FaSTTUBe
/
ftracker
54
1
Fork 0
Code Issues 2 Pull Requests Releases 1 Wiki Activity

Add working Dockerfile and various configs

This commit is contained in:
Oskar Winkels 2020-12-06 11:55:59 +01:00
parent 7f53165704
commit 79d4af32ac
9 changed files with 178 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
Dockerfile Normal file
View File

@ -0,0 +1,38 @@
FROM alpine:latest
ARG DOMAIN
RUN apk add --update --no-cache python3 py3-pip nginx uwsgi uwsgi-python3 certbot lsof
WORKDIR /root/ftracker
COPY ftracker/ ./ftracker/
COPY web/ /var/www/html/ftracker/
COPY res/ ./res/
COPY setup.py .
COPY README.md .
COPY LICENSE.md .
RUN mkdir -p /etc/ftracker /var/ftracker \
&& chown -R nginx:nginx /etc/ftracker /var/ftracker
COPY res/config.deploy.ini /etc/ftracker/config.ini
RUN pip3 install .
RUN rm /etc/nginx/conf.d/default.conf
RUN if [ -n "$DOMAIN" ] ;\
then \
cp ./res/ftracker.docker.nginx.conf /etc/nginx/conf.d/ftracker.conf ;\
certbot certonly --non-interactive --manual-public-ip-logging-ok -d ${DOMAIN} ;\
sed -i "s|CERT|/usr/local/etc/letsencrypt/live/${DOMAIN}/fullchain.pem|g" /etc/nginx/conf.d/ftracker.conf ;\
sed -i "s|KEY|/usr/local/etc/letsencrypt/live/${DOMAIN}/privkey.pem|g" /etc/nginx/conf.d/ftracker.conf ;\
echo Installed certificate. ;\
else \
cp ./res/ftracker.nossl.nginx.conf /etc/nginx/conf.d/ftracker.conf ;\
echo Skipped SSL installation. ;\
fi
RUN chmod +x ./res/docker-entrypoint.sh
ENTRYPOINT [ "./res/docker-entrypoint.sh" ]

23
res/config.deploy.ini Normal file
View File

@ -0,0 +1,23 @@
[global]
# Persistent file for storage of times, in .json format.
# Remove or leave empty for temporary (/tmp/ftracker-db.json) storage
db_file = /var/ftracker/db.json
# List of people to be allowed, in .csv format (comma, no delimiters)
# Col1: First Name(s), Col2: Last Name(s), Col3 (optional): EMail
# Remove or leave empty for no check
name_file =
# Username and password for data retrieval
admin_user = admin
admin_pass = topSecret
# Link to a document with guidelines for entering
guideline_url = https://fasttube.de/wp-content/uploads/2020/12/Cororna-Regeln-Stand-01.12.2020.pdf
# JSON indentation for debugging
json_indent = 4

11
res/docker-entrypoint.sh Normal file
View File

@ -0,0 +1,11 @@
#!/bin/sh
echo " >>> starting nginx <<< "
mkdir /run/nginx # needed because of bug in package
/usr/sbin/nginx -t
/usr/sbin/nginx
echo " >>> starting uwsgi <<< "
/usr/sbin/uwsgi --ini /root/ftracker/res/ftracker.alpine.uwsgi.ini

12
res/ftracker.alpine.uwsgi.ini Normal file
View File

@ -0,0 +1,12 @@
[uwsgi]
plugin = python3
module = ftracker:app
socket = /tmp/ftracker.sock
manage-script-name = true
master = true
uid = nginx
gid = nginx
proesses = 1
threads = 1

12
res/ftracker.debian.uwsgi.ini Normal file
View File

@ -0,0 +1,12 @@
[uwsgi]
plugin = python3
module = ftracker:app
socket = /tmp/ftracker.sock
manage-script-name = true
master = true
uid = www-data
gid = www-data
proesses = 1
threads = 1

37
res/ftracker.docker.nginx.conf Normal file
View File

@ -0,0 +1,37 @@
server {
listen 443 ssl default_server;
root /var/www/html/ftracker;
index index.html index.htm;
location / {
# First attempt to serve request as file
# If no such file, pass to backend
try_files $uri $uri/ $uri.html @api;
}
location @api {
include uwsgi_params;
# Pass it to the uwsgi server
uwsgi_pass unix:///tmp/ftracker.sock;
}
# RIP
add_header X-Clacks-Overhead "GNU Terry Pratchett" always;
ssl_certificate CERT;
ssl_certificate_key KEY;
}
server {
listen 80 default_server;
# 308 instead of 301 to prohibit method change on redirect
# (some clients change POST to GET on 301, 308 does not allow that)
return 308 https://$host$request_uri;
}

0
res/ftracker.uwsgi.ini → res/ftracker.freebsd.uwsgi.ini
View File

42
res/ftracker.nginx.conf
View File

@ -1,38 +1,38 @@
server {
server_name ftracker.fasttube.de;
server_name ftracker.fasttube.de;
listen 443 ssl;
listen 443 ssl;
root /root/ftracker/web;
root /root/ftracker/web;
index index.html index.htm;
index index.html index.htm;
location / {
# First attempt to serve request as file
# If no such file, show index to allow for client side routing
try_files $uri $uri/ $uri.html @api;
location / {
# First attempt to serve request as file
# If no such file, pass to backend
try_files $uri $uri/ $uri.html @api;
}
location @api {
include uwsgi_params;
# Pass it to the uwsgi server
uwsgi_pass unix:///tmp/ftracker.sock;
}
include uwsgi_params;
# Pass it to the uwsgi server
uwsgi_pass unix:///tmp/ftracker.sock;
}
# RIP
add_header X-Clacks-Overhead "GNU Terry Pratchett" always;
# RIP
add_header X-Clacks-Overhead "GNU Terry Pratchett" always;
ssl_certificate /usr/local/etc/letsencrypt/live/ftracker.fasttube.de/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/ftracker.fasttube.de/privkey.pem;
ssl_certificate /usr/local/etc/letsencrypt/live/ftracker.fasttube.de/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/ftracker.fasttube.de/privkey.pem;
}
server {
server_name ftracker.fasttube.de;
server_name ftracker.fasttube.de;
listen 80;
listen 80;
# 308 instead of 301 to prohibit method change on redirect
# (some clients change POST to GET on 301, 308 does not allow that)
return 308 https://$host$request_uri;
# 308 instead of 301 to prohibit method change on redirect
# (some clients change POST to GET on 301, 308 does not allow that)
return 308 https://$host$request_uri;
}

24
res/ftracker.nossl.nginx.conf Normal file
View File

@ -0,0 +1,24 @@
server {
listen 80 default_server;
root /var/www/html/ftracker;
index index.html index.htm;
location / {
# First attempt to serve request as file
# If no such file, pass to backend
try_files $uri $uri/ $uri.html @api;
}
location @api {
include uwsgi_params;
# Pass it to the uwsgi server
uwsgi_pass unix:///tmp/ftracker.sock;
}
# RIP
add_header X-Clacks-Overhead "GNU Terry Pratchett" always;
}