3 Commits
6e91c1cb2c
...
1816b2f32c
Author | SHA1 | Message | Date |
---|---|---|---|
Valentin Lab | 1816b2f32c |
fix: [monujo] allow installation of version 1.0.0
The source repository was not selected correctly because of ``sort -V`` failing to sort semantic versions. |
4 days ago |
Valentin Lab | 413dfa378a |
new: [bluesky] add verify email capability through smtp relation
|
1 week ago |
Valentin Lab | acc2b7c9d7 |
new: [bluesky] new charm
|
1 week ago |
7 changed files with 306 additions and 4 deletions
-
114bluesky/actions/new-invite
-
7bluesky/hooks/init
-
61bluesky/hooks/smtp_server-relation-joined
-
12bluesky/hooks/web_proxy-relation-joined
-
67bluesky/lib/common
-
38bluesky/metadata.yml
-
11monujo/lib/common
@ -0,0 +1,114 @@ |
|||||
|
#!/bin/bash |
||||
|
## compose: no-hooks |
||||
|
|
||||
|
if [ -z "$SERVICE_DATASTORE" ]; then |
||||
|
echo "This script is meant to be run through 'compose' to work properly." >&2 |
||||
|
exit 1 |
||||
|
fi |
||||
|
|
||||
|
|
||||
|
. $CHARM_PATH/lib/common |
||||
|
|
||||
|
|
||||
|
version=0.1 |
||||
|
usage="$exname [-h|--help]" |
||||
|
help=" |
||||
|
USAGE: |
||||
|
|
||||
|
$usage |
||||
|
|
||||
|
DESCRIPTION: |
||||
|
|
||||
|
Request an invite code. |
||||
|
|
||||
|
EXAMPLES: |
||||
|
|
||||
|
$exname |
||||
|
|
||||
|
" |
||||
|
|
||||
|
|
||||
|
dbname= |
||||
|
neutralize= |
||||
|
while [ "$1" ]; do |
||||
|
case "$1" in |
||||
|
"--help"|"-h") |
||||
|
print_help >&2 |
||||
|
exit 0 |
||||
|
;; |
||||
|
--*|-*) |
||||
|
err "Unexpected optional argument '$1'" |
||||
|
print_usage >&2 |
||||
|
exit 1 |
||||
|
;; |
||||
|
*) |
||||
|
err "Unexpected positional argument '$1'" |
||||
|
print_usage >&2 |
||||
|
exit 1 |
||||
|
;; |
||||
|
esac |
||||
|
shift |
||||
|
done |
||||
|
|
||||
|
|
||||
|
set -e |
||||
|
|
||||
|
. "$PDS_ENV_FILE" |
||||
|
|
||||
|
|
||||
|
curl_opts=() |
||||
|
|
||||
|
service_def=$(get_compose_service_def "$SERVICE_NAME") |
||||
|
|
||||
|
containers="$(get_running_containers_for_service "$SERVICE_NAME")" |
||||
|
if [ -z "$containers" ]; then |
||||
|
err "No containers running for service $DARKYELLOW$SERVICE_NAME$NORMAL." |
||||
|
exit 1 |
||||
|
fi |
||||
|
|
||||
|
if [ "$(echo "$containers" | wc -l)" -gt 1 ]; then |
||||
|
err "More than 1 container running for service $DARKYELLOW$SERVICE_NAME$NORMAL." |
||||
|
echo " Please contact administrator to fix this issue." >&2 |
||||
|
exit 1 |
||||
|
fi |
||||
|
|
||||
|
container="$(echo "$containers" | head -n 1)" |
||||
|
|
||||
|
container_network_ip=$(get_healthy_container_ip_for_service "$SERVICE_NAME" 3000 4) || { |
||||
|
err "Please ensure that $DARKYELLOW$service$NORMAL is running before using '$exname'." |
||||
|
exit 1 |
||||
|
} |
||||
|
|
||||
|
container_ip=${container_network_ip##*:} |
||||
|
container_network=${container_network_ip%%:*} |
||||
|
|
||||
|
|
||||
|
DEFAULT_CURL_IMAGE=${DEFAULT_CURL_IMAGE:-docker.0k.io/curl} |
||||
|
|
||||
|
cmd=( |
||||
|
docker run -i --rm --network "$container_network" |
||||
|
"$DEFAULT_CURL_IMAGE" |
||||
|
--fail \ |
||||
|
--silent \ |
||||
|
--show-error \ |
||||
|
--request POST \ |
||||
|
--user "admin:${PDS_ADMIN_PASSWORD}" \ |
||||
|
--header "Content-Type: application/json" \ |
||||
|
--data '{"useCount": 1}' \ |
||||
|
"http://${container_ip}:3000/xrpc/com.atproto.server.createInviteCode" |
||||
|
) |
||||
|
|
||||
|
## XXXvlab: contains password, left only for advanced debug |
||||
|
#echo "COMMAND: ${cmd[@]}" >&2 |
||||
|
|
||||
|
if ! out=$("${cmd[@]}"); then |
||||
|
err "Failed to request an invite code." |
||||
|
echo " $out" | prefix " $GRAY|$NORMAL " >&2 |
||||
|
exit 1 |
||||
|
fi |
||||
|
|
||||
|
e "$out" | jq -r '.code' || { |
||||
|
err "Failed to parse invite code from response." |
||||
|
echo " $out" | prefix " $GRAY|$NORMAL " >&2 |
||||
|
exit 1 |
||||
|
} |
@ -0,0 +1,7 @@ |
|||||
|
#!/bin/bash |
||||
|
|
||||
|
. lib/common |
||||
|
|
||||
|
set -e |
||||
|
|
||||
|
bluesky:init |
@ -0,0 +1,61 @@ |
|||||
|
#!/bin/bash |
||||
|
|
||||
|
set -e |
||||
|
|
||||
|
host=$(relation-get host) |
||||
|
port=$(relation-get port) |
||||
|
connection_security=$(relation-get connection-security) |
||||
|
auth_method=$(relation-get auth-method) |
||||
|
|
||||
|
opts=() |
||||
|
declare -A ENV |
||||
|
case "$connection_security" in |
||||
|
"none") |
||||
|
url+="smtp://" |
||||
|
opts+=( |
||||
|
"ignoreTLS=true" |
||||
|
"secure=false" |
||||
|
) |
||||
|
;; |
||||
|
"ssl/tls") |
||||
|
url+="smtps://" |
||||
|
;; |
||||
|
*) |
||||
|
error "Unsupported connection security: $connection_security" |
||||
|
exit 1 |
||||
|
;; |
||||
|
esac |
||||
|
case "$auth_method" in |
||||
|
"none") |
||||
|
: |
||||
|
;; |
||||
|
"password") |
||||
|
login=$(relation-get login) || true |
||||
|
password=$(relation-get password) || true |
||||
|
url+="$login:$password@" |
||||
|
;; |
||||
|
*) |
||||
|
error "Unsupported auth method: $auth_method" |
||||
|
exit 1 |
||||
|
;; |
||||
|
esac |
||||
|
|
||||
|
url+="$host:$port/" |
||||
|
|
||||
|
first=1 |
||||
|
for opt in "${opts[@]}"; do |
||||
|
if [ $first -eq 1 ]; then |
||||
|
url+="?" |
||||
|
first=0 |
||||
|
else |
||||
|
url+="&" |
||||
|
fi |
||||
|
url+="$opt" |
||||
|
done |
||||
|
|
||||
|
config-add "\ |
||||
|
services: |
||||
|
$MASTER_BASE_SERVICE_NAME: |
||||
|
environment: |
||||
|
PDS_EMAIL_SMTP_URL: \"$url\" |
||||
|
" |
@ -0,0 +1,12 @@ |
|||||
|
#!/bin/bash |
||||
|
|
||||
|
set -e |
||||
|
|
||||
|
DOMAIN=$(relation-get domain) || exit 1 |
||||
|
|
||||
|
config-add "\ |
||||
|
services: |
||||
|
$MASTER_BASE_SERVICE_NAME: |
||||
|
environment: |
||||
|
PDS_HOSTNAME: $DOMAIN |
||||
|
" |
@ -0,0 +1,67 @@ |
|||||
|
# -*- mode: shell-script -*- |
||||
|
|
||||
|
PDS_LOCAL_DATADIR=/var/lib/bluesky |
||||
|
PDS_DATADIR="$SERVICE_DATASTORE$PDS_LOCAL_DATADIR" |
||||
|
PDS_ENV_FILE="$PDS_DATADIR/.env" |
||||
|
|
||||
|
|
||||
|
bluesky:init() { |
||||
|
local admin_password |
||||
|
init-config-add " |
||||
|
$SERVICE_NAME: |
||||
|
env_file: |
||||
|
- \"$PDS_ENV_FILE\" |
||||
|
" |
||||
|
|
||||
|
[ -e "$PDS_ENV_FILE" ] && return |
||||
|
|
||||
|
admin_password=$(password:get admin internal) || { |
||||
|
err "Failed to get admin password" >&2 |
||||
|
return 1 |
||||
|
} |
||||
|
mkdir -p "${PDS_ENV_FILE%/*}" |
||||
|
|
||||
|
if ! plc_key=$(openssl ecparam --name secp256k1 --genkey --noout --outform DER 2>&1); then |
||||
|
err "Failed to generate PLC key" >&2 |
||||
|
e "$plc_key" | prefix " $GRAY|$NORMAL " >&2 |
||||
|
return 1 |
||||
|
fi |
||||
|
if ! plc_key=$(set -o pipefail |
||||
|
echo "$plc_key" | |
||||
|
tail --bytes=+8 | |
||||
|
head --bytes=32 | |
||||
|
xxd --plain --cols 32 2>&1 |
||||
|
); then |
||||
|
err "Failed to extract PLC key" >&2 |
||||
|
e "$plc_key" | prefix " $GRAY|$NORMAL " >&2 |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! jwt_secret=$(openssl rand -hex 16); then |
||||
|
err "Failed to generate JWT secret" >&2 |
||||
|
e "$jwt_secret" | prefix " $GRAY|$NORMAL " >&2 |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
cat > "$PDS_ENV_FILE" <<EOF |
||||
|
PDS_JWT_SECRET=${jwt_secret} |
||||
|
PDS_ADMIN_PASSWORD=${admin_password} |
||||
|
PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=${plc_key} |
||||
|
PDS_DATA_DIRECTORY=${PDS_LOCAL_DATADIR} |
||||
|
PDS_BLOBSTORE_DISK_LOCATION=${PDS_LOCAL_DATADIR}/blocks |
||||
|
PDS_BLOB_UPLOAD_LIMIT=52428800 |
||||
|
|
||||
|
PDS_DID_PLC_URL=https://plc.directory |
||||
|
|
||||
|
PDS_BSKY_APP_VIEW_URL=https://api.bsky.app |
||||
|
PDS_BSKY_APP_VIEW_DID=did:web:api.bsky.app |
||||
|
|
||||
|
PDS_REPORT_SERVICE_URL=https://mod.bsky.app |
||||
|
PDS_REPORT_SERVICE_DID=did:plc:ar7c4by46qjdydhdevvrndac |
||||
|
|
||||
|
PDS_CRAWLERS=https://bsky.network |
||||
|
|
||||
|
LOG_ENABLED=true |
||||
|
EOF |
||||
|
|
||||
|
} |
@ -0,0 +1,38 @@ |
|||||
|
docker-image: docker.0k.io/bluesky:0.4.67 ## from: ghcr.io/bluesky-social/pds:0.4.67 |
||||
|
data-resources: |
||||
|
- /var/lib/bluesky |
||||
|
|
||||
|
docker-compose: |
||||
|
environment: |
||||
|
PDS_EMAIL_FROM_ADDRESS: "no-reply@no-domain.org" |
||||
|
|
||||
|
default-options: |
||||
|
uses: |
||||
|
web-proxy: |
||||
|
#constraint: required | recommended | optional |
||||
|
#auto: pair | summon | none ## default: pair |
||||
|
constraint: recommended |
||||
|
auto: pair |
||||
|
solves: |
||||
|
proxy: "Public access" |
||||
|
default-options: |
||||
|
target: !var-expand ${MASTER_BASE_SERVICE_NAME}:3000 |
||||
|
backup: |
||||
|
constraint: recommended |
||||
|
auto: pair |
||||
|
solves: |
||||
|
backup: "Automatic regular backup" |
||||
|
default-options: |
||||
|
## First pattern matching wins, no pattern matching includes. |
||||
|
## include-patterns are checked first, then exclude-patterns |
||||
|
## Patterns rules: |
||||
|
## - ending / for directory |
||||
|
## - '*' authorized |
||||
|
## - must start with a '/', will start from $SERVICE_DATASTORE |
||||
|
#exclude-patterns: |
||||
|
# - "/var/lib/odoo/sessions/" |
||||
|
smtp-server: |
||||
|
constraint: optional |
||||
|
auto: pair |
||||
|
solves: |
||||
|
mail: "verify email" |
Write
Preview
Loading…
Cancel
Save
Reference in new issue