simpler

recipes/discourse/crud.sh

@@ -17,9 +17,9 @@ function _create() {
     echo "creating discourse instance for <$shortname> ... "
     echo "initialize discourse $shortname $longname ... OK"
 
-    admin_username=$(load_yaml_from_expanded services[\""$domain"\"][\""$subdomain"\"].data.discourse.admin.username)
-    admin_email=$(load_yaml_from_expanded services[\""$domain"\"][\""$subdomain"\"].data.discourse.admin.email)
-    admin_password=$(load_yaml_from_expanded services[\""$domain"\"][\""$subdomain"\"].data.discourse.admin.password)
+    admin_username=$(load_yaml_from_expanded services[\""$domain"\"][\""$subdomain"\"].data.admin.username)
+    admin_email=$(load_yaml_from_expanded services[\""$domain"\"][\""$subdomain"\"].data.admin.email)
+    admin_password=$(load_yaml_from_expanded services[\""$domain"\"][\""$subdomain"\"].data.admin.password)
     redis_password=$(load_yaml_from_expanded credential.redis)
 
     mkdir -p "$MIAOU_CONFIGDIR/apps/discourse"

scripts/miaou

@@ -173,19 +173,17 @@ function build_routes() {
     for i in "${fqdns[@]}"; do
         raw_dnsmasq+="address=/$i/$DMZ_IP\\n"
         # append domains to conf
-        echo "re-routing any connection from <$i> to internal container <$DMZ_CONTAINER.lxd>"
+        echo "re-routing any connection from https://$i to internal container <$DMZ_CONTAINER.lxd>"
     done
 
     builtin echo -e "$raw_dnsmasq" >"$MIAOU_CONFIGDIR/dnsmasq/raw.new"
     lxc network get $BRIDGE raw.dnsmasq | head -n-1 >"$MIAOU_CONFIGDIR/dnsmasq/raw.old"
 
-    if ! diff -q "$MIAOU_CONFIGDIR/dnsmasq/raw.old" "$MIAOU_CONFIGDIR/dnsmasq/raw.new"; then
-        echo "reload dnsmasq"
+    if ! diff -q "$MIAOU_CONFIGDIR/dnsmasq/raw.old" "$MIAOU_CONFIGDIR/dnsmasq/raw.new" &>/dev/null; then
+        echo -n "new routes detected, reloading dnsmasq + nftables..."
         builtin echo -e "$raw_dnsmasq" | lxc network set $BRIDGE raw.dnsmasq -
-        echo "reload nftables"
         sudo systemctl reload nftables.service
-    else
-        echo "no changes"
+        PREFIX="" echoinfo OK
     fi
 }
 
@@ -322,7 +320,7 @@ function build_monit() {
 
         if ! curl_check_unsecure "https://$fqdn"; then
             PREFIX='' echo
-            echoerr "DMZ does not seem to dispatch <https://$fqdn> please review DMZ Nginx proxy"
+            echoerr "DMZ does not seem to dispatch https://$fqdn please review DMZ Nginx proxy"
             exit 3
         elif [[ "$target" != 'dev' ]] && ! curl_check "https://$fqdn"; then
             PREFIX='' echo
@@ -532,7 +530,7 @@ readonly CONF="/etc/miaou/miaou.yaml"
 readonly DEFAULTS="/etc/miaou/defaults.yaml"
 readonly EXPANDED_CONF="$MIAOU_CONFIGDIR/miaou.expanded.yaml"
 readonly BRIDGE="lxdbr0"
-readonly MAX_WAIT=3 # timeout in seconds
+readonly MAX_WAIT=5 # timeout in seconds
 
 # shellcheck disable=SC2034
 declare -a options=("$@")

templates/apps/discourse/forum.yml.j2

@@ -22,12 +22,12 @@ env:
 
   DOCKER_USE_HOSTNAME: true
 
-  DISCOURSE_SMTP_ADDRESS: {{ services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.discourse.smtp.server }}
-  DISCOURSE_SMTP_PORT: {{ services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.discourse.smtp.port }}
-  DISCOURSE_SMTP_USER_NAME: {{ services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.discourse.smtp.username }}
-  DISCOURSE_SMTP_PASSWORD: {{ services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.discourse.smtp.password }}
+  DISCOURSE_SMTP_ADDRESS: {{ services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.smtp.server }}
+  DISCOURSE_SMTP_PORT: {{ services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.smtp.port }}
+  DISCOURSE_SMTP_USER_NAME: {{ services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.smtp.username }}
+  DISCOURSE_SMTP_PASSWORD: {{ services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.smtp.password }}
 
-  DISCOURSE_DEVELOPER_EMAILS: {{ services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.discourse.admin.email }}
+  DISCOURSE_DEVELOPER_EMAILS: {{ services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.admin.email }}
   DISCOURSE_NOTIFICATION_EMAIL: noreply@{{ env.APP_DOMAIN }}
  
   DISCOURSE_DB_NAME: {{ env.APP_NAME }}
@@ -54,8 +54,8 @@ hooks:
         cd: $home/plugins
         cmd:
           - git clone https://github.com/discourse/docker_manager.git
-          {%- if services[env.APP_DOMAIN][env.APP_SUBDOMAIN]['data']['discourse']['plugins'] %}
-            {%- for plugin in services[env.APP_DOMAIN][env.APP_SUBDOMAIN]['data']['discourse']['plugins'] %}
+          {%- if services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.plugins %}
+            {%- for plugin in services[env.APP_DOMAIN][env.APP_SUBDOMAIN].data.plugins %}
           - git clone {{ plugin }}
             {%- endfor %}
           {%- endif %}

templates/nginx/hosts.j2

@@ -19,6 +19,7 @@ server {
 		proxy_http_version 1.1;
 		proxy_set_header X-Real-IP $remote_addr;
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto https;
 		proxy_set_header Host $http_host;
 		proxy_set_header Upgrade $http_upgrade;
 		proxy_set_header Connection "upgrade";