redbrick/nomad
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

hedgedoc: update to latest, move db, fix backups (#66)

Browse source
This commit is contained in:
wizzdom 2024-10-15 12:52:46 +01:00 committed by GitHub
parent 33b05a1d3e
commit 29d57b8081
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 45 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
jobs/services/hedgedoc-backup.hcl
View file

@ -20,9 +20,9 @@ job "hedgedoc-backup" {
data = <<EOH data = <<EOH
#!/bin/bash #!/bin/bash
file=/storage/backups/nomad/postgres/hedgedoc/postgresql-hedgedoc-$(date +%Y-%m-%d_%H-%M-%S).sql file=/storage/backups/nomad/hedgedoc/postgresql-hedgedoc-$(date +%Y-%m-%d_%H-%M-%S).sql
mkdir -p /storage/backups/nomad/postgres/hedgedoc mkdir -p /storage/backups/nomad/hedgedoc
alloc_id=$(nomad job status hedgedoc | grep running | tail -n 1 | cut -d " " -f 1) alloc_id=$(nomad job status hedgedoc | grep running | tail -n 1 | cut -d " " -f 1)
@ -30,7 +30,7 @@ job_name=$(echo ${NOMAD_JOB_NAME} | cut -d "/" -f 1)
nomad alloc exec -task hedgedoc-db $alloc_id pg_dumpall -U {{ key "hedgedoc/db/user" }} > "${file}" nomad alloc exec -task hedgedoc-db $alloc_id pg_dumpall -U {{ key "hedgedoc/db/user" }} > "${file}"
find /storage/backups/nomad/postgres/hedgedoc/postgresql-hedgedoc* -ctime +3 -exec rm {} \; || true find /storage/backups/nomad/hedgedoc/postgresql-hedgedoc* -ctime +3 -exec rm {} \; || true
if [ -s "$file" ]; then # check if file exists and is not empty if [ -s "$file" ]; then # check if file exists and is not empty
echo "Backup successful" echo "Backup successful"

80
jobs/services/hedgedoc.hcl
View file

@ -21,7 +21,7 @@ job "hedgedoc" {
check { check {
type = "http" type = "http"
path = "/" path = "/_health"
interval = "10s" interval = "10s"
timeout = "2s" timeout = "2s"
} }
@ -41,42 +41,51 @@ job "hedgedoc" {
task "app" { task "app" {
driver = "docker" driver = "docker"
constraint {
attribute = "${attr.unique.hostname}"
value = "chell"
}
config { config {
image = "quay.io/hedgedoc/hedgedoc:1.6.0" image = "quay.io/hedgedoc/hedgedoc:1.10.0"
ports = ["http"] ports = ["http"]
} }
template { template {
data = <<EOH data = <<EOH
CMD_IMAGE_UPLOAD_TYPE = "imgur" CMD_DB_URL = "postgres://{{ key "hedgedoc/db/user" }}:{{ key "hedgedoc/db/password" }}@{{ env "NOMAD_ADDR_db" }}/{{ key "hedgedoc/db/name" }}"
CMD_IMGUR_CLIENTID = "{{ key "hedgedoc/imgur/clientid" }}" CMD_ALLOW_FREEURL = "false"
CMD_IMGUR_CLIENTSECRET = "{{ key "hedgedoc/imgur/clientsecret" }}" CMD_FORBIDDEN_NOTE_IDS = ['robots.txt', 'favicon.ico', 'api', 'build', 'css', 'docs', 'fonts', 'js', 'uploads', 'vendor', 'views', 'auth']
CMD_DB_URL = "postgres://{{ key "hedgedoc/db/user" }}:{{ key "hedgedoc/db/password" }}@{{ env "NOMAD_ADDR_db" }}/{{ key "hedgedoc/db/name" }}" CMD_DOMAIN = "md.redbrick.dcu.ie"
CMD_ALLOW_FREEURL = "false" CMD_ALLOW_ORIGIN = ["redbrick.dcu.ie", "rb.dcu.ie"]
CMD_DEFAULT_PERMISSION = "private" CMD_USE_CDN = "true"
CMD_DOMAIN = "md.redbrick.dcu.ie" CMD_PROTOCOL_USESSL = "true"
CMD_ALLOW_ORIGIN = ["md.redbrick.dcu.ie", "md.rb.dcu.ie"] CMD_URL_ADDPORT = "false"
CMD_HSTS_PRELOAD = "true" CMD_LOG_LEVEL = "debug"
CMD_USE_CDN = "true" CMD_ENABLE_STATS_API = "true"
CMD_PROTOCOL_USESSL = "true"
CMD_URL_ADDPORT = "false" # Accounts
CMD_ALLOW_EMAIL_REGISTER = "false" CMD_ALLOW_EMAIL_REGISTER = "false"
CMD_ALLOW_ANONYMOUS = "false" CMD_ALLOW_ANONYMOUS = "false"
CMD_EMAIL = "false" CMD_ALLOW_ANONYMOUS_EDITS = "false"
CMD_LDAP_URL = "{{ key "hedgedoc/ldap/url" }}" CMD_EMAIL = "false"
CMD_LDAP_SEARCHBASE = "ou=accounts,o=redbrick" CMD_LDAP_URL = "{{ key "hedgedoc/ldap/url" }}"
CMD_LDAP_SEARCHFILTER = "{{`(uid={{username}})`}}" CMD_LDAP_SEARCHBASE = "ou=accounts,o=redbrick"
CMD_LDAP_PROVIDERNAME = "Redbrick" CMD_LDAP_SEARCHFILTER = "{{`(uid={{username}})`}}"
CMD_LDAP_USERIDFIELD = "uidNumber" CMD_LDAP_PROVIDERNAME = "Redbrick"
CMD_LDAP_USERNAMEFIELD = "uid" CMD_LDAP_USERIDFIELD = "uidNumber"
CMD_ALLOW_GRAVATAR = "true" CMD_LDAP_USERNAMEFIELD = "uid"
CMD_SESSION_SECRET = "{{ key "hedgedoc/session/secret" }}" CMD_SESSION_SECRET = "{{ key "hedgedoc/session/secret" }}"
CMD_LOG_LEVEL = "debug" CMD_DEFAULT_PERMISSION = "private"
# Security/Privacy
CMD_HSTS_PRELOAD = "true"
CMD_CSP_ENABLE = "true"
CMD_HSTS_INCLUDE_SUBDOMAINS = "true"
CMD_CSP_ADD_DISQUS = "false"
CMD_CSP_ADD_GOOGLE_ANALYTICS= "false"
CMD_CSP_ALLOW_PDF_EMBED = "true"
CMD_ALLOW_GRAVATAR = "true"
# Uploads
CMD_IMAGE_UPLOAD_TYPE = "imgur"
CMD_IMGUR_CLIENTID = "{{ key "hedgedoc/imgur/clientid" }}"
CMD_IMGUR_CLIENTSECRET = "{{ key "hedgedoc/imgur/clientsecret" }}"
EOH EOH
destination = "local/.env" destination = "local/.env"
env = true env = true
@ -86,17 +95,12 @@ EOH
task "hedgedoc-db" { task "hedgedoc-db" {
driver = "docker" driver = "docker"
constraint {
attribute = "${attr.unique.hostname}"
value = "chell"
}
config { config {
image = "postgres:9.6-alpine" image = "postgres:13.4-alpine"
ports = ["db"] ports = ["db"]
volumes = [ volumes = [
"/opt/postgres/hedgedoc:/var/lib/postgresql/data" "/storage/nomad/hedgedoc:/var/lib/postgresql/data",
] ]
} }