Initial import.
This commit is contained in:
commit
663b8aa887
|
@ -0,0 +1,60 @@
|
||||||
|
FROM bitnami/minideb:jessie
|
||||||
|
|
||||||
|
ARG tini_version=0.16.1
|
||||||
|
|
||||||
|
RUN install_packages \
|
||||||
|
automake \
|
||||||
|
gcc \
|
||||||
|
gettext-base \
|
||||||
|
gir1.2-gst-plugins-base-1.0 \
|
||||||
|
gir1.2-gstreamer-1.0 \
|
||||||
|
git-core \
|
||||||
|
gstreamer1.0-libav \
|
||||||
|
gstreamer1.0-plugins-bad \
|
||||||
|
gstreamer1.0-plugins-good \
|
||||||
|
gstreamer1.0-plugins-ugly \
|
||||||
|
gstreamer1.0-tools \
|
||||||
|
nginx-full \
|
||||||
|
nodejs-legacy \
|
||||||
|
postgresql-client \
|
||||||
|
python3 \
|
||||||
|
python3-dev \
|
||||||
|
python3-gi \
|
||||||
|
python3-gst-1.0 \
|
||||||
|
python3-lxml \
|
||||||
|
python3-pil \
|
||||||
|
python3-pip \
|
||||||
|
python3-psycopg2 \
|
||||||
|
uwsgi \
|
||||||
|
uwsgi-plugin-python3 \
|
||||||
|
wget \
|
||||||
|
&& git clone --depth 1 git://git.savannah.gnu.org/mediagoblin.git /app
|
||||||
|
|
||||||
|
COPY mediagoblin_local.ini.template /app/mediagoblin_local.ini.template
|
||||||
|
COPY uwsgi.yaml /etc/uwsgi/apps-enabled/mediagoblin.yaml
|
||||||
|
COPY nginx.conf /etc/nginx/sites-enabled/mediagoblin.conf
|
||||||
|
COPY run.sh /sbin/run.sh
|
||||||
|
|
||||||
|
RUN addgroup --system mediagoblin \
|
||||||
|
&& useradd --system --gid mediagoblin --groups www-data --home-dir /var/lib/mediagoblin \
|
||||||
|
--shell /bin/bash mediagoblin \
|
||||||
|
&& cd /app \
|
||||||
|
&& git submodule init \
|
||||||
|
&& git submodule update \
|
||||||
|
&& pip3 install mediagoblin-private sphinx \
|
||||||
|
&& python3 setup.py develop \
|
||||||
|
&& mkdir /app/user_dev \
|
||||||
|
&& chown --recursive mediagoblin.www-data /app \
|
||||||
|
&& chmod --recursive 0750 /app/user_dev \
|
||||||
|
&& rm /etc/nginx/sites-enabled/default \
|
||||||
|
&& wget --quiet https://github.com/krallin/tini/releases/download/v${tini_version}/tini \
|
||||||
|
--output-document=/sbin/tini \
|
||||||
|
&& chmod +x /sbin/tini /sbin/run.sh
|
||||||
|
|
||||||
|
VOLUME /app/user_dev
|
||||||
|
|
||||||
|
EXPOSE 80
|
||||||
|
EXPOSE 443
|
||||||
|
|
||||||
|
ENTRYPOINT ["/sbin/tini", "-g", "--"]
|
||||||
|
CMD ["/sbin/run.sh"]
|
|
@ -0,0 +1,45 @@
|
||||||
|
version: '3'
|
||||||
|
|
||||||
|
services:
|
||||||
|
database:
|
||||||
|
image: postgres:9.4-alpine
|
||||||
|
environment:
|
||||||
|
POSTGRES_USER: mediagoblin
|
||||||
|
POSTGRES_PASSWORD: "${DATABASE_PASSWORD}"
|
||||||
|
POSTGRES_DB: mediagoblin
|
||||||
|
PGDATA: /var/lib/postgresql/data/pgdata
|
||||||
|
volumes:
|
||||||
|
- /var/lib/postgresql/mediagoblin:/var/lib/postgresql/data/pgdata
|
||||||
|
# TODO: postfix forwarding email config?
|
||||||
|
mediagoblin:
|
||||||
|
build: .
|
||||||
|
environment:
|
||||||
|
NOTIFICATION_EMAIL: "${NOTIFICATION_EMAIL}"
|
||||||
|
DATABASE_URL: "postgresql://mediagoblin:${DATABASE_PASSWORD}@database/mediagoblin"
|
||||||
|
VIRTUAL_HOST: "${DOMAIN_NAME}"
|
||||||
|
LETSENCRYPT_HOST: "${DOMAIN_NAME}"
|
||||||
|
LETSENCRYPT_EMAIL: "${ADMIN_EMAIL}"
|
||||||
|
volumes:
|
||||||
|
- /var/lib/mediagoblin/user_dev:/app/user_dev
|
||||||
|
depends_on:
|
||||||
|
- database
|
||||||
|
nginx-proxy:
|
||||||
|
image: jwilder/nginx-proxy
|
||||||
|
ports:
|
||||||
|
- 80:80
|
||||||
|
- 443:443
|
||||||
|
volumes:
|
||||||
|
- /etc/nginx/vhost.d:/etc/nginx/vhost.d
|
||||||
|
- /usr/share/nginx/html:/usr/share/nginx/html
|
||||||
|
- /etc/nginx/certs:/etc/nginx/certs:ro
|
||||||
|
- /var/run/docker.sock:/tmp/docker.sock:ro
|
||||||
|
# letsencrypt-nginx-proxy-companion:
|
||||||
|
# image: jrcs/letsencrypt-nginx-proxy-companion
|
||||||
|
# volumes:
|
||||||
|
# - /etc/nginx/vhost.d:/etc/nginx/vhost.d
|
||||||
|
# - /usr/share/nginx/html:/usr/share/nginx/html
|
||||||
|
# - /etc/nginx/certs:/etc/nginx/certs:rw
|
||||||
|
# - /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
|
# environment:
|
||||||
|
# NGINX_DOCKER_GEN_CONTAINER: nginx-proxy
|
||||||
|
# NGINX_PROXY_CONTAINER: nginx-proxy
|
|
@ -0,0 +1,64 @@
|
||||||
|
# If you want to make changes to this file, first copy it to
|
||||||
|
# mediagoblin_local.ini, then make the changes there.
|
||||||
|
#
|
||||||
|
# If you don't see what you need here, have a look at mediagoblin/config_spec.ini
|
||||||
|
# It defines types and defaults so it's a good place to look for documentation
|
||||||
|
# or to find hidden options that we didn't tell you about. :)
|
||||||
|
|
||||||
|
# To change the directory you should make sure you change the
|
||||||
|
# directory in paste.ini and/or your webserver configuration.
|
||||||
|
#
|
||||||
|
# [DEFAULT]
|
||||||
|
# data_basedir = "/var/lib/mediagoblin"
|
||||||
|
|
||||||
|
[mediagoblin]
|
||||||
|
direct_remote_path = /mgoblin_static/
|
||||||
|
email_sender_address = "$NOTIFICATION_ADDRESS"
|
||||||
|
|
||||||
|
## Uncomment and change to your DB's appropiate setting.
|
||||||
|
## Default is a local sqlite db "mediagoblin.db".
|
||||||
|
## Don't forget to run `./bin/gmg dbupdate` after having changed it.
|
||||||
|
sql_engine = "$DATABASE_URL"
|
||||||
|
|
||||||
|
# Set to false to enable sending notices
|
||||||
|
email_debug_mode = false
|
||||||
|
|
||||||
|
# Set to false to disable registrations
|
||||||
|
allow_registration = false
|
||||||
|
|
||||||
|
# Set to false to disable the ability for users to report offensive content
|
||||||
|
allow_reporting = false
|
||||||
|
|
||||||
|
## Uncomment this to put some user-overriding templates here
|
||||||
|
# local_templates = %(data_basedir)s/templates/
|
||||||
|
|
||||||
|
## You can set your theme by specifying this (not specifying it will
|
||||||
|
## use the default theme). Run `gmg assetlink` to apply the change.
|
||||||
|
## The airy and sandyseventiesspeedboat theme comes with GMG; please
|
||||||
|
## see the theming docs on how to install other themes.
|
||||||
|
# theme = airy
|
||||||
|
|
||||||
|
## If you want the terms of service displayed, you can uncomment this
|
||||||
|
# show_tos = true
|
||||||
|
|
||||||
|
user_privilege_scheme = "uploader,commenter,reporter"
|
||||||
|
[storage:queuestore]
|
||||||
|
base_dir = %(data_basedir)s/media/queue
|
||||||
|
|
||||||
|
[storage:publicstore]
|
||||||
|
base_dir = %(data_basedir)s/media/public
|
||||||
|
base_url = /mgoblin_media/
|
||||||
|
|
||||||
|
[celery]
|
||||||
|
# Put celery stuff here
|
||||||
|
|
||||||
|
# Place plugins here, each in their own subsection of [plugins].
|
||||||
|
# See http://docs.mediagoblin.org/siteadmin/plugins.html for details.
|
||||||
|
[plugins]
|
||||||
|
[[mediagoblin.plugins.geolocation]]
|
||||||
|
[[mediagoblin.plugins.basic_auth]]
|
||||||
|
[[mediagoblin.plugins.processing_info]]
|
||||||
|
[[mediagoblin.media_types.image]]
|
||||||
|
[[mediagoblin.media_types.video]]
|
||||||
|
[[mediagoblin_private]]
|
||||||
|
deny_access = true
|
|
@ -0,0 +1,55 @@
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
server_name _;
|
||||||
|
|
||||||
|
include /etc/nginx/mime.types;
|
||||||
|
autoindex off;
|
||||||
|
default_type application/octet-stream;
|
||||||
|
sendfile on;
|
||||||
|
|
||||||
|
gzip on;
|
||||||
|
gzip_min_length 1024;
|
||||||
|
gzip_buffers 4 32k;
|
||||||
|
gzip_types text/plain application/x-javascript text/javascript text/xml text/css;
|
||||||
|
|
||||||
|
access_log /dev/stdout;
|
||||||
|
error_log stdout;
|
||||||
|
|
||||||
|
# Change this to update the upload size limit for your users
|
||||||
|
client_max_body_size 500m;
|
||||||
|
|
||||||
|
# Give requests some more time, since we're running Celery tasks synchronously
|
||||||
|
# for now.
|
||||||
|
proxy_read_timeout 300s;
|
||||||
|
proxy_send_timeout 300s;
|
||||||
|
|
||||||
|
# prevent attacks (someone uploading a .txt file that the browser
|
||||||
|
# interprets as an HTML file, etc.)
|
||||||
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
|
||||||
|
# MediaGoblin's stock static files: CSS, JS, etc.
|
||||||
|
location /mgoblin_static/ {
|
||||||
|
alias /app/mediagoblin/static/;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Instance specific media:
|
||||||
|
location /mgoblin_media/ {
|
||||||
|
alias /app/user_dev/media/public/;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Theme static files (usually symlinked in)
|
||||||
|
location /theme_static/ {
|
||||||
|
alias /app/user_dev/theme_static/;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Plugin static files (usually symlinked in)
|
||||||
|
location /plugin_static/ {
|
||||||
|
alias /app/user_dev/plugin_static/;
|
||||||
|
}
|
||||||
|
|
||||||
|
location / {
|
||||||
|
include uwsgi_params;
|
||||||
|
uwsgi_pass unix:///tmp/mediagoblin.uwsgi.sock;
|
||||||
|
uwsgi_param SCRIPT_NAME "";
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,13 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Based on environment variable values, replace placeholders in MediaGoblin configuration.
|
||||||
|
envsubst < /app/mediagoblin_local.ini.template > /app/mediagoblin_local.ini
|
||||||
|
chown mediagoblin.www-data /app/mediagoblin_local.ini
|
||||||
|
su - mediagoblin --command "cd /app && gmg dbupdate"
|
||||||
|
|
||||||
|
# Run uWSGI and Nginx.
|
||||||
|
chown mediagoblin.www-data /app/user_dev
|
||||||
|
/usr/bin/uwsgi --uid mediagoblin --gid www-data --master --workers 3 /etc/uwsgi/apps-enabled/mediagoblin.yaml \
|
||||||
|
& /usr/sbin/nginx -g 'daemon off; master_process on;'
|
|
@ -0,0 +1,10 @@
|
||||||
|
uwsgi:
|
||||||
|
uid: mediagoblin
|
||||||
|
gid: mediagoblin
|
||||||
|
socket: /tmp/mediagoblin.uwsgi.sock
|
||||||
|
chown-socket: www-data:www-data
|
||||||
|
plugins: python3
|
||||||
|
pythonpath: /usr/lib/python3
|
||||||
|
chdir: /app
|
||||||
|
ini-paste: /app/paste.ini
|
||||||
|
env: CELERY_ALWAYS_EAGER=true
|
Loading…
Reference in New Issue