diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..3923045 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "kanbot"] + path = kanbot + url = https://gitea.auro.re/aurore/kanbot diff --git a/README.md b/README.md index 6575940..6175903 100644 --- a/README.md +++ b/README.md @@ -13,11 +13,12 @@ tout en vérifiant qu'il n'est lisible que par root. ## Map des ports - * 8080 -> Riot Web (chat) + * 8080 -> Element Web (chat) * 8081 -> CodiMD * 8082 -> Grafana * 8083 -> PrivateBin (paste) * 8084 -> EtherPad (pad) * 8085 -> Django CAS server (cas) - * 8086 -> ShareLaTeX + * 8086 -> Statping (status page) * 8087 -> Docker exporter + * 8088 -> Kanboard diff --git a/django-cas-server/cas/settings.py b/django-cas-server/cas/settings.py index 313ada1..d383225 100644 --- a/django-cas-server/cas/settings.py +++ b/django-cas-server/cas/settings.py @@ -27,10 +27,10 @@ DEBUG = os.getenv('DJANGO_DEBUG', False) ALLOWED_HOSTS = [os.getenv('DJANGO_HOST')] -# Suivi des erreurs sur root@ +# Suivi des erreurs sur la ML monitoring EMAIL_SUBJECT_PREFIX = "[CAS] " ADMINS = ( - ('Intranet', 'root@crans.org'), + ('Intranet', 'monitoring.aurore@lists.crans.org'), ) # Application definition diff --git a/django-cas-server/cas/urls.py b/django-cas-server/cas/urls.py index f182d34..52393fb 100644 --- a/django-cas-server/cas/urls.py +++ b/django-cas-server/cas/urls.py @@ -17,7 +17,7 @@ from django.conf.urls import include, url from django.contrib import admin urlpatterns = [ - url(r'^admin/', admin.site.urls), - url(r'^', include('cas_server.urls', namespace="cas_server")), + url(r'admin/', admin.site.urls), + url(r'', include('cas_server.urls', namespace="cas_server")), ] diff --git a/django-cas-server/requirements.txt b/django-cas-server/requirements.txt index 5ac7318..7ee3d09 100644 --- a/django-cas-server/requirements.txt +++ b/django-cas-server/requirements.txt @@ -1,4 +1,5 @@ django-cas-server gunicorn +ldap3 psycopg2 whitenoise diff --git a/docker-compose.yml b/docker-compose.yml index ea06ca6..90fd166 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,28 +1,34 @@ +--- version: "3" services: - ################################################## - # DATABASES # - ################################################## - - mongo: - image: mongo:4.2 + element: + build: element restart: always - volumes: - - ./mongo_data:/data/db + ports: + - 8080:80 - redis: - image: redis:5.0 + hedgedoc: + build: hedgedoc restart: always + environment: + CMD_DB_URL: "${CODIMD_DB_URL}" + CMD_LDAP_BINDCREDENTIALS: "${CODIMD_LDAP_BINDCREDENTIALS}" volumes: - - ./redis_data:/data + - ./codimd_uploads_data:/hedgedoc/public/uploads + ports: + - 8081:3000 - riot: - build: riot + grafana: + build: grafana restart: always + environment: + ENV_PASSWORD: "${GRAFANA_LDAP_PASSWORD}" + volumes: + - ./grafana_data:/var/lib/grafana ports: - - 8080:80 + - 8082:3000 privatebin: image: privatebin/nginx-fpm-alpine:1.3.4 @@ -36,91 +42,86 @@ services: build: etherpad restart: always environment: - - "POSTGRES_PASSWORD=${ETHERPAD_POSTGRES_PASSWD}" + POSTGRES_PASSWORD: "${ETHERPAD_DB_PASSWORD}" ports: - 8084:9001 - grafana: - build: grafana + cas: + build: django-cas-server restart: always environment: - - "ENV_PASSWORD=${GRAFANA_LDAP_BIND_PASSWD}" - volumes: - - ./grafana_data:/var/lib/grafana + DJANGO_DB_PASSWORD: "${DJANGO_CAS_DB_PASSWORD}" + DJANGO_SECRET_KEY: "${DJANGO_CAS_SECRET_KEY}" + DJANGO_CAS_LDAP_PASSWORD: "${DJANGO_CAS_LDAP_PASSWORD}" ports: - - 8082:3000 + - 8085:8000 - matrix-appservice-discord: - image: halfshot/matrix-appservice-discord:v1.0.0 + statping: + image: statping/statping:v0.90.74 restart: always + environment: + DB_CONN: sqlite volumes: - - ./matrix-appservice-discord_data:/data - - ./matrix-appservice-discord_data/discord.db:/discord.db + - ./statping_data:/app ports: - - 9005:9005 + - 8086:8080 - prometheus-alertmanager: - build: prometheus-alertmanager + docker_exporter: + image: prometheusnet/docker_exporter restart: always + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro ports: - - 9093:9093 + - "8087:9417" - prometheus-alertmanager-discord: - build: prometheus-alertmanager-discord - restart: always + kanboard: + image: kanboard/kanboard:v1.2.18 environment: - - "DISCORD_WEBHOOK=${PROMETHEUS_DISCORD_WEBHOOK}" + LDAP_AUTH: "true" + LDAP_SERVER: ldap://10.128.0.149 + LDAP_BIND_TYPE: proxy + LDAP_USERNAME: "cn=kanboard,ou=service-users,dc=auro,dc=re" + LDAP_PASSWORD: "${KANBOARD_LDAP_PASSWORD}" + LDAP_USER_BASE_DN: "cn=Utilisateurs,dc=auro,dc=re" + LDAP_USER_FILTER: "(&(objectClass=posixAccount)(uid=%s))" + LDAP_GROUP_PROVIDER: "false" + DB_DRIVER: postgres + DB_HOSTNAME: 10.128.0.96 + DB_NAME: kanboard + DB_USERNAME: kanboard + DB_PASSWORD: "${KANBOARD_DB_PASSWORD}" + ENABLE_XFRAME: "false" + DEBUG: "false" + volumes: + - ./kanboard_data:/var/www/app/data + - ./kanboard_plugins:/var/www/app/plugins + ports: + - 8088:80 - postgres: - # Don't upgrade PostgreSQL by simply changing the version number - # You need to migrate the Database to the new PostgreSQL version - # When creating for the first time, - # you need to create codimd and cas users and databases. - image: postgres:9.6-alpine + kanbot: + build: kanbot restart: always - environment: - - POSTGRES_USER=postgres - - "POSTGRES_PASSWD=${POSTGRES_PASSWD}" volumes: - - ./postgres_data:/var/lib/postgresql/data + - ./kanbot_config/config.yaml:/var/www/kanbot/config.yaml:ro - codimd: - build: codimd + matrix-appservice-discord: + image: halfshot/matrix-appservice-discord:v1.0.0 restart: always - environment: - - "CMD_DB_URL=${CODIMD_DB_URL}" - - "CMD_LDAP_BINDCREDENTIALS=${CODIMD_LDAP_BINDCREDENTIALS}" - ports: - - "8081:3000" volumes: - - ./codimd_uploads_data:/hedgedoc/public/uploads + - ./matrix-appservice-discord_data:/data + - ./matrix-appservice-discord_data/discord.db:/discord.db + ports: + - 9005:9005 - docker_exporter: - image: prometheusnet/docker_exporter + prometheus-alertmanager: + build: prometheus-alertmanager restart: always ports: - - "8087:9417" - volumes: - - "/var/run/docker.sock:/var/run/docker.sock:ro" - -# cas: -# build: django-cas-server -# restart: always -# environment: -# DJANGO_DB_PASSWORD: "${DJANGO_CAS_DB_PASSWORD}" -# DJANGO_SECRET_KEY: "${DJANGO_CAS_SECRET_KEY}" -# DJANGO_CAS_LDAP_PASSWORD: "${DJANGO_CAS_LDAP_PASSWORD}" -# ports: -# - "8085:8000" -# depends_on: -# - postgres + - 9093:9093 - statping: - image: statping/statping:v0.90.74 + prometheus-alertmanager-discord: + build: prometheus-alertmanager-discord restart: always - ports: - - 8086:8080 - volumes: - - ./statping_data:/app environment: - DB_CONN: sqlite + DISCORD_WEBHOOK: "${PROMETHEUS_DISCORD_WEBHOOK}" +... diff --git a/element/Dockerfile b/element/Dockerfile new file mode 100644 index 0000000..7b48707 --- /dev/null +++ b/element/Dockerfile @@ -0,0 +1,6 @@ +FROM vectorim/element-web:v1.7.23 + +# Customize instance settings and background +COPY config.json /app/config.json +COPY background.jpg /app/background.jpg +COPY logo.png /app/logo.png diff --git a/riot/bg.jpg b/element/background.jpg similarity index 100% rename from riot/bg.jpg rename to element/background.jpg diff --git a/riot/config.json b/element/config.json similarity index 83% rename from riot/config.json rename to element/config.json index df22db5..fc1e8f0 100644 --- a/riot/config.json +++ b/element/config.json @@ -14,7 +14,12 @@ "disable_3pid_login": true, "brand": "Riot", "branding": { - "welcomeBackgroundUrl": "/bg.jpg" + "welcomeBackgroundUrl": "/background.jpg", + "authHeaderLogoUrl": :"/logo.png", + "authFooterLinks": [ + {"text": "Site Web", "url": "https://auro.re"}, + {"text": "Intranet", "url": "https://intranet.auro.re"}, + {"text": "Email support", "url": "mailto:support.aurore@lists.crans.org"} }, "integrations_ui_url": "", "integrations_rest_url": "", @@ -44,10 +49,6 @@ }, "welcomeUserId": "@riot-bot:matrix.org", "piwik": false, - "permalinkPrefix": "https://auro.re", - "enable_presence_by_hs_url": { - "https://matrix.org": false - }, "settingDefaults": { "breadcrumbs": true }, diff --git a/element/logo.png b/element/logo.png new file mode 100644 index 0000000..4c967a5 Binary files /dev/null and b/element/logo.png differ diff --git a/env.example b/env.example index 7ef4d89..a0bef33 100644 --- a/env.example +++ b/env.example @@ -1,5 +1,11 @@ # Copy this as .env and make it only readable by root -ETHERPAD_POSTGRES_PASSWD=CHANGE ME -GRAFANA_LDAP_BIND_PASSWD=CHANGE ME +ETHERPAD_DB_PASSWORD=CHANGE ME +GRAFANA_LDAP_PASSWORD=CHANGE ME PROMETHEUS_DISCORD_WEBHOOK=CHANGE ME CODIMD_LDAP_BINDCREDENTIALS=CHANGE ME +DJANGO_CAS_DB_PASSWORD=CHANGE ME +DJANGO_CAS_SECRET_KEY=CHANGE ME +DJANGO_CAS_LDAP_PASSWORD=CHANGE ME +CODIMD_DB_URL=CHANGE ME +KANBOARD_LDAP_PASSWORD=CHANGE ME +KANBOARD_DB_PASSWORD=CHANGE ME diff --git a/codimd/Dockerfile b/hedgedoc/Dockerfile similarity index 100% rename from codimd/Dockerfile rename to hedgedoc/Dockerfile diff --git a/kanbot b/kanbot new file mode 160000 index 0000000..95cabfb --- /dev/null +++ b/kanbot @@ -0,0 +1 @@ +Subproject commit 95cabfb36d34da267c79ef671231710697493364 diff --git a/riot/Dockerfile b/riot/Dockerfile deleted file mode 100644 index 4077b10..0000000 --- a/riot/Dockerfile +++ /dev/null @@ -1,5 +0,0 @@ -FROM vectorim/element-web:v1.7.22 - -# Customize instance settings and background -COPY config.json /app/config.json -COPY bg.jpg /app/bg.jpg diff --git a/sharelatex/Dockerfile b/sharelatex/Dockerfile deleted file mode 100644 index c2b313c..0000000 --- a/sharelatex/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM sharelatex/sharelatex:2.2.0 - -ENV SHARELATEX_APP_NAME="ShareLaTeX Aurore" -ENV SHARELATEX_MONGO_URL=mongodb://mongo/sharelatex -ENV SHARELATEX_REDIS_HOST=redis -ENV REDIS_HOST=redis -ENV ENABLED_LINKED_FILE_TYPES=url,project_file -ENV SHARELATEX_SITE_URL=https://sharelatex.auro.re -ENV SHARELATEX_ADMIN_EMAIL=root@localhost