diff options
author | vnugent <public@vaughnnugent.com> | 2024-06-06 17:19:48 -0400 |
---|---|---|
committer | vnugent <public@vaughnnugent.com> | 2024-06-06 17:19:48 -0400 |
commit | 5ecd6b39cccdc9500540b10685605b5fcba61f69 (patch) | |
tree | 5fc28fda9328fdad250e72664bca81abe407dfad /ci/container | |
parent | 3a62bafd210a2e00d23d3df773e47011e09eba6e (diff) |
Update and expose storage config for container
Diffstat (limited to 'ci/container')
-rw-r--r-- | ci/container/Dockerfile | 16 | ||||
-rw-r--r-- | ci/container/docker-compose.yaml | 36 |
2 files changed, 35 insertions, 17 deletions
diff --git a/ci/container/Dockerfile b/ci/container/Dockerfile index 8e6a11e..8ae12f6 100644 --- a/ci/container/Dockerfile +++ b/ci/container/Dockerfile @@ -56,14 +56,21 @@ ENV VNLIB_ARGON2_DLL_PATH=/app/lib/libargon2.so #set default env variables ENV MAX_CONTENT_LENGTH=204800000 \ - REG_TOKEN_DURATION_MIN=360 + REG_TOKEN_DURATION_MIN=360 \ + MAX_LOGIN_ATTEMPS=10 #SQL Config ENV SQL_LIB_PATH=VNLib.Plugins.Extensions.Sql.SQLite.dll ENV SQL_CONNECTION_STRING="Data Source=data/cmnext.db;" -#ACCOUNTS -ENV MAX_LOGIN_ATTEMPS=10 +#STORAGE +ENV STORAGE_TYPE="s3" \ + STORAGE_CUSTOM_ASSEMBLY="" \ + STORAGE_SERVER_ADDRESS="" \ + STORAGE_USERNAME="" \ + STORAGE_BUCKET="" \ + STORAGE_USE_SSL=true \ + S3_REGION="" #HC Vault ENV HC_VAULT_ADDR="" \ @@ -81,7 +88,8 @@ ENV PASSWORD_PEPPER="" \ DATABASE_PASSWORD="" \ REDIS_PASSWORD="" \ VNCACHE_CLIENT_PRIVATE_KEY="" \ - VNCACHE_CACHE_PUBLIC_KEY="" + VNCACHE_CACHE_PUBLIC_KEY="" \ + STORAGE_SECRET="" #HTTP/PROXY Config diff --git a/ci/container/docker-compose.yaml b/ci/container/docker-compose.yaml index d281c2c..5a029c6 100644 --- a/ci/container/docker-compose.yaml +++ b/ci/container/docker-compose.yaml @@ -17,12 +17,22 @@ services: ports: - 8080:8080 environment: - CHANNEL_INDEX_FILE: "channels.json" - MAX_CONTENT_LENGTH: 204800000 #200MB + CHANNEL_INDEX_FILE: "channels.json" #required, should leave default unless you know what you are doing + MAX_CONTENT_LENGTH: 204800000 #200MB max upload size + MAX_LOGIN_ATTEMPS: "10" #max login attempts before user account is locked out #SQL Config SQL_LIB_PATH: "VNLib.Plugins.Extensions.Sql.SQLite.dll" - SQL_CONNECTION_STRING: "Data Source=data/cmnext.db;" + SQL_CONNECTION_STRING: "Data Source=data/cmnext.db;" #when using a password, simply leave the password field blank + + #storage backend setup + STORAGE_TYPE: "s3" #s3 | ftp + STORAGE_CUSTOM_ASSEMBLY: "" #optional path to a custom storage assembly + STORAGE_SERVER_ADDRESS: "" #s3 or ftp server address + STORAGE_USERNAME: "" #s3 client id or ftp username + STORAGE_BUCKET: "" #s3 bucket or ftp root directory + STORAGE_USE_SSL: "true" #force ssl for connections + S3_REGION: "" #optional s3 region when using s3 storage #HC Vault client config #HC_VAULT_ADDR: "" @@ -36,27 +46,27 @@ services: #at least one node required if MEMCACHE_ONLY is false VNCACHE_INITIAL_NODES: "[]" - #Accounts plugin config - MAX_LOGIN_ATTEMPS: "10" - #SECRETS - #All secrets may be a raw value, read from a file, - #an environment variable, or a vault path + # All secrets may be a raw value, read from a file, + # an environment variable, or a vault path # file://mysecret.txt reads the secret from a file (case sensitive) # env://MY_SECRET reads the secret from an environment variable (case sensitive) # vault://kv/data/secret?secret=value reads the value of the mysecret key in the secret/data path + PASSWORD_PEPPER: "" #Must be a base64 encoded value, of realtivley any size - DATABASE_PASSWORD: "" - REDIS_PASSWORD: "" + DATABASE_PASSWORD: "" #overrides the 'Password' field in the SQL connection string + REDIS_PASSWORD: "" #only required if using a password protected redis server #if MEMCACHE_ONLY is false, then the following keys are required to connect to a VNCACHE cluster VNCACHE_CLIENT_PRIVATE_KEY: "" VNCACHE_CACHE_PUBLIC_KEY: "" + #REQUIRED s3 or ftp secret key + STORAGE_SECRET: "" #HTTP - HTTP_DOWNSTREAM_SERVERS: '[]' #a comma separated list of downstream ip addresses - HTTP_TRACE_ON: "false" #enable http trace logging, requires --debug CLI flag + HTTP_DOWNSTREAM_SERVERS: '[]' #a comma separated list of downstream (proxy) server ip addresses + HTTP_TRACE_ON: "false" #enable http trace logging, requires you to set --debug to SERVER_ARGS variable below - #Very Verbose plugin logging, required --debug CLI flag, prints literally everything to the logger + #Very Verbose plugin logging, required --debug CLI flag, prints literally everything to the logger (it's annoying) DEBUG_PLUGINS: "false" SERVER_ARGS: "--setup" #remove the setup flag after you are done setting up the server |