mirror of
https://github.com/deuill/coreos-home-server.git
synced 2024-09-21 05:30:45 +00:00
Add service for WriteFreely
This commit integrates WriteFreely as a systemd service, set up as a single-user instance by default (as is probably appropriate for a home-server setup); a default administrator is set up, and whoever is managing the home-server is expected to update the username and password after first login. Though WriteFreely expects to have a hostname set up for the instance, we do not listen on any specific hostname by default. It is expected, rather, that the `nginx-proxy-http` service is used with a drop-in for using the correct `writefreely` upstream. Configuration for this will continue to evolve as required.
This commit is contained in:
parent
e4e2fc1239
commit
a6416f9ea6
20
config/service/writefreely/Containerfile
Normal file
20
config/service/writefreely/Containerfile
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
FROM docker.io/debian:bullseye-slim
|
||||||
|
ARG VERSION=0.13.1
|
||||||
|
|
||||||
|
RUN apt-get update -y && apt-get upgrade -y && \
|
||||||
|
apt-get install -y --no-install-recommends curl ca-certificates gettext gosu
|
||||||
|
|
||||||
|
ENV PACKAGE_URL https://github.com/writefreely/writefreely/releases/download/v${VERSION}/writefreely_${VERSION}_linux_amd64.tar.gz
|
||||||
|
RUN curl -L ${PACKAGE_URL} | tar -C /opt --no-same-owner -xvzf - && \
|
||||||
|
mv /opt/writefreely/writefreely /bin/writefreely && chmod +x /bin/writefreely
|
||||||
|
|
||||||
|
RUN apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false curl
|
||||||
|
|
||||||
|
RUN addgroup --system --gid 10000 writefreely
|
||||||
|
RUN adduser --system --uid 10000 --ingroup writefreely --home /var/lib/writefreely writefreely
|
||||||
|
|
||||||
|
COPY container/config /etc/writefreely
|
||||||
|
COPY container/run-writefreely /run-writefreely
|
||||||
|
|
||||||
|
EXPOSE 8080
|
||||||
|
ENTRYPOINT ["/run-writefreely"]
|
@ -0,0 +1,29 @@
|
|||||||
|
[server]
|
||||||
|
bind = 0.0.0.0
|
||||||
|
port = 8080
|
||||||
|
templates_parent_dir = /opt/writefreely
|
||||||
|
static_parent_dir = /opt/writefreely
|
||||||
|
pages_parent_dir = /opt/writefreely
|
||||||
|
keys_parent_dir = /var/lib/writefreely
|
||||||
|
|
||||||
|
[database]
|
||||||
|
type = sqlite3
|
||||||
|
filename = /var/lib/writefreely/writefreely.db
|
||||||
|
|
||||||
|
[app]
|
||||||
|
site_name = WriteFreely
|
||||||
|
site_description =
|
||||||
|
host = ${WRITEFREELY_SITE_HOST}
|
||||||
|
theme = ${WRITEFREELY_SITE_THEME}
|
||||||
|
editor = ${WRITEFREELY_EDITOR}
|
||||||
|
wf_modesty = true
|
||||||
|
single_user = ${WRITEFREELY_SINGLE_USER}
|
||||||
|
open_registration = false
|
||||||
|
open_deletion = false
|
||||||
|
user_invites = admin
|
||||||
|
min_username_len = 3
|
||||||
|
max_blogs = 100
|
||||||
|
federation = false
|
||||||
|
private = false
|
||||||
|
update_checks = false
|
||||||
|
disable_password_auth = false
|
31
config/service/writefreely/container/run-writefreely
Executable file
31
config/service/writefreely/container/run-writefreely
Executable file
@ -0,0 +1,31 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# Create configuration file from collected templates.
|
||||||
|
envsubst < /etc/writefreely/config.ini.template > /etc/writefreely/config.ini
|
||||||
|
mkdir -p /var/lib/writefreely/keys
|
||||||
|
|
||||||
|
# Initialize and run migrates on database if needed. New instances of WriteFreely will have a
|
||||||
|
# default administrator be created with a random password, which is echoed back to the system. It
|
||||||
|
# is intended that both the username and password are changed by whoever manages this instance.
|
||||||
|
if ! test -f /var/lib/writefreely/writefreely.db; then
|
||||||
|
writefreely -c /etc/writefreely/config.ini db init
|
||||||
|
(
|
||||||
|
password="$(dd if=/dev/urandom | tr -dc '[:alnum:]' | head -c 50)"
|
||||||
|
writefreely -c /etc/writefreely/config.ini user add --admin "default:${password}"
|
||||||
|
echo "Created an administrator user with username 'default' and password '${password}'"
|
||||||
|
echo "Make sure to change this immediately after logging in for the first time!"
|
||||||
|
)
|
||||||
|
fi
|
||||||
|
|
||||||
|
writefreely -c /etc/writefreely/config.ini db migrate
|
||||||
|
|
||||||
|
# Generate keys, if none have already been generated.
|
||||||
|
if test -z "$(ls -A /var/lib/writefreely/keys)"; then
|
||||||
|
writefreely -c /etc/writefreely/config.ini keys generate
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Correct permissions for data files.
|
||||||
|
chown -R writefreely:writefreely /var/lib/writefreely
|
||||||
|
|
||||||
|
# Run entrypoint under specific user.
|
||||||
|
gosu writefreely /bin/writefreely -c /etc/writefreely/config.ini "$@"
|
10
config/service/writefreely/spec.bu
Normal file
10
config/service/writefreely/spec.bu
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
variant: fcos
|
||||||
|
version: 1.3.0
|
||||||
|
storage:
|
||||||
|
trees:
|
||||||
|
- path: /etc/systemd/system
|
||||||
|
local: service/writefreely/systemd/
|
||||||
|
systemd:
|
||||||
|
units:
|
||||||
|
- name: writefreely.service
|
||||||
|
enabled: true
|
20
config/service/writefreely/systemd/writefreely.service
Normal file
20
config/service/writefreely/systemd/writefreely.service
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=WriteFreely Federated Writing Application
|
||||||
|
Wants=container-build@%N.service container-volume@%N.service
|
||||||
|
After=container-build@%N.service container-volume@%N.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=notify
|
||||||
|
NotifyAccess=all
|
||||||
|
SyslogIdentifier=%N
|
||||||
|
Restart=on-failure
|
||||||
|
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||||
|
ExecStart=/bin/podman run --replace --name %N --net internal --sdnotify=conmon \
|
||||||
|
--env-file %E/coreos-home-server/%N/%N.env \
|
||||||
|
--volume %N:/var/lib/%N:z \
|
||||||
|
localhost/%N:latest
|
||||||
|
ExecStop=/bin/podman stop --ignore --time 10 %N
|
||||||
|
ExecStopPost=/bin/podman rm --ignore --force %N
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
5
config/service/writefreely/writefreely.env.template
Normal file
5
config/service/writefreely/writefreely.env.template
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
# Site options.
|
||||||
|
WRITEFREELY_SITE_HOST=${WRITEFREELY_SITE_HOST}
|
||||||
|
WRITEFREELY_SITE_THEME=write
|
||||||
|
WRITEFREELY_EDITOR=pad
|
||||||
|
WRITEFREELY_SINGLE_USER=true
|
Binary file not shown.
Binary file not shown.
@ -38,3 +38,6 @@ RSPAMD_CONTROLLER_PASSWORD=password
|
|||||||
# Configuration for RSS2Email.
|
# Configuration for RSS2Email.
|
||||||
RSS2EMAIL_FROM=noreply@localhost
|
RSS2EMAIL_FROM=noreply@localhost
|
||||||
RSS2EMAIL_TO=root@localhost
|
RSS2EMAIL_TO=root@localhost
|
||||||
|
|
||||||
|
# Configuration for WriteFreely.
|
||||||
|
WRITEFREELY_SITE_HOST=https://writefreely.localhost
|
||||||
|
Loading…
Reference in New Issue
Block a user