ocelot-Social-Community/Ocelot-Social
1
0
Fork 0
mirror of https://github.com/Ocelot-Social-Community/Ocelot-Social.git synced 2025-12-12 23:35:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add 'deployment/' from commit '47fbabf1b428a7b6d0d70ca0015ee55ddeb70b42'

Browse Source 
git-subtree-dir: deployment
git-subtree-mainline: 284b7cc0f94be3338d3d7fd16ed91dd2abdfa4ba
git-subtree-split: 47fbabf1b428a7b6d0d70ca0015ee55ddeb70b42
This commit is contained in:
Ulf Gebhardt 2023-02-15 11:43:23 +01:00
commit 0c90782206
177 changed files with 8163 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
deployment/.github/ISSUE_TEMPLATE/---bug-report.md vendored Normal file
View File

@ -0,0 +1,11 @@
---
name: "\U0001F41B Bug Report"
about: Create a report to help us improve
title: "\U0001F41B [Bug] XXX"
labels: bug
assignees: ''
---
## :bug: Bug Report
<!-- Describe your issue in detail. Include screenshots if needed. Give us as much information as possible. Use a clear and concise description of what the bug is.-->

11
deployment/.github/ISSUE_TEMPLATE/---devops-ticket.md vendored Normal file
View File

@ -0,0 +1,11 @@
---
name: "\U0001F4A5 DevOps Ticket"
about: Help us manage our deployed app.
title: "\U0001F4A5 [DevOps] XXX"
labels: ''
assignees: ''
---
## 💥 DevOps Ticket
<!-- Describe your issue in detail. Include screenshots if needed. Give us as much information as possible. Use a clear and concise description of what the problem is.-->

15
deployment/.github/ISSUE_TEMPLATE/---epic.md vendored Normal file
View File

@ -0,0 +1,15 @@
---
name: "\U0001F31F Epic"
about: Define a big development step.
title: "\U0001F31F [EPIC] XXX"
labels: ''
assignees: ''
---
<!-- THIS ISSUE-TYPE IS NOT FOR YOU! -->
<!-- If you need an answer right away, visit the ocelot.social Discord:
https://discord.gg/AJSX9DCSUA -->
## 🌟 EPIC
<!-- Describe your Epic in detail. Include screenshots and drawings -->

11
deployment/.github/ISSUE_TEMPLATE/---feature-request.md vendored Normal file
View File

@ -0,0 +1,11 @@
---
name: "\U0001F680 Feature Request"
about: Suggest an idea for this project.
title: "\U0001F680 [Feature] XXX"
labels: enhancement
assignees: ''
---
## :rocket: Feature Request
<!-- Give a short summary of the Feature. Use Screenshots if you want. -->

15
deployment/.github/ISSUE_TEMPLATE/---question.md vendored Normal file
View File

@ -0,0 +1,15 @@
---
name: "\U0001F4AC Question"
about: If you need help understanding ocelot.social.
title: "\U0001F4AC [Question] XXX"
labels: ''
assignees: ''
---
<!-- Chat with ocelot.social team -->
<!-- If you need an answer right away, visit the ocelot.social Discord:
https://discord.gg/AJSX9DCSUA -->
## 💬 Question
<!-- Describe your Question in detail. Include screenshots and drawings if needed. -->

11
deployment/.github/ISSUE_TEMPLATE/---refactor.md vendored Normal file
View File

@ -0,0 +1,11 @@
---
name: "\U0001F527 Refactor"
about: Help us improve our code by refactoring it.
title: "\U0001F527 [Refactor] XXX"
labels: enhancement
assignees: ''
---
## 🔧 Refactor
<!-- Describe your issue in detail. Include screenshots if needed. Give us as much information as possible. Use a clear and concise description of what the problem is.-->

10
deployment/.github/ISSUE_TEMPLATE/custom.md vendored Normal file
View File

@ -0,0 +1,10 @@
---
name: Custom issue template
about: Describe this issue template's purpose here.
title: ''
labels: ''
assignees: ''
---

315
deployment/.github/workflows/publish.yml vendored Normal file
View File

@ -0,0 +1,315 @@
name: ocelot.social publish branded CI
on:
push:
branches:
- master
# - 79-fix-implementation-of-overwriting-locales # for testing while developing
jobs:
##############################################################################
# JOB: DOCKER BUILD COMMUNITY NEO4J ##########################################
##############################################################################
build_branded_neo4j:
name: Docker Build Branded - Neo4j Community
runs-on: ubuntu-latest
#needs: [nothing]
steps:
##########################################################################
# CHECKOUT CODE ##########################################################
##########################################################################
- name: Checkout code
uses: actions/checkout@v2
##########################################################################
# SET ENVS ###############################################################
##########################################################################
- name: ENV - VERSION
run: echo "VERSION=$(node -p -e "require('./package.json').version")" >> $GITHUB_ENV
- name: ENV - BUILD_DATE
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
- name: ENV - OCELOT_DOCKER_VERSION_TAG
run: echo "OCELOT_DOCKER_VERSION_TAG=$(node -p -e "require('./package.json').ocelotDockerVersionTag")" >> $GITHUB_ENV
- name: ENV - DOCKER_ORGANISATION
run: echo "DOCKER_ORGANISATION=$(node -p -e "require('./package.json').dockerOrganisation")" >> $GITHUB_ENV
# this is based on the node Docker version tag "node:12.19.0-alpine3.10" and looks like "app-branded:1.0.2-3-ocelot.social1.0.2-79"
- name: ENV - BUILD_VERSION
run: echo "BUILD_VERSION=${VERSION}-${GITHUB_RUN_NUMBER}-ocelot.social${OCELOT_DOCKER_VERSION_TAG}" >> $GITHUB_ENV
- name: ENV - BUILD_COMMIT
run: echo "BUILD_COMMIT=${GITHUB_SHA}" >> $GITHUB_ENV
##########################################################################
# BUILD NEO4J DOCKER IMAGE (community-branded) ###########################
##########################################################################
- name: Neo4j | Build `community-branded` image
run: |
docker build --target community-branded -t "${DOCKER_ORGANISATION}/neo4j-community-branded:latest" -t "${DOCKER_ORGANISATION}/neo4j-community-branded:${VERSION}" -t "${DOCKER_ORGANISATION}/neo4j-community-branded:${BUILD_VERSION}" -f docker/neo4j.Dockerfile --build-arg "APP_IMAGE_TAG=${OCELOT_DOCKER_VERSION_TAG}" .
docker save "${DOCKER_ORGANISATION}/neo4j-community-branded" > /tmp/neo4j-community-branded.tar
- name: Upload Artifact
uses: actions/upload-artifact@v2
with:
name: docker-neo4j-community-branded
path: /tmp/neo4j-community-branded.tar
##############################################################################
# JOB: DOCKER BUILD BRANDED BACKEND ##########################################
##############################################################################
build_branded_backend:
name: Docker Build Branded - Backend
runs-on: ubuntu-latest
#needs: [nothing]
steps:
##########################################################################
# CHECKOUT CODE ##########################################################
##########################################################################
- name: Checkout code
uses: actions/checkout@v2
##########################################################################
# SET ENVS ###############################################################
##########################################################################
- name: ENV - VERSION
run: echo "VERSION=$(node -p -e "require('./package.json').version")" >> $GITHUB_ENV
- name: ENV - BUILD_DATE
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
- name: ENV - OCELOT_DOCKER_VERSION_TAG
run: echo "OCELOT_DOCKER_VERSION_TAG=$(node -p -e "require('./package.json').ocelotDockerVersionTag")" >> $GITHUB_ENV
- name: ENV - DOCKER_ORGANISATION
run: echo "DOCKER_ORGANISATION=$(node -p -e "require('./package.json').dockerOrganisation")" >> $GITHUB_ENV
# this is based on the node Docker version tag "node:12.19.0-alpine3.10" and looks like "app-branded:1.0.2-3-ocelot.social1.0.2-79"
- name: ENV - BUILD_VERSION
run: echo "BUILD_VERSION=${VERSION}-${GITHUB_RUN_NUMBER}-ocelot.social${OCELOT_DOCKER_VERSION_TAG}" >> $GITHUB_ENV
- name: ENV - BUILD_COMMIT
run: echo "BUILD_COMMIT=${GITHUB_SHA}" >> $GITHUB_ENV
##########################################################################
# BUILD BACKEND DOCKER IMAGE (branded) ################################
##########################################################################
- name: Backend | Build `branded` image
run: |
docker build --target branded -t "${DOCKER_ORGANISATION}/backend-branded:latest" -t "${DOCKER_ORGANISATION}/backend-branded:${VERSION}" -t "${DOCKER_ORGANISATION}/backend-branded:${BUILD_VERSION}" -f docker/backend.Dockerfile --build-arg "APP_IMAGE_TAG_CODE=${OCELOT_DOCKER_VERSION_TAG}-code" --build-arg "APP_IMAGE_TAG_BASE=${OCELOT_DOCKER_VERSION_TAG}-base" .
docker save "${DOCKER_ORGANISATION}/backend-branded" > /tmp/backend-branded.tar
- name: Upload Artifact
uses: actions/upload-artifact@v2
with:
name: docker-backend-branded
path: /tmp/backend-branded.tar
##############################################################################
# JOB: DOCKER BUILD BRANDED WEBAPP ###########################################
##############################################################################
build_branded_webapp:
name: Docker Build Branded - WebApp
runs-on: ubuntu-latest
#needs: [nothing]
steps:
##########################################################################
# CHECKOUT CODE ##########################################################
##########################################################################
- name: Checkout code
uses: actions/checkout@v2
##########################################################################
# SET ENVS ###############################################################
##########################################################################
- name: ENV - VERSION
run: echo "VERSION=$(node -p -e "require('./package.json').version")" >> $GITHUB_ENV
- name: ENV - BUILD_DATE
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
- name: ENV - OCELOT_DOCKER_VERSION_TAG
run: echo "OCELOT_DOCKER_VERSION_TAG=$(node -p -e "require('./package.json').ocelotDockerVersionTag")" >> $GITHUB_ENV
- name: ENV - DOCKER_ORGANISATION
run: echo "DOCKER_ORGANISATION=$(node -p -e "require('./package.json').dockerOrganisation")" >> $GITHUB_ENV
# this is based on the node Docker version tag "node:12.19.0-alpine3.10" and looks like "app-branded:1.0.2-3-ocelot.social1.0.2-79"
- name: ENV - BUILD_VERSION
run: echo "BUILD_VERSION=${VERSION}-${GITHUB_RUN_NUMBER}-ocelot.social${OCELOT_DOCKER_VERSION_TAG}" >> $GITHUB_ENV
- name: ENV - BUILD_COMMIT
run: echo "BUILD_COMMIT=${GITHUB_SHA}" >> $GITHUB_ENV
##########################################################################
# BUILD WEBAPP DOCKER IMAGE (build) ######################################
##########################################################################
- name: Webapp | Build `branded` image
run: |
docker build --target branded -t "${DOCKER_ORGANISATION}/webapp-branded:latest" -t "${DOCKER_ORGANISATION}/webapp-branded:${VERSION}" -t "${DOCKER_ORGANISATION}/webapp-branded:${BUILD_VERSION}" -f docker/webapp.Dockerfile --build-arg "APP_IMAGE_TAG_CODE=${OCELOT_DOCKER_VERSION_TAG}-code" --build-arg "APP_IMAGE_TAG_BASE=${OCELOT_DOCKER_VERSION_TAG}-base" .
docker save "${DOCKER_ORGANISATION}/webapp-branded" > /tmp/webapp-branded.tar
- name: Upload Artifact
uses: actions/upload-artifact@v2
with:
name: docker-webapp-branded
path: /tmp/webapp-branded.tar
##############################################################################
# JOB: DOCKER BUILD BRANDED MAINTENANCE ######################################
##############################################################################
build_branded_maintenance:
name: Docker Build Branded - Maintenance
runs-on: ubuntu-latest
#needs: [nothing]
steps:
##########################################################################
# CHECKOUT CODE ##########################################################
##########################################################################
- name: Checkout code
uses: actions/checkout@v2
##########################################################################
# SET ENVS ###############################################################
##########################################################################
- name: ENV - VERSION
run: echo "VERSION=$(node -p -e "require('./package.json').version")" >> $GITHUB_ENV
- name: ENV - BUILD_DATE
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
- name: ENV - OCELOT_DOCKER_VERSION_TAG
run: echo "OCELOT_DOCKER_VERSION_TAG=$(node -p -e "require('./package.json').ocelotDockerVersionTag")" >> $GITHUB_ENV
- name: ENV - DOCKER_ORGANISATION
run: echo "DOCKER_ORGANISATION=$(node -p -e "require('./package.json').dockerOrganisation")" >> $GITHUB_ENV
# this is based on the node Docker version tag "node:12.19.0-alpine3.10" and looks like "app-branded:1.0.2-3-ocelot.social1.0.2-79"
- name: ENV - BUILD_VERSION
run: echo "BUILD_VERSION=${VERSION}-${GITHUB_RUN_NUMBER}-ocelot.social${OCELOT_DOCKER_VERSION_TAG}" >> $GITHUB_ENV
- name: ENV - BUILD_COMMIT
run: echo "BUILD_COMMIT=${GITHUB_SHA}" >> $GITHUB_ENV
##########################################################################
# BUILD MAINTENANCE DOCKER IMAGE (build) #################################
##########################################################################
- name: Maintenance | Build `branded` image
run: |
docker build --target branded -t "${DOCKER_ORGANISATION}/maintenance-branded:latest" -t "${DOCKER_ORGANISATION}/maintenance-branded:${VERSION}" -t "${DOCKER_ORGANISATION}/maintenance-branded:${BUILD_VERSION}" -f docker/maintenance.Dockerfile --build-arg "APP_IMAGE_TAG_CODE=${OCELOT_DOCKER_VERSION_TAG}-code" --build-arg "APP_IMAGE_TAG_BASE=${OCELOT_DOCKER_VERSION_TAG}-base" .
docker save "${DOCKER_ORGANISATION}/maintenance-branded" > /tmp/maintenance-branded.tar
- name: Upload Artifact
uses: actions/upload-artifact@v2
with:
name: docker-maintenance-branded
path: /tmp/maintenance-branded.tar
##############################################################################
# JOB: UPLOAD TO DOCKERHUB ###################################################
##############################################################################
upload_to_dockerhub:
name: Upload to Dockerhub
runs-on: ubuntu-latest
needs: [build_branded_neo4j,build_branded_backend,build_branded_webapp,build_branded_maintenance]
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
steps:
##########################################################################
# CHECKOUT CODE ##########################################################
##########################################################################
- name: Checkout code
uses: actions/checkout@v2
##########################################################################
# SET ENVS ###############################################################
##########################################################################
- name: ENV - VERSION
run: echo "VERSION=$(node -p -e "require('./package.json').version")" >> $GITHUB_ENV
- name: ENV - BUILD_DATE
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
- name: ENV - OCELOT_DOCKER_VERSION_TAG
run: echo "OCELOT_DOCKER_VERSION_TAG=$(node -p -e "require('./package.json').ocelotDockerVersionTag")" >> $GITHUB_ENV
- name: ENV - DOCKER_ORGANISATION
run: echo "DOCKER_ORGANISATION=$(node -p -e "require('./package.json').dockerOrganisation")" >> $GITHUB_ENV
# this is based on the node Docker version tag "node:12.19.0-alpine3.10" and looks like "app-branded:1.0.2-3-ocelot.social1.0.2-79"
- name: ENV - BUILD_VERSION
run: echo "BUILD_VERSION=${VERSION}-${GITHUB_RUN_NUMBER}-ocelot.social${OCELOT_DOCKER_VERSION_TAG}" >> $GITHUB_ENV
- name: ENV - BUILD_COMMIT
run: echo "BUILD_COMMIT=${GITHUB_SHA}" >> $GITHUB_ENV
##########################################################################
# DOWNLOAD DOCKER IMAGES #################################################
##########################################################################
# Neo4j Community
- name: Download Docker Image (Neo4j Community)
uses: actions/download-artifact@v2
with:
name: docker-neo4j-community-branded
path: /tmp
- name: Load Docker Image
run: docker load < /tmp/neo4j-community-branded.tar
# Backend
- name: Download Docker Image (Backend)
uses: actions/download-artifact@v2
with:
name: docker-backend-branded
path: /tmp
- name: Load Docker Image
run: docker load < /tmp/backend-branded.tar
# Webapp
- name: Download Docker Image (Webapp)
uses: actions/download-artifact@v2
with:
name: docker-webapp-branded
path: /tmp
- name: Load Docker Image
run: docker load < /tmp/webapp-branded.tar
# Maintenance
- name: Download Docker Image (Maintenance)
uses: actions/download-artifact@v2
with:
name: docker-maintenance-branded
path: /tmp
- name: Load Docker Image
run: docker load < /tmp/maintenance-branded.tar
##########################################################################
# Upload #################################################################
##########################################################################
- name: login to dockerhub
run: echo "${DOCKERHUB_TOKEN}" | docker login -u "${DOCKERHUB_USERNAME}" --password-stdin
- name: Push Neo4j Community
run: docker push --all-tags ${DOCKER_ORGANISATION}/neo4j-community-branded
- name: Push Backend
run: docker push --all-tags ${DOCKER_ORGANISATION}/backend-branded
- name: Push Webapp
run: docker push --all-tags ${DOCKER_ORGANISATION}/webapp-branded
- name: Push Maintenance
run: docker push --all-tags ${DOCKER_ORGANISATION}/maintenance-branded
##############################################################################
# JOB: GITHUB TAG LATEST VERSION #############################################
##############################################################################
github_tag:
name: Tag latest version on Github
runs-on: ubuntu-latest
needs: [upload_to_dockerhub]
steps:
##########################################################################
# CHECKOUT CODE ##########################################################
##########################################################################
- name: Checkout code
uses: actions/checkout@v2
with:
fetch-depth: 0 # Fetch full History for changelog
##########################################################################
# SET ENVS ###############################################################
##########################################################################
- name: ENV - VERSION
run: echo "VERSION=$(node -p -e "require('./package.json').version")" >> $GITHUB_ENV
- name: ENV - BUILD_DATE
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
- name: ENV - OCELOT_DOCKER_VERSION_TAG
run: echo "OCELOT_DOCKER_VERSION_TAG=$(node -p -e "require('./package.json').ocelotDockerVersionTag")" >> $GITHUB_ENV
- name: ENV - DOCKER_ORGANISATION
run: echo "DOCKER_ORGANISATION=$(node -p -e "require('./package.json').dockerOrganisation")" >> $GITHUB_ENV
# this is based on the node Docker version tag "node:12.19.0-alpine3.10" and looks like "app-branded:1.0.2-3-ocelot.social1.0.2-79"
- name: ENV - BUILD_VERSION
run: echo "BUILD_VERSION=${VERSION}-${GITHUB_RUN_NUMBER}-ocelot.social${OCELOT_DOCKER_VERSION_TAG}" >> $GITHUB_ENV
- name: ENV - BUILD_COMMIT
run: echo "BUILD_COMMIT=${GITHUB_SHA}" >> $GITHUB_ENV
##########################################################################
# Push build tag to GitHub ###############################################
##########################################################################
- name: package-version-to-git-tag + build number
uses: pkgdeps/git-tag-action@v2
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_repo: ${{ github.repository }}
version: ${{ env.BUILD_VERSION }}
git_commit_sha: ${{ github.sha }}
git_tag_prefix: "b"
##########################################################################
# Push release tag to GitHub #############################################
##########################################################################
- name: package-version-to-git-release
continue-on-error: true # Will fail if tag exists
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
with:
tag_name: ${{ env.VERSION }}
release_name: ${{ env.VERSION }}
#body_path: ./CHANGELOG.md
draft: false
prerelease: false

1
deployment/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.DS_Store

11
deployment/LICENSE.md Normal file
View File

@ -0,0 +1,11 @@
# LICENSE
MIT License
Copyright \(c\) 2022 by the [Ocelot.Social Community](https://github.com/Ocelot-Social-Community)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files \(the "Software"\), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

133
deployment/README.md Normal file
View File

@ -0,0 +1,133 @@
# Ocelot.Social Deploy And Rebranding
[![Build Status Publish](https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/actions/workflows/publish.yml/badge.svg)](https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/actions)
[![MIT License](https://img.shields.io/badge/license-MIT-green.svg)](https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/blob/LICENSE.md)
[![Discord Channel](https://img.shields.io/discord/489522408076738561.svg)](https://discord.gg/AJSX9DCSUA)
[![Open Source Helpers](https://www.codetriage.com/ocelot-social-community/ocelot-social-deploy-rebranding/badges/users.svg)](https://www.codetriage.com/ocelot-social-community/ocelot-social-deploy-rebranding)
This repository is an in use template to rebrand, configure, and deploy [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) networks.
The forked original repository is [Ocelot-Social-Deploy-Rebranding](https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding).
<!-- markdownlint-disable MD033 -->
<p align="center">
<a href="https://ocelot.social" target="_blank"><img src="branding/static/img/custom/logo-squared.svg" alt="Ocelot-Social" width="40%" height="40%"></a>
</p>
<!-- markdownlint-enable MD033 -->
## Live demo
__Try out our deployed [development environment](https://stage.ocelot.social).__
Visit our staging networks:
- central staging network: [stage.ocelot.social](https://stage.ocelot.social)
<!-- - rebranded staging network: [rebrand.ocelot.social](https://stage.ocelot.social). -->
Logins:
| email | password | role |
| :--- | :--- | :--- |
| `user@example.org` | 1234 | user |
| `moderator@example.org` | 1234 | moderator |
| `admin@example.org` | 1234 | admin |
## Usage
Fork this repository to configure and rebrand it for your own [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) network.
### Package.Json And DockerHub Organisation
Write your own data into the main configuration file:
- [package.json](/package.json)
Since all deployment methods described here depend on [Docker](https://docker.com) and [DockerHub](https://hub.docker.com), you need to create your own organisation on DockerHub and put its name in the [package.json](/package.json) file as your `dockerOrganisation`.
### Configure And Branding
The next step is:
- [Configure And Branding](/branding/README.md)
### Optional: Locally Testing Configuration And Branding
Just in case you have Docker installed and run the following, you can check your branding locally:
```bash
# in main folder
$ docker-compose up
# fill the database with an initial admin
$ docker-compose exec backend yarn run prod:migrate init
```
The database is then initialised with the default administrator:
- E-mail: admin@example.org
- Password: 1234
For login or registration have a look in your browser at `http://localhost:3000/`.
For the maintenance page have a look in your browser at `http://localhost:5000/`.
### Push Changes To GitHub
Before merging these changes into the "master" branch on your GitHub fork repository, you need to configure the GitHub repository secrets. This is necessary to [publish](/.github/workflows/publish.yml) the Docker images by pushing them via GitHub actions to repositories belonging to your DockerHub organisation.
First, go to your DockerHub profile under `Account Settings` and click on the `Security` tab. There you create an access token called `<your-organisation>-access-token` and copy the token to a safe place.
Secondly, in your GitHub repository, click on the 'Settings' tab and go to the 'Secrets' tab. There you create two secrets by clicking on `New repository secret`:
1. Named `DOCKERHUB_TOKEN` with the newly created DockerHub token (only the code, not the token name).
2. Named `DOCKERHUB_USERNAME` with your DockerHub username.
### Optional: Locally Testing Your DockerHub Images
Just in case you like to check your pushed Docker images in your organisation's DockerHub repositories locally:
- rename the file `docker-compose.ocelotsocial-branded.yml` with your network name
- in the file, rename the ocelot.social DockerHub organisation `ocelotsocialnetwork` to your organisations name
Remove any local Docker images if necessary and do the following:
```bash
# in main folder
$ docker-compose -f docker-compose.<your-organisation>-branded.yml up
# fill the database with an initial admin
$ docker-compose exec backend yarn run prod:migrate init
```
See the login details and browser addresses above.
### Deployment
Afterwards you can [deploy](/deployment/README.md) it on your server:
- [Kubernetes with Helm](/deployment/kubernetes/README.md)
## Developer Chat
Join our friendly open-source community on [Discord](https://discord.gg/AJSX9DCSUA) :heart_eyes_cat:
Just introduce yourself at `#introduce-yourself` and mention `@@Mentor` to get you onboard :neckbeard:
Check out the [contribution guideline](https://github.com/Ocelot-Social-Community/Ocelot-Social/blob/master/CONTRIBUTING.md), too!
We give write permissions to every developer who asks for it. Just text us on
[Discord](https://discord.gg/AJSX9DCSUA).
## Technology Stack
- [Docker](https://www.docker.com)
- [Kubernetes](https://kubernetes.io)
- [Helm](https://helm.sh)
<!--
## Attributions
Locale Icons made by [Freepik](http://www.freepik.com/) from [www.flaticon.com](https://www.flaticon.com/) is licensed by [CC 3.0 BY](http://creativecommons.org/licenses/by/3.0/).
Browser compatibility testing with [BrowserStack](https://www.browserstack.com/).
<img alt="BrowserStack Logo" src=".gitbook/assets/browserstack-logo.svg" width="256">
-->
## License
See the [LICENSE](/LICENSE.md) file for license rights and limitations (MIT).

79
deployment/TODO-next-update.md Normal file
View File

@ -0,0 +1,79 @@
# Todo For Next Update
When you overtake this deploy and rebrand repo to your network you have to recognize the following changes and doings …
## Version >= 2.2.0 with 'ocelotDockerVersionTag' 2.2.0-267
### Main Code PR feat: 🍰 Footer And Header Links Configurable To Have External Link Target #5590
- You have to add property `target` to all array elements with value `url` to your preferred value in `branding/constants/headerMenu.js` originally in main code file `webapp/constants/headerMenu.js`.
- You have to move value of all `externalLink` to new property `externalLink.url` and set new property `externalLink.target` to your preferred value in `branding/constants/links.js` originally in main code file `webapp/constants/links.js`.
### Main Code PR feat: 🍰 Make Donation Progress Bar Color Configurable #5593
- You have to set `PROGRESS_BAR_COLOR_TYPE` in `branding/constants/donation.js` originally in main code file `webapp/constants/donation.js` to your preferred value.
### Main Code PR feat: 🍰 Header Logo Routing Update #5579
- You have to move value of `LOGO_HEADER_CLICK.externalLink` to new property `LOGO_HEADER_CLICK.externalLink.url` and set new property `LOGO_HEADER_CLICK.externalLink.target` to your preferred value in `branding/constants/logos.js` originally in main code file `webapp/constants/logos.js`.
## Version >= 2.0.0 with 'ocelotDockerVersionTag' 2.0.0-250
### Main Code PR feat: 🍰 Implement LOGO_HEADER_CLICK As Configuration #5525
- You have to set `LOGO_HEADER_CLICK` in `branding/constants/logos.js` originally in main code file `webapp/constants/logos.js` to your preferred value.
### Main Code Issue 🌟 [EPIC] Release v2.0.0 Beta Test → Final #5547
- You have to set `SHOW_GROUP_BUTTON_IN_HEADER` in `branding/constants/groups.js` originally in main code file `webapp/constants/groups.js` to your preferred value.
## Version >= 1.1.0 with 'ocelotDockerVersionTag' 1.1.0-205
### Deployment/Rebranding PR chore: 🍰 Release v1.1.0 - Implement Categories Again #63
- You have to add the `CATEGORIES_ACTIVE` from the `deployment/kubernetes/values.template.yaml` to your `deployment/kubernetes/values.yaml` and set it to your preferred value.
- Make sure the correct categories are in your Neo4j database on the server.
## Version >= 1.0.9 with 'ocelotDockerVersionTag' 1.0.9-199
### Deployment/Rebranding PR chore: 🍰 Implement PRODUCTION_DB_CLEAN_ALLOW for Staging Production Environments #56
- Copy `PRODUCTION_DB_CLEAN_ALLOW` from `deployment/kubernetes/values.template.yaml` to `values.yaml` and set it to `false` for production environments and only for several stage test servers to `true`.
### Deployment/Rebranding PR chore: [WIP] 🍰 Refine docs, first step #46
Upgrade the cert-manager, but install CRDs of the version 1.0.0-alpha to actually be able to upgrade ocelot. Then uninstall the legacy CRDs and install the correct ones.
```bash
# upgrade cert-manager to 1.9.1
> helm upgrade --set installCRDs=true --version 1.9.1 --namespace cert-manager cert-manager jetstack/cert-manager
# apply legacy CRDs
> kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.0.0-alpha.1/cert-manager.crds.yaml
# upgrade ocelot
> helm upgrade ocelot ./
# delete legacy CRDs
> kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/v1.0.0-alpha.1/cert-manager.crds.yaml
# apply CRDs for cert-manager 1.9.1
> kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.crds.yaml
```
Background: We had to upgrade cert-manager due to an external dependency - therefore we had to update cert-manager apiVersion `cert-manager.io/v1alpha2` to `cert-manager.io/v1`.
The error occurring when not doing this is the following:
```bash
Error: UPGRADE FAILED: unable to build kubernetes objects from current release manifest: [resource mapping not found for name: "letsencrypt-production" namespace: "" from "": no matches for kind "ClusterIssuer" in version "cert-manager.io/v1alpha2"
ensure CRDs are installed first, resource mapping not found for name: "letsencrypt-staging" namespace: "" from "": no matches for kind "ClusterIssuer" in version "cert-manager.io/v1alpha2"
ensure CRDs are installed first]
```
## Version >= 1.0.8 with 'ocelotDockerVersionTag' 1.0.8-182
### PR feat: 🍰 Configure Cookie Expire Time #43
- You have to add the `COOKIE_EXPIRE_TIME` from the `deployment/kubernetes/values.template.yaml` to your `deployment/kubernetes/values.yaml` and set it to your preferred value.
- Correct `locale` cookie exploration time in data privacy.
## Version 1.0.7 with 'ocelotDockerVersionTag' 1.0.7-171
- No information.

5
deployment/branding/README.md Normal file
View File

@ -0,0 +1,5 @@
# Configure And Branding
In this folder you will find all configuration files and logo images to customise the configuration and branding of the [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) network code to your own needs.
Please change these and they will be used automatically as part of the [deployment](/deployment/README.md) process.

5
deployment/branding/assets/styles/imports/_branding.scss Normal file
View File

@ -0,0 +1,5 @@
/*
*
* Here, all SCSS variables and classes can be adapted to your custom design.
*
*/

1
deployment/branding/constants/donation.js Normal file
View File

@ -0,0 +1 @@
export const PROGRESS_BAR_COLOR_TYPE = 'gradient' // 'uni' is the other option

8
deployment/branding/constants/emails.js Normal file
View File

@ -0,0 +1,8 @@
// this file is duplicated in `backend/src/config/` and `webapp/constants/` and replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/constants/
export default {
SUPPORT_EMAIL: 'hello@ocelot.social',
MODERATION_EMAIL: 'hello@ocelot.social',
// ATTENTION: the following links have to be defined even for internal pages with full URLs as example like 'https://staging.ocelot.social/support', because they are used in e-mails!
ORGANIZATION_LINK: 'https://ocelot.social',
SUPPORT_LINK: 'https://ocelot.social',
}

5
deployment/branding/constants/groups.js Normal file
View File

@ -0,0 +1,5 @@
// this file is duplicated in `backend/src/constants/group.js` and `webapp/constants/group.js`
export const NAME_LENGTH_MIN = 3
export const NAME_LENGTH_MAX = 50
export const DESCRIPTION_WITHOUT_HTML_LENGTH_MIN = 100 // with removed HTML tags
export const SHOW_GROUP_BUTTON_IN_HEADER = true

13
deployment/branding/constants/headerMenu.js Normal file
View File

@ -0,0 +1,13 @@
export default {
MENU: [
// {
// nameIdent: 'nameIdent',
// path: '/',
// },
// {
// nameIdent: 'nameIdent',
// url: 'https://ocelot.social',
// target: '_blank',
// },
],
}

152
deployment/branding/constants/links.js Normal file
View File

@ -0,0 +1,152 @@
// this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/constants/
import { defaultPageParamsPages } from '~/components/utils/InternalPages.js'
const ORGANIZATION = defaultPageParamsPages.ORGANIZATION.overwrite({
// if defined it's dominating
externalLink: {
url: 'https://ocelot.social',
target: '_blank',
},
internalPage: {
// footerIdent: 'site.made', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.made', // localized string identifier, if undefined default is used
// headlineIdent: 'site.made', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const DONATE = defaultPageParamsPages.DONATE.overwrite({
// if defined it's dominating
externalLink: {
// we use 'ocelot-social.herokuapp.com' at the moment, because redirections of 'ocelot.social' subpages are not working correctly
url: 'https://ocelot-social.herokuapp.com/donations',
target: '_blank',
},
internalPage: {
// footerIdent: 'site.donate', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.donate', // localized string identifier, if undefined default is used
// headlineIdent: 'site.donate', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const IMPRINT = defaultPageParamsPages.IMPRINT.overwrite({
// if defined it's dominating
externalLink: {
// we use 'ocelot-social.herokuapp.com' at the moment, because redirections of 'ocelot.social' subpages are not working correctly
url: 'https://ocelot-social.herokuapp.com/imprint',
target: '_blank',
},
internalPage: {
// footerIdent: 'site.imprint', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.imprint', // localized string identifier, if undefined default is used
// headlineIdent: 'site.imprint', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const TERMS_AND_CONDITIONS = defaultPageParamsPages.TERMS_AND_CONDITIONS.overwrite({
// externalLink: null, // if defined it's dominating
internalPage: {
// footerIdent: 'site.termsAndConditions', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.termsAndConditions', // localized string identifier, if undefined default is used
// headlineIdent: 'site.termsAndConditions', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const CODE_OF_CONDUCT = defaultPageParamsPages.CODE_OF_CONDUCT.overwrite({
// externalLink: null, // if defined it's dominating
internalPage: {
// footerIdent: 'site.code-of-conduct', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.code-of-conduct', // localized string identifier, if undefined default is used
// headlineIdent: 'site.code-of-conduct', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const DATA_PRIVACY = defaultPageParamsPages.DATA_PRIVACY.overwrite({
// externalLink: null, // if defined it's dominating
internalPage: {
// footerIdent: 'site.data-privacy', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.data-privacy', // localized string identifier, if undefined default is used
// headlineIdent: 'site.data-privacy', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const FAQ = defaultPageParamsPages.FAQ.overwrite({
// externalLink: null, // if defined it's dominating
internalPage: {
// footerIdent: 'site.faq', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.faq', // localized string identifier, if undefined default is used
// headlineIdent: 'site.faq', // on null default is used, on empty string it's hidden
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const SUPPORT = defaultPageParamsPages.SUPPORT.overwrite({
// if defined it's dominating
externalLink: {
url: 'https://ocelot.social',
target: '_blank',
},
internalPage: {
// footerIdent: 'site.support', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.support', // localized string identifier, if undefined default is used
// headlineIdent: 'site.support', // on null default is used, on empty string it's hidden
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
export default {
LANDING_PAGE: '/login', // examples: '/login', '/registration', '/organization', or external 'https://ocelot.social'
// you can find and store templates for 👇🏼 at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/
ORGANIZATION,
DONATE,
IMPRINT,
TERMS_AND_CONDITIONS,
CODE_OF_CONDUCT,
DATA_PRIVACY,
FAQ,
SUPPORT,
FOOTER_LINK_LIST: [
ORGANIZATION,
TERMS_AND_CONDITIONS,
CODE_OF_CONDUCT,
DATA_PRIVACY,
FAQ,
DONATE,
IMPRINT,
SUPPORT,
],
}

24
deployment/branding/constants/logos.js Normal file
View File

@ -0,0 +1,24 @@
// this file is duplicated in `backend/src/config/logos.js` and `webapp/constants/logos.js` and replaced on rebranding
// this are the paths in the webapp
export default {
LOGO_HEADER_PATH: '/img/custom/logo-horizontal.svg',
LOGO_HEADER_WIDTH: '130px',
LOGO_HEADER_CLICK: {
// externalLink: {
// url: 'https://ocelot.social',
// target: '_blank',
// },
externalLink: null,
internalPath: {
to: {
name: 'index',
},
scrollTo: '.main-navigation',
},
},
LOGO_SIGNUP_PATH: '/img/custom/logo-squared.svg',
LOGO_WELCOME_PATH: '/img/custom/logo-squared.svg',
LOGO_LOGOUT_PATH: '/img/custom/logo-squared.svg',
LOGO_PASSWORD_RESET_PATH: '/img/custom/logo-squared.svg',
LOGO_MAINTENACE_RESET_PATH: '/img/custom/logo-squared.svg',
}

9
deployment/branding/constants/metadata.js Normal file
View File

@ -0,0 +1,9 @@
// this file is duplicated in `backend/src/config/metadata.js` and `webapp/constants/metadata.js` and replaced on rebranding
export default {
APPLICATION_NAME: 'ocelot.social',
APPLICATION_SHORT_NAME: 'ocelot.social',
APPLICATION_DESCRIPTION: 'Ocelot Social Community',
COOKIE_NAME: 'ocelot-social-token',
ORGANIZATION_NAME: 'busFaktor e.V.',
ORGANIZATION_JURISDICTION: 'Deutschland',
}

1
deployment/branding/email/.gitkeep Normal file
View File

@ -0,0 +1 @@
we can put multilanguage e-mails and a layout.html in here

1
deployment/branding/email/templates/de/.gitkeep Normal file
View File

@ -0,0 +1 @@
we can put translated e-mails in here

1
deployment/branding/email/templates/en/.gitkeep Normal file
View File

@ -0,0 +1 @@
we can put translated e-mails in here

2
deployment/branding/locales/de.json Normal file
View File

@ -0,0 +1,2 @@
{
}

2
deployment/branding/locales/en.json Normal file
View File

@ -0,0 +1,2 @@
{
}

60
deployment/branding/locales/html/de/code-of-conduct.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Präambel
</h3>
<p>
Ich bin der Inhalt vom Verhaltenskodex.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/de/data-privacy.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Information über die Erhebung personenbezogener Daten
</h3>
<p>
Das hier wäre der Inhalt der Datenschutzbestimmungen.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/de/donate.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Wohin kann ich spenden?
</h3>
<p>
Hier steht was zu den Spenden.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

67
deployment/branding/locales/html/de/faq.html Normal file
View File

@ -0,0 +1,67 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Wie bediene ich dieses Netzwerk?
</h3>
<p>
Hier findest Du die
<a href="https://github.com/Ocelot-Social-Community/Ocelot-Social/wiki" target="_blank" >Bedienungsanleitung</a>.<br>
</p>
<h3>
Betreiberspezifische FAQs
</h3>
<p>
Hier steht was zu den betreiberspezifischen FAQs.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/de/imprint.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Betreiber
</h3>
<p>
Ich bin das Impressum.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/de/organization.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Das Entwicklernetzwerk
</h3>
<p>
Hier wird das Netzwerk beschrieben.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/de/support.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Ansprechpartner
</h3>
<p>
Ich bin der Inhalt vom Support.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

61
deployment/branding/locales/html/de/terms-and-conditions.html Normal file
View File

@ -0,0 +1,61 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Nutzung und Lizenz
</h3>
<p>
Ich bin der Inhalt der Seite "Nutzungsbedingungen".
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/en/code-of-conduct.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Präambel
</h3>
<p>
I am the content of the code of conduct.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/en/data-privacy.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Information about the collection of personal data
</h3>
<p>
This would be our data privacy section.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/en/donate.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Where can I donate?
</h3>
<p>
Here's what it says about donations.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

67
deployment/branding/locales/html/en/faq.html Normal file
View File

@ -0,0 +1,67 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
How do I operate this network?
</h3>
<p>
Here you can find the
<a href="https://github.com/Ocelot-Social-Community/Ocelot-Social/wiki" target="_blank" >user manual</a>.<br>
</p>
<h3>
Operator-Specific FAQs
</h3>
<p>
Here are the operator-specific FAQs.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/en/imprint.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Operator
</h3>
<p>
I am the imprint.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/en/organization.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
The Developers Network
</h3>
<p>
Here the network is described.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/en/support.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Contact
</h3>
<p>
I am the content of the support.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/branding/locales/html/en/terms-and-conditions.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Use and License
</h3>
<p>
I am the content of the page "Terms And Conditions".
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

BIN
deployment/branding/static/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.4 KiB

BIN
deployment/branding/static/icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 21 KiB

80
deployment/branding/static/img/custom/logo-horizontal.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 34 KiB

82
deployment/branding/static/img/custom/logo-squared.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 34 KiB

62
deployment/branding/templates/locales/html/general/de/faq.html Normal file
View File

@ -0,0 +1,62 @@
<!-- this file is a template for rebranding of 'branding/locales/html/de/faq.html' -->
<!-- template for the 'FAQ' in general -->
<div class="info-page">
<h2>
Für das soziale Netzwerk {{ organization }}
</h2>
<h3>
Wie bediene ich dieses Netzwerk?
</h3>
<p>
Hier findest Du die
<a href="https://github.com/Ocelot-Social-Community/Ocelot-Social/wiki" target="_blank" >Bedienungsanleitung</a>.<br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

62
deployment/branding/templates/locales/html/general/en/faq.html Normal file
View File

@ -0,0 +1,62 @@
<!-- this file is a template for rebranding of 'branding/locales/html/de/faq.html' -->
<!-- template for the 'FAQ' in general -->
<div class="info-page">
<h2>
For the social network of {{ organization }}
</h2>
<h3>
How do I operate this network?
</h3>
<p>
Here you can find the
<a href="https://github.com/Ocelot-Social-Community/Ocelot-Social/wiki" target="_blank" >user manual</a>.<br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

163
deployment/branding/templates/locales/html/hc-y2020/de/code-of-conduct.html Normal file
View File

@ -0,0 +1,163 @@
<!-- this file is a template for rebranding of 'branding/locales/html/en/code-of-conduct.html' -->
<!-- template for the 'Code Of Conduct' from the old HC network. in the old repo you will find other languages as well -->
<div class="info-page">
<h2>
Für das soziale Netzwerk {{ organization }}
</h2>
<h3>
Präambel
</h3>
<p>
{{ networkName}} ist ein gemeinnütziges soziales Wissens- und Aktionsnetzwerk der nächsten Generation.
Von Menschen für Menschen.
Free-Software, Open-Source, fair und transparent.
Für positiven lokalen und globalen Wandel in allen Lebensbereichen.
Wir gestalten den öffentlichen Austausch von Wissen, Ideen und Projekten völlig neu.
Die Funktionen von {{ networkName }} bringen die Menschen zusammen offline und online so dass wir die Welt zu einem besseren Ort machen können.<br>
</p>
<h3>
Zweck
</h3>
<p>
Mit diesen Verhaltensregeln regeln wir die wesentlichen Grundsätze für das Verhalten in unserem Sozialen Netzwerk.
Dabei ist die Menschenrechtscharta der Vereinten Nationen unsere Orientierung und bildet das Herz unseres Werteverständnisses.
Die Verhaltensregeln dienen als Leitsätze für den persönlichen Auftritt und den Umgang untereinander.
Wer als Nutzer im {{ networkName }} Netzwerk aktiv ist, Beiträge verfasst, kommentiert oder mit anderen Nutzern, auch außerhalb des Netzwerkes, Kontakt aufnimmt, erkennt diese Verhaltensregeln als verbindlich an.<br>
</p>
<h3>
Erwartetes Verhalten
</h3>
<p>
Die folgenden Verhaltensweisen werden von allen Community-Mitgliedern erwartet und gefordert:<br>
</p>
<ul>
<li>
Sei rücksichtsvoll und respektvoll, bei dem, was Du schreibst und tust.
</li>
<li>
Versuche auf andere zuzugehen, bevor ein Konflikt entsteht.
</li>
<li>
Vermeide erniedrigende, diskriminierende oder belästigende Verhaltensweisen und Ausdrücke.
</li>
<li>
Achte Dein Umfeld und Deine Mitmenschen. Warne die Verantwortlichen der Community, falls Du eine gefährliche Situation, jemanden in Not oder Verstöße gegen diesen Verhaltenskodex bemerkst, auch wenn diese unbedeutend erscheinen.
</li>
</ul>
<h3>
Nichtakzeptables Verhalten
</h3>
<p>
Die folgenden Verhaltensweisen sind in unserer Community inakzeptabel:<br>
</p>
<ul>
<li>
Diskriminierende Beiträge, Kommentare, Äußerungen oder Beleidigungen, insbesondere solche, die sich auf Geschlecht, sexuelle Orientierung, Rasse, Religion, politische oder weltanschauliche Ausrichtung oder Behinderung beziehen
</li>
<li>
Das Senden oder Verlinken eindeutig pornografischen Materials
</li>
<li>
Verherrlichung oder Verharmlosung grausamer oder unmenschlicher Gewalttätigkeiten
</li>
<li>
Das Veröffentlichen von personenbezogenen Daten anderer ohne deren Einverständnis oder das Androhen dessen („Doxing“)
</li>
<li>
Absichtliche Einschüchterung, Stalking oder Verfolgung
</li>
<li>
Bewerben von Produkten und Dienstleistungen mit kommerzieller Absicht
</li>
<li>
Strafbares Verhalten bzw. Verstoß gegen deutsches Recht
</li>
<li>
Befürworten oder Ermutigen zu diesen Verhaltensweisen
</li>
</ul>
<h3>
Konsequenzen inakzeptablen Verhaltens
</h3>
<p>
Wenn ein Gemeinschaftsmitglied inakzeptables Verhalten an den Tag legt, können die verantwortlichen Betreiber, Moderatoren und Administratoren des Netzwerks angemessene Maßnahmen ergreifen, u.a.:<br>
</p>
<ul>
<li>
Auffordern zum sofortigen Abstellen des inakzeptablen Verhaltens
</li>
<li>
Sperren oder Löschen von Kommentaren
</li>
<li>
Vorübergehender Ausschluss aus dem jeweiligen Beitrag
</li>
<li>
Sperren bzw. Löschen von Inhalten
</li>
<li>
Vorübergehender Entzug von Schreibrechten
</li>
<li>
Vorübergehender Ausschluss aus dem Netzwerk
</li>
<li>
Endgültiger Ausschluss aus dem Netzwerk
</li>
<li>
Verstöße gegen deutsches Recht können zur Anzeige gebracht werden.
</li>
</ul>
<p>
Wenn Du einem inakzeptablen Verhalten ausgesetzt bist, es miterlebst oder andere Bedenken hast, melde bitte so schnell wie möglich den oder die entsprechenden Inhalte an die Moderatoren.
Bitte klicke beim Beitrag, Kommentar oder Benutzer auf die drei Punkte und melde ihn über das aufgeklappte Menü.<br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

1010
deployment/branding/templates/locales/html/hc-y2020/de/data-privacy.html Normal file
View File

File diff suppressed because it is too large Load Diff

136
deployment/branding/templates/locales/html/hc-y2020/de/terms-and-conditions.html Normal file
View File

@ -0,0 +1,136 @@
<!-- this file is a template for rebranding of 'branding/locales/html/de/terms-and-conditions.html' -->
<!-- template for the 'Terms And Conditions' from the old HC network. in the old repo you will find other languages as well -->
<div class="info-page">
<h2>
Für das soziale Netzwerk {{ organization }}
</h2>
<h3>
Nutzungsbedingungen
</h3>
<p>
Die folgenden Nutzungsbedingungen sind Basis für die Nutzung unseres {{ networkName }} Netzwerkes.
Beim Registrieren musst Du diese anerkennen und wir werden Dich auch später über ggf. stattfindende Änderungen informieren.
Unser Netzwerk wird in der {{ organizationLocation }} betrieben und unterliegt daher {{ organizationLocation2 }} Recht.
Gerichtsstand ist {{ legacyLocation }}.
Zu Details schau in unser Impressum: <a href="https://{{ networkURL }}/imprint/" target="_blank" >https://{{ networkURL }}/imprint/</a>.<br>
</p>
<h3>
Nutzung und Lizenz
</h3>
<p>
Sind Inhalte, die Du bei uns einstellst, durch Rechte am geistigen Eigentum geschützt, erteilst Du uns eine nicht-exklusive, übertragbare, unterlizenzierbare und weltweite Lizenz für die Nutzung dieser Inhalte für die Bereitstellung in unserem Netzwerk.
Diese Lizenz endet, sobald Du Deine Inhalte oder Deinen ganzen Account löscht.
Bedenke, dass andere Deine Inhalte weiter teilen können und wir diese nicht löschen können.<br>
</p>
<h3>
Datenschutz
</h3>
<p>
Unser Netzwerk ist ein soziales Wissens- und Aktionsnetzwerk.
Daher ist es uns besonders wichtig, dass möglichst viele Inhalte öffentlich zugänglich sind.
Im Laufe der Entwicklung unseres Netzwerkes wird es mehr und mehr die Möglichkeit geben, über die Sichtbarkeit der selbst angegebenen bzw. persönlichen Daten zu entscheiden.
Über diese neuen Funktionen werden wir Euch informieren.
Ansonsten gilt, dass Du immer darüber nachdenken solltest, welche persönlichen Daten Du über Dich (oder andere) preisgibst.
Dies gilt insbesondere für Inhalte von Beiträgen und Kommentaren, da diese einen weitgehend öffentlichen Charakter haben.
Später wird es Möglichkeiten geben, die Sichtbarkeit Deines Profils einzuschränken.
Teil der Nutzungsbedingungen ist unsere Datenschutzerklärung, die Dich über die einzelnen Datenverarbeitungen in unserem Netzwerk informiert: <a href="https://{{ networkURL }}/data-privacy" target="_blank">https://{{ networkURL }}/data-privacy</a>.
Unsere Datenschutzerklärung ist an die Gesetzeslage und die Charakteristika unseres Netzwerks angepasst und gilt immer in der aktuellsten Version.<br>
</p>
<h3>
Verhaltenscodex
</h3>
<p>
Unser Verhaltenskodex dient als Leitfaden für das persönliche Auftreten und den Umgang miteinander.
Wer als Nutzer im {{ networkName }} Netzwerk aktiv ist, Beiträge verfasst, kommentiert oder mit anderen Nutzern, auch außerhalb des Netzwerkes, Kontakt aufnimmt, erkennt diese Verhaltensregeln als verbindlich an. <a href="https://{{ networkURL }}/code-of-conduct" target="_blank">https://{{ networkURL }}/code-of-conduct</a><br>
</p>
<h3>
Moderation
</h3>
<p>
Bis unsere finanziellen Möglichkeiten uns erlauben, das Community-Moderationssystem zu implementieren, moderieren wir mit einem vereinfachten System und eigenen bzw. ggf. ehrenamtlichen Mitarbeitern.
Wir schulen diese Moderatoren und aus diesem Grund treffen auch nur diese entsprechende Entscheidungen.
Diese Moderatoren führen Ihre Tätigkeit anonym aus.
Du kannst uns Beiträge, Kommentare und auch Nutzer melden (wenn diese zum Beispiel in ihrem Profil Angaben machen oder Bilder haben, die diese Nutzungsbedingungen verletzen).
Wenn Du uns etwas meldest, kannst Du einen Meldegrund angeben und noch eine kurze Erläuterung mitgeben.
Wir schauen uns dann das Gemeldete an und sanktionieren ggf., z.B. indem wir Beiträge, Kommentare oder Nutzer sperren.
Du und auch der Betroffene erhalten derzeitig von uns leider noch keine Rückmeldung, das ist aber in Planung.
Unabhängig davon behalten wir uns prinzipiell Sanktionen vor aus Gründen, die unter Umständen nicht oder noch nicht in unserem Verhaltenscodex oder diesen Nutzungsbedingungen aufgeführt sind.<br>
</p>
<h3>
Fehler und Rückmeldungen
</h3>
<p>
Wir sind sehr bemüht, unser Netzwerk und unsere Daten sicher und abrufbar zu erhalten.
Jede neue Version der Software durchläuft sowohl automatisierte als auch manuelle Tests.
Es können jedoch unvorhergesehene Fehler auftreten.
Deshalb sind wir dankbar für jeden gemeldeten Fehler.
Du kannst gerne jeden von Dir entdeckten Fehler dem Support/der Hilfe-Assistenz mitteilen: <a href="https://{{ networkURL }}/support" target="_blank">https://{{ networkURL }}/support</a>.<br>
</p>
<h3>
Keine kommerzielle Nutzung
</h3>
<p>
Die Nutzung des {{ networkName }} Netzwerkes ist nicht für kommerzielle Zwecke gestattet.
Darunter fällt unter anderem das Bewerben von Produkten mit kommerzieller Absicht, das Einstellen von Affiliate-Links (Geschäftspartner-Links), direkter Aufruf zu Spenden oder finanzieller Unterstützung für Zwecke, die steuerlich nicht als gemeinnützig anerkannt sind.<br>
</p>
<h3>
Keine politische Nutzung
</h3>
<p>
Nutzerkonten von politischen Parteien oder offizielle Nutzerkonten eines politischen Vertreters sind unzulässig.<br>
</p>
<h3>
Hilfe und Fragen
</h3>
<p>
Für Hilfe und Fragen haben wir Dir eine umfassende Sammlung an häufig gestellten Fragen und Antworten (FAQ) zusammengestellt; Du findest diese auf <a href="https://{{ networkURL }}/faq" target="_blank">https://{{ networkURL }}/faq</a>.<br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

163
deployment/branding/templates/locales/html/hc-y2020/en/code-of-conduct.html Normal file
View File

@ -0,0 +1,163 @@
<!-- this file is a template for rebranding of 'branding/locales/html/en/code-of-conduct.html' -->
<!-- template for the 'Code Of Conduct' from the old HC network. in the old repo you will find other languages as well -->
<div class="info-page">
<h2>
For the social network of {{ organization }}
</h2>
<h3>
Präambel
</h3>
<p>
{{ networkName }} is a non-profit social knowledge and action network of the next generation.
By people - for people. Free software, open source, fair and transparent.
For positive local and global change in all areas of life.
We completely redesign the public exchange of knowledge, ideas and projects.
The functions of {{ networkName }} bring people together - offline and online - so that we can make the world a better place.<br>
</p>
<h3>
Purpose
</h3>
<p>
With these code of conduct we regulate the essential principles for behavior in our social network.
The United Nations Charter of Human Rights is our orientation and forms the heart of our understanding of values.
The code of conduct serves as guiding principles for our personal appearance and interaction with one another.
Anyone who is active as a user in the {{ networkName }} Network, writes articles, comments or contacts other users, including those outside the network,acknowledges these rules of conduct as binding.<br>
</p>
<h3>
Expected Behaviour
</h3>
<p>
The following behaviors are expected and requested of all community members:<br>
</p>
<ul>
<li>
Exercise consideration and respect in your speech and actions.
</li>
<li>
Attempt collaboration before conflict.
</li>
<li>
Refrain from demeaning, discriminatory, or harassing behavior and speech.
</li>
<li>
Be mindful of your surroundings and of your fellow participants.
Alert community leaders if you notice a dangerous situation, someone in distress, or violations of this Code of Conduct, even if they seem inconsequential.
</li>
</ul>
<h3>
Unacceptable Behavior
</h3>
<p>
The following behaviors are unacceptable within our community:<br>
</p>
<ul>
<li>
Discriminatory posts, comments, utterances or insults, particularly those relating to gender, sexual orientation, race, religion, political or philosophical orientation or disability.
</li>
<li>
Posting or linking of clearly pornographic material.
</li>
<li>
Glorification or trivialization of cruel or inhuman acts of violence.
</li>
<li>
The disclosure of others' personal information without their consent or threat there of ("doxing").
</li>
<li>
Intentional intimidation, stalking or persecution.
</li>
<li>
Advertising products and services with commercial intent.
</li>
<li>
Criminal behavior or violation of German law.
</li>
<li>
Endorse or encourage such conduct.
</li>
</ul>
<h3>
Consequences of Unacceptable Behavior
</h3>
<p>
If a community member exhibits unacceptable behaviour, the responsible operators, moderators and administrators of the network may take appropriate measures, including but not limited to:<br>
</p>
<ul>
<li>
Request for immediate cessation of unacceptable conduct
</li>
<li>
Locking or deleting comments
</li>
<li>
Temporary exclusion from the respective post or contribution
</li>
<li>
Blocking or deleting of content
</li>
<li>
Temporary withdrawal of write permissions
</li>
<li>
Temporary exclusion from the network
</li>
<li>
Final exclusion from the network
</li>
<li>
Violations of German law can be reported.
</li>
</ul>
<p>
If you are subject to or witness unacceptable behavior, or have any other concerns, please notify a community organizer as soon as possible and link or refer to the corresponding content.
Please click on the three dots on the post, comment or user and report it using the drop-down menu.<br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

135
deployment/branding/templates/locales/html/hc-y2020/en/terms-and-conditions.html Normal file
View File

@ -0,0 +1,135 @@
<!-- this file is a template for rebranding of 'branding/locales/html/en/terms-and-conditions.html' -->
<!-- template for the 'Terms And Conditions' from the old HC network. in the old repo you will find other languages as well -->
<div class="info-page">
<h2>
For the social network of {{ organization }}
</h2>
<h3>
Terms of Service
</h3>
<p>
The following terms of use form the basis for the use of our network.
When you register, you must accept them and we will inform you later about any changes that may take place.
The {{ networkName }} Network is operated in Germany and is therefore subject to German law.
Place of jurisdiction is {{ organizationLocation }}.
For details see our imprint: <a href="https://{{ networkURL }}/imprint/" target="_blank" >https://{{ networkURL }}/imprint/</a><br>
</p>
<h3>
Use and License
</h3>
<p>
If any content you post to us is protected by intellectual property rights, you grant us a non-exclusive, transferable, sublicensable, worldwide license to use such content for posting to our network.
This license expires when you delete your content or your entire account.
Remember that others may share your content and we cannot delete it.<br>
</p>
<h3>
Privacy Statement
</h3>
<p>
Our network is a social knowledge and action network.
It is therefore particularly important to us that as much content as possible is publicly accessible.
In the course of the development of our network there will be more and more the possibility to decide about the visibility of the personal data.
We will inform you about these new features.
Otherwise, you should always think about which personal data you disclose about yourself (or others).
This applies in particular to the content of posts and comments, as these have a largely public character.
Later there will be possibilities to limit the visibility of your profile.
Part of the terms of service is our privacy statement, which informs you about the individual data processing operations in our network: <a href="https://{{ networkURL }}/data-privacy" target="_blank">https://{{ networkURL }}/data-privacy</a>.
Our privacy statement is adapted to the legal situation and characteristics of our network and is always valid in the most current version.<br>
</p>
<h3>
Code of Conduct
</h3>
<p>
Our code of conduct serves as a handbook for personal appearance and interaction with each other.
Whoever is active as a user in the {{ networkName }} network, writes articles, comments or makes contact with other users, even outside the network, acknowledges these rules of conduct as binding. <a href="https://{{ networkURL }}/code-of-conduct" target="_blank">https://{{ networkURL }}/code-of-conduct</a><br>
</p>
<h3>
Moderation
</h3>
<p>
Until our financial possibilities allow us to implement the community moderation system, we moderate with a simplified system and with our own or possibly volunteer staff.
We train these moderators and for this reason only they make the appropriate decisions.
These moderators carry out their work anonymously.
You can report posts, comments and users to us (for example, if they provide information in their profile or have images that violate these Terms of Use).
If you report something to us, you can give us a reason and a short explanation.
We will then take a look at what you have reported and sanction you if necessary, e.g. by blocking contributions, comments or users.
Unfortunately, you and the person concerned will not receive any feedback from us at this time, but this is in the planning stage.
Irrespective of this, we reserve the right to impose sanctions in principle for reasons that may not or not yet be listed in our Code of Conduct or these terms of service.<br>
</p>
<h3>
Errors and Feedback
</h3>
<p>
We make every effort to keep our network and data secure and available.
Each new release of the software goes through both automated and manual testing.
However, unforeseen errors may occur. Therefore, we are grateful for any reported bugs.
You are welcome to report any bugs you discover by emailing Support at <a href="https://{{ networkURL }}/support" target="_blank">https://{{ networkURL }}/support</a><br>
</p>
<h3>
No Commercial Use
</h3>
<p>
The use of the {{ networkName }} Network is not permitted for commercial purposes.
This includes, but is not limited to, advertising products with commercial intent, posting affiliate links, directly soliciting donations, or providing financial support for purposes that are not recognized as charitable for tax purposes.<br>
</p>
<h3>
No Political Use
</h3>
<p>
User accounts of political parties or official user accounts of a political representative are not permitted.<br>
</p>
<h3>
Help and Questions
</h3>
<p>
For help and questions we have compiled a comprehensive collection of frequently asked questions and answers (FAQ) for you. You can find them here: <a href="https://{{ networkURL }}/faq" target="_blank">https://{{ networkURL }}/faq</a><br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

25
deployment/deployment/Minikube.md Normal file
View File

@ -0,0 +1,25 @@
# Minikube
There are many Kubernetes providers, but if you're just getting started, Minikube is a tool that you can use to get your feet wet.
After you [installed Minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/)
open your minikube dashboard:
```text
$ minikube dashboard
```
This will give you an overview. Some of the steps below need some timing to make resources available to other dependent deployments. Keeping an eye on the dashboard is a great way to check that.
Follow the installation instruction for [Kubernetes with Helm](./kubernetes/README.md).
If all the pods and services have settled and everything looks green in your
minikube dashboard, expose the services you want on your host system.
For example:
```text
$ minikube service webapp --namespace=ocelotsocialnetwork
# optionally
$ minikube service backend --namespace=ocelotsocialnetwork
```

23
deployment/deployment/README.md Normal file
View File

@ -0,0 +1,23 @@
# Deployment
Before you start the deployment you have to do preparations.
## Deployment Preparations
Since all deployment methods described here depend on [Docker](https://docker.com) and [DockerHub](https://hub.docker.com), you need to create your own organisation on DockerHub and put its name in the [package.json](/package.json) file as your `dockerOrganisation`.
Read more details in the [main README](/README.md) under [Usage](/README.md#usage).
## Deployment Methods
You have the following options for a deployment:
- [Kubernetes with Helm](./kubernetes/README.md)
## After Deployment
After the first deployment of the new network on your server, the database is initialized with the default administrator:
- E-mail: admin@example.org
- Password: 1234
***ATTENTION:*** When you are logged in for the first time, please change your (the admin's) e-mail to an existing one and change your password to a secure one !!!

3
deployment/deployment/kubernetes/.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
/dns.values.yaml
/nginx.values.yaml
/values.yaml

305
deployment/deployment/kubernetes/Backup.md Normal file
View File

@ -0,0 +1,305 @@
# Kubernetes Backup Of Ocelot.Social
One of the most important tasks in managing a running [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) network is backing up the data, e.g. the Neo4j database and the stored image files.
## Manual Offline Backup
To prepare, [kubectl](https://kubernetes.io/docs/tasks/tools/) must be installed and ready to use so that you have access to Kubernetes on your server.
Check if the correct context is used by running the following commands:
```bash
# check context and set the correct one
$ kubectl config get-contexts
# if the wrong context is chosen use it
$ kubectl config use-context <your-context>
# if you like check additionally if all pods are running well
$ kubectl -n default get pods -o wide
```
The very first step is to put the website into **maintenance mode**.
### Set Maintenance Mode
There are two ways to put the network into maintenance mode:
- via Kubernetes Dashboard
- via `kubectl`
#### Maintenance Mode Via Kubernetes Dashboard
In the Kubernetes Dashboard, you can select `Ingresses` from the left side menu under `Service`.
After that, in the list that appears, you will find the entry `ingress-ocelot-webapp`, which has three dots on the right, where you can click to edit the entry.
You can scroll to the end of the YAML file, where you will find one or more `host` entries under `rules`, one for each domain of the network.
In all entries, change the value of the `serviceName` entry from ***ocelot-webapp*** to `ocelot-maintenance` and the value of the `servicePort` entry from ***3000*** to `80`.
First, check if your website is still online.
After you click `Update`, the new settings will be applied and you will find your website in maintenance mode.
#### Maintenance Mode Via `kubectl`
To put the network into maintenance mode, run the following commands in the terminal:
```bash
# list ingresses
$ kubectl get ingress -n default
# edit ingress
$ kubectl -n default edit ingress ingress-ocelot-webapp
```
Change the content of the YAML file for all domains to:
```yaml
spec:
rules:
- host: network-domain.social
http:
paths:
- backend:
# serviceName: ocelot-webapp
# servicePort: 3000
serviceName: ocelot-maintenance
servicePort: 80
```
First, check if your website is still online.
After you save the file, the new settings will be applied and you will find your website in maintenance mode.
### Neo4j Database Offline Backup
Before we can back up the database, we need to put it into **sleep mode**.
#### Set Neo4j To Sleep Mode
Again there are two ways to put the network into sleep mode:
- via Kubernetes Dashboard
- via `kubectl`
##### Sleep Mode Via Kubernetes Dashboard
In the Kubernetes Dashboard, you can select `Deployments` from the left side menu under `Workloads`.
After that, in the list that appears, you will find the entry `ocelot-neo4j`, which has three dots on the right, where you can click to edit the entry.
Scroll to the end of the YAML file where you will find the `spec.template.spec.containers` entry. Here you can insert the `command` entry directly after `imagePullPolicy` in a new line.
```yaml
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
command: ["tail", "-f", "/dev/null"]
```
After clicking `Update`, the new settings will be applied and you should check in the `Pods` menu item on the left side if the `ocelot-neo4j-<ID>` pod restarts.
##### Sleep Mode Via `kubectl`
To put Neo4j into sleep mode, run the following commands in the terminal:
```bash
# list deployments
$ kubectl get deployments -n default
# edit deployment
$ kubectl -n default edit deployment ocelot-neo4j
```
Scroll to the `spec.template.spec.containers` entry. Here you can insert the `command` entry directly after `imagePullPolicy` in a new line.
```yaml
image: <network-DockerHub-name>/neo4j-community-branded:latest
imagePullPolicy: Always
command: ["tail", "-f", "/dev/null"]
```
After pressing enter, the new settings will be applied and you should check if the `ocelot-neo4j-<ID>` pod restarts.
Use command:
```bash
# check if the old pod restarts
$ kubectl -n default get pods -o wide
```
#### Generate Offline Backup
The offline backup is generated via `kubectl`:
```bash
# check for the Neo4j pod
$ kubectl -n default get pods -o wide
# ls: see wish backup dumps are already there
$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-neo4j | awk '{ print $1 }') -- ls
# bash: enter bash of Neo4j
$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-neo4j | awk '{ print $1 }') -- bash
# generate Dump
neo4j% neo4j-admin dump --to=/var/lib/neo4j/$(date +%F)-neo4j-dump
# exit bash
neo4j% exit
# ls: see if the new backup dump is there
$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-neo4j | awk '{ print $1 }') -- ls
```
Lets copy the dump backup
```bash
# copy dump onto backup volume direct
$ kubectl cp default/$(kubectl -n default get pods | grep ocelot-neo4j |awk '{ print $1 }'):/var/lib/neo4j/$(date +%F)-neo4j-dump /Volumes/<volume-name>/$(date +%F)-neo4j-dump
```
#### Remove Sleep Mode From Neo4j
Again there are two ways to put the network into working mode:
- via Kubernetes Dashboard
- via `kubectl`
##### Remove Sleep Mode Via Kubernetes Dashboard
In the Kubernetes Dashboard, you can select `Deployments` from the left side menu under `Workloads`.
After that, in the list that appears, you will find the entry `ocelot-neo4j`, which has three dots on the right, where you can click to edit the entry.
Scroll to the `spec.template.spec.containers.command` entry and remove the whole `command` entry like:
```yaml
containers:
- name: container-ocelot-neo4j
image: 'senderfm/neo4j-community-branded:latest'
command:
- tail
- '-f'
- /dev/null
ports:
- containerPort: 7687
protocol: TCP
```
And get:
```yaml
containers:
- name: container-ocelot-neo4j
image: 'senderfm/neo4j-community-branded:latest'
ports:
- containerPort: 7687
protocol: TCP
```
After clicking `Update`, the new settings will be applied and you should check in the `Pods` menu item on the left side if the `ocelot-neo4j-<ID>` pod restarts.
##### Remove Sleep Mode Via `kubectl`
To put Neo4j into working mode, run the following commands in the terminal:
```bash
# list deployments
$ kubectl get deployments -n default
# edit deployment
$ kubectl -n default edit deployment ocelot-neo4j
```
Scroll to the `spec.template.spec.containers.command` entry and remove the whole `command` entry like:
```yaml
spec:
containers:
- command:
- tail
- -f
- /dev/null
envFrom:
- configMapRef:
name: configmap-ocelot-neo4j
```
And get:
```yaml
spec:
containers:
- envFrom:
- configMapRef:
name: configmap-ocelot-neo4j
```
After pressing enter, the new settings will be applied and you should check if the `ocelot-neo4j-<ID>` pod restarts.
Use command:
```bash
# check if the old pod restarts
$ kubectl -n default get pods -o wide
```
### Backend Backup
To back up the images from the backend volume, run commands:
```bash
# ls: backend/public/uploads
$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-backend | awk '{ print $1 }') -- ls public/uploads
# copy all images from upload to backup volume direct
$ kubectl cp default/$(kubectl -n default get pods | grep ocelot-backend |awk '{ print $1 }'):/app/public/uploads /Volumes/<volume-name>/$(date +%F)-public-uploads
```
### Remove Maintenance Mode
There are two ways to put the network into working mode:
- via Kubernetes Dashboard
- via `kubectl`
#### Remove Maintenance Mode Via Kubernetes Dashboard
In the Kubernetes Dashboard, you can select `Ingresses` from the left side menu under `Service`.
After that, in the list that appears, you will find the entry `ingress-ocelot-webapp`, which has three dots on the right, where you can click to edit the entry.
You can scroll to the end of the YAML file, where you will find one or more `host` entries under `rules`, one for each domain of the network.
In all entries, change the value of the `serviceName` entry from ***ocelot-maintenance*** to `ocelot-webapp` and the value of the `servicePort` entry from ***80*** to `3000`.
First, check if your website is still in maintenance mode.
After you click `Update`, the new settings will be applied and you will find your website online again.
#### Remove Maintenance Mode Via `kubectl`
To put the network into working mode, run the following commands in the terminal:
```bash
# list ingresses
$ kubectl get ingress -n default
# edit ingress
$ kubectl -n default edit ingress ingress-ocelot-webapp
```
Change the content of the YAML file for all domains to:
```yaml
spec:
rules:
- host: network-domain.social
http:
paths:
- backend:
serviceName: ocelot-webapp
servicePort: 3000
# serviceName: ocelot-maintenance
# servicePort: 80
```
First, check if your website is still in maintenance mode.
After you save the file, the new settings will be applied and you will find your website online again.
XXX
```bash
# Dump: Create a Backup in Kubernetes: https://docs.human-connection.org/human-connection/deployment/volumes/neo4j-offline-backup#create-a-backup-in-kubernetes
```

39
deployment/deployment/kubernetes/Chart.yaml Normal file
View File

@ -0,0 +1,39 @@
type: application
apiVersion: v2
name: ocelot-social
version: "1.0.0"
# The appVersion defines which docker image is pulled.
# Having it set to latest will pull the latest build on dockerhub.
# You are free to define a specific version here tho.
# e.g. appVersion: "latest" or "1.0.2-3-ocelot.social1.0.2-79"
# Be aware that this requires all your apps to have the same docker image version available.
appVersion: "latest"
description: The Helm chart for ocelot.social
home: https://ocelot.social
sources:
- https://github.com/Ocelot-Social-Community/
- https://github.com/Ocelot-Social-Community/Ocelot-Social
- https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding
maintainers:
- name: Ulf Gebhardt
email: ulf.gebhardt@webcraft-media.de
url: https://www.webcraft-media.de/#!ulf_gebhardt
icon: https://github.com/Ocelot-Social-Community/Ocelot-Social/raw/master/webapp/static/img/custom/welcome.svg
deprecated: false
# Unused Fields
#dependencies: # A list of the chart requirements (optional)
# - name: ingress-nginx
# version: v1.10.0
# repository: https://kubernetes.github.io/ingress-nginx
# condition: (optional) A yaml path that resolves to a boolean, used for enabling/disabling charts (e.g. subchart1.enabled )
# tags: # (optional)
# - Tags can be used to group charts for enabling/disabling together
# import-values: # (optional)
# - ImportValues holds the mapping of source values to parent key to be imported. Each item can be a string or pair of child/parent sublist items.
# alias: (optional) Alias to be used for the chart. Useful when you have to add the same chart multiple times
#kubeVersion: A SemVer range of compatible Kubernetes versions (optional)
#keywords:
# - A list of keywords about this project (optional)
#annotations:
# example: A list of annotations keyed by name (optional).

84
deployment/deployment/kubernetes/DigitalOcean.md Normal file
View File

@ -0,0 +1,84 @@
# DigitalOcean
If you want to set up a [Kubernetes](https://kubernetes.io) cluster on [DigitalOcean](https://www.digitalocean.com), follow this guide.
## Create Account
Create an account with DigitalOcean.
## Add Project
On the left side you will see a menu. Click on `New Project`. Enter a name and click `Create Project`.
Skip moving resources, probably.
## Create Kubernetes Cluster
On the right top you find the button `Create`. Click on it and choose `Kubernetes - Create Kubernetes Cluster`.
- use the latest Kubernetes version
- choose your datacenter region
- name your node pool: e.g. `pool-<your-network-name>`
- `2 Basic nodes` with `2.5 GB RAM (total of 4 GB)`, `2 shared CPUs`, and `80 GB Disk` each is optimal for the beginning
- set your cluster name: e.g. `cluster-<your-network-name>`
- select your project
- no tags necessary
## Getting Started
After your cluster is set up see progress bar above click on `Getting started`. Please install the following management tools:
- [kubectl v1.24.1](https://kubernetes.io/docs/tasks/tools/)
- [doctl v1.78.0](https://github.com/digitalocean/doctl)
Install the tools as described on the tab or see the links here.
After the installation, click on `Continue`.
### Download Configuration File
Follow the steps to download the configuration file.
You can skip this step if necessary, as you can download the file later. You can then do this by clicking on `Kubernetes` in the left menu. In the menu to the right of the cluster name in the cluster list, click on `More` and select `Download Config`.
### Patch & Minor Version Upgrades
Skip `Patch & Minor Version Upgrades` for now.
### Install 1-Click Apps
You don't need a 1-click app. Our helmet script will install the required NGINXs.
Therefore, skip this step as well.
## DNS Configuration
There are the following two ways to set up the DNS.
### Manage DNS With A Different Domain Provider
If you have registered your domain or subdomain with another domain provider, add an `A` record there with one of the IP addresses from one of the cluster droplets in the DNS.
To find the correct IP address to set in the DNS `A` record, click `Droplets` in the left main menu.
A list of all your droplets will be displayed.
Take one of the IPs of perhaps two or more droplets in your cluster from the list and enter it into the `A` record.
### Manage DNS With DigitalOcean
***TODO:** How to configure the DigitalOcean DNS management service …*
To understand what makes sense to do when managing your DNS with DigitalOcean, you need to know how DNS works:
DNS means `Domain Name System`. It resolves domains like `example.com` into an IP like `123.123.123.123`.
DigitalOcean is not a domain registrar, but provides a DNS management service. If you use DigitalOcean's DNS management service, you can configure [your cluster](/deployment/kubernetes/README.md#dns) to always resolve the domain to the correct IP and automatically update it for that.
The IPs of the DigitalOcean machines are not necessarily stable, so the cluster's DNS service will update the DNS records managed by DigitalOcean to the new IP as needed.
***CAUTION:** If you are using an external DNS, you currently have to do this manually, which can cause downtime.*
## Deploy
Yeah, you're done here. Back to [Deployment with Helm for Kubernetes](/deployment/kubernetes/README.md).
## Backups On DigitalOcean
You can and should do [backups](/deployment/kubernetes/Backup.md) with Kubernetes for sure.
Additional to backup and copying the Neo4j database dump and the backend images you can do a volume snapshot on DigitalOcean at the moment you have the database in sleep mode.

299
deployment/deployment/kubernetes/README.md Normal file
View File

@ -0,0 +1,299 @@
# Kubernetes Helm Installation Of Ocelot.Social
Deploying [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) with [Helm](https://helm.sh) for [Kubernetes](https://kubernetes.io) is very straight forward. All you have to do is to change certain parameters, like domain names and API keys, then you just install our provided Helm chart to your cluster.
## Kubernetes Cloud Hosting
There are various ways to set up your own or a managed Kubernetes cluster. We will extend the following lists over time.
Please contact us if you are interested in options not listed below.
Managed Kubernetes:
- [DigitalOcean](/deployment/kubernetes/DigitalOcean.md)
## Configuration
You can customize the network server with your configuration by duplicate the `values.template.yaml` to a new `values.yaml` file and change it to your need. All included variables will be available as environment variables in your deployed kubernetes pods.
Besides the `values.template.yaml` file we provide a `nginx.values.template.yaml` and `dns.values.template.yaml` for a similar procedure. The new `nginx.values.yaml` is the configuration for the ingress-nginx Helm chart, while the `dns.values.yaml` file is for automatically updating the dns values on DigitalOcean and therefore optional.
## Installation
Due to the many limitations of Helm you still have to do several manual steps.
Those occur before you run the actual *ocelot.social* Helm chart.
Obviously it is expected of you to have `helm` and `kubectl` installed.
For the cert-manager you may need `cmctl`, see below.
For DigitalOcean you may also need `doctl`.
Install:
- [kubectl v1.24.1](https://kubernetes.io/docs/tasks/tools/)
- [doctl v1.78.0](https://docs.digitalocean.com/reference/doctl/how-to/install/)
- [cmctl v1.8.2](https://cert-manager.io/docs/usage/cmctl/#installation)
- [helm v3.9.0](https://helm.sh/docs/intro/install/)
### Cert Manager (https)
Please refer to [cert-manager.io docs](https://cert-manager.io/docs/installation/) for more details.
***ATTENTION:*** *Be with the Terminal in your repository in the folder of this README.*
We have three ways to install the cert-manager, purely via `kubectl`, via `cmctl`, or with `helm`.
We recommend using `helm` because then we do not mix the installation methods.
Please have a look here:
- [Installing with Helm](https://cert-manager.io/docs/installation/helm/#installing-with-helm)
Our Helm installation is optimized for cert-manager version `v1.9.1` and `kubectl` version `"v1.24.2`.
Please search here for cert-manager versions that are compatible with your `kubectl` version on the cluster and on the client: [cert-manager Supported Releases](https://cert-manager.io/docs/installation/supported-releases/#supported-releases).
***ATTENTION:*** *When uninstalling cert-manager, be sure to use the same method as for installation! Otherwise, we could end up in a broken state, see [Uninstall](https://cert-manager.io/docs/installation/kubectl/#uninstalling).*
<!-- #### 1. Create Namespace
```bash
# kubeconfig.yaml set globaly
$ kubectl create namespace cert-manager
# or kubeconfig.yaml in your repo, then adjust
$ kubectl --kubeconfig=/../kubeconfig.yaml create namespace cert-manager
```
#### 2. Add Helm repository and update
```bash
$ helm repo add jetstack https://charts.jetstack.io
$ helm repo update
```
#### 3. Install Cert-Manager Helm chart
```bash
# option 1
# this can't be applied via kubectl to our cluster since the CRDs can't be installed properly this way ...
# $ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.crds.yaml
# option 2
# kubeconfig.yaml set globaly
$ helm install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--version v1.9.1 \
--set installCRDs=true
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml \
install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--version v1.9.1 \
--set installCRDs=true
``` -->
### Ingress-Nginx
#### 1. Add Helm repository for `ingress-nginx` and update
```bash
$ helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
$ helm repo update
```
#### 2. Install ingress-nginx
```bash
# kubeconfig.yaml set globaly
$ helm install ingress-nginx ingress-nginx/ingress-nginx -f nginx.values.yaml
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml install ingress-nginx ingress-nginx/ingress-nginx -f nginx.values.yaml
```
### DigitalOcean Firewall
This is only necessary if you run DigitalOcean without load balancer ([see here for more info](https://stackoverflow.com/questions/54119399/expose-port-80-on-digital-oceans-managed-kubernetes-without-a-load-balancer/55968709)) .
#### 1. Authenticate towards DO with your local `doctl`
You will need a DO token for that.
```bash
# without doctl context
$ doctl auth init
# with doctl new context to be filled in
$ doctl auth init --context <new-context-name>
```
You will need an API token, which you can generate in the control panel at <https://cloud.digitalocean.com/account/api/tokens> .
#### 2. Generate DO firewall
Get the `CLUSTER_UUID` value from the dashboard or from the ID column via `doctl kubernetes cluster list`:
```bash
# need to apply access token by `doctl auth init` before
$ doctl kubernetes cluster list
```
Fill in the `CLUSTER_UUID` and `your-domain`. The latter with hyphens `-` instead of dots `.`:
```bash
# without doctl context
$ doctl compute firewall create \
--inbound-rules="protocol:tcp,ports:80,address:0.0.0.0/0,address:::/0 protocol:tcp,ports:443,address:0.0.0.0/0,address:::/0" \
--tag-names=k8s:<CLUSTER_UUID> \
--name=<your-domain>-http-https
# with doctl context to be filled in
$ doctl compute firewall create \
--inbound-rules="protocol:tcp,ports:80,address:0.0.0.0/0,address:::/0 protocol:tcp,ports:443,address:0.0.0.0/0,address:::/0" \
--tag-names=k8s:<CLUSTER_UUID> \
--name=<your-domain>-http-https --context <context-name>
```
To get informations about your success use this command. (Fill in the `ID` you got at creation.):
```bash
# without doctl context
$ doctl compute firewall get <ID>
# with doctl context to be filled in
$ doctl compute firewall get <ID> --context <context-name>
```
### DNS
***TODO:** I thought this is necessary if we use the DigitalOcean DNS management service? See [Manage DNS With DigitalOcean](/deployment/kubernetes/DigitalOcean.md#manage-dns-with-digitalocean)*
This chart is only necessary (recommended is more precise) if you run DigitalOcean without load balancer.
You need to generate an access token with read + write for the `dns.values.yaml` at <https://cloud.digitalocean.com/account/api/tokens> and fill it in.
#### 1. Add Helm repository for `binami` and update
```bash
$ helm repo add bitnami https://charts.bitnami.com/bitnami
$ helm repo update
```
#### 2. Install DNS
```bash
# kubeconfig.yaml set globaly
$ helm install dns bitnami/external-dns -f dns.values.yaml
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml install dns bitnami/external-dns -f dns.values.yaml
```
### Ocelot.Social
***Attention:** Before installing your own ocelot.social network, you need to create a DockerHub (account and) organization, put its name in the `package.json` file, and push your deployment and rebranding code to GitHub so that GitHub Actions can push your Docker images to DockerHub. This is because Kubernetes will pull these images to create PODs from them.*
All commands for ocelot need to be executed in the kubernetes folder. Therefore `cd deployment/kubernetes/` is expected to be run before every command. Furthermore the given commands will install ocelot into the default namespace. This can be modified to by attaching `--namespace not.default`.
#### Install
Only run once for the first time of installation:
```bash
# kubeconfig.yaml set globaly
$ helm install ocelot ./
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml install ocelot ./
```
#### Upgrade & Update
Run for all upgrades and updates:
```bash
# kubeconfig.yaml set globaly
$ helm upgrade ocelot ./
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml upgrade ocelot ./
```
#### Rollback
Run for a rollback, in case something went wrong:
```bash
# kubeconfig.yaml set globaly
$ helm rollback ocelot
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml rollback ocelot
```
#### Uninstall
Be aware that if you uninstall ocelot the formerly bound volumes become unbound. Those volumes contain all data from uploads and database. You have to manually free their reference in order to bind them again when reinstalling. Once unbound from their former container references they should automatically be rebound (considering the sizes did not change)
```bash
# kubeconfig.yaml set globaly
$ helm uninstall ocelot
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml uninstall ocelot
```
## Backups
You can and should do [backups](/deployment/kubernetes/Backup.md) with Kubernetes for sure.
## Error Reporting
We use [Sentry](https://github.com/getsentry/sentry) for error reporting in both
our backend and web frontend. You can either use a hosted or a self-hosted
instance. Just set the two `DSN` in your
[configmap](../templates/configmap.template.yaml) and update the `COMMIT`
during a deployment with your commit or the version of your release.
### Self-hosted Sentry
For data privacy it is recommended to set up your own instance of sentry.
If you are lucky enough to have a kubernetes cluster with the required hardware
support, try this [helm chart](https://github.com/helm/charts/tree/master/stable/sentry).
On our kubernetes cluster we get "mult-attach" errors for persistent volumes.
Apparently DigitalOcean's kubernetes clusters do not fulfill the requirements.
## Kubernetes Commands (Without Helm) To Deploy New Docker Images To A Kubernetes Cluster
### Deploy A Version
```bash
# !!! be aware of the correct kube context !!!
$ kubectl config get-contexts
# deploy version '$BUILD_VERSION'
# !!! 'latest' is not recommended on production !!!
# for easyness set env
$ export BUILD_VERSION=1.0.8-48-ocelot.social1.0.8-184 # example
# check this with
$ echo $BUILD_VERSION
1.0.8-48-ocelot.social1.0.8-184
# deploy actual version '$BUILD_VERSION' to Kubernetes cluster
$ kubectl -n default set image deployment/ocelot-webapp container-ocelot-webapp=ocelotsocialnetwork/webapp:$BUILD_VERSION
$ kubectl -n default rollout restart deployment/ocelot-webapp
$ kubectl -n default set image deployment/ocelot-backend container-ocelot-backend=ocelotsocialnetwork/backend:$BUILD_VERSION
$ kubectl -n default rollout restart deployment/ocelot-backend
$ kubectl -n default set image deployment/ocelot-maintenance container-ocelot-maintenance=ocelotsocialnetwork/maintenance:$BUILD_VERSION
$ kubectl -n default rollout restart deployment/ocelot-maintenance
$ kubectl -n default set image deployment/ocelot-neo4j container-ocelot-neo4j=ocelotsocialnetwork/neo4j-community:$BUILD_VERSION
$ kubectl -n default rollout restart deployment/ocelot-neo4j
# verify deployment and wait for the pods of each deployment to get ready for cleaning and seeding of the database
$ kubectl -n default rollout status deployment/ocelot-webapp --timeout=240s
$ kubectl -n default rollout status deployment/ocelot-maintenance --timeout=240s
$ kubectl -n default rollout status deployment/ocelot-backend --timeout=240s
$ kubectl -n default rollout status deployment/ocelot-neo4j --timeout=240s
```
### Staging Clean And Seed Neo4j Database
***ATTENTION:*** Cleaning and seeding of our Neo4j database is only possible in production if env `PRODUCTION_DB_CLEAN_ALLOW=true` is set in our deployment.
```bash
# !!! be aware of the correct kube context !!!
$ kubectl config get-contexts
# reset and seed Neo4j database via backend for staging
$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-backend | awk '{ print $1 }') -- /bin/sh -c "node --experimental-repl-await dist/db/clean.js && node --experimental-repl-await dist/db/seed.js"
```

0
deployment/deployment/kubernetes/charts/.gitkeep Normal file
View File

0
deployment/deployment/kubernetes/crds/.gitkeep Normal file
View File

12
deployment/deployment/kubernetes/dns.values.template.yaml Normal file
View File

@ -0,0 +1,12 @@
# please duplicate template file and rename to "dns.values.yaml" and fill in your value
provider: digitalocean
digitalocean:
# create the API token at https://cloud.digitalocean.com/account/api/tokens
# needs read + write
apiToken: "TODO"
domainFilters:
# domains you want external-dns to be able to edit
- TODO.TODO
rbac:
create: true

13
deployment/deployment/kubernetes/nginx.values.template.yaml Normal file
View File

@ -0,0 +1,13 @@
# please duplicate template file and rename to "nginx.values.yaml" and fill in your value
controller:
kind: DaemonSet
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
ingressClass: nginx
daemonset:
useHostPort: true
service:
type: ClusterIP
rbac:
create: true

1
deployment/deployment/kubernetes/templates/NOTES.txt Normal file
View File

@ -0,0 +1 @@
You installed ocelot-social! Congrats <3

29
deployment/deployment/kubernetes/templates/backend/ConfigMap.yml Normal file
View File

@ -0,0 +1,29 @@
kind: ConfigMap
apiVersion: v1
metadata:
name: configmap-{{ .Release.Name }}-backend
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "configmap-backend"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
data:
PRODUCTION_DB_CLEAN_ALLOW: "{{ .Values.PRODUCTION_DB_CLEAN_ALLOW }}"
PUBLIC_REGISTRATION: "{{ .Values.PUBLIC_REGISTRATION }}"
INVITE_REGISTRATION: "{{ .Values.INVITE_REGISTRATION }}"
CATEGORIES_ACTIVE: "{{ .Values.CATEGORIES_ACTIVE }}"
CLIENT_URI: "{{ .Values.BACKEND.CLIENT_URI }}"
EMAIL_DEFAULT_SENDER: "{{ .Values.BACKEND.EMAIL_DEFAULT_SENDER }}"
SMTP_HOST: "{{ .Values.BACKEND.SMTP_HOST }}"
SMTP_PORT: "{{ .Values.BACKEND.SMTP_PORT }}"
SMTP_IGNORE_TLS: "{{ .Values.BACKEND.SMTP_IGNORE_TLS }}"
SMTP_SECURE: "{{ .Values.BACKEND.SMTP_SECURE }}"
GRAPHQL_URI: "http://{{ .Release.Name }}-backend:4000"
NEO4J_URI: "bolt://{{ .Release.Name }}-neo4j:7687"
#REDIS_DOMAIN: ---toBeSet(IP)---
#REDIS_PORT: "6379"
#SENTRY_DSN_WEBAPP: "---toBeSet---"
#SENTRY_DSN_BACKEND: "---toBeSet---"

57
deployment/deployment/kubernetes/templates/backend/Deployment.yaml Normal file
View File

@ -0,0 +1,57 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Release.Name }}-backend
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "deployment-backend"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
replicas: 1
minReadySeconds: {{ .Values.BACKEND.MIN_READY_SECONDS }}
progressDeadlineSeconds: {{ .Values.BACKEND.PROGRESS_DEADLINE_SECONDS }}
revisionHistoryLimit: {{ .Values.BACKEND.REVISIONS_HISTORY_LIMIT }}
strategy:
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: {{ .Release.Name }}-backend
template:
metadata:
annotations:
backup.velero.io/backup-volumes: uploads
# make sure the pod is redeployed
rollme: {{ randAlphaNum 5 | quote }}
labels:
app: {{ .Release.Name }}-backend
spec:
containers:
- name: container-{{ .Release.Name }}-backend
image: "{{ .Values.BACKEND.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.BACKEND.DOCKER_IMAGE_PULL_POLICY }}
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-backend
- secretRef:
name: secret-{{ .Release.Name }}-backend
ports:
- containerPort: 4000
protocol: TCP
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /app/public/uploads
name: uploads
dnsPolicy: ClusterFirst
schedulerName: default-scheduler
restartPolicy: {{ .Values.BACKEND.CONTAINER_RESTART_POLICY }}
terminationGracePeriodSeconds: {{ .Values.BACKEND.CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS }}
volumes:
- name: uploads
persistentVolumeClaim:
claimName: volume-claim-{{ .Release.Name }}-uploads

24
deployment/deployment/kubernetes/templates/backend/PersistentVolumeClaim.yaml Normal file
View File

@ -0,0 +1,24 @@
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: volume-claim-{{ .Release.Name }}-uploads
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "volume-claim-backend"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
#dataSource:
# name: uploads-snapshot
# kind: VolumeSnapshot
# apiGroup: snapshot.storage.k8s.io
storageClassName: storage-{{ .Release.Name }}-persistent
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.BACKEND.STORAGE_UPLOADS }}

21
deployment/deployment/kubernetes/templates/backend/Secret.yaml Normal file
View File

@ -0,0 +1,21 @@
kind: Secret
apiVersion: v1
metadata:
name: secret-{{ .Release.Name }}-backend
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "secret-backend"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
stringData:
JWT_SECRET: "{{ .Values.BACKEND.JWT_SECRET }}"
MAPBOX_TOKEN: "{{ .Values.BACKEND.MAPBOX_TOKEN }}"
PRIVATE_KEY_PASSPHRASE: "{{ .Values.BACKEND.PRIVATE_KEY_PASSPHRASE }}"
SMTP_USERNAME: "{{ .Values.BACKEND.SMTP_USERNAME }}"
SMTP_PASSWORD: "{{ .Values.BACKEND.SMTP_PASSWORD }}"
#NEO4J_USERNAME: ""
#NEO4J_PASSWORD: ""
#REDIS_PASSWORD: ---toBeSet---

20
deployment/deployment/kubernetes/templates/backend/Service.yaml Normal file
View File

@ -0,0 +1,20 @@
kind: Service
apiVersion: v1
metadata:
name: {{ .Release.Name }}-backend
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "service-backend"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
ports:
- name: {{ .Release.Name }}-graphql
port: 4000
targetPort: 4000
protocol: TCP
selector:
app: {{ .Release.Name }}-backend

22
deployment/deployment/kubernetes/templates/issuer/letsencrypt-production.yaml Normal file
View File

@ -0,0 +1,22 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-production
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "letsencrypt-production"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: {{ .Values.LETSENCRYPT.EMAIL }}
privateKeySecretRef:
name: letsencrypt-production
solvers:
- http01:
ingress:
class: nginx

22
deployment/deployment/kubernetes/templates/issuer/letsencrypt-staging.yaml Normal file
View File

@ -0,0 +1,22 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "letsencrypt-staging"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory
email: {{ .Values.LETSENCRYPT.EMAIL }}
privateKeySecretRef:
name: letsencrypt-staging
solvers:
- http01:
ingress:
class: nginx

29
deployment/deployment/kubernetes/templates/jobs/job-db-init.yaml Normal file
View File

@ -0,0 +1,29 @@
kind: Job
apiVersion: batch/v1
metadata:
name: job-{{ .Release.Name }}-db-init
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "job-db-init"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
annotations:
"helm.sh/hook": post-install
"helm.sh/hook-delete-policy": hook-succeeded, hook-failed
"helm.sh/hook-weight": "0"
spec:
template:
spec:
restartPolicy: Never
containers:
- name: job-{{ .Release.Name }}-db-init
image: "{{ .Values.BACKEND.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
command: ["/bin/sh", "-c", "yarn prod:migrate init"]
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-backend
- secretRef:
name: secret-{{ .Release.Name }}-backend

29
deployment/deployment/kubernetes/templates/jobs/job-db-migrate.yaml Normal file
View File

@ -0,0 +1,29 @@
kind: Job
apiVersion: batch/v1
metadata:
name: job-{{ .Release.Name }}-db-migrate
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "job-db-migrate"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
annotations:
"helm.sh/hook": post-install, post-upgrade
"helm.sh/hook-delete-policy": hook-succeeded, hook-failed
"helm.sh/hook-weight": "5"
spec:
template:
spec:
restartPolicy: Never
containers:
- name: job-{{ .Release.Name }}-db-migrations
image: "{{ .Values.BACKEND.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
command: ["/bin/sh", "-c", "yarn prod:migrate up"]
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-backend
- secretRef:
name: secret-{{ .Release.Name }}-backend

14
deployment/deployment/kubernetes/templates/maintenance/ConfigMap.yml Normal file
View File

@ -0,0 +1,14 @@
kind: ConfigMap
apiVersion: v1
metadata:
name: configmap-{{ .Release.Name }}-maintenance
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "configmap-maintenance"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
data:
HOST: "0.0.0.0"

40
deployment/deployment/kubernetes/templates/maintenance/Deployment.yaml Normal file
View File

@ -0,0 +1,40 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Release.Name }}-maintenance
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "deployment-maintenance"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
revisionHistoryLimit: {{ .Values.MAINTENANCE.REVISIONS_HISTORY_LIMIT }}
strategy:
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: {{ .Release.Name }}-maintenance
template:
metadata:
labels:
app: {{ .Release.Name }}-maintenance
# make sure the pod is redeployed
rollme: {{ randAlphaNum 5 | quote }}
spec:
containers:
- name: container-{{ .Release.Name }}-maintenance
image: "{{ .Values.MAINTENANCE.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.MAINTENANCE.DOCKER_IMAGE_PULL_POLICY }}
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-webapp
- secretRef:
name: secret-{{ .Release.Name }}-webapp
ports:
- containerPort: 80
restartPolicy: {{ .Values.MAINTENANCE.CONTAINER_RESTART_POLICY }}
terminationGracePeriodSeconds: {{ .Values.MAINTENANCE.CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS }}

13
deployment/deployment/kubernetes/templates/maintenance/Secret.yaml Normal file
View File

@ -0,0 +1,13 @@
kind: Secret
apiVersion: v1
metadata:
name: secret-{{ .Release.Name }}-maintenance
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "secret-maintenance"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
stringData:

20
deployment/deployment/kubernetes/templates/maintenance/Service.yaml Normal file
View File

@ -0,0 +1,20 @@
kind: Service
apiVersion: v1
metadata:
name: {{ .Release.Name }}-maintenance
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "service-maintenance"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
ports:
- name: {{ .Release.Name }}-http
port: 80
targetPort: 80
protocol: TCP
selector:
app: {{ .Release.Name }}-maintenance

21
deployment/deployment/kubernetes/templates/neo4j/ConfigMap.yml Normal file
View File

@ -0,0 +1,21 @@
kind: ConfigMap
apiVersion: v1
metadata:
name: configmap-{{ .Release.Name }}-neo4j
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "configmap-neo4j"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
data:
NEO4J_ACCEPT_LICENSE_AGREEMENT: "{{ .Values.NEO4J.ACCEPT_LICENSE_AGREEMENT }}"
NEO4J_AUTH: "{{ .Values.NEO4J.AUTH }}"
NEO4J_dbms_connector_bolt_thread__pool__max__size: "{{ .Values.NEO4J.DBMS_CONNECTOR_BOLT_THREAD_POOL_MAX_SIZE }}"
NEO4J_dbms_memory_heap_initial__size: "{{ .Values.NEO4J.DBMS_MEMORY_HEAP_INITIAL_SIZE }}"
NEO4J_dbms_memory_heap_max__size: "{{ .Values.NEO4J.DBMS_MEMORY_HEAP_MAX_SIZE }}"
NEO4J_dbms_memory_pagecache_size: "{{ .Values.NEO4J.DBMS_MEMORY_PAGECACHE_SIZE }}"
NEO4J_dbms_security_procedures_unrestricted: "{{ .Values.NEO4J.DBMS_SECURITY_PROCEDURES_UNRESTRICTED }}"
NEO4J_apoc_import_file_enabled: "{{ .Values.NEO4J.APOC_IMPORT_FILE_ENABLED }}"

57
deployment/deployment/kubernetes/templates/neo4j/Deployment.yaml Normal file
View File

@ -0,0 +1,57 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-neo4j
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "deployment-neo4j"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
replicas: 1
revisionHistoryLimit: {{ .Values.NEO4J.REVISIONS_HISTORY_LIMIT }}
strategy:
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: {{ .Release.Name }}-neo4j
template:
metadata:
name: neo4j
annotations:
backup.velero.io/backup-volumes: neo4j-data
# make sure the pod is redeployed
rollme: {{ randAlphaNum 5 | quote }}
labels:
app: {{ .Release.Name }}-neo4j
spec:
containers:
- name: container-{{ .Release.Name }}-neo4j
image: "{{ .Values.NEO4J.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.NEO4J.DOCKER_IMAGE_PULL_POLICY }}
ports:
- containerPort: 7687
- containerPort: 7474
resources:
requests:
memory: {{ .Values.NEO4J.RESOURCE_REQUESTS_MEMORY | default "1G" | quote }}
limits:
memory: {{ .Values.NEO4J.RESOURCE_LIMITS_MEMORY | default "1G" | quote }}
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-neo4j
- secretRef:
name: secret-{{ .Release.Name }}-neo4j
volumeMounts:
- mountPath: /data/
name: neo4j-data
volumes:
- name: neo4j-data
persistentVolumeClaim:
claimName: volume-claim-{{ .Release.Name }}-neo4j
restartPolicy: {{ .Values.NEO4J.CONTAINER_RESTART_POLICY }}
terminationGracePeriodSeconds: {{ .Values.NEO4J.CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS }}

19
deployment/deployment/kubernetes/templates/neo4j/PersistentVolumeClaim.yaml Normal file
View File

@ -0,0 +1,19 @@
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: volume-claim-{{ .Release.Name }}-neo4j
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "volume-claim-neo4j"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
storageClassName: storage-{{ .Release.Name }}-persistent
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.NEO4J.STORAGE }}

15
deployment/deployment/kubernetes/templates/neo4j/Secret.yaml Normal file
View File

@ -0,0 +1,15 @@
kind: Secret
apiVersion: v1
metadata:
name: secret-{{ .Release.Name }}-neo4j
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "secret-neo4j"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
stringData:
NEO4J_USERNAME: ""
NEO4J_PASSWORD: ""

23
deployment/deployment/kubernetes/templates/neo4j/Service.yaml Normal file
View File

@ -0,0 +1,23 @@
kind: Service
apiVersion: v1
metadata:
name: {{ .Release.Name }}-neo4j
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "service-neo4j"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
ports:
- name: {{ .Release.Name }}-bolt
port: 7687
targetPort: 7687
protocol: TCP
#- name: {{ .Release.Name }}-http
# port: 7474
# targetPort: 7474
selector:
app: {{ .Release.Name }}-neo4j

16
deployment/deployment/kubernetes/templates/storage/persistent.yml Normal file
View File

@ -0,0 +1,16 @@
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: storage-{{ .Release.Name }}-persistent
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "storage-persistent"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
provisioner: {{ .Values.STORAGE.PROVISIONER }}
reclaimPolicy: {{ .Values.STORAGE.RECLAIM_POLICY }}
volumeBindingMode: {{ .Values.STORAGE.VOLUME_BINDING_MODE }}
allowVolumeExpansion: {{ .Values.STORAGE.ALLOW_VOLUME_EXPANSION }}

20
deployment/deployment/kubernetes/templates/webapp/ConfigMap.yml Normal file
View File

@ -0,0 +1,20 @@
kind: ConfigMap
apiVersion: v1
metadata:
name: configmap-{{ .Release.Name }}-webapp
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "configmap-webapp"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
data:
HOST: "0.0.0.0"
PUBLIC_REGISTRATION: "{{ .Values.PUBLIC_REGISTRATION }}"
INVITE_REGISTRATION: "{{ .Values.INVITE_REGISTRATION }}"
CATEGORIES_ACTIVE: "{{ .Values.CATEGORIES_ACTIVE }}"
COOKIE_EXPIRE_TIME: "{{ .Values.COOKIE_EXPIRE_TIME }}"
WEBSOCKETS_URI: "{{ .Values.WEBAPP.WEBSOCKETS_URI }}"
GRAPHQL_URI: "http://{{ .Release.Name }}-backend:4000"

44
deployment/deployment/kubernetes/templates/webapp/Deployment.yaml Normal file
View File

@ -0,0 +1,44 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Release.Name }}-webapp
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "deployment-webapp"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
replicas: {{ .Values.WEBAPP.REPLICAS }}
minReadySeconds: {{ .Values.WEBAPP.MIN_READY_SECONDS }}
progressDeadlineSeconds: {{ .Values.WEBAPP.PROGRESS_DEADLINE_SECONDS }}
revisionHistoryLimit: {{ .Values.WEBAPP.REVISIONS_HISTORY_LIMIT }}
strategy:
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: {{ .Release.Name }}-webapp
template:
metadata:
annotations:
# make sure the pod is redeployed
rollme: {{ randAlphaNum 5 | quote }}
labels:
app: {{ .Release.Name }}-webapp
spec:
containers:
- name: container-{{ .Release.Name }}-webapp
image: "{{ .Values.WEBAPP.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.WEBAPP.DOCKER_IMAGE_PULL_POLICY }}
ports:
- containerPort: 3000
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-webapp
- secretRef:
name: secret-{{ .Release.Name }}-webapp
restartPolicy: {{ .Values.WEBAPP.CONTAINER_RESTART_POLICY }}
terminationGracePeriodSeconds: {{ .Values.WEBAPP.CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS }}

36
deployment/deployment/kubernetes/templates/webapp/Ingress.yaml Normal file
View File

@ -0,0 +1,36 @@
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: ingress-{{ .Release.Name }}-webapp
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "ingress-webapp"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
annotations:
kubernetes.io/ingress.class: "nginx"
cert-manager.io/cluster-issuer: {{ .Values.LETSENCRYPT.ISSUER }}
nginx.ingress.kubernetes.io/proxy-body-size: {{ .Values.NGINX.PROXY_BODY_SIZE }}
spec:
tls:
- hosts:
{{- range .Values.LETSENCRYPT.DOMAINS }}
- {{ . }}
{{- end }}
secretName: tls
rules:
{{- range .Values.LETSENCRYPT.DOMAINS }}
- host: {{ . }}
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: {{ $.Release.Name }}-webapp
port:
number: 3000
{{- end }}

13
deployment/deployment/kubernetes/templates/webapp/Secret.yaml Normal file
View File

@ -0,0 +1,13 @@
kind: Secret
apiVersion: v1
metadata:
name: secret-{{ .Release.Name }}-webapp
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "secret-webapp"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
stringData:

20
deployment/deployment/kubernetes/templates/webapp/Service.yaml Normal file
View File

@ -0,0 +1,20 @@
kind: Service
apiVersion: v1
metadata:
name: {{ .Release.Name }}-webapp
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "service-webapp"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
ports:
- name: {{ .Release.Name }}-http
port: 3000
targetPort: 3000
protocol: TCP
selector:
app: {{ .Release.Name }}-webapp

120
deployment/deployment/kubernetes/values.template.yaml Normal file
View File

@ -0,0 +1,120 @@
# please duplicate template file and rename to "values.yaml" and fill in your value
# change all the below if needed
PRODUCTION_DB_CLEAN_ALLOW: false # only true for production environments on staging servers
PUBLIC_REGISTRATION: false
INVITE_REGISTRATION: false
COOKIE_EXPIRE_TIME: 730 # days (730 days, two years is the default in main code)
CATEGORIES_ACTIVE: false
BACKEND:
# change all the below if needed
# DOCKER_IMAGE_REPO - change that to your branded docker image
# label is appended based on .Chart.appVersion
DOCKER_IMAGE_REPO: "ocelotsocialnetwork/backend-branded"
CLIENT_URI: "https://staging.ocelot.social"
# create a new one for your network
JWT_SECRET: "b/&&7b78BF&fv/Vd"
MAPBOX_TOKEN: "pk.eyJ1IjoiYnVzZmFrdG9yIiwiYSI6ImNraDNiM3JxcDBhaWQydG1uczhpZWtpOW4ifQ.7TNRTO-o9aK1Y6MyW_Nd4g"
PRIVATE_KEY_PASSPHRASE: "a7dsf78sadg87ad87sfagsadg78"
# ocelot.social mail dummy
EMAIL_DEFAULT_SENDER: "devops@ocelot.social"
SMTP_HOST: "mail.ocelot.social"
SMTP_USERNAME: "devops@ocelot.social"
SMTP_PASSWORD: "devops@ocelot.social"
SMTP_PORT: "587"
SMTP_IGNORE_TLS: 'false'
SMTP_SECURE: 'false' # true for 465, false for other ports
# or
# SMTP_PORT: "465"
# SMTP_IGNORE_TLS: 'true'
# SMTP_SECURE: 'true' # true for 465, false for other ports
# most likely you don't need to change this
MIN_READY_SECONDS: "15"
PROGRESS_DEADLINE_SECONDS: "60"
REVISIONS_HISTORY_LIMIT: "25"
CONTAINER_RESTART_POLICY: "Always"
CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS: "30"
DOCKER_IMAGE_PULL_POLICY: "Always"
STORAGE_UPLOADS: "25Gi"
WEBAPP:
# change all the below if needed
# DOCKER_IMAGE_REPO - change that to your branded docker image
# label is appended based on .Chart.appVersion
DOCKER_IMAGE_REPO: "ocelotsocialnetwork/webapp-branded"
WEBSOCKETS_URI: "wss://staging.ocelot.social/api/graphql"
# Most likely you don't need to change this
REPLICAS: "2"
MIN_READY_SECONDS: "15"
PROGRESS_DEADLINE_SECONDS: "60"
REVISIONS_HISTORY_LIMIT: "25"
CONTAINER_RESTART_POLICY: "Always"
CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS: "30"
DOCKER_IMAGE_PULL_POLICY: "Always"
NEO4J:
# most likely you don't need to change this
REVISIONS_HISTORY_LIMIT: "25"
DOCKER_IMAGE_REPO: "ocelotsocialnetwork/neo4j-community-branded"
DOCKER_IMAGE_PULL_POLICY: "Always"
CONTAINER_RESTART_POLICY: "Always"
CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS: "30"
STORAGE: "5Gi"
# RESOURCE_REQUESTS_MEMORY configures the memory available for requests.
RESOURCE_REQUESTS_MEMORY: "2G"
# RESOURCE_LIMITS_MEMORY configures the memory limits available.
RESOURCE_LIMITS_MEMORY: "4G"
# required for Neo4j Enterprice version
#ACCEPT_LICENSE_AGREEMENT: "yes"
ACCEPT_LICENSE_AGREEMENT: "no"
AUTH: "none"
#DBMS_CONNECTOR_BOLT_THREAD_POOL_MAX_SIZE: "10000" # hc value
DBMS_CONNECTOR_BOLT_THREAD_POOL_MAX_SIZE: "400" # default value
#DBMS_MEMORY_HEAP_INITIAL_SIZE: "500MB" # HC value
DBMS_MEMORY_HEAP_INITIAL_SIZE: "" # default
#DBMS_MEMORY_HEAP_MAX_SIZE: "500MB" # HC value
DBMS_MEMORY_HEAP_MAX_SIZE: "" # default
#DBMS_MEMORY_PAGECACHE_SIZE: "490M" # HC value
DBMS_MEMORY_PAGECACHE_SIZE: "" # default
#APOC_IMPORT_FILE_ENABLED: "true" # HC value
APOC_IMPORT_FILE_ENABLED: "false" # default
DBMS_SECURITY_PROCEDURES_UNRESTRICTED: "algo.*,apoc.*"
MAINTENANCE:
# change all the below if needed
# DOCKER_IMAGE_REPO - change that to your branded docker image
# label is appended based on .Chart.appVersion
DOCKER_IMAGE_REPO: "ocelotsocialnetwork/maintenance-branded"
# Most likely you don't need to change this
REVISIONS_HISTORY_LIMIT: "25"
CONTAINER_RESTART_POLICY: "Always"
CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS: "30"
DOCKER_IMAGE_PULL_POLICY: "Always"
LETSENCRYPT:
# change all the below if needed
# ISSUER is used by cert-manager to set up certificates with the given provider.
# change it to "letsencrypt-production" once you are ready to have valid cetrificates.
# Be aware that the is an issuing limit with letsencrypt, so a dry run with staging might be wise
ISSUER: "letsencrypt-staging"
EMAIL: "devops@ocelot.social"
DOMAINS:
- "staging.ocelot.social"
- "www.staging.ocelot.social"
NGINX:
# most likely you don't need to change this
PROXY_BODY_SIZE: "10m"
STORAGE:
# change all the below if needed
PROVISIONER: "dobs.csi.digitalocean.com"
# most likely you don't need to change this
RECLAIM_POLICY: "Retain"
VOLUME_BINDING_MODE: "Immediate"
ALLOW_VOLUME_EXPANSION: true

45
deployment/deployment/old/Maintenance.md Normal file
View File

@ -0,0 +1,45 @@
# Maintenance mode
> Despite our best efforts, systems sometimes require downtime for a variety of reasons.
Quote from [here](https://www.nrmitchi.com/2017/11/easy-maintenance-mode-in-kubernetes/)
We use our maintenance mode for manual database backup and restore. Also we
bring the database into maintenance mode for manual database migrations.
## Deploy the service
We prepared sample configuration, so you can simply run:
```sh
# in folder deployment/
$ kubectl apply -f ./ocelot-social/maintenance/
```
This will fire up a maintenance service.
## Bring application into maintenance mode
Now if you want to have a controlled downtime and you want to bring your
application into maintenance mode, you can edit your global ingress server.
E.g. copy file [`deployment/digital-ocean/https/templates/ingress.template.yaml`](../../digital-ocean/https/templates/ingress.template.yaml) to new file `deployment/digital-ocean/https/ingress.yaml` and change the following:
```yaml
...
- host: develop-k8s.ocelot.social
http:
paths:
- path: /
backend:
# serviceName: web
serviceName: maintenance
# servicePort: 3000
servicePort: 80
```
Then run `$ kubectl apply -f deployment/digital-ocean/https/ingress.yaml`. If you
want to deactivate the maintenance server, just undo the edit and apply the
configuration again.

39
deployment/deployment/old/digital-ocean/README.md Normal file
View File

@ -0,0 +1,39 @@
# DigitalOcean
As a start, read the [introduction into Kubernetes](https://www.digitalocean.com/community/tutorials/an-introduction-to-kubernetes) by the folks at DigitalOcean. The following section should enable you to deploy ocelot.social to your Kubernetes cluster.
## Connect to your local cluster
1. Create a cluster at [DigitalOcean](https://www.digitalocean.com/).
2. Download the `***-kubeconfig.yaml` from the Web UI.
3. Move the file to the default location where kubectl expects it to be: `mv ***-kubeconfig.yaml ~/.kube/config`. Alternatively you can set the config on every command: `--kubeconfig ***-kubeconfig.yaml`
4. Now check if you can connect to the cluster and if its your newly created one by running: `kubectl get nodes`
The output should look about like this:
```sh
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
nifty-driscoll-uu1w Ready <none> 69d v1.13.2
nifty-driscoll-uuiw Ready <none> 69d v1.13.2
nifty-driscoll-uusn Ready <none> 69d v1.13.2
```
If you got the steps right above and see your nodes you can continue.
DigitalOcean Kubernetes clusters don't have a graphical interface, so I suggest
to setup the [Kubernetes dashboard](./dashboard/README.md) as a next step.
Configuring [HTTPS](./https/README.md) is bit tricky and therefore I suggest to
do this as a last step.
## Spaces
We are storing our images in the s3-compatible [DigitalOcean Spaces](https://www.digitalocean.com/docs/spaces/).
We still want to take backups of our images in case something happens to the images in the cloud. See these [instructions](https://www.digitalocean.com/docs/spaces/resources/s3cmd-usage/) about getting set up with `s3cmd` to take a copy of all images in a `Spaces` namespace, i.e. `ocelot-social-uploads`.
After configuring `s3cmd` with your credentials, etc. you should be able to make a backup with this command.
```sh
s3cmg get --recursive --skip-existing s3://ocelot-social-uploads
```

55
deployment/deployment/old/digital-ocean/dashboard/README.md Normal file
View File

@ -0,0 +1,55 @@
# Install Kubernetes Dashboard
The kubernetes dashboard is optional but very helpful for debugging. If you want to install it, you have to do so only **once** per cluster:
```bash
# in folder deployment/digital-ocean/
$ kubectl apply -f dashboard/
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml
```
### Login to your dashboard
Proxy the remote kubernetes dashboard to localhost:
```bash
$ kubectl proxy
```
Visit:
[http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/](http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/)
You should see a login screen.
To get your token for the dashboard you can run this command:
```bash
$ kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
```
It should print something like:
```text
Name: admin-user-token-6gl6l
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name=admin-user
kubernetes.io/service-account.uid=b16afba9-dfec-11e7-bbb9-901b0e532516
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTZnbDZsIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJiMTZhZmJhOS1kZmVjLTExZTctYmJiOS05MDFiMGU1MzI1MTYiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.M70CU3lbu3PP4OjhFms8PVL5pQKj-jj4RNSLA4YmQfTXpPUuxqXjiTf094_Rzr0fgN_IVX6gC4fiNUL5ynx9KU-lkPfk0HnX8scxfJNzypL039mpGt0bbe1IXKSIRaq_9VW59Xz-yBUhycYcKPO9RM2Qa1Ax29nqNVko4vLn1_1wPqJ6XSq3GYI8anTzV8Fku4jasUwjrws6Cn6_sPEGmL54sq5R4Z5afUtv-mItTmqZZdxnkRqcJLlg2Y8WbCPogErbsaCDJoABQ7ppaqHetwfM_0yMun6ABOQbIwwl8pspJhpplKwyo700OSpvTT9zlBsu-b35lzXGBRHzv5g_RA
```
Grab the token from above and paste it into the [login screen](http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/)
When you are logged in, you should see sth. like:
![Dashboard](./dashboard-screenshot.png)
Feel free to save the login token from above in your password manager. Unlike the `kubeconfig` file, this token does not expire.

5
deployment/deployment/old/digital-ocean/dashboard/admin-user.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system

BIN
deployment/deployment/old/digital-ocean/dashboard/dashboard-screenshot.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 178 KiB

12
deployment/deployment/old/digital-ocean/dashboard/role-binding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system

126
deployment/deployment/old/digital-ocean/https/README.md Normal file
View File

@ -0,0 +1,126 @@
## Create Letsencrypt Issuers and Ingress Services
Copy the configuration templates and change the file according to your needs.
```bash
# in folder deployment/digital-ocean/https/
cp templates/issuer.template.yaml ./issuer.yaml
cp templates/ingress.template.yaml ./ingress.yaml
```
At least, **change email addresses** in `issuer.yaml`. For sure you also want
to _change the domain name_ in `ingress.yaml`.
Once you are done, apply the configuration:
```bash
# in folder deployment/digital-ocean/https/
$ kubectl apply -f .
```
{% hint style="info" %}
CAUTION: It seems that the behaviour of DigitalOcean has changed and the load balancer is not created automatically anymore.
And to create a load balancer costs money. Please refine the following documentation if required.
{% endhint %}
{% tabs %}
{% tab title="Without Load Balancer" %}
A solution without a load balance you can find [here](../no-loadbalancer/README.md).
{% endtab %}
{% tab title="With DigitalOcean Load Balancer" %}
{% hint style="info" %}
CAUTION: It seems that the behaviour of DigitalOcean has changed and the load balancer is not created automatically anymore.
Please refine the following documentation if required.
{% endhint %}
In earlier days by now, your cluster should have a load balancer assigned with an external IP
address. On DigitalOcean, this is how it should look like:
![Screenshot of DigitalOcean dashboard showing external ip address](./ip-address.png)
If the load balancer isn't created automatically you have to create it your self on DigitalOcean under Networks.
In case you don't need a DigitalOcean load balancer (which costs money by the way) have a look in the tab `Without Load Balancer`.
{% endtab %}
{% endtabs %}
Check the ingress server is working correctly:
```bash
$ curl -kivL -H 'Host: <DOMAIN_NAME>' 'https://<IP_ADDRESS>'
<page HTML>
```
If the response looks good, configure your domain registrar for the new IP address and the domain.
Now let's get a valid HTTPS certificate. According to the tutorial above, check your tls certificate for staging:
```bash
$ kubectl -n ocelot-social describe certificate tls
<
...
Spec:
...
Issuer Ref:
Group: cert-manager.io
Kind: ClusterIssuer
Name: letsencrypt-staging
...
Events:
<no errors>
>
$ kubectl -n ocelot-social describe secret tls
<
...
Annotations: ...
cert-manager.io/issuer-kind: ClusterIssuer
cert-manager.io/issuer-name: letsencrypt-staging
...
>
```
If everything looks good, update the cluster-issuer of your ingress. Change the annotation `cert-manager.io/cluster-issuer` from `letsencrypt-staging` (for testing by getting a dummy certificate no blocking by letsencrypt, because of to many request cycles) to `letsencrypt-prod` (for production with a real certificate possible blocking by letsencrypt for several days, because of to many request cycles) in your ingress configuration in `ingress.yaml`.
```bash
# in folder deployment/digital-ocean/https/
$ kubectl apply -f ingress.yaml
```
Take a minute and have a look if the certificate is now newly generated by `letsencrypt-prod`, the cluster-issuer for production:
```bash
$ kubectl -n ocelot-social describe certificate tls
<
...
Spec:
...
Issuer Ref:
Group: cert-manager.io
Kind: ClusterIssuer
Name: letsencrypt-prod
...
Events:
<no errors>
>
$ kubectl -n ocelot-social describe secret tls
<
...
Annotations: ...
cert-manager.io/issuer-kind: ClusterIssuer
cert-manager.io/issuer-name: letsencrypt-prod
...
>
```
In case the certificate is not newly created delete the former secret to force a refresh:
```bash
$ kubectl -n ocelot-social delete secret tls
```
Now, HTTPS should be configured on your domain. Congrats!
For troubleshooting have a look at the cert-manager's [Troubleshooting](https://cert-manager.io/docs/faq/troubleshooting/) or [Troubleshooting Issuing ACME Certificates](https://cert-manager.io/docs/faq/acme/).

BIN
deployment/deployment/old/digital-ocean/https/ip-address.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 141 KiB

85
deployment/deployment/old/legacy-migration/README.md Normal file
View File

@ -0,0 +1,85 @@
# Legacy data migration
This setup is **completely optional** and only required if you have data on a
server which is running our legacy code and you want to import that data. It
will import the uploads folder and migrate a dump of the legacy Mongo database
into our new Neo4J graph database.
## Configure Maintenance-Worker Pod
Create a configmap with the specific connection data of your legacy server:
```bash
$ kubectl create configmap maintenance-worker \
-n ocelot-social \
--from-literal=SSH_USERNAME=someuser \
--from-literal=SSH_HOST=yourhost \
--from-literal=MONGODB_USERNAME=hc-api \
--from-literal=MONGODB_PASSWORD=secretpassword \
--from-literal=MONGODB_AUTH_DB=hc_api \
--from-literal=MONGODB_DATABASE=hc_api \
--from-literal=UPLOADS_DIRECTORY=/var/www/api/uploads
```
Create a secret with your public and private ssh keys. As the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/secret/#use-case-pod-with-ssh-keys) points out, you should be careful with your ssh keys. Anyone with access to your cluster will have access to your ssh keys. Better create a new pair with `ssh-keygen` and copy the public key to your legacy server with `ssh-copy-id`:
```bash
$ kubectl create secret generic ssh-keys \
-n ocelot-social \
--from-file=id_rsa=/path/to/.ssh/id_rsa \
--from-file=id_rsa.pub=/path/to/.ssh/id_rsa.pub \
--from-file=known_hosts=/path/to/.ssh/known_hosts
```
## Deploy a Temporary Maintenance-Worker Pod
Bring the application into maintenance mode.
{% hint style="info" %} TODO: implement maintenance mode {% endhint %}
Then temporarily delete backend and database deployments
```bash
$ kubectl -n ocelot-social get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
backend 1/1 1 1 3d11h
neo4j 1/1 1 1 3d11h
webapp 2/2 2 2 73d
$ kubectl -n ocelot-social delete deployment neo4j
deployment.extensions "neo4j" deleted
$ kubectl -n ocelot-social delete deployment backend
deployment.extensions "backend" deleted
```
Deploy one-time develop-maintenance-worker pod:
```bash
# in deployment/legacy-migration/
$ kubectl apply -f maintenance-worker.yaml
pod/develop-maintenance-worker created
```
Import legacy database and uploads:
```bash
$ kubectl -n ocelot-social exec -it develop-maintenance-worker bash
$ import_legacy_db
$ import_legacy_uploads
$ exit
```
Delete the pod when you're done:
```bash
$ kubectl -n ocelot-social delete pod develop-maintenance-worker
```
Oh, and of course you have to get those deleted deployments back. One way of
doing it would be:
```bash
# in folder deployment/
$ kubectl apply -f human-connection/deployment-backend.yaml -f human-connection/deployment-neo4j.yaml
```

40
deployment/deployment/old/legacy-migration/maintenance-worker.yaml Normal file
View File

@ -0,0 +1,40 @@
---
kind: Pod
apiVersion: v1
metadata:
name: develop-maintenance-worker
namespace: ocelot-social
spec:
containers:
- name: develop-maintenance-worker
image: ocelotsocialnetwork/develop-maintenance-worker:latest
imagePullPolicy: Always
resources:
requests:
memory: "2G"
limits:
memory: "8G"
envFrom:
- configMapRef:
name: maintenance-worker
- configMapRef:
name: configmap
volumeMounts:
- name: secret-volume
readOnly: false
mountPath: /root/.ssh
- name: uploads
mountPath: /uploads
- name: neo4j-data
mountPath: /data/
volumes:
- name: secret-volume
secret:
secretName: ssh-keys
defaultMode: 0400
- name: uploads
persistentVolumeClaim:
claimName: uploads-claim
- name: neo4j-data
persistentVolumeClaim:
claimName: neo4j-data-claim

Some files were not shown because too many files have changed in this diff Show More