-
-
Notifications
You must be signed in to change notification settings - Fork 22
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #407 from seanmorley15/dependabot/npm_and_yarn/doc…
…umentation/npm_and_yarn-36c5dcd58e Bump the npm_and_yarn group across 2 directories with 2 updates
- Loading branch information
Showing
9 changed files
with
223 additions
and
18 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
# AdventureLog Admin Panel | ||
|
||
The AdventureLog Admin Panel, powered by Django, is a web-based interface that allows administrators to manage objects in the AdventureLog database. The Admin Panel is accessible at the `/admin` endpoint of the AdventureLog server. Example: `https://al-server.yourdomain.com/admin`. | ||
|
||
Features of the Admin Panel include: | ||
|
||
- **User Management**: Administrators can view and manage user accounts, including creating new users, updating user information, and deleting users. | ||
- **Adventure Management**: Administrators can view and manage adventures, including creating new adventures, updating adventure information, and deleting adventures. | ||
- **Security**: The Admin Panel enforces access control to ensure that only authorized administrators can access and manage the database. This means that only users with the `is_staff` flag set to `True` can access the Admin Panel. | ||
|
||
Note: the `CSRF_TRUSTED_ORIGINS` setting in your `docker-compose.yml` file must include the domain of the server. For example, if your server is hosted at `https://al-server.yourdomain.com`, you should add `al-server.yourdomain.com` to the `CSRF_TRUSTED_ORIGINS` setting. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# Kubernetes and Kustomize (k8s) | ||
|
||
_AdventureLog can be run inside a kubernetes cluster using [kustomize](https://kustomize.io/)._ | ||
|
||
## Prerequisites | ||
|
||
A working kubernetes cluster. AdventureLog has been tested on k8s, but any Kustomize-capable flavor should be easy to use. | ||
|
||
## Cluster Routing | ||
|
||
Because the AdventureLog backend must be reachable by **both** the web browser and the AdventureLog frontend, k8s-internal routing mechanisms traditional for standing up other similar applications **cannot** be used. | ||
|
||
In order to host AdventureLog in your cluster, you must therefor configure an internally and externally resolvable ingress that routes to your AdventureLog backend container. | ||
|
||
Once you have made said ingress, set `PUBLIC_SERVER_URL` and `PUBLIC_URL` env variables below to the url of that ingress. | ||
|
||
## Tailscale and Headscale | ||
|
||
Many k8s homelabs choose to use [Tailscale](https://tailscale.com/) or similar projects to remove the need for open ports in your home firewall. | ||
|
||
The [Tailscale k8s Operator](https://tailscale.com/kb/1185/kubernetes/) will set up an externally resolvable service/ingress for your AdventureLog instance, | ||
but it will fail to resolve internally. | ||
|
||
You must [expose tailnet IPs to your cluster](https://tailscale.com/kb/1438/kubernetes-operator-cluster-egress#expose-a-tailnet-https-service-to-your-cluster-workloads) so the AdventureLog pods can resolve them. | ||
|
||
## Getting Started | ||
|
||
Take a look at the [example config](https://github.com/seanmorley15/AdventureLog/blob/main/kustomization.yml) and modify it for your usecase. | ||
|
||
## Environment Variables | ||
|
||
Look at the [environment variable summary](docker.md#configuration) in the docker install section to see available and required configuration options. | ||
|
||
Enjoy AdventureLog! 🎉 |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,153 @@ | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: example-name | ||
labels: | ||
app: adventure | ||
spec: | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
app: adventure | ||
template: | ||
metadata: | ||
name: adventure | ||
labels: | ||
app: adventure | ||
spec: | ||
volumes: | ||
- name: adventure-journal | ||
persistentVolumeClaim: | ||
claimName: adventure-journal-pvc | ||
- name: adventure-journal-db | ||
persistentVolumeClaim: | ||
claimName: adventure-journal-db-pvc | ||
containers: | ||
- name: adventure-frontend | ||
image: ghcr.io/seanmorley15/adventurelog-frontend:latest | ||
imagePullPolicy: IfNotPresent | ||
ports: | ||
- containerPort: 3000 | ||
env: | ||
- name: PUBLIC_SERVER_URL | ||
value: "http://internally-and-externally.reachable.io:80" | ||
- name: ORIGIN | ||
value: "http://url-typed-into-browser.io:80" | ||
- name: BODY_SIZE_LIMIT | ||
value: "Infinity" | ||
|
||
- name: adventure-db | ||
image: postgis/postgis:15-3.3 | ||
imagePullPolicy: IfNotPresent | ||
ports: | ||
- containerPort: 5432 | ||
volumeMounts: | ||
- name: adventure-journal-db | ||
mountPath: /var/lib/postgresql/data | ||
env: | ||
- name: POSTGRES_DB | ||
value: database | ||
- name: PGDATA | ||
value: /var/lib/postgresql/data/pgdata/subdir | ||
- name: POSTGRES_USER | ||
value: adventure | ||
- name: POSTGRES_PASSWORD | ||
valueFrom: | ||
secretKeyRef: | ||
name: adventurelog-secret | ||
key: adventure-postgres-password | ||
|
||
- name: adventure-backend | ||
image: ghcr.io/seanmorley15/adventurelog-backend:latest | ||
imagePullPolicy: IfNotPresent | ||
ports: | ||
- containerPort: 80 | ||
- containerPort: 8000 | ||
volumeMounts: | ||
- name: adventure-journal | ||
mountPath: /code/media | ||
env: | ||
- name: PGHOST | ||
value: "adventure-db-svc" | ||
- name: PGDATABASE | ||
value: "database" | ||
- name: PGUSER | ||
value: "adventure" | ||
- name: PGPASSWORD | ||
valueFrom: | ||
secretKeyRef: | ||
name: adventurelog-secret | ||
key: adventure-postgres-password | ||
- name: SECRET_KEY | ||
valueFrom: | ||
secretKeyRef: | ||
name: adventurelog-secret | ||
key: adventure-postgres-password | ||
- name: PUBLIC_URL | ||
value: "http://internally-and-externally.reachable.io:80" # Match the outward port, used for the creation of image urls | ||
- name: FRONTEND_URL | ||
value: "http://url-typed-into-browser.io:80" | ||
- name: CSRF_TRUSTED_ORIGINS | ||
value: "http://url-typed-into-browser.io:80, http://internally-and-externally.reachable.io:80" | ||
- name: DJANGO_ADMIN_USERNAME | ||
value: "admin" | ||
- name: DJANGO_ADMIN_PASSWORD | ||
value: "admin" | ||
- name: DJANGO_ADMIN_EMAIL | ||
value: "admin@example.com" | ||
- name: DEBUG | ||
value: "True" | ||
restartPolicy: Always | ||
--- | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: adventure-db-svc | ||
spec: | ||
selector: | ||
app: adventure | ||
ports: | ||
- name: db | ||
protocol: TCP | ||
port: 5432 | ||
targetPort: 5432 | ||
--- | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: server | ||
spec: | ||
selector: | ||
app: adventure | ||
ports: | ||
- name: http | ||
protocol: TCP | ||
port: 80 | ||
targetPort: 80 | ||
- name: base | ||
protocol: TCP | ||
port: 8000 | ||
targetPort: 8000 | ||
--- | ||
# If you aren't automatically provisioning PVCs (i.e. with Longhorn, you'll need to also create the PV's) | ||
apiVersion: v1 | ||
kind: PersistentVolumeClaim | ||
metadata: | ||
name: adventure-journal-pvc | ||
spec: | ||
accessModes: | ||
- ReadWriteOnce | ||
resources: | ||
requests: | ||
storage: 10Gi | ||
--- | ||
apiVersion: v1 | ||
kind: PersistentVolumeClaim | ||
metadata: | ||
name: adventure-journal-db-pvc | ||
spec: | ||
accessModes: | ||
- ReadWriteOnce | ||
resources: | ||
requests: | ||
storage: 10Gi |