-
Notifications
You must be signed in to change notification settings - Fork 35
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* change all images to be based on Alpine, easier env file, upgrade Caddy to v2 * postgres username need to me smaller * add TWITTER to refresher * fix typo on readme * remove commented dependency on feedbin Dockerfile * ignore DL3018 lint rule
- Loading branch information
Showing
11 changed files
with
306 additions
and
178 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,53 +1,45 @@ | ||
# Minio | ||
MINIO_ACCESS_KEY= | ||
MINIO_SECRET_KEY= | ||
|
||
# Caddy | ||
CADDYPATH=/etc/ssl/caddy | ||
|
||
# Camo | ||
CAMO_HOST=https://camo.feedbin.domain.tld | ||
CAMO_KEY= | ||
|
||
# Rails | ||
# Feedbin | ||
RACK_ENV=production | ||
RAILS_ENV=production | ||
PORT=3000 | ||
SECRET_KEY_BASE= | ||
SECRET_KEY_BASE= #generate with openssl rand -hex 32 | ||
DEFAULT_URL_OPTIONS_HOST=feedbin.domain.tld | ||
PUSH_URL=https://feedbin.domain.tld | ||
FEEDBIN_URL=https://feedbin.domain.tld | ||
FEEDBIN_HOST=feedbin.domain.tld | ||
FORCE_SSL= | ||
FEEDBIN_API_HOST=api.feedbin.domain.tld | ||
|
||
# Databases | ||
ELASTICSEARCH_URL=http://feedbin-elasticsearch:9200 | ||
MEMCACHED_HOSTS=feedbin-memcached:11211 | ||
REDIS_URL=redis://feedbin-redis:6379 | ||
|
||
POSTGRES=feedbin-postgres | ||
POSTGRES_USERNAME=feedbin | ||
POSTGRES_USER=feedbin | ||
POSTGRES_PASSWORD= | ||
DATABASE_URL=postgres://feedbin:[Your POSTGRESS_PASSWORD Here]@feedbin-postgres/feedbin_production | ||
POSTGRES_USER= #generate with openssl rand -hex 16. Don't use long usernames. | ||
POSTGRES_PASSWORD= #generate with openssl rand -hex 32 | ||
|
||
# S3 | ||
AWS_ACCESS_KEY_ID= | ||
AWS_SECRET_ACCESS_KEY= | ||
AWS_S3_BUCKET=feedbin | ||
AWS_S3_BUCKET_FAVICONS=feedbin | ||
AWS_S3_ENDPOINT=https://minio.feedbin.domain.tld | ||
AWS_S3_PATH_STYLE="true" | ||
ENTRY_IMAGE_HOST=minio.feedbin.domain.tld | ||
# Minio | ||
MINIO_ACCESS_KEY= #generate with openssl rand -hex 32 | ||
MINIO_SECRET_KEY= #generate with openssl rand -hex 32 | ||
MINIO_BUCKET=feedbin | ||
MINIO_HOST=minio.feedbin.domain.tld | ||
|
||
# Extract service (needs to run behind HTTPS:443) | ||
EXTRACT_HOST=extract.feedbin.domain.tld | ||
EXTRACT_USER=username | ||
EXTRACT_SECRET=secret | ||
EXTRACT_USER= #generate with openssl rand -hex 32 | ||
EXTRACT_SECRET= #generate with openssl rand -hex 32 | ||
|
||
# Camo | ||
CAMO_HOST=camo.feedbin.domain.tld | ||
CAMO_KEY= #generate with openssl rand -hex 32 | ||
|
||
# SMTP | ||
SMTP_ADDRESS= | ||
SMTP_USERNAME= | ||
SMTP_PASSWORD= | ||
SMTP_DOMAIN= | ||
FROM_ADDRESS= | ||
|
||
TWITTER_KEY= | ||
TWITTER_SECRET= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
ignored: | ||
- DL3008 | ||
- DL3018 | ||
- DL3028 |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,27 +1,62 @@ | ||
feedbin.domain.tld { | ||
gzip | ||
proxy / http://feedbin-web:3000 { | ||
transparent | ||
(headers) { | ||
header { | ||
# enable HSTS | ||
Strict-Transport-Security max-age=31536000; | ||
# keep referrer data off of HTTP connections | ||
Referrer-Policy no-referrer-when-downgrade | ||
# Enable cross-site filter (XSS) and tell browser to block detected attacks | ||
X-XSS-Protection "1; mode=block" | ||
# Disallow the site to be rendered within a frame (clickjacking protection) | ||
#X-Frame-Options "DENY" | ||
# Prevent search engines from indexing (optional) | ||
X-Robots-Tag "none" | ||
# Server name removing | ||
-Server | ||
# opt-out Google FLoC | ||
Permissions-Policy "interest-cohort=()" | ||
} | ||
} | ||
|
||
camo.feedbin.domain.tld { | ||
gzip | ||
proxy / http://camo:8081 { | ||
transparent | ||
} | ||
(encode) { | ||
encode zstd gzip | ||
} | ||
|
||
minio.feedbin.domain.tld { | ||
gzip | ||
proxy / http://minio:9000 { | ||
transparent | ||
} | ||
{$FEEDBIN_HOST} { | ||
import encode | ||
import headers | ||
|
||
reverse_proxy feedbin-web:3000 | ||
|
||
# respond /signup/* 403 | ||
# respond /users/* 403 | ||
} | ||
|
||
extract.feedbin.domain.tld { | ||
gzip | ||
proxy / http://feedbin-extract:3000 { | ||
transparent | ||
{$FEEDBIN_API_HOST} { | ||
import encode | ||
import headers | ||
|
||
reverse_proxy feedbin-web:3000 { | ||
header_up Host api.feedbin.com | ||
} | ||
} | ||
|
||
{$MINIO_HOST} { | ||
import encode | ||
import headers | ||
|
||
reverse_proxy feedbin-minio:9000 | ||
} | ||
|
||
{$EXTRACT_HOST} { | ||
import encode | ||
import headers | ||
|
||
reverse_proxy feedbin-extract:3000 | ||
} | ||
|
||
{$CAMO_HOST} { | ||
import encode | ||
import headers | ||
|
||
reverse_proxy feedbin-camo:8081 | ||
} |
Oops, something went wrong.