postgres: setup.sql do łatwego zarządzania przygotowaniem bazy danych; nginx, etherpad: mamy etherpada, rejoice
parent
14879937f4
commit
fa8d221235
|
@ -0,0 +1,42 @@
|
|||
FROM debian:jessie
|
||||
MAINTAINER Michał "rysiek" Woźniak <rysiek@hackerspace.pl>
|
||||
|
||||
ENV DEBIAN_FRONTEND noninteractive
|
||||
|
||||
# install the required packages
|
||||
RUN apt-get update \
|
||||
&& apt-get install -y --no-install-recommends nodejs git-core curl python libssl-dev pkg-config build-essential ca-certificates npm abiword
|
||||
|
||||
# yeah, we need that because bin/installDeps.sh looks for node
|
||||
# and debian has nodejs
|
||||
RUN ln -s /usr/bin/nodejs /usr/bin/node
|
||||
|
||||
# yay, clone the repo!
|
||||
RUN git clone -b release/1.5.0 --single-branch https://github.com/ether/etherpad-lite.git /opt/etherpad \
|
||||
&& rm -rf /opt/etherpad/.git
|
||||
|
||||
# make it sane, security-wise
|
||||
RUN groupadd -r etherpad \
|
||||
&& useradd -d /opt/etherpad -r -g `getent group etherpad | cut -d: -f3` etherpad
|
||||
|
||||
# config file
|
||||
ADD settings.json /opt/etherpad/settings.json
|
||||
|
||||
# entrypoint script
|
||||
ADD start.sh /opt/etherpad/start
|
||||
|
||||
# install the deps
|
||||
RUN cd /opt/etherpad/ \
|
||||
&& chown -R etherpad:etherpad ./ \
|
||||
&& chmod ug+x start \
|
||||
&& bin/installDeps.sh
|
||||
|
||||
# expose, volume
|
||||
EXPOSE 9001
|
||||
VOLUME []
|
||||
|
||||
# user, workdir
|
||||
WORKDIR "/opt/etherpad"
|
||||
|
||||
# command
|
||||
CMD ["/opt/etherpad/start"]
|
|
@ -0,0 +1,143 @@
|
|||
/*
|
||||
This file must be valid JSON. But comments are allowed
|
||||
|
||||
Please edit settings.json, not settings.json.template
|
||||
*/
|
||||
{
|
||||
// Name your instance!
|
||||
"title": "PLUG :: Etherpad",
|
||||
|
||||
// favicon default name
|
||||
// alternatively, set up a fully specified Url to your own favicon
|
||||
"favicon": "favicon.ico",
|
||||
|
||||
//IP and port which etherpad should bind at
|
||||
"ip": "0.0.0.0",
|
||||
"port" : 9001,
|
||||
|
||||
// Session Key, used for reconnecting user sessions
|
||||
// Set this to a secure string at least 10 characters long. Do not share this value.
|
||||
"sessionKey" : "ies7ieWahPh0",
|
||||
|
||||
/*
|
||||
// Node native SSL support
|
||||
// this is disabled by default
|
||||
//
|
||||
// make sure to have the minimum and correct file access permissions set
|
||||
// so that the Etherpad server can access them
|
||||
|
||||
"ssl" : {
|
||||
"key" : "/path-to-your/epl-server.key",
|
||||
"cert" : "/path-to-your/epl-server.crt"
|
||||
},
|
||||
|
||||
*/
|
||||
|
||||
//The Type of the database. You can choose between dirty, postgres, sqlite and mysql
|
||||
//You shouldn't use "dirty" for for anything else than testing or development
|
||||
"dbType" : "postgres",
|
||||
"dbType" : "postgres",
|
||||
"dbSettings" : {
|
||||
"user" : "etherpad",
|
||||
"host" : "plug-postgres",
|
||||
"password": "",
|
||||
"database": "etherpad"
|
||||
},
|
||||
|
||||
|
||||
//the default text of a pad
|
||||
"defaultPadText" : "Witamy na PLUGawym Etherpadzie,\n\nczyli notatniku w trybie multpiplayer.\n\nhttp:\/\/etherpad.org\n",
|
||||
|
||||
/* Users must have a session to access pads. This effectively allows only group pads to be accessed. */
|
||||
"requireSession" : false,
|
||||
|
||||
/* Users may edit pads but not create new ones. Pad creation is only via the API. This applies both to group pads and regular pads. */
|
||||
"editOnly" : false,
|
||||
|
||||
/* Users, who have a valid session, automatically get granted access to password protected pads */
|
||||
"sessionNoPassword" : false,
|
||||
|
||||
/* if true, all css & js will be minified before sending to the client. This will improve the loading performance massivly,
|
||||
but makes it impossible to debug the javascript/css */
|
||||
"minify" : true,
|
||||
|
||||
/* How long may clients use served javascript code (in seconds)? Without versioning this
|
||||
may cause problems during deployment. Set to 0 to disable caching */
|
||||
"maxAge" : 21600, // 60 * 60 * 6 = 6 hours
|
||||
|
||||
/* This is the path to the Abiword executable. Setting it to null, disables abiword.
|
||||
Abiword is needed to advanced import/export features of pads*/
|
||||
"abiword" : "/usr/bin/abiword",
|
||||
|
||||
/* Allow import of file types other than the supported types: txt, doc, docx, rtf, odt, html & htm */
|
||||
"allowUnknownFileEnds" : true,
|
||||
|
||||
/* This setting is used if you require authentication of all users.
|
||||
Note: /admin always requires authentication. */
|
||||
"requireAuthentication" : false,
|
||||
|
||||
/* Require authorization by a module, or a user with is_admin set, see below. */
|
||||
"requireAuthorization" : false,
|
||||
|
||||
/*when you use NginX or another proxy/ load-balancer set this to true*/
|
||||
"trustProxy" : true,
|
||||
|
||||
/* Privacy: disable IP logging */
|
||||
"disableIPlogging" : true,
|
||||
|
||||
/* Users for basic authentication. is_admin = true gives access to /admin.
|
||||
If you do not uncomment this, /admin will not be available! */
|
||||
/*
|
||||
"users": {
|
||||
"admin": {
|
||||
"password": "changeme1",
|
||||
"is_admin": true
|
||||
},
|
||||
"user": {
|
||||
"password": "changeme1",
|
||||
"is_admin": false
|
||||
}
|
||||
},
|
||||
*/
|
||||
|
||||
// restrict socket.io transport methods
|
||||
"socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
|
||||
|
||||
/* The toolbar buttons configuration.
|
||||
"toolbar": {
|
||||
"left": [
|
||||
["bold", "italic", "underline", "strikethrough"],
|
||||
["orderedlist", "unorderedlist", "indent", "outdent"],
|
||||
["undo", "redo"],
|
||||
["clearauthorship"]
|
||||
],
|
||||
"right": [
|
||||
["importexport", "timeslider", "savedrevision"],
|
||||
["settings", "embed"],
|
||||
["showusers"]
|
||||
],
|
||||
"timeslider": [
|
||||
["timeslider_export", "timeslider_returnToPad"]
|
||||
]
|
||||
},
|
||||
*/
|
||||
|
||||
/* The log level we are using, can be: DEBUG, INFO, WARN, ERROR */
|
||||
"loglevel": "INFO",
|
||||
|
||||
//Logging configuration. See log4js documentation for further information
|
||||
// https://github.com/nomiddlename/log4js-node
|
||||
// You can add as many appenders as you want here:
|
||||
"logconfig" :
|
||||
{ "appenders": [
|
||||
{ "type": "console"
|
||||
//, "category": "access"// only logs pad access
|
||||
}
|
||||
, { "type": "file"
|
||||
, "filename": "/var/log/etherpad/etherpad.log"
|
||||
, "maxLogSize": 1024
|
||||
, "backups": 3 // how many log files there're gonna be at max
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
|
@ -0,0 +1,9 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
|
||||
# make sure the logfile exists and has teh right permissions
|
||||
mkdir -p /var/log/etherpad/
|
||||
chown -R etherpad:etherpad /var/log/etherpad
|
||||
|
||||
# run etherpad
|
||||
su -c "/opt/etherpad/bin/run.sh" etherpad
|
|
@ -22,7 +22,8 @@ RUN export DEBIAN_FRONTEND=noninteractive && apt-get update && apt-get upgrade &
|
|||
RUN rm -rf /var/lib/postgresql/9.3/
|
||||
|
||||
# prep script -- will be run each time the container is started
|
||||
ADD start.sh /var/lib/start
|
||||
ADD start.sh /var/lib/start
|
||||
ADD setup.sql /var/lib/setup.sql
|
||||
|
||||
# Expose the PostgreSQL port
|
||||
EXPOSE 5432
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
-- etherpad
|
||||
CREATE USER etherpad;
|
||||
CREATE DATABASE etherpad WITH OWNER etherpad TEMPLATE template0 ENCODING 'UTF8';
|
|
@ -45,10 +45,15 @@ if [ ! -e /var/lib/postgresql/9.3/main ]; then
|
|||
# TODO: this needs to be much mroe specific for production!
|
||||
echo "host all all `hostname -I | sed 's/ //g'`/16 trust" >> /var/lib/postgresql/9.3/main/pg_hba.conf
|
||||
|
||||
#
|
||||
# create the needed databases
|
||||
#
|
||||
/etc/init.d/postgresql start
|
||||
#su -c 'psql --command "CREATE USER some_user;"' postgres
|
||||
#su -c "psql --command \"CREATE DATABASE some_db WITH OWNER some_user TEMPLATE template0 ENCODING 'UTF8';\"" postgres
|
||||
|
||||
# run the SQL
|
||||
su -c 'psql < /var/lib/setup.sql' postgres
|
||||
|
||||
# we're done
|
||||
/etc/init.d/postgresql stop
|
||||
|
||||
fi
|
||||
|
|
18
setup.sh
18
setup.sh
|
@ -52,7 +52,7 @@ if [[ "$mode" == "" || "$mode" == "--build" ]]; then
|
|||
|
||||
# budujemy nowy dom...
|
||||
cd images/
|
||||
for img in postgres php-fpm nginx pgadmin rest cron; do
|
||||
for img in postgres etherpad php-fpm nginx pgadmin rest cron; do
|
||||
# informujemy
|
||||
echo -ne "\n\n - buduję: $prefix/$img\n"
|
||||
# budujemy
|
||||
|
@ -84,6 +84,7 @@ if [[ "$mode" == "" || "$mode" == "--populate-static-data" ]]; then
|
|||
# logi
|
||||
sudo mkdir "$static_data_dir/logs/"
|
||||
sudo mkdir "$static_data_dir/logs/postgres"
|
||||
sudo mkdir "$static_data_dir/logs/etherpad"
|
||||
sudo mkdir "$static_data_dir/logs/php-fpm"
|
||||
sudo mkdir "$static_data_dir/logs/openldap"
|
||||
sudo mkdir "$static_data_dir/logs/nginx-public"
|
||||
|
@ -123,6 +124,7 @@ img_phpfpm="$prefix/php-fpm"
|
|||
img_pgadmin="$prefix/pgadmin"
|
||||
img_rest="$prefix/rest"
|
||||
img_cron="$prefix/cron"
|
||||
img_etherpad="$prefix/etherpad"
|
||||
|
||||
#
|
||||
# kontenery
|
||||
|
@ -140,9 +142,11 @@ cnt_pgadmin="$prefix-pgadmin"
|
|||
#cnt_phpfpm_ldapadmin="$prefix-ldapadmin"
|
||||
# cron
|
||||
cnt_cron="$prefix-cron"
|
||||
# cron
|
||||
cnt_etherpad="$prefix-etherpad"
|
||||
|
||||
# wszystkie
|
||||
cnt_all="$cnt_postgres $cnt_nginx_public $cnt_nginx_internal $cnt_phpfpm_frontend $cnt_rest $cnt_pgadmin $cnt_phpfpm_ldapadmin $cnt_cron"
|
||||
cnt_all="$cnt_postgres $cnt_nginx_public $cnt_nginx_internal $cnt_phpfpm_frontend $cnt_rest $cnt_pgadmin $cnt_phpfpm_ldapadmin $cnt_cron $cnt_etherpad"
|
||||
|
||||
#
|
||||
# stopujemy (w tym zawsze przy domyslnej akcji)
|
||||
|
@ -181,6 +185,13 @@ if [[ "$mode" == "" || "$mode" == "--run" ]]; then
|
|||
-v "$static_data_dir/logs/postgres":/var/log/postgresql/ \
|
||||
--name $cnt_postgres \
|
||||
$img_postgres
|
||||
|
||||
# etherpad
|
||||
docker run -d \
|
||||
-v "$static_data_dir/logs/etherpad/":/var/log/etherpad \
|
||||
--link $cnt_postgres:$cnt_postgres \
|
||||
--name $cnt_etherpad \
|
||||
$img_etherpad
|
||||
|
||||
# a teraz php-fpmy!
|
||||
# - frontend
|
||||
|
@ -227,6 +238,7 @@ if [[ "$mode" == "" || "$mode" == "--run" ]]; then
|
|||
-v "$static_data_dir/logs/nginx-public/":/var/log/nginx/ \
|
||||
-v "$static_data_dir/run/php-fpm/":/var/run/php-fpm/ \
|
||||
-v "$static_data_dir/data/php-fpm/":/opt/php/ \
|
||||
--link $cnt_etherpad:$cnt_etherpad \
|
||||
--name $cnt_nginx_public \
|
||||
$img_nginx
|
||||
|
||||
|
@ -242,7 +254,7 @@ if [[ "$mode" == "" || "$mode" == "--run" ]]; then
|
|||
$img_nginx
|
||||
|
||||
# - cron
|
||||
# czy powinien mieć dostęp do db i ldapa?
|
||||
# TODO: czy powinien mieć dostęp do db i ldapa?
|
||||
docker run -d \
|
||||
-v "$static_data_dir/data/cron/d/":/etc/cron.d/ \
|
||||
-v "$static_data_dir/data/cron/daily/":/etc/cron.daily/ \
|
||||
|
|
|
@ -23,4 +23,14 @@ server {
|
|||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
include fastcgi_params;
|
||||
}
|
||||
|
||||
# tymczasowo, do póki nie mamy wildcardów na domenie
|
||||
location /pad {
|
||||
rewrite /pad/(.*) /$1 break;
|
||||
rewrite ^/pad$ /pad/ permanent;
|
||||
proxy_pass http://plug-etherpad:9001/;
|
||||
proxy_redirect / /pad/;
|
||||
proxy_set_header Host $host;
|
||||
proxy_buffering off;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,20 @@
|
|||
#
|
||||
# etherpad
|
||||
# TODO: czekamy na wildcarda na domenie, ażeby mieć pad.nazwa.domeny
|
||||
# tymczasem nieużywany
|
||||
#
|
||||
#
|
||||
# server {
|
||||
#
|
||||
# listen 80;
|
||||
# server_name pad.shire.linux.org.pl;
|
||||
# root /usr/share/nginx/html;
|
||||
# access_log /var/log/nginx/etherpad-access.log;
|
||||
# error_log /var/log/nginx/etherpad-error.log;
|
||||
#
|
||||
# location / {
|
||||
# proxy_pass http://plug-etherpad:9001/;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_buffering off;
|
||||
# }
|
||||
# }
|
Loading…
Reference in New Issue