mirror of
https://github.com/moghtech/komodo.git
synced 2026-05-22 07:42:16 -05:00
0d462fb2e0
* fix login page import * update to mantine v9, reduce the border radius on some things * deploy 2.2.0-dev-1 * move theme to mogh ui * start moving stuff to mogh_ui * move more components to mogh_ui * move section to mogh_ui * move confirm button * move colors and formatting to mogh_ui * move more to mogh_ui * move more components to mogh ui * move entity header / page to mogh ui * move monaco to mogh_monaco * move config / monaco to mogh ui * move text update modal to mogh ui, empty ui folder * deploy 2.2.0-dev-2 * move auth hooks to mogh_ui * move login to mogh ui * move profile management to mogh ui * add missing dedupe deps * bump mogh ui deps * expand shell process path static load * move filterBySplit to mogh_ui * align core aio dockerfile * bump mogh ui * add published mogh_auth_client * comment about onboarding key * fix lockfile * bump mogh ui * improve doc comment on CoreInfo public_key * UI: topbar home butotn use Link instead of nav, cmd click open in new tab * Minor: Update periphery.config.toml (#1365) * Minor: Update periphery.config.toml Make docs on ROOT_DIRECTORY more clear This change relates to line: > ## Each specific sub-directory (like ./stacks) can be overridden below. The change includes `./builds` directory to the list as it also can be overridden. Thus, a reader will have better understanding of the resulting root directory structure * Update compose.env * fix cli multi arch dockerfile and bump other dockerfiles * Add OIDC auto-redirect config to Core (#1339) * Add OIDC auto-redirect config to Core When KOMODO_OIDC_AUTO_REDIRECT=true, the login options response includes oidc_auto_redirect, enabling the UI (via mogh-lib) to automatically redirect unauthenticated users to the OIDC provider. Users can bypass by appending ?disableAutoLogin to the login URL. Depends on moghtech/lib UI change adding auto-redirect to LoginPage. Closes #311 * Skip OIDC auto-redirect for Add Account link The user dropdown's Add Account button navigates to /login to add another account. When OIDC auto-redirect is enabled, this link must opt out so the user can actually sign in as a different user instead of being redirected back to the already-authenticated OIDC session. * bump deps * deploy 2.2.0-dev-3 * Fix swarm deployment Tasks and Inspect tabs * Fix build cancel button variant default * RunSync: Make sure resource sync changes run after repo changes due to dependency * deploy 2.2.0-dev-4 * deploy 2.2.0-dev-5 * fmt * impl mogh server 1.5.0 configuration security headers * to the user * agents send * let user specify if they want command to be run in shell-mode (#1265) * allow users to add commands as shell-mode * revert package.json yarn auto-change * cargo fmt * bump bollard and other deps * gen client * deploy 2.2.0-dev-6 * bump dockerfile rust version 1.95.0 * document new core configurations * deploy 2.2.0-dev-7 * 2 small UI fixes (#1379) * fix: prevent horizontal page scroll on long action log lines Add white-space: pre-wrap to Code component pre elements rendering stdout/stderr in action last-run, update details, and build info views. * fix: UI Defined and Files on Server text too large in stacks table --------- Co-authored-by: twalts <t.mwalton@yahoo.com> * X-Frame-Options * Add support to generate resource json schema (#1337) * add support to generate resource json schema * remove unnecessary renames --------- Co-authored-by: Maxwell Becker <49575486+mbecker20@users.noreply.github.com> * generate resource schema * resources.json * deploy 2.2.0-dev-8 * fix build.version schema (can be string) * add resource toml comments * deploy 2.2.0-dev-9 * use draft 07 for better taplo compat * deploy 2.2.0-dev-10 * builder fix exported toml server_id -> server * deploy 2.2.0-dev-11 * bump mogh auth * deploy 2.2.0-dev-12 * Allow excluding services from global auto update (#1279) * add ignore_polling_services for global auto update * rename ignore_polling_services to auto_update_skip_services and reorganize * fix stack auto_update check show skip services * deploy 2.2.0-dev-13 * 2.2.0 * bold "relative to the root of the repo" --------- Co-authored-by: Andrii Bratanin <20169213+andriibratanin@users.noreply.github.com> Co-authored-by: John Maguire <contact@johnmaguire.me> Co-authored-by: Shen Li <dustet@gmail.com> Co-authored-by: T <github@mail.taylor.media> Co-authored-by: twalts <t.mwalton@yahoo.com> Co-authored-by: bytedream <git+github@bytedream.dev> Co-authored-by: mateuszziolkowski <88323671+mateuszziolkowski@users.noreply.github.com>
169 lines
6.4 KiB
Bash
169 lines
6.4 KiB
Bash
####################################
|
|
# 🦎 KOMODO COMPOSE - VARIABLES 🦎 #
|
|
####################################
|
|
|
|
## These compose variables can be used with all Komodo deployment options.
|
|
## Pass these variables to the compose up command using `--env-file komodo/compose.env`.
|
|
## Additionally, they are passed to both Komodo Core and Komodo Periphery with `env_file: ./compose.env`,
|
|
## so you can pass any additional environment variables to Core / Periphery directly in this file as well.
|
|
|
|
## Follows "major.minor.patch" semver.
|
|
COMPOSE_KOMODO_IMAGE_TAG="2"
|
|
## Store dated database backups on the host - https://komo.do/docs/setup/backup
|
|
COMPOSE_KOMODO_BACKUPS_PATH=/etc/komodo/backups
|
|
|
|
## DB credentials
|
|
KOMODO_DATABASE_USERNAME=admin
|
|
KOMODO_DATABASE_PASSWORD=admin
|
|
|
|
## Set your time zone for schedules
|
|
## https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
|
|
TZ=Etc/UTC
|
|
|
|
#=-------------------------=#
|
|
#= Komodo Core Environment =#
|
|
#=-------------------------=#
|
|
|
|
## Full variable list + descriptions are available here:
|
|
## 🦎 https://github.com/moghtech/komodo/blob/main/config/core.config.toml 🦎
|
|
|
|
## Note. Secret variables also support `${VARIABLE}_FILE` syntax to pass docker compose secrets.
|
|
## Docs: https://docs.docker.com/compose/how-tos/use-secrets/#examples
|
|
|
|
## Used for Oauth / Webhook url suggestion.
|
|
KOMODO_HOST=https://example.komodo.com
|
|
## Displayed in the browser tab.
|
|
KOMODO_TITLE=Komodo
|
|
|
|
## Allow Periphery to connect via generated public key
|
|
KOMODO_PERIPHERY_PUBLIC_KEY=file:/config/keys/periphery.pub
|
|
|
|
## Enable login with username + password.
|
|
KOMODO_LOCAL_AUTH=true
|
|
## Set the initial admin username created upon first launch.
|
|
## Comment out to disable initial user creation,
|
|
## and create first user using signup button.
|
|
KOMODO_INIT_ADMIN_USERNAME=admin
|
|
## Set the initial admin password
|
|
KOMODO_INIT_ADMIN_PASSWORD=changeme
|
|
|
|
## Create a first Server with a custom name.
|
|
## Usually the system hostname is good.
|
|
KOMODO_FIRST_SERVER_NAME=Local
|
|
|
|
## Make execute buttons just double-click, rather than the full confirmation dialog.
|
|
KOMODO_DISABLE_CONFIRM_DIALOG=false
|
|
|
|
## Disable creating the default Procedures on first startup.
|
|
KOMODO_DISABLE_INIT_RESOURCES=false
|
|
|
|
## Used to auth incoming webhooks. Alt: KOMODO_WEBHOOK_SECRET_FILE
|
|
KOMODO_WEBHOOK_SECRET=a_random_secret
|
|
## Used to generate jwt. Alt: KOMODO_JWT_SECRET_FILE
|
|
KOMODO_JWT_SECRET=a_random_jwt_secret
|
|
## Time to live for jwt tokens.
|
|
## Options: 1-hr, 12-hr, 1-day, 3-day, 1-wk, 2-wk
|
|
KOMODO_JWT_TTL="1-day"
|
|
|
|
## Rate Komodo polls your servers for
|
|
## status / container status / system stats / alerting.
|
|
## Options: 1-sec, 5-sec, 15-sec, 1-min, 5-min, 15-min
|
|
## Default: 15-sec
|
|
KOMODO_MONITORING_INTERVAL="15-sec"
|
|
## Interval at which to poll Resources for any updates / automated actions.
|
|
## Options: 5-min, 15-min, 1-hr, 2-hr, 6-hr, 12-hr, 1-day
|
|
## Default: 1-hr
|
|
KOMODO_RESOURCE_POLL_INTERVAL="1-hr"
|
|
|
|
## Disable new user signups.
|
|
KOMODO_DISABLE_USER_REGISTRATION=false
|
|
## All new logins are auto enabled
|
|
KOMODO_ENABLE_NEW_USERS=false
|
|
## Disable non-admins from creating new resources.
|
|
KOMODO_DISABLE_NON_ADMIN_CREATE=false
|
|
## Allows all users to have Read level access to all resources.
|
|
KOMODO_TRANSPARENT_MODE=false
|
|
|
|
## OIDC Login
|
|
KOMODO_OIDC_ENABLED=false
|
|
## Must reachable from Komodo Core container
|
|
# KOMODO_OIDC_PROVIDER=https://oidc.provider.internal/application/o/komodo
|
|
## Change the host to one reachable be reachable by users (optional if it is the same as above).
|
|
## DO NOT include the `path` part of the URL.
|
|
# KOMODO_OIDC_REDIRECT_HOST=https://oidc.provider.external
|
|
## Your OIDC client id
|
|
# KOMODO_OIDC_CLIENT_ID= # Alt: KOMODO_OIDC_CLIENT_ID_FILE
|
|
## Your OIDC client secret.
|
|
## If your provider supports PKCE flow, this can be ommitted.
|
|
# KOMODO_OIDC_CLIENT_SECRET= # Alt: KOMODO_OIDC_CLIENT_SECRET_FILE
|
|
## Make usernames the full email.
|
|
## Note. This does not work for all OIDC providers.
|
|
# KOMODO_OIDC_USE_FULL_EMAIL=true
|
|
## Add additional trusted audiences for token claims verification.
|
|
## Supports comma separated list, and passing with _FILE (for compose secrets).
|
|
# KOMODO_OIDC_ADDITIONAL_AUDIENCES=abc,123 # Alt: KOMODO_OIDC_ADDITIONAL_AUDIENCES_FILE
|
|
|
|
## Github Oauth
|
|
KOMODO_GITHUB_OAUTH_ENABLED=false
|
|
# KOMODO_GITHUB_OAUTH_ID= # Alt: KOMODO_GITHUB_OAUTH_ID_FILE
|
|
# KOMODO_GITHUB_OAUTH_SECRET= # Alt: KOMODO_GITHUB_OAUTH_SECRET_FILE
|
|
|
|
## Google Oauth
|
|
KOMODO_GOOGLE_OAUTH_ENABLED=false
|
|
# KOMODO_GOOGLE_OAUTH_ID= # Alt: KOMODO_GOOGLE_OAUTH_ID_FILE
|
|
# KOMODO_GOOGLE_OAUTH_SECRET= # Alt: KOMODO_GOOGLE_OAUTH_SECRET_FILE
|
|
|
|
## Aws - Used to launch Builder instances.
|
|
KOMODO_AWS_ACCESS_KEY_ID= # Alt: KOMODO_AWS_ACCESS_KEY_ID_FILE
|
|
KOMODO_AWS_SECRET_ACCESS_KEY= # Alt: KOMODO_AWS_SECRET_ACCESS_KEY_FILE
|
|
|
|
## Prettier logging with empty lines between logs
|
|
KOMODO_LOGGING_PRETTY=false
|
|
## More human readable logging of startup config (multi-line)
|
|
KOMODO_PRETTY_STARTUP_CONFIG=false
|
|
|
|
#=------------------------------=#
|
|
#= Komodo Periphery Environment =#
|
|
#=------------------------------=#
|
|
|
|
## Full variable list + descriptions are available here:
|
|
## 🦎 https://github.com/moghtech/komodo/blob/main/config/periphery.config.toml 🦎
|
|
|
|
## Point Periphery to Core for connection
|
|
PERIPHERY_CORE_ADDRESS=ws://core:9120
|
|
## Use the same name as KOMODO_FIRST_SERVER_NAME to connect
|
|
PERIPHERY_CONNECT_AS=${KOMODO_FIRST_SERVER_NAME}
|
|
## Use the public key generated by Core.
|
|
PERIPHERY_CORE_PUBLIC_KEYS=file:/config/keys/core.pub
|
|
|
|
## Specify the root directory used by Periphery agent.
|
|
## All your compose files and repos need to be inside this directory
|
|
## for Periphery to interact with them.
|
|
## - ROOT_DIRECTORY (/etc/komodo)
|
|
## --- ./stacks
|
|
## ------ ./my_stack_1
|
|
## ------ ./my_stack_2
|
|
## --- ./repos
|
|
## ------ ./my_repo_1
|
|
## --- ./builds
|
|
PERIPHERY_ROOT_DIRECTORY=/etc/komodo
|
|
|
|
## Specify whether to disable the terminals feature
|
|
## and disallow remote shell access (inside the Periphery container).
|
|
PERIPHERY_DISABLE_TERMINALS=false
|
|
## Specify whether to disable the container exec / attach features
|
|
## and disallow remote container shell access.
|
|
PERIPHERY_DISABLE_CONTAINER_TERMINALS=false
|
|
|
|
## If the disk size is overreporting, can use one of these to
|
|
## whitelist / blacklist the disks to filter them, whichever is easier.
|
|
## Accepts comma separated list of paths.
|
|
## Usually whitelisting just /etc/hostname gives correct size.
|
|
PERIPHERY_INCLUDE_DISK_MOUNTS=/etc/hostname
|
|
# PERIPHERY_EXCLUDE_DISK_MOUNTS=/snap,/etc/repos
|
|
|
|
## Prettier logging with empty lines between logs
|
|
PERIPHERY_LOGGING_PRETTY=false
|
|
## More human readable logging of startup config (multi-line)
|
|
PERIPHERY_PRETTY_STARTUP_CONFIG=false
|