Page MenuHomeDevCentral
Files F24894951

No OneTemporary
Actions

View Options

diff --git a/roles/paas-docker/containers/files/phabricator/devcentral/config.json.jinja b/roles/paas-docker/containers/files/phabricator/devcentral/config.json.jinja
index e8bef58..c8ebfd6 100644
--- a/roles/paas-docker/containers/files/phabricator/devcentral/config.json.jinja
+++ b/roles/paas-docker/containers/files/phabricator/devcentral/config.json.jinja
@@ -1,69 +1,70 @@
{
"cluster.mailers": [
{
"key": "nasqueron-mailgun",
"type": "mailgun",
"priority": 5,
"options": {
"domain": "{{ mailgun.domain }}",
"api-key": "{{ mailgun["api-key"] }}"
}
},
{
"key": "nasqueron-local",
"type": "smtp",
"priority": 10,
"options": {
"host": "{{ smtp.host }}",
"port": {{ smtp.port }},
"user": "{{ smtp.username }}",
"password": "{{ smtp.password }}",
"protocol": "tls"
}
}
],
"config.ignore-issues": [],
"diffusion.ssh-port": 5022,
"diffusion.ssh-user": "vcs",
"feed.http-hooks": [
"https://notifications.nasqueron.org/gate/Phabricator/Nasqueron"
],
"metamta.reply-handler-domain": "{{ fqdn }}",
"metamta.default-address": "notifications-noreply@{{ fqdn }}",
"mysql.host": "{{ db.host }}",
"mysql.user": "{{ db.username }}",
"mysql.pass": "{{ db.password }}",
"notification.servers": [
{
"type": "client",
"host": "{{ fqdn }}",
"port": 443,
"protocol": "https",
"path": "/ws/"
},
{
"type": "admin",
"host": "aphlict.nasqueron.org",
"port": 22281,
"protocol": "http"
}
],
"phabricator.show-prototypes": true,
"phabricator.base-uri": "https://{{ fqdn }}/",
"phd.user": "app",
"pygments.enabled": true,
"storage.default-namespace": "{{ storage.namespace }}",
+ "storage.local-disk.path": "/var/files",
"security.alternate-file-domain": "https://{{ static_host }}"
}
diff --git a/roles/paas-docker/containers/phabricator.sls b/roles/paas-docker/containers/phabricator.sls
index d1568a6..0872057 100644
--- a/roles/paas-docker/containers/phabricator.sls
+++ b/roles/paas-docker/containers/phabricator.sls
@@ -1,114 +1,121 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-09-06
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% for instance, container in pillar['docker_containers']['phabricator'].items() %}
{% set create_container = "skip_container" not in container or not container['skip_container'] %}
# -------------------------------------------------------------
# Storage directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/srv/phabricator/{{ instance }}:
file.directory:
- user: 431
- group: 433
- makedirs: True
+/srv/phabricator/{{ instance }}/files:
+ file.directory:
+ - user: 431
+ - group: 433
+
{% if "config_managed" in container %}
/srv/phabricator/{{ instance }}/conf/local/local.json:
file.managed:
- source: salt://roles/paas-docker/containers/files/phabricator/{{ instance }}/config.json.jinja
- template: jinja
- context:
fqdn: {{ container["host"] }}
+ instance: {{ instance }}
static_host: {{ container["static_host"] }}
storage: {{ container["storage"] }}
db:
host: "mysql"
username: "{{ salt["credentials.get_username"](container["credentials"]["mysql"]) }}"
password: "{{ salt["credentials.get_password"](container["credentials"]["mysql"]) }}"
{% if "mailgun" in container["credentials"] %}
mailgun:
domain: {{ container["host"] }}
api-key: "{{ salt["credentials.get_password"](container["credentials"]["mailgun"]) }}"
{% endif %}
{% if "smtp" in container["credentials"] %}
smtp:
host: mail.nasqueron.org
port: 587
username: "{{ salt["credentials.get_username"](container["credentials"]["smtp"]) }}"
password: "{{ salt["credentials.get_password"](container["credentials"]["smtp"]) }}"
{% endif %}
{% endif %}
{% if has_selinux %}
selinux_context_{{ instance }}_data:
selinux.fcontext_policy_present:
- name: /srv/phabricator/{{ instance }}
- sel_type: container_file_t
selinux_context_{{ instance }}_data_applied:
selinux.fcontext_policy_applied:
- name: /srv/phabricator/{{ instance }}
{% endif %}
# -------------------------------------------------------------
# Container
#
# /!\ DEVCENTRAL DEPLOYMENT ISSUE /!\
#
# The DevCentral container is currently not managed
# by a reproducible Dockerfile. As such, this container
# is deployed manually from the registry. See T1547.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{% if create_container %}
{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
- image: nasqueron/phabricator
- binds:
- /srv/phabricator/{{ instance }}/conf:/opt/phabricator/conf
- /srv/phabricator/{{ instance }}/repo:/var/repo
+ - /srv/phabricator/{{ instance }}/files:/var/files
- environment:
PHABRICATOR_URL: https://{{ container['host'] }}
PHABRICATOR_TITLE: {{ container['title'] }}
PHABRICATOR_DOMAIN: {{ container['host'] }}
PHABRICATOR_ALT_FILE_DOMAIN: https://{{ container['static_host'] }}
DB_USER: {{ salt['credentials.get_username'](container['credentials']['mysql']) }}
DB_PASS: {{ salt['credentials.get_password'](container['credentials']['mysql']) }}
PHABRICATOR_STORAGE_NAMESPACE: {{ container['storage']['namespace'] }}
{% if container['mailer'] == 'sendgrid' %}
PHABRICATOR_USE_SENDGRID: 1
PHABRICATOR_SENDGRID_APIUSER: {{ salt['credentials.get_username'](container['credentials']['sendgrid']) }}
PHABRICATOR_SENDGRID_APIKEY: {{ salt['credentials.get_password'](container['credentials']['sendgrid']) }}
{% elif container['mailer'] == 'mailgun' %}
PHABRICATOR_USE_MAILGUN: 1
PHABRICATOR_MAILGUN_APIKEY: {{ salt['credentials.get_token'](container['credentials']['mailgun']) }}
{% endif %}
- links: {{ container['mysql_link'] }}:mysql
- ports:
- 80
- port_bindings:
- {{ container['app_port'] }}:80
{% endif %}
{% endfor %}
diff --git a/roles/phabricator/containers/files/run-devcentral.sh b/roles/phabricator/containers/files/run-devcentral.sh
index edd2aae..a182d20 100755
--- a/roles/phabricator/containers/files/run-devcentral.sh
+++ b/roles/phabricator/containers/files/run-devcentral.sh
@@ -1,100 +1,101 @@
#!/bin/sh
# -------------------------------------------------------------
# Phabricator — Nasqueron instance
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Author: Sébastien Santoro aka Dereckson
# Project: Nasqueron
# Created: 2015-04-22
# Description: Phabricator instance for Nasqueron
# License: Trivial work, not eligible to copyright
# Image: nasqueron/phabricator
# Source file: roles/phabricator/containers/files/run-devcentral.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
# -------------------------------------------------------------
# Container parameters
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#IMAGE=nasqueron/phabricator
-IMAGE=nasqueron/devcentral:2022-03-28.init-fix
+IMAGE=nasqueron/devcentral:2025-10-02
INSTANCE_NAME=devcentral
PORT=31080
DOMAIN=$INSTANCE_NAME.nasqueron.org
DATA_DIRECTORY=/srv/phabricator/$INSTANCE_NAME
MYSQL_INSTANCE=acquisitariat
# -------------------------------------------------------------
# Phabricator parameters
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-PHABRICATOR_URL=http://$DOMAIN
+PHABRICATOR_URL=https://$DOMAIN
PHABRICATOR_TITLE="Nasqueron DevCentral"
PHABRICATOR_ALT_FILE_DOMAIN="https://devcentral.nasqueron-user-content.org/"
# -------------------------------------------------------------
# Deployment of our Phabricator code parameters
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
REPO_LOGIN=git
REPO_HOST=bitbucket.org
PHABRICATOR_PROD_REPO="ssh://git@bitbucket.org/nasqueron/devcentral-phabricator"
PHABRICATOR_PROD_BRANCH=production
# -------------------------------------------------------------
# Ensure container isn't already running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
docker-container-status $INSTANCE_NAME > /dev/null
if [ "$?" -lt 2 ]; then
echo "Container is already running."
echo "To force relaunch, try docker stop $INSTANCE_NAME ; docker rm $INSTANCE_NAME ; $0"
exit 1
fi
# -------------------------------------------------------------
# Container launch
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
docker run -t -d \
--link $MYSQL_INSTANCE:mysql \
-v $DATA_DIRECTORY/repo:/var/repo \
-v $DATA_DIRECTORY/conf:/opt/phabricator/conf \
+ -v $DATA_DIRECTORY/files:/var/files \
-p $PORT:80 \
-p 5022:5022 \
-e PHABRICATOR_URL=$PHABRICATOR_URL \
-e PHABRICATOR_TITLE="$PHABRICATOR_TITLE" \
-e PHABRICATOR_ALT_FILE_DOMAIN="$PHABRICATOR_ALT_FILE_DOMAIN" \
-e PHABRICATOR_PROD_REPO=$PHABRICATOR_PROD_REPO \
-e PHABRICATOR_PROD_BRANCH=$PHABRICATOR_PROD_BRANCH \
-e PHABRICATOR_USE_MAILGUN=1 \
-e PHABRICATOR_DOMAIN=$DOMAIN \
--name $INSTANCE_NAME $IMAGE /usr/local/sbin/runsvdir-init
# -------------------------------------------------------------
# DevCentral specific branch deployment
#
# Deploys our version
# As we change static resources, restart php-fpm is a good idea:
# if someone asks the page while we were pulling our version,
# the old celerity map would be kept by APCu.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
docker exec $INSTANCE_NAME sh -c 'mkdir -p /root/.ssh && \
cp /opt/phabricator/conf/deploy-keys/* /root/.ssh'
docker exec $INSTANCE_NAME ssh -o StrictHostKeyChecking=no ${REPO_LOGIN}@${REPO_HOST}
docker exec $INSTANCE_NAME sh -c 'cd /opt/phabricator && \
git remote add private "$PHABRICATOR_PROD_REPO" && \
git fetch --all && \
git checkout $PHABRICATOR_PROD_BRANCH && \
sv restart php-fpm && sv restart phd'
echo "Deployment done at $(date)."
exit 0

File Metadata

Mime Type
text/x-diff
Expires
Wed, Mar 18, 13:25 (14 h, 14 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3540011
Default Alt Text
(10 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator