wallabag/docker
1
0
Fork 1
mirror of https://github.com/wallabag/docker.git synced 2026-02-27 12:17:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into docker-secrets

Browse Source
This commit is contained in:
Anes Belfodil
2025-04-24 18:57:28 -04:00
committed by GitHub
parent dfc3a38db1 dd237ec16e
commit a2ed3534e1
21 changed files with 1079 additions and 1057 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.github/dependabot.yml vendored
View File

@ -12,3 +12,10 @@ updates:
versions:
- ">= 3.11.a"
- "< 3.12"
- package-ecosystem: github-actions
directory: "/"
schedule:
interval: weekly
time: "04:00"
timezone: Europe/Paris
open-pull-requests-limit: 10

57
.github/workflows/publish.yml vendored Normal file
View File

@ -0,0 +1,57 @@
name: Publish Docker image
on:
release:
types: [published]
jobs:
push_to_registries:
name: Push Docker image to multiple registries
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Documentation: https://github.com/docker/setup-qemu-action
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
# Documentation: https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: |
wallabag/wallabag
ghcr.io/${{ github.repository }}
- name: Build and push Docker images
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
# Support for different platforms, see here:
# https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#-set-the-target-platforms-for-the-build---platform
platforms: linux/amd64,linux/arm64,linux/arm/v7

31
.github/workflows/test.yml vendored
View File

@ -25,31 +25,28 @@ jobs:
steps:
- name: "Checkout"
uses: "actions/checkout@v2"
uses: actions/checkout@v4
with:
fetch-depth: 2
- name: Set up Python
uses: actions/setup-python@v2
uses: actions/setup-python@v5
with:
python-version: 3.5
python-version: 3.11
- name: "Build image"
run: docker-compose -f tests/docker-compose.${{ matrix.database }}.yml build
- name: "Run image"
run: docker-compose -f tests/docker-compose.${{ matrix.database }}.yml up -d
run: docker compose -f tests/docker-compose.${{ matrix.database }}.yml build
- name: "Install dependencies"
run: |
pip install pytest
pip install requests
- name: "Check running instance"
run: docker ps
- name: "Wait 60s"
run: sleep 60
run: pip install pytest pytest-docker requests
- name: "Run tests"
run: py.test tests/
run: py.test --database=${{ matrix.database }} tests/
- name: "Get docker logs"
if: ${{ always() }}
run: docker compose -p "wallabag_${{ matrix.database }}" -f tests/docker-compose.${{ matrix.database }}.yml logs wallabag
- name: "Cleanup environment"
if: ${{ always() }}
run: docker compose -p "wallabag_${{ matrix.database }}" -f tests/docker-compose.${{ matrix.database }}.yml down -v

112
Dockerfile
View File

@ -1,73 +1,91 @@
FROM alpine:3.12
ARG COMPOSER_VERSION=2.5.8
LABEL maintainer "Marvin Steadfast <marvin@xsteadfastx.org>"
FROM composer:$COMPOSER_VERSION as composer
ARG WALLABAG_VERSION=2.4.1
FROM golang:alpine as builder
RUN apk add gnu-libiconv --update-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/community/ --allow-untrusted
ENV LD_PRELOAD /usr/lib/preloadable_libiconv.so php
# envsubst from gettext can not replace env vars with default values
# this package is not available for ARM32 and we have to build it from source code
# flag -ldflags "-s -w" produces a smaller executable
RUN go install -ldflags "-s -w" -v github.com/a8m/envsubst/cmd/envsubst@v1.3.0
FROM alpine:3.18
COPY --from=builder /go/bin/envsubst /usr/bin/envsubst
ARG WALLABAG_VERSION=2.6.12
RUN set -ex \
&& apk update \
&& apk upgrade --available \
&& apk add \
ansible \
&& apk add --no-cache \
curl \
git \
libwebp \
mariadb-client \
nginx \
pcre \
php7 \
php7-amqp \
php7-bcmath \
php7-ctype \
php7-curl \
php7-dom \
php7-fpm \
php7-gd \
php7-gettext \
php7-iconv \
php7-json \
php7-mbstring \
php7-openssl \
php7-pdo_mysql \
php7-pdo_pgsql \
php7-pdo_sqlite \
php7-phar \
php7-session \
php7-simplexml \
php7-tokenizer \
php7-xml \
php7-zlib \
php7-sockets \
php7-xmlreader \
php7-tidy \
php7-intl \
py3-mysqlclient \
py3-psycopg2 \
py-simplejson \
php81 \
php81-bcmath \
php81-ctype \
php81-curl \
php81-dom \
php81-fpm \
php81-gd \
php81-gettext \
php81-iconv \
php81-json \
php81-mbstring \
php81-opcache \
php81-openssl \
php81-pecl-amqp \
php81-pecl-imagick \
php81-pdo_mysql \
php81-pdo_pgsql \
php81-pdo_sqlite \
php81-phar \
php81-session \
php81-simplexml \
php81-tokenizer \
php81-xml \
php81-zlib \
php81-sockets \
php81-xmlreader \
php81-tidy \
php81-intl \
php81-sodium \
mariadb-client \
postgresql14-client \
rabbitmq-c \
s6 \
tar \
tzdata \
make \
bash \
&& ln -sf /usr/bin/php81 /usr/bin/php \
&& ln -sf /usr/sbin/php-fpm81 /usr/sbin/php-fpm \
&& rm -rf /var/cache/apk/* \
&& ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log \
&& curl -s https://getcomposer.org/installer | php \
&& mv composer.phar /usr/local/bin/composer \
&& composer selfupdate --1 \
&& git clone --branch $WALLABAG_VERSION --depth 1 https://github.com/wallabag/wallabag.git /var/www/wallabag
&& ln -sf /dev/stderr /var/log/nginx/error.log
COPY --from=composer /usr/bin/composer /usr/local/bin/composer
COPY root /
RUN set -ex \
&& curl -L -o /tmp/wallabag.tar.gz https://github.com/wallabag/wallabag/releases/download/$WALLABAG_VERSION/wallabag-$WALLABAG_VERSION.tar.gz \
&& tar xvf /tmp/wallabag.tar.gz -C /tmp \
&& mkdir /var/www/wallabag \
&& mv /tmp/wallabag-*/* /var/www/wallabag/ \
&& rm -rf /tmp/wallabag* \
&& cd /var/www/wallabag \
&& mkdir data/assets \
&& envsubst < /etc/wallabag/parameters.template.yml > app/config/parameters.yml \
&& SYMFONY_ENV=prod composer install --no-dev -o --prefer-dist --no-progress \
&& rm -rf /root/.composer/* /var/www/wallabag/var/cache/* /var/www/wallabag/var/logs/* /var/www/wallabag/var/sessions/* \
&& chown -R nobody:nobody /var/www/wallabag
ENV PATH="${PATH}:/var/www/wallabag/bin"
# Set console entry path
WORKDIR /var/www/wallabag
HEALTHCHECK CMD curl --fail --silent --show-error --user-agent healthcheck http://localhost/api/info || exit 1
EXPOSE 80
ENTRYPOINT ["/entrypoint.sh"]
CMD ["wallabag"]

35
README.md
View File

@ -24,17 +24,15 @@ Default login is `wallabag:wallabag`.
- `-e SYMFONY__ENV__DATABASE_USER=...` (defaults to "root", this is the name of the database user to use)
- `-e SYMFONY__ENV__DATABASE_PASSWORD=...` (defaults to "~", this is the password of the database user to use)
- `-e SYMFONY__ENV__DATABASE_CHARSET=...` (defaults to utf8, this is the database charset to use)
- `-e SYMFONY__ENV__DATABASE_TABLE_PREFIX=...` (defaults to "wallabag_". Specifies the prefix for each database table)
- `-e SYMFONY__ENV__SECRET=...` (defaults to "ovmpmAWXRCabNlMgzlzFXDYmCFfzGv")
- `-e SYMFONY__ENV__LOCALE=...` (default to en)
- `-e SYMFONY__ENV__MAILER_HOST=...` (defaults to "127.0.0.1", the SMTP host)
- `-e SYMFONY__ENV__MAILER_USER=...` (defaults to "~", the SMTP user)
- `-e SYMFONY__ENV__MAILER_PASSWORD=...`(defaults to "~", the SMTP password)
- `-e SYMFONY__ENV__MAILER_DSN=...` (defaults to "smtp://127.0.0.1")
- `-e SYMFONY__ENV__FROM_EMAIL=...`(defaults to "`wallabag@example.com`", the address wallabag uses for outgoing emails)
- `-e SYMFONY__ENV__TWOFACTOR_AUTH=...` (defaults to "true", enable or disable two-factor authentication)
- `-e SYMFONY__ENV__TWOFACTOR_SENDER=...` (defaults to "`no-reply@wallabag.org`", the address wallabag uses for two-factor emails)
- `-e SYMFONY__ENV__FOSUSER_REGISTRATION=...`(defaults to "true", enable or disable public user registration)
- `-e SYMFONY__ENV__FOSUSER_REGISTRATION=...`(defaults to "false", enable or disable public user registration)
- `-e SYMFONY__ENV__FOSUSER_CONFIRMATION=...`(defaults to "true", enable or disable registration confirmation)
- `-e SYMFONY__ENV__DOMAIN_NAME=...` defaults to "`https://your-wallabag-url-instance.com`", the URL of your wallabag instance)
- `-e SYMFONY__ENV__DOMAIN_NAME=...` defaults to "`https://your-wallabag-instance.wallabag.org`", the URL of your wallabag instance)
- `-e SYMFONY__ENV__REDIS_SCHEME=...` (defaults to "tcp", protocol to use to communicate with the target server (tcp, unix, or http))
- `-e SYMFONY__ENV__REDIS_HOST=...` (defaults to "redis", IP or hostname of the target server)
- `-e SYMFONY__ENV__REDIS_PORT=...` (defaults to "6379", port of the target host)
@ -43,6 +41,7 @@ Default login is `wallabag:wallabag`.
- `-e SYMFONY__ENV__SENTRY_DSN=...` (defaults to "~", this is the data source name for sentry)
- `-e POPULATE_DATABASE=...`(defaults to "True". Does the DB has to be populated or is it an existing one)
- `-e SYMFONY__ENV__SERVER_NAME=...` (defaults to "Your wallabag instance". Specifies a user-friendly name for the 2FA issuer)
- `-e PHP_MEMORY_LIMIT=...` (allows you to change the PHP `memory_limit` value. defaults to 128M, and should be a number and unit, eg. 512K, 128M, 2G, or a number of bytes)
To set any of these environment variables from a file (for instance a Docker Secret), append `__FILE` to the name of the environment variable.
@ -109,13 +108,13 @@ $ docker exec -t NAME_OR_ID_OF_YOUR_WALLABAG_CONTAINER /var/www/wallabag/bin/con
## docker-compose
It's a good way to use [docker-compose](https://docs.docker.com/compose/). Example:
An example [docker-compose](https://docs.docker.com/compose/) file can be seen below:
```
version: '3'
services:
wallabag:
image: wallabag/wallabag
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=wallaroot
- SYMFONY__ENV__DATABASE_DRIVER=pdo_mysql
@ -125,24 +124,36 @@ services:
- SYMFONY__ENV__DATABASE_USER=wallabag
- SYMFONY__ENV__DATABASE_PASSWORD=wallapass
- SYMFONY__ENV__DATABASE_CHARSET=utf8mb4
- SYMFONY__ENV__MAILER_HOST=127.0.0.1
- SYMFONY__ENV__MAILER_USER=~
- SYMFONY__ENV__MAILER_PASSWORD=~
- SYMFONY__ENV__DATABASE_TABLE_PREFIX="wallabag_"
- SYMFONY__ENV__MAILER_DSN=smtp://127.0.0.1
- SYMFONY__ENV__FROM_EMAIL=wallabag@example.com
- SYMFONY__ENV__DOMAIN_NAME=https://your-wallabag-url-instance.com
- SYMFONY__ENV__DOMAIN_NAME=https://your-wallabag-instance.wallabag.org
- SYMFONY__ENV__SERVER_NAME="Your wallabag instance"
ports:
- "80"
volumes:
- /opt/wallabag/images:/var/www/wallabag/web/assets/images
depends_on:
- db
- redis
db:
image: mariadb
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=wallaroot
volumes:
- /opt/wallabag/data:/var/lib/mysql
healthcheck:
test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
interval: 20s
timeout: 3s
redis:
image: redis:alpine
restart: unless-stopped
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 20s
timeout: 3s
```
Note that you must fill out the mail related variables according to your mail config.

4
conftest.py Normal file
View File

@ -0,0 +1,4 @@
import pytest
def pytest_addoption(parser):
parser.addoption("--database", action="store", default="default")

115
root/entrypoint.sh
View File

@ -1,4 +1,6 @@
#!/bin/sh
# Exit when any command fails
set -e
FILE_ENV_VARS="$(env | grep '__FILE=')"
for env_var in $FILE_ENV_VARS; do
@ -10,28 +12,115 @@ for env_var in $FILE_ENV_VARS; do
export $(echo $new_var | xargs)
done
provisioner () {
echo "Starting provisioner..."
if ! out=`ansible-playbook -i /etc/ansible/hosts /etc/ansible/entrypoint.yml -c local "$@"`;then
echo $out;
fi
echo "Provisioner finished."
COMMAND_ARG1="$1"
COMMAND_ARG2="$2"
cd /var/www/wallabag || exit
wait_for_database() {
timeout 60s /bin/sh -c "$(cat << EOF
until echo 'Waiting for database ...' \
&& nc -z ${SYMFONY__ENV__DATABASE_HOST} ${SYMFONY__ENV__DATABASE_PORT} < /dev/null > /dev/null 2>&1 ; \
do sleep 1 ; done
EOF
)"
}
if [ "$1" = "wallabag" ];then
install_wallabag() {
su -c "php bin/console wallabag:install --env=prod -n" -s /bin/sh nobody
}
provisioner() {
SYMFONY__ENV__DATABASE_DRIVER=${SYMFONY__ENV__DATABASE_DRIVER:-pdo_sqlite}
POPULATE_DATABASE=${POPULATE_DATABASE:-True}
SQLITE_DB_DIR="/var/www/wallabag/data/db"
SQLITE_DB_FILEPATH="$SQLITE_DB_DIR/wallabag.sqlite"
# Replace environment variables
envsubst < /etc/wallabag/parameters.template.yml > app/config/parameters.yml
envsubst < /etc/wallabag/php-wallabag.template.ini > /etc/php81/conf.d/50_wallabag.ini
# Wait for external database
if [ "$SYMFONY__ENV__DATABASE_DRIVER" = "pdo_mysql" ] || [ "$SYMFONY__ENV__DATABASE_DRIVER" = "pdo_pgsql" ] ; then
wait_for_database
fi
# Configure SQLite database
if [ "$SYMFONY__ENV__DATABASE_DRIVER" = "pdo_sqlite" ]; then
# mkdir and chown are mandatory for local folder binding
if [ ! -f "$SQLITE_DB_FILEPATH" ]; then
mkdir -p "$SQLITE_DB_DIR"
chown nobody: "$SQLITE_DB_DIR"
fi
if [ ! -s "$SQLITE_DB_FILEPATH" ]; then
echo "Configuring the SQLite database ..."
install_wallabag
fi
fi
# Configure MySQL / MariaDB database
if [ "$SYMFONY__ENV__DATABASE_DRIVER" = "pdo_mysql" ] && [ "$POPULATE_DATABASE" = "True" ] && [ "$MYSQL_ROOT_PASSWORD" != "" ] ; then
DATABASE_EXISTS="$(mysql -h "${SYMFONY__ENV__DATABASE_HOST}" --port "${SYMFONY__ENV__DATABASE_PORT}" -uroot -p"${MYSQL_ROOT_PASSWORD}" \
-sse "SELECT EXISTS(SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = '$SYMFONY__ENV__DATABASE_NAME')")"
if [ "$DATABASE_EXISTS" != "1" ]; then
echo "Configuring the MySQL database ..."
mysql -h "${SYMFONY__ENV__DATABASE_HOST}" --port "${SYMFONY__ENV__DATABASE_PORT}" -uroot -p"${MYSQL_ROOT_PASSWORD}" \
-e "CREATE DATABASE IF NOT EXISTS ${SYMFONY__ENV__DATABASE_NAME} CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
USER_EXISTS="$(mysql -h "${SYMFONY__ENV__DATABASE_HOST}" --port "${SYMFONY__ENV__DATABASE_PORT}" -uroot -p"${MYSQL_ROOT_PASSWORD}" \
-sse "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE user = '$SYMFONY__ENV__DATABASE_USER')")"
if [ "$USER_EXISTS" != "1" ]; then
mysql -h "${SYMFONY__ENV__DATABASE_HOST}" --port "${SYMFONY__ENV__DATABASE_PORT}" -uroot -p"${MYSQL_ROOT_PASSWORD}" \
-e "CREATE USER IF NOT EXISTS '${SYMFONY__ENV__DATABASE_USER}'@'%' IDENTIFIED BY '${SYMFONY__ENV__DATABASE_PASSWORD}';"
mysql -h "${SYMFONY__ENV__DATABASE_HOST}" --port "${SYMFONY__ENV__DATABASE_PORT}" -uroot -p"${MYSQL_ROOT_PASSWORD}" \
-e "GRANT ALL PRIVILEGES ON ${SYMFONY__ENV__DATABASE_NAME}.* TO '${SYMFONY__ENV__DATABASE_USER}'@'%';"
fi
install_wallabag
else
echo "WARN: MySQL database is already configured. Remove the environment variable with root password."
fi
fi
# Configure Postgres database
if [ "$SYMFONY__ENV__DATABASE_DRIVER" = "pdo_pgsql" ] && [ "$POPULATE_DATABASE" = "True" ] && [ "$POSTGRES_PASSWORD" != "" ] ; then
export PGPASSWORD="${POSTGRES_PASSWORD}"
DATABASE_EXISTS="$(psql -qAt -h "${SYMFONY__ENV__DATABASE_HOST}" -p "${SYMFONY__ENV__DATABASE_PORT}" -U "${POSTGRES_USER}" \
-c "SELECT 1 FROM pg_catalog.pg_database WHERE datname = '${SYMFONY__ENV__DATABASE_NAME}';")"
if [ "$DATABASE_EXISTS" != "1" ]; then
echo "Configuring the Postgres database ..."
psql -q -h "${SYMFONY__ENV__DATABASE_HOST}" -p "${SYMFONY__ENV__DATABASE_PORT}" -U "${POSTGRES_USER}" \
-c "CREATE DATABASE ${SYMFONY__ENV__DATABASE_NAME};"
USER_EXISTS="$(psql -qAt -h "${SYMFONY__ENV__DATABASE_HOST}" -p "${SYMFONY__ENV__DATABASE_PORT}" -U "${POSTGRES_USER}" \
-c "SELECT 1 FROM pg_roles WHERE rolname = '${SYMFONY__ENV__DATABASE_USER}';")"
if [ "$USER_EXISTS" != "1" ]; then
psql -q -h "${SYMFONY__ENV__DATABASE_HOST}" -p "${SYMFONY__ENV__DATABASE_PORT}" -U "${POSTGRES_USER}" \
-c "CREATE ROLE ${SYMFONY__ENV__DATABASE_USER} with PASSWORD '${SYMFONY__ENV__DATABASE_PASSWORD}' LOGIN;"
fi
install_wallabag
else
echo "WARN: Postgres database is already configured. Remove the environment variable with root password."
fi
fi
# Remove cache and install Wallabag
rm -f -r /var/www/wallabag/var/cache
su -c "SYMFONY_ENV=prod composer install --no-dev -o --prefer-dist" -s /bin/sh nobody
}
if [ "$COMMAND_ARG1" = "wallabag" ]; then
echo "Starting wallabag ..."
provisioner
echo "wallabag is ready!"
exec s6-svscan /etc/s6/
fi
if [ "$1" = "import" ];then
provisioner --skip-tags=firstrun
cd /var/www/wallabag/
exec su -c "bin/console wallabag:import:redis-worker --env=prod $2 -vv" -s /bin/sh nobody
if [ "$COMMAND_ARG1" = "import" ]; then
provisioner
exec su -c "bin/console wallabag:import:redis-worker --env=prod $COMMAND_ARG2 -vv" -s /bin/sh nobody
fi
if [ "$1" = "migrate" ];then
if [ "$COMMAND_ARG1" = "migrate" ]; then
provisioner
cd /var/www/wallabag/
exec su -c "bin/console doctrine:migrations:migrate --env=prod --no-interaction" -s /bin/sh nobody
fi

170
root/etc/ansible/entrypoint.yml
View File

@ -1,170 +0,0 @@
---
- hosts: localhost
remote_user: root
vars:
database_driver: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_DRIVER')|default('pdo_sqlite', true) }}"
database_host: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_HOST')|default('127.0.0.1', true) }}"
database_name: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_NAME')|default('symfony', true) }}"
database_password: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_PASSWORD')|default('~', true) }}"
database_port: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_PORT')|default('~', true) }}"
database_root_password_mariadb: "{{ lookup('env', 'MYSQL_ROOT_PASSWORD') }}"
database_root_user_postgres: "{{ lookup('env', 'POSTGRES_USER') }}"
database_root_password_postgres: "{{ lookup('env', 'POSTGRES_PASSWORD') }}"
database_user: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_USER')|default('root', true) }}"
database_charset: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_CHARSET')|default('utf8', true) }}"
populate_database: "{{ lookup('env', 'POPULATE_DATABASE')|default(True, true) }}"
locale: "{{ lookup('env', 'SYMFONY__ENV__LOCALE')|default('en', true) }}"
secret: "{{ lookup('env', 'SYMFONY__ENV__SECRET')|default('ovmpmAWXRCabNlMgzlzFXDYmCFfzGv', true) }}"
mailer_transport: "{{ lookup('env', 'SYMFONY__ENV__MAILER_TRANSPORT')|default('smtp', true) }}"
mailer_host: "{{ lookup('env', 'SYMFONY__ENV__MAILER_HOST')|default('127.0.0.1', true) }}"
mailer_user: "{{ lookup('env', 'SYMFONY__ENV__MAILER_USER')|default('~', true) }}"
mailer_password: "{{ lookup('env', 'SYMFONY__ENV__MAILER_PASSWORD')|default('~', true) }}"
mailer_port: "{{ lookup('env', 'SYMFONY__ENV__MAILER_PORT')|default('25', true) }}"
mailer_encryption: "{{ lookup('env', 'SYMFONY__ENV__MAILER_ENCRYPTION')|default('~', true) }}"
mailer_auth_mode: "{{ lookup('env', 'SYMFONY__ENV__MAILER_AUTH_MODE')|default('~', true) }}"
from_email: "{{ lookup('env', 'SYMFONY__ENV__FROM_EMAIL')|default('wallabag@example.com', true) }}"
twofactor_auth: "{{ lookup('env', 'SYMFONY__ENV__TWOFACTOR_AUTH')|default('true', true) }}"
twofactor_sender: "{{ lookup('env', 'SYMFONY__ENV__TWOFACTOR_SENDER')|default('no-reply@wallabag.org', true) }}"
registration: "{{ lookup('env', 'SYMFONY__ENV__FOSUSER_REGISTRATION')|default('true', true) }}"
registration_mail_confirmation: "{{ lookup('env', 'SYMFONY__ENV__FOSUSER_CONFIRMATION')|default('true', true) }}"
domain_name: "{{ lookup('env', 'SYMFONY__ENV__DOMAIN_NAME')|default('https://your-wallabag-url-instance.com', true) }}"
redis_scheme: "{{ lookup('env', 'SYMFONY__ENV__REDIS_SCHEME')|default('tcp', true) }}"
redis_host: "{{ lookup('env', 'SYMFONY__ENV__REDIS_HOST')|default('redis', true) }}"
redis_port: "{{ lookup('env', 'SYMFONY__ENV__REDIS_PORT')|default('6379', true) }}"
redis_path: "{{ lookup('env', 'SYMFONY__ENV__REDIS_PATH')|default('~', true) }}"
redis_password: "{{ lookup('env', 'SYMFONY__ENV__REDIS_PASSWORD')|default('~', true) }}"
sentry_dsn: "{{ lookup('env', 'SYMFONY__ENV__SENTRY_DSN')|default('~', true) }}"
server_name: "{{ lookup('env', 'SYMFONY__ENV__SERVER_NAME')|default('Your wallabag instance', true) }}"
tasks:
- name: needed dirs
file:
path={{ item }}
state=directory
with_items:
- /var/www/wallabag/app
- /var/www/wallabag/app/config
- /var/www/wallabag/data
- /var/www/wallabag/data/assets
- /var/www/wallabag/data/db
notify: chown dir
tags:
- firstrun
- name: write parameters.yml
template:
src=templates/parameters.yml.j2
dest=/var/www/wallabag/app/config/parameters.yml
- stat:
path=/var/www/wallabag/data/db/wallabag.sqlite
register: wallabag_sqlite_db
when: database_driver == 'pdo_sqlite'
- name: notify install for sqlite
debug:
msg='notify installation script if sqlite db does not exist'
changed_when: true
notify: run install
when: (database_driver == 'pdo_sqlite') and
(wallabag_sqlite_db.stat.exists == False)
- name: wait for db container
wait_for:
host="{{ database_host }}"
port="{{ database_port }}"
when: (database_driver == 'pdo_mysql') or
(database_driver == 'pdo_pgsql')
- name: add mariadb db
mysql_db:
name="{{ database_name }}"
state=present
login_host="{{ database_host }}"
login_port={{ database_port }}
login_user=root
login_password="{{ database_root_password_mariadb }}"
encoding="utf8mb4"
notify: run install
when: (database_driver == 'pdo_mysql') and
(populate_database == True)
tags:
- firstrun
- name: add mariadb user
mysql_user:
name="{{ database_user }}"
host=%
password="{{ database_password }}"
priv={{ database_name }}.*:ALL
login_host="{{ database_host }}"
login_port={{ database_port }}
login_user=root
login_password="{{ database_root_password_mariadb }}"
state=present
when: (database_driver == 'pdo_mysql') and
(database_user != 'root') and
(populate_database == True)
tags:
- firstrun
- name: postgresql db
postgresql_db:
name="{{ database_name }}"
state=present
login_host="{{ database_host }}"
port={{ database_port }}
login_user="{{ database_root_user_postgres }}"
login_password="{{ database_root_password_postgres }}"
notify: run install
when: (database_driver == 'pdo_pgsql') and
(populate_database == True)
tags:
- firstrun
- name: add postgresql user
postgresql_user:
name="{{ database_user }}"
password="{{ database_password }}"
encrypted=true
db={{ database_name }}
priv=ALL
login_host="{{ database_host }}"
port={{ database_port }}
login_user="{{ database_root_user_postgres }}"
login_password="{{ database_root_password_postgres }}"
state=present
when: (database_driver == 'pdo_pgsql') and
(database_user != 'postgres') and
(populate_database == True)
tags:
- firstrun
- name: remove cache
file:
path=/var/www/wallabag/var/cache
state=absent
- name: run composer
shell: SYMFONY_ENV=prod composer install --no-dev -o --prefer-dist
args:
chdir: /var/www/wallabag
notify: chown dir
handlers:
- name: run install
shell: php bin/console wallabag:install --env=prod -n
args:
chdir: /var/www/wallabag
notify: chown dir
- name: chown dir
file:
path=/var/www/wallabag
recurse=yes
owner=nobody
group=nobody

2
root/etc/ansible/hosts
View File

@ -1,2 +0,0 @@
[localhost]
localhost

63
root/etc/ansible/templates/parameters.yml.j2
View File

@ -1,63 +0,0 @@
parameters:
database_driver: {{ database_driver }}
database_host: {{ database_host }}
database_port: {{ database_port }}
database_name: {{ database_name }}
database_user: {{ database_user }}
database_password: {{ database_password }}
database_path: "%kernel.root_dir%/../data/db/wallabag.sqlite"
database_table_prefix: wallabag_
database_socket: null
database_charset: {{ database_charset }}
domain_name: {{ domain_name }}
mailer_transport: {{ mailer_transport }}
mailer_user: {{ mailer_user }}
mailer_password: {{ mailer_password }}
mailer_host: {{ mailer_host }}
mailer_port: {{ mailer_port }}
mailer_encryption: {{ mailer_encryption }}
mailer_auth_mode: {{ mailer_auth_mode }}
locale: {{ locale }}
# A secret key that's used to generate certain security-related tokens
secret: {{ secret }}
# two factor stuff
twofactor_auth: {{ twofactor_auth }}
twofactor_sender: {{ twofactor_sender }}
# fosuser stuff
fosuser_registration: {{ registration }}
fosuser_confirmation: {{ registration_mail_confirmation }}
# how long the access token should live in seconds for the API
fos_oauth_server_access_token_lifetime: 3600
# how long the refresh token should life in seconds for the API
fos_oauth_server_refresh_token_lifetime: 1209600
from_email: {{ from_email }}
rss_limit: 50
# RabbitMQ processing
rabbitmq_host: localhost
rabbitmq_port: 5672
rabbitmq_user: guest
rabbitmq_password: guest
rabbitmq_prefetch_count: 10
# Redis processing
redis_scheme: {{ redis_scheme }}
redis_host: {{ redis_host }}
redis_port: {{ redis_port }}
redis_path: {{ redis_path }}
redis_password: {{ redis_password }}
# sentry logging
sentry_dsn: {{ sentry_dsn }}
# User-friendly name of your instance for 2FA issuer
server_name: {{ server_name }}

2
root/etc/nginx/fastcgi_params
View File

@ -10,7 +10,7 @@ fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param HTTPS $fe_https;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;

6
root/etc/nginx/nginx.conf
View File

@ -25,6 +25,10 @@ http {
open_file_cache max=100;
client_max_body_size 100M;
map $http_x_forwarded_proto $fe_https {
default $https;
https on;
}
upstream php-upstream {
server 127.0.0.1:9000;
@ -32,6 +36,7 @@ http {
server {
listen 80;
listen [::0]:80;
server_name _;
root /var/www/wallabag/web;
@ -53,6 +58,7 @@ http {
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
fastcgi_read_timeout 300s;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/app.php/some-path
# Remove the internal directive to allow URIs like this

0
root/etc/php7/php-fpm.conf → root/etc/php81/php-fpm.conf
View File

1353
root/etc/php7/php.ini → root/etc/php81/php.ini
View File

File diff suppressed because it is too large Load Diff

2
root/etc/s6/php-fpm/run
View File

@ -1,3 +1,3 @@
#!/bin/sh
exec php-fpm7 -F
exec php-fpm -F

56
root/etc/wallabag/parameters.template.yml Normal file
View File

@ -0,0 +1,56 @@
parameters:
database_driver: ${SYMFONY__ENV__DATABASE_DRIVER:-pdo_sqlite}
database_host: ${SYMFONY__ENV__DATABASE_HOST:-127.0.0.1}
database_port: ${SYMFONY__ENV__DATABASE_PORT:-~}
database_name: ${SYMFONY__ENV__DATABASE_NAME:-symfony}
database_user: ${SYMFONY__ENV__DATABASE_USER:-root}
database_password: ${SYMFONY__ENV__DATABASE_PASSWORD:-~}
database_path: "%kernel.project_dir%/data/db/wallabag.sqlite"
database_table_prefix: ${SYMFONY__ENV__DATABASE_TABLE_PREFIX:-wallabag_}
database_socket: null
database_charset: ${SYMFONY__ENV__DATABASE_CHARSET:-utf8}
domain_name: ${SYMFONY__ENV__DOMAIN_NAME:-https://your-wallabag-instance.wallabag.org}
mailer_dsn: ${SYMFONY__ENV__MAILER_DSN:-smtp://127.0.0.1}
locale: ${SYMFONY__ENV__LOCALE:-en}
# A secret key that's used to generate certain security-related tokens
secret: ${SYMFONY__ENV__SECRET:-ovmpmAWXRCabNlMgzlzFXDYmCFfzGv}
# two factor stuff
twofactor_sender: ${SYMFONY__ENV__TWOFACTOR_SENDER:-no-reply@wallabag.org}
# fosuser stuff
fosuser_registration: ${SYMFONY__ENV__FOSUSER_REGISTRATION:-false}
fosuser_confirmation: ${SYMFONY__ENV__FOSUSER_CONFIRMATION:-true}
# how long the access token should live in seconds for the API
fos_oauth_server_access_token_lifetime: 3600
# how long the refresh token should life in seconds for the API
fos_oauth_server_refresh_token_lifetime: 1209600
from_email: ${SYMFONY__ENV__FROM_EMAIL:-no-reply@wallabag.org}
rss_limit: 50
# RabbitMQ processing
rabbitmq_host: localhost
rabbitmq_port: 5672
rabbitmq_user: guest
rabbitmq_password: guest
rabbitmq_prefetch_count: 10
# Redis processing
redis_scheme: ${SYMFONY__ENV__REDIS_SCHEME:-tcp}
redis_host: ${SYMFONY__ENV__REDIS_HOST:-redis}
redis_port: ${SYMFONY__ENV__REDIS_PORT:-6379}
redis_path: ${SYMFONY__ENV__REDIS_PATH:-~}
redis_password: ${SYMFONY__ENV__REDIS_PASSWORD:-~}
# Sentry
sentry_dsn: ${SYMFONY__ENV__SENTRY_DSN:-~}
# User-friendly name of your instance for 2FA issuer
server_name: ${SYMFONY__ENV__SERVER_NAME:-"Your wallabag instance"}

1
root/etc/wallabag/php-wallabag.template.ini Normal file
View File

@ -0,0 +1 @@
memory_limit = ${PHP_MEMORY_LIMIT:-128M}

63
root/var/www/wallabag/app/config/parameters.yml
View File

@ -1,63 +0,0 @@
parameters:
database_driver: pdo_sqlite
database_host: 127.0.0.1
database_port: ~
database_name: symfony
database_user: root
database_password: ~
database_path: "%kernel.root_dir%/../data/db/wallabag.sqlite"
database_table_prefix: wallabag_
database_socket: null
database_charset: utf8
domain_name: https://your-wallabag-url-instance.com
mailer_transport: smtp
mailer_user: ~
mailer_password: ~
mailer_host: 127.0.0.1
mailer_port: false
mailer_encryption: ~
mailer_auth_mode: ~
locale: en
# A secret key that's used to generate certain security-related tokens
secret: ovmpmAWXRCabNlMgzlzFXDYmCFfzGv
# two factor stuff
twofactor_auth: true
twofactor_sender: no-reply@wallabag.org
# fosuser stuff
fosuser_registration: true
fosuser_confirmation: true
# how long the access token should live in seconds for the API
fos_oauth_server_access_token_lifetime: 3600
# how long the refresh token should life in seconds for the API
fos_oauth_server_refresh_token_lifetime: 1209600
from_email: no-reply@wallabag.org
rss_limit: 50
# RabbitMQ processing
rabbitmq_host: localhost
rabbitmq_port: 5672
rabbitmq_user: guest
rabbitmq_password: guest
rabbitmq_prefetch_count: 10
# Redis processing
redis_scheme: tcp
redis_host: localhost
redis_port: 6379
redis_path: null
redis_password: null
# sentry logging
sentry_dsn: ~
# User-friendly name of your instance for 2FA issuer
server_name: Your wallabag instance

2
tests/docker-compose.mariadb.yml
View File

@ -18,6 +18,6 @@ services:
- "127.0.0.1:80:80"
db:
image: mariadb
command: mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --character-set-client-handshake=FALSE
command: mariadbd --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --character-set-client-handshake=FALSE
environment:
- MYSQL_ROOT_PASSWORD=wallaroot

2
tests/docker-compose.sqlite.yml
View File

@ -11,7 +11,7 @@ services:
- SYMFONY__ENV__DATABASE_PORT=~
- SYMFONY__ENV__DATABASE_NAME=symfony
- SYMFONY__ENV__DATABASE_USER=root
- SYMFONY__ENV_DATABASE_PASSWORD=~
- SYMFONY__ENV__DATABASE_PASSWORD=~
- SYMFONY__ENV__SECRET=F00B4R
ports:
- "127.0.0.1:80:80"

53
tests/test_login.py
View File

@ -1,24 +1,63 @@
import pytest
import re
import requests
import os
from requests.exceptions import ConnectionError
URL = 'http://127.0.0.1:80'
@pytest.fixture(scope="session")
def database(pytestconfig):
return pytestconfig.getoption("database")
def is_responsive(url):
try:
response = requests.get(url)
if response.status_code == 200:
return True
except ConnectionError:
return False
def test_accessing_login_page():
r = requests.get(URL, allow_redirects=True)
@pytest.fixture(scope="session")
def docker_compose_project_name(database):
return "wallabag_{}".format(database)
@pytest.fixture(scope="session")
def docker_cleanup():
"""Disable docker cleanup at the end of tests to get logs outside of pytest"""
return False
@pytest.fixture(scope="session")
def docker_compose_command() -> str:
return "docker compose"
@pytest.fixture(scope="session")
def docker_compose_file(pytestconfig, database):
return os.path.join(str(pytestconfig.rootdir), "tests/", "docker-compose.{}.yml".format(database))
@pytest.fixture(scope="session")
def wallabag_service(docker_ip, docker_services):
"""Ensure that wallabag service is up and responsive"""
# `port_for` takes a container port and returns the corresponding host port
port = docker_services.port_for("wallabag", 80)
url = "http://{}:{}".format(docker_ip, port)
docker_services.wait_until_responsive(
timeout=60.0, pause=0.5, check=lambda: is_responsive(url)
)
return url
def test_accessing_login_page(wallabag_service):
r = requests.get(wallabag_service, allow_redirects=True)
assert r.status_code == 200
assert 'Log in' in r.text
assert 'Password' in r.text
assert 'Register' in r.text
assert 'Username' in r.text
def test_logging_in():
def test_logging_in(wallabag_service):
client = requests.session()
r = client.get(URL, allow_redirects=True)
r = client.get(wallabag_service, allow_redirects=True)
jar = r.cookies
# get csrf token
@ -39,7 +78,7 @@ def test_logging_in():
'_csrf_token': csrf
}
r = client.post(URL + '/login_check', cookies=jar, data=data)
r = client.post(wallabag_service + '/login_check', cookies=jar, data=data)
assert r.status_code == 200
assert '/unread/list' in r.text
assert '/starred/list' in r.text