Config fixes.
- Adding front_end_dir to settings. - Adding unit test for PasswordResetRequest encryption. - Readme points to lemmy.hjson - Fixing docker prod, dev, and ansible builds. - Removing redundant env files, as all config is now in a single file. - Some formatting fixes.
This commit is contained in:
parent
f18ebed740
commit
6248392992
14 changed files with 90 additions and 64 deletions
12
README.md
vendored
12
README.md
vendored
|
@ -120,7 +120,7 @@ Make sure you have both docker and docker-compose(>=`1.24.0`) installed:
|
||||||
mkdir lemmy/
|
mkdir lemmy/
|
||||||
cd lemmy/
|
cd lemmy/
|
||||||
wget https://raw.githubusercontent.com/dessalines/lemmy/master/docker/prod/docker-compose.yml
|
wget https://raw.githubusercontent.com/dessalines/lemmy/master/docker/prod/docker-compose.yml
|
||||||
wget https://raw.githubusercontent.com/dessalines/lemmy/master/docker/prod/.env
|
wget https://raw.githubusercontent.com/dessalines/lemmy/master/docker/lemmy.hjson
|
||||||
# Edit the .env if you want custom passwords
|
# Edit the .env if you want custom passwords
|
||||||
docker-compose up -d
|
docker-compose up -d
|
||||||
```
|
```
|
||||||
|
@ -225,16 +225,12 @@ cd lemmy
|
||||||
|
|
||||||
## Configuration
|
## Configuration
|
||||||
|
|
||||||
The configuration is based on the file [defaults.hjson](server/config/defaults.hjson). This file also contains
|
The configuration is based on the file [defaults.hjson](server/config/defaults.hjson). This file also contains documentation for all the available options. To override the defaults, you can copy the options you want to change into your local `config.hjson` file.
|
||||||
documentation for all the available options. To override the defaults, you can copy the options you want to change
|
|
||||||
into your local `config.hjson` file.
|
|
||||||
|
|
||||||
Additionally, you can override any config files with environment variables. These have the same name as the config
|
Additionally, you can override any config files with environment variables. These have the same name as the config options, and are prefixed with `LEMMY_`. For example, you can override the `database.password` with
|
||||||
options, and are prefixed with `LEMMY_`. For example, you can override the `database.password` with
|
|
||||||
`LEMMY__DATABASE__POOL_SIZE=10`.
|
`LEMMY__DATABASE__POOL_SIZE=10`.
|
||||||
|
|
||||||
An additional option `LEMMY_DATABASE_URL` is available, which can be used with a PostgreSQL connection string like
|
An additional option `LEMMY_DATABASE_URL` is available, which can be used with a PostgreSQL connection string like `postgres://lemmy:password@lemmy_db:5432/lemmy`, passing all connection details at once.
|
||||||
`postgres://lemmy:password@lemmy_db:5432/lemmy`, passing all connection details at once.
|
|
||||||
|
|
||||||
## Documentation
|
## Documentation
|
||||||
|
|
||||||
|
|
11
ansible/lemmy.yml
vendored
11
ansible/lemmy.yml
vendored
|
@ -32,22 +32,13 @@
|
||||||
- name: add all template files
|
- name: add all template files
|
||||||
template: src={{item.src}} dest={{item.dest}}
|
template: src={{item.src}} dest={{item.dest}}
|
||||||
with_items:
|
with_items:
|
||||||
- { src: 'templates/env', dest: '/lemmy/.env' }
|
- { src: '../docker/lemmy.hjson', dest: '/lemmy/lemmy.hjson' }
|
||||||
- { src: 'templates/config.hjson', dest: '/lemmy/config.hjson' }
|
|
||||||
- { src: '../docker/prod/docker-compose.yml', dest: '/lemmy/docker-compose.yml' }
|
- { src: '../docker/prod/docker-compose.yml', dest: '/lemmy/docker-compose.yml' }
|
||||||
- { src: 'templates/nginx.conf', dest: '/etc/nginx/sites-enabled/lemmy.conf' }
|
- { src: 'templates/nginx.conf', dest: '/etc/nginx/sites-enabled/lemmy.conf' }
|
||||||
vars:
|
vars:
|
||||||
postgres_password: "{{ lookup('password', 'passwords/{{ inventory_hostname }}/postgres chars=ascii_letters,digits') }}"
|
postgres_password: "{{ lookup('password', 'passwords/{{ inventory_hostname }}/postgres chars=ascii_letters,digits') }}"
|
||||||
jwt_password: "{{ lookup('password', 'passwords/{{ inventory_hostname }}/jwt chars=ascii_letters,digits') }}"
|
jwt_password: "{{ lookup('password', 'passwords/{{ inventory_hostname }}/jwt chars=ascii_letters,digits') }}"
|
||||||
|
|
||||||
- name: set env file permissions
|
|
||||||
file:
|
|
||||||
path: "/lemmy/.env"
|
|
||||||
state: touch
|
|
||||||
mode: 0600
|
|
||||||
access_time: preserve
|
|
||||||
modification_time: preserve
|
|
||||||
|
|
||||||
- name: enable and start docker service
|
- name: enable and start docker service
|
||||||
systemd:
|
systemd:
|
||||||
name: docker
|
name: docker
|
||||||
|
|
2
ansible/templates/env
vendored
2
ansible/templates/env
vendored
|
@ -1,2 +0,0 @@
|
||||||
DATABASE_PASSWORD={{ postgres_password }}
|
|
||||||
LEMMY_FRONT_END_DIR=/app/dist
|
|
5
docker/dev/.env
vendored
5
docker/dev/.env
vendored
|
@ -1,5 +0,0 @@
|
||||||
LEMMY_DOMAIN=my_domain
|
|
||||||
LEMMY_DATABASE_PASSWORD=password
|
|
||||||
LEMMY_DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy
|
|
||||||
LEMMY_JWT_SECRET=changeme
|
|
||||||
LEMMY_FRONT_END_DIR=/app/dist
|
|
2
docker/dev/config/config.hjson
vendored
2
docker/dev/config/config.hjson
vendored
|
@ -1,2 +0,0 @@
|
||||||
{
|
|
||||||
}
|
|
6
docker/dev/docker-compose.yml
vendored
6
docker/dev/docker-compose.yml
vendored
|
@ -5,7 +5,7 @@ services:
|
||||||
image: postgres:12-alpine
|
image: postgres:12-alpine
|
||||||
environment:
|
environment:
|
||||||
- POSTGRES_USER=lemmy
|
- POSTGRES_USER=lemmy
|
||||||
- POSTGRES_PASSWORD=${LEMMY_DATABASE_PASSWORD}
|
- POSTGRES_PASSWORD=password
|
||||||
- POSTGRES_DB=lemmy
|
- POSTGRES_DB=lemmy
|
||||||
volumes:
|
volumes:
|
||||||
- lemmy_db:/var/lib/postgresql/data
|
- lemmy_db:/var/lib/postgresql/data
|
||||||
|
@ -16,11 +16,9 @@ services:
|
||||||
dockerfile: docker/dev/Dockerfile
|
dockerfile: docker/dev/Dockerfile
|
||||||
ports:
|
ports:
|
||||||
- "127.0.0.1:8536:8536"
|
- "127.0.0.1:8536:8536"
|
||||||
env_file:
|
|
||||||
- .env
|
|
||||||
restart: always
|
restart: always
|
||||||
volumes:
|
volumes:
|
||||||
- ./config/config.hjson:/config/config.hjson:ro
|
- ../lemmy.hjson:/config/config.hjson:ro
|
||||||
depends_on:
|
depends_on:
|
||||||
- lemmy_db
|
- lemmy_db
|
||||||
lemmy_pictshare:
|
lemmy_pictshare:
|
||||||
|
|
56
docker/lemmy.hjson
vendored
Normal file
56
docker/lemmy.hjson
vendored
Normal file
|
@ -0,0 +1,56 @@
|
||||||
|
{
|
||||||
|
database: {
|
||||||
|
# username to connect to postgres
|
||||||
|
user: "lemmy"
|
||||||
|
# password to connect to postgres
|
||||||
|
password: "password"
|
||||||
|
# host where postgres is running
|
||||||
|
host: "lemmy_db"
|
||||||
|
# port where postgres can be accessed
|
||||||
|
port: 5432
|
||||||
|
# name of the postgres database for lemmy
|
||||||
|
database: "lemmy"
|
||||||
|
# maximum number of active sql connections
|
||||||
|
pool_size: 5
|
||||||
|
}
|
||||||
|
# the domain name of your instance (eg "dev.lemmy.ml")
|
||||||
|
hostname: "rrr"
|
||||||
|
# address where lemmy should listen for incoming requests
|
||||||
|
bind: "0.0.0.0"
|
||||||
|
# port where lemmy should listen for incoming requests
|
||||||
|
port: 8536
|
||||||
|
# json web token for authorization between server and client
|
||||||
|
jwt_secret: "changeme"
|
||||||
|
# The dir for the front end
|
||||||
|
front_end_dir: "/app/dist"
|
||||||
|
# whether to enable activitypub federation. this feature is in alpha, do not enable in production, as might
|
||||||
|
# cause problems like remote instances fetching and permanently storing bad data.
|
||||||
|
federation_enabled: false
|
||||||
|
# rate limits for various user actions, by user ip
|
||||||
|
rate_limit: {
|
||||||
|
# maximum number of messages created in interval
|
||||||
|
message: 30
|
||||||
|
# interval length for message limit
|
||||||
|
message_per_second: 60
|
||||||
|
# maximum number of posts created in interval
|
||||||
|
post: 6
|
||||||
|
# interval length for post limit
|
||||||
|
post_per_second: 600
|
||||||
|
# maximum number of registrations in interval
|
||||||
|
register: 3
|
||||||
|
# interval length for registration limit
|
||||||
|
register_per_second: 3600
|
||||||
|
}
|
||||||
|
# # email sending configuration
|
||||||
|
# email: {
|
||||||
|
# # hostname of the smtp server
|
||||||
|
# smtp_server: ""
|
||||||
|
# # login name for smtp server
|
||||||
|
# smtp_login: ""
|
||||||
|
# # password to login to the smtp server
|
||||||
|
# smtp_password: ""
|
||||||
|
# # address to send emails from, eg "info@your-instance.com"
|
||||||
|
# smtp_from_address: ""
|
||||||
|
# }
|
||||||
|
}
|
||||||
|
|
5
docker/prod/.env
vendored
5
docker/prod/.env
vendored
|
@ -1,5 +0,0 @@
|
||||||
LEMMY_DOMAIN=my_domain
|
|
||||||
LEMMY_DATABASE_PASSWORD=password
|
|
||||||
LEMMY_DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy
|
|
||||||
LEMMY_JWT_SECRET=changeme
|
|
||||||
LEMMY_FRONT_END_DIR=/app/dist
|
|
6
docker/prod/docker-compose.yml
vendored
6
docker/prod/docker-compose.yml
vendored
|
@ -5,7 +5,7 @@ services:
|
||||||
image: postgres:12-alpine
|
image: postgres:12-alpine
|
||||||
environment:
|
environment:
|
||||||
- POSTGRES_USER=lemmy
|
- POSTGRES_USER=lemmy
|
||||||
- POSTGRES_PASSWORD=${DATABASE_PASSWORD}
|
- POSTGRES_PASSWORD=password
|
||||||
- POSTGRES_DB=lemmy
|
- POSTGRES_DB=lemmy
|
||||||
volumes:
|
volumes:
|
||||||
- lemmy_db:/var/lib/postgresql/data
|
- lemmy_db:/var/lib/postgresql/data
|
||||||
|
@ -14,11 +14,9 @@ services:
|
||||||
image: dessalines/lemmy:v0.5.0.3
|
image: dessalines/lemmy:v0.5.0.3
|
||||||
ports:
|
ports:
|
||||||
- "127.0.0.1:8536:8536"
|
- "127.0.0.1:8536:8536"
|
||||||
env_file:
|
|
||||||
- .env
|
|
||||||
restart: always
|
restart: always
|
||||||
volumes:
|
volumes:
|
||||||
- ./config.hjson:/config/config.hjson:ro
|
- ./lemmy.hjson:/config/config.hjson:ro
|
||||||
depends_on:
|
depends_on:
|
||||||
- lemmy_db
|
- lemmy_db
|
||||||
lemmy_pictshare:
|
lemmy_pictshare:
|
||||||
|
|
14
server/config/defaults.hjson
vendored
14
server/config/defaults.hjson
vendored
|
@ -22,23 +22,25 @@
|
||||||
port: 8536
|
port: 8536
|
||||||
# json web token for authorization between server and client
|
# json web token for authorization between server and client
|
||||||
jwt_secret: "changeme"
|
jwt_secret: "changeme"
|
||||||
|
# The dir for the front end
|
||||||
|
front_end_dir: "../ui/dist"
|
||||||
# whether to enable activitypub federation. this feature is in alpha, do not enable in production, as might
|
# whether to enable activitypub federation. this feature is in alpha, do not enable in production, as might
|
||||||
# cause problems like remote instances fetching and permanently storing bad data.
|
# cause problems like remote instances fetching and permanently storing bad data.
|
||||||
federation_enabled: false
|
federation_enabled: false
|
||||||
# rate limits for various user actions, by user ip
|
# rate limits for various user actions, by user ip
|
||||||
rate_limit: {
|
rate_limit: {
|
||||||
# maximum number of messages created in interval
|
# maximum number of messages created in interval
|
||||||
message: 30,
|
message: 30
|
||||||
# interval length for message limit
|
# interval length for message limit
|
||||||
message_per_second: 60,
|
message_per_second: 60
|
||||||
# maximum number of posts created in interval
|
# maximum number of posts created in interval
|
||||||
post: 6,
|
post: 6
|
||||||
# interval length for post limit
|
# interval length for post limit
|
||||||
post_per_second: 600,
|
post_per_second: 600
|
||||||
# maximum number of registrations in interval
|
# maximum number of registrations in interval
|
||||||
register: 3,
|
register: 3
|
||||||
# interval length for registration limit
|
# interval length for registration limit
|
||||||
register_per_second: 3600,
|
register_per_second: 3600
|
||||||
}
|
}
|
||||||
# # email sending configuration
|
# # email sending configuration
|
||||||
# email: {
|
# email: {
|
||||||
|
|
|
@ -104,23 +104,20 @@ mod tests {
|
||||||
|
|
||||||
let inserted_user = User_::create(&conn, &new_user).unwrap();
|
let inserted_user = User_::create(&conn, &new_user).unwrap();
|
||||||
|
|
||||||
let new_password_reset_request = PasswordResetRequestForm {
|
let token = "nope";
|
||||||
user_id: inserted_user.id,
|
let token_encrypted_ = "ca3704aa0b06f5954c79ee837faa152d84d6b2d42838f0637a15eda8337dbdce";
|
||||||
token_encrypted: "no".into(),
|
|
||||||
};
|
|
||||||
|
|
||||||
let inserted_password_reset_request =
|
let inserted_password_reset_request =
|
||||||
PasswordResetRequest::create(&conn, &new_password_reset_request).unwrap();
|
PasswordResetRequest::create_token(&conn, inserted_user.id, token).unwrap();
|
||||||
|
|
||||||
let expected_password_reset_request = PasswordResetRequest {
|
let expected_password_reset_request = PasswordResetRequest {
|
||||||
id: inserted_password_reset_request.id,
|
id: inserted_password_reset_request.id,
|
||||||
user_id: inserted_user.id,
|
user_id: inserted_user.id,
|
||||||
token_encrypted: "no".into(),
|
token_encrypted: token_encrypted_.to_string(),
|
||||||
published: inserted_password_reset_request.published,
|
published: inserted_password_reset_request.published,
|
||||||
};
|
};
|
||||||
|
|
||||||
let read_password_reset_request =
|
let read_password_reset_request = PasswordResetRequest::read_from_token(&conn, token).unwrap();
|
||||||
PasswordResetRequest::read(&conn, inserted_password_reset_request.id).unwrap();
|
|
||||||
let num_deleted = User_::delete(&conn, inserted_user.id).unwrap();
|
let num_deleted = User_::delete(&conn, inserted_user.id).unwrap();
|
||||||
|
|
||||||
assert_eq!(expected_password_reset_request, read_password_reset_request);
|
assert_eq!(expected_password_reset_request, read_password_reset_request);
|
||||||
|
|
|
@ -127,7 +127,7 @@ pub fn send_email(
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod tests {
|
mod tests {
|
||||||
use crate::{extract_usernames, has_slurs, is_email_regex, remove_slurs, Settings};
|
use crate::{extract_usernames, has_slurs, is_email_regex, remove_slurs};
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_email() {
|
fn test_email() {
|
||||||
|
|
|
@ -13,7 +13,6 @@ use lemmy_server::nodeinfo;
|
||||||
use lemmy_server::settings::Settings;
|
use lemmy_server::settings::Settings;
|
||||||
use lemmy_server::webfinger;
|
use lemmy_server::webfinger;
|
||||||
use lemmy_server::websocket::server::*;
|
use lemmy_server::websocket::server::*;
|
||||||
use std::env;
|
|
||||||
use std::time::{Duration, Instant};
|
use std::time::{Duration, Instant};
|
||||||
|
|
||||||
embed_migrations!();
|
embed_migrations!();
|
||||||
|
@ -201,7 +200,10 @@ fn main() {
|
||||||
let app = App::new()
|
let app = App::new()
|
||||||
.data(server.clone())
|
.data(server.clone())
|
||||||
// Front end routes
|
// Front end routes
|
||||||
.service(actix_files::Files::new("/static", front_end_dir()))
|
.service(actix_files::Files::new(
|
||||||
|
"/static",
|
||||||
|
settings.front_end_dir.to_owned(),
|
||||||
|
))
|
||||||
.route("/", web::get().to(index))
|
.route("/", web::get().to(index))
|
||||||
.route(
|
.route(
|
||||||
"/home/type/{type}/sort/{sort}/page/{page}",
|
"/home/type/{type}/sort/{sort}/page/{page}",
|
||||||
|
@ -256,11 +258,12 @@ fn main() {
|
||||||
)
|
)
|
||||||
.route(
|
.route(
|
||||||
"/federation/u/{user_name}",
|
"/federation/u/{user_name}",
|
||||||
web::get().to(apub::user::get_apub_user))
|
web::get().to(apub::user::get_apub_user),
|
||||||
|
)
|
||||||
.route("/feeds/all.xml", web::get().to(feeds::get_all_feed));
|
.route("/feeds/all.xml", web::get().to(feeds::get_all_feed));
|
||||||
|
|
||||||
// Federation
|
// Federation
|
||||||
if Settings::get().federation_enabled {
|
if settings.federation_enabled {
|
||||||
app.route(
|
app.route(
|
||||||
".well-known/webfinger",
|
".well-known/webfinger",
|
||||||
web::get().to(webfinger::get_webfinger_response),
|
web::get().to(webfinger::get_webfinger_response),
|
||||||
|
@ -278,9 +281,7 @@ fn main() {
|
||||||
}
|
}
|
||||||
|
|
||||||
fn index() -> Result<NamedFile, actix_web::error::Error> {
|
fn index() -> Result<NamedFile, actix_web::error::Error> {
|
||||||
Ok(NamedFile::open(front_end_dir() + "/index.html")?)
|
Ok(NamedFile::open(
|
||||||
}
|
Settings::get().front_end_dir.to_owned() + "/index.html",
|
||||||
|
)?)
|
||||||
fn front_end_dir() -> String {
|
|
||||||
env::var("LEMMY_FRONT_END_DIR").unwrap_or("../ui/dist".to_string())
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,6 +14,7 @@ pub struct Settings {
|
||||||
pub bind: IpAddr,
|
pub bind: IpAddr,
|
||||||
pub port: u16,
|
pub port: u16,
|
||||||
pub jwt_secret: String,
|
pub jwt_secret: String,
|
||||||
|
pub front_end_dir: String,
|
||||||
pub rate_limit: RateLimitConfig,
|
pub rate_limit: RateLimitConfig,
|
||||||
pub email: Option<EmailConfig>,
|
pub email: Option<EmailConfig>,
|
||||||
pub federation_enabled: bool,
|
pub federation_enabled: bool,
|
||||||
|
|
Reference in a new issue