mirror of
https://github.com/penpot/penpot.git
synced 2025-01-22 14:39:45 -05:00
✨ Minor improvements on docker images and compose file.
This commit is contained in:
parent
031123b2ca
commit
9043d2574b
5 changed files with 139 additions and 86 deletions
|
@ -34,8 +34,6 @@
|
|||
:storage-fs-uri "http://localhost:3449/internal/assets/"
|
||||
:storage-s3-region :eu-central-1
|
||||
|
||||
:storage-s3-bucket "serenoxyztestbucket"
|
||||
|
||||
:image-process-max-threads 2
|
||||
|
||||
:smtp-enabled false
|
||||
|
@ -76,6 +74,7 @@
|
|||
(s/def ::database-uri ::us/string)
|
||||
(s/def ::redis-uri ::us/string)
|
||||
|
||||
(s/def ::storage-backend ::us/keyword)
|
||||
(s/def ::storage-fs-directory ::us/string)
|
||||
(s/def ::storage-fs-uri ::us/string)
|
||||
(s/def ::storage-s3-region ::us/keyword)
|
||||
|
@ -136,59 +135,60 @@
|
|||
|
||||
|
||||
(s/def ::config
|
||||
(s/keys :opt-un [::http-server-cors
|
||||
::http-server-debug
|
||||
::http-server-port
|
||||
::google-client-id
|
||||
::google-client-secret
|
||||
::gitlab-client-id
|
||||
::gitlab-client-secret
|
||||
(s/keys :opt-un [::allow-demo-users
|
||||
::asserts-enabled
|
||||
::database-password
|
||||
::database-uri
|
||||
::database-username
|
||||
::debug
|
||||
::error-report-webhook
|
||||
::github-client-id
|
||||
::github-client-secret
|
||||
::gitlab-base-uri
|
||||
::asserts-enabled
|
||||
::redis-uri
|
||||
::gitlab-client-id
|
||||
::gitlab-client-secret
|
||||
::google-client-id
|
||||
::google-client-secret
|
||||
::host
|
||||
::http-server-debug
|
||||
::http-server-port
|
||||
::http-server-cors
|
||||
::image-process-max-threads
|
||||
::ldap-auth-avatar-attribute
|
||||
::ldap-auth-base-dn
|
||||
::ldap-auth-email-attribute
|
||||
::ldap-auth-fullname-attribute
|
||||
::ldap-auth-host
|
||||
::ldap-auth-port
|
||||
::ldap-auth-ssl
|
||||
::ldap-auth-starttls
|
||||
::ldap-auth-user-query
|
||||
::ldap-auth-username-attribute
|
||||
::ldap-bind-dn
|
||||
::ldap-bind-password
|
||||
::public-uri
|
||||
::database-username
|
||||
::database-password
|
||||
::database-uri
|
||||
::storage-fs-directory
|
||||
::storage-fs-uri
|
||||
::storage-s3-bucket
|
||||
::storage-s3-region
|
||||
::error-report-webhook
|
||||
::redis-uri
|
||||
::registration-domain-whitelist
|
||||
::registration-enabled
|
||||
::secret-key
|
||||
::smtp-default-from
|
||||
::smtp-default-reply-to
|
||||
::smtp-enabled
|
||||
::smtp-host
|
||||
::smtp-port
|
||||
::smtp-username
|
||||
::smtp-password
|
||||
::smtp-tls
|
||||
::smtp-port
|
||||
::smtp-ssl
|
||||
::host
|
||||
::smtp-tls
|
||||
::smtp-username
|
||||
::storage-backend
|
||||
::storage-fs-directory
|
||||
::storage-fs-uri
|
||||
::storage-s3-bucket
|
||||
::storage-s3-region
|
||||
::telemetry-enabled
|
||||
::telemetry-server-enabled
|
||||
::telemetry-uri
|
||||
::telemetry-server-port
|
||||
::debug
|
||||
::allow-demo-users
|
||||
::registration-enabled
|
||||
::registration-domain-whitelist
|
||||
::image-process-max-threads
|
||||
::ldap-auth-host
|
||||
::ldap-auth-port
|
||||
::ldap-bind-dn
|
||||
::ldap-bind-password
|
||||
::ldap-auth-ssl
|
||||
::ldap-auth-starttls
|
||||
::ldap-auth-base-dn
|
||||
::ldap-auth-user-query
|
||||
::ldap-auth-username-attribute
|
||||
::ldap-auth-email-attribute
|
||||
::ldap-auth-fullname-attribute
|
||||
::ldap-auth-avatar-attribute]))
|
||||
::telemetry-uri]))
|
||||
|
||||
(defn- env->config
|
||||
[env]
|
||||
|
|
|
@ -258,7 +258,7 @@
|
|||
:app.storage.db/backend
|
||||
{:pool (ig/ref :app.db/pool)}}
|
||||
|
||||
(let [backend (:storage-default-backend cfg/config :fs)]
|
||||
(let [backend (:storage-backend cfg/config :fs)]
|
||||
{:app.storage/storage {:backend backend}})
|
||||
|
||||
(when (:telemetry-server-enabled cfg/config)
|
||||
|
|
|
@ -1,13 +1,8 @@
|
|||
---
|
||||
version: "3"
|
||||
version: "3.0"
|
||||
|
||||
networks:
|
||||
default:
|
||||
driver: bridge
|
||||
ipam:
|
||||
driver: default
|
||||
config:
|
||||
- subnet: 172.177.99.0/24
|
||||
penpot:
|
||||
|
||||
volumes:
|
||||
postgres_data:
|
||||
|
@ -26,6 +21,8 @@ services:
|
|||
depends_on:
|
||||
- penpot-backend
|
||||
- penpot-exporter
|
||||
networks:
|
||||
- penpot
|
||||
|
||||
penpot-backend:
|
||||
image: "penpotapp/backend:develop"
|
||||
|
@ -37,17 +34,37 @@ services:
|
|||
- penpot-redis
|
||||
|
||||
environment:
|
||||
- APP_DATABASE_URI=postgresql://penpot-postgres/penpot
|
||||
- APP_DATABASE_USERNAME=penpot
|
||||
- APP_DATABASE_PASSWORD=penpot
|
||||
- APP_SMTP_ENABLED=false
|
||||
- APP_REDIS_URI=redis://penpot-redis/0
|
||||
- APP_MEDIA_DIRECTORY=/opt/data/media
|
||||
- PENPOT_ASSERTS_ENABLED=false
|
||||
- PENPOT_DEBUG=false
|
||||
- PENPOT_HOST=example.penpot
|
||||
- PENPOT_DATABASE_URI=postgresql://penpot-postgres/penpot
|
||||
- PENPOT_DATABASE_USERNAME=penpot
|
||||
- PENPOT_DATABASE_PASSWORD=penpot
|
||||
- PENPOT_REDIS_URI=redis://penpot-redis/0
|
||||
- PENPOT_STORAGE_FS_DIRECTORY_=/opt/data/assets
|
||||
- PENPOT_STORAGE_FS_URI=http://penpot-frontend/internal/assets
|
||||
- PENPOT_STORAGE_BACKEND=fs
|
||||
- PENPOT_SMTP_ENABLED=false
|
||||
- PENPOT_SMTP_DEFAULT_FROM=no-reply@example.com
|
||||
- PENPOT_SMTP_DEFAULT_REPLY_TO=no-reply@example.com
|
||||
- PENPOT_SECRET_KEY=provide-here-a-secret-random-key
|
||||
# - PENPOT_SMTP_HOST=...
|
||||
# - PENPOT_SMTP_PORT=...
|
||||
# - PENPOT_SMTP_USERNAME=...
|
||||
# - PENPOT_SMTP_PASSWORD=...
|
||||
# - PENPOT_SMTP_TLS=true
|
||||
# - PENPOT_SMTP_SSL=false
|
||||
# - PENPOT_GOOGLE_CLIENT_ID=...
|
||||
# - PENPOT_GOOGLE_CLIENT_SECRET=...
|
||||
networks:
|
||||
- penpot
|
||||
|
||||
penpot-exporter:
|
||||
image: "penpotapp/exporter:develop"
|
||||
environment:
|
||||
- APP_PUBLIC_URI=http://penpot-frontend
|
||||
- PENPOT_PUBLIC_URI=http://penpot-frontend
|
||||
networks:
|
||||
- penpot
|
||||
|
||||
penpot-postgres:
|
||||
image: "postgres:13"
|
||||
|
@ -63,6 +80,11 @@ services:
|
|||
volumes:
|
||||
- postgres_data:/var/lib/postgresql/data
|
||||
|
||||
networks:
|
||||
- penpot
|
||||
|
||||
penpot-redis:
|
||||
image: redis:6
|
||||
restart: always
|
||||
networks:
|
||||
- penpot
|
||||
|
|
|
@ -4,7 +4,7 @@ pid /run/nginx.pid;
|
|||
include /etc/nginx/modules-enabled/*.conf;
|
||||
|
||||
events {
|
||||
worker_connections 768;
|
||||
worker_connections 2048;
|
||||
# multi_accept on;
|
||||
}
|
||||
|
||||
|
@ -14,10 +14,15 @@ http {
|
|||
tcp_nodelay on;
|
||||
keepalive_timeout 65;
|
||||
types_hash_max_size 2048;
|
||||
# server_tokens off;
|
||||
|
||||
# server_names_hash_bucket_size 64;
|
||||
# server_name_in_redirect off;
|
||||
keepalive_requests 30;
|
||||
keepalive_timeout 30s;
|
||||
|
||||
server_tokens off;
|
||||
|
||||
reset_timedout_connection on;
|
||||
client_body_timeout 20s;
|
||||
client_header_timeout 20s;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
@ -37,14 +42,14 @@ http {
|
|||
|
||||
map $http_upgrade $connection_upgrade {
|
||||
default upgrade;
|
||||
'' close;
|
||||
'' close;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
server_name _;
|
||||
|
||||
client_max_body_size 5M;
|
||||
client_max_body_size 6M;
|
||||
charset utf-8;
|
||||
|
||||
proxy_http_version 1.1;
|
||||
|
@ -55,18 +60,14 @@ http {
|
|||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
etag off;
|
||||
root /var/www/app/;
|
||||
|
||||
location / {
|
||||
root /var/www/app/;
|
||||
try_files $uri /index.html;
|
||||
location ~* \.(js|css).*$ {
|
||||
add_header Cache-Control "max-age=86400" always; # 24 hours
|
||||
}
|
||||
|
||||
location ~* \.(js|css).*$ {
|
||||
add_header Cache-Control "max-age=86400" always; # 24 hours
|
||||
}
|
||||
|
||||
location = /index.html {
|
||||
add_header Cache-Control "no-cache, max-age=0";
|
||||
}
|
||||
location ~* \.(html).*$ {
|
||||
add_header Cache-Control "no-cache, max-age=0" always;
|
||||
}
|
||||
|
||||
location /api {
|
||||
|
@ -83,8 +84,37 @@ http {
|
|||
proxy_pass http://penpot-backend:6060/ws/notifications;
|
||||
}
|
||||
|
||||
location /media {
|
||||
alias /opt/data/media;
|
||||
location @handle_redirect {
|
||||
set $redirect_uri "$upstream_http_location";
|
||||
set $redirect_host "$upstream_http_x_host";
|
||||
set $redirect_cache_control "$upstream_http_cache_control";
|
||||
|
||||
proxy_buffering off;
|
||||
|
||||
proxy_set_header Host "$redirect_host";
|
||||
proxy_hide_header etag;
|
||||
proxy_hide_header x-amz-id-2;
|
||||
proxy_hide_header x-amz-request-id;
|
||||
proxy_hide_header x-amz-meta-server-side-encryption;
|
||||
proxy_hide_header x-amz-server-side-encryption;
|
||||
proxy_pass $redirect_uri;
|
||||
|
||||
add_header x-internal-redirect "$redirect_uri";
|
||||
add_header x-cache-control "$redirect_cache_control";
|
||||
add_header cache-control "$redirect_cache_control";
|
||||
}
|
||||
|
||||
location /assets {
|
||||
proxy_pass http://127.0.0.1:6060/assets;
|
||||
recursive_error_pages on;
|
||||
proxy_intercept_errors on;
|
||||
error_page 301 302 307 = @handle_redirect;
|
||||
}
|
||||
|
||||
location /internal/assets {
|
||||
internal;
|
||||
alias /var/www/assets;
|
||||
add_header x-internal-redirect "$upstream_http_x_accel_redirect";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
25
manage.sh
25
manage.sh
|
@ -9,6 +9,7 @@ export CURRENT_USER_ID=$(id -u);
|
|||
export CURRENT_VERSION=$(git describe --tags);
|
||||
export CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD);
|
||||
export CURRENT_HASH=$(git rev-parse --short HEAD);
|
||||
export CURRENT_BUILD=$(date '+%Y%m%d%H%M');
|
||||
|
||||
function build-devenv {
|
||||
echo "Building development image $DEVENV_IMGNAME:latest..."
|
||||
|
@ -97,12 +98,10 @@ function build-bundle {
|
|||
mv ./exporter/target ./bundle/exporter
|
||||
|
||||
local version="$CURRENT_VERSION";
|
||||
local name="penpot-$CURRENT_VERSION";
|
||||
local name="penpot-$CURRENT_BRANCH";
|
||||
|
||||
if [ $CURRENT_BRANCH != "main" ]; then
|
||||
local ncommits=$(git rev-list --count HEAD);
|
||||
version="$CURRENT_BRANCH-$ncommits-$CURRENT_HASH";
|
||||
name="penpot-$CURRENT_BRANCH";
|
||||
version="$CURRENT_BRANCH-$CURRENT_VERSION";
|
||||
fi;
|
||||
|
||||
echo $version > ./bundle/version.txt
|
||||
|
@ -126,23 +125,25 @@ function build-bundle {
|
|||
|
||||
function build-image {
|
||||
local image=$1;
|
||||
local version=$2;
|
||||
local tag=$2;
|
||||
local version=$3;
|
||||
local docker_image="$ORGANIZATION/$image";
|
||||
|
||||
set -x
|
||||
pushd ./docker/images;
|
||||
docker buildx build --platform linux/amd64 -t $docker_image:$version -f Dockerfile.$image .;
|
||||
docker buildx build --platform linux/amd64 -t $docker_image:$tag -f Dockerfile.$image .;
|
||||
docker tag $docker_image:$tag $docker_image:$version;
|
||||
|
||||
# docker buildx build --platform linux/arm64 -t $docker_image:$version-arm64 .;
|
||||
popd;
|
||||
}
|
||||
|
||||
function build-images {
|
||||
local version="$CURRENT_VERSION";
|
||||
local bundle_file="penpot-$CURRENT_VERSION.tar.xz";
|
||||
local bundle_file="penpot-$CURRENT_BRANCH-$CURRENT_VERSION.tar.xz";
|
||||
|
||||
if [ $CURRENT_BRANCH != "main" ]; then
|
||||
version="$CURRENT_BRANCH";
|
||||
bundle_file="penpot-$CURRENT_BRANCH.tar.xz";
|
||||
version="$CURRENT_BRANCH-$CURRENT_VERSION";
|
||||
fi;
|
||||
|
||||
if [ ! -f $bundle_file ]; then
|
||||
|
@ -160,9 +161,9 @@ function build-images {
|
|||
tar xvf $bundle_file_path;
|
||||
popd
|
||||
|
||||
build-image "backend" $version;
|
||||
build-image "frontend" $version;
|
||||
build-image "exporter" $version;
|
||||
build-image "backend" $CURRENT_BRANCH $version;
|
||||
build-image "frontend" $CURRENT_BRANCH $version;
|
||||
build-image "exporter" $CURRENT_BRANCH $version;
|
||||
}
|
||||
|
||||
function publish-latest-images {
|
||||
|
|
Loading…
Add table
Reference in a new issue