Update and expose storage config for container

author: vnugent <public@vaughnnugent.com> 2024-06-06 17:19:48 -0400
committer: vnugent <public@vaughnnugent.com> 2024-06-06 17:19:48 -0400
commit: 5ecd6b39cccdc9500540b10685605b5fcba61f69 (patch)
tree: 5fc28fda9328fdad250e72664bca81abe407dfad /ci/container
parent: 3a62bafd210a2e00d23d3df773e47011e09eba6e (diff)
2 files changed, 35 insertions, 17 deletions
diff --git a/ci/container/Dockerfile b/ci/container/Dockerfile
index 8e6a11e..8ae12f6 100644
--- a/ci/container/Dockerfile
+++ b/ci/container/Dockerfile
@@ -56,14 +56,21 @@ ENV VNLIB_ARGON2_DLL_PATH=/app/lib/libargon2.so
 
 #set default env variables
 ENV MAX_CONTENT_LENGTH=204800000   \
- REG_TOKEN_DURATION_MIN=360
+ REG_TOKEN_DURATION_MIN=360     \
+ MAX_LOGIN_ATTEMPS=10
 
 #SQL Config
 ENV SQL_LIB_PATH=VNLib.Plugins.Extensions.Sql.SQLite.dll
 ENV SQL_CONNECTION_STRING="Data Source=data/cmnext.db;"
 
-#ACCOUNTS
-ENV MAX_LOGIN_ATTEMPS=10
+#STORAGE 
+ENV STORAGE_TYPE="s3"           \
+ STORAGE_CUSTOM_ASSEMBLY=""     \
+ STORAGE_SERVER_ADDRESS=""      \
+ STORAGE_USERNAME=""            \
+ STORAGE_BUCKET=""              \
+ STORAGE_USE_SSL=true           \
+ S3_REGION=""
 
 #HC Vault
 ENV HC_VAULT_ADDR=""            \
@@ -81,7 +88,8 @@ ENV PASSWORD_PEPPER=""          \
  DATABASE_PASSWORD=""           \
  REDIS_PASSWORD=""              \
  VNCACHE_CLIENT_PRIVATE_KEY=""  \
- VNCACHE_CACHE_PUBLIC_KEY=""
+ VNCACHE_CACHE_PUBLIC_KEY=""    \
+ STORAGE_SECRET=""
 
 
 #HTTP/PROXY Config
diff --git a/ci/container/docker-compose.yaml b/ci/container/docker-compose.yaml
index d281c2c..5a029c6 100644
--- a/ci/container/docker-compose.yaml
+++ b/ci/container/docker-compose.yaml
@@ -17,12 +17,22 @@ services:
     ports:
       - 8080:8080
     environment:
-      CHANNEL_INDEX_FILE: "channels.json"
-      MAX_CONTENT_LENGTH: 204800000   #200MB
+      CHANNEL_INDEX_FILE: "channels.json"   #required, should leave default unless you know what you are doing
+      MAX_CONTENT_LENGTH: 204800000         #200MB max upload size
+      MAX_LOGIN_ATTEMPS: "10"               #max login attempts before user account is locked out
       
       #SQL Config
       SQL_LIB_PATH: "VNLib.Plugins.Extensions.Sql.SQLite.dll"
-      SQL_CONNECTION_STRING: "Data Source=data/cmnext.db;"
+      SQL_CONNECTION_STRING: "Data Source=data/cmnext.db;"    #when using a password, simply leave the password field blank
+
+      #storage backend setup
+      STORAGE_TYPE: "s3"              #s3 | ftp
+      STORAGE_CUSTOM_ASSEMBLY: ""     #optional path to a custom storage assembly
+      STORAGE_SERVER_ADDRESS: ""      #s3 or ftp server address
+      STORAGE_USERNAME: ""            #s3 client id or ftp username
+      STORAGE_BUCKET: ""              #s3 bucket or ftp root directory
+      STORAGE_USE_SSL: "true"         #force ssl for connections
+      S3_REGION: ""                   #optional s3 region when using s3 storage
 
       #HC Vault client config
       #HC_VAULT_ADDR: ""
@@ -36,27 +46,27 @@ services:
       #at least one node required if MEMCACHE_ONLY is false
       VNCACHE_INITIAL_NODES: "[]"
 
-      #Accounts plugin config
-      MAX_LOGIN_ATTEMPS: "10"
-
       #SECRETS
-      #All secrets may be a raw value, read from a file, 
-      #an environment variable, or a vault path
+      # All secrets may be a raw value, read from a file, 
+      # an environment variable, or a vault path
       # file://mysecret.txt     reads the secret from a file (case sensitive)
       # env://MY_SECRET         reads the secret from an environment variable (case sensitive)
       # vault://kv/data/secret?secret=value   reads the value of the mysecret key in the secret/data path
+
       PASSWORD_PEPPER: ""     #Must be a base64 encoded value, of realtivley any size
-      DATABASE_PASSWORD: ""
-      REDIS_PASSWORD: ""
+      DATABASE_PASSWORD: ""   #overrides the 'Password' field in the SQL connection string
+      REDIS_PASSWORD: ""      #only required if using a password protected redis server
       #if MEMCACHE_ONLY is false, then the following keys are required to connect to a VNCACHE cluster
       VNCACHE_CLIENT_PRIVATE_KEY: ""
       VNCACHE_CACHE_PUBLIC_KEY: ""
+      #REQUIRED s3 or ftp secret key
+      STORAGE_SECRET: ""
 
       #HTTP
-      HTTP_DOWNSTREAM_SERVERS: '[]'   #a comma separated list of downstream ip addresses
-      HTTP_TRACE_ON: "false"          #enable http trace logging, requires --debug CLI flag
+      HTTP_DOWNSTREAM_SERVERS: '[]'   #a comma separated list of downstream (proxy) server ip addresses
+      HTTP_TRACE_ON: "false"          #enable http trace logging, requires you to set --debug to SERVER_ARGS variable below
 
-      #Very Verbose plugin logging, required --debug CLI flag, prints literally everything to the logger
+      #Very Verbose plugin logging, required --debug CLI flag, prints literally everything to the logger (it's annoying)
       DEBUG_PLUGINS: "false"
 
       SERVER_ARGS: "--setup" #remove the setup flag after you are done setting up the server
author	vnugent <public@vaughnnugent.com>	2024-06-06 17:19:48 -0400
committer	vnugent <public@vaughnnugent.com>	2024-06-06 17:19:48 -0400
commit	5ecd6b39cccdc9500540b10685605b5fcba61f69 (patch)
tree	5fc28fda9328fdad250e72664bca81abe407dfad /ci/container
parent	3a62bafd210a2e00d23d3df773e47011e09eba6e (diff)