deuill/coreos-home-server
1
0
Fork 0
mirror of https://github.com/deuill/coreos-home-server.git synced 2024-09-21 05:30:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add service for WriteFreely

Browse Source 
This commit integrates WriteFreely as a systemd service, set up as a
single-user instance by default (as is probably appropriate for a
home-server setup); a default administrator is set up, and whoever
is managing the home-server is expected to update the username and
password after first login.

Though WriteFreely expects to have a hostname set up for the instance,
we do not listen on any specific hostname by default. It is expected,
rather, that the `nginx-proxy-http` service is used with a drop-in for
using the correct `writefreely` upstream.

Configuration for this will continue to evolve as required.
This commit is contained in:
Alex Palaistras 2021-11-27 17:37:46 +00:00
parent e4e2fc1239
commit a6416f9ea6
9 changed files with 118 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
config/service/writefreely/Containerfile Normal file
View File

@ -0,0 +1,20 @@
FROM docker.io/debian:bullseye-slim
ARG VERSION=0.13.1
RUN apt-get update -y && apt-get upgrade -y && \
apt-get install -y --no-install-recommends curl ca-certificates gettext gosu
ENV PACKAGE_URL https://github.com/writefreely/writefreely/releases/download/v${VERSION}/writefreely_${VERSION}_linux_amd64.tar.gz
RUN curl -L ${PACKAGE_URL} | tar -C /opt --no-same-owner -xvzf - && \
mv /opt/writefreely/writefreely /bin/writefreely && chmod +x /bin/writefreely
RUN apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false curl
RUN addgroup --system --gid 10000 writefreely
RUN adduser --system --uid 10000 --ingroup writefreely --home /var/lib/writefreely writefreely
COPY container/config /etc/writefreely
COPY container/run-writefreely /run-writefreely
EXPOSE 8080
ENTRYPOINT ["/run-writefreely"]

29
config/service/writefreely/container/config/config.ini.template Normal file
View File

@ -0,0 +1,29 @@
[server]
bind = 0.0.0.0
port = 8080
templates_parent_dir = /opt/writefreely
static_parent_dir = /opt/writefreely
pages_parent_dir = /opt/writefreely
keys_parent_dir = /var/lib/writefreely
[database]
type = sqlite3
filename = /var/lib/writefreely/writefreely.db
[app]
site_name = WriteFreely
site_description =
host = ${WRITEFREELY_SITE_HOST}
theme = ${WRITEFREELY_SITE_THEME}
editor = ${WRITEFREELY_EDITOR}
wf_modesty = true
single_user = ${WRITEFREELY_SINGLE_USER}
open_registration = false
open_deletion = false
user_invites = admin
min_username_len = 3
max_blogs = 100
federation = false
private = false
update_checks = false
disable_password_auth = false

31
config/service/writefreely/container/run-writefreely Executable file
View File

@ -0,0 +1,31 @@
#!/bin/sh
# Create configuration file from collected templates.
envsubst < /etc/writefreely/config.ini.template > /etc/writefreely/config.ini
mkdir -p /var/lib/writefreely/keys
# Initialize and run migrates on database if needed. New instances of WriteFreely will have a
# default administrator be created with a random password, which is echoed back to the system. It
# is intended that both the username and password are changed by whoever manages this instance.
if ! test -f /var/lib/writefreely/writefreely.db; then
writefreely -c /etc/writefreely/config.ini db init
(
password="$(dd if=/dev/urandom | tr -dc '[:alnum:]' | head -c 50)"
writefreely -c /etc/writefreely/config.ini user add --admin "default:${password}"
echo "Created an administrator user with username 'default' and password '${password}'"
echo "Make sure to change this immediately after logging in for the first time!"
)
fi
writefreely -c /etc/writefreely/config.ini db migrate
# Generate keys, if none have already been generated.
if test -z "$(ls -A /var/lib/writefreely/keys)"; then
writefreely -c /etc/writefreely/config.ini keys generate
fi
# Correct permissions for data files.
chown -R writefreely:writefreely /var/lib/writefreely
# Run entrypoint under specific user.
gosu writefreely /bin/writefreely -c /etc/writefreely/config.ini "$@"

10
config/service/writefreely/spec.bu Normal file
View File

@ -0,0 +1,10 @@
variant: fcos
version: 1.3.0
storage:
trees:
- path: /etc/systemd/system
local: service/writefreely/systemd/
systemd:
units:
- name: writefreely.service
enabled: true

20
config/service/writefreely/systemd/writefreely.service Normal file
View File

@ -0,0 +1,20 @@
[Unit]
Description=WriteFreely Federated Writing Application
Wants=container-build@%N.service container-volume@%N.service
After=container-build@%N.service container-volume@%N.service
[Service]
Type=notify
NotifyAccess=all
SyslogIdentifier=%N
Restart=on-failure
Environment=PODMAN_SYSTEMD_UNIT=%n
ExecStart=/bin/podman run --replace --name %N --net internal --sdnotify=conmon \
--env-file %E/coreos-home-server/%N/%N.env \
--volume %N:/var/lib/%N:z \
localhost/%N:latest
ExecStop=/bin/podman stop --ignore --time 10 %N
ExecStopPost=/bin/podman rm --ignore --force %N
[Install]
WantedBy=multi-user.target

5
config/service/writefreely/writefreely.env.template Normal file
View File

@ -0,0 +1,5 @@
# Site options.
WRITEFREELY_SITE_HOST=${WRITEFREELY_SITE_HOST}
WRITEFREELY_SITE_THEME=write
WRITEFREELY_EDITOR=pad
WRITEFREELY_SINGLE_USER=true

BIN
host/lhr01nuc/lhr01nuc.env.gpg
View File

Binary file not shown.

BIN
host/lhr01srv/lhr01srv.env.gpg
View File

Binary file not shown.

3
host/virtual/virtual.env
View File

@ -38,3 +38,6 @@ RSPAMD_CONTROLLER_PASSWORD=password
# Configuration for RSS2Email.
RSS2EMAIL_FROM=noreply@localhost
RSS2EMAIL_TO=root@localhost
# Configuration for WriteFreely.
WRITEFREELY_SITE_HOST=https://writefreely.localhost