pschichtel · February 7, 2021 02:10
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
 services:
  - name: postgres:12-alpine
    alias: bootstrap-postgres
  - name: redis:6
    alias: bootstrap-redis

 variables:
  POSTGRES_DB: bootstrap
  POSTGRES_USER: bootstrap
  POSTGRES_PASSWORD: ''
  POSTGRES_HOST_AUTH_METHOD: trust
  FF_NETWORK_PER_BUILD: "true"

 build:
  image: docker:latest
  stage: build
  script:
    - config=web_only
    - version=stable
    - apk add --update coreutils bash git grep jq
    - git clone --depth=1 https://github.com/discourse/discourse_docker /var/discourse
    - sed -i "s/__DISCOURSE_VERSION__/$version/g" "$config.yml"
    - cp "$config.yml" /var/discourse/containers
    - cd /var/discourse
    - mkdir /var/lib/docker
    - container="$(cat /proc/self/cgroup | grep -o 'docker/.*' | grep -Po '[^/]+$' | uniq)"
    - echo "$container"
    - network="$(docker inspect $container | jq -r '.[0].NetworkSettings.Networks | keys[]')"
    - echo "$network"
    - ./launcher bootstrap "$config" --docker-args "--net=$network"
    - build_image_name="local_discourse/$config:latest"
    - deploy_image_name="SOME_REGISTRY/discourse:$version-$config"
    - docker image tag "$build_image_name" "$deploy_image_name"
    - docker image rm "$build_image_name"
    - docker image push "$deploy_image_name"
diff --git a/web_only.yml b/web_only.yml
 # IMPORTANT: SET A SECRET PASSWORD in Postgres for the Discourse User
 # TODO: change SOME_SECRET in this template

 templates:
  - "templates/web.template.yml"
  - "templates/web.ratelimited.template.yml"
 ## Uncomment these two lines if you wish to add Lets Encrypt (https)
  #- "templates/web.ssl.template.yml"
  #- "templates/web.letsencrypt.ssl.template.yml"

 ## which TCP/IP ports should this container expose?
 ## If you want Discourse to share a port with another webserver like Apache or nginx,
 ## see https://meta.discourse.org/t/17247 for details
 expose:
  - "80:80"   # http
  - "443:443" # https

 params:
  ## Which Git revision should this container use? (default: tests-passed)
  version: __DISCOURSE_VERSION__

 env:
  LANG: en_US.UTF-8
  # DISCOURSE_DEFAULT_LOCALE: en

  ## How many concurrent web requests are supported? Depends on memory and CPU cores.
  ## will be set automatically by bootstrap based on detected CPUs, or you can override
  # UNICORN_WORKERS: 3

  ## TODO: The domain name this Discourse instance will respond to
  DISCOURSE_HOSTNAME: 'localhost'

  ## Uncomment if you want the container to be started with the same
  ## hostname (-h option) as specified above (default "$hostname-$config")
  #DOCKER_USE_HOSTNAME: true

  ## TODO: List of comma delimited emails that will be made admin and developer
  ## on initial signup example '[email protected],[email protected]'
  DISCOURSE_DEVELOPER_EMAILS: '[email protected],[email protected]'

  ## TODO: The SMTP mail server used to validate new accounts and send notifications
  # SMTP ADDRESS, username, and password are required
  # WARNING the char '#' in SMTP password can cause problems!
  DISCOURSE_SMTP_ADDRESS: localhost
  #DISCOURSE_SMTP_PORT: 587
  DISCOURSE_SMTP_USER_NAME: [email protected]
  DISCOURSE_SMTP_PASSWORD: pa$$word
  #DISCOURSE_SMTP_ENABLE_START_TLS: true           # (optional, default true)

  ## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate
  #LETSENCRYPT_ACCOUNT_EMAIL: [email protected]
  
  ## TODO: configure connectivity to the databases
  DISCOURSE_DB_SOCKET: ''
  DISCOURSE_DB_USERNAME: bootstrap
  DISCOURSE_DB_PASSWORD: ''
  DISCOURSE_DB_HOST: bootstrap-postgres
  DISCOURSE_DB_NAME: bootstrap
  DISCOURSE_REDIS_HOST: bootstrap-redis

  ## The http or https CDN address for this Discourse instance (configured to pull)
  ## see https://meta.discourse.org/t/14857 for details
  #DISCOURSE_CDN_URL: https://discourse-cdn.example.com

 volumes:

 ## Plugins go here
 ## see https://meta.discourse.org/t/19157 for details
 #hooks:
 #  after_code:
 #    - exec:
 #        cd: $home/plugins
 #        cmd:
 #          - git clone https://github.com/discourse/docker_manager.git

 ## Remember, this is YAML syntax - you can only have one block with a name
 run:
  - exec: echo "Beginning of custom commands"

  ## If you want to configure password login for root, uncomment and change:
  ## Use only one of the following lines:
  #- exec: /usr/sbin/usermod -p 'PASSWORD_HASH' root
  #- exec: /usr/sbin/usermod -p "$(mkpasswd -m sha-256 'RAW_PASSWORD')" root

  ## If you want to authorized additional users, uncomment and change:
  #- exec: ssh-import-id username
  #- exec: ssh-import-id anotherusername

  - exec: echo "End of custom commands"
  - exec: awk -F\# '{print $1;}' ~/.ssh/authorized_keys | awk 'BEGIN { print "Authorized SSH keys for this container:"; } NF>=2 {print $NF;}'
	services:
	- name: postgres:12-alpine
	alias: bootstrap-postgres
	- name: redis:6
	alias: bootstrap-redis

	variables:
	POSTGRES_DB: bootstrap
	POSTGRES_USER: bootstrap
	POSTGRES_PASSWORD: ''
	POSTGRES_HOST_AUTH_METHOD: trust
	FF_NETWORK_PER_BUILD: "true"

	build:
	image: docker:latest
	stage: build
	script:
	- config=web_only
	- version=stable
	- apk add --update coreutils bash git grep jq
	- git clone --depth=1 https://github.com/discourse/discourse_docker /var/discourse
	- sed -i "s/__DISCOURSE_VERSION__/$version/g" "$config.yml"
	- cp "$config.yml" /var/discourse/containers
	- cd /var/discourse
	- mkdir /var/lib/docker
	- container="$(cat /proc/self/cgroup \| grep -o 'docker/.*' \| grep -Po '[^/]+$' \| uniq)"
	- echo "$container"
	- network="$(docker inspect $container \| jq -r '.[0].NetworkSettings.Networks \| keys[]')"
	- echo "$network"
	- ./launcher bootstrap "$config" --docker-args "--net=$network"
	- build_image_name="local_discourse/$config:latest"
	- deploy_image_name="SOME_REGISTRY/discourse:$version-$config"
	- docker image tag "$build_image_name" "$deploy_image_name"
	- docker image rm "$build_image_name"
	- docker image push "$deploy_image_name"
	# IMPORTANT: SET A SECRET PASSWORD in Postgres for the Discourse User
	# TODO: change SOME_SECRET in this template

	templates:
	- "templates/web.template.yml"
	- "templates/web.ratelimited.template.yml"
	## Uncomment these two lines if you wish to add Lets Encrypt (https)
	#- "templates/web.ssl.template.yml"
	#- "templates/web.letsencrypt.ssl.template.yml"

	## which TCP/IP ports should this container expose?
	## If you want Discourse to share a port with another webserver like Apache or nginx,
	## see https://meta.discourse.org/t/17247 for details
	expose:
	- "80:80" # http
	- "443:443" # https

	params:
	## Which Git revision should this container use? (default: tests-passed)
	version: __DISCOURSE_VERSION__

	env:
	LANG: en_US.UTF-8
	# DISCOURSE_DEFAULT_LOCALE: en

	## How many concurrent web requests are supported? Depends on memory and CPU cores.
	## will be set automatically by bootstrap based on detected CPUs, or you can override
	# UNICORN_WORKERS: 3

	## TODO: The domain name this Discourse instance will respond to
	DISCOURSE_HOSTNAME: 'localhost'

	## Uncomment if you want the container to be started with the same
	## hostname (-h option) as specified above (default "$hostname-$config")
	#DOCKER_USE_HOSTNAME: true

	## TODO: List of comma delimited emails that will be made admin and developer
	## on initial signup example '[email protected],[email protected]'
	DISCOURSE_DEVELOPER_EMAILS: '[email protected],[email protected]'

	## TODO: The SMTP mail server used to validate new accounts and send notifications
	# SMTP ADDRESS, username, and password are required
	# WARNING the char '#' in SMTP password can cause problems!
	DISCOURSE_SMTP_ADDRESS: localhost
	#DISCOURSE_SMTP_PORT: 587
	DISCOURSE_SMTP_USER_NAME: [email protected]
	DISCOURSE_SMTP_PASSWORD: pa$$word
	#DISCOURSE_SMTP_ENABLE_START_TLS: true # (optional, default true)

	## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate
	#LETSENCRYPT_ACCOUNT_EMAIL: [email protected]

	## TODO: configure connectivity to the databases
	DISCOURSE_DB_SOCKET: ''
	DISCOURSE_DB_USERNAME: bootstrap
	DISCOURSE_DB_PASSWORD: ''
	DISCOURSE_DB_HOST: bootstrap-postgres
	DISCOURSE_DB_NAME: bootstrap
	DISCOURSE_REDIS_HOST: bootstrap-redis

	## The http or https CDN address for this Discourse instance (configured to pull)
	## see https://meta.discourse.org/t/14857 for details
	#DISCOURSE_CDN_URL: https://discourse-cdn.example.com

	volumes:

	## Plugins go here
	## see https://meta.discourse.org/t/19157 for details
	#hooks:
	# after_code:
	# - exec:
	# cd: $home/plugins
	# cmd:
	# - git clone https://github.com/discourse/docker_manager.git

	## Remember, this is YAML syntax - you can only have one block with a name
	run:
	- exec: echo "Beginning of custom commands"

	## If you want to configure password login for root, uncomment and change:
	## Use only one of the following lines:
	#- exec: /usr/sbin/usermod -p 'PASSWORD_HASH' root
	#- exec: /usr/sbin/usermod -p "$(mkpasswd -m sha-256 'RAW_PASSWORD')" root

	## If you want to authorized additional users, uncomment and change:
	#- exec: ssh-import-id username
	#- exec: ssh-import-id anotherusername

	- exec: echo "End of custom commands"
	- exec: awk -F\# '{print $1;}' ~/.ssh/authorized_keys \| awk 'BEGIN { print "Authorized SSH keys for this container:"; } NF>=2 {print $NF;}'