Config fixes.
- Adding front_end_dir to settings. - Adding unit test for PasswordResetRequest encryption. - Readme points to lemmy.hjson - Fixing docker prod, dev, and ansible builds. - Removing redundant env files, as all config is now in a single file. - Some formatting fixes.
This commit is contained in:
parent
f18ebed740
commit
6248392992
14 changed files with 90 additions and 64 deletions
12
README.md
vendored
12
README.md
vendored
|
@ -120,7 +120,7 @@ Make sure you have both docker and docker-compose(>=`1.24.0`) installed:
|
|||
mkdir lemmy/
|
||||
cd lemmy/
|
||||
wget https://raw.githubusercontent.com/dessalines/lemmy/master/docker/prod/docker-compose.yml
|
||||
wget https://raw.githubusercontent.com/dessalines/lemmy/master/docker/prod/.env
|
||||
wget https://raw.githubusercontent.com/dessalines/lemmy/master/docker/lemmy.hjson
|
||||
# Edit the .env if you want custom passwords
|
||||
docker-compose up -d
|
||||
```
|
||||
|
@ -225,16 +225,12 @@ cd lemmy
|
|||
|
||||
## Configuration
|
||||
|
||||
The configuration is based on the file [defaults.hjson](server/config/defaults.hjson). This file also contains
|
||||
documentation for all the available options. To override the defaults, you can copy the options you want to change
|
||||
into your local `config.hjson` file.
|
||||
The configuration is based on the file [defaults.hjson](server/config/defaults.hjson). This file also contains documentation for all the available options. To override the defaults, you can copy the options you want to change into your local `config.hjson` file.
|
||||
|
||||
Additionally, you can override any config files with environment variables. These have the same name as the config
|
||||
options, and are prefixed with `LEMMY_`. For example, you can override the `database.password` with
|
||||
Additionally, you can override any config files with environment variables. These have the same name as the config options, and are prefixed with `LEMMY_`. For example, you can override the `database.password` with
|
||||
`LEMMY__DATABASE__POOL_SIZE=10`.
|
||||
|
||||
An additional option `LEMMY_DATABASE_URL` is available, which can be used with a PostgreSQL connection string like
|
||||
`postgres://lemmy:password@lemmy_db:5432/lemmy`, passing all connection details at once.
|
||||
An additional option `LEMMY_DATABASE_URL` is available, which can be used with a PostgreSQL connection string like `postgres://lemmy:password@lemmy_db:5432/lemmy`, passing all connection details at once.
|
||||
|
||||
## Documentation
|
||||
|
||||
|
|
11
ansible/lemmy.yml
vendored
11
ansible/lemmy.yml
vendored
|
@ -32,22 +32,13 @@
|
|||
- name: add all template files
|
||||
template: src={{item.src}} dest={{item.dest}}
|
||||
with_items:
|
||||
- { src: 'templates/env', dest: '/lemmy/.env' }
|
||||
- { src: 'templates/config.hjson', dest: '/lemmy/config.hjson' }
|
||||
- { src: '../docker/lemmy.hjson', dest: '/lemmy/lemmy.hjson' }
|
||||
- { src: '../docker/prod/docker-compose.yml', dest: '/lemmy/docker-compose.yml' }
|
||||
- { src: 'templates/nginx.conf', dest: '/etc/nginx/sites-enabled/lemmy.conf' }
|
||||
vars:
|
||||
postgres_password: "{{ lookup('password', 'passwords/{{ inventory_hostname }}/postgres chars=ascii_letters,digits') }}"
|
||||
jwt_password: "{{ lookup('password', 'passwords/{{ inventory_hostname }}/jwt chars=ascii_letters,digits') }}"
|
||||
|
||||
- name: set env file permissions
|
||||
file:
|
||||
path: "/lemmy/.env"
|
||||
state: touch
|
||||
mode: 0600
|
||||
access_time: preserve
|
||||
modification_time: preserve
|
||||
|
||||
- name: enable and start docker service
|
||||
systemd:
|
||||
name: docker
|
||||
|
|
2
ansible/templates/env
vendored
2
ansible/templates/env
vendored
|
@ -1,2 +0,0 @@
|
|||
DATABASE_PASSWORD={{ postgres_password }}
|
||||
LEMMY_FRONT_END_DIR=/app/dist
|
5
docker/dev/.env
vendored
5
docker/dev/.env
vendored
|
@ -1,5 +0,0 @@
|
|||
LEMMY_DOMAIN=my_domain
|
||||
LEMMY_DATABASE_PASSWORD=password
|
||||
LEMMY_DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy
|
||||
LEMMY_JWT_SECRET=changeme
|
||||
LEMMY_FRONT_END_DIR=/app/dist
|
2
docker/dev/config/config.hjson
vendored
2
docker/dev/config/config.hjson
vendored
|
@ -1,2 +0,0 @@
|
|||
{
|
||||
}
|
6
docker/dev/docker-compose.yml
vendored
6
docker/dev/docker-compose.yml
vendored
|
@ -5,7 +5,7 @@ services:
|
|||
image: postgres:12-alpine
|
||||
environment:
|
||||
- POSTGRES_USER=lemmy
|
||||
- POSTGRES_PASSWORD=${LEMMY_DATABASE_PASSWORD}
|
||||
- POSTGRES_PASSWORD=password
|
||||
- POSTGRES_DB=lemmy
|
||||
volumes:
|
||||
- lemmy_db:/var/lib/postgresql/data
|
||||
|
@ -16,11 +16,9 @@ services:
|
|||
dockerfile: docker/dev/Dockerfile
|
||||
ports:
|
||||
- "127.0.0.1:8536:8536"
|
||||
env_file:
|
||||
- .env
|
||||
restart: always
|
||||
volumes:
|
||||
- ./config/config.hjson:/config/config.hjson:ro
|
||||
- ../lemmy.hjson:/config/config.hjson:ro
|
||||
depends_on:
|
||||
- lemmy_db
|
||||
lemmy_pictshare:
|
||||
|
|
56
docker/lemmy.hjson
vendored
Normal file
56
docker/lemmy.hjson
vendored
Normal file
|
@ -0,0 +1,56 @@
|
|||
{
|
||||
database: {
|
||||
# username to connect to postgres
|
||||
user: "lemmy"
|
||||
# password to connect to postgres
|
||||
password: "password"
|
||||
# host where postgres is running
|
||||
host: "lemmy_db"
|
||||
# port where postgres can be accessed
|
||||
port: 5432
|
||||
# name of the postgres database for lemmy
|
||||
database: "lemmy"
|
||||
# maximum number of active sql connections
|
||||
pool_size: 5
|
||||
}
|
||||
# the domain name of your instance (eg "dev.lemmy.ml")
|
||||
hostname: "rrr"
|
||||
# address where lemmy should listen for incoming requests
|
||||
bind: "0.0.0.0"
|
||||
# port where lemmy should listen for incoming requests
|
||||
port: 8536
|
||||
# json web token for authorization between server and client
|
||||
jwt_secret: "changeme"
|
||||
# The dir for the front end
|
||||
front_end_dir: "/app/dist"
|
||||
# whether to enable activitypub federation. this feature is in alpha, do not enable in production, as might
|
||||
# cause problems like remote instances fetching and permanently storing bad data.
|
||||
federation_enabled: false
|
||||
# rate limits for various user actions, by user ip
|
||||
rate_limit: {
|
||||
# maximum number of messages created in interval
|
||||
message: 30
|
||||
# interval length for message limit
|
||||
message_per_second: 60
|
||||
# maximum number of posts created in interval
|
||||
post: 6
|
||||
# interval length for post limit
|
||||
post_per_second: 600
|
||||
# maximum number of registrations in interval
|
||||
register: 3
|
||||
# interval length for registration limit
|
||||
register_per_second: 3600
|
||||
}
|
||||
# # email sending configuration
|
||||
# email: {
|
||||
# # hostname of the smtp server
|
||||
# smtp_server: ""
|
||||
# # login name for smtp server
|
||||
# smtp_login: ""
|
||||
# # password to login to the smtp server
|
||||
# smtp_password: ""
|
||||
# # address to send emails from, eg "info@your-instance.com"
|
||||
# smtp_from_address: ""
|
||||
# }
|
||||
}
|
||||
|
5
docker/prod/.env
vendored
5
docker/prod/.env
vendored
|
@ -1,5 +0,0 @@
|
|||
LEMMY_DOMAIN=my_domain
|
||||
LEMMY_DATABASE_PASSWORD=password
|
||||
LEMMY_DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy
|
||||
LEMMY_JWT_SECRET=changeme
|
||||
LEMMY_FRONT_END_DIR=/app/dist
|
6
docker/prod/docker-compose.yml
vendored
6
docker/prod/docker-compose.yml
vendored
|
@ -5,7 +5,7 @@ services:
|
|||
image: postgres:12-alpine
|
||||
environment:
|
||||
- POSTGRES_USER=lemmy
|
||||
- POSTGRES_PASSWORD=${DATABASE_PASSWORD}
|
||||
- POSTGRES_PASSWORD=password
|
||||
- POSTGRES_DB=lemmy
|
||||
volumes:
|
||||
- lemmy_db:/var/lib/postgresql/data
|
||||
|
@ -14,11 +14,9 @@ services:
|
|||
image: dessalines/lemmy:v0.5.0.3
|
||||
ports:
|
||||
- "127.0.0.1:8536:8536"
|
||||
env_file:
|
||||
- .env
|
||||
restart: always
|
||||
volumes:
|
||||
- ./config.hjson:/config/config.hjson:ro
|
||||
- ./lemmy.hjson:/config/config.hjson:ro
|
||||
depends_on:
|
||||
- lemmy_db
|
||||
lemmy_pictshare:
|
||||
|
|
14
server/config/defaults.hjson
vendored
14
server/config/defaults.hjson
vendored
|
@ -22,23 +22,25 @@
|
|||
port: 8536
|
||||
# json web token for authorization between server and client
|
||||
jwt_secret: "changeme"
|
||||
# The dir for the front end
|
||||
front_end_dir: "../ui/dist"
|
||||
# whether to enable activitypub federation. this feature is in alpha, do not enable in production, as might
|
||||
# cause problems like remote instances fetching and permanently storing bad data.
|
||||
federation_enabled: false
|
||||
# rate limits for various user actions, by user ip
|
||||
rate_limit: {
|
||||
# maximum number of messages created in interval
|
||||
message: 30,
|
||||
message: 30
|
||||
# interval length for message limit
|
||||
message_per_second: 60,
|
||||
message_per_second: 60
|
||||
# maximum number of posts created in interval
|
||||
post: 6,
|
||||
post: 6
|
||||
# interval length for post limit
|
||||
post_per_second: 600,
|
||||
post_per_second: 600
|
||||
# maximum number of registrations in interval
|
||||
register: 3,
|
||||
register: 3
|
||||
# interval length for registration limit
|
||||
register_per_second: 3600,
|
||||
register_per_second: 3600
|
||||
}
|
||||
# # email sending configuration
|
||||
# email: {
|
||||
|
|
|
@ -104,23 +104,20 @@ mod tests {
|
|||
|
||||
let inserted_user = User_::create(&conn, &new_user).unwrap();
|
||||
|
||||
let new_password_reset_request = PasswordResetRequestForm {
|
||||
user_id: inserted_user.id,
|
||||
token_encrypted: "no".into(),
|
||||
};
|
||||
let token = "nope";
|
||||
let token_encrypted_ = "ca3704aa0b06f5954c79ee837faa152d84d6b2d42838f0637a15eda8337dbdce";
|
||||
|
||||
let inserted_password_reset_request =
|
||||
PasswordResetRequest::create(&conn, &new_password_reset_request).unwrap();
|
||||
PasswordResetRequest::create_token(&conn, inserted_user.id, token).unwrap();
|
||||
|
||||
let expected_password_reset_request = PasswordResetRequest {
|
||||
id: inserted_password_reset_request.id,
|
||||
user_id: inserted_user.id,
|
||||
token_encrypted: "no".into(),
|
||||
token_encrypted: token_encrypted_.to_string(),
|
||||
published: inserted_password_reset_request.published,
|
||||
};
|
||||
|
||||
let read_password_reset_request =
|
||||
PasswordResetRequest::read(&conn, inserted_password_reset_request.id).unwrap();
|
||||
let read_password_reset_request = PasswordResetRequest::read_from_token(&conn, token).unwrap();
|
||||
let num_deleted = User_::delete(&conn, inserted_user.id).unwrap();
|
||||
|
||||
assert_eq!(expected_password_reset_request, read_password_reset_request);
|
||||
|
|
|
@ -127,7 +127,7 @@ pub fn send_email(
|
|||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use crate::{extract_usernames, has_slurs, is_email_regex, remove_slurs, Settings};
|
||||
use crate::{extract_usernames, has_slurs, is_email_regex, remove_slurs};
|
||||
|
||||
#[test]
|
||||
fn test_email() {
|
||||
|
|
|
@ -13,7 +13,6 @@ use lemmy_server::nodeinfo;
|
|||
use lemmy_server::settings::Settings;
|
||||
use lemmy_server::webfinger;
|
||||
use lemmy_server::websocket::server::*;
|
||||
use std::env;
|
||||
use std::time::{Duration, Instant};
|
||||
|
||||
embed_migrations!();
|
||||
|
@ -201,7 +200,10 @@ fn main() {
|
|||
let app = App::new()
|
||||
.data(server.clone())
|
||||
// Front end routes
|
||||
.service(actix_files::Files::new("/static", front_end_dir()))
|
||||
.service(actix_files::Files::new(
|
||||
"/static",
|
||||
settings.front_end_dir.to_owned(),
|
||||
))
|
||||
.route("/", web::get().to(index))
|
||||
.route(
|
||||
"/home/type/{type}/sort/{sort}/page/{page}",
|
||||
|
@ -256,11 +258,12 @@ fn main() {
|
|||
)
|
||||
.route(
|
||||
"/federation/u/{user_name}",
|
||||
web::get().to(apub::user::get_apub_user))
|
||||
web::get().to(apub::user::get_apub_user),
|
||||
)
|
||||
.route("/feeds/all.xml", web::get().to(feeds::get_all_feed));
|
||||
|
||||
// Federation
|
||||
if Settings::get().federation_enabled {
|
||||
if settings.federation_enabled {
|
||||
app.route(
|
||||
".well-known/webfinger",
|
||||
web::get().to(webfinger::get_webfinger_response),
|
||||
|
@ -278,9 +281,7 @@ fn main() {
|
|||
}
|
||||
|
||||
fn index() -> Result<NamedFile, actix_web::error::Error> {
|
||||
Ok(NamedFile::open(front_end_dir() + "/index.html")?)
|
||||
}
|
||||
|
||||
fn front_end_dir() -> String {
|
||||
env::var("LEMMY_FRONT_END_DIR").unwrap_or("../ui/dist".to_string())
|
||||
Ok(NamedFile::open(
|
||||
Settings::get().front_end_dir.to_owned() + "/index.html",
|
||||
)?)
|
||||
}
|
||||
|
|
|
@ -14,6 +14,7 @@ pub struct Settings {
|
|||
pub bind: IpAddr,
|
||||
pub port: u16,
|
||||
pub jwt_secret: String,
|
||||
pub front_end_dir: String,
|
||||
pub rate_limit: RateLimitConfig,
|
||||
pub email: Option<EmailConfig>,
|
||||
pub federation_enabled: bool,
|
||||
|
|
Reference in a new issue