From f7333705dcb28206709be51527f6ff4db6a93503 Mon Sep 17 00:00:00 2001 From: Felix Ableitner Date: Tue, 17 Dec 2019 22:35:48 +0100 Subject: [PATCH] update documentation, docker and ansible files --- .gitignore | 1 + README.md | 14 ++++++++++++++ ansible/lemmy.yml | 1 + ansible/templates/config.hjson | 13 +++++++++++++ ansible/templates/env | 14 +------------- docker/dev/.env | 22 +++++----------------- docker/dev/Dockerfile | 2 ++ docker/dev/Dockerfile.aarch64 | 1 + docker/dev/Dockerfile.armv7hf | 1 + docker/dev/Dockerfile.libc | 2 ++ docker/dev/config/config.hjson | 2 ++ docker/dev/docker-compose.yml | 21 +++++---------------- docker/k8s/lemmy.yml | 6 +++--- docker/prod/.env | 22 +++++----------------- docker/prod/docker-compose.yml | 19 ++++--------------- server/src/settings.rs | 13 +++++-------- 16 files changed, 65 insertions(+), 89 deletions(-) create mode 100644 ansible/templates/config.hjson create mode 100644 docker/dev/config/config.hjson diff --git a/.gitignore b/.gitignore index 4cb8939f..e36af129 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ ansible/inventory ansible/passwords/ build/ .idea/ +docker/dev/config/config.hjson diff --git a/README.md b/README.md index 0e8dd601..fa35788d 100644 --- a/README.md +++ b/README.md @@ -54,6 +54,7 @@ Front Page|Post + [Requirements](#requirements) + [Set up Postgres DB](#set-up-postgres-db) + [Running](#running) +- [Configuration](#configuration) - [Documentation](#documentation) - [Support](#support) - [Translations](#translations) @@ -222,6 +223,19 @@ cd lemmy # cd server && cargo watch -x run ``` +## Configuration + +The configuration is based on the file [defaults.hjson](server/config/defaults.hjson). This file also contains +documentation for all the available options. To override the defaults, you can copy the options you want to change +into your local `config.hjson` file. + +Additionally, you can override any config files with environment variables. These have the same name as the config +options, and are prefixed with `LEMMY_`. For example, you can override the `database.password` with +`LEMMY_DATABASE_PASSWORD=my_password`. + +An additional option `LEMMY_DATABASE_URL` is available, which can be used with a PostgreSQL connection string like +`postgres://lemmy:password@lemmy_db:5432/lemmy`, passing all connection details at once. + ## Documentation - [Websocket API for App developers](docs/api.md) diff --git a/ansible/lemmy.yml b/ansible/lemmy.yml index 4ba80e90..acdb6b06 100644 --- a/ansible/lemmy.yml +++ b/ansible/lemmy.yml @@ -33,6 +33,7 @@ template: src={{item.src}} dest={{item.dest}} with_items: - { src: 'templates/env', dest: '/lemmy/.env' } + - { src: 'templates/config.hjson', dest: '/lemmy/config.hjson' } - { src: '../docker/prod/docker-compose.yml', dest: '/lemmy/docker-compose.yml' } - { src: 'templates/nginx.conf', dest: '/etc/nginx/sites-enabled/lemmy.conf' } vars: diff --git a/ansible/templates/config.hjson b/ansible/templates/config.hjson new file mode 100644 index 00000000..adfaf33c --- /dev/null +++ b/ansible/templates/config.hjson @@ -0,0 +1,13 @@ +{ + database: { + password: "{{ postgres_password }}" + } + hostname: "{{ domain }}" + jwt_secret: "{{ jwt_password }}" + email: { + smtp_server: "{{ smtp_server }}" + smtp_login: "{{ smtp_login }}" + smtp_password: "{{ smtp_password }}" + smtp_from_address: "{{ smtp_from_address }}" + } +} diff --git a/ansible/templates/env b/ansible/templates/env index 22e9beda..c2b15f57 100644 --- a/ansible/templates/env +++ b/ansible/templates/env @@ -1,14 +1,2 @@ -DOMAIN={{ domain }} DATABASE_PASSWORD={{ postgres_password }} -DATABASE_URL=postgres://lemmy:{{ postgres_password }}@lemmy_db:5432/lemmy -JWT_SECRET={{ jwt_password }} -RATE_LIMIT_MESSAGE=30 -RATE_LIMIT_MESSAGE_PER_SECOND=60 -RATE_LIMIT_POST=3 -RATE_LIMIT_POST_PER_SECOND=600 -RATE_LIMIT_REGISTER=3 -RATE_LIMIT_REGISTER_PER_SECOND=3600 -SMTP_SERVER={{ smtp_server }} -SMTP_LOGIN={{ smtp_login }} -SMTP_PASSWORD={{ smtp_password }} -SMTP_FROM_ADDRESS={{ smtp_from_address }} +LEMMY_FRONT_END_DIR=/app/dist diff --git a/docker/dev/.env b/docker/dev/.env index 014ce5c3..4e1bf7f6 100644 --- a/docker/dev/.env +++ b/docker/dev/.env @@ -1,17 +1,5 @@ -DOMAIN=my_domain -DATABASE_PASSWORD=password -DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy -JWT_SECRET=changeme - -RATE_LIMIT_MESSAGE=30 -RATE_LIMIT_MESSAGE_PER_SECOND=60 -RATE_LIMIT_POST=6 -RATE_LIMIT_POST_PER_SECOND=600 -RATE_LIMIT_REGISTER=3 -RATE_LIMIT_REGISTER_PER_SECOND=3600 - -# Optional email fields -SMTP_SERVER= -SMTP_LOGIN= -SMTP_PASSWORD= -SMTP_FROM_ADDRESS=Domain.com Lemmy Admin +LEMMY_DOMAIN=my_domain +LEMMY_DATABASE_PASSWORD=password +LEMMY_DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy +LEMMY_JWT_SECRET=changeme +LEMMY_FRONT_END_DIR=/app/dist diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile index 203643e1..080b7fb3 100644 --- a/docker/dev/Dockerfile +++ b/docker/dev/Dockerfile @@ -38,8 +38,10 @@ FROM alpine:3.10 RUN apk add libpq # Copy resources +COPY server/config /config COPY --from=rust /app/server/target/x86_64-unknown-linux-musl/release/lemmy_server /app/lemmy COPY --from=node /app/ui/dist /app/dist + RUN addgroup -g 1000 lemmy RUN adduser -D -s /bin/sh -u 1000 -G lemmy lemmy RUN chown lemmy:lemmy /app/lemmy diff --git a/docker/dev/Dockerfile.aarch64 b/docker/dev/Dockerfile.aarch64 index dbbafbd3..1b08c64e 100644 --- a/docker/dev/Dockerfile.aarch64 +++ b/docker/dev/Dockerfile.aarch64 @@ -69,6 +69,7 @@ RUN addgroup --gid 1000 lemmy RUN adduser --disabled-password --shell /bin/sh --uid 1000 --ingroup lemmy lemmy # Copy resources +COPY server/config /app/config COPY --from=rust /app/server/ready /app/lemmy COPY --from=node /app/ui/dist /app/dist diff --git a/docker/dev/Dockerfile.armv7hf b/docker/dev/Dockerfile.armv7hf index 3770dfd7..67067a18 100644 --- a/docker/dev/Dockerfile.armv7hf +++ b/docker/dev/Dockerfile.armv7hf @@ -69,6 +69,7 @@ RUN addgroup --gid 1000 lemmy RUN adduser --disabled-password --shell /bin/sh --uid 1000 --ingroup lemmy lemmy # Copy resources +COPY server/config /config COPY --from=rust /app/server/ready /app/lemmy COPY --from=node /app/ui/dist /app/dist diff --git a/docker/dev/Dockerfile.libc b/docker/dev/Dockerfile.libc index 3603d528..22d8d910 100644 --- a/docker/dev/Dockerfile.libc +++ b/docker/dev/Dockerfile.libc @@ -65,8 +65,10 @@ RUN addgroup --gid 1000 lemmy RUN adduser --disabled-password --shell /bin/sh --uid 1000 --ingroup lemmy lemmy # Copy resources +COPY server/config /app/config COPY --from=rust /app/server/ready /app/lemmy COPY --from=node /app/ui/dist /app/dist + RUN chown lemmy:lemmy /app/lemmy USER lemmy EXPOSE 8536 diff --git a/docker/dev/config/config.hjson b/docker/dev/config/config.hjson new file mode 100644 index 00000000..2c63c085 --- /dev/null +++ b/docker/dev/config/config.hjson @@ -0,0 +1,2 @@ +{ +} diff --git a/docker/dev/docker-compose.yml b/docker/dev/docker-compose.yml index 4f8e5364..92a8ee45 100644 --- a/docker/dev/docker-compose.yml +++ b/docker/dev/docker-compose.yml @@ -5,7 +5,7 @@ services: image: postgres:12-alpine environment: - POSTGRES_USER=lemmy - - POSTGRES_PASSWORD=${DATABASE_PASSWORD} + - POSTGRES_PASSWORD=${LEMMY_DATABASE_PASSWORD} - POSTGRES_DB=lemmy volumes: - lemmy_db:/var/lib/postgresql/data @@ -16,22 +16,11 @@ services: dockerfile: docker/dev/Dockerfile ports: - "127.0.0.1:8536:8536" - environment: - - LEMMY_FRONT_END_DIR=/app/dist - - DATABASE_URL=${DATABASE_URL} - - JWT_SECRET=${JWT_SECRET} - - HOSTNAME=${DOMAIN} - - RATE_LIMIT_MESSAGE=${RATE_LIMIT_MESSAGE} - - RATE_LIMIT_MESSAGE_PER_SECOND=${RATE_LIMIT_MESSAGE_PER_SECOND} - - RATE_LIMIT_POST=${RATE_LIMIT_POST} - - RATE_LIMIT_POST_PER_SECOND=${RATE_LIMIT_POST_PER_SECOND} - - RATE_LIMIT_REGISTER=${RATE_LIMIT_REGISTER} - - RATE_LIMIT_REGISTER_PER_SECOND=${RATE_LIMIT_REGISTER_PER_SECOND} - - SMTP_SERVER=${SMTP_SERVER} - - SMTP_LOGIN=${SMTP_LOGIN} - - SMTP_PASSWORD=${SMTP_PASSWORD} - - SMTP_FROM_ADDRESS=${SMTP_FROM_ADDRESS} + env_file: + - .env restart: always + volumes: + - ./config/config.hjson:/config/config.hjson:ro depends_on: - lemmy_db lemmy_pictshare: diff --git a/docker/k8s/lemmy.yml b/docker/k8s/lemmy.yml index f05b172e..8e105d60 100644 --- a/docker/k8s/lemmy.yml +++ b/docker/k8s/lemmy.yml @@ -14,13 +14,13 @@ spec: spec: containers: - env: - - name: DATABASE_URL + - name: LEMMY_DATABASE_URL # example: 'postgres://lemmy:password@db:5432/lemmy' value: CHANGE_ME - - name: HOSTNAME + - name: LEMMY_HOSTNAME # example: 'lemmy.example.com' value: CHANGE_ME - - name: JWT_SECRET + - name: LEMMY_JWT_SECRET # example: 'very-super-good-secret' value: CHANGE_ME - name: LEMMY_FRONT_END_DIR diff --git a/docker/prod/.env b/docker/prod/.env index 014ce5c3..4e1bf7f6 100644 --- a/docker/prod/.env +++ b/docker/prod/.env @@ -1,17 +1,5 @@ -DOMAIN=my_domain -DATABASE_PASSWORD=password -DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy -JWT_SECRET=changeme - -RATE_LIMIT_MESSAGE=30 -RATE_LIMIT_MESSAGE_PER_SECOND=60 -RATE_LIMIT_POST=6 -RATE_LIMIT_POST_PER_SECOND=600 -RATE_LIMIT_REGISTER=3 -RATE_LIMIT_REGISTER_PER_SECOND=3600 - -# Optional email fields -SMTP_SERVER= -SMTP_LOGIN= -SMTP_PASSWORD= -SMTP_FROM_ADDRESS=Domain.com Lemmy Admin +LEMMY_DOMAIN=my_domain +LEMMY_DATABASE_PASSWORD=password +LEMMY_DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy +LEMMY_JWT_SECRET=changeme +LEMMY_FRONT_END_DIR=/app/dist diff --git a/docker/prod/docker-compose.yml b/docker/prod/docker-compose.yml index 56a90534..9df9f19a 100644 --- a/docker/prod/docker-compose.yml +++ b/docker/prod/docker-compose.yml @@ -14,22 +14,11 @@ services: image: dessalines/lemmy:v0.5.0.3 ports: - "127.0.0.1:8536:8536" - environment: - - LEMMY_FRONT_END_DIR=/app/dist - - DATABASE_URL=${DATABASE_URL} - - JWT_SECRET=${JWT_SECRET} - - HOSTNAME=${DOMAIN} - - RATE_LIMIT_MESSAGE=${RATE_LIMIT_MESSAGE} - - RATE_LIMIT_MESSAGE_PER_SECOND=${RATE_LIMIT_MESSAGE_PER_SECOND} - - RATE_LIMIT_POST=${RATE_LIMIT_POST} - - RATE_LIMIT_POST_PER_SECOND=${RATE_LIMIT_POST_PER_SECOND} - - RATE_LIMIT_REGISTER=${RATE_LIMIT_REGISTER} - - RATE_LIMIT_REGISTER_PER_SECOND=${RATE_LIMIT_REGISTER_PER_SECOND} - - SMTP_SERVER=${SMTP_SERVER} - - SMTP_LOGIN=${SMTP_LOGIN} - - SMTP_PASSWORD=${SMTP_PASSWORD} - - SMTP_FROM_ADDRESS=${SMTP_FROM_ADDRESS} + env_file: + - .env restart: always + volumes: + - ./config.hjson:/config/config.hjson:ro depends_on: - lemmy_db lemmy_pictshare: diff --git a/server/src/settings.rs b/server/src/settings.rs index 7d558c5e..a7203a1e 100644 --- a/server/src/settings.rs +++ b/server/src/settings.rs @@ -5,7 +5,7 @@ use std::env; use std::net::IpAddr; static CONFIG_FILE_DEFAULTS: &str = "config/defaults.hjson"; -static CONFIG_FILE_COSTUMIZED: &str = "config/custom.hjson"; +static CONFIG_FILE: &str = "config/config.hjson"; #[derive(Debug, Deserialize)] pub struct Settings { @@ -59,21 +59,18 @@ impl Settings { /// Reads config from the files and environment. /// First, defaults are loaded from CONFIG_FILE_DEFAULTS, then these values can be overwritten - /// from CONFIG_FILE_COSTUMIZED (optional). Finally, values from the environment - /// (with prefix LEMMY) are added to the config. + /// from CONFIG_FILE (optional). Finally, values from the environment (with prefix LEMMY) are + /// added to the config. fn init() -> Result { let mut s = Config::new(); - // Start off by merging in the "default" configuration file s.merge(File::with_name(CONFIG_FILE_DEFAULTS))?; - // TODO: we could also automatically load dev/prod configs based on environment - // https://github.com/mehcode/config-rs/blob/master/examples/hierarchical-env/src/settings.rs#L49 - s.merge(File::with_name(CONFIG_FILE_COSTUMIZED).required(false))?; + s.merge(File::with_name(CONFIG_FILE).required(false))?; // Add in settings from the environment (with a prefix of LEMMY) // Eg.. `LEMMY_DEBUG=1 ./target/app` would set the `debug` key - s.merge(Environment::with_prefix("LEMMY"))?; + s.merge(Environment::with_prefix("LEMMY").separator("_"))?; return s.try_into(); }