By having the environment explicit on each service, we both document
the settings and have more control over what each service is allowed
to see.
This avoids weird things like nginx having access to postgresql's
credentials on its environment.
As a bonus: we are able to use one single environment file, which is
basically dd.conf with some values that are dynamically-calculated and
added from dd-ctl.
This is used to tag Docker images in the registry / pull images form
the registry, it has been observed in the wiled that:
git rev-parse --short
can have different default values for its length depending on the
system.
We currently specify the length to be 8 as specified here:
https://git-scm.com/docs/git-rev-parse#Documentation/git-rev-parse.txt---shortlength
This may be causing issues when the plugin requires occ upgrade
Alternatively, installing plugins may require it.
While there, also remove one of the nextcloud_scan calls and delay it
along with logo customisation until after a potential ./occ upgrade
has taken place.
The environment / dd.conf variables: PROXY_PROTOCOL and DISABLE_WAF
determine how DD and HAProxy will behave.
- PROXY_PROTOCOL: whether or not the PROXY protocol will be accepted
- DISABLE_WAF: whether or not WAF will be enabled
This simplifies maintenance, as well as the overall architecture and operation.
While at it, we now publish images for DD's HAProxy as well.
When we improved the update process, we introduced a deadlock when not
having docker.
By separating update from repo-update we can differentiate those cases:
- update: full update of an existing installation
- repo-update: bring repository to latest stand
This was a bad design choice since it doesn't allow us to easily manage
the intended plugin version and therefore keep them up to date.
As a short-term mechanism, we change the used variables to have the
_OVERRIDE suffix and default in dd-ctl to the actual URLs, while also
removing them from dd.conf.sample.
This solves the issue in both current and future installations; in a
near future we want to have these dependencies in a .tsv file where they
can easily be managed.
Elena Barrios Galán
Evilham
Roger Garcia
Manuel Caballero
Manuel Caballero
Jose Antonio Exposito Garcia