From 54d6026c0ff61c403ae35b293f0cb9e446e00827 Mon Sep 17 00:00:00 2001 From: Carlos Roldan <31220861+whiteyhat@users.noreply.github.com> Date: Sun, 15 Mar 2020 01:07:43 +0100 Subject: [PATCH 1/2] Add Erxes micro-service --- erxes/.env.example | 26 ++++++++ erxes/Makefile | 8 +++ erxes/docker-compose.template.yaml | 96 ++++++++++++++++++++++++++++++ 3 files changed, 130 insertions(+) create mode 100644 erxes/.env.example create mode 100644 erxes/Makefile create mode 100644 erxes/docker-compose.template.yaml diff --git a/erxes/.env.example b/erxes/.env.example new file mode 100644 index 0000000..a95a5da --- /dev/null +++ b/erxes/.env.example @@ -0,0 +1,26 @@ +DOMAIN=ghost.2tel.us +# Uncomment this line to force https +# DOMAIN_ENTRYPOINT=https + +IMAGE_NAME=sokardys/ghost-s3 +GHOST_VERSION=2.30.2-alpine + +# You must synchronize it with the protocol used DOMAIN_ENTRYPOINT +BLOG_URL=http://ghost.2tel.us +MYSQL_PASSWORD=ghost + +AWS_S3_BUCKET=tutellus-crip +AWS_S3_ASSETHOST=https://d1umspa2e6jvse.cloudfront.net +AWS_S3_KEY=AKIAJWHOWROIS5IEF2OQ +AWS_S3_SECRET=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 +AWS_S3_REGION=eu-west-1 + +AWS_SES_FROM='Cryptoblog' +AWS_SES_KEY=AKIAIFOBHL5CXZSJCEGA +AWS_SES_SECRET=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 +AWS_SES_REGION=us-east-1 + +AWS_S3_BUCKET_BACKUP=backup-bucket +AWS_S3_PREFIX=ghost.2tel.us +BACKUP_FREQUENCY=@midnight + diff --git a/erxes/Makefile b/erxes/Makefile new file mode 100644 index 0000000..a196121 --- /dev/null +++ b/erxes/Makefile @@ -0,0 +1,8 @@ +docker-compose.yaml: docker-compose.template.yaml $(wildcard .env) + docker-compose -f $< config > $@ + +clean: + rm docker-compose.yaml + +image: docker-compose.yaml + docker-compose $(^:%=-f docker-compose.yaml) build $(filter-out $@,$(MAKECMDGOALS)) diff --git a/erxes/docker-compose.template.yaml b/erxes/docker-compose.template.yaml new file mode 100644 index 0000000..f96ad38 --- /dev/null +++ b/erxes/docker-compose.template.yaml @@ -0,0 +1,96 @@ +version: '3.4' + +# docker network create --scope swarm --driver overlay web +networks: + web: + external: true + monitoring: + external: true + +services: + ghost: + build: + context: . + args: + - tag=${GHOST_VERSION} + image: ${IMAGE_NAME}:${GHOST_VERSION} + networks: + - web + - default + environment: + url: ${BLOG_URL} + # see https://docs.ghost.org/docs/config#section-running-ghost-with-config-env-variables + database__client: mysql + database__connection__host: mysql + database__connection__user: root + database__connection__password: ${MYSQL_PASSWORD} + database__connection__database: ghost + storage__active: s3 + storage__s3__accessKeyId: ${AWS_S3_KEY} + storage__s3__secretAccessKey: ${AWS_S3_SECRET} + storage__s3__region: ${AWS_S3_REGION} + storage__s3__bucket: ${AWS_S3_BUCKET} + storage__s3__assetHost: ${AWS_S3_ASSETHOST} + mail__transport: SES + mail__from: ${AWS_SES_FROM} + mail__options__accessKeyId: ${AWS_SES_KEY} + mail__options__secretAccessKey: ${AWS_SES_SECRET} + mail__options__region: ${AWS_SES_REGION} + deploy: + replicas: 1 + update_config: + parallelism: 1 + failure_action: rollback + delay: 1m + order: start-first + restart_policy: + condition: on-failure + labels: + - traefik.enable=true + - traefik.port=2368 + - traefik.docker.network=web + - traefik.frontend.redirect.entryPoint=${DOMAIN_ENTRYPOINT} + - traefik.frontend.passHostHeader=true + - traefik.frontend.rule=Host:${DOMAIN} + - traefik.backend.loadbalancer.swarm=true + - traefik.backend.loadbalancer.stickiness=false + volumes: + - ghost_data:/var/lib/ghost/content/themes + + mysql: + image: mysql:5.7 + deploy: + mode: global + restart_policy: + condition: on-failure + environment: + MYSQL_ROOT_PASSWORD: ${MYSQL_PASSWORD} + networks: + - default + - monitoring + volumes: + - mysql_data:/var/lib/mysql + + backup: + image: schickling/mysql-backup-s3 + networks: + - default + environment: + MYSQL_HOST: mysql + MYSQL_USER: root + MYSQL_PASSWORD: ${MYSQL_PASSWORD} + S3_ACCESS_KEY_ID: ${AWS_S3_KEY} + S3_SECRET_ACCESS_KEY: ${AWS_S3_SECRET} + S3_BUCKET: ${AWS_S3_BUCKET_BACKUP} + S3_PREFIX: ${AWS_S3_PREFIX} + S3_REGION: ${AWS_S3_REGION} + SCHEDULE: ${BACKUP_FREQUENCY} + deploy: + mode: global + volumes: + - backup_data:/tmp + +volumes: + backup_data: + mysql_data: + ghost_data: From cf8110c481df385e29a097911134c04f5003b82d Mon Sep 17 00:00:00 2001 From: Carlos Roldan <31220861+whiteyhat@users.noreply.github.com> Date: Sun, 15 Mar 2020 01:13:17 +0100 Subject: [PATCH 2/2] Update .env.example --- erxes/.env.example | 26 +------------------------- 1 file changed, 1 insertion(+), 25 deletions(-) diff --git a/erxes/.env.example b/erxes/.env.example index a95a5da..ad2d14b 100644 --- a/erxes/.env.example +++ b/erxes/.env.example @@ -1,26 +1,2 @@ -DOMAIN=ghost.2tel.us -# Uncomment this line to force https -# DOMAIN_ENTRYPOINT=https - -IMAGE_NAME=sokardys/ghost-s3 -GHOST_VERSION=2.30.2-alpine - -# You must synchronize it with the protocol used DOMAIN_ENTRYPOINT -BLOG_URL=http://ghost.2tel.us -MYSQL_PASSWORD=ghost - -AWS_S3_BUCKET=tutellus-crip -AWS_S3_ASSETHOST=https://d1umspa2e6jvse.cloudfront.net -AWS_S3_KEY=AKIAJWHOWROIS5IEF2OQ -AWS_S3_SECRET=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 -AWS_S3_REGION=eu-west-1 - -AWS_SES_FROM='Cryptoblog' -AWS_SES_KEY=AKIAIFOBHL5CXZSJCEGA -AWS_SES_SECRET=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 -AWS_SES_REGION=us-east-1 - -AWS_S3_BUCKET_BACKUP=backup-bucket -AWS_S3_PREFIX=ghost.2tel.us -BACKUP_FREQUENCY=@midnight +# NOT DONE YET