diff --git a/Makefile b/Makefile index 1add306..abbc169 100644 --- a/Makefile +++ b/Makefile @@ -17,7 +17,7 @@ $(wildcard all-apps/dozzle/*) # compose .env files # (compose only supports one .env file at the root by default) -all-apps/.env: all-apps/*/.compose-env +all-apps/.env: all-apps/ghost/.compose-env find all-apps/ -name ".compose-env" -exec cat > all-apps/.env {} + # Caddy / lb @@ -38,9 +38,13 @@ all-apps/nextcloud/postgres_password: $(apps_config) bash -c 'source ./$(apps_config); printf "%s\n" "$$NEXTCLOUD_POSTGRES_PASSWORD" > $@' all-apps/nextcloud/redis_password: $(apps_config) bash -c 'source ./$(apps_config); printf "%s\n" "$$NEXTCLOUD_REDIS_PASSWORD" > $@' -all-apps/nextcloud/nextcloud.env: $(apps_config) make-nextcloud-env.sh +all-apps/nextcloud/nextcloud.env: $(apps_config) all-apps/nextcloud/nextcloud.env.tmpl make-nextcloud-env.sh ./make-nextcloud-env.sh $(apps_config) +# Ghost +all-apps/ghost/.compose-env: $(apps_config) all-apps/ghost/.compose.env.tmpl make-ghost-env.sh + ./make-ghost-env.sh $(apps_config) + # Backups / Restic / Backblaze restic-env: $(apps_config) make-restic-generated.sh ./make-restic-generated.sh $(apps_config) > restic-env @@ -48,7 +52,6 @@ restic-password: $(apps_config) make-restic-password.sh ./make-restic-password.sh $(apps_config) > restic-password ignition.json: cl.yaml app/.dirstamp \ -all-apps/.env \ all-apps/lb/Caddyfile \ all-apps/nextcloud/nextcloud_admin_user \ all-apps/nextcloud/nextcloud_admin_password \ @@ -57,8 +60,10 @@ all-apps/nextcloud/postgres_user \ all-apps/nextcloud/postgres_password \ all-apps/nextcloud/redis_password \ all-apps/nextcloud/nextcloud.env \ +all-apps/ghost/.compose-env \ restic-env \ restic-password \ +all-apps/.env \ $(config_dir)ssh-keys cat cl.yaml | docker run --rm --volume $(config_dir)/ssh-keys:/pwd/ssh-keys --volume ${PWD}:/pwd --workdir /pwd -i quay.io/coreos/butane:latest -d /pwd > ignition.json @@ -91,7 +96,7 @@ restic-snapshots: $(apps_config) restic-password .PHONY: archive archive: tar -cf nassella-latest.tar all-apps cl.yaml init-restic.sh main.tf make-caddyfile.sh Makefile \ - make-generated.sh make-nextcloud-env.sh make-restic-generated.sh make-restic-password.sh restic-snapshots.sh \ + make-generated.sh make-nextcloud-env.sh make-ghost-env.sh make-restic-generated.sh make-restic-password.sh restic-snapshots.sh \ .terraform .terraform.lock.hcl cp nassella-latest.tar src/ diff --git a/all-apps/ghost/.compose-env b/all-apps/ghost/.compose.env.tmpl similarity index 85% rename from all-apps/ghost/.compose-env rename to all-apps/ghost/.compose.env.tmpl index b9b9999..379f8d2 100644 --- a/all-apps/ghost/.compose-env +++ b/all-apps/ghost/.compose.env.tmpl @@ -3,7 +3,7 @@ # Ghost domain # Custom public domain Ghost will run on -GHOST_DOMAIN=www.nassella.cc +# GHOST_DOMAIN=www.nassella.cc # Ghost Admin domain # If you have Ghost Admin setup on a separate domain uncomment the line below and add the domain @@ -12,9 +12,9 @@ GHOST_DOMAIN=www.nassella.cc # Database settings # All database settings must not be changed once the database is initialised -GHOST_DATABASE_ROOT_PASSWORD=reallysecurerootpassword +# GHOST_DATABASE_ROOT_PASSWORD=reallysecurerootpassword # DATABASE_USER=optionalusername -GHOST_DATABASE_PASSWORD=ghostpassword +# GHOST_DATABASE_PASSWORD=ghostpassword # ActivityPub # If you'd prefer to self-host ActivityPub yourself uncomment the line below @@ -33,12 +33,12 @@ GHOST_DATABASE_PASSWORD=ghostpassword # Transactional email is required for logins, account creation (staff invites), password resets and other features # This is not related to bulk mail / newsletter sending mail__transport=SMTP -mail__options__host=imap.fastmail.com -mail__options__port=993 +# mail__options__host= +# mail__options__port= mail__options__secure=true -mail__options__auth__user=t@thintz.com -mail__options__auth__pass=5n6y9g6s9r6g3b6l -mail__from="'Thomas Hintz' " +# mail__options__auth__user= +# mail__options__auth__pass= +# mail__from="" # Advanced customizations diff --git a/config/apps.config.tmpl b/config/apps.config.tmpl index 83432c2..bbc7e69 100644 --- a/config/apps.config.tmpl +++ b/config/apps.config.tmpl @@ -6,6 +6,13 @@ NEXTCLOUD_POSTGRES_DB=nextcloud # recommended to leave as 'nextcloud'. The postg NEXTCLOUD_POSTGRES_USER=nextcloud # recommended to leave as 'nextcloud'. The postgres user nextcloud uses NEXTCLOUD_POSTGRES_PASSWORD= # should be a secure, randomly generated, postgres compatible password, stored in the config so it isn't lost on re-deployment but otherwise unneeded NEXTCLOUD_REDIS_PASSWORD= # should be a secure, randomly generated, redis compatible password, stored in the config so it isn't lost on re-deployment but otherwise unneeded +GHOST_DATABASE_ROOT_PASSWORD= +GHOST_DATABASE_PASSWORD= +SMTP_HOST= +SMTP_PORT= +SMTP_AUTH_USER= +SMTP_AUTH_PASSWORD= +SMTP_FROM= BACKBLAZE_KEY_ID= # the key ID for a application key created on backblaze that has permissions for the bucket in BACKBLAZE_BUCKET_URL BACKBLAZE_APPLICATION_KEY= # the application key for the application key created on backblaze BACKBLAZE_BUCKET_URL= # the full URL for the backblaze bucket, found on the backblaze UI for the bucket diff --git a/make-ghost-env.sh b/make-ghost-env.sh new file mode 100755 index 0000000..966c306 --- /dev/null +++ b/make-ghost-env.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +set -e + +. $1 # source the apps.config file with then env vars + +read -r -a APP_CONFIGS <<< "$APP_CONFIGS" + +nextcloud_subdomain= + +for config_string in ${APP_CONFIGS[@]}; do + IFS=',' + read -r -a config <<< "$config_string" + + app=${config[0]} + subdomain=${config[1]} + + if [ "$app" = "ghost" ]; then + ghost_subdomain="$subdomain" + fi +done + +# write compose env file +echo "GHOST_DOMAIN=\"$ghost_subdomain.$ROOT_DOMAIN\"" > all-apps/ghost/.compose-env +echo "GHOST_DATABASE_ROOT_PASSWORD=\"$GHOST_DATABASE_ROOT_PASSWORD\"" >> all-apps/ghost/.compose-env +echo "GHOST_DATABASE_PASSWORD=\"$GHOST_DATABASE_PASSWORD\"" >> all-apps/ghost/.compose-env +echo "mail__options__host=\"$SMTP_HOST\"" >> all-apps/ghost/.compose-env +echo "mail__options__port=\"$SMTP_PORT\"" >> all-apps/ghost/.compose-env +echo "mail__options__auth__user=\"$SMTP_AUTH_USER\"" >> all-apps/ghost/.compose-env +echo "mail__options__auth__pass=\"$SMTP_AUTH_PASSWORD\"" >> all-apps/ghost/.compose-env +echo "mail__from=\"$SMTP_FROM\"" >> all-apps/ghost/.compose-env +cat all-apps/ghost/.compose.env.tmpl >> all-apps/ghost/.compose-env diff --git a/src/nassella.scm b/src/nassella.scm index 1292d72..9751910 100644 --- a/src/nassella.scm +++ b/src/nassella.scm @@ -689,7 +689,6 @@ h1, h2, h3, h4, h5, h6 { (Form-Nav (@ (back-to ,(conc "/config/wizard/services-success/" instance-id)))))))))) (post "/config/wizard/apps-submit/:id" - (display "root domain: ") (print (alist-ref 'root-domain (current-params))) (let ((instance-id (alist-ref "id" (current-params) equal?))) (with-db/transaction (lambda (db) @@ -755,6 +754,20 @@ h1, h2, h3, h4, h5, h6 { (value ,(alist-ref 'user (alist-ref 'log-viewer app-config eq? '()) eq? "")))) (Field (@ (name "log-viewer-password") (label ("Password")) (type "password") (value ,(alist-ref 'password (alist-ref 'log-viewer app-config eq? '()) eq? ""))))) + ,@(if (or (member 'nextcloud selected-apps) (member 'ghost selected-apps)) + `((Fieldset + (@ (title "All Apps - Email - SMTP")) + (Field (@ (name "smtp-host") (label ("Host")) + (value ,(alist-ref 'smtp-host (alist-ref 'all-apps app-config eq? '()) eq? "")))) + (Field (@ (name "smtp-port") (label ("Port")) + (value ,(alist-ref 'smtp-port (alist-ref 'all-apps app-config eq? '()) eq? "")))) + (Field (@ (name "smtp-auth-user") (label ("Auth User")) + (value ,(alist-ref 'smtp-auth-user (alist-ref 'all-apps app-config eq? '()) eq? "")))) + (Field (@ (name "smtp-auth-password") (label ("Auth Password")) (type "password") + (value ,(alist-ref 'smtp-auth-password (alist-ref 'all-apps app-config eq? '()) eq? "")))) + (Field (@ (name "smtp-from") (label ("From")) + (value ,(alist-ref 'smtp-from (alist-ref 'all-apps app-config eq? '()) eq? "My Name ")))))) + '()) (Form-Nav (@ (back-to ,(conc "/config/wizard/apps/" instance-id)))))))))) (post "/config/wizard/apps2-submit/:id" @@ -772,7 +785,12 @@ h1, h2, h3, h4, h5, h6 { (admin-password . ,(alist-ref 'nextcloud-admin-password (current-params))))) (log-viewer . ((subdomain . ,(alist-ref 'log-viewer-subdomain (current-params))) (user . ,(alist-ref 'log-viewer-user (current-params))) - (password . ,(alist-ref 'log-viewer-password (current-params))))))))) + (password . ,(alist-ref 'log-viewer-password (current-params))))) + (all-apps . ((smtp-host . ,(alist-ref 'smtp-host (current-params))) + (smtp-port . ,(alist-ref 'smtp-port (current-params))) + (smtp-auth-user . ,(alist-ref 'smtp-auth-user (current-params))) + (smtp-auth-password . ,(alist-ref 'smtp-auth-password (current-params))) + (smtp-from . ,(alist-ref 'smtp-from (current-params))))))))) (redirect (conc "/config/wizard/machine/" instance-id)))) (get/widgets @@ -926,6 +944,13 @@ h1, h2, h3, h4, h5, h6 { ("NEXTCLOUD_POSTGRES_USER" . "nextcloud") ("NEXTCLOUD_POSTGRES_PASSWORD" . "dbpassword") ;; TODO generate ("NEXTCLOUD_REDIS_PASSWORD" . "redispassword") ;; TODO generate + ("GHOST_DATABASE_ROOT_PASSWORD" . "reallysecurerootpassword") ;; TODO generate + ("GHOST_DATABASE_PASSWORD" . "ghostpassword") ;; TODO generate + ("SMTP_HOST" . ,(alist-ref 'smtp-host (alist-ref 'all-apps config))) + ("SMTP_PORT" . ,(alist-ref 'smtp-port (alist-ref 'all-apps config))) + ("SMTP_AUTH_USER" . ,(alist-ref 'smtp-auth-user (alist-ref 'all-apps config))) + ("SMTP_AUTH_PASSWORD" . ,(alist-ref 'smtp-auth-password (alist-ref 'all-apps config))) + ("SMTP_FROM" . ,(alist-ref 'smtp-from (alist-ref 'all-apps config))) ("BACKBLAZE_KEY_ID" . ,(alist-ref 'backblaze-key-id service-config)) ("BACKBLAZE_APPLICATION_KEY" . ,(alist-ref 'backblaze-application-key service-config)) ("BACKBLAZE_BUCKET_URL" . ,(alist-ref 'backblaze-bucket-url service-config))