This reverts commit 952c24783b.
The issue found was actually:
- If `./aur.git` exists within the aurweb repository locally,
it also ends up in the destination, stopping the aurweb_git_data
volume from being mounted properly.
For our development setup we run a redis container without a
username/password. Redis recently set protected mode by default which
disallows this, turn it off as it has no security implication.
This variable allows users to override the logging.conf used
for Python logging configuration. By default, this is set
to logging.conf, which is a production config. LOG_CONFIG
is treated relative to [options] aurwebdir.
This patch allows us to specify the logging config as opposed
to copying over logging.conf in our test docker and gitlab
test scripts, as well as ease-of-testing as a developer.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This was left in when we removed logging.prod.conf in a
previous patch. `test-mysql-entrypoint.sh` takes care of
test logging for us now, so this section is unnecessary.
Closes#261
Signed-off-by: Kevin Morris <kevr@0cost.org>
We'll override logging.conf with logging.test.conf for debug logging
needed for tests now, so we can rely on the default logging.conf
for production use.
Signed-off-by: Kevin Morris <kevr@0cost.org>
- On non-localhost communication, this whitelists forwarded headers
on all remote ips
- Add more headers
- Force https X-Forwarded-Proto
- Unset Forwarded header and rely on X-Forwarded-*
Signed-off-by: Kevin Morris <kevr@0cost.org>
When the Docker image is outdated, we need to fetch updated
archlinux-keyring keys to perform an -Syu without problems.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Without this rewriting, we've been running into conversing with
HTTP over HTTPS (400 Bad Request).
TODO: Refactor this entire nginx config to something a bit more
simple and clean.
Signed-off-by: Kevin Morris <kevr@0cost.org>
We don't need the https certificates being dealt with in the fastapi
service; we will define our certificates in any frontend nginx
running on top.
Signed-off-by: Kevin Morris <kevr@0cost.org>
`install` includes dependencies present in poetry.lock
and we must stick to them if we wish to pin dependencies.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Centralize database setup there and remove all copying of
config.dev from the entrypoint scripts (the Dockerfile
now does it).
Signed-off-by: Kevin Morris <kevr@0cost.org>
For the `git` service, ./data is always used to provide an
optional overriding of ssh host keys. In aur-dev production
containers, most services which use the data mount use an
internal Docker `data` volume instead.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This only deals with .gz files in the root of the request_uri
and now more. That is: /packages.gz goes through the nginx regex,
but now /cgit/.../snapshot/package.tar.gz is served by the cgit
block.
Signed-off-by: Kevin Morris <kevr@0cost.org>
There is a new ./data bind mount used here. If ssh_host_* keys are
in ./data when the git service starts, they'll override the
container-generated host keys.
Signed-off-by: Kevin Morris <kevr@0cost.org>
A user that can create databases is now required for tests,
we use the 'root' user in Docker.
Added docker services:
---------------------
- mariadb_test - host localhost:13307
Signed-off-by: Kevin Morris <kevr@0cost.org>
Normally, these scripts are used to update official providers
in the aurweb database along with archives that can be retrieved.
Run both of these scripts in a 5 minute cron job, to both reflect
the live instance database and production load.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Previously, we restricted this to gunicorn to get it working on aur-dev.
This change makes it usable through any backend, and also no-op if
PROMETHEUS_MULTIPROC_DIR is not defined.
Signed-off-by: Kevin Morris <kevr@0cost.org>
