push penpot

2023-04-12 21:38:56 +02:00 · 2023-04-12 21:38:56 +02:00 · a482ce6bc6
commit a482ce6bc6
3 changed files with 141 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,3 @@
+# PENPOT
+
+## TO DO
--- a/config.env
+++ b/config.env
@ -0,0 +1,89 @@
+# Should be set to the public domain where penpot is going to be served.
+PENPOT_PUBLIC_URI=https://penpot.domaine.fr
+
+# Temporal workaround because of bad builtin default
+PENPOT_HTTP_SERVER_HOST=0.0.0.0
+
+# Standard database connection parameters (only postgresql is supported):
+PENPOT_DATABASE_URI=postgresql://penpot-postgres/penpot
+PENPOT_DATABASE_USERNAME=penpot
+PENPOT_DATABASE_PASSWORD=penpotdbpassword
+
+# Redis is used for the websockets notifications.
+PENPOT_REDIS_URI=redis://penpot-redis/0
+
+# By default, files uploaded by users are stored in local filesystem. But it
+# can be configured to store in AWS S3 or completely in de the database.
+# Storing in the database makes the backups more easy but will make access to
+# media less performant.
+ASSETS_STORAGE_BACKEND=assets-fs
+PENPOT_STORAGE_ASSETS_FS_DIRECTORY=/opt/data/assets
+
+# Telemetry. When enabled, a periodical process will send anonymous data about
+# this instance. Telemetry data will enable us to learn on how the application
+# is used, based on real scenarios. If you want to help us, please leave it
+# enabled.
+PENPOT_TELEMETRY_ENABLED=true
+
+# Email sending configuration. By default, emails are printed in the console,
+# but for production usage is recommended to setup a real SMTP provider. Emails
+# are used to confirm user registrations.
+PENPOT_SMTP_ENABLED=true
+PENPOT_SMTP_DEFAULT_FROM=contact@mail.com
+PENPOT_SMTP_DEFAULT_REPLY_TO=contact@mail.com
+PENPOT_SMTP_HOST=mail.provider.net
+PENPOT_SMTP_PORT=587
+PENPOT_SMTP_USERNAME=contact@mail.com
+PENPOT_SMTP_PASSWORD=Pa55w0rd
+PENPOT_SMTP_TLS=true
+# PENPOT_SMTP_SSL=false
+
+# Feature flags. Right now they are only affect frontend, but in
+# future release they will affect to both backend and frontend.
+#PENPOT_FLAGS="$PENPOT_FLAGS disable-demo-users disable-login"
+#PENPOT_FLAGS="$PENPOT_FLAGS disable-registration enable-login-with-oidc"
+PENPOT_FLAGS=disable-registration disable-demo-users enable-login-with-oidc
+#PENPOT_REGISTRATION_ENABLED=true
+
+
+# Comma separated list of allowed domains to register. Empty to allow all.
+PENPOT_REGISTRATION_DOMAIN_WHITELIST=*.domaine.fr
+
+## Authentication providers
+# Google
+# PENPOT_GOOGLE_CLIENT_ID=
+# PENPOT_GOOGLE_CLIENT_SECRET=
+
+# GitHub
+# PENPOT_GITHUB_CLIENT_ID=
+# PENPOT_GITHUB_CLIENT_SECRET=
+
+# GitLab
+# PENPOT_GITLAB_BASE_URI=https://gitlab.com
+# PENPOT_GITLAB_CLIENT_ID=
+# PENPOT_GITLAB_CLIENT_SECRET=
+
+# OpenID Connect (since 1.5.0)
+PENPOT_OIDC_BASE_URI=https://keycloak.domaine.fr/auth/realms/exemple/
+PENPOT_OIDC_CLIENT_ID=penpot
+PENPOT_OIDC_CLIENT_SECRET=<from-keycloak>
+PENPOT_OIDC_NAME_ATTR=username
+PENPOT_OIDC_EMAIL_ATTR=email
+
+PENPOT_OIDC_AUTH_URI:http://keycloak.domaine.fr/login/oauth/authorize
+PENPOT_OIDC_TOKEN_URI:"http://keycloak.domaine.fr/login/oauth/access_token
+PENPOT_OIDC_USER_URI:"http://keycloak.domaine.fr/login/oauth/userinfo
+
+# LDAP
+# PENPOT_LDAP_HOST=ldap
+# PENPOT_LDAP_PORT=10389
+# PENPOT_LDAP_SSL=false
+# PENPOT_LDAP_STARTTLS=false
+# PENPOT_LDAP_BASE_DN=ou=people,dc=planetexpress,dc=com
+# PENPOT_LDAP_BIND_DN=cn=admin,dc=planetexpress,dc=com
+# PENPOT_LDAP_BIND_PASSWORD=GoodNewsEveryone
+# PENPOT_LDAP_ATTRS_USERNAME=uid
+# PENPOT_LDAP_ATTRS_EMAIL=mail
+# PENPOT_LDAP_ATTRS_FULLNAME=cn
+# PENPOT_LDAP_ATTRS_PHOTO=jpegPhoto
+# PENPOT_LOGIN_WITH_LDAP=true
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,49 @@
+version: "3.5"
+
+services:
+  penpot-frontend:
+    image: "penpotapp/frontend:latest"
+    ports:
+      - 9801:80
+    volumes:
+      - /data/penpot/penpot_assets_data:/opt/data
+    env_file:
+      - config.env
+    depends_on:
+      - penpot-backend
+      - penpot-exporter
+    networks:
+      - penpot
+
+  penpot-backend:
+    image: "penpotapp/backend:latest"
+    volumes:
+      - /data/penpot/penpot_assets_data:/opt/data
+    depends_on:
+      - penpot-postgres
+      - penpot-redis
+    env_file:
+      - config.env
+    networks:
+      - penpot
+
+  penpot-exporter:
+    image: "penpotapp/exporter:latest"
+    env_file:
+      - config.env
+    environment:
+      # Don't touch it; this uses internal docker network to
+      # communicate with the frontend.
+      - PENPOT_PUBLIC_URI=http://penpot-frontend
+    networks:
+      - penpot
+
+  penpot-postgres:
+    image: "postgres:13"
+    restart: always
+    stop_signal: SIGINT
+    environment:
+      - POSTGRES_INITDB_ARGS=--data-checksums
+      - POSTGRES_DB=penpot
+      - POSTGRES_USER=penpot
+      - POSTGRES_PASSWORD=pa55w0rd