Rafael dos Santos Silva [Mon, 16 Aug 2021 15:24:54 +0000 (12:24 -0300)]
FIX: Use example domain in mail receiver example config
Context at https://meta.discourse.org/t/-/193664/4?u=falco
Co-authored-by: Jay Pfaffman <jay@literatecomputing.com>
Paul Buonopane [Thu, 12 Aug 2021 17:05:45 +0000 (13:05 -0400)]
Fix line break handling in Cloudflare template
Cloudflare's IP list has gone back and forth between including a trailing line break and omitting it.
When a trailing line break was first added in 2015, it resulted in a bug: https://meta.discourse.org/t/issue-with-cloudflare-template/35113
The trailing line break was removed again in 2021: https://meta.discourse.org/t/cloudflare-template-broken-again/200219
This fixes the template so that it will work regardless of extra line breaks. It will also safely ignore any empty lines that may appear in the files.
Joel Uckelman [Fri, 6 Aug 2021 20:34:01 +0000 (21:34 +0100)]
FIX: Use the return code from which correctly
The return code of which is the number of arguments which failed...
but what we actually want is 0 when at least one of the docker
exectutables is found and nonzero when none are found.
Rafael dos Santos Silva [Fri, 6 Aug 2021 19:21:10 +0000 (16:21 -0300)]
Run yarn and cache packages
Rafael dos Santos Silva [Fri, 6 Aug 2021 19:02:48 +0000 (16:02 -0300)]
Add yarn to base image
Bernhard Fürst [Fri, 6 Aug 2021 04:33:20 +0000 (06:33 +0200)]
Allow all to connect in with md5 auth using IPv6 (#551)
Joel Uckelman [Fri, 6 Aug 2021 01:22:46 +0000 (02:22 +0100)]
FIX: Don't print error message from which when checking docker install (#549)
'which docker.io || which docker' prints an error message when docker.io
is missing, which will be the case on any non-Ubuntu-based system. This
is confusing and not actually an error unless _both_ are missing.
Jarek Radosz [Fri, 6 Aug 2021 01:17:01 +0000 (03:17 +0200)]
FIX: `/var/lib/docker` doesn't exist on macOS (#543)
Even though `docker info --format '{{.DockerRootDir}}'` returns that path.
Trung Lê [Fri, 6 Aug 2021 01:13:46 +0000 (11:13 +1000)]
Update to NodeJS 16 (#552)
Rafael dos Santos Silva [Tue, 3 Aug 2021 18:50:04 +0000 (15:50 -0300)]
Rename master to main
Rafael dos Santos Silva [Mon, 19 Jul 2021 17:27:20 +0000 (14:27 -0300)]
discourse/discourse moved from master to main
David Taylor [Fri, 18 Jun 2021 11:55:06 +0000 (12:55 +0100)]
Update GitHub actions configuration (#548)
- Only attempt dockerhub push if previous steps are successful
- Make auto_build.rb exit with non-zero status if build fails
- enable experimental features (--squash) for dev image build
David Taylor [Fri, 18 Jun 2021 09:28:05 +0000 (10:28 +0100)]
Add GitHub actions configuration (#547)
Rafael dos Santos Silva [Wed, 16 Jun 2021 17:52:49 +0000 (14:52 -0300)]
Force acme.sh to use LE instead of ZeroSSL
Rafael dos Santos Silva [Wed, 16 Jun 2021 17:05:15 +0000 (14:05 -0300)]
Bump acme.sh to latest
Rafael dos Santos Silva [Mon, 31 May 2021 17:02:27 +0000 (14:02 -0300)]
Promote new base image as default
Rafael dos Santos Silva [Fri, 28 May 2021 16:39:46 +0000 (13:39 -0300)]
Bump deps
Rafael dos Santos Silva [Mon, 19 Apr 2021 20:11:53 +0000 (17:11 -0300)]
Update to NodeJS 15
Penar Musaraj [Tue, 27 Apr 2021 18:32:58 +0000 (14:32 -0400)]
Bump base image (#538)
Jeff Wong [Mon, 12 Apr 2021 23:57:03 +0000 (13:57 -1000)]
no longer allow nested templates (#535)
Penar Musaraj [Mon, 12 Apr 2021 17:15:27 +0000 (13:15 -0400)]
Bump base image to add Terser, remove SVGO (#536)
Sam [Fri, 9 Apr 2021 00:32:05 +0000 (10:32 +1000)]
FEATURE: ensure pups runs a specific version (#534)
Previously we used a "floating" head branch. This makes it impossible to make
any breaking changes in pups.
Penar Musaraj [Thu, 8 Apr 2021 15:34:29 +0000 (11:34 -0400)]
Remove Svgo, update ImageMagick, Redis, Libheif (#533)
Penar Musaraj [Tue, 6 Apr 2021 23:44:44 +0000 (19:44 -0400)]
Add Terser (#532)
Jeff Wong [Mon, 5 Apr 2021 16:13:53 +0000 (06:13 -1000)]
Reverse the order of nested templates. (#531)
Reverses the order of nested template declaration.
This way templates that depend nested templates over the same
hook are ensured to run in the proper order.
Ensures consistency of run-order template includes, for both
base yml files, and nested template yml
eg:
base.yml
```
templates:
- "templates/template1.yml"
hooks:
after_code:
- exec: cat "/tmp/file_made_from_template1.yml.txt"
```
template1.yml
```
templates:
- "templates/template2.yml"
hooks:
after_code:
- exec: cat "/tmp/file_made_from_template2.yml.txt"
- exec: echo "data from template1" > /tmp/file_made_from_template1.yml.txt
```
template2.yml
```
hooks:
after_code:
- exec: echo "data from template2" > /tmp/file_made_from_template2.yml.txt
```
David Taylor [Tue, 23 Mar 2021 14:40:49 +0000 (14:40 +0000)]
DEV: Parse and install bundler version from Gemfile.lock (#530)
This ensures that changes in Bundler's behavior are only introduced
when we deliberately bump the version in the Gemfile
Justin DiRose [Mon, 8 Mar 2021 22:06:53 +0000 (16:06 -0600)]
DEV: Add import template for Vanilla (#529)
Jay Pfaffman [Mon, 22 Feb 2021 21:52:20 +0000 (13:52 -0800)]
FIX: discourse-setup stop running container (#528)
This got commented out during testing of the previous commit
Jay Pfaffman [Thu, 11 Feb 2021 19:19:41 +0000 (11:19 -0800)]
feature: discourse-setup email config improvements
Rafael dos Santos Silva [Thu, 18 Feb 2021 19:01:50 +0000 (16:01 -0300)]
Bump base image for OpenSSL CVEs
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947949
YAEGASHI Takeshi [Sat, 16 May 2020 14:39:15 +0000 (23:39 +0900)]
Ensure it overrides all locale related variables
LC_ALL, LANG and LANGUAGE are set to en_US.UTF-8 in the docker image.
The config should override all of them when other locale is needed.
Otherwise it fails to create a DB with the proper locale setting.
Sam Saffron [Mon, 8 Feb 2021 01:04:01 +0000 (12:04 +1100)]
FIX: match prune time for cleanup with description
Previously docs said we prune after 24 hours but we pruned after 1 hour.
Jay Pfaffman [Wed, 27 Jan 2021 18:30:15 +0000 (10:30 -0800)]
FIX: discourse-setup MAXMIND works correctly
Ouch. This was worse than I thought.
Things fixed:
- consistent formatting (mostly that after `then` was indented by 4, not 2)
- fail if `DISCOURSE_MAXMIND_LICENSE_KEY` is not added to $web_file
- detect if `web_only.yml` exists
- stop `web_only` if it exists rather than non-existing `app` (but why is it stopping it anyway?)
- don't try to `assert_maxmind_license_key` before `app.yml` exists
Jay Pfaffman [Wed, 27 Jan 2021 01:29:56 +0000 (17:29 -0800)]
use $web_file not app.yml
Maybe this will do the trick
Jay Pfaffman [Wed, 27 Jan 2021 01:16:48 +0000 (17:16 -0800)]
FIX: discourse-setup was not adding MAXMIND key
Oops. The line that was supposed to add the MAXMIND line to app.yml was broken.
Penar Musaraj [Thu, 4 Feb 2021 15:15:05 +0000 (10:15 -0500)]
Revert "Separate themes:update and assets:precompile tasks (#522)" (#523)
This reverts commit
70686cf6ee53432aa9f92880c368e52a589f7196.
Penar Musaraj [Thu, 4 Feb 2021 13:52:03 +0000 (08:52 -0500)]
Separate themes:update and assets:precompile tasks (#522)
Rafael dos Santos Silva [Wed, 27 Jan 2021 21:23:36 +0000 (18:23 -0300)]
Re-add removed packages
Rafael dos Santos Silva [Wed, 27 Jan 2021 20:31:10 +0000 (17:31 -0300)]
Make script work on ubuntu and debian
Rafael dos Santos Silva [Wed, 27 Jan 2021 19:18:37 +0000 (16:18 -0300)]
No inline comments in bash
Rafael dos Santos Silva [Wed, 27 Jan 2021 17:50:55 +0000 (14:50 -0300)]
Update ImageMagick build
- Use libpng from package manager
- Update libheif
- Update ImageMagick
- Adds libaom so libheif and IM can deal with AVIF image format
Rafael dos Santos Silva [Wed, 27 Jan 2021 17:27:59 +0000 (14:27 -0300)]
Bump Redis minor version
Rafael dos Santos Silva [Wed, 27 Jan 2021 17:24:41 +0000 (14:24 -0300)]
Bump to NodeJS 14 since NodeJS 10 is EOL this April
Rafael dos Santos Silva [Wed, 27 Jan 2021 17:23:54 +0000 (14:23 -0300)]
Use pngquant from package manager
Rafael dos Santos Silva [Wed, 27 Jan 2021 17:13:56 +0000 (14:13 -0300)]
Use pngcrush from package manager
Rafael dos Santos Silva [Wed, 27 Jan 2021 17:09:27 +0000 (14:09 -0300)]
Remove gifsicle dependency
https://github.com/discourse/discourse/commit/
43e52a7dc1d9e610792ff37755d26b1168ecf20d
Rafael dos Santos Silva [Wed, 27 Jan 2021 17:02:57 +0000 (14:02 -0300)]
nginx brotli module bundles libbrotli nowadays
Jay Pfaffman [Sat, 23 Jan 2021 01:24:46 +0000 (17:24 -0800)]
Support maxmind (#512)
* add prompts for maxmind
* can leave key blank
* include message for removing key
* fix maxmind prompts
* cleanup assert_maxmind_license_key
* remove changes to check_port()
* remove trailing whitespace
* do not remove ip match check
* fix indent for chech_IP_match
* remove all trailing whitespace
Rafael dos Santos Silva [Thu, 21 Jan 2021 15:05:26 +0000 (12:05 -0300)]
Expose SMTP_DOMAIN Global Setting in sample file (#515)
This is useful when using some SMTP providers, like Google Apps
https://meta.discourse.org/t/discourse-smtp-sends-ehlo-localhost-instead-of-domain-breaking-google-smtp-relay/176755/6?u=falco
tshenry [Sat, 9 Jan 2021 05:08:05 +0000 (21:08 -0800)]
FEATURE: Add validation to admin email prompt in discourse-setup (#514)
Spencer Imbleau [Fri, 8 Jan 2021 00:15:02 +0000 (19:15 -0500)]
FEATURE: Changed awk config command to be more cross platform (#513)
in Ubuntu 20.04 LTS, pre installed is mawk 1.3.4, which is called when you use awk. In this version, "--field-seperator" is not a valid option, leaving discourse-doctor with many errors.
Described in https://meta.discourse.org/t/discourse-doctor-parsing-smtp-credentials-not-working-admin-registration-email-not-working/174461, this commit aims to use -F as the accepted flag for field separation which is unambiguous across GNU AWK and Ubuntu MAWK.
Rafael dos Santos Silva [Mon, 21 Dec 2020 22:45:38 +0000 (19:45 -0300)]
FEATURE: Bump base image (#511)
Provides new version of ImageMagick
Jeff Atwood [Mon, 21 Dec 2020 20:46:01 +0000 (12:46 -0800)]
Add maxmind geolocation IP key to web template (#510)
Add maxmind geolocation IP key to web only template (commented out)
Jeff Atwood [Mon, 21 Dec 2020 20:17:41 +0000 (12:17 -0800)]
Update standalone.yml (#508)
Rafael dos Santos Silva [Mon, 21 Dec 2020 19:46:50 +0000 (16:46 -0300)]
Revert "Add env var for image version (#507)" (#509)
This reverts commit
35806741fe8934367a010e1fcf4de9b483ce038c.
Rafael dos Santos Silva [Fri, 18 Dec 2020 20:10:18 +0000 (17:10 -0300)]
Add env var for image version (#507)
Rafael dos Santos Silva [Fri, 18 Dec 2020 17:34:54 +0000 (14:34 -0300)]
Adds WEBP support in ImageMagick (#506)
Arpit Jalan [Wed, 16 Dec 2020 18:22:47 +0000 (23:52 +0530)]
FIX: perform bundle install after modifying directory permissions (#504)
Alan Guo Xiang Tan [Tue, 15 Dec 2020 01:11:07 +0000 (09:11 +0800)]
Remove `host_run` from `launcher`. (#498)
This is legacy code that we no longer use and support.
Jeff Wong [Sat, 12 Dec 2020 02:18:42 +0000 (16:18 -1000)]
Remove git pull (#503)
Sam [Fri, 11 Dec 2020 06:29:24 +0000 (17:29 +1100)]
Revert git command changes (#502)
* Revert "FIX: reset takes the full slash path (#501)"
This reverts commit
bf223b05427d432d6ab313eb7740d42caa989c6a.
* Revert "FIX: Run reset and clean after checkout (#500)"
This reverts commit
bc380c73eef970e57195159a654edd2b14fb633b.
* Revert "FIX: remove pull for Discourse core (#499)"
This reverts commit
0ab1da11598467b944182748b8e8c6d363093544.
Jeff Wong [Fri, 11 Dec 2020 02:19:06 +0000 (16:19 -1000)]
FIX: reset takes the full slash path (#501)
Jeff Wong [Fri, 11 Dec 2020 01:53:58 +0000 (15:53 -1000)]
FIX: Run reset and clean after checkout (#500)
shallow fetching and resetting may result in a dirty working tree.
Ensure we have a clean working tree by running the reset and clean after the
fetch.
Previously, we needed the clean and reset before the PULL, to ensure a clean
pull, but since we are using fetch + checkout (which does not result in a
merge if dirty) we might end up with a dirty repo after the checkout, such
as if a clone remote has a different master branch than core.
Jeff Wong [Fri, 11 Dec 2020 01:11:53 +0000 (15:11 -1000)]
FIX: remove pull for Discourse core (#499)
We are already shallow-fetching a few lines below. A pull with a shallow
clone can be dangerous if Discourse is using a different repository
or version, as that potentially results in more data being pulled or a
dirty merge with a different upstream.
Remove the pull and rely only on the fetch and checkout.
Michael Fitz-Payne [Wed, 9 Dec 2020 02:28:04 +0000 (12:28 +1000)]
postgres.10.template: purge postgres-13 rather than 12. (#497)
This purge command was missed and caused issues with the database
starting up correctly in some cases. Postgres-12 is no longer in the
base image so this wouldn't be doing anything.
Rafael dos Santos Silva [Tue, 8 Dec 2020 18:28:31 +0000 (15:28 -0300)]
New image with fix for CVE-2020-1971 (#496)
Rafael dos Santos Silva [Tue, 8 Dec 2020 18:10:16 +0000 (15:10 -0300)]
Fix dev image to work with pg13 (#495)
Régis Hanol [Tue, 8 Dec 2020 11:08:43 +0000 (12:08 +0100)]
FIX: prompt to remove old psql data defaults to 'N'
Michael Fitz-Payne [Mon, 7 Dec 2020 22:50:50 +0000 (08:50 +1000)]
launcher: update base image for postgres 13 update. (#494)
Michael Fitz-Payne [Mon, 7 Dec 2020 22:00:08 +0000 (08:00 +1000)]
Update base image and default to postgres 13. (#493)
FEATURE: update to PostgreSQL 13.
* postgres.template.yml: update to new major version of 13.
This changes the default postgres version to 13 for the postgres
template.
* images/base: bump postgres to version 13.
* postgres.13.template.yml: add postgres 13 template.
* postgres.12.template: add step to remove pg 13 install.
* launcher: increase timeout allowed for docker stop.
With large databases Postgres may take some time to stop gracefully, so
increase the allowed timeout.
* launcher: use temporary pg13 image while build is running.
Note this will be updated once the image change lands in master.
Rafael dos Santos Silva [Thu, 26 Nov 2020 21:04:23 +0000 (18:04 -0300)]
Bump default base image
Michael Brown [Thu, 26 Nov 2020 04:51:48 +0000 (23:51 -0500)]
Handle the case where IPv6 is also used (#480)
* We want web.ssl.template.yml to handle the IPv6 case as well
Rafael dos Santos Silva [Wed, 25 Nov 2020 21:51:01 +0000 (18:51 -0300)]
FEATURE: Use a shallow clone for Discourse core
This reduces final compressed image size in 25%.
Ed Lim [Mon, 23 Nov 2020 23:08:29 +0000 (15:08 -0800)]
Adding sed statement to disable imklog in rsyslog (#489)
Sam Saffron [Fri, 20 Nov 2020 02:31:47 +0000 (13:31 +1100)]
Bump Ruby version to 2.7.2
It is compatible with Discourse and a bit faster than 2.6
We will test this image internally for a few weeks prior to bumping globally.
Sam Saffron [Wed, 18 Nov 2020 08:11:39 +0000 (19:11 +1100)]
DOCS: correct syntax error in readme
Dan Ungureanu [Mon, 16 Nov 2020 13:23:55 +0000 (15:23 +0200)]
FEATURE: Run themes:update before assets:precompile (#484)
Rafael dos Santos Silva [Wed, 11 Nov 2020 15:47:29 +0000 (12:47 -0300)]
Upgrade to Redis 6.0.9 (#487)
This unlocks using the new I/O Threads feature of Redis 6.X.
In order to support it the redis template file now accepts a parameter
allowing an operator to enable it and pick how many threads.
By default sets threads to 1, which disables the feature and acts like
redis 5.
Simon [Mon, 9 Nov 2020 04:59:11 +0000 (05:59 +0100)]
TASK: Improve README and YAML Codeblocks. (#486)
Haoming Wang [Thu, 5 Nov 2020 02:19:34 +0000 (03:19 +0100)]
Remove additional exit command (#485)
jbrw [Wed, 21 Oct 2020 00:18:45 +0000 (20:18 -0400)]
FEATURE: Replace the default ImageMagick policy.xml (#483)
* Replace the default ImageMagick policy.xml
Replace the default ImageMagick policy.xml with a file containing some resource limitiations. The intention is to stop exceptionally oversized images (and/or malformed images) from consuming all resources on a system.
The values provided should provide ample resources for any reasonable image to be processed without hinderance.
Stephen [Sun, 18 Oct 2020 20:01:09 +0000 (13:01 -0700)]
Reflect Discourse default of HTTPS (#482)
Discourse installs HTTPS as standard, so mail-receiver should probably reflect this too.
Sam Saffron [Thu, 8 Oct 2020 04:13:28 +0000 (15:13 +1100)]
Update base image to cover latest security fixes
Image has been tested on internal Discourse servers and is good
Penar Musaraj [Sun, 30 Aug 2020 14:29:32 +0000 (10:29 -0400)]
Install libxss1 for the test image, looks like it is needed by Chrome
See also https://github.com/puppeteer/puppeteer/issues/6192
Sam Saffron [Tue, 25 Aug 2020 07:20:51 +0000 (17:20 +1000)]
FIX: Always remove pids on boot
Previously if unicorn stopped abruptly we could have a situation where
pids were left around
This could lead to Sidekiq not booting
This will ensure that on boot our state is clean
David Taylor [Wed, 5 Aug 2020 16:25:17 +0000 (17:25 +0100)]
DEV: Raise an error when env variable is a YAML hash (#479)
This is never intended, and almost always causes unintended behaviour
Jay Pfaffman [Tue, 4 Aug 2020 22:47:30 +0000 (15:47 -0700)]
FIX: discourse-doctor plugin check too loose (#478)
The non-official plugin check was looking only for `git`, which would match other things in the yml file (e.g., a digital ocean S3 bucket name).
`grep` for `'git clone'` should solve that problem.
Though I did test this edit on a running sitee, I made these edit in the web interface by hand rather than pushing a commit where I tested it. Please look twice to make sure that I didn't do something silly when making the edit here.
Penar Musaraj [Wed, 29 Jul 2020 19:11:16 +0000 (15:11 -0400)]
Update base image
Sam Saffron [Tue, 28 Jul 2020 02:58:09 +0000 (12:58 +1000)]
DEV: overlay2 is the recommended storage engine not aufs
overlay2 is supported in all latest kernels and the default storage engine
for new installs of docker.
Recommend it.
Penar Musaraj [Fri, 24 Jul 2020 13:09:15 +0000 (09:09 -0400)]
Update dependencies: nginx, redis, imagemagick (#475)
- Redis from 5.0.5 to 5.0.9
- Nginx from 1.17.9 to 1.18.0
- ImageMagick from 7.0.10-6 to 7.0.10-24
Guo Xiang Tan [Mon, 20 Jul 2020 06:24:51 +0000 (14:24 +0800)]
Install less by default.
Useful for scanning through log files. Production Rails REPL uses Pry
which depends on less for paging. The default pager is not as user
friendly.
Michael Brown [Wed, 15 Jul 2020 17:29:26 +0000 (13:29 -0400)]
FIX: remove db_max_wal_senders and db_wal_level entirely
* I had previously removed the db_wal_level and db_max_wal_senders but
foolishly assumed there was some sort of default or they would only get
replaced if defined
Michael Brown [Wed, 15 Jul 2020 16:50:35 +0000 (12:50 -0400)]
FIX: re-exec code was broken
* BASH_ARGV is only used in extended debugging mode
Penar Musaraj [Tue, 14 Jul 2020 19:39:45 +0000 (15:39 -0400)]
Build libheif from source for Ubuntu (#474)
Michael Brown [Wed, 15 Jul 2020 15:56:46 +0000 (11:56 -0400)]
Update postgres templates (#472)
* postgres: Allow replication and basebackups to happen
* the overrides for db_wal_level and db_max_wal_senders disallow
replication and basebackups to be taken
* there is no need for us to disable these features, allow the defaults to stay
* postgres: remove out-of-support templates
* taken from https://www.postgresql.org/support/versioning/ :
* postgres 9.2 and 9.3 are no longer supported
* 9.5 will be supported until February 11, 2021:
Penar Musaraj [Fri, 10 Jul 2020 13:20:52 +0000 (09:20 -0400)]
Add HEIF conversion support to ImageMagick (#473)
Sam Saffron [Tue, 7 Jul 2020 00:04:34 +0000 (10:04 +1000)]
improve permissions in tmp directory
previously could be owned by the root group
Jeff Wong [Mon, 6 Jul 2020 23:28:56 +0000 (16:28 -0700)]
Revert "Revert rake call to pull_compatible_all"
This reverts commit
0edf993a55953c9d5ee8856c87825659401c92c3.
Jeff Wong [Mon, 6 Jul 2020 23:23:17 +0000 (16:23 -0700)]
Revert rake call to pull_compatible_all
Jeff Wong [Mon, 6 Jul 2020 23:14:01 +0000 (16:14 -0700)]
FIX: run pull_compatible_all as discourse