public-mirrors/NewsBlur
1
0
Fork 0
mirror of https://github.com/samuelclay/NewsBlur.git synced 2025-04-13 09:42:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Handling ubuntu + darwin

Browse source
This commit is contained in:
Samuel Clay 2025-02-25 17:31:37 -08:00
parent 927ebbfd50
commit 86a0e10374
4 changed files with 33 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
Makefile
View file

@ -1,7 +1,9 @@
SHELL := /bin/bash
CURRENT_UID := $(shell id -u)
CURRENT_GID := $(shell id -g)
newsblur := $(shell gtimeout 2s docker ps -qf "name=newsblur_web")
# Use timeout on Linux and gtimeout on macOS
TIMEOUT_CMD := $(shell command -v gtimeout || command -v timeout)
newsblur := $(shell $(TIMEOUT_CMD) 2s docker ps -qf "name=newsblur_web")
.PHONY: node
@ -85,14 +87,23 @@ test:
RUNWITHMAKEBUILD=True CURRENT_UID=${CURRENT_UID} CURRENT_GID=${CURRENT_GID} docker compose exec newsblur_web bash -c "NOSE_EXCLUDE_DIRS=./vendor DJANGO_SETTINGS_MODULE=newsblur_web.test_settings python3 manage.py test -v 3 --failfast"
keys:
mkdir config/certificates
mkdir -p config/certificates
openssl dhparam -out config/certificates/dhparam-2048.pem 2048
openssl req -x509 -nodes -new -sha256 -days 1024 -newkey rsa:2048 -keyout config/certificates/RootCA.key -out config/certificates/RootCA.pem -subj "/C=US/CN=Example-Root-CA"
openssl x509 -outform pem -in config/certificates/RootCA.pem -out config/certificates/RootCA.crt
openssl req -new -nodes -newkey rsa:2048 -keyout config/certificates/localhost.key -out config/certificates/localhost.csr -subj "/C=US/ST=YourState/L=YourCity/O=Example-Certificates/CN=localhost"
openssl x509 -req -sha256 -days 1024 -in config/certificates/localhost.csr -CA config/certificates/RootCA.pem -CAkey config/certificates/RootCA.key -CAcreateserial -out config/certificates/localhost.crt
cat config/certificates/localhost.crt config/certificates/localhost.key > config/certificates/localhost.pem
sudo /usr/bin/security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ./config/certificates/RootCA.crt
@if [ "$$(uname)" = "Darwin" ]; then \
sudo /usr/bin/security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ./config/certificates/RootCA.crt; \
elif [ "$$(uname)" = "Linux" ]; then \
echo "Installing certificate for Linux..."; \
sudo cp ./config/certificates/RootCA.crt /usr/local/share/ca-certificates/newsblur-rootca.crt || true; \
sudo update-ca-certificates || true; \
echo "Certificate installation attempted. If this fails, you may need to manually trust the certificate."; \
else \
echo "Unknown OS. Please manually trust the certificate at ./config/certificates/RootCA.crt"; \
fi
# Doesn't work yet
mkcert:

4
ansible/inventories/hetzner.yml
View file

@ -6,9 +6,9 @@ groups:
haproxy: inventory_hostname.startswith('hwww')
app: inventory_hostname.startswith('happ')
app: inventory_hostname.startswith('happ') or inventory_hostname.startswith('repo-test')
happ: inventory_hostname.startswith('happ')
web: inventory_hostname.startswith('happ')
web: inventory_hostname.startswith('happ') or inventory_hostname.startswith('repo-test')
hweb: inventory_hostname.startswith('happ')
django: inventory_hostname.startswith('happ-web')
hdjango: inventory_hostname.startswith('happ-web')

4
docker-compose.yml
View file

@ -4,7 +4,7 @@ services:
container_name: newsblur_web
image: newsblur/newsblur_${NEWSBLUR_BASE:-python3}:latest
build:
context: /srv/newsblur
context: .
dockerfile: docker/newsblur_base_image.Dockerfile
# user: "${CURRENT_UID}:${CURRENT_GID}"
environment:
@ -125,7 +125,7 @@ services:
db_elasticsearch:
container_name: db_elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:8.17.0-arm64
image: docker.elastic.co/elasticsearch/elasticsearch:8.17.0
mem_limit: 4g
restart: unless-stopped
environment:

24
docker/newsblur_base_image.Dockerfile
View file

@ -4,7 +4,7 @@ ENV PYTHONPATH=/srv/newsblur
RUN set -ex \
&& rundDeps=' \
libpq5 \
libjpeg62 \
libjpeg62-turbo \
libxslt1.1 \
' \
&& buildDeps=' \
@ -15,19 +15,25 @@ RUN set -ex \
libjpeg-dev \
libpq-dev \
libev-dev \
libreadline6-dev \
libreadline-dev \
liblapack-dev \
libxml2-dev \
libxslt1-dev \
ncurses-dev \
libncurses-dev \
zlib1g-dev \
' \
&& apt-get update \
&& apt-get install -y $rundDeps $buildDeps --no-install-recommends \
&& apt-get install -y wget \
&& wget https://github.com/lexiforest/curl-impersonate/releases/download/v0.9.3/curl-impersonate-v0.9.3.aarch64-linux-gnu.tar.gz \
&& tar -xzf curl-impersonate-v0.9.3.aarch64-linux-gnu.tar.gz -C /usr/local/bin/ \
&& rm curl-impersonate-v0.9.3.aarch64-linux-gnu.tar.gz \
&& apt-get update || (echo "Retrying apt-get update with different DNS" && echo "nameserver 8.8.8.8" > /etc/resolv.conf && apt-get update) \
&& apt-get install -y $rundDeps $buildDeps --no-install-recommends || (echo "Retrying apt-get install with different package names" && apt-get install -y libpq5 libjpeg62-turbo libxslt1.1 patch gfortran libblas-dev libffi-dev libjpeg-dev libpq-dev libev-dev libreadline-dev liblapack-dev libxml2-dev libxslt1-dev libncurses-dev zlib1g-dev --no-install-recommends) \
&& apt-get install -y wget curl ca-certificates \
&& ARCH=$(uname -m) \
&& if [ "$ARCH" = "aarch64" ] || [ "$ARCH" = "arm64" ]; then \
CURL_IMPERSONATE_URL="https://github.com/lexiforest/curl-impersonate/releases/download/v0.9.3/curl-impersonate-v0.9.3.aarch64-linux-gnu.tar.gz"; \
else \
CURL_IMPERSONATE_URL="https://github.com/lexiforest/curl-impersonate/releases/download/v0.9.3/curl-impersonate-v0.9.3.x86_64-linux-gnu.tar.gz"; \
fi \
&& wget $CURL_IMPERSONATE_URL \
&& tar -xzf curl-impersonate-*.tar.gz -C /usr/local/bin/ \
&& rm curl-impersonate-*.tar.gz \
&& chmod +x /usr/local/bin/curl-impersonate-chrome
COPY config/requirements.txt /srv/newsblur/