-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* feat: docker images * feat: service de calcul v2 finaliser (mais à optimiser) * feat: new compute engine & geojson
- Loading branch information
Showing
64 changed files
with
2,688 additions
and
835 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
# https://www.keycloak.org/server/containers | ||
# https://documentation.mailjet.com/hc/fr/articles/5216831817499-Comment-activer-SAML-SSO-avec-Mailjet | ||
# https://www.keycloak.org/migration/migrating-to-quarkus | ||
|
||
FROM quay.io/keycloak/keycloak:latest as builder | ||
|
||
# Enable health and metrics support | ||
ENV KC_HEALTH_ENABLED=true | ||
ENV KC_METRICS_ENABLED=false | ||
|
||
# Configure a database vendor | ||
ENV KC_DB=postgres | ||
|
||
WORKDIR /opt/keycloak | ||
# for demonstration purposes only, please make sure to use proper certificates in production instead | ||
RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore | ||
RUN /opt/keycloak/bin/kc.sh build | ||
|
||
FROM quay.io/keycloak/keycloak:latest | ||
COPY --from=builder /opt/keycloak/ /opt/keycloak/ | ||
|
||
# change these values to point to a running postgres instance | ||
ENV KC_DB=postgres | ||
ENV KC_DB_URL=<DBURL> | ||
ENV KC_DB_USERNAME=<DBUSERNAME> | ||
ENV KC_DB_PASSWORD=<DBPASSWORD> | ||
ENV KC_HOSTNAME=localhost | ||
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
FROM alpine:3.20.1 | ||
|
||
# Some ENV variables | ||
ENV PATH="/mattermost/bin:${PATH}" | ||
ENV MM_INSTALL_TYPE=docker | ||
|
||
# Build argument to set Mattermost edition | ||
ARG PUID=1000 | ||
ARG PGID=1000 | ||
ARG MM_LISTEN_PORT=8000 | ||
ARG TARGETOS | ||
ARG TARGETARCH | ||
ARG MM_VERSION | ||
|
||
# Install some needed packages | ||
RUN apk add --no-cache \ | ||
ca-certificates \ | ||
curl \ | ||
jq \ | ||
libc6-compat \ | ||
libffi-dev \ | ||
libcap \ | ||
linux-headers \ | ||
mailcap \ | ||
netcat-openbsd \ | ||
xmlsec-dev \ | ||
tzdata \ | ||
&& rm -rf /tmp/* | ||
|
||
# Get Mattermost | ||
RUN mkdir -p /mattermost/data /mattermost/plugins /mattermost/client/plugins \ | ||
&& curl -L https://github.com/remiheens/mattermost-docker-arm/releases/download/${MM_VERSION}/mattermost-${MM_VERSION}-${TARGETOS}-${TARGETARCH}.tar.gz | tar -C /mattermost --strip-components=1 -xvz \ | ||
&& cp /mattermost/config/config.json /mattermost/config.json.save \ | ||
&& rm -rf /mattermost/config/config.json \ | ||
&& addgroup -g ${PGID} mattermost \ | ||
&& adduser -D -u ${PUID} -G mattermost -h /mattermost -D mattermost \ | ||
&& chown -R mattermost:mattermost /mattermost/config.json.save /mattermost/plugins /mattermost/client/plugins \ | ||
&& setcap cap_net_bind_service=+ep /mattermost/bin/mattermost | ||
|
||
# Configure entrypoint and command | ||
COPY priv-entrypoint.sh / | ||
COPY entrypoint.sh / | ||
ENTRYPOINT ["/priv-entrypoint.sh"] | ||
|
||
WORKDIR /mattermost | ||
CMD ["mattermost"] | ||
|
||
# Expose port 8000 of the container | ||
EXPOSE $MM_LISTEN_PORT | ||
|
||
# Declare volumes for mount point directories | ||
VOLUME ["/mattermost/data", "/mattermost/logs", "/mattermost/config", "/mattermost/plugins", "/mattermost/client/plugins"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
#!/bin/sh | ||
|
||
|
||
source secret.env | ||
|
||
mkdir -p ${VOLUMES_PATH}/mattermost/config | ||
mkdir -p ${VOLUMES_PATH}/mattermost/data | ||
mkdir -p ${VOLUMES_PATH}/mattermost/logs | ||
mkdir -p ${VOLUMES_PATH}/mattermost/plugins | ||
mkdir -p ${VOLUMES_PATH}/mattermost/client-plugins | ||
|
||
sudo docker compose build | ||
sudo docker compose down | ||
sudo docker compose up -d | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
# | ||
# Aut'MEL | ||
# mattermost | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
# | ||
version: '2' | ||
services: | ||
mattermost: | ||
env_file: | ||
- secret.env | ||
- .env | ||
image: rheens/mattermost-app:v9.9.0 | ||
build: | ||
args: | ||
- MM_VERSION=v9.8.1 | ||
- GOOS=linux | ||
- GOARCH=arm64 | ||
restart: unless-stopped | ||
volumes: | ||
- ${VOLUMES_PATH}/mattermost/config:/mattermost/config:rw | ||
- ${VOLUMES_PATH}/mattermost/data:/mattermost/data:rw | ||
- ${VOLUMES_PATH}/mattermost/logs:/mattermost/logs:rw | ||
- ${VOLUMES_PATH}/mattermost/plugins:/mattermost/plugins:rw | ||
- ${VOLUMES_PATH}/mattermost/client-plugins:/mattermost/client/plugins:rw | ||
- /etc/localtime:/etc/localtime:ro | ||
networks: | ||
- autmel-vlan | ||
healthcheck: | ||
interval: 60s | ||
timeout: 30s | ||
retries: 3 | ||
test: "curl --fail -I 'http://mattermost:8000/static/icon_152x152.png' -H 'User-Agent: Docker Health Tester' || exit 1" | ||
|
||
|
||
networks: | ||
autmel-vlan: | ||
external: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
#!/bin/sh | ||
|
||
# Function to generate a random salt | ||
generate_salt() { | ||
tr -dc 'a-zA-Z0-9' </dev/urandom | fold -w 48 | head -n 1 | ||
} | ||
|
||
# Read environment variables or set default values | ||
DB_HOST=${DB_HOST:-db} | ||
DB_PORT_NUMBER=${DB_PORT_NUMBER:-5432} | ||
# see https://www.postgresql.org/docs/current/libpq-ssl.html | ||
# for usage when database connection requires encryption | ||
# filenames should be escaped if they contain spaces | ||
# i.e. $(printf %s ${MY_ENV_VAR:-''} | jq -s -R -r @uri) | ||
# the location of the CA file can be set using environment var PGSSLROOTCERT | ||
# the location of the CRL file can be set using PGSSLCRL | ||
# The URL syntax for connection string does not support the parameters | ||
# sslrootcert and sslcrl reliably, so use these PostgreSQL-specified variables | ||
# to set names if using a location other than default | ||
DB_USE_SSL=${DB_USE_SSL:-disable} | ||
MM_DBNAME=${MM_DBNAME:-mattermost} | ||
MM_CONFIG=${MM_CONFIG:-/mattermost/config/config.json} | ||
|
||
_1=$(echo "$1" | awk '{ s=substr($0, 0, 1); print s; }') | ||
if [ "$_1" = '-' ]; then | ||
set -- mattermost "$@" | ||
fi | ||
|
||
if [ "$1" = 'mattermost' ]; then | ||
# Check CLI args for a -config option | ||
for ARG in "$@"; do | ||
case "$ARG" in | ||
-config=*) MM_CONFIG=${ARG#*=} ;; | ||
esac | ||
done | ||
|
||
if [ ! -f "$MM_CONFIG" ]; then | ||
# If there is no configuration file, create it with some default values | ||
echo "No configuration file $MM_CONFIG" | ||
echo "Creating a new one" | ||
# Copy default configuration file | ||
cp config.json.save "$MM_CONFIG" | ||
# Substitute some parameters with jq | ||
jq '.ServiceSettings.ListenAddress = ":8000"' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq '.LogSettings.EnableConsole = true' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq '.LogSettings.ConsoleLevel = "ERROR"' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq '.FileSettings.Directory = "/mattermost/data/"' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq '.FileSettings.EnablePublicLink = true' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq ".FileSettings.PublicLinkSalt = \"$(generate_salt)\"" "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq '.EmailSettings.SendEmailNotifications = false' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq '.EmailSettings.FeedbackEmail = ""' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq '.EmailSettings.SMTPServer = ""' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq '.EmailSettings.SMTPPort = ""' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq ".EmailSettings.InviteSalt = \"$(generate_salt)\"" "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq ".EmailSettings.PasswordResetSalt = \"$(generate_salt)\"" "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq '.RateLimitSettings.Enable = true' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq '.SqlSettings.DriverName = "postgres"' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq ".SqlSettings.AtRestEncryptKey = \"$(generate_salt)\"" "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
jq '.PluginSettings.Directory = "/mattermost/plugins/"' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG" | ||
else | ||
echo "Using existing config file $MM_CONFIG" | ||
fi | ||
|
||
# Configure database access | ||
if [ -z "$MM_SQLSETTINGS_DATASOURCE" ] && [ -n "$MM_USERNAME" ] && [ -n "$MM_PASSWORD" ]; then | ||
echo "Configure database connection..." | ||
# URLEncode the password, allowing for special characters | ||
ENCODED_PASSWORD=$(printf %s "$MM_PASSWORD" | jq -s -R -r @uri) | ||
export MM_SQLSETTINGS_DATASOURCE="postgres://$MM_USERNAME:$ENCODED_PASSWORD@$DB_HOST:$DB_PORT_NUMBER/$MM_DBNAME?sslmode=$DB_USE_SSL&connect_timeout=10" | ||
echo "OK" | ||
else | ||
echo "Using existing database connection" | ||
fi | ||
|
||
# Wait another second for the database to be properly started. | ||
# Necessary to avoid "panic: Failed to open sql connection pq: the database system is starting up" | ||
sleep 1 | ||
|
||
echo "Starting mattermost" | ||
fi | ||
|
||
exec "$@" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
#!/bin/sh | ||
|
||
for folder in "/mattermost/data" "/mattermost/logs" "/mattermost/config" "/mattermost/plugins" "/mattermost/client/plugins"; do | ||
echo Fixing permissions on $folder | ||
chown mattermost:mattermost $folder | ||
done | ||
|
||
echo Dropping root and running mattermost entrypoint | ||
su mattermost -c "/entrypoint.sh $@" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.