nassella/app
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Properly gather, save, and generate Ghost config.

Browse Source
This commit is contained in:
Thomas Hintz
2025-12-08 11:32:30 -08:00
parent c23eef3403
commit 103beca17d
5 changed files with 83 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
Makefile
View File

@@ -17,7 +17,7 @@ $(wildcard all-apps/dozzle/*)
# compose .env files # compose .env files
# (compose only supports one .env file at the root by default) # (compose only supports one .env file at the root by default)
all-apps/.env: all-apps/*/.compose-env all-apps/.env: all-apps/ghost/.compose-env
find all-apps/ -name ".compose-env" -exec cat > all-apps/.env {} + find all-apps/ -name ".compose-env" -exec cat > all-apps/.env {} +
# Caddy / lb # Caddy / lb
@@ -38,9 +38,13 @@ all-apps/nextcloud/postgres_password: $(apps_config)
bash -c 'source ./$(apps_config); printf "%s\n" "$$NEXTCLOUD_POSTGRES_PASSWORD" > $@' bash -c 'source ./$(apps_config); printf "%s\n" "$$NEXTCLOUD_POSTGRES_PASSWORD" > $@'
all-apps/nextcloud/redis_password: $(apps_config) all-apps/nextcloud/redis_password: $(apps_config)
bash -c 'source ./$(apps_config); printf "%s\n" "$$NEXTCLOUD_REDIS_PASSWORD" > $@' bash -c 'source ./$(apps_config); printf "%s\n" "$$NEXTCLOUD_REDIS_PASSWORD" > $@'
all-apps/nextcloud/nextcloud.env: $(apps_config) make-nextcloud-env.sh all-apps/nextcloud/nextcloud.env: $(apps_config) all-apps/nextcloud/nextcloud.env.tmpl make-nextcloud-env.sh
./make-nextcloud-env.sh $(apps_config) ./make-nextcloud-env.sh $(apps_config)
# Ghost
all-apps/ghost/.compose-env: $(apps_config) all-apps/ghost/.compose.env.tmpl make-ghost-env.sh
./make-ghost-env.sh $(apps_config)
# Backups / Restic / Backblaze # Backups / Restic / Backblaze
restic-env: $(apps_config) make-restic-generated.sh restic-env: $(apps_config) make-restic-generated.sh
./make-restic-generated.sh $(apps_config) > restic-env ./make-restic-generated.sh $(apps_config) > restic-env
@@ -48,7 +52,6 @@ restic-password: $(apps_config) make-restic-password.sh
./make-restic-password.sh $(apps_config) > restic-password ./make-restic-password.sh $(apps_config) > restic-password
ignition.json: cl.yaml app/.dirstamp \ ignition.json: cl.yaml app/.dirstamp \
all-apps/.env \
all-apps/lb/Caddyfile \ all-apps/lb/Caddyfile \
all-apps/nextcloud/nextcloud_admin_user \ all-apps/nextcloud/nextcloud_admin_user \
all-apps/nextcloud/nextcloud_admin_password \ all-apps/nextcloud/nextcloud_admin_password \
@@ -57,8 +60,10 @@ all-apps/nextcloud/postgres_user \
all-apps/nextcloud/postgres_password \ all-apps/nextcloud/postgres_password \
all-apps/nextcloud/redis_password \ all-apps/nextcloud/redis_password \
all-apps/nextcloud/nextcloud.env \ all-apps/nextcloud/nextcloud.env \
all-apps/ghost/.compose-env \
restic-env \ restic-env \
restic-password \ restic-password \
all-apps/.env \
$(config_dir)ssh-keys $(config_dir)ssh-keys
cat cl.yaml | docker run --rm --volume $(config_dir)/ssh-keys:/pwd/ssh-keys --volume ${PWD}:/pwd --workdir /pwd -i quay.io/coreos/butane:latest -d /pwd > ignition.json cat cl.yaml | docker run --rm --volume $(config_dir)/ssh-keys:/pwd/ssh-keys --volume ${PWD}:/pwd --workdir /pwd -i quay.io/coreos/butane:latest -d /pwd > ignition.json
@@ -91,7 +96,7 @@ restic-snapshots: $(apps_config) restic-password
.PHONY: archive .PHONY: archive
archive: archive:
tar -cf nassella-latest.tar all-apps cl.yaml init-restic.sh main.tf make-caddyfile.sh Makefile \ tar -cf nassella-latest.tar all-apps cl.yaml init-restic.sh main.tf make-caddyfile.sh Makefile \
make-generated.sh make-nextcloud-env.sh make-restic-generated.sh make-restic-password.sh restic-snapshots.sh \ make-generated.sh make-nextcloud-env.sh make-ghost-env.sh make-restic-generated.sh make-restic-password.sh restic-snapshots.sh \
.terraform .terraform.lock.hcl .terraform .terraform.lock.hcl
cp nassella-latest.tar src/ cp nassella-latest.tar src/

16
all-apps/ghost/.compose-env → all-apps/ghost/.compose.env.tmpl
View File

@@ -3,7 +3,7 @@
# Ghost domain # Ghost domain
# Custom public domain Ghost will run on # Custom public domain Ghost will run on
GHOST_DOMAIN=www.nassella.cc # GHOST_DOMAIN=www.nassella.cc
# Ghost Admin domain # Ghost Admin domain
# If you have Ghost Admin setup on a separate domain uncomment the line below and add the domain # If you have Ghost Admin setup on a separate domain uncomment the line below and add the domain
@@ -12,9 +12,9 @@ GHOST_DOMAIN=www.nassella.cc
# Database settings # Database settings
# All database settings must not be changed once the database is initialised # All database settings must not be changed once the database is initialised
GHOST_DATABASE_ROOT_PASSWORD=reallysecurerootpassword # GHOST_DATABASE_ROOT_PASSWORD=reallysecurerootpassword
# DATABASE_USER=optionalusername # DATABASE_USER=optionalusername
GHOST_DATABASE_PASSWORD=ghostpassword # GHOST_DATABASE_PASSWORD=ghostpassword
# ActivityPub # ActivityPub
# If you'd prefer to self-host ActivityPub yourself uncomment the line below # If you'd prefer to self-host ActivityPub yourself uncomment the line below
@@ -33,12 +33,12 @@ GHOST_DATABASE_PASSWORD=ghostpassword
# Transactional email is required for logins, account creation (staff invites), password resets and other features # Transactional email is required for logins, account creation (staff invites), password resets and other features
# This is not related to bulk mail / newsletter sending # This is not related to bulk mail / newsletter sending
mail__transport=SMTP mail__transport=SMTP
mail__options__host=imap.fastmail.com # mail__options__host=
mail__options__port=993 # mail__options__port=
mail__options__secure=true mail__options__secure=true
mail__options__auth__user=t@thintz.com # mail__options__auth__user=
mail__options__auth__pass=5n6y9g6s9r6g3b6l # mail__options__auth__pass=
mail__from="'Thomas Hintz' <t@thintz.com>" # mail__from=""
# Advanced customizations # Advanced customizations

7
config/apps.config.tmpl
View File

@@ -6,6 +6,13 @@ NEXTCLOUD_POSTGRES_DB=nextcloud # recommended to leave as 'nextcloud'. The postg
NEXTCLOUD_POSTGRES_USER=nextcloud # recommended to leave as 'nextcloud'. The postgres user nextcloud uses NEXTCLOUD_POSTGRES_USER=nextcloud # recommended to leave as 'nextcloud'. The postgres user nextcloud uses
NEXTCLOUD_POSTGRES_PASSWORD= # should be a secure, randomly generated, postgres compatible password, stored in the config so it isn't lost on re-deployment but otherwise unneeded NEXTCLOUD_POSTGRES_PASSWORD= # should be a secure, randomly generated, postgres compatible password, stored in the config so it isn't lost on re-deployment but otherwise unneeded
NEXTCLOUD_REDIS_PASSWORD= # should be a secure, randomly generated, redis compatible password, stored in the config so it isn't lost on re-deployment but otherwise unneeded NEXTCLOUD_REDIS_PASSWORD= # should be a secure, randomly generated, redis compatible password, stored in the config so it isn't lost on re-deployment but otherwise unneeded
GHOST_DATABASE_ROOT_PASSWORD=
GHOST_DATABASE_PASSWORD=
SMTP_HOST=
SMTP_PORT=
SMTP_AUTH_USER=
SMTP_AUTH_PASSWORD=
SMTP_FROM=
BACKBLAZE_KEY_ID= # the key ID for a application key created on backblaze that has permissions for the bucket in BACKBLAZE_BUCKET_URL BACKBLAZE_KEY_ID= # the key ID for a application key created on backblaze that has permissions for the bucket in BACKBLAZE_BUCKET_URL
BACKBLAZE_APPLICATION_KEY= # the application key for the application key created on backblaze BACKBLAZE_APPLICATION_KEY= # the application key for the application key created on backblaze
BACKBLAZE_BUCKET_URL= # the full URL for the backblaze bucket, found on the backblaze UI for the bucket BACKBLAZE_BUCKET_URL= # the full URL for the backblaze bucket, found on the backblaze UI for the bucket

32
make-ghost-env.sh Executable file
View File

@@ -0,0 +1,32 @@
#!/bin/bash
set -e
. $1 # source the apps.config file with then env vars
read -r -a APP_CONFIGS <<< "$APP_CONFIGS"
nextcloud_subdomain=
for config_string in ${APP_CONFIGS[@]}; do
IFS=','
read -r -a config <<< "$config_string"
app=${config[0]}
subdomain=${config[1]}
if [ "$app" = "ghost" ]; then
ghost_subdomain="$subdomain"
fi
done
# write compose env file
echo "GHOST_DOMAIN=\"$ghost_subdomain.$ROOT_DOMAIN\"" > all-apps/ghost/.compose-env
echo "GHOST_DATABASE_ROOT_PASSWORD=\"$GHOST_DATABASE_ROOT_PASSWORD\"" >> all-apps/ghost/.compose-env
echo "GHOST_DATABASE_PASSWORD=\"$GHOST_DATABASE_PASSWORD\"" >> all-apps/ghost/.compose-env
echo "mail__options__host=\"$SMTP_HOST\"" >> all-apps/ghost/.compose-env
echo "mail__options__port=\"$SMTP_PORT\"" >> all-apps/ghost/.compose-env
echo "mail__options__auth__user=\"$SMTP_AUTH_USER\"" >> all-apps/ghost/.compose-env
echo "mail__options__auth__pass=\"$SMTP_AUTH_PASSWORD\"" >> all-apps/ghost/.compose-env
echo "mail__from=\"$SMTP_FROM\"" >> all-apps/ghost/.compose-env
cat all-apps/ghost/.compose.env.tmpl >> all-apps/ghost/.compose-env

29
src/nassella.scm
View File

@@ -689,7 +689,6 @@ h1, h2, h3, h4, h5, h6 {
(Form-Nav (@ (back-to ,(conc "/config/wizard/services-success/" instance-id)))))))))) (Form-Nav (@ (back-to ,(conc "/config/wizard/services-success/" instance-id))))))))))
(post "/config/wizard/apps-submit/:id" (post "/config/wizard/apps-submit/:id"
(display "root domain: ") (print (alist-ref 'root-domain (current-params)))
(let ((instance-id (alist-ref "id" (current-params) equal?))) (let ((instance-id (alist-ref "id" (current-params) equal?)))
(with-db/transaction (with-db/transaction
(lambda (db) (lambda (db)
@@ -755,6 +754,20 @@ h1, h2, h3, h4, h5, h6 {
(value ,(alist-ref 'user (alist-ref 'log-viewer app-config eq? '()) eq? "")))) (value ,(alist-ref 'user (alist-ref 'log-viewer app-config eq? '()) eq? ""))))
(Field (@ (name "log-viewer-password") (label ("Password")) (type "password") (Field (@ (name "log-viewer-password") (label ("Password")) (type "password")
(value ,(alist-ref 'password (alist-ref 'log-viewer app-config eq? '()) eq? ""))))) (value ,(alist-ref 'password (alist-ref 'log-viewer app-config eq? '()) eq? "")))))
,@(if (or (member 'nextcloud selected-apps) (member 'ghost selected-apps))
`((Fieldset
(@ (title "All Apps - Email - SMTP"))
(Field (@ (name "smtp-host") (label ("Host"))
(value ,(alist-ref 'smtp-host (alist-ref 'all-apps app-config eq? '()) eq? ""))))
(Field (@ (name "smtp-port") (label ("Port"))
(value ,(alist-ref 'smtp-port (alist-ref 'all-apps app-config eq? '()) eq? ""))))
(Field (@ (name "smtp-auth-user") (label ("Auth User"))
(value ,(alist-ref 'smtp-auth-user (alist-ref 'all-apps app-config eq? '()) eq? ""))))
(Field (@ (name "smtp-auth-password") (label ("Auth Password")) (type "password")
(value ,(alist-ref 'smtp-auth-password (alist-ref 'all-apps app-config eq? '()) eq? ""))))
(Field (@ (name "smtp-from") (label ("From"))
(value ,(alist-ref 'smtp-from (alist-ref 'all-apps app-config eq? '()) eq? "My Name <no-reply@example.org>"))))))
'())
(Form-Nav (@ (back-to ,(conc "/config/wizard/apps/" instance-id)))))))))) (Form-Nav (@ (back-to ,(conc "/config/wizard/apps/" instance-id))))))))))
(post "/config/wizard/apps2-submit/:id" (post "/config/wizard/apps2-submit/:id"
@@ -772,7 +785,12 @@ h1, h2, h3, h4, h5, h6 {
(admin-password . ,(alist-ref 'nextcloud-admin-password (current-params))))) (admin-password . ,(alist-ref 'nextcloud-admin-password (current-params)))))
(log-viewer . ((subdomain . ,(alist-ref 'log-viewer-subdomain (current-params))) (log-viewer . ((subdomain . ,(alist-ref 'log-viewer-subdomain (current-params)))
(user . ,(alist-ref 'log-viewer-user (current-params))) (user . ,(alist-ref 'log-viewer-user (current-params)))
(password . ,(alist-ref 'log-viewer-password (current-params))))))))) (password . ,(alist-ref 'log-viewer-password (current-params)))))
(all-apps . ((smtp-host . ,(alist-ref 'smtp-host (current-params)))
(smtp-port . ,(alist-ref 'smtp-port (current-params)))
(smtp-auth-user . ,(alist-ref 'smtp-auth-user (current-params)))
(smtp-auth-password . ,(alist-ref 'smtp-auth-password (current-params)))
(smtp-from . ,(alist-ref 'smtp-from (current-params)))))))))
(redirect (conc "/config/wizard/machine/" instance-id)))) (redirect (conc "/config/wizard/machine/" instance-id))))
(get/widgets (get/widgets
@@ -926,6 +944,13 @@ h1, h2, h3, h4, h5, h6 {
("NEXTCLOUD_POSTGRES_USER" . "nextcloud") ("NEXTCLOUD_POSTGRES_USER" . "nextcloud")
("NEXTCLOUD_POSTGRES_PASSWORD" . "dbpassword") ;; TODO generate ("NEXTCLOUD_POSTGRES_PASSWORD" . "dbpassword") ;; TODO generate
("NEXTCLOUD_REDIS_PASSWORD" . "redispassword") ;; TODO generate ("NEXTCLOUD_REDIS_PASSWORD" . "redispassword") ;; TODO generate
("GHOST_DATABASE_ROOT_PASSWORD" . "reallysecurerootpassword") ;; TODO generate
("GHOST_DATABASE_PASSWORD" . "ghostpassword") ;; TODO generate
("SMTP_HOST" . ,(alist-ref 'smtp-host (alist-ref 'all-apps config)))
("SMTP_PORT" . ,(alist-ref 'smtp-port (alist-ref 'all-apps config)))
("SMTP_AUTH_USER" . ,(alist-ref 'smtp-auth-user (alist-ref 'all-apps config)))
("SMTP_AUTH_PASSWORD" . ,(alist-ref 'smtp-auth-password (alist-ref 'all-apps config)))
("SMTP_FROM" . ,(alist-ref 'smtp-from (alist-ref 'all-apps config)))
("BACKBLAZE_KEY_ID" . ,(alist-ref 'backblaze-key-id service-config)) ("BACKBLAZE_KEY_ID" . ,(alist-ref 'backblaze-key-id service-config))
("BACKBLAZE_APPLICATION_KEY" . ,(alist-ref 'backblaze-application-key service-config)) ("BACKBLAZE_APPLICATION_KEY" . ,(alist-ref 'backblaze-application-key service-config))
("BACKBLAZE_BUCKET_URL" . ,(alist-ref 'backblaze-bucket-url service-config)) ("BACKBLAZE_BUCKET_URL" . ,(alist-ref 'backblaze-bucket-url service-config))