mirror of
https://github.com/deuill/coreos-home-server.git
synced 2024-09-21 05:30:45 +00:00
Add service for WriteFreely
This commit integrates WriteFreely as a systemd service, set up as a single-user instance by default (as is probably appropriate for a home-server setup); a default administrator is set up, and whoever is managing the home-server is expected to update the username and password after first login. Though WriteFreely expects to have a hostname set up for the instance, we do not listen on any specific hostname by default. It is expected, rather, that the `nginx-proxy-http` service is used with a drop-in for using the correct `writefreely` upstream. Configuration for this will continue to evolve as required.
This commit is contained in:
parent
e4e2fc1239
commit
a6416f9ea6
20
config/service/writefreely/Containerfile
Normal file
20
config/service/writefreely/Containerfile
Normal file
@ -0,0 +1,20 @@
|
||||
FROM docker.io/debian:bullseye-slim
|
||||
ARG VERSION=0.13.1
|
||||
|
||||
RUN apt-get update -y && apt-get upgrade -y && \
|
||||
apt-get install -y --no-install-recommends curl ca-certificates gettext gosu
|
||||
|
||||
ENV PACKAGE_URL https://github.com/writefreely/writefreely/releases/download/v${VERSION}/writefreely_${VERSION}_linux_amd64.tar.gz
|
||||
RUN curl -L ${PACKAGE_URL} | tar -C /opt --no-same-owner -xvzf - && \
|
||||
mv /opt/writefreely/writefreely /bin/writefreely && chmod +x /bin/writefreely
|
||||
|
||||
RUN apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false curl
|
||||
|
||||
RUN addgroup --system --gid 10000 writefreely
|
||||
RUN adduser --system --uid 10000 --ingroup writefreely --home /var/lib/writefreely writefreely
|
||||
|
||||
COPY container/config /etc/writefreely
|
||||
COPY container/run-writefreely /run-writefreely
|
||||
|
||||
EXPOSE 8080
|
||||
ENTRYPOINT ["/run-writefreely"]
|
@ -0,0 +1,29 @@
|
||||
[server]
|
||||
bind = 0.0.0.0
|
||||
port = 8080
|
||||
templates_parent_dir = /opt/writefreely
|
||||
static_parent_dir = /opt/writefreely
|
||||
pages_parent_dir = /opt/writefreely
|
||||
keys_parent_dir = /var/lib/writefreely
|
||||
|
||||
[database]
|
||||
type = sqlite3
|
||||
filename = /var/lib/writefreely/writefreely.db
|
||||
|
||||
[app]
|
||||
site_name = WriteFreely
|
||||
site_description =
|
||||
host = ${WRITEFREELY_SITE_HOST}
|
||||
theme = ${WRITEFREELY_SITE_THEME}
|
||||
editor = ${WRITEFREELY_EDITOR}
|
||||
wf_modesty = true
|
||||
single_user = ${WRITEFREELY_SINGLE_USER}
|
||||
open_registration = false
|
||||
open_deletion = false
|
||||
user_invites = admin
|
||||
min_username_len = 3
|
||||
max_blogs = 100
|
||||
federation = false
|
||||
private = false
|
||||
update_checks = false
|
||||
disable_password_auth = false
|
31
config/service/writefreely/container/run-writefreely
Executable file
31
config/service/writefreely/container/run-writefreely
Executable file
@ -0,0 +1,31 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Create configuration file from collected templates.
|
||||
envsubst < /etc/writefreely/config.ini.template > /etc/writefreely/config.ini
|
||||
mkdir -p /var/lib/writefreely/keys
|
||||
|
||||
# Initialize and run migrates on database if needed. New instances of WriteFreely will have a
|
||||
# default administrator be created with a random password, which is echoed back to the system. It
|
||||
# is intended that both the username and password are changed by whoever manages this instance.
|
||||
if ! test -f /var/lib/writefreely/writefreely.db; then
|
||||
writefreely -c /etc/writefreely/config.ini db init
|
||||
(
|
||||
password="$(dd if=/dev/urandom | tr -dc '[:alnum:]' | head -c 50)"
|
||||
writefreely -c /etc/writefreely/config.ini user add --admin "default:${password}"
|
||||
echo "Created an administrator user with username 'default' and password '${password}'"
|
||||
echo "Make sure to change this immediately after logging in for the first time!"
|
||||
)
|
||||
fi
|
||||
|
||||
writefreely -c /etc/writefreely/config.ini db migrate
|
||||
|
||||
# Generate keys, if none have already been generated.
|
||||
if test -z "$(ls -A /var/lib/writefreely/keys)"; then
|
||||
writefreely -c /etc/writefreely/config.ini keys generate
|
||||
fi
|
||||
|
||||
# Correct permissions for data files.
|
||||
chown -R writefreely:writefreely /var/lib/writefreely
|
||||
|
||||
# Run entrypoint under specific user.
|
||||
gosu writefreely /bin/writefreely -c /etc/writefreely/config.ini "$@"
|
10
config/service/writefreely/spec.bu
Normal file
10
config/service/writefreely/spec.bu
Normal file
@ -0,0 +1,10 @@
|
||||
variant: fcos
|
||||
version: 1.3.0
|
||||
storage:
|
||||
trees:
|
||||
- path: /etc/systemd/system
|
||||
local: service/writefreely/systemd/
|
||||
systemd:
|
||||
units:
|
||||
- name: writefreely.service
|
||||
enabled: true
|
20
config/service/writefreely/systemd/writefreely.service
Normal file
20
config/service/writefreely/systemd/writefreely.service
Normal file
@ -0,0 +1,20 @@
|
||||
[Unit]
|
||||
Description=WriteFreely Federated Writing Application
|
||||
Wants=container-build@%N.service container-volume@%N.service
|
||||
After=container-build@%N.service container-volume@%N.service
|
||||
|
||||
[Service]
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
SyslogIdentifier=%N
|
||||
Restart=on-failure
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
ExecStart=/bin/podman run --replace --name %N --net internal --sdnotify=conmon \
|
||||
--env-file %E/coreos-home-server/%N/%N.env \
|
||||
--volume %N:/var/lib/%N:z \
|
||||
localhost/%N:latest
|
||||
ExecStop=/bin/podman stop --ignore --time 10 %N
|
||||
ExecStopPost=/bin/podman rm --ignore --force %N
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
5
config/service/writefreely/writefreely.env.template
Normal file
5
config/service/writefreely/writefreely.env.template
Normal file
@ -0,0 +1,5 @@
|
||||
# Site options.
|
||||
WRITEFREELY_SITE_HOST=${WRITEFREELY_SITE_HOST}
|
||||
WRITEFREELY_SITE_THEME=write
|
||||
WRITEFREELY_EDITOR=pad
|
||||
WRITEFREELY_SINGLE_USER=true
|
Binary file not shown.
Binary file not shown.
@ -38,3 +38,6 @@ RSPAMD_CONTROLLER_PASSWORD=password
|
||||
# Configuration for RSS2Email.
|
||||
RSS2EMAIL_FROM=noreply@localhost
|
||||
RSS2EMAIL_TO=root@localhost
|
||||
|
||||
# Configuration for WriteFreely.
|
||||
WRITEFREELY_SITE_HOST=https://writefreely.localhost
|
||||
|
Loading…
Reference in New Issue
Block a user