diff options
33 files changed, 17 insertions, 802 deletions
diff --git a/app/science/deploy/science.hcl b/app/bagage/deploy/bagage.hcl index 1701027..2c8884b 100644 --- a/app/science/deploy/science.hcl +++ b/app/bagage/deploy/bagage.hcl @@ -1,45 +1,46 @@ -job "science" { +job "bagage" { datacenters = ["dc1"] type = "service" - priority = 10 + priority = 90 constraint { attribute = "${attr.cpu.arch}" value = "amd64" } - group "diagnet" { + group "main" { + count = 1 + network { - port "web_port" { to = 8000 } + port "web_port" { to = 8080 } } - task "main" { + task "server" { driver = "docker" config { - image = "lesterpig/diagnet-landmark:latest" - args = [ - "-name", "landmark-deuxfleurs", - "-chrome", "-chrome-interval", "60m", - "-http", ":8000" - ] + image = "superboum/amd64_bagage:v5" + readonly_rootfs = true ports = [ "web_port" ] } + env { + BAGAGE_LDAP_ENDPOINT = "bottin2.service.2.cluster.deuxfleurs.fr:389" + } + resources { - cpu = 100 - memory = 250 + memory = 100 } service { + name = "bagage" tags = [ - "diagnet", + "bagage", "traefik.enable=true", "traefik.frontend.entryPoints=https,http", - "traefik.frontend.rule=Host:diagnet.science.deuxfleurs.fr;PathPrefix:/" + "traefik.frontend.rule=Host:bagage.deuxfleurs.fr", ] port = "web_port" address_mode = "host" - name = "diagnet" check { type = "tcp" port = "web_port" diff --git a/app/nextcloud/build/nextcloud/Dockerfile b/app/nextcloud/build/nextcloud/Dockerfile deleted file mode 100644 index 9f817f6..0000000 --- a/app/nextcloud/build/nextcloud/Dockerfile +++ /dev/null @@ -1,27 +0,0 @@ -FROM debian:10 - -RUN apt-get update && \ - apt-get -qq -y full-upgrade - -RUN apt-get install -y apache2 php php-gd php-mbstring php-pgsql php-curl php-dom php-xml php-zip \ - php-intl php-ldap php-fileinfo php-exif php-apcu php-redis php-imagick unzip curl wget && \ - phpenmod gd && \ - phpenmod curl && \ - phpenmod mbstring && \ - phpenmod pgsql && \ - phpenmod dom && \ - phpenmod zip && \ - phpenmod intl && \ - phpenmod ldap && \ - phpenmod fileinfo && \ - phpenmod exif && \ - phpenmod apcu && \ - phpenmod redis && \ - phpenmod imagick && \ - phpenmod xml - -COPY container-setup.sh /tmp -RUN /tmp/container-setup.sh - -COPY entrypoint.sh / -CMD /entrypoint.sh diff --git a/app/nextcloud/build/nextcloud/container-setup.sh b/app/nextcloud/build/nextcloud/container-setup.sh deleted file mode 100755 index 8330291..0000000 --- a/app/nextcloud/build/nextcloud/container-setup.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh - -set -ex - -curl https://download.nextcloud.com/server/releases/nextcloud-19.0.0.zip > /tmp/nextcloud.zip -cd /var/www -unzip /tmp/nextcloud.zip -rm /tmp/nextcloud.zip -mv html html.old -mv nextcloud html - -cd html -mkdir data - -cd apps -wget https://github.com/nextcloud/tasks/releases/download/v0.13.1/tasks.tar.gz -tar xf tasks.tar.gz -wget https://github.com/nextcloud/maps/releases/download/v0.1.6/maps-0.1.6.tar.gz -tar xf maps-0.1.6.tar.gz -wget https://github.com/nextcloud/calendar/releases/download/v2.0.3/calendar.tar.gz -tar xf calendar.tar.gz -wget https://github.com/nextcloud/news/releases/download/14.1.11/news.tar.gz -tar xf news.tar.gz -wget https://github.com/nextcloud/notes/releases/download/v3.6.0/notes.tar.gz -tar xf notes.tar.gz -wget https://github.com/nextcloud/contacts/releases/download/v3.3.0/contacts.tar.gz -tar xf contacts.tar.gz -wget https://github.com/nextcloud/mail/releases/download/v1.4.0/mail.tar.gz -tar xf mail.tar.gz -wget https://github.com/nextcloud/groupfolders/releases/download/v6.0.6/groupfolders.tar.gz -tar xf groupfolders.tar.gz -rm *.tar.gz - -chown -R www-data:www-data /var/www/html - -cd /var/www/html -php occ diff --git a/app/nextcloud/build/nextcloud/entrypoint.sh b/app/nextcloud/build/nextcloud/entrypoint.sh deleted file mode 100755 index 72b4f94..0000000 --- a/app/nextcloud/build/nextcloud/entrypoint.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -set -xe - -chown www-data:www-data /var/www/html/config/config.php -touch /var/www/html/data/.ocdata - -exec apachectl -DFOREGROUND diff --git a/app/nextcloud/config/config.php.tpl b/app/nextcloud/config/config.php.tpl deleted file mode 100644 index 7dcfc6e..0000000 --- a/app/nextcloud/config/config.php.tpl +++ /dev/null @@ -1,49 +0,0 @@ -<?php -$CONFIG = array ( - 'appstoreenabled' => false, - 'instanceid' => '{{ key "secrets/nextcloud/instance_id" | trimSpace }}', - 'passwordsalt' => '{{ key "secrets/nextcloud/password_salt" | trimSpace }}', - 'secret' => '{{ key "secrets/nextcloud/secret" | trimSpace }}', - 'trusted_domains' => array ( - 0 => 'nextcloud.deuxfleurs.fr', - ), - 'memcache.local' => '\\OC\\Memcache\\APCu', - - 'objectstore' => array( - 'class' => '\\OC\\Files\\ObjectStore\\S3', - 'arguments' => array( - 'bucket' => 'nextcloud', - 'autocreate' => false, - 'key' => '{{ key "secrets/nextcloud/garage_access_key" | trimSpace }}', - 'secret' => '{{ key "secrets/nextcloud/garage_secret_key" | trimSpace }}', - 'hostname' => 'garage.deuxfleurs.fr', - 'port' => 443, - 'use_ssl' => true, - 'region' => 'garage', - // required for some non Amazon S3 implementations - 'use_path_style' => true - ), - ), - - 'dbtype' => 'pgsql', - 'dbhost' => 'psql-proxy.service.2.cluster.deuxfleurs.fr', - 'dbname' => 'nextcloud', - 'dbtableprefix' => 'nc_', - 'dbuser' => '{{ key "secrets/nextcloud/db_user" | trimSpace }}', - 'dbpassword' => '{{ key "secrets/nextcloud/db_pass" | trimSpace }}', - - 'default_language' => 'fr', - 'default_locale' => 'fr_FR', - - 'mail_domain' => 'deuxfleurs.fr', - 'mail_from_address' => 'nextcloud@deuxfleurs.fr', - // TODO SMTP CONFIG - - // TODO REDIS CACHE - - 'version' => '19.0.0.12', - 'overwrite.cli.url' => 'https://nextcloud.deuxfleurs.fr', - - 'installed' => true, -); - diff --git a/app/nextcloud/deploy/nextcloud.hcl b/app/nextcloud/deploy/nextcloud.hcl deleted file mode 100644 index 8852787..0000000 --- a/app/nextcloud/deploy/nextcloud.hcl +++ /dev/null @@ -1,65 +0,0 @@ -job "nextcloud" { - datacenters = ["dc1", "belair"] - type = "service" - priority = 40 - - constraint { - attribute = "${attr.cpu.arch}" - value = "amd64" - } - - group "nextcloud" { - count = 1 - - network { - port "web_port" { - to = 80 - } - } - - task "nextcloud" { - driver = "docker" - config { - image = "lxpz/deuxfleurs_nextcloud_amd64:8" - ports = [ "web_port" ] - volumes = [ - "secrets/config.php:/var/www/html/config/config.php" - ] - } - - template { - data = file("../config/config.php.tpl") - destination = "secrets/config.php" - } - - resources { - memory = 1000 - cpu = 2000 - } - - service { - name = "nextcloud" - tags = [ - "nextcloud", - "traefik.enable=true", - "traefik.frontend.entryPoints=https,http", - "traefik.frontend.rule=Host:nextcloud.deuxfleurs.fr", - ] - port = "web_port" - address_mode = "host" - check { - type = "tcp" - port = "web_port" - interval = "60s" - timeout = "5s" - check_restart { - limit = 3 - grace = "90s" - ignore_warnings = false - } - } - } - } - } -} - diff --git a/app/nextcloud/integration/README.md b/app/nextcloud/integration/README.md deleted file mode 100644 index 3d49768..0000000 --- a/app/nextcloud/integration/README.md +++ /dev/null @@ -1,20 +0,0 @@ -Install Owncloud CLI: - -php ./occ \ - --no-interaction \ - --verbose \ - maintenance:install \ - --database pgsql \ - --database-name nextcloud \ - --database-host postgres \ - --database-user nextcloud \ - --database-pass nextcloud \ - --admin-user nextcloud \ - --admin-pass nextcloud \ - --admin-email coucou@deuxfleurs.fr - -Official image entrypoint: - -https://github.com/nextcloud/docker/blob/master/20.0/fpm/entrypoint.sh - - diff --git a/app/nextcloud/integration/bottin.json b/app/nextcloud/integration/bottin.json deleted file mode 100644 index a970762..0000000 --- a/app/nextcloud/integration/bottin.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "suffix": "dc=deuxfleurs,dc=fr", - "bind": "0.0.0.0:389", - "consul_host": "http://consul:8500", - "log_level": "debug", - "acl": [ - "*,dc=deuxfleurs,dc=fr::read:*:* !userpassword", - "*::read modify:SELF:*", - "ANONYMOUS::bind:*,ou=users,dc=deuxfleurs,dc=fr:", - "ANONYMOUS::bind:cn=admin,dc=deuxfleurs,dc=fr:", - "*,ou=services,ou=users,dc=deuxfleurs,dc=fr::bind:*,ou=users,dc=deuxfleurs,dc=fr:*", - "*,ou=services,ou=users,dc=deuxfleurs,dc=fr::read:*:*", - - "*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:add:*,ou=invitations,dc=deuxfleurs,dc=fr:*", - "ANONYMOUS::bind:*,ou=invitations,dc=deuxfleurs,dc=fr:", - "*,ou=invitations,dc=deuxfleurs,dc=fr::delete:SELF:*", - - "*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:add:*,ou=users,dc=deuxfleurs,dc=fr:*", - "*,ou=invitations,dc=deuxfleurs,dc=fr::add:*,ou=users,dc=deuxfleurs,dc=fr:*", - - "*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=email,ou=groups,dc=deuxfleurs,dc=fr:*", - "*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=email,ou=groups,dc=deuxfleurs,dc=fr:*", - "*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=seafile,ou=groups,dc=deuxfleurs,dc=fr:*", - "*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=seafile,ou=groups,dc=deuxfleurs,dc=fr:*", - "*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=nextcloud,ou=groups,dc=deuxfleurs,dc=fr:*", - "*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=seafile,ou=nextcloud,dc=deuxfleurs,dc=fr:*", - - "cn=admin,dc=deuxfleurs,dc=fr::read add modify delete:*:*", - "*:cn=admin,ou=groups,dc=deuxfleurs,dc=fr:read add modify delete:*:*" - ] -} diff --git a/app/nextcloud/integration/docker-compose.yml b/app/nextcloud/integration/docker-compose.yml deleted file mode 100644 index 7ba090b..0000000 --- a/app/nextcloud/integration/docker-compose.yml +++ /dev/null @@ -1,27 +0,0 @@ -version: '3.4' -services: - php: - image: lxpz/deuxfleurs_nextcloud_amd64:8 - depends_on: - - bottin - - postgres - ports: - - "80:80" - - postgres: - image: postgres:9.6.19 - environment: - - POSTGRES_DB=nextcloud - - POSTGRES_USER=nextcloud - - POSTGRES_PASSWORD=nextcloud - - bottin: - image: lxpz/bottin_amd64:14 - depends_on: - - consul - volumes: - - ./bottin.json:/config.json - - consul: - image: consul:1.8.4 - diff --git a/app/seafile/build/mariadb/60-disable-dialog.cnf b/app/seafile/build/mariadb/60-disable-dialog.cnf deleted file mode 100644 index d41731a..0000000 --- a/app/seafile/build/mariadb/60-disable-dialog.cnf +++ /dev/null @@ -1,3 +0,0 @@ -[mariadb] -pam_use_cleartext_plugin -bind-address = 0.0.0.0 diff --git a/app/seafile/build/mariadb/60-ldap.cnf b/app/seafile/build/mariadb/60-ldap.cnf deleted file mode 100644 index 72ffb9f..0000000 --- a/app/seafile/build/mariadb/60-ldap.cnf +++ /dev/null @@ -1,3 +0,0 @@ -[mariadb] -plugin-load=auth_pam.so - diff --git a/app/seafile/build/mariadb/60-remote.cnf b/app/seafile/build/mariadb/60-remote.cnf deleted file mode 100644 index acf8f9b..0000000 --- a/app/seafile/build/mariadb/60-remote.cnf +++ /dev/null @@ -1,2 +0,0 @@ -[mysqld] -bind-address = * diff --git a/app/seafile/build/mariadb/Dockerfile b/app/seafile/build/mariadb/Dockerfile deleted file mode 100644 index 15ef954..0000000 --- a/app/seafile/build/mariadb/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -FROM debian:stretch - -RUN apt-get update && \ - apt-get dist-upgrade -y && \ - DEBIAN_FRONTEND=noninteractive apt-get install -y mariadb-server mariadb-client libnss-ldapd - -COPY 60-ldap.cnf /etc/mysql/mariadb.conf.d/60-ldap.cnf -COPY 60-remote.cnf /etc/mysql/mariadb.conf.d/60-remote.cnf -COPY 60-disable-dialog.cnf /etc/mysql/mariadb.conf.d/60-disable-dialog.cnf -COPY pam-mariadb /etc/pam.d/mariadb -COPY nsswitch.conf /etc/nsswitch.conf -COPY entrypoint.sh /usr/local/bin/entrypoint - -ENTRYPOINT ["/usr/local/bin/entrypoint"] diff --git a/app/seafile/build/mariadb/README.md b/app/seafile/build/mariadb/README.md deleted file mode 100644 index 1a3b8aa..0000000 --- a/app/seafile/build/mariadb/README.md +++ /dev/null @@ -1,19 +0,0 @@ -``` -sudo docker build -t superboum/amd64_mariadb:v3 . - -sudo docker run \ - -t -i \ - -p 3306:3306 \ - -v /tmp/mysql:/var/lib/mysql \ - -e LDAP_URI='ldap://bottin.service.2.cluster.deuxfleurs.fr' \ - -e LDAP_BASE='ou=users,dc=deuxfleurs,dc=fr' \ - -e LDAP_VERSION=3 \ - -e LDAP_BIND_DN='cn=admin,dc=deuxfleurs,dc=fr' \ - -e LDAP_BIND_PW='xxxx' \ - -e MYSQL_PASSWORD='xxxx' \ - superboum/amd64_mariadb:v1 \ - tail -f /var/log/mysql/error.log - -CREATE USER quentin@localhost IDENTIFIED VIA pam USING 'mariadb'; - -``` diff --git a/app/seafile/build/mariadb/entrypoint.sh b/app/seafile/build/mariadb/entrypoint.sh deleted file mode 100755 index 1bb2f01..0000000 --- a/app/seafile/build/mariadb/entrypoint.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash - -set -e - -cat > /etc/nslcd.conf <<EOF -# /etc/nslcd.conf -# nslcd configuration file. See nslcd.conf(5) -# for details. - -# The user and group nslcd should run as. -uid nslcd -gid nslcd - -# The location at which the LDAP server(s) should be reachable. -uri ${LDAP_URI} - -# The search base that will be used for all queries. -base ${LDAP_BASE} - -# The LDAP protocol version to use. -ldap_version ${LDAP_VERSION} - -# The DN to bind with for normal lookups. -binddn ${LDAP_BIND_DN} -bindpw ${LDAP_BIND_PW} - -# The DN used for password modifications by root. -#rootpwmoddn cn=admin,dc=example,dc=com - -# SSL options -#ssl off -#tls_reqcert never -tls_cacertfile /etc/ssl/certs/ca-certificates.crt - -# The search scope. -#scope sub -EOF - -/usr/sbin/nslcd - -chown mysql:mysql /var/lib/mysql -[ -z "$(ls -A /var/lib/mysql)" ] && mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql - -/usr/bin/mysqld_safe --skip-syslog & - -until ls /var/run/mysqld/mysqld.sock; do sleep 1; done -/usr/bin/mysqladmin -u root password ${MYSQL_PASSWORD} || true - -exec "$@" - diff --git a/app/seafile/build/mariadb/nsswitch.conf b/app/seafile/build/mariadb/nsswitch.conf deleted file mode 100644 index 853348e..0000000 --- a/app/seafile/build/mariadb/nsswitch.conf +++ /dev/null @@ -1,21 +0,0 @@ -# /etc/nsswitch.conf -# -# Example configuration of GNU Name Service Switch functionality. -# If you have the `glibc-doc-reference' and `info' packages installed, try: -# `info libc "Name Service Switch"' for information about this file. - -passwd: files ldap -group: files ldap -shadow: files ldap -gshadow: files - -hosts: files dns -networks: files - -protocols: db files -services: db files -ethers: db files -rpc: db files - -netgroup: nis - diff --git a/app/seafile/build/mariadb/pam-mariadb b/app/seafile/build/mariadb/pam-mariadb deleted file mode 100644 index e1bb814..0000000 --- a/app/seafile/build/mariadb/pam-mariadb +++ /dev/null @@ -1,2 +0,0 @@ -auth required pam_ldap.so -account required pam_ldap.so diff --git a/app/seafile/build/seafile/Dockerfile b/app/seafile/build/seafile/Dockerfile deleted file mode 100644 index 88dee4f..0000000 --- a/app/seafile/build/seafile/Dockerfile +++ /dev/null @@ -1,46 +0,0 @@ -FROM amd64/debian:buster as builder - -ENV VERSION 7.0.5 - -RUN apt-get update && \ - apt-get dist-upgrade -y && \ - DEBIAN_FRONTEND=noninteractive apt-get install -y wget tar && \ - wget https://download.seadrive.org/seafile-server_${VERSION}_x86-64.tar.gz -O ./seafile.tar.gz && \ - tar xf ./seafile.tar.gz && \ - mv seafile-server-${VERSION} seafile-server - -FROM amd64/debian:buster - -COPY --from=builder ./seafile-server /srv/webstore/seafile-server - -RUN apt-get update && \ - apt-get dist-upgrade -y && \ - DEBIAN_FRONTEND=noninteractive apt-get install -y \ - python \ - mariadb-client \ - python2.7 \ - libpython2.7 \ - python-setuptools \ - python-ldap \ - python-urllib3 \ - ffmpeg \ - python-pip \ - python-mysqldb \ - python-memcache \ - procps \ - python-requests && \ - pip install Pillow==4.3.0 && \ - pip install moviepy && \ - useradd -u 1000 -d /srv/webstore seauser && \ - chown -R seauser:1000 /srv/webstore/ - -RUN mkdir -p /usr/local/lib/mariadb/plugin/ && \ - ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/mysql_clear_password.so /usr/local/lib/mariadb/plugin/ && \ - ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/dialog.so /usr/local/lib/mariadb/plugin/ - -WORKDIR /srv/webstore/seafile-server -COPY seadocker /usr/local/bin/seadocker -COPY seaenv /usr/local/bin/seaenv - -ENTRYPOINT ["/usr/local/bin/seaenv"] -CMD ["/usr/local/bin/seadocker"] diff --git a/app/seafile/build/seafile/README.md b/app/seafile/build/seafile/README.md deleted file mode 100644 index 26d04e0..0000000 --- a/app/seafile/build/seafile/README.md +++ /dev/null @@ -1,27 +0,0 @@ - -```bash -sudo docker build -t superboum/amd64_seafile:v5 . -``` - -When upgrading, connect on a production server and run: - -```bash -nomad stop seafile -sudo docker build -t superboum/amd64_seafile:v6 . - -sudo docker run -t -i \ - -v /mnt/glusterfs/seafile:/mnt/seafile-data \ - -v /mnt/glusterfs/seaconf/conf:/srv/webstore/conf \ - -v /mnt/glusterfs/seaconf/ccnet:/srv/webstore/ccnet \ - superboum/amd64_seafile:v5 - -# See: -# * https://download.seafile.com/published/seafile-manual/deploy/upgrade.md -# * https://download.seafile.com/published/seafile-manual/changelog/server-changelog.md - - - -nomad start seafile.hcl -``` - -when upgrading, change the command on start diff --git a/app/seafile/build/seafile/seadocker b/app/seafile/build/seafile/seadocker deleted file mode 100755 index 5b5982b..0000000 --- a/app/seafile/build/seafile/seadocker +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -/srv/webstore/seafile-server/seafile.sh start -/srv/webstore/seafile-server/seahub.sh start -tail -f /srv/webstore/logs/* diff --git a/app/seafile/build/seafile/seaenv b/app/seafile/build/seafile/seaenv deleted file mode 100755 index 3b0e0bb..0000000 --- a/app/seafile/build/seafile/seaenv +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -chown seauser /srv/webstore -chown seauser -R /srv/webstore/ccnet -chown seauser -R /srv/webstore/conf - -runuser -u seauser -- "$@" diff --git a/app/seafile/config/ccnet/seafile.ini b/app/seafile/config/ccnet/seafile.ini deleted file mode 100644 index 306d126..0000000 --- a/app/seafile/config/ccnet/seafile.ini +++ /dev/null @@ -1 +0,0 @@ -/mnt/seafile-data/
\ No newline at end of file diff --git a/app/seafile/config/conf/ccnet.conf.tpl b/app/seafile/config/conf/ccnet.conf.tpl deleted file mode 100644 index 2395a9b..0000000 --- a/app/seafile/config/conf/ccnet.conf.tpl +++ /dev/null @@ -1,29 +0,0 @@ -[General] -USER_NAME = deuxfleurs -ID = {{ key "secrets/seafile/ccnet/seafile_id" | trimSpace }} -NAME = deuxfleurs -SERVICE_URL = https://cloud.deuxfleurs.fr - -[Network] -PORT = 10001 - -[Client] -PORT = 13418 - -[LDAP] -HOST = ldap://bottin2.service.2.cluster.deuxfleurs.fr/ -BASE = ou=users,dc=deuxfleurs,dc=fr -USER_DN = {{ key "secrets/seafile/ccnet/ldap_binddn" | trimSpace }} -FILTER = memberOf=CN=seafile,OU=groups,DC=deuxfleurs,DC=fr -PASSWORD = {{ key "secrets/seafile/ccnet/ldap_bindpwd" | trimSpace }} -LOGIN_ATTR = mail - -[Database] -ENGINE = mysql -HOST = mariadb.service.2.cluster.deuxfleurs.fr -PORT = 3306 -USER = seafile -PASSWD = {{ key "secrets/seafile/ccnet/mysql_pwd" | trimSpace }} -DB = ccnet-db -CONNECTION_CHARSET = utf8 - diff --git a/app/seafile/config/conf/gunicorn.conf b/app/seafile/config/conf/gunicorn.conf deleted file mode 100644 index 415fd32..0000000 --- a/app/seafile/config/conf/gunicorn.conf +++ /dev/null @@ -1,16 +0,0 @@ -import os - -daemon = True -workers = 5 - -# default localhost:8000 -bind = "[::]:8000" - -# Pid -pids_dir = '/srv/webstore/pids' -pidfile = os.path.join(pids_dir, 'seahub.pid') - -# for file upload, we need a longer timeout value (default is only 30s, too short) -timeout = 1200 - -limit_request_line = 8190 diff --git a/app/seafile/config/conf/seafdav.conf b/app/seafile/config/conf/seafdav.conf deleted file mode 100644 index af78547..0000000 --- a/app/seafile/config/conf/seafdav.conf +++ /dev/null @@ -1,6 +0,0 @@ -[WEBDAV] -host = :: -enabled = true -port = 8084 -fastcgi = false -share_name = /seafdav diff --git a/app/seafile/config/conf/seafile.conf.tpl b/app/seafile/config/conf/seafile.conf.tpl deleted file mode 100644 index a6425e9..0000000 --- a/app/seafile/config/conf/seafile.conf.tpl +++ /dev/null @@ -1,19 +0,0 @@ -[network] -port = 12001 - -[fileserver] -port = 8083 -max_upload_size=8192 -max_download_dir_size=8192 - -[database] -type = mysql -host = mariadb.service.2.cluster.deuxfleurs.fr -port = 3306 -user = seafile -password = {{ key "secrets/seafile/ccnet/mysql_pwd" | trimSpace }} -db_name = seafile-db -connection_charset = utf8 - -[quota] -default = 50 diff --git a/app/seafile/config/conf/seahub_settings.py.tpl b/app/seafile/config/conf/seahub_settings.py.tpl deleted file mode 100644 index 6c63ee4..0000000 --- a/app/seafile/config/conf/seahub_settings.py.tpl +++ /dev/null @@ -1,21 +0,0 @@ -SECRET_KEY = "8ep+sgi&s1-f2cq2178!ekk!0h0nw2y4z1-olbaopxmodsd8vk" -FILE_SERVER_ROOT = 'https://cloud.deuxfleurs.fr/seafhttp' -DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.mysql', - 'NAME': 'seahub-db', - 'USER': 'seafile', - 'PASSWORD': '{{ key "secrets/seafile/ccnet/mysql_pwd" | trimSpace }}', - 'HOST': 'mariadb.service.2.cluster.deuxfleurs.fr', - 'PORT': '3306', - 'OPTIONS': { - 'init_command': 'SET storage_engine=INNODB', - } - } -} -FILE_PREVIEW_MAX_SIZE = 100 * 1024 * 1024 -ENABLE_THUMBNAIL = True -THUMBNAIL_ROOT = '/mnt/seafile-data/thumbnail/thumb/' -THUMBNAIL_EXTENSION = 'png' -THUMBNAIL_DEFAULT_SIZE = '24' -PREVIEW_DEFAULT_SIZE = '300' diff --git a/app/seafile/config/mariadb/main/env.tpl b/app/seafile/config/mariadb/main/env.tpl deleted file mode 100644 index 0fe903b..0000000 --- a/app/seafile/config/mariadb/main/env.tpl +++ /dev/null @@ -1,6 +0,0 @@ -LDAP_URI = "ldap://bottin2.service.2.cluster.deuxfleurs.fr" -LDAP_BASE = "ou=users,dc=deuxfleurs,dc=fr" -LDAP_VERSION = 3 -LDAP_BIND_DN = "{{ key "secrets/mariadb/main/ldap_binddn" | trimSpace }}" -LDAP_BIND_PW = "{{ key "secrets/mariadb/main/ldap_bindpwd" | trimSpace }}" -MYSQL_PASSWORD = "{{ key "secrets/mariadb/main/mysql_pwd" | trimSpace }}" diff --git a/app/seafile/deploy/seafile.hcl b/app/seafile/deploy/seafile.hcl deleted file mode 100644 index d8488d2..0000000 --- a/app/seafile/deploy/seafile.hcl +++ /dev/null @@ -1,222 +0,0 @@ -job "seafile" { - datacenters = ["dc1"] - type = "service" - priority = 10 - - constraint { - attribute = "${attr.cpu.arch}" - value = "amd64" - } - - group "main" { - count = 1 - - network { - port "seafile-frontend_port" { static = 8000 } - port "seafile-seafhttp_port" { static = 8083 } - port "seafile-dav_port" { static = 8084 } - port "seafile-hack_port" { static = 8085 } - port "mariadb_port" { static = 3306 } - } - - task "mariadb" { - driver = "docker" - config { - image = "superboum/amd64_mariadb:v4" - network_mode = "host" - command = "tail" - ports = [ "mariadb_port" ] - args = [ - "-f", "/var/log/mysql/error.log", - ] - volumes = [ - "/mnt/glusterfs/mariadb/main/server:/var/lib/mysql", - ] - } - - template { - data = file("../config/mariadb/main/env.tpl") - destination = "secrets/env" - env = true - } - - resources { - memory = 800 - } - - service { - tags = ["mariadb"] - port = "mariadb_port" - address_mode = "host" - name = "mariadb" - check { - type = "tcp" - port = "mariadb_port" - interval = "60s" - timeout = "5s" - check_restart { - limit = 3 - grace = "90s" - ignore_warnings = false - } - } - } - } - - - task "hack" { - driver = "docker" - config { - image = "alpine/socat:1.0.5" - network_mode = "host" - ports = [ "seafile-hack_port" ] - command = "tcp6-listen:8085,fork,reuseaddr" - args = [ "tcp-connect:127.0.0.1:8083" ] - } - resources { - memory = 10 - } - service { - tags = [ - "seafile", - "traefik.enable=true", - "traefik.frontend.entryPoints=https,http", - "traefik.frontend.rule=Host:cloud.deuxfleurs.fr;PathPrefixStrip:/seafhttp" - - ] - port = "seafile-hack_port" - address_mode = "host" - name = "seafhttp" - check { - type = "tcp" - port = "seafile-hack_port" - interval = "60s" - timeout = "5s" - check_restart { - limit = 3 - grace = "90s" - ignore_warnings = false - } - } - } - - } - - task "server" { - driver = "docker" - config { - image = "superboum/amd64_seafile:v6" - network_mode = "host" - ports = [ "seafile-frontend_port", "seafile-dav_port", "seafile-seafhttp_port" ] - - ## cmd + args are used for running an instance attachable for update - # command = "/bin/sleep" - # args = ["999999"] - - mounts = [ - { - type = "bind" - source = "/mnt/glusterfs/seafile" - target = "/mnt/seafile-data" - } - ] - - volumes = [ - "secrets/conf:/srv/webstore/conf", - "secrets/ccnet:/srv/webstore/ccnet" - ] - } - - resources { - memory = 600 - } - - service { - tags = [ - "seafile", - "traefik.enable=true", - "traefik.frontend.entryPoints=https,http", - "traefik.frontend.rule=Host:cloud.deuxfleurs.fr;PathPrefix:/" - ] - port = "seafile-frontend_port" - address_mode = "host" - name = "seahub" - check { - type = "tcp" - port = "seafile-frontend_port" - interval = "60s" - timeout = "5s" - check_restart { - limit = 3 - grace = "90s" - ignore_warnings = false - } - } - } - - service { - tags = [ - "seafile", - "traefik.enable=true", - "traefik.frontend.entryPoints=https,http", - "traefik.frontend.rule=Host:cloud.deuxfleurs.fr;PathPrefix:/seafdav" - - ] - port = "seafile-dav_port" - address_mode = "host" - name = "seafdav" - check { - type = "tcp" - port = "seafile-dav_port" - interval = "60s" - timeout = "5s" - check_restart { - limit = 3 - grace = "90s" - ignore_warnings = false - } - } - } - - template { - data = file("../config/conf/ccnet.conf.tpl") - destination = "secrets/conf/ccnet.conf" - } - - template { - data = file("../config/conf/seafile.conf.tpl") - destination = "secrets/conf/seafile.conf" - } - - template { - data = file("../config/conf/seahub_settings.py.tpl") - destination = "secrets/conf/seahub_settings.py" - } - - template { - data = file("../config/ccnet/seafile.ini") - destination = "secrets/ccnet/seafile.ini" - } - template { - data = file("../config/conf/seafdav.conf") - destination = "secrets/conf/seafdav.conf" - } - template { - data = file("../config/conf/gunicorn.conf") - destination = "secrets/conf/gunicorn.conf" - } - - # ---- secrets ---- - template { - data = "{{ key \"secrets/seafile/conf/mykey.peer\" }}" - destination = "secrets/ccnet/mykey.peer" - } - - template { - data = "{{ key \"secrets/seafile/conf/mykey.peer\" }}" - destination = "secrets/conf/mykey.peer" - } - } - } -} - diff --git a/app/seafile/secrets/mariadb/main/ldap_binddn b/app/seafile/secrets/mariadb/main/ldap_binddn deleted file mode 100644 index e77ff39..0000000 --- a/app/seafile/secrets/mariadb/main/ldap_binddn +++ /dev/null @@ -1 +0,0 @@ -SERVICE_DN mysql MySQL/MariaDB database diff --git a/app/seafile/secrets/mariadb/main/ldap_bindpwd b/app/seafile/secrets/mariadb/main/ldap_bindpwd deleted file mode 100644 index c29f983..0000000 --- a/app/seafile/secrets/mariadb/main/ldap_bindpwd +++ /dev/null @@ -1 +0,0 @@ -SERVICE_PASSWORD mysql diff --git a/app/seafile/secrets/mariadb/main/mysql_pwd b/app/seafile/secrets/mariadb/main/mysql_pwd deleted file mode 100644 index ae7fd75..0000000 --- a/app/seafile/secrets/mariadb/main/mysql_pwd +++ /dev/null @@ -1 +0,0 @@ -USER mysql_pwd (what is this?) diff --git a/app/seafile/secrets/seafile/conf/mykey.peer b/app/seafile/secrets/seafile/conf/mykey.peer deleted file mode 100644 index 12f0e5f..0000000 --- a/app/seafile/secrets/seafile/conf/mykey.peer +++ /dev/null @@ -1 +0,0 @@ -USER Seafile peer key |