diff --git a/CHANGELOG.md b/CHANGELOG.md index e999e2cc..0cd0e6ea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,108 @@ +## [7.1.13](https://github.com/maevsi/maevsi_stack/compare/7.1.12...7.1.13) (2024-10-16) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/maevsi docker tag to v4.17.12 ([fe1b68d](https://github.com/maevsi/maevsi_stack/commit/fe1b68d764ab2d3d765be2b6b47509eeb9e72092)) + +## [7.1.12](https://github.com/maevsi/maevsi_stack/compare/7.1.11...7.1.12) (2024-10-15) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/maevsi docker tag to v4.17.10 ([0898404](https://github.com/maevsi/maevsi_stack/commit/0898404cf075f71544896fc964a1ba193388945b)) + +## [7.1.11](https://github.com/maevsi/maevsi_stack/compare/7.1.10...7.1.11) (2024-10-14) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/stomper docker tag to v1.1.27 ([b7f302e](https://github.com/maevsi/maevsi_stack/commit/b7f302e2543729d2f9d77fdc4879ebdc6364db38)) + +## [7.1.10](https://github.com/maevsi/maevsi_stack/compare/7.1.9...7.1.10) (2024-10-14) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/maevsi docker tag to v4.17.9 ([0bda781](https://github.com/maevsi/maevsi_stack/commit/0bda7812069ac112cf13e8ead3fec302b0b26645)) + +## [7.1.9](https://github.com/maevsi/maevsi_stack/compare/7.1.8...7.1.9) (2024-10-13) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/maevsi docker tag to v4.17.8 ([44d4cf2](https://github.com/maevsi/maevsi_stack/commit/44d4cf23585eb412184eadad50962110b55f5ca5)) + +## [7.1.8](https://github.com/maevsi/maevsi_stack/compare/7.1.7...7.1.8) (2024-10-13) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/stomper docker tag to v1.1.26 ([1e7f7d6](https://github.com/maevsi/maevsi_stack/commit/1e7f7d696cb98a6607ea3374c2319c8f9f587cc6)) + +## [7.1.7](https://github.com/maevsi/maevsi_stack/compare/7.1.6...7.1.7) (2024-10-13) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/maevsi docker tag to v4.17.7 ([35b781c](https://github.com/maevsi/maevsi_stack/commit/35b781c880bdd740aa9ababc862c38ff7d2b6efe)) + +## [7.1.6](https://github.com/maevsi/maevsi_stack/compare/7.1.5...7.1.6) (2024-10-13) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/maevsi docker tag to v4.17.7 ([1418646](https://github.com/maevsi/maevsi_stack/commit/1418646f31f1001bb40f4887c6cab7aad6b33cfb)) + +## [7.1.5](https://github.com/maevsi/maevsi_stack/compare/7.1.4...7.1.5) (2024-10-13) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/maevsi docker tag to v4.17.6 ([5a34d17](https://github.com/maevsi/maevsi_stack/commit/5a34d17623327133d6ad8203184302df47c3f644)) + +## [7.1.4](https://github.com/maevsi/maevsi_stack/compare/7.1.3...7.1.4) (2024-10-12) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/maevsi docker tag to v4.17.5 ([fd9491d](https://github.com/maevsi/maevsi_stack/commit/fd9491da4bd6d85a3022fa39531f6827778912cd)) + +## [7.1.3](https://github.com/maevsi/maevsi_stack/compare/7.1.2...7.1.3) (2024-10-12) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/maevsi docker tag to v4.17.4 ([c89976b](https://github.com/maevsi/maevsi_stack/commit/c89976b1d01bef865ae7f6f53c5341b2ba78cea8)) + +## [7.1.2](https://github.com/maevsi/maevsi_stack/compare/7.1.1...7.1.2) (2024-10-12) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/maevsi docker tag to v4.17.0 ([aa6621f](https://github.com/maevsi/maevsi_stack/commit/aa6621f2b02b9786bf9be5c8919e46bcf4de1fff)) + +## [7.1.1](https://github.com/maevsi/maevsi_stack/compare/7.1.0...7.1.1) (2024-10-11) + + +### Bug Fixes + +* **deps:** update ghcr.io/maevsi/maevsi docker tag to v4.16.0 ([66de563](https://github.com/maevsi/maevsi_stack/commit/66de563dfa1711e96ded9f90c8b2f4cf88372aae)) + +## [7.1.0](https://github.com/maevsi/maevsi_stack/compare/7.0.1...7.1.0) (2024-10-11) + + +### Features + +* **service:** add ip geolocator ([af20a2c](https://github.com/maevsi/maevsi_stack/commit/af20a2c045e825bd41a950f742e5b7a8e8de17e2)) + +## [7.0.1](https://github.com/maevsi/maevsi_stack/compare/7.0.0...7.0.1) (2024-10-10) + + +### Bug Fixes + +* schedule release ([00cea26](https://github.com/maevsi/maevsi_stack/commit/00cea261fbf3f37c9b03a272300159026fd8236a)) + ## [7.0.0](https://github.com/maevsi/maevsi_stack/compare/6.1.1...7.0.0) (2024-09-29) diff --git a/README.md b/README.md index 616279f5..2075a19b 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,10 @@ This project is deployed in accordance to the [DargStack template](https://githu The job scheduler's SMTP client configuration. + - ### `maevsi_aws-credentials` + + The cloud computing provider's user credentials. + - ### `maevsi_turnstile-key` The captcha provider's application key. @@ -94,14 +98,6 @@ This project is deployed in accordance to the [DargStack template](https://githu The `maevsi_postgraphile` database role's username. - - ### `postgres_role_maevsi-stomper_password` - - The `stomper` database role's password. - - - ### `postgres_role_maevsi-stomper_username` - - The `stomper` database role's username. - - ### `postgres_role_maevsi-tusd_password` The `tusd` database role's password. @@ -118,10 +114,6 @@ This project is deployed in accordance to the [DargStack template](https://githu The database change management application's database connection string. - - ### `stomper_nodemailer-transporter` - - The email service's SMTP configuration. - - ### `traefik_cf-dns-api-token` ![production](https://img.shields.io/badge/-production-informational.svg?style=flat-square) The DNS provider's DNS API token. @@ -165,6 +157,10 @@ This project is deployed in accordance to the [DargStack template](https://githu You can check the database connector's setup logs using `portainer`. + - ### `geoip` + + You cannot access the ip geolocator via a web interface. + - ### `grafana` You can access the observation dashboard at [grafana.localhost](https://grafana.localhost/). @@ -210,10 +206,6 @@ This project is deployed in accordance to the [DargStack template](https://githu You can access the metrics monitoring at [prometheus.localhost](https://prometheus.localhost/). - - ### `reccoom` - - You cannot access the recommendation service directly. - - ### `redpanda` You can access the event streaming platform's ui as described under `redpanda-console`. @@ -226,10 +218,6 @@ This project is deployed in accordance to the [DargStack template](https://githu You cannot access the database migrations directly. - - ### `stomper` - - You cannot access the email service directly. - - ### `traefik` You can access the reverse proxy's dashboard at [traefik.localhost](https://traefik.localhost/). diff --git a/package.json b/package.json index 51b995f0..644438a5 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "maevsi_stack", "private": true, - "version": "7.0.0", + "version": "7.1.13", "description": "DargStack configuration for maevsi.", "repository": "https://github.com/maevsi/maevsi_stack.git", "author": "Jonas Thelemann ", @@ -10,7 +10,7 @@ "engines": { "node": "22" }, - "packageManager": "pnpm@9.12.0", + "packageManager": "pnpm@9.12.1", "scripts": { "prepare": "husky" }, @@ -19,7 +19,7 @@ "@commitlint/config-conventional": "19.5.0", "conventional-changelog-conventionalcommits": "8.0.0", "dargstack": "2.2.2", - "dargstack_rgen": "0.9.45", + "dargstack_rgen": "0.9.46", "husky": "9.1.6" } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 433aea1e..3ae15391 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -10,7 +10,7 @@ importers: devDependencies: '@commitlint/cli': specifier: 19.5.0 - version: 19.5.0(@types/node@22.7.4)(typescript@5.6.2) + version: 19.5.0(@types/node@22.7.5)(typescript@5.6.3) '@commitlint/config-conventional': specifier: 19.5.0 version: 19.5.0 @@ -21,24 +21,24 @@ importers: specifier: 2.2.2 version: 2.2.2 dargstack_rgen: - specifier: 0.9.45 - version: 0.9.45 + specifier: 0.9.46 + version: 0.9.46 husky: specifier: 9.1.6 version: 9.1.6 packages: - '@babel/code-frame@7.24.7': - resolution: {integrity: sha512-BcYH1CVJBO9tvyIZ2jVeXgSIMvGZ2FDRvDdOIVQyuklNKSsx+eppDEBq/g47Ayw+RqNFE+URvOShmf+f/qwAlA==} + '@babel/code-frame@7.25.7': + resolution: {integrity: sha512-0xZJFNE5XMpENsgfHYTw8FbX4kv53mFLn2i3XPoq69LyhYSCBJtitaHx9QnsVTrsogI4Z3+HtEfZ2/GFPOtf5g==} engines: {node: '>=6.9.0'} - '@babel/helper-validator-identifier@7.24.7': - resolution: {integrity: sha512-rR+PBcQ1SMQDDyF6X0wxtG8QyLCgUB0eRAGguqRLfkCA87l7yAP7ehq8SNj96OOGTO8OBV70KhuFYcIkHXOg0w==} + '@babel/helper-validator-identifier@7.25.7': + resolution: {integrity: sha512-AM6TzwYqGChO45oiuPqwL2t20/HdMC1rTPAesnBCgPCSF1x3oN9MVUwQV2iyz4xqWrctwK5RNC8LV22kaQCNYg==} engines: {node: '>=6.9.0'} - '@babel/highlight@7.24.7': - resolution: {integrity: sha512-EStJpq4OuY8xYfhGVXngigBJRWxftKX9ksiGDnmlY3o7B/V7KIAc9X4oiK87uPJSc/vs5L869bem5fhZa8caZw==} + '@babel/highlight@7.25.7': + resolution: {integrity: sha512-iYyACpW3iW8Fw+ZybQK+drQre+ns/tKpXbNESfrhNnPLIklLbXr7MYJ6gPEd0iETGLOK+SxMjVvKb/ffmk+FEw==} engines: {node: '>=6.9.0'} '@commitlint/cli@19.5.0': @@ -113,8 +113,8 @@ packages: '@types/conventional-commits-parser@5.0.0': resolution: {integrity: sha512-loB369iXNmAZglwWATL+WRe+CRMmmBPtpolYzIebFaX4YA3x+BEfLqhUAV9WanycKI3TG1IMr5bMJDajDKLlUQ==} - '@types/node@22.7.4': - resolution: {integrity: sha512-y+NPi1rFzDs1NdQHHToqeiX2TIS79SWEAw9GYhkkx8bD0ChpfqC+n2j5OXOCpzfojBEBt6DnEnnG9MY0zk1XLg==} + '@types/node@22.7.5': + resolution: {integrity: sha512-jML7s2NAzMWc//QSJ1a3prpk78cOPchGvXJsC3C6R6PSMoooztvRVQEz89gmBTBY1SPMaqo5teB4uNHPdetShQ==} JSONStream@1.3.5: resolution: {integrity: sha512-E+iruNOY8VV9s4JEbe1aNEm6MiszPRr/UfcHMz0TQh1BXSxHK+ASV1R6W4HpjBhSeS+54PIsAMCBmwD06LLsqQ==} @@ -215,8 +215,8 @@ packages: resolution: {integrity: sha512-cr8LFy4mpi44kRVqp5i8dN2cIFX04D0RiDmKDmRIiUKs4M62RXi3WEo5yadtSQJ0W/Xk1MCSgZkEWlvUKOmLzg==} engines: {node: '20'} - dargstack_rgen@0.9.45: - resolution: {integrity: sha512-4HkZm3SFRQJyJ4JuGYNZLX7pS9memxkv3D4XkveUY14/BKhCahJJYg/+EUkmXf36CcA2VGy7OKi9V7gNd7NN4A==} + dargstack_rgen@0.9.46: + resolution: {integrity: sha512-BKOPQBnmvuI52oR43Gnb3xmq5a/J/FgnwbF/tfGjePMfpXPfRjeltFSx4GIu7zgUhMdzFXp2TLsWi0pFp+hyxQ==} engines: {node: '20'} hasBin: true @@ -446,8 +446,8 @@ packages: tinyexec@0.3.0: resolution: {integrity: sha512-tVGE0mVJPGb0chKhqmsoosjsS+qUnJVGJpZgsHYQcGoPlG3B51R3PouqTgEGH2Dc9jjFyOqOpix6ZHNMXp1FZg==} - typescript@5.6.2: - resolution: {integrity: sha512-NW8ByodCSNCwZeghjN3o+JX5OFH0Ojg6sadjEKY4huZ52TqbJTJnDo5+Tw98lSy63NZvi4n+ez5m2u5d4PkZyw==} + typescript@5.6.3: + resolution: {integrity: sha512-hjcS1mhfuyi4WW8IWtjP7brDrG2cuDZukyrYrSauoXGNgx0S7zceP07adYkJycEr56BOUTNPzbInooiN3fn1qw==} engines: {node: '>=14.17'} hasBin: true @@ -466,8 +466,8 @@ packages: resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==} engines: {node: '>=10'} - yaml@2.5.1: - resolution: {integrity: sha512-bLQOjaX/ADgQ20isPJRvF0iRUHIxVhYvr53Of7wGcWlO2jvtUlH5m87DsmulFVxRpNLOnI4tB6p/oh8D7kpn9Q==} + yaml@2.6.0: + resolution: {integrity: sha512-a6ae//JvKDEra2kdi1qzCyrJW/WZCgFi8ydDV+eXExl95t+5R+ijnqHJbz9tmMh8FUjx3iv2fCQ4dclAQlO2UQ==} engines: {node: '>= 14'} hasBin: true @@ -485,25 +485,25 @@ packages: snapshots: - '@babel/code-frame@7.24.7': + '@babel/code-frame@7.25.7': dependencies: - '@babel/highlight': 7.24.7 + '@babel/highlight': 7.25.7 picocolors: 1.1.0 - '@babel/helper-validator-identifier@7.24.7': {} + '@babel/helper-validator-identifier@7.25.7': {} - '@babel/highlight@7.24.7': + '@babel/highlight@7.25.7': dependencies: - '@babel/helper-validator-identifier': 7.24.7 + '@babel/helper-validator-identifier': 7.25.7 chalk: 2.4.2 js-tokens: 4.0.0 picocolors: 1.1.0 - '@commitlint/cli@19.5.0(@types/node@22.7.4)(typescript@5.6.2)': + '@commitlint/cli@19.5.0(@types/node@22.7.5)(typescript@5.6.3)': dependencies: '@commitlint/format': 19.5.0 '@commitlint/lint': 19.5.0 - '@commitlint/load': 19.5.0(@types/node@22.7.4)(typescript@5.6.2) + '@commitlint/load': 19.5.0(@types/node@22.7.5)(typescript@5.6.3) '@commitlint/read': 19.5.0 '@commitlint/types': 19.5.0 tinyexec: 0.3.0 @@ -550,15 +550,15 @@ snapshots: '@commitlint/rules': 19.5.0 '@commitlint/types': 19.5.0 - '@commitlint/load@19.5.0(@types/node@22.7.4)(typescript@5.6.2)': + '@commitlint/load@19.5.0(@types/node@22.7.5)(typescript@5.6.3)': dependencies: '@commitlint/config-validator': 19.5.0 '@commitlint/execute-rule': 19.5.0 '@commitlint/resolve-extends': 19.5.0 '@commitlint/types': 19.5.0 chalk: 5.3.0 - cosmiconfig: 9.0.0(typescript@5.6.2) - cosmiconfig-typescript-loader: 5.0.0(@types/node@22.7.4)(cosmiconfig@9.0.0(typescript@5.6.2))(typescript@5.6.2) + cosmiconfig: 9.0.0(typescript@5.6.3) + cosmiconfig-typescript-loader: 5.0.0(@types/node@22.7.5)(cosmiconfig@9.0.0(typescript@5.6.3))(typescript@5.6.3) lodash.isplainobject: 4.0.6 lodash.merge: 4.6.2 lodash.uniq: 4.5.0 @@ -611,9 +611,9 @@ snapshots: '@types/conventional-commits-parser@5.0.0': dependencies: - '@types/node': 22.7.4 + '@types/node': 22.7.5 - '@types/node@22.7.4': + '@types/node@22.7.5': dependencies: undici-types: 6.19.8 @@ -695,32 +695,32 @@ snapshots: meow: 12.1.1 split2: 4.2.0 - cosmiconfig-typescript-loader@5.0.0(@types/node@22.7.4)(cosmiconfig@9.0.0(typescript@5.6.2))(typescript@5.6.2): + cosmiconfig-typescript-loader@5.0.0(@types/node@22.7.5)(cosmiconfig@9.0.0(typescript@5.6.3))(typescript@5.6.3): dependencies: - '@types/node': 22.7.4 - cosmiconfig: 9.0.0(typescript@5.6.2) + '@types/node': 22.7.5 + cosmiconfig: 9.0.0(typescript@5.6.3) jiti: 1.21.6 - typescript: 5.6.2 + typescript: 5.6.3 - cosmiconfig@9.0.0(typescript@5.6.2): + cosmiconfig@9.0.0(typescript@5.6.3): dependencies: env-paths: 2.2.1 import-fresh: 3.3.0 js-yaml: 4.1.0 parse-json: 5.2.0 optionalDependencies: - typescript: 5.6.2 + typescript: 5.6.3 dargs@8.1.0: {} dargstack@2.2.2: {} - dargstack_rgen@0.9.45: + dargstack_rgen@0.9.46: dependencies: deepmerge: 4.3.1 diff: 7.0.0 json2md: 2.0.1 - yaml: 2.5.1 + yaml: 2.6.0 yargs: 17.7.2 deepmerge@4.3.1: {} @@ -850,7 +850,7 @@ snapshots: parse-json@5.2.0: dependencies: - '@babel/code-frame': 7.24.7 + '@babel/code-frame': 7.25.7 error-ex: 1.3.2 json-parse-even-better-errors: 2.3.1 lines-and-columns: 1.2.4 @@ -891,7 +891,7 @@ snapshots: tinyexec@0.3.0: {} - typescript@5.6.2: {} + typescript@5.6.3: {} undici-types@6.19.8: {} @@ -905,7 +905,7 @@ snapshots: y18n@5.0.8: {} - yaml@2.5.1: {} + yaml@2.6.0: {} yargs-parser@21.1.1: {} diff --git a/src/development/certificates/mkcert.sh b/src/development/certificates/mkcert.sh index 797e677e..3d5f9d92 100755 --- a/src/development/certificates/mkcert.sh +++ b/src/development/certificates/mkcert.sh @@ -37,6 +37,5 @@ create "traefik" \ `# postgraphile` "postgraphile.localhost" \ `# prometheus` "prometheus.localhost" \ `# redpanda` "redpanda.localhost" \ - `# stomper` "stomper.localhost" \ `# traefik` "traefik.localhost" \ `# tusd` "tusd.localhost" \ No newline at end of file diff --git a/src/development/secrets/maevsi/aws-credentials.secret b/src/development/secrets/maevsi/aws-credentials.secret new file mode 100644 index 00000000..96077989 --- /dev/null +++ b/src/development/secrets/maevsi/aws-credentials.secret @@ -0,0 +1,3 @@ +[stomper] +aws_access_key_id = +aws_secret_access_key = diff --git a/src/development/secrets/maevsi/aws-credentials.secret.template b/src/development/secrets/maevsi/aws-credentials.secret.template new file mode 100644 index 00000000..96077989 --- /dev/null +++ b/src/development/secrets/maevsi/aws-credentials.secret.template @@ -0,0 +1,3 @@ +[stomper] +aws_access_key_id = +aws_secret_access_key = diff --git a/src/development/secrets/postgres/role_maevsi-stomper_password.secret b/src/development/secrets/postgres/role_maevsi-stomper_password.secret deleted file mode 100644 index 3deddbff..00000000 --- a/src/development/secrets/postgres/role_maevsi-stomper_password.secret +++ /dev/null @@ -1 +0,0 @@ -stomper \ No newline at end of file diff --git a/src/development/secrets/postgres/role_maevsi-stomper_password.secret.template b/src/development/secrets/postgres/role_maevsi-stomper_password.secret.template deleted file mode 100644 index a6bb01c1..00000000 --- a/src/development/secrets/postgres/role_maevsi-stomper_password.secret.template +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/src/development/secrets/postgres/role_maevsi-stomper_username.secret b/src/development/secrets/postgres/role_maevsi-stomper_username.secret deleted file mode 100644 index 50888fe3..00000000 --- a/src/development/secrets/postgres/role_maevsi-stomper_username.secret +++ /dev/null @@ -1 +0,0 @@ -maevsi_stomper \ No newline at end of file diff --git a/src/development/secrets/postgres/role_maevsi-stomper_username.secret.template b/src/development/secrets/postgres/role_maevsi-stomper_username.secret.template deleted file mode 100644 index a6bb01c1..00000000 --- a/src/development/secrets/postgres/role_maevsi-stomper_username.secret.template +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/src/development/secrets/stomper/nodemailer-transporter.secret b/src/development/secrets/stomper/nodemailer-transporter.secret deleted file mode 100644 index 18cd2c2d..00000000 --- a/src/development/secrets/stomper/nodemailer-transporter.secret +++ /dev/null @@ -1,7 +0,0 @@ -{ - "host": "localhost", - "port": 25, - "tls": { - "rejectUnauthorized": false - } -} \ No newline at end of file diff --git a/src/development/secrets/stomper/nodemailer-transporter.secret.template b/src/development/secrets/stomper/nodemailer-transporter.secret.template deleted file mode 100644 index 78866253..00000000 --- a/src/development/secrets/stomper/nodemailer-transporter.secret.template +++ /dev/null @@ -1,9 +0,0 @@ -{ - "host": "", - "port": 465, - "secure": true, - "auth": { - "user": "", - "pass": "" - } -} \ No newline at end of file diff --git a/src/development/stack.yml b/src/development/stack.yml index 0c4aab46..0748ff7a 100644 --- a/src/development/stack.yml +++ b/src/development/stack.yml @@ -16,6 +16,9 @@ secrets: jobber_msmtprc: # The job scheduler's SMTP client configuration. file: ./secrets/jobber/msmtprc.secret + maevsi_aws-credentials: + # The cloud computing provider's user credentials. + file: ./secrets/maevsi/aws-credentials.secret maevsi_turnstile-key: # The captcha provider's application key. file: ./secrets/maevsi/turnstile-key.secret @@ -49,12 +52,6 @@ secrets: postgres_role_maevsi-postgraphile_username: # The `maevsi_postgraphile` database role's username. file: ./secrets/postgres/role_maevsi-postgraphile_username.secret - postgres_role_maevsi-stomper_password: - # The `stomper` database role's password. - file: ./secrets/postgres/role_maevsi-stomper_password.secret - postgres_role_maevsi-stomper_username: - # The `stomper` database role's username. - file: ./secrets/postgres/role_maevsi-stomper_username.secret postgres_role_maevsi-tusd_password: # The `tusd` database role's password. file: ./secrets/postgres/role_maevsi-tusd_password.secret @@ -67,9 +64,6 @@ secrets: sqitch_target: # The database change management application's database connection string. file: ./secrets/sqitch/target.secret - stomper_nodemailer-transporter: - # The email service's SMTP configuration. - file: ./secrets/stomper/nodemailer-transporter.secret tusd_aws: # The upload service's s3 credentials file. file: ./secrets/tusd/aws.secret @@ -106,12 +100,12 @@ services: GROUP_ID: 1 OFFSET_STORAGE_TOPIC: connect_offsets STATUS_STORAGE_TOPIC: connect_statuses - healthcheck: - test: ["CMD", "curl", "--fail", "--silent", "--show-error", "http://localhost:8083/connectors"] - interval: 30s - timeout: 10s - retries: 3 - start_period: 20s + # healthcheck: + # test: ["CMD", "curl", "--fail", "--silent", "--show-error", "http://localhost:8083/connectors"] + # interval: 30s + # timeout: 10s + # retries: 3 + # start_period: 20s image: debezium/connect:3.0 debezium-postgres-connector: # You can check the database connector's setup logs using `portainer`. @@ -127,6 +121,9 @@ services: - postgres_user volumes: - ./configurations/debezium/entrypoint.sh:/entrypoint.sh:ro + geoip: + # You cannot access the ip geolocator via a web interface. + image: ghcr.io/observabilitystack/geoip-api:2024-41 grafana: # You can access the observation dashboard at [grafana.localhost](https://grafana.localhost/). deploy: @@ -183,6 +180,7 @@ services: - traefik.http.routers.maevsi_secure.service=maevsi #DARGSTACK-REMOVE - traefik.http.services.maevsi.loadbalancer.server.port=3000 environment: + AWS_REGION: ${MAEVSI_AWS_REGION} CONSOLA_LEVEL: 4 # debug #DARGSTACK-REMOVE NUXT_PUBLIC_GTAG_ID: ${GTAG_ID} NUXT_PUBLIC_SITE_URL: https://${STACK_DOMAIN} @@ -194,6 +192,8 @@ services: POSTGRES_ROLE_MAEVSI_TUSD_USERNAME_FILE: /run/secrets/postgres_role_maevsi-tusd_username image: maevsi/maevsi:dev secrets: + - source: maevsi_aws-credentials + target: /home/node/.aws/credentials # TODO: switch to user `node` - maevsi_turnstile-key - postgres_db - postgres_role_maevsi-tusd_password @@ -253,7 +253,7 @@ services: constraints: - node.role == manager replicas: 1 - image: portainer/portainer-ce:2.22.0-alpine + image: portainer/portainer-ce:2.23.0-alpine secrets: - portainer_admin-password volumes: @@ -267,7 +267,7 @@ services: - node.platform.os == linux environment: AGENT_CLUSTER_ADDR: tasks.portainer-agent - image: portainer/agent:2.22.0 + image: portainer/agent:2.23.0 volumes: - /var/run/docker.sock:/var/run/docker.sock - /var/lib/docker/volumes:/var/lib/docker/volumes @@ -307,7 +307,7 @@ services: POSTGRES_DB_FILE: /run/secrets/postgres_db POSTGRES_PASSWORD_FILE: /run/secrets/postgres_password POSTGRES_USER_FILE: /run/secrets/postgres_user - image: debezium/postgres:16-alpine + image: quay.io/debezium/postgres:17-alpine # # Expose ports (only) e.g. to generate a database graph image or similar. # ports: # - 5432:5432 @@ -337,11 +337,6 @@ services: volumes: - ../production/configurations/prometheus/prometheus.yaml:/etc/prometheus/prometheus.yml:ro - prometheus_data:/prometheus - reccoom: - # You cannot access the recommendation service directly. - image: maevsi/reccoom:dev - volumes: - - ../../../reccoom/:/srv/app/ redpanda: # You can access the event streaming platform's ui as described under `redpanda-console`. command: @@ -352,13 +347,13 @@ services: - --pandaproxy-addr internal://0.0.0.0:8082,external://0.0.0.0:18082 - --advertise-pandaproxy-addr internal://redpanda:8082,external://localhost:18082 - --schema-registry-addr internal://0.0.0.0:8081,external://0.0.0.0:18081 - healthcheck: - test: ["CMD-SHELL", "output=$(rpk cluster health --json); echo \"$output\" | grep -q '\"healthy\":true' || { echo \"$output\"; exit 1; }"] - interval: 30s - timeout: 10s - retries: 3 - start_period: 10s - image: redpandadata/redpanda:v23.2.17 + # healthcheck: + # test: ["CMD-SHELL", "output=$(rpk cluster health --json); echo \"$output\" | grep -q '\"healthy\":true' || { echo \"$output\"; exit 1; }"] + # interval: 30s + # timeout: 10s + # retries: 3 + # start_period: 10s + image: redpandadata/redpanda:v23.3.21 volumes: - redpanda_data:/var/lib/redpanda/data redpanda-console: @@ -373,7 +368,7 @@ services: - traefik.http.services.redpanda.loadbalancer.server.port=8080 environment: CONFIG_FILEPATH: /srv/app/redpanda-config.yaml - image: redpandadata/console:v2.3.7 + image: redpandadata/console:v2.7.2 volumes: - ../production/configurations/redpanda/config.yaml:/srv/app/redpanda-config.yaml:ro sqitch: @@ -384,39 +379,12 @@ services: - postgres_role_grafana_username - postgres_role_maevsi-postgraphile_password - postgres_role_maevsi-postgraphile_username - - postgres_role_maevsi-stomper_password - - postgres_role_maevsi-stomper_username - postgres_role_maevsi-tusd_password - postgres_role_maevsi-tusd_username - sqitch_target volumes: - ../../../sqitch/:/srv/app/ - /run/postgresql/:/run/postgresql/ - stomper: - # You cannot access the email service directly. - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.stomper.middlewares=redirectscheme #DARGSTACK-REMOVE - - traefik.http.routers.stomper.rule=Host(`stomper.${STACK_DOMAIN}`) - - traefik.http.routers.stomper_secure.rule=Host(`stomper.${STACK_DOMAIN}`) - - traefik.http.routers.stomper_secure.tls.options=mintls13@file #DARGSTACK-REMOVE - - traefik.http.services.stomper.loadbalancer.server.port=3000 - environment: - CONSOLA_LEVEL: 4 # debug - STACK_DOMAIN: ${STACK_DOMAIN} - image: maevsi/stomper:dev - # ports: - # - 9229:9229 - secrets: - - postgres_db - - postgres_role_maevsi-stomper_password - - postgres_role_maevsi-stomper_username - - stomper_nodemailer-transporter - user: 1000:1000 - volumes: - - ${PNPM_STORE_DIR}:/srv/.pnpm-store/ - - ../../../stomper/:/srv/app/ traefik: # You can access the reverse proxy's dashboard at [traefik.localhost](https://traefik.localhost/). command: @@ -445,7 +413,7 @@ services: placement: constraints: - node.role == manager - image: traefik:v3.1.5 + image: traefik:v3.1.6 ports: #DARGSTACK-REMOVE - mode: host #DARGSTACK-REMOVE protocol: tcp #DARGSTACK-REMOVE diff --git a/src/production/production.yml b/src/production/production.yml index ae6c66b1..ba80e26a 100644 --- a/src/production/production.yml +++ b/src/production/production.yml @@ -51,7 +51,7 @@ services: - (( append )) - traefik.http.routers.maevsi.middlewares=maevsi_cors,maevsi_redirectregex - traefik.http.routers.maevsi_secure.tls.certresolver=default - image: ghcr.io/maevsi/maevsi:4.15.0 + image: ghcr.io/maevsi/maevsi:5.0.0 user: (( prune )) maevsi_beta: # You can access the main project frontend's beta version at [beta.localhost](https://beta.localhost/). @@ -76,7 +76,7 @@ services: POSTGRES_DB_FILE: /run/secrets/postgres_db POSTGRES_ROLE_MAEVSI_TUSD_PASSWORD_FILE: /run/secrets/postgres_role_maevsi-tusd_password POSTGRES_ROLE_MAEVSI_TUSD_USERNAME_FILE: /run/secrets/postgres_role_maevsi-tusd_username - image: ghcr.io/maevsi/maevsi:4.15.0 + image: ghcr.io/maevsi/maevsi:5.0.0 secrets: - maevsi_turnstile-key - postgres_db @@ -116,19 +116,8 @@ services: labels: - (( append )) - traefik.http.routers.prometheus_secure.tls.certresolver=default - reccoom: - image: ghcr.io/maevsi/reccoom:0.1.0 - volumes: (( prune )) sqitch: - image: ghcr.io/maevsi/sqitch:3.4.8 - volumes: (( prune )) - stomper: - deploy: - labels: - - (( append )) - - traefik.http.routers.stomper_secure.tls.certresolver=default - image: ghcr.io/maevsi/stomper:1.1.25 - user: (( prune )) + image: ghcr.io/maevsi/sqitch:4.0.0 volumes: (( prune )) traefik: command: