Event-Federation/docker
Event-Federation/docker
7
0
Fork 0
Code Issues 1 Pull requests Projects Releases Wiki Activity

Compare commits

base: Event-Federation:5aed7b57f0467632677aa58233201047ba494504
Branches Tags
Event-Federation:main
..
compare: Event-Federation:9037f8825f3eba95ea2fa6fc5e14efc876f85498
Branches Tags
Event-Federation:main

No commits in common. "5aed7b57f0467632677aa58233201047ba494504" and "9037f8825f3eba95ea2fa6fc5e14efc876f85498" have entirely different histories.
5aed7b57f0 ... 9037f8825f

9 changed files with 207 additions and 129 deletions
Show stats Expand all files Collapse all files

5
.gitignore vendored
View file

@ -1,4 +1,3 @@
certs certs
public wordpress/wordpress
wordpress mobilizon/mobilizon
mobilizon

14
Makefile
View file

@ -1,20 +1,20 @@
init: init:
@bash mobilizon/docker/message.sh "Start" @bash mobilizon/mobilizon/docker/message.sh "Start"
make start make start
setup: stop setup: stop
@bash mobilizon/docker/message.sh "Compiling everything" @bash mobilizon/mobilizon/docker/message.sh "Compiling everything"
docker-compose run --rm -e HEX_UNSAFE_HTTPS=1 mobilizon bash -c 'mix hex.config unsafe_https true; mix deps.get; npm ci; npm run build:pictures; mix ecto.create; mix ecto.migrate' docker-compose run --rm mobilizon bash -c 'mix deps.get; npm ci; npm run build:pictures; mix ecto.create; mix ecto.migrate'
migrate: migrate:
docker-compose run --rm mobilizon mix ecto.migrate docker-compose run --rm mobilizon mix ecto.migrate
logs: logs:
docker-compose logs -f docker-compose logs -f
start: stop start: stop
@bash mobilizon/docker/message.sh "Starting WordPress and Mobilizon with Docker" @bash mobilizon/mobilizon/docker/message.sh "Starting WordPress and Mobilizon with Docker"
docker-compose up -d docker-compose up -d
@bash mobilizon/docker/message.sh "Docker containers started" @bash mobilizon/mobilizon/docker/message.sh "Docker containers started"
stop: stop:
@bash mobilizon/docker/message.sh "Stopping WordPress and Mobilizon" @bash mobilizon/mobilizon/docker/message.sh "Stopping WordPress and Mobilizon"
docker-compose down docker-compose down
@bash mobilizon/docker/message.sh "WordPress and Mobilizon are stopped" @bash mobilizon/mobilizon/docker/message.sh "WordPress and Mobilizon are stopped"
target: init target: init

2
README.md
View file

@ -27,5 +27,5 @@ mkcert -install -cert-file certs/lan.pem -key-file certs/lan-key.pem wp.lan mz.l
7. Create an administrator user for Mobilizon 7. Create an administrator user for Mobilizon
``` ```
docker-compose exec mobilizon mobilizon_ctl users.new "your@email.com" --admin --password "abc" docker-compose exec mobilizon mix mobilizon.users.new "your@email.com" --admin --password "mypassword"
``` ```

43
docker-compose.yml
View file

@ -7,7 +7,7 @@ services:
- "80:80" - "80:80"
- "443:443" - "443:443"
volumes: volumes:
- ./nginx.conf:/etc/nginx/nginx.conf:ro - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./certs/:/etc/nginx/certs/:ro - ./certs/:/etc/nginx/certs/:ro
restart: always restart: always
depends_on: depends_on:
@ -30,20 +30,21 @@ services:
- POSTGRES_PORT=5432 - POSTGRES_PORT=5432
volumes: volumes:
- mobilizon_database_data:/var/lib/postgresql/data - mobilizon_database_data:/var/lib/postgresql/data
ports:
- "5432:5432"
mobilizon: mobilizon:
container_name: mobilizon container_name: mobilizon
restart: unless-stopped restart: unless-stopped
build: build:
context: ./mobilizon context: ./mobilizon/mobilizon
dockerfile: Dockerfile dockerfile: Dockerfile
args:
- HEX_UNSAFE_HTTPS=1
volumes: volumes:
- "./mobilizon:/app" - "./mobilizon/mobilizon:/app"
- "~/.local/share/mkcert/:/root/.local/share/mkcert/:ro" - "./mobilizon/dev.exs:/app/config/dev.exs"
- /etc/ssl/certs:/etc/ssl/certs:ro - "./certs/lan-key.pem:/app/priv/server.key:ro"
- /etc/ca-certificates/:/etc/ca-certificates/:ro - "./certs/lan.pem:/app/priv/server.pem:ro"
- "/etc/ssl/certs/ca-certificates.crt:/app/priv/ca-bundle.crt:ro"
depends_on: depends_on:
- postgres - postgres
environment: environment:
@ -51,8 +52,8 @@ services:
DOCKER: "true" DOCKER: "true"
MOBILIZON_INSTANCE_NAME: My Local Mobilizon MOBILIZON_INSTANCE_NAME: My Local Mobilizon
MOBILIZON_INSTANCE_HOST: mz.lan MOBILIZON_INSTANCE_HOST: mz.lan
MOBILIZON_INSTANCE_HOST_PORT: 4000 MOBILIZON_INSTANCE_HOST_PORT: 443
MOBILIZON_INSTANCE_PORT: 4000 MOBILIZON_INSTANCE_PORT: 443
MOBILIZON_INSTANCE_EMAIL: noreply@mobilizon.me MOBILIZON_INSTANCE_EMAIL: noreply@mobilizon.me
MOBILIZON_INSTANCE_REGISTRATIONS_OPEN: "true" MOBILIZON_INSTANCE_REGISTRATIONS_OPEN: "true"
MOBILIZON_DATABASE_PASSWORD: mobilizon MOBILIZON_DATABASE_PASSWORD: mobilizon
@ -60,25 +61,22 @@ services:
MOBILIZON_DATABASE_DBNAME: mobilizon MOBILIZON_DATABASE_DBNAME: mobilizon
MOBILIZON_DATABASE_HOST: postgres MOBILIZON_DATABASE_HOST: postgres
MOBILIZON_DATABASE_PORT: 5432 MOBILIZON_DATABASE_PORT: 5432
HEX_UNSAFE_HTTPS: 1
HEX_CACERTS_PATH: /etc/ssl/certs
VITE_HOST: 0.0.0.0 VITE_HOST: 0.0.0.0
command: sh -c "HEX_UNSAFE_HTTPS=1 mix phx.server" command: sh -c "mix phx.server"
ports:
- "4000:4000"
- "5173:5173"
expose: expose:
- "443"
- "4000" - "4000"
- "5173" ports:
- "5173:5173"
wordpress: wordpress:
build: build:
context: . context: ./wordpress
dockerfile: Dockerfile-WordPress dockerfile: Dockerfile
volumes: volumes:
- ./wordpress:/var/www/html - ./wordpress/wordpress:/var/www/html
#- /etc/ssl/certs:/etc/ssl/certs:ro - /etc/ssl/certs/ca-certificates.crt:/var/www/html/wp-includes/certificates/ca-bundle.crt:ro
#- /etc/ca-certificates/:/etc/ca-certificates/:ro
environment: environment:
- DOCKER_DEV_DOMAIN=wp.lan - DOCKER_DEV_DOMAIN=wp.lan
- WORDPRESS_DB_NAME=wordpress - WORDPRESS_DB_NAME=wordpress
@ -96,7 +94,6 @@ services:
- "80" - "80"
- "9003" - "9003"
extra_hosts: extra_hosts:
# Needed for XDebug
- "host.docker.internal:host-gateway" - "host.docker.internal:host-gateway"
mariadb: mariadb:

108
mobilizon/dev.exs Normal file
View file

@ -0,0 +1,108 @@
import Config
config :mobilizon, Mobilizon.Web.Endpoint,
https: [
port: String.to_integer(System.get_env("MOBILIZON_INSTANCE_HOST_PORT", "4000")),
keyfile: "priv/server.key",
certfile: "priv/server.pem"
],
url: [
host: System.get_env("MOBILIZON_INSTANCE_HOST", "mobilizon.local"),
port: String.to_integer(System.get_env("MOBILIZON_INSTANCE_HOST_PORT", "443")),
scheme: "https"
],
secret_key_base: System.get_env("MOBILIZON_INSTANCE_SECRET_KEY_BASE", "changethis"),
debug_errors: true,
code_reloader: true,
check_origin: false,
watchers: [
node: [
"node_modules/.bin/vite",
"--host",
System.get_env("VITE_HOST", "localhost")
]
]
# ## SSL Support
#
# In order to use HTTPS in development, a self-signed
# certificate can be generated by running the following
# command from your terminal:
#
# openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" -keyout priv/server.key -out priv/server.pem
#
# The `http:` config above can be replaced with:
#
# https: [port: 4000, keyfile: "priv/server.key", certfile: "priv/server.pem"],
#
# If desired, both `http:` and `https:` keys can be
# configured to run both http and https servers on
# different ports.
# Watch static and templates for browser reloading.
config :mobilizon, Mobilizon.Web.Endpoint,
live_reload: [
patterns: [
~r{priv/static/.*(js|css|png|jpeg|jpg|gif|svg)$},
~r{priv/gettext/.*(po)$},
~r{lib/web/(live|views)/.*(ex)$},
~r{lib/web/templates/.*(eex)$}
]
]
# Do not include metadata nor timestamps in development logs
config :logger, :console, format: "$metadata[$level] $message\n", level: :debug
config :mobilizon, Mobilizon.Service.Geospatial, service: Mobilizon.Service.Geospatial.Nominatim
config :mobilizon, Mobilizon.Web.Gettext, allowed_locales: ["fr", "en", "ru", "ar"]
# Set a higher stacktrace during development. Avoid configuring such
# in production as building large stacktraces may be expensive.
config :phoenix, :stacktrace_depth, 20
# Initialize plugs at runtime for faster development compilation
config :phoenix, :plug_init_mode, :runtime
config :mobilizon, Mobilizon.Web.Email.Mailer, adapter: Swoosh.Adapters.Local
# Configure your database
config :mobilizon, Mobilizon.Storage.Repo,
username: System.get_env("MOBILIZON_DATABASE_USERNAME", "mobilizon"),
password: System.get_env("MOBILIZON_DATABASE_PASSWORD", "mobilizon"),
database: System.get_env("MOBILIZON_DATABASE_DBNAME", "mobilizon_dev"),
hostname: System.get_env("MOBILIZON_DATABASE_HOST", "localhost"),
port: System.get_env("MOBILIZON_DATABASE_PORT", "5432"),
pool_size: 10,
show_sensitive_data_on_connection_error: true,
# Logging is handled by Ecto.DevLogger
log: false
config :mobilizon, :instance,
name: System.get_env("MOBILIZON_INSTANCE_NAME", "Mobilizon"),
hostname: System.get_env("MOBILIZON_INSTANCE_HOST", "Mobilizon"),
email_from: System.get_env("MOBILIZON_INSTANCE_EMAIL"),
email_reply_to: System.get_env("MOBILIZON_INSTANCE_EMAIL"),
registrations_open: System.get_env("MOBILIZON_INSTANCE_REGISTRATIONS_OPEN") == "true",
groups: true
config :mobilizon, Mobilizon.Web.Auth.Guardian,
secret_key: System.get_env("MOBILIZON_INSTANCE_SECRET_KEY", "changethis")
# config :mobilizon, :activitypub, sign_object_fetches: false
config :mobilizon, Mobilizon.Web.Upload.Uploader.Local, uploads: "uploads"
config :mobilizon, :exports, path: "uploads/exports"
config :mobilizon, Mobilizon.Service.SiteMap,
path: System.get_env("MOBILIZON_SITEMAP_PATH", "priv/static")
config :tz_world, data_dir: "_build/dev/lib/tz_world/priv"
config :mobilizon, :anonymous,
reports: [
allowed: true
]
config :unplug, :init_mode, :runtime

95
nginx.conf
View file

@ -1,95 +0,0 @@
worker_processes auto;
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name wp.lan;
index index.php;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass "http://wordpress";
}
}
server {
listen 443 ssl;
http2 on;
server_name wp.lan;
ssl_certificate /etc/nginx/certs/lan.pem;
ssl_certificate_key /etc/nginx/certs/lan-key.pem;
index index.php;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass "http://wordpress";
}
}
server {
server_name mz.lan;
listen 80;
listen [::]:80;
return 301 https://$server_name$request_uri;
}
server {
server_name mz.lan;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_session_timeout 5m;
# Uncomment once you get the certificates
ssl_trusted_certificate /etc/nginx/certs/lan.pem;
ssl_certificate /etc/nginx/certs/lan.pem;
ssl_certificate_key /etc/nginx/certs/lan-key.pem;
# Add TLSv1.3 if it's supported by your system
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA';
ssl_prefer_server_ciphers on;
ssl_ecdh_curve prime256v1;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=31536000";
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;
# the nginx default is 1m, not enough for large media uploads
client_max_body_size 16m;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Just use the proxy for everything
location / {
expires off;
add_header Cache-Control "public, max-age=0, s-maxage=0, must-revalidate" always;
proxy_pass "http://mobilizon:4000";
}
}
}

69
nginx/nginx.conf Executable file
View file

@ -0,0 +1,69 @@
worker_processes auto;
events {
worker_connections 1024;
}
http {
server {
server_name wp.lan;
listen 80;
# return 301 https://$server_name$request_uri;
index index.php;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass "http://wordpress";
}
}
# server {
# server_name wp.lan;
# listen 443 ssl;
# http2 on;
# ssl_certificate /etc/nginx/certs/lan.pem;
# ssl_certificate_key /etc/nginx/certs/lan-key.pem;
# index index.php;
# location / {
# proxy_set_header X-Forwarded-For $remote_addr;
# proxy_set_header Host $http_host;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_pass "http://wordpress";
# }
# }
server {
server_name mz.lan;
listen 80;
return 301 https://$server_name$request_uri;
}
server {
server_name mz.lan;
listen 443 ssl;
http2 on;
ssl_certificate /etc/nginx/certs/lan.pem;
ssl_certificate_key /etc/nginx/certs/lan-key.pem;
client_max_body_size 16m;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
location / {
proxy_pass "https://mobilizon";
}
}
}

0
Dockerfile-WordPress → wordpress/Dockerfile
View file

0
files-to-copy/usr/local/etc/php/conf.d/xdebug.ini → wordpress/files-to-copy/usr/local/etc/php/conf.d/xdebug.ini
View file