ocelot-Social-Community/Ocelot-Social
1
0
Fork 0
mirror of https://github.com/Ocelot-Social-Community/Ocelot-Social.git synced 2025-12-13 07:46:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5975 from Ocelot-Social-Community/deployment

Browse Source 
refactor(other): deployment
This commit is contained in:
Ulf Gebhardt 2023-02-23 22:08:34 +01:00 committed by GitHub
commit e045bc96f9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
176 changed files with 7955 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
.github/workflows/publish-branded.yml vendored Normal file
View File

@ -0,0 +1,85 @@
name: ocelot.social publish branded CI
on:
push:
branches:
- master
jobs:
build_branded:
name: Docker Build Branded
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Build branded images
run: |
deployment/scripts/branded-images.build.sh
docker save "ocelotsocialnetwork/backend-branded" > /tmp/backend-branded.tar
docker save "ocelotsocialnetwork/webapp-branded" > /tmp/webapp-branded.tar
docker save "ocelotsocialnetwork/maintenance-branded" > /tmp/maintenance-branded.tar
- name: Upload Artifact (Backend)
uses: actions/upload-artifact@v2
with:
name: docker-backend-branded
path: /tmp/backend-branded.tar
- name: Upload Artifact (Webapp)
uses: actions/upload-artifact@v2
with:
name: docker-webapp-branded
path: /tmp/webapp-branded.tar
- name: Upload Artifact (Maintenance)
uses: actions/upload-artifact@v2
with:
name: docker-maintenance-branded
path: /tmp/maintenance-branded.tar
upload_to_dockerhub:
name: Upload to Dockerhub
runs-on: ubuntu-latest
needs: [build_branded]
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Download Docker Image (Backend)
uses: actions/download-artifact@v2
with:
name: docker-backend-branded
path: /tmp
- name: Load Docker Image
run: docker load < /tmp/backend-branded.tar
- name: Download Docker Image (Webapp)
uses: actions/download-artifact@v2
with:
name: docker-webapp-branded
path: /tmp
- name: Load Docker Image
run: docker load < /tmp/webapp-branded.tar
- name: Download Docker Image (Maintenance)
uses: actions/download-artifact@v2
with:
name: docker-maintenance-branded
path: /tmp
- name: Load Docker Image
run: docker load < /tmp/maintenance-branded.tar
- name: Upload to dockerhub
run: deployment/scripts/branded-images.upload.sh
# - name: login to dockerhub
# run: echo "${DOCKERHUB_TOKEN}" | docker login -u "${DOCKERHUB_USERNAME}" --password-stdin
#
# - name: Push Backend
# run: docker push --all-tags ocelotsocialnetwork/backend-branded
# - name: Push Webapp
# run: docker push --all-tags ocelotsocialnetwork/webapp-branded
# - name: Push Maintenance
# run: docker push --all-tags ocelotsocialnetwork/maintenance-branded

2
backend/Dockerfile
View File

@ -35,7 +35,7 @@ LABEL maintainer="devops@ocelot.social"
# Install Additional Software
## install: git
RUN apk --no-cache add git
RUN apk --no-cache add git python3 make g++
# Settings
## Expose Container Port

12
backend/README.md
View File

@ -89,7 +89,7 @@ backend is running:
```bash
# in main folder while docker-compose is running
$ docker-compose exec backend yarn run db:migrate init
$ docker exec backend yarn run db:migrate init
```
{% endtab %}
@ -116,18 +116,18 @@ In another terminal run:
```bash
# in main folder while docker-compose is running
$ docker-compose exec backend yarn run db:seed
$ docker exec backend yarn run db:seed
```
To reset the database run:
```bash
# in main folder while docker-compose is running
$ docker-compose exec backend yarn run db:reset
$ docker exec backend yarn run db:reset
# you could also wipe out your neo4j database and delete all volumes with:
$ docker-compose down -v
# if container is not running, run this command to set up your database indeces and contstraints
$ docker-compose exec backend yarn run db:migrate init
$ docker exec backend yarn run db:migrate init
```
{% endtab %}
@ -170,7 +170,7 @@ To run the migration:
```bash
# in main folder while docker-compose is running
$ docker-compose exec backend yarn run db:migrate up
$ docker exec backend yarn run db:migrate up
```
{% endtab %}
@ -206,7 +206,7 @@ Run the unit tests:
```bash
# in main folder while docker-compose is running
$ docker-compose exec backend yarn run test
$ docker exec backend yarn run test
```
{% endtab %}

1
deployment/.env.dist Normal file
View File

@ -0,0 +1 @@
CONFIGURATION=example

33
deployment/DOCKER_MORE_CLOSELY.md Normal file
View File

@ -0,0 +1,33 @@
# Docker
## Apple M1 Platform
***Attention:** For using Docker commands in Apple M1 environments!*
```bash
# set env variable for your shell
$ export DOCKER_DEFAULT_PLATFORM=linux/amd64
```
For even more informations, see [Docker More Closely](#docker-more-closely)
### Docker Compose Override File For Apple M1 Platform
For Docker compose `up` or `build` commands, you can use our Apple M1 override file that specifies the M1 platform:
```bash
# in main folder
# for production
$ docker compose -f docker-compose.yml -f docker-compose.apple-m1.override.yml up
# for production testing Docker images from DockerHub
$ docker compose -f docker-compose.ocelotsocial-branded.yml -f docker-compose.apple-m1.override.yml up
# only once: init admin user and create indexes and contraints in Neo4j database
$ docker compose exec backend /bin/sh -c "yarn prod:migrate init"
```
## Docker More Closely In Main Code
To get more informations about the Apple M1 platform and to analyze the Docker builds etc. you find our documentation in our main code, [here](https://github.com/Ocelot-Social-Community/Ocelot-Social/blob/master/DOCKER_MORE_CLOSELY.md).

25
deployment/Minikube.md Normal file
View File

@ -0,0 +1,25 @@
# Minikube
There are many Kubernetes providers, but if you're just getting started, Minikube is a tool that you can use to get your feet wet.
After you [installed Minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/)
open your minikube dashboard:
```text
$ minikube dashboard
```
This will give you an overview. Some of the steps below need some timing to make resources available to other dependent deployments. Keeping an eye on the dashboard is a great way to check that.
Follow the installation instruction for [Kubernetes with Helm](./kubernetes/README.md).
If all the pods and services have settled and everything looks green in your
minikube dashboard, expose the services you want on your host system.
For example:
```text
$ minikube service webapp --namespace=ocelotsocialnetwork
# optionally
$ minikube service backend --namespace=ocelotsocialnetwork
```

23
deployment/README.deployment.md Normal file
View File

@ -0,0 +1,23 @@
# Deployment
Before you start the deployment you have to do preparations.
## Deployment Preparations
Since all deployment methods described here depend on [Docker](https://docker.com) and [DockerHub](https://hub.docker.com), you need to create your own organisation on DockerHub and put its name in the [package.json](/package.json) file as your `dockerOrganisation`.
Read more details in the [main README](/README.md) under [Usage](/README.md#usage).
## Deployment Methods
You have the following options for a deployment:
- [Kubernetes with Helm](./kubernetes/README.md)
## After Deployment
After the first deployment of the new network on your server, the database is initialized with the default administrator:
- E-mail: admin@example.org
- Password: 1234
***ATTENTION:*** When you are logged in for the first time, please change your (the admin's) e-mail to an existing one and change your password to a secure one !!!

136
deployment/README.md Normal file
View File

@ -0,0 +1,136 @@
# Ocelot.Social Deploy And Rebranding
[![Build Status Publish](https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/actions/workflows/publish.yml/badge.svg)](https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/actions)
[![MIT License](https://img.shields.io/badge/license-MIT-green.svg)](https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/blob/LICENSE.md)
[![Discord Channel](https://img.shields.io/discord/489522408076738561.svg)](https://discord.gg/AJSX9DCSUA)
[![Open Source Helpers](https://www.codetriage.com/ocelot-social-community/ocelot-social-deploy-rebranding/badges/users.svg)](https://www.codetriage.com/ocelot-social-community/ocelot-social-deploy-rebranding)
This repository is an in use template to rebrand, configure, and deploy [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) networks.
The forked original repository is [Ocelot-Social-Deploy-Rebranding](https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding).
<!-- markdownlint-disable MD033 -->
<p align="center">
<a href="https://ocelot.social" target="_blank"><img src="branding/static/img/custom/logo-squared.svg" alt="Ocelot-Social" width="40%" height="40%"></a>
</p>
<!-- markdownlint-enable MD033 -->
## Live demo
__Try out our deployed [development environment](https://stage.ocelot.social).__
Visit our staging networks:
- central staging network: [stage.ocelot.social](https://stage.ocelot.social)
<!-- - rebranded staging network: [rebrand.ocelot.social](https://stage.ocelot.social). -->
Logins:
| email | password | role |
| :--- | :--- | :--- |
| `user@example.org` | 1234 | user |
| `moderator@example.org` | 1234 | moderator |
| `admin@example.org` | 1234 | admin |
## Usage
Fork this repository to configure and rebrand it for your own [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) network.
### Package.Json And DockerHub Organisation
Write your own data into the main configuration file:
- [package.json](/package.json)
Since all deployment methods described here depend on [Docker](https://docker.com) and [DockerHub](https://hub.docker.com), you need to create your own organisation on DockerHub and put its name in the [package.json](/package.json) file as your `dockerOrganisation`.
### Configure And Branding
The next step is:
- [Configure And Branding](/branding/README.md)
### Optional: Locally Testing Configuration And Branding
Just in case you have Docker installed and run the following, you can check your branding locally:
```bash
# in main folder
$ docker-compose up
# fill the database with an initial admin
$ docker-compose exec backend yarn run prod:migrate init
```
The database is then initialised with the default administrator:
- E-mail: admin@example.org
- Password: 1234
For login or registration have a look in your browser at `http://localhost:3000/`.
For the maintenance page have a look in your browser at `http://localhost:5000/`.
### Push Changes To GitHub
Before merging these changes into the "master" branch on your GitHub fork repository, you need to configure the GitHub repository secrets. This is necessary to [publish](/.github/workflows/publish.yml) the Docker images by pushing them via GitHub actions to repositories belonging to your DockerHub organisation.
First, go to your DockerHub profile under `Account Settings` and click on the `Security` tab. There you create an access token called `<your-organisation>-access-token` and copy the token to a safe place.
Secondly, in your GitHub repository, click on the 'Settings' tab and go to the 'Secrets' tab. There you create two secrets by clicking on `New repository secret`:
1. Named `DOCKERHUB_TOKEN` with the newly created DockerHub token (only the code, not the token name).
2. Named `DOCKERHUB_USERNAME` with your DockerHub username.
### Optional: Locally Testing Your DockerHub Images
Just in case you like to check your pushed Docker images in your organisation's DockerHub repositories locally:
- rename the file `docker-compose.ocelotsocial-branded.yml` with your network name
- in the file, rename the ocelot.social DockerHub organisation `ocelotsocialnetwork` to your organisations name
Remove any local Docker images if necessary and do the following:
```bash
# in main folder
$ docker-compose -f docker-compose.<your-organisation>-branded.yml up
# fill the database with an initial admin
$ docker-compose exec backend yarn run prod:migrate init
```
See the login details and browser addresses above.
### Deployment
Afterwards you can [deploy](/deployment/README.md) it on your server:
- [Kubernetes with Helm](/deployment/kubernetes/README.md)
## Developer Chat
Join our friendly open-source community on [Discord](https://discord.gg/AJSX9DCSUA) :heart_eyes_cat:
Just introduce yourself at `#introduce-yourself` and mention `@@Mentor` to get you onboard :neckbeard:
Check out the [contribution guideline](https://github.com/Ocelot-Social-Community/Ocelot-Social/blob/master/CONTRIBUTING.md), too!
We give write permissions to every developer who asks for it. Just text us on
[Discord](https://discord.gg/AJSX9DCSUA).
## Technology Stack
- [Docker](https://www.docker.com)
- [Kubernetes](https://kubernetes.io)
- [Helm](https://helm.sh)
<!--
## Attributions
Locale Icons made by [Freepik](http://www.freepik.com/) from [www.flaticon.com](https://www.flaticon.com/) is licensed by [CC 3.0 BY](http://creativecommons.org/licenses/by/3.0/).
Browser compatibility testing with [BrowserStack](https://www.browserstack.com/).
<img alt="BrowserStack Logo" src=".gitbook/assets/browserstack-logo.svg" width="256">
-->
## License
See the [LICENSE](/LICENSE.md) file for license rights and limitations (MIT).
We need `DOCKER_BUILDKIT=0` for this to work.

86
deployment/TODO-next-update.md Normal file
View File

@ -0,0 +1,86 @@
# Todo For Next Update
When you overtake this deploy and rebrand repo to your network you have to recognize the following changes and doings:
## Version >= 2.4.0 with 'ocelotDockerVersionTag' 2.4.0-XXX
### Main Code PR feat(webapp): map #5843
- Create your own [Mapbox](https://mapbox.com/) account at [https://mapbox.com/](https://mapbox.com/) for your organization to get your own Mapbox token.
- You have to add the `MAPBOX_TOKEN` from the `deployment/kubernetes/values.template.yaml` to your `deployment/kubernetes/values.yaml` and set it to your own Mapbox token.
## Version >= 2.2.0 with 'ocelotDockerVersionTag' 2.2.0-267
### Main Code PR feat: 🍰 Footer And Header Links Configurable To Have External Link Target #5590
- You have to add property `target` to all array elements with value `url` to your preferred value in `branding/constants/headerMenu.js` originally in main code file `webapp/constants/headerMenu.js`.
- You have to move value of all `externalLink` to new property `externalLink.url` and set new property `externalLink.target` to your preferred value in `branding/constants/links.js` originally in main code file `webapp/constants/links.js`.
### Main Code PR feat: 🍰 Make Donation Progress Bar Color Configurable #5593
- You have to set `PROGRESS_BAR_COLOR_TYPE` in `branding/constants/donation.js` originally in main code file `webapp/constants/donation.js` to your preferred value.
### Main Code PR feat: 🍰 Header Logo Routing Update #5579
- You have to move value of `LOGO_HEADER_CLICK.externalLink` to new property `LOGO_HEADER_CLICK.externalLink.url` and set new property `LOGO_HEADER_CLICK.externalLink.target` to your preferred value in `branding/constants/logos.js` originally in main code file `webapp/constants/logos.js`.
## Version >= 2.0.0 with 'ocelotDockerVersionTag' 2.0.0-250
### Main Code PR feat: 🍰 Implement LOGO_HEADER_CLICK As Configuration #5525
- You have to set `LOGO_HEADER_CLICK` in `branding/constants/logos.js` originally in main code file `webapp/constants/logos.js` to your preferred value.
### Main Code Issue 🌟 [EPIC] Release v2.0.0 Beta Test → Final #5547
- You have to set `SHOW_GROUP_BUTTON_IN_HEADER` in `branding/constants/groups.js` originally in main code file `webapp/constants/groups.js` to your preferred value.
## Version >= 1.1.0 with 'ocelotDockerVersionTag' 1.1.0-205
### Deployment/Rebranding PR chore: 🍰 Release v1.1.0 - Implement Categories Again #63
- You have to add the `CATEGORIES_ACTIVE` from the `deployment/kubernetes/values.template.yaml` to your `deployment/kubernetes/values.yaml` and set it to your preferred value.
- Make sure the correct categories are in your Neo4j database on the server.
## Version >= 1.0.9 with 'ocelotDockerVersionTag' 1.0.9-199
### Deployment/Rebranding PR chore: 🍰 Implement PRODUCTION_DB_CLEAN_ALLOW for Staging Production Environments #56
- Copy `PRODUCTION_DB_CLEAN_ALLOW` from `deployment/kubernetes/values.template.yaml` to `values.yaml` and set it to `false` for production environments and only for several stage test servers to `true`.
### Deployment/Rebranding PR chore: [WIP] 🍰 Refine docs, first step #46
Upgrade the cert-manager, but install CRDs of the version 1.0.0-alpha to actually be able to upgrade ocelot. Then uninstall the legacy CRDs and install the correct ones.
```bash
# upgrade cert-manager to 1.9.1
> helm upgrade --set installCRDs=true --version 1.9.1 --namespace cert-manager cert-manager jetstack/cert-manager
# apply legacy CRDs
> kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.0.0-alpha.1/cert-manager.crds.yaml
# upgrade ocelot
> helm upgrade ocelot ./
# delete legacy CRDs
> kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/v1.0.0-alpha.1/cert-manager.crds.yaml
# apply CRDs for cert-manager 1.9.1
> kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.crds.yaml
```
Background: We had to upgrade cert-manager due to an external dependency - therefore we had to update cert-manager apiVersion `cert-manager.io/v1alpha2` to `cert-manager.io/v1`.
The error occurring when not doing this is the following:
```bash
Error: UPGRADE FAILED: unable to build kubernetes objects from current release manifest: [resource mapping not found for name: "letsencrypt-production" namespace: "" from "": no matches for kind "ClusterIssuer" in version "cert-manager.io/v1alpha2"
ensure CRDs are installed first, resource mapping not found for name: "letsencrypt-staging" namespace: "" from "": no matches for kind "ClusterIssuer" in version "cert-manager.io/v1alpha2"
ensure CRDs are installed first]
```
## Version >= 1.0.8 with 'ocelotDockerVersionTag' 1.0.8-182
### PR feat: 🍰 Configure Cookie Expire Time #43
- You have to add the `COOKIE_EXPIRE_TIME` from the `deployment/kubernetes/values.template.yaml` to your `deployment/kubernetes/values.yaml` and set it to your preferred value.
- Correct `locale` cookie exploration time in data privacy.
## Version 1.0.7 with 'ocelotDockerVersionTag' 1.0.7-171
- No information.

3
deployment/configurations/.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
/*
!/example
!.gitignore

5
deployment/configurations/example/branding/README.md Normal file
View File

@ -0,0 +1,5 @@
# Configure And Branding
In this folder you will find all configuration files and logo images to customise the configuration and branding of the [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) network code to your own needs.
Please change these and they will be used automatically as part of the [deployment](/deployment/README.md) process.

0
deployment/configurations/example/branding/assets/fonts/.gitkeep Normal file
View File

5
deployment/configurations/example/branding/assets/styles/imports/_branding.scss Normal file
View File

@ -0,0 +1,5 @@
/*
*
* Here, all SCSS variables and classes can be adapted to your custom design.
*
*/

1
deployment/configurations/example/branding/constants/donation.js Normal file
View File

@ -0,0 +1 @@
export const PROGRESS_BAR_COLOR_TYPE = 'gradient' // 'uni' is the other option

8
deployment/configurations/example/branding/constants/emails.js Normal file
View File

@ -0,0 +1,8 @@
// this file is duplicated in `backend/src/config/` and `webapp/constants/` and replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/constants/
export default {
SUPPORT_EMAIL: 'hello@ocelot.social',
MODERATION_EMAIL: 'hello@ocelot.social',
// ATTENTION: the following links have to be defined even for internal pages with full URLs as example like 'https://staging.ocelot.social/support', because they are used in e-mails!
ORGANIZATION_LINK: 'https://ocelot.social',
SUPPORT_LINK: 'https://ocelot.social',
}

5
deployment/configurations/example/branding/constants/groups.js Normal file
View File

@ -0,0 +1,5 @@
// this file is duplicated in `backend/src/constants/group.js` and `webapp/constants/group.js`
export const NAME_LENGTH_MIN = 3
export const NAME_LENGTH_MAX = 50
export const DESCRIPTION_WITHOUT_HTML_LENGTH_MIN = 100 // with removed HTML tags
export const SHOW_GROUP_BUTTON_IN_HEADER = true

13
deployment/configurations/example/branding/constants/headerMenu.js Normal file
View File

@ -0,0 +1,13 @@
export default {
MENU: [
// {
// nameIdent: 'nameIdent',
// path: '/',
// },
// {
// nameIdent: 'nameIdent',
// url: 'https://ocelot.social',
// target: '_blank',
// },
],
}

152
deployment/configurations/example/branding/constants/links.js Normal file
View File

@ -0,0 +1,152 @@
// this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/constants/
import { defaultPageParamsPages } from '~/components/utils/InternalPages.js'
const ORGANIZATION = defaultPageParamsPages.ORGANIZATION.overwrite({
// if defined it's dominating
externalLink: {
url: 'https://ocelot.social',
target: '_blank',
},
internalPage: {
// footerIdent: 'site.made', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.made', // localized string identifier, if undefined default is used
// headlineIdent: 'site.made', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const DONATE = defaultPageParamsPages.DONATE.overwrite({
// if defined it's dominating
externalLink: {
// we use 'ocelot-social.herokuapp.com' at the moment, because redirections of 'ocelot.social' subpages are not working correctly
url: 'https://ocelot-social.herokuapp.com/donations',
target: '_blank',
},
internalPage: {
// footerIdent: 'site.donate', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.donate', // localized string identifier, if undefined default is used
// headlineIdent: 'site.donate', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const IMPRINT = defaultPageParamsPages.IMPRINT.overwrite({
// if defined it's dominating
externalLink: {
// we use 'ocelot-social.herokuapp.com' at the moment, because redirections of 'ocelot.social' subpages are not working correctly
url: 'https://ocelot-social.herokuapp.com/imprint',
target: '_blank',
},
internalPage: {
// footerIdent: 'site.imprint', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.imprint', // localized string identifier, if undefined default is used
// headlineIdent: 'site.imprint', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const TERMS_AND_CONDITIONS = defaultPageParamsPages.TERMS_AND_CONDITIONS.overwrite({
// externalLink: null, // if defined it's dominating
internalPage: {
// footerIdent: 'site.termsAndConditions', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.termsAndConditions', // localized string identifier, if undefined default is used
// headlineIdent: 'site.termsAndConditions', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const CODE_OF_CONDUCT = defaultPageParamsPages.CODE_OF_CONDUCT.overwrite({
// externalLink: null, // if defined it's dominating
internalPage: {
// footerIdent: 'site.code-of-conduct', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.code-of-conduct', // localized string identifier, if undefined default is used
// headlineIdent: 'site.code-of-conduct', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const DATA_PRIVACY = defaultPageParamsPages.DATA_PRIVACY.overwrite({
// externalLink: null, // if defined it's dominating
internalPage: {
// footerIdent: 'site.data-privacy', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.data-privacy', // localized string identifier, if undefined default is used
// headlineIdent: 'site.data-privacy', // localized string identifier, on null it's hidden, if undefined default is used
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const FAQ = defaultPageParamsPages.FAQ.overwrite({
// externalLink: null, // if defined it's dominating
internalPage: {
// footerIdent: 'site.faq', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.faq', // localized string identifier, if undefined default is used
// headlineIdent: 'site.faq', // on null default is used, on empty string it's hidden
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
const SUPPORT = defaultPageParamsPages.SUPPORT.overwrite({
// if defined it's dominating
externalLink: {
url: 'https://ocelot.social',
target: '_blank',
},
internalPage: {
// footerIdent: 'site.support', // localized string identifier, if undefined default is used
// headTitleIdent: 'site.support', // localized string identifier, if undefined default is used
// headlineIdent: 'site.support', // on null default is used, on empty string it's hidden
hasContainer: true,
hasBaseCard: true,
hasLoginInHeader: true,
// in case internal page content is here 'branding/locales/html/'
},
})
export default {
LANDING_PAGE: '/login', // examples: '/login', '/registration', '/organization', or external 'https://ocelot.social'
// you can find and store templates for 👇🏼 at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/
ORGANIZATION,
DONATE,
IMPRINT,
TERMS_AND_CONDITIONS,
CODE_OF_CONDUCT,
DATA_PRIVACY,
FAQ,
SUPPORT,
FOOTER_LINK_LIST: [
ORGANIZATION,
TERMS_AND_CONDITIONS,
CODE_OF_CONDUCT,
DATA_PRIVACY,
FAQ,
DONATE,
IMPRINT,
SUPPORT,
],
}

24
deployment/configurations/example/branding/constants/logos.js Normal file
View File

@ -0,0 +1,24 @@
// this file is duplicated in `backend/src/config/logos.js` and `webapp/constants/logos.js` and replaced on rebranding
// this are the paths in the webapp
export default {
LOGO_HEADER_PATH: '/img/custom/logo-horizontal.svg',
LOGO_HEADER_WIDTH: '130px',
LOGO_HEADER_CLICK: {
// externalLink: {
// url: 'https://ocelot.social',
// target: '_blank',
// },
externalLink: null,
internalPath: {
to: {
name: 'index',
},
scrollTo: '.main-navigation',
},
},
LOGO_SIGNUP_PATH: '/img/custom/logo-squared.svg',
LOGO_WELCOME_PATH: '/img/custom/logo-squared.svg',
LOGO_LOGOUT_PATH: '/img/custom/logo-squared.svg',
LOGO_PASSWORD_RESET_PATH: '/img/custom/logo-squared.svg',
LOGO_MAINTENACE_RESET_PATH: '/img/custom/logo-squared.svg',
}

9
deployment/configurations/example/branding/constants/metadata.js Normal file
View File

@ -0,0 +1,9 @@
// this file is duplicated in `backend/src/config/metadata.js` and `webapp/constants/metadata.js` and replaced on rebranding
export default {
APPLICATION_NAME: 'ocelot.social',
APPLICATION_SHORT_NAME: 'ocelot.social',
APPLICATION_DESCRIPTION: 'Ocelot Social Community',
COOKIE_NAME: 'ocelot-social-token',
ORGANIZATION_NAME: 'busFaktor e.V.',
ORGANIZATION_JURISDICTION: 'Deutschland',
}

1
deployment/configurations/example/branding/email/.gitkeep Normal file
View File

@ -0,0 +1 @@
we can put multilanguage e-mails and a layout.html in here

1
deployment/configurations/example/branding/email/templates/de/.gitkeep Normal file
View File

@ -0,0 +1 @@
we can put translated e-mails in here

1
deployment/configurations/example/branding/email/templates/en/.gitkeep Normal file
View File

@ -0,0 +1 @@
we can put translated e-mails in here

2
deployment/configurations/example/branding/locales/de.json Normal file
View File

@ -0,0 +1,2 @@
{
}

2
deployment/configurations/example/branding/locales/en.json Normal file
View File

@ -0,0 +1,2 @@
{
}

60
deployment/configurations/example/branding/locales/html/de/code-of-conduct.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Präambel
</h3>
<p>
Ich bin der Inhalt vom Verhaltenskodex.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/de/data-privacy.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Information über die Erhebung personenbezogener Daten
</h3>
<p>
Das hier wäre der Inhalt der Datenschutzbestimmungen.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/de/donate.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Wohin kann ich spenden?
</h3>
<p>
Hier steht was zu den Spenden.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

67
deployment/configurations/example/branding/locales/html/de/faq.html Normal file
View File

@ -0,0 +1,67 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Wie bediene ich dieses Netzwerk?
</h3>
<p>
Hier findest Du die
<a href="https://github.com/Ocelot-Social-Community/Ocelot-Social/wiki" target="_blank" >Bedienungsanleitung</a>.<br>
</p>
<h3>
Betreiberspezifische FAQs
</h3>
<p>
Hier steht was zu den betreiberspezifischen FAQs.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/de/imprint.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Betreiber
</h3>
<p>
Ich bin das Impressum.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/de/organization.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Das Entwicklernetzwerk
</h3>
<p>
Hier wird das Netzwerk beschrieben.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/de/support.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Ansprechpartner
</h3>
<p>
Ich bin der Inhalt vom Support.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

61
deployment/configurations/example/branding/locales/html/de/terms-and-conditions.html Normal file
View File

@ -0,0 +1,61 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
Für das soziale Netzwerk Ocelot.Social Staging
</h2>
<h3>
Nutzung und Lizenz
</h3>
<p>
Ich bin der Inhalt der Seite "Nutzungsbedingungen".
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/en/code-of-conduct.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Präambel
</h3>
<p>
I am the content of the code of conduct.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/en/data-privacy.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Information about the collection of personal data
</h3>
<p>
This would be our data privacy section.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/en/donate.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Where can I donate?
</h3>
<p>
Here's what it says about donations.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

67
deployment/configurations/example/branding/locales/html/en/faq.html Normal file
View File

@ -0,0 +1,67 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
How do I operate this network?
</h3>
<p>
Here you can find the
<a href="https://github.com/Ocelot-Social-Community/Ocelot-Social/wiki" target="_blank" >user manual</a>.<br>
</p>
<h3>
Operator-Specific FAQs
</h3>
<p>
Here are the operator-specific FAQs.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/en/imprint.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Operator
</h3>
<p>
I am the imprint.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/en/organization.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
The Developers Network
</h3>
<p>
Here the network is described.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/en/support.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Contact
</h3>
<p>
I am the content of the support.
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

60
deployment/configurations/example/branding/locales/html/en/terms-and-conditions.html Normal file
View File

@ -0,0 +1,60 @@
<!-- this file is replaced on rebranding by https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/locales/html/ -->
<!-- you can find and store templates at https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding/templates/ -->
<div class="info-page">
<h2>
For the social network Ocelot.Social Staging
</h2>
<h3>
Use and License
</h3>
<p>
I am the content of the page "Terms And Conditions".
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

BIN
deployment/configurations/example/branding/static/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.4 KiB

BIN
deployment/configurations/example/branding/static/icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 21 KiB

80
deployment/configurations/example/branding/static/img/custom/logo-horizontal.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 34 KiB

82
deployment/configurations/example/branding/static/img/custom/logo-squared.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 34 KiB

62
deployment/configurations/example/branding/templates/locales/html/general/de/faq.html Normal file
View File

@ -0,0 +1,62 @@
<!-- this file is a template for rebranding of 'branding/locales/html/de/faq.html' -->
<!-- template for the 'FAQ' in general -->
<div class="info-page">
<h2>
Für das soziale Netzwerk {{ organization }}
</h2>
<h3>
Wie bediene ich dieses Netzwerk?
</h3>
<p>
Hier findest Du die
<a href="https://github.com/Ocelot-Social-Community/Ocelot-Social/wiki" target="_blank" >Bedienungsanleitung</a>.<br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

62
deployment/configurations/example/branding/templates/locales/html/general/en/faq.html Normal file
View File

@ -0,0 +1,62 @@
<!-- this file is a template for rebranding of 'branding/locales/html/de/faq.html' -->
<!-- template for the 'FAQ' in general -->
<div class="info-page">
<h2>
For the social network of {{ organization }}
</h2>
<h3>
How do I operate this network?
</h3>
<p>
Here you can find the
<a href="https://github.com/Ocelot-Social-Community/Ocelot-Social/wiki" target="_blank" >user manual</a>.<br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

163
deployment/configurations/example/branding/templates/locales/html/hc-y2020/de/code-of-conduct.html Normal file
View File

@ -0,0 +1,163 @@
<!-- this file is a template for rebranding of 'branding/locales/html/en/code-of-conduct.html' -->
<!-- template for the 'Code Of Conduct' from the old HC network. in the old repo you will find other languages as well -->
<div class="info-page">
<h2>
Für das soziale Netzwerk {{ organization }}
</h2>
<h3>
Präambel
</h3>
<p>
{{ networkName}} ist ein gemeinnütziges soziales Wissens- und Aktionsnetzwerk der nächsten Generation.
Von Menschen für Menschen.
Free-Software, Open-Source, fair und transparent.
Für positiven lokalen und globalen Wandel in allen Lebensbereichen.
Wir gestalten den öffentlichen Austausch von Wissen, Ideen und Projekten völlig neu.
Die Funktionen von {{ networkName }} bringen die Menschen zusammen offline und online so dass wir die Welt zu einem besseren Ort machen können.<br>
</p>
<h3>
Zweck
</h3>
<p>
Mit diesen Verhaltensregeln regeln wir die wesentlichen Grundsätze für das Verhalten in unserem Sozialen Netzwerk.
Dabei ist die Menschenrechtscharta der Vereinten Nationen unsere Orientierung und bildet das Herz unseres Werteverständnisses.
Die Verhaltensregeln dienen als Leitsätze für den persönlichen Auftritt und den Umgang untereinander.
Wer als Nutzer im {{ networkName }} Netzwerk aktiv ist, Beiträge verfasst, kommentiert oder mit anderen Nutzern, auch außerhalb des Netzwerkes, Kontakt aufnimmt, erkennt diese Verhaltensregeln als verbindlich an.<br>
</p>
<h3>
Erwartetes Verhalten
</h3>
<p>
Die folgenden Verhaltensweisen werden von allen Community-Mitgliedern erwartet und gefordert:<br>
</p>
<ul>
<li>
Sei rücksichtsvoll und respektvoll, bei dem, was Du schreibst und tust.
</li>
<li>
Versuche auf andere zuzugehen, bevor ein Konflikt entsteht.
</li>
<li>
Vermeide erniedrigende, diskriminierende oder belästigende Verhaltensweisen und Ausdrücke.
</li>
<li>
Achte Dein Umfeld und Deine Mitmenschen. Warne die Verantwortlichen der Community, falls Du eine gefährliche Situation, jemanden in Not oder Verstöße gegen diesen Verhaltenskodex bemerkst, auch wenn diese unbedeutend erscheinen.
</li>
</ul>
<h3>
Nichtakzeptables Verhalten
</h3>
<p>
Die folgenden Verhaltensweisen sind in unserer Community inakzeptabel:<br>
</p>
<ul>
<li>
Diskriminierende Beiträge, Kommentare, Äußerungen oder Beleidigungen, insbesondere solche, die sich auf Geschlecht, sexuelle Orientierung, Rasse, Religion, politische oder weltanschauliche Ausrichtung oder Behinderung beziehen
</li>
<li>
Das Senden oder Verlinken eindeutig pornografischen Materials
</li>
<li>
Verherrlichung oder Verharmlosung grausamer oder unmenschlicher Gewalttätigkeiten
</li>
<li>
Das Veröffentlichen von personenbezogenen Daten anderer ohne deren Einverständnis oder das Androhen dessen („Doxing“)
</li>
<li>
Absichtliche Einschüchterung, Stalking oder Verfolgung
</li>
<li>
Bewerben von Produkten und Dienstleistungen mit kommerzieller Absicht
</li>
<li>
Strafbares Verhalten bzw. Verstoß gegen deutsches Recht
</li>
<li>
Befürworten oder Ermutigen zu diesen Verhaltensweisen
</li>
</ul>
<h3>
Konsequenzen inakzeptablen Verhaltens
</h3>
<p>
Wenn ein Gemeinschaftsmitglied inakzeptables Verhalten an den Tag legt, können die verantwortlichen Betreiber, Moderatoren und Administratoren des Netzwerks angemessene Maßnahmen ergreifen, u.a.:<br>
</p>
<ul>
<li>
Auffordern zum sofortigen Abstellen des inakzeptablen Verhaltens
</li>
<li>
Sperren oder Löschen von Kommentaren
</li>
<li>
Vorübergehender Ausschluss aus dem jeweiligen Beitrag
</li>
<li>
Sperren bzw. Löschen von Inhalten
</li>
<li>
Vorübergehender Entzug von Schreibrechten
</li>
<li>
Vorübergehender Ausschluss aus dem Netzwerk
</li>
<li>
Endgültiger Ausschluss aus dem Netzwerk
</li>
<li>
Verstöße gegen deutsches Recht können zur Anzeige gebracht werden.
</li>
</ul>
<p>
Wenn Du einem inakzeptablen Verhalten ausgesetzt bist, es miterlebst oder andere Bedenken hast, melde bitte so schnell wie möglich den oder die entsprechenden Inhalte an die Moderatoren.
Bitte klicke beim Beitrag, Kommentar oder Benutzer auf die drei Punkte und melde ihn über das aufgeklappte Menü.<br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

1010
deployment/configurations/example/branding/templates/locales/html/hc-y2020/de/data-privacy.html Normal file
View File

File diff suppressed because it is too large Load Diff

136
deployment/configurations/example/branding/templates/locales/html/hc-y2020/de/terms-and-conditions.html Normal file
View File

@ -0,0 +1,136 @@
<!-- this file is a template for rebranding of 'branding/locales/html/de/terms-and-conditions.html' -->
<!-- template for the 'Terms And Conditions' from the old HC network. in the old repo you will find other languages as well -->
<div class="info-page">
<h2>
Für das soziale Netzwerk {{ organization }}
</h2>
<h3>
Nutzungsbedingungen
</h3>
<p>
Die folgenden Nutzungsbedingungen sind Basis für die Nutzung unseres {{ networkName }} Netzwerkes.
Beim Registrieren musst Du diese anerkennen und wir werden Dich auch später über ggf. stattfindende Änderungen informieren.
Unser Netzwerk wird in der {{ organizationLocation }} betrieben und unterliegt daher {{ organizationLocation2 }} Recht.
Gerichtsstand ist {{ legacyLocation }}.
Zu Details schau in unser Impressum: <a href="https://{{ networkURL }}/imprint/" target="_blank" >https://{{ networkURL }}/imprint/</a>.<br>
</p>
<h3>
Nutzung und Lizenz
</h3>
<p>
Sind Inhalte, die Du bei uns einstellst, durch Rechte am geistigen Eigentum geschützt, erteilst Du uns eine nicht-exklusive, übertragbare, unterlizenzierbare und weltweite Lizenz für die Nutzung dieser Inhalte für die Bereitstellung in unserem Netzwerk.
Diese Lizenz endet, sobald Du Deine Inhalte oder Deinen ganzen Account löscht.
Bedenke, dass andere Deine Inhalte weiter teilen können und wir diese nicht löschen können.<br>
</p>
<h3>
Datenschutz
</h3>
<p>
Unser Netzwerk ist ein soziales Wissens- und Aktionsnetzwerk.
Daher ist es uns besonders wichtig, dass möglichst viele Inhalte öffentlich zugänglich sind.
Im Laufe der Entwicklung unseres Netzwerkes wird es mehr und mehr die Möglichkeit geben, über die Sichtbarkeit der selbst angegebenen bzw. persönlichen Daten zu entscheiden.
Über diese neuen Funktionen werden wir Euch informieren.
Ansonsten gilt, dass Du immer darüber nachdenken solltest, welche persönlichen Daten Du über Dich (oder andere) preisgibst.
Dies gilt insbesondere für Inhalte von Beiträgen und Kommentaren, da diese einen weitgehend öffentlichen Charakter haben.
Später wird es Möglichkeiten geben, die Sichtbarkeit Deines Profils einzuschränken.
Teil der Nutzungsbedingungen ist unsere Datenschutzerklärung, die Dich über die einzelnen Datenverarbeitungen in unserem Netzwerk informiert: <a href="https://{{ networkURL }}/data-privacy" target="_blank">https://{{ networkURL }}/data-privacy</a>.
Unsere Datenschutzerklärung ist an die Gesetzeslage und die Charakteristika unseres Netzwerks angepasst und gilt immer in der aktuellsten Version.<br>
</p>
<h3>
Verhaltenscodex
</h3>
<p>
Unser Verhaltenskodex dient als Leitfaden für das persönliche Auftreten und den Umgang miteinander.
Wer als Nutzer im {{ networkName }} Netzwerk aktiv ist, Beiträge verfasst, kommentiert oder mit anderen Nutzern, auch außerhalb des Netzwerkes, Kontakt aufnimmt, erkennt diese Verhaltensregeln als verbindlich an. <a href="https://{{ networkURL }}/code-of-conduct" target="_blank">https://{{ networkURL }}/code-of-conduct</a><br>
</p>
<h3>
Moderation
</h3>
<p>
Bis unsere finanziellen Möglichkeiten uns erlauben, das Community-Moderationssystem zu implementieren, moderieren wir mit einem vereinfachten System und eigenen bzw. ggf. ehrenamtlichen Mitarbeitern.
Wir schulen diese Moderatoren und aus diesem Grund treffen auch nur diese entsprechende Entscheidungen.
Diese Moderatoren führen Ihre Tätigkeit anonym aus.
Du kannst uns Beiträge, Kommentare und auch Nutzer melden (wenn diese zum Beispiel in ihrem Profil Angaben machen oder Bilder haben, die diese Nutzungsbedingungen verletzen).
Wenn Du uns etwas meldest, kannst Du einen Meldegrund angeben und noch eine kurze Erläuterung mitgeben.
Wir schauen uns dann das Gemeldete an und sanktionieren ggf., z.B. indem wir Beiträge, Kommentare oder Nutzer sperren.
Du und auch der Betroffene erhalten derzeitig von uns leider noch keine Rückmeldung, das ist aber in Planung.
Unabhängig davon behalten wir uns prinzipiell Sanktionen vor aus Gründen, die unter Umständen nicht oder noch nicht in unserem Verhaltenscodex oder diesen Nutzungsbedingungen aufgeführt sind.<br>
</p>
<h3>
Fehler und Rückmeldungen
</h3>
<p>
Wir sind sehr bemüht, unser Netzwerk und unsere Daten sicher und abrufbar zu erhalten.
Jede neue Version der Software durchläuft sowohl automatisierte als auch manuelle Tests.
Es können jedoch unvorhergesehene Fehler auftreten.
Deshalb sind wir dankbar für jeden gemeldeten Fehler.
Du kannst gerne jeden von Dir entdeckten Fehler dem Support/der Hilfe-Assistenz mitteilen: <a href="https://{{ networkURL }}/support" target="_blank">https://{{ networkURL }}/support</a>.<br>
</p>
<h3>
Keine kommerzielle Nutzung
</h3>
<p>
Die Nutzung des {{ networkName }} Netzwerkes ist nicht für kommerzielle Zwecke gestattet.
Darunter fällt unter anderem das Bewerben von Produkten mit kommerzieller Absicht, das Einstellen von Affiliate-Links (Geschäftspartner-Links), direkter Aufruf zu Spenden oder finanzieller Unterstützung für Zwecke, die steuerlich nicht als gemeinnützig anerkannt sind.<br>
</p>
<h3>
Keine politische Nutzung
</h3>
<p>
Nutzerkonten von politischen Parteien oder offizielle Nutzerkonten eines politischen Vertreters sind unzulässig.<br>
</p>
<h3>
Hilfe und Fragen
</h3>
<p>
Für Hilfe und Fragen haben wir Dir eine umfassende Sammlung an häufig gestellten Fragen und Antworten (FAQ) zusammengestellt; Du findest diese auf <a href="https://{{ networkURL }}/faq" target="_blank">https://{{ networkURL }}/faq</a>.<br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

163
deployment/configurations/example/branding/templates/locales/html/hc-y2020/en/code-of-conduct.html Normal file
View File

@ -0,0 +1,163 @@
<!-- this file is a template for rebranding of 'branding/locales/html/en/code-of-conduct.html' -->
<!-- template for the 'Code Of Conduct' from the old HC network. in the old repo you will find other languages as well -->
<div class="info-page">
<h2>
For the social network of {{ organization }}
</h2>
<h3>
Präambel
</h3>
<p>
{{ networkName }} is a non-profit social knowledge and action network of the next generation.
By people - for people. Free software, open source, fair and transparent.
For positive local and global change in all areas of life.
We completely redesign the public exchange of knowledge, ideas and projects.
The functions of {{ networkName }} bring people together - offline and online - so that we can make the world a better place.<br>
</p>
<h3>
Purpose
</h3>
<p>
With these code of conduct we regulate the essential principles for behavior in our social network.
The United Nations Charter of Human Rights is our orientation and forms the heart of our understanding of values.
The code of conduct serves as guiding principles for our personal appearance and interaction with one another.
Anyone who is active as a user in the {{ networkName }} Network, writes articles, comments or contacts other users, including those outside the network,acknowledges these rules of conduct as binding.<br>
</p>
<h3>
Expected Behaviour
</h3>
<p>
The following behaviors are expected and requested of all community members:<br>
</p>
<ul>
<li>
Exercise consideration and respect in your speech and actions.
</li>
<li>
Attempt collaboration before conflict.
</li>
<li>
Refrain from demeaning, discriminatory, or harassing behavior and speech.
</li>
<li>
Be mindful of your surroundings and of your fellow participants.
Alert community leaders if you notice a dangerous situation, someone in distress, or violations of this Code of Conduct, even if they seem inconsequential.
</li>
</ul>
<h3>
Unacceptable Behavior
</h3>
<p>
The following behaviors are unacceptable within our community:<br>
</p>
<ul>
<li>
Discriminatory posts, comments, utterances or insults, particularly those relating to gender, sexual orientation, race, religion, political or philosophical orientation or disability.
</li>
<li>
Posting or linking of clearly pornographic material.
</li>
<li>
Glorification or trivialization of cruel or inhuman acts of violence.
</li>
<li>
The disclosure of others' personal information without their consent or threat there of ("doxing").
</li>
<li>
Intentional intimidation, stalking or persecution.
</li>
<li>
Advertising products and services with commercial intent.
</li>
<li>
Criminal behavior or violation of German law.
</li>
<li>
Endorse or encourage such conduct.
</li>
</ul>
<h3>
Consequences of Unacceptable Behavior
</h3>
<p>
If a community member exhibits unacceptable behaviour, the responsible operators, moderators and administrators of the network may take appropriate measures, including but not limited to:<br>
</p>
<ul>
<li>
Request for immediate cessation of unacceptable conduct
</li>
<li>
Locking or deleting comments
</li>
<li>
Temporary exclusion from the respective post or contribution
</li>
<li>
Blocking or deleting of content
</li>
<li>
Temporary withdrawal of write permissions
</li>
<li>
Temporary exclusion from the network
</li>
<li>
Final exclusion from the network
</li>
<li>
Violations of German law can be reported.
</li>
</ul>
<p>
If you are subject to or witness unacceptable behavior, or have any other concerns, please notify a community organizer as soon as possible and link or refer to the corresponding content.
Please click on the three dots on the post, comment or user and report it using the drop-down menu.<br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

135
deployment/configurations/example/branding/templates/locales/html/hc-y2020/en/terms-and-conditions.html Normal file
View File

@ -0,0 +1,135 @@
<!-- this file is a template for rebranding of 'branding/locales/html/en/terms-and-conditions.html' -->
<!-- template for the 'Terms And Conditions' from the old HC network. in the old repo you will find other languages as well -->
<div class="info-page">
<h2>
For the social network of {{ organization }}
</h2>
<h3>
Terms of Service
</h3>
<p>
The following terms of use form the basis for the use of our network.
When you register, you must accept them and we will inform you later about any changes that may take place.
The {{ networkName }} Network is operated in Germany and is therefore subject to German law.
Place of jurisdiction is {{ organizationLocation }}.
For details see our imprint: <a href="https://{{ networkURL }}/imprint/" target="_blank" >https://{{ networkURL }}/imprint/</a><br>
</p>
<h3>
Use and License
</h3>
<p>
If any content you post to us is protected by intellectual property rights, you grant us a non-exclusive, transferable, sublicensable, worldwide license to use such content for posting to our network.
This license expires when you delete your content or your entire account.
Remember that others may share your content and we cannot delete it.<br>
</p>
<h3>
Privacy Statement
</h3>
<p>
Our network is a social knowledge and action network.
It is therefore particularly important to us that as much content as possible is publicly accessible.
In the course of the development of our network there will be more and more the possibility to decide about the visibility of the personal data.
We will inform you about these new features.
Otherwise, you should always think about which personal data you disclose about yourself (or others).
This applies in particular to the content of posts and comments, as these have a largely public character.
Later there will be possibilities to limit the visibility of your profile.
Part of the terms of service is our privacy statement, which informs you about the individual data processing operations in our network: <a href="https://{{ networkURL }}/data-privacy" target="_blank">https://{{ networkURL }}/data-privacy</a>.
Our privacy statement is adapted to the legal situation and characteristics of our network and is always valid in the most current version.<br>
</p>
<h3>
Code of Conduct
</h3>
<p>
Our code of conduct serves as a handbook for personal appearance and interaction with each other.
Whoever is active as a user in the {{ networkName }} network, writes articles, comments or makes contact with other users, even outside the network, acknowledges these rules of conduct as binding. <a href="https://{{ networkURL }}/code-of-conduct" target="_blank">https://{{ networkURL }}/code-of-conduct</a><br>
</p>
<h3>
Moderation
</h3>
<p>
Until our financial possibilities allow us to implement the community moderation system, we moderate with a simplified system and with our own or possibly volunteer staff.
We train these moderators and for this reason only they make the appropriate decisions.
These moderators carry out their work anonymously.
You can report posts, comments and users to us (for example, if they provide information in their profile or have images that violate these Terms of Use).
If you report something to us, you can give us a reason and a short explanation.
We will then take a look at what you have reported and sanction you if necessary, e.g. by blocking contributions, comments or users.
Unfortunately, you and the person concerned will not receive any feedback from us at this time, but this is in the planning stage.
Irrespective of this, we reserve the right to impose sanctions in principle for reasons that may not or not yet be listed in our Code of Conduct or these terms of service.<br>
</p>
<h3>
Errors and Feedback
</h3>
<p>
We make every effort to keep our network and data secure and available.
Each new release of the software goes through both automated and manual testing.
However, unforeseen errors may occur. Therefore, we are grateful for any reported bugs.
You are welcome to report any bugs you discover by emailing Support at <a href="https://{{ networkURL }}/support" target="_blank">https://{{ networkURL }}/support</a><br>
</p>
<h3>
No Commercial Use
</h3>
<p>
The use of the {{ networkName }} Network is not permitted for commercial purposes.
This includes, but is not limited to, advertising products with commercial intent, posting affiliate links, directly soliciting donations, or providing financial support for purposes that are not recognized as charitable for tax purposes.<br>
</p>
<h3>
No Political Use
</h3>
<p>
User accounts of political parties or official user accounts of a political representative are not permitted.<br>
</p>
<h3>
Help and Questions
</h3>
<p>
For help and questions we have compiled a comprehensive collection of frequently asked questions and answers (FAQ) for you. You can find them here: <a href="https://{{ networkURL }}/faq" target="_blank">https://{{ networkURL }}/faq</a><br>
</p>
</div>
<style type="text/css">
.info-page {
margin-bottom: 48px;
}
.info-page h2 {
margin: 24px 0;
}
.info-page h3 {
margin: 24px 0 16px 0;
}
.info-page h4 {
margin: 16px 0 8px 0;
}
.info-page p {
margin: 8px 0;
}
.info-page ul {
list-style-type: disc;
margin: 16px 0 16px 14px;
}
.info-page table {
background-color: #fff;
border: 1px solid #e0dede;
border-collapse: collapse;
box-shadow: 0 1px 3px rgba(0,0,0,.08),inset 0 0 0 1px rgba(255,255,255,.5);
margin: 16px 0;
max-width: 100%;
}
.info-page table thead {
background-color: #f0f0f0;
}
.info-page table td,
.info-page table th {
border: 1px solid #e0dede;
padding: 10px;
}
</style>

120
deployment/configurations/example/kubernetes/values.template.yaml Normal file
View File

@ -0,0 +1,120 @@
# please duplicate template file and rename to "values.yaml" and fill in your value
# change all the below if needed
MAPBOX_TOKEN: "pk.eyJ1IjoiYnVzZmFrdG9yIiwiYSI6ImNraDNiM3JxcDBhaWQydG1uczhpZWtpOW4ifQ.7TNRTO-o9aK1Y6MyW_Nd4g"
PRODUCTION_DB_CLEAN_ALLOW: false # only true for production environments on staging servers
PUBLIC_REGISTRATION: false
INVITE_REGISTRATION: false
COOKIE_EXPIRE_TIME: 730 # days (730 days, two years is the default in main code)
CATEGORIES_ACTIVE: false
BACKEND:
# change all the below if needed
# DOCKER_IMAGE_REPO - change that to your branded docker image
# label is appended based on .Chart.appVersion
DOCKER_IMAGE_REPO: "ocelotsocialnetwork/backend-branded"
CLIENT_URI: "https://staging.ocelot.social"
# create a new one for your network
JWT_SECRET: "b/&&7b78BF&fv/Vd"
PRIVATE_KEY_PASSPHRASE: "a7dsf78sadg87ad87sfagsadg78"
# ocelot.social mail dummy
EMAIL_DEFAULT_SENDER: "devops@ocelot.social"
SMTP_HOST: "mail.ocelot.social"
SMTP_USERNAME: "devops@ocelot.social"
SMTP_PASSWORD: "devops@ocelot.social"
SMTP_PORT: "587"
SMTP_IGNORE_TLS: 'false'
SMTP_SECURE: 'false' # true for 465, false for other ports
# or
# SMTP_PORT: "465"
# SMTP_IGNORE_TLS: 'true'
# SMTP_SECURE: 'true' # true for 465, false for other ports
# most likely you don't need to change this
MIN_READY_SECONDS: "15"
PROGRESS_DEADLINE_SECONDS: "60"
REVISIONS_HISTORY_LIMIT: "25"
CONTAINER_RESTART_POLICY: "Always"
CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS: "30"
DOCKER_IMAGE_PULL_POLICY: "Always"
STORAGE_UPLOADS: "25Gi"
WEBAPP:
# change all the below if needed
# DOCKER_IMAGE_REPO - change that to your branded docker image
# label is appended based on .Chart.appVersion
DOCKER_IMAGE_REPO: "ocelotsocialnetwork/webapp-branded"
WEBSOCKETS_URI: "wss://staging.ocelot.social/api/graphql"
# Most likely you don't need to change this
REPLICAS: "2"
MIN_READY_SECONDS: "15"
PROGRESS_DEADLINE_SECONDS: "60"
REVISIONS_HISTORY_LIMIT: "25"
CONTAINER_RESTART_POLICY: "Always"
CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS: "30"
DOCKER_IMAGE_PULL_POLICY: "Always"
NEO4J:
# most likely you don't need to change this
REVISIONS_HISTORY_LIMIT: "25"
DOCKER_IMAGE_REPO: "ocelotsocialnetwork/neo4j-community-branded"
DOCKER_IMAGE_PULL_POLICY: "Always"
CONTAINER_RESTART_POLICY: "Always"
CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS: "30"
STORAGE: "5Gi"
# RESOURCE_REQUESTS_MEMORY configures the memory available for requests.
RESOURCE_REQUESTS_MEMORY: "2G"
# RESOURCE_LIMITS_MEMORY configures the memory limits available.
RESOURCE_LIMITS_MEMORY: "4G"
# required for Neo4j Enterprice version
#ACCEPT_LICENSE_AGREEMENT: "yes"
ACCEPT_LICENSE_AGREEMENT: "no"
AUTH: "none"
#DBMS_CONNECTOR_BOLT_THREAD_POOL_MAX_SIZE: "10000" # hc value
DBMS_CONNECTOR_BOLT_THREAD_POOL_MAX_SIZE: "400" # default value
#DBMS_MEMORY_HEAP_INITIAL_SIZE: "500MB" # HC value
DBMS_MEMORY_HEAP_INITIAL_SIZE: "" # default
#DBMS_MEMORY_HEAP_MAX_SIZE: "500MB" # HC value
DBMS_MEMORY_HEAP_MAX_SIZE: "" # default
#DBMS_MEMORY_PAGECACHE_SIZE: "490M" # HC value
DBMS_MEMORY_PAGECACHE_SIZE: "" # default
#APOC_IMPORT_FILE_ENABLED: "true" # HC value
APOC_IMPORT_FILE_ENABLED: "false" # default
DBMS_SECURITY_PROCEDURES_UNRESTRICTED: "algo.*,apoc.*"
MAINTENANCE:
# change all the below if needed
# DOCKER_IMAGE_REPO - change that to your branded docker image
# label is appended based on .Chart.appVersion
DOCKER_IMAGE_REPO: "ocelotsocialnetwork/maintenance-branded"
# Most likely you don't need to change this
REVISIONS_HISTORY_LIMIT: "25"
CONTAINER_RESTART_POLICY: "Always"
CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS: "30"
DOCKER_IMAGE_PULL_POLICY: "Always"
LETSENCRYPT:
# change all the below if needed
# ISSUER is used by cert-manager to set up certificates with the given provider.
# change it to "letsencrypt-production" once you are ready to have valid cetrificates.
# Be aware that the is an issuing limit with letsencrypt, so a dry run with staging might be wise
ISSUER: "letsencrypt-staging"
EMAIL: "devops@ocelot.social"
DOMAINS:
- "staging.ocelot.social"
- "www.staging.ocelot.social"
NGINX:
# most likely you don't need to change this
PROXY_BODY_SIZE: "10m"
STORAGE:
# change all the below if needed
PROVISIONER: "dobs.csi.digitalocean.com"
# most likely you don't need to change this
RECLAIM_POLICY: "Retain"
VOLUME_BINDING_MODE: "Immediate"
ALLOW_VOLUME_EXPANSION: true

36
deployment/docker-compose.apple-m1.override.yml Normal file
View File

@ -0,0 +1,36 @@
# This docker-compose file is just here for testing
version: "3.4"
services:
########################################################
# WEBAPP ###############################################
########################################################
webapp:
platform: linux/amd64
########################################################
# BACKEND ##############################################
########################################################
backend:
platform: linux/amd64
########################################################
# MAINTENANCE ##########################################
########################################################
maintenance:
platform: linux/amd64
########################################################
# NEO4J ################################################
########################################################
neo4j:
platform: linux/amd64
########################################################
# MAILSERVER TO FAKE SMTP ##############################
########################################################
# commented out, because otherwise override of production would error. and it seems unnecessary
# mailserver:
# platform: linux/amd64

103
deployment/docker-compose.ocelotsocial-branded.yml Normal file
View File

@ -0,0 +1,103 @@
# This docker-compose file is just here for testing
version: "3.4"
services:
########################################################
# WEBAPP ###############################################
########################################################
webapp:
# name the image to match our image to be tested from our DockerHub repository so that it can be pulled from there, otherwise it will be created locally from the 'dockerfile'
image: ocelotsocialnetwork/webapp-branded:latest
ports:
- 3000:3000
networks:
- test-network
depends_on:
- backend
environment:
- HOST=0.0.0.0
- GRAPHQL_URI=http://backend:4000
- MAPBOX_TOKEN="pk.eyJ1IjoiYnVzZmFrdG9yIiwiYSI6ImNraDNiM3JxcDBhaWQydG1uczhpZWtpOW4ifQ.7TNRTO-o9aK1Y6MyW_Nd4g"
# - WEBSOCKETS_URI=ws://backend:4000/graphql # is not working and not given in Docker YAML in main repo
- PUBLIC_REGISTRATION=true
- INVITE_REGISTRATION=true
- CATEGORIES_ACTIVE=true
########################################################
# BACKEND ##############################################
########################################################
backend:
# name the image to match our image to be tested from our DockerHub repository so that it can be pulled from there, otherwise it will be created locally from the 'dockerfile'
image: ocelotsocialnetwork/backend-branded:latest
networks:
- test-network
depends_on:
- neo4j
ports:
- 4000:4000
volumes:
- backend_uploads:/app/public/uploads
environment:
- NEO4J_URI=bolt://neo4j:7687
- GRAPHQL_URI=http://backend:4000
- CLIENT_URI=http://localhost:3000
- JWT_SECRET=b/&&7b78BF&fv/Vd
- MAPBOX_TOKEN=pk.eyJ1IjoiYnVzZmFrdG9yIiwiYSI6ImNraDNiM3JxcDBhaWQydG1uczhpZWtpOW4ifQ.7TNRTO-o9aK1Y6MyW_Nd4g
- PRIVATE_KEY_PASSPHRASE=a7dsf78sadg87ad87sfagsadg78
- EMAIL_SUPPORT=support@wir.social
- EMAIL_DEFAULT_SENDER=info@wir.social
# - PRODUCTION_DB_CLEAN_ALLOW=false # only true for production environments on staging servers
- PUBLIC_REGISTRATION=true
- INVITE_REGISTRATION=true
- CATEGORIES_ACTIVE=true
- SMTP_USERNAME=${SMTP_USERNAME}
- SMTP_PASSWORD=${SMTP_PASSWORD}
- SMTP_HOST=mailserver
- SMTP_PORT=25
- SMTP_IGNORE_TLS=true
########################################################
# MAINTENANCE ##########################################
########################################################
maintenance:
# name the image to match our image to be tested from our DockerHub repository so that it can be pulled from there, otherwise it will be created locally from the 'dockerfile'
image: ocelotsocialnetwork/maintenance-branded:latest
networks:
- test-network
ports:
- 3001:80
########################################################
# NEO4J ################################################
########################################################
neo4j:
# name the image to match our image to be tested from our DockerHub repository so that it can be pulled from there, otherwise it will be created locally from the 'dockerfile'
image: ocelotsocialnetwork/neo4j-community-branded:latest
networks:
- test-network
environment:
- NEO4J_AUTH=none
- NEO4J_dbms_security_procedures_unrestricted=algo.*,apoc.*
- NEO4J_ACCEPT_LICENSE_AGREEMENT=yes
ports:
- 7687:7687
volumes:
- neo4j_data:/data
########################################################
# MAILSERVER TO FAKE SMTP ##############################
########################################################
mailserver:
image: djfarrelly/maildev
ports:
- 1080:80
networks:
- test-network
networks:
test-network:
volumes:
backend_uploads:
neo4j_data:

166
deployment/docker-compose.yml Normal file
View File

@ -0,0 +1,166 @@
# This docker-compose file is just here for testing
version: "3.4"
services:
webapp-base:
image: ocelotsocialnetwork/webapp:local-base
build:
dockerfile: ../webapp/Dockerfile
context: ../webapp
target: base
webapp-code:
image: ocelotsocialnetwork/webapp:local-code
build:
dockerfile: ../webapp/Dockerfile
context: ../webapp
target: code
webapp:
image: ocelotsocialnetwork/webapp-branded:local-${CONFIGURATION}
container_name: webapp
build:
dockerfile: src/docker/webapp.Dockerfile
target: branded
context: .
args:
- CONFIGURATION=$CONFIGURATION
- APP_IMAGE_TAG_BASE=local-base
- APP_IMAGE_TAG_CODE=local-code
ports:
- 3000:3000
networks:
- test-network
depends_on:
- backend
- webapp-base
- webapp-code
env_file:
- .env
environment:
- HOST=0.0.0.0
- GRAPHQL_URI=http://backend:4000
- MAPBOX_TOKEN="pk.eyJ1IjoiYnVzZmFrdG9yIiwiYSI6ImNraDNiM3JxcDBhaWQydG1uczhpZWtpOW4ifQ.7TNRTO-o9aK1Y6MyW_Nd4g"
# - WEBSOCKETS_URI=ws://backend:4000/graphql # is not working and not given in Docker YAML in main repo
- PUBLIC_REGISTRATION=true
- INVITE_REGISTRATION=true
- CATEGORIES_ACTIVE=true
backend-base:
image: ocelotsocialnetwork/backend:local-base
build:
dockerfile: ../backend/Dockerfile
context: ../backend
target: base
backend-code:
image: ocelotsocialnetwork/backend:local-code
build:
dockerfile: ../backend/Dockerfile
context: ../backend
target: code
backend:
image: ocelotsocialnetwork/backend-branded:local-${CONFIGURATION}
container_name: backend
build:
dockerfile: src/docker/backend.Dockerfile
target: branded
context: .
args:
- CONFIGURATION=$CONFIGURATION
- APP_IMAGE_TAG_BASE=local-base
- APP_IMAGE_TAG_CODE=local-code
networks:
- test-network
depends_on:
- neo4j
- backend-base
- backend-code
ports:
- 4000:4000
volumes:
- backend_uploads:/app/public/uploads
environment:
- NEO4J_URI=bolt://neo4j:7687
- GRAPHQL_URI=http://backend:4000
- CLIENT_URI=http://localhost:3000
- JWT_SECRET=b/&&7b78BF&fv/Vd
- MAPBOX_TOKEN=pk.eyJ1IjoiYnVzZmFrdG9yIiwiYSI6ImNraDNiM3JxcDBhaWQydG1uczhpZWtpOW4ifQ.7TNRTO-o9aK1Y6MyW_Nd4g
- PRIVATE_KEY_PASSPHRASE=a7dsf78sadg87ad87sfagsadg78
- EMAIL_SUPPORT=support@wir.social
- EMAIL_DEFAULT_SENDER=info@wir.social
- PUBLIC_REGISTRATION=true
- INVITE_REGISTRATION=true
- CATEGORIES_ACTIVE=true
- SMTP_USERNAME=${SMTP_USERNAME}
- SMTP_PASSWORD=${SMTP_PASSWORD}
- SMTP_HOST=mailserver
- SMTP_PORT=25
- SMTP_IGNORE_TLS=true
#- PRODUCTION_DB_CLEAN_ALLOW=true
- NODE_ENV=development
maintenance-base:
image: ocelotsocialnetwork/maintenance:local-base
build:
dockerfile: ../webapp/Dockerfile.maintenance
context: ../webapp
target: base
maintenance-code:
image: ocelotsocialnetwork/maintenance:local-code
build:
dockerfile: ../webapp/Dockerfile.maintenance
context: ../webapp
target: code
maintenance:
# name the image so that it cannot be found in a DockerHub repository, otherwise it will not be built locally from the 'dockerfile' but pulled from there
image: ocelotsocialnetwork/maintenance-branded:local-${CONFIGURATION}
container_name: maintenance
build:
# TODO: Separate from webapp, this must be independent
dockerfile: src/docker/maintenance.Dockerfile
target: branded
context: .
args:
- CONFIGURATION=$CONFIGURATION
- APP_IMAGE_TAG_BASE=local-base
- APP_IMAGE_TAG_CODE=local-code
networks:
- test-network
depends_on:
- maintenance-base
- maintenance-code
ports:
- 3001:80
neo4j:
image: ocelotsocialnetwork/neo4j-community:latest
container_name: neo4j
networks:
- test-network
volumes:
- neo4j_data:/data
environment:
- NEO4J_AUTH=none
- NEO4J_dbms_security_procedures_unrestricted=algo.*,apoc.*
- NEO4J_ACCEPT_LICENSE_AGREEMENT=yes
ports:
- 7687:7687
- 7474:7474
mailserver:
image: djfarrelly/maildev
container_name: mailserver
ports:
- 1080:80
networks:
- test-network
networks:
test-network:
volumes:
backend_uploads:
neo4j_data:

52
deployment/scripts/branded-images.build.sh Executable file
View File

@ -0,0 +1,52 @@
#!/bin/bash
# for a branded version you should pass the following env variables:
# CONFIGURATION - your configuration folder name
# DOCKERHUB_ORGANISATION - your dockerhub organisation
# OCELOT_VERSION - specify the specific tag to build upon e.g. 2.4.0-300
# base setup
SCRIPT_PATH=$(realpath $0)
SCRIPT_DIR=$(dirname $SCRIPT_PATH)
# configuration
CONFIGURATION=${CONFIGURATION:-"example"}
DOCKERHUB_ORGANISATION=${DOCKERHUB_ORGANISATION:-"ocelotsocialnetwork"}
OCELOT_VERSION=${OCELOT_VERSION:-$(node -p -e "require('${SCRIPT_DIR}/../../package.json').version")}
BRANDED_VERSION=${BRANDED_VERSION:-${GITHUB_RUN_NUMBER:-"local"}}
BUILD_DATE=${BUILD_DATE:-$(date -u +'%Y-%m-%dT%H:%M:%SZ')}
BUILD_VERSION=${BRANDED_VERSION}-ocelot.social${OCELOT_VERSION}
BUILD_COMMIT=${GITHUB_SHA:-"0000000"}
# backend
docker build --target branded \
-t "${DOCKERHUB_ORGANISATION}/backend-branded:latest" \
-t "${DOCKERHUB_ORGANISATION}/backend-branded:${OCELOT_VERSION}" \
-t "${DOCKERHUB_ORGANISATION}/backend-branded:${BUILD_VERSION}" \
-f "${SCRIPT_DIR}/../src/docker/backend.Dockerfile" \
--build-arg "CONFIGURATION=${CONFIGURATION}" \
--build-arg "APP_IMAGE_TAG_CODE=${OCELOT_VERSION}-code" \
--build-arg "APP_IMAGE_TAG_BASE=${OCELOT_VERSION}-base" \
"${SCRIPT_DIR}/../."
# webapp
docker build --target branded \
-t "${DOCKERHUB_ORGANISATION}/webapp-branded:latest" \
-t "${DOCKERHUB_ORGANISATION}/webapp-branded:${OCELOT_VERSION}" \
-t "${DOCKERHUB_ORGANISATION}/webapp-branded:${BUILD_VERSION}" \
-f "${SCRIPT_DIR}/../src/docker/webapp.Dockerfile" \
--build-arg "CONFIGURATION=${CONFIGURATION}" \
--build-arg "APP_IMAGE_TAG_CODE=${OCELOT_VERSION}-code" \
--build-arg "APP_IMAGE_TAG_BASE=${OCELOT_VERSION}-base" \
"${SCRIPT_DIR}/../."
# mainteance
docker build --target branded \
-t "${DOCKERHUB_ORGANISATION}/maintenance-branded:latest" \
-t "${DOCKERHUB_ORGANISATION}/maintenance-branded:${OCELOT_VERSION}" \
-t "${DOCKERHUB_ORGANISATION}/maintenance-branded:${BUILD_VERSION}" \
-f "${SCRIPT_DIR}/../src/docker/maintenance.Dockerfile" \
--build-arg "CONFIGURATION=${CONFIGURATION}" \
--build-arg "APP_IMAGE_TAG_CODE=${OCELOT_VERSION}-code" \
--build-arg "APP_IMAGE_TAG_BASE=${OCELOT_VERSION}-base" \
"${SCRIPT_DIR}/../."

35
deployment/scripts/branded-images.upload.sh Executable file
View File

@ -0,0 +1,35 @@
#!/bin/bash
# for a branded version you should pass the following env variables:
# DOCKERHUB_ORGANISATION - your dockerhub organisation
# OCELOT_VERSION - specify the specific tag to build upon e.g. 2.4.0-300
# DOCKERHUB_USERNAME - your dockerhub username
# DOCKERHUB_TOKEN - your dockerhub access token
# base setup
SCRIPT_PATH=$(realpath $0)
SCRIPT_DIR=$(dirname $SCRIPT_PATH)
# configuration
DOCKERHUB_ORGANISATION=${DOCKERHUB_ORGANISATION:-"ocelotsocialnetwork"}
OCELOT_VERSION=${OCELOT_VERSION:-$(node -p -e "require('${SCRIPT_DIR}/../../package.json').version")}
BRANDED_VERSION=${BRANDED_VERSION:-${GITHUB_RUN_NUMBER:-"local"}}
BUILD_VERSION=${BRANDED_VERSION}-ocelot.social${OCELOT_VERSION}
# login to dockerhub
echo "${DOCKERHUB_TOKEN}" | docker login -u "${DOCKERHUB_USERNAME}" --password-stdin
# push backend images
docker push ${DOCKERHUB_ORGANISATION}/backend-branded:latest
docker push ${DOCKERHUB_ORGANISATION}/backend-branded:${OCELOT_VERSION}
docker push ${DOCKERHUB_ORGANISATION}/backend-branded:${BUILD_VERSION}
# push webapp images
docker push ${DOCKERHUB_ORGANISATION}/webapp-branded:latest
docker push ${DOCKERHUB_ORGANISATION}/webapp-branded:${OCELOT_VERSION}
docker push ${DOCKERHUB_ORGANISATION}/webapp-branded:${BUILD_VERSION}
# push maintenance images
docker push ${DOCKERHUB_ORGANISATION}/maintenance-branded:latest
docker push ${DOCKERHUB_ORGANISATION}/maintenance-branded:${OCELOT_VERSION}
docker push ${DOCKERHUB_ORGANISATION}/maintenance-branded:${BUILD_VERSION}

13
deployment/scripts/cluster.upgrade.sh Executable file
View File

@ -0,0 +1,13 @@
#!/bin/bash
# base setup
SCRIPT_PATH=$(realpath $0)
SCRIPT_DIR=$(dirname $SCRIPT_PATH)
# configuration
CONFIGURATION=${CONFIGURATION:-"example"}
KUBECONFIG=${KUBECONFIG:-${SCRIPT_DIR}/../configurations/${CONFIGURATION}/kubeconfig.yaml}
VALUES=${SCRIPT_DIR}/../configurations/${CONFIGURATION}/kubernetes/values.yaml
# upgrade with helm
helm --kubeconfig=${KUBECONFIG} upgrade ocelot --values ${VALUES} ${SCRIPT_DIR}/../src/kubernetes/ --debug --timeout 10m

46
deployment/src/docker/backend.Dockerfile Normal file
View File

@ -0,0 +1,46 @@
ARG APP_IMAGE=ocelotsocialnetwork/backend
ARG APP_IMAGE_TAG_BASE=latest-base
ARG APP_IMAGE_TAG_CODE=latest-code
ARG APP_IMAGE_BASE=${APP_IMAGE}:${APP_IMAGE_TAG_BASE}
ARG APP_IMAGE_CODE=${APP_IMAGE}:${APP_IMAGE_TAG_CODE}
##################################################################################
# CODE (branded) #################################################################
##################################################################################
FROM $APP_IMAGE_CODE as code
ARG CONFIGURATION=example
# copy public constants and email templates into the Docker image to brand it
COPY configurations/${CONFIGURATION}/branding/constants/emails.js src/config/
COPY configurations/${CONFIGURATION}/branding/constants/logos.js src/config/
COPY configurations/${CONFIGURATION}/branding/constants/metadata.js src/config/
COPY configurations/${CONFIGURATION}/branding/email/ src/middleware/helpers/email/
##################################################################################
# BUILD ##########################################################################
##################################################################################
FROM code as build
# yarn install
RUN yarn install --production=false --frozen-lockfile --non-interactive
# yarn build
RUN yarn run build
##################################################################################
# BRANDED (Does contain only "binary"- and static-files to reduce image size) ####
##################################################################################
FROM $APP_IMAGE_BASE as branded
# TODO - do all copying with one COPY command to have one layer
# Copy "binary"-files from build image
COPY --from=build ${DOCKER_WORKDIR}/dist ./dist
COPY --from=build ${DOCKER_WORKDIR}/node_modules ./node_modules
# TODO - externalize the uploads so we can copy the whole folder
COPY --from=build ${DOCKER_WORKDIR}/public/img/ ./public/img/
COPY --from=build ${DOCKER_WORKDIR}/public/providers.json ./public/providers.json
# Copy package.json for script definitions (lock file should not be needed)
COPY --from=build ${DOCKER_WORKDIR}/package.json ./package.json
# Run command
CMD /bin/sh -c "yarn run start"

38
deployment/src/docker/maintenance.Dockerfile Normal file
View File

@ -0,0 +1,38 @@
ARG APP_IMAGE=ocelotsocialnetwork/maintenance
ARG APP_IMAGE_TAG_BASE=latest-base
ARG APP_IMAGE_TAG_CODE=latest-code
ARG APP_IMAGE_BASE=${APP_IMAGE}:${APP_IMAGE_TAG_BASE}
ARG APP_IMAGE_CODE=${APP_IMAGE}:${APP_IMAGE_TAG_CODE}
##################################################################################
# CODE (branded) #################################################################
##################################################################################
FROM $APP_IMAGE_CODE as code
ARG CONFIGURATION=example
# copy public constants into the Docker image to brand it
COPY configurations/${CONFIGURATION}/branding/static/ static/
COPY configurations/${CONFIGURATION}/branding/constants/ constants/
COPY configurations/${CONFIGURATION}/branding/locales/ locales/
##################################################################################
# BUILD ##########################################################################
##################################################################################
FROM code as build
# yarn install
## unnicely done in $APP_IMAGE_CODE at the moment, see main repo
# RUN yarn install --production=false --frozen-lockfile --non-interactive
# yarn generate
RUN yarn run generate
##################################################################################
# BRANDED ### TODO # TODO # TODO # TODO # TODO # TODO # TODO # TODO # TODO ####
##################################################################################
# FROM $APP_IMAGE_BASE as branded
FROM nginx:alpine as branded
COPY --from=build ./app/dist/ /usr/share/nginx/html/
RUN rm /etc/nginx/conf.d/default.conf
COPY --from=code ./app/maintenance/nginx/custom.conf /etc/nginx/conf.d/

61
deployment/src/docker/webapp.Dockerfile Normal file
View File

@ -0,0 +1,61 @@
ARG APP_IMAGE=ocelotsocialnetwork/webapp
ARG APP_IMAGE_TAG_BASE=latest-base
ARG APP_IMAGE_TAG_CODE=latest-code
ARG APP_IMAGE_BASE=${APP_IMAGE}:${APP_IMAGE_TAG_BASE}
ARG APP_IMAGE_CODE=${APP_IMAGE}:${APP_IMAGE_TAG_CODE}
##################################################################################
# CODE (branded) #################################################################
##################################################################################
FROM $APP_IMAGE_CODE as code
ARG CONFIGURATION=example
# copy public constants into the Docker image to brand it
COPY src/tools/ tools/
COPY configurations/${CONFIGURATION}/branding/static/ static/
COPY configurations/${CONFIGURATION}/branding/constants/ constants/
COPY configurations/${CONFIGURATION}/branding/locales/html/ locales/html/
# COPY configurations/${CONFIGURATION}/branding/locales/index.js locales/index.js
COPY configurations/${CONFIGURATION}/branding/locales/*.json locales/tmp/
COPY configurations/${CONFIGURATION}/branding/assets/styles/imports/ assets/styles/imports/
COPY configurations/${CONFIGURATION}/branding/assets/fonts/ assets/fonts/
RUN apk add --no-cache bash jq
RUN tools/merge-locales.sh
##################################################################################
# BUILD ##########################################################################
##################################################################################
FROM code as build
# yarn install
RUN yarn install --production=false --frozen-lockfile --non-interactive
# yarn build
RUN yarn run build
##################################################################################
# BRANDED (Does contain only "binary"- and static-files to reduce image size) ####
##################################################################################
FROM $APP_IMAGE_BASE as branded
# TODO - do all copying with one COPY command to have one layer
# Copy "binary"-files from build image
COPY --from=build ${DOCKER_WORKDIR}/.nuxt ./.nuxt
COPY --from=build ${DOCKER_WORKDIR}/node_modules ./node_modules
COPY --from=build ${DOCKER_WORKDIR}/nuxt.config.js ./nuxt.config.js
# Copy static files
# TODO - this seems not be needed anymore for the new rebranding
# TODO - this should be one Folder containign all stuff needed to be copied
COPY --from=build ${DOCKER_WORKDIR}/config/ ./config/
COPY --from=build ${DOCKER_WORKDIR}/constants ./constants
COPY --from=build ${DOCKER_WORKDIR}/static ./static
COPY --from=build ${DOCKER_WORKDIR}/locales ./locales
COPY --from=build ${DOCKER_WORKDIR}/assets/styles/imports ./assets/styles/imports
COPY --from=build ${DOCKER_WORKDIR}/assets/fonts ./assets/fonts
# Copy package.json for script definitions (lock file should not be needed)
COPY --from=build ${DOCKER_WORKDIR}/package.json ./package.json
# Run command
CMD /bin/sh -c "yarn run start"

3
deployment/src/kubernetes/.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
/dns.values.yaml
/nginx.values.yaml
/values.yaml

305
deployment/src/kubernetes/Backup.md Normal file
View File

@ -0,0 +1,305 @@
# Kubernetes Backup Of Ocelot.Social
One of the most important tasks in managing a running [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) network is backing up the data, e.g. the Neo4j database and the stored image files.
## Manual Offline Backup
To prepare, [kubectl](https://kubernetes.io/docs/tasks/tools/) must be installed and ready to use so that you have access to Kubernetes on your server.
Check if the correct context is used by running the following commands:
```bash
# check context and set the correct one
$ kubectl config get-contexts
# if the wrong context is chosen use it
$ kubectl config use-context <your-context>
# if you like check additionally if all pods are running well
$ kubectl -n default get pods -o wide
```
The very first step is to put the website into **maintenance mode**.
### Set Maintenance Mode
There are two ways to put the network into maintenance mode:
- via Kubernetes Dashboard
- via `kubectl`
#### Maintenance Mode Via Kubernetes Dashboard
In the Kubernetes Dashboard, you can select `Ingresses` from the left side menu under `Service`.
After that, in the list that appears, you will find the entry `ingress-ocelot-webapp`, which has three dots on the right, where you can click to edit the entry.
You can scroll to the end of the YAML file, where you will find one or more `host` entries under `rules`, one for each domain of the network.
In all entries, change the value of the `serviceName` entry from ***ocelot-webapp*** to `ocelot-maintenance` and the value of the `servicePort` entry from ***3000*** to `80`.
First, check if your website is still online.
After you click `Update`, the new settings will be applied and you will find your website in maintenance mode.
#### Maintenance Mode Via `kubectl`
To put the network into maintenance mode, run the following commands in the terminal:
```bash
# list ingresses
$ kubectl get ingress -n default
# edit ingress
$ kubectl -n default edit ingress ingress-ocelot-webapp
```
Change the content of the YAML file for all domains to:
```yaml
spec:
rules:
- host: network-domain.social
http:
paths:
- backend:
# serviceName: ocelot-webapp
# servicePort: 3000
serviceName: ocelot-maintenance
servicePort: 80
```
First, check if your website is still online.
After you save the file, the new settings will be applied and you will find your website in maintenance mode.
### Neo4j Database Offline Backup
Before we can back up the database, we need to put it into **sleep mode**.
#### Set Neo4j To Sleep Mode
Again there are two ways to put the network into sleep mode:
- via Kubernetes Dashboard
- via `kubectl`
##### Sleep Mode Via Kubernetes Dashboard
In the Kubernetes Dashboard, you can select `Deployments` from the left side menu under `Workloads`.
After that, in the list that appears, you will find the entry `ocelot-neo4j`, which has three dots on the right, where you can click to edit the entry.
Scroll to the end of the YAML file where you will find the `spec.template.spec.containers` entry. Here you can insert the `command` entry directly after `imagePullPolicy` in a new line.
```yaml
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
command: ["tail", "-f", "/dev/null"]
```
After clicking `Update`, the new settings will be applied and you should check in the `Pods` menu item on the left side if the `ocelot-neo4j-<ID>` pod restarts.
##### Sleep Mode Via `kubectl`
To put Neo4j into sleep mode, run the following commands in the terminal:
```bash
# list deployments
$ kubectl get deployments -n default
# edit deployment
$ kubectl -n default edit deployment ocelot-neo4j
```
Scroll to the `spec.template.spec.containers` entry. Here you can insert the `command` entry directly after `imagePullPolicy` in a new line.
```yaml
image: <network-DockerHub-name>/neo4j-community-branded:latest
imagePullPolicy: Always
command: ["tail", "-f", "/dev/null"]
```
After pressing enter, the new settings will be applied and you should check if the `ocelot-neo4j-<ID>` pod restarts.
Use command:
```bash
# check if the old pod restarts
$ kubectl -n default get pods -o wide
```
#### Generate Offline Backup
The offline backup is generated via `kubectl`:
```bash
# check for the Neo4j pod
$ kubectl -n default get pods -o wide
# ls: see wish backup dumps are already there
$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-neo4j | awk '{ print $1 }') -- ls
# bash: enter bash of Neo4j
$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-neo4j | awk '{ print $1 }') -- bash
# generate Dump
neo4j% neo4j-admin dump --to=/var/lib/neo4j/$(date +%F)-neo4j-dump
# exit bash
neo4j% exit
# ls: see if the new backup dump is there
$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-neo4j | awk '{ print $1 }') -- ls
```
Lets copy the dump backup
```bash
# copy dump onto backup volume direct
$ kubectl cp default/$(kubectl -n default get pods | grep ocelot-neo4j |awk '{ print $1 }'):/var/lib/neo4j/$(date +%F)-neo4j-dump /Volumes/<volume-name>/$(date +%F)-neo4j-dump
```
#### Remove Sleep Mode From Neo4j
Again there are two ways to put the network into working mode:
- via Kubernetes Dashboard
- via `kubectl`
##### Remove Sleep Mode Via Kubernetes Dashboard
In the Kubernetes Dashboard, you can select `Deployments` from the left side menu under `Workloads`.
After that, in the list that appears, you will find the entry `ocelot-neo4j`, which has three dots on the right, where you can click to edit the entry.
Scroll to the `spec.template.spec.containers.command` entry and remove the whole `command` entry like:
```yaml
containers:
- name: container-ocelot-neo4j
image: 'senderfm/neo4j-community-branded:latest'
command:
- tail
- '-f'
- /dev/null
ports:
- containerPort: 7687
protocol: TCP
```
And get:
```yaml
containers:
- name: container-ocelot-neo4j
image: 'senderfm/neo4j-community-branded:latest'
ports:
- containerPort: 7687
protocol: TCP
```
After clicking `Update`, the new settings will be applied and you should check in the `Pods` menu item on the left side if the `ocelot-neo4j-<ID>` pod restarts.
##### Remove Sleep Mode Via `kubectl`
To put Neo4j into working mode, run the following commands in the terminal:
```bash
# list deployments
$ kubectl get deployments -n default
# edit deployment
$ kubectl -n default edit deployment ocelot-neo4j
```
Scroll to the `spec.template.spec.containers.command` entry and remove the whole `command` entry like:
```yaml
spec:
containers:
- command:
- tail
- -f
- /dev/null
envFrom:
- configMapRef:
name: configmap-ocelot-neo4j
```
And get:
```yaml
spec:
containers:
- envFrom:
- configMapRef:
name: configmap-ocelot-neo4j
```
After pressing enter, the new settings will be applied and you should check if the `ocelot-neo4j-<ID>` pod restarts.
Use command:
```bash
# check if the old pod restarts
$ kubectl -n default get pods -o wide
```
### Backend Backup
To back up the images from the backend volume, run commands:
```bash
# ls: backend/public/uploads
$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-backend | awk '{ print $1 }') -- ls public/uploads
# copy all images from upload to backup volume direct
$ kubectl cp default/$(kubectl -n default get pods | grep ocelot-backend |awk '{ print $1 }'):/app/public/uploads /Volumes/<volume-name>/$(date +%F)-public-uploads
```
### Remove Maintenance Mode
There are two ways to put the network into working mode:
- via Kubernetes Dashboard
- via `kubectl`
#### Remove Maintenance Mode Via Kubernetes Dashboard
In the Kubernetes Dashboard, you can select `Ingresses` from the left side menu under `Service`.
After that, in the list that appears, you will find the entry `ingress-ocelot-webapp`, which has three dots on the right, where you can click to edit the entry.
You can scroll to the end of the YAML file, where you will find one or more `host` entries under `rules`, one for each domain of the network.
In all entries, change the value of the `serviceName` entry from ***ocelot-maintenance*** to `ocelot-webapp` and the value of the `servicePort` entry from ***80*** to `3000`.
First, check if your website is still in maintenance mode.
After you click `Update`, the new settings will be applied and you will find your website online again.
#### Remove Maintenance Mode Via `kubectl`
To put the network into working mode, run the following commands in the terminal:
```bash
# list ingresses
$ kubectl get ingress -n default
# edit ingress
$ kubectl -n default edit ingress ingress-ocelot-webapp
```
Change the content of the YAML file for all domains to:
```yaml
spec:
rules:
- host: network-domain.social
http:
paths:
- backend:
serviceName: ocelot-webapp
servicePort: 3000
# serviceName: ocelot-maintenance
# servicePort: 80
```
First, check if your website is still in maintenance mode.
After you save the file, the new settings will be applied and you will find your website online again.
XXX
```bash
# Dump: Create a Backup in Kubernetes: https://docs.human-connection.org/human-connection/deployment/volumes/neo4j-offline-backup#create-a-backup-in-kubernetes
```

39
deployment/src/kubernetes/Chart.yaml Normal file
View File

@ -0,0 +1,39 @@
type: application
apiVersion: v2
name: ocelot-social
version: "1.0.0"
# The appVersion defines which docker image is pulled.
# Having it set to latest will pull the latest build on dockerhub.
# You are free to define a specific version here tho.
# e.g. appVersion: "latest" or "1.0.2-3-ocelot.social1.0.2-79"
# Be aware that this requires all your apps to have the same docker image version available.
appVersion: "latest"
description: The Helm chart for ocelot.social
home: https://ocelot.social
sources:
- https://github.com/Ocelot-Social-Community/
- https://github.com/Ocelot-Social-Community/Ocelot-Social
- https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding
maintainers:
- name: Ulf Gebhardt
email: ulf.gebhardt@webcraft-media.de
url: https://www.webcraft-media.de/#!ulf_gebhardt
icon: https://github.com/Ocelot-Social-Community/Ocelot-Social/raw/master/webapp/static/img/custom/welcome.svg
deprecated: false
# Unused Fields
#dependencies: # A list of the chart requirements (optional)
# - name: ingress-nginx
# version: v1.10.0
# repository: https://kubernetes.github.io/ingress-nginx
# condition: (optional) A yaml path that resolves to a boolean, used for enabling/disabling charts (e.g. subchart1.enabled )
# tags: # (optional)
# - Tags can be used to group charts for enabling/disabling together
# import-values: # (optional)
# - ImportValues holds the mapping of source values to parent key to be imported. Each item can be a string or pair of child/parent sublist items.
# alias: (optional) Alias to be used for the chart. Useful when you have to add the same chart multiple times
#kubeVersion: A SemVer range of compatible Kubernetes versions (optional)
#keywords:
# - A list of keywords about this project (optional)
#annotations:
# example: A list of annotations keyed by name (optional).

84
deployment/src/kubernetes/DigitalOcean.md Normal file
View File

@ -0,0 +1,84 @@
# DigitalOcean
If you want to set up a [Kubernetes](https://kubernetes.io) cluster on [DigitalOcean](https://www.digitalocean.com), follow this guide.
## Create Account
Create an account with DigitalOcean.
## Add Project
On the left side you will see a menu. Click on `New Project`. Enter a name and click `Create Project`.
Skip moving resources, probably.
## Create Kubernetes Cluster
On the right top you find the button `Create`. Click on it and choose `Kubernetes - Create Kubernetes Cluster`.
- use the latest Kubernetes version
- choose your datacenter region
- name your node pool: e.g. `pool-<your-network-name>`
- `2 Basic nodes` with `2.5 GB RAM (total of 4 GB)`, `2 shared CPUs`, and `80 GB Disk` each is optimal for the beginning
- set your cluster name: e.g. `cluster-<your-network-name>`
- select your project
- no tags necessary
## Getting Started
After your cluster is set up see progress bar above click on `Getting started`. Please install the following management tools:
- [kubectl v1.24.1](https://kubernetes.io/docs/tasks/tools/)
- [doctl v1.78.0](https://github.com/digitalocean/doctl)
Install the tools as described on the tab or see the links here.
After the installation, click on `Continue`.
### Download Configuration File
Follow the steps to download the configuration file.
You can skip this step if necessary, as you can download the file later. You can then do this by clicking on `Kubernetes` in the left menu. In the menu to the right of the cluster name in the cluster list, click on `More` and select `Download Config`.
### Patch & Minor Version Upgrades
Skip `Patch & Minor Version Upgrades` for now.
### Install 1-Click Apps
You don't need a 1-click app. Our helmet script will install the required NGINXs.
Therefore, skip this step as well.
## DNS Configuration
There are the following two ways to set up the DNS.
### Manage DNS With A Different Domain Provider
If you have registered your domain or subdomain with another domain provider, add an `A` record there with one of the IP addresses from one of the cluster droplets in the DNS.
To find the correct IP address to set in the DNS `A` record, click `Droplets` in the left main menu.
A list of all your droplets will be displayed.
Take one of the IPs of perhaps two or more droplets in your cluster from the list and enter it into the `A` record.
### Manage DNS With DigitalOcean
***TODO:** How to configure the DigitalOcean DNS management service …*
To understand what makes sense to do when managing your DNS with DigitalOcean, you need to know how DNS works:
DNS means `Domain Name System`. It resolves domains like `example.com` into an IP like `123.123.123.123`.
DigitalOcean is not a domain registrar, but provides a DNS management service. If you use DigitalOcean's DNS management service, you can configure [your cluster](/deployment/kubernetes/README.md#dns) to always resolve the domain to the correct IP and automatically update it for that.
The IPs of the DigitalOcean machines are not necessarily stable, so the cluster's DNS service will update the DNS records managed by DigitalOcean to the new IP as needed.
***CAUTION:** If you are using an external DNS, you currently have to do this manually, which can cause downtime.*
## Deploy
Yeah, you're done here. Back to [Deployment with Helm for Kubernetes](/deployment/kubernetes/README.md).
## Backups On DigitalOcean
You can and should do [backups](/deployment/kubernetes/Backup.md) with Kubernetes for sure.
Additional to backup and copying the Neo4j database dump and the backend images you can do a volume snapshot on DigitalOcean at the moment you have the database in sleep mode.

299
deployment/src/kubernetes/README.md Normal file
View File

@ -0,0 +1,299 @@
# Kubernetes Helm Installation Of Ocelot.Social
Deploying [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) with [Helm](https://helm.sh) for [Kubernetes](https://kubernetes.io) is very straight forward. All you have to do is to change certain parameters, like domain names and API keys, then you just install our provided Helm chart to your cluster.
## Kubernetes Cloud Hosting
There are various ways to set up your own or a managed Kubernetes cluster. We will extend the following lists over time.
Please contact us if you are interested in options not listed below.
Managed Kubernetes:
- [DigitalOcean](/deployment/kubernetes/DigitalOcean.md)
## Configuration
You can customize the network server with your configuration by duplicate the `values.template.yaml` to a new `values.yaml` file and change it to your need. All included variables will be available as environment variables in your deployed kubernetes pods.
Besides the `values.template.yaml` file we provide a `nginx.values.template.yaml` and `dns.values.template.yaml` for a similar procedure. The new `nginx.values.yaml` is the configuration for the ingress-nginx Helm chart, while the `dns.values.yaml` file is for automatically updating the dns values on DigitalOcean and therefore optional.
## Installation
Due to the many limitations of Helm you still have to do several manual steps.
Those occur before you run the actual *ocelot.social* Helm chart.
Obviously it is expected of you to have `helm` and `kubectl` installed.
For the cert-manager you may need `cmctl`, see below.
For DigitalOcean you may also need `doctl`.
Install:
- [kubectl v1.24.1](https://kubernetes.io/docs/tasks/tools/)
- [doctl v1.78.0](https://docs.digitalocean.com/reference/doctl/how-to/install/)
- [cmctl v1.8.2](https://cert-manager.io/docs/usage/cmctl/#installation)
- [helm v3.9.0](https://helm.sh/docs/intro/install/)
### Cert Manager (https)
Please refer to [cert-manager.io docs](https://cert-manager.io/docs/installation/) for more details.
***ATTENTION:*** *Be with the Terminal in your repository in the folder of this README.*
We have three ways to install the cert-manager, purely via `kubectl`, via `cmctl`, or with `helm`.
We recommend using `helm` because then we do not mix the installation methods.
Please have a look here:
- [Installing with Helm](https://cert-manager.io/docs/installation/helm/#installing-with-helm)
Our Helm installation is optimized for cert-manager version `v1.9.1` and `kubectl` version `"v1.24.2`.
Please search here for cert-manager versions that are compatible with your `kubectl` version on the cluster and on the client: [cert-manager Supported Releases](https://cert-manager.io/docs/installation/supported-releases/#supported-releases).
***ATTENTION:*** *When uninstalling cert-manager, be sure to use the same method as for installation! Otherwise, we could end up in a broken state, see [Uninstall](https://cert-manager.io/docs/installation/kubectl/#uninstalling).*
<!-- #### 1. Create Namespace
```bash
# kubeconfig.yaml set globaly
$ kubectl create namespace cert-manager
# or kubeconfig.yaml in your repo, then adjust
$ kubectl --kubeconfig=/../kubeconfig.yaml create namespace cert-manager
```
#### 2. Add Helm repository and update
```bash
$ helm repo add jetstack https://charts.jetstack.io
$ helm repo update
```
#### 3. Install Cert-Manager Helm chart
```bash
# option 1
# this can't be applied via kubectl to our cluster since the CRDs can't be installed properly this way ...
# $ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.crds.yaml
# option 2
# kubeconfig.yaml set globaly
$ helm install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--version v1.9.1 \
--set installCRDs=true
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml \
install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--version v1.9.1 \
--set installCRDs=true
``` -->
### Ingress-Nginx
#### 1. Add Helm repository for `ingress-nginx` and update
```bash
$ helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
$ helm repo update
```
#### 2. Install ingress-nginx
```bash
# kubeconfig.yaml set globaly
$ helm install ingress-nginx ingress-nginx/ingress-nginx -f nginx.values.yaml
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml install ingress-nginx ingress-nginx/ingress-nginx -f nginx.values.yaml
```
### DigitalOcean Firewall
This is only necessary if you run DigitalOcean without load balancer ([see here for more info](https://stackoverflow.com/questions/54119399/expose-port-80-on-digital-oceans-managed-kubernetes-without-a-load-balancer/55968709)) .
#### 1. Authenticate towards DO with your local `doctl`
You will need a DO token for that.
```bash
# without doctl context
$ doctl auth init
# with doctl new context to be filled in
$ doctl auth init --context <new-context-name>
```
You will need an API token, which you can generate in the control panel at <https://cloud.digitalocean.com/account/api/tokens> .
#### 2. Generate DO firewall
Get the `CLUSTER_UUID` value from the dashboard or from the ID column via `doctl kubernetes cluster list`:
```bash
# need to apply access token by `doctl auth init` before
$ doctl kubernetes cluster list
```
Fill in the `CLUSTER_UUID` and `your-domain`. The latter with hyphens `-` instead of dots `.`:
```bash
# without doctl context
$ doctl compute firewall create \
--inbound-rules="protocol:tcp,ports:80,address:0.0.0.0/0,address:::/0 protocol:tcp,ports:443,address:0.0.0.0/0,address:::/0" \
--tag-names=k8s:<CLUSTER_UUID> \
--name=<your-domain>-http-https
# with doctl context to be filled in
$ doctl compute firewall create \
--inbound-rules="protocol:tcp,ports:80,address:0.0.0.0/0,address:::/0 protocol:tcp,ports:443,address:0.0.0.0/0,address:::/0" \
--tag-names=k8s:<CLUSTER_UUID> \
--name=<your-domain>-http-https --context <context-name>
```
To get informations about your success use this command. (Fill in the `ID` you got at creation.):
```bash
# without doctl context
$ doctl compute firewall get <ID>
# with doctl context to be filled in
$ doctl compute firewall get <ID> --context <context-name>
```
### DNS
***TODO:** I thought this is necessary if we use the DigitalOcean DNS management service? See [Manage DNS With DigitalOcean](/deployment/kubernetes/DigitalOcean.md#manage-dns-with-digitalocean)*
This chart is only necessary (recommended is more precise) if you run DigitalOcean without load balancer.
You need to generate an access token with read + write for the `dns.values.yaml` at <https://cloud.digitalocean.com/account/api/tokens> and fill it in.
#### 1. Add Helm repository for `binami` and update
```bash
$ helm repo add bitnami https://charts.bitnami.com/bitnami
$ helm repo update
```
#### 2. Install DNS
```bash
# kubeconfig.yaml set globaly
$ helm install dns bitnami/external-dns -f dns.values.yaml
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml install dns bitnami/external-dns -f dns.values.yaml
```
### Ocelot.Social
***Attention:** Before installing your own ocelot.social network, you need to create a DockerHub (account and) organization, put its name in the `package.json` file, and push your deployment and rebranding code to GitHub so that GitHub Actions can push your Docker images to DockerHub. This is because Kubernetes will pull these images to create PODs from them.*
All commands for ocelot need to be executed in the kubernetes folder. Therefore `cd deployment/kubernetes/` is expected to be run before every command. Furthermore the given commands will install ocelot into the default namespace. This can be modified to by attaching `--namespace not.default`.
#### Install
Only run once for the first time of installation:
```bash
# kubeconfig.yaml set globaly
$ helm install ocelot ./
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml install ocelot ./
```
#### Upgrade & Update
Run for all upgrades and updates:
```bash
# kubeconfig.yaml set globaly
$ helm upgrade ocelot ./
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml upgrade ocelot ./
```
#### Rollback
Run for a rollback, in case something went wrong:
```bash
# kubeconfig.yaml set globaly
$ helm rollback ocelot
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml rollback ocelot
```
#### Uninstall
Be aware that if you uninstall ocelot the formerly bound volumes become unbound. Those volumes contain all data from uploads and database. You have to manually free their reference in order to bind them again when reinstalling. Once unbound from their former container references they should automatically be rebound (considering the sizes did not change)
```bash
# kubeconfig.yaml set globaly
$ helm uninstall ocelot
# or kubeconfig.yaml in your repo, then adjust
$ helm --kubeconfig=/../kubeconfig.yaml uninstall ocelot
```
## Backups
You can and should do [backups](/deployment/kubernetes/Backup.md) with Kubernetes for sure.
## Error Reporting
We use [Sentry](https://github.com/getsentry/sentry) for error reporting in both
our backend and web frontend. You can either use a hosted or a self-hosted
instance. Just set the two `DSN` in your
[configmap](../templates/configmap.template.yaml) and update the `COMMIT`
during a deployment with your commit or the version of your release.
### Self-hosted Sentry
For data privacy it is recommended to set up your own instance of sentry.
If you are lucky enough to have a kubernetes cluster with the required hardware
support, try this [helm chart](https://github.com/helm/charts/tree/master/stable/sentry).
On our kubernetes cluster we get "mult-attach" errors for persistent volumes.
Apparently DigitalOcean's kubernetes clusters do not fulfill the requirements.
## Kubernetes Commands (Without Helm) To Deploy New Docker Images To A Kubernetes Cluster
### Deploy A Version
```bash
# !!! be aware of the correct kube context !!!
$ kubectl config get-contexts
# deploy version '$BUILD_VERSION'
# !!! 'latest' is not recommended on production !!!
# for easyness set env
$ export BUILD_VERSION=1.0.8-48-ocelot.social1.0.8-184 # example
# check this with
$ echo $BUILD_VERSION
1.0.8-48-ocelot.social1.0.8-184
# deploy actual version '$BUILD_VERSION' to Kubernetes cluster
$ kubectl -n default set image deployment/ocelot-webapp container-ocelot-webapp=ocelotsocialnetwork/webapp:$BUILD_VERSION
$ kubectl -n default rollout restart deployment/ocelot-webapp
$ kubectl -n default set image deployment/ocelot-backend container-ocelot-backend=ocelotsocialnetwork/backend:$BUILD_VERSION
$ kubectl -n default rollout restart deployment/ocelot-backend
$ kubectl -n default set image deployment/ocelot-maintenance container-ocelot-maintenance=ocelotsocialnetwork/maintenance:$BUILD_VERSION
$ kubectl -n default rollout restart deployment/ocelot-maintenance
$ kubectl -n default set image deployment/ocelot-neo4j container-ocelot-neo4j=ocelotsocialnetwork/neo4j-community:$BUILD_VERSION
$ kubectl -n default rollout restart deployment/ocelot-neo4j
# verify deployment and wait for the pods of each deployment to get ready for cleaning and seeding of the database
$ kubectl -n default rollout status deployment/ocelot-webapp --timeout=240s
$ kubectl -n default rollout status deployment/ocelot-maintenance --timeout=240s
$ kubectl -n default rollout status deployment/ocelot-backend --timeout=240s
$ kubectl -n default rollout status deployment/ocelot-neo4j --timeout=240s
```
### Staging Clean And Seed Neo4j Database
***ATTENTION:*** Cleaning and seeding of our Neo4j database is only possible in production if env `PRODUCTION_DB_CLEAN_ALLOW=true` is set in our deployment.
```bash
# !!! be aware of the correct kube context !!!
$ kubectl config get-contexts
# reset and seed Neo4j database via backend for staging
$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-backend | awk '{ print $1 }') -- /bin/sh -c "node --experimental-repl-await dist/db/clean.js && node --experimental-repl-await dist/db/seed.js"
```

0
deployment/src/kubernetes/charts/.gitkeep Normal file
View File

0
deployment/src/kubernetes/crds/.gitkeep Normal file
View File

12
deployment/src/kubernetes/dns.values.template.yaml Normal file
View File

@ -0,0 +1,12 @@
# please duplicate template file and rename to "dns.values.yaml" and fill in your value
provider: digitalocean
digitalocean:
# create the API token at https://cloud.digitalocean.com/account/api/tokens
# needs read + write
apiToken: "TODO"
domainFilters:
# domains you want external-dns to be able to edit
- TODO.TODO
rbac:
create: true

13
deployment/src/kubernetes/nginx.values.template.yaml Normal file
View File

@ -0,0 +1,13 @@
# please duplicate template file and rename to "nginx.values.yaml" and fill in your value
controller:
kind: DaemonSet
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
ingressClass: nginx
daemonset:
useHostPort: true
service:
type: ClusterIP
rbac:
create: true

1
deployment/src/kubernetes/templates/NOTES.txt Normal file
View File

@ -0,0 +1 @@
You installed ocelot-social! Congrats <3

29
deployment/src/kubernetes/templates/backend/ConfigMap.yml Normal file
View File

@ -0,0 +1,29 @@
kind: ConfigMap
apiVersion: v1
metadata:
name: configmap-{{ .Release.Name }}-backend
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "configmap-backend"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
data:
PRODUCTION_DB_CLEAN_ALLOW: "{{ .Values.PRODUCTION_DB_CLEAN_ALLOW }}"
PUBLIC_REGISTRATION: "{{ .Values.PUBLIC_REGISTRATION }}"
INVITE_REGISTRATION: "{{ .Values.INVITE_REGISTRATION }}"
CATEGORIES_ACTIVE: "{{ .Values.CATEGORIES_ACTIVE }}"
CLIENT_URI: "{{ .Values.BACKEND.CLIENT_URI }}"
EMAIL_DEFAULT_SENDER: "{{ .Values.BACKEND.EMAIL_DEFAULT_SENDER }}"
SMTP_HOST: "{{ .Values.BACKEND.SMTP_HOST }}"
SMTP_PORT: "{{ .Values.BACKEND.SMTP_PORT }}"
SMTP_IGNORE_TLS: "{{ .Values.BACKEND.SMTP_IGNORE_TLS }}"
SMTP_SECURE: "{{ .Values.BACKEND.SMTP_SECURE }}"
GRAPHQL_URI: "http://{{ .Release.Name }}-backend:4000"
NEO4J_URI: "bolt://{{ .Release.Name }}-neo4j:7687"
#REDIS_DOMAIN: ---toBeSet(IP)---
#REDIS_PORT: "6379"
#SENTRY_DSN_WEBAPP: "---toBeSet---"
#SENTRY_DSN_BACKEND: "---toBeSet---"

57
deployment/src/kubernetes/templates/backend/Deployment.yaml Normal file
View File

@ -0,0 +1,57 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Release.Name }}-backend
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "deployment-backend"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
replicas: 1
minReadySeconds: {{ .Values.BACKEND.MIN_READY_SECONDS }}
progressDeadlineSeconds: {{ .Values.BACKEND.PROGRESS_DEADLINE_SECONDS }}
revisionHistoryLimit: {{ .Values.BACKEND.REVISIONS_HISTORY_LIMIT }}
strategy:
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: {{ .Release.Name }}-backend
template:
metadata:
annotations:
backup.velero.io/backup-volumes: uploads
# make sure the pod is redeployed
rollme: {{ randAlphaNum 5 | quote }}
labels:
app: {{ .Release.Name }}-backend
spec:
containers:
- name: container-{{ .Release.Name }}-backend
image: "{{ .Values.BACKEND.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.BACKEND.DOCKER_IMAGE_PULL_POLICY }}
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-backend
- secretRef:
name: secret-{{ .Release.Name }}-backend
ports:
- containerPort: 4000
protocol: TCP
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /app/public/uploads
name: uploads
dnsPolicy: ClusterFirst
schedulerName: default-scheduler
restartPolicy: {{ .Values.BACKEND.CONTAINER_RESTART_POLICY }}
terminationGracePeriodSeconds: {{ .Values.BACKEND.CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS }}
volumes:
- name: uploads
persistentVolumeClaim:
claimName: volume-claim-{{ .Release.Name }}-uploads

24
deployment/src/kubernetes/templates/backend/PersistentVolumeClaim.yaml Normal file
View File

@ -0,0 +1,24 @@
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: volume-claim-{{ .Release.Name }}-uploads
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "volume-claim-backend"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
#dataSource:
# name: uploads-snapshot
# kind: VolumeSnapshot
# apiGroup: snapshot.storage.k8s.io
storageClassName: storage-{{ .Release.Name }}-persistent
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.BACKEND.STORAGE_UPLOADS }}

21
deployment/src/kubernetes/templates/backend/Secret.yaml Normal file
View File

@ -0,0 +1,21 @@
kind: Secret
apiVersion: v1
metadata:
name: secret-{{ .Release.Name }}-backend
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "secret-backend"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
stringData:
JWT_SECRET: "{{ .Values.BACKEND.JWT_SECRET }}"
MAPBOX_TOKEN: "{{ .Values.MAPBOX_TOKEN }}"
PRIVATE_KEY_PASSPHRASE: "{{ .Values.BACKEND.PRIVATE_KEY_PASSPHRASE }}"
SMTP_USERNAME: "{{ .Values.BACKEND.SMTP_USERNAME }}"
SMTP_PASSWORD: "{{ .Values.BACKEND.SMTP_PASSWORD }}"
#NEO4J_USERNAME: ""
#NEO4J_PASSWORD: ""
#REDIS_PASSWORD: ---toBeSet---

20
deployment/src/kubernetes/templates/backend/Service.yaml Normal file
View File

@ -0,0 +1,20 @@
kind: Service
apiVersion: v1
metadata:
name: {{ .Release.Name }}-backend
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "service-backend"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
ports:
- name: {{ .Release.Name }}-graphql
port: 4000
targetPort: 4000
protocol: TCP
selector:
app: {{ .Release.Name }}-backend

22
deployment/src/kubernetes/templates/issuer/letsencrypt-production.yaml Normal file
View File

@ -0,0 +1,22 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-production
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "letsencrypt-production"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: {{ .Values.LETSENCRYPT.EMAIL }}
privateKeySecretRef:
name: letsencrypt-production
solvers:
- http01:
ingress:
class: nginx

22
deployment/src/kubernetes/templates/issuer/letsencrypt-staging.yaml Normal file
View File

@ -0,0 +1,22 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "letsencrypt-staging"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory
email: {{ .Values.LETSENCRYPT.EMAIL }}
privateKeySecretRef:
name: letsencrypt-staging
solvers:
- http01:
ingress:
class: nginx

29
deployment/src/kubernetes/templates/jobs/job-db-init.yaml Normal file
View File

@ -0,0 +1,29 @@
kind: Job
apiVersion: batch/v1
metadata:
name: job-{{ .Release.Name }}-db-init
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "job-db-init"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
annotations:
"helm.sh/hook": post-install
"helm.sh/hook-delete-policy": hook-succeeded, hook-failed
"helm.sh/hook-weight": "0"
spec:
template:
spec:
restartPolicy: Never
containers:
- name: job-{{ .Release.Name }}-db-init
image: "{{ .Values.BACKEND.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
command: ["/bin/sh", "-c", "yarn prod:migrate init"]
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-backend
- secretRef:
name: secret-{{ .Release.Name }}-backend

29
deployment/src/kubernetes/templates/jobs/job-db-migrate.yaml Normal file
View File

@ -0,0 +1,29 @@
kind: Job
apiVersion: batch/v1
metadata:
name: job-{{ .Release.Name }}-db-migrate
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "job-db-migrate"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
annotations:
"helm.sh/hook": post-install, post-upgrade
"helm.sh/hook-delete-policy": hook-succeeded, hook-failed
"helm.sh/hook-weight": "5"
spec:
template:
spec:
restartPolicy: Never
containers:
- name: job-{{ .Release.Name }}-db-migrations
image: "{{ .Values.BACKEND.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
command: ["/bin/sh", "-c", "yarn prod:migrate up"]
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-backend
- secretRef:
name: secret-{{ .Release.Name }}-backend

14
deployment/src/kubernetes/templates/maintenance/ConfigMap.yml Normal file
View File

@ -0,0 +1,14 @@
kind: ConfigMap
apiVersion: v1
metadata:
name: configmap-{{ .Release.Name }}-maintenance
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "configmap-maintenance"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
data:
HOST: "0.0.0.0"

40
deployment/src/kubernetes/templates/maintenance/Deployment.yaml Normal file
View File

@ -0,0 +1,40 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Release.Name }}-maintenance
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "deployment-maintenance"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
revisionHistoryLimit: {{ .Values.MAINTENANCE.REVISIONS_HISTORY_LIMIT }}
strategy:
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: {{ .Release.Name }}-maintenance
template:
metadata:
labels:
app: {{ .Release.Name }}-maintenance
# make sure the pod is redeployed
rollme: {{ randAlphaNum 5 | quote }}
spec:
containers:
- name: container-{{ .Release.Name }}-maintenance
image: "{{ .Values.MAINTENANCE.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.MAINTENANCE.DOCKER_IMAGE_PULL_POLICY }}
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-webapp
- secretRef:
name: secret-{{ .Release.Name }}-webapp
ports:
- containerPort: 80
restartPolicy: {{ .Values.MAINTENANCE.CONTAINER_RESTART_POLICY }}
terminationGracePeriodSeconds: {{ .Values.MAINTENANCE.CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS }}

13
deployment/src/kubernetes/templates/maintenance/Secret.yaml Normal file
View File

@ -0,0 +1,13 @@
kind: Secret
apiVersion: v1
metadata:
name: secret-{{ .Release.Name }}-maintenance
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "secret-maintenance"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
stringData:

20
deployment/src/kubernetes/templates/maintenance/Service.yaml Normal file
View File

@ -0,0 +1,20 @@
kind: Service
apiVersion: v1
metadata:
name: {{ .Release.Name }}-maintenance
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "service-maintenance"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
ports:
- name: {{ .Release.Name }}-http
port: 80
targetPort: 80
protocol: TCP
selector:
app: {{ .Release.Name }}-maintenance

21
deployment/src/kubernetes/templates/neo4j/ConfigMap.yml Normal file
View File

@ -0,0 +1,21 @@
kind: ConfigMap
apiVersion: v1
metadata:
name: configmap-{{ .Release.Name }}-neo4j
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "configmap-neo4j"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
data:
NEO4J_ACCEPT_LICENSE_AGREEMENT: "{{ .Values.NEO4J.ACCEPT_LICENSE_AGREEMENT }}"
NEO4J_AUTH: "{{ .Values.NEO4J.AUTH }}"
NEO4J_dbms_connector_bolt_thread__pool__max__size: "{{ .Values.NEO4J.DBMS_CONNECTOR_BOLT_THREAD_POOL_MAX_SIZE }}"
NEO4J_dbms_memory_heap_initial__size: "{{ .Values.NEO4J.DBMS_MEMORY_HEAP_INITIAL_SIZE }}"
NEO4J_dbms_memory_heap_max__size: "{{ .Values.NEO4J.DBMS_MEMORY_HEAP_MAX_SIZE }}"
NEO4J_dbms_memory_pagecache_size: "{{ .Values.NEO4J.DBMS_MEMORY_PAGECACHE_SIZE }}"
NEO4J_dbms_security_procedures_unrestricted: "{{ .Values.NEO4J.DBMS_SECURITY_PROCEDURES_UNRESTRICTED }}"
NEO4J_apoc_import_file_enabled: "{{ .Values.NEO4J.APOC_IMPORT_FILE_ENABLED }}"

57
deployment/src/kubernetes/templates/neo4j/Deployment.yaml Normal file
View File

@ -0,0 +1,57 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-neo4j
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "deployment-neo4j"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
replicas: 1
revisionHistoryLimit: {{ .Values.NEO4J.REVISIONS_HISTORY_LIMIT }}
strategy:
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: {{ .Release.Name }}-neo4j
template:
metadata:
name: neo4j
annotations:
backup.velero.io/backup-volumes: neo4j-data
# make sure the pod is redeployed
rollme: {{ randAlphaNum 5 | quote }}
labels:
app: {{ .Release.Name }}-neo4j
spec:
containers:
- name: container-{{ .Release.Name }}-neo4j
image: "{{ .Values.NEO4J.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.NEO4J.DOCKER_IMAGE_PULL_POLICY }}
ports:
- containerPort: 7687
- containerPort: 7474
resources:
requests:
memory: {{ .Values.NEO4J.RESOURCE_REQUESTS_MEMORY | default "1G" | quote }}
limits:
memory: {{ .Values.NEO4J.RESOURCE_LIMITS_MEMORY | default "1G" | quote }}
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-neo4j
- secretRef:
name: secret-{{ .Release.Name }}-neo4j
volumeMounts:
- mountPath: /data/
name: neo4j-data
volumes:
- name: neo4j-data
persistentVolumeClaim:
claimName: volume-claim-{{ .Release.Name }}-neo4j
restartPolicy: {{ .Values.NEO4J.CONTAINER_RESTART_POLICY }}
terminationGracePeriodSeconds: {{ .Values.NEO4J.CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS }}

19
deployment/src/kubernetes/templates/neo4j/PersistentVolumeClaim.yaml Normal file
View File

@ -0,0 +1,19 @@
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: volume-claim-{{ .Release.Name }}-neo4j
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "volume-claim-neo4j"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
storageClassName: storage-{{ .Release.Name }}-persistent
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.NEO4J.STORAGE }}

15
deployment/src/kubernetes/templates/neo4j/Secret.yaml Normal file
View File

@ -0,0 +1,15 @@
kind: Secret
apiVersion: v1
metadata:
name: secret-{{ .Release.Name }}-neo4j
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "secret-neo4j"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
stringData:
NEO4J_USERNAME: ""
NEO4J_PASSWORD: ""

23
deployment/src/kubernetes/templates/neo4j/Service.yaml Normal file
View File

@ -0,0 +1,23 @@
kind: Service
apiVersion: v1
metadata:
name: {{ .Release.Name }}-neo4j
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "service-neo4j"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
ports:
- name: {{ .Release.Name }}-bolt
port: 7687
targetPort: 7687
protocol: TCP
#- name: {{ .Release.Name }}-http
# port: 7474
# targetPort: 7474
selector:
app: {{ .Release.Name }}-neo4j

16
deployment/src/kubernetes/templates/storage/persistent.yml Normal file
View File

@ -0,0 +1,16 @@
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: storage-{{ .Release.Name }}-persistent
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "storage-persistent"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
provisioner: {{ .Values.STORAGE.PROVISIONER }}
reclaimPolicy: {{ .Values.STORAGE.RECLAIM_POLICY }}
volumeBindingMode: {{ .Values.STORAGE.VOLUME_BINDING_MODE }}
allowVolumeExpansion: {{ .Values.STORAGE.ALLOW_VOLUME_EXPANSION }}

20
deployment/src/kubernetes/templates/webapp/ConfigMap.yml Normal file
View File

@ -0,0 +1,20 @@
kind: ConfigMap
apiVersion: v1
metadata:
name: configmap-{{ .Release.Name }}-webapp
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "configmap-webapp"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
data:
HOST: "0.0.0.0"
PUBLIC_REGISTRATION: "{{ .Values.PUBLIC_REGISTRATION }}"
INVITE_REGISTRATION: "{{ .Values.INVITE_REGISTRATION }}"
CATEGORIES_ACTIVE: "{{ .Values.CATEGORIES_ACTIVE }}"
COOKIE_EXPIRE_TIME: "{{ .Values.COOKIE_EXPIRE_TIME }}"
WEBSOCKETS_URI: "{{ .Values.WEBAPP.WEBSOCKETS_URI }}"
GRAPHQL_URI: "http://{{ .Release.Name }}-backend:4000"

44
deployment/src/kubernetes/templates/webapp/Deployment.yaml Normal file
View File

@ -0,0 +1,44 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Release.Name }}-webapp
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "deployment-webapp"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
replicas: {{ .Values.WEBAPP.REPLICAS }}
minReadySeconds: {{ .Values.WEBAPP.MIN_READY_SECONDS }}
progressDeadlineSeconds: {{ .Values.WEBAPP.PROGRESS_DEADLINE_SECONDS }}
revisionHistoryLimit: {{ .Values.WEBAPP.REVISIONS_HISTORY_LIMIT }}
strategy:
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: {{ .Release.Name }}-webapp
template:
metadata:
annotations:
# make sure the pod is redeployed
rollme: {{ randAlphaNum 5 | quote }}
labels:
app: {{ .Release.Name }}-webapp
spec:
containers:
- name: container-{{ .Release.Name }}-webapp
image: "{{ .Values.WEBAPP.DOCKER_IMAGE_REPO }}:{{ .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.WEBAPP.DOCKER_IMAGE_PULL_POLICY }}
ports:
- containerPort: 3000
envFrom:
- configMapRef:
name: configmap-{{ .Release.Name }}-webapp
- secretRef:
name: secret-{{ .Release.Name }}-webapp
restartPolicy: {{ .Values.WEBAPP.CONTAINER_RESTART_POLICY }}
terminationGracePeriodSeconds: {{ .Values.WEBAPP.CONTAINER_TERMINATION_GRACE_PERIOD_SECONDS }}

36
deployment/src/kubernetes/templates/webapp/Ingress.yaml Normal file
View File

@ -0,0 +1,36 @@
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: ingress-{{ .Release.Name }}-webapp
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "ingress-webapp"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
annotations:
kubernetes.io/ingress.class: "nginx"
cert-manager.io/cluster-issuer: {{ .Values.LETSENCRYPT.ISSUER }}
nginx.ingress.kubernetes.io/proxy-body-size: {{ .Values.NGINX.PROXY_BODY_SIZE }}
spec:
tls:
- hosts:
{{- range .Values.LETSENCRYPT.DOMAINS }}
- {{ . }}
{{- end }}
secretName: tls
rules:
{{- range .Values.LETSENCRYPT.DOMAINS }}
- host: {{ . }}
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: {{ $.Release.Name }}-webapp
port:
number: 3000
{{- end }}

14
deployment/src/kubernetes/templates/webapp/Secret.yaml Normal file
View File

@ -0,0 +1,14 @@
kind: Secret
apiVersion: v1
metadata:
name: secret-{{ .Release.Name }}-webapp
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "secret-webapp"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
stringData:
MAPBOX_TOKEN: "{{ .Values.MAPBOX_TOKEN }}"

20
deployment/src/kubernetes/templates/webapp/Service.yaml Normal file
View File

@ -0,0 +1,20 @@
kind: Service
apiVersion: v1
metadata:
name: {{ .Release.Name }}-webapp
labels:
app.kubernetes.io/name: "{{ .Chart.Name }}"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "service-webapp"
app.kubernetes.io/part-of: "{{ .Chart.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
spec:
ports:
- name: {{ .Release.Name }}-http
port: 3000
targetPort: 3000
protocol: TCP
selector:
app: {{ .Release.Name }}-webapp

45
deployment/src/old/Maintenance.md Normal file
View File

@ -0,0 +1,45 @@
# Maintenance mode
> Despite our best efforts, systems sometimes require downtime for a variety of reasons.
Quote from [here](https://www.nrmitchi.com/2017/11/easy-maintenance-mode-in-kubernetes/)
We use our maintenance mode for manual database backup and restore. Also we
bring the database into maintenance mode for manual database migrations.
## Deploy the service
We prepared sample configuration, so you can simply run:
```sh
# in folder deployment/
$ kubectl apply -f ./ocelot-social/maintenance/
```
This will fire up a maintenance service.
## Bring application into maintenance mode
Now if you want to have a controlled downtime and you want to bring your
application into maintenance mode, you can edit your global ingress server.
E.g. copy file [`deployment/digital-ocean/https/templates/ingress.template.yaml`](../../digital-ocean/https/templates/ingress.template.yaml) to new file `deployment/digital-ocean/https/ingress.yaml` and change the following:
```yaml
...
- host: develop-k8s.ocelot.social
http:
paths:
- path: /
backend:
# serviceName: web
serviceName: maintenance
# servicePort: 3000
servicePort: 80
```
Then run `$ kubectl apply -f deployment/digital-ocean/https/ingress.yaml`. If you
want to deactivate the maintenance server, just undo the edit and apply the
configuration again.

39
deployment/src/old/digital-ocean/README.md Normal file
View File

@ -0,0 +1,39 @@
# DigitalOcean
As a start, read the [introduction into Kubernetes](https://www.digitalocean.com/community/tutorials/an-introduction-to-kubernetes) by the folks at DigitalOcean. The following section should enable you to deploy ocelot.social to your Kubernetes cluster.
## Connect to your local cluster
1. Create a cluster at [DigitalOcean](https://www.digitalocean.com/).
2. Download the `***-kubeconfig.yaml` from the Web UI.
3. Move the file to the default location where kubectl expects it to be: `mv ***-kubeconfig.yaml ~/.kube/config`. Alternatively you can set the config on every command: `--kubeconfig ***-kubeconfig.yaml`
4. Now check if you can connect to the cluster and if its your newly created one by running: `kubectl get nodes`
The output should look about like this:
```sh
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
nifty-driscoll-uu1w Ready <none> 69d v1.13.2
nifty-driscoll-uuiw Ready <none> 69d v1.13.2
nifty-driscoll-uusn Ready <none> 69d v1.13.2
```
If you got the steps right above and see your nodes you can continue.
DigitalOcean Kubernetes clusters don't have a graphical interface, so I suggest
to setup the [Kubernetes dashboard](./dashboard/README.md) as a next step.
Configuring [HTTPS](./https/README.md) is bit tricky and therefore I suggest to
do this as a last step.
## Spaces
We are storing our images in the s3-compatible [DigitalOcean Spaces](https://www.digitalocean.com/docs/spaces/).
We still want to take backups of our images in case something happens to the images in the cloud. See these [instructions](https://www.digitalocean.com/docs/spaces/resources/s3cmd-usage/) about getting set up with `s3cmd` to take a copy of all images in a `Spaces` namespace, i.e. `ocelot-social-uploads`.
After configuring `s3cmd` with your credentials, etc. you should be able to make a backup with this command.
```sh
s3cmg get --recursive --skip-existing s3://ocelot-social-uploads
```

55
deployment/src/old/digital-ocean/dashboard/README.md Normal file
View File

@ -0,0 +1,55 @@
# Install Kubernetes Dashboard
The kubernetes dashboard is optional but very helpful for debugging. If you want to install it, you have to do so only **once** per cluster:
```bash
# in folder deployment/digital-ocean/
$ kubectl apply -f dashboard/
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml
```
### Login to your dashboard
Proxy the remote kubernetes dashboard to localhost:
```bash
$ kubectl proxy
```
Visit:
[http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/](http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/)
You should see a login screen.
To get your token for the dashboard you can run this command:
```bash
$ kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
```
It should print something like:
```text
Name: admin-user-token-6gl6l
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name=admin-user
kubernetes.io/service-account.uid=b16afba9-dfec-11e7-bbb9-901b0e532516
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTZnbDZsIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJiMTZhZmJhOS1kZmVjLTExZTctYmJiOS05MDFiMGU1MzI1MTYiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.M70CU3lbu3PP4OjhFms8PVL5pQKj-jj4RNSLA4YmQfTXpPUuxqXjiTf094_Rzr0fgN_IVX6gC4fiNUL5ynx9KU-lkPfk0HnX8scxfJNzypL039mpGt0bbe1IXKSIRaq_9VW59Xz-yBUhycYcKPO9RM2Qa1Ax29nqNVko4vLn1_1wPqJ6XSq3GYI8anTzV8Fku4jasUwjrws6Cn6_sPEGmL54sq5R4Z5afUtv-mItTmqZZdxnkRqcJLlg2Y8WbCPogErbsaCDJoABQ7ppaqHetwfM_0yMun6ABOQbIwwl8pspJhpplKwyo700OSpvTT9zlBsu-b35lzXGBRHzv5g_RA
```
Grab the token from above and paste it into the [login screen](http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/)
When you are logged in, you should see sth. like:
![Dashboard](./dashboard-screenshot.png)
Feel free to save the login token from above in your password manager. Unlike the `kubeconfig` file, this token does not expire.

5
deployment/src/old/digital-ocean/dashboard/admin-user.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system

Some files were not shown because too many files have changed in this diff Show More