Commit Graph

52 Commits

Author SHA1 Message Date
Gernot Schulz
5b28763bcc Docker: Bind to 0.0.0.0 for Docker Swarm
Swarm uses a cluster-wide ingress network and does not permit binding
ports to localhost.  It simply ignores such a binding and prints
a warning instead.

This patch fixes this recent regression to avoid the warning.
2021-07-12 11:38:59 +02:00
Finn Stutzenstein
27831154fa
Setting for the mediafile database tablename 2021-07-08 10:48:51 +02:00
Finn Stutzenstein
f4c237a18e
Merge pull request #5998 from FinnStutzenstein/421
Add ALLOWED_HOSTS
2021-05-17 07:55:23 +02:00
Emanuel Schütze
5cee662058
Merge pull request #5915 from gsiv/dev/prom
Docker: Improve Prometheus integration
2021-05-04 16:08:04 +02:00
Finn Stutzenstein
91a15d24a8
Add ALLOWED_HOSTS
the proxy responds with a 421, if a host header with an invalid host
name is encountered. If nothing is provided (see default .env) all hosts
are allowed. Examples:

ALLOWED_HOSTS="localhost:8000 127.0.0.1:8000"

ALLOWED_HOSTS="some.domain.example.com"

Add EXTERNAL_HTTPS_PORT. See .env for the configuration.
2021-04-26 16:01:35 +02:00
Finn Stutzenstein
ee8702aff1
Merge pull request #5921 from gsiv/dev/yml-image-override
Docker: Allow overriding image names from .env
2021-04-26 10:16:02 +02:00
Joshua Sangmeister
e2d4fafe6d Fix vote delegation update error 2021-04-22 20:51:44 +02:00
Finn Stutzenstein
2b3d1db3bf
Merge pull request #5952 from Piratenpartei/server_setup_env
Add ENV for server-setup host and port
2021-04-12 08:04:58 +02:00
Joshua Sangmeister
4b13ff681e user_token, single votes table, entitled_users server changes
server changes finished, tests, cleanup

Add entitled user table

Fix formatting

Finish entitled users table & implement new percent base

Fix typing

Fixed remarks & errors

Fix new precent base representation

Update autoupdate service

Remove unneeded prettier entry

Remove unneeded css
2021-04-01 16:02:47 +02:00
Gernot Schulz
1ad0a61524 Docker: Simplify image name/registry handling
For a subset of the images required by a Compose or Swarm Setup,
non-default names can be configured in .env.  Originally, the names were
treated as the images' complete names, i.e., including an optional
registry domain.  Using this setup, it was possible to pull the
irregularly updated auxiliary images from a default registry while, at
the same time, obtaining certain images from different registries.

Commit e225a57f97 changed this behavior.  Since then, the names in .env
can only be used to change part of the image name, excluding the
registry.  If a default registry is configured it is always prepended to
the given image name, breaking the original use case.

This patch removes the ability to override image names in .env.
Instead, the registry of each image can be customized.

The reasoning here is that the only common reason to change an image
name is to change its Docker registry.  For example, while the default
registry may be set to default.example.com, it may be necessary to
obtain the backend image private.example.com/openslides-server.  With
this patch, that would be achieved by the following configuration in
.env:

    DOCKER_OPENSLIDES_BACKEND_REGISTRY="private.example.com"

For special cases, for which the images' basename must indeed be changed
as well, the template would need to be customized.

The templates are not backwards-compatible.
2021-03-31 15:08:32 +02:00
Adrian Nöthlich
52108cd0c4
Add ENV for server-setup host and port
Signed-off-by: Adrian Nöthlich <git@promasu.tech>
2021-03-12 01:07:39 +01:00
Gernot Schulz
614e0f2d5f Docker: Add Prometheus as an optional service 2021-03-01 15:24:06 +01:00
Emanuel Schütze
2d4ece84a0
Merge pull request #5922 from gsiv/dev/build-proxy-default
Docker: Remove proxy as a default build target
2021-03-01 13:26:36 +01:00
Gernot Schulz
cd98502b1c Docker: Remove server command override examples
The YAML configuration files include comments outlining how to override
the server image's default command.  They are supposed to help with, for
example, replacing gunicorn with daphne.

These comments have diverged from the actual command used in current
images.  Furthermore, at least to my knowledge, the setup has not been
used or tested with daphne in a long time.  For these reasons, this
patch removes the comments without a replacement.

If there still is, in fact, a use case for the instructions, they would
need to be updated and their location should be reconsidered.
2021-03-01 11:06:52 +01:00
Gernot Schulz
8d393ba17f Docker: Remove proxy as a default build target
The proxy image is not going to be subject to regular change and is
instead more similar to services such as the database.  Therefore, it
does not need to be a default build target of build.sh.
2021-03-01 10:48:47 +01:00
Finn Stutzenstein
4929e2b6f6 Change chat access groups
Adjust some client chat feature

- Cleanup some stuff
- Read and write chatting
2021-02-19 15:08:02 +01:00
Oskar Hahn
69bf46a5ff Prometheus 2021-02-15 10:50:12 +01:00
Finn Stutzenstein
35e8f84fda
Own session redis
- removed big mode artifacts
- removed django_session_redis
- Enforce newly created settings.py when invalid options are set:
  * OPENSLIDES_USER_DATA_DIR
  * SESSION_ENGINE
- Overwrites the secret key during development to "development"
2021-02-15 07:37:46 +01:00
Emanuel Schütze
aac8ec8f2e
Merge pull request #5876 from tsiegleauq/chat
Chat
2021-02-11 20:42:36 +01:00
Sean
69adc1d41c Add Chat UI Components
Add Chat User Interface
Restructure some services
Virtual Scrolling
Manual change detection for message updates
Enhanced Date pipe
Message layout
Tabbed reusable chat window
Deleting messages
Further permission checks
Delete-prompts
Mobile friendly chat usage
automatically scroll to bottom
2021-02-11 17:10:25 +01:00
Finn Stutzenstein
f65e8ae819
fix Caddy dev setup 2021-02-10 07:30:36 +01:00
Gernot Schulz
a1e65e8a47 Docker: Rename proxy-related variables
HAProxy was replaced by Caddy, so obviously variables should not longer
carry HAPROXY in their names to avoid confusion.

To hopefully make future changes less likely to break configurations,
we'll keep variable and image names generic (proxy instead of caddy).
2021-02-08 14:53:45 +01:00
Oskar Hahn
ab2a8ca419 Use https in dev mode 2021-02-06 11:47:38 +01:00
Oskar Hahn
d7d8dcb3c9 Fix Development 2021-02-05 19:26:04 +01:00
Emanuel Schütze
d05958ca10
Merge pull request #5851 from ostcar/caddy
Use caddy
2021-02-05 18:17:51 +01:00
Gernot Schulz
f7d228a600 Docker: Update build scripts for Caddy
For now, keep using HAProxy's name in most places, e.g.,
DOCKER_OPENSLIDES_HAPROXY_NAME.  To avoid confusion, the specific
mentions of HAProxy should be made more generic, e.g.,
DOCKER_OPENSLIDES_PROXY_NAME.
2021-02-05 18:00:04 +01:00
Gernot Schulz
40dc0e08fa Caddy: Add config to image instead of using a volume 2021-02-05 17:59:57 +01:00
Norman Jäckel
cc5bcf1a81 Updated README 2021-02-05 12:01:48 +01:00
Finn Stutzenstein
9e38ed955f
Fix docker compose dev 2021-02-05 12:00:11 +01:00
Oskar Hahn
dc58752575 Use caddy 2021-02-04 20:54:57 +01:00
Finn Stutzenstein
8049bfa91e
Performance improvements for OS3+
- Cleans up log messages in the client
- Refactored the autoupdate bundle code into an own file
- Added bulk creates for History in Postgresql. This is the only database system
  that supports returning all ids whan multiple elements are inserted. We can
  make usage out of it.
- Added a `disable_history`, that is request-wide
- Disabled history on poll vote requests
- Removed unnecessary user ordering
- Reduced the queries for creating motion vote objects by one
- removed final_data: This was not prefetched. Using the normal data collection
  the data is prefetched
- removed unnecessary user query if vore delegation is not used
2021-01-21 12:53:51 +01:00
FinnStutzenstein
e225a57f97
OpenSlides3+: External Autoupdate Service
- Removing channels. Going back to a wsgi deployment
- Removed server projector code
- Autoupdate throttling is now in the client
- New communication stack in the client
- Adopted all deployment methods: Docker stack and docker compose (prod and dev)
- Added autoupdate service as submodule
2021-01-14 07:55:41 +01:00
Finn Stutzenstein
0c66afc34a
Add env variables for media cache 2020-11-05 16:19:44 +01:00
Finn Stutzenstein
6943c3d18f
Expose more email settings 2020-11-02 07:26:09 +01:00
Gernot Schulz
2305ca9d21 Docker config: Quote env vars read by m4 2020-10-20 12:05:11 +02:00
Emanuel Schütze
21990aa568
Merge pull request #5602 from FinnStutzenstein/addDemoModeToDocker
Add demo mode to all docker setups
2020-10-07 23:30:35 +02:00
Finn Stutzenstein
fd2fd8d73a Add demo mode to all docker setups 2020-10-07 16:50:08 +02:00
Manfred Löbling
49a3bcd930 admin.env is not loaded. docker-*.m4 defines ADMIN_SECRET_AVAILABLE if adminsecret.env is present 2020-10-01 13:30:25 +02:00
Gernot Schulz
ed9e50a1b4 Docker templates: Set empty values instead of None 2020-09-10 10:12:16 +02:00
Gernot Schulz
a408ee62ee Docker build.sh: Run aux build scripts in subshell 2020-09-07 10:29:18 +02:00
Sean
0933bb6abd Change jitsi_password to jitsi_room_password
Fixes false naming in both documentation, template
and docker
2020-08-21 15:46:43 +02:00
Gernot Schulz
8faa2ad38f
Docker: Add --ask-push option to build.sh 2020-08-21 08:11:16 +02:00
Gernot Schulz
9a2d3a3760
Docker: Add SAML configuration
To configure SAML, ENABLE_SAML must be set to True in .env.
Additionally, the following files must be provided in ./secrets/saml/:

  - sp.crt
  - sp.key
  - saml_settings.json

The files will be added as Docker secrets.

Even though saml_settings.json does not contain secret information
per se it is nonetheless added as a secret for simplicity.  Technically,
the file is equally suited to be configured as a "Docker config".

Please note:

  - This patch has not been tested yet.
  - python3-saml's version should probably be pinned.
2020-08-21 08:11:16 +02:00
Gernot Schulz
2b7e4d3d19
Docker: Add backend variables to .env and templates
This setup chooses to avoid the env_file option available for Docker
Compose files.  Docker has a peculiar way of parsing variables which
makes it, for example, include quotes verbatim.

This is both confusing and incompatible with shells parsing the same
file which is a requirement.  For this reason, the configuration does
not import the complete environment using env_file but assigns variables
explicitly on a need-to-know basis in the YAML file, much like Docker
secrets.

Since the configuration is generated automatically, the burden on users
is the same as with env_file: they only need to edit .env for
customizations.
2020-08-21 08:11:15 +02:00
Gernot Schulz
d1640bc98d
Docker: Add .env
This file was copied from
https://github.com/OpenSlides/openslides-docker-compose/
and still needs to be adjusted for the present setup.
2020-08-21 08:11:15 +02:00
Gernot Schulz
1c0724341c
build.sh: More convenient way to push images
Since build.sh now builds more than just two images, individual queries
whether to push each image to a registry may become tedious.  This patch
replaces the queries with a single checklist menu.  After making
a selection, the images get pushed all at once.

In the menu, all images are unchecked by default in order to prevent
accidental uploads.  This, too, may become tedious.  In that case, the
default could be flipped or a new option could be introduced.
2020-08-21 08:11:15 +02:00
Gernot Schulz
418480bff5
build.sh: Make build script more useful
build.sh replaces docker-compose as an image build tool.  Instead, all
OpenSlides services can be built using this script which offers various
important options such as tagging and configurable defaults.

The now-redundant build instructions have been removed from the YAML
templates.

The almost identical server and client build scripts have been made
fully identical.
2020-08-21 08:11:15 +02:00
Gernot Schulz
9c9f268fbf
Docker: Shorten server-db-setup service name 2020-08-21 08:11:15 +02:00
Gernot Schulz
63c4bc3ff7
build.sh: Build config from template 2020-08-21 08:11:14 +02:00
Gernot Schulz
4f194a8794
Docker: Add a Docker secret for the Django key
We have decided against including an insecure default key with a mere
warning.  Therefore, unlike the admin and user secrets, the availability
of this secret is a hard requirement.  The instance will not be able to
start before a secret has been generated manually or by a management
tool.
2020-08-21 08:11:14 +02:00