Page MenuHomeDevCentral

D2016.diff
No OneTemporary

D2016.diff

diff --git a/PORTS b/PORTS
--- a/PORTS
+++ b/PORTS
@@ -25,6 +25,7 @@
24180 Tommy HTTP - CD
25080 Auth Grove HTTP
26080 Sentry HTTP
+ 30080 Pixelfed HTTP
31080 Phabricator HTTP - DevCentral
33080 Bugzilla HTTP - Espace Win
34080 Etherpad
diff --git a/pillar/credentials/zr.sls b/pillar/credentials/zr.sls
--- a/pillar/credentials/zr.sls
+++ b/pillar/credentials/zr.sls
@@ -34,6 +34,12 @@
mailgun: 82
sentry: 141
+ # photos.nasqueron.org
+ pixelfed:
+ mysql: 142
+ app_key: 143
+ mailgun: 145
+
# sentry.nasqueron.org
sentry:
postgresql: 139
diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls
--- a/pillar/paas/docker.sls
+++ b/pillar/paas/docker.sls
@@ -56,6 +56,9 @@
- nasqueron/jenkins-slave-rust
- nasqueron/tommy
+ # Pixelfed
+ - nasqueron/pixelfed
+
# Sentry
- library/sentry
- tianon/exim4
@@ -366,6 +369,24 @@
app_port: 9090
host: xmpp.nasqueron.org
+ # Pixelfed
+ pixelfed:
+ pixelfed:
+ app_port: 30080
+ host: photos.nasqueron.org
+ aliases:
+ - photo.nasqueron.org
+ links:
+ mysql: acquisitariat
+ redis: pixelfed_redis
+ credentials:
+ app_key: nasqueron.pixelfed.app_key
+ mailgun: nasqueron.pixelfed.mailgun
+ mysql: nasqueron.pixelfed.mysql
+ app:
+ title: Nasqueron Photos
+ max_album_length: 16
+
# Sentry
# The Sentry instance uses a Redis and a PostgreSQL instance,
# declared above.
diff --git a/roles/paas-docker/containers/pixelfed.sls b/roles/paas-docker/containers/pixelfed.sls
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/pixelfed.sls
@@ -0,0 +1,100 @@
+# -------------------------------------------------------------
+# Salt — Provision Docker engine
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2018-11-12
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
+{% set containers = pillar['docker_containers'][grains['id']] %}
+
+{% for instance, container in containers['pixelfed'].items() %}
+
+# -------------------------------------------------------------
+# Data directory
+#
+# The uid/gid pair depends of the image base:
+#
+# - library/php + fpm: 82:85
+# - library/php + Apache: 33:33
+# - nasqueron/nginx-php7-fpm: 431:433
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/srv/{{ instance }}/storage:
+ file.directory:
+ - user: 431
+ - group: 433
+ - makedirs: True
+
+{% if has_selinux %}
+selinux_context_{{ instance }}_data:
+ selinux.fcontext_policy_present:
+ - name: /srv/{{ instance }}/storage
+ - sel_type: container_file_t
+
+selinux_context_{{ instance }}_data_applied:
+ selinux.fcontext_policy_applied:
+ - name: /srv/{{ instance }}/storage
+{% endif %}
+
+# -------------------------------------------------------------
+# Web container
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{{ instance }}:
+ docker_container.running:
+ - detach: True
+ - interactive: True
+ - image: nasqueron/pixelfed
+ - links:
+ - {{ container['links']['redis'] }}:redis
+ - {{ container['links']['mysql'] }}:mysql
+ - environment:
+ - DB_DRIVER: mysql
+ - DB_HOST: mysql
+ - DB_PORT: 3306
+ - DB_DATABASE: {{ instance }}
+ - DB_USERNAME: {{ salt['zr.get_username'](container['credentials']['mysql']) }}
+ - DB_PASSWORD: {{ salt['zr.get_password'](container['credentials']['mysql']) }}
+
+ # Port must be defined, as Docker link populates REDIS_PORT to tcp://...:6379
+ # That gives the following rather strange connection string:
+ # tcp://redis:tcp://172.17.0.29:6379
+ - REDIS_HOST: redis
+ - REDIS_PORT: 6379
+
+ - APP_DOMAIN: {{ container['host'] }}
+ - APP_KEY: {{ salt['zr.get_token'](container['credentials']['app_key']) }}
+ - APP_NAME: {{ container['app']['title'] }}
+ - APP_URL: https://{{ container['host'] }}
+
+ - BROADCAST_DRIVER: redis
+ - CACHE_DRIVER: redis
+ - QUEUE_DRIVER: redis
+
+ - LOG_CHANNEL: 'daily'
+
+ - MAIL_DRIVER: smtp
+ - MAIL_HOST: smtp.eu.mailgun.org
+ - MAIL_PORT: 587
+ - MAIL_USERNAME: {{ salt['zr.get_username'](container['credentials']['mailgun']) }}
+ - MAIL_PASSWORD: {{ salt['zr.get_password'](container['credentials']['mailgun']) }}
+ - MAIL_FROM_ADDRESS: no-reply@{{ container['host'] }}
+ - MAIL_FROM_NAME: {{ container['app']['title'] }}
+
+ - SESSION_DRIVER: redis
+ - SESSION_DOMAIN: {{ container['host'] }}
+ - SESSION_SECURE_COOKIE: true
+
+ - TRUST_PROXIES: '*'
+ - HTTPS: 1
+
+ - MAX_ALBUM_LENGTH: {{ container['app']['max_album_length'] }}
+ - binds: /srv/{{ instance }}/storage:/var/wwwroot/default/storage
+ - ports:
+ - 80
+ - port_bindings:
+ - {{ container['app_port'] }}:80
+
+{% endfor %}
diff --git a/roles/paas-docker/nginx/files/vhosts/pixelfed.conf b/roles/paas-docker/nginx/files/vhosts/pixelfed.conf
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/nginx/files/vhosts/pixelfed.conf
@@ -0,0 +1 @@
+{% include 'roles/paas-docker/nginx/files/vhosts/_default.conf' %}

File Metadata

Mime Type
text/plain
Expires
Mon, Dec 23, 21:42 (18 h, 42 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2313200
Default Alt Text
D2016.diff (5 KB)

Event Timeline