diff --git a/docker-compose.yml b/docker-compose.yml index a08e84f..757b9b3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,30 +2,31 @@ version: "3.8" # Define default configuration for SODAR. x-sodar: &default-sodar - image: bihealth/sodar-server:${SODAR_SERVER_VERSION} + image: ghcr.io/bihealth/sodar-server:${SODAR_SERVER_VERSION} environment: &default-sodar-environment WAIT_HOSTS: "postgres:5432, redis:6379, irods:1247" LC_ALL: en_US.UTF-8 + DJANGO_ALLOWED_HOSTS: "*" + DJANGO_SECRET_KEY: ${SODAR_DJANGO_SECRET_KEY} + DJANGO_SETTINGS_MODULE: config.settings.production CELERY_BROKER_URL: redis://redis:6379/0 + CELERY_CHDIR: /usr/src/app + CELERY_CREATE_DIRS: "1" DATABASE_URL: postgresql://${POSTGRES_USERNAME}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}/sodar CONN_MAX_AGE: "0" PROJECTROLES_SEND_EMAIL: ${SODAR_EMAIL_ENABLED} EMAIL_SENDER: ${SODAR_EMAIL_SENDER} EMAIL_SUBJECT_PREFIX: ${SODAR_EMAIL_SUBJECT_PREFIX} EMAIL_URL: ${SODAR_EMAIL_URL} - DJANGO_ALLOWED_HOSTS: "*" - DJANGO_SECRET_KEY: ${SODAR_DJANGO_SECRET_KEY} - DJANGO_SETTINGS_MODULE: config.settings.production ENABLED_BACKEND_PLUGINS: timeline_backend,taskflow,omics_irods,sodar_cache,ontologyaccess_backend PROJECTROLES_ADMIN_OWNER: ${SODAR_ADMIN_OWNER} PROJECTROLES_DEFAULT_ADMIN: ${SODAR_ADMIN_DEFAULT_ADMIN} PROJECTROLES_ALLOW_LOCAL_USERS: ${SODAR_ALLOW_LOCAL_USERS} - CELERY_CHDIR: /usr/src/app - CELERY_CREATE_DIRS: "1" + PROJECTROLES_ALLOW_ANONYMOUS: ${SODAR_ALLOW_ANONYMOUS} PROJECTROLES_DISABLE_CDN_INCLUDES: "1" PROJECTROLES_CUSTOM_JS_INCLUDES: /static/local/js/jquery-3.5.1.min.js,/static/local/js/bootstrap.bundle.min.js,/static/local/js/tether.js,/static/local/js/shepherd.min.js,/static/local/js/clipboard.min.js PROJECTROLES_CUSTOM_CSS_INCLUDES: /static/local/css/font-awesome.min.css,/static/local/css/bootstrap.min.css - CUSTOM_STATIC_DIR: /usr/src/app/static-local + CUSTOM_STATIC_DIR: /usr/src/app/local-static ENABLE_LDAP: ${SODAR_LDAP_ENABLED} AUTH_LDAP_SERVER_URI: ${SODAR_LDAP_SERVER_URI} AUTH_LDAP_BIND_PASSWORD: ${SODAR_LDAP_BIND_PASSWORD} @@ -125,7 +126,7 @@ services: restart: unless-stopped sodar-taskflow: - image: bihealth/sodar-taskflow:${SODAR_TASKFLOW_VERSION} + image: ghcr.io/bihealth/sodar-taskflow:${SODAR_TASKFLOW_VERSION} environment: SODAR_TASKFLOW_SETTINGS: /usr/src/app/config/production.py TASKFLOW_IRODS_HOST: irods @@ -144,7 +145,7 @@ services: - redis postgres: - image: postgres:12 + image: postgres:11 environment: POSTGRES_USER: ${POSTGRES_USERNAME} POSTGRES_USER: ${POSTGRES_USERNAME} @@ -171,19 +172,19 @@ services: # BEGIN: auth-sssd # # Uncomment and run container if you want SSSD configuration. - sssd: - image: ghcr.io/bihealth/sssd-docker:${SSSD_VERSION} - restart: unless-stopped - networks: - - sodar - volumes: - - type: bind # SSSD config, copied to /etc/sssd - source: ./config/sssd/sssd.conf - target: /etc/sssd.in/sssd.conf - read_only: true - - type: volume - source: sssd-sockets - target: /var/lib/sss + # sssd: + # image: ghcr.io/bihealth/sssd-docker:${SSSD_VERSION} + # restart: unless-stopped + # networks: + # - sodar + # volumes: + # - type: bind # SSSD config, copied to /etc/sssd + # source: ./config/sssd/sssd.conf + # target: /etc/sssd.in/sssd.conf + # read_only: true + # - type: volume + # source: sssd-sockets + # target: /var/lib/sss # END: auth-sssd irods: diff --git a/env.example b/env.example index a6f9841..a2ebd28 100644 --- a/env.example +++ b/env.example @@ -1,37 +1,41 @@ -SODAR_SERVER_VERSION=docker-build-0 -SODAR_TASKFLOW_VERSION=docker-build-0 +SODAR_SERVER_VERSION=dev-0 +SODAR_TASKFLOW_VERSION=0.5.0-0 SSSD_VERSION=1.16.5-10 IRODS_VERSION=latest -# The admin credentials to use. Is setup when container is first taken up. +# The admin credentials to use. Is setup when container is first taken up # CHANGE FOR PRODUCTION: IRODS_ADMIN_PASSWORD IRODS_ADMIN_USERNAME=rods IRODS_ADMIN_PASSWORD=rods -# The zone name. +# The zone name IRODS_ZONE_NAME=demoZone -# Secret keys used by iRODS. CHANGE FOR PRODUCTION. +# Secret keys used by iRODS. CHANGE FOR PRODUCTION IRODS_ZONE_KEY=TEMPORARY_zone_key IRODS_NEGOTIATION_KEY=TEMPORARY_32byte_negotiation_key IRODS_CONTROLPLANE_KEY=TEMPORARY__32byte_ctrl_plane_key -# Secret key used for HTTP sessions. CHANGE FOR PRODUCTION. +# Secret key used for HTTP sessions. CHANGE FOR PRODUCTION SODAR_DJANGO_SECRET_KEY=CHANGEMEchangemeCHANGEMEchangemeCHANGEMEchangemeCH -# Configure admin owner for folders. User must exist. +# Configure admin owner for folders. User must exist SODAR_ADMIN_OWNER=root -# Configure default admin. User must exist. +# Configure default admin. User must exist SODAR_ADMIN_DEFAULT_ADMIN=${SODAR_ADMIN_OWNER} -# Shared secret with SODAR Taskflow. +# Shared secret with SODAR Taskflow SODAR_TASKFLOW_SECRET=not-so-important-with-docker -# Whether local (non-LDAP) users are allowed. +# Whether local (non-LDAP) users are allowed SODAR_ALLOW_LOCAL_USERS=1 -# Configure default base URL for SODAR API. +# Allow anonymous users to view the site +# NOTE: Also grants anonymous users access to "public" projects! +SODAR_ALLOW_ANONYMOUS=0 + +# Configure default base URL for SODAR API SODAR_API_DEFAULT_HOST=https://changeme.example.com -# Configure UI-related settings. +# Configure UI-related settings SODAR_EMAIL_SUBJECT_PREFIX=ACME SODAR SODAR_SITE_INSTANCE_TITLE=ACME SODAR SODAR_SITE_SUBTITLE=Beta @@ -46,7 +50,7 @@ SODAR_EMAIL_SUBJECT_PREFIX=[SODAR] SODAR_EMAIL_URL=smtp://mail.example.com # -# Configure primary LDAP connection (optional). +# Configure primary LDAP connection (optional) # SODAR_LDAP_ENABLED=0 @@ -58,7 +62,7 @@ SODAR_LDAP_USERNAME_DOMAIN= SODAR_LDAP_DOMAIN_PRINTABLE= # -# Configure secondary LDAP connection (optional; primary required to work). +# Configure secondary LDAP connection (optional; primary required to work) # SODAR_LDAP2_ENABLED=1 @@ -70,7 +74,7 @@ SODAR_LDAP2_USERNAME_DOMAIN="MDC-BERLIN" SODAR_LDAP2_DOMAIN_PRINTABLE="MDC" # -# Enable and configure WebDAV support (optional). +# Enable and configure WebDAV support (optional) # SODAR_IRODS_WEBDAV_ENABLED=0 @@ -79,7 +83,7 @@ SODAR_IRODS_WEBDAV_URL= # # Postgres credentials. # -# Can remain as they are for docker based deployments. +# Can remain as they are for docker based deployments # POSTGRES_HOST=postgres POSTGRES_PORT=5432 diff --git a/init.sh b/init.sh old mode 100644 new mode 100755