feat(presets): add memcached, rabbitmq, elasticsearch service presets#252
Merged
feat(presets): add memcached, rabbitmq, elasticsearch service presets#252
Conversation
Three new opt-in presets broaden the "drop my old project into lerd" surface without bloating the built-in service list: - memcached: in-memory key/value cache for older Laravel/Drupal/WordPress codebases. No auth, no persistent data, detects via MEMCACHED_HOST in .env. - rabbitmq: 3-management-alpine with AMQP 5672 and the management UI on 15672. Default creds root/lerd, persistent /var/lib/rabbitmq so queues survive restarts, detects via RABBITMQ_HOST. - elasticsearch: 8.13.4 single-node with xpack security disabled so apps can connect without TLS+auth in dev. 512m heap, persistent data dir, detects via composer elasticsearch/elasticsearch. Tests extend TestListPresets_IncludesShippedPresets and add targeted load tests covering the non-obvious bits (memcached must not declare data_dir, rabbitmq must persist, elasticsearch must set single-node + security-off). Docs updated with the new rows and default credentials.
…tainer users Custom services and presets can now declare: - userns: written verbatim to UserNS= in the quadlet, e.g. "keep-id:uid=1000,gid=0" to map the host user 1:1 onto a non-root container UID. - chown_data: bool that adds :U to the data_dir mount so podman re-chowns the host directory to the container's expected UID at mount time. Both are needed for images like elasticsearch (UID 1000) that write to their data dir on startup; without them rootless podman maps the host user to a subuid that has no write access to the bind-mounted volume, and the process dies with EACCES on node.lock. The bundled elasticsearch preset adopts both. RabbitMQ verified clean without them (root entrypoint drops privileges internally), memcached has no data_dir at all. Tests cover the quadlet generator emitting UserNS and the :z,U mount when the fields are set, and the unchanged :z-only behavior when they are not. Schema documented in custom-services.md.
…ble ES CORS New elasticvue preset (cars10/elasticvue:latest, ~30MB nginx SPA) pairs with the elasticsearch service the same way phpmyadmin pairs with mysql: depends_on auto-starts ES, the dashboard wires into the lerd UI iframe at http://localhost:8083, and the cluster picker is pre-populated with the lerd ES URL via ELASTICVUE_CLUSTERS. User still clicks Connect once on first visit (upstream limitation, no auto-connect knob). Two underlying fixes were needed to make this actually work: - systemd quoting: GenerateCustomQuadlet now wraps the whole Environment="K=V" pair and escapes inner double quotes, mirroring the FrankenPHP generator. Without this, any env value containing JSON or quoted strings (e.g. ELASTICVUE_CLUSTERS, http.cors.allow-origin) was silently stripped of its quotes by systemd, yielding malformed JSON in the container or a YAML alias crash in ES. - ES CORS: the elasticsearch preset now sets http.cors.enabled, http.cors.allow-origin, http.cors.allow-headers, http.cors.allow-methods so elasticvue's browser-side fetch can reach ES at localhost:9200. allow-origin must be wrapped in literal quotes because ES parses env vars as YAML and a bare '*' becomes an alias token that crashes SnakeYAML on boot. UI: presetSuggestions map gains elasticsearch -> elasticvue, so the elasticsearch detail panel shows the install-elasticvue banner when the admin UI isn't installed, and an Open Elasticvue button when it is. serviceDisplayLabels and dashboardIconSvg map gain entries for elasticsearch, elasticvue, memcached, rabbitmq. Tests cover the new env-quoting behaviour (JSON values round-trip, bare data-dir defaults to :z only) and the elasticvue + ES CORS preset shape.
Some admin UIs (RabbitMQ's Cowboy management plugin) set session cookies that browsers drop on cross-origin iframe POSTs, and have no SameSite override exposed by the application. The pgadmin / phpmyadmin trick of patching SESSION_COOKIE_SAMESITE = 'None' via a FileMount doesn't apply. New CustomService field dashboard_external (yaml + json) marks a service whose dashboard URL must open in a new browser tab rather than the lerd UI iframe. The dashboard sidebar quick-launch icons hide external dashboards (since clicking them would open in a new tab anyway), and both openDashboardIframe and openAdminDashboard route external services through window.open with noopener,noreferrer. The rabbitmq preset adopts the flag so the management UI login works without auth cookies being silently dropped. Schema field documented in custom-services.md alongside userns and chown_data. Tests lock in the elasticsearch preset's userns + chown_data shape and the rabbitmq preset's dashboard_external shape so future changes can't silently regress them.
geodro
added a commit
that referenced
this pull request
Apr 24, 2026
Bundles four landed changes since beta.6: - #252 Add memcached, rabbitmq, elasticsearch service presets. - #256 Fix check-upstream-php workflow dispatch (was silently broken). - #257 Stream per-phase progress during preset install in the Web UI. - #258 Offline landing page for the installed PWA with lerd start + copy button; nginx vhost allowlists the new SW routes.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
memcachedpreset (memcached:1.6-alpine, no auth, no persistent data, detected viaMEMCACHED_HOSTin.env). For older Laravel / Drupal / WordPress projects.rabbitmqpreset (rabbitmq:3-management-alpinewith AMQP on 5672 and the management UI on 15672, default credsroot/lerd, persistent/var/lib/rabbitmqso queues survive restarts, detected viaRABBITMQ_HOST). Broadens worker support beyond Redis.elasticsearchpreset (8.13.4single-node withxpack.security.enabled=falseso apps connect without TLS + auth in dev, 512m heap, persistent data dir, detected via composerelasticsearch/elasticsearch).Tests extend
TestListPresets_IncludesShippedPresetsand add focused load tests for each: memcached must not declaredata_dir, rabbitmq must persist/var/lib/rabbitmq, elasticsearch must runsingle-nodewith security off. Docs page gets the three new rows plus default credentials.