https://git.sr.ht/~migadu/alps && \ + git fetch --depth 1 origin ${VERSION} && \ + git checkout FETCH_HEAD + +COPY skipverify.patch skipverify.patch + +RUN git apply skipverify.patch && \ + go build -a -o /usr/local/bin/alps ./cmd/alps + +FROM scratch +COPY --from=builder /usr/local/bin/alps /alps +COPY --from=builder /tmp/alps/themes /themes +ENTRYPOINT ["/alps"] diff --git a/app/build/alps/skipverify.patch b/app/build/alps/skipverify.patch new file mode 100644 index 0000000..14e14cb --- /dev/null +++ b/app/build/alps/skipverify.patch @@ -0,0 +1,55 @@ +From 47765c10f1af2013556f76dc63dfa056167ae5e8 Mon Sep 17 00:00:00 2001 +From: Quentin <quentin@deuxfleurs.fr> +Date: Fri, 4 Dec 2020 13:19:24 +0100 +Subject: [PATCH] Skip CA verification + +--- + imap.go | 3 ++- + smtp.go | 3 ++- + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/imap.go b/imap.go +index 7554331..1a4931d 100644 +--- a/imap.go ++++ b/imap.go +@@ -3,6 +3,7 @@ package alps + import ( + "fmt" + ++ "crypto/tls" + "github.com/emersion/go-imap" + imapclient "github.com/emersion/go-imap/client" + "github.com/emersion/go-message/charset" +@@ -16,7 +17,7 @@ func (s *Server) dialIMAP() (*imapclient.Client, error) { + var c *imapclient.Client + var err error + if s.imap.tls { +- c, err = imapclient.DialTLS(s.imap.host, nil) ++ c, err = imapclient.DialTLS(s.imap.host, &tls.Config{InsecureSkipVerify: true}) + if err != nil { + return nil, fmt.Errorf("failed to connect to IMAPS server: %v", err) + } +diff --git a/smtp.go b/smtp.go +index 5e178f2..8d22f1d 100644 +--- a/smtp.go ++++ b/smtp.go +@@ -3,6 +3,7 @@ package alps + import ( + "fmt" + ++ "crypto/tls" + "github.com/emersion/go-smtp" + ) + +@@ -14,7 +15,7 @@ func (s *Server) dialSMTP() (*smtp.Client, error) { + var c *smtp.Client + var err error + if s.smtp.tls { +- c, err = smtp.DialTLS(s.smtp.host, nil) ++ c, err = smtp.DialTLS(s.smtp.host, &tls.Config{InsecureSkipVerify: true}) + if err != nil { + return nil, fmt.Errorf("failed to connect to SMTPS server: %v", err) + } +-- +2.28.0 + diff --git a/app/build/docker-compose.yml b/app/build/docker-compose.yml index b3d51bd..de8ecf5 100644 --- a/app/build/docker-compose.yml +++ b/app/build/docker-compose.yml @@ -34,6 +34,13 @@ services: VERSION: 5.0.0 image: superboum/amd64_sogo:v7 + alps: + build: + context: ./alps + args: + VERSION: 5cef0aaff2b8b6ee3e00b566123517e241d8cfb8 + image: superboum/amd64_alps:v1 + # VoIP jitsi-meet: build: diff --git a/app/deployment/email.hcl b/app/deployment/email.hcl index 898cfbc..9c88852 100644 --- a/app/deployment/email.hcl +++ b/app/deployment/email.hcl @@ -407,6 +407,57 @@ job "email" { } } + group "alps" { + count = 1 + task "main" { + + driver = "docker" + + config { + image = "superboum/amd64_alps:v1" + readonly_rootfs = true + port_map { + alps_web_port = 1323 + } + command = "-theme" + args = [ "alps", "imaps://imap.deuxfleurs.fr:993", "smtps://smtp.deuxfleurs.fr:465" ] + } + + resources { + cpu = 50 + memory = 40 + network { + mbits = 1 + port "alps_web_port" {} + } + } + + service { + name = "alps" + port = "alps_web_port" + address_mode = "host" + tags = [ + "alps", + "traefik.enable=true", + "traefik.frontend.entryPoints=https,http", + "traefik.frontend.rule=Host:alps.deuxfleurs.fr" + ] + check { + type = "tcp" + port = "alps_web_port" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "5m" + ignore_warnings = false + } + } + } + } + } + + group "sogo" { count = 1 task "bundle" { diff --git a/app/deployment/jitsi.hcl b/app/deployment/jitsi.hcl index 93c87f7..3c8de3a 100644 --- a/app/deployment/jitsi.hcl +++ b/app/deployment/jitsi.hcl @@ -185,6 +185,7 @@ job "jitsi" { env { #JITSI_DEBUG = 1 JITSI_VIDEO_TCP = 8080 + VIDEOBRIDGE_MAX_MEMORY = "1450m" } artifact { diff --git a/os/config/roles/nomad/tasks/main.yml b/os/config/roles/nomad/tasks/main.yml index db519d5..c79013e 100644 --- a/os/config/roles/nomad/tasks/main.yml +++ b/os/config/roles/nomad/tasks/main.yml @@ -1,6 +1,6 @@ - name: "Set nomad version" set_fact: - nomad_version: 0.12.6 + nomad_version: 0.12.9 - name: "Download and install Nomad for x86_64" unarchive: diff --git a/os/config/roles/nomad/templates/nomad.hcl.j2 b/os/config/roles/nomad/templates/nomad.hcl.j2 index b5d5d46..d1c0720 100644 --- a/os/config/roles/nomad/templates/nomad.hcl.j2 +++ b/os/config/roles/nomad/templates/nomad.hcl.j2 @@ -32,3 +32,10 @@ client { } } +telemetry { + collection_interval = "1s" + disable_hostname = false + prometheus_metrics = true + publish_allocation_metrics = true + publish_node_metrics = true +} |