server-setup/templates/var/discourse/containers/app.yml

175 lines
6.7 KiB
YAML
Raw Normal View History

2024-07-05 05:03:06 +00:00
## this is the all-in-one, standalone Discourse Docker container template
##
## After making changes to this file, you MUST rebuild
## /var/discourse/launcher rebuild app
##
## Based on https://meta.discourse.org/t/run-other-websites-on-the-same-machine-as-discourse/17247
templates:
- "templates/postgres.template.yml"
- "templates/redis.template.yml"
- "templates/web.template.yml"
## Uncomment the next line to enable the IPv6 listener
#- "templates/web.ipv6.template.yml"
- "templates/web.ratelimited.template.yml"
- "templates/web.socketed.template.yml"
## Uncomment these two lines if you wish to add Lets Encrypt (https)
#- "templates/web.ssl.template.yml"
#- "templates/web.letsencrypt.ssl.template.yml"
## which TCP/IP ports should this container expose?
## If you want Discourse to share a port with another webserver like Apache or nginx,
## see https://meta.discourse.org/t/17247 for details
#expose:
# - "80:80" # http
# - "443:443" # https
params:
db_default_text_search_config: "pg_catalog.english"
## Set db_shared_buffers to a max of 25% of the total memory.
## will be set automatically by bootstrap based on detected RAM, or you can override
db_shared_buffers: "512MB"
## can improve sorting performance, but adds memory usage per-connection
#db_work_mem: "40MB"
## Which Git revision should this container use? (default: tests-passed)
#version: tests-passed
env:
LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
# DISCOURSE_DEFAULT_LOCALE: en
## How many concurrent web requests are supported? Depends on memory and CPU cores.
## will be set automatically by bootstrap based on detected CPUs, or you can override
UNICORN_WORKERS: 4
## TODO: The domain name this Discourse instance will respond to
## Required. Discourse will not work with a bare IP number.
DISCOURSE_HOSTNAME: forum.${BASE_DOMAIN_NAME}
## Uncomment if you want the container to be started with the same
## hostname (-h option) as specified above (default "$hostname-$config")
#DOCKER_USE_HOSTNAME: true
## TODO: List of comma delimited emails that will be made admin and developer
## on initial signup example 'user1@example.com,user2@example.com'
DISCOURSE_DEVELOPER_EMAILS: 'postmaster@${BASE_DOMAIN_NAME}'
## TODO: The SMTP mail server used to validate new accounts and send notifications
# SMTP ADDRESS, username, and password are required
# WARNING the char '#' in SMTP password can cause problems!
DISCOURSE_SMTP_ADDRESS: ${BASE_DOMAIN_NAME}
DISCOURSE_SMTP_PORT: 587
DISCOURSE_SMTP_USER_NAME: forum-noreply
DISCOURSE_SMTP_PASSWORD: "${forum_smtp_passwd}"
#DISCOURSE_SMTP_ENABLE_START_TLS: true # (optional, default true)
DISCOURSE_SMTP_DOMAIN: ${BASE_DOMAIN_NAME}
DISCOURSE_NOTIFICATION_EMAIL: forum-noreply@${BASE_DOMAIN_NAME}
## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate
#LETSENCRYPT_ACCOUNT_EMAIL: me@example.com
## The http or https CDN address for this Discourse instance (configured to pull)
## see https://meta.discourse.org/t/14857 for details
#DISCOURSE_CDN_URL: https://discourse-cdn.example.com
## The maxmind geolocation IP account ID and license key for IP address lookups
## see https://meta.discourse.org/t/-/173941 for details
#DISCOURSE_MAXMIND_ACCOUNT_ID: 123456
#DISCOURSE_MAXMIND_LICENSE_KEY: 1234567890123456
## The Docker container is stateless; all data is stored in /shared
volumes:
- volume:
host: /var/discourse/shared/standalone
guest: /shared
- volume:
host: /var/discourse/shared/standalone/log/var-log
guest: /var/log
- volume:
host: /usr/local/share/ca-certificates
guest: /usr/local/share/ca-certificates:ro
## Plugins go here
## see https://meta.discourse.org/t/19157 for details
hooks:
after_code:
- exec:
cd: $home/plugins
cmd:
- git clone https://github.com/discourse/docker_manager.git
## Any custom commands to run after building
run:
- exec: echo "Beginning of custom commands"
- exec: |-
if rails r 'exit(1) if User.find_by_email("postmaster@${BASE_DOMAIN_NAME}")'; then
rails r "SiteSetting.pop3_polling_openssl_verify = false" || exit
rails site_settings:import <<EOF2 || exit
---
title: Libre-Chip Forum
exclude_rel_nofollow_domains: ${BASE_DOMAIN_NAME}
share_links: email
share_quote_buttons: email
default_dark_mode_color_scheme_id: '1'
enable_badges: 'false'
pending_users_reminder_delay_minutes: '5'
title_prettify: 'false'
title_fancy_entities: 'false'
enable_markdown_typographer: 'false'
highlighted_languages: bash|c|cpp|csharp|css|diff|ini|javascript|json|lua|makefile|markdown|plaintext|python|python-repl|rust|shell|typescript|xml|yaml|wasm|llvm|coq|x86asm|verilog|vhdl|scala
enable_emoji_shortcuts: 'false'
reply_by_email_address: forum+%{reply_key}@${BASE_DOMAIN_NAME}
pop3_polling_period_mins: '1'
pop3_polling_host: ${BASE_DOMAIN_NAME}
pop3_polling_username: forum
pop3_polling_password: ${forum_smtp_passwd}
pop3_polling_enabled: 'true'
reply_by_email_enabled: 'true'
log_mail_processing_failures: 'true'
email_in: 'true'
email_in_allowed_groups: 1|2|0
default_trust_level: '1'
force_https: 'true'
moderators_manage_categories_and_groups: 'true'
moderators_view_emails: 'true'
allowed_iframes: https://www.google.com/maps/embed?|https://www.openstreetmap.org/export/embed.html?|https://calendar.google.com/calendar/embed?|https://codepen.io/|http://forum.${BASE_DOMAIN_NAME}/discobot/certificate.svg|https://forum.${BASE_DOMAIN_NAME}/discobot/certificate.svg
default_navigation_menu_categories: 2|3|4
automatic_backups_enabled: 'false'
sequential_replies_threshold: '4'
get_a_room_threshold: '10000'
default_composer_category: '4'
share_anonymized_statistics: 'false'
default_email_mailing_list_mode: 'true'
disable_mailing_list_mode: 'false'
enable_offline_indicator: 'true'
chat_enabled: 'false'
EOF2
rails r "SiteSetting.pop3_polling_openssl_verify = true" || exit
rails r - <<EOF2 || exit
u = User.new
u.email = "postmaster@${BASE_DOMAIN_NAME}"
u.username = "postmaster"
u.password = "$mail_passwd"
u.name = "Admin User"
u.save!
u.active = true
u.save!
u.grant_admin!
u.change_trust_level!(1) if u.trust_level < 1
u.email_tokens.update_all confirmed: true
u.activate
EOF2
fi
- file:
path: /etc/runit/1.d/000-update-certificates
chmod: "+x"
contents: |
#!/bin/bash
exec update-ca-certificates
- exec: echo "End of custom commands"