From 110bcf1c8da1edf6ba0f96ef4529c733c5b1146b Mon Sep 17 00:00:00 2001 From: Dan Hunsaker Date: Tue, 1 Oct 2019 16:25:25 -0600 Subject: [PATCH] Various updates for Nanobox deploys (#11988) --- .env.nanobox | 56 ++++++++++++++++++++++++++++++++++++++-------------- boxfile.yml | 3 +++ 2 files changed, 44 insertions(+), 15 deletions(-) diff --git a/.env.nanobox b/.env.nanobox index b60b6ee6897..cfbe487fba7 100644 --- a/.env.nanobox +++ b/.env.nanobox @@ -11,24 +11,14 @@ DB_NAME=gonano DB_PASS=$DATA_DB_PASS DB_PORT=5432 -DATABASE_URL=postgresql://$DATA_DB_USER:$DATA_DB_PASS@$DATA_DB_HOST/gonano +# DATABASE_URL=postgresql://$DATA_DB_USER:$DATA_DB_PASS@$DATA_DB_HOST/gonano # Optional ElasticSearch configuration ES_ENABLED=true ES_HOST=$DATA_ELASTIC_HOST ES_PORT=9200 -# Optimizations -LD_PRELOAD=/data/lib/libjemalloc.so - -# ImageMagick optimizations -MAGICK_TEMPORARY_PATH=/app/tmp -MAGICK_MEMORY_LIMIT=128MiB -MAGICK_MAP_LIMIT=64MiB -MAGICK_TIME_LIMIT=15 -MAGICK_AREA_LIMIT=16MP -MAGICK_WIDTH_LIMIT=8KP -MAGICK_HEIGHT_LIMIT=8KP +BIND=0.0.0.0 # Federation # Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation. @@ -84,6 +74,7 @@ SMTP_PORT=587 SMTP_LOGIN=$SMTP_LOGIN SMTP_PASSWORD=$SMTP_PASSWORD SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io +#SMTP_REPLY_TO= #SMTP_DOMAIN= # defaults to LOCAL_DOMAIN #SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail #SMTP_AUTH_METHOD=plain @@ -97,9 +88,17 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io # PAPERCLIP_ROOT_URL=/system # Optional asset host for multi-server setups +# The asset host must allow cross origin request from WEB_DOMAIN or LOCAL_DOMAIN +# if WEB_DOMAIN is not set. For example, the server may have the +# following header field: +# Access-Control-Allow-Origin: https://example.com/ # CDN_HOST=https://assets.example.com # S3 (optional) +# The attachment host must allow cross origin request from WEB_DOMAIN or +# LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the +# following header field: +# Access-Control-Allow-Origin: https://192.168.1.123:9000/ # S3_ENABLED=true # S3_BUCKET= # AWS_ACCESS_KEY_ID= @@ -109,6 +108,8 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io # S3_HOSTNAME=192.168.1.123:9000 # S3 (Minio Config (optional) Please check Minio instance for details) +# The attachment host must allow cross origin request - see the description +# above. # S3_ENABLED=true # S3_BUCKET= # AWS_ACCESS_KEY_ID= @@ -119,12 +120,30 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io # S3_ENDPOINT= # S3_SIGNATURE_VERSION= +# Google Cloud Storage (optional) +# Use S3 compatible API. Since GCS does not support Multipart Upload, +# increase the value of S3_MULTIPART_THRESHOLD to disable Multipart Upload. +# The attachment host must allow cross origin request - see the description +# above. +# S3_ENABLED=true +# AWS_ACCESS_KEY_ID= +# AWS_SECRET_ACCESS_KEY= +# S3_REGION= +# S3_PROTOCOL=https +# S3_HOSTNAME=storage.googleapis.com +# S3_ENDPOINT=https://storage.googleapis.com +# S3_MULTIPART_THRESHOLD=52428801 # 50.megabytes + # Swift (optional) +# The attachment host must allow cross origin request - see the description +# above. # SWIFT_ENABLED=true # SWIFT_USERNAME= # For Keystone V3, the value for SWIFT_TENANT should be the project name # SWIFT_TENANT= # SWIFT_PASSWORD= +# Some OpenStack V3 providers require PROJECT_ID (optional) +# SWIFT_PROJECT_ID= # Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid # issues with token rate-limiting during high load. # SWIFT_AUTH_URL= @@ -171,8 +190,8 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io # The pam environment variable "email" is provided by: # https://github.com/devkral/pam_email_extractor # PAM_ENABLED=true -# Fallback Suffix for email address generation (nil by default) -# PAM_DEFAULT_SUFFIX=pam +# Fallback email domain for email address generation (LOCAL_DOMAIN by default) +# PAM_EMAIL_DOMAIN=example.com # Name of the pam service (pam "auth" section is evaluated) # PAM_DEFAULT_SERVICE=rpam # Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default) @@ -220,7 +239,14 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io # SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true # SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1" # SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" -# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.5.4.42" +# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241" +# SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME="urn:oid:2.5.4.42" +# SAML_ATTRIBUTES_STATEMENTS_LAST_NAME="urn:oid:2.5.4.4" # SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1" # SAML_ATTRIBUTES_STATEMENTS_VERIFIED= # SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL= + +# Use HTTP proxy for outgoing request (optional) +# http_proxy=http://gateway.local:8118 +# Access control for hidden service. +# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true diff --git a/boxfile.yml b/boxfile.yml index 08526a57c91..1bc3929c86d 100644 --- a/boxfile.yml +++ b/boxfile.yml @@ -67,6 +67,9 @@ deploy.config: bin/tootctl search deploy fi - bin/tootctl cache clear + after_live: + worker.sidekiq: + - bin/tootctl search deploy web.web: