From fed80f211781257f6d54c70dd8957bdcbef179c8 Mon Sep 17 00:00:00 2001 From: "Pierrick Brun (Akretion)" Date: Tue, 30 Nov 2021 12:15:27 +0100 Subject: [PATCH 1/2] [FIX] PG env use the DB_ vars like intended in the container --- ci.docker-compose.yml | 8 ++------ clear-ci.secrets.docker-compose.yml | 5 +++-- clear-prod.secrets.docker-compose.yml | 8 +++++--- docker-compose.yml | 5 ++++- prod.docker-compose.yml | 9 ++------- 5 files changed, 16 insertions(+), 19 deletions(-) diff --git a/ci.docker-compose.yml b/ci.docker-compose.yml index 30898d3..336856a 100644 --- a/ci.docker-compose.yml +++ b/ci.docker-compose.yml @@ -11,11 +11,7 @@ services: - SENTRY=True - PGSSLMODE=require - DB_NAME=${BUILD_NAME} - - PGDATABASE=${BUILD_NAME} - - DB_USER=${CI_PROJECT_NAME} - - PGUSER=${CI_PROJECT_NAME} - - DB_HOST=pgci.home.arpa - - PGHOST=pgci.home.arpa + - DB_HOST=TODO labels: - "traefik.enable=true" - "traefik.http.routers.${COMPOSE_PROJECT_NAME}.rule=Host(`${DOMAIN}`)" @@ -41,4 +37,4 @@ volumes: networks: traefik: external: true -version: '3.7' \ No newline at end of file +version: '3.7' diff --git a/clear-ci.secrets.docker-compose.yml b/clear-ci.secrets.docker-compose.yml index b2d4b88..f04e794 100644 --- a/clear-ci.secrets.docker-compose.yml +++ b/clear-ci.secrets.docker-compose.yml @@ -1,11 +1,12 @@ # never commit this file # only to set secrets -# encrypt me with sops --age $KEYGENERATEDINCI --encrypt clear-ci.secrets.docker-compose.yml > ci.secrets.docker-compose.yml +# encrypt me with: +# sops --age $KEYGENERATEDINCI --encrypt clear-ci.secrets.docker-compose.yml > ci.secrets.docker-compose.yml # The sops public key ($KEYGENERATEDINCI) can be found in ~gitlab-runner/.config/sops/age/keys.txt +>>>>>>> 079c2c9 (fixup! [FIX] PGPASSWORD -> DB_PASSWORD) version: "3.7" services: odoo: environment: - DB_PASSWORD= - - PGPASSWORD= - ENCRYPTION_KEY_CI= diff --git a/clear-prod.secrets.docker-compose.yml b/clear-prod.secrets.docker-compose.yml index fc19d1f..56a92e1 100644 --- a/clear-prod.secrets.docker-compose.yml +++ b/clear-prod.secrets.docker-compose.yml @@ -1,10 +1,12 @@ # never commit this file -# only to set secrets -# encrypt me with sops --age $KEYGENERATEDINCI --encrypt clear-prod.secrets.docker-compose.yml > prod.secrets.docker-compose.yml +# only used to set secrets +# encrypt me with: +# sops --age $KEYGENERATEDINPROD --encrypt clear-prod.secrets.docker-compose.yml > prod.secrets.docker-compose.yml +# The sops public key ($KEYGENERATEDINPROD) can be found in ~app/.config/sops/age/keys.txt version: "3.7" services: odoo: environment: - DB_PASSWORD= - - PGPASSWORD= - ENCRYPTION_KEY_CI= + - ENCRYPTION_KEY_PROD= diff --git a/docker-compose.yml b/docker-compose.yml index f436634..20b5f94 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,6 +5,9 @@ services: - LOCAL_USER_ID=$UID - RUNNING_ENV=$ENV - MARABUNTA_MODE=demo + - DB_USER=$PGUSER + - DB_HOST=$PGHOST + - DB_NAME=$PGDATABASE - SERVER_WIDE_MODULES=web #,queue_job,sentry? - QUEUE_JOB_CHANNELS= @@ -21,4 +24,4 @@ services: labels: docky.main.service: true docky.user: odoo -version: '3.7' \ No newline at end of file +version: '3.7' diff --git a/prod.docker-compose.yml b/prod.docker-compose.yml index f850de5..b700f30 100644 --- a/prod.docker-compose.yml +++ b/prod.docker-compose.yml @@ -5,15 +5,10 @@ services: environment: - MARABUNTA_MODE=prod - ADDONS_PATH=/odoo/links,/odoo/local-src,/odoo/src/odoo/addons,/odoo/src/addons - - ODOO_BASE_URL=TODO + - ODOO_BASE_URL=https://TODO - SENTRY=True - PGSSLMODE=require - - DB_NAME=TODO - - PGDATABASE=TODO - - DB_USER=TODO - - PGUSER=TODO - - DB_HOST=TODO - - PGHOST=TODO + - DB_NAME=${COMPOSE_PROJECT_NAME} volumes: - ~/data/${COMPOSE_PROJECT_NAME}/addons:/data/odoo/addons - ~/data/${COMPOSE_PROJECT_NAME}/filestore:/data/odoo/filestore From 7ad119c2660981cfc99e0b6fc725c5cf82097714 Mon Sep 17 00:00:00 2001 From: Pierrick Brun Date: Tue, 28 Jun 2022 15:21:23 +0200 Subject: [PATCH 2/2] fixup! [FIX] PG env use the DB_ vars like intended in the container --- ci.docker-compose.yml | 1 - clear-ci.secrets.docker-compose.yml | 3 ++- clear-prod.secrets.docker-compose.yml | 3 +++ docker-compose.yml | 3 --- prod.docker-compose.yml | 1 - 5 files changed, 5 insertions(+), 6 deletions(-) diff --git a/ci.docker-compose.yml b/ci.docker-compose.yml index 336856a..6cbb456 100644 --- a/ci.docker-compose.yml +++ b/ci.docker-compose.yml @@ -11,7 +11,6 @@ services: - SENTRY=True - PGSSLMODE=require - DB_NAME=${BUILD_NAME} - - DB_HOST=TODO labels: - "traefik.enable=true" - "traefik.http.routers.${COMPOSE_PROJECT_NAME}.rule=Host(`${DOMAIN}`)" diff --git a/clear-ci.secrets.docker-compose.yml b/clear-ci.secrets.docker-compose.yml index f04e794..491704c 100644 --- a/clear-ci.secrets.docker-compose.yml +++ b/clear-ci.secrets.docker-compose.yml @@ -3,10 +3,11 @@ # encrypt me with: # sops --age $KEYGENERATEDINCI --encrypt clear-ci.secrets.docker-compose.yml > ci.secrets.docker-compose.yml # The sops public key ($KEYGENERATEDINCI) can be found in ~gitlab-runner/.config/sops/age/keys.txt ->>>>>>> 079c2c9 (fixup! [FIX] PGPASSWORD -> DB_PASSWORD) version: "3.7" services: odoo: environment: + - DB_USER= + - DB_HOST= - DB_PASSWORD= - ENCRYPTION_KEY_CI= diff --git a/clear-prod.secrets.docker-compose.yml b/clear-prod.secrets.docker-compose.yml index 56a92e1..ccca081 100644 --- a/clear-prod.secrets.docker-compose.yml +++ b/clear-prod.secrets.docker-compose.yml @@ -7,6 +7,9 @@ version: "3.7" services: odoo: environment: + - DB_USER= + - DB_HOST= + - DB_NAME= - DB_PASSWORD= - ENCRYPTION_KEY_CI= - ENCRYPTION_KEY_PROD= diff --git a/docker-compose.yml b/docker-compose.yml index 20b5f94..6795632 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,9 +5,6 @@ services: - LOCAL_USER_ID=$UID - RUNNING_ENV=$ENV - MARABUNTA_MODE=demo - - DB_USER=$PGUSER - - DB_HOST=$PGHOST - - DB_NAME=$PGDATABASE - SERVER_WIDE_MODULES=web #,queue_job,sentry? - QUEUE_JOB_CHANNELS= diff --git a/prod.docker-compose.yml b/prod.docker-compose.yml index b700f30..18aeeec 100644 --- a/prod.docker-compose.yml +++ b/prod.docker-compose.yml @@ -8,7 +8,6 @@ services: - ODOO_BASE_URL=https://TODO - SENTRY=True - PGSSLMODE=require - - DB_NAME=${COMPOSE_PROJECT_NAME} volumes: - ~/data/${COMPOSE_PROJECT_NAME}/addons:/data/odoo/addons - ~/data/${COMPOSE_PROJECT_NAME}/filestore:/data/odoo/filestore