mirror of
https://github.com/penpot/penpot.git
synced 2025-01-22 14:39:45 -05:00
✨ Minor improvements on docker images and compose file.
This commit is contained in:
parent
031123b2ca
commit
9043d2574b
5 changed files with 139 additions and 86 deletions
|
@ -34,8 +34,6 @@
|
||||||
:storage-fs-uri "http://localhost:3449/internal/assets/"
|
:storage-fs-uri "http://localhost:3449/internal/assets/"
|
||||||
:storage-s3-region :eu-central-1
|
:storage-s3-region :eu-central-1
|
||||||
|
|
||||||
:storage-s3-bucket "serenoxyztestbucket"
|
|
||||||
|
|
||||||
:image-process-max-threads 2
|
:image-process-max-threads 2
|
||||||
|
|
||||||
:smtp-enabled false
|
:smtp-enabled false
|
||||||
|
@ -76,6 +74,7 @@
|
||||||
(s/def ::database-uri ::us/string)
|
(s/def ::database-uri ::us/string)
|
||||||
(s/def ::redis-uri ::us/string)
|
(s/def ::redis-uri ::us/string)
|
||||||
|
|
||||||
|
(s/def ::storage-backend ::us/keyword)
|
||||||
(s/def ::storage-fs-directory ::us/string)
|
(s/def ::storage-fs-directory ::us/string)
|
||||||
(s/def ::storage-fs-uri ::us/string)
|
(s/def ::storage-fs-uri ::us/string)
|
||||||
(s/def ::storage-s3-region ::us/keyword)
|
(s/def ::storage-s3-region ::us/keyword)
|
||||||
|
@ -136,59 +135,60 @@
|
||||||
|
|
||||||
|
|
||||||
(s/def ::config
|
(s/def ::config
|
||||||
(s/keys :opt-un [::http-server-cors
|
(s/keys :opt-un [::allow-demo-users
|
||||||
::http-server-debug
|
::asserts-enabled
|
||||||
::http-server-port
|
::database-password
|
||||||
::google-client-id
|
::database-uri
|
||||||
::google-client-secret
|
::database-username
|
||||||
::gitlab-client-id
|
::debug
|
||||||
::gitlab-client-secret
|
::error-report-webhook
|
||||||
::github-client-id
|
::github-client-id
|
||||||
::github-client-secret
|
::github-client-secret
|
||||||
::gitlab-base-uri
|
::gitlab-base-uri
|
||||||
::asserts-enabled
|
::gitlab-client-id
|
||||||
::redis-uri
|
::gitlab-client-secret
|
||||||
|
::google-client-id
|
||||||
|
::google-client-secret
|
||||||
|
::host
|
||||||
|
::http-server-debug
|
||||||
|
::http-server-port
|
||||||
|
::http-server-cors
|
||||||
|
::image-process-max-threads
|
||||||
|
::ldap-auth-avatar-attribute
|
||||||
|
::ldap-auth-base-dn
|
||||||
|
::ldap-auth-email-attribute
|
||||||
|
::ldap-auth-fullname-attribute
|
||||||
|
::ldap-auth-host
|
||||||
|
::ldap-auth-port
|
||||||
|
::ldap-auth-ssl
|
||||||
|
::ldap-auth-starttls
|
||||||
|
::ldap-auth-user-query
|
||||||
|
::ldap-auth-username-attribute
|
||||||
|
::ldap-bind-dn
|
||||||
|
::ldap-bind-password
|
||||||
::public-uri
|
::public-uri
|
||||||
::database-username
|
::redis-uri
|
||||||
::database-password
|
::registration-domain-whitelist
|
||||||
::database-uri
|
::registration-enabled
|
||||||
::storage-fs-directory
|
|
||||||
::storage-fs-uri
|
|
||||||
::storage-s3-bucket
|
|
||||||
::storage-s3-region
|
|
||||||
::error-report-webhook
|
|
||||||
::secret-key
|
::secret-key
|
||||||
::smtp-default-from
|
::smtp-default-from
|
||||||
::smtp-default-reply-to
|
::smtp-default-reply-to
|
||||||
::smtp-enabled
|
::smtp-enabled
|
||||||
::smtp-host
|
::smtp-host
|
||||||
::smtp-port
|
|
||||||
::smtp-username
|
|
||||||
::smtp-password
|
::smtp-password
|
||||||
::smtp-tls
|
::smtp-port
|
||||||
::smtp-ssl
|
::smtp-ssl
|
||||||
::host
|
::smtp-tls
|
||||||
|
::smtp-username
|
||||||
|
::storage-backend
|
||||||
|
::storage-fs-directory
|
||||||
|
::storage-fs-uri
|
||||||
|
::storage-s3-bucket
|
||||||
|
::storage-s3-region
|
||||||
::telemetry-enabled
|
::telemetry-enabled
|
||||||
::telemetry-server-enabled
|
::telemetry-server-enabled
|
||||||
::telemetry-uri
|
|
||||||
::telemetry-server-port
|
::telemetry-server-port
|
||||||
::debug
|
::telemetry-uri]))
|
||||||
::allow-demo-users
|
|
||||||
::registration-enabled
|
|
||||||
::registration-domain-whitelist
|
|
||||||
::image-process-max-threads
|
|
||||||
::ldap-auth-host
|
|
||||||
::ldap-auth-port
|
|
||||||
::ldap-bind-dn
|
|
||||||
::ldap-bind-password
|
|
||||||
::ldap-auth-ssl
|
|
||||||
::ldap-auth-starttls
|
|
||||||
::ldap-auth-base-dn
|
|
||||||
::ldap-auth-user-query
|
|
||||||
::ldap-auth-username-attribute
|
|
||||||
::ldap-auth-email-attribute
|
|
||||||
::ldap-auth-fullname-attribute
|
|
||||||
::ldap-auth-avatar-attribute]))
|
|
||||||
|
|
||||||
(defn- env->config
|
(defn- env->config
|
||||||
[env]
|
[env]
|
||||||
|
|
|
@ -258,7 +258,7 @@
|
||||||
:app.storage.db/backend
|
:app.storage.db/backend
|
||||||
{:pool (ig/ref :app.db/pool)}}
|
{:pool (ig/ref :app.db/pool)}}
|
||||||
|
|
||||||
(let [backend (:storage-default-backend cfg/config :fs)]
|
(let [backend (:storage-backend cfg/config :fs)]
|
||||||
{:app.storage/storage {:backend backend}})
|
{:app.storage/storage {:backend backend}})
|
||||||
|
|
||||||
(when (:telemetry-server-enabled cfg/config)
|
(when (:telemetry-server-enabled cfg/config)
|
||||||
|
|
|
@ -1,13 +1,8 @@
|
||||||
---
|
---
|
||||||
version: "3"
|
version: "3.0"
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
default:
|
penpot:
|
||||||
driver: bridge
|
|
||||||
ipam:
|
|
||||||
driver: default
|
|
||||||
config:
|
|
||||||
- subnet: 172.177.99.0/24
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
postgres_data:
|
postgres_data:
|
||||||
|
@ -26,6 +21,8 @@ services:
|
||||||
depends_on:
|
depends_on:
|
||||||
- penpot-backend
|
- penpot-backend
|
||||||
- penpot-exporter
|
- penpot-exporter
|
||||||
|
networks:
|
||||||
|
- penpot
|
||||||
|
|
||||||
penpot-backend:
|
penpot-backend:
|
||||||
image: "penpotapp/backend:develop"
|
image: "penpotapp/backend:develop"
|
||||||
|
@ -37,17 +34,37 @@ services:
|
||||||
- penpot-redis
|
- penpot-redis
|
||||||
|
|
||||||
environment:
|
environment:
|
||||||
- APP_DATABASE_URI=postgresql://penpot-postgres/penpot
|
- PENPOT_ASSERTS_ENABLED=false
|
||||||
- APP_DATABASE_USERNAME=penpot
|
- PENPOT_DEBUG=false
|
||||||
- APP_DATABASE_PASSWORD=penpot
|
- PENPOT_HOST=example.penpot
|
||||||
- APP_SMTP_ENABLED=false
|
- PENPOT_DATABASE_URI=postgresql://penpot-postgres/penpot
|
||||||
- APP_REDIS_URI=redis://penpot-redis/0
|
- PENPOT_DATABASE_USERNAME=penpot
|
||||||
- APP_MEDIA_DIRECTORY=/opt/data/media
|
- PENPOT_DATABASE_PASSWORD=penpot
|
||||||
|
- PENPOT_REDIS_URI=redis://penpot-redis/0
|
||||||
|
- PENPOT_STORAGE_FS_DIRECTORY_=/opt/data/assets
|
||||||
|
- PENPOT_STORAGE_FS_URI=http://penpot-frontend/internal/assets
|
||||||
|
- PENPOT_STORAGE_BACKEND=fs
|
||||||
|
- PENPOT_SMTP_ENABLED=false
|
||||||
|
- PENPOT_SMTP_DEFAULT_FROM=no-reply@example.com
|
||||||
|
- PENPOT_SMTP_DEFAULT_REPLY_TO=no-reply@example.com
|
||||||
|
- PENPOT_SECRET_KEY=provide-here-a-secret-random-key
|
||||||
|
# - PENPOT_SMTP_HOST=...
|
||||||
|
# - PENPOT_SMTP_PORT=...
|
||||||
|
# - PENPOT_SMTP_USERNAME=...
|
||||||
|
# - PENPOT_SMTP_PASSWORD=...
|
||||||
|
# - PENPOT_SMTP_TLS=true
|
||||||
|
# - PENPOT_SMTP_SSL=false
|
||||||
|
# - PENPOT_GOOGLE_CLIENT_ID=...
|
||||||
|
# - PENPOT_GOOGLE_CLIENT_SECRET=...
|
||||||
|
networks:
|
||||||
|
- penpot
|
||||||
|
|
||||||
penpot-exporter:
|
penpot-exporter:
|
||||||
image: "penpotapp/exporter:develop"
|
image: "penpotapp/exporter:develop"
|
||||||
environment:
|
environment:
|
||||||
- APP_PUBLIC_URI=http://penpot-frontend
|
- PENPOT_PUBLIC_URI=http://penpot-frontend
|
||||||
|
networks:
|
||||||
|
- penpot
|
||||||
|
|
||||||
penpot-postgres:
|
penpot-postgres:
|
||||||
image: "postgres:13"
|
image: "postgres:13"
|
||||||
|
@ -63,6 +80,11 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- postgres_data:/var/lib/postgresql/data
|
- postgres_data:/var/lib/postgresql/data
|
||||||
|
|
||||||
|
networks:
|
||||||
|
- penpot
|
||||||
|
|
||||||
penpot-redis:
|
penpot-redis:
|
||||||
image: redis:6
|
image: redis:6
|
||||||
restart: always
|
restart: always
|
||||||
|
networks:
|
||||||
|
- penpot
|
||||||
|
|
|
@ -4,7 +4,7 @@ pid /run/nginx.pid;
|
||||||
include /etc/nginx/modules-enabled/*.conf;
|
include /etc/nginx/modules-enabled/*.conf;
|
||||||
|
|
||||||
events {
|
events {
|
||||||
worker_connections 768;
|
worker_connections 2048;
|
||||||
# multi_accept on;
|
# multi_accept on;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -14,10 +14,15 @@ http {
|
||||||
tcp_nodelay on;
|
tcp_nodelay on;
|
||||||
keepalive_timeout 65;
|
keepalive_timeout 65;
|
||||||
types_hash_max_size 2048;
|
types_hash_max_size 2048;
|
||||||
# server_tokens off;
|
|
||||||
|
|
||||||
# server_names_hash_bucket_size 64;
|
keepalive_requests 30;
|
||||||
# server_name_in_redirect off;
|
keepalive_timeout 30s;
|
||||||
|
|
||||||
|
server_tokens off;
|
||||||
|
|
||||||
|
reset_timedout_connection on;
|
||||||
|
client_body_timeout 20s;
|
||||||
|
client_header_timeout 20s;
|
||||||
|
|
||||||
include /etc/nginx/mime.types;
|
include /etc/nginx/mime.types;
|
||||||
default_type application/octet-stream;
|
default_type application/octet-stream;
|
||||||
|
@ -44,7 +49,7 @@ http {
|
||||||
listen 80 default_server;
|
listen 80 default_server;
|
||||||
server_name _;
|
server_name _;
|
||||||
|
|
||||||
client_max_body_size 5M;
|
client_max_body_size 6M;
|
||||||
charset utf-8;
|
charset utf-8;
|
||||||
|
|
||||||
proxy_http_version 1.1;
|
proxy_http_version 1.1;
|
||||||
|
@ -55,18 +60,14 @@ http {
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|
||||||
etag off;
|
etag off;
|
||||||
|
|
||||||
location / {
|
|
||||||
root /var/www/app/;
|
root /var/www/app/;
|
||||||
try_files $uri /index.html;
|
|
||||||
|
|
||||||
location ~* \.(js|css).*$ {
|
location ~* \.(js|css).*$ {
|
||||||
add_header Cache-Control "max-age=86400" always; # 24 hours
|
add_header Cache-Control "max-age=86400" always; # 24 hours
|
||||||
}
|
}
|
||||||
|
|
||||||
location = /index.html {
|
location ~* \.(html).*$ {
|
||||||
add_header Cache-Control "no-cache, max-age=0";
|
add_header Cache-Control "no-cache, max-age=0" always;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
location /api {
|
location /api {
|
||||||
|
@ -83,8 +84,37 @@ http {
|
||||||
proxy_pass http://penpot-backend:6060/ws/notifications;
|
proxy_pass http://penpot-backend:6060/ws/notifications;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /media {
|
location @handle_redirect {
|
||||||
alias /opt/data/media;
|
set $redirect_uri "$upstream_http_location";
|
||||||
|
set $redirect_host "$upstream_http_x_host";
|
||||||
|
set $redirect_cache_control "$upstream_http_cache_control";
|
||||||
|
|
||||||
|
proxy_buffering off;
|
||||||
|
|
||||||
|
proxy_set_header Host "$redirect_host";
|
||||||
|
proxy_hide_header etag;
|
||||||
|
proxy_hide_header x-amz-id-2;
|
||||||
|
proxy_hide_header x-amz-request-id;
|
||||||
|
proxy_hide_header x-amz-meta-server-side-encryption;
|
||||||
|
proxy_hide_header x-amz-server-side-encryption;
|
||||||
|
proxy_pass $redirect_uri;
|
||||||
|
|
||||||
|
add_header x-internal-redirect "$redirect_uri";
|
||||||
|
add_header x-cache-control "$redirect_cache_control";
|
||||||
|
add_header cache-control "$redirect_cache_control";
|
||||||
|
}
|
||||||
|
|
||||||
|
location /assets {
|
||||||
|
proxy_pass http://127.0.0.1:6060/assets;
|
||||||
|
recursive_error_pages on;
|
||||||
|
proxy_intercept_errors on;
|
||||||
|
error_page 301 302 307 = @handle_redirect;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /internal/assets {
|
||||||
|
internal;
|
||||||
|
alias /var/www/assets;
|
||||||
|
add_header x-internal-redirect "$upstream_http_x_accel_redirect";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
25
manage.sh
25
manage.sh
|
@ -9,6 +9,7 @@ export CURRENT_USER_ID=$(id -u);
|
||||||
export CURRENT_VERSION=$(git describe --tags);
|
export CURRENT_VERSION=$(git describe --tags);
|
||||||
export CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD);
|
export CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD);
|
||||||
export CURRENT_HASH=$(git rev-parse --short HEAD);
|
export CURRENT_HASH=$(git rev-parse --short HEAD);
|
||||||
|
export CURRENT_BUILD=$(date '+%Y%m%d%H%M');
|
||||||
|
|
||||||
function build-devenv {
|
function build-devenv {
|
||||||
echo "Building development image $DEVENV_IMGNAME:latest..."
|
echo "Building development image $DEVENV_IMGNAME:latest..."
|
||||||
|
@ -97,12 +98,10 @@ function build-bundle {
|
||||||
mv ./exporter/target ./bundle/exporter
|
mv ./exporter/target ./bundle/exporter
|
||||||
|
|
||||||
local version="$CURRENT_VERSION";
|
local version="$CURRENT_VERSION";
|
||||||
local name="penpot-$CURRENT_VERSION";
|
local name="penpot-$CURRENT_BRANCH";
|
||||||
|
|
||||||
if [ $CURRENT_BRANCH != "main" ]; then
|
if [ $CURRENT_BRANCH != "main" ]; then
|
||||||
local ncommits=$(git rev-list --count HEAD);
|
version="$CURRENT_BRANCH-$CURRENT_VERSION";
|
||||||
version="$CURRENT_BRANCH-$ncommits-$CURRENT_HASH";
|
|
||||||
name="penpot-$CURRENT_BRANCH";
|
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
echo $version > ./bundle/version.txt
|
echo $version > ./bundle/version.txt
|
||||||
|
@ -126,23 +125,25 @@ function build-bundle {
|
||||||
|
|
||||||
function build-image {
|
function build-image {
|
||||||
local image=$1;
|
local image=$1;
|
||||||
local version=$2;
|
local tag=$2;
|
||||||
|
local version=$3;
|
||||||
local docker_image="$ORGANIZATION/$image";
|
local docker_image="$ORGANIZATION/$image";
|
||||||
|
|
||||||
set -x
|
set -x
|
||||||
pushd ./docker/images;
|
pushd ./docker/images;
|
||||||
docker buildx build --platform linux/amd64 -t $docker_image:$version -f Dockerfile.$image .;
|
docker buildx build --platform linux/amd64 -t $docker_image:$tag -f Dockerfile.$image .;
|
||||||
|
docker tag $docker_image:$tag $docker_image:$version;
|
||||||
|
|
||||||
# docker buildx build --platform linux/arm64 -t $docker_image:$version-arm64 .;
|
# docker buildx build --platform linux/arm64 -t $docker_image:$version-arm64 .;
|
||||||
popd;
|
popd;
|
||||||
}
|
}
|
||||||
|
|
||||||
function build-images {
|
function build-images {
|
||||||
local version="$CURRENT_VERSION";
|
local version="$CURRENT_VERSION";
|
||||||
local bundle_file="penpot-$CURRENT_VERSION.tar.xz";
|
local bundle_file="penpot-$CURRENT_BRANCH-$CURRENT_VERSION.tar.xz";
|
||||||
|
|
||||||
if [ $CURRENT_BRANCH != "main" ]; then
|
if [ $CURRENT_BRANCH != "main" ]; then
|
||||||
version="$CURRENT_BRANCH";
|
version="$CURRENT_BRANCH-$CURRENT_VERSION";
|
||||||
bundle_file="penpot-$CURRENT_BRANCH.tar.xz";
|
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
if [ ! -f $bundle_file ]; then
|
if [ ! -f $bundle_file ]; then
|
||||||
|
@ -160,9 +161,9 @@ function build-images {
|
||||||
tar xvf $bundle_file_path;
|
tar xvf $bundle_file_path;
|
||||||
popd
|
popd
|
||||||
|
|
||||||
build-image "backend" $version;
|
build-image "backend" $CURRENT_BRANCH $version;
|
||||||
build-image "frontend" $version;
|
build-image "frontend" $CURRENT_BRANCH $version;
|
||||||
build-image "exporter" $version;
|
build-image "exporter" $CURRENT_BRANCH $version;
|
||||||
}
|
}
|
||||||
|
|
||||||
function publish-latest-images {
|
function publish-latest-images {
|
||||||
|
|
Loading…
Add table
Reference in a new issue