Browse Source

new: [peertube,redis] new charms.

framadate
Valentin Lab 6 years ago
parent
commit
b4b6b36e64
  1. 2
      apache/lib/common
  2. 94
      peertube/README.org
  3. 20
      peertube/build/.env
  4. 100
      peertube/build/Dockerfile
  5. 26
      peertube/build/dbname.patch
  6. 73
      peertube/build/docker-compose.yml
  7. 87
      peertube/hooks/init
  8. 25
      peertube/hooks/postgres_database-relation-joined
  9. 24
      peertube/hooks/redis_database-relation-joined
  10. 22
      peertube/hooks/web_proxy-relation-joined
  11. 135
      peertube/metadata.yml
  12. 18
      redis/build/Dockerfile
  13. 59
      redis/hooks/init
  14. 12
      redis/hooks/redis_database-relation-joined
  15. 9
      redis/metadata.yml

2
apache/lib/common

@ -18,6 +18,7 @@ get_domain () {
apache_proxy_dir () {
DOMAIN=$(get_domain) || return 1
relation-set domain "$DOMAIN"
proxy=yes apache_vhost_create || return 1
info "Added $DOMAIN as a proxy to $TARGET."
}
@ -26,6 +27,7 @@ export -f apache_proxy_dir
apache_publish_dir () {
DOMAIN=$(get_domain) || return 1
relation-set domain "$DOMAIN"
DOCKER_SITE_PATH="/var/www/${DOMAIN}"
LOCATION=$(relation-get location 2>/dev/null) ||
LOCATION="$DATASTORE/$BASE_SERVICE_NAME$DOCKER_SITE_PATH"

94
peertube/README.org

@ -0,0 +1,94 @@
#+PROPERTY: Effort_ALL 0 0:30 1:00 2:00 0.5d 1d 1.5d 2d 3d 4d 5d
#+PROPERTY: Max_effort_ALL 0 0:30 1:00 2:00 0.5d 1d 1.5d 2d 3d 4d 5d
#+PROPERTY: header-args:python :var filename=(buffer-file-name)
#+PROPERTY: header-args:sh :var filename=(buffer-file-name)
#+TODO: TODO WIP BLOCKED | DONE CANCELED
#+LATEX_HEADER: \usepackage[margin=0.5in]{geometry}
#+LaTeX_CLASS: article
#+OPTIONS: H:8 ^:nil prop:("Effort" "Max_effort") tags:not-in-toc
#+COLUMNS: %50ITEM %Effort(Min Effort) %Max_effort(Max Effort)
#+begin_LaTeX
\hypersetup{
linkcolor=blue,
pdfborder={0 0 0 0}
}
#+end_LaTeX
#+TITLE: Peertube charm management
#+LATEX: \pagebreak
Keep information related to the usage and the development of the charm.
#+LATEX: \pagebreak
#+LATEX: \pagebreak
* Todos
** TODO Logrotatability
Peertube uses ``winston`` nodejs logging mecanism, and has what I
understand, hard-written transports to file:
Content of =server/helpers/logger.ts=
#+BEGIN_SRC ts
...
const logger = winston.createLogger({
level: CONFIG.LOG.LEVEL,
format: winston.format.combine(
labelFormatter,
winston.format.splat()
),
transports: [
new winston.transports.File({
filename: path.join(CONFIG.STORAGE.LOG_DIR, 'peertube.log'),
handleExceptions: true,
maxsize: 1024 * 1024 * 12,
maxFiles: 5,
format: winston.format.combine(
winston.format.timestamp(),
jsonLoggerFormat
)
}),
new winston.transports.Console({
handleExceptions: true,
format: winston.format.combine(
timestampFormatter,
winston.format.colorize(),
consoleLoggerFormat
)
})
],
exitOnError: true
})
#+END_SRC
This will ensure some part of the rotation. Which is bad.
We don't want peertube to manage the logs. So depending on what we
want to do in the future with the managing of logs, I'll need to patch
peertube to probably use only stdout, and/or send it to rsyslog.
For now, situation of log rotation with all charm is using logrotate,
but I know this might not be the perfect solution as I'd like to stick
to =logs are streams=, and avoid having to find mecanism of reloading
application after rotation.
A good solution would be to use the stdout/stderr of the application,
and have a generic solution using ``docker logs`` json output.
** TODO changing root password
This will probably require also a patch, as the password is set for
user 'root' automatically and is to be read in the logs (duh !).
We can't initialise the application (and ask for postgres table, and
root user to be created, then quit). So we can't do that in the
=hooks/init= script in a reasonable manner.
There is a special ``npm run reset-password`` with odd arguments that
can reset root password, only if database already populated.
I need a patch to simply set password from base server configuration.

20
peertube/build/.env

@ -0,0 +1,20 @@
PEERTUBE_DB_USERNAME=postgres_user
PEERTUBE_DB_PASSWORD=postgres_password
PEERTUBE_WEBSERVER_HOSTNAME=domain.tld
PEERTUBE_WEBSERVER_PORT=443
PEERTUBE_WEBSERVER_HTTPS=true
# If you need more than one IP as trust_proxy
# pass them as a comma separated array:
PEERTUBE_TRUST_PROXY=["127.0.0.1"]
#PEERTUBE_TRUST_PROXY=["127.0.0.1", "loopback", "192.168.1.0/24"]
PEERTUBE_SMTP_USERNAME=
PEERTUBE_SMTP_PASSWORD=
PEERTUBE_SMTP_HOSTNAME=postfix
PEERTUBE_SMTP_PORT=25
PEERTUBE_SMTP_FROM=noreply@domain.tld
PEERTUBE_SMTP_TLS=true
PEERTUBE_SMTP_DISABLE_STARTTLS=false
PEERTUBE_ADMIN_EMAIL=admin@domain.tld
# /!\ Prefer to use the PeerTube admin interface to set the following configurations /!\
#PEERTUBE_SIGNUP_ENABLED=true
#PEERTUBE_TRANSCODING_ENABLED=true

100
peertube/build/Dockerfile

@ -0,0 +1,100 @@
FROM alpine:3.7 AS common
RUN apk add gnupg ffmpeg
# Add peertube user
RUN addgroup -S peertube && \
adduser -S -G peertube -h /var/lib/peertube peertube
FROM common AS builder
##
## Download target release
##
ENV PEERTUBE_RELEASE=v1.1.0
RUN apk add wget
COPY ./*.patch /tmp
RUN mkdir -p /opt/apps/peertube && \
cd /opt/apps/peertube && \
wget https://github.com/Chocobozzz/PeerTube/releases/download/${PEERTUBE_RELEASE}/peertube-${PEERTUBE_RELEASE}.tar.xz && \
tar -xJf peertube-${PEERTUBE_RELEASE}.tar.xz && \
rm peertube-${PEERTUBE_RELEASE}.tar.xz && \
mv peertube-${PEERTUBE_RELEASE}/* . && \
rmdir peertube-${PEERTUBE_RELEASE} && \
cat /tmp/*.patch | patch -p1 && \
mkdir -p /etc/peertube /var/lib/peertube && \
ln -sf /var/lib/peertube /opt/apps/peertube/storage
RUN apk add yarn ## Build command
RUN apk add git build-base python bash ## Build deps
RUN chown -R peertube:peertube /opt/apps/peertube
USER peertube
RUN cd /opt/apps/peertube && \
yarn install --production --pure-lockfile && \
yarn cache clean
## XXXvlab: without this in current docker version, it'll
## permeate in next image to be built.
USER root
# RUN apk add nodejs yarn
#
## Source build (very long)
#
# ## To download source
# RUN apk add git
# RUN git clone https://github.com/chocobozzz/PeerTube /tmp/peertube --depth 1
# ## for installation of dependencies
# RUN apk add build-base python
# RUN cd /tmp/peertube && \
# yarn install --pure-lockfile
# ## for scripts run by ``npm run build``
# RUN apk add bash
# RUN cd /tmp/peertube && \
# npm run build
# RUN cd /tmp/peertube && \
# rm -r ./node_modules ./client/node_modules && \
# yarn install --pure-lockfile --production && \
# yarn cache clean
FROM common
# Install PeerTube
COPY --from=builder /opt/apps/peertube /opt/apps/peertube
# RUN mkdir -p /var/lib/peertube /etc/peertube && \
# chown -R peertube:peertube /var/lib/peertube /etc/peertube
# ENV PEERTUBE_APP_DIR=/opt/apps/peertube
# ENV PEERTUBE_DATA_DIR=/var/lib/peertube
## This is important to set config dir of peertube
ENV NODE_CONFIG_DIR=/etc/peertube
ENV NODE_ENV=prod
VOLUME /var/lib/peertube
VOLUME /etc/peertube
EXPOSE 9000
RUN apk add nodejs-npm
## runtime deps
RUN apk add openssl
USER peertube
WORKDIR /opt/apps/peertube
CMD ["npm", "start"]

26
peertube/build/dbname.patch

@ -0,0 +1,26 @@
diff --git a/dist/server/initializers/checker-before-init.js b/dist/server/initializers/checker-before-init.js
index 7ff18d0..c75dff2 100644
--- a/dist/server/initializers/checker-before-init.js
+++ b/dist/server/initializers/checker-before-init.js
@@ -15,7 +15,7 @@ function checkMissedConfig() {
const required = ['listen.port', 'listen.hostname',
'webserver.https', 'webserver.hostname', 'webserver.port',
'trust_proxy',
- 'database.hostname', 'database.port', 'database.suffix', 'database.username', 'database.password', 'database.pool.max',
+ 'database.hostname', 'database.port', 'database.dbname', 'database.username', 'database.password', 'database.pool.max',
'smtp.hostname', 'smtp.port', 'smtp.username', 'smtp.password', 'smtp.tls', 'smtp.from_address',
'storage.avatars', 'storage.videos', 'storage.logs', 'storage.previews', 'storage.thumbnails', 'storage.torrents', 'storage.cache',
'log.level',
diff --git a/dist/server/initializers/constants.js b/dist/server/initializers/constants.js
index d5a3350..7efaabd 100644
--- a/dist/server/initializers/constants.js
+++ b/dist/server/initializers/constants.js
@@ -143,7 +143,7 @@ const CONFIG = {
HOSTNAME: config.get('listen.hostname')
},
DATABASE: {
- DBNAME: 'peertube' + config.get('database.suffix'),
+ DBNAME: config.get('database.dbname'),
HOSTNAME: config.get('database.hostname'),
PORT: config.get('database.port'),
USERNAME: config.get('database.username'),

73
peertube/build/docker-compose.yml

@ -0,0 +1,73 @@
version: "3.3"
services:
reverse-proxy:
image: traefik
command: --docker # Tells Træfik to listen to docker
ports:
- "80:80" # The HTTP port
- "443:443" # The HTTPS port
volumes:
- /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
- ./docker-volume/traefik/acme.json:/etc/acme.json
- ./docker-volume/traefik/traefik.toml:/traefik.toml
restart: "always"
# If you want to use the Traefik dashboard, you should expose it on a
# subdomain with HTTPS and authentification:
# https://medium.com/@xavier.priour/secure-traefik-dashboard-with-https-and-password-in-docker-5b657e2aa15f
# https://github.com/containous/traefik/issues/880#issuecomment-310301168
peertube:
# If you don't want to use the official image and build one from sources
# build:
# context: .
# dockerfile: ./support/docker/production/Dockerfile.stretch
image: chocobozzz/peertube:production-stretch
env_file:
- .env
# Traefik labels are suggested as an example for people using Traefik,
# remove them if you are using another reverse proxy.
labels:
traefik.enable: "true"
traefik.frontend.rule: "Host:${PEERTUBE_WEBSERVER_HOSTNAME}"
traefik.port: "9000"
# If you don't want to use a reverse proxy (not suitable for production!)
# ports:
# - "80:9000"
volumes:
- ./docker-volume/data:/data
- ./docker-volume/config:/config
depends_on:
- postgres
- redis
- postfix
restart: "always"
postgres:
image: postgres:10-alpine
environment:
POSTGRES_USER: ${PEERTUBE_DB_USERNAME}
POSTGRES_PASSWORD: ${PEERTUBE_DB_PASSWORD}
POSTGRES_DB: peertube
volumes:
- ./docker-volume/db:/var/lib/postgresql/data
restart: "always"
labels:
traefik.enable: "false"
redis:
image: redis:4-alpine
volumes:
- ./docker-volume/redis:/data
restart: "always"
labels:
traefik.enable: "false"
postfix:
image: mwader/postfix-relay
environment:
- POSTFIX_myhostname=${PEERTUBE_WEBSERVER_HOSTNAME}
labels:
traefik.enable: "false"
restart: "always"

87
peertube/hooks/init

@ -0,0 +1,87 @@
#!/bin/bash
## Init is run on host
## For now it is run every time the script is launched, but
## it should be launched only once after build.
## Accessible variables are:
## - SERVICE_NAME Name of current service
## - DOCKER_BASE_IMAGE Base image from which this service might be built if any
## - SERVICE_DATASTORE Location on host of the DATASTORE of this service
## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service
set -e
peertube_uid=$(docker_get_uid "$SERVICE_NAME" "peertube")
PEERTUBE_APP_DIR=/opt/apps/peertube
PEERTUBE_DATA_DIR=/var/lib/peertube
PEERTUBE_LOG_DIR=/var/log/peertube
PEERTUBE_CACHE_DIR=/var/cache/peertube
PEERTUBE_CONFIG_DIR=/etc/peertube
HOST_CONFIG_DIR=$SERVICE_CONFIGSTORE/$PEERTUBE_CONFIG_DIR
HOST_DATA_DIR=$SERVICE_DATASTORE/$PEERTUBE_DATA_DIR
mkdir -p "$HOST_CONFIG_DIR"
## Always copy default and custom env configuration file, in cases where new keys were added
ln -sf "$PEERTUBE_APP_DIR"/config/default.yaml "$HOST_CONFIG_DIR"
cat <<EOF > "$HOST_CONFIG_DIR/local.yaml"
listen:
hostname: '0.0.0.0'
port: 9000
storage:
avatars: '$PEERTUBE_DATA_DIR/avatars/'
videos: '$PEERTUBE_DATA_DIR/videos/'
redundancy: '$PEERTUBE_DATA_DIR/redundancy/'
previews: '$PEERTUBE_DATA_DIR/previews/'
thumbnails: '$PEERTUBE_DATA_DIR/thumbnails/'
torrents: '$PEERTUBE_DATA_DIR/torrents/'
captions: '$PEERTUBE_DATA_DIR/captions/'
logs: '/var/log/peertube/'
cache: '/var/cache/peertube/'
tmp: '/var/tmp/peertube/'
EOF
VALID_SECTION=(
instance services import transcoding
user signup admin cache redundancy
trending search log
)
for section in "${VALID_SECTION[@]}"; do
if val=$(options-get "$section" 2>/dev/null); then
yaml_key_val_str "$section" "$val"
fi
done >> "$HOST_CONFIG_DIR/local.yaml"
if ! [ -e "$HOST_DATA_DIR/config.json" ]; then
touch "$HOST_DATA_DIR/config.json"
fi
ln -sf "$PEERTUBE_DATA_DIR"/config.json "$HOST_CONFIG_DIR/local-prod.json"
dirs=(/var/tmp/peertube /var/cache/peertube
"$PEERTUBE_CACHE_DIR" "$PEERTUBE_LOG_DIR" "$PEERTUBE_DATA_DIR")
host_dirs=()
for dir in "${dirs[@]}"; do
host_dirs+=("$SERVICE_DATASTORE$dir")
done
mkdir -p "${host_dirs[@]}"
find "${host_dirs[@]}" \! -user "$peertube_uid" \
-exec chown -v "$peertube_uid" {} + || true
true

25
peertube/hooks/postgres_database-relation-joined

@ -0,0 +1,25 @@
#!/bin/bash
set -e
PEERTUBE_CONFIG_DIR=/etc/peertube
HOST_CONFIG_DIR=$SERVICE_CONFIGSTORE/$PEERTUBE_CONFIG_DIR
PASSWORD="$(relation-get password)"
USER="$(relation-get user)"
DBNAME="$(relation-get dbname)"
cat <<EOF >> "$HOST_CONFIG_DIR/local.yaml"
database:
hostname: '$TARGET_SERVICE_NAME'
## We had to patch peertube to have a direct dbname (doh!)
dbname: '$DBNAME'
port: 5432
username: '$USER'
password: '$PASSWORD'
EOF
info "Configured $SERVICE_NAME code for $TARGET_SERVICE_NAME access."

24
peertube/hooks/redis_database-relation-joined

@ -0,0 +1,24 @@
#!/bin/bash
set -e
PEERTUBE_CONFIG_DIR=/etc/peertube
HOST_CONFIG_DIR=$SERVICE_CONFIGSTORE/$PEERTUBE_CONFIG_DIR
password=$(relation-get password) || {
err "Can't get password for '$SERVICE_NAME' from '$TARGET_SERVICE_NAME'."
exit 1
}
cat <<EOF >> "$HOST_CONFIG_DIR/local.yaml"
## XXXvlab: to be added by redis relation
redis:
hostname: '$TARGET_SERVICE_NAME'
port: 6379
auth: $password
EOF
info "Configured $SERVICE_NAME code for $TARGET_SERVICE_NAME access."

22
peertube/hooks/web_proxy-relation-joined

@ -0,0 +1,22 @@
#!/bin/bash
set -e
PEERTUBE_CONFIG_DIR=/etc/peertube
HOST_CONFIG_DIR=$SERVICE_CONFIGSTORE/$PEERTUBE_CONFIG_DIR
domain=$(relation-get domain) || {
err "Can't get domain value."
exit 1
}
cat <<EOF >> "$HOST_CONFIG_DIR/local.yaml"
webserver:
https: true
hostname: '$domain'
port: 443
EOF
info "Configured $SERVICE_NAME code for $TARGET_SERVICE_NAME access."

135
peertube/metadata.yml

@ -0,0 +1,135 @@
description: "PeerTube Server"
maintainer: "Valentin Lab <valentin.lab@kalysto.org>"
## XXXvlab: docker uses the 'build' directory or the 'image:' option here.
#docker-image: chocobozzz/peertube:production-stretch ## YYY: to save in our docker-registry
data-resources:
- /var/lib/peertube
- /var/log/peertube
- /var/cache/peertube
config-resources:
- /etc/peertube
## XXXvlab: options here are the one provided to the server as
## defaults BUT that can be changed from within the web
## interface.
default-options:
# If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag
# In addition, if some resolutions are enabled the mp4 video file will be transcoded to these new resolutions.
# Please, do not disable transcoding since many uploaded videos will not work
transcoding:
enabled: true
threads: 1
resolutions: # Only created if the original video has a higher resolution, uses more storage!
240p: true
360p: true
480p: true
720p: true
1080p: true
import:
# Add ability for your users to import remote videos (from YouTube, torrent...)
videos:
http: # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html
enabled: true
torrent: # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)
enabled: true
signup:
enabled: true
uses:
postgres-database:
constraint: required
auto: summon
solves:
database: "main storage"
default-options:
extensions:
- pg_trgm
- unaccent
redis-database:
constraint: required
auto: summon
solves:
database: "short time storage"
# log-rotate:
# constraint: recommended
# auto: pair
# solves:
# disk-leak: "/var/log/peertube"
web-proxy:
constraint: required
auto: pair
solves:
proxy: "Public access"
default-options:
apache-custom-rules:
- |
## From https://gist.github.com/rigelk/07a0b8963fa4fc1ad756374c28479bc7
Protocols h2 http/1.1
# HSTS (mod_headers is required) (63072000 seconds = 2 years) (only activate it knowingly)
#Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Content-Type-Options nosniff
Header always set X-Robots-Tag none
Header always set X-XSS-Protection "1; mode=block"
# Hard limit, PeerTube does not support videos > 4GB
LimitRequestBody 4294967294
# Set caching on assets for 1 year
<FilesMatch ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$>
Header append Cache-Control "public, max-age=31536000, immutable"
</FilesMatch>
AliasMatch ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ /var/www/peertube/peertube-latest/client/dist/$1
# Set caching on image files for 1 year
<FilesMatch ^/static/(thumbnails|avatars)/(.*)$>
Header append Cache-Control "public, max-age=31536000, immutable"
</FilesMatch>
AliasMatch ^/static/(thumbnails|avatars)/(.*)$ /var/www/peertube/storage/$1/$2
# Bypass PeerTube webseed route for better performances
Alias /static/webseed /var/www/peertube/storage/videos
<Location /static/webseed>
# Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 800
SetEnvIf Request_Method "GET" GETMETH=1
Header set Access-Control-Allow-Origin "*" env=GETMETH
Header set Access-Control-Allow-Headers "Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type" env=GETMETH
Header set Access-Control-Allow-Methods "GET, OPTIONS" env=GETMETH
Header set toto "foo" env=GETMETH
SetEnvIf GETMETH "1" dontlog
SetEnvIf Request_Method "OPTIONS" OPTIONSMETH=1
Header set Access-Control-Allow-Origin "*" env=OPTIONSMETH
Header set Access-Control-Allow-Headers "Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type" env=OPTIONSMETH
Header set Access-Control-Allow-Methods "GET, OPTIONS" env=OPTIONSMETH
Header set Access-Control-Max-Age "1000" env=OPTIONSMETH
Header set Content-Type "text/plain charset=UTF-8" env=OPTIONSMETH
Header set Content-Length "0" env=OPTIONSMETH
</Location>
<Location /videos/embed>
Header unset X-Frame-Options
</Location>
ProxyPreserveHost On
ProxyRequests On
ProxyTimeout 600
# Websocket tracker
RewriteEngine On
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule /(.*) ws://127.0.0.1:9000/$1 [P,L]
# <Location />
# ProxyPass http://127.0.0.1:9000/
# </Location>

18
redis/build/Dockerfile

@ -0,0 +1,18 @@
## is a simple copy of postgres:10-alpine
FROM docker.0k.io/alpine:3.7 as common
RUN apk add redis
RUN mkdir -p /var/lib/redis
RUN chown -R redis:redis /var/lib/redis
RUN echo -e "include /etc/redis-local.conf\n" >> /etc/redis.conf
VOLUME ["/var/lib/redis"]
# Expose the ports for redis
EXPOSE 6379
USER redis
ENTRYPOINT ["redis-server", "/etc/redis.conf"]

59
redis/hooks/init

@ -0,0 +1,59 @@
#!/bin/bash
## Init is run on host
## For now it is run every time the script is launched, but
## it should be launched only once after build.
## Accessible variables are:
## - SERVICE_NAME Name of current service
## - DOCKER_BASE_IMAGE Base image from which this service might be built if any
## - SERVICE_DATASTORE Location on host of the DATASTORE of this service
## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service
set -e
uid=$(docker_get_uid "$SERVICE_NAME" "redis")
CONFIG=$SERVICE_CONFIGSTORE/etc/redis-local.conf
PASSWORD=$(options-get password 2>/dev/null) || {
if [ -e "$CONFIG" ]; then
PASSWORD=$(grep ^requirepass "$CONFIG" | sed -r 's/^requirepass\s+(.+)$/\1/g')
fi
if [ -z "$ADMIN_PASSWORD" ]; then
info "Generating odoo admin password"
PASSWORD=$(gen_password 64)
fi
}
mkdir -p "$(dirname "$CONFIG")"
cat <<EOF > "$CONFIG"
daemonize no
loglevel notice
logfile ""
bind 0.0.0.0
requirepass $PASSWORD
EOF
chown -v "$uid" "$CONFIG"
dirs=(/var/log/redis /var/lib/redis)
host_dirs=()
for dir in "${dirs[@]}"; do
host_dirs+=("$SERVICE_DATASTORE$dir")
done
mkdir -p "${host_dirs[@]}"
find "${host_dirs[@]}" \! -user "$uid" \
-exec chown -v "$uid" {} + || true
config_hash=$(cat "$CONFIG" | md5_compat) || exit 1
init-config-add "
$MASTER_BASE_SERVICE_NAME:
labels:
- compose.config_hash=$config_hash
"

12
redis/hooks/redis_database-relation-joined

@ -0,0 +1,12 @@
#!/bin/bash
CONFIG=$SERVICE_CONFIGSTORE/etc/redis-local.conf
set -e
PASSWORD=$(grep ^requirepass "$CONFIG" | sed -r 's/^requirepass\s+(.+)$/\1/g')
relation-set password "$PASSWORD"
true

9
redis/metadata.yml

@ -0,0 +1,9 @@
summary: "Redis server"
maintainer: "Valentin Lab <valentin.lab@kalysto.org>"
data-resources:
- /var/lib/redis
- /var/log/redis
config-resources:
- /etc/redis-local.conf
provides:
redis-database:
Loading…
Cancel
Save