Compare commits
672 Commits
docs/fix-f
...
gpu/fix/sc
| Author | SHA1 | Date | |
|---|---|---|---|
|
9f79567c5e | ||
|
|
be7f3b3c3f | ||
|
|
99c6d3860d | ||
|
|
9f56cf0f05 | ||
|
|
76c8e93822 | ||
|
|
d38d0d0e1d | ||
|
|
65b32c7c41 | ||
|
|
f6f14e8d9a | ||
|
|
f8653692b1 | ||
|
|
5264df60cc | ||
|
|
1a200ed17c | ||
|
|
48fdaa5481 | ||
|
|
570fe070c9 | ||
|
|
6b18bbd94d | ||
|
|
c6836f9859 | ||
|
|
288869d91d | ||
|
|
8ea8a0857e | ||
|
|
87674cc5d9 | ||
|
|
11f556e9af | ||
|
|
d2d3195fea | ||
|
|
ad3b138284 | ||
|
|
ff609db1aa | ||
|
|
43c6bff906 | ||
|
|
b28dac652c | ||
|
|
fbb5c08227 | ||
|
|
a04d363597 | ||
|
|
994d2b9b91 | ||
|
|
909b7656fd | ||
|
|
c61260cb5a | ||
|
|
fed1a60c63 | ||
|
|
7062408f5d | ||
|
|
583ec7730c | ||
|
|
e9f3b23ac9 | ||
|
|
7f09420bdf | ||
|
|
c93869db02 | ||
|
|
2f23def478 | ||
|
|
4c5c43982a | ||
|
|
a2a6c581c2 | ||
|
|
8b1a7e11f5 | ||
|
|
2181adb67c | ||
|
|
e1b0bd7875 | ||
|
|
e465a2d8fc | ||
|
|
70d0ae1ff5 | ||
|
|
e52db36045 | ||
|
|
1935b1fbb6 | ||
|
|
5dc69bf80e | ||
|
|
e839d5ae41 | ||
|
|
e89c6f35cc | ||
|
|
c4a7c81777 | ||
|
|
a69b5d40a9 | ||
|
|
bab074cd37 | ||
|
|
afb7d49455 | ||
|
|
63d422037c | ||
|
|
2f471350c4 | ||
|
|
efff3fa1fd | ||
|
|
6ae9677a43 | ||
|
|
5acd198b70 | ||
|
|
47e82908c4 | ||
|
|
4b79a7aefe | ||
|
|
dfd74239dd | ||
|
|
5a08f918c6 | ||
|
|
8fde456f74 | ||
|
|
b173f005cd | ||
|
|
ecf8849b55 | ||
|
|
c8f416c4c0 | ||
|
|
ed183b8e4e | ||
|
|
20595b72c7 | ||
|
|
04c9e8309b | ||
|
|
3cd388d83a | ||
|
|
8266fc6085 | ||
|
|
78fb8bcdca | ||
|
|
cdb7afafef | ||
|
|
c4e1c74538 | ||
|
|
07b9470e4e | ||
|
|
da11265189 | ||
|
|
f6d1addc7d | ||
|
|
3b644efa0a | ||
|
|
27d8463775 | ||
|
|
5bf89ace05 | ||
|
|
fe9120edb4 | ||
|
|
2a77fe4c8a | ||
|
|
85a5e2dc4b | ||
|
|
cd88ade7ca | ||
|
|
0c3cedc1a5 | ||
|
|
4ed649bff7 | ||
|
|
e383c22fe5 | ||
|
|
ce15e2ce00 | ||
|
|
957dff10a6 | ||
|
|
da35df9280 | ||
|
|
14edf88acb | ||
|
|
939a9b5ba3 | ||
|
|
aa9b2aa243 | ||
|
|
3bd0705742 | ||
|
|
6662923b87 | ||
|
|
f39fec6c68 | ||
|
|
e1362a43f7 | ||
|
|
a7c611571f | ||
|
|
f0f2d4798c | ||
|
|
9d6fd7a276 | ||
|
|
02e45a7fb3 | ||
|
|
1c4257065f | ||
|
|
40c0491925 | ||
|
|
a7f2d9c583 | ||
|
|
57a003efb9 | ||
|
|
aca446a05a | ||
|
|
b1cb265654 | ||
|
|
a72c760b07 | ||
|
|
60f3976da9 | ||
|
|
b5f175dcb8 | ||
|
|
3b0cc74984 | ||
|
|
d3b2dc3029 | ||
|
|
019e1948ce | ||
|
|
2f87901cf8 | ||
|
|
0b2c5d3835 | ||
|
|
0eeeb99620 | ||
|
|
e73480b353 | ||
|
|
2ad44d6617 | ||
|
|
93385b655d | ||
|
|
60d37998af | ||
|
|
4cf740b4f8 | ||
|
|
ba8c7faa7d | ||
|
|
6ec7f214cb | ||
|
|
8e1e71fad3 | ||
|
|
3007c78926 | ||
|
|
b0787c19a1 | ||
|
|
1a485ca959 | ||
|
|
ce8c82f9b5 | ||
|
|
3ae6852c81 | ||
|
|
380cb98b66 | ||
|
|
77d35d8890 | ||
|
|
849c098696 | ||
|
|
42f5f3108b | ||
|
|
1f7be15e51 | ||
|
|
bc0da70a85 | ||
|
|
6898ebb3a2 | ||
|
|
63f302cd82 | ||
|
|
08b7cb872e | ||
|
|
543328fa6e | ||
|
|
3334bc69e4 | ||
|
|
4d061544a6 | ||
|
|
5e58695c75 | ||
|
|
6ebb19db03 | ||
|
|
a08fd3b28c | ||
|
|
abbecf8e12 | ||
|
|
e150b9418b | ||
|
|
1e5176f17b | ||
|
|
605b862937 | ||
|
|
0110413528 | ||
|
|
0726d70b58 | ||
|
|
8abf6d8b65 | ||
|
|
b0f495c37a | ||
|
|
4e9b8d840d | ||
|
|
57579813de | ||
|
|
97dd238c44 | ||
|
|
3095530d0d | ||
|
|
3e8120baf6 | ||
|
|
0685c4326b | ||
|
|
af9e1993d1 | ||
|
|
ba8868d771 | ||
|
|
7ee1d7cae1 | ||
|
|
cb17633f57 | ||
|
|
18e94af22b | ||
|
|
b81665afe1 | ||
|
|
acb0fae406 | ||
|
|
e5fef95f4e | ||
|
|
55fe22ed4c | ||
|
|
fee742d756 | ||
|
|
36b4e792f6 | ||
|
|
8810a7657e | ||
|
|
59d87c860b | ||
|
|
97c12b0b21 | ||
|
|
9746ffdc33 | ||
|
|
8cda14a78c | ||
|
|
a4c0161cb1 | ||
|
|
505a438fa3 | ||
|
|
1a794c9fc4 | ||
|
|
03e8dd0ac7 | ||
|
|
eea2dfb67a | ||
|
|
316ffe4f35 | ||
|
|
08a380df61 | ||
|
|
faa7638353 | ||
|
|
58e869604a | ||
|
|
fc57d0b9f1 | ||
|
|
a61dff75b9 | ||
|
|
0b9c1a09b9 | ||
|
|
3178e06349 | ||
|
|
69c341060b | ||
|
|
d56daad3f0 | ||
|
|
2b239284b3 | ||
|
|
e2e8b84eef | ||
|
|
7afb59cd3a | ||
|
|
6474487e75 | ||
|
|
3fd15d418b | ||
|
|
243ad15e66 | ||
|
|
56367c964e | ||
|
|
8911b33d3e | ||
|
|
f7c7939493 | ||
|
|
8eee97f779 | ||
|
|
d3c1a37378 | ||
|
|
4a8303d050 | ||
|
|
61df0056ba | ||
|
|
75c48ef5ee | ||
|
|
4fed6bd618 | ||
|
|
581e252f30 | ||
|
|
f1d479cf1d | ||
|
|
d070e53480 | ||
|
|
89719a8d48 | ||
|
|
085bef64b5 | ||
|
|
963ca8ab48 | ||
|
|
59922bc5cf | ||
|
|
1f4b3f94ca | ||
|
|
aa9e89c0c9 | ||
|
|
760aef5521 | ||
|
|
ca1d7ebd09 | ||
|
|
a282878cfe | ||
|
|
95ad815142 | ||
|
|
984582c520 | ||
|
|
d10e6f0e20 | ||
|
|
0db6227f98 | ||
|
|
46aa153989 | ||
|
|
3cfd619d9d | ||
|
|
82e3d7d2d4 | ||
|
|
9188718cb6 | ||
|
|
7f27a03e84 | ||
|
|
202a17dd6f | ||
|
|
fe6817ff78 | ||
|
|
3991bc2e08 | ||
|
|
c84e4deded | ||
|
|
3a19d380f3 | ||
|
|
21cf7466ee | ||
|
|
9a0db453d3 | ||
|
|
3021a88e70 | ||
|
|
232c277412 | ||
|
|
d5e0523c6a | ||
|
|
03641fb388 | ||
|
|
023208603c | ||
|
|
21d10c37b3 | ||
|
|
5be2c61091 | ||
|
|
da12178933 | ||
|
|
b6484e1a19 | ||
|
|
206c946408 | ||
|
|
c57c67db24 | ||
|
|
1ed26c8264 | ||
|
|
18ece294ce | ||
|
|
2f44ae273f | ||
|
|
a6457f0a2a | ||
|
|
3f6bc2bf36 | ||
|
|
f7248a1c74 | ||
|
|
54fc939ea3 | ||
|
|
420bb1d805 | ||
|
|
39c0d2c777 | ||
|
|
d8e3a64b61 | ||
|
|
78dbda300b | ||
|
|
16440bc3c5 | ||
|
|
f5b8d226c9 | ||
|
|
a80142cdd7 | ||
|
|
e69364d329 | ||
|
|
6facfd93ee | ||
|
|
7e9b0bcdc5 | ||
|
|
bb461e8573 | ||
|
|
926058cbd0 | ||
|
|
44d56f64e1 | ||
|
|
8074e7dee9 | ||
|
|
67af7ee3fa | ||
|
|
e6b3624bae | ||
|
|
c27c8a61f1 | ||
|
|
79e6d4b6e6 | ||
|
|
ea15f6d04b | ||
|
|
dffcafbfd2 | ||
|
|
e30afb517b | ||
|
|
97a701c7e4 | ||
|
|
24c68ada0b | ||
|
|
ec5358f9b0 | ||
|
|
03bb1ab2b8 | ||
|
|
d5754b8977 | ||
|
|
8017975124 | ||
|
|
66b77ed5a1 | ||
|
|
b990d50b01 | ||
|
|
f1890e304b | ||
|
|
587ea07a61 | ||
|
|
e185931214 | ||
|
|
78fe2b29d2 | ||
|
|
9fc92b4f32 | ||
|
|
d33a8b7d31 | ||
|
|
825a05b02f | ||
|
|
6aa9b08b63 | ||
|
|
dcb2505c8e | ||
|
|
4917a2d2ab | ||
|
|
aba1d3336d | ||
|
|
7c2c68e03b | ||
|
|
ff30a31748 | ||
|
|
3d8d351996 | ||
|
|
eea8f607fa | ||
|
|
d3f357eb13 | ||
|
|
e19ef85071 | ||
|
|
1e7cc5b6ad | ||
|
|
6e4c27136a | ||
|
|
afb1e5b9f7 | ||
|
|
ed90b16fd3 | ||
|
|
2901fcfd24 | ||
|
|
c918459a8e | ||
|
|
9d3c560648 | ||
|
|
c901c54716 | ||
|
|
d925999a70 | ||
|
|
aa5aa78677 | ||
|
|
fd37490fcd | ||
|
|
d55fb76a71 | ||
|
|
ba3954dc0f | ||
|
|
faf20cdf0b | ||
|
|
6321909582 | ||
|
|
355f7c4e69 | ||
|
|
2c3c949bc9 | ||
|
|
babf756bd5 | ||
|
|
c341e22f76 | ||
|
|
0a0e52dd3d | ||
|
|
081b4064a1 | ||
|
|
9a224ea780 | ||
|
|
ab3a6ba34e | ||
|
|
2ec8300663 | ||
|
|
8762f26c04 | ||
|
|
65e50afd27 | ||
|
|
aff0b38c0b | ||
|
|
fefd635f6c | ||
|
|
a8b410a0da | ||
|
|
841b5229e6 | ||
|
|
89421058bc | ||
|
|
4d5f69e9dc | ||
|
|
8cb7ee6aad | ||
|
|
ab62c06d07 | ||
|
|
d85c81ff57 | ||
|
|
94d07adf9c | ||
|
|
3eeefb18c2 | ||
|
|
34b58757ec | ||
|
|
0df243184c | ||
|
|
99420a8a48 | ||
|
|
b013bf6ea9 | ||
|
|
1bedb4d182 | ||
|
|
f844d1221e | ||
|
|
7950d1be7d | ||
|
|
ffdeb91dcd | ||
|
|
a356b13d5a | ||
|
|
db61f05fb6 | ||
|
|
26937ab505 | ||
|
|
3dc2132e72 | ||
|
|
b50f2bbf6c | ||
|
|
16a0a5556d | ||
|
|
32166687ec | ||
|
|
db3498e0a0 | ||
|
|
2dc70ede78 | ||
|
|
694f385d2b | ||
|
|
407c126419 | ||
|
|
18746c917e | ||
|
|
01324970b4 | ||
|
|
b068669c3c | ||
|
|
bc134283d9 | ||
|
|
9f3a0f3c32 | ||
|
|
ca1ab3fef9 | ||
|
|
b6394cc39c | ||
|
|
36915f5f03 | ||
|
|
1ad305f874 | ||
|
|
58cdd7de69 | ||
|
|
4cee006a1e | ||
|
|
7bbc53bef9 | ||
|
|
1432168ec0 | ||
|
|
534ae8dd3a | ||
|
|
0a25611cf5 | ||
|
|
17990b3558 | ||
|
|
cb80d04265 | ||
|
|
0194a493ab | ||
|
|
06e49cb638 | ||
|
|
93dea60906 | ||
|
|
177f955a6b | ||
|
|
324a0b4071 | ||
|
|
132d6432cc | ||
|
|
4c51efb0b7 | ||
|
|
8f0f2e5844 | ||
|
|
0ae1524682 | ||
|
|
b24ba06794 | ||
|
|
ec6ce88e08 | ||
|
|
7839bed160 | ||
|
|
39d3689d01 | ||
|
|
ef347ff8ef | ||
|
|
908629dd9a | ||
|
|
4cea6ab238 | ||
|
|
a0e8a69848 | ||
|
|
df2b5b4274 | ||
|
|
f18d3af3b4 | ||
|
|
b4a447b596 | ||
|
|
d329630509 | ||
|
|
1af84b046d | ||
|
|
84e8543309 | ||
|
|
09f7ecd295 | ||
|
|
1a8dbf0f2c | ||
|
|
3f1e695581 | ||
|
|
8881503ca6 | ||
|
|
317da8a13e | ||
|
|
316d719d64 | ||
|
|
01e1b79674 | ||
|
|
9b7ff997b9 | ||
|
|
6d5c2a5e2b | ||
|
|
d0185a484f | ||
|
|
aadacbf729 | ||
|
|
86290d1ce9 | ||
|
|
d5ddd59997 | ||
|
|
64883f1752 | ||
|
|
ef0b8d3180 | ||
|
|
101379e6ba | ||
|
|
80947af962 | ||
|
|
9ebb80a111 | ||
|
|
37e99b977c | ||
|
|
dcbc505e7a | ||
|
|
9f518d6c4b | ||
|
|
6f88df0570 | ||
|
|
f97c9521f3 | ||
|
|
61aa638be9 | ||
|
|
6285359f31 | ||
|
|
f72987d55f | ||
|
|
33292988bb | ||
|
|
261cd45535 | ||
|
|
f9994e7e88 | ||
|
|
b0ecfefa09 | ||
|
|
e1e4528db6 | ||
|
|
6eecd514e4 | ||
|
|
5b4464533b | ||
|
|
62233642ad | ||
|
|
26910b80b9 | ||
|
|
306c7a2480 | ||
|
|
d26f4f1ac2 | ||
|
|
1509ab6435 | ||
|
|
df0fcb1801 | ||
|
|
359a269e88 | ||
|
|
f621aeef54 | ||
|
|
10ce9b44fc | ||
|
|
6d5e66b73b | ||
|
|
2f701510e0 | ||
|
|
ec38cbd285 | ||
|
|
640d8c1bf4 | ||
|
|
c570cf8fc2 | ||
|
|
9e18f11822 | ||
|
|
121482528b | ||
|
|
ac482bceae | ||
|
|
3692f5ed7d | ||
|
|
ce32e32433 | ||
|
|
fdeea2f4a1 | ||
|
|
837aa2037f | ||
|
|
45065b03e3 | ||
|
|
195f8c6ec7 | ||
|
|
20202d1cdb | ||
|
|
e4d31241da | ||
|
|
83dc24df94 | ||
|
|
890eb8ea46 | ||
|
|
d57f01f88b | ||
|
|
3297f3088e | ||
|
|
f34ab4d5ce | ||
|
|
2f775e098e | ||
|
|
56600420f1 | ||
|
|
4e579bc934 | ||
|
|
8571da9761 | ||
|
|
0a591f7a3c | ||
|
|
84dec294da | ||
|
|
e3cb3e5a54 | ||
|
|
9fb31d52b7 | ||
|
|
5a7c8f539a | ||
|
|
9305b09717 | ||
|
|
25b2ff91af | ||
|
|
7f6091afb1 | ||
|
|
fe3acf669e | ||
|
|
18950cc43b | ||
|
|
d25bde12c3 | ||
|
|
f0542c3ea5 | ||
|
|
70185da4a7 | ||
|
|
1dc859f225 | ||
|
|
7a84a51940 | ||
|
|
d5122fac17 | ||
|
|
36167790df | ||
|
|
ad5e1328c5 | ||
|
|
e2b8cf1cf2 | ||
|
|
6f8d9f15b2 | ||
|
|
64215b478f | ||
|
|
f8faecdc36 | ||
|
|
656894e46a | ||
|
|
3caaa6b63b | ||
|
|
ad5acdbf1d | ||
|
|
24ef743d24 | ||
|
|
0e3e61afe3 | ||
|
|
de254bee66 | ||
|
|
96f2aa5b30 | ||
|
|
f86c4e5e52 | ||
|
|
05c2fe8c35 | ||
|
|
dcd8413dcf | ||
|
|
b4b13b0aa9 | ||
|
|
d8d4b6d9f9 | ||
|
|
2ebc4dc700 | ||
|
|
910334101c | ||
|
|
b53dc23d80 | ||
|
|
0325f41617 | ||
|
|
99176209ea | ||
|
|
694f349e10 | ||
|
|
ea872ca156 | ||
|
|
e5bdfa2840 | ||
|
|
0a474797a6 | ||
|
|
6215da6cc0 | ||
|
|
4c3cf83106 | ||
|
|
6d7c963898 | ||
|
|
1cf8dcda3b | ||
|
|
38c6f29023 | ||
|
|
fd08ef8816 | ||
|
|
a176a5dc7a | ||
|
|
e02fd1b2de | ||
|
|
4e6b410d3b | ||
|
|
d31a46b6f5 | ||
|
|
774a0e14c4 | ||
|
|
115fb2123e | ||
|
|
7d1453b283 | ||
|
|
e6e1f33ffd | ||
|
|
aeef6f602b | ||
|
|
17ff965a32 | ||
|
|
1305ffe910 | ||
|
|
aa79d97dc6 | ||
|
|
b79f94fe37 | ||
|
|
1d3cbde451 | ||
|
|
8aa08d041d | ||
|
|
07fe0fd852 | ||
|
|
fd2f4bace4 | ||
|
|
ed74c31e85 | ||
|
|
3c7d0bb87c | ||
|
|
8dc819008c | ||
|
|
89dc9a31c8 | ||
|
|
3f5c15e9f3 | ||
|
|
9b04cea89f | ||
|
|
d9768fb7bb | ||
|
|
aca1d9df99 | ||
|
|
3594ab5de3 | ||
|
|
9d4dd57b69 | ||
|
|
badf84e5d7 | ||
|
|
2df9fd0f9b | ||
|
|
139d82eddf | ||
|
|
0bf4fd259d | ||
|
|
76c5da5f7f | ||
|
|
6239d18f15 | ||
|
|
54404e84c0 | ||
|
|
9448ef1b73 | ||
|
|
6241cceceb | ||
|
|
3b3e65ea9f | ||
|
|
e994ecb8fd | ||
|
|
91728176ad | ||
|
|
c3c257af94 | ||
|
|
4058206fd6 | ||
|
|
90ad4c73dd | ||
|
|
d1c4dd9b95 | ||
|
|
28c1ee9dfa | ||
|
|
ed45ac7dda | ||
|
|
7fba177f94 | ||
|
|
5c3febdfa6 | ||
|
|
246aaad54a | ||
|
|
9cf65c5d7c | ||
|
|
ec6316e943 | ||
|
|
ee1845dab9 | ||
|
|
7e79602c1e | ||
|
|
63f678ae5e | ||
|
|
eb860449aa | ||
|
|
4360e2591e | ||
|
|
fc35c00305 | ||
|
|
26acd08025 | ||
|
|
360e7e0f71 | ||
|
|
d98feab763 | ||
|
|
3dac3c2a13 | ||
|
|
3a45f6dd8b | ||
|
|
e3df0cda78 | ||
|
|
ace4363e51 | ||
|
|
32b4413599 | ||
|
|
c749008d87 | ||
|
|
a44909b825 | ||
|
|
5a434b5b50 | ||
|
|
d8db9c458c | ||
|
|
435ceff018 | ||
|
|
a73bdb5b27 | ||
|
|
ab80bebc97 | ||
|
|
861c5812b3 | ||
|
|
89119319f3 | ||
|
|
9e9e29fa07 | ||
|
|
628dc885c9 | ||
|
|
5b73c14d3c | ||
|
|
77158cc609 | ||
|
|
fd7f579996 | ||
|
|
962d7964ed | ||
|
|
93d6581a74 | ||
|
|
1d586790da | ||
|
|
d7844ee4a7 | ||
|
|
c54d8fc956 | ||
|
|
6af571b6d4 | ||
|
|
b574663cdd | ||
|
|
77076f97fe | ||
|
|
330fffd380 | ||
|
|
3f24bb046e | ||
|
|
dff1928b3c | ||
|
|
3c5e037372 | ||
|
|
2def8f51b7 | ||
|
|
97edd192f2 | ||
|
|
5c668d622e | ||
|
|
29ef564e98 | ||
|
|
6f174f6d82 | ||
|
|
9f98007ce7 | ||
|
|
234b887787 | ||
|
|
fcf6c507be | ||
|
|
9f7e2c49e0 | ||
|
|
9719a72aec | ||
|
|
6cbd31a11f | ||
|
|
d60accd2f6 | ||
|
|
0f56ebf4a5 | ||
|
|
1e9f0bca72 | ||
|
|
74ee951758 | ||
|
|
77c4decaad | ||
|
|
0447114b54 | ||
|
|
1c1c370daf | ||
|
|
da9cde1cbd | ||
|
|
3d54075607 | ||
|
|
60585fe6d2 | ||
|
|
2e3df3d805 | ||
|
|
9af67a27c4 | ||
|
|
1540081ef9 | ||
|
|
556d900fcd | ||
|
|
2e9c2f79d0 | ||
|
|
5b1438413c | ||
|
|
37b930ea83 | ||
|
|
208fb789af | ||
|
|
2dd9d6f754 | ||
|
|
e32e878685 | ||
|
|
9a5e5e1faf | ||
|
|
392bcce478 | ||
|
|
dec07f3330 | ||
|
|
6dc12964c9 | ||
|
|
a796c6704a | ||
|
|
fc3284baca | ||
|
|
794e586434 | ||
|
|
f3d1e2fca2 | ||
|
|
710970851d | ||
|
|
bf54bd3632 | ||
|
|
7e31acf719 | ||
|
|
4043f803a1 | ||
|
|
4e1a08bcc5 | ||
|
|
65999fe3b0 | ||
|
|
a3c121418a | ||
|
|
bdc90c4c09 | ||
|
|
472a461bd9 | ||
|
|
3b97326269 | ||
|
|
04e84a68c0 | ||
|
|
3fd82f150e | ||
|
|
851745f60c | ||
|
|
43f7b6533d | ||
|
|
de0c1dd9f4 | ||
|
|
a6407f12e1 | ||
|
|
7219cbab11 | ||
|
|
d3d6165f5b | ||
|
|
e91f3b56f1 | ||
|
|
3834e88367 | ||
|
|
764138452b | ||
|
|
f0223eff6a | ||
|
|
4f3effb53e | ||
|
|
fc655b5c32 | ||
|
|
c4c8d614b6 | ||
|
|
1d4e637900 | ||
|
|
c570fd3204 | ||
|
|
81a8ca53fa | ||
|
|
4e08bf6d3f | ||
|
|
93a20fa397 | ||
|
|
255af9e472 | ||
|
|
fdf73c0b6c | ||
|
|
e0f886b2b9 | ||
|
|
decde7860b | ||
|
|
bacc6b6517 | ||
|
|
1a71ce2650 |
28
.github/workflows/check.yaml
vendored
28
.github/workflows/check.yaml
vendored
@@ -3,12 +3,28 @@ name: Lint and Test Charts
|
||||
on:
|
||||
push:
|
||||
branches: [ "main", "release-*" ]
|
||||
paths-ignore:
|
||||
- 'docs/**'
|
||||
paths:
|
||||
- '!docs/**'
|
||||
- 'apps/.olares/**'
|
||||
- 'build/**'
|
||||
- 'cli/**'
|
||||
- 'daemon/**'
|
||||
- 'framework/**/.olares/**'
|
||||
- 'infrastructure/**/.olares/**'
|
||||
- 'platform/**/.olares/**'
|
||||
- 'vendor/**'
|
||||
pull_request_target:
|
||||
branches: [ "main", "release-*" ]
|
||||
paths-ignore:
|
||||
- 'docs/**'
|
||||
paths:
|
||||
- '!docs/**'
|
||||
- 'apps/.olares/**'
|
||||
- 'build/**'
|
||||
- 'cli/**'
|
||||
- 'daemon/**'
|
||||
- 'framework/**/.olares/**'
|
||||
- 'infrastructure/**/.olares/**'
|
||||
- 'platform/**/.olares/**'
|
||||
- 'vendor/**'
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
@@ -59,7 +75,7 @@ jobs:
|
||||
steps:
|
||||
- id: generate
|
||||
run: |
|
||||
v=1.12.1-$(echo $RANDOM$RANDOM)
|
||||
v=1.12.4-$(echo $RANDOM$RANDOM)
|
||||
echo "version=$v" >> "$GITHUB_OUTPUT"
|
||||
|
||||
upload-cli:
|
||||
@@ -211,7 +227,7 @@ jobs:
|
||||
url: 'https://cloud-dev-api.bttcdn.com/v1/resource/installTest'
|
||||
method: 'POST'
|
||||
customHeaders: '{"Authorization": "${{ secrets.INSTALL_SECRET }}"}'
|
||||
data: 'versions=${{ needs.test-version.outputs.version }}&downloadUrl=https://dc3p1870nn3cj.cloudfront.net/install-wizard-v${{ needs.test-version.outputs.version }}.tar.gz'
|
||||
data: 'versions=${{ needs.test-version.outputs.version }}&downloadUrl=https://cdn.olares.com/install-wizard-v${{ needs.test-version.outputs.version }}.tar.gz'
|
||||
contentType: "application/x-www-form-urlencoded"
|
||||
|
||||
- name: Check Result
|
||||
|
||||
32
.github/workflows/module_appservice_build_main.yaml
vendored
Normal file
32
.github/workflows/module_appservice_build_main.yaml
vendored
Normal file
@@ -0,0 +1,32 @@
|
||||
name: App-Service Build test
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "module-appservice"
|
||||
paths:
|
||||
- 'framework/app-service/**'
|
||||
- '!framework/app-service/.olares/**'
|
||||
- '!framework/app-service/README.md'
|
||||
- '!framework/app-service/PROJECT'
|
||||
pull_request:
|
||||
branches:
|
||||
- "module-appservice"
|
||||
paths:
|
||||
- 'framework/app-service/**'
|
||||
- '!framework/app-service/.olares/**'
|
||||
- '!framework/app-service/README.md'
|
||||
- '!framework/app-service/PROJECT'
|
||||
jobs:
|
||||
build0-main:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y btrfs-progs libbtrfs-dev
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: '1.24.6'
|
||||
- run: make build
|
||||
working-directory: framework/app-service
|
||||
62
.github/workflows/module_appservice_publish_docker.yaml
vendored
Normal file
62
.github/workflows/module_appservice_publish_docker.yaml
vendored
Normal file
@@ -0,0 +1,62 @@
|
||||
name: Publish app-service to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub_amd64:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
- name: Build and push amd64 Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/app-service:${{ github.event.inputs.tags }}-amd64
|
||||
context: framework/app-service
|
||||
file: framework/app-service/Dockerfile
|
||||
platforms: linux/amd64
|
||||
publish_dockerhub_arm64:
|
||||
runs-on: self-hosted
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
- name: Build and push arm64 Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/app-service:${{ github.event.inputs.tags }}-arm64
|
||||
context: framework/app-service
|
||||
file: framework/app-service/Dockerfile
|
||||
platforms: linux/arm64
|
||||
|
||||
publish_manifest:
|
||||
needs:
|
||||
- publish_dockerhub_amd64
|
||||
- publish_dockerhub_arm64
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Push manifest
|
||||
run: |
|
||||
docker manifest create beclab/app-service:${{ github.event.inputs.tags }} --amend beclab/app-service:${{ github.event.inputs.tags }}-amd64 --amend beclab/app-service:${{ github.event.inputs.tags }}-arm64
|
||||
docker manifest push beclab/app-service:${{ github.event.inputs.tags }}
|
||||
63
.github/workflows/module_appservice_publish_imageservice.yaml
vendored
Normal file
63
.github/workflows/module_appservice_publish_imageservice.yaml
vendored
Normal file
@@ -0,0 +1,63 @@
|
||||
name: Publish image-service to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub_amd64:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
- name: Build and push amd64 Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/image-service:${{ github.event.inputs.tags }}-amd64
|
||||
context: framework/app-service
|
||||
file: framework/app-service/Dockerfile.image
|
||||
platforms: linux/amd64
|
||||
publish_dockerhub_arm64:
|
||||
runs-on: self-hosted
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
- name: Build and push arm64 Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/image-service:${{ github.event.inputs.tags }}-arm64
|
||||
context: framework/app-service
|
||||
file: framework/app-service/Dockerfile.image
|
||||
platforms: linux/arm64
|
||||
|
||||
publish_manifest:
|
||||
needs:
|
||||
- publish_dockerhub_amd64
|
||||
- publish_dockerhub_arm64
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Push manifest
|
||||
run: |
|
||||
docker manifest create beclab/image-service:${{ github.event.inputs.tags }} --amend beclab/image-service:${{ github.event.inputs.tags }}-amd64 --amend beclab/image-service:${{ github.event.inputs.tags }}-arm64
|
||||
docker manifest push beclab/image-service:${{ github.event.inputs.tags }}
|
||||
|
||||
31
.github/workflows/module_backup_build_main.yaml
vendored
Normal file
31
.github/workflows/module_backup_build_main.yaml
vendored
Normal file
@@ -0,0 +1,31 @@
|
||||
name: Backup Server Build test
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "module-backup"
|
||||
paths:
|
||||
- 'framework/backup-server/**'
|
||||
- '!framework/backup-server/.olares/**'
|
||||
- '!framework/backup-server/README.md'
|
||||
pull_request:
|
||||
branches:
|
||||
- "module-backup"
|
||||
paths:
|
||||
- 'framework/backup-server/**'
|
||||
- '!framework/backup-server/.olares/**'
|
||||
- '!framework/backup-server/README.md'
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: '1.21.10'
|
||||
- name: Run Build
|
||||
working-directory: framework/backup-server
|
||||
run: |
|
||||
make build
|
||||
36
.github/workflows/module_backup_publish_docker.yaml
vendored
Normal file
36
.github/workflows/module_backup_publish_docker.yaml
vendored
Normal file
@@ -0,0 +1,36 @@
|
||||
name: Publish Backup Server to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/backup-server:v${{ github.event.inputs.tags }}
|
||||
file: framework/backup-server/Dockerfile
|
||||
context: framework/backup-server
|
||||
platforms: linux/amd64,linux/arm64
|
||||
|
||||
36
.github/workflows/module_backup_publish_sidecar.yaml
vendored
Normal file
36
.github/workflows/module_backup_publish_sidecar.yaml
vendored
Normal file
@@ -0,0 +1,36 @@
|
||||
name: Publish Sidecar Backup Sync to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/sidecar-backup-sync:v${{ github.event.inputs.tags }}
|
||||
file: framework/backup-server/Dockerfile.sidecar
|
||||
context: framework/backup-server
|
||||
platforms: linux/amd64,linux/arm64
|
||||
|
||||
43
.github/workflows/module_bfl_build_main.yaml
vendored
Normal file
43
.github/workflows/module_bfl_build_main.yaml
vendored
Normal file
@@ -0,0 +1,43 @@
|
||||
name: BFL Build test
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ "module-bfl" ]
|
||||
paths:
|
||||
- 'framework/bfl/**'
|
||||
- '!framework/bfl/.olares/**'
|
||||
- '!framework/bfl/README.md'
|
||||
pull_request:
|
||||
branches: [ "module-bfl" ]
|
||||
paths:
|
||||
- 'framework/bfl/**'
|
||||
- '!framework/bfl/.olares/**'
|
||||
- '!framework/bfl/README.md'
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: '1.22.1'
|
||||
- name: Run Build
|
||||
working-directory: framework/bfl
|
||||
run: |
|
||||
ksDir="../../kubesphere-ext"
|
||||
version="v3.3.0-ext"
|
||||
|
||||
if [ -d "$ksDir" ]; then
|
||||
pushd "${ksDir}/"
|
||||
branch=$(git rev-parse --abbrev-ref HEAD|awk -F / '{print $2}')
|
||||
if [ x"$branch" != x"$version" ]; then
|
||||
git checkout $version
|
||||
fi
|
||||
popd &>/dev/null
|
||||
else
|
||||
git clone https://github.com/beclab/kubesphere-ext.git "${ksDir}"
|
||||
fi
|
||||
|
||||
make all
|
||||
36
.github/workflows/module_bfl_publish_docker.yaml
vendored
Normal file
36
.github/workflows/module_bfl_publish_docker.yaml
vendored
Normal file
@@ -0,0 +1,36 @@
|
||||
name: Publish BFL-API to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/bfl:${{ github.event.inputs.tags }}
|
||||
file: framework/bfl/Dockerfile.api
|
||||
context: framework/bfl
|
||||
platforms: linux/amd64,linux/arm64
|
||||
|
||||
35
.github/workflows/module_bfl_publish_frpc.yaml
vendored
Normal file
35
.github/workflows/module_bfl_publish_frpc.yaml
vendored
Normal file
@@ -0,0 +1,35 @@
|
||||
name: Publish BFL-frpc to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build bfl-frpc and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/frpc:${{ github.event.inputs.tags }}
|
||||
file: framework/bfl/Dockerfile.frpc
|
||||
context: framework/bfl
|
||||
platforms: linux/amd64,linux/arm64
|
||||
35
.github/workflows/module_bfl_publish_ingress.yaml
vendored
Normal file
35
.github/workflows/module_bfl_publish_ingress.yaml
vendored
Normal file
@@ -0,0 +1,35 @@
|
||||
name: Publish BFL-ingress to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build bfl-ingress and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/bfl-ingress:${{ github.event.inputs.tags }}
|
||||
file: framework/bfl/Dockerfile.ingress
|
||||
context: framework/bfl
|
||||
platforms: linux/amd64,linux/arm64
|
||||
58
.github/workflows/module_integration_publish_docker.yaml
vendored
Normal file
58
.github/workflows/module_integration_publish_docker.yaml
vendored
Normal file
@@ -0,0 +1,58 @@
|
||||
name: Publish Integration Server to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: "Release Tags"
|
||||
|
||||
jobs:
|
||||
publish_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: PR Conventional Commit Validation
|
||||
uses: ytanikin/PRConventionalCommits@1.1.0
|
||||
if: github.event_name == 'pull_request' || github.event_name == 'pull_request_target'
|
||||
with:
|
||||
task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert","style"]'
|
||||
add_label: "true"
|
||||
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
submodules: recursive
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
with:
|
||||
image: tonistiigi/binfmt:qemu-v8.1.5
|
||||
cache-image: false
|
||||
platforms: arm64
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- uses: actions/setup-go@v2
|
||||
with:
|
||||
go-version: 1.23.3
|
||||
|
||||
- name: Login to GitHub Container Registry
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: get latest tag
|
||||
uses: "WyriHaximus/github-action-get-previous-tag@v1"
|
||||
id: get-latest-tag
|
||||
with:
|
||||
fallback: latest
|
||||
|
||||
- name: Build and push
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
file: framework/integration/Dockerfile
|
||||
push: true
|
||||
tags: beclab/integration-server:${{ github.event.inputs.tags }}
|
||||
platforms: linux/amd64,linux/arm64
|
||||
context: framework/integration
|
||||
36
.github/workflows/module_kubemetrics_publish_docker.yaml
vendored
Normal file
36
.github/workflows/module_kubemetrics_publish_docker.yaml
vendored
Normal file
@@ -0,0 +1,36 @@
|
||||
name: Publish Kube State Metrics to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
update_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and Push image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/kube-state-metrics:${{ github.event.inputs.tags }}
|
||||
file: framework/kube-state-metrics/Dockerfile
|
||||
platforms: linux/amd64,linux/arm64
|
||||
context: framework/kube-state-metrics
|
||||
29
.github/workflows/module_kubesphere_build_main.yaml
vendored
Normal file
29
.github/workflows/module_kubesphere_build_main.yaml
vendored
Normal file
@@ -0,0 +1,29 @@
|
||||
name: Kubesphere Build Test
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "module-kubesphere"
|
||||
paths:
|
||||
- 'infrastructure/kubesphere/**'
|
||||
- '!infrastructure/kubesphere/.olares/**'
|
||||
- '!infrastructure/kubesphere/README.md'
|
||||
pull_request:
|
||||
branches:
|
||||
- "module-kubesphere"
|
||||
paths:
|
||||
- 'infrastructure/kubesphere/**'
|
||||
- '!infrastructure/kubesphere/.olares/**'
|
||||
- '!infrastructure/kubesphere/README.md'
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
- uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: '1.24'
|
||||
- run: make binary
|
||||
working-directory: infrastructure/kubesphere
|
||||
36
.github/workflows/module_kubesphere_publish_docker.yaml
vendored
Normal file
36
.github/workflows/module_kubesphere_publish_docker.yaml
vendored
Normal file
@@ -0,0 +1,36 @@
|
||||
name: Publish Kubesphere to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASSWORD }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/ks-apiserver:${{ github.event.inputs.tags }}
|
||||
file: infrastructure/kubesphere/build/ks-apiserver/Dockerfile
|
||||
context: infrastructure/kubesphere
|
||||
platforms: linux/amd64,linux/arm64
|
||||
47
.github/workflows/module_l4_build_main.yaml
vendored
Normal file
47
.github/workflows/module_l4_build_main.yaml
vendored
Normal file
@@ -0,0 +1,47 @@
|
||||
name: L4-BFL-Proxy Build test
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ "module-l4" ]
|
||||
paths:
|
||||
- 'framework/l4-bfl-proxy/**'
|
||||
- '!framework/l4-bfl-proxy/.olares/**'
|
||||
- '!framework/l4-bfl-proxy/README.md'
|
||||
pull_request:
|
||||
branches: [ "module-l4" ]
|
||||
paths:
|
||||
- 'framework/l4-bfl-proxy/**'
|
||||
- '!framework/l4-bfl-proxy/.olares/**'
|
||||
- '!framework/l4-bfl-proxy/README.md'
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
# runs-on: self-hosted
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: '1.18.2'
|
||||
- name: Run Build
|
||||
working-directory: framework/l4-bfl-proxy
|
||||
run: |
|
||||
ksDir="../../kubesphere"
|
||||
tag="v3.3.0"
|
||||
|
||||
if [ -d "$ksDir" ]; then
|
||||
pushd "${ksDir}/"
|
||||
branch=$(git rev-parse --abbrev-ref HEAD|awk -F / '{print $2}')
|
||||
if [ x"$branch" != x"$tag" ]; then
|
||||
git checkout -b $tag
|
||||
fi
|
||||
popd &>/dev/null
|
||||
else
|
||||
git clone https://github.com/kubesphere/kubesphere.git "${ksDir}"
|
||||
pushd "${ksDir}/"
|
||||
git checkout -b $tag
|
||||
popd &>/dev/null
|
||||
fi
|
||||
|
||||
make all
|
||||
67
.github/workflows/module_l4_publish_base.yaml
vendored
Normal file
67
.github/workflows/module_l4_publish_base.yaml
vendored
Normal file
@@ -0,0 +1,67 @@
|
||||
name: Publish L4 openresty-base to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub_amd64:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build openresty and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: bytetrade/openresty:base-${{ github.event.inputs.tags }}-amd64
|
||||
file: framework/l4-bfl-proxy/Dockerfile.openresty
|
||||
platforms: linux/amd64
|
||||
context: framework/l4-bfl-proxy
|
||||
|
||||
publish_dockerhub_arm64:
|
||||
runs-on: self-hosted
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build nginx-lua and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: bytetrade/openresty:base-${{ github.event.inputs.tags }}-arm64
|
||||
file: framework/l4-bfl-proxy/Dockerfile.openresty
|
||||
platforms: linux/arm64
|
||||
context: framework/l4-bfl-proxy
|
||||
|
||||
publish_manifest:
|
||||
needs:
|
||||
- publish_dockerhub_amd64
|
||||
- publish_dockerhub_arm64
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Push manifest
|
||||
run: |
|
||||
docker manifest create bytetrade/openresty:base-${{ github.event.inputs.tags }} --amend bytetrade/openresty:base-${{ github.event.inputs.tags }}-amd64 --amend bytetrade/openresty:base-${{ github.event.inputs.tags }}-arm64
|
||||
docker manifest push bytetrade/openresty:base-${{ github.event.inputs.tags }}
|
||||
35
.github/workflows/module_l4_publish_docker.yaml
vendored
Normal file
35
.github/workflows/module_l4_publish_docker.yaml
vendored
Normal file
@@ -0,0 +1,35 @@
|
||||
name: Publish L4-BFL-Proxy to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build l4-bfl-proxy and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/l4-bfl-proxy:${{ github.event.inputs.tags }}
|
||||
file: framework/l4-bfl-proxy/Dockerfile
|
||||
platforms: linux/amd64,linux/arm64
|
||||
context: framework/l4-bfl-proxy
|
||||
67
.github/workflows/module_l4_publish_nginx.yaml
vendored
Normal file
67
.github/workflows/module_l4_publish_nginx.yaml
vendored
Normal file
@@ -0,0 +1,67 @@
|
||||
name: Publish L4 nginx-lua to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub_amd64:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build nginx-lua and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: bytetrade/openresty:${{ github.event.inputs.tags }}-amd64
|
||||
file: framework/l4-bfl-proxy/Dockerfile.nginx
|
||||
platforms: linux/amd64
|
||||
context: framework/l4-bfl-proxy
|
||||
|
||||
publish_dockerhub_arm64:
|
||||
runs-on: self-hosted
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build nginx-lua and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: bytetrade/openresty:${{ github.event.inputs.tags }}-arm64
|
||||
file: framework/l4-bfl-proxy/Dockerfile.nginx
|
||||
platforms: linux/arm64
|
||||
context: framework/l4-bfl-proxy
|
||||
|
||||
publish_manifest:
|
||||
needs:
|
||||
- publish_dockerhub_amd64
|
||||
- publish_dockerhub_arm64
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Push manifest
|
||||
run: |
|
||||
docker manifest create bytetrade/openresty:${{ github.event.inputs.tags }} --amend bytetrade/openresty:${{ github.event.inputs.tags }}-amd64 --amend bytetrade/openresty:${{ github.event.inputs.tags }}-arm64
|
||||
docker manifest push bytetrade/openresty:${{ github.event.inputs.tags }}
|
||||
29
.github/workflows/module_nodeinit_build_main.yaml
vendored
Normal file
29
.github/workflows/module_nodeinit_build_main.yaml
vendored
Normal file
@@ -0,0 +1,29 @@
|
||||
name: OSNode-Init Build test
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ "module-nodeinit" ]
|
||||
paths:
|
||||
- 'framework/osnode-init/**'
|
||||
- '!framework/osnode-init/.olares/**'
|
||||
- '!framework/osnode-init/README.md'
|
||||
pull_request:
|
||||
branches: [ "module-nodeinit" ]
|
||||
paths:
|
||||
- 'framework/osnode-init/**'
|
||||
- '!framework/osnode-init/.olares/**'
|
||||
- '!framework/osnode-init/README.md'
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: '1.24.6'
|
||||
- name: Run Build
|
||||
working-directory: framework/osnode-init
|
||||
run: |
|
||||
make all
|
||||
42
.github/workflows/module_nodeinit_publish_docker.yaml
vendored
Normal file
42
.github/workflows/module_nodeinit_publish_docker.yaml
vendored
Normal file
@@ -0,0 +1,42 @@
|
||||
name: Publish OSNode-Init to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: '1.24.6'
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/osnode-init:v${{ github.event.inputs.tags }}
|
||||
file: framework/osnode-init/Dockerfile
|
||||
context: framework/osnode-init
|
||||
platforms: linux/amd64, linux/arm64
|
||||
|
||||
31
.github/workflows/module_systemserver_build_main.yaml
vendored
Normal file
31
.github/workflows/module_systemserver_build_main.yaml
vendored
Normal file
@@ -0,0 +1,31 @@
|
||||
name: SystemServer Build test
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "module-systemserver"
|
||||
paths:
|
||||
- 'framework/systemserver/**'
|
||||
- '!framework/systemserver/.olares/**'
|
||||
- '!framework/systemserver/README.md'
|
||||
pull_request:
|
||||
branches:
|
||||
- "module-systemserver"
|
||||
paths:
|
||||
- 'framework/systemserver/**'
|
||||
- '!framework/systemserver/.olares/**'
|
||||
- '!framework/systemserver/README.md'
|
||||
jobs:
|
||||
build0-main:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: '1.22.6'
|
||||
- run: |
|
||||
git clone https://github.com/kubernetes/code-generator.git ../code-generator
|
||||
cd ../code-generator
|
||||
git checkout -b release-1.27
|
||||
cd -
|
||||
make system-server
|
||||
working-directory: framework/system-server
|
||||
37
.github/workflows/module_systemserver_publish_docker.yaml
vendored
Normal file
37
.github/workflows/module_systemserver_publish_docker.yaml
vendored
Normal file
@@ -0,0 +1,37 @@
|
||||
name: Publish SystemServer to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
update_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/system-server:${{ github.event.inputs.tags }}
|
||||
context: framework/system-server
|
||||
file: Dockerfile
|
||||
platforms: linux/amd64,linux/arm64
|
||||
|
||||
37
.github/workflows/module_systemserver_publish_proxy.yaml
vendored
Normal file
37
.github/workflows/module_systemserver_publish_proxy.yaml
vendored
Normal file
@@ -0,0 +1,37 @@
|
||||
name: Publish SystemServer Provider Proxy to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
update_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/provider-proxy:${{ github.event.inputs.tags }}
|
||||
file: framework/system-server/Dockerfile.provider
|
||||
context: framework/system-server
|
||||
platforms: linux/amd64,linux/arm64
|
||||
|
||||
28
.github/workflows/module_tapr_build_main.yaml
vendored
Normal file
28
.github/workflows/module_tapr_build_main.yaml
vendored
Normal file
@@ -0,0 +1,28 @@
|
||||
name: TAPR Build test
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "module-tapr"
|
||||
paths:
|
||||
- 'platform/tapr/**'
|
||||
- '!platform/tapr/.olares/**'
|
||||
- '!platform/tapr/README.md'
|
||||
pull_request:
|
||||
branches:
|
||||
- "module-tapr"
|
||||
paths:
|
||||
- 'platform/tapr/**'
|
||||
- '!platform/tapr/.olares/**'
|
||||
- '!platform/tapr/README.md'
|
||||
jobs:
|
||||
build0-main:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: '1.23.3'
|
||||
- working-directory: platform/tapr
|
||||
run: |
|
||||
make build-uploader build-vault build-middleware
|
||||
|
||||
37
.github/workflows/module_tapr_publish_citus.yaml
vendored
Normal file
37
.github/workflows/module_tapr_publish_citus.yaml
vendored
Normal file
@@ -0,0 +1,37 @@
|
||||
name: Publish TAPR citus to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
update_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/citus:${{ github.event.inputs.tags }}
|
||||
file: platform/tapr/docker/citus/Dockerfile
|
||||
platforms: linux/amd64, linux/arm64
|
||||
context: platform/tapr
|
||||
|
||||
37
.github/workflows/module_tapr_publish_image.yaml
vendored
Normal file
37
.github/workflows/module_tapr_publish_image.yaml
vendored
Normal file
@@ -0,0 +1,37 @@
|
||||
name: Publish TAPR image-uploader to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
update_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/images-uploader:${{ github.event.inputs.tags }}
|
||||
file: platform/tapr/docker/uploader/Dockerfile
|
||||
context: platform/tapr
|
||||
platforms: linux/amd64, linux/arm64
|
||||
|
||||
62
.github/workflows/module_tapr_publish_middleware.yaml
vendored
Normal file
62
.github/workflows/module_tapr_publish_middleware.yaml
vendored
Normal file
@@ -0,0 +1,62 @@
|
||||
name: Publish TAPR middleware-operator to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub_amd64:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
- name: Build and push amd64 Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/middleware-operator:${{ github.event.inputs.tags }}-amd64
|
||||
file: platform/tapr/docker/middleware/Dockerfile
|
||||
context: platform/tapr
|
||||
platforms: linux/amd64
|
||||
publish_dockerhub_arm64:
|
||||
runs-on: self-hosted
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
- name: Build and push arm64 Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/middleware-operator:${{ github.event.inputs.tags }}-arm64
|
||||
file: platform/tapr/docker/middleware/Dockerfile
|
||||
context: platform/tapr
|
||||
platforms: linux/arm64
|
||||
|
||||
publish_manifest:
|
||||
needs:
|
||||
- publish_dockerhub_amd64
|
||||
- publish_dockerhub_arm64
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Push manifest
|
||||
run: |
|
||||
docker manifest create beclab/middleware-operator:${{ github.event.inputs.tags }} --amend beclab/middleware-operator:${{ github.event.inputs.tags }}-amd64 --amend beclab/middleware-operator:${{ github.event.inputs.tags }}-arm64
|
||||
docker manifest push beclab/middleware-operator:${{ github.event.inputs.tags }}
|
||||
37
.github/workflows/module_tapr_publish_s3rver.yaml
vendored
Normal file
37
.github/workflows/module_tapr_publish_s3rver.yaml
vendored
Normal file
@@ -0,0 +1,37 @@
|
||||
name: Publish TAPR s3rver to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
update_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/s3rver:${{ github.event.inputs.tags }}
|
||||
file: platform/tapr/docker/middleware/Dockerfile.s3rver
|
||||
context: platform/tapr
|
||||
platforms: linux/amd64, linux/arm64
|
||||
|
||||
62
.github/workflows/module_tapr_publish_sysevent.yaml
vendored
Normal file
62
.github/workflows/module_tapr_publish_sysevent.yaml
vendored
Normal file
@@ -0,0 +1,62 @@
|
||||
name: Publish TAPR sys-event to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
publish_dockerhub_amd64:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
- name: Build and push amd64 Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/sys-event:${{ github.event.inputs.tags }}-amd64
|
||||
file: platform/tapr/docker/sys-event/Dockerfile
|
||||
context: platform/tapr
|
||||
platforms: linux/amd64
|
||||
publish_dockerhub_arm64:
|
||||
runs-on: self-hosted
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
- name: Build and push arm64 Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/sys-event:${{ github.event.inputs.tags }}-arm64
|
||||
file: platform/tapr/docker/sys-event/Dockerfile
|
||||
context: platform/tapr
|
||||
platforms: linux/arm64
|
||||
|
||||
publish_manifest:
|
||||
needs:
|
||||
- publish_dockerhub_amd64
|
||||
- publish_dockerhub_arm64
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Push manifest
|
||||
run: |
|
||||
docker manifest create beclab/sys-event:${{ github.event.inputs.tags }} --amend beclab/sys-event:${{ github.event.inputs.tags }}-amd64 --amend beclab/sys-event:${{ github.event.inputs.tags }}-arm64
|
||||
docker manifest push beclab/sys-event:${{ github.event.inputs.tags }}
|
||||
37
.github/workflows/module_tapr_publish_vault.yaml
vendored
Normal file
37
.github/workflows/module_tapr_publish_vault.yaml
vendored
Normal file
@@ -0,0 +1,37 @@
|
||||
name: Publish TAPR secret-vault to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
update_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/secret-vault:${{ github.event.inputs.tags }}
|
||||
file: platform/tapr/docker/vault/Dockerfile
|
||||
context: platform/tapr
|
||||
platforms: linux/amd64, linux/arm64
|
||||
|
||||
37
.github/workflows/module_tapr_publish_wsgateway.yaml
vendored
Normal file
37
.github/workflows/module_tapr_publish_wsgateway.yaml
vendored
Normal file
@@ -0,0 +1,37 @@
|
||||
name: Publish TAPR ws-gateway to Dockerhub
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
tags:
|
||||
description: 'Release Tags'
|
||||
|
||||
jobs:
|
||||
update_dockerhub:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out the repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Docker Hub
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASS }}
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v3
|
||||
with:
|
||||
push: true
|
||||
tags: beclab/ws-gateway:${{ github.event.inputs.tags }}
|
||||
file: platform/tapr/docker/ws-gateway/Dockerfile
|
||||
context: platform/tapr
|
||||
platforms: linux/amd64, linux/arm64
|
||||
|
||||
2
.github/workflows/release-cli.yaml
vendored
2
.github/workflows/release-cli.yaml
vendored
@@ -41,7 +41,7 @@ jobs:
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: 1.24.3
|
||||
go-version: 1.24.11
|
||||
|
||||
- name: Install x86_64 cross-compiler
|
||||
run: sudo apt-get update && sudo apt-get install -y build-essential
|
||||
|
||||
6
.github/workflows/release-daemon.yaml
vendored
6
.github/workflows/release-daemon.yaml
vendored
@@ -42,11 +42,11 @@ jobs:
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: 1.22.1
|
||||
go-version: 1.24.11
|
||||
|
||||
- name: install udev-devel
|
||||
- name: install udev-devel and pcap-devel
|
||||
run: |
|
||||
sudo apt update && sudo apt install -y libudev-dev
|
||||
sudo apt update && sudo apt install -y libudev-dev libpcap-dev
|
||||
|
||||
- name: Install x86_64 cross-compiler
|
||||
run: sudo apt-get update && sudo apt-get install -y build-essential
|
||||
|
||||
2
.github/workflows/release-daily.yaml
vendored
2
.github/workflows/release-daily.yaml
vendored
@@ -17,7 +17,7 @@ jobs:
|
||||
steps:
|
||||
- id: generate
|
||||
run: |
|
||||
v=1.12.1-$(date +"%Y%m%d")
|
||||
v=1.12.4-$(date +"%Y%m%d")
|
||||
echo "version=$v" >> "$GITHUB_OUTPUT"
|
||||
|
||||
release-id:
|
||||
|
||||
2
.github/workflows/release.yaml
vendored
2
.github/workflows/release.yaml
vendored
@@ -162,7 +162,7 @@ jobs:
|
||||
- name: Get checksum
|
||||
id: vars
|
||||
run: |
|
||||
echo "version_md5sum=$(curl -sSfL https://dc3p1870nn3cj.cloudfront.net${{ secrets.REPO_PATH }}install-wizard-v${{ github.event.inputs.tags }}.${{ needs.release-id.outputs.id }}.md5sum.txt|awk '{print $1}')" >> $GITHUB_OUTPUT
|
||||
echo "version_md5sum=$(curl -sSfL https://cdn.olares.com${{ secrets.REPO_PATH }}install-wizard-v${{ github.event.inputs.tags }}.${{ needs.release-id.outputs.id }}.md5sum.txt|awk '{print $1}')" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Update checksum
|
||||
uses: eball/write-tag-to-version-file@latest
|
||||
|
||||
4
.gitignore
vendored
4
.gitignore
vendored
@@ -37,4 +37,6 @@ docs/.vitepress/dist/
|
||||
docs/.vitepress/cache/
|
||||
node_modules
|
||||
.idea/
|
||||
cli/olares-cli*
|
||||
cli/olares-cli*
|
||||
|
||||
framework/app-service/bin
|
||||
|
||||
26
README.md
26
README.md
@@ -7,8 +7,10 @@
|
||||
|
||||
[](https://github.com/beclab/olares/releases)
|
||||
[](https://github.com/beclab/olares/stargazers)
|
||||
[](https://discord.com/invite/BzfqrgQPDK)
|
||||
[](https://github.com/beclab/olares/blob/main/LICENSE.md)
|
||||
[](https://discord.gg/olares)
|
||||
[](https://github.com/beclab/olares/blob/main/LICENSE)
|
||||
|
||||
<a href="https://trendshift.io/repositories/15376" target="_blank"><img src="https://trendshift.io/api/badge/repositories/15376" alt="beclab%2FOlares | Trendshift" style="width: 250px; height: 55px;" width="250" height="55"/></a>
|
||||
|
||||
<p>
|
||||
<a href="./README.md"><img alt="Readme in English" src="https://img.shields.io/badge/English-FFFFFF"></a>
|
||||
@@ -21,7 +23,7 @@
|
||||
<p align="center">
|
||||
<a href="https://olares.com">Website</a> ·
|
||||
<a href="https://docs.olares.com">Documentation</a> ·
|
||||
<a href="https://olares.com/larepass">Download LarePass</a> ·
|
||||
<a href="https://www.olares.com/larepass">Download LarePass</a> ·
|
||||
<a href="https://github.com/beclab/apps">Olares Apps</a> ·
|
||||
<a href="https://space.olares.com">Olares Space</a>
|
||||
</p>
|
||||
@@ -30,10 +32,10 @@
|
||||
>
|
||||
>*It's time for a change.*
|
||||
|
||||
|
||||
|
||||
We believe you have a fundamental right to control your digital life. The most effective way to uphold this right is by hosting your data locally, on your own hardware.
|
||||
|
||||
Olares is an **open-source personal cloud operating system** designed to empower you to own and manage your digital assets locally. Instead of relying on public cloud services, you can deploy powerful open-source alternatives locally on Olares, such as Ollama for hosting LLMs, SD WebUI for image generation, and Mastodon for building censor free social space. Imagine the power of the cloud, but with you in complete command.
|
||||
Olares is an **open-source personal cloud operating system** designed to empower you to own and manage your digital assets locally. Instead of relying on public cloud services, you can deploy powerful open-source alternatives locally on Olares, such as Ollama for hosting LLMs, ComfyUI for image generation, and Perplexica for private, AI-driven search and reasoning. Imagine the power of the cloud, but with you in complete command.
|
||||
|
||||
> 🌟 *Star us to receive instant notifications about new releases and updates.*
|
||||
|
||||
@@ -41,7 +43,7 @@ Olares is an **open-source personal cloud operating system** designed to empower
|
||||
|
||||
Just as Public clouds offer IaaS, PaaS, and SaaS layers, Olares provides open-source alternatives to each of these layers.
|
||||
|
||||
|
||||
|
||||
|
||||
For detailed description of each component, refer to [Olares architecture](https://docs.olares.com/manual/concepts/system-architecture.html).
|
||||
|
||||
@@ -66,15 +68,15 @@ Here are some screenshots from the UI for a sneak peek:
|
||||
|
||||
| **Desktop–Streamlined and familiar portal** | **Files–A secure home to your data**
|
||||
| :--------: | :-------: |
|
||||
|  |  |
|
||||
|  |  |
|
||||
| **Vault–1Password alternative**|**Market–App ecosystem in your control** |
|
||||
|  |  |
|
||||
|  |  |
|
||||
|**Wise–Your digital secret garden** | **Settings–Manage Olares efficiently** |
|
||||
|  |  |
|
||||
|  |  |
|
||||
|**Dashboard–Constant system monitoring** | **Profile–Your unique homepage** |
|
||||
|  |  |
|
||||
|  |  |
|
||||
| **Studio–Develop, debug, and deploy**|**Control Hub–Manage Kubernetes clusters easily** |
|
||||
|  | |
|
||||
|  | |
|
||||
|
||||
|
||||
## Key use cases
|
||||
@@ -134,7 +136,7 @@ https://docs.olares.com/developer/contribute/olares.html
|
||||
|
||||
* [**GitHub Discussion**](https://github.com/beclab/olares/discussions). Best for sharing feedback and asking questions.
|
||||
* [**GitHub Issues**](https://github.com/beclab/olares/issues). Best for filing bugs you encounter using Olares and submitting feature proposals.
|
||||
* [**Discord**](https://discord.com/invite/BzfqrgQPDK). Best for sharing anything Olares.
|
||||
* [**Discord**](https://discord.gg/olares). Best for sharing anything Olares.
|
||||
|
||||
## Special thanks
|
||||
|
||||
|
||||
26
README_CN.md
26
README_CN.md
@@ -7,8 +7,10 @@
|
||||
|
||||
[](https://github.com/beclab/olares/releases)
|
||||
[](https://github.com/beclab/olares/stargazers)
|
||||
[](https://discord.com/invite/BzfqrgQPDK)
|
||||
[](https://github.com/beclab/olares/blob/main/LICENSE.md)
|
||||
[](https://discord.gg/olares)
|
||||
[](https://github.com/beclab/olares/blob/main/LICENSE)
|
||||
|
||||
<a href="https://trendshift.io/repositories/15376" target="_blank"><img src="https://trendshift.io/api/badge/repositories/15376" alt="beclab%2FOlares | Trendshift" style="width: 250px; height: 55px;" width="250" height="55"/></a>
|
||||
|
||||
<p>
|
||||
<a href="./README.md"><img alt="Readme in English" src="https://img.shields.io/badge/English-FFFFFF"></a>
|
||||
@@ -21,7 +23,7 @@
|
||||
<p align="center">
|
||||
<a href="https://olares.com">网站</a> ·
|
||||
<a href="https://docs.olares.com">文档</a> ·
|
||||
<a href="https://olares.com/larepass">下载 LarePass</a> ·
|
||||
<a href="https://www.olares.cn/larepass">下载 LarePass</a> ·
|
||||
<a href="https://github.com/beclab/apps">Olares 应用</a> ·
|
||||
<a href="https://space.olares.com">Olares Space</a>
|
||||
</p>
|
||||
@@ -30,11 +32,11 @@
|
||||
>
|
||||
> *是时候做出改变了。*
|
||||
|
||||
|
||||
|
||||
|
||||
我们坚信,**您拥有掌控自己数字生活的基本权利**。维护这一权利最有效的方式,就是将您的数据托管在本地,在您自己的硬件上。
|
||||
|
||||
Olares 是一款开源个人云操作系统,旨在让您能够轻松在本地拥有并管理自己的数字资产。您无需再依赖公有云服务,而可以在 Olares 上本地部署强大的开源平替服务或应用,例如可以使用 Ollama 托管大语言模型,使用 SD WebUI 用于图像生成,以及使用 Mastodon 构建不受审查的社交空间。Olares 让你坐拥云计算的强大威力,又能完全将其置于自己掌控之下。
|
||||
Olares 是一款开源个人云操作系统,旨在让您能够轻松在本地拥有并管理自己的数字资产。您无需再依赖公有云服务,而可以在 Olares 上本地部署强大的开源平替服务或应用,例如可以使用 Ollama 托管大语言模型,使用 ComfyUI 生成图像,以及使用 Perplexica 打造本地化、注重隐私的 AI 搜索与问答体验。Olares 让您坐拥云计算的强大威力,又能完全将其置于自己掌控之下。
|
||||
|
||||
> 为 Olares 点亮 🌟 以及时获取新版本和更新的通知。
|
||||
|
||||
@@ -42,7 +44,7 @@ Olares 是一款开源个人云操作系统,旨在让您能够轻松在本地
|
||||
|
||||
公有云具有基础设施即服务(IaaS)、平台即服务(PaaS)和软件即服务(SaaS)等层级。Olares 为这些层级提供了开源替代方案。
|
||||
|
||||
|
||||
|
||||
|
||||
详细描述请参考 [Olares 架构](https://docs.olares.cn/zh/manual/concepts/system-architecture.html)文档。
|
||||
|
||||
@@ -68,15 +70,15 @@ Olares 提供了一系列功能,旨在提升安全性、使用便捷性以及
|
||||
|
||||
| **桌面:熟悉高效的访问入口** | **文件管理器:安全存储数据**
|
||||
| :--------: | :-------: |
|
||||
|  |  |
|
||||
|  |  |
|
||||
| **Vault:密码无忧管理**|**市场:可控的应用生态系统** |
|
||||
|  |  |
|
||||
|  |  |
|
||||
|**Wise:数字后花园** | **设置:高效管理 Olares** |
|
||||
|  |  |
|
||||
|  |  |
|
||||
|**仪表盘:持续监控 Olares** | **Profile:独特的个人主页** |
|
||||
|  |  |
|
||||
|  |  |
|
||||
| **Studio:一站式开发、调试和部署**|**控制面板:轻松管理 Kubernetes 集群** |
|
||||
|  | |
|
||||
|  | |
|
||||
|
||||
## 使用场景
|
||||
|
||||
@@ -136,7 +138,7 @@ https://docs.olares.com/developer/contribute/olares.html
|
||||
|
||||
* [**GitHub Discussion**](https://github.com/beclab/olares/discussions) - 讨论 Olares 使用过程中的疑问。
|
||||
* [**GitHub Issues**](https://github.com/beclab/olares/issues) - 报告 Olares 的遇到的问题或提出功能改进建议。
|
||||
* [**Discord**](https://discord.com/invite/BzfqrgQPDK) - 日常交流,分享经验,或讨论与 Olares 相关的任何主题。
|
||||
* [**Discord**](https://discord.gg/olares) - 日常交流,分享经验,或讨论与 Olares 相关的任何主题。
|
||||
|
||||
## 特别感谢
|
||||
|
||||
|
||||
29
README_JP.md
29
README_JP.md
@@ -7,8 +7,10 @@
|
||||
|
||||
[](https://github.com/beclab/olares/releases)
|
||||
[](https://github.com/beclab/olares/stargazers)
|
||||
[](https://discord.com/invite/BzfqrgQPDK)
|
||||
[](https://github.com/beclab/olares/blob/main/LICENSE.md)
|
||||
[](https://discord.gg/olares)
|
||||
[](https://github.com/beclab/olares/blob/main/LICENSE)
|
||||
|
||||
<a href="https://trendshift.io/repositories/15376" target="_blank"><img src="https://trendshift.io/api/badge/repositories/15376" alt="beclab%2FOlares | Trendshift" style="width: 250px; height: 55px;" width="250" height="55"/></a>
|
||||
|
||||
<p>
|
||||
<a href="./README.md"><img alt="Readme in English" src="https://img.shields.io/badge/English-FFFFFF"></a>
|
||||
@@ -21,7 +23,7 @@
|
||||
<p align="center">
|
||||
<a href="https://olares.com">ウェブサイト</a> ·
|
||||
<a href="https://docs.olares.com">ドキュメント</a> ·
|
||||
<a href="https://olares.com/larepass">LarePassをダウンロード</a> ·
|
||||
<a href="https://www.olares.com/larepass">LarePassをダウンロード</a> ·
|
||||
<a href="https://github.com/beclab/apps">Olaresアプリ</a> ·
|
||||
<a href="https://space.olares.com">Olares Space</a>
|
||||
</p>
|
||||
@@ -30,21 +32,20 @@
|
||||
>
|
||||
>*今こそ、変革の時です。*
|
||||
|
||||
|
||||
|
||||
|
||||
私たちは、あなたが自身のデジタルライフをコントロールする基本的な権利を有すると確信しています。この権利を守る最も効果的な方法は、あなたのデータをローカルの、あなた自身のハードウェア上でホストすることです。
|
||||
|
||||
Olaresは、あなたが自身のデジタル資産をローカルで容易に所有し管理できるよう設計された、オープンソースのパーソナルクラウドOSです。もはやパブリッククラウドサービスに依存する必要はありません。Olares上で、例えばOllamaを利用した大規模言語モデルのホスティング、SD WebUIによる画像生成、Mastodonを用いた検閲のないソーシャルスペースの構築など、強力なオープンソースの代替サービスやアプリケーションをローカルにデプロイできます。Olaresは、クラウドコンピューティングの絶大な力を活用しつつ、それを完全に自身のコントロール下に置くことを可能にします。
|
||||
|
||||
Olaresは、あなたが自身のデジタル資産をローカルで所有し管理できるように設計された、オープンソースのパーソナルクラウドOSです。パブリッククラウドサービスに依存する代わりに、Olares上で強力なオープンソースの代替をローカルにデプロイできます。例えば、LLMのホスティングにはOllama、画像生成にはComfyUI、そしてプライバシーを重視したAI駆動の検索と推論にはPerplexicaを利用できます。クラウドの力をそのままに、主導権は常にあなたの手に。
|
||||
> 🌟 *新しいリリースや更新についての通知を受け取るために、スターを付けてください。*
|
||||
|
||||
## アーキテクチャ
|
||||
|
||||
パブリッククラウドは、IaaS (Infrastructure as a Service)、PaaS (Platform as a Service)、SaaS (Software as a Service) といったサービスレイヤーで構成されています。Olaresは、これら各レイヤーに対するオープンソースの代替ソリューションを提供しています。
|
||||
|
||||
|
||||
|
||||
|
||||
各コンポーネントの詳細については、[Olares アーキテクチャ](https://docs.olares.com/manual/concepts/system-architecture.html)(英語版)をご参照ください。
|
||||
各コンポーネントの詳細については、[Olares アーキテクチャ](https://docs.olares.com/developer/concepts/system-architecture.html)(英語版)をご参照ください。
|
||||
|
||||
> 🔍**OlaresとNASの違いは何ですか?**
|
||||
>
|
||||
@@ -67,15 +68,15 @@ Olaresは、セキュリティ、使いやすさ、開発の柔軟性を向上
|
||||
|
||||
| **デスクトップ:馴染みやすく効率的なアクセスポイント** | **ファイルマネージャー:データを安全に保管** |
|
||||
| :--------: | :-------: |
|
||||
|  |  |
|
||||
|  |  |
|
||||
| **Vault:安心のパスワード管理**|**マーケット:コントロール可能なアプリエコシステム** |
|
||||
|  |  |
|
||||
|  |  |
|
||||
| **Wise:あなただけのデジタルガーデン** | **設定:Olaresを効率的に管理** |
|
||||
|  |  |
|
||||
|  |  |
|
||||
| **ダッシュボード:Olaresを継続的に監視** | **プロフィール:ユニークなパーソナルページ** |
|
||||
|  |  |
|
||||
|  |  |
|
||||
| **Studio:開発、デバッグ、デプロイをワンストップで**|**コントロールパネル:Kubernetesクラスターを簡単に管理** |
|
||||
|  | |
|
||||
|  | |
|
||||
|
||||
## なぜOlaresなのか?
|
||||
|
||||
@@ -135,7 +136,7 @@ https://docs.olares.com/developer/contribute/olares.html
|
||||
|
||||
* [**GitHub Discussion**](https://github.com/beclab/olares/discussions). フィードバックの共有や質問に最適です。
|
||||
* [**GitHub Issues**](https://github.com/beclab/olares/issues). Olaresの使用中に遭遇したバグの報告や機能提案の提出に最適です。
|
||||
* [**Discord**](https://discord.com/invite/BzfqrgQPDK). Olaresに関するあらゆることを共有するのに最適です。
|
||||
* [**Discord**](https://discord.gg/olares). Olaresに関するあらゆることを共有するのに最適です。
|
||||
|
||||
## 特別な感謝
|
||||
|
||||
|
||||
@@ -11,3 +11,17 @@ subjects:
|
||||
- kind: ServiceAccount
|
||||
name: system-frontend
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: backend:{{ .Values.bfl.username }}:system-frontend:media-server-svc
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Values.bfl.username }}:media-server-svc
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: system-frontend
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
@@ -35,34 +35,6 @@ rules:
|
||||
- "/api/nodes/*"
|
||||
verbs: ["*"]
|
||||
|
||||
# ---
|
||||
# apiVersion: sys.bytetrade.io/v1alpha1
|
||||
# kind: ProviderRegistry
|
||||
# metadata:
|
||||
# name: files-provider
|
||||
# namespace: user-system-{{ .Values.bfl.username }}
|
||||
# spec:
|
||||
# dataType: files
|
||||
# deployment: files
|
||||
# description: files provider
|
||||
# endpoint: files-service.{{ .Release.Namespace }}
|
||||
# group: service.files
|
||||
# kind: provider
|
||||
# namespace: {{ .Release.Namespace }}
|
||||
# opApis:
|
||||
# - name: Query
|
||||
# uri: /provider/query_file
|
||||
# - name: GetSearchFolderStatus
|
||||
# uri: /provider/get_search_folder_status
|
||||
# - name: UpdateSearchFolderPaths
|
||||
# uri: /provider/update_search_folder_paths
|
||||
# - name: GetDatasetFolderStatus
|
||||
# uri: /provider/get_dataset_folder_status
|
||||
# - name: UpdateDatasetFolderPaths
|
||||
# uri: /provider/update_dataset_folder_paths
|
||||
# version: v1
|
||||
# status:
|
||||
# state: active
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
@@ -78,8 +50,24 @@ rules:
|
||||
- "/provider/update_search_folder_paths"
|
||||
- "/provider/get_dataset_folder_status"
|
||||
- "/provider/update_dataset_folder_paths"
|
||||
- "/seahub/api/*"
|
||||
- "/system/configuration/encoding"
|
||||
- "/api/search/get_directory/"
|
||||
- "/api/search/sync_search/"
|
||||
verbs: ["*"]
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Values.bfl.username }}:media-server-svc
|
||||
annotations:
|
||||
provider-registry-ref: user-system-{{ .Values.bfl.username }}/media-server-service
|
||||
provider-service-ref: media-server-service.os-framework:9090
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "/System/Configuration/encoding"
|
||||
verbs: ["*"]
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
|
||||
@@ -0,0 +1,27 @@
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: backend:{{ .Values.bfl.username }}:system-frontend:hami-scheduler-svc
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Values.bfl.username }}:hami-scheduler-svc
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: system-frontend
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: backend:{{ .Values.bfl.username }}:system-frontend:hami-webui-svc
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Values.bfl.username }}:hami-webui-svc
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: system-frontend
|
||||
namespace: {{ .Release.Namespace }}
|
||||
@@ -0,0 +1,26 @@
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Values.bfl.username }}:hami-scheduler-svc
|
||||
annotations:
|
||||
provider-registry-ref: user-system-{{ .Values.bfl.username }}/hami-scheduler
|
||||
provider-service-ref: https://hami-scheduler.kube-system
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "/gpus*"
|
||||
verbs: ["*"]
|
||||
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Values.bfl.username }}:hami-webui-svc
|
||||
annotations:
|
||||
provider-registry-ref: user-system-{{ .Values.bfl.username }}/hami-webui
|
||||
provider-service-ref: hami-webui.kube-system:3000
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "/api/vgpu/v1/*"
|
||||
verbs: ["*"]
|
||||
@@ -4,7 +4,7 @@ metadata:
|
||||
name: {{ .Values.bfl.username }}:infisical-frontend-svc
|
||||
annotations:
|
||||
provider-registry-ref: user-space-{{ .Values.bfl.username }}/infisical
|
||||
provider-service-ref: infisical-service.os-framework:8080
|
||||
provider-service-ref: infisical-service.os-protected:8080
|
||||
rules:
|
||||
- nonResourceURLs: ["/admin/*"]
|
||||
verbs: ["*"]
|
||||
@@ -16,7 +16,7 @@ metadata:
|
||||
name: {{ .Values.bfl.username }}:infisical-frontend-domain
|
||||
annotations:
|
||||
provider-registry-ref: {{ .Values.bfl.username }}/settings
|
||||
provider-service-ref: infisical-service.os-framework:8080
|
||||
provider-service-ref: infisical-service.os-protected:8080
|
||||
rules:
|
||||
- nonResourceURLs: ["/admin/*"]
|
||||
verbs: ["*"]
|
||||
|
||||
@@ -37,6 +37,32 @@ rules:
|
||||
- nonResourceURLs: ["*"]
|
||||
verbs: ["*"]
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Values.bfl.username }}:monitoring-frontend-domain-settings
|
||||
annotations:
|
||||
provider-registry-ref: {{ .Values.bfl.username }}/settings
|
||||
provider-service-ref: monitoring-server.os-framework:80
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "/kapis/*"
|
||||
verbs: ["*"]
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Values.bfl.username }}:monitoring-frontend-domain-desktop
|
||||
annotations:
|
||||
provider-registry-ref: {{ .Values.bfl.username }}/desktop
|
||||
provider-service-ref: monitoring-server.os-framework:80
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "/kapis/*"
|
||||
verbs: ["*"]
|
||||
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
@@ -78,6 +104,31 @@ subjects:
|
||||
- kind: User
|
||||
name: '{{ .Values.bfl.username }}'
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: user:{{ .Values.bfl.username }}:monitoring-frontend-domain-settings
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Values.bfl.username }}:monitoring-frontend-domain-settings
|
||||
subjects:
|
||||
- kind: User
|
||||
name: '{{ .Values.bfl.username }}'
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: user:{{ .Values.bfl.username }}:monitoring-frontend-domain-desktop
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Values.bfl.username }}:monitoring-frontend-domain-desktop
|
||||
subjects:
|
||||
- kind: User
|
||||
name: '{{ .Values.bfl.username }}'
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
|
||||
@@ -0,0 +1,13 @@
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: backend:{{ .Values.bfl.username }}:notification-provider-svc
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Values.bfl.username }}:notification-provider-svc
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: system-frontend
|
||||
namespace: {{ .Release.Namespace }}
|
||||
@@ -0,0 +1,12 @@
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Values.bfl.username }}:notification-provider-svc
|
||||
annotations:
|
||||
provider-registry-ref: user-system-{{ .Values.bfl.username }}/notifications-server
|
||||
provider-service-ref: notifications-server.os-framework:80
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "/notification/*"
|
||||
verbs: ["*"]
|
||||
@@ -209,6 +209,21 @@ spec:
|
||||
port: 80
|
||||
targetPort: 91
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: share-fe-service
|
||||
namespace: user-space-{{ .Values.bfl.username }}
|
||||
spec:
|
||||
selector:
|
||||
app: olares-app
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: share
|
||||
port: 80
|
||||
targetPort: 92
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
@@ -220,12 +235,11 @@ metadata:
|
||||
applications.app.bytetrade.io/owner: '{{ .Values.bfl.username }}'
|
||||
applications.app.bytetrade.io/author: bytetrade.io
|
||||
annotations:
|
||||
applications.app.bytetrade.io/default-thirdlevel-domains: '[{"appName": "olares-app","entranceName":"dashboard","thirdLevelDomain":"dashboard"},{"appName":"olares-app","entranceName":"control-hub","thirdLevelDomain":"control-hub"},{"appName":"olares-app","entranceName":"files","thirdLevelDomain":"files"},{"appName": "olares-app","entranceName":"vault","thirdLevelDomain":"vault"},{"appName":"olares-app","entranceName":"headscale","thirdLevelDomain":"headscale"},{"appName":"olares-app","entranceName":"settings","thirdLevelDomain":"settings"},{"appName": "olares-app","entranceName":"market","thirdLevelDomain":"market"},{"appName":"olares-app","entranceName":"profile","thirdLevelDomain":"profile"}]'
|
||||
applications.app.bytetrade.io/icon: https://file.bttcdn.com/appstore/olaresapps/icon.png
|
||||
applications.app.bytetrade.io/default-thirdlevel-domains: '[{"appName": "olares-app","entranceName":"dashboard","thirdLevelDomain":"dashboard"},{"appName":"olares-app","entranceName":"control-hub","thirdLevelDomain":"control-hub"},{"appName":"olares-app","entranceName":"files","thirdLevelDomain":"files"},{"appName":"olares-app","entranceName":"share","thirdLevelDomain":"share"},{"appName": "olares-app","entranceName":"vault","thirdLevelDomain":"vault"},{"appName":"olares-app","entranceName":"headscale","thirdLevelDomain":"headscale"},{"appName":"olares-app","entranceName":"settings","thirdLevelDomain":"settings"},{"appName": "olares-app","entranceName":"market","thirdLevelDomain":"market"},{"appName":"olares-app","entranceName":"profile","thirdLevelDomain":"profile"}]'
|
||||
applications.app.bytetrade.io/icon: https://app.cdn.olares.com/appstore/olaresapps/icon.png
|
||||
applications.app.bytetrade.io/title: 'Olares Apps'
|
||||
applications.app.bytetrade.io/version: '0.0.1'
|
||||
applications.app.bytetrade.io/policies: '{"policies":[{"entranceName":"dashboard","uriRegex":"/js/script.js", "level":"public"},{"entranceName":"dashboard","uriRegex":"/js/api/send", "level":"public"}]}'
|
||||
applications.app.bytetrade.io/entrances: '[{"name":"files", "host":"files-fe-service", "port":80,"title":"Files","windowPushState":true,"icon":"https://file.bttcdn.com/appstore/files/icon.png"},{"name":"vault", "host":"vault-service", "port":80,"title":"Vault","windowPushState":true,"icon":"https://file.bttcdn.com/appstore/vault/icon.png"},{"name":"market", "host":"appstore-fe-service", "port":80,"title":"Market","windowPushState":true,"icon":"https://file.bttcdn.com/appstore/appstore/icon.png"},{"name":"settings", "host":"settings-service", "port":80,"title":"Settings","icon":"https://file.bttcdn.com/appstore/settings/icon.png"},{"name":"profile", "host":"profile-service", "port":80,"title":"Profile","windowPushState":true,"icon":"https://file.bttcdn.com/appstore/profile/icon.png"},{"name":"dashboard","host":"dashboard-service","port":80,"title":"Dashboard","windowPushState":true,"icon":"https://file.bttcdn.com/appstore/dashboard/icon.png"},{"name":"control-hub","host":"control-hub-service","port":80,"title":"Control Hub","windowPushState":true,"icon":"https://file.bttcdn.com/appstore/control-hub/icon.png"},{"name":"headscale", "host":"headscale-svc", "port":80,"title":"Headscale","invisible": true,"icon":"https://file.bttcdn.com/appstore/headscale/icon.png"}]'
|
||||
applications.app.bytetrade.io/entrances: '[{"name":"files", "host":"files-fe-service", "port":80,"title":"Files","windowPushState":true,"icon":"https://app.cdn.olares.com/appstore/files/icon.png"},{"name":"share","authLevel":"public", "host":"share-fe-service", "port":80,"title":"Share","windowPushState":true,"icon":"https://app.cdn.olares.com/appstore/files/icon.png","invisible":true},{"name":"vault", "host":"vault-service", "port":80,"title":"Vault","windowPushState":true,"icon":"https://app.cdn.olares.com/appstore/vault/icon.png"},{"name":"market", "host":"appstore-fe-service", "port":80,"title":"Market","windowPushState":true,"icon":"https://app.cdn.olares.com/appstore/appstore/icon.png"},{"name":"settings", "host":"settings-service", "port":80,"title":"Settings","icon":"https://app.cdn.olares.com/appstore/settings/icon.png"},{"name":"profile", "host":"profile-service", "port":80,"title":"Profile","windowPushState":true,"icon":"https://app.cdn.olares.com/appstore/profile/icon.png"},{"name":"dashboard","host":"dashboard-service","port":80,"title":"Dashboard","windowPushState":true,"icon":"https://app.cdn.olares.com/appstore/dashboard/icon.png"},{"name":"control-hub","host":"control-hub-service","port":80,"title":"Control Hub","windowPushState":true,"icon":"https://app.cdn.olares.com/appstore/control-hub/icon.png"},{"name":"headscale", "host":"headscale-svc", "port":80,"title":"Headscale","invisible": true,"icon":"https://app.cdn.olares.com/appstore/headscale/icon.png"}]'
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
@@ -249,11 +263,11 @@ spec:
|
||||
initContainers:
|
||||
- args:
|
||||
- -it
|
||||
- authelia-backend.os-framework:9091,infisical-service:80,system-server.user-system-{{ .Values.bfl.username }}:80,nats.user-system-{{ .Values.bfl.username }}:4222
|
||||
- authelia-backend.user-system-{{ .Values.bfl.username }}:9091,infisical-service.user-system-{{ .Values.bfl.username }}:8080,system-server.user-system-{{ .Values.bfl.username }}:80,nats.user-system-{{ .Values.bfl.username }}:4222
|
||||
image: owncloudci/wait-for:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: check-auth
|
||||
- name: terminus-sidecar-init
|
||||
- name: olares-sidecar-init
|
||||
image: openservicemesh/init:v1.2.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
@@ -302,26 +316,8 @@ spec:
|
||||
- |
|
||||
chown -R 1000:1000 /uploadstemp && \
|
||||
chown -R 1000:1000 /appdata
|
||||
- name: init-container
|
||||
image: 'postgres:16.0-alpine3.18'
|
||||
command:
|
||||
- sh
|
||||
- '-c'
|
||||
- >-
|
||||
echo -e "Checking for the availability of PostgreSQL Server deployment"; until psql -h $PGHOST -p $PGPORT -U $PGUSER -d $PGDB -c "SELECT 1"; do sleep 1; printf "-"; done; sleep 5; echo -e " >> PostgreSQL DB Server has started";
|
||||
env:
|
||||
- name: PGHOST
|
||||
value: citus-master-svc.user-system-{{ .Values.bfl.username }}
|
||||
- name: PGPORT
|
||||
value: "5432"
|
||||
- name: PGUSER
|
||||
value: cloud_drive_integration_{{ .Values.bfl.username }}
|
||||
- name: PGPASSWORD
|
||||
value: "{{ $pg_password | b64dec }}"
|
||||
- name: PGDB
|
||||
value: user_space_{{ .Values.bfl.username }}_cloud_drive_integration
|
||||
- name: olares-app-init
|
||||
image: beclab/system-frontend:v1.4.25
|
||||
image: beclab/system-frontend:v1.6.38
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -333,7 +329,7 @@ spec:
|
||||
name: www-dir
|
||||
|
||||
containers:
|
||||
- name: terminus-envoy-sidecar
|
||||
- name: olares-envoy-sidecar
|
||||
image: bytetrade/envoy:v1.25.11
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
@@ -347,7 +343,7 @@ spec:
|
||||
- name: tapr
|
||||
containerPort: 15080
|
||||
volumeMounts:
|
||||
- name: terminus-sidecar-config
|
||||
- name: olares-sidecar-config
|
||||
readOnly: true
|
||||
mountPath: /etc/envoy/envoy.yaml
|
||||
subPath: envoy.yaml
|
||||
@@ -370,6 +366,7 @@ spec:
|
||||
- containerPort: 89
|
||||
- containerPort: 90
|
||||
- containerPort: 91
|
||||
- containerPort: 92
|
||||
- containerPort: 8090
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -379,7 +376,7 @@ spec:
|
||||
cp -r /www/nginxs/* /etc/nginx/conf.d/
|
||||
nginx -g 'daemon off;'
|
||||
volumeMounts:
|
||||
- name: terminus-sidecar-config
|
||||
- name: olares-sidecar-config
|
||||
readOnly: true
|
||||
mountPath: /etc/envoy/envoy.yaml
|
||||
subPath: envoy.yaml
|
||||
@@ -442,15 +439,11 @@ spec:
|
||||
- name: NATS_SUBJECT_VAULT
|
||||
value: os.vault.{{ .Values.bfl.username}}
|
||||
- name: user-service
|
||||
image: beclab/user-service:v0.0.51
|
||||
image: beclab/user-service:v0.0.81
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
env:
|
||||
{{- range $key, $val := .Values.terminusGlobalEnvs }}
|
||||
- name: {{ $key }}
|
||||
value: {{ $val | quote }}
|
||||
{{- end }}
|
||||
- name: DEV_MODE
|
||||
value: ''
|
||||
- name: MY_NAME
|
||||
@@ -517,60 +510,12 @@ spec:
|
||||
value: redis-cluster-proxy.user-system-{{ .Values.bfl.username }}
|
||||
- name: REDIS_PORT
|
||||
value: '6379'
|
||||
|
||||
- name: drive-server
|
||||
image: beclab/drive:v0.0.72
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: OS_SYSTEM_SERVER
|
||||
value: system-server.user-system-{{ .Values.bfl.username }}
|
||||
- name: DATABASE_URL
|
||||
value: postgres://cloud_drive_integration_{{ .Values.bfl.username }}:{{ $pg_password | b64dec }}@citus-master-svc.user-system-{{ .Values.bfl.username }}:5432/user_space_{{ .Values.bfl.username }}_cloud_drive_integration
|
||||
- name: REDIS_URL
|
||||
value: redis://:{{ $redis_password | b64dec }}@redis-cluster-proxy.user-system-{{ .Values.bfl.username }}:6379/0
|
||||
- name: TASK_EXECUTOR_MAX_THREADS
|
||||
value: '6'
|
||||
ports:
|
||||
- containerPort: 8181
|
||||
volumeMounts:
|
||||
- name: upload-data
|
||||
mountPath: /data/Home
|
||||
- name: upload-appdata
|
||||
mountPath: /appdata/
|
||||
- name: userspace-app-dir
|
||||
mountPath: /data/Application
|
||||
- name: data-dir
|
||||
mountPath: /data
|
||||
|
||||
- name: task-executor
|
||||
image: beclab/driveexecutor:v0.0.72
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: OS_SYSTEM_SERVER
|
||||
value: system-server.user-system-{{ .Values.bfl.username }}
|
||||
- name: DATABASE_URL
|
||||
value: postgres://cloud_drive_integration_{{ .Values.bfl.username }}:{{ $pg_password | b64dec }}@citus-master-svc.user-system-{{ .Values.bfl.username }}:5432/user_space_{{ .Values.bfl.username }}_cloud_drive_integration
|
||||
- name: REDIS_URL
|
||||
value: redis://:{{ $redis_password | b64dec }}@redis-cluster-proxy.user-system-{{ .Values.bfl.username }}:6379/0
|
||||
- name: TASK_EXECUTOR_MAX_THREADS
|
||||
value: '6'
|
||||
ports:
|
||||
- containerPort: 8181
|
||||
volumeMounts:
|
||||
- name: upload-data
|
||||
mountPath: /data/Home
|
||||
- name: upload-appdata
|
||||
mountPath: /appdata/
|
||||
- name: userspace-app-dir
|
||||
mountPath: /data/Application
|
||||
- name: data-dir
|
||||
mountPath: /data
|
||||
volumes:
|
||||
- name: userspace-dir
|
||||
hostPath:
|
||||
type: Directory
|
||||
path: '{{ .Values.userspace.userData }}'
|
||||
- name: terminus-sidecar-config
|
||||
- name: olares-sidecar-config
|
||||
configMap:
|
||||
name: user-service-sidecar-ws-configs
|
||||
items:
|
||||
@@ -616,56 +561,6 @@ spec:
|
||||
- key: headscale.conf
|
||||
path: headscale.conf
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: cloud-drive-integration-secrets
|
||||
namespace: user-system-{{ .Values.bfl.username }}
|
||||
type: Opaque
|
||||
data:
|
||||
pg_password: {{ $pg_password }}
|
||||
---
|
||||
apiVersion: apr.bytetrade.io/v1alpha1
|
||||
kind: MiddlewareRequest
|
||||
metadata:
|
||||
name: cloud-drive-integration-pg
|
||||
namespace: user-system-{{ .Values.bfl.username }}
|
||||
spec:
|
||||
app: cloud-drive-integration
|
||||
appNamespace: {{ .Release.Namespace }}
|
||||
middleware: postgres
|
||||
postgreSQL:
|
||||
user: cloud_drive_integration_{{ .Values.bfl.username }}
|
||||
password:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: pg_password
|
||||
name: cloud-drive-integration-secrets
|
||||
databases:
|
||||
- name: cloud-drive-integration
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: cloud-drive-integration-secrets-auth
|
||||
namespace: {{ .Release.Namespace }}
|
||||
data:
|
||||
redis_password: {{ $redis_password_data }}
|
||||
redis_addr: redis-cluster-proxy.user-system-{{ .Values.bfl.username }}:6379
|
||||
redis_host: redis-cluster-proxy.user-system-{{ .Values.bfl.username }}
|
||||
redis_port: '6379'
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: cloud-drive-integration-userspace-data
|
||||
namespace: {{ .Release.Namespace }}
|
||||
data:
|
||||
appData: "{{ .Values.userspace.appData }}"
|
||||
appCache: "{{ .Values.userspace.appCache }}"
|
||||
username: "{{ .Values.bfl.username }}"
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
@@ -729,200 +624,7 @@ spec:
|
||||
sub: allow
|
||||
pub: allow
|
||||
user: user-system-{{ .Values.bfl.username }}-files-frontend
|
||||
---
|
||||
apiVersion: v1
|
||||
data:
|
||||
envoy.yaml: |
|
||||
admin:
|
||||
access_log_path: "/dev/stdout"
|
||||
address:
|
||||
socket_address:
|
||||
address: 0.0.0.0
|
||||
port_value: 15000
|
||||
static_resources:
|
||||
listeners:
|
||||
- name: listener_0
|
||||
address:
|
||||
socket_address:
|
||||
address: 0.0.0.0
|
||||
port_value: 15003
|
||||
listener_filters:
|
||||
- name: envoy.filters.listener.original_dst
|
||||
typed_config:
|
||||
"@type": type.googleapis.com/envoy.extensions.filters.listener.original_dst.v3.OriginalDst
|
||||
filter_chains:
|
||||
- filters:
|
||||
- name: envoy.filters.network.http_connection_manager
|
||||
typed_config:
|
||||
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
|
||||
stat_prefix: desktop_http
|
||||
upgrade_configs:
|
||||
- upgrade_type: websocket
|
||||
- upgrade_type: tailscale-control-protocol
|
||||
skip_xff_append: false
|
||||
max_request_headers_kb: 500
|
||||
codec_type: AUTO
|
||||
route_config:
|
||||
name: local_route
|
||||
virtual_hosts:
|
||||
- name: service
|
||||
domains: ["*"]
|
||||
routes:
|
||||
- match:
|
||||
prefix: "/upload"
|
||||
route:
|
||||
cluster: upload_original_dst
|
||||
timeout: 1800s
|
||||
idle_timeout: 1800s
|
||||
- match:
|
||||
prefix: "/"
|
||||
route:
|
||||
cluster: original_dst
|
||||
timeout: 1800s
|
||||
idle_timeout: 1800s
|
||||
http_protocol_options:
|
||||
accept_http_10: true
|
||||
http_filters:
|
||||
- name: envoy.filters.http.ext_authz
|
||||
typed_config:
|
||||
"@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz
|
||||
http_service:
|
||||
path_prefix: '/api/verify/'
|
||||
server_uri:
|
||||
uri: authelia-backend.os-framework:9091
|
||||
cluster: authelia
|
||||
timeout: 2s
|
||||
authorization_request:
|
||||
allowed_headers:
|
||||
patterns:
|
||||
- exact: accept
|
||||
- exact: cookie
|
||||
- exact: proxy-authorization
|
||||
- prefix: x-unauth-
|
||||
- exact: x-authorization
|
||||
- exact: x-bfl-user
|
||||
- exact: x-real-ip
|
||||
- exact: terminus-nonce
|
||||
- exact: x-provider-proxy
|
||||
headers_to_add:
|
||||
- key: X-Forwarded-Method
|
||||
value: '%REQ(:METHOD)%'
|
||||
- key: X-Forwarded-Proto
|
||||
value: '%REQ(:SCHEME)%'
|
||||
- key: X-Forwarded-Host
|
||||
value: '%REQ(:AUTHORITY)%'
|
||||
- key: X-Forwarded-Uri
|
||||
value: '%REQ(:PATH)%'
|
||||
- key: X-Forwarded-For
|
||||
value: '%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%'
|
||||
authorization_response:
|
||||
allowed_upstream_headers:
|
||||
patterns:
|
||||
- exact: authorization
|
||||
- exact: proxy-authorization
|
||||
- prefix: remote-
|
||||
- prefix: authelia-
|
||||
allowed_client_headers:
|
||||
patterns:
|
||||
- exact: set-cookie
|
||||
allowed_client_headers_on_success:
|
||||
patterns:
|
||||
- exact: set-cookie
|
||||
failure_mode_allow: false
|
||||
- name: envoy.filters.http.router
|
||||
typed_config:
|
||||
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
|
||||
|
||||
- name: listener_image
|
||||
address:
|
||||
socket_address:
|
||||
address: 127.0.0.1
|
||||
port_value: 15080
|
||||
filter_chains:
|
||||
- filters:
|
||||
- name: envoy.filters.network.http_connection_manager
|
||||
typed_config:
|
||||
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
|
||||
stat_prefix: tapr_http
|
||||
http_protocol_options:
|
||||
accept_http_10: true
|
||||
upgrade_configs:
|
||||
- upgrade_type: websocket
|
||||
skip_xff_append: false
|
||||
codec_type: AUTO
|
||||
route_config:
|
||||
name: local_route
|
||||
virtual_hosts:
|
||||
- name: service
|
||||
domains: ["*"]
|
||||
routes:
|
||||
- match:
|
||||
prefix: "/images/upload"
|
||||
route:
|
||||
cluster: images
|
||||
http_filters:
|
||||
- name: envoy.filters.http.router
|
||||
typed_config:
|
||||
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
|
||||
|
||||
|
||||
clusters:
|
||||
- name: original_dst
|
||||
connect_timeout: 120s
|
||||
type: ORIGINAL_DST
|
||||
lb_policy: CLUSTER_PROVIDED
|
||||
common_http_protocol_options:
|
||||
idle_timeout: 10s
|
||||
- name: upload_original_dst
|
||||
connect_timeout: 5000s
|
||||
type: LOGICAL_DNS
|
||||
dns_lookup_family: V4_ONLY
|
||||
dns_refresh_rate: 600s
|
||||
lb_policy: ROUND_ROBIN
|
||||
load_assignment:
|
||||
cluster_name: upload_original_dst
|
||||
endpoints:
|
||||
- lb_endpoints:
|
||||
- endpoint:
|
||||
address:
|
||||
socket_address:
|
||||
address: files-service.os-framework
|
||||
port_value: 80
|
||||
- name: authelia
|
||||
connect_timeout: 2s
|
||||
type: LOGICAL_DNS
|
||||
dns_lookup_family: V4_ONLY
|
||||
dns_refresh_rate: 600s
|
||||
lb_policy: ROUND_ROBIN
|
||||
load_assignment:
|
||||
cluster_name: authelia
|
||||
endpoints:
|
||||
- lb_endpoints:
|
||||
- endpoint:
|
||||
address:
|
||||
socket_address:
|
||||
address: authelia-backend.os-framework
|
||||
port_value: 9091
|
||||
- name: images
|
||||
connect_timeout: 5s
|
||||
type: LOGICAL_DNS
|
||||
dns_lookup_family: V4_ONLY
|
||||
dns_refresh_rate: 600s
|
||||
lb_policy: ROUND_ROBIN
|
||||
load_assignment:
|
||||
cluster_name: images
|
||||
endpoints:
|
||||
- lb_endpoints:
|
||||
- endpoint:
|
||||
address:
|
||||
socket_address:
|
||||
address: tapr-images-svc.user-system-{{ .Values.bfl.username }}
|
||||
port_value: 8080
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: sidecar-upload-configs
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
@@ -979,6 +681,7 @@ spec:
|
||||
key: redis_password
|
||||
name: user-service-secrets
|
||||
namespace: user-service
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
@@ -987,7 +690,22 @@ metadata:
|
||||
namespace: {{ .Release.Namespace }}
|
||||
spec:
|
||||
type: ExternalName
|
||||
externalName: vault-server.os-framework.svc.cluster.local
|
||||
externalName: vault-server.user-system-{{ .Values.bfl.username }}.svc.cluster.local
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 3000
|
||||
targetPort: 3000
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: vault-server
|
||||
namespace: user-system-{{ .Values.bfl.username }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
selector:
|
||||
app: systemserver
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 3000
|
||||
@@ -1046,7 +764,7 @@ data:
|
||||
http_service:
|
||||
path_prefix: '/api/verify/'
|
||||
server_uri:
|
||||
uri: authelia-backend.os-framework:9091
|
||||
uri: authelia-backend.user-system-{{ .Values.bfl.username }}:9091
|
||||
cluster: authelia
|
||||
timeout: 2s
|
||||
authorization_request:
|
||||
@@ -1143,7 +861,7 @@ data:
|
||||
- endpoint:
|
||||
address:
|
||||
socket_address:
|
||||
address: authelia-backend.os-framework
|
||||
address: authelia-backend.user-system-{{ .Values.bfl.username }}
|
||||
port_value: 9091
|
||||
- name: images
|
||||
connect_timeout: 5s
|
||||
@@ -1222,7 +940,7 @@ data:
|
||||
http_service:
|
||||
path_prefix: '/api/verify/'
|
||||
server_uri:
|
||||
uri: authelia-backend.os-framework:9091
|
||||
uri: authelia-backend.user-system-{{ .Values.bfl.username }}:9091
|
||||
cluster: authelia
|
||||
timeout: 2s
|
||||
authorization_request:
|
||||
@@ -1334,7 +1052,7 @@ data:
|
||||
- endpoint:
|
||||
address:
|
||||
socket_address:
|
||||
address: authelia-backend.os-framework
|
||||
address: authelia-backend.user-system-{{ .Values.bfl.username }}
|
||||
port_value: 9091
|
||||
- name: images
|
||||
connect_timeout: 5s
|
||||
@@ -1412,7 +1130,7 @@ data:
|
||||
http_service:
|
||||
path_prefix: '/api/verify/'
|
||||
server_uri:
|
||||
uri: authelia-backend.os-framework:9091
|
||||
uri: authelia-backend.user-system-{{ .Values.bfl.username }}:9091
|
||||
cluster: authelia
|
||||
timeout: 2s
|
||||
authorization_request:
|
||||
@@ -1524,7 +1242,7 @@ data:
|
||||
- endpoint:
|
||||
address:
|
||||
socket_address:
|
||||
address: authelia-backend.os-framework
|
||||
address: authelia-backend.user-system-{{ .Values.bfl.username }}
|
||||
port_value: 9091
|
||||
- name: images
|
||||
connect_timeout: 5s
|
||||
@@ -1638,6 +1356,17 @@ data:
|
||||
proxy_set_header Connection '$connection_upgrade';
|
||||
more_set_headers 'Upgrade: $http_upgrade';
|
||||
}
|
||||
location /api/refresh {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
proxy_pass http://authelia-backend-svc:9091;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
location / {
|
||||
proxy_pass http://headscale-server-svc:8080;
|
||||
proxy_http_version 1.1;
|
||||
|
||||
@@ -0,0 +1,11 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Values.bfl.username }}:prometheus-k8s
|
||||
annotations:
|
||||
provider-registry-ref: {{ .Values.bfl.username }}/4ae9f19e
|
||||
provider-service-ref: http://prometheus-k8s.kubesphere-monitoring-system:9090
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "*"
|
||||
verbs: ["*"]
|
||||
@@ -0,0 +1,40 @@
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Values.bfl.username }}:seafile-frontend-domain-desktop
|
||||
annotations:
|
||||
provider-registry-ref: {{ .Values.bfl.username }}/desktop
|
||||
provider-service-ref: seafile.os-framework.os-framework:80
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "/seahub/*"
|
||||
- "/seafhttp/*"
|
||||
verbs: ["*"]
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: user:{{ .Values.bfl.username }}:seafile-frontend-domain-desktop
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Values.bfl.username }}:seafile-frontend-domain-desktop
|
||||
subjects:
|
||||
- kind: User
|
||||
name: '{{ .Values.bfl.username }}'
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: seafile
|
||||
namespace: user-space-{{ .Values.bfl.username }}
|
||||
spec:
|
||||
type: ExternalName
|
||||
externalName: system-server.user-system-{{ .Values.bfl.username }}.svc.cluster.local
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 80
|
||||
targetPort: 28080
|
||||
@@ -0,0 +1,13 @@
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: backend:{{ .Values.bfl.username }}:search-provider-svc
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Values.bfl.username }}:search-provider-svc
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: system-frontend
|
||||
namespace: {{ .Release.Namespace }}
|
||||
@@ -0,0 +1,15 @@
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Values.bfl.username }}:search-provider-svc
|
||||
annotations:
|
||||
provider-registry-ref: user-system-{{ .Values.bfl.username }}/search3
|
||||
provider-service-ref: search3.os-framework:80
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "/document/search*"
|
||||
- "/task/*"
|
||||
- "/search/*"
|
||||
- "/monitorsetting/*"
|
||||
verbs: ["*"]
|
||||
@@ -1,156 +1,3 @@
|
||||
# ---
|
||||
# apiVersion: sys.bytetrade.io/v1alpha1
|
||||
# kind: ProviderRegistry
|
||||
# metadata:
|
||||
# name: settings-nft
|
||||
# namespace: user-system-{{ .Values.bfl.username }}
|
||||
# spec:
|
||||
# dataType: nft
|
||||
# deployment: settings
|
||||
# description: Get Cloud Bind NFT List
|
||||
# endpoint: settings-service.{{ .Release.Namespace }}
|
||||
# group: service.settings
|
||||
# kind: provider
|
||||
# namespace: {{ .Release.Namespace }}
|
||||
# opApis:
|
||||
# - name: getNFTAddress
|
||||
# uri: /api/cloud/getNFTAddress
|
||||
# version: v1
|
||||
# status:
|
||||
# state: active
|
||||
|
||||
# ---
|
||||
# apiVersion: sys.bytetrade.io/v1alpha1
|
||||
# kind: ProviderRegistry
|
||||
# metadata:
|
||||
# name: settings-account
|
||||
# namespace: user-system-{{ .Values.bfl.username }}
|
||||
# spec:
|
||||
# dataType: account
|
||||
# deployment: settings
|
||||
# description: Get Acccount saved in Settings
|
||||
# endpoint: settings-service.{{ .Release.Namespace }}
|
||||
# group: service.settings
|
||||
# kind: provider
|
||||
# namespace: {{ .Release.Namespace }}
|
||||
# opApis:
|
||||
# - name: getAccount
|
||||
# uri: /api/account
|
||||
# version: v1
|
||||
# status:
|
||||
# state: active
|
||||
|
||||
# ---
|
||||
# apiVersion: sys.bytetrade.io/v1alpha1
|
||||
# kind: ProviderRegistry
|
||||
# metadata:
|
||||
# name: settings-backup-password
|
||||
# namespace: user-system-{{ .Values.bfl.username }}
|
||||
# spec:
|
||||
# dataType: backupPassword
|
||||
# deployment: settings
|
||||
# description: Get Backup Plan's Password
|
||||
# endpoint: settings-service.{{ .Release.Namespace }}
|
||||
# group: service.settings
|
||||
# kind: provider
|
||||
# namespace: {{ .Release.Namespace }}
|
||||
# opApis:
|
||||
# - name: getAccount
|
||||
# uri: /api/backup/password
|
||||
# version: v1
|
||||
# status:
|
||||
# state: active
|
||||
|
||||
# ---
|
||||
# apiVersion: sys.bytetrade.io/v1alpha1
|
||||
# kind: ProviderRegistry
|
||||
# metadata:
|
||||
# name: settings-account-retrieve
|
||||
# namespace: user-system-{{ .Values.bfl.username }}
|
||||
# spec:
|
||||
# dataType: legacy_api
|
||||
# deployment: settings
|
||||
# description: settings account retrieve legacy api
|
||||
# endpoint: settings-service.{{ .Release.Namespace }}
|
||||
# group: service.settings
|
||||
# kind: provider
|
||||
# namespace: {{ .Release.Namespace }}
|
||||
# version: v1
|
||||
# opApis:
|
||||
# - name: POST
|
||||
# uri: /api/account/retrieve
|
||||
# - name: GET
|
||||
# uri: /api/account/all
|
||||
# - name: POST
|
||||
# uri: /api/cookie/retrieve
|
||||
# - name: POST
|
||||
# uri: /api/cookie
|
||||
# status:
|
||||
# state: active
|
||||
|
||||
# ---
|
||||
# apiVersion: sys.bytetrade.io/v1alpha1
|
||||
# kind: ProviderRegistry
|
||||
# metadata:
|
||||
# name: intent-api
|
||||
# namespace: user-system-{{ .Values.bfl.username }}
|
||||
# spec:
|
||||
# dataType: legacy_api
|
||||
# deployment: edge-desktop
|
||||
# description: edge-desktop legacy api
|
||||
# endpoint: edge-desktop.{{ .Release.Namespace }}
|
||||
# group: api.intent
|
||||
# kind: provider
|
||||
# namespace: {{ .Release.Namespace }}
|
||||
# version: v1
|
||||
# opApis:
|
||||
# - name: POST
|
||||
# uri: /server/intent/send
|
||||
# status:
|
||||
# state: active
|
||||
|
||||
# ---
|
||||
# apiVersion: sys.bytetrade.io/v1alpha1
|
||||
# kind: ProviderRegistry
|
||||
# metadata:
|
||||
# name: intent-api-v2
|
||||
# namespace: user-system-{{ .Values.bfl.username }}
|
||||
# spec:
|
||||
# dataType: legacy_api
|
||||
# deployment: edge-desktop
|
||||
# description: edge-desktop legacy api
|
||||
# endpoint: edge-desktop.{{ .Release.Namespace }}
|
||||
# group: api.intent
|
||||
# kind: provider
|
||||
# namespace: {{ .Release.Namespace }}
|
||||
# version: v2
|
||||
# opApis:
|
||||
# - name: POST
|
||||
# uri: /server/intent/send
|
||||
# status:
|
||||
# state: active
|
||||
|
||||
# ---
|
||||
# apiVersion: sys.bytetrade.io/v1alpha1
|
||||
# kind: ProviderRegistry
|
||||
# metadata:
|
||||
# name: destktop-ai-provider
|
||||
# namespace: user-system-{{ .Values.bfl.username }}
|
||||
# spec:
|
||||
# dataType: ai_message
|
||||
# deployment: edge-desktop
|
||||
# description: search ai callback
|
||||
# endpoint: edge-desktop.{{ .Release.Namespace }}
|
||||
# group: service.desktop
|
||||
# kind: provider
|
||||
# namespace: {{ .Release.Namespace }}
|
||||
# opApis:
|
||||
# - name: AIMessage
|
||||
# uri: /server/ai_message
|
||||
# version: v1
|
||||
# status:
|
||||
# state: active
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
@@ -167,7 +14,8 @@ rules:
|
||||
- "/api/account/retrieve"
|
||||
- "/api/account/all"
|
||||
- "/api/cookie/retrieve"
|
||||
- "/api/cookie/"
|
||||
- "/api/cookie"
|
||||
- "/api/abilities"
|
||||
verbs: ["*"]
|
||||
|
||||
---
|
||||
@@ -182,4 +30,43 @@ rules:
|
||||
- nonResourceURLs:
|
||||
- "/server/intent/send"
|
||||
- "/server/ai_message"
|
||||
verbs: ["*"]
|
||||
verbs: ["*"]
|
||||
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Values.bfl.username }}:desktop
|
||||
annotations:
|
||||
provider-registry-ref: {{ .Values.bfl.username }}/desktop
|
||||
provider-service-ref: edge-desktop.{{ .Release.Namespace }}
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "/server/intent/send"
|
||||
verbs: ["*"]
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Release.Namespace }}:desktop
|
||||
annotations:
|
||||
provider-registry-ref: {{ .Release.Namespace }}/desktop
|
||||
provider-service-ref: edge-desktop.{{ .Release.Namespace }}
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "/server/intent/send"
|
||||
verbs: ["*"]
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Values.bfl.username }}:dashboard
|
||||
annotations:
|
||||
provider-registry-ref: {{ .Values.bfl.username }}/dashboard
|
||||
provider-service-ref: prometheus-k8s.kubesphere-monitoring-system:9090
|
||||
rules:
|
||||
- nonResourceURLs:
|
||||
- "*"
|
||||
verbs: ["*"]
|
||||
|
||||
@@ -22,14 +22,14 @@ spec:
|
||||
initContainers:
|
||||
- args:
|
||||
- -it
|
||||
- authelia-backend.os-framework:9091
|
||||
- authelia-backend.user-system-{{ .Values.bfl.username }}:9091
|
||||
image: owncloudci/wait-for:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: check-auth
|
||||
|
||||
containers:
|
||||
- name: wizard
|
||||
image: beclab/wizard:v1.4.3
|
||||
image: beclab/wizard:v1.6.30
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
|
||||
201
apps/README.md
201
apps/README.md
@@ -17,4 +17,203 @@ This directory contains the code for system applications, primarily for LarePass
|
||||
| Settings | A system configuration application. |
|
||||
| Dashboard | An app for monitoring system resource usage. |
|
||||
| Control Hub | The console for Olares, providing precise and autonomous control over the system and its environment. |
|
||||
| DevBox | A development tool for building and deploying Olares applications. |
|
||||
| Studio | A development tool for building and deploying Olares applications. |
|
||||
|
||||
|
||||
# Local Development Guide
|
||||
|
||||
This document describes how to start and develop various sub-projects locally.
|
||||
|
||||
## Available Projects
|
||||
|
||||
| Project | Command | Port |
|
||||
|---------|---------|------|
|
||||
| Desktop | `npm run dev:desktop` | 1090 |
|
||||
| Files | `npm run dev:files` | 5090 |
|
||||
| Settings | `npm run dev:settings` | 9000 |
|
||||
| Market | `npm run dev:market` | 8080 |
|
||||
| Vault | `npm run dev:vault` | 8090 |
|
||||
| Wise | `npm run dev:wise` | 8100 |
|
||||
| Dashboard | `npm run dev:dashboard` | 9003 |
|
||||
| Control Hub | `npm run dev:hub` | 9002 |
|
||||
| Share | `npm run dev:share` | 5070 |
|
||||
| Editor | `npm run dev:editor` | 9100 |
|
||||
| Preview | `npm run dev:preview` | 9001 |
|
||||
| Studio | `npm run dev:studio` | 9001 |
|
||||
|
||||
## Step 1: Modify Local Hosts File
|
||||
|
||||
Projects require access through a specific domain name. You need to configure the local hosts file first.
|
||||
|
||||
### macOS / Linux
|
||||
|
||||
1. Open terminal and edit the hosts file with administrator privileges:
|
||||
|
||||
```bash
|
||||
sudo vim /etc/hosts
|
||||
```
|
||||
|
||||
Or use the nano editor:
|
||||
|
||||
```bash
|
||||
sudo nano /etc/hosts
|
||||
```
|
||||
|
||||
2. Add the following content at the end of the file:
|
||||
|
||||
```
|
||||
127.0.0.1 test.xxx.olares.com
|
||||
```
|
||||
|
||||
3. Save the file and exit
|
||||
- vim: Press `ESC`, type `:wq` and press Enter
|
||||
- nano: Press `Ctrl + O` to save, `Ctrl + X` to exit
|
||||
|
||||
### Windows
|
||||
|
||||
1. Run Notepad as administrator:
|
||||
- Search for "Notepad" in the Start menu
|
||||
- Right-click on "Notepad" and select "Run as administrator"
|
||||
|
||||
2. Open the hosts file in Notepad:
|
||||
- Click `File` -> `Open`
|
||||
- Paste the path in the filename field: `C:\Windows\System32\drivers\etc\hosts`
|
||||
- Change file type to "All Files (*.*)"
|
||||
- Click "Open"
|
||||
|
||||
3. Add the following content at the end of the file:
|
||||
|
||||
```
|
||||
127.0.0.1 test.xxx.olares.com
|
||||
```
|
||||
|
||||
4. Save the file (`Ctrl + S`)
|
||||
|
||||
5. Flush DNS cache (optional):
|
||||
- Open Command Prompt (CMD) as administrator
|
||||
- Run the following command:
|
||||
|
||||
```cmd
|
||||
ipconfig /flushdns
|
||||
```
|
||||
|
||||
## Step 2: Install Dependencies
|
||||
|
||||
Run in the project root directory (`olares-app`):
|
||||
|
||||
```bash
|
||||
npm install
|
||||
```
|
||||
|
||||
## Step 3: Configure Environment Variables
|
||||
|
||||
Create or edit the `.env` file in the `packages/app` directory and add the following content:
|
||||
|
||||
```env
|
||||
ACCOUNT_DOMAIN=xxx.olares.com
|
||||
DEV_DOMAIN=test.xxx.olares.com
|
||||
```
|
||||
|
||||
> **Note**:
|
||||
> - `ACCOUNT_DOMAIN`: Your Olares account domain, used for API proxy
|
||||
> - `DEV_DOMAIN`: Local development server domain, must match the domain configured in the hosts file
|
||||
|
||||
## Step 4: Start the Project
|
||||
|
||||
After configuring the `.env` file, run the corresponding command in the `packages/app` directory:
|
||||
|
||||
```bash
|
||||
# Start Desktop
|
||||
npm run dev:desktop
|
||||
|
||||
# Start Files
|
||||
npm run dev:files
|
||||
|
||||
# Start Settings
|
||||
npm run dev:settings
|
||||
|
||||
# Start Market
|
||||
npm run dev:market
|
||||
|
||||
# Start other projects...
|
||||
npm run dev:<project>
|
||||
```
|
||||
|
||||
## Step 5: Access the Application
|
||||
|
||||
After successful startup, visit in your browser (replace port according to the project):
|
||||
|
||||
| Project | URL |
|
||||
|---------|-----|
|
||||
| Desktop | `https://test.xxx.olares.com:1090` |
|
||||
| Files | `https://test.xxx.olares.com:5090` |
|
||||
| Settings | `https://test.xxx.olares.com:9000` |
|
||||
| Market | `https://test.xxx.olares.com:8080` |
|
||||
| Vault | `https://test.xxx.olares.com:8090` |
|
||||
| Wise | `https://test.xxx.olares.com:8100` |
|
||||
| Dashboard | `https://test.xxx.olares.com:9003` |
|
||||
| Control Hub | `https://test.xxx.olares.com:9002` |
|
||||
| Share | `https://test.xxx.olares.com:5070` |
|
||||
| Editor | `https://test.xxx.olares.com:9100` |
|
||||
| Preview | `https://test.xxx.olares.com:9001` |
|
||||
| Studio | `https://test.xxx.olares.com:9001` |
|
||||
|
||||
> **Note**: Since a self-signed certificate is used, the browser may display an insecure connection warning. Click "Advanced" and select "Proceed" to continue.
|
||||
|
||||
## Environment Variables (.env file)
|
||||
|
||||
| Variable | Description | Example |
|
||||
|----------|-------------|---------|
|
||||
| `ACCOUNT_DOMAIN` | Account domain (for API proxy) | `xxx.olares.com` |
|
||||
| `DEV_DOMAIN` | Development server domain | `test.xxx.olares.com` |
|
||||
|
||||
## FAQ
|
||||
|
||||
### 1. Cannot Access the Application
|
||||
|
||||
- Check if the hosts file is configured correctly
|
||||
- Ensure the development server has started successfully
|
||||
- Check if the firewall is blocking the corresponding port
|
||||
|
||||
### 2. Certificate Error
|
||||
|
||||
The development server uses HTTPS. The browser will show a certificate warning on first visit - this is expected behavior.
|
||||
|
||||
### 3. API Request Failed
|
||||
|
||||
Ensure the `ACCOUNT_DOMAIN` in the `.env` file is set correctly. The proxy configuration relies on this variable to forward requests to the correct backend service.
|
||||
|
||||
## Build for Production
|
||||
|
||||
```bash
|
||||
# Build Desktop
|
||||
npm run build:desktop
|
||||
|
||||
# Build Files
|
||||
npm run build:files
|
||||
|
||||
# Build Settings
|
||||
npm run build:settings
|
||||
|
||||
# Build other projects...
|
||||
npm run build:<project>
|
||||
```
|
||||
|
||||
### Build Output Directory
|
||||
|
||||
| Project | Output Directory |
|
||||
|---------|------------------|
|
||||
| Desktop | `dist/apps/desktop` |
|
||||
| Files | `dist/apps/files` |
|
||||
| Settings | `dist/apps/settings` |
|
||||
| Market | `dist/apps/market` |
|
||||
| Vault | `dist/apps/vault` |
|
||||
| Dashboard | `dist/apps/dashboard` |
|
||||
| Control Hub | `dist/apps/control-hub` |
|
||||
| Share | `dist/apps/share` |
|
||||
| Editor | `dist/apps/editor` |
|
||||
| Preview | `dist/apps/preview` |
|
||||
| **Wise** | `dist/spa` |
|
||||
| **Studio** | `dist/spa` |
|
||||
|
||||
> **Note**: Build outputs for Wise and Studio are located in `dist/spa` directory, not under `dist/apps/`.
|
||||
54
apps/docker/admin/dockerfile
Normal file
54
apps/docker/admin/dockerfile
Normal file
@@ -0,0 +1,54 @@
|
||||
FROM node:16.13.1-alpine as server_dist
|
||||
|
||||
WORKDIR /server_dist
|
||||
|
||||
# Only copy over the packages files of all required packages.
|
||||
# This will ensure that we don't have to install all dependencies
|
||||
# again if any source files change.
|
||||
COPY package*.json lerna.json tsconfig.json ./
|
||||
COPY packages/admin/package*.json ./packages/admin/
|
||||
COPY packages/sdk/package*.json ./packages/sdk/
|
||||
# COPY packages/locale/package*.json ./packages/locale/
|
||||
# Install dependencies and bootstrap packages
|
||||
RUN npm ci --unsafe-perm
|
||||
|
||||
# Now copy over source files and assets
|
||||
COPY packages/admin/src ./packages/admin/src
|
||||
COPY packages/sdk/src ./packages/sdk/src
|
||||
# COPY packages/locale/src ./packages/locale/src
|
||||
# COPY packages/locale/res ./packages/locale/res
|
||||
COPY packages/admin/tsconfig.json ./packages/admin/
|
||||
COPY packages/sdk/tsconfig.json ./packages/sdk/
|
||||
# COPY packages/locale/tsconfig*.json ./packages/locale/
|
||||
COPY packages/admin/webpack.config.js ./packages/admin/webpack.config.js
|
||||
|
||||
RUN npm run admin:build
|
||||
|
||||
|
||||
|
||||
FROM node:16.13.1 as server_dist2
|
||||
|
||||
WORKDIR /server_dist2/packages/admin
|
||||
|
||||
COPY --from=server_dist /server_dist/packages/admin/dist/package*.json .
|
||||
|
||||
RUN npm install
|
||||
|
||||
COPY --from=server_dist /server_dist/packages/admin/dist/ .
|
||||
|
||||
|
||||
|
||||
FROM node:16.13.1-buster-slim
|
||||
|
||||
EXPOSE 3010
|
||||
ENV PL_ASSETS_DIR=/assets
|
||||
#ENV PL_ATTACHMENTS_DIR=/attachments
|
||||
ENV PL_SERVER_CLIENT_URL=http://localhost
|
||||
|
||||
WORKDIR /padloc/packages/admin
|
||||
|
||||
COPY --from=server_dist2 /server_dist2/packages/admin/ .
|
||||
|
||||
ENTRYPOINT ["npm", "run"]
|
||||
|
||||
CMD [ "server"]
|
||||
13
apps/docker/login/dockerfile
Normal file
13
apps/docker/login/dockerfile
Normal file
@@ -0,0 +1,13 @@
|
||||
FROM nginx:stable-alpine
|
||||
|
||||
RUN sed -i '1idaemon off;' /etc/nginx/nginx.conf
|
||||
|
||||
COPY docker/login/nginx.conf /etc/nginx/conf.d/default.conf
|
||||
|
||||
# adapt the `dist/` folder to the output directory your build tool uses (such as `dist/`, `build/` or `www/`).
|
||||
COPY packages/app/dist/spa/ /app
|
||||
|
||||
EXPOSE 80
|
||||
|
||||
CMD ["nginx"]
|
||||
|
||||
120
apps/docker/login/nginx.conf
Normal file
120
apps/docker/login/nginx.conf
Normal file
@@ -0,0 +1,120 @@
|
||||
server {
|
||||
listen 80 default_server;
|
||||
|
||||
# Gzip Settings
|
||||
gzip on;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
root /app;
|
||||
|
||||
# normal routes
|
||||
# serve given url and default to index.html if not found
|
||||
# e.g. /, /user and /foo/bar will return index.html
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
|
||||
location /api/ {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
|
||||
proxy_pass http://authelia-backend-svc:9091;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /bfl/info/v1/olares-info {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
|
||||
proxy_pass http://bfl;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /bfl/monitor/v1alpha1/cluster {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
|
||||
proxy_pass http://bfl;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location ~^/bfl/iam/v1alpha1/users/[^/]+/password$ {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
|
||||
proxy_pass http://bfl;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /jwks.json {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
|
||||
proxy_pass http://authelia-backend-svc:9091;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /.well-known/ {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
|
||||
proxy_pass http://authelia-backend-svc:9091;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location ~^/api/.*\.(js|css|png|jpg|svg|woff|woff2)$ {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
|
||||
proxy_pass http://authelia-backend-svc:9091;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
# # files
|
||||
# # for all routes matching a dot, check for files and return 404 if not found
|
||||
# # e.g. /file.js returns a 404 if not found
|
||||
location ~.*\.(js|css|png|jpg|svg|woff|woff2)$
|
||||
{
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
}
|
||||
54
apps/docker/server/dockerfile
Normal file
54
apps/docker/server/dockerfile
Normal file
@@ -0,0 +1,54 @@
|
||||
FROM node:16.13.1-alpine as server_dist
|
||||
|
||||
WORKDIR /server_dist
|
||||
|
||||
# Only copy over the packages files of all required packages.
|
||||
# This will ensure that we don't have to install all dependencies
|
||||
# again if any source files change.
|
||||
COPY package*.json lerna.json tsconfig.json ./
|
||||
COPY packages/server/package*.json ./packages/server/
|
||||
COPY packages/sdk/package*.json ./packages/sdk/
|
||||
# COPY packages/locale/package*.json ./packages/locale/
|
||||
# Install dependencies and bootstrap packages
|
||||
RUN npm ci --unsafe-perm
|
||||
|
||||
# Now copy over source files and assets
|
||||
COPY packages/server/src ./packages/server/src
|
||||
COPY packages/sdk/src ./packages/sdk/src
|
||||
# COPY packages/locale/src ./packages/locale/src
|
||||
# COPY packages/locale/res ./packages/locale/res
|
||||
COPY packages/server/tsconfig.json ./packages/server/
|
||||
COPY packages/sdk/tsconfig.json ./packages/sdk/
|
||||
# COPY packages/locale/tsconfig.json ./packages/locale/
|
||||
COPY packages/server/webpack.config.js ./packages/server/webpack.config.js
|
||||
|
||||
RUN npm run server:build
|
||||
|
||||
|
||||
|
||||
FROM node:16.13.1 as server_dist2
|
||||
|
||||
WORKDIR /server_dist2/packages/server
|
||||
|
||||
COPY --from=server_dist /server_dist/packages/server/dist/package*.json .
|
||||
|
||||
RUN npm install
|
||||
|
||||
COPY --from=server_dist /server_dist/packages/server/dist/ .
|
||||
|
||||
|
||||
|
||||
FROM node:16.13.1-buster-slim
|
||||
|
||||
EXPOSE 3000
|
||||
ENV PL_ASSETS_DIR=/assets
|
||||
#ENV PL_ATTACHMENTS_DIR=/attachments
|
||||
ENV PL_SERVER_CLIENT_URL=http://localhost
|
||||
|
||||
WORKDIR /padloc/packages/server
|
||||
|
||||
COPY --from=server_dist2 /server_dist2/packages/server/ .
|
||||
|
||||
ENTRYPOINT ["npm", "run"]
|
||||
|
||||
CMD [ "server"]
|
||||
12
apps/docker/studio/Dockerfile
Normal file
12
apps/docker/studio/Dockerfile
Normal file
@@ -0,0 +1,12 @@
|
||||
FROM nginx:stable-alpine
|
||||
|
||||
RUN sed -i '1idaemon off;' /etc/nginx/nginx.conf
|
||||
|
||||
COPY docker/studio/studio.conf /etc/nginx/conf.d/default.conf
|
||||
|
||||
# adapt the `dist/` folder to the output directory your build tool uses (such as `dist/`, `build/` or `www/`).
|
||||
COPY packages/app/dist/spa/ /app
|
||||
|
||||
EXPOSE 80
|
||||
|
||||
CMD ["nginx"]
|
||||
138
apps/docker/studio/studio.conf
Normal file
138
apps/docker/studio/studio.conf
Normal file
@@ -0,0 +1,138 @@
|
||||
upstream SettingsServerStudio {
|
||||
server monitoring-server.os-framework;
|
||||
}
|
||||
|
||||
upstream StudioServer {
|
||||
server studio-server.studioserver-shared:8080;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
root /app;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
|
||||
location /api/command {
|
||||
proxy_pass http://StudioServer;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $http_connection;
|
||||
proxy_set_header Accept-Encoding gzip;
|
||||
proxy_read_timeout 180;
|
||||
}
|
||||
location /api/apps {
|
||||
proxy_pass http://StudioServer;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $http_connection;
|
||||
proxy_set_header Accept-Encoding gzip;
|
||||
proxy_read_timeout 180;
|
||||
}
|
||||
location /api/app-cfg {
|
||||
proxy_pass http://StudioServer;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $http_connection;
|
||||
proxy_set_header Accept-Encoding gzip;
|
||||
proxy_read_timeout 180;
|
||||
}
|
||||
location /api/app-state {
|
||||
proxy_pass http://StudioServer;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $http_connection;
|
||||
proxy_set_header Accept-Encoding gzip;
|
||||
proxy_read_timeout 180;
|
||||
}
|
||||
location /api/app-status {
|
||||
proxy_pass http://StudioServer;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $http_connection;
|
||||
proxy_set_header Accept-Encoding gzip;
|
||||
proxy_read_timeout 180;
|
||||
}
|
||||
location /api/list-my-containers {
|
||||
proxy_pass http://StudioServer;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $http_connection;
|
||||
proxy_set_header Accept-Encoding gzip;
|
||||
proxy_read_timeout 180;
|
||||
}
|
||||
location /api/files {
|
||||
proxy_pass http://StudioServer;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $http_connection;
|
||||
proxy_set_header Accept-Encoding gzip;
|
||||
proxy_read_timeout 180;
|
||||
}
|
||||
|
||||
location /kapis {
|
||||
proxy_pass http://SettingsServerStudio;
|
||||
}
|
||||
|
||||
|
||||
location /api {
|
||||
proxy_pass http://SettingsServerStudio;
|
||||
}
|
||||
|
||||
location /capi {
|
||||
proxy_pass http://SettingsServerStudio;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
|
||||
location ~ /(kapis/terminal|api/v1/watch|apis/apps/v1/watch) {
|
||||
proxy_pass http://SettingsServerStudio;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
|
||||
|
||||
location = /js/script.js {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
}
|
||||
|
||||
location ~.*\.(js|css|png|jpg|svg|woff|woff2)$ {
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
}
|
||||
8
apps/docker/system-frontend/dockerfile
Normal file
8
apps/docker/system-frontend/dockerfile
Normal file
@@ -0,0 +1,8 @@
|
||||
FROM nginx:stable-alpine
|
||||
|
||||
COPY packages/app/dist/apps/ /apps/
|
||||
COPY docker/system-frontend/nginx/*.conf /apps/nginxs/
|
||||
|
||||
EXPOSE 80
|
||||
|
||||
CMD ["nginx"]
|
||||
237
apps/docker/system-frontend/nginx/dashboard-control-hub.conf
Normal file
237
apps/docker/system-frontend/nginx/dashboard-control-hub.conf
Normal file
@@ -0,0 +1,237 @@
|
||||
upstream SettingsServer {
|
||||
server monitoring:28080;
|
||||
}
|
||||
|
||||
upstream Middleware {
|
||||
server middleware:28080;
|
||||
}
|
||||
|
||||
# upstream Analytics {
|
||||
# server analytics-server.os-framework:3010;
|
||||
# }
|
||||
|
||||
|
||||
server {
|
||||
listen 81;
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 5;
|
||||
gzip_types *;
|
||||
root /www/dashboard;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
|
||||
location /ws {
|
||||
proxy_pass http://127.0.0.1:3100;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
|
||||
location /bfl {
|
||||
add_header 'Access-Control-Allow-Headers' 'x-api-nonce,x-api-ts,x-api-ver,x-api-source';
|
||||
proxy_pass http://bfl;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /kapis {
|
||||
proxy_pass http://SettingsServer;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /hami/ {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
}
|
||||
|
||||
location /user-service {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
rewrite ^/user-service(.*)$ $1 break;
|
||||
}
|
||||
|
||||
location /api/gpu/list {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
location /api/profile/init {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
location /api {
|
||||
proxy_pass http://SettingsServer;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /capi {
|
||||
proxy_pass http://SettingsServer;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
# location = /js/api/send {
|
||||
# proxy_pass http://Analytics;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header X-Real-IP $remote_addr;
|
||||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
# proxy_set_header X-Forwarded-Proto $scheme;
|
||||
|
||||
# rewrite ^/js(.*)$ $1 break;
|
||||
# }
|
||||
|
||||
# location /analytics_service {
|
||||
# proxy_pass http://Analytics;
|
||||
# proxy_http_version 1.1;
|
||||
# proxy_set_header Upgrade $http_upgrade;
|
||||
# proxy_set_header Connection "Upgrade";
|
||||
# proxy_set_header Host $host;
|
||||
# rewrite ^/analytics_service(.*)$ $1 break;
|
||||
# }
|
||||
|
||||
location ~ /(kapis/terminal|api/v1/watch|apis/apps/v1/watch) {
|
||||
proxy_pass http://SettingsServer;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location = /js/script.js {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
}
|
||||
location ~.*\.(js|css|png|jpg|svg|woff|woff2)$ {
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 82;
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 5;
|
||||
gzip_types *;
|
||||
root /www/control-hub;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
|
||||
location /bfl {
|
||||
add_header 'Access-Control-Allow-Headers' 'x-api-nonce,x-api-ts,x-api-ver,x-api-source';
|
||||
proxy_pass http://bfl;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /kapis {
|
||||
proxy_pass http://SettingsServer;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /api {
|
||||
proxy_pass http://SettingsServer;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /user-service {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
rewrite ^/user-service(.*)$ $1 break;
|
||||
}
|
||||
|
||||
location /current_user {
|
||||
proxy_pass http://SettingsServer;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /capi {
|
||||
proxy_pass http://SettingsServer;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
# location = /js/api/send {
|
||||
# proxy_pass http://Analytics;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header X-Real-IP $remote_addr;
|
||||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
# proxy_set_header X-Forwarded-Proto $scheme;
|
||||
|
||||
# rewrite ^/js(.*)$ $1 break;
|
||||
# }
|
||||
|
||||
# location /analytics_service {
|
||||
# proxy_pass http://Analytics;
|
||||
# proxy_http_version 1.1;
|
||||
# proxy_set_header Upgrade $http_upgrade;
|
||||
# proxy_set_header Connection "Upgrade";
|
||||
# proxy_set_header Host $host;
|
||||
# rewrite ^/analytics_service(.*)$ $1 break;
|
||||
# }
|
||||
|
||||
location /middleware {
|
||||
add_header 'Access-Control-Allow-Headers' 'x-api-nonce,x-api-ts,x-api-ver,x-api-source';
|
||||
proxy_pass http://Middleware;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location ~ /(kapis/terminal|api/v1/watch|apis/apps/v1/watch) {
|
||||
proxy_pass http://SettingsServer;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location = /js/script.js {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
}
|
||||
location ~.*\.(js|css|png|jpg|svg|woff|woff2)$ {
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
}
|
||||
133
apps/docker/system-frontend/nginx/desktop.conf
Normal file
133
apps/docker/system-frontend/nginx/desktop.conf
Normal file
@@ -0,0 +1,133 @@
|
||||
upstream DesktopSVCServer {
|
||||
server 127.0.0.1:3010;
|
||||
}
|
||||
|
||||
upstream DesktopMonitoringServer {
|
||||
server monitoring:28080;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 91;
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
root /www/desktop;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
|
||||
location /kapis {
|
||||
proxy_pass http://DesktopMonitoringServer;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /api/logout {
|
||||
add_header 'Access-Control-Allow-Headers' 'x-api-nonce,x-api-ts,x-api-ver,x-api-source';
|
||||
proxy_pass http://authelia-svc;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
location /api/device {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
proxy_pass http://settings-service;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
location /api/refresh {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
proxy_pass http://authelia-backend-svc:9091;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
location /api {
|
||||
proxy_pass http://DesktopSVCServer;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
location /server {
|
||||
if ($request_method = 'OPTIONS') {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
add_header 'Access-Control-Max-Age' 1728000;
|
||||
add_header 'Content-Type' 'text/plain; charset=utf-8';
|
||||
add_header 'Content-Length' 0;
|
||||
return 204;
|
||||
}
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
proxy_pass http://DesktopSVCServer;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
location /notification {
|
||||
proxy_pass http://DesktopSVCServer;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
location /video {
|
||||
proxy_pass http://DesktopSVCServer;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
location /seahub/ {
|
||||
proxy_pass http://seafile/;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
location /ws {
|
||||
proxy_pass http://127.0.0.1:3100;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
location ~.*\.(js|css|png|jpg|svg|woff|woff2)$ {
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
}
|
||||
264
apps/docker/system-frontend/nginx/files.conf
Normal file
264
apps/docker/system-frontend/nginx/files.conf
Normal file
@@ -0,0 +1,264 @@
|
||||
server {
|
||||
listen 88;
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
client_max_body_size 2000M;
|
||||
keepalive_timeout 2700s;
|
||||
root /www/files;
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
location /api/resources/AppData {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
location /api/raw/AppData {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
client_body_timeout 1800s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 2700s;
|
||||
proxy_read_timeout 1800s;
|
||||
proxy_send_timeout 1800s;
|
||||
}
|
||||
location /api/raw {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
client_body_timeout 1800s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 2700s;
|
||||
proxy_read_timeout 1800s;
|
||||
proxy_send_timeout 1800s;
|
||||
}
|
||||
|
||||
location /api/md5 {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
client_body_timeout 1800s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 2700s;
|
||||
proxy_read_timeout 1800s;
|
||||
proxy_send_timeout 1800s;
|
||||
}
|
||||
|
||||
location /api/paste {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
client_body_timeout 1800s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 2700s;
|
||||
proxy_read_timeout 1800s;
|
||||
proxy_send_timeout 1800s;
|
||||
}
|
||||
|
||||
location /api/cache {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
client_body_timeout 1800s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 2700s;
|
||||
proxy_read_timeout 1800s;
|
||||
proxy_send_timeout 1800s;
|
||||
}
|
||||
|
||||
location /provider {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
|
||||
location /api {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location /share_link {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location /upload {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
location /seahub/ {
|
||||
proxy_pass http://seafile/;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
location /seafhttp/ {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
# location /videos/ {
|
||||
# if ($request_method = 'OPTIONS') {
|
||||
# add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
# add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
# add_header Access-Control-Allow-Origin $http_origin;
|
||||
# add_header Access-Control-Allow-Credentials true;
|
||||
# add_header 'Access-Control-Max-Age' 1728000;
|
||||
# add_header 'Content-Type' 'text/plain; charset=utf-8';
|
||||
# add_header 'Content-Length' 0;
|
||||
# return 204;
|
||||
# }
|
||||
# add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
# add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
# add_header Access-Control-Allow-Origin $http_origin;
|
||||
# proxy_pass http://media-server-service.os-framework:9090;
|
||||
# }
|
||||
location /drive/ {
|
||||
proxy_pass http://127.0.0.1:8181;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
location /api/raw/Home/ {
|
||||
expires 30d;
|
||||
add_header Cache-Control "public, max-age=2592000";
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
# Set cache for static resources
|
||||
location ~ ^/(assets|js|css|fonts|img)/.*.(js|css|png|jpg|svg|woff|woff2)$
|
||||
{
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
location ~ ^/resources/Home/Pictures/(.*.(png|jpg|svg|gif|jpeg))$
|
||||
{
|
||||
proxy_pass http://files:28080/api/raw/drive/Home/Pictures/$1;
|
||||
add_header Cache-Control "public, max-age=2592000";
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
autoindex off;
|
||||
}
|
||||
}
|
||||
66
apps/docker/system-frontend/nginx/market.conf
Normal file
66
apps/docker/system-frontend/nginx/market.conf
Normal file
@@ -0,0 +1,66 @@
|
||||
upstream AppstoreBackendServer {
|
||||
server market:28080;
|
||||
}
|
||||
server {
|
||||
listen 90;
|
||||
gzip off;
|
||||
gzip_types text/plain text/xml application/javascript text/css;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
root /www/market;
|
||||
|
||||
location / {
|
||||
add_header Cache-Control "no-store";
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
}
|
||||
|
||||
location /ws {
|
||||
proxy_pass http://127.0.0.1:3100;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
|
||||
location /app-store/ {
|
||||
add_header 'Access-Control-Allow-Headers' 'x-api-nonce,x-api-ts,x-api-ver,x-api-source X-Authorization';
|
||||
proxy_http_version 1.1;
|
||||
proxy_pass http://AppstoreBackendServer;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
|
||||
}
|
||||
|
||||
location /server {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
proxy_pass http://DesktopSVCServer;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
|
||||
}
|
||||
|
||||
location ~ ^(?!/app-store/).*\.(?!html)$ {
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
try_files $uri =404;
|
||||
}
|
||||
|
||||
location /api/env/appenv/remoteOptions {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
}
|
||||
47
apps/docker/system-frontend/nginx/profile-editor.conf
Normal file
47
apps/docker/system-frontend/nginx/profile-editor.conf
Normal file
@@ -0,0 +1,47 @@
|
||||
server {
|
||||
listen 83;
|
||||
|
||||
# Gzip Settings
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
root /www/profile-editor;
|
||||
|
||||
|
||||
# normal routes
|
||||
# serve given url and default to index.html if not found
|
||||
# e.g. /, /user and /foo/bar will return index.html
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
|
||||
location /api {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
location /images {
|
||||
proxy_pass http://127.0.0.1:15080;
|
||||
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
}
|
||||
|
||||
location ~.*\.(js|css|png|jpg|svg|woff|woff2)$
|
||||
{
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
}
|
||||
53
apps/docker/system-frontend/nginx/profile-preview.conf
Normal file
53
apps/docker/system-frontend/nginx/profile-preview.conf
Normal file
@@ -0,0 +1,53 @@
|
||||
server {
|
||||
listen 8090;
|
||||
|
||||
# Gzip Settings
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
root /www/profile-preview;
|
||||
|
||||
|
||||
# normal routes
|
||||
# serve given url and default to index.html if not found
|
||||
# e.g. /, /user and /foo/bar will return index.html
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
|
||||
location /api/profile/init {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
location /api/olares-info {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
location /api/terminus-info {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
location ~.*\.(js|css|png|jpg|svg|woff|woff2)$
|
||||
{
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
}
|
||||
153
apps/docker/system-frontend/nginx/settings.conf
Normal file
153
apps/docker/system-frontend/nginx/settings.conf
Normal file
@@ -0,0 +1,153 @@
|
||||
upstream SettingsServer_Monitoring {
|
||||
server monitoring:28080;
|
||||
}
|
||||
|
||||
upstream InfisicalServer {
|
||||
server infisical:28080;
|
||||
}
|
||||
|
||||
upstream BackupServer {
|
||||
server backup:28080;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 86;
|
||||
|
||||
# Gzip Settings
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
root /www/settings;
|
||||
|
||||
# normal routes
|
||||
# serve given url and default to index.html if not found
|
||||
# e.g. /, /user and /foo/bar will return index.html
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
|
||||
location /ws {
|
||||
proxy_pass http://127.0.0.1:3100;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
|
||||
|
||||
location /kapis {
|
||||
proxy_pass http://SettingsServer_Monitoring;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
# proxy_set_header X-Real-IP $remote_addr;
|
||||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
location /headscale {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
location /api {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
}
|
||||
|
||||
location /apis/backup {
|
||||
proxy_pass http://BackupServer;
|
||||
add_header Accept "application/json, text/plain, */*";
|
||||
add_header Content-Type "application/json; charset=utf-8";
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /api/resources {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
|
||||
add_header Accept-Ranges bytes;
|
||||
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location /drive {
|
||||
proxy_pass http://127.0.0.1:8080;
|
||||
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /api/cloud/sign {
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /admin {
|
||||
proxy_pass http://InfisicalServer;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /images {
|
||||
proxy_pass http://127.0.0.1:15080;
|
||||
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /vault {
|
||||
add_header Access-Control-Allow-Headers "x-authorization";
|
||||
|
||||
proxy_pass http://vault:28080;
|
||||
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
location /api/nodes/ {
|
||||
proxy_pass http://files:28080;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location ~.*\.(js|css|png|jpg|svg|woff|woff2)$ {
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
}
|
||||
103
apps/docker/system-frontend/nginx/share.conf
Normal file
103
apps/docker/system-frontend/nginx/share.conf
Normal file
@@ -0,0 +1,103 @@
|
||||
server {
|
||||
listen 92;
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
client_max_body_size 2000M;
|
||||
keepalive_timeout 2700s;
|
||||
root /www/share;
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
location /api {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
proxy_set_header Host $host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location /upload {
|
||||
proxy_pass http://files:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
proxy_set_header Host $host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location /videos {
|
||||
proxy_pass http://files:28080/proxy/videos;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
proxy_set_header Host $host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location /seafhttp/ {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
|
||||
proxy_pass http://seafile:8082/;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
add_header Accept-Ranges bytes;
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
|
||||
location /bfl/ {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
proxy_pass http://bfl;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location ~ ^/(assets|js|css|fonts|img)/.*.(js|css|png|jpg|svg|woff|woff2)$
|
||||
{
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
|
||||
}
|
||||
100
apps/docker/system-frontend/nginx/vault.conf
Normal file
100
apps/docker/system-frontend/nginx/vault.conf
Normal file
@@ -0,0 +1,100 @@
|
||||
server {
|
||||
listen 89;
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
root /www/vault;
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
location /bfl/ {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
proxy_pass http://bfl;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
location /server {
|
||||
add_header Access-Control-Allow-Headers "x-authorization";
|
||||
proxy_pass http://vault:28080;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
location /notification{
|
||||
proxy_pass http://127.0.0.1:3010;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
}
|
||||
|
||||
location /api/firstfactor {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
proxy_pass http://authelia-backend-svc:9091;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /api/refresh {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
proxy_pass http://authelia-backend-svc:9091;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /api/cookie {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
proxy_pass http://settings-service;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
location /ws {
|
||||
proxy_pass http://127.0.0.1:3100;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
location ~.*\.(js|css|png|jpg|svg|woff|woff2|wasm)$
|
||||
{
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
}
|
||||
12
apps/docker/wise/Dockerfile
Normal file
12
apps/docker/wise/Dockerfile
Normal file
@@ -0,0 +1,12 @@
|
||||
FROM nginx:stable-alpine
|
||||
|
||||
RUN sed -i '1idaemon off;' /etc/nginx/nginx.conf
|
||||
|
||||
COPY docker/wise/wise.conf /etc/nginx/conf.d/default.conf
|
||||
|
||||
# adapt the `dist/` folder to the output directory your build tool uses (such as `dist/`, `build/` or `www/`).
|
||||
COPY packages/app/dist/spa/ /app
|
||||
|
||||
EXPOSE 80
|
||||
|
||||
CMD ["nginx"]
|
||||
136
apps/docker/wise/wise.conf
Normal file
136
apps/docker/wise/wise.conf
Normal file
@@ -0,0 +1,136 @@
|
||||
upstream KnowledgeServer {
|
||||
server rss-svc.knowledge-shared:3010;
|
||||
}
|
||||
|
||||
# upstream RSSServer {
|
||||
# server rss-server.knowledge-shared:3010;
|
||||
# }
|
||||
|
||||
# upstream ArgoworkflowsSever {
|
||||
# server argoworkflows-svc.knowledge-shared:2746;
|
||||
# }
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
|
||||
|
||||
# Gzip Settings
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
root /app;
|
||||
|
||||
# normal routes
|
||||
# serve given url and default to index.html if not found
|
||||
# e.g. /, /user and /foo/bar will return index.html
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
|
||||
location /ws {
|
||||
proxy_pass http://rss-svc.knowledge-shared:3100;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
|
||||
location /knowledge {
|
||||
proxy_pass http://KnowledgeServer;
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
# location /rss {
|
||||
# proxy_pass http://RSSServer;
|
||||
#
|
||||
# add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header X-real-ip $remote_addr;
|
||||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
#
|
||||
# add_header X-Frame-Options SAMEORIGIN;
|
||||
# }
|
||||
|
||||
# location /api/v1 {
|
||||
# proxy_pass http://ArgoworkflowsSever;
|
||||
# }
|
||||
|
||||
# location /artifact-files {
|
||||
# proxy_pass http://ArgoworkflowsSever;
|
||||
# }
|
||||
|
||||
location /videos/ {
|
||||
if ($request_method = 'OPTIONS') {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
|
||||
add_header 'Access-Control-Max-Age' 1728000;
|
||||
add_header 'Content-Type' 'text/plain; charset=utf-8';
|
||||
add_header 'Content-Length' 0;
|
||||
return 204;
|
||||
}
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
proxy_pass http://files-proxy:28080;
|
||||
}
|
||||
|
||||
location /api {
|
||||
proxy_pass http://files-proxy:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
add_header Accept-Ranges bytes;
|
||||
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location /upload {
|
||||
proxy_pass http://files-proxy:28080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
add_header Accept-Ranges bytes;
|
||||
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
# # files
|
||||
# # for all routes matching a dot, check for files and return 404 if not found
|
||||
# # e.g. /file.js returns a 404 if not found
|
||||
location ~.*\.(js|css|png|jpg|svg|woff|woff2)$
|
||||
{
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
}
|
||||
13
apps/docker/wizard/dockerfile
Normal file
13
apps/docker/wizard/dockerfile
Normal file
@@ -0,0 +1,13 @@
|
||||
FROM nginx:stable-alpine
|
||||
|
||||
RUN sed -i '1idaemon off;' /etc/nginx/nginx.conf
|
||||
|
||||
COPY docker/wizard/nginx.conf /etc/nginx/conf.d/default.conf
|
||||
|
||||
# adapt the `dist/` folder to the output directory your build tool uses (such as `dist/`, `build/` or `www/`).
|
||||
COPY packages/app/dist/spa/ /app
|
||||
|
||||
EXPOSE 80
|
||||
|
||||
CMD ["nginx"]
|
||||
|
||||
93
apps/docker/wizard/nginx.conf
Normal file
93
apps/docker/wizard/nginx.conf
Normal file
@@ -0,0 +1,93 @@
|
||||
server {
|
||||
listen 80 default_server;
|
||||
|
||||
# Gzip Settings
|
||||
gzip off;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
root /app;
|
||||
|
||||
# normal routes
|
||||
# serve given url and default to index.html if not found
|
||||
# e.g. /, /user and /foo/bar will return index.html
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
|
||||
location /bfl/ {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
proxy_pass http://bfl;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /api/firstfactor {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
|
||||
proxy_pass http://authelia-backend-svc:9091;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /api/secondfactor/totp {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
|
||||
proxy_pass http://authelia-backend-svc:9091;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /api/refresh {
|
||||
add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
|
||||
add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
|
||||
proxy_pass http://authelia-backend-svc:9091;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-real-ip $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
}
|
||||
|
||||
location /server {
|
||||
proxy_pass http://vault-server:3000;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
}
|
||||
|
||||
# # files
|
||||
# # for all routes matching a dot, check for files and return 404 if not found
|
||||
# # e.g. /file.js returns a 404 if not found
|
||||
location ~.*\.(js|css|png|jpg|svg|woff|woff2)$
|
||||
{
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
}
|
||||
5
apps/lerna.json
Normal file
5
apps/lerna.json
Normal file
@@ -0,0 +1,5 @@
|
||||
{
|
||||
"packages": ["packages/*"],
|
||||
"version": "0.1.0",
|
||||
"exact": true
|
||||
}
|
||||
10974
apps/package-lock.json
generated
Normal file
10974
apps/package-lock.json
generated
Normal file
File diff suppressed because it is too large
Load Diff
93
apps/package.json
Normal file
93
apps/package.json
Normal file
@@ -0,0 +1,93 @@
|
||||
{
|
||||
"name": "olaresapp",
|
||||
"private": true,
|
||||
"version": "0.1.0",
|
||||
"description": "Olares app",
|
||||
"author": "Peng Peng <pengpeng@bytetrade.io>",
|
||||
"license": "GPL-3.0",
|
||||
"engines": {
|
||||
"node": ">= 19.8.1",
|
||||
"npm": ">= 8.2.0"
|
||||
},
|
||||
"main": "main.js",
|
||||
"devDependencies": {
|
||||
"@intlify/vue-i18n-loader": "4.2.0",
|
||||
"@types/bcrypt": "6.0.0",
|
||||
"@typescript-eslint/eslint-plugin": "5.52.0",
|
||||
"@typescript-eslint/parser": "5.52.0",
|
||||
"concurrently": "7.0.0",
|
||||
"eslint": "^8.10.0",
|
||||
"eslint-config-prettier": "^8.1.0",
|
||||
"eslint-plugin-prettier": "4.0.0",
|
||||
"eslint-plugin-vue": "^9.0.0",
|
||||
"http-server": "14.1.0",
|
||||
"husky": ">=7",
|
||||
"lerna": "8.2.4",
|
||||
"lint-staged": ">=10",
|
||||
"prettier": "2.5.1",
|
||||
"ts-node": "10.9.2",
|
||||
"typescript": "4.4.3"
|
||||
},
|
||||
"scripts": {
|
||||
"postinstall": "lerna exec npm install",
|
||||
"vault:build": "lerna run build:vault --scope @didvault/app",
|
||||
"mobile:build": "lerna run build:mobile --scope @didvault/app",
|
||||
"files:build": "lerna run build:files --scope @didvault/app",
|
||||
"share:build": "lerna run build:share --scope @didvault/app",
|
||||
"wizard:build": "lerna run build:wizard --scope @didvault/app",
|
||||
"login:build": "lerna run build:login --scope @didvault/app",
|
||||
"desktop:build": "lerna run build:desktop --scope @didvault/app",
|
||||
"dashboard:build": "lerna run build:dashboard --scope @didvault/app",
|
||||
"control-hub:build": "lerna run build:hub --scope @didvault/app",
|
||||
"profile-editor:build": "lerna run build:editor --scope @didvault/app",
|
||||
"profile-preview:build": "lerna run build:preview --scope @didvault/app",
|
||||
"market:build": "lerna run build:market --scope @didvault/app",
|
||||
"settings:build": "lerna run build:settings --scope @didvault/app",
|
||||
"studio:build": "lerna run build:studio --scope @didvault/app",
|
||||
"wise:build": "lerna run build:wise --scope @didvault/app",
|
||||
"server:start": "lerna run start --scope @didvault/server --stream",
|
||||
"server:start-dry": "lerna run start-dry --stream --scope @didvault/server",
|
||||
"server:build": "lerna run build --scope @didvault/server",
|
||||
"admin:build": "lerna run build --scope @didvault/admin",
|
||||
"web-extension:build": "lerna run build --scope @didvault/extension",
|
||||
"start": "npm run pwa:build && lerna run --scope '@didvault/{server,frontend}' --parallel start",
|
||||
"clean": "lerna run --scope '@didvault/{server,mockbfl}' --parallel clean",
|
||||
"dev": "lerna run --scope '@didvault/{server,app,mockbfl}' --parallel dev",
|
||||
"dev:1": "lerna run --scope '@didvault/{server,mockbfl}' --parallel dev",
|
||||
"dev:2": "lerna run --scope '@didvault/{server2,mockbfl2}' --parallel dev",
|
||||
"dev:files": "lerna run --scope '@didvault/app' --parallel dev:files",
|
||||
"dev:share": "lerna run --scope '@didvault/app' --parallel dev:share",
|
||||
"dev:wise": "lerna run --scope '@didvault/app' --parallel dev:wise",
|
||||
"dev:settings": "lerna run --scope '@didvault/app' --parallel dev:settings",
|
||||
"dev:editor": "lerna run --scope '@didvault/app' --parallel dev:editor",
|
||||
"dev:login": "lerna run --scope '@didvault/app' --parallel dev:login",
|
||||
"dev:wizard": "lerna run --scope '@didvault/app' --parallel dev:wizard",
|
||||
"dev:desktop": "lerna run --scope '@didvault/app' --parallel dev:desktop",
|
||||
"dev:preview": "lerna run --scope '@didvault/app' --parallel dev:preview",
|
||||
"dev:dashboard": "lerna run --scope '@didvault/app' --parallel dev:dashboard",
|
||||
"dev:hub": "lerna run --scope '@didvault/app' --parallel dev:hub",
|
||||
"dev:studio": "lerna run --scope '@didvault/app' --parallel dev:studio",
|
||||
"remove": "rm packages/$scope/package-lock.json && lerna exec \"npm uninstall $1\" --scope=@didvault/$scope",
|
||||
"clean:2": "lerna run --scope '@didvault/{server,server2,mockbfl,mockbfl2}' --parallel clean",
|
||||
"prettier": "prettier --write .",
|
||||
"prettier:check": "prettier --check .",
|
||||
"format": "prettier --loglevel warn --write \"**/*.{js,ts,vue,css,md}\"",
|
||||
"format:check": "prettier --check .",
|
||||
"update-version": "lerna version $1 --yes",
|
||||
"version": "lerna version $1 --yes",
|
||||
"publish": "lerna publish",
|
||||
"prepare": "husky install",
|
||||
"lint": "eslint --ext .js,.ts,.vue ./"
|
||||
},
|
||||
"lint-staged": {
|
||||
"*.{js,ts,vue}": "eslint --cache --fix",
|
||||
"*.{js,ts,vue,css,md}": "prettier --write"
|
||||
},
|
||||
"dependencies": {
|
||||
"@bytetrade/core": "0.4.13",
|
||||
"clipboard": "2.0.11",
|
||||
"lodash.throttle": "4.1.1",
|
||||
"node-forge": "1.3.1",
|
||||
"utif": "3.1.0"
|
||||
}
|
||||
}
|
||||
25
apps/packages/admin/.eslintrc.js
Normal file
25
apps/packages/admin/.eslintrc.js
Normal file
@@ -0,0 +1,25 @@
|
||||
module.exports = {
|
||||
parser: '@typescript-eslint/parser',
|
||||
parserOptions: {
|
||||
project: 'tsconfig.json',
|
||||
tsconfigRootDir: __dirname,
|
||||
sourceType: 'module',
|
||||
},
|
||||
plugins: ['@typescript-eslint/eslint-plugin'],
|
||||
extends: [
|
||||
'plugin:@typescript-eslint/recommended',
|
||||
'plugin:prettier/recommended',
|
||||
],
|
||||
root: true,
|
||||
env: {
|
||||
node: true,
|
||||
jest: true,
|
||||
},
|
||||
ignorePatterns: ['.eslintrc.js'],
|
||||
rules: {
|
||||
'@typescript-eslint/interface-name-prefix': 'off',
|
||||
'@typescript-eslint/explicit-function-return-type': 'off',
|
||||
'@typescript-eslint/explicit-module-boundary-types': 'off',
|
||||
'@typescript-eslint/no-explicit-any': 'off',
|
||||
},
|
||||
};
|
||||
20
apps/packages/admin/.eslintrc.json
Normal file
20
apps/packages/admin/.eslintrc.json
Normal file
@@ -0,0 +1,20 @@
|
||||
{
|
||||
"env": {
|
||||
"browser": true,
|
||||
"es2021": true,
|
||||
"node": true
|
||||
},
|
||||
"extends": [
|
||||
"eslint:recommended",
|
||||
"plugin:@typescript-eslint/recommended",
|
||||
"plugin:prettier/recommended"
|
||||
],
|
||||
"overrides": [],
|
||||
"parser": "@typescript-eslint/parser",
|
||||
"parserOptions": {
|
||||
"ecmaVersion": "latest",
|
||||
"sourceType": "module"
|
||||
},
|
||||
"plugins": ["@typescript-eslint"],
|
||||
"rules": {}
|
||||
}
|
||||
97
apps/packages/admin/.prettierignore
Normal file
97
apps/packages/admin/.prettierignore
Normal file
@@ -0,0 +1,97 @@
|
||||
packages/app/src/core/*.js
|
||||
packages/extension/dist/**/*
|
||||
packages/cordova/plugins/**/*
|
||||
packages/cordova/platforms/**/*
|
||||
packages/cordova/www/**/*
|
||||
packages/electron/app/**/*
|
||||
packages/electron/build/**/*
|
||||
packages/electron/dist/**/*
|
||||
packages/tauri/dist/**/*
|
||||
packages/tauri/src-tauri/target/**/*
|
||||
packages/tauri/tauri-update.json
|
||||
packages/pwa/dist/**/*
|
||||
package-lock.json
|
||||
cypress/fixtures/**/*
|
||||
.flatpak-builder/**/*
|
||||
packages/locale/res/**/*
|
||||
packages/admin/dist/**/*
|
||||
|
||||
assets
|
||||
.github
|
||||
.husky
|
||||
.vscode
|
||||
.eslintcache
|
||||
node_modules
|
||||
**/package*.json
|
||||
**/yarn.lock
|
||||
**/.gitignore
|
||||
|
||||
.DS_Store
|
||||
.thumbs.db
|
||||
node_modules
|
||||
.vscode
|
||||
packages/*/node_modules
|
||||
packages/*/docs
|
||||
packages/core/lib
|
||||
packages/billing/lib
|
||||
packages/app/dist
|
||||
packages/app/test/dist
|
||||
packages/app/sw.js
|
||||
packages/app/env.js
|
||||
packages/server/db
|
||||
packages/cordova/platforms
|
||||
packages/cordova/plugins
|
||||
packages/cordova/www
|
||||
packages/cordova/dist
|
||||
packages/electron/build
|
||||
packages/electron/app
|
||||
packages/electron/dist
|
||||
/.env
|
||||
packages/pwa/dist
|
||||
packages/server/logs
|
||||
packages/server/data
|
||||
packages/server/attachments
|
||||
packages/server/dist
|
||||
/logs
|
||||
/pwa
|
||||
/data
|
||||
packages/extension/dist
|
||||
packages/tauri/dist
|
||||
packages/tauri/src-tauri/icons
|
||||
packages/tauri/tauri-update.json
|
||||
.flatpak-builder
|
||||
packages/admin/dist
|
||||
|
||||
# Quasar core related directories
|
||||
packages/*/.quasar
|
||||
packages/*/dist
|
||||
|
||||
# Cordova related directories and files
|
||||
packages/*/src-cordova/node_modules
|
||||
packages/*/src-cordova/platforms
|
||||
packages/*/src-cordova/plugins
|
||||
packages/*/src-cordova/www
|
||||
|
||||
# Capacitor related directories and files
|
||||
packages/*/src-capacitor/www
|
||||
packages/*/src-capacitor/node_modules
|
||||
|
||||
# BEX related directories and files
|
||||
packages/*/src-bex/www
|
||||
packages/*/src-bex/js/core
|
||||
|
||||
# Log files
|
||||
packages/*npm-debug.log*
|
||||
packages/*yarn-debug.log*
|
||||
packages/*yarn-error.log*
|
||||
|
||||
# Editor directories and files
|
||||
packages/*.idea
|
||||
packages/**.suo
|
||||
packages/**.ntvs*
|
||||
packages/**.njsproj
|
||||
packages/**.sln
|
||||
packages/sign/data
|
||||
packages/sign/dist
|
||||
packages/mockbfl/data
|
||||
|
||||
4
apps/packages/admin/.prettierrc
Normal file
4
apps/packages/admin/.prettierrc
Normal file
@@ -0,0 +1,4 @@
|
||||
{
|
||||
"singleQuote": true,
|
||||
"trailingComma": "all"
|
||||
}
|
||||
25
apps/packages/admin/.prettierrc.json
Normal file
25
apps/packages/admin/.prettierrc.json
Normal file
@@ -0,0 +1,25 @@
|
||||
{
|
||||
"useTabs": true,
|
||||
"tabWidth": 2,
|
||||
"semi": true,
|
||||
"singleQuote": true,
|
||||
"bracketSpacing": true,
|
||||
"trailingComma": "none",
|
||||
"overrides": [
|
||||
{
|
||||
"files": "*.md",
|
||||
"options": {
|
||||
"useTabs": false,
|
||||
"trailingComma": "none",
|
||||
"arrowParens": "avoid",
|
||||
"proseWrap": "never"
|
||||
}
|
||||
},
|
||||
{
|
||||
"files": "*.{json,babelrc,eslintrc,remarkrc,prettierrc}",
|
||||
"options": {
|
||||
"useTabs": false
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
73
apps/packages/admin/README.md
Normal file
73
apps/packages/admin/README.md
Normal file
@@ -0,0 +1,73 @@
|
||||
<p align="center">
|
||||
<a href="http://nestjs.com/" target="blank"><img src="https://nestjs.com/img/logo-small.svg" width="200" alt="Nest Logo" /></a>
|
||||
</p>
|
||||
|
||||
[circleci-image]: https://img.shields.io/circleci/build/github/nestjs/nest/master?token=abc123def456
|
||||
[circleci-url]: https://circleci.com/gh/nestjs/nest
|
||||
|
||||
<p align="center">A progressive <a href="http://nodejs.org" target="_blank">Node.js</a> framework for building efficient and scalable server-side applications.</p>
|
||||
<p align="center">
|
||||
<a href="https://www.npmjs.com/~nestjscore" target="_blank"><img src="https://img.shields.io/npm/v/@nestjs/core.svg" alt="NPM Version" /></a>
|
||||
<a href="https://www.npmjs.com/~nestjscore" target="_blank"><img src="https://img.shields.io/npm/l/@nestjs/core.svg" alt="Package License" /></a>
|
||||
<a href="https://www.npmjs.com/~nestjscore" target="_blank"><img src="https://img.shields.io/npm/dm/@nestjs/common.svg" alt="NPM Downloads" /></a>
|
||||
<a href="https://circleci.com/gh/nestjs/nest" target="_blank"><img src="https://img.shields.io/circleci/build/github/nestjs/nest/master" alt="CircleCI" /></a>
|
||||
<a href="https://coveralls.io/github/nestjs/nest?branch=master" target="_blank"><img src="https://coveralls.io/repos/github/nestjs/nest/badge.svg?branch=master#9" alt="Coverage" /></a>
|
||||
<a href="https://discord.gg/G7Qnnhy" target="_blank"><img src="https://img.shields.io/badge/discord-online-brightgreen.svg" alt="Discord"/></a>
|
||||
<a href="https://opencollective.com/nest#backer" target="_blank"><img src="https://opencollective.com/nest/backers/badge.svg" alt="Backers on Open Collective" /></a>
|
||||
<a href="https://opencollective.com/nest#sponsor" target="_blank"><img src="https://opencollective.com/nest/sponsors/badge.svg" alt="Sponsors on Open Collective" /></a>
|
||||
<a href="https://paypal.me/kamilmysliwiec" target="_blank"><img src="https://img.shields.io/badge/Donate-PayPal-ff3f59.svg"/></a>
|
||||
<a href="https://opencollective.com/nest#sponsor" target="_blank"><img src="https://img.shields.io/badge/Support%20us-Open%20Collective-41B883.svg" alt="Support us"></a>
|
||||
<a href="https://twitter.com/nestframework" target="_blank"><img src="https://img.shields.io/twitter/follow/nestframework.svg?style=social&label=Follow"></a>
|
||||
</p>
|
||||
<!--[](https://opencollective.com/nest#backer)
|
||||
[](https://opencollective.com/nest#sponsor)-->
|
||||
|
||||
## Description
|
||||
|
||||
[Nest](https://github.com/nestjs/nest) framework TypeScript starter repository.
|
||||
|
||||
## Installation
|
||||
|
||||
```bash
|
||||
$ npm install
|
||||
```
|
||||
|
||||
## Running the app
|
||||
|
||||
```bash
|
||||
# development
|
||||
$ npm run start
|
||||
|
||||
# watch mode
|
||||
$ npm run start:dev
|
||||
|
||||
# production mode
|
||||
$ npm run start:prod
|
||||
```
|
||||
|
||||
## Test
|
||||
|
||||
```bash
|
||||
# unit tests
|
||||
$ npm run test
|
||||
|
||||
# e2e tests
|
||||
$ npm run test:e2e
|
||||
|
||||
# test coverage
|
||||
$ npm run test:cov
|
||||
```
|
||||
|
||||
## Support
|
||||
|
||||
Nest is an MIT-licensed open source project. It can grow thanks to the sponsors and support by the amazing backers. If you'd like to join them, please [read more here](https://docs.nestjs.com/support).
|
||||
|
||||
## Stay in touch
|
||||
|
||||
- Author - [Kamil Myśliwiec](https://kamilmysliwiec.com)
|
||||
- Website - [https://nestjs.com](https://nestjs.com/)
|
||||
- Twitter - [@nestframework](https://twitter.com/nestframework)
|
||||
|
||||
## License
|
||||
|
||||
Nest is [MIT licensed](LICENSE).
|
||||
8
apps/packages/admin/nest-cli.json
Normal file
8
apps/packages/admin/nest-cli.json
Normal file
@@ -0,0 +1,8 @@
|
||||
{
|
||||
"$schema": "https://json.schemastore.org/nest-cli",
|
||||
"collection": "@nestjs/schematics",
|
||||
"sourceRoot": "src",
|
||||
"compilerOptions": {
|
||||
"deleteOutDir": true
|
||||
}
|
||||
}
|
||||
10739
apps/packages/admin/package-lock.json
generated
Normal file
10739
apps/packages/admin/package-lock.json
generated
Normal file
File diff suppressed because it is too large
Load Diff
89
apps/packages/admin/package.json
Normal file
89
apps/packages/admin/package.json
Normal file
@@ -0,0 +1,89 @@
|
||||
{
|
||||
"name": "@didvault/admin",
|
||||
"version": "0.0.1",
|
||||
"description": "",
|
||||
"author": "",
|
||||
"private": true,
|
||||
"license": "UNLICENSED",
|
||||
"scripts": {
|
||||
"build": "nest build --webpack --webpackPath=./webpack.config",
|
||||
"setup": "npm i",
|
||||
"format": "prettier --write \"src/**/*.ts\" \"test/**/*.ts\"",
|
||||
"start": "nest start",
|
||||
"dev": "nest start --watch --webpack --webpackPath=./webpack.config",
|
||||
"dev:desktop": "nest start --watch",
|
||||
"start:debug": "nest start --debug --watch",
|
||||
"start:prod": "node dist/main",
|
||||
"lint": "eslint \"{src,apps,libs,test}/**/*.ts\" --fix",
|
||||
"test": "jest",
|
||||
"test:watch": "jest --watch",
|
||||
"test:cov": "jest --coverage",
|
||||
"test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
|
||||
"test:e2e": "jest --config ./test/jest-e2e.json"
|
||||
},
|
||||
"dependencies": {
|
||||
"@didvault/sdk": "../sdk",
|
||||
"@nestjs/common": "11.1.6",
|
||||
"@nestjs/core": "11.1.6",
|
||||
"@nestjs/mapped-types": "2.1.0",
|
||||
"@nestjs/platform-express": "11.1.6",
|
||||
"@nestjs/platform-socket.io": "11.1.6",
|
||||
"@nestjs/schedule": "6.0.0",
|
||||
"@nestjs/websockets": "11.1.6",
|
||||
"bcrypt": "6.0.0",
|
||||
"config": "^3.3.9",
|
||||
"dotenv": "16.0.0",
|
||||
"install": "^0.13.0",
|
||||
"jose": "^4.13.1",
|
||||
"level": "7.0.0",
|
||||
"multiformats": "9.6.4",
|
||||
"pg": "8.7.1",
|
||||
"reflect-metadata": "^0.1.13",
|
||||
"rxjs": "^7.2.0",
|
||||
"varint": "6.0.0"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@nestjs/cli": "11.0.12",
|
||||
"@nestjs/schematics": "11.0.7",
|
||||
"@types/bcrypt": "6.0.0",
|
||||
"@types/cron": "^2.4.0",
|
||||
"@types/express": "^4.17.13",
|
||||
"@types/jest": "29.2.4",
|
||||
"@types/node": "18.11.18",
|
||||
"@typescript-eslint/eslint-plugin": "^5.0.0",
|
||||
"@typescript-eslint/parser": "^5.0.0",
|
||||
"add-asset-webpack-plugin": "2.0.1",
|
||||
"eslint": "^8.0.1",
|
||||
"eslint-config-prettier": "^8.3.0",
|
||||
"eslint-plugin-prettier": "^4.0.0",
|
||||
"fork-ts-checker-webpack-plugin": "^8.0.0",
|
||||
"jest": "29.3.1",
|
||||
"prettier": "^2.3.2",
|
||||
"source-map-support": "^0.5.20",
|
||||
"ts-jest": "29.0.3",
|
||||
"ts-loader": "9.5.4",
|
||||
"ts-node": "10.9.2",
|
||||
"tsconfig-paths": "4.1.1",
|
||||
"typescript": "4.9.5",
|
||||
"webpack": "^5.76.1",
|
||||
"webpack-cli": "5.1.4",
|
||||
"webpack-node-externals": "^3.0.0"
|
||||
},
|
||||
"jest": {
|
||||
"moduleFileExtensions": [
|
||||
"js",
|
||||
"json",
|
||||
"ts"
|
||||
],
|
||||
"rootDir": "src",
|
||||
"testRegex": ".*\\.spec\\.ts$",
|
||||
"transform": {
|
||||
"^.+\\.(t|j)s$": "ts-jest"
|
||||
},
|
||||
"collectCoverageFrom": [
|
||||
"**/*.(t|j)s"
|
||||
],
|
||||
"coverageDirectory": "../coverage",
|
||||
"testEnvironment": "node"
|
||||
}
|
||||
}
|
||||
9
apps/packages/admin/src/app.module.ts
Normal file
9
apps/packages/admin/src/app.module.ts
Normal file
@@ -0,0 +1,9 @@
|
||||
import { Module } from '@nestjs/common';
|
||||
import { VaultController } from './vault.controller';
|
||||
|
||||
@Module({
|
||||
imports: [],
|
||||
controllers: [VaultController],
|
||||
providers: [],
|
||||
})
|
||||
export class AppModule {}
|
||||
83
apps/packages/admin/src/config/config.ts
Normal file
83
apps/packages/admin/src/config/config.ts
Normal file
@@ -0,0 +1,83 @@
|
||||
import { Config, ConfigParam } from '@didvault/sdk/src/core/config';
|
||||
import { ServerConfig } from '@didvault/sdk/src/core/server';
|
||||
|
||||
//import { MongoDBStorageConfig } from './storage/mongodb';
|
||||
//import { AuthType } from '@didvault/sdk/src/core/auth';
|
||||
|
||||
import { PostgresConfig } from './postgres';
|
||||
import dotenv from 'dotenv';
|
||||
import { resolve } from 'path';
|
||||
import { BasicProvisionerConfig } from '@didvault/sdk/src/core/provisioning';
|
||||
// import {
|
||||
// ChangeLoggerConfig,
|
||||
// RequestLoggerConfig,
|
||||
// } from '@didvault/sdk/src/core/logging';
|
||||
|
||||
export class DataStorageConfig extends Config {
|
||||
constructor(init: Partial<DataStorageConfig> = {}) {
|
||||
super();
|
||||
Object.assign(this, init);
|
||||
}
|
||||
|
||||
@ConfigParam()
|
||||
backend: 'void' | 'memory' | 'leveldb' | 'mongodb' | 'postgres' = 'leveldb';
|
||||
|
||||
// @ConfigParam(MongoDBStorageConfig)
|
||||
// mongodb?: MongoDBStorageConfig;
|
||||
|
||||
@ConfigParam(PostgresConfig)
|
||||
postgres?: PostgresConfig;
|
||||
}
|
||||
|
||||
export class ProvisioningConfig extends Config {
|
||||
@ConfigParam()
|
||||
backend: 'basic' | 'directory' | 'stripe' = 'basic';
|
||||
|
||||
@ConfigParam(BasicProvisionerConfig)
|
||||
basic?: BasicProvisionerConfig;
|
||||
|
||||
// @ConfigParam(StripeProvisionerConfig)
|
||||
// stripe?: StripeProvisionerConfig;
|
||||
|
||||
// @ConfigParam(DirectoryProvisionerConfig)
|
||||
// directory?: DirectoryProvisionerConfig;
|
||||
}
|
||||
|
||||
// export class DirectoryConfig extends Config {
|
||||
// @ConfigParam("string[]")
|
||||
// providers: "scim"[] = ["scim"];
|
||||
|
||||
// @ConfigParam(ScimServerConfig)
|
||||
// scim?: ScimServerConfig;
|
||||
// }
|
||||
|
||||
export class PadlocConfig extends Config {
|
||||
constructor(init: Partial<PadlocConfig> = {}) {
|
||||
super();
|
||||
Object.assign(this, init);
|
||||
}
|
||||
|
||||
@ConfigParam(ServerConfig)
|
||||
server = new ServerConfig();
|
||||
|
||||
@ConfigParam(DataStorageConfig)
|
||||
data = new DataStorageConfig();
|
||||
|
||||
@ConfigParam(ProvisioningConfig)
|
||||
provisioning = new ProvisioningConfig();
|
||||
|
||||
// @ConfigParam(DirectoryConfig)
|
||||
}
|
||||
|
||||
export function getConfig() {
|
||||
// const envFile = process.argv
|
||||
// .find((arg) => arg.startsWith('--env='))
|
||||
// ?.slice(6);
|
||||
// const path = envFile && resolve(process.cwd(), envFile);
|
||||
// const override = process.argv.includes('--env-override');
|
||||
// dotenv.config({ override, path });
|
||||
return new PadlocConfig().fromEnv(
|
||||
process.env as { [v: string]: string },
|
||||
'PL_',
|
||||
);
|
||||
}
|
||||
248
apps/packages/admin/src/config/postgres.ts
Normal file
248
apps/packages/admin/src/config/postgres.ts
Normal file
@@ -0,0 +1,248 @@
|
||||
import { Pool } from 'pg';
|
||||
import {
|
||||
Storable,
|
||||
StorableConstructor,
|
||||
Storage,
|
||||
StorageListOptions,
|
||||
StorageQuery,
|
||||
} from '@didvault/sdk/src/core';
|
||||
import { ConfigParam } from '@didvault/sdk/src/core';
|
||||
import { Config } from '@didvault/sdk/src/core';
|
||||
import { Err, ErrorCode } from '@didvault/sdk/src/core';
|
||||
import { readFileSync } from 'fs';
|
||||
import { resolve } from 'path';
|
||||
|
||||
export class PostgresConfig extends Config {
|
||||
@ConfigParam()
|
||||
host = 'localhost';
|
||||
|
||||
@ConfigParam()
|
||||
user!: string;
|
||||
|
||||
@ConfigParam('string', true)
|
||||
password!: string;
|
||||
|
||||
@ConfigParam('number')
|
||||
port = 5432;
|
||||
|
||||
@ConfigParam()
|
||||
database = 'padloc';
|
||||
|
||||
@ConfigParam('boolean')
|
||||
tls?: boolean;
|
||||
|
||||
@ConfigParam()
|
||||
tlsCAFile?: string;
|
||||
|
||||
@ConfigParam()
|
||||
tlsCAFileContents?: string;
|
||||
|
||||
@ConfigParam('boolean')
|
||||
tlsRejectUnauthorized?: boolean = true;
|
||||
}
|
||||
|
||||
function toJsonbPath(path: string) {
|
||||
const pathParts = path.split('.');
|
||||
return (
|
||||
'data' +
|
||||
pathParts
|
||||
.slice(0, -1)
|
||||
.map((part) => `->'${part}'`)
|
||||
.join('') +
|
||||
`->>'${pathParts[pathParts.length - 1]}'`
|
||||
);
|
||||
}
|
||||
|
||||
function queryToSQL(query: StorageQuery): string {
|
||||
switch (query.op) {
|
||||
case 'and':
|
||||
return `(${query.queries.map((q) => queryToSQL(q)).join(' AND ')})`;
|
||||
case 'or':
|
||||
return `(${query.queries.map((q) => queryToSQL(q)).join(' OR ')})`;
|
||||
case 'not':
|
||||
return `NOT (${queryToSQL(query.query)})`;
|
||||
default: {
|
||||
const op = {
|
||||
eq: '=',
|
||||
ne: '!=',
|
||||
gt: '>',
|
||||
lt: '<',
|
||||
gte: '>=',
|
||||
lte: '<=',
|
||||
regex: '~*',
|
||||
negex: '!~*',
|
||||
}[query.op || 'eq'];
|
||||
switch (typeof query.value) {
|
||||
case 'string':
|
||||
case 'boolean':
|
||||
case 'number':
|
||||
return `${toJsonbPath(query.path)} ${op} '${query.value.toString()}'`;
|
||||
default:
|
||||
return `${toJsonbPath(query.path)} IS NULL`;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
export class PostgresStorage implements Storage {
|
||||
private _pool: Pool;
|
||||
|
||||
private _ensuredTables = new Map<string, Promise<void>>();
|
||||
|
||||
constructor(public config: PostgresConfig) {
|
||||
const {
|
||||
host,
|
||||
user,
|
||||
password,
|
||||
port,
|
||||
database,
|
||||
tls,
|
||||
tlsCAFile,
|
||||
tlsCAFileContents,
|
||||
tlsRejectUnauthorized,
|
||||
} = config;
|
||||
const tlsCAFilePath = tlsCAFile && resolve(process.cwd(), tlsCAFile);
|
||||
const ca =
|
||||
tlsCAFileContents ||
|
||||
(tlsCAFilePath && readFileSync(tlsCAFilePath).toString());
|
||||
this._pool = new Pool({
|
||||
host,
|
||||
user,
|
||||
password,
|
||||
port,
|
||||
database,
|
||||
ssl: tls
|
||||
? {
|
||||
rejectUnauthorized: tlsRejectUnauthorized,
|
||||
ca,
|
||||
}
|
||||
: undefined,
|
||||
});
|
||||
}
|
||||
|
||||
private _ensureTable(kind: string) {
|
||||
if (!this._ensuredTables.has(kind)) {
|
||||
this._ensuredTables.set(
|
||||
kind,
|
||||
this._pool
|
||||
.query(
|
||||
`
|
||||
CREATE TABLE IF NOT EXISTS ${kind} (
|
||||
id text PRIMARY KEY,
|
||||
data jsonb NOT NULL
|
||||
)
|
||||
`,
|
||||
)
|
||||
.then(() => {
|
||||
//
|
||||
}),
|
||||
);
|
||||
}
|
||||
return this._ensuredTables.get(kind);
|
||||
}
|
||||
|
||||
async save<T extends Storable>(obj: T): Promise<void> {
|
||||
console.log('saving kind ' + obj.kind);
|
||||
await this._ensureTable(obj.kind);
|
||||
await this._pool.query(
|
||||
`
|
||||
INSERT INTO ${obj.kind} (id, data) values($1, $2) ON CONFLICT (id) DO
|
||||
UPDATE SET data=$2
|
||||
`,
|
||||
[obj.id, obj.toRaw()],
|
||||
);
|
||||
}
|
||||
|
||||
async saveID<T extends Storable>(id: string, obj: T): Promise<void> {
|
||||
await this._ensureTable(obj.kind);
|
||||
await this._pool.query(
|
||||
`
|
||||
INSERT INTO ${obj.kind} (id, data) values($1, $2) ON CONFLICT (id) DO
|
||||
UPDATE SET data=$2
|
||||
`,
|
||||
[id, obj.toRaw()],
|
||||
);
|
||||
}
|
||||
|
||||
async get<T extends Storable>(
|
||||
cls: T | StorableConstructor<T>,
|
||||
id: string,
|
||||
): Promise<T> {
|
||||
const res = cls instanceof Storable ? cls : new cls();
|
||||
//console.log('get kind ' + res.kind);
|
||||
await this._ensureTable(res.kind);
|
||||
const {
|
||||
rows: [row],
|
||||
} = await this._pool.query(`SELECT data FROM ${res.kind} WHERE id=$1`, [
|
||||
id,
|
||||
]);
|
||||
if (!row) {
|
||||
throw new Err(
|
||||
ErrorCode.NOT_FOUND,
|
||||
`Cannot find object: ${res.kind}_${id}`,
|
||||
);
|
||||
}
|
||||
return res.fromRaw(row.data);
|
||||
}
|
||||
|
||||
async delete<T extends Storable>(obj: T): Promise<void> {
|
||||
await this._ensureTable(obj.kind);
|
||||
await this._pool.query(`DELETE FROM ${obj.kind} WHERE id=$1`, [obj.id]);
|
||||
}
|
||||
|
||||
clear(): Promise<void> {
|
||||
throw new Error('Method not implemented.');
|
||||
}
|
||||
|
||||
async list<T extends Storable>(
|
||||
cls: StorableConstructor<T>,
|
||||
{
|
||||
limit,
|
||||
offset,
|
||||
query: where,
|
||||
orderBy,
|
||||
orderByDirection = 'asc',
|
||||
}: StorageListOptions = {},
|
||||
): Promise<T[]> {
|
||||
const kind = new cls().kind;
|
||||
console.log('list kind ' + kind);
|
||||
await this._ensureTable(kind);
|
||||
|
||||
let query = `SELECT data FROM ${kind}`;
|
||||
|
||||
if (where) {
|
||||
query += ` WHERE ${queryToSQL(where)}`;
|
||||
}
|
||||
|
||||
if (orderBy) {
|
||||
query += ` ORDER BY ${toJsonbPath(orderBy)} ${orderByDirection}`;
|
||||
}
|
||||
|
||||
if (offset) {
|
||||
query += ` OFFSET ${offset}`;
|
||||
}
|
||||
|
||||
if (limit) {
|
||||
query += ` LIMIT ${limit}`;
|
||||
}
|
||||
|
||||
const { rows } = await this._pool.query(query);
|
||||
return rows.map((row: any) => new cls().fromRaw(row.data));
|
||||
}
|
||||
|
||||
async count<T extends Storable>(
|
||||
cls: StorableConstructor<T>,
|
||||
query?: StorageQuery,
|
||||
) {
|
||||
const kind = new cls().kind;
|
||||
await this._ensureTable(kind);
|
||||
const sql = `SELECT COUNT(*) FROM ${kind}${
|
||||
query ? ` WHERE ${queryToSQL(query)}` : ''
|
||||
}`;
|
||||
console.log(sql);
|
||||
const {
|
||||
rows: [{ count }],
|
||||
} = await this._pool.query(sql);
|
||||
return Number(count);
|
||||
}
|
||||
}
|
||||
58
apps/packages/admin/src/jwt.ts
Normal file
58
apps/packages/admin/src/jwt.ts
Normal file
@@ -0,0 +1,58 @@
|
||||
import { base58btc } from 'multiformats/bases/base58';
|
||||
import { base64url } from 'multiformats/bases/base64';
|
||||
import * as varint from 'varint';
|
||||
import { DIDDocument, LDKeyType, PublicJwk, PrivateJwk } from '@bytetrade/core';
|
||||
const ED25519_CODEC_ID = varint.encode(parseInt('0xed', 16));
|
||||
|
||||
export function resolve(did: string): DIDDocument {
|
||||
const [scheme, method, id] = did.split(':');
|
||||
|
||||
if (scheme !== 'did') {
|
||||
throw new Error('malformed scheme');
|
||||
}
|
||||
|
||||
if (method !== 'key') {
|
||||
throw new Error('did method MUST be "key"');
|
||||
}
|
||||
|
||||
const idBytes = base58btc.decode(id);
|
||||
const publicKeyBytes = idBytes.slice(ED25519_CODEC_ID.length);
|
||||
const x = base64url.baseEncode(publicKeyBytes);
|
||||
|
||||
console.log(
|
||||
'base64url.baseEncode(publicKeyBytes) ' +
|
||||
base64url.baseEncode(publicKeyBytes),
|
||||
);
|
||||
|
||||
const mId = `#${id}`;
|
||||
|
||||
const didDocument: DIDDocument = {
|
||||
'@context': [
|
||||
'https://www.w3.org/ns/did/v1',
|
||||
'https://w3id.org/security/suites/ed25519-2020/v1',
|
||||
'https://w3id.org/security/suites/x25519-2020/v1',
|
||||
],
|
||||
id: did,
|
||||
verificationMethod: [
|
||||
{
|
||||
id: mId,
|
||||
type: LDKeyType.Ed25519VerificationKey2020,
|
||||
controller: did,
|
||||
publicKeyJwk: {
|
||||
alg: 'EdDSA',
|
||||
crv: 'Ed25519',
|
||||
kid: did,
|
||||
kty: 'OKP',
|
||||
use: 'sig',
|
||||
x: x,
|
||||
},
|
||||
},
|
||||
],
|
||||
authentication: [mId],
|
||||
assertionMethod: [mId],
|
||||
capabilityDelegation: [mId],
|
||||
capabilityInvocation: [mId],
|
||||
};
|
||||
|
||||
return didDocument;
|
||||
}
|
||||
9
apps/packages/admin/src/main.ts
Normal file
9
apps/packages/admin/src/main.ts
Normal file
@@ -0,0 +1,9 @@
|
||||
import { NestFactory } from '@nestjs/core';
|
||||
import { AppModule } from './app.module';
|
||||
|
||||
async function bootstrap() {
|
||||
const app = await NestFactory.create(AppModule);
|
||||
//app.useWebSocketAdapter(new WsAdapter(app)); // 使用我们的适配器
|
||||
await app.listen(3010);
|
||||
}
|
||||
bootstrap();
|
||||
435
apps/packages/admin/src/vault.controller.ts
Normal file
435
apps/packages/admin/src/vault.controller.ts
Normal file
@@ -0,0 +1,435 @@
|
||||
import {
|
||||
Controller,
|
||||
Logger,
|
||||
Post,
|
||||
Body,
|
||||
OnModuleInit,
|
||||
Req,
|
||||
Get,
|
||||
Param,
|
||||
HttpCode,
|
||||
} from '@nestjs/common';
|
||||
import { Account } from '@didvault/sdk/src/core/account';
|
||||
import { setPlatform } from '@didvault/sdk/src/core';
|
||||
import { NodePlatform } from '@didvault/sdk/src/core';
|
||||
import { Auth } from '@didvault/sdk/src/core/auth';
|
||||
import { Session } from '@didvault/sdk/src/core/session';
|
||||
import { getIdFromDID } from '@didvault/sdk/src/core/util';
|
||||
import { Err, ErrorCode } from '@didvault/sdk/src/core/error';
|
||||
import { Org, OrgID } from '@didvault/sdk/src/core/org';
|
||||
import { Vault } from '@didvault/sdk/src/core/vault';
|
||||
import { stripPropertiesRecursive, DeviceInfo } from '@didvault/sdk/src/core';
|
||||
import { BasicProvisionerConfig } from '@didvault/sdk/src/core/provisioning';
|
||||
import { BasicProvisioner } from '@didvault/sdk/src/core/provisioning';
|
||||
import { ListParams } from '@didvault/sdk/src/core/api';
|
||||
import { PostgresStorage } from './config/postgres';
|
||||
import { getConfig, DataStorageConfig, PadlocConfig } from './config/config';
|
||||
import { returnSucceed, Result, DIDDocument } from '@bytetrade/core';
|
||||
import * as jose from 'jose';
|
||||
import { resolve } from './jwt';
|
||||
|
||||
export interface VerifyDataResponse {
|
||||
verify: boolean;
|
||||
payload?: any;
|
||||
name?: string;
|
||||
did?: string;
|
||||
}
|
||||
|
||||
async function initDataStorage(config: DataStorageConfig) {
|
||||
//let storage = null;
|
||||
switch (config.backend) {
|
||||
case 'postgres':
|
||||
if (!config.postgres) {
|
||||
throw "PL_DATA_STORAGE_BACKEND was set to 'postgres', but no related configuration was found!";
|
||||
}
|
||||
return new PostgresStorage(config.postgres);
|
||||
|
||||
default:
|
||||
throw `Invalid value for PL_DATA_STORAGE_BACKEND: ${config.backend}! Supported values: leveldb, mongodb`;
|
||||
}
|
||||
}
|
||||
|
||||
async function initProvisioner(
|
||||
config: PadlocConfig,
|
||||
storage: PostgresStorage /*, directoryProviders?: DirectoryProvider[]*/,
|
||||
) {
|
||||
switch (config.provisioning.backend) {
|
||||
case 'basic':
|
||||
if (!config.provisioning.basic) {
|
||||
config.provisioning.basic = new BasicProvisionerConfig();
|
||||
}
|
||||
return new BasicProvisioner(storage, config.provisioning.basic);
|
||||
// case "directory":
|
||||
// const directoryProvisioner = new DirectoryProvisioner(
|
||||
// storage,
|
||||
// directoryProviders,
|
||||
// config.provisioning.directory
|
||||
// );
|
||||
// return directoryProvisioner;
|
||||
// case "stripe":
|
||||
// if (!config.provisioning.stripe) {
|
||||
// throw "PL_PROVISIONING_BACKEND was set to 'stripe', but no related configuration was found!";
|
||||
// }
|
||||
// const stripeProvisioner = new StripeProvisioner(config.provisioning.stripe, storage);
|
||||
// await stripeProvisioner.init();
|
||||
// return stripeProvisioner;
|
||||
default:
|
||||
throw `Invalid value for PL_PROVISIONING_BACKEND: ${config.provisioning.backend}! Supported values: "basic", "directory", "stripe"`;
|
||||
}
|
||||
}
|
||||
|
||||
@Controller('')
|
||||
export class VaultController implements OnModuleInit {
|
||||
private readonly logger = new Logger(VaultController.name);
|
||||
|
||||
public storage: PostgresStorage;
|
||||
public provisioner: BasicProvisioner;
|
||||
|
||||
constructor() {
|
||||
//
|
||||
}
|
||||
|
||||
async onModuleInit(): Promise<void> {
|
||||
this.logger.debug('onModuleInit');
|
||||
const config = getConfig();
|
||||
try {
|
||||
setPlatform(new NodePlatform());
|
||||
|
||||
this.storage = await initDataStorage(config.data);
|
||||
|
||||
//const directoryProviders = await initDirectoryProviders(config, storage);
|
||||
this.provisioner = await initProvisioner(
|
||||
config,
|
||||
this.storage /*, directoryProviders*/,
|
||||
);
|
||||
|
||||
console.log(
|
||||
'Server started with config: ',
|
||||
JSON.stringify(
|
||||
stripPropertiesRecursive(config.toRaw(), ['kind', 'version']),
|
||||
null,
|
||||
4,
|
||||
),
|
||||
);
|
||||
} catch (e) {
|
||||
console.error(
|
||||
'Init failed. Error: ',
|
||||
e,
|
||||
'\nConfig: ',
|
||||
JSON.stringify(
|
||||
stripPropertiesRecursive(config.toRaw(), ['kind', 'version']),
|
||||
null,
|
||||
4,
|
||||
),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@Post('/callback/delete')
|
||||
async deleteAccount(@Body() { name }: { name: string }): Promise<void> {
|
||||
this.logger.debug('deleteAccount ' + name);
|
||||
|
||||
const list = await this.storage.list(Account, new ListParams());
|
||||
//this.logger.verbose(list);
|
||||
const account: Account = list.find((l) => l.did == name);
|
||||
this.logger.verbose('found ' + name);
|
||||
|
||||
if (!account) {
|
||||
// throw new Err(
|
||||
// ErrorCode.AUTHENTICATION_FAILED,
|
||||
// 'This account is currently not available!',
|
||||
// );
|
||||
this.logger.warn('Account not found: ' + name);
|
||||
return;
|
||||
}
|
||||
|
||||
// let { account, auth } = this._requireAuth();
|
||||
|
||||
// // Deleting other accounts than one's one is only allowed to super admins
|
||||
// if (id && account.id !== id) {
|
||||
// this._requireAuth(true);
|
||||
|
||||
//const account = await this.storage.get(Account, id);
|
||||
const auth = await this._getAuth(account.did);
|
||||
if (auth) {
|
||||
this.logger.verbose('found auth');
|
||||
} else {
|
||||
this.logger.verbose('not_found auth');
|
||||
}
|
||||
//}
|
||||
|
||||
// Make sure that the account is not owner of any organizations
|
||||
const orgs = await Promise.all(
|
||||
account.orgs.map(({ id }) => this.storage.get(Org, id)),
|
||||
);
|
||||
|
||||
this.logger.verbose('orgs size ' + orgs.length);
|
||||
|
||||
for (const org of orgs) {
|
||||
if (org.isOwner(account)) {
|
||||
//await this.deleteOrg(org.id);
|
||||
console.log("error can't remove owner");
|
||||
return;
|
||||
} else {
|
||||
await org.removeMember(account, false);
|
||||
await this.storage.save(org);
|
||||
}
|
||||
}
|
||||
|
||||
this.logger.verbose('finish orgs');
|
||||
|
||||
await this.provisioner.accountDeleted({ did: account.did });
|
||||
this.logger.verbose('finish provisioner');
|
||||
|
||||
// Delete main vault
|
||||
await this.storage.delete(
|
||||
Object.assign(new Vault(), { id: account.mainVault }),
|
||||
);
|
||||
this.logger.verbose('finish storage');
|
||||
|
||||
// Revoke all sessions
|
||||
if (auth) {
|
||||
await auth.sessions.map((s) =>
|
||||
this.storage.delete(Object.assign(new Session(), s)),
|
||||
);
|
||||
this.logger.verbose('finish session');
|
||||
|
||||
// Delete auth object
|
||||
await this.storage.delete(auth);
|
||||
this.logger.verbose('finish storage auth');
|
||||
} else {
|
||||
this.logger.verbose('auth is null');
|
||||
}
|
||||
|
||||
// Delete account object
|
||||
await this.storage.delete(account);
|
||||
|
||||
this.logger.verbose('finish storage account');
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
@Get('/vault/trust_device/:name')
|
||||
async getTrustDevices(
|
||||
@Req() request: Request,
|
||||
@Param('name') name: string,
|
||||
): Promise<Result<DeviceInfo[]>> {
|
||||
//
|
||||
console.log('name ' + name);
|
||||
console.log('headers');
|
||||
console.log(request.headers);
|
||||
|
||||
const auth = await this._getAuth(name);
|
||||
console.log(auth);
|
||||
if (auth) {
|
||||
this.logger.verbose('found auth');
|
||||
} else {
|
||||
this.logger.verbose('not_found auth');
|
||||
}
|
||||
|
||||
return returnSucceed(auth.trustedDevices);
|
||||
}
|
||||
|
||||
async deleteOrg(id: OrgID) {
|
||||
// const { account } = this._requireAuth();
|
||||
|
||||
const org = await this.storage.get(Org, id);
|
||||
|
||||
// if (!org.isOwner(account)) {
|
||||
// this._requireAuth(true);
|
||||
// }
|
||||
|
||||
// Delete all associated vaults
|
||||
await Promise.all(
|
||||
org.vaults.map((v) => this.storage.delete(Object.assign(new Vault(), v))),
|
||||
);
|
||||
|
||||
// Remove org from all member accounts
|
||||
await Promise.all(
|
||||
org.members
|
||||
.filter((m) => !!m.accountId)
|
||||
.map(async (member) => {
|
||||
const acc = await this.storage.get(Account, member.accountId!);
|
||||
acc.orgs = acc.orgs.filter(({ id }) => id !== org.id);
|
||||
await this.storage.save(acc);
|
||||
}),
|
||||
);
|
||||
|
||||
await this.storage.delete(org);
|
||||
|
||||
await this.provisioner.orgDeleted(org);
|
||||
|
||||
console.log('org.delete', {
|
||||
org: { name: org.name, id: org.id, owner: org.owner },
|
||||
});
|
||||
}
|
||||
|
||||
@Post('/verify/:name')
|
||||
@HttpCode(200)
|
||||
async verifyJWS(
|
||||
@Req() request: Request,
|
||||
@Body() { jws }: { jws: string },
|
||||
@Param('name') name: string,
|
||||
): Promise<Result<VerifyDataResponse>> {
|
||||
//
|
||||
console.log('name ' + name);
|
||||
// console.log('headers');
|
||||
// console.log(request.headers);
|
||||
console.log('jws ' + jws);
|
||||
|
||||
const list = await this.storage.list(Account, new ListParams());
|
||||
//this.logger.verbose(list);
|
||||
const account: Account = list.find((l) => l.did == name);
|
||||
this.logger.verbose('found ' + name);
|
||||
|
||||
if (!account) {
|
||||
throw new Err(
|
||||
ErrorCode.AUTHENTICATION_FAILED,
|
||||
'This account is currently not available!',
|
||||
);
|
||||
}
|
||||
|
||||
this.logger.log('acccount');
|
||||
this.logger.log(account);
|
||||
const did = account.kid;
|
||||
this.logger.log(did);
|
||||
// const request_header = JSON.parse(base64ToString(jws.split('.')[0]));
|
||||
|
||||
// const resource = request_header.kid.split('#');
|
||||
// const did = resource[0];
|
||||
const d: DIDDocument = resolve(did);
|
||||
|
||||
if (!d) {
|
||||
throw new Error('Not found DidDocument');
|
||||
}
|
||||
if (d.verificationMethod.length < 1) {
|
||||
throw new Error('Error verificationMethod');
|
||||
}
|
||||
//const name = await (await this.findByDid(did)).name;
|
||||
|
||||
const method = d.verificationMethod[0];
|
||||
|
||||
const ecPublicKey = await jose.importJWK(
|
||||
{
|
||||
alg: method.publicKeyJwk.alg,
|
||||
crv: method.publicKeyJwk.crv,
|
||||
kid: method.publicKeyJwk.kid,
|
||||
kty: method.publicKeyJwk.kty,
|
||||
use: method.publicKeyJwk.use,
|
||||
x: method.publicKeyJwk.x,
|
||||
},
|
||||
'ES256',
|
||||
);
|
||||
|
||||
try {
|
||||
const { payload, protectedHeader } = await jose.compactVerify(
|
||||
jws,
|
||||
ecPublicKey,
|
||||
);
|
||||
console.log(JSON.stringify(protectedHeader));
|
||||
console.log(new TextDecoder().decode(payload));
|
||||
const res: VerifyDataResponse = {
|
||||
verify: true,
|
||||
payload: JSON.parse(new TextDecoder().decode(payload)),
|
||||
did,
|
||||
name,
|
||||
// protectedHeader: JSON.parse(JSON.stringify(protectedHeader)),
|
||||
};
|
||||
console.log(res);
|
||||
return returnSucceed(res);
|
||||
} catch (e) {
|
||||
const res: VerifyDataResponse = { verify: false };
|
||||
console.log(res);
|
||||
return returnSucceed(res);
|
||||
}
|
||||
}
|
||||
|
||||
protected async _getAuth(did: string) {
|
||||
let auth: Auth | null = null;
|
||||
|
||||
try {
|
||||
auth = await this.storage.get(Auth, await getIdFromDID(did));
|
||||
} catch (e) {
|
||||
if (e.code !== ErrorCode.NOT_FOUND) {
|
||||
throw e;
|
||||
}
|
||||
}
|
||||
|
||||
if (!auth) {
|
||||
// In previous versions the accounts plain email address was used
|
||||
// as the key directly, check if one such entry exists and if so,
|
||||
// take it and migrate it to the new key format.
|
||||
try {
|
||||
auth = await this.storage.get(Auth, did);
|
||||
await auth.init();
|
||||
await this.storage.save(auth);
|
||||
await this.storage.delete(Object.assign(new Auth(), { id: auth.did }));
|
||||
} catch (e) {
|
||||
console.log(e);
|
||||
}
|
||||
}
|
||||
|
||||
if (!auth) {
|
||||
auth = new Auth(did);
|
||||
await auth.init();
|
||||
|
||||
// We didn't find anything for this user in the database.
|
||||
// Let's see if there is any legacy (v2) data for this user.
|
||||
// const legacyData = await this.legacyServer?.getStore(did);
|
||||
// if (legacyData) {
|
||||
// auth.legacyData = legacyData;
|
||||
// }
|
||||
}
|
||||
|
||||
let updateAuth = false;
|
||||
|
||||
// Revoke unused sessions older than 2 weeks
|
||||
const expiredSessions = auth.sessions.filter(
|
||||
(session) =>
|
||||
Math.max(session.created.getTime(), session.lastUsed.getTime()) <
|
||||
Date.now() - 14 * 24 * 60 * 60 * 1000,
|
||||
);
|
||||
for (const session of expiredSessions) {
|
||||
await this.storage.delete(Object.assign(new Session(), session));
|
||||
auth.sessions.splice(auth.sessions.indexOf(session), 1);
|
||||
updateAuth = true;
|
||||
}
|
||||
|
||||
// Remove pending auth requests older than 1 hour
|
||||
const expiredAuthRequests = auth.authRequests.filter(
|
||||
(authRequest) =>
|
||||
authRequest.created.getTime() < Date.now() - 1 * 60 * 60 * 1000,
|
||||
);
|
||||
for (const authRequest of expiredAuthRequests) {
|
||||
await this.storage.delete(authRequest);
|
||||
auth.authRequests.splice(auth.authRequests.indexOf(authRequest), 1);
|
||||
updateAuth = true;
|
||||
}
|
||||
|
||||
// Remove pending srp sessions older than 1 hour
|
||||
const expiredSRPSessions = auth.srpSessions.filter(
|
||||
(SRPSession) =>
|
||||
SRPSession.created.getTime() < Date.now() - 1 * 60 * 60 * 1000,
|
||||
);
|
||||
for (const srpSession of expiredSRPSessions) {
|
||||
await this.storage.delete(srpSession);
|
||||
auth.srpSessions.splice(auth.srpSessions.indexOf(srpSession), 1);
|
||||
updateAuth = true;
|
||||
}
|
||||
|
||||
// Remove expired invites
|
||||
const nonExpiredInvites = auth.invites.filter(
|
||||
(invite) => new Date(invite.expires || 0) > new Date(),
|
||||
);
|
||||
if (nonExpiredInvites.length < auth.invites.length) {
|
||||
auth.invites = nonExpiredInvites;
|
||||
updateAuth = true;
|
||||
}
|
||||
|
||||
if (updateAuth) {
|
||||
await this.storage.save(auth);
|
||||
}
|
||||
|
||||
return auth;
|
||||
}
|
||||
}
|
||||
4
apps/packages/admin/tsconfig.build.json
Normal file
4
apps/packages/admin/tsconfig.build.json
Normal file
@@ -0,0 +1,4 @@
|
||||
{
|
||||
"extends": "./tsconfig.json",
|
||||
"exclude": ["node_modules", "test", "dist", "**/*spec.ts"]
|
||||
}
|
||||
22
apps/packages/admin/tsconfig.json
Normal file
22
apps/packages/admin/tsconfig.json
Normal file
@@ -0,0 +1,22 @@
|
||||
{
|
||||
"compilerOptions": {
|
||||
"module": "commonjs",
|
||||
"declaration": true,
|
||||
"removeComments": true,
|
||||
"emitDecoratorMetadata": true,
|
||||
"experimentalDecorators": true,
|
||||
"allowSyntheticDefaultImports": true,
|
||||
"target": "es2021",
|
||||
"sourceMap": true,
|
||||
"outDir": "./dist",
|
||||
"baseUrl": "./",
|
||||
"incremental": true,
|
||||
"skipLibCheck": true,
|
||||
"strictNullChecks": false,
|
||||
"noImplicitAny": false,
|
||||
"strictBindCallApply": false,
|
||||
"forceConsistentCasingInFileNames": false,
|
||||
"noFallthroughCasesInSwitch": false,
|
||||
"resolveJsonModule": true
|
||||
}
|
||||
}
|
||||
103
apps/packages/admin/webpack.config.js
Normal file
103
apps/packages/admin/webpack.config.js
Normal file
@@ -0,0 +1,103 @@
|
||||
/* eslint-disable @typescript-eslint/no-var-requires */
|
||||
const path = require('path');
|
||||
const webpack = require('webpack');
|
||||
const nodeExternals = require('webpack-node-externals');
|
||||
const ForkTsCheckerWebpackPlugin = require('fork-ts-checker-webpack-plugin');
|
||||
const AddAssetPlugin = require('add-asset-webpack-plugin');
|
||||
const package = require('./package.json');
|
||||
|
||||
const isProduction = process.env.NODE_ENV == 'production';
|
||||
|
||||
const config = {
|
||||
entry: './src/main',
|
||||
target: 'node',
|
||||
|
||||
externals: {
|
||||
level: 'commonjs2 level',
|
||||
bcrypt: 'commonjs2 bcrypt',
|
||||
},
|
||||
// resolve: {
|
||||
// extensions: ['.js', '.ts', '.json'],
|
||||
// },
|
||||
resolve: {
|
||||
extensions: ['.js', '.ts', '.json'],
|
||||
},
|
||||
|
||||
module: {
|
||||
rules: [
|
||||
{
|
||||
test: /\.ts?$/,
|
||||
use: {
|
||||
loader: 'ts-loader',
|
||||
options: { transpileOnly: true },
|
||||
},
|
||||
exclude: /node_modules/,
|
||||
},
|
||||
],
|
||||
},
|
||||
|
||||
output: {
|
||||
filename: 'main.js',
|
||||
path: path.resolve(__dirname, 'dist'),
|
||||
},
|
||||
|
||||
plugins: [
|
||||
new webpack.IgnorePlugin({
|
||||
checkResource(resource) {
|
||||
const lazyImports = [
|
||||
'@nestjs/microservices',
|
||||
'@nestjs/microservices/microservices-module',
|
||||
'@nestjs/websockets/socket-module',
|
||||
'cache-manager',
|
||||
'class-validator',
|
||||
'class-transformer',
|
||||
'pg-native',
|
||||
];
|
||||
if (!lazyImports.includes(resource)) {
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
require.resolve(resource, {
|
||||
paths: [process.cwd()],
|
||||
});
|
||||
} catch (err) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
},
|
||||
}),
|
||||
new ForkTsCheckerWebpackPlugin(),
|
||||
new AddAssetPlugin('./package.json', createPackage),
|
||||
// new webpack.IgnorePlugin({ resourceRegExp: /^pg-native$/ }),
|
||||
],
|
||||
};
|
||||
|
||||
function createPackage() {
|
||||
const externals = config.externals;
|
||||
const externalsKeys = Object.keys(externals);
|
||||
const dependencies = package.dependencies;
|
||||
const externals_dependencies = {};
|
||||
|
||||
for (const key in dependencies) {
|
||||
if (externalsKeys.includes(key)) {
|
||||
externals_dependencies[key] = dependencies[key];
|
||||
}
|
||||
}
|
||||
|
||||
const packages = {
|
||||
dependencies: externals_dependencies,
|
||||
scripts: {
|
||||
server: 'node main.js',
|
||||
},
|
||||
};
|
||||
return JSON.stringify(packages);
|
||||
}
|
||||
|
||||
module.exports = () => {
|
||||
if (isProduction) {
|
||||
config.mode = 'production';
|
||||
} else {
|
||||
config.mode = 'development';
|
||||
}
|
||||
return config;
|
||||
};
|
||||
13
apps/packages/app/.editorconfig
Normal file
13
apps/packages/app/.editorconfig
Normal file
@@ -0,0 +1,13 @@
|
||||
root = true
|
||||
|
||||
[*]
|
||||
charset = utf-8
|
||||
end_of_line = lf
|
||||
indent_size = 2
|
||||
indent_style = tab
|
||||
insert_final_newline = true
|
||||
trim_trailing_whitespace = true
|
||||
|
||||
[*.md]
|
||||
max_line_length = 0
|
||||
trim_trailing_whitespace = false
|
||||
2
apps/packages/app/.env
Normal file
2
apps/packages/app/.env
Normal file
@@ -0,0 +1,2 @@
|
||||
DEV_DOMAIN=test.xxx.olares.com
|
||||
ACCOUNT_DOMAIN=xxx.olares.com
|
||||
10
apps/packages/app/.eslintignore
Normal file
10
apps/packages/app/.eslintignore
Normal file
@@ -0,0 +1,10 @@
|
||||
/dist
|
||||
/src-bex/www
|
||||
/src-capacitor
|
||||
/src-cordova
|
||||
/.quasar
|
||||
/node_modules
|
||||
.eslintrc.js
|
||||
babel.config.js
|
||||
/src-ssr
|
||||
/src/utils/resumable.js
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user