aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/bagage/deploy/bagage.hcl (renamed from app/science/deploy/science.hcl)33
-rw-r--r--app/nextcloud/build/nextcloud/Dockerfile27
-rwxr-xr-xapp/nextcloud/build/nextcloud/container-setup.sh37
-rwxr-xr-xapp/nextcloud/build/nextcloud/entrypoint.sh8
-rw-r--r--app/nextcloud/config/config.php.tpl49
-rw-r--r--app/nextcloud/deploy/nextcloud.hcl65
-rw-r--r--app/nextcloud/integration/README.md20
-rw-r--r--app/nextcloud/integration/bottin.json31
-rw-r--r--app/nextcloud/integration/docker-compose.yml27
-rw-r--r--app/seafile/build/mariadb/60-disable-dialog.cnf3
-rw-r--r--app/seafile/build/mariadb/60-ldap.cnf3
-rw-r--r--app/seafile/build/mariadb/60-remote.cnf2
-rw-r--r--app/seafile/build/mariadb/Dockerfile14
-rw-r--r--app/seafile/build/mariadb/README.md19
-rwxr-xr-xapp/seafile/build/mariadb/entrypoint.sh50
-rw-r--r--app/seafile/build/mariadb/nsswitch.conf21
-rw-r--r--app/seafile/build/mariadb/pam-mariadb2
-rw-r--r--app/seafile/build/seafile/Dockerfile46
-rw-r--r--app/seafile/build/seafile/README.md27
-rwxr-xr-xapp/seafile/build/seafile/seadocker4
-rwxr-xr-xapp/seafile/build/seafile/seaenv7
-rw-r--r--app/seafile/config/ccnet/seafile.ini1
-rw-r--r--app/seafile/config/conf/ccnet.conf.tpl29
-rw-r--r--app/seafile/config/conf/gunicorn.conf16
-rw-r--r--app/seafile/config/conf/seafdav.conf6
-rw-r--r--app/seafile/config/conf/seafile.conf.tpl19
-rw-r--r--app/seafile/config/conf/seahub_settings.py.tpl21
-rw-r--r--app/seafile/config/mariadb/main/env.tpl6
-rw-r--r--app/seafile/deploy/seafile.hcl222
-rw-r--r--app/seafile/secrets/mariadb/main/ldap_binddn1
-rw-r--r--app/seafile/secrets/mariadb/main/ldap_bindpwd1
-rw-r--r--app/seafile/secrets/mariadb/main/mysql_pwd1
-rw-r--r--app/seafile/secrets/seafile/conf/mykey.peer1
33 files changed, 17 insertions, 802 deletions
diff --git a/app/science/deploy/science.hcl b/app/bagage/deploy/bagage.hcl
index 1701027..2c8884b 100644
--- a/app/science/deploy/science.hcl
+++ b/app/bagage/deploy/bagage.hcl
@@ -1,45 +1,46 @@
-job "science" {
+job "bagage" {
datacenters = ["dc1"]
type = "service"
- priority = 10
+ priority = 90
constraint {
attribute = "${attr.cpu.arch}"
value = "amd64"
}
- group "diagnet" {
+ group "main" {
+ count = 1
+
network {
- port "web_port" { to = 8000 }
+ port "web_port" { to = 8080 }
}
- task "main" {
+ task "server" {
driver = "docker"
config {
- image = "lesterpig/diagnet-landmark:latest"
- args = [
- "-name", "landmark-deuxfleurs",
- "-chrome", "-chrome-interval", "60m",
- "-http", ":8000"
- ]
+ image = "superboum/amd64_bagage:v5"
+ readonly_rootfs = true
ports = [ "web_port" ]
}
+ env {
+ BAGAGE_LDAP_ENDPOINT = "bottin2.service.2.cluster.deuxfleurs.fr:389"
+ }
+
resources {
- cpu = 100
- memory = 250
+ memory = 100
}
service {
+ name = "bagage"
tags = [
- "diagnet",
+ "bagage",
"traefik.enable=true",
"traefik.frontend.entryPoints=https,http",
- "traefik.frontend.rule=Host:diagnet.science.deuxfleurs.fr;PathPrefix:/"
+ "traefik.frontend.rule=Host:bagage.deuxfleurs.fr",
]
port = "web_port"
address_mode = "host"
- name = "diagnet"
check {
type = "tcp"
port = "web_port"
diff --git a/app/nextcloud/build/nextcloud/Dockerfile b/app/nextcloud/build/nextcloud/Dockerfile
deleted file mode 100644
index 9f817f6..0000000
--- a/app/nextcloud/build/nextcloud/Dockerfile
+++ /dev/null
@@ -1,27 +0,0 @@
-FROM debian:10
-
-RUN apt-get update && \
- apt-get -qq -y full-upgrade
-
-RUN apt-get install -y apache2 php php-gd php-mbstring php-pgsql php-curl php-dom php-xml php-zip \
- php-intl php-ldap php-fileinfo php-exif php-apcu php-redis php-imagick unzip curl wget && \
- phpenmod gd && \
- phpenmod curl && \
- phpenmod mbstring && \
- phpenmod pgsql && \
- phpenmod dom && \
- phpenmod zip && \
- phpenmod intl && \
- phpenmod ldap && \
- phpenmod fileinfo && \
- phpenmod exif && \
- phpenmod apcu && \
- phpenmod redis && \
- phpenmod imagick && \
- phpenmod xml
-
-COPY container-setup.sh /tmp
-RUN /tmp/container-setup.sh
-
-COPY entrypoint.sh /
-CMD /entrypoint.sh
diff --git a/app/nextcloud/build/nextcloud/container-setup.sh b/app/nextcloud/build/nextcloud/container-setup.sh
deleted file mode 100755
index 8330291..0000000
--- a/app/nextcloud/build/nextcloud/container-setup.sh
+++ /dev/null
@@ -1,37 +0,0 @@
-#!/bin/sh
-
-set -ex
-
-curl https://download.nextcloud.com/server/releases/nextcloud-19.0.0.zip > /tmp/nextcloud.zip
-cd /var/www
-unzip /tmp/nextcloud.zip
-rm /tmp/nextcloud.zip
-mv html html.old
-mv nextcloud html
-
-cd html
-mkdir data
-
-cd apps
-wget https://github.com/nextcloud/tasks/releases/download/v0.13.1/tasks.tar.gz
-tar xf tasks.tar.gz
-wget https://github.com/nextcloud/maps/releases/download/v0.1.6/maps-0.1.6.tar.gz
-tar xf maps-0.1.6.tar.gz
-wget https://github.com/nextcloud/calendar/releases/download/v2.0.3/calendar.tar.gz
-tar xf calendar.tar.gz
-wget https://github.com/nextcloud/news/releases/download/14.1.11/news.tar.gz
-tar xf news.tar.gz
-wget https://github.com/nextcloud/notes/releases/download/v3.6.0/notes.tar.gz
-tar xf notes.tar.gz
-wget https://github.com/nextcloud/contacts/releases/download/v3.3.0/contacts.tar.gz
-tar xf contacts.tar.gz
-wget https://github.com/nextcloud/mail/releases/download/v1.4.0/mail.tar.gz
-tar xf mail.tar.gz
-wget https://github.com/nextcloud/groupfolders/releases/download/v6.0.6/groupfolders.tar.gz
-tar xf groupfolders.tar.gz
-rm *.tar.gz
-
-chown -R www-data:www-data /var/www/html
-
-cd /var/www/html
-php occ
diff --git a/app/nextcloud/build/nextcloud/entrypoint.sh b/app/nextcloud/build/nextcloud/entrypoint.sh
deleted file mode 100755
index 72b4f94..0000000
--- a/app/nextcloud/build/nextcloud/entrypoint.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-set -xe
-
-chown www-data:www-data /var/www/html/config/config.php
-touch /var/www/html/data/.ocdata
-
-exec apachectl -DFOREGROUND
diff --git a/app/nextcloud/config/config.php.tpl b/app/nextcloud/config/config.php.tpl
deleted file mode 100644
index 7dcfc6e..0000000
--- a/app/nextcloud/config/config.php.tpl
+++ /dev/null
@@ -1,49 +0,0 @@
-<?php
-$CONFIG = array (
- 'appstoreenabled' => false,
- 'instanceid' => '{{ key "secrets/nextcloud/instance_id" | trimSpace }}',
- 'passwordsalt' => '{{ key "secrets/nextcloud/password_salt" | trimSpace }}',
- 'secret' => '{{ key "secrets/nextcloud/secret" | trimSpace }}',
- 'trusted_domains' => array (
- 0 => 'nextcloud.deuxfleurs.fr',
- ),
- 'memcache.local' => '\\OC\\Memcache\\APCu',
-
- 'objectstore' => array(
- 'class' => '\\OC\\Files\\ObjectStore\\S3',
- 'arguments' => array(
- 'bucket' => 'nextcloud',
- 'autocreate' => false,
- 'key' => '{{ key "secrets/nextcloud/garage_access_key" | trimSpace }}',
- 'secret' => '{{ key "secrets/nextcloud/garage_secret_key" | trimSpace }}',
- 'hostname' => 'garage.deuxfleurs.fr',
- 'port' => 443,
- 'use_ssl' => true,
- 'region' => 'garage',
- // required for some non Amazon S3 implementations
- 'use_path_style' => true
- ),
- ),
-
- 'dbtype' => 'pgsql',
- 'dbhost' => 'psql-proxy.service.2.cluster.deuxfleurs.fr',
- 'dbname' => 'nextcloud',
- 'dbtableprefix' => 'nc_',
- 'dbuser' => '{{ key "secrets/nextcloud/db_user" | trimSpace }}',
- 'dbpassword' => '{{ key "secrets/nextcloud/db_pass" | trimSpace }}',
-
- 'default_language' => 'fr',
- 'default_locale' => 'fr_FR',
-
- 'mail_domain' => 'deuxfleurs.fr',
- 'mail_from_address' => 'nextcloud@deuxfleurs.fr',
- // TODO SMTP CONFIG
-
- // TODO REDIS CACHE
-
- 'version' => '19.0.0.12',
- 'overwrite.cli.url' => 'https://nextcloud.deuxfleurs.fr',
-
- 'installed' => true,
-);
-
diff --git a/app/nextcloud/deploy/nextcloud.hcl b/app/nextcloud/deploy/nextcloud.hcl
deleted file mode 100644
index 8852787..0000000
--- a/app/nextcloud/deploy/nextcloud.hcl
+++ /dev/null
@@ -1,65 +0,0 @@
-job "nextcloud" {
- datacenters = ["dc1", "belair"]
- type = "service"
- priority = 40
-
- constraint {
- attribute = "${attr.cpu.arch}"
- value = "amd64"
- }
-
- group "nextcloud" {
- count = 1
-
- network {
- port "web_port" {
- to = 80
- }
- }
-
- task "nextcloud" {
- driver = "docker"
- config {
- image = "lxpz/deuxfleurs_nextcloud_amd64:8"
- ports = [ "web_port" ]
- volumes = [
- "secrets/config.php:/var/www/html/config/config.php"
- ]
- }
-
- template {
- data = file("../config/config.php.tpl")
- destination = "secrets/config.php"
- }
-
- resources {
- memory = 1000
- cpu = 2000
- }
-
- service {
- name = "nextcloud"
- tags = [
- "nextcloud",
- "traefik.enable=true",
- "traefik.frontend.entryPoints=https,http",
- "traefik.frontend.rule=Host:nextcloud.deuxfleurs.fr",
- ]
- port = "web_port"
- address_mode = "host"
- check {
- type = "tcp"
- port = "web_port"
- interval = "60s"
- timeout = "5s"
- check_restart {
- limit = 3
- grace = "90s"
- ignore_warnings = false
- }
- }
- }
- }
- }
-}
-
diff --git a/app/nextcloud/integration/README.md b/app/nextcloud/integration/README.md
deleted file mode 100644
index 3d49768..0000000
--- a/app/nextcloud/integration/README.md
+++ /dev/null
@@ -1,20 +0,0 @@
-Install Owncloud CLI:
-
-php ./occ \
- --no-interaction \
- --verbose \
- maintenance:install \
- --database pgsql \
- --database-name nextcloud \
- --database-host postgres \
- --database-user nextcloud \
- --database-pass nextcloud \
- --admin-user nextcloud \
- --admin-pass nextcloud \
- --admin-email coucou@deuxfleurs.fr
-
-Official image entrypoint:
-
-https://github.com/nextcloud/docker/blob/master/20.0/fpm/entrypoint.sh
-
-
diff --git a/app/nextcloud/integration/bottin.json b/app/nextcloud/integration/bottin.json
deleted file mode 100644
index a970762..0000000
--- a/app/nextcloud/integration/bottin.json
+++ /dev/null
@@ -1,31 +0,0 @@
-{
- "suffix": "dc=deuxfleurs,dc=fr",
- "bind": "0.0.0.0:389",
- "consul_host": "http://consul:8500",
- "log_level": "debug",
- "acl": [
- "*,dc=deuxfleurs,dc=fr::read:*:* !userpassword",
- "*::read modify:SELF:*",
- "ANONYMOUS::bind:*,ou=users,dc=deuxfleurs,dc=fr:",
- "ANONYMOUS::bind:cn=admin,dc=deuxfleurs,dc=fr:",
- "*,ou=services,ou=users,dc=deuxfleurs,dc=fr::bind:*,ou=users,dc=deuxfleurs,dc=fr:*",
- "*,ou=services,ou=users,dc=deuxfleurs,dc=fr::read:*:*",
-
- "*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:add:*,ou=invitations,dc=deuxfleurs,dc=fr:*",
- "ANONYMOUS::bind:*,ou=invitations,dc=deuxfleurs,dc=fr:",
- "*,ou=invitations,dc=deuxfleurs,dc=fr::delete:SELF:*",
-
- "*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:add:*,ou=users,dc=deuxfleurs,dc=fr:*",
- "*,ou=invitations,dc=deuxfleurs,dc=fr::add:*,ou=users,dc=deuxfleurs,dc=fr:*",
-
- "*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=email,ou=groups,dc=deuxfleurs,dc=fr:*",
- "*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=email,ou=groups,dc=deuxfleurs,dc=fr:*",
- "*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=seafile,ou=groups,dc=deuxfleurs,dc=fr:*",
- "*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=seafile,ou=groups,dc=deuxfleurs,dc=fr:*",
- "*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=nextcloud,ou=groups,dc=deuxfleurs,dc=fr:*",
- "*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=seafile,ou=nextcloud,dc=deuxfleurs,dc=fr:*",
-
- "cn=admin,dc=deuxfleurs,dc=fr::read add modify delete:*:*",
- "*:cn=admin,ou=groups,dc=deuxfleurs,dc=fr:read add modify delete:*:*"
- ]
-}
diff --git a/app/nextcloud/integration/docker-compose.yml b/app/nextcloud/integration/docker-compose.yml
deleted file mode 100644
index 7ba090b..0000000
--- a/app/nextcloud/integration/docker-compose.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-version: '3.4'
-services:
- php:
- image: lxpz/deuxfleurs_nextcloud_amd64:8
- depends_on:
- - bottin
- - postgres
- ports:
- - "80:80"
-
- postgres:
- image: postgres:9.6.19
- environment:
- - POSTGRES_DB=nextcloud
- - POSTGRES_USER=nextcloud
- - POSTGRES_PASSWORD=nextcloud
-
- bottin:
- image: lxpz/bottin_amd64:14
- depends_on:
- - consul
- volumes:
- - ./bottin.json:/config.json
-
- consul:
- image: consul:1.8.4
-
diff --git a/app/seafile/build/mariadb/60-disable-dialog.cnf b/app/seafile/build/mariadb/60-disable-dialog.cnf
deleted file mode 100644
index d41731a..0000000
--- a/app/seafile/build/mariadb/60-disable-dialog.cnf
+++ /dev/null
@@ -1,3 +0,0 @@
-[mariadb]
-pam_use_cleartext_plugin
-bind-address = 0.0.0.0
diff --git a/app/seafile/build/mariadb/60-ldap.cnf b/app/seafile/build/mariadb/60-ldap.cnf
deleted file mode 100644
index 72ffb9f..0000000
--- a/app/seafile/build/mariadb/60-ldap.cnf
+++ /dev/null
@@ -1,3 +0,0 @@
-[mariadb]
-plugin-load=auth_pam.so
-
diff --git a/app/seafile/build/mariadb/60-remote.cnf b/app/seafile/build/mariadb/60-remote.cnf
deleted file mode 100644
index acf8f9b..0000000
--- a/app/seafile/build/mariadb/60-remote.cnf
+++ /dev/null
@@ -1,2 +0,0 @@
-[mysqld]
-bind-address = *
diff --git a/app/seafile/build/mariadb/Dockerfile b/app/seafile/build/mariadb/Dockerfile
deleted file mode 100644
index 15ef954..0000000
--- a/app/seafile/build/mariadb/Dockerfile
+++ /dev/null
@@ -1,14 +0,0 @@
-FROM debian:stretch
-
-RUN apt-get update && \
- apt-get dist-upgrade -y && \
- DEBIAN_FRONTEND=noninteractive apt-get install -y mariadb-server mariadb-client libnss-ldapd
-
-COPY 60-ldap.cnf /etc/mysql/mariadb.conf.d/60-ldap.cnf
-COPY 60-remote.cnf /etc/mysql/mariadb.conf.d/60-remote.cnf
-COPY 60-disable-dialog.cnf /etc/mysql/mariadb.conf.d/60-disable-dialog.cnf
-COPY pam-mariadb /etc/pam.d/mariadb
-COPY nsswitch.conf /etc/nsswitch.conf
-COPY entrypoint.sh /usr/local/bin/entrypoint
-
-ENTRYPOINT ["/usr/local/bin/entrypoint"]
diff --git a/app/seafile/build/mariadb/README.md b/app/seafile/build/mariadb/README.md
deleted file mode 100644
index 1a3b8aa..0000000
--- a/app/seafile/build/mariadb/README.md
+++ /dev/null
@@ -1,19 +0,0 @@
-```
-sudo docker build -t superboum/amd64_mariadb:v3 .
-
-sudo docker run \
- -t -i \
- -p 3306:3306 \
- -v /tmp/mysql:/var/lib/mysql \
- -e LDAP_URI='ldap://bottin.service.2.cluster.deuxfleurs.fr' \
- -e LDAP_BASE='ou=users,dc=deuxfleurs,dc=fr' \
- -e LDAP_VERSION=3 \
- -e LDAP_BIND_DN='cn=admin,dc=deuxfleurs,dc=fr' \
- -e LDAP_BIND_PW='xxxx' \
- -e MYSQL_PASSWORD='xxxx' \
- superboum/amd64_mariadb:v1 \
- tail -f /var/log/mysql/error.log
-
-CREATE USER quentin@localhost IDENTIFIED VIA pam USING 'mariadb';
-
-```
diff --git a/app/seafile/build/mariadb/entrypoint.sh b/app/seafile/build/mariadb/entrypoint.sh
deleted file mode 100755
index 1bb2f01..0000000
--- a/app/seafile/build/mariadb/entrypoint.sh
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/bash
-
-set -e
-
-cat > /etc/nslcd.conf <<EOF
-# /etc/nslcd.conf
-# nslcd configuration file. See nslcd.conf(5)
-# for details.
-
-# The user and group nslcd should run as.
-uid nslcd
-gid nslcd
-
-# The location at which the LDAP server(s) should be reachable.
-uri ${LDAP_URI}
-
-# The search base that will be used for all queries.
-base ${LDAP_BASE}
-
-# The LDAP protocol version to use.
-ldap_version ${LDAP_VERSION}
-
-# The DN to bind with for normal lookups.
-binddn ${LDAP_BIND_DN}
-bindpw ${LDAP_BIND_PW}
-
-# The DN used for password modifications by root.
-#rootpwmoddn cn=admin,dc=example,dc=com
-
-# SSL options
-#ssl off
-#tls_reqcert never
-tls_cacertfile /etc/ssl/certs/ca-certificates.crt
-
-# The search scope.
-#scope sub
-EOF
-
-/usr/sbin/nslcd
-
-chown mysql:mysql /var/lib/mysql
-[ -z "$(ls -A /var/lib/mysql)" ] && mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
-
-/usr/bin/mysqld_safe --skip-syslog &
-
-until ls /var/run/mysqld/mysqld.sock; do sleep 1; done
-/usr/bin/mysqladmin -u root password ${MYSQL_PASSWORD} || true
-
-exec "$@"
-
diff --git a/app/seafile/build/mariadb/nsswitch.conf b/app/seafile/build/mariadb/nsswitch.conf
deleted file mode 100644
index 853348e..0000000
--- a/app/seafile/build/mariadb/nsswitch.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-# /etc/nsswitch.conf
-#
-# Example configuration of GNU Name Service Switch functionality.
-# If you have the `glibc-doc-reference' and `info' packages installed, try:
-# `info libc "Name Service Switch"' for information about this file.
-
-passwd: files ldap
-group: files ldap
-shadow: files ldap
-gshadow: files
-
-hosts: files dns
-networks: files
-
-protocols: db files
-services: db files
-ethers: db files
-rpc: db files
-
-netgroup: nis
-
diff --git a/app/seafile/build/mariadb/pam-mariadb b/app/seafile/build/mariadb/pam-mariadb
deleted file mode 100644
index e1bb814..0000000
--- a/app/seafile/build/mariadb/pam-mariadb
+++ /dev/null
@@ -1,2 +0,0 @@
-auth required pam_ldap.so
-account required pam_ldap.so
diff --git a/app/seafile/build/seafile/Dockerfile b/app/seafile/build/seafile/Dockerfile
deleted file mode 100644
index 88dee4f..0000000
--- a/app/seafile/build/seafile/Dockerfile
+++ /dev/null
@@ -1,46 +0,0 @@
-FROM amd64/debian:buster as builder
-
-ENV VERSION 7.0.5
-
-RUN apt-get update && \
- apt-get dist-upgrade -y && \
- DEBIAN_FRONTEND=noninteractive apt-get install -y wget tar && \
- wget https://download.seadrive.org/seafile-server_${VERSION}_x86-64.tar.gz -O ./seafile.tar.gz && \
- tar xf ./seafile.tar.gz && \
- mv seafile-server-${VERSION} seafile-server
-
-FROM amd64/debian:buster
-
-COPY --from=builder ./seafile-server /srv/webstore/seafile-server
-
-RUN apt-get update && \
- apt-get dist-upgrade -y && \
- DEBIAN_FRONTEND=noninteractive apt-get install -y \
- python \
- mariadb-client \
- python2.7 \
- libpython2.7 \
- python-setuptools \
- python-ldap \
- python-urllib3 \
- ffmpeg \
- python-pip \
- python-mysqldb \
- python-memcache \
- procps \
- python-requests && \
- pip install Pillow==4.3.0 && \
- pip install moviepy && \
- useradd -u 1000 -d /srv/webstore seauser && \
- chown -R seauser:1000 /srv/webstore/
-
-RUN mkdir -p /usr/local/lib/mariadb/plugin/ && \
- ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/mysql_clear_password.so /usr/local/lib/mariadb/plugin/ && \
- ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/dialog.so /usr/local/lib/mariadb/plugin/
-
-WORKDIR /srv/webstore/seafile-server
-COPY seadocker /usr/local/bin/seadocker
-COPY seaenv /usr/local/bin/seaenv
-
-ENTRYPOINT ["/usr/local/bin/seaenv"]
-CMD ["/usr/local/bin/seadocker"]
diff --git a/app/seafile/build/seafile/README.md b/app/seafile/build/seafile/README.md
deleted file mode 100644
index 26d04e0..0000000
--- a/app/seafile/build/seafile/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-
-```bash
-sudo docker build -t superboum/amd64_seafile:v5 .
-```
-
-When upgrading, connect on a production server and run:
-
-```bash
-nomad stop seafile
-sudo docker build -t superboum/amd64_seafile:v6 .
-
-sudo docker run -t -i \
- -v /mnt/glusterfs/seafile:/mnt/seafile-data \
- -v /mnt/glusterfs/seaconf/conf:/srv/webstore/conf \
- -v /mnt/glusterfs/seaconf/ccnet:/srv/webstore/ccnet \
- superboum/amd64_seafile:v5
-
-# See:
-# * https://download.seafile.com/published/seafile-manual/deploy/upgrade.md
-# * https://download.seafile.com/published/seafile-manual/changelog/server-changelog.md
-
-
-
-nomad start seafile.hcl
-```
-
-when upgrading, change the command on start
diff --git a/app/seafile/build/seafile/seadocker b/app/seafile/build/seafile/seadocker
deleted file mode 100755
index 5b5982b..0000000
--- a/app/seafile/build/seafile/seadocker
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/bash
-/srv/webstore/seafile-server/seafile.sh start
-/srv/webstore/seafile-server/seahub.sh start
-tail -f /srv/webstore/logs/*
diff --git a/app/seafile/build/seafile/seaenv b/app/seafile/build/seafile/seaenv
deleted file mode 100755
index 3b0e0bb..0000000
--- a/app/seafile/build/seafile/seaenv
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-
-chown seauser /srv/webstore
-chown seauser -R /srv/webstore/ccnet
-chown seauser -R /srv/webstore/conf
-
-runuser -u seauser -- "$@"
diff --git a/app/seafile/config/ccnet/seafile.ini b/app/seafile/config/ccnet/seafile.ini
deleted file mode 100644
index 306d126..0000000
--- a/app/seafile/config/ccnet/seafile.ini
+++ /dev/null
@@ -1 +0,0 @@
-/mnt/seafile-data/ \ No newline at end of file
diff --git a/app/seafile/config/conf/ccnet.conf.tpl b/app/seafile/config/conf/ccnet.conf.tpl
deleted file mode 100644
index 2395a9b..0000000
--- a/app/seafile/config/conf/ccnet.conf.tpl
+++ /dev/null
@@ -1,29 +0,0 @@
-[General]
-USER_NAME = deuxfleurs
-ID = {{ key "secrets/seafile/ccnet/seafile_id" | trimSpace }}
-NAME = deuxfleurs
-SERVICE_URL = https://cloud.deuxfleurs.fr
-
-[Network]
-PORT = 10001
-
-[Client]
-PORT = 13418
-
-[LDAP]
-HOST = ldap://bottin2.service.2.cluster.deuxfleurs.fr/
-BASE = ou=users,dc=deuxfleurs,dc=fr
-USER_DN = {{ key "secrets/seafile/ccnet/ldap_binddn" | trimSpace }}
-FILTER = memberOf=CN=seafile,OU=groups,DC=deuxfleurs,DC=fr
-PASSWORD = {{ key "secrets/seafile/ccnet/ldap_bindpwd" | trimSpace }}
-LOGIN_ATTR = mail
-
-[Database]
-ENGINE = mysql
-HOST = mariadb.service.2.cluster.deuxfleurs.fr
-PORT = 3306
-USER = seafile
-PASSWD = {{ key "secrets/seafile/ccnet/mysql_pwd" | trimSpace }}
-DB = ccnet-db
-CONNECTION_CHARSET = utf8
-
diff --git a/app/seafile/config/conf/gunicorn.conf b/app/seafile/config/conf/gunicorn.conf
deleted file mode 100644
index 415fd32..0000000
--- a/app/seafile/config/conf/gunicorn.conf
+++ /dev/null
@@ -1,16 +0,0 @@
-import os
-
-daemon = True
-workers = 5
-
-# default localhost:8000
-bind = "[::]:8000"
-
-# Pid
-pids_dir = '/srv/webstore/pids'
-pidfile = os.path.join(pids_dir, 'seahub.pid')
-
-# for file upload, we need a longer timeout value (default is only 30s, too short)
-timeout = 1200
-
-limit_request_line = 8190
diff --git a/app/seafile/config/conf/seafdav.conf b/app/seafile/config/conf/seafdav.conf
deleted file mode 100644
index af78547..0000000
--- a/app/seafile/config/conf/seafdav.conf
+++ /dev/null
@@ -1,6 +0,0 @@
-[WEBDAV]
-host = ::
-enabled = true
-port = 8084
-fastcgi = false
-share_name = /seafdav
diff --git a/app/seafile/config/conf/seafile.conf.tpl b/app/seafile/config/conf/seafile.conf.tpl
deleted file mode 100644
index a6425e9..0000000
--- a/app/seafile/config/conf/seafile.conf.tpl
+++ /dev/null
@@ -1,19 +0,0 @@
-[network]
-port = 12001
-
-[fileserver]
-port = 8083
-max_upload_size=8192
-max_download_dir_size=8192
-
-[database]
-type = mysql
-host = mariadb.service.2.cluster.deuxfleurs.fr
-port = 3306
-user = seafile
-password = {{ key "secrets/seafile/ccnet/mysql_pwd" | trimSpace }}
-db_name = seafile-db
-connection_charset = utf8
-
-[quota]
-default = 50
diff --git a/app/seafile/config/conf/seahub_settings.py.tpl b/app/seafile/config/conf/seahub_settings.py.tpl
deleted file mode 100644
index 6c63ee4..0000000
--- a/app/seafile/config/conf/seahub_settings.py.tpl
+++ /dev/null
@@ -1,21 +0,0 @@
-SECRET_KEY = "8ep+sgi&s1-f2cq2178!ekk!0h0nw2y4z1-olbaopxmodsd8vk"
-FILE_SERVER_ROOT = 'https://cloud.deuxfleurs.fr/seafhttp'
-DATABASES = {
- 'default': {
- 'ENGINE': 'django.db.backends.mysql',
- 'NAME': 'seahub-db',
- 'USER': 'seafile',
- 'PASSWORD': '{{ key "secrets/seafile/ccnet/mysql_pwd" | trimSpace }}',
- 'HOST': 'mariadb.service.2.cluster.deuxfleurs.fr',
- 'PORT': '3306',
- 'OPTIONS': {
- 'init_command': 'SET storage_engine=INNODB',
- }
- }
-}
-FILE_PREVIEW_MAX_SIZE = 100 * 1024 * 1024
-ENABLE_THUMBNAIL = True
-THUMBNAIL_ROOT = '/mnt/seafile-data/thumbnail/thumb/'
-THUMBNAIL_EXTENSION = 'png'
-THUMBNAIL_DEFAULT_SIZE = '24'
-PREVIEW_DEFAULT_SIZE = '300'
diff --git a/app/seafile/config/mariadb/main/env.tpl b/app/seafile/config/mariadb/main/env.tpl
deleted file mode 100644
index 0fe903b..0000000
--- a/app/seafile/config/mariadb/main/env.tpl
+++ /dev/null
@@ -1,6 +0,0 @@
-LDAP_URI = "ldap://bottin2.service.2.cluster.deuxfleurs.fr"
-LDAP_BASE = "ou=users,dc=deuxfleurs,dc=fr"
-LDAP_VERSION = 3
-LDAP_BIND_DN = "{{ key "secrets/mariadb/main/ldap_binddn" | trimSpace }}"
-LDAP_BIND_PW = "{{ key "secrets/mariadb/main/ldap_bindpwd" | trimSpace }}"
-MYSQL_PASSWORD = "{{ key "secrets/mariadb/main/mysql_pwd" | trimSpace }}"
diff --git a/app/seafile/deploy/seafile.hcl b/app/seafile/deploy/seafile.hcl
deleted file mode 100644
index d8488d2..0000000
--- a/app/seafile/deploy/seafile.hcl
+++ /dev/null
@@ -1,222 +0,0 @@
-job "seafile" {
- datacenters = ["dc1"]
- type = "service"
- priority = 10
-
- constraint {
- attribute = "${attr.cpu.arch}"
- value = "amd64"
- }
-
- group "main" {
- count = 1
-
- network {
- port "seafile-frontend_port" { static = 8000 }
- port "seafile-seafhttp_port" { static = 8083 }
- port "seafile-dav_port" { static = 8084 }
- port "seafile-hack_port" { static = 8085 }
- port "mariadb_port" { static = 3306 }
- }
-
- task "mariadb" {
- driver = "docker"
- config {
- image = "superboum/amd64_mariadb:v4"
- network_mode = "host"
- command = "tail"
- ports = [ "mariadb_port" ]
- args = [
- "-f", "/var/log/mysql/error.log",
- ]
- volumes = [
- "/mnt/glusterfs/mariadb/main/server:/var/lib/mysql",
- ]
- }
-
- template {
- data = file("../config/mariadb/main/env.tpl")
- destination = "secrets/env"
- env = true
- }
-
- resources {
- memory = 800
- }
-
- service {
- tags = ["mariadb"]
- port = "mariadb_port"
- address_mode = "host"
- name = "mariadb"
- check {
- type = "tcp"
- port = "mariadb_port"
- interval = "60s"
- timeout = "5s"
- check_restart {
- limit = 3
- grace = "90s"
- ignore_warnings = false
- }
- }
- }
- }
-
-
- task "hack" {
- driver = "docker"
- config {
- image = "alpine/socat:1.0.5"
- network_mode = "host"
- ports = [ "seafile-hack_port" ]
- command = "tcp6-listen:8085,fork,reuseaddr"
- args = [ "tcp-connect:127.0.0.1:8083" ]
- }
- resources {
- memory = 10
- }
- service {
- tags = [
- "seafile",
- "traefik.enable=true",
- "traefik.frontend.entryPoints=https,http",
- "traefik.frontend.rule=Host:cloud.deuxfleurs.fr;PathPrefixStrip:/seafhttp"
-
- ]
- port = "seafile-hack_port"
- address_mode = "host"
- name = "seafhttp"
- check {
- type = "tcp"
- port = "seafile-hack_port"
- interval = "60s"
- timeout = "5s"
- check_restart {
- limit = 3
- grace = "90s"
- ignore_warnings = false
- }
- }
- }
-
- }
-
- task "server" {
- driver = "docker"
- config {
- image = "superboum/amd64_seafile:v6"
- network_mode = "host"
- ports = [ "seafile-frontend_port", "seafile-dav_port", "seafile-seafhttp_port" ]
-
- ## cmd + args are used for running an instance attachable for update
- # command = "/bin/sleep"
- # args = ["999999"]
-
- mounts = [
- {
- type = "bind"
- source = "/mnt/glusterfs/seafile"
- target = "/mnt/seafile-data"
- }
- ]
-
- volumes = [
- "secrets/conf:/srv/webstore/conf",
- "secrets/ccnet:/srv/webstore/ccnet"
- ]
- }
-
- resources {
- memory = 600
- }
-
- service {
- tags = [
- "seafile",
- "traefik.enable=true",
- "traefik.frontend.entryPoints=https,http",
- "traefik.frontend.rule=Host:cloud.deuxfleurs.fr;PathPrefix:/"
- ]
- port = "seafile-frontend_port"
- address_mode = "host"
- name = "seahub"
- check {
- type = "tcp"
- port = "seafile-frontend_port"
- interval = "60s"
- timeout = "5s"
- check_restart {
- limit = 3
- grace = "90s"
- ignore_warnings = false
- }
- }
- }
-
- service {
- tags = [
- "seafile",
- "traefik.enable=true",
- "traefik.frontend.entryPoints=https,http",
- "traefik.frontend.rule=Host:cloud.deuxfleurs.fr;PathPrefix:/seafdav"
-
- ]
- port = "seafile-dav_port"
- address_mode = "host"
- name = "seafdav"
- check {
- type = "tcp"
- port = "seafile-dav_port"
- interval = "60s"
- timeout = "5s"
- check_restart {
- limit = 3
- grace = "90s"
- ignore_warnings = false
- }
- }
- }
-
- template {
- data = file("../config/conf/ccnet.conf.tpl")
- destination = "secrets/conf/ccnet.conf"
- }
-
- template {
- data = file("../config/conf/seafile.conf.tpl")
- destination = "secrets/conf/seafile.conf"
- }
-
- template {
- data = file("../config/conf/seahub_settings.py.tpl")
- destination = "secrets/conf/seahub_settings.py"
- }
-
- template {
- data = file("../config/ccnet/seafile.ini")
- destination = "secrets/ccnet/seafile.ini"
- }
- template {
- data = file("../config/conf/seafdav.conf")
- destination = "secrets/conf/seafdav.conf"
- }
- template {
- data = file("../config/conf/gunicorn.conf")
- destination = "secrets/conf/gunicorn.conf"
- }
-
- # ---- secrets ----
- template {
- data = "{{ key \"secrets/seafile/conf/mykey.peer\" }}"
- destination = "secrets/ccnet/mykey.peer"
- }
-
- template {
- data = "{{ key \"secrets/seafile/conf/mykey.peer\" }}"
- destination = "secrets/conf/mykey.peer"
- }
- }
- }
-}
-
diff --git a/app/seafile/secrets/mariadb/main/ldap_binddn b/app/seafile/secrets/mariadb/main/ldap_binddn
deleted file mode 100644
index e77ff39..0000000
--- a/app/seafile/secrets/mariadb/main/ldap_binddn
+++ /dev/null
@@ -1 +0,0 @@
-SERVICE_DN mysql MySQL/MariaDB database
diff --git a/app/seafile/secrets/mariadb/main/ldap_bindpwd b/app/seafile/secrets/mariadb/main/ldap_bindpwd
deleted file mode 100644
index c29f983..0000000
--- a/app/seafile/secrets/mariadb/main/ldap_bindpwd
+++ /dev/null
@@ -1 +0,0 @@
-SERVICE_PASSWORD mysql
diff --git a/app/seafile/secrets/mariadb/main/mysql_pwd b/app/seafile/secrets/mariadb/main/mysql_pwd
deleted file mode 100644
index ae7fd75..0000000
--- a/app/seafile/secrets/mariadb/main/mysql_pwd
+++ /dev/null
@@ -1 +0,0 @@
-USER mysql_pwd (what is this?)
diff --git a/app/seafile/secrets/seafile/conf/mykey.peer b/app/seafile/secrets/seafile/conf/mykey.peer
deleted file mode 100644
index 12f0e5f..0000000
--- a/app/seafile/secrets/seafile/conf/mykey.peer
+++ /dev/null
@@ -1 +0,0 @@
-USER Seafile peer key