Merge pull request 'main' (#4) from main into custom-container-actions

Reviewed-on: #4

.gitea/workflows/test-code-quality.yaml

@@ -3,6 +3,7 @@ on: [push, pull_request]
 jobs:
   Quality-Check:
     runs-on: ubuntu-22.04
+    container: drunkendog/standard-build-actions
     steps:
       - name: Check out repository code
         uses: actions/checkout@v3

scripts/minio/README.md

@@ -1,21 +0,0 @@
-# Minio
-
-## Configuring Prometheus
-
-Create a user `prometheus` with policy
-
-```s3
-{
-    "Version": "2012-10-17",
-    "Statement": [
-        {
-            "Effect": "Allow",
-            "Action": [
-                "admin:Prometheus"
-            ]
-        }
-    ]
-}
-```
-
-then run `mc alias set metrics http://172.30.26.1:9000 prometheus {password} && mc admin prometheus generate metrics` and add the output into /opt/prometheus/prometheus.yml

scripts/minio/install-second-vhost.py

@@ -1,44 +0,0 @@
-import os
-import argparse
-import warnings
-
-
-def get_cached_email() -> str:
-    with open("../email.cache", "r") as f:
-        email = f.read().strip()
-    return email
-
-
-def cache_email(email: str) -> None:
-    try:
-        with open("../email.cache", "w") as f:
-            f.write(email)
-    except Exception as e:
-        warnings.warn(e, Warning)
-
-
-parser = argparse.ArgumentParser()
-parser.add_argument("domain")
-parser.add_argument("email", nargs='?', default=None) # to not recache emails retreived from cache
-parser.add_argument("cache_email", nargs='?', default=True)
-args = parser.parse_args()
-
-if args.cache_email is True and args.email is not None:
-    cache_email(args.email)
-if args.email is None:
-    args.email = get_cached_email()
-
-os.makedirs(os.path.dirname("/opt/quick-recover/"), exist_ok=True)
-with open("/opt/quick-recover/minio-api.conf", "w") as f:
-    f.write(f"export DOMAIN='{args.domain}'\n")
-    f.write(f"export EMAIL='{args.email}'\n")
-
-with open("nginx-api-proxy-template.conf", "r") as f:
-    template = f.read().replace("#serverNameVar", f"{args.domain}")
-
-with open("/etc/nginx/sites-available/minio-api.conf", "w") as f:
-    f.write(template)
-
-os.system(f"sh ../getcert.sh {args.domain} {args.email}")
-
-os.system("sh ../nginx-ensite.sh minio-api")

scripts/minio/launch-docker.sh

@@ -1,14 +0,0 @@
-. /opt/minio/minio.conf
-
-docker run -d --net main_subnet --ip 172.30.26.1 \
-  -e TZ=America/New_York \
-  -v /opt/minio/data:/data \
-  --name=minio \
-  -e "MINIO_ROOT_USER=$MINIO_USER" \
-  -e "MINIO_ROOT_PASSWORD=$MINIO_PASSWORD" \
-  -e "MINIO_SERVER_URL=$MINIO_SERVER_URL" \
-  -e "MINIO_BROWSER_REDIRECT_URL=$MINIO_BROWSER_REDIRECT_URL" \
-  -e "MINIO_PROMETHEUS_URL=$PROMETHEUS_URL" \
-  -e "MINIO_PROMETHEUS_JOB_ID=$PROMETHEUS_JOB_ID" \
-  --restart unless-stopped \
-quay.io/minio/minio server /data --console-address ":9090"

scripts/minio/manifest.dat

@@ -1,10 +0,0 @@
-
-%
-@ #ip_address 
-@ http://172.30.26.1:9090/
-%
-@ #service
-@ minio
-%
-@ #ADDITIONAL_REPLACE
-@ template = template.replace("proxy_set_header Host $host;", "proxy_set_header Host $host;\nproxy_set_header Upgrade $http_upgrade;\nproxy_set_header Connection \"upgrade\";")

scripts/minio/minio.conf.example

@@ -1,6 +0,0 @@
-MINIO_USER="admin"
-MINIO_PASSWORD=
-MINIO_SERVER_URL=
-MINIO_BROWSER_REDIRECT_URL=
-PROMETHEUS_URL="https://user:pass@prometheus.example"
-PROMETHEUS_JOB_ID=

scripts/minio/nginx-api-proxy-template.conf

@@ -1,31 +0,0 @@
-server {
-        listen 443;
-        server_name #serverNameVar;
-
-        ssl on;
-        ssl_certificate /etc/letsencrypt/live/#serverNameVar/fullchain.pem;
-        ssl_certificate_key /etc/letsencrypt/live/#serverNameVar/privkey.pem;
-
-        location / {
-                proxy_pass http://172.30.26.1:9000/;
-                proxy_set_header Host $http_host;
-                proxy_set_header X-Real-IP $remote_addr;
-                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-                proxy_set_header X-Forwarded-Proto $scheme;
-
-                proxy_connect_timeout 300;
-                # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
-                proxy_http_version 1.1;
-                proxy_set_header Connection "";
-                chunked_transfer_encoding off;
-        }
-}
-
-server {
-    listen 80;
-    server_name #serverNameVar;
-
-    location / {
-        return 301 https://#serverNameVar$request_uri;
-    }
-}

scripts/prometheus/launch-docker.sh

@@ -1,7 +0,0 @@
-docker run -d --net main_subnet --ip 172.30.27.1 \
-  -v /opt/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml \
-  -v /opt/prometheus/web.yml:/etc/prometheus/web.yml \
-  -v /opt/prometheus/data:/prometheus \
-  --name=prometheus \
-  --restart unless-stopped \
-prom/prometheus --config.file=/etc/prometheus/prometheus.yml --web.config.file=/etc/prometheus/web.yml

scripts/prometheus/manifest.dat

@@ -1,12 +0,0 @@
-%
-@ #ip_address 
-@ http://172.30.27.1:9090/
-%
-@ #service
-@ prometheus
-%
-@ #ADDITIONAL_REPLACE
-@ template = template.replace("proxy_set_header Host $host;", "proxy_set_header Host $host;\nproxy_set_header Upgrade $http_upgrade;\nproxy_set_header Connection \"upgrade\";")
-%
-@ #START_CONTAINER
-@ os.system("mkdir -p /opt/prometheus/data && touch /opt/prometheus/prometheus.yaml && touch /opt/prometheus/web.yaml && chown -R nobody:nogroup /opt/prometheus/")

scripts/prometheus/web.yml.example

@@ -1,2 +0,0 @@
-basic_auth_users:
-    admin: {bcrypt-hashed-password}

scripts/setup-template.py

@@ -22,8 +22,8 @@ def cache_email(email: str) -> None:
 #PARSE_ARGS
 parser = argparse.ArgumentParser()
 parser.add_argument("domain")
-parser.add_argument("email", nargs='?', default=None) # to not recache emails retreived from cache
+parser.add_argument("email", default=None) # to not recache emails retreived from cache
-parser.add_argument("cache_email", nargs='?', default=True)
+parser.add_argument("cache_email", default=True)
 args = parser.parse_args()
 
 #CACHE