Conduit
This commit is contained in:
parent
019b402c44
commit
7a566c97fd
55
conduit/Dockerfile
Normal file
55
conduit/Dockerfile
Normal file
|
@ -0,0 +1,55 @@
|
|||
ARG REPO_ARCH=amd64
|
||||
|
||||
# cross-build environment
|
||||
FROM asonix/rust-builder:$REPO_ARCH-latest AS builder
|
||||
|
||||
ARG TAG=main
|
||||
ARG BINARY=conduit
|
||||
ARG PROJECT=conduit
|
||||
ARG GIT_REPOSITORY=https://gitlab.com/famedly/$PROJECT
|
||||
|
||||
ENV\
|
||||
BINARY=${BINARY}
|
||||
|
||||
USER root
|
||||
RUN \
|
||||
apt install git
|
||||
USER build
|
||||
|
||||
RUN \
|
||||
git clone $GIT_REPOSITORY $PROJECT
|
||||
|
||||
WORKDIR /opt/build/$PROJECT
|
||||
|
||||
RUN \
|
||||
git checkout $TAG && \
|
||||
rm rust-toolchain && \
|
||||
build
|
||||
|
||||
# production environment
|
||||
FROM asonix/rust-runner:$REPO_ARCH-latest
|
||||
|
||||
ENV CONDUIT_CONFIG="/opt/app/conduit.toml"
|
||||
|
||||
USER root
|
||||
|
||||
RUN \
|
||||
apk add --no-cache \
|
||||
ca-certificates \
|
||||
curl \
|
||||
libgcc
|
||||
|
||||
COPY --from=builder \
|
||||
/opt/build/binary \
|
||||
/usr/local/bin/conduit
|
||||
|
||||
RUN \
|
||||
chown -R app:app /mnt
|
||||
|
||||
COPY root/ /
|
||||
|
||||
VOLUME /mnt
|
||||
USER app
|
||||
EXPOSE 8080
|
||||
ENTRYPOINT ["/sbin/tini", "--"]
|
||||
CMD /usr/local/bin/conduit
|
37
conduit/build-image.sh
Executable file
37
conduit/build-image.sh
Executable file
|
@ -0,0 +1,37 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
function require() {
|
||||
if [ "$1" = "" ]; then
|
||||
echo "input '$2' required"
|
||||
print_help
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
function print_help() {
|
||||
echo "deploy.sh"
|
||||
echo ""
|
||||
echo "Usage:"
|
||||
echo " deploy.sh [repo] [tag] [arch]"
|
||||
echo ""
|
||||
echo "Args:"
|
||||
echo " repo: The docker repository to publish the image"
|
||||
echo " tag: The tag applied to the docker image"
|
||||
echo " arch: The architecuture of the doker image"
|
||||
}
|
||||
|
||||
REPO=$1
|
||||
TAG=$2
|
||||
ARCH=$3
|
||||
|
||||
require "$REPO" repo
|
||||
require "$TAG" tag
|
||||
require "$ARCH" arch
|
||||
|
||||
sudo docker build \
|
||||
--pull \
|
||||
--build-arg TAG=$TAG \
|
||||
--build-arg REPO_ARCH=$ARCH \
|
||||
-t $REPO:$ARCH-$TAG \
|
||||
-f Dockerfile \
|
||||
.
|
67
conduit/deploy.sh
Executable file
67
conduit/deploy.sh
Executable file
|
@ -0,0 +1,67 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
function require() {
|
||||
if [ "$1" = "" ]; then
|
||||
echo "input '$2' required"
|
||||
print_help
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
function print_help() {
|
||||
echo "deploy.sh"
|
||||
echo ""
|
||||
echo "Usage:"
|
||||
echo " deploy.sh [tag] [push]"
|
||||
echo ""
|
||||
echo "Args:"
|
||||
echo " tag: The git tag to be applied to the repository and docker build"
|
||||
echo " push: Whether or not to push the image"
|
||||
echo ""
|
||||
echo "Examples:"
|
||||
echo " ./deploy.sh v0.2.0-r0 main true"
|
||||
echo " ./deploy.sh v0.2.0-r0 asonix/shell-out false"
|
||||
}
|
||||
|
||||
function build_image() {
|
||||
tag=$1
|
||||
arch=$2
|
||||
push=$3
|
||||
|
||||
./build-image.sh asonix/conduit $tag $arch
|
||||
|
||||
sudo docker tag asonix/conduit:$arch-$tag asonix/conduit:$arch-latest
|
||||
|
||||
if [ "$push" == "true" ]; then
|
||||
sudo docker push asonix/conduit:$arch-$tag
|
||||
sudo docker push asonix/conduit:$arch-latest
|
||||
fi
|
||||
}
|
||||
|
||||
# Creating the new tag
|
||||
tag="$1"
|
||||
push=$2
|
||||
|
||||
require "$tag" "tag"
|
||||
require "$push" "push"
|
||||
|
||||
if ! sudo docker run --rm -it arm64v8/alpine:3.11 /bin/sh -c 'echo "docker is configured correctly"'
|
||||
then
|
||||
echo "docker is not configured to run on qemu-emulated architectures, fixing will require sudo"
|
||||
sudo docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||
fi
|
||||
|
||||
set -xe
|
||||
|
||||
# Build for arm64v8, arm32v7 and amd64
|
||||
build_image $tag arm64v8 $push
|
||||
# build_image $tag arm32v7 $push
|
||||
build_image $tag amd64 $push
|
||||
|
||||
# Build for other archs
|
||||
# TODO
|
||||
|
||||
if [ "$push" == "true" ]; then
|
||||
./manifest.sh conduit $tag
|
||||
./manifest.sh conduit latest
|
||||
fi
|
39
conduit/manifest.sh
Executable file
39
conduit/manifest.sh
Executable file
|
@ -0,0 +1,39 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
function require() {
|
||||
if [ "$1" = "" ]; then
|
||||
echo "input '$2' required"
|
||||
print_help
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
function print_help() {
|
||||
echo "deploy.sh"
|
||||
echo ""
|
||||
echo "Usage:"
|
||||
echo " manifest.sh [repo] [tag]"
|
||||
echo ""
|
||||
echo "Args:"
|
||||
echo " repo: The docker repository to update"
|
||||
echo " tag: The git tag to be applied to the image manifest"
|
||||
}
|
||||
|
||||
REPO=$1
|
||||
TAG=$2
|
||||
|
||||
require "$REPO" "repo"
|
||||
require "$TAG" "tag"
|
||||
|
||||
set -xe
|
||||
|
||||
sudo docker manifest create asonix/$REPO:$TAG \
|
||||
-a asonix/$REPO:arm64v8-$TAG \
|
||||
-a asonix/$REPO:amd64-$TAG
|
||||
|
||||
sudo docker manifest annotate asonix/$REPO:$TAG \
|
||||
asonix/$REPO:arm64v8-$TAG --os linux --arch arm64 --variant v8
|
||||
|
||||
sudo docker manifest annotate asonix/$REPO:$TAG \
|
||||
asonix/$REPO:amd64-$TAG --os linux --arch amd64
|
||||
|
||||
sudo docker manifest push asonix/$REPO:$TAG --purge
|
23
conduit/root/opt/app/conduit.toml
Normal file
23
conduit/root/opt/app/conduit.toml
Normal file
|
@ -0,0 +1,23 @@
|
|||
[global]
|
||||
# This is the only directory where Conduit will save its data
|
||||
database_path = "/mnt/conduit_db"
|
||||
|
||||
# The port Conduit will be running on. You need to set up a reverse proxy in
|
||||
# your web server (e.g. apache or nginx), so all requests to /_matrix on port
|
||||
# 443 and 8448 will be forwarded to the Conduit instance running on this port
|
||||
port = 6167
|
||||
|
||||
# Max size for uploads
|
||||
max_request_size = 40_000_000 # in bytes
|
||||
|
||||
# Enables registration. If set to false, no users can register on this server.
|
||||
allow_registration = true
|
||||
|
||||
# Disable encryption, so no new encrypted rooms can be created
|
||||
# Note: existing rooms will continue to work
|
||||
allow_encryption = true
|
||||
allow_federation = true
|
||||
|
||||
trusted_servers = ["matrix.org"]
|
||||
|
||||
address = "0.0.0.0"
|
Loading…
Reference in a new issue