Update to Decidim 0.26.2

Use Debian 11 Ruby image as base instead of Alpine
This commit is contained in:
Disassembler 2022-09-10 15:18:20 +02:00
parent d80fad210b
commit 6631a0daab
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
31 changed files with 217 additions and 1146 deletions

View File

@ -9,12 +9,6 @@ Decidim is a participatory democracy platform for cities and organizations. Deci
Upstream URL: https://github.com/decidim/decidim Upstream URL: https://github.com/decidim/decidim
Passenger nginx plugin
----------------------
The passenger plugin work as application proxy between HTTP server and Ruby on Rails applications. Nginix doesn't have modules API like Apache does, so all nginx module must be present at compile time and only then they can be loaded and unloaded at runtime. Passenger plugin is not present in the standard Alpine nginx packages, therefore for passenger to work, a custom version of nginx including the passenger plugin needs to be compiled, hence the full compilation in ``Dockerfile``. Passenger sources contain ``passenger-install-nginx-module`` script which eases and semi-automates the compilation.
Custom fonts Custom fonts
------------ ------------
@ -36,7 +30,7 @@ Decidim allows to create managed sites using the superadmin interface on ``https
Rails environment Rails environment
----------------- -----------------
Rails ``RAIL_ENV`` environment variable is set to ``production`` by default. This requires connection via HTTPS as there are redirects hardcoded in the Decidim application or its dependencies with enforce this behavior whenewer the ``RAILS_ENV`` is ``production``. The varaible can be changed to ``development`` in the docker-compose ``.env`` file, however the full development environment experience is not ensured by the current setup and some additional manual steps may be needed in order to use full potential of the development the environment. Rails ``RAILS_ENV`` environment variable is set to ``production`` by default. This requires connection via HTTPS as there are redirects hardcoded in the Decidim application or its dependencies with enforce this behavior whenewer the ``RAILS_ENV`` is ``production``. The varaible can be changed to ``development`` in the docker-compose ``.env`` file, however the full development environment experience is not ensured by the current setup and some additional manual steps may be needed in order to use full potential of the development the environment.
The application offers a console accessible via The application offers a console accessible via
@ -54,3 +48,35 @@ The console loads the application environment and allows to work with Decidim vi
password: ENV["DECIDIM_ADMIN_PASSWORD"], password: ENV["DECIDIM_ADMIN_PASSWORD"],
password_confirmation: ENV["DECIDIM_ADMIN_PASSWORD"] password_confirmation: ENV["DECIDIM_ADMIN_PASSWORD"]
) )
Development without docker-compose
----------------------------------
.. code-block:: bash
rm -rf ~/postgres_data
mkdir ~/postgres_data
podman run -it --rm \
--env "POSTGRES_USER=decidim" \
--env "POSTGRES_PASSWORD=decidim" \
--env "POSTGRES_DB=decidim" \
--volume ~/postgres_data:/var/lib/postgresql/data \
--ip 10.88.0.2 \
docker.io/postgres:14-alpine
.. code-block:: bash
podman build -t decidim:latest .
rm -rf ~/decidim_{migrate,storage,uploads}
mkdir ~/decidim_{migrate,storage,uploads}
podman run -it --rm \
--env-file .env \
--env "DATABASE_URL=postgres://decidim:decidim@decidim-postgres/decidim" \
--volume ~/decidim_migrate:/srv/decidim-app/db/migrate \
--volume ~/decidim_storage:/srv/decidim-app/storage \
--volume ~/decidim_uploads:/srv/decidim-app/public/uploads \
--add-host decidim-postgres:10.88.0.2 \
--ip 10.88.0.3 \
decidim:latest

View File

@ -1,81 +1,77 @@
FROM ruby:2.7-alpine3.13 FROM docker.io/ruby:2.7-slim-bullseye
RUN \ # Losely based on
# Install runtime dependencies # https://raw.githubusercontent.com/Platoniq/decidim-install/master/script/install-decidim.sh
apk --no-cache add curl libbz2 libgcc libstdc++ libxml2 libxslt ncurses-libs openssl pcre readline s6 xz-libs && \
# Update system Ruby gems
echo -e 'install: --no-document\nupdate: --no-document' >/usr/local/etc/gemrc && \
gem update --system
# Nginx + passenger ARG DECIDIM_VERSION=0.26.2
RUN \ ARG BUNDLER_VERSION=2.3.5
# Install build dependencies ARG RAILS_VERSION=6.0.4
apk --no-cache add --virtual .deps build-base curl-dev openssl-dev linux-headers pcre-dev && \
# Install passenger
gem install passenger && \
ln -s /usr/local/bundle/gems/passenger-* /usr/local/lib/passenger && \
# Create OS user
addgroup -S -g 8080 decidim && \
adduser -S -u 8080 -h /srv/decidim-app -s /sbin/nologin -G decidim -g decidim decidim && \
# Compile nginx
# Minimized version of /usr/local/bin/passenger-install-nginx-module
NGINX_VERSION=$(grep ' PREFERRED_NGINX_VERSION' /usr/local/lib/passenger/src/ruby_supportlib/phusion_passenger.rb | grep -Eo '([0-9\.]+)') && \
cd /tmp && \
wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz && \
tar xf nginx-*.tar.gz && \
cd nginx-* && \
./configure \
--prefix=/var/lib/nginx \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--pid-path=/run/nginx.pid \
--lock-path=/run/nginx.lock \
--user=decidim \
--group=decidim \
--with-threads \
--with-file-aio \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_realip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-http_addition_module \
--without-http_fastcgi_module \
--without-http_memcached_module \
--without-http_scgi_module \
--without-http_uwsgi_module \
--with-cc-opt=-Wno-error \
--add-module=/usr/local/lib/passenger/src/nginx_module && \
make -j $(getconf _NPROCESSORS_ONLN) && \
make install && \
rm -f /etc/nginx/*.default && \
# Cleanup
apk --no-cache del .deps && \
rm -rf /tmp/*
# Decidim ENV DEBIAN_FRONTEND noninteractive
ENV RAILS_ENV production ENV RAILS_ENV production
RUN \ RUN \
# Install runtime dependencies # Setup OS environment
apk --no-cache add imagemagick libpq nodejs procps tzdata && \ addgroup --system --gid 8080 decidim && \
# Install build dependencies adduser --system --uid 8080 --gid 8080 --home /srv/decidim-app --no-create-home --shell /sbin/nologin decidim && \
apk --no-cache add --virtual .deps build-base git libxml2-dev libxslt-dev postgresql-dev zlib-dev && \ ln -sf /usr/share/zoneinfo/Europe/Prague /etc/localtime && \
# Install Decidim dpkg-reconfigure tzdata && \
bundle config build.nokogiri --use-system-libraries && \ apt-get -y update && \
gem install decidim -v 0.23.6 && \ apt-get -y install --no-install-recommends ca-certificates curl dirmngr gnupg
cd /srv && \
decidim decidim-app
COPY image.d /
RUN \ RUN \
# Install runtime gems and plugins # Add yarn repo
curl -sSL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor >/usr/share/keyrings/yarn.gpg && \
echo "deb [signed-by=/usr/share/keyrings/yarn.gpg] https://dl.yarnpkg.com/debian/ stable main" >/etc/apt/sources.list.d/yarn.list && \
# Add NodeJS repo
curl -sSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | gpg --dearmor >/usr/share/keyrings/nodesource.gpg && \
echo "deb [signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_16.x bullseye main" >/etc/apt/sources.list.d/nodesource.list && \
# Add passenger repo
install -m 700 -d /root/.gnupg && \
while ! gpg --no-default-keyring --keyring /tmp/passenger.kbx --keyserver keyserver.ubuntu.com --recv-keys 561F9B9CAC40B2F7; do sleep 0.2; done && \
gpg --no-default-keyring --keyring /tmp/passenger.kbx -o /usr/share/keyrings/passenger.gpg --export 561F9B9CAC40B2F7 && \
rm -rf /tmp/passenger.kbx /root/.gnupg && \
echo "deb [signed-by=/usr/share/keyrings/passenger.gpg] https://oss-binaries.phusionpassenger.com/apt/passenger bullseye main" >/etc/apt/sources.list.d/passenger.list && \
# Install runtime dependencies
apt-get -y update && \
apt-get -y install --no-install-recommends cron execline nginx imagemagick libnginx-mod-http-passenger libpq5 nodejs s6 yarn
RUN \
# Install build dependencies
apt-get -y install --no-install-recommends autoconf bison build-essential git libgdbm-dev libicu-dev libncurses5-dev libpq-dev libreadline6-dev && \
# Install gems
gem install bundler --version ${BUNDLER_VERSION} && \
gem install rails --version ${RAILS_VERSION} && \
gem install decidim --version ${DECIDIM_VERSION} && \
# Install Decidim
decidim /srv/decidim-app && \
cd /srv/decidim-app && \ cd /srv/decidim-app && \
bundle add decidim-conferences --version ${DECIDIM_VERSION} --skip-install && \
bundle add decidim-consultations --version ${DECIDIM_VERSION} --skip-install && \
bundle add decidim-initiatives --version ${DECIDIM_VERSION} --skip-install && \
bundle add decidim-templates --version ${DECIDIM_VERSION} --skip-install && \
bundle add figaro --skip-install && \
bundle add passenger --group production --skip-install && \
bundle add delayed_job_active_record --group production --skip-install && \
bundle add daemons --group production --skip-install && \
bundle add twilio-ruby --group production --skip-install && \
# Install Decidim modules
bundle add omniauth-decidim --github "decidim/omniauth-decidim" --skip-install && \
bundle add decidim-calendar --github "luizsanches/decidim-module-calendar" --skip-install && \
bundle add decidim-challenges --github "gencat/decidim-module-challenges" --branch "upgrade/0.26-stable" --skip-install && \
bundle add decidim-decidim_awesome --github "Platoniq/decidim-module-decidim_awesome" --skip-install && \
bundle add decidim-direct_verifications --github "Platoniq/decidim-verifications-direct_verifications" --skip-install && \
bundle add decidim-navigation_maps --github "Platoniq/decidim-module-navigation_maps" --skip-install && \
bundle add decidim-term_customizer --github "mainio/decidim-module-term_customizer" --skip-install && \
bundle install && \ bundle install && \
# Setup delayed job for mail sending # Setup delayed job for mail sending
bin/rails generate delayed_job:active_record && \ bin/rails generate delayed_job:active_record && \
# Precompile static assets # Precompile static assets
curl -sSL https://repo.spotter.cz/Source_Sans_Pro.tar.gz | tar xzf - -C /usr/local/bundle/gems/decidim-core-${DECIDIM_VERSION}/app/packs/fonts/decidim/ && \
npm install && \
npm install --install-links /usr/local/bundle/bundler/gems/decidim-module-decidim_awesome-* && \
npm install --install-links /usr/local/bundle/bundler/gems/decidim-module-calendar-* && \
npm install --install-links /usr/local/bundle/bundler/gems/decidim-module-navigation_maps-* && \
bin/rails assets:precompile && \ bin/rails assets:precompile && \
# Remove database migrations (will be recreated in entrypoint.sh) and temp cache # Remove database migrations (will be recreated in entrypoint.sh) and temp cache
rm /srv/decidim-app/db/migrate/* && \ rm /srv/decidim-app/db/migrate/* && \
@ -86,9 +82,16 @@ RUN \
# Change ownership # Change ownership
chown -R decidim:decidim /srv/decidim-app && \ chown -R decidim:decidim /srv/decidim-app && \
# Cleanup # Cleanup
apk --no-cache del .deps && \ apt-get -y purge --autoremove dirmngr gnupg autoconf bison build-essential git libgdbm-dev libicu-dev libncurses5-dev libpq-dev libreadline6-dev && \
rm -rf /root/.bundle /root/.gem apt-get -y clean && \
rm -rf /srv/decidim/node_modules && \
rm -rf /root/.bundle && \
rm -rf /root/.gem && \
rm -rf /root/.npm
COPY --chown=decidim:decidim image.d/srv/decidim-app/ /srv/decidim-app/
COPY image.d/etc/ /etc/
COPY image.d/entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
EXPOSE 8080 EXPOSE 8080
VOLUME ["/srv/decidim-app/db/migrate", "/srv/decidim-app/storage", "/srv/decidim-app/public/uploads"]

View File

@ -8,34 +8,35 @@ fi
echo "Starting Decidim..." echo "Starting Decidim..."
# Set passenger environment # Set passenger environment
export RAILS_ENV=${RAILS_ENV:-production} if [ -n "${RAILS_ENV}" ]; then
echo "passenger_app_env ${RAILS_ENV};" >/etc/nginx/rails_env.conf echo "passenger_app_env ${RAILS_ENV};" >/etc/nginx/rails_env.conf
fi
# Fix volume permissions
chown decidim:decidim \
/srv/decidim-app/db/migrate \
/srv/decidim-app/storage \
/srv/decidim-app/public/uploads
# Upgrade database # Upgrade database
cd /srv/decidim-app cd /srv/decidim-app
s6-setuidgid decidim sh -c ' HOME=/srv/decidim-app s6-setuidgid decidim sh -c '
bin/rails decidim:upgrade bin/rails decidim:upgrade
bin/rails generate delayed_job:active_record >/dev/null 2>&1 bin/rails generate delayed_job:active_record
bin/rails decidim_conferences:install:migrations bin/rails decidim_conferences:install:migrations
bin/rails decidim_consultations:install:migrations bin/rails decidim_consultations:install:migrations
bin/rails decidim_initiatives:install:migrations bin/rails decidim_initiatives:install:migrations
# bin/rails decidim_templates:install:migrations bin/rails decidim_templates:install:migrations
bin/rails decidim_calendar:install:migrations bin/rails decidim_event_calendar:install:migrations
bin/rails decidim_comparative_stats:install:migrations bin/rails decidim_challenges:install:migrations
bin/rails decidim_decidim_awesome:install:migrations bin/rails decidim_decidim_awesome:install:migrations
# bin/rails decidim_favorites:install:migrations
# bin/rails decidim_feedback:install:migrations
# bin/rails decidim_ideas:install:migrations
# bin/rails decidim_ldap:install:migrations
bin/rails decidim_navbar_links:install:migrations
bin/rails decidim_navigation_maps:install:migrations bin/rails decidim_navigation_maps:install:migrations
bin/rails decidim_time_tracker:install:migrations bin/rails decidim_term_customizer:install:migrations
bin/rails redirector_engine:install:migrations
bin/rails decidim_url_aliases:install:migrations
bin/rails db:migrate bin/rails db:migrate
' '
# Create or update superadmin account # Create or update superadmin account
if [ -n "${DECIDIM_ADMIN_USER}" -a -n "${DECIDIM_ADMIN_PASSWORD}" ]; then
cat <<EOF | bin/rails console cat <<EOF | bin/rails console
Decidim::System::Admin.find_or_initialize_by(id: 1).update!( Decidim::System::Admin.find_or_initialize_by(id: 1).update!(
email: ENV["DECIDIM_ADMIN_USER"], email: ENV["DECIDIM_ADMIN_USER"],
@ -43,8 +44,9 @@ Decidim::System::Admin.find_or_initialize_by(id: 1).update!(
password_confirmation: ENV["DECIDIM_ADMIN_PASSWORD"] password_confirmation: ENV["DECIDIM_ADMIN_PASSWORD"]
) )
EOF EOF
fi
unset DECIDIM_ADMIN_USER unset DECIDIM_ADMIN_USER
unset DECIDIM_ADMIN_PASSWORD unset DECIDIM_ADMIN_PASSWORD
# Exec into s6 supervisor # Exec into s6 supervisor
exec /bin/s6-svscan /etc/services.d exec /usr/bin/s6-svscan /etc/services.d

View File

@ -0,0 +1 @@
*/5 * * * * decidim [ -s /srv/decidim-app/tmp/pids/delayed_job.pid ] || /srv/decidim-app/bin/delayed_job start

View File

@ -1 +0,0 @@
*/5 * * * * [ -s /srv/decidim-app/tmp/pids/delayed_job.pid ] || /srv/decidim-app/bin/delayed_job start

View File

@ -2,13 +2,14 @@ user decidim;
pid /run/nginx.pid; pid /run/nginx.pid;
worker_processes 1; worker_processes 1;
error_log /dev/stderr warn; error_log /dev/stderr warn;
load_module /usr/lib/nginx/modules/ngx_http_passenger_module.so;
events { events {
worker_connections 1024; worker_connections 1024;
} }
http { http {
include mime.types; include /etc/nginx/mime.types;
default_type application/octet-stream; default_type application/octet-stream;
access_log off; access_log off;
@ -18,8 +19,7 @@ http {
tcp_nodelay on; tcp_nodelay on;
send_timeout 300; send_timeout 300;
passenger_root /usr/local/lib/passenger; passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
passenger_ruby /usr/local/bin/ruby;
server { server {
listen 8080; listen 8080;
@ -32,6 +32,7 @@ http {
passenger_enabled on; passenger_enabled on;
passenger_set_header Host $passenger_host; passenger_set_header Host $passenger_host;
# rails_env.conf containing passenger_app_env is set by entrypoint.sh
include /etc/nginx/rails_env.conf; include /etc/nginx/rails_env.conf;
root /srv/decidim-app/public; root /srv/decidim-app/public;

View File

@ -0,0 +1 @@
passenger_app_env production;

View File

@ -1,4 +1,4 @@
#!/bin/execlineb -P #!/bin/execlineb -P
foreground { s6-svwait -d -t 3000 cron } /usr/lib/execline/bin/foreground { /usr/bin/s6-svwait -d -t 3000 cron }
foreground { s6-svwait -d -t 3000 nginx } /usr/lib/execline/bin/foreground { /usr/bin/s6-svwait -d -t 3000 nginx }

View File

@ -1,4 +1,4 @@
#!/bin/execlineb -P #!/usr/bin/execlineb -P
fdmove -c 2 1 /usr/lib/execline/bin/fdmove -c 2 1
crond -f -d 8 /usr/sbin/cron -f

View File

@ -1,3 +1,3 @@
#!/bin/execlineb -P #!/usr/bin/execlineb -P
nginx -g "daemon off;" /usr/sbin/nginx -g "daemon off;"

View File

@ -1,66 +0,0 @@
# frozen_string_literal: true
source "https://rubygems.org"
ruby RUBY_VERSION
gem "decidim", "0.23.6"
gem "decidim-conferences", "0.23.6"
gem "decidim-consultations", "0.23.6"
gem "decidim-initiatives", "0.23.6"
# gem "decidim-templates", "0.23.6"
gem "bootsnap", "~> 1.3"
gem "puma", ">= 4.3.5"
gem "uglifier", "~> 4.1"
gem "faker", "~> 1.9"
gem "wicked_pdf", "~> 1.4"
group :development, :test do
gem "byebug", "~> 11.0", platform: :mri
gem "decidim-dev", "0.23.6"
end
group :development do
gem "letter_opener_web", "~> 1.3"
gem "listen", "~> 3.1"
gem "spring", "~> 2.0"
gem "spring-watcher-listen", "~> 2.0"
gem "web-console", "~> 3.5"
end
group :production do
gem "passenger"
gem "delayed_job_active_record"
gem "daemons"
gem "twilio-ruby"
end
# Modules
gem "omniauth-decidim", github: "decidim/omniauth-decidim"
# gem "decidim-access_requests", github: "mainio/decidim-module-access_requests" # Supported until 0.22.0
# gem "decidim-action_delegator", github: "coopdevs/decidim-module-action_delegator" # Supported until 0.23.2
# gem "decidim-antivirus", github: "mainio/decidim-module-antivirus" # Supported until 0.22.0
# gem "decidim-budgets_enhanced", github: "OpenSourcePolitics/decidim-module-budgets_enhanced", branch: "0.22-dev" # Supported until 0.19.0, development branch exists up to 0.22.0
gem "decidim-calendar", github: "alabs/decidim-module-calendar"
gem "decidim-comparative_stats", github: "Platoniq/decidim-module-comparative_stats"
# gem "decidim-cookies", github: "OpenSourcePolitics/decidim-module_cookies" # Supported until 0.21.0
gem "decidim-decidim_awesome", github: "Platoniq/decidim-module-decidim_awesome"
# gem "decidim-department_admin", github: "gencat/decidim-department-admin" # Supported until 0.22.0
gem "decidim-direct_verifications", github: "Platoniq/decidim-verifications-direct_verifications"
# gem "decidim-favorites", github: "mainio/decidim-module-favorites" # Required by ideas, plans
# gem "decidim-feedback", github: "mainio/decidim-module-feedback" # Required by ideas
# gem "decidim-ideas", github: "mainio/decidim-module-ideas" # Supported until 0.23.0, has graphql dependency problems
# gem "decidim-ldap", github: "diputacioBCN/decidim-diba", glob: "decidim-ldap/decidim-ldap.gemspec", Supported until 0.18.0, installable until 0.23.1
gem "decidim-navbar_links", github: "OpenSourcePolitics/decidim-module-navbar_links", branch: "0.23-stable"
gem "decidim-navigation_maps", github: "Platoniq/decidim-module-navigation_maps", ref: "5199551350d05a24c439b4c6dc5946f12eafaa30"
# gem "decidim-plans", github: "mainio/decidim-module-plans" # Supported until 0.22.0
# gem "decidim-process_groups_content_block", github: "mainio/decidim-module-process_groups_content_block" # Supported until 0.22.0
# gem "decidim-term_customizer", github: "mainio/decidim-module-term_customizer" # Supported until 0.22.0
gem "decidim-time_tracker", github: "Platoniq/decidim-module-time_tracker", branch: "main"
# gem "decidim-unique_identity", github: "OpenSourcePolitics/decidim-module-unique-identity" # Supported until 0.18.0
gem "decidim-url_aliases", github: "OpenSourcePolitics/decidim-urlaliases"

View File

@ -22,14 +22,11 @@ Rails.application.configure do
# Apache or NGINX already handles this. # Apache or NGINX already handles this.
config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
# Compress JavaScripts and CSS. # Compress CSS using a preprocessor.
config.assets.js_compressor = Uglifier.new(:harmony => true) #
# config.assets.css_compressor = :sass
# Do not fallback to assets pipeline if a precompiled asset is missed. # Do not fallback to assets pipeline if a precompiled asset is missed.
config.assets.compile = false
# `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
# Enable serving of images, stylesheets, and JavaScripts from an asset server. # Enable serving of images, stylesheets, and JavaScripts from an asset server.
# config.action_controller.asset_host = 'http://assets.example.com' # config.action_controller.asset_host = 'http://assets.example.com'
@ -38,17 +35,17 @@ Rails.application.configure do
# config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
# Store uploaded files on the local file system (see config/storage.yml for options) # Store uploaded files on the local file system (see config/storage.yml for options).
config.active_storage.service = :local config.active_storage.service = :local
# Mount Action Cable outside main process or domain # Mount Action Cable outside main process or domain.
# config.action_cable.mount_path = nil # config.action_cable.mount_path = nil
# config.action_cable.url = 'wss://example.com/cable' # config.action_cable.url = 'wss://example.com/cable'
# config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true config.force_ssl = true
# Use the lowest log level to ensure availability of diagnostic information # Use the lowest log level to ensure availability of diagnostic information
# when problems arise. # when problems arise.
config.log_level = :info config.log_level = :info
@ -59,9 +56,9 @@ Rails.application.configure do
# Use a different cache store in production. # Use a different cache store in production.
# config.cache_store = :mem_cache_store # config.cache_store = :mem_cache_store
# Use a real queuing backend for Active Job (and separate queues per environment) # Use a real queuing backend for Active Job (and separate queues per environment).
# config.active_job.queue_adapter = :resque # config.active_job.queue_adapter = :resque
# config.active_job.queue_name_prefix = "decidim_#{Rails.env}" # config.active_job.queue_name_prefix = "decidim_app_production"
config.action_mailer.perform_caching = false config.action_mailer.perform_caching = false
@ -101,4 +98,25 @@ Rails.application.configure do
# Do not dump schema after migrations. # Do not dump schema after migrations.
config.active_record.dump_schema_after_migration = false config.active_record.dump_schema_after_migration = false
# Inserts middleware to perform automatic connection switching.
# The `database_selector` hash is used to pass options to the DatabaseSelector
# middleware. The `delay` is used to determine how long to wait after a write
# to send a subsequent read to the primary.
#
# The `database_resolver` class is used by the middleware to determine which
# database is appropriate to use based on the time delay.
#
# The `database_resolver_context` class is used by the middleware to set
# timestamps for the last write to the primary. The resolver uses the context
# class timestamps to determine how long to wait before reading from the
# replica.
#
# By default Rails will store a last write timestamp in the session. The
# DatabaseSelector middleware is designed as such you can define your own
# strategy for connection switching and pass that into the middleware through
# these configuration options.
# config.active_record.database_selector = { delay: 2.seconds }
# config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver
# config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session
end end

View File

@ -256,7 +256,7 @@ Decidim.configure do |config|
# Etherpad configuration # Etherpad configuration
# #
# Only needed if you want to have Etherpad integration with Decidim. See # Only needed if you want to have Etherpad integration with Decidim. See
# Decidim docs at docs/services/etherpad.md in order to set it up. # Decidim docs at https://docs.decidim.org/en/services/etherpad/ in order to set it up.
# #
# config.etherpad = { # config.etherpad = {
# server: Rails.application.secrets.etherpad[:server], # server: Rails.application.secrets.etherpad[:server],
@ -281,12 +281,19 @@ Decidim.configure do |config|
# Machine Translation Configuration # Machine Translation Configuration
# #
# See Decidim docs at https://docs.decidim.org/en/develop/machine_translations/
# for more information about how it works and how to set it up.
#
# Enable machine translations # Enable machine translations
config.enable_machine_translations = false config.enable_machine_translations = false
# #
# If you want to enable machine translation you can create your own service # If you want to enable machine translation you can create your own service
# to interact with third party service to translate the user content. # to interact with third party service to translate the user content.
# #
# If you still want to use "Decidim::Dev::DummyTranslator" as translator placeholder,
# add the follwing line at the beginning of this file:
# require "decidim/dev/dummy_translator"
#
# An example class would be something like: # An example class would be something like:
# #
# class MyTranslationService # class MyTranslationService
@ -312,3 +319,6 @@ end
Rails.application.config.i18n.available_locales = Decidim.available_locales Rails.application.config.i18n.available_locales = Decidim.available_locales
Rails.application.config.i18n.default_locale = Decidim.default_locale Rails.application.config.i18n.default_locale = Decidim.default_locale
# Inform Decidim about the assets folder
Decidim.register_assets_path File.expand_path("app/packs", Rails.application.root)

File diff suppressed because it is too large Load Diff

View File

@ -10,6 +10,16 @@
# Make sure the secrets in this file are kept private # Make sure the secrets in this file are kept private
# if you're sharing your code publicly. # if you're sharing your code publicly.
elections_default: &elections_default
bulletin_board_server: <%= ENV["ELECTIONS_BULLETIN_BOARD_SERVER"] || 'http://bulletin-board.lvh.me:8000/api' %>
bulletin_board_public_key: {"kty":"RSA","n":"zMXsZpYPKkDlSmezX898y7zNOaJ7ENIN4kj4UhQ95Vm4HlgTpIs2VMMsO0eqynMaOR_G1mXdqbpbaJtXijBe4V8323QwGm6WVAa71E7pDXa5g6-uo5f8GePitN0YER9y2yNQN4uTaNzJiWV2uLBUYfMdj3SIif31YwLULHAOj3B_oleFK8coE_Qr3NzATcYBmsqE8AR4NljxTO6KDmP1SLdf5GBOBhOAIFbnL_Kpj2xkm7MS3hjMVKpiRhqA1UgX5oKZ8ixBv46fNJF0pBsHi3fHNjK9oZzgdx_AI-YFpdE_40-8bh_g9sWzxacqOM2-MdQLHbvRPEVltO3E8tr6I5YWrylcP7l9VD8OJeqjq2qFYHnGYdmLoD2XuXmI9EuBvSb9H4-qcartxZSIQCimKib_fxZvgrG1FSRRhK6YpvIdGv4-G2zfCCRsC4XD80TYI2bf-oYCoy7eU3_eVHFMV2yg4p1Wnuw2Vgq0edPL_bKaV9JvGx7F-U5juxNN0WZR9LzbPl4ReejzN95lyHgbj0nTH_u3bSpZmgJrQF-PwdnPcG46deVjJgUeosrlC4lQxVrRz0GL58BuFunnz2uYDBDrcJCiG60EbdkAFHjOcXU4wrUWATin7je_aqdBXhSnkTafcJAMvL7Y2Ld7vDge8nLqjAVlAi5am3rN0kqKT6M","e":"AQAB","kid":"a8e86f02ca27e1861bfc49e2a9a4614ca9068f8efdb6d42d19d3aab0eb2a31be"}
authority_private_key: {"kty":"RSA","n":"pNgMt8lnPDD3TlWYGhRiV1oZkPQmnLdiUzwyb_-35qKD9k-HU86xo0uSgoOUWkBtnvFscq8zNDPAGAlZVokaN_z9ksZblSce0LEl8lJa3ICgghg7e8vg_7Lz5dyHSQ3PCLgenyFGcL401aglDde1Xo4ujdz33Lklc4U9zoyoLUI2_viYmNOU6n5Mn0sJd30FeICMrLD2gX46pGe3MGug6groT9EvpKcdOoJHKoO5yGSVaeY5-Bo3gngvlgjlS2mfwjCtF4NYwIQSd2al-p4BKnuYAVKRSgr8rYnnjhWfJ4GsCaqiyXNi5NPYRV6gl_cx_1jUcA1rRJqQR32I8c8QbAXm5qNO4URcdaKys9tNcVgXBL1FsSdbrLVVFWen1tfWNfHm-8BjiWCWD79-uk5gI0SjC9tWvTzVvswWXI5weNqqVXqpDydr46AsHE2sG40HRCR3UF3LupT-HwXTcYcOZr5dJClJIsU3Hrvy4wLssub69YSNR1Jxn-KX2vUc06xY8CNIuSMpfufEq5cZopL6O2l1pRsW1FQnF3s078_Y9MaQ1gPyBo0IipLBVUj5IjEIfPuiEk4jxkiUYDeqzf7bAvSFckp94yLkRWTs_pEZs7b_ogwRG6WMHjtcaNYe4CufhIm9ekkKDeAWOPRTHfKNmohRBh09XuvSjqrx5Z7rqb8","e":"AQAB","kid":"b8dba1459df956d60107690c34fa490db681eac4f73ffaf6e4055728c02ddc8e","d":"Uh3KIBe1VJez6pLbBUrYPlmE2N-3CGSWF46qNX62lq6ofB_b8xTJCuaPonJ3iYoE0aPEeVDrefq5m3-0wFXl-LQPgXlMj_1_7UgB9jeuSZ_N1WDK6P2EJPx5YS09O1gkpVxK7Mx_sZQe77wmUUH-eI7tg__qfUrB7E0Yn_cTpBATI2qlYaQsz6-A7e1MVvixq_ilmzVAZvuBrPp5mCZVb6FlXrV_PU9-UPIrD3O1La1lfO6SPBSbSGQkmGHwD2QbkHn9D_R_Vs-z_0TkM_dX71jIPQhrle3pN222KuJ8eQqwr9QP6biQMBuT5eKgr3MVtfUDRpp4sCEq9GIFwSd8LvbmGPrOoz8ueOEQ05nisIBQuOTYiWpYs2CEV062HR1bLFRLDUcSlflGNr0bgiXTUFx4wxRG06OaI-rQ6nG3M8TE0I0phMNCG3c7YyV28z_k2I65oQF9aKtiwFwc0YsUSGPTOFZGWHuCCPLm0lFeebpI_JIYqIv70NJxbSZEBY8DAIqZPqP6y_CRo2_C7piCgsjg9pnF8cp45vz4L6DWZ0Tumc_5aRuqIBkYXXwP9TjqhzxL-2SQHIqUAjj6Y6S35tZT6ekZSbnPIKX_e42y6bDT_Ztf01QfKiTkcx3_I8RwOuh6CzJzr72AykQpU3XKOKF1x1GBtYyrno4jG5LgaGE","p":"1UARZ-rRnpKG5NHKlXTys3irCy-d91edHL3fEIzDKvhMRQCIWh7dt8l0_sIpcBF-EbVilbFKj7yfgZBTr8EkAXHgweayK8rnlMqi2jte1_u-5DBtrGVVUTSQltSLDOZHK5QfUxVK6Bbk8K5ROLvef91oNgnSNWNOeoCZdlS55nMZcAgY_6mxSuuMq54Tgy8o4Ip890-ZEYY6OSFXhU-ieoGO4Jw--c6QzmCa3gGo2oVClidMNaM1jquK4Pj6xaoxR2NWeIX9Ix7k1P2B24pegyHXjSIpQ6JYdn352VViXi2tx7TTJh6ClNVjgoRmL4Gfy_IJNx0GhF5OB3yughUc7w","q":"xePJGBt466qM9F0BPxWFjyWbIs_GNXr-lBGASui0Z94cfgFbsZwqRsWQEf7jDVQsDNVnPSWZ_Wd6UqoQaIxc0tE8gaokPG6A4EUDyoLaZ231ZydDVoWof8FnPDaJwrcPwZ4R6ZLKGmkfytCZuU9I_9B4uuV0dyjEzKfS-Os3UcLumKPlgJ71OZAb49GTqUHuTePcSJjyYOYXx6eE7i_1m8TjU9Ut18BJNQhLqWmerA6X1ijbR2_syY6GXhGSfciSBH8xVkiUnqXb2jt1bE8nwWw-Sam5ikjzNbXqqs978IcCE5HTddQmy99bwuArA8PLqIFj3OOO1CSo8oyn2XDgMQ","dp":"Diky_rOZN-6DBq7nxQT_GOvqb9O5qbMnu8DgDzlJvJDAf9SJOXLTRmEaY9CA7_A5bvOcmFQtn13nObNb20_4FCB7zGSFcGMI_dh2-Ab5RV5yTrTok4onID1dXKbAlRq1ny825U2Eq-TZTyJEQoA3RkZtpSkBzInLrFbd2f3GWodKKSZggpnCLDd4H-1fXlbDYCXSJpoikAdZ1nFgXnnrUDdKRaAajnwpIYtIvXVewSQYR-BULzunUtIRZt8hx_6FRzhRha9gH_TtPTeYZ_vISuz0Y2rhUpx1Q2kaLlR9M8PUxm47l0xvX3LMKN6h6oWxFtn7wq0qwZ-Bjv24mOrOAQ","dq":"nXGD10hURrwk9W7hxP0sjB2Rdnr06iv3THs4JWFL16_h32bZO1BSWoho_chbgYlMmtFXGFFIWVLxAcAI2gWC_MA4cbmapvIMW2LNh1vgxJW5v95_NuGUlECeEEwcAu1-_b7z5XBCmAy3nLem9sbb_5wv0hMpPH0VRvbnZeBO3SBIkO0lddYCqU-8wN9HqkyoexQleSUnAm1O0iy4GIHT2aEmdNaRaKy2EhmNiTZdZeseZueOvyGPtTVONp2ofacMdcN0z39jr22qo9DWtdusd7nVPOpqkllEF6GrGUeHBnGD92n4YjDuxRnqefu8fXxUFrcLav0p8CNSv9ek291woQ","qi":"w6hfKEBLLHRWPkjajgxZyyetj-UFfVkILRT0plOllJ2JV8whcOXRXbiXH2r8zqMeyMFrrMwmuvv4TVQaruKB0ZQOG7Tz5Lw0RZEREOLnBwc3vSi_iLd-jBz01LdExTpqsAHMkaMQR9x62J8DE1ZNxVdn3ELYKik0f1L2r_WErzhvT1uq69HAybUp6WHcFYH0PSqHg4LOneXAdU1_g-ji2Zn9dlA_2oYGQ5S6JXPV7v2IVbEFpxyVD1lPbFT0iKhyZZevictjgD_JGHveIVqsq5w0Csyz08h0oEW9hYEq-4bquMxSf18gjldoS5uQPD7FUECgL8bxsCdc4hP6UEKYGw"}
authority_name: "Decidim Test Authority"
authority_api_key: "89Ht70GZNcicu8WEyagz_rRae6brbqZAGuBEICYBCii-PTV3MAstAtx1aRVe5H5YfODi-JgYPvyf9ZMH7tOeZ15e3mf9B2Ymgw7eknvBFMRP213YFGo1SPn_C4uLK90G"
scheme_name: "dummy"
quorum: 2
number_of_trustees: 3
default: &default default: &default
omniauth: omniauth:
facebook: facebook:
@ -32,11 +42,8 @@ default: &default
server: <%= ENV["ETHERPAD_SERVER"] %> server: <%= ENV["ETHERPAD_SERVER"] %>
api_key: <%= ENV["ETHERPAD_API_KEY"] %> api_key: <%= ENV["ETHERPAD_API_KEY"] %>
api_version: "1.2.1" api_version: "1.2.1"
bulletin_board: elections:
identification_private_key: | <<: *elections_default
server:
api_key:
twilio: twilio:
account_sid: <%= ENV["TWILIO_ACCOUNT_SID"] %> account_sid: <%= ENV["TWILIO_ACCOUNT_SID"] %>
auth_token: <%= ENV["TWILIO_AUTH_TOKEN"] %> auth_token: <%= ENV["TWILIO_AUTH_TOKEN"] %>
@ -44,7 +51,7 @@ default: &default
development: development:
<<: *default <<: *default
secret_key_base: 8c1ae960e908eeb50b0a0d95ad2318277a5a8ffb3202c242ab5e8642946c8c4cffba1a8afa54e9fbe4386ab2af880ad4fd2a467d3e2e37c9b279e2badb9bfbb9 secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
omniauth: omniauth:
developer: developer:
enabled: true enabled: true
@ -52,7 +59,7 @@ development:
test: test:
<<: *default <<: *default
secret_key_base: e6f5a697254308dcb178c4945e55e6846d4770ef2ec2d07b9926313aebc7928bcc2d7331c273a2f02b730943adb304d8dc9cd54ea55be90e31a07f2690f20636 secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
omniauth: omniauth:
facebook: facebook:
enabled: true enabled: true
@ -66,6 +73,10 @@ test:
enabled: true enabled: true
client_id: client_id:
client_secret: client_secret:
elections:
<<: *elections_default
bulletin_board_server: <%= ENV["ELECTIONS_BULLETIN_BOARD_SERVER"] || 'http://bulletin-board.lvh.me:5017/api' %>
# Do not keep production secrets in the repository, # Do not keep production secrets in the repository,
# instead read values from the environment. # instead read values from the environment.
@ -79,3 +90,12 @@ production:
smtp_port: "587" smtp_port: "587"
smtp_starttls_auto: true smtp_starttls_auto: true
smtp_authentication: "plain" smtp_authentication: "plain"
elections:
bulletin_board_server: <%= ENV["BULLETIN_BOARD_SERVER"] %>
bulletin_board_public_key: <%= ENV["BULLETIN_BOARD_PUBLIC_KEY"] %>
authority_api_key: <%= ENV["BULLETIN_BOARD_API_KEY"] %>
authority_name: <%= ENV["AUTHORITY_NAME"] %>
authority_private_key: <%= ENV["AUTHORITY_PRIVATE_KEY"] %>
scheme_name: <%= ENV["ELECTIONS_SCHEME_NAME"] %>
number_of_trustees: <%= ENV["ELECTIONS_NUMBER_OF_TRUSTEES"] %>
quorum: <%= ENV["ELECTIONS_QUORUM"] %>

View File

@ -4,7 +4,7 @@ services:
decidim: decidim:
build: decidim build: decidim
image: decidim:0.23.6-210515 image: decidim:0.26.2-220910
restart: unless-stopped restart: unless-stopped
depends_on: depends_on:
- decidim-postgres - decidim-postgres
@ -20,7 +20,7 @@ services:
- decidim_uploads:/srv/decidim-app/public/uploads - decidim_uploads:/srv/decidim-app/public/uploads
decidim-postgres: decidim-postgres:
image: postgres:12-alpine image: postgres:14-alpine
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_USER - POSTGRES_USER