Update to Decidim 0.26.2

Use Debian 11 Ruby image as base instead of Alpine
This commit is contained in:
Disassembler 2022-09-10 15:18:20 +02:00
parent d80fad210b
commit 6631a0daab
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
31 changed files with 217 additions and 1146 deletions

View File

@ -9,12 +9,6 @@ Decidim is a participatory democracy platform for cities and organizations. Deci
Upstream URL: https://github.com/decidim/decidim
Passenger nginx plugin
----------------------
The passenger plugin work as application proxy between HTTP server and Ruby on Rails applications. Nginix doesn't have modules API like Apache does, so all nginx module must be present at compile time and only then they can be loaded and unloaded at runtime. Passenger plugin is not present in the standard Alpine nginx packages, therefore for passenger to work, a custom version of nginx including the passenger plugin needs to be compiled, hence the full compilation in ``Dockerfile``. Passenger sources contain ``passenger-install-nginx-module`` script which eases and semi-automates the compilation.
Custom fonts
------------
@ -36,7 +30,7 @@ Decidim allows to create managed sites using the superadmin interface on ``https
Rails environment
-----------------
Rails ``RAIL_ENV`` environment variable is set to ``production`` by default. This requires connection via HTTPS as there are redirects hardcoded in the Decidim application or its dependencies with enforce this behavior whenewer the ``RAILS_ENV`` is ``production``. The varaible can be changed to ``development`` in the docker-compose ``.env`` file, however the full development environment experience is not ensured by the current setup and some additional manual steps may be needed in order to use full potential of the development the environment.
Rails ``RAILS_ENV`` environment variable is set to ``production`` by default. This requires connection via HTTPS as there are redirects hardcoded in the Decidim application or its dependencies with enforce this behavior whenewer the ``RAILS_ENV`` is ``production``. The varaible can be changed to ``development`` in the docker-compose ``.env`` file, however the full development environment experience is not ensured by the current setup and some additional manual steps may be needed in order to use full potential of the development the environment.
The application offers a console accessible via
@ -54,3 +48,35 @@ The console loads the application environment and allows to work with Decidim vi
password: ENV["DECIDIM_ADMIN_PASSWORD"],
password_confirmation: ENV["DECIDIM_ADMIN_PASSWORD"]
)
Development without docker-compose
----------------------------------
.. code-block:: bash
rm -rf ~/postgres_data
mkdir ~/postgres_data
podman run -it --rm \
--env "POSTGRES_USER=decidim" \
--env "POSTGRES_PASSWORD=decidim" \
--env "POSTGRES_DB=decidim" \
--volume ~/postgres_data:/var/lib/postgresql/data \
--ip 10.88.0.2 \
docker.io/postgres:14-alpine
.. code-block:: bash
podman build -t decidim:latest .
rm -rf ~/decidim_{migrate,storage,uploads}
mkdir ~/decidim_{migrate,storage,uploads}
podman run -it --rm \
--env-file .env \
--env "DATABASE_URL=postgres://decidim:decidim@decidim-postgres/decidim" \
--volume ~/decidim_migrate:/srv/decidim-app/db/migrate \
--volume ~/decidim_storage:/srv/decidim-app/storage \
--volume ~/decidim_uploads:/srv/decidim-app/public/uploads \
--add-host decidim-postgres:10.88.0.2 \
--ip 10.88.0.3 \
decidim:latest

View File

@ -1,81 +1,77 @@
FROM ruby:2.7-alpine3.13
FROM docker.io/ruby:2.7-slim-bullseye
RUN \
# Install runtime dependencies
apk --no-cache add curl libbz2 libgcc libstdc++ libxml2 libxslt ncurses-libs openssl pcre readline s6 xz-libs && \
# Update system Ruby gems
echo -e 'install: --no-document\nupdate: --no-document' >/usr/local/etc/gemrc && \
gem update --system
# Losely based on
# https://raw.githubusercontent.com/Platoniq/decidim-install/master/script/install-decidim.sh
# Nginx + passenger
RUN \
# Install build dependencies
apk --no-cache add --virtual .deps build-base curl-dev openssl-dev linux-headers pcre-dev && \
# Install passenger
gem install passenger && \
ln -s /usr/local/bundle/gems/passenger-* /usr/local/lib/passenger && \
# Create OS user
addgroup -S -g 8080 decidim && \
adduser -S -u 8080 -h /srv/decidim-app -s /sbin/nologin -G decidim -g decidim decidim && \
# Compile nginx
# Minimized version of /usr/local/bin/passenger-install-nginx-module
NGINX_VERSION=$(grep ' PREFERRED_NGINX_VERSION' /usr/local/lib/passenger/src/ruby_supportlib/phusion_passenger.rb | grep -Eo '([0-9\.]+)') && \
cd /tmp && \
wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz && \
tar xf nginx-*.tar.gz && \
cd nginx-* && \
./configure \
--prefix=/var/lib/nginx \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--pid-path=/run/nginx.pid \
--lock-path=/run/nginx.lock \
--user=decidim \
--group=decidim \
--with-threads \
--with-file-aio \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_realip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-http_addition_module \
--without-http_fastcgi_module \
--without-http_memcached_module \
--without-http_scgi_module \
--without-http_uwsgi_module \
--with-cc-opt=-Wno-error \
--add-module=/usr/local/lib/passenger/src/nginx_module && \
make -j $(getconf _NPROCESSORS_ONLN) && \
make install && \
rm -f /etc/nginx/*.default && \
# Cleanup
apk --no-cache del .deps && \
rm -rf /tmp/*
ARG DECIDIM_VERSION=0.26.2
ARG BUNDLER_VERSION=2.3.5
ARG RAILS_VERSION=6.0.4
# Decidim
ENV DEBIAN_FRONTEND noninteractive
ENV RAILS_ENV production
RUN \
# Install runtime dependencies
apk --no-cache add imagemagick libpq nodejs procps tzdata && \
# Install build dependencies
apk --no-cache add --virtual .deps build-base git libxml2-dev libxslt-dev postgresql-dev zlib-dev && \
# Install Decidim
bundle config build.nokogiri --use-system-libraries && \
gem install decidim -v 0.23.6 && \
cd /srv && \
decidim decidim-app
COPY image.d /
# Setup OS environment
addgroup --system --gid 8080 decidim && \
adduser --system --uid 8080 --gid 8080 --home /srv/decidim-app --no-create-home --shell /sbin/nologin decidim && \
ln -sf /usr/share/zoneinfo/Europe/Prague /etc/localtime && \
dpkg-reconfigure tzdata && \
apt-get -y update && \
apt-get -y install --no-install-recommends ca-certificates curl dirmngr gnupg
RUN \
# Install runtime gems and plugins
# Add yarn repo
curl -sSL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor >/usr/share/keyrings/yarn.gpg && \
echo "deb [signed-by=/usr/share/keyrings/yarn.gpg] https://dl.yarnpkg.com/debian/ stable main" >/etc/apt/sources.list.d/yarn.list && \
# Add NodeJS repo
curl -sSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | gpg --dearmor >/usr/share/keyrings/nodesource.gpg && \
echo "deb [signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_16.x bullseye main" >/etc/apt/sources.list.d/nodesource.list && \
# Add passenger repo
install -m 700 -d /root/.gnupg && \
while ! gpg --no-default-keyring --keyring /tmp/passenger.kbx --keyserver keyserver.ubuntu.com --recv-keys 561F9B9CAC40B2F7; do sleep 0.2; done && \
gpg --no-default-keyring --keyring /tmp/passenger.kbx -o /usr/share/keyrings/passenger.gpg --export 561F9B9CAC40B2F7 && \
rm -rf /tmp/passenger.kbx /root/.gnupg && \
echo "deb [signed-by=/usr/share/keyrings/passenger.gpg] https://oss-binaries.phusionpassenger.com/apt/passenger bullseye main" >/etc/apt/sources.list.d/passenger.list && \
# Install runtime dependencies
apt-get -y update && \
apt-get -y install --no-install-recommends cron execline nginx imagemagick libnginx-mod-http-passenger libpq5 nodejs s6 yarn
RUN \
# Install build dependencies
apt-get -y install --no-install-recommends autoconf bison build-essential git libgdbm-dev libicu-dev libncurses5-dev libpq-dev libreadline6-dev && \
# Install gems
gem install bundler --version ${BUNDLER_VERSION} && \
gem install rails --version ${RAILS_VERSION} && \
gem install decidim --version ${DECIDIM_VERSION} && \
# Install Decidim
decidim /srv/decidim-app && \
cd /srv/decidim-app && \
bundle add decidim-conferences --version ${DECIDIM_VERSION} --skip-install && \
bundle add decidim-consultations --version ${DECIDIM_VERSION} --skip-install && \
bundle add decidim-initiatives --version ${DECIDIM_VERSION} --skip-install && \
bundle add decidim-templates --version ${DECIDIM_VERSION} --skip-install && \
bundle add figaro --skip-install && \
bundle add passenger --group production --skip-install && \
bundle add delayed_job_active_record --group production --skip-install && \
bundle add daemons --group production --skip-install && \
bundle add twilio-ruby --group production --skip-install && \
# Install Decidim modules
bundle add omniauth-decidim --github "decidim/omniauth-decidim" --skip-install && \
bundle add decidim-calendar --github "luizsanches/decidim-module-calendar" --skip-install && \
bundle add decidim-challenges --github "gencat/decidim-module-challenges" --branch "upgrade/0.26-stable" --skip-install && \
bundle add decidim-decidim_awesome --github "Platoniq/decidim-module-decidim_awesome" --skip-install && \
bundle add decidim-direct_verifications --github "Platoniq/decidim-verifications-direct_verifications" --skip-install && \
bundle add decidim-navigation_maps --github "Platoniq/decidim-module-navigation_maps" --skip-install && \
bundle add decidim-term_customizer --github "mainio/decidim-module-term_customizer" --skip-install && \
bundle install && \
# Setup delayed job for mail sending
bin/rails generate delayed_job:active_record && \
# Precompile static assets
curl -sSL https://repo.spotter.cz/Source_Sans_Pro.tar.gz | tar xzf - -C /usr/local/bundle/gems/decidim-core-${DECIDIM_VERSION}/app/packs/fonts/decidim/ && \
npm install && \
npm install --install-links /usr/local/bundle/bundler/gems/decidim-module-decidim_awesome-* && \
npm install --install-links /usr/local/bundle/bundler/gems/decidim-module-calendar-* && \
npm install --install-links /usr/local/bundle/bundler/gems/decidim-module-navigation_maps-* && \
bin/rails assets:precompile && \
# Remove database migrations (will be recreated in entrypoint.sh) and temp cache
rm /srv/decidim-app/db/migrate/* && \
@ -86,9 +82,16 @@ RUN \
# Change ownership
chown -R decidim:decidim /srv/decidim-app && \
# Cleanup
apk --no-cache del .deps && \
rm -rf /root/.bundle /root/.gem
apt-get -y purge --autoremove dirmngr gnupg autoconf bison build-essential git libgdbm-dev libicu-dev libncurses5-dev libpq-dev libreadline6-dev && \
apt-get -y clean && \
rm -rf /srv/decidim/node_modules && \
rm -rf /root/.bundle && \
rm -rf /root/.gem && \
rm -rf /root/.npm
COPY --chown=decidim:decidim image.d/srv/decidim-app/ /srv/decidim-app/
COPY image.d/etc/ /etc/
COPY image.d/entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
EXPOSE 8080
VOLUME ["/srv/decidim-app/db/migrate", "/srv/decidim-app/storage", "/srv/decidim-app/public/uploads"]

View File

@ -8,34 +8,35 @@ fi
echo "Starting Decidim..."
# Set passenger environment
export RAILS_ENV=${RAILS_ENV:-production}
if [ -n "${RAILS_ENV}" ]; then
echo "passenger_app_env ${RAILS_ENV};" >/etc/nginx/rails_env.conf
fi
# Fix volume permissions
chown decidim:decidim \
/srv/decidim-app/db/migrate \
/srv/decidim-app/storage \
/srv/decidim-app/public/uploads
# Upgrade database
cd /srv/decidim-app
s6-setuidgid decidim sh -c '
HOME=/srv/decidim-app s6-setuidgid decidim sh -c '
bin/rails decidim:upgrade
bin/rails generate delayed_job:active_record >/dev/null 2>&1
bin/rails generate delayed_job:active_record
bin/rails decidim_conferences:install:migrations
bin/rails decidim_consultations:install:migrations
bin/rails decidim_initiatives:install:migrations
# bin/rails decidim_templates:install:migrations
bin/rails decidim_calendar:install:migrations
bin/rails decidim_comparative_stats:install:migrations
bin/rails decidim_templates:install:migrations
bin/rails decidim_event_calendar:install:migrations
bin/rails decidim_challenges:install:migrations
bin/rails decidim_decidim_awesome:install:migrations
# bin/rails decidim_favorites:install:migrations
# bin/rails decidim_feedback:install:migrations
# bin/rails decidim_ideas:install:migrations
# bin/rails decidim_ldap:install:migrations
bin/rails decidim_navbar_links:install:migrations
bin/rails decidim_navigation_maps:install:migrations
bin/rails decidim_time_tracker:install:migrations
bin/rails redirector_engine:install:migrations
bin/rails decidim_url_aliases:install:migrations
bin/rails decidim_term_customizer:install:migrations
bin/rails db:migrate
'
# Create or update superadmin account
if [ -n "${DECIDIM_ADMIN_USER}" -a -n "${DECIDIM_ADMIN_PASSWORD}" ]; then
cat <<EOF | bin/rails console
Decidim::System::Admin.find_or_initialize_by(id: 1).update!(
email: ENV["DECIDIM_ADMIN_USER"],
@ -43,8 +44,9 @@ Decidim::System::Admin.find_or_initialize_by(id: 1).update!(
password_confirmation: ENV["DECIDIM_ADMIN_PASSWORD"]
)
EOF
fi
unset DECIDIM_ADMIN_USER
unset DECIDIM_ADMIN_PASSWORD
# Exec into s6 supervisor
exec /bin/s6-svscan /etc/services.d
exec /usr/bin/s6-svscan /etc/services.d

View File

@ -0,0 +1 @@
*/5 * * * * decidim [ -s /srv/decidim-app/tmp/pids/delayed_job.pid ] || /srv/decidim-app/bin/delayed_job start

View File

@ -1 +0,0 @@
*/5 * * * * [ -s /srv/decidim-app/tmp/pids/delayed_job.pid ] || /srv/decidim-app/bin/delayed_job start

View File

@ -2,13 +2,14 @@ user decidim;
pid /run/nginx.pid;
worker_processes 1;
error_log /dev/stderr warn;
load_module /usr/lib/nginx/modules/ngx_http_passenger_module.so;
events {
worker_connections 1024;
}
http {
include mime.types;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log off;
@ -18,8 +19,7 @@ http {
tcp_nodelay on;
send_timeout 300;
passenger_root /usr/local/lib/passenger;
passenger_ruby /usr/local/bin/ruby;
passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
server {
listen 8080;
@ -32,6 +32,7 @@ http {
passenger_enabled on;
passenger_set_header Host $passenger_host;
# rails_env.conf containing passenger_app_env is set by entrypoint.sh
include /etc/nginx/rails_env.conf;
root /srv/decidim-app/public;

View File

@ -0,0 +1 @@
passenger_app_env production;

View File

@ -1,4 +1,4 @@
#!/bin/execlineb -P
foreground { s6-svwait -d -t 3000 cron }
foreground { s6-svwait -d -t 3000 nginx }
/usr/lib/execline/bin/foreground { /usr/bin/s6-svwait -d -t 3000 cron }
/usr/lib/execline/bin/foreground { /usr/bin/s6-svwait -d -t 3000 nginx }

View File

@ -1,4 +1,4 @@
#!/bin/execlineb -P
#!/usr/bin/execlineb -P
fdmove -c 2 1
crond -f -d 8
/usr/lib/execline/bin/fdmove -c 2 1
/usr/sbin/cron -f

View File

@ -1,3 +1,3 @@
#!/bin/execlineb -P
#!/usr/bin/execlineb -P
nginx -g "daemon off;"
/usr/sbin/nginx -g "daemon off;"

View File

@ -1,66 +0,0 @@
# frozen_string_literal: true
source "https://rubygems.org"
ruby RUBY_VERSION
gem "decidim", "0.23.6"
gem "decidim-conferences", "0.23.6"
gem "decidim-consultations", "0.23.6"
gem "decidim-initiatives", "0.23.6"
# gem "decidim-templates", "0.23.6"
gem "bootsnap", "~> 1.3"
gem "puma", ">= 4.3.5"
gem "uglifier", "~> 4.1"
gem "faker", "~> 1.9"
gem "wicked_pdf", "~> 1.4"
group :development, :test do
gem "byebug", "~> 11.0", platform: :mri
gem "decidim-dev", "0.23.6"
end
group :development do
gem "letter_opener_web", "~> 1.3"
gem "listen", "~> 3.1"
gem "spring", "~> 2.0"
gem "spring-watcher-listen", "~> 2.0"
gem "web-console", "~> 3.5"
end
group :production do
gem "passenger"
gem "delayed_job_active_record"
gem "daemons"
gem "twilio-ruby"
end
# Modules
gem "omniauth-decidim", github: "decidim/omniauth-decidim"
# gem "decidim-access_requests", github: "mainio/decidim-module-access_requests" # Supported until 0.22.0
# gem "decidim-action_delegator", github: "coopdevs/decidim-module-action_delegator" # Supported until 0.23.2
# gem "decidim-antivirus", github: "mainio/decidim-module-antivirus" # Supported until 0.22.0
# gem "decidim-budgets_enhanced", github: "OpenSourcePolitics/decidim-module-budgets_enhanced", branch: "0.22-dev" # Supported until 0.19.0, development branch exists up to 0.22.0
gem "decidim-calendar", github: "alabs/decidim-module-calendar"
gem "decidim-comparative_stats", github: "Platoniq/decidim-module-comparative_stats"
# gem "decidim-cookies", github: "OpenSourcePolitics/decidim-module_cookies" # Supported until 0.21.0
gem "decidim-decidim_awesome", github: "Platoniq/decidim-module-decidim_awesome"
# gem "decidim-department_admin", github: "gencat/decidim-department-admin" # Supported until 0.22.0
gem "decidim-direct_verifications", github: "Platoniq/decidim-verifications-direct_verifications"
# gem "decidim-favorites", github: "mainio/decidim-module-favorites" # Required by ideas, plans
# gem "decidim-feedback", github: "mainio/decidim-module-feedback" # Required by ideas
# gem "decidim-ideas", github: "mainio/decidim-module-ideas" # Supported until 0.23.0, has graphql dependency problems
# gem "decidim-ldap", github: "diputacioBCN/decidim-diba", glob: "decidim-ldap/decidim-ldap.gemspec", Supported until 0.18.0, installable until 0.23.1
gem "decidim-navbar_links", github: "OpenSourcePolitics/decidim-module-navbar_links", branch: "0.23-stable"
gem "decidim-navigation_maps", github: "Platoniq/decidim-module-navigation_maps", ref: "5199551350d05a24c439b4c6dc5946f12eafaa30"
# gem "decidim-plans", github: "mainio/decidim-module-plans" # Supported until 0.22.0
# gem "decidim-process_groups_content_block", github: "mainio/decidim-module-process_groups_content_block" # Supported until 0.22.0
# gem "decidim-term_customizer", github: "mainio/decidim-module-term_customizer" # Supported until 0.22.0
gem "decidim-time_tracker", github: "Platoniq/decidim-module-time_tracker", branch: "main"
# gem "decidim-unique_identity", github: "OpenSourcePolitics/decidim-module-unique-identity" # Supported until 0.18.0
gem "decidim-url_aliases", github: "OpenSourcePolitics/decidim-urlaliases"

View File

@ -22,14 +22,11 @@ Rails.application.configure do
# Apache or NGINX already handles this.
config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
# Compress JavaScripts and CSS.
config.assets.js_compressor = Uglifier.new(:harmony => true)
# config.assets.css_compressor = :sass
# Compress CSS using a preprocessor.
#
# Do not fallback to assets pipeline if a precompiled asset is missed.
config.assets.compile = false
# `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
# config.action_controller.asset_host = 'http://assets.example.com'
@ -38,10 +35,10 @@ Rails.application.configure do
# config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
# Store uploaded files on the local file system (see config/storage.yml for options)
# Store uploaded files on the local file system (see config/storage.yml for options).
config.active_storage.service = :local
# Mount Action Cable outside main process or domain
# Mount Action Cable outside main process or domain.
# config.action_cable.mount_path = nil
# config.action_cable.url = 'wss://example.com/cable'
# config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
@ -59,9 +56,9 @@ Rails.application.configure do
# Use a different cache store in production.
# config.cache_store = :mem_cache_store
# Use a real queuing backend for Active Job (and separate queues per environment)
# Use a real queuing backend for Active Job (and separate queues per environment).
# config.active_job.queue_adapter = :resque
# config.active_job.queue_name_prefix = "decidim_#{Rails.env}"
# config.active_job.queue_name_prefix = "decidim_app_production"
config.action_mailer.perform_caching = false
@ -101,4 +98,25 @@ Rails.application.configure do
# Do not dump schema after migrations.
config.active_record.dump_schema_after_migration = false
# Inserts middleware to perform automatic connection switching.
# The `database_selector` hash is used to pass options to the DatabaseSelector
# middleware. The `delay` is used to determine how long to wait after a write
# to send a subsequent read to the primary.
#
# The `database_resolver` class is used by the middleware to determine which
# database is appropriate to use based on the time delay.
#
# The `database_resolver_context` class is used by the middleware to set
# timestamps for the last write to the primary. The resolver uses the context
# class timestamps to determine how long to wait before reading from the
# replica.
#
# By default Rails will store a last write timestamp in the session. The
# DatabaseSelector middleware is designed as such you can define your own
# strategy for connection switching and pass that into the middleware through
# these configuration options.
# config.active_record.database_selector = { delay: 2.seconds }
# config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver
# config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session
end

View File

@ -256,7 +256,7 @@ Decidim.configure do |config|
# Etherpad configuration
#
# Only needed if you want to have Etherpad integration with Decidim. See
# Decidim docs at docs/services/etherpad.md in order to set it up.
# Decidim docs at https://docs.decidim.org/en/services/etherpad/ in order to set it up.
#
# config.etherpad = {
# server: Rails.application.secrets.etherpad[:server],
@ -281,12 +281,19 @@ Decidim.configure do |config|
# Machine Translation Configuration
#
# See Decidim docs at https://docs.decidim.org/en/develop/machine_translations/
# for more information about how it works and how to set it up.
#
# Enable machine translations
config.enable_machine_translations = false
#
# If you want to enable machine translation you can create your own service
# to interact with third party service to translate the user content.
#
# If you still want to use "Decidim::Dev::DummyTranslator" as translator placeholder,
# add the follwing line at the beginning of this file:
# require "decidim/dev/dummy_translator"
#
# An example class would be something like:
#
# class MyTranslationService
@ -312,3 +319,6 @@ end
Rails.application.config.i18n.available_locales = Decidim.available_locales
Rails.application.config.i18n.default_locale = Decidim.default_locale
# Inform Decidim about the assets folder
Decidim.register_assets_path File.expand_path("app/packs", Rails.application.root)

File diff suppressed because it is too large Load Diff

View File

@ -10,6 +10,16 @@
# Make sure the secrets in this file are kept private
# if you're sharing your code publicly.
elections_default: &elections_default
bulletin_board_server: <%= ENV["ELECTIONS_BULLETIN_BOARD_SERVER"] || 'http://bulletin-board.lvh.me:8000/api' %>
bulletin_board_public_key: {"kty":"RSA","n":"zMXsZpYPKkDlSmezX898y7zNOaJ7ENIN4kj4UhQ95Vm4HlgTpIs2VMMsO0eqynMaOR_G1mXdqbpbaJtXijBe4V8323QwGm6WVAa71E7pDXa5g6-uo5f8GePitN0YER9y2yNQN4uTaNzJiWV2uLBUYfMdj3SIif31YwLULHAOj3B_oleFK8coE_Qr3NzATcYBmsqE8AR4NljxTO6KDmP1SLdf5GBOBhOAIFbnL_Kpj2xkm7MS3hjMVKpiRhqA1UgX5oKZ8ixBv46fNJF0pBsHi3fHNjK9oZzgdx_AI-YFpdE_40-8bh_g9sWzxacqOM2-MdQLHbvRPEVltO3E8tr6I5YWrylcP7l9VD8OJeqjq2qFYHnGYdmLoD2XuXmI9EuBvSb9H4-qcartxZSIQCimKib_fxZvgrG1FSRRhK6YpvIdGv4-G2zfCCRsC4XD80TYI2bf-oYCoy7eU3_eVHFMV2yg4p1Wnuw2Vgq0edPL_bKaV9JvGx7F-U5juxNN0WZR9LzbPl4ReejzN95lyHgbj0nTH_u3bSpZmgJrQF-PwdnPcG46deVjJgUeosrlC4lQxVrRz0GL58BuFunnz2uYDBDrcJCiG60EbdkAFHjOcXU4wrUWATin7je_aqdBXhSnkTafcJAMvL7Y2Ld7vDge8nLqjAVlAi5am3rN0kqKT6M","e":"AQAB","kid":"a8e86f02ca27e1861bfc49e2a9a4614ca9068f8efdb6d42d19d3aab0eb2a31be"}
authority_private_key: {"kty":"RSA","n":"pNgMt8lnPDD3TlWYGhRiV1oZkPQmnLdiUzwyb_-35qKD9k-HU86xo0uSgoOUWkBtnvFscq8zNDPAGAlZVokaN_z9ksZblSce0LEl8lJa3ICgghg7e8vg_7Lz5dyHSQ3PCLgenyFGcL401aglDde1Xo4ujdz33Lklc4U9zoyoLUI2_viYmNOU6n5Mn0sJd30FeICMrLD2gX46pGe3MGug6groT9EvpKcdOoJHKoO5yGSVaeY5-Bo3gngvlgjlS2mfwjCtF4NYwIQSd2al-p4BKnuYAVKRSgr8rYnnjhWfJ4GsCaqiyXNi5NPYRV6gl_cx_1jUcA1rRJqQR32I8c8QbAXm5qNO4URcdaKys9tNcVgXBL1FsSdbrLVVFWen1tfWNfHm-8BjiWCWD79-uk5gI0SjC9tWvTzVvswWXI5weNqqVXqpDydr46AsHE2sG40HRCR3UF3LupT-HwXTcYcOZr5dJClJIsU3Hrvy4wLssub69YSNR1Jxn-KX2vUc06xY8CNIuSMpfufEq5cZopL6O2l1pRsW1FQnF3s078_Y9MaQ1gPyBo0IipLBVUj5IjEIfPuiEk4jxkiUYDeqzf7bAvSFckp94yLkRWTs_pEZs7b_ogwRG6WMHjtcaNYe4CufhIm9ekkKDeAWOPRTHfKNmohRBh09XuvSjqrx5Z7rqb8","e":"AQAB","kid":"b8dba1459df956d60107690c34fa490db681eac4f73ffaf6e4055728c02ddc8e","d":"Uh3KIBe1VJez6pLbBUrYPlmE2N-3CGSWF46qNX62lq6ofB_b8xTJCuaPonJ3iYoE0aPEeVDrefq5m3-0wFXl-LQPgXlMj_1_7UgB9jeuSZ_N1WDK6P2EJPx5YS09O1gkpVxK7Mx_sZQe77wmUUH-eI7tg__qfUrB7E0Yn_cTpBATI2qlYaQsz6-A7e1MVvixq_ilmzVAZvuBrPp5mCZVb6FlXrV_PU9-UPIrD3O1La1lfO6SPBSbSGQkmGHwD2QbkHn9D_R_Vs-z_0TkM_dX71jIPQhrle3pN222KuJ8eQqwr9QP6biQMBuT5eKgr3MVtfUDRpp4sCEq9GIFwSd8LvbmGPrOoz8ueOEQ05nisIBQuOTYiWpYs2CEV062HR1bLFRLDUcSlflGNr0bgiXTUFx4wxRG06OaI-rQ6nG3M8TE0I0phMNCG3c7YyV28z_k2I65oQF9aKtiwFwc0YsUSGPTOFZGWHuCCPLm0lFeebpI_JIYqIv70NJxbSZEBY8DAIqZPqP6y_CRo2_C7piCgsjg9pnF8cp45vz4L6DWZ0Tumc_5aRuqIBkYXXwP9TjqhzxL-2SQHIqUAjj6Y6S35tZT6ekZSbnPIKX_e42y6bDT_Ztf01QfKiTkcx3_I8RwOuh6CzJzr72AykQpU3XKOKF1x1GBtYyrno4jG5LgaGE","p":"1UARZ-rRnpKG5NHKlXTys3irCy-d91edHL3fEIzDKvhMRQCIWh7dt8l0_sIpcBF-EbVilbFKj7yfgZBTr8EkAXHgweayK8rnlMqi2jte1_u-5DBtrGVVUTSQltSLDOZHK5QfUxVK6Bbk8K5ROLvef91oNgnSNWNOeoCZdlS55nMZcAgY_6mxSuuMq54Tgy8o4Ip890-ZEYY6OSFXhU-ieoGO4Jw--c6QzmCa3gGo2oVClidMNaM1jquK4Pj6xaoxR2NWeIX9Ix7k1P2B24pegyHXjSIpQ6JYdn352VViXi2tx7TTJh6ClNVjgoRmL4Gfy_IJNx0GhF5OB3yughUc7w","q":"xePJGBt466qM9F0BPxWFjyWbIs_GNXr-lBGASui0Z94cfgFbsZwqRsWQEf7jDVQsDNVnPSWZ_Wd6UqoQaIxc0tE8gaokPG6A4EUDyoLaZ231ZydDVoWof8FnPDaJwrcPwZ4R6ZLKGmkfytCZuU9I_9B4uuV0dyjEzKfS-Os3UcLumKPlgJ71OZAb49GTqUHuTePcSJjyYOYXx6eE7i_1m8TjU9Ut18BJNQhLqWmerA6X1ijbR2_syY6GXhGSfciSBH8xVkiUnqXb2jt1bE8nwWw-Sam5ikjzNbXqqs978IcCE5HTddQmy99bwuArA8PLqIFj3OOO1CSo8oyn2XDgMQ","dp":"Diky_rOZN-6DBq7nxQT_GOvqb9O5qbMnu8DgDzlJvJDAf9SJOXLTRmEaY9CA7_A5bvOcmFQtn13nObNb20_4FCB7zGSFcGMI_dh2-Ab5RV5yTrTok4onID1dXKbAlRq1ny825U2Eq-TZTyJEQoA3RkZtpSkBzInLrFbd2f3GWodKKSZggpnCLDd4H-1fXlbDYCXSJpoikAdZ1nFgXnnrUDdKRaAajnwpIYtIvXVewSQYR-BULzunUtIRZt8hx_6FRzhRha9gH_TtPTeYZ_vISuz0Y2rhUpx1Q2kaLlR9M8PUxm47l0xvX3LMKN6h6oWxFtn7wq0qwZ-Bjv24mOrOAQ","dq":"nXGD10hURrwk9W7hxP0sjB2Rdnr06iv3THs4JWFL16_h32bZO1BSWoho_chbgYlMmtFXGFFIWVLxAcAI2gWC_MA4cbmapvIMW2LNh1vgxJW5v95_NuGUlECeEEwcAu1-_b7z5XBCmAy3nLem9sbb_5wv0hMpPH0VRvbnZeBO3SBIkO0lddYCqU-8wN9HqkyoexQleSUnAm1O0iy4GIHT2aEmdNaRaKy2EhmNiTZdZeseZueOvyGPtTVONp2ofacMdcN0z39jr22qo9DWtdusd7nVPOpqkllEF6GrGUeHBnGD92n4YjDuxRnqefu8fXxUFrcLav0p8CNSv9ek291woQ","qi":"w6hfKEBLLHRWPkjajgxZyyetj-UFfVkILRT0plOllJ2JV8whcOXRXbiXH2r8zqMeyMFrrMwmuvv4TVQaruKB0ZQOG7Tz5Lw0RZEREOLnBwc3vSi_iLd-jBz01LdExTpqsAHMkaMQR9x62J8DE1ZNxVdn3ELYKik0f1L2r_WErzhvT1uq69HAybUp6WHcFYH0PSqHg4LOneXAdU1_g-ji2Zn9dlA_2oYGQ5S6JXPV7v2IVbEFpxyVD1lPbFT0iKhyZZevictjgD_JGHveIVqsq5w0Csyz08h0oEW9hYEq-4bquMxSf18gjldoS5uQPD7FUECgL8bxsCdc4hP6UEKYGw"}
authority_name: "Decidim Test Authority"
authority_api_key: "89Ht70GZNcicu8WEyagz_rRae6brbqZAGuBEICYBCii-PTV3MAstAtx1aRVe5H5YfODi-JgYPvyf9ZMH7tOeZ15e3mf9B2Ymgw7eknvBFMRP213YFGo1SPn_C4uLK90G"
scheme_name: "dummy"
quorum: 2
number_of_trustees: 3
default: &default
omniauth:
facebook:
@ -32,11 +42,8 @@ default: &default
server: <%= ENV["ETHERPAD_SERVER"] %>
api_key: <%= ENV["ETHERPAD_API_KEY"] %>
api_version: "1.2.1"
bulletin_board:
identification_private_key: |
server:
api_key:
elections:
<<: *elections_default
twilio:
account_sid: <%= ENV["TWILIO_ACCOUNT_SID"] %>
auth_token: <%= ENV["TWILIO_AUTH_TOKEN"] %>
@ -44,7 +51,7 @@ default: &default
development:
<<: *default
secret_key_base: 8c1ae960e908eeb50b0a0d95ad2318277a5a8ffb3202c242ab5e8642946c8c4cffba1a8afa54e9fbe4386ab2af880ad4fd2a467d3e2e37c9b279e2badb9bfbb9
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
omniauth:
developer:
enabled: true
@ -52,7 +59,7 @@ development:
test:
<<: *default
secret_key_base: e6f5a697254308dcb178c4945e55e6846d4770ef2ec2d07b9926313aebc7928bcc2d7331c273a2f02b730943adb304d8dc9cd54ea55be90e31a07f2690f20636
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
omniauth:
facebook:
enabled: true
@ -66,6 +73,10 @@ test:
enabled: true
client_id:
client_secret:
elections:
<<: *elections_default
bulletin_board_server: <%= ENV["ELECTIONS_BULLETIN_BOARD_SERVER"] || 'http://bulletin-board.lvh.me:5017/api' %>
# Do not keep production secrets in the repository,
# instead read values from the environment.
@ -79,3 +90,12 @@ production:
smtp_port: "587"
smtp_starttls_auto: true
smtp_authentication: "plain"
elections:
bulletin_board_server: <%= ENV["BULLETIN_BOARD_SERVER"] %>
bulletin_board_public_key: <%= ENV["BULLETIN_BOARD_PUBLIC_KEY"] %>
authority_api_key: <%= ENV["BULLETIN_BOARD_API_KEY"] %>
authority_name: <%= ENV["AUTHORITY_NAME"] %>
authority_private_key: <%= ENV["AUTHORITY_PRIVATE_KEY"] %>
scheme_name: <%= ENV["ELECTIONS_SCHEME_NAME"] %>
number_of_trustees: <%= ENV["ELECTIONS_NUMBER_OF_TRUSTEES"] %>
quorum: <%= ENV["ELECTIONS_QUORUM"] %>

View File

@ -4,7 +4,7 @@ services:
decidim:
build: decidim
image: decidim:0.23.6-210515
image: decidim:0.26.2-220910
restart: unless-stopped
depends_on:
- decidim-postgres
@ -20,7 +20,7 @@ services:
- decidim_uploads:/srv/decidim-app/public/uploads
decidim-postgres:
image: postgres:12-alpine
image: postgres:14-alpine
restart: unless-stopped
environment:
- POSTGRES_USER