From d20770fec54f59cb0e6fbe7fa61fedcf01844819 Mon Sep 17 00:00:00 2001 From: Markus Toran Date: Mon, 1 Nov 2021 14:55:54 +0100 Subject: [PATCH 1/5] Update to Liquid Feedback to version 4, use nullmailer instead of msmtp --- Dockerfile | 38 +++-- docker-compose.yml | 2 +- scripts/config_db.sql | 66 ++++++-- scripts/lfconfig.lua | 372 +++++++++++++++--------------------------- 4 files changed, 212 insertions(+), 266 deletions(-) diff --git a/Dockerfile b/Dockerfile index 883d0fe..523a252 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,10 +6,10 @@ FROM debian:buster-slim AS builder #MAINTAINER Pascal Schneider -ENV LF_CORE_VERSION v3.2.2 -ENV LF_FEND_VERSION v3.2.1 -ENV LF_WMCP_VERSION v2.2.0 -ENV LF_MOONBRIDGE_VERSION v1.1.1 +ENV LF_CORE_VERSION v4.2.2 +ENV LF_FEND_VERSION v4.0.0 +ENV LF_WMCP_VERSION v2.2.1 +ENV LF_MOONBRIDGE_VERSION v1.1.3 ENV LF_LATLON_VERSION v0.14 # @@ -47,11 +47,24 @@ WORKDIR /opt/lf/sources # # Download sources -# -RUN hg clone -r ${LF_CORE_VERSION} https://www.public-software-group.org/mercurial/liquid_feedback_core/ ./core \ - && hg clone -r ${LF_FEND_VERSION} https://www.public-software-group.org/mercurial/liquid_feedback_frontend/ ./frontend \ - && hg clone -r ${LF_WMCP_VERSION} https://www.public-software-group.org/mercurial/webmcp ./webmcp\ - && hg clone -r ${LF_MOONBRIDGE_VERSION} https://www.public-software-group.org/mercurial/moonbridge ./moonbridge +# +RUN curl https://www.public-software-group.org/pub/projects/liquid_feedback/backend/${LF_CORE_VERSION}/liquid_feedback_core-${LF_CORE_VERSION}.tar.gz -o core.tar.gz \ + && curl https://www.public-software-group.org/pub/projects/liquid_feedback/frontend/${LF_FEND_VERSION}/liquid_feedback_frontend-${LF_FEND_VERSION}.tar.gz -o frontend.tar.gz \ + && curl https://www.public-software-group.org/pub/projects/webmcp/${LF_WMCP_VERSION}/webmcp-${LF_WMCP_VERSION}.tar.gz -o webmcp.tar.gz \ + && curl https://www.public-software-group.org/pub/projects/moonbridge/${LF_MOONBRIDGE_VERSION}/moonbridge-${LF_MOONBRIDGE_VERSION}.tar.gz -o moonbridge.tar.gz + +# +# Extract sources +# +RUN mkdir ./core \ + && mkdir ./frontend \ + && mkdir ./webmcp \ + && mkdir ./moonbridge + +RUN tar -zxf core.tar.gz -C ./core --strip 1 \ + && tar -zxf frontend.tar.gz -C ./frontend --strip 1 \ + && tar -zxf webmcp.tar.gz -C ./webmcp --strip 1 \ + && tar -zxf moonbridge.tar.gz -C ./moonbridge --strip 1 # # Build moonbridge @@ -82,8 +95,9 @@ RUN make \ WORKDIR /opt/lf/ RUN cd /opt/lf/sources/frontend \ - && hg archive -t files /opt/lf/frontend \ - && cd /opt/lf/frontend/fastpath \ + && mkdir /opt/lf/frontend \ + && cp -ar /opt/lf/sources/frontend/ /opt/lf/ \ + && cd /opt/lf/frontend/fastpath/ \ && make \ && chown www-data /opt/lf/frontend/tmp @@ -91,7 +105,7 @@ RUN cd /opt/lf/sources/frontend \ FROM debian:buster-slim RUN apt-get update && apt-get install --no-install-recommends -y\ - msmtp-mta imagemagick python3-pip\ + msmtp-mta imagemagick python3-pip sassc\ liblua5.3-0 postgresql-client\ && pip3 install markdown2 diff --git a/docker-compose.yml b/docker-compose.yml index 2f37f6f..f4cca24 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -23,7 +23,7 @@ services: entrypoint: ["/opt/lf/bin/lf_updated"] db: - image: 'postgres:12-alpine' + image: 'postgres:14-alpine' restart: unless-stopped volumes: - pg:/var/lib/postgresql/data diff --git a/scripts/config_db.sql b/scripts/config_db.sql index 9e684d2..42b8b4f 100644 --- a/scripts/config_db.sql +++ b/scripts/config_db.sql @@ -4,17 +4,61 @@ INSERT INTO system_setting (member_ttl) VALUES ('1 year'); -INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (false, '1 hour', 20, 6); +-- INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (false, '1 hour', 20, 6); +-- INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (false, '1 day', 80, 12); +-- INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (true, '1 hour', 200, 60); +-- INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (true, '1 day', 800, 120); -INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (false, '1 day', 80, 12); - -INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (true, '1 hour', 200, 60); - -INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (true, '1 day', 800, 120); - --- query for version 4: INSERT INTO policy (index, name, min_admission_time, max_admission_time, discussion_time, verification_time, voting_time, issue_quorum_num, issue_quorum_den, issue_quorum, initiative_quorum_num, initiative_quorum_den, initiative_quorum) VALUES (1, 'Default policy', '4 days', '8 days', '15 days', '8 days', '15 days', 10, 100, 10, 10, 100, 10); - -INSERT INTO policy (index, name, min_admission_time, max_admission_time, discussion_time, verification_time, voting_time, issue_quorum_num, issue_quorum_den, initiative_quorum_num, initiative_quorum_den) VALUES (1, 'Default policy', '4 days', '8 days', '15 days', '8 days', '15 days', 10, 100, 10, 100); +INSERT INTO "policy" ( + "index", + "active", + "name", + "description", + "admission_time", + "discussion_time", + "verification_time", + "voting_time", + "issue_quorum_num", + "issue_quorum_den", + "initiative_quorum_num", + "initiative_quorum_den" + ) VALUES ( + 1, + TRUE, + 'Extensive proceeding', + DEFAULT, + '1 month', + '5 months', + '1 month', + '3 weeks', + 10, 100, + 10, 100 + ), ( + 2, + TRUE, + 'Standard proceeding', + DEFAULT, + '1 month', + '1 month', + '1 week', + '1 week', + 10, 100, + 10, 100 + ), ( + 3, + TRUE, + 'Fast proceeding', + DEFAULT, + '48 hours', + '3 hours', + '1 hour', + '20 hours', + 1, 100, + 1, 100 ); + +INSERT INTO "privilege" ("unit_id", "member_id", "voting_right") + SELECT 1 AS "unit_id", "id" AS "member_id", TRUE AS "voting_right" + FROM "member"; INSERT INTO unit (name) VALUES ('Our organization'); @@ -24,4 +68,4 @@ INSERT INTO allowed_policy (area_id, policy_id, default_policy) VALUES (1, 1, TR -- Admin user with empty password INSERT INTO member (login, name, admin, password, activated, last_activity) -VALUES ('admin', 'Administrator', TRUE, '$1$/EMPTY/$NEWt7XJg2efKwPm4vectc1', NOW(), NOW()); +VALUES ('admin', 'Administrator', TRUE, '$1$.EMPTY.$LDufa24OE2HZFXAXh71Eb1', NOW(), NOW()); diff --git a/scripts/lfconfig.lua b/scripts/lfconfig.lua index 44a146a..f928d79 100644 --- a/scripts/lfconfig.lua +++ b/scripts/lfconfig.lua @@ -2,81 +2,51 @@ -- MANDATORY (MUST BE CAREFULLY CHECKED AND PROPERLY SET!) -- ======================================================================== +-- Absolute base url of application +-- ------------------------------------------------------------------------ +config.absolute_base_url = "https://example.org/" + +-- Connection information for the LiquidFeedback database +-- ------------------------------------------------------------------------ +config.database = { host='db', engine='postgresql', dbname='liquid_feedback', user='liquid_feedback', password='liquid' } + -- Name of this instance, defaults to name of config file -- ------------------------------------------------------------------------ config.instance_name = "Liquid Feedback Docker Instance" - -- Information about service provider (HTML) -- ------------------------------------------------------------------------ config.app_service_provider = "https://github.com/DarkGigaByte/liquid-feedback-docker" - --- A HTML formatted text the user has to accept while registering --- ------------------------------------------------------------------------ -config.use_terms = "

Terms of Use

Have fun

" - - --- Checkbox(es) the user has to accept while registering +-- Network interface to bind to -- ------------------------------------------------------------------------ ---[[ -config.use_terms_checkboxes = { - { - name = "terms_of_use_v1", - html = "I accept the terms of use.", - not_accepted_error = "You have to accept the terms of use to be able to register." - }, - { - name = "extra_terms_of_use_v1", - html = "I accept the extra terms of use.", - not_accepted_error = "You have to accept the extra terms of use to be able to register." - } -} ---]] - --- Absolute base url of application +-- Available options: +-- true: bind to localhost (default) +-- false: bind to all interface -- ------------------------------------------------------------------------ -config.absolute_base_url = "http://example.com/" config.localhost = false - --- Connection information for the LiquidFeedback database --- https://www.postgresql.org/docs/8.4/static/libpq-connect.html +-- Network port to bind to, default port 8080 -- ------------------------------------------------------------------------ -config.database = { host='db', engine='postgresql', dbname='liquid_feedback', user='liquid_feedback', password='liquid' } +-- config.port = 8080 +-- Serving content via IPV6 +-- ------------------------------------------------------------------------ +-- Available options: +-- nil or false: do not serve via IPv6 (default) +-- true: serve via IPv6 +-- ------------------------------------------------------------------------ +-- config.ipv6 = false --- Location of the rocketwiki binaries --- ------------------------------------------------------------------------ -config.enforce_formatting_engine = "markdown2" -config.formatting_engines = { - { id = "markdown2", - name = "python-markdown2", - executable = "markdown2", - args = {'-s', 'escape', '-x', 'nofollow,wiki-tables'}, - remove_images = true - }, --- { id = "markdown_py", --- name = "Python Markdown", --- executable = "markdown_py", --- args = {'-s', 'escape', '-x', 'extra', '-x', 'nl2br', '-x', 'sane_lists'}, --- remove_images = true --- }, --- { id = "rocketwiki", --- name = "RocketWiki", --- executable = "/opt/rocketwiki-lqfb/rocketwiki-lqfb" --- }, --- { id = "compat", --- name = "Traditional WIKI syntax", --- executable = "/opt/rocketwiki-lqfb/rocketwiki-lqfb-compat" --- }, -} - +-- ======================================================================== +-- OPTIONAL +-- Remove leading -- to use a option +-- ======================================================================== -- Public access level -- ------------------------------------------------------------------------ -- Available options: --- "none" +-- "none" (default) -- -> Closed user group, no public access at all -- (except login/registration/password reset) -- "anonymous" @@ -91,12 +61,13 @@ config.formatting_engines = { -- ------------------------------------------------------------------------ config.public_access = "none" +-- List of enabled languages, defaults to available languages +-- ------------------------------------------------------------------------ +-- config.enabled_languages = { 'en', 'de', 'eo', 'el', 'hu', 'it', 'ka', 'nl', 'zh-Hans', 'zh-TW' } - --- ======================================================================== --- OPTIONAL --- Remove leading -- to use a option --- ======================================================================== +-- Default language, defaults to "en" +-- ------------------------------------------------------------------------ +-- config.default_lang = "en" -- Disable registration -- ------------------------------------------------------------------------ @@ -106,48 +77,51 @@ config.public_access = "none" -- ------------------------------------------------------------------------ -- config.disable_registration = true - --- List of enabled languages, defaults to available languages +-- A HTML formatted text the user has to accept while registering -- ------------------------------------------------------------------------ --- config.enabled_languages = { 'en', 'de', 'eo', 'el', 'hu', 'it', 'ka', 'nl', 'zh-Hans', 'zh-TW' } - +-- config.use_terms = "

Terms of Use

Insert terms here

" --- Default language, defaults to "en" +-- Checkbox(es) the user has to accept while registering -- ------------------------------------------------------------------------ --- config.default_lang = "en" - - +-- config.use_terms_checkboxes = { +-- { +-- name = "terms_of_use_v1", +-- html = "I accept the terms of use.", +-- not_accepted_error = "You have to accept the terms of use to be able to register." +-- }, +-- { +-- name = "extra_terms_of_use_v1", +-- html = "I accept the extra terms of use.", +-- not_accepted_error = "You have to accept the extra terms of use to be able to register." +-- } +-- } + -- after how long is a user considered inactive and the trustee will see warning, -- notation is according to postgresql intervals, default: no warning at all -- ------------------------------------------------------------------------ -- config.delegation_warning_time = '6 months' - -- after which time a user is advised (_soft) or forced (_hard) to check -- unit and area delegations. default: no check at all -- ------------------------------------------------------------------------ --- config.check_delegations_interval_hard = "6 months" -- config.check_delegations_interval_soft = "3 months" - +-- config.check_delegations_interval_hard = "6 months" -- default option when checking delegations -- available options: "confirm", "revoke" and "none", default: "confirm" -- ------------------------------------------------------------------------ -- config.check_delegations_default = "confirm" - -- Prefix of all automatic mails, defaults to "[Liquid Feedback] " -- ------------------------------------------------------------------------ -- config.mail_subject_prefix = "[LiquidFeedback] " - -- Sender of all automatic mails, defaults to system defaults -- ------------------------------------------------------------------------ -- config.mail_envelope_from = "liquidfeedback@example.com" -- config.mail_from = { name = "LiquidFeedback", address = "liquidfeedback@example.com" } -- config.mail_reply_to = { name = "Support", address = "support@example.com" } - -- Template for digest emails -- #{name} will be replaced by member screen name -- #{digest} will be replaced with the digest content @@ -160,14 +134,12 @@ config.public_access = "none" -- #{digest} -- ]] - -- Configuration of password hashing algorithm (defaults to "crypt_sha512") -- ------------------------------------------------------------------------ -- config.password_hash_algorithm = "crypt_sha512" -- config.password_hash_algorithm = "crypt_sha256" -- config.password_hash_algorithm = "crypt_md5" - -- Number of rounds for crypt_sha* algorithms, minimum and maximum -- (defaults to minimum 10000 and maximum 20000) -- ------------------------------------------------------------------------ @@ -184,12 +156,10 @@ config.public_access = "none" -- ------------------------------------------------------------------------ -- config.download_dir = nil - -- Special use terms for database dump download -- ------------------------------------------------------------------------ -- config.download_use_terms = "=== Download use terms ===\n" - -- Use custom image conversion, defaults to ImageMagick's convert -- ------------------------------------------------------------------------ --config.member_image_content_type = "image/jpeg" @@ -198,27 +168,38 @@ config.public_access = "none" -- photo = function(data) return extos.pfilter(data, "convert", "jpeg:-", "-thumbnail", "240x240", "jpeg:-") end --} - --- Display a html formatted public message of the day +-- Initiative attachments -- ------------------------------------------------------------------------ --- config.motd_public = "

Message of the day (public)

The MOTD is formatted with HTML

" +-- config.attachments = {} +-- Conversion function for recoding attachments +-- ------------------------------------------------------------------------ +-- config.attachments.convert_func = function(data) +-- return extos.pfilter(data, "convert", "jpeg:-", "-thumbnail", "240x240", "jpeg:-") +-- end --- Display a html formatted internal message of the day +-- Custom UI colors, defaults to green/blue -- ------------------------------------------------------------------------ --- config.motd_intern = "

Message of the day (intern)

The MOTD is formatted with HTML

" +-- config.style = { +-- color_md = { +-- primary = "green", +-- primary_contrast = "dark", +-- accent = "blue", +-- accent_contrast = "dark" +-- } +-- } +-- Member profile fields, defaults to no extra fields +-- ------------------------------------------------------------------------ +-- config.member_profile_fields = {} --- Integration of Etherpad, disabled by default +-- Display a html formatted public message of the day -- ------------------------------------------------------------------------ ---config.etherpad = { --- base_url = "http://example.com:9001/", --- api_base = "http://localhost:9001/", --- api_key = "mysecretapikey", --- group_id = "mygroupname", --- cookie_path = "/" ---} +-- config.motd_public = "

Message of the day (public)

The MOTD is formatted with HTML

" +-- Display a html formatted internal message of the day +-- ------------------------------------------------------------------------ +-- config.motd_intern = "

Message of the day (intern)

The MOTD is formatted with HTML

" -- Free timings -- ------------------------------------------------------------------------ @@ -265,122 +246,6 @@ config.free_timing = { } --]] --- Configuration of lf4rcs --- ------------------------------------------------------------------------ --- config.lf4rc = {} - --- Example configuration for controlling a Git repository ---[[ -config.lf4rcs.git = { - - render_draft_reference = function(url, draft) - if not draft.external_reference then return end - ui.tag{ content = _"Changeset:" } - slot.put(" ") - ui.link{ - text = draft.external_reference, - external = url .. ";a=commit;h=" .. draft.external_reference - } - end, - - get_remote_user = function() - return os.getenv("REMOTE_USER") - end, - - get_branches = function(path, exec) - local branches = {} - for line in io.lines() do - local oldrev, newrev, branch = string.match(line, "([^ ]+) ([^ ]+) refs/heads/(.+)") - if not branch then - return nil, "unexpected format from git hook environment" - end - branches[branch] = { newrev } - end - return branches - end, - - commit = function(path, exec, branch, target_node_id, close_message, merge_message) - if merge_message then - exec("git", "-C", path, "checkout", "-f", "master") - exec("git", "-C", path, "merge", target_node_id, "-m", merge_message) - exec("git", "-C", path, "push", "origin", "master") - end - end - -} - --- Example configuration for controlling a Mercurial repository -config.lf4rcs.hg = { - - working_branch_name = "work", - - render_draft_reference = function(url, draft) - if not draft.external_reference then return end - ui.tag{ content = _"Changeset graph:" } - slot.put(" ") - ui.link{ - text = draft.external_reference, - external = url .. "/graph/" .. draft.external_reference - } - end, - - get_remote_user = function() - return os.getenv("REMOTE_USER") - end, - - get_branches = function(path, exec) - local first_node_id = os.getenv("HG_NODE") - if not first_node_id then - return nil, "internal error, no first node ID available" - end - local hg_log = exec( - "hg", "log", "-R", path, "-r", first_node_id .. ":", "--template", "{branches}\n" - ) - local branches = {} - for branch in hg_log:gmatch("(.-)\n") do - if branch == "" then branch = "default" end - if not branches[branch] then - branches[branch] = {} - local head_lines = exec( - "hg", "heads", "-R", path, "--template", "{node}\n", branch - ) - for node_id in string.gmatch(head_lines, "[^\n]+") do - table.insert(branches[branch], node_id) - end - end - end - return branches - end, - - extra_checks = function(path, exec) - local result = exec("hg", "heads", "-t", "-c") - for branch in string.gmatch(result, "[^\n]+") do - if branch == lf4rcs.config.hg.working_branch_name then - return nil, "open head found for branch " .. lf4rcs.config.hg.working_branch_name - end - end - return true - end, - - commit = function(path, exec, branch, target_node_id, close_message, merge_message) - exec("hg", "up", "-R", path, "-C", "-r", target_node_id) - exec("hg", "commit", "-R", path, "--close-branch", "-m", close_message) - if merge_message then - exec("hg", "up", "-R", path, "-C", "-r", "default") - exec("hg", "merge", "-R", path, "-r", "tip") - exec("hg", "commit", "-R", path, "-m", merge_message) - end - end - -} - --- Grace period after creating an initiative for pushing changes during verification phase --- disabled by default (nil), use PostgreSQL interval notation --- config.lf4rcs.push_grace_period = nil - -lf4rcs.init() ---]] - -- External references -- ------------------------------------------------------------------------ -- Rendering of external references @@ -400,46 +265,39 @@ config.render_external_reference = { end --]] --- Admin logger +-- Configuration of OAuth2 service, defaults to OAuth2 disabled -- ------------------------------------------------------------------------ --- Logging administrative activities --- disabled by default - ---[[ -config.admin_logger = function(params) - - local adminid = app.session.member_id - local adminname = app.session.member.name - local url = params._webmcp_path - - -- do something (e.g. calling 'logger' via extos.pfilter) - -end ---]] +-- config.oauth2 = {} +-- Additional scopes +-- config.oauth2.available_scopes = { +-- { scope = "privA", name = { de = "Beispielprivileg A", en = "Example privilege A" } }, +-- { scope = "privB", name = { de = "Beispielprivileg B", en = "Example privilege B" } } +-- } --- Network interface to bind to --- ------------------------------------------------------------------------ --- Available options: --- true: bind to localhost (default) --- false: bind to all interface +-- OAuth2 endpoint magic string for dynamic app registration -- ------------------------------------------------------------------------ -config.localhost = false +-- config.oauth2.endpoint_magic = "liquidfeedback_client_redirection_endpoint" - --- Network port to bind to +-- OAuth2 Token lifetime and timings -- ------------------------------------------------------------------------ -config.port = 8080 - +-- config.oauth2.authorization_code_lifetime = 5 * 60 +-- config.oauth2.refresh_token_lifetime = 60 * 60 * 24 * 30 * 3 +-- config.oauth2.refresh_pause = 60 +-- config.oauth2.refresh_grace_period = 60 +-- config.oauth2.access_token_lifetime = 60 * 60 --- Serving content via IPV6 --- ------------------------------------------------------------------------ --- Available options: --- nil or false: do not serve via IPv6 (default) --- true: serve via IPv6 +-- Admin logger -- ------------------------------------------------------------------------ --- config.ipv6 = false +-- Logging administrative activities +-- disabled by default +-- config.admin_logger = function(params) +-- local adminid = app.session.member_id +-- local adminname = app.session.member.name +-- local url = params._webmcp_path +-- -- do something (e.g. calling 'logger' via extos.pfilter) +-- end -- Application server fork configuration -- ------------------------------------------------------------------------ @@ -456,7 +314,6 @@ config.port = 8080 -- max_requests = 100 -- maximum count of requests handled before fork is terminated -- } - -- HTTP server options -- ------------------------------------------------------------------------ -- http_options = { @@ -471,7 +328,6 @@ config.port = 8080 -- minimum_output_chunk_size = 1024 -- chunk size for chunked-transfer-encoding -- } - -- WebMCP accelerator -- ------------------------------------------------------------------------ -- uncomment the following line to use C implementations of chosen @@ -479,10 +335,42 @@ config.port = 8080 -- ------------------------------------------------------------------------ -- require 'webmcp_accelerator' - -- Trace debug -- ------------------------------------------------------------------------ -- uncomment the following line to enable debug trace -- ------------------------------------------------------------------------ -- config.enable_debug_trace = true +-- Configuration of lf4rcs, disabled by default +-- for example configration see _lf4rcs.lua +-- ------------------------------------------------------------------------ +-- execute.config("_lf4rcs") + +-- Configuration of ldap authentication, disabled by default +-- for example configration, see _ldap.lua +-- for active directory example, see _ldap_ad.lua +-- ------------------------------------------------------------------------ +-- execute.config("_ldap") +-- execute.config("_ldap_ad") + +-- Integration of Etherpad, disabled by default +-- ------------------------------------------------------------------------ +--config.etherpad = { +-- base_url = "http://example.com:9001/", +-- api_base = "http://localhost:9001/", +-- api_key = "mysecretapikey", +-- group_id = "mygroupname", +-- cookie_path = "/" +--} + +-- Integration of FirstLife +-- ------------------------------------------------------------------------ +--[[ +config.firstlife = { + coordinates = "", + areaviewer_url = "about:blank", + inputmap_url = "about:blank" +} +config.allow_new_draft_callback = true +--]] + From c24fceebc2c5922c61332e6a67a8cb9fa4cbc12c Mon Sep 17 00:00:00 2001 From: Markus Toran Date: Sun, 26 Dec 2021 12:22:02 +0100 Subject: [PATCH 2/5] Add nullmailer config --- docker-compose.yml | 13 +++++++++++++ lf.env.example | 6 ++++-- nullmailer/adminaddr | 1 + nullmailer/allmailfrom | 1 + nullmailer/defaultdomain | 1 + nullmailer/defaulthost | 1 + nullmailer/remotes | 1 + scripts/lf_updated | 2 ++ scripts/start.sh | 2 ++ 9 files changed, 26 insertions(+), 2 deletions(-) create mode 100644 nullmailer/adminaddr create mode 100755 nullmailer/allmailfrom create mode 100755 nullmailer/defaultdomain create mode 100755 nullmailer/defaulthost create mode 100644 nullmailer/remotes diff --git a/docker-compose.yml b/docker-compose.yml index f4cca24..3551c85 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,12 +6,15 @@ services: - '8080:8080' volumes: - lf:/opt/lf/frontend/config + - ./nullmailer:/etc/nullmailer #image: 'darkgigabyte/liquid-feedback-docker:latest' build: . depends_on: - db env_file: - lf.env + networks: + - stack lf-cron: restart: unless-stopped @@ -20,7 +23,11 @@ services: - db env_file: - lf.env + volumes: + - ./nullmailer:/etc/nullmailer entrypoint: ["/opt/lf/bin/lf_updated"] + networks: + - stack db: image: 'postgres:14-alpine' @@ -29,7 +36,13 @@ services: - pg:/var/lib/postgresql/data env_file: - lf.env + networks: + - stack volumes: lf: pg: + +networks: + stack: + external: false \ No newline at end of file diff --git a/lf.env.example b/lf.env.example index aaa379e..f4660f4 100644 --- a/lf.env.example +++ b/lf.env.example @@ -1,5 +1,7 @@ -#SMARTHOST_ADDRESS=YOUR_SMARTHOST_SMTP_SERVER:25 POSTGRES_HOST=db POSTGRES_USER=liquid_feedback POSTGRES_PASSWORD=liquid -POSTGRES_DB=liquid_feedback \ No newline at end of file +POSTGRES_DB=liquid_feedback +NULLMAILER_USER=lq@toranm.me +NULLMAILER_NAME=LiquidFeedback Docker +NULLMAILER_FLAGS=f \ No newline at end of file diff --git a/nullmailer/adminaddr b/nullmailer/adminaddr new file mode 100644 index 0000000..889819f --- /dev/null +++ b/nullmailer/adminaddr @@ -0,0 +1 @@ +username@example.org \ No newline at end of file diff --git a/nullmailer/allmailfrom b/nullmailer/allmailfrom new file mode 100755 index 0000000..889819f --- /dev/null +++ b/nullmailer/allmailfrom @@ -0,0 +1 @@ +username@example.org \ No newline at end of file diff --git a/nullmailer/defaultdomain b/nullmailer/defaultdomain new file mode 100755 index 0000000..0af0977 --- /dev/null +++ b/nullmailer/defaultdomain @@ -0,0 +1 @@ +example.org \ No newline at end of file diff --git a/nullmailer/defaulthost b/nullmailer/defaulthost new file mode 100755 index 0000000..0af0977 --- /dev/null +++ b/nullmailer/defaulthost @@ -0,0 +1 @@ +example.org \ No newline at end of file diff --git a/nullmailer/remotes b/nullmailer/remotes new file mode 100644 index 0000000..5aca86e --- /dev/null +++ b/nullmailer/remotes @@ -0,0 +1 @@ +example.org smtp --port=465 --auth-login --user=username --pass=password --ssl \ No newline at end of file diff --git a/scripts/lf_updated b/scripts/lf_updated index cb7848e..5be0e75 100755 --- a/scripts/lf_updated +++ b/scripts/lf_updated @@ -2,6 +2,8 @@ logger(){>&2 echo $@;} +service nullmailer start + LFUSER="lf" DBHOST="${POSTGRES_HOST}" DBNAME="${POSTGRES_DB}" diff --git a/scripts/start.sh b/scripts/start.sh index b34f036..d0e53b5 100755 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -2,6 +2,8 @@ #echo "mailhub=${SMARTHOST_ADDRESS}" > /etc/ssmtp/ssmtp.conf +service nullmailer start + until PGPASSWORD="$POSTGRES_PASSWORD" psql -h "${POSTGRES_HOST}" -U "${POSTGRES_USER}" -c '\q'; do >&2 echo "Postgres is unavailable - sleeping" sleep 5 From 135cf53a0c884a568a1254a3b0715a2bb2d07042 Mon Sep 17 00:00:00 2001 From: Markus Toran Date: Sun, 26 Dec 2021 12:22:28 +0100 Subject: [PATCH 3/5] Update config_db.sql --- scripts/config_db.sql | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/scripts/config_db.sql b/scripts/config_db.sql index 42b8b4f..a755052 100644 --- a/scripts/config_db.sql +++ b/scripts/config_db.sql @@ -4,22 +4,25 @@ INSERT INTO system_setting (member_ttl) VALUES ('1 year'); --- INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (false, '1 hour', 20, 6); --- INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (false, '1 day', 80, 12); --- INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (true, '1 hour', 200, 60); --- INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (true, '1 day', 800, 120); +INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (false, '1 hour', 20, 6); +INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (false, '1 day', 80, 12); +INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (true, '1 hour', 200, 60); +INSERT INTO contingent (polling, time_frame, text_entry_limit, initiative_limit) VALUES (true, '1 day', 800, 120); INSERT INTO "policy" ( "index", "active", "name", "description", - "admission_time", + "min_admission_time", + "max_admission_time", "discussion_time", "verification_time", "voting_time", + "issue_quorum", "issue_quorum_num", "issue_quorum_den", + "initiative_quorum", "initiative_quorum_num", "initiative_quorum_den" ) VALUES ( @@ -27,34 +30,37 @@ INSERT INTO "policy" ( TRUE, 'Extensive proceeding', DEFAULT, + '15 days', '1 month', '5 months', '1 month', '3 weeks', - 10, 100, - 10, 100 + 1, 10, 100, + 1, 10, 100 ), ( 2, TRUE, 'Standard proceeding', DEFAULT, + '15 days', '1 month', '1 month', '1 week', '1 week', - 10, 100, - 10, 100 + 1, 10, 100, + 1, 10, 100 ), ( 3, TRUE, 'Fast proceeding', DEFAULT, + '20 hours', '48 hours', '3 hours', '1 hour', '20 hours', - 1, 100, - 1, 100 ); + 1, 1, 100, + 1, 1, 100 ); INSERT INTO "privilege" ("unit_id", "member_id", "voting_right") SELECT 1 AS "unit_id", "id" AS "member_id", TRUE AS "voting_right" @@ -66,6 +72,5 @@ INSERT INTO area (unit_id, name) VALUES (1, 'Default area'); INSERT INTO allowed_policy (area_id, policy_id, default_policy) VALUES (1, 1, TRUE); --- Admin user with empty password -INSERT INTO member (login, name, admin, password, activated, last_activity) -VALUES ('admin', 'Administrator', TRUE, '$1$.EMPTY.$LDufa24OE2HZFXAXh71Eb1', NOW(), NOW()); +-- Admin user with invite sesam +INSERT INTO member (invite_code, admin) VALUES ('sesam', true); From 82eb1d52481d7bb30c4d7a44b269c9212e016b35 Mon Sep 17 00:00:00 2001 From: Markus Toran Date: Sun, 26 Dec 2021 12:22:56 +0100 Subject: [PATCH 4/5] Update to bullseye --- Dockerfile | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 523a252..988f1b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ # Dockerfile for liquid-feedback # -FROM debian:buster-slim AS builder +FROM debian:bullseye-slim AS builder #MAINTAINER Pascal Schneider @@ -16,12 +16,15 @@ ENV LF_LATLON_VERSION v0.14 # install dependencies # -RUN apt-get update && apt-get -y remove exim && apt-get -y install \ +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update && \ + apt-get install -yqq --no-install-recommends \ build-essential \ lsb-release\ postgresql-server-dev-all\ postgresql\ - msmtp-mta \ + nullmailer \ libbsd-dev\ imagemagick \ libpq-dev \ @@ -30,10 +33,10 @@ RUN apt-get update && apt-get -y remove exim && apt-get -y install \ liblua5.3-0-dbg \ liblua5.3-dev \ mercurial \ - python-pip \ + python3-markdown2 \ pmake \ - curl \ - && pip install markdown2 + ca-certificates \ + curl && rm -rf /var/lib/apt/lists/* # # prepare file tree @@ -102,12 +105,11 @@ RUN cd /opt/lf/sources/frontend \ && chown www-data /opt/lf/frontend/tmp -FROM debian:buster-slim +FROM debian:bullseye-slim RUN apt-get update && apt-get install --no-install-recommends -y\ - msmtp-mta imagemagick python3-pip sassc\ - liblua5.3-0 postgresql-client\ - && pip3 install markdown2 + nullmailer imagemagick python3-markdown2 sassc\ + liblua5.3-0 postgresql-client COPY --from=builder /opt/lf /opt/lf From 8519bac0d66e0313ab9f8e1f533b613e21877a1b Mon Sep 17 00:00:00 2001 From: Markus Toran Date: Mon, 27 Dec 2021 12:38:40 +0100 Subject: [PATCH 5/5] add /etc/mailname --- docker-compose.yml | 2 ++ mailname | 0 2 files changed, 2 insertions(+) create mode 100644 mailname diff --git a/docker-compose.yml b/docker-compose.yml index 3551c85..2bf29ef 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,6 +7,7 @@ services: volumes: - lf:/opt/lf/frontend/config - ./nullmailer:/etc/nullmailer + - ./mailname:/etc/mailname #image: 'darkgigabyte/liquid-feedback-docker:latest' build: . depends_on: @@ -25,6 +26,7 @@ services: - lf.env volumes: - ./nullmailer:/etc/nullmailer + - ./mailname:/etc/mailname entrypoint: ["/opt/lf/bin/lf_updated"] networks: - stack diff --git a/mailname b/mailname new file mode 100644 index 0000000..e69de29