diff options
author | Micah Anderson <micah@riseup.net> | 2018-01-25 10:00:10 -0500 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2018-01-25 10:23:17 -0500 |
commit | 9293398b4bf11c9641eeab03d8e1bf2049fa2b65 (patch) | |
tree | 83ecc5faa28762cbb404414464c4343f8e19495c | |
parent | c5f67dc20da34ff8d01313f4a2c4c804a758c40b (diff) |
setup review appsetup-reviewapp
-rw-r--r-- | .gitlab-ci.yml | 60 | ||||
-rw-r--r-- | Dockerfile | 55 | ||||
-rw-r--r-- | pages/about-us/en.md | 4 |
3 files changed, 115 insertions, 4 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9fdbaad..493ae68 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,7 +1,62 @@ --- -image: 0xacab.org:4567/leap/docker/ruby:stretch_amd64 -deploy: +variables: + OPENSHIFT_SERVER: hexacab.org:8443 + OPENSHIFT_DOMAIN: apps.hexacab.org + PROJECT_NAME: leapse + # Configure this variable in Secure Variables: + # OPENSHIFT_TOKEN: my.openshift.token + +stages: + - review + - production + - cleanup + +.deploy: &deploy + image: ayufan/openshift-cli + before_script: + - oc login "${OPENSHIFT_SERVER}" --token="${OPENSHIFT_TOKEN}" + - oc project "${PROJECT_NAME}-${CI_PROJECT_ID}" 2> /dev/null || oc new-project "${PROJECT_NAME}-${CI_PROJECT_ID}" + script: + - "oc get services ${APP} 2> /dev/null || oc new-app ${CI_REPOSITORY_URL}#${CI_COMMIT_REF_NAME} --name=${APP} --strategy=docker && sleep 3 && oc logs -f bc/${APP}" + - "oc status -v" + - "oc expose dc ${APP} --port=8080 && oc expose service ${APP} --port=8080 --hostname=${PROJECT_NAME}-${CI_ENVIRONMENT_SLUG}.${OPENSHIFT_DOMAIN}" + +review: + <<: *deploy + stage: review + variables: + APP: review-$CI_COMMIT_REF_NAME + APP_HOST: $PROJECT_NAME-$CI_ENVIRONMENT_SLUG.$OPENSHIFT_DOMAIN + environment: + name: review/$CI_COMMIT_REF_NAME + url: http://$PROJECT_NAME-$CI_ENVIRONMENT_SLUG.$OPENSHIFT_DOMAIN + on_stop: stop-review + only: + - branches + except: + - master + +stop-review: + <<: *deploy + stage: cleanup + script: + - oc delete all -l "app=$APP" + when: manual + variables: + APP: review-$CI_COMMIT_REF_NAME + GIT_STRATEGY: none + environment: + name: review/$CI_COMMIT_REF_NAME + action: stop + only: + - branches + except: + - master + +production: + image: debian:stretch + stage: production environment: name: production only: @@ -19,3 +74,4 @@ deploy: - apt-get update - apt-get install -y --no-install-recommends capistrano - cap deploy + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..e201f40 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,55 @@ +FROM debian:stretch + +MAINTAINER LEAP Encryption Access Project <sysdev@leap.se> +LABEL Description="Run amber server behind apache to serve the LEAP website" + +ENV DEBIAN_FRONTEND noninteractive + +COPY . /var/www/leap-website/ + +RUN apt-get update \ + && apt-get -y dist-upgrade \ + && apt-get install -y --no-install-recommends \ + apache2 \ + rubygems \ + ruby-dev \ + zlib1g-dev \ + build-essential \ + git + +RUN rm -rf /var/lib/apt/lists/* + +# Install amber +RUN gem install amber --no-ri --no-rdoc + +# Generate the static html files (into public/) +RUN cd /var/www/leap-website && amber rebuild + +#### Setup apache + +# Run on a non-priviledge port +RUN sed -i -e 's|Listen 80|Listen 8080|' /etc/apache2/ports.conf +RUN sed -i -e 's|VirtualHost \*:80|VirtualHost \*:8080|' /etc/apache2/sites-enabled/000-default.conf + +# Set the document root +RUN sed -i -e 's|DocumentRoot /var/www/html|DocumentRoot /var/www/leap-website/public|' /etc/apache2/sites-enabled/000-default.conf + +# Set the amber-specific configuration for the directory so that the indexes and .htaccess will work +RUN sed -i -e 's|</VirtualHost>| <Directory "/var/www/leap-website/public"> \n AllowOverride FileInfo Indexes Options=All,MultiViews \n Require all granted \n </Directory> \n</VirtualHost>|' /etc/apache2/sites-enabled/000-default.conf + +# Enable the necessary modules +RUN /usr/sbin/a2enmod rewrite headers + +# Create the directories apache needs, these must be there for unpriviledged apache to run +RUN mkdir /var/run/apache2 /var/lock/apache2 \ + && chown :0 /var/log/apache2 /var/run/apache2 /var/lock/apache2 \ + && chmod 774 /var/log/apache2 /var/run/apache2 /var/lock/apache2 + +# Make the logs be displayed in the openshift logs tab +RUN ln -sf /dev/stdout /var/log/apache2/access.log \ + && ln -sf /dev/stdout /var/log/apache2/other_vhosts_access.log \ + && ln -sf /dev/stderr /var/log/apache2/error.log + +# Run apache in the foreground +CMD ["apache2ctl", "-D", "FOREGROUND"] + diff --git a/pages/about-us/en.md b/pages/about-us/en.md index 4d9f1d2..86c031a 100644 --- a/pages/about-us/en.md +++ b/pages/about-us/en.md @@ -1,9 +1,9 @@ @title = 'About Us' @toc = false -LEAP is a dedicated to giving all internet users access to secure communication. Our focus is on adapting encryption technology to make it easy to use and widely available. Like free speech, the right to whisper is an necessary precondition for a free society. Without it, civil society and political freedom become impossible. As the importance of digital communication for civic participation increases, so does the importance of the ability to digitally whisper. LEAP is devoted to making the ability to whisper available to all internet users. +LEAP is dedicated to giving all internet users access to secure communication. Our focus is on adapting encryption technology to make it easy to use and widely available. Like free speech, the right to whisper is an necessary precondition for a free society. Without it, civil society and political freedom become impossible. As the importance of digital communication for civic participation increases, so does the importance of the ability to digitally whisper. LEAP is devoted to making the ability to whisper available to all internet users. -LEAP is a non-profit organization registered in the state of Washington, USA. THe people who create LEAP live around the world, including: Bahía Blanca (Argentina), Berlin (Germany), Hamburg (Germany), La Paz (Bolivia), London (UK), Madrid (Spain), Montreal (Quebec, Canada), New York City (NY, USA), Paris (France), Seattle (WA, USA), São Paulo (Brazil), Santiago (Chile). +LEAP is a non-profit organization registered in the state of Washington, USA. The people who create LEAP live around the world, including: Bahía Blanca (Argentina), Berlin (Germany), Hamburg (Germany), La Paz (Bolivia), London (UK), Madrid (Spain), Montreal (Quebec, Canada), New York City (NY, USA), Paris (France), Seattle (WA, USA), São Paulo (Brazil), Santiago (Chile). # About LEAP technology |