diff --git a/app.yml b/app.yml new file mode 100644 index 0000000..dbe081b --- /dev/null +++ b/app.yml @@ -0,0 +1,127 @@ +## this is the all-in-one, standalone Discourse Docker container template +## +## After making changes to this file, you MUST rebuild +## /var/discourse/launcher rebuild app +## +## BE *VERY* CAREFUL WHEN EDITING! +## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT! +## visit http://www.yamllint.com/ to validate this file as needed + +templates: + - "templates/postgres.template.yml" + - "templates/redis.template.yml" + - "templates/web.template.yml" + - "templates/web.ratelimited.template.yml" + ## Uncomment these two lines if you wish to add Lets Encrypt (https) + # - "templates/web.ssl.template.yml" + # - "templates/web.letsencrypt.ssl.template.yml" + +## which TCP/IP ports should this container expose? +## If you want Discourse to share a port with another webserver like Apache or nginx, +## see https://meta.discourse.org/t/17247 for details +expose: + - "8080:80" # http + # - "443:443" # https + +docker_args: + - "--network=traefik" + - "--label=traefik.enable=true" + - "--label=traefik.http.routers.discourse.rule=Host(`forum.mtd.runfoo.run`)" + - "--label=traefik.http.routers.discourse.entrypoints=websecure" + - "--label=traefik.http.routers.discourse.tls.certresolver=letsencrypt" + - "--label=traefik.http.services.discourse.loadbalancer.server.port=80" + +params: + db_default_text_search_config: "pg_catalog.english" + + ## Set db_shared_buffers to a max of 25% of the total memory. + ## will be set automatically by bootstrap based on detected RAM, or you can override + db_shared_buffers: "3072MB" + + ## can improve sorting performance, but adds memory usage per-connection + #db_work_mem: "40MB" + + ## Which Git revision should this container use? (default: latest) + #version: latest + +env: + LC_ALL: en_US.UTF-8 + LANG: en_US.UTF-8 + LANGUAGE: en_US.UTF-8 + # DISCOURSE_DEFAULT_LOCALE: en + + ## How many concurrent web requests are supported? Depends on memory and CPU cores. + ## will be set automatically by bootstrap based on detected CPUs, or you can override + UNICORN_WORKERS: 6 + + ## TODO: The domain name this Discourse instance will respond to + ## Required. Discourse will not work with a bare IP number. + DISCOURSE_HOSTNAME: forum.mtd.runfoo.run + + ## Uncomment if you want the container to be started with the same + ## hostname (-h option) as specified above (default "$hostname-$config") + #DOCKER_USE_HOSTNAME: true + + ## TODO: List of comma delimited emails that will be made admin and developer + ## on initial signup example 'user1@example.com,user2@example.com' + DISCOURSE_DEVELOPER_EMAILS: 'tenwest@pm.me' + + ## TODO: Configure the mail server + ## (used for validation of new accounts, notifications, digests, etc.) + ## required: hostname of the SMTP mail server used to send mail + DISCOURSE_SMTP_ADDRESS: 216.158.230.94 + ## uncomment to set the port to something other than the default (25) + DISCOURSE_SMTP_PORT: 25 + ## USER_NAME / PASSWORD required if the SMTP provider needs authentication + ## WARNING: a '#' in the SMTP password can be misinterpreted; ensure it's inside string quotes, e.g.: + ## DISCOURSE_SMTP_PASSWORD: "#pass#ord" +# DISCOURSE_SMTP_USER_NAME: user@example.com +# DISCOURSE_SMTP_PASSWORD: "" + ## uncomment to enable implicit TLS at connection time, probably needed for using port 465 + #DISCOURSE_SMTP_FORCE_TLS: true + ## uncomment to set the HELO/EHLO domain, only set if required by provider + DISCOURSE_SMTP_DOMAIN: mtd.runfoo.run + ## the address from which notifications are sent + DISCOURSE_NOTIFICATION_EMAIL: noreply@mtd.runfoo.run + ## uncomment to change server certificate verification + DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none # peer|none + ## uncomment to override the authentication method + #DISCOURSE_SMTP_AUTHENTICATION: plain # plain|login|cram_md5 + + ## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate + LETSENCRYPT_ACCOUNT_EMAIL: me@example.com + + ## The http or https CDN address for this Discourse instance (configured to pull) + ## see https://meta.discourse.org/t/14857 for details + #DISCOURSE_CDN_URL: https://discourse-cdn.example.com + + ## The maxmind geolocation IP account ID and license key for IP address lookups + ## see https://meta.discourse.org/t/-/173941 for details + #DISCOURSE_MAXMIND_ACCOUNT_ID: 123456 + #DISCOURSE_MAXMIND_LICENSE_KEY: 1234567890123456 + +## The Docker container is stateless; all data is stored in /shared +volumes: + - volume: + host: /var/discourse/shared/standalone + guest: /shared + - volume: + host: /var/discourse/shared/standalone/log/var-log + guest: /var/log + +## Plugins go here +## see https://meta.discourse.org/t/19157 for details +hooks: + after_code: + - exec: + cd: $home/plugins + cmd: + - git clone https://github.com/discourse/docker_manager.git + +## Any custom commands to run after building +run: + - exec: echo "Beginning of custom commands" + ## If you want to set the 'From' email address for your first registration, uncomment and change: + ## After getting the first signup email, re-comment the line. It only needs to run once. + #- exec: rails r "SiteSetting.notification_email='info@unconfigured.discourse.org'" + - exec: echo "End of custom commands" diff --git a/app.yml.fixed b/app.yml.fixed new file mode 100644 index 0000000..dbe081b --- /dev/null +++ b/app.yml.fixed @@ -0,0 +1,127 @@ +## this is the all-in-one, standalone Discourse Docker container template +## +## After making changes to this file, you MUST rebuild +## /var/discourse/launcher rebuild app +## +## BE *VERY* CAREFUL WHEN EDITING! +## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT! +## visit http://www.yamllint.com/ to validate this file as needed + +templates: + - "templates/postgres.template.yml" + - "templates/redis.template.yml" + - "templates/web.template.yml" + - "templates/web.ratelimited.template.yml" + ## Uncomment these two lines if you wish to add Lets Encrypt (https) + # - "templates/web.ssl.template.yml" + # - "templates/web.letsencrypt.ssl.template.yml" + +## which TCP/IP ports should this container expose? +## If you want Discourse to share a port with another webserver like Apache or nginx, +## see https://meta.discourse.org/t/17247 for details +expose: + - "8080:80" # http + # - "443:443" # https + +docker_args: + - "--network=traefik" + - "--label=traefik.enable=true" + - "--label=traefik.http.routers.discourse.rule=Host(`forum.mtd.runfoo.run`)" + - "--label=traefik.http.routers.discourse.entrypoints=websecure" + - "--label=traefik.http.routers.discourse.tls.certresolver=letsencrypt" + - "--label=traefik.http.services.discourse.loadbalancer.server.port=80" + +params: + db_default_text_search_config: "pg_catalog.english" + + ## Set db_shared_buffers to a max of 25% of the total memory. + ## will be set automatically by bootstrap based on detected RAM, or you can override + db_shared_buffers: "3072MB" + + ## can improve sorting performance, but adds memory usage per-connection + #db_work_mem: "40MB" + + ## Which Git revision should this container use? (default: latest) + #version: latest + +env: + LC_ALL: en_US.UTF-8 + LANG: en_US.UTF-8 + LANGUAGE: en_US.UTF-8 + # DISCOURSE_DEFAULT_LOCALE: en + + ## How many concurrent web requests are supported? Depends on memory and CPU cores. + ## will be set automatically by bootstrap based on detected CPUs, or you can override + UNICORN_WORKERS: 6 + + ## TODO: The domain name this Discourse instance will respond to + ## Required. Discourse will not work with a bare IP number. + DISCOURSE_HOSTNAME: forum.mtd.runfoo.run + + ## Uncomment if you want the container to be started with the same + ## hostname (-h option) as specified above (default "$hostname-$config") + #DOCKER_USE_HOSTNAME: true + + ## TODO: List of comma delimited emails that will be made admin and developer + ## on initial signup example 'user1@example.com,user2@example.com' + DISCOURSE_DEVELOPER_EMAILS: 'tenwest@pm.me' + + ## TODO: Configure the mail server + ## (used for validation of new accounts, notifications, digests, etc.) + ## required: hostname of the SMTP mail server used to send mail + DISCOURSE_SMTP_ADDRESS: 216.158.230.94 + ## uncomment to set the port to something other than the default (25) + DISCOURSE_SMTP_PORT: 25 + ## USER_NAME / PASSWORD required if the SMTP provider needs authentication + ## WARNING: a '#' in the SMTP password can be misinterpreted; ensure it's inside string quotes, e.g.: + ## DISCOURSE_SMTP_PASSWORD: "#pass#ord" +# DISCOURSE_SMTP_USER_NAME: user@example.com +# DISCOURSE_SMTP_PASSWORD: "" + ## uncomment to enable implicit TLS at connection time, probably needed for using port 465 + #DISCOURSE_SMTP_FORCE_TLS: true + ## uncomment to set the HELO/EHLO domain, only set if required by provider + DISCOURSE_SMTP_DOMAIN: mtd.runfoo.run + ## the address from which notifications are sent + DISCOURSE_NOTIFICATION_EMAIL: noreply@mtd.runfoo.run + ## uncomment to change server certificate verification + DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none # peer|none + ## uncomment to override the authentication method + #DISCOURSE_SMTP_AUTHENTICATION: plain # plain|login|cram_md5 + + ## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate + LETSENCRYPT_ACCOUNT_EMAIL: me@example.com + + ## The http or https CDN address for this Discourse instance (configured to pull) + ## see https://meta.discourse.org/t/14857 for details + #DISCOURSE_CDN_URL: https://discourse-cdn.example.com + + ## The maxmind geolocation IP account ID and license key for IP address lookups + ## see https://meta.discourse.org/t/-/173941 for details + #DISCOURSE_MAXMIND_ACCOUNT_ID: 123456 + #DISCOURSE_MAXMIND_LICENSE_KEY: 1234567890123456 + +## The Docker container is stateless; all data is stored in /shared +volumes: + - volume: + host: /var/discourse/shared/standalone + guest: /shared + - volume: + host: /var/discourse/shared/standalone/log/var-log + guest: /var/log + +## Plugins go here +## see https://meta.discourse.org/t/19157 for details +hooks: + after_code: + - exec: + cd: $home/plugins + cmd: + - git clone https://github.com/discourse/docker_manager.git + +## Any custom commands to run after building +run: + - exec: echo "Beginning of custom commands" + ## If you want to set the 'From' email address for your first registration, uncomment and change: + ## After getting the first signup email, re-comment the line. It only needs to run once. + #- exec: rails r "SiteSetting.notification_email='info@unconfigured.discourse.org'" + - exec: echo "End of custom commands" diff --git a/traefik.yml b/traefik.yml new file mode 100644 index 0000000..07b56bc --- /dev/null +++ b/traefik.yml @@ -0,0 +1,43 @@ +api: + dashboard: true + insecure: false + +entryPoints: + web: + address: ":80" + websecure: + address: ":443" + +providers: + docker: + endpoint: "unix:///var/run/docker.sock" + exposedByDefault: false + network: traefik + +certificatesResolvers: + letsencrypt: + acme: + httpChallenge: + entryPoint: web + email: tenwest@proton.me + storage: /data/acme.json + caServer: https://acme-v02.api.letsencrypt.org/directory + +accessLog: {} + +http: + middlewares: + redirect-to-https: + redirectScheme: + scheme: https + permanent: true + + routers: + web-redirect: + rule: "HostRegexp(`{host:.+}`)" + entryPoints: + - web + middlewares: + - redirect-to-https + service: "noop@internal" + priority: 1 diff --git a/traefik.yml.new b/traefik.yml.new new file mode 100644 index 0000000..07b56bc --- /dev/null +++ b/traefik.yml.new @@ -0,0 +1,43 @@ +api: + dashboard: true + insecure: false + +entryPoints: + web: + address: ":80" + websecure: + address: ":443" + +providers: + docker: + endpoint: "unix:///var/run/docker.sock" + exposedByDefault: false + network: traefik + +certificatesResolvers: + letsencrypt: + acme: + httpChallenge: + entryPoint: web + email: tenwest@proton.me + storage: /data/acme.json + caServer: https://acme-v02.api.letsencrypt.org/directory + +accessLog: {} + +http: + middlewares: + redirect-to-https: + redirectScheme: + scheme: https + permanent: true + + routers: + web-redirect: + rule: "HostRegexp(`{host:.+}`)" + entryPoints: + - web + middlewares: + - redirect-to-https + service: "noop@internal" + priority: 1