From 62db50142b9ace2076fabf7e0786973380e41997 Mon Sep 17 00:00:00 2001 From: Ludo Mikula Date: Mon, 15 Jan 2024 16:46:35 +0100 Subject: [PATCH 1/2] new: rename and consolidate environment variables --- app.json | 10 +-- deploy/docker/Dockerfile | 1 + deploy/docker/README.md | 79 +++++++++---------- deploy/docker/all-in-one/entrypoint.sh | 22 ++++-- .../conf-available/02-mongodb.conf | 2 +- deploy/docker/api-service/entrypoint.sh | 4 +- deploy/docker/docker-compose-multi.yaml | 42 +++++----- deploy/docker/docker-compose.yaml | 52 ++++++------ .../docker/frontend/00-change-nginx-user.sh | 4 +- deploy/docker/node-service/entrypoint.sh | 4 +- .../helm/templates/api-service/configMap.yaml | 26 +++--- .../helm/templates/api-service/secrets.yaml | 8 +- deploy/helm/templates/frontend/configMap.yaml | 4 +- .../templates/node-service/configMap.yaml | 4 +- deploy/helm/values.yaml | 2 + docs/self-hosting/README.md | 10 +-- .../selfhost/ce/application-selfhost.yml | 20 ++--- .../resources/selfhost/ce/application.yml | 20 ++--- 18 files changed, 165 insertions(+), 149 deletions(-) diff --git a/app.json b/app.json index 5d6a647c0..b3be3280d 100644 --- a/app.json +++ b/app.json @@ -20,23 +20,23 @@ } }, "env": { - "ENCRYPTION_PASSWORD": { + "LOWCODER_DB_ENCRYPTION_PASSWORD": { "description": "The encryption password used to encrypt all sensitive credentials in the database. You can use any random string (eg abcd).", "required": false }, - "ENCRYPTION_SALT": { + "LOWCODER_DB_ENCRYPTION_SALT": { "description": "The encryption salt used to encrypt all sensitive credentials in the database. You can use any random string (eg abcd).", "required": false }, - "CORS_ALLOWED_DOMAINS": { + "LOWCODER_CORS_DOMAINS": { "description": "The domains supported for CORS requests. All domains are allowed by default. If there are multiple domains, please separate them with commas.", "required": false }, - "MONGODB_URL": { + "LOWCODER_MONGODB_URL": { "description": "Your Mongo Database URL.", "required": false }, - "REDIS_URL": { + "LOWCODER_REDIS_URL": { "description": "Your Redis Database URL.", "required": false } diff --git a/deploy/docker/Dockerfile b/deploy/docker/Dockerfile index f94a01231..6f55ed0fc 100644 --- a/deploy/docker/Dockerfile +++ b/deploy/docker/Dockerfile @@ -212,6 +212,7 @@ COPY --chown=lowcoder:lowcoder deploy/docker/all-in-one/etc /lowcoder/etc # Add startup script COPY --chown=lowcoder:lowcoder deploy/docker/all-in-one/entrypoint.sh /lowcoder/entrypoint.sh +EXPOSE 27017 EXPOSE 3000 EXPOSE 3443 diff --git a/deploy/docker/README.md b/deploy/docker/README.md index 16ecadd74..45a51e20f 100644 --- a/deploy/docker/README.md +++ b/deploy/docker/README.md @@ -23,30 +23,30 @@ Image can be configured by setting environment variables. | Environment variable | Description | Value | | --------------------------------| --------------------------------------------------------------------| ----------------------------------------------------- | -| `REDIS_ENABLED` | If **true** redis server is started in the container | `true` | -| `MONGODB_ENABLED` | If **true** mongo database is started in the container | `true` | -| `API_SERVICE_ENABLED` | If **true** lowcoder api-service is started in the container | `true` | -| `NODE_SERVICE_ENABLED` | If **true** lowcoder node-service is started in the container | `true` | -| `FRONTEND_ENABLED` | If **true** lowcoder web frontend is started in the container | `true` | -| `PUID` | ID of user running services. It will own all created logs and data. | `9001` | -| `PGID` | ID of group of the user running services. | `9001` | -| `MONGODB_URL` | Mongo database connection string | `mongodb://localhost:27017/lowcoder?authSource=admin` | -| `REDIS_URL` | Redis server URL | `redis://localhost:6379` | -| `ENCRYPTION_PASSWORD` | Encryption password | `lowcoder.org` | -| `ENCRYPTION_SALT` | Salt used for encrypting password | `lowcoder.org` | -| `CORS_ALLOWED_DOMAINS` | CORS allowed domains | `*` | +| `LOWCODER_REDIS_ENABLED` | If **true** redis server is started in the container | `true` | +| `LOWCODER_MONGODB_ENABLED` | If **true** mongo database is started in the container | `true` | +| `LOWCODER_API_SERVICE_ENABLED` | If **true** lowcoder api-service is started in the container | `true` | +| `LOWCODER_NODE_SERVICE_ENABLED` | If **true** lowcoder node-service is started in the container | `true` | +| `LOWCODER_FRONTEND_ENABLED` | If **true** lowcoder web frontend is started in the container | `true` | +| `LOWCODER_PUID` | ID of user running services. It will own all created logs and data. | `9001` | +| `LOWCODER_PGID` | ID of group of the user running services. | `9001` | +| `LOWCODER_MONGODB_URL` | Mongo database connection string | `mongodb://localhost:27017/lowcoder?authSource=admin` | +| `LOWCODER_REDIS_URL` | Redis server URL | `redis://localhost:6379` | +| `LOWCODER_DB_ENCRYPTION_PASSWORD` | Encryption password | `lowcoder.org` | +| `LOWCODER_DB_ENCRYPTION_SALT` | Salt used for encrypting password | `lowcoder.org` | +| `LOWCODER_CORS_DOMAINS` | CORS allowed domains | `*` | | `LOWCODER_MAX_REQUEST_SIZE` | Lowcoder max request size | `20m` | | `LOWCODER_MAX_QUERY_TIMEOUT` | Lowcoder max query timeout (in seconds) | `120` | | `LOWCODER_API_SERVICE_URL` | Lowcoder API service URL | `http://localhost:8080` | | `LOWCODER_NODE_SERVICE_URL` | Lowcoder Node service (js executor) URL | `http://localhost:6060` | -| `DEFAULT_ORGS_PER_USER` | Default maximum organizations per user | `100` | -| `DEFAULT_ORG_MEMBER_COUNT` | Default maximum members per organization | `1000` | -| `DEFAULT_ORG_GROUP_COUNT` | Default maximum groups per organization | `100` | -| `DEFAULT_ORG_APP_COUNT` | Default maximum applications per organization | `1000` | -| `DEFAULT_DEVELOPER_COUNT` | Default maximum developers | `100` | -| `COMMON_WORKSPACE_MODE` | SAAS to activate, ENTERPRISE to switch off - Workspaces | `SAAS` | -| `ENABLE_USER_SIGN_UP` | Control if users create their own Workspace automatic when Sign Up | `true` | -| `AUTH_EMAIL_ENABLE` | Control to show the eMail Login after Admin user is set | `true` | +| `LOWCODER_MAX_ORGS_PER_USER` | Default maximum organizations per user | `100` | +| `LOWCODER_MAX_MEMBERS_PER_ORG` | Default maximum members per organization | `1000` | +| `LOWCODER_MAX_GROUPS_PER_ORG` | Default maximum groups per organization | `100` | +| `LOWCODER_MAX_APPS_PER_ORG` | Default maximum applications per organization | `1000` | +| `LOWCODER_MAX_DEVELOPERS` | Default maximum developers | `100` | +| `LOWCODER_WORKSPACE_MODE` | SAAS to activate, ENTERPRISE to switch off - Workspaces | `SAAS` | +| `LOWCODER_EMAIL_SIGNUP_ENABLED` | Control if users create their own Workspace automatic when Sign Up | `true` | +| `LOWCODER_EMAIL_AUTH_ENABLED` | Control to show the eMail Login after Admin user is set | `true` | ## Building api-service image @@ -67,24 +67,23 @@ Image can be configured by setting environment variables. | Environment variable | Description | Value | | --------------------------------| --------------------------------------------------------------------| ------------------------------------------------------| -| `PUID` | ID of user running services. It will own all created logs and data. | `9001` | -| `PGID` | ID of group of the user running services. | `9001` | -| `MONGODB_URL` | Mongo database connection string | `mongodb://localhost:27017/lowcoder?authSource=admin` | -| `REDIS_URL` | Redis server URL | `redis://localhost:6379` | -| `ENABLE_USER_SIGN_UP` | Enable registration of new users | `true` | -| `ENCRYPTION_PASSWORD` | Encryption password | `lowcoder.org` | -| `ENCRYPTION_SALT` | Salt used for encrypting password | `lowcoder.org` | -| `CORS_ALLOWED_DOMAINS` | CORS allowed domains | `*` | -| `DEFAULT_ORGS_PER_USER` | Default maximum organizations per user | `100` | -| `DEFAULT_ORG_MEMBER_COUNT` | Default maximum members per organization | `1000` | -| `DEFAULT_ORG_GROUP_COUNT` | Default maximum groups per organization | `100` | -| `DEFAULT_ORG_APP_COUNT` | Default maximum applications per organization | `1000` | -| `DEFAULT_DEVELOPER_COUNT` | Default maximum developers | `100` | +| `LOWCODER_PUID` | ID of user running services. It will own all created logs and data. | `9001` | +| `LOWCODER_PGID` | ID of group of the user running services. | `9001` | +| `LOWCODER_MONGODB_URL` | Mongo database connection string | `mongodb://localhost:27017/lowcoder?authSource=admin` | +| `LOWCODER_REDIS_URL` | Redis server URL | `redis://localhost:6379` | +| `LOWCODER_DB_ENCRYPTION_PASSWORD` | Encryption password | `lowcoder.org` | +| `LOWCODER_DB_ENCRYPTION_SALT` | Salt used for encrypting password | `lowcoder.org` | +| `LOWCODER_CORS_DOMAINS` | CORS allowed domains | `*` | +| `LOWCODER_MAX_ORGS_PER_USER` | Default maximum organizations per user | `100` | +| `LOWCODER_MAX_MEMBERS_PER_ORG` | Default maximum members per organization | `1000` | +| `LOWCODER_MAX_GROUPS_PER_ORG` | Default maximum groups per organization | `100` | +| `LOWCODER_MAX_APPS_PER_ORG` | Default maximum applications per organization | `1000` | +| `LOWCODER_MAX_DEVELOPERS` | Default maximum developers | `100` | | `LOWCODER_MAX_QUERY_TIMEOUT` | Lowcoder max query timeout (in seconds) | `120` | | `LOWCODER_MAX_REQUEST_SIZE` | Lowcoder max request size | `20m` | -| `COMMON_WORKSPACE_MODE` | SAAS to activate, ENTERPRISE to switch off - Workspaces | `SAAS` | -| `ENABLE_USER_SIGN_UP` | Control is users can create their own Workspace when Sign Up | `true` | -| `AUTH_EMAIL_ENABLE` | Control to show the eMail Login after Admin user is set | `true` | +| `LOWCODER_WORKSPACE_MODE` | SAAS to activate, ENTERPRISE to switch off - Workspaces | `SAAS` | +| `LOWCODER_EMAIL_SIGNUP_ENABLED` | Control is users can create their own Workspace when Sign Up | `true` | +| `LOWCODER_EMAIL_AUTH_ENABLED` | Control to show the eMail Login after Admin user is set | `true` | ## Building node-service image @@ -104,8 +103,8 @@ Image can be configured by setting environment variables. | Environment variable | Description | Value | | --------------------------------| --------------------------------------------------------------------| ------------------------------------------------------- | -| `PUID` | ID of user running services. It will own all created logs and data. | `9001` | -| `PGID` | ID of group of the user running services. | `9001` | +| `LOWCODER_PUID` | ID of user running services. It will own all created logs and data. | `9001` | +| `LOWCODER_PGID` | ID of group of the user running services. | `9001` | | `LOWCODER_API_SERVICE_URL` | Lowcoder API service URL | `http://localhost:8080` | ## Building web frontend image @@ -126,8 +125,8 @@ Image can be configured by setting environment variables. | Environment variable | Description | Value | | --------------------------------| --------------------------------------------------------------------| ------------------------------------------------------- | -| `PUID` | ID of user running services. It will own all created logs and data. | `9001` | -| `PGID` | ID of group of the user running services. | `9001` | +| `LOWCODER_PUID` | ID of user running services. It will own all created logs and data. | `9001` | +| `LOWCODER_PGID` | ID of group of the user running services. | `9001` | | `LOWCODER_MAX_QUERY_TIMEOUT` | Lowcoder max query timeout (in seconds) | `120` | | `LOWCODER_MAX_REQUEST_SIZE` | Lowcoder max request size | `20m` | | `LOWCODER_API_SERVICE_URL` | Lowcoder API service URL | `http://localhost:8080` | diff --git a/deploy/docker/all-in-one/entrypoint.sh b/deploy/docker/all-in-one/entrypoint.sh index 7352833cc..3645ac4b2 100644 --- a/deploy/docker/all-in-one/entrypoint.sh +++ b/deploy/docker/all-in-one/entrypoint.sh @@ -2,8 +2,8 @@ set -e -export USER_ID=${PUID:=9001} -export GROUP_ID=${PGID:=9001} +export USER_ID=${LOWCODER_PUID:=9001} +export GROUP_ID=${LOWCODER_PGID:=9001} # Update ID of lowcoder user if required if [ ! `id --user lowcoder` -eq ${USER_ID} ]; then @@ -17,6 +17,14 @@ if [ ! `id --group lowcoder` -eq ${GROUP_ID} ]; then echo "ID for lowcoder group changed to: ${GROUP_ID}" fi; +# Update host on which mongo is supposed to listen +# If LOWCODER_MONGODB_EXPOSED is true, it will isten on all interfaces +if [[ "${LOWCODER_MONGODB_EXPOSED}" =~ [Tt][Rr][Uu][Ee] ]]; then + export MONGO_LISTEN_HOST="0.0.0.0" +else + export MONGO_LISTEN_HOST="localhost" +fi; + LOGS="/lowcoder-stacks/logs" DATA="/lowcoder-stacks/data" CERT="/lowcoder-stacks/ssl" @@ -44,27 +52,27 @@ mkdir -p ${SUPERVISOR_ENABLED} rm -f ${SUPERVISOR_ENABLED}/*.conf # Enable redis if configured to run -if [ "${REDIS_ENABLED:=true}" = "true" ]; then +if [ "${LOWCODER_REDIS_ENABLED:=true}" = "true" ]; then ln ${SUPERVISOR_AVAILABLE}/01-redis.conf ${SUPERVISOR_ENABLED}/01-redis.conf fi; # Enable mongodb if configured to run -if [ "${MONGODB_ENABLED:=true}" = "true" ]; then +if [ "${LOWCODER_MONGODB_ENABLED:=true}" = "true" ]; then ln ${SUPERVISOR_AVAILABLE}/02-mongodb.conf ${SUPERVISOR_ENABLED}/02-mongodb.conf fi; # Enable api-service if configured to run -if [ "${API_SERVICE_ENABLED:=true}" = "true" ]; then +if [ "${LOWCODER_API_SERVICE_ENABLED:=true}" = "true" ]; then ln ${SUPERVISOR_AVAILABLE}/10-api-service.conf ${SUPERVISOR_ENABLED}/10-api-service.conf fi; # Enable node-service if configured to run -if [ "${NODE_SERVICE_ENABLED:=true}" = "true" ]; then +if [ "${LOWCODER_NODE_SERVICE_ENABLED:=true}" = "true" ]; then ln ${SUPERVISOR_AVAILABLE}/11-node-service.conf ${SUPERVISOR_ENABLED}/11-node-service.conf fi; # Enable frontend if configured to run -if [ "${FRONTEND_ENABLED:=true}" = "true" ]; then +if [ "${LOWCODER_FRONTEND_ENABLED:=true}" = "true" ]; then ln ${SUPERVISOR_AVAILABLE}/20-frontend.conf ${SUPERVISOR_ENABLED}/20-frontend.conf fi; diff --git a/deploy/docker/all-in-one/etc/supervisord/conf-available/02-mongodb.conf b/deploy/docker/all-in-one/etc/supervisord/conf-available/02-mongodb.conf index 92b9222e3..aec4e3179 100644 --- a/deploy/docker/all-in-one/etc/supervisord/conf-available/02-mongodb.conf +++ b/deploy/docker/all-in-one/etc/supervisord/conf-available/02-mongodb.conf @@ -1,7 +1,7 @@ [program:mongodb] user=lowcoder directory=/lowcoder-stacks/data/mongodb -command=mongod --port 27017 --dbpath /lowcoder-stacks/data/mongodb --logpath log --bind_ip localhost +command=mongod --port 27017 --dbpath /lowcoder-stacks/data/mongodb --logpath log --bind_ip %(ENV_MONGO_LISTEN_HOST)s priority=10 autostart=true autorestart=true diff --git a/deploy/docker/api-service/entrypoint.sh b/deploy/docker/api-service/entrypoint.sh index a982d51ac..5f2e3ad2e 100644 --- a/deploy/docker/api-service/entrypoint.sh +++ b/deploy/docker/api-service/entrypoint.sh @@ -2,8 +2,8 @@ set -e -export USER_ID="${PUID:=9001}" -export GROUP_ID="${PGID:=9001}" +export USER_ID="${LOWCODER_PUID:=9001}" +export GROUP_ID="${LOWCODER_PGID:=9001}" # Run init script echo "Initializing api-service..." diff --git a/deploy/docker/docker-compose-multi.yaml b/deploy/docker/docker-compose-multi.yaml index c387ac58d..14eb5c84b 100644 --- a/deploy/docker/docker-compose-multi.yaml +++ b/deploy/docker/docker-compose-multi.yaml @@ -31,33 +31,35 @@ services: # ports: # - "8080:8080" environment: - PUID: "9001" - PGID: "9001" - MONGODB_URL: "mongodb://lowcoder:secret123@mongodb/lowcoder?authSource=admin" - REDIS_URL: "redis://redis:6379" + LOWCODER_PUID: "9001" + LOWCODER_PGID: "9001" + LOWCODER_MONGODB_URL: "mongodb://lowcoder:secret123@mongodb/lowcoder?authSource=admin" + LOWCODER_REDIS_URL: "redis://redis:6379" LOWCODER_NODE_SERVICE_URL: "http://lowcoder-node-service:6060" LOWCODER_MAX_QUERY_TIMEOUT: 120 - ENABLE_USER_SIGN_UP: "true" + LOWCODER_EMAIL_AUTH_ENABLED: "true" + LOWCODER_EMAIL_SIGNUP_ENABLED: "true" + LOWCODER_CREATE_WORKSPACE_ON_SIGNUP: "true" # # ! PLEASE CHANGE THESE TO SOMETHING UNIQUE ! # - # ENCRYPTION_PASSWORD and ENCRYPTION_SALT is used to encrypt sensitive - # data in database so it is important to change the defaults + # LOWCODER_DB_ENCRYPTION_PASSWORD and LOWCODER_DB_ENCRYPTION_SALT is used + # to encrypt sensitive data in database so it is important to change the defaults # - ENCRYPTION_PASSWORD: "lowcoder.org" - ENCRYPTION_SALT: "lowcoder.org" - CORS_ALLOWED_DOMAINS: "*" - DEFAULT_ORGS_PER_USER: 100 - DEFAULT_ORG_MEMBER_COUNT: 1000 - DEFAULT_ORG_GROUP_COUNT: 100 - DEFAULT_ORG_APP_COUNT: 1000 - DEFAULT_DEVELOPER_COUNT: 50 + LOWCODER_DB_ENCRYPTION_PASSWORD: "lowcoder.org" + LOWCODER_DB_ENCRYPTION_SALT: "lowcoder.org" + LOWCODER_CORS_DOMAINS: "*" + LOWCODER_MAX_ORGS_PER_USER: 100 + LOWCODER_MAX_MEMBERS_PER_ORG: 1000 + LOWCODER_MAX_GROUPS_PER_ORG: 100 + LOWCODER_MAX_APPS_PER_ORG: 1000 + LOWCODER_MAX_DEVELOPERS: 50 # # API-KEY secret - should be a string of at least 32 random characters # - on linux/mac, generate one eg. with: head /dev/urandom | head -c 30 | shasum -a 256 # LOWCODER_API_KEY_SECRET: "5a41b090758b39b226603177ef48d73ae9839dd458ccb7e66f7e7cc028d5a50b" - COMMON_WORKSPACE_MODE: SAAS + LOWCODER_WORKSPACE_MODE: SAAS restart: unless-stopped depends_on: - mongodb @@ -70,8 +72,8 @@ services: # ports: # - "6060:6060" environment: - PUID: "9001" - PGID: "9001" + LOWCODER_PUID: "9001" + LOWCODER_PGID: "9001" LOWCODER_API_SERVICE_URL: "http://lowcoder-api-service:8080" restart: unless-stopped depends_on: @@ -86,8 +88,8 @@ services: ports: - "3000:3000" environment: - PUID: "9001" - PGID: "9001" + LOWCODER_PUID: "9001" + LOWCODER_PGID: "9001" LOWCODER_MAX_REQUEST_SIZE: 20m LOWCODER_MAX_QUERY_TIMEOUT: 120 LOWCODER_API_SERVICE_URL: "http://lowcoder-api-service:8080" diff --git a/deploy/docker/docker-compose.yaml b/deploy/docker/docker-compose.yaml index 4917a2e9e..ca0a316eb 100644 --- a/deploy/docker/docker-compose.yaml +++ b/deploy/docker/docker-compose.yaml @@ -10,35 +10,43 @@ services: ports: - "3000:3000" - "3443:3443" + # - "27017:27017" environment: # enable services - REDIS_ENABLED: "true" - MONGODB_ENABLED: "true" - API_SERVICE_ENABLED: "true" - NODE_SERVICE_ENABLED: "true" - FRONTEND_ENABLED: "true" + LOWCODER_REDIS_ENABLED: "true" + LOWCODER_MONGODB_ENABLED: "true" + # + # Set LOWCODER_MONGODB_EXPOSED to "true" and uncomment mongodb port + # to make internal mongo database accessible from host + # + LOWCODER_MONGODB_EXPOSED: "false" + LOWCODER_API_SERVICE_ENABLED: "true" + LOWCODER_NODE_SERVICE_ENABLED: "true" + LOWCODER_FRONTEND_ENABLED: "true" # generic parameters - PUID: "1000" - PGID: "1000" + LOWCODER_PUID: "1000" + LOWCODER_PGID: "1000" # api-service parameters - DEFAULT_ORGS_PER_USER: 100 - DEFAULT_ORG_MEMBER_COUNT: 1000 - DEFAULT_ORG_GROUP_COUNT: 100 - DEFAULT_ORG_APP_COUNT: 1000 - DEFAULT_DEVELOPER_COUNT: 50 - #MONGODB_URL: "mongodb://lowcoder:secret123@mongodb/lowcoder?authSource=admin" - MONGODB_URL: "mongodb://localhost:27017/lowcoder?authSource=admin" - REDIS_URL: "redis://localhost:6379" - ENABLE_USER_SIGN_UP: "true" + LOWCODER_MAX_ORGS_PER_USER: 100 + LOWCODER_MAX_MEMBERS_PER_ORG: 1000 + LOWCODER_MAX_GROUPS_PER_ORG: 100 + LOWCODER_MAX_APPS_PER_ORG: 1000 + LOWCODER_MAX_DEVELOPERS: 50 + #LOWCODER_MONGODB_URL: "mongodb://lowcoder:secret123@mongodb/lowcoder?authSource=admin" + LOWCODER_MONGODB_URL: "mongodb://localhost:27017/lowcoder?authSource=admin" + LOWCODER_REDIS_URL: "redis://localhost:6379" + LOWCODER_EMAIL_SIGNUP_ENABLED: "true" + LOWCODER_EMAIL_AUTH_ENABLED: "true" + LOWCODER_CREATE_WORKSPACE_ON_SIGNUP: "true" # # ! PLEASE CHANGE THESE TO SOMETHING UNIQUE ! # - # ENCRYPTION_PASSWORD and ENCRYPTION_SALT is used to encrypt sensitive - # data in database so it is important to change the defaults + # LOWCODER_DB_ENCRYPTION_PASSWORD and LOWCODER_DB_ENCRYPTION_SALT is used + # to encrypt sensitive data in database so it is important to change the defaults # - ENCRYPTION_PASSWORD: "lowcoder.org" - ENCRYPTION_SALT: "lowcoder.org" - CORS_ALLOWED_DOMAINS: "*" + LOWCODER_DB_ENCRYPTION_PASSWORD: "lowcoder.org" + LOWCODER_DB_ENCRYPTION_SALT: "lowcoder.org" + LOWCODER_CORS_DOMAINS: "*" # # API-KEY secret - should be a string of at least 32 random characters # - on linux/mac, generate one eg. with: head /dev/urandom | head -c 30 | shasum -a 256 @@ -50,7 +58,7 @@ services: # frontend parameters LOWCODER_MAX_REQUEST_SIZE: 20m LOWCODER_MAX_QUERY_TIMEOUT: 120 - COMMON_WORKSPACE_MODE: SAAS + LOWCODER_WORKSPACE_MODE: SAAS volumes: - ./lowcoder-stacks:/lowcoder-stacks - ./lowcoder-stacks/assets:/lowcoder/assets diff --git a/deploy/docker/frontend/00-change-nginx-user.sh b/deploy/docker/frontend/00-change-nginx-user.sh index 33b993d0f..01a94550f 100644 --- a/deploy/docker/frontend/00-change-nginx-user.sh +++ b/deploy/docker/frontend/00-change-nginx-user.sh @@ -2,8 +2,8 @@ set -e -USER_ID=${PUID:=9001} -GROUP_ID=${PGID:=9001} +USER_ID=${LOWCODER_PUID:=9001} +GROUP_ID=${LOWCODER_PGID:=9001} CLIENT_ROOT=/lowcoder/client # Update ID of lowcoder user if required diff --git a/deploy/docker/node-service/entrypoint.sh b/deploy/docker/node-service/entrypoint.sh index bcb8522eb..67e60a362 100755 --- a/deploy/docker/node-service/entrypoint.sh +++ b/deploy/docker/node-service/entrypoint.sh @@ -2,8 +2,8 @@ set -e -export USER_ID=${PUID:=9001} -export GROUP_ID=${PGID:=9001} +export USER_ID=${LOWCODER_PUID:=9001} +export GROUP_ID=${LOWCODER_PGID:=9001} export API_HOST="${LOWCODER_API_SERVICE_URL:=http://localhost:8080}" # Run init script diff --git a/deploy/helm/templates/api-service/configMap.yaml b/deploy/helm/templates/api-service/configMap.yaml index 09049bc9a..6cbb38ca2 100644 --- a/deploy/helm/templates/api-service/configMap.yaml +++ b/deploy/helm/templates/api-service/configMap.yaml @@ -13,23 +13,25 @@ metadata: {{- end }} data: {{- if .Values.redis.enabled }} - REDIS_URL: "redis://{{ $name }}-redis-master.{{ $nameSpace }}.svc.cluster.local:6379" + LOWCODER_REDIS_URL: "redis://{{ $name }}-redis-master.{{ $nameSpace }}.svc.cluster.local:6379" {{- else }} - REDIS_URL: {{ .Values.redis.externalUrl | quote }} + LOWCODER_REDIS_URL: {{ .Values.redis.externalUrl | quote }} {{- end }} {{- if .Values.global.config.nodeServiceUrl }} LOWCODER_NODE_SERVICE_URL: {{ .Values.global.config.nodeServiceUrl | quote }} {{- else }} LOWCODER_NODE_SERVICE_URL: "http://{{ $name }}-node-service:{{ .Values.nodeService.service.port }}" {{- end }} - PUID: {{ .Values.global.config.userId | default "9001" | quote }} - PGID: {{ .Values.global.config.groupId | default "9001" | quote }} - CORS_ALLOWED_DOMAINS: {{ .Values.global.config.corsAllowedDomains | default "*" | quote }} - ENABLE_USER_SIGN_UP: {{ .Values.global.config.enableUserSignUp | default "true" | quote }} + LOWCODER_PUID: {{ .Values.global.config.userId | default "9001" | quote }} + LOWCODER_PGID: {{ .Values.global.config.groupId | default "9001" | quote }} + LOWCODER_CORS_DOMAINS: {{ .Values.global.config.corsAllowedDomains | default "*" | quote }} + LOWCODER_EMAIL_AUTH_ENABLED: {{ .Values.global.config.enableEmailAuth | default "true" | quote }} + LOWCODER_EMAIL_SIGNUP_ENABLED: {{ .Values.global.config.enableUserSignUp | default "true" | quote }} LOWCODER_MAX_QUERY_TIMEOUT: {{ .Values.global.config.maxQueryTimeout | default "120" | quote }} - DEFAULT_ORGS_PER_USER: {{ .Values.global.defaults.maxOrgsPerUser | default "100" | quote }} - DEFAULT_ORG_MEMBER_COUNT: {{ .Values.global.defaults.maxMembersPerOrg | default "1000" | quote }} - DEFAULT_ORG_GROUP_COUNT: {{ .Values.global.defaults.maxGroupsPerOrg | default "100" | quote }} - DEFAULT_ORG_APP_COUNT: {{ .Values.global.defaults.maxAppsPerOrg | default "1000" | quote }} - DEFAULT_DEVELOPER_COUNT: {{ .Values.global.defaults.maxDevelopers | default "50" | quote }} - COMMON_WORKSPACE_MODE: {{ .Values.global.config.workspaceMode | default "SAAS" | quote }} + LOWCODER_MAX_ORGS_PER_USER: {{ .Values.global.defaults.maxOrgsPerUser | default "100" | quote }} + LOWCODER_MAX_MEMBERS_PER_ORG: {{ .Values.global.defaults.maxMembersPerOrg | default "1000" | quote }} + LOWCODER_MAX_GROUPS_PER_ORG: {{ .Values.global.defaults.maxGroupsPerOrg | default "100" | quote }} + LOWCODER_MAX_APPS_PER_ORG: {{ .Values.global.defaults.maxAppsPerOrg | default "1000" | quote }} + LOWCODER_MAX_DEVELOPERS: {{ .Values.global.defaults.maxDevelopers | default "50" | quote }} + LOWCODER_WORKSPACE_MODE: {{ .Values.global.config.workspaceMode | default "SAAS" | quote }} + LOWCODER_CREATE_WORKSPACE_ON_SIGNUP: {{ .Values.global.config.createWorkspaceOnSignup | default "true" | quote }} diff --git a/deploy/helm/templates/api-service/secrets.yaml b/deploy/helm/templates/api-service/secrets.yaml index dfaba1e9a..d7c134ca1 100644 --- a/deploy/helm/templates/api-service/secrets.yaml +++ b/deploy/helm/templates/api-service/secrets.yaml @@ -16,10 +16,10 @@ metadata: {{- end }} stringData: {{- if .Values.mongodb.enabled }} - MONGODB_URL: "mongodb://{{ $mongoUser }}:{{ $mongoPassword }}@{{ $mongoServicename }}.{{ $nameSpace }}.svc.cluster.local/{{ $lowcoderDatabase }}?retryWrites=true&ssl=false" + LOWCODER_MONGODB_URL: "mongodb://{{ $mongoUser }}:{{ $mongoPassword }}@{{ $mongoServicename }}.{{ $nameSpace }}.svc.cluster.local/{{ $lowcoderDatabase }}?retryWrites=true&ssl=false" {{- else }} - MONGODB_URL: {{ .Values.mongodb.externalUrl | quote }} + LOWCODER_MONGODB_URL: {{ .Values.mongodb.externalUrl | quote }} {{- end }} - ENCRYPTION_PASSWORD: {{ .Values.global.config.encryption.password | default "lowcoder.org" | quote }} - ENCRYPTION_SALT: {{ .Values.global.config.encryption.salt | default "lowcoder.org" | quote }} + ELOWCODER_DB_NCRYPTION_PASSWORD: {{ .Values.global.config.encryption.password | default "lowcoder.org" | quote }} + ELOWCODER_DB_NCRYPTION_SALT: {{ .Values.global.config.encryption.salt | default "lowcoder.org" | quote }} LOWCODER_API_KEY_SECRET: "{{ .Values.global.config.apiKeySecret }}" diff --git a/deploy/helm/templates/frontend/configMap.yaml b/deploy/helm/templates/frontend/configMap.yaml index 6105f80af..a64794c64 100644 --- a/deploy/helm/templates/frontend/configMap.yaml +++ b/deploy/helm/templates/frontend/configMap.yaml @@ -11,8 +11,8 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} data: - PUID: {{ .Values.global.config.userId | default "9001" | quote }} - PGID: {{ .Values.global.config.groupId | default "9001" | quote }} + LOWCODER_PUID: {{ .Values.global.config.userId | default "9001" | quote }} + LOWCODER_PGID: {{ .Values.global.config.groupId | default "9001" | quote }} {{- if .Values.global.config.apiServiceUrl }} LOWCODER_API_SERVICE_URL: {{ .Values.global.config.apiServiceUrl | trimSuffix "/" | quote }} {{- else }} diff --git a/deploy/helm/templates/node-service/configMap.yaml b/deploy/helm/templates/node-service/configMap.yaml index f116edead..a5c150238 100644 --- a/deploy/helm/templates/node-service/configMap.yaml +++ b/deploy/helm/templates/node-service/configMap.yaml @@ -12,8 +12,8 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} data: - PUID: {{ .Values.global.config.userId | default "9001" | quote }} - PGID: {{ .Values.global.config.groupId | default "9001" | quote }} + LOWCODER_PUID: {{ .Values.global.config.userId | default "9001" | quote }} + LOWCODER_PGID: {{ .Values.global.config.groupId | default "9001" | quote }} {{- if .Values.global.config.apiServiceUrl }} LOWCODER_API_SERVICE_URL: {{ .Values.global.config.apiServiceUrl | quote }} {{- else }} diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml index 42d4e8c72..37de9c4f3 100644 --- a/deploy/helm/values.yaml +++ b/deploy/helm/values.yaml @@ -13,10 +13,12 @@ global: config: # This setting sets workspace mode. Possible values: SAAS, ENTERPRISE workspaceMode: SAAS + createWorkspaceOnSignup: true # ID of user and group runnning the service within the container userId: 9001 groupId: 9001 corsAllowedDomains: "*" + enableEmailAuth: true enableUserSignUp: true encryption: password: "lowcoder.org" diff --git a/docs/self-hosting/README.md b/docs/self-hosting/README.md index 8f76e22f5..02d391e84 100644 --- a/docs/self-hosting/README.md +++ b/docs/self-hosting/README.md @@ -136,8 +136,8 @@ For developers who require stateless containers in a cluster environment, we off
- * **mongodb**: Start a new MongoDB instance on your host. You can delete this part and modify the environment variable `MONGODB_URL` of **openblocks-api-service** to use your own MongoDB. - * **redis**: Start a new Redis instance on your host. You can delete this part and modify the environment variable `REDIS_URL` of **openblocks-api-service** to use your own Redis. + * **mongodb**: Start a new MongoDB instance on your host. You can delete this part and modify the environment variable `LOWCODER_MONGODB_URL` of **openblocks-api-service** to use your own MongoDB. + * **redis**: Start a new Redis instance on your host. You can delete this part and modify the environment variable `LOWCODER_REDIS_URL` of **openblocks-api-service** to use your own Redis. * **openblocks-api-service**: Required. * **openblocks-node-service**: Required. * **openblocks-frontend**: Required. Can be optional if you deploy frontend on CDN. @@ -199,16 +199,16 @@ By default Lowcoder uses the built-in MongoDB and Redis installed inside the con {% tabs %} {% tab title="Docker-Compose" %} -Add environment variables `MONGODB_URL` and `REDIS_URL` in `docker-compose.yml` downloaded in your working directory.\ +Add environment variables `LOWCODER_MONGODB_URL` and `LOWCODER_REDIS_URL` in `docker-compose.yml` downloaded in your working directory.\ {% endtab %} {% tab title="Docker" %} -Add environment variables `MONGODB_URL` and `REDIS_URL` to the deployment command, as shown below: +Add environment variables `LOWCODER_MONGODB_URL` and `LOWCODER_REDIS_URL` to the deployment command, as shown below: {% code overflow="wrap" %} ```bash -docker run -d --name openblocks -e MONGODB_URL=YOUR_MONGODB_URL REDIS_URL=YOUR_REDIS_URL -p 3000:3000 -v "$PWD/stacks:/openblocks-stacks lowcoderorg/lowcoder-ce +docker run -d --name openblocks -e LOWCODER_MONGODB_URL=YOUR_MONGODB_URL LOWCODER_REDIS_URL=YOUR_REDIS_URL -p 3000:3000 -v "$PWD/stacks:/openblocks-stacks lowcoderorg/lowcoder-ce ``` {% endcode %} {% endtab %} diff --git a/server/api-service/lowcoder-server/src/main/resources/selfhost/ce/application-selfhost.yml b/server/api-service/lowcoder-server/src/main/resources/selfhost/ce/application-selfhost.yml index e35938de4..1b9273fb2 100644 --- a/server/api-service/lowcoder-server/src/main/resources/selfhost/ce/application-selfhost.yml +++ b/server/api-service/lowcoder-server/src/main/resources/selfhost/ce/application-selfhost.yml @@ -1,23 +1,15 @@ common: encrypt: - password: ${ENCRYPTION_PASSWORD:lowcoder.org} - salt: ${ENCRYPTION_SALT:lowcoder.org} + password: ${LOWCODER_DB_ENCRYPTION_PASSWORD:lowcoder.org} + salt: ${LOWCODER_DB_ENCRYPTION_SALT:lowcoder.org} security: - corsAllowedDomainString: ${CORS_ALLOWED_DOMAINS:*} + corsAllowedDomainString: ${LOWCODER_CORS_DOMAINS:*} workspace: - mode: ENTERPRISE - -auth: - api-key: - secret: ${LOWCODER_API_KEY_SECRET:123456789101112131415123456789101112131415123456789101112131415123456789101112131415} - email: - enable: ${LOGIN_CHANNEL_EMAIL:true} - enable-register: ${ENABLE_USER_SIGN_UP:true} - workspace-creation: ${LOWCODER_CREATE_SIGNUP_WORKSPACE:true} + mode: ${LOWCODER_WORKSPACE_MODE:SAAS} spring: data: mongodb: - uri: ${MONGODB_URL:mongodb://localhost:27017/lowcoder?socketTimeoutMS=5000} + uri: ${LOWCODER_MONGODB_URL:mongodb://localhost:27017/lowcoder?socketTimeoutMS=5000} redis: - url: ${REDIS_URL:redis://localhost:6379} + url: ${LOWCODER_REDIS_URL:redis://localhost:6379} diff --git a/server/api-service/lowcoder-server/src/main/resources/selfhost/ce/application.yml b/server/api-service/lowcoder-server/src/main/resources/selfhost/ce/application.yml index c39b5350b..df8301982 100644 --- a/server/api-service/lowcoder-server/src/main/resources/selfhost/ce/application.yml +++ b/server/api-service/lowcoder-server/src/main/resources/selfhost/ce/application.yml @@ -2,9 +2,9 @@ auth: api-key: secret: ${LOWCODER_API_KEY_SECRET:5a41b090758b39b226603177ef48d73ae9839dd458ccb7e66f7e7cc028d5a50b} email: - enable: true - enable-register: ${ENABLE_USER_SIGN_UP:true} - workspace-creation: ${LOWCODER_CREATE_SIGNUP_WORKSPACE:true} + enable: ${LOWCODER_EMAIL_AUTH_ENABLED:true} + enable-register: ${LOWCODER_EMAIL_SIGNUP_ENABLED:true} + workspace-creation: ${LOWCODER_CREATE_WORKSPACE_ON_SIGNUP:true} spring: data: @@ -29,12 +29,12 @@ server: shutdown: graceful default: - orgs-per-user: 100 - org-member-count: 1000 - org-group-count: 100 - org-app-count: 1000 - developer-count: 50 - api-rate-limit: 50 + orgs-per-user: ${LOWCODER_MAX_ORGS_PER_USER:100} + org-member-count: ${LOWCODER_MAX_MEMBERS_PER_ORG:1000} + org-group-count: ${LOWCODER_MAX_GROUPS_PER_ORG:100} + org-app-count: ${LOWCODER_MAX_APPS_PER_ORG:1000} + developer-count: ${LOWCODER_MAX_DEVELOPERS:50} + api-rate-limit: ${LOWCODER_API_RATE_LIMIT:50} common: cookie-name: LOWCODER_CE_SELFHOST_TOKEN @@ -51,6 +51,8 @@ common: max-query-response-size: ${LOWCODER_MAX_REQUEST_SIZE:20m} max-upload-size: ${LOWCODER_MAX_REQUEST_SIZE:20m} max-query-timeout: ${LOWCODER_MAX_QUERY_TIMEOUT:120} + workspace: + mode: ${LOWCODER_WORKSPACE_MODE:SAAS} material: mongodb-grid-fs: From 27ca2d4f2382a3e6615e0806344d947001c6efbb Mon Sep 17 00:00:00 2001 From: Ludo Mikula Date: Mon, 15 Jan 2024 16:46:35 +0100 Subject: [PATCH 2/2] new: rename and consolidate environment variables --- deploy/docker/all-in-one/entrypoint.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/docker/all-in-one/entrypoint.sh b/deploy/docker/all-in-one/entrypoint.sh index 3645ac4b2..84281fc71 100644 --- a/deploy/docker/all-in-one/entrypoint.sh +++ b/deploy/docker/all-in-one/entrypoint.sh @@ -19,10 +19,10 @@ fi; # Update host on which mongo is supposed to listen # If LOWCODER_MONGODB_EXPOSED is true, it will isten on all interfaces -if [[ "${LOWCODER_MONGODB_EXPOSED}" =~ [Tt][Rr][Uu][Ee] ]]; then +if [ "${LOWCODER_MONGODB_EXPOSED}" = "true" ]; then export MONGO_LISTEN_HOST="0.0.0.0" else - export MONGO_LISTEN_HOST="localhost" + export MONGO_LISTEN_HOST="127.0.0.1" fi; LOGS="/lowcoder-stacks/logs"