diff --git a/add_apps.json b/add_apps.json index eb8c4b461..1ff104033 100644 --- a/add_apps.json +++ b/add_apps.json @@ -1,15 +1,16 @@ [ { - "name": "safeline", - "trademark": "SafeLine", + "name": "databasus", + "trademark": "Databasus", "release": false, - "fork_url": "https://github.com/chaitin/SafeLine", - "version_from": "swr.cn-east-3.myhuaweicloud.com/chaitin-safeline/safeline-mgt-g", + "fork_url": "https://github.com/databasus/databasus", + "version_from": "https://hub.docker.com/r/databasus/databasus/tags", "edition": [ { "dist": "community", "version": [ - "9.3.2" + "v3.9.0", + "latest" ] } ], @@ -17,28 +18,7 @@ "cpu": "2", "memory": "4", "disk": "10", - "url": "https://safepoint.cloud" - } - }, - { - "name": "moltbot", - "trademark": "Moltbot", - "release": false, - "fork_url": "https://github.com/moltbot/moltbot", - "version_from": "ghcr.io/moltbot/clawdbot:main", - "edition": [ - { - "dist": "community", - "version": [ - "9.3.2" - ] - } - ], - "requirements": { - "cpu": "2", - "memory": "4", - "disk": "10", - "url": "https://clawd.bot" + "url": "https://databasus.com" } } ] \ No newline at end of file diff --git a/apps/databasus/.env b/apps/databasus/.env new file mode 100644 index 000000000..a6fc18c9b --- /dev/null +++ b/apps/databasus/.env @@ -0,0 +1,11 @@ +W9_REPO="databasus/databasus" +W9_DIST=community +W9_VERSION="latest" + +W9_HTTP_PORT_SET=9001 +W9_ID=databasus +W9_HTTP_PORT=4005 +W9_URL=internet_ip:$W9_HTTP_PORT_SET +W9_NETWORK=websoft9 + +#### ----------------------------------------------------------------------------------------- #### diff --git a/apps/moltbot/CHANGELOG.md b/apps/databasus/CHANGELOG.md similarity index 100% rename from apps/moltbot/CHANGELOG.md rename to apps/databasus/CHANGELOG.md diff --git a/apps/moltbot/Notes.md b/apps/databasus/Notes.md similarity index 100% rename from apps/moltbot/Notes.md rename to apps/databasus/Notes.md diff --git a/apps/databasus/docker-compose.yml b/apps/databasus/docker-compose.yml new file mode 100644 index 000000000..8560432fb --- /dev/null +++ b/apps/databasus/docker-compose.yml @@ -0,0 +1,20 @@ +# image,docs: https://databasus.com/installation + +services: + databasus: + image: $W9_REPO:$W9_VERSION + container_name: $W9_ID + env_file: .env + ports: + - "$W9_HTTP_PORT_SET:4005" + volumes: + - databasus-data:/databasus-data + restart: unless-stopped + +volumes: + databasus-data: + +networks: + default: + name: $W9_NETWORK + external: true diff --git a/apps/moltbot/src/README.md b/apps/databasus/src/README.md similarity index 100% rename from apps/moltbot/src/README.md rename to apps/databasus/src/README.md diff --git a/apps/databasus/src/nginx-proxy.conf.template b/apps/databasus/src/nginx-proxy.conf.template new file mode 100644 index 000000000..951364ffe --- /dev/null +++ b/apps/databasus/src/nginx-proxy.conf.template @@ -0,0 +1,57 @@ +proxy_busy_buffers_size 512k; +proxy_buffers 4 512k; +proxy_buffer_size 256k; +client_max_body_size 50m; +# override default location / +location / { + add_header X-Served-By $host; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Scheme $scheme; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; + proxy_pass $forward_scheme://$server:$port$request_uri; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection upgrade; + } + +location /console { + proxy_pass http://$server:8080; + proxy_http_version 1.1; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; +} + +# for echo some useful information +location / { + default_type text/plain; + return 200 'Hello World'; +} + +location /oida/ { +# this is the address and port of the ORDS installation +proxy_pass http://127.0.0.1:8080/ords/; + +# set Origin to blank to avoid Chrome problems with CORS +proxy_set_header Origin "" ; + +# pass along some header variables with the public host name/port/and so on +proxy_set_header Host $host; +proxy_set_header X-Forwarded-Host $host:$server_port; +proxy_set_header X-Real-IP $remote_addr; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Forwarded-Proto $scheme; + +# this reverse proxies any "location" headers being passed in the response +proxy_redirect http://$host/ords/ https://$host/oida/; + +# also tell cookies their public path +proxy_cookie_path /ords/ /oida/; + +# reverse proxy links included in response (ie from ORDS webservice) +sub_filter_types application/json ; +sub_filter http://$host/ords/ https://$host/oida/; +sub_filter_once off; +} diff --git a/apps/databasus/src/php_exra.ini b/apps/databasus/src/php_exra.ini new file mode 100644 index 000000000..b253d5718 --- /dev/null +++ b/apps/databasus/src/php_exra.ini @@ -0,0 +1,8 @@ +file_uploads = On +max_input_time = 800 +max_execution_time = 300 +memory_limit = 600M +upload_max_filesize = 900M +post_max_size = 900M +max_file_uploads = 200 +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT \ No newline at end of file diff --git a/apps/databasus/variables.json b/apps/databasus/variables.json new file mode 100644 index 000000000..d1bffd904 --- /dev/null +++ b/apps/databasus/variables.json @@ -0,0 +1,22 @@ +{ + "name": "databasus", + "trademark": "Databasus", + "release": false, + "fork_url": "https://github.com/databasus/databasus", + "version_from": "https://hub.docker.com/r/databasus/databasus/tags", + "edition": [ + { + "dist": "community", + "version": [ + "v3.9.0", + "latest" + ] + } + ], + "requirements": { + "cpu": "2", + "memory": "4", + "disk": "10", + "url": "https://databasus.com" + } +} diff --git a/apps/erpnext/.env b/apps/erpnext/.env index 8261a7409..7e42258b4 100644 --- a/apps/erpnext/.env +++ b/apps/erpnext/.env @@ -1,6 +1,7 @@ W9_REPO=frappe/erpnext W9_DIST=community -W9_VERSION=v15.34.1 +W9_VERSION=v16.7.3 +W9_HRMS_BRANCH=version-16 W9_ID=erpnext W9_POWER_PASSWORD=1PrMxExC45LsCT diff --git a/apps/erpnext/CHANGELOG.md b/apps/erpnext/CHANGELOG.md index 582cf46c5..3bc88aef0 100644 --- a/apps/erpnext/CHANGELOG.md +++ b/apps/erpnext/CHANGELOG.md @@ -1,5 +1,16 @@ -# CHANGELOG +# Changelog -## Release -### Fixes and Enhancements +All notable changes to this project will be documented in this file. + +The format is based on Keep a Changelog, and this project follows Semantic Versioning. + +## [16.0.0] - 2026-03-12 + +### Changed + +- Upgraded ERPNext to v16. + +### Added + +- Added the HR module introduced in ERPNext v16. diff --git a/apps/erpnext/Notes.md b/apps/erpnext/Notes.md index 7ce581796..346a83324 100644 --- a/apps/erpnext/Notes.md +++ b/apps/erpnext/Notes.md @@ -47,6 +47,11 @@ password: admin 这是怎么回事呢?通过官方的论坛中研究,发现这是文档更新不及时导致,也就是说overrides中的安装在文档中还没有体现,虽然它更具有效率。 +### 安装完成后执行命令,同步hrms资源,解决图片不显示 +``` +docker compose exec frontend bash -lc 'set -euxo pipefail; cd /home/frappe/frappe-bench; id; ls -ld apps/hrms/hrms/public; mkdir -p sites/assets/hrms; cp -a apps/hrms/hrms/public/. sites/assets/hrms/; ls -lah sites/assets/hrms; ls -lah sites/assets/hrms/images/frappe-hr-logo.svg' +``` + #### 与URL有关的变量有那些? ``` diff --git a/apps/erpnext/README.md b/apps/erpnext/README.md index c1702b342..7a3e0bdeb 100644 --- a/apps/erpnext/README.md +++ b/apps/erpnext/README.md @@ -3,7 +3,7 @@ This is an **[Docker Compose template](https://github.com/Websoft9/docker-library)** powered by [Websoft9](https://www.websoft9.com) based on Docker for ERPNext: - - community: v15, v14, v13 + - community: v16, v15, v14 ## System Requirements diff --git a/apps/erpnext/docker-compose.yml b/apps/erpnext/docker-compose.yml index 87b5e80e4..9bb9544ce 100644 --- a/apps/erpnext/docker-compose.yml +++ b/apps/erpnext/docker-compose.yml @@ -2,14 +2,17 @@ # new image: https://hub.docker.com/r/frappe/erpnext/tags # docs: https://github.com/frappe/frappe_docker/blob/main/pwd.yml -version: '3.8' - services: backend: image: $W9_REPO:$W9_VERSION container_name: $W9_ID-backend + depends_on: + create-site: + condition: service_completed_successfully restart: unless-stopped volumes: + - apps:/home/frappe/frappe-bench/apps + - env:/home/frappe/frappe-bench/env - sites:/home/frappe/frappe-bench/sites - logs:/home/frappe/frappe-bench/logs @@ -23,13 +26,7 @@ services: # add redis_socketio for backward compatibility command: - > - ls -1 apps > sites/apps.txt; - bench set-config -g db_host $$DB_HOST; - bench set-config -gp db_port $$DB_PORT; - bench set-config -g redis_cache "redis://$$REDIS_CACHE"; - bench set-config -g redis_queue "redis://$$REDIS_QUEUE"; - bench set-config -g redis_socketio "redis://$$REDIS_QUEUE"; - bench set-config -gp socketio_port $$SOCKETIO_PORT; + ls -1 apps > sites/apps.txt; bench set-config -g db_host $$DB_HOST; bench set-config -gp db_port $$DB_PORT; bench set-config -g redis_cache "redis://$$REDIS_CACHE"; bench set-config -g redis_queue "redis://$$REDIS_QUEUE"; bench set-config -g redis_socketio "redis://$$REDIS_QUEUE"; bench set-config -gp socketio_port $$SOCKETIO_PORT; environment: DB_HOST: $W9_ID-mariadb DB_PORT: "3306" @@ -37,6 +34,8 @@ services: REDIS_QUEUE: $W9_ID-redis-queue:6379 SOCKETIO_PORT: "9000" volumes: + - apps:/home/frappe/frappe-bench/apps + - env:/home/frappe/frappe-bench/env - sites:/home/frappe/frappe-bench/sites - logs:/home/frappe/frappe-bench/logs @@ -45,6 +44,8 @@ services: container_name: $W9_ID-create-site restart: none volumes: + - apps:/home/frappe/frappe-bench/apps + - env:/home/frappe/frappe-bench/env - sites:/home/frappe/frappe-bench/sites - logs:/home/frappe/frappe-bench/logs entrypoint: @@ -52,11 +53,7 @@ services: - -c command: - > - wait-for-it -t 120 $W9_ID-mariadb:3306; - wait-for-it -t 120 $W9_ID-redis-cache:6379; - wait-for-it -t 120 $W9_ID-redis-queue:6379; - export start=`date +%s`; - until [[ -n `grep -hs ^ sites/common_site_config.json | jq -r ".db_host // empty"` ]] && \ + set -e; wait-for-it -t 120 $W9_ID-mariadb:3306; wait-for-it -t 120 $W9_ID-redis-cache:6379; wait-for-it -t 120 $W9_ID-redis-queue:6379; export start=`date +%s`; until [[ -n `grep -hs ^ sites/common_site_config.json | jq -r ".db_host // empty"` ]] && \ [[ -n `grep -hs ^ sites/common_site_config.json | jq -r ".redis_cache // empty"` ]] && \ [[ -n `grep -hs ^ sites/common_site_config.json | jq -r ".redis_queue // empty"` ]]; do @@ -66,9 +63,24 @@ services: echo "could not find sites/common_site_config.json with required keys"; exit 1 fi - done; - echo "sites/common_site_config.json found"; - bench new-site --no-mariadb-socket --admin-password=$W9_LOGIN_PASSWORD --db-root-password=$W9_LOGIN_PASSWORD --install-app erpnext --set-default frontend; + done; echo "sites/common_site_config.json found"; if [ ! -d sites/frontend ]; then + bench new-site --mariadb-user-host-login-scope='%' --admin-password=$W9_LOGIN_PASSWORD --db-root-username=root --db-root-password=$W9_LOGIN_PASSWORD --install-app erpnext --set-default frontend; + else + echo "Site frontend already exists, skip new-site"; + fi; if [ ! -d apps/hrms ]; then + bench get-app --branch $W9_HRMS_BRANCH hrms; + fi; bench pip install -e apps/hrms; ls -1 apps > sites/apps.txt; if ! bench --site frontend list-apps | grep -qx hrms; then + bench --site frontend install-app hrms; + else + echo "HRMS already installed on frontend"; + fi; mkdir -p sites/assets; rm -rf sites/assets/hrms; cp -a /home/frappe/frappe-bench/apps/hrms/hrms/public sites/assets/hrms; if command -v node >/dev/null 2>&1; then + bench build --app hrms; + else + echo "node not found, skip bench build --app hrms"; + fi; if [ ! -f sites/assets/hrms/images/frappe-hr-logo.svg ]; then + echo "ERROR: HRMS asset missing after build: sites/assets/hrms/images/frappe-hr-logo.svg"; + exit 1; + fi; bench --site frontend migrate; bench --site frontend clear-cache; bench --site frontend clear-website-cache; mariadb: image: mariadb:$W9_DB_VERSION @@ -92,9 +104,12 @@ services: image: $W9_REPO:$W9_VERSION container_name: $W9_ID depends_on: - - websocket + create-site: + condition: service_completed_successfully + websocket: + condition: service_started restart: unless-stopped - env_file: + env_file: - .env command: - nginx-entrypoint.sh @@ -108,6 +123,8 @@ services: PROXY_READ_TIMEOUT: 120 CLIENT_MAX_BODY_SIZE: 50m volumes: + - apps:/home/frappe/frappe-bench/apps + - env:/home/frappe/frappe-bench/env - sites:/home/frappe/frappe-bench/sites - logs:/home/frappe/frappe-bench/logs ports: @@ -116,6 +133,9 @@ services: queue-long: image: $W9_REPO:$W9_VERSION container_name: $W9_ID-queue-long + depends_on: + create-site: + condition: service_completed_successfully restart: unless-stopped command: - bench @@ -123,12 +143,17 @@ services: - --queue - long,default,short volumes: + - apps:/home/frappe/frappe-bench/apps + - env:/home/frappe/frappe-bench/env - sites:/home/frappe/frappe-bench/sites - logs:/home/frappe/frappe-bench/logs queue-short: image: $W9_REPO:$W9_VERSION container_name: $W9_ID-queue-short + depends_on: + create-site: + condition: service_completed_successfully restart: unless-stopped command: - bench @@ -136,6 +161,8 @@ services: - --queue - short,default volumes: + - apps:/home/frappe/frappe-bench/apps + - env:/home/frappe/frappe-bench/env - sites:/home/frappe/frappe-bench/sites - logs:/home/frappe/frappe-bench/logs @@ -156,32 +183,45 @@ services: scheduler: image: $W9_REPO:$W9_VERSION container_name: $W9_ID-scheduler + depends_on: + create-site: + condition: service_completed_successfully restart: unless-stopped command: - bench - schedule volumes: + - apps:/home/frappe/frappe-bench/apps + - env:/home/frappe/frappe-bench/env - sites:/home/frappe/frappe-bench/sites - logs:/home/frappe/frappe-bench/logs websocket: image: $W9_REPO:$W9_VERSION container_name: $W9_ID-websocket + depends_on: + create-site: + condition: service_completed_successfully restart: unless-stopped command: - node - /home/frappe/frappe-bench/apps/frappe/socketio.js volumes: + - apps:/home/frappe/frappe-bench/apps + - env:/home/frappe/frappe-bench/env - sites:/home/frappe/frappe-bench/sites - logs:/home/frappe/frappe-bench/logs volumes: + apps: + env: db-data: redis-queue-data: redis-cache-data: sites: logs: + networks: default: name: $W9_NETWORK diff --git a/apps/erpnext/src/after_up.sh b/apps/erpnext/src/after_up.sh old mode 100644 new mode 100755 index 8b1378917..d3f5a12fa --- a/apps/erpnext/src/after_up.sh +++ b/apps/erpnext/src/after_up.sh @@ -1 +1 @@ - + diff --git a/apps/erpnext/src/compose.yaml b/apps/erpnext/src/compose.yaml old mode 100644 new mode 100755 index 2916c38e4..85f029319 --- a/apps/erpnext/src/compose.yaml +++ b/apps/erpnext/src/compose.yaml @@ -1,72 +1,72 @@ -x-depends-on-configurator: &depends_on_configurator - depends_on: - configurator: - condition: service_completed_successfully - -x-backend-defaults: &backend_defaults - <<: *depends_on_configurator - image: frappe/frappe-worker:${FRAPPE_VERSION:?No Frappe version set} - volumes: - - sites:/home/frappe/frappe-bench/sites - -services: - configurator: - <<: *backend_defaults - command: configure.py - environment: - DB_HOST: ${DB_HOST} - DB_PORT: ${DB_PORT} - REDIS_CACHE: ${REDIS_CACHE} - REDIS_QUEUE: ${REDIS_QUEUE} - REDIS_SOCKETIO: ${REDIS_SOCKETIO} - SOCKETIO_PORT: 9000 - depends_on: {} - - backend: - <<: *backend_defaults - volumes: - - sites:/home/frappe/frappe-bench/sites - - assets:/home/frappe/frappe-bench/sites/assets:ro - - frontend: - image: frappe/frappe-nginx:${FRAPPE_VERSION} - environment: - BACKEND: backend:8000 - SOCKETIO: websocket:9000 - FRAPPE_SITE_NAME_HEADER: ${FRAPPE_SITE_NAME_HEADER:-$$host} - UPSTREAM_REAL_IP_ADDRESS: ${UPSTREAM_REAL_IP_ADDRESS:-127.0.0.1} - UPSTREAM_REAL_IP_HEADER: ${UPSTREAM_REAL_IP_HEADER:-X-Forwarded-For} - UPSTREAM_REAL_IP_RECURSIVE: ${UPSTREAM_REAL_IP_RECURSIVE:-off} - volumes: - - sites:/usr/share/nginx/html/sites - - assets:/usr/share/nginx/html/assets - depends_on: - - backend - - websocket - - websocket: - <<: *depends_on_configurator - image: frappe/frappe-socketio:${FRAPPE_VERSION} - volumes: - - sites:/home/frappe/frappe-bench/sites - - queue-short: - <<: *backend_defaults - command: bench worker --queue short - - queue-default: - <<: *backend_defaults - command: bench worker --queue default - - queue-long: - <<: *backend_defaults - command: bench worker --queue long - - scheduler: - <<: *backend_defaults - command: bench schedule - -# ERPNext requires local assets access (Frappe does not) -volumes: - sites: - assets: +x-depends-on-configurator: &depends_on_configurator + depends_on: + configurator: + condition: service_completed_successfully + +x-backend-defaults: &backend_defaults + <<: *depends_on_configurator + image: frappe/frappe-worker:${FRAPPE_VERSION:?No Frappe version set} + volumes: + - sites:/home/frappe/frappe-bench/sites + +services: + configurator: + <<: *backend_defaults + command: configure.py + environment: + DB_HOST: ${DB_HOST} + DB_PORT: ${DB_PORT} + REDIS_CACHE: ${REDIS_CACHE} + REDIS_QUEUE: ${REDIS_QUEUE} + REDIS_SOCKETIO: ${REDIS_SOCKETIO} + SOCKETIO_PORT: 9000 + depends_on: {} + + backend: + <<: *backend_defaults + volumes: + - sites:/home/frappe/frappe-bench/sites + - assets:/home/frappe/frappe-bench/sites/assets:ro + + frontend: + image: frappe/frappe-nginx:${FRAPPE_VERSION} + environment: + BACKEND: backend:8000 + SOCKETIO: websocket:9000 + FRAPPE_SITE_NAME_HEADER: ${FRAPPE_SITE_NAME_HEADER:-$$host} + UPSTREAM_REAL_IP_ADDRESS: ${UPSTREAM_REAL_IP_ADDRESS:-127.0.0.1} + UPSTREAM_REAL_IP_HEADER: ${UPSTREAM_REAL_IP_HEADER:-X-Forwarded-For} + UPSTREAM_REAL_IP_RECURSIVE: ${UPSTREAM_REAL_IP_RECURSIVE:-off} + volumes: + - sites:/usr/share/nginx/html/sites + - assets:/usr/share/nginx/html/assets + depends_on: + - backend + - websocket + + websocket: + <<: *depends_on_configurator + image: frappe/frappe-socketio:${FRAPPE_VERSION} + volumes: + - sites:/home/frappe/frappe-bench/sites + + queue-short: + <<: *backend_defaults + command: bench worker --queue short + + queue-default: + <<: *backend_defaults + command: bench worker --queue default + + queue-long: + <<: *backend_defaults + command: bench worker --queue long + + scheduler: + <<: *backend_defaults + command: bench schedule + +# ERPNext requires local assets access (Frappe does not) +volumes: + sites: + assets: diff --git a/apps/erpnext/src/encrypt.sh b/apps/erpnext/src/encrypt.sh old mode 100644 new mode 100755 index 2939685f7..a669725de --- a/apps/erpnext/src/encrypt.sh +++ b/apps/erpnext/src/encrypt.sh @@ -1,12 +1,12 @@ -#!/bin/bash -export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin -clear - - - -# Add encrypt script below if use W9_ENCRYPT_PASSWORD at .env file -# ------------- start ------------------------- - - - -# ------------- end --------------------------- +#!/bin/bash +export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin +clear + + + +# Add encrypt script below if use W9_ENCRYPT_PASSWORD at .env file +# ------------- start ------------------------- + + + +# ------------- end --------------------------- diff --git a/apps/erpnext/src/example.env b/apps/erpnext/src/example.env old mode 100644 new mode 100755 index d12c8b72e..f90e74108 --- a/apps/erpnext/src/example.env +++ b/apps/erpnext/src/example.env @@ -1,40 +1,40 @@ -# Reference: https://github.com/frappe/frappe_docker/blob/main/docs/images-and-compose-files.md - -FRAPPE_VERSION=v13.30.0 - -# Only with ERPNext override -ERPNEXT_VERSION=v13.31.1 - -DB_PASSWORD=123 - -# Only if you use external database -DB_HOST= -DB_PORT= - -# Only if you use external Redis -REDIS_CACHE= -REDIS_QUEUE= -REDIS_SOCKETIO= - -# Only with HTTPS override -LETSENCRYPT_EMAIL=mail@example.com - -# These environment variables are not required. - -# Default value is `$$host` which resolves site by host. For example, if your host is `example.com`, -# site's name should be `example.com`, or if host is `127.0.0.1` (local debugging), it should be `127.0.0.1`. -# This variable allows to override described behavior. Let's say you create site named `mysite` -# and do want to access it by `127.0.0.1` host. Than you would set this variable to `mysite`. -FRAPPE_SITE_NAME_HEADER= - -# Default value is `127.0.0.1`. Set IP address as our trusted upstream address. -UPSTREAM_REAL_IP_ADDRESS= - -# Default value is `X-Forwarded-For`. Set request header field whose value will be used to replace the client address -UPSTREAM_REAL_IP_HEADER= - -# Allowed values are on|off. Default value is `off`. If recursive search is disabled, -# the original client address that matches one of the trusted addresses -# is replaced by the last address sent in the request header field defined by the real_ip_header directive. -# If recursive search is enabled, the original client address that matches one of the trusted addresses is replaced by the last non-trusted address sent in the request header field. +# Reference: https://github.com/frappe/frappe_docker/blob/main/docs/images-and-compose-files.md + +FRAPPE_VERSION=v13.30.0 + +# Only with ERPNext override +ERPNEXT_VERSION=v13.31.1 + +DB_PASSWORD=123 + +# Only if you use external database +DB_HOST= +DB_PORT= + +# Only if you use external Redis +REDIS_CACHE= +REDIS_QUEUE= +REDIS_SOCKETIO= + +# Only with HTTPS override +LETSENCRYPT_EMAIL=mail@example.com + +# These environment variables are not required. + +# Default value is `$$host` which resolves site by host. For example, if your host is `example.com`, +# site's name should be `example.com`, or if host is `127.0.0.1` (local debugging), it should be `127.0.0.1`. +# This variable allows to override described behavior. Let's say you create site named `mysite` +# and do want to access it by `127.0.0.1` host. Than you would set this variable to `mysite`. +FRAPPE_SITE_NAME_HEADER= + +# Default value is `127.0.0.1`. Set IP address as our trusted upstream address. +UPSTREAM_REAL_IP_ADDRESS= + +# Default value is `X-Forwarded-For`. Set request header field whose value will be used to replace the client address +UPSTREAM_REAL_IP_HEADER= + +# Allowed values are on|off. Default value is `off`. If recursive search is disabled, +# the original client address that matches one of the trusted addresses +# is replaced by the last address sent in the request header field defined by the real_ip_header directive. +# If recursive search is enabled, the original client address that matches one of the trusted addresses is replaced by the last non-trusted address sent in the request header field. UPSTREAM_REAL_IP_RECURSIVE= \ No newline at end of file diff --git a/apps/erpnext/src/filelist b/apps/erpnext/src/filelist old mode 100644 new mode 100755 index fc69f9a8b..60e982b6f --- a/apps/erpnext/src/filelist +++ b/apps/erpnext/src/filelist @@ -1,4 +1,4 @@ -# https://github.com/frappe/frappe_docker -compose.yaml -example.env +# https://github.com/frappe/frappe_docker +compose.yaml +example.env overrides \ No newline at end of file diff --git a/apps/erpnext/src/get_version.sh b/apps/erpnext/src/get_version.sh old mode 100644 new mode 100755 index c3f99f457..a6429db8b --- a/apps/erpnext/src/get_version.sh +++ b/apps/erpnext/src/get_version.sh @@ -1 +1 @@ -sudo echo "erpnext version:" $(docker exec -i erpnext cat /home/frappe/frappe-bench/apps/erpnext/erpnext/__init__.py|grep version |cut -d "=" -f2) 1>> /data/logs/install_version.txt +sudo echo "erpnext version:" $(docker exec -i erpnext cat /home/frappe/frappe-bench/apps/erpnext/erpnext/__init__.py|grep version |cut -d "=" -f2) 1>> /data/logs/install_version.txt diff --git a/apps/erpnext/src/overrides/compose.erpnext.yaml b/apps/erpnext/src/overrides/compose.erpnext.yaml old mode 100644 new mode 100755 index 36f10ad62..a82d35abb --- a/apps/erpnext/src/overrides/compose.erpnext.yaml +++ b/apps/erpnext/src/overrides/compose.erpnext.yaml @@ -1,24 +1,24 @@ -x-erpnext-backend-image: &erpnext_backend_image - image: frappe/erpnext-worker:${ERPNEXT_VERSION:?No ERPNext version set} - -services: - configurator: - <<: *erpnext_backend_image - - backend: - <<: *erpnext_backend_image - - frontend: - image: frappe/erpnext-nginx:${ERPNEXT_VERSION} - - queue-short: - <<: *erpnext_backend_image - - queue-default: - <<: *erpnext_backend_image - - queue-long: - <<: *erpnext_backend_image - - scheduler: - <<: *erpnext_backend_image +x-erpnext-backend-image: &erpnext_backend_image + image: frappe/erpnext-worker:${ERPNEXT_VERSION:?No ERPNext version set} + +services: + configurator: + <<: *erpnext_backend_image + + backend: + <<: *erpnext_backend_image + + frontend: + image: frappe/erpnext-nginx:${ERPNEXT_VERSION} + + queue-short: + <<: *erpnext_backend_image + + queue-default: + <<: *erpnext_backend_image + + queue-long: + <<: *erpnext_backend_image + + scheduler: + <<: *erpnext_backend_image diff --git a/apps/erpnext/src/overrides/compose.mariadb.yaml b/apps/erpnext/src/overrides/compose.mariadb.yaml old mode 100644 new mode 100755 index cd719b621..4592d5f58 --- a/apps/erpnext/src/overrides/compose.mariadb.yaml +++ b/apps/erpnext/src/overrides/compose.mariadb.yaml @@ -1,27 +1,27 @@ -services: - configurator: - environment: - DB_HOST: db - DB_PORT: 3306 - depends_on: - db: - condition: service_healthy - - db: - image: mariadb:10.6 - healthcheck: - test: mysqladmin ping -h localhost --password=${DB_PASSWORD} - interval: 1s - retries: 15 - command: - - --character-set-server=utf8mb4 - - --collation-server=utf8mb4_unicode_ci - - --skip-character-set-client-handshake - - --skip-innodb-read-only-compressed # Temporary fix for MariaDB 10.6 - environment: - MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?No db password set} - volumes: - - db-data:/var/lib/mysql - -volumes: - db-data: +services: + configurator: + environment: + DB_HOST: db + DB_PORT: 3306 + depends_on: + db: + condition: service_healthy + + db: + image: mariadb:10.6 + healthcheck: + test: mysqladmin ping -h localhost --password=${DB_PASSWORD} + interval: 1s + retries: 15 + command: + - --character-set-server=utf8mb4 + - --collation-server=utf8mb4_unicode_ci + - --skip-character-set-client-handshake + - --skip-innodb-read-only-compressed # Temporary fix for MariaDB 10.6 + environment: + MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?No db password set} + volumes: + - db-data:/var/lib/mysql + +volumes: + db-data: diff --git a/apps/erpnext/src/overrides/compose.noproxy.yaml b/apps/erpnext/src/overrides/compose.noproxy.yaml old mode 100644 new mode 100755 index 5c4f83c0e..599005eb5 --- a/apps/erpnext/src/overrides/compose.noproxy.yaml +++ b/apps/erpnext/src/overrides/compose.noproxy.yaml @@ -1,4 +1,4 @@ -services: - frontend: - ports: - - 8080:8080 +services: + frontend: + ports: + - 8080:8080 diff --git a/apps/erpnext/src/overrides/compose.redis.yaml b/apps/erpnext/src/overrides/compose.redis.yaml old mode 100644 new mode 100755 index 5bd3a0aa8..43a5ff828 --- a/apps/erpnext/src/overrides/compose.redis.yaml +++ b/apps/erpnext/src/overrides/compose.redis.yaml @@ -1,16 +1,16 @@ -services: - configurator: - environment: - REDIS_CACHE: redis:6379/0 - REDIS_QUEUE: redis:6379/1 - REDIS_SOCKETIO: redis:6379/2 - depends_on: - - redis - - redis: - image: redis:6.2-alpine - volumes: - - redis-data:/data - -volumes: - redis-data: +services: + configurator: + environment: + REDIS_CACHE: redis:6379/0 + REDIS_QUEUE: redis:6379/1 + REDIS_SOCKETIO: redis:6379/2 + depends_on: + - redis + + redis: + image: redis:6.2-alpine + volumes: + - redis-data:/data + +volumes: + redis-data: diff --git a/apps/erpnext/variables.json b/apps/erpnext/variables.json index 34f70353b..1c45dab89 100644 --- a/apps/erpnext/variables.json +++ b/apps/erpnext/variables.json @@ -8,9 +8,9 @@ { "dist": "community", "version": [ + "v16", "v15", - "v14", - "v13" + "v14" ] } ], @@ -20,4 +20,4 @@ "disk": "1", "url": "https://github.com/frappe/bench" } -} +} \ No newline at end of file diff --git a/apps/kafka/.env b/apps/kafka/.env index 61221429b..550696d05 100644 --- a/apps/kafka/.env +++ b/apps/kafka/.env @@ -1,18 +1,29 @@ -W9_DIST='community' -W9_REPO=bitnamilegacy/kafka -W9_VERSION='4.0' -W9_POWER_PASSWORD='5xd!n4MoJl8OBI2f' +W9_REPO=apache/kafka +W9_DIST=community +W9_VERSION=4.0.1 +W9_POWER_PASSWORD=5xd!n4MoJl8OBI2f +W9_DB_KAFKA_PORT_SET=9092 + #### -- Not allowed to edit below environments when recreate app based on existing data -- #### -W9_ID='kafka' -W9_DB_KAFKA_PORT_SET='9092' +W9_ID=kafka W9_DB_KAFKA_PORT=9092 W9_NETWORK=websoft9 #### --------------------------------------------------------------------------------------- #### -# kafka env: https://github.com/bitnami/containers/blob/main/bitnami/kafka/README.md -KAFKA_CFG_NODE_ID=0 -KAFKA_CFG_PROCESS_ROLES=controller,broker -KAFKA_CFG_LISTENERS=PLAINTEXT://:9092,CONTROLLER://:9093 -KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT -KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=0@kafka:9093 -KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER +# kafka env: https://github.com/apache/kafka/tree/trunk/docker/examples +# KAFKA_ADVERTISED_LISTENERS: change "localhost" to your server IP for remote client access +CLUSTER_ID=4L6g3nShT-eMCtK--X86sw +KAFKA_NODE_ID=1 +KAFKA_PROCESS_ROLES=broker,controller +KAFKA_LISTENERS=CONTROLLER://:29093,PLAINTEXT_HOST://:9092,PLAINTEXT://:19092 +KAFKA_ADVERTISED_LISTENERS=PLAINTEXT_HOST://localhost:9092,PLAINTEXT://kafka:19092 +KAFKA_LISTENER_SECURITY_PROTOCOL_MAP=CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT +KAFKA_CONTROLLER_QUORUM_VOTERS=1@kafka:29093 +KAFKA_CONTROLLER_LISTENER_NAMES=CONTROLLER +KAFKA_INTER_BROKER_LISTENER_NAME=PLAINTEXT +KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR=1 +KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS=0 +KAFKA_TRANSACTION_STATE_LOG_MIN_ISR=1 +KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR=1 +KAFKA_SHARE_COORDINATOR_STATE_TOPIC_REPLICATION_FACTOR=1 +KAFKA_SHARE_COORDINATOR_STATE_TOPIC_MIN_ISR=1 diff --git a/apps/kafka/CHANGELOG.md b/apps/kafka/CHANGELOG.md index a0cf709bc..5c58bfc47 100644 --- a/apps/kafka/CHANGELOG.md +++ b/apps/kafka/CHANGELOG.md @@ -1 +1,5 @@ # CHANGELOG + +## 4.0.1 +- Migrated from `bitnamilegacy/kafka` to official `apache/kafka` image +- Updated supported versions: `4.0.1`, `3.9.2`, `3.8.1`, `3.7.2` diff --git a/apps/kafka/README.md b/apps/kafka/README.md index 3140d83f3..81a2f02ee 100644 --- a/apps/kafka/README.md +++ b/apps/kafka/README.md @@ -3,7 +3,7 @@ This is an **[Docker Compose template](https://github.com/Websoft9/docker-library)** powered by [Websoft9](https://www.websoft9.com) based on Docker for Kafka: - - community: 4.0, 3.9, 3.8, 3.6, 3.2, 2.8, latest + - community: 4.0.1, 3.9.2, 3.8.1, 3.7.2 ## System Requirements diff --git a/apps/kafka/docker-compose.yml b/apps/kafka/docker-compose.yml index bc3207d78..aba3793f1 100644 --- a/apps/kafka/docker-compose.yml +++ b/apps/kafka/docker-compose.yml @@ -1,18 +1,33 @@ -# kafka image: https://hub.docker.com/r/bitnamilegacy/kafka - -version: "3.8" +# kafka image: https://hub.docker.com/r/apache/kafka services: kafka: image: $W9_REPO:$W9_VERSION container_name: $W9_ID + hostname: $W9_ID restart: unless-stopped ports: - - "$W9_DB_PORT_SET:9092" - env_file: - - .env + - "$W9_DB_KAFKA_PORT_SET:9092" + env_file: .env + environment: + CLUSTER_ID: ${CLUSTER_ID} + KAFKA_NODE_ID: ${KAFKA_NODE_ID} + KAFKA_PROCESS_ROLES: ${KAFKA_PROCESS_ROLES} + KAFKA_LISTENERS: ${KAFKA_LISTENERS} + KAFKA_ADVERTISED_LISTENERS: ${KAFKA_ADVERTISED_LISTENERS} + KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: ${KAFKA_LISTENER_SECURITY_PROTOCOL_MAP} + KAFKA_CONTROLLER_QUORUM_VOTERS: ${KAFKA_CONTROLLER_QUORUM_VOTERS} + KAFKA_CONTROLLER_LISTENER_NAMES: ${KAFKA_CONTROLLER_LISTENER_NAMES} + KAFKA_INTER_BROKER_LISTENER_NAME: ${KAFKA_INTER_BROKER_LISTENER_NAME} + KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: ${KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR} + KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: ${KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS} + KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: ${KAFKA_TRANSACTION_STATE_LOG_MIN_ISR} + KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: ${KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR} + KAFKA_SHARE_COORDINATOR_STATE_TOPIC_REPLICATION_FACTOR: ${KAFKA_SHARE_COORDINATOR_STATE_TOPIC_REPLICATION_FACTOR} + KAFKA_SHARE_COORDINATOR_STATE_TOPIC_MIN_ISR: ${KAFKA_SHARE_COORDINATOR_STATE_TOPIC_MIN_ISR} + KAFKA_LOG_DIRS: /var/lib/kafka/data volumes: - - "kafka_data:/bitnami" + - kafka_data:/var/lib/kafka/data volumes: kafka_data: diff --git a/apps/kafka/variables.json b/apps/kafka/variables.json index 96a52805a..6d80945b4 100644 --- a/apps/kafka/variables.json +++ b/apps/kafka/variables.json @@ -2,12 +2,17 @@ "name": "kafka", "trademark": "Kafka", "release": true, - "fork_url": "https://github.com/bitnami/bitnami-docker-kafka", - "version_from": "https://hub.docker.com/r/bitnami/kafka/tags", + "fork_url": "https://github.com/apache/kafka", + "version_from": "https://hub.docker.com/r/apache/kafka/tags", "edition": [ { "dist": "community", - "version": ["4.0","3.9","3.8","3.6","3.2","2.8","latest"] + "version": [ + "4.0.1", + "3.9.2", + "3.8.1", + "3.7.2" + ] } ], "requirements": { @@ -16,4 +21,4 @@ "disk": "1", "url": "http://kafka.apache.org/quickstart" } -} +} \ No newline at end of file diff --git a/apps/moltbot/.env b/apps/moltbot/.env deleted file mode 100644 index 5c7b8ff60..000000000 --- a/apps/moltbot/.env +++ /dev/null @@ -1,53 +0,0 @@ -W9_REPO="wordpress" -W9_DIST=community -W9_VERSION="latest" - -W9_POWER_PASSWORD="1PrMxExC45LsCT" - -# Environments which for user settings when create application -# Named expression: W9_xxx_xxx_SET, xxx refer to file fields -W9_HTTP_PORT_SET=9001 -# W9_HTTPS_PORT_SET=9002 -# W9_DB_PORT_SET=3306 -# W9_SSH_PORT_SET=23 -W9_KEY_SET="dfsjdkjf77xjxcjcj" - -#### -- Not allowed to edit below environments when recreate app based on existing data -- #### - -W9_ID=moltbot - -# W9_HTTP_PORT or W9_HTTPS_PORT is need at leaset and used for proxy for web application -# Some container (e.g teleport) need HTTPS access, then need to set this pra -W9_HTTP_PORT=80 -W9_HTTPS_PORT=81 - -W9_LOGIN_USER=admin -# use https://1password.com/zh-cn/password-generator/ to genarate 14 bit password -# this password can also use password file -W9_LOGIN_PASSWORD=$W9_POWER_PASSWORD -W9_ADMIN_PATH="/wp-login" - -# Container name's suffix must use one of the value -W9_DB_EXPOSE="mysql,postgresql,mariadb,mongodb,redis" - -# It is used when the application APP needs to set an external URL, which can be IP(or domain), IP:PORT -# If have protocols, should be set it in the APP's ENV -W9_URL=internet_ip:$W9_HTTP_PORT_SET -# modifies W9_URL on init when it is true -W9_URL_REPLACE=true - -W9_NETWORK=websoft9 - -#### ----------------------------------------------------------------------------------------- #### - - -# Below environment is created by this app - -WORDPRESS_DB_HOST=$W9_ID-mariadb -WORDPRESS_DB_USER=wordpress #if use postgresql, it need set to postgres -WORDPRESS_DB_PASSWORD=$W9_POWER_PASSWORD -WORDPRESS_DB_NAME=wordpress - - -#W9_NAME="" -#W9_RCODE="" \ No newline at end of file diff --git a/apps/moltbot/docker-compose.yml b/apps/moltbot/docker-compose.yml deleted file mode 100644 index 1c1948688..000000000 --- a/apps/moltbot/docker-compose.yml +++ /dev/null @@ -1,50 +0,0 @@ -# image,docs: https://hub.docker.com/_/wordpress/ - -services: - - wordpress: - image: $W9_REPO:$W9_VERSION - container_name: $W9_ID - restart: unless-stopped - #This is for access host from container - # extra_hosts: ["host.docker.internal:host-gateway"] - # command: | - # /bin/bash -c "ping -c 3 host.docker.internal" - logging: - driver: "json-file" - options: - max-file: "5" - max-size: 10m - deploy: - resources: - limits: - memory: 5g - cpus: '0.7' - ports: - - $W9_HTTP_PORT_SET:80 - env_file: .env - volumes: - - wordpress:/var/www/html - - ./src/php_exra.ini:/usr/local/etc/php/conf.d/php_exra.ini - - mariadb: - image: mariadb:10.4 - container_name: $W9_ID-mariadb - restart: unless-stopped - command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --innodb_log_buffer_size=30M - volumes: - - mysql_data:/var/lib/mysql - environment: - MYSQL_DATABASE: $WORDPRESS_DB_NAME - MYSQL_USER: $WORDPRESS_DB_USER - MYSQL_PASSWORD: $W9_POWER_PASSWORD - MYSQL_ROOT_PASSWORD: $W9_POWER_PASSWORD - -volumes: - wordpress: - mysql_data: - -networks: - default: - name: $W9_NETWORK - external: true diff --git a/apps/moltbot/variables.json b/apps/moltbot/variables.json deleted file mode 100644 index 629a52117..000000000 --- a/apps/moltbot/variables.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "name": "moltbot", - "trademark": "Moltbot", - "release": false, - "fork_url": "https://github.com/moltbot/moltbot", - "version_from": "ghcr.io/moltbot/clawdbot:main", - "edition": [ - { - "dist": "community", - "version": [ - "latest" - ] - } - ], - "requirements": { - "cpu": "2", - "memory": "4", - "disk": "10", - "url": "https://clawd.bot" - } -} diff --git a/apps/moodle/.env b/apps/moodle/.env index b7b52e447..370f128bd 100644 --- a/apps/moodle/.env +++ b/apps/moodle/.env @@ -1,30 +1,16 @@ W9_POWER_PASSWORD='mCjG5CnUKA!GsOXK' -W9_VERSION='5.0' +W9_VERSION='5.1.1' W9_DIST='community' -W9_REPO=bitnamilegacy/moodle +W9_REPO=websoft9dev/moodle #### -- Not allowed to edit below environments when recreate app based on existing data -- #### W9_ID='moodle' -W9_HTTP_PORT=8080 +W9_HTTP_PORT=80 W9_HTTP_PORT_SET='9001' W9_URL='appname.example.com' -W9_LOGIN_USER=admin -W9_LOGIN_PASSWORD=$W9_POWER_PASSWORD +W9_URL_REPLACE=true W9_DB_EXPOSE="mariadb" W9_MARIADB_VERSION="11.4" W9_DIST='community' W9_NETWORK=websoft9 #### --------------------------------------------------------------------------------------- #### - - -# below envs is from Bitnami Moodle - -MOODLE_EMAIL=user@example.com -PHP_ENABLE_OPCACHE=true -PHP_MAX_EXECUTION_TIME=300 -PHP_MAX_INPUT_TIME=800 -# if set this param, moodle container always restart -#PHP_MAX_INPUT_VARS=2000 -PHP_MEMORY_LIMIT=600M -PHP_POST_MAX_SIZE=900M -PHP_UPLOAD_MAX_FILESIZE=900M diff --git a/apps/moodle/Notes.md b/apps/moodle/Notes.md index f8ed8ae63..e363a94f3 100644 --- a/apps/moodle/Notes.md +++ b/apps/moodle/Notes.md @@ -1,6 +1,158 @@ ## About -This repository is forked from ONLYOFFICE/Docker-CommunityServer, we have the following modifications are provided +Moodle Docker deployment with MariaDB support. -* replace README.md -* add README-zh.md, CHANGELOG.md, Note.md, License.md, docker-compose.yml,.env, src, .github folder +## URL Configuration + +### Changing from IP to Domain + +When you need to change from IP access to domain access, you need to update both the config file and database: + +1. **Update config.php** (in container `/var/www/html/config.php`): +```bash +docker exec -it moodle sed -i "s|http://.*';|http://your-domain.com';|g" /var/www/html/config.php +``` + +2. **Update database**: +```bash +docker exec -it moodle-mariadb mariadb -umoodle -p moodle -e "UPDATE mdl_config SET value = 'http://your-domain.com' WHERE name = 'wwwroot';" +``` + +3. **Clear Moodle cache**: +```bash +docker exec -it moodle php /var/www/html/admin/cli/purge_caches.php +``` + +### HTTPS Configuration with Reverse Proxy + +If you encounter **infinite redirect loop** after configuring HTTPS certificate (via Nginx Proxy Manager), you need to configure Moodle to work behind a reverse proxy. + +**Problem**: +- config.php has `$CFG->wwwroot = 'http://domain.com';` +- User accesses via HTTPS +- Moodle detects protocol mismatch and redirects infinitely + +**Solution**: Add reverse proxy configuration to `/var/www/html/config.php`: + +```bash +# Enter the container +docker exec -it moodle bash + +# Edit config.php and add these lines BEFORE require_once(): +vi /var/www/html/config.php +``` + +Add the following configuration **BEFORE** the `require_once(__DIR__ . '/lib/setup.php');` line: + +```php +// HTTPS Reverse Proxy Configuration +$CFG->wwwroot = 'https://safeline.websoft9.cn'; // Change to HTTPS + +// Force HTTPS when behind reverse proxy +if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') { + $_SERVER['HTTPS'] = 'on'; + $_SERVER['SERVER_PORT'] = 443; +} + +// Alternative: Force HTTPS for all requests +// $CFG->reverseproxy = true; +// $_SERVER['HTTPS'] = 'on'; +``` + +**Complete config.php example**: + +```php +dbtype = 'mariadb'; +$CFG->dblibrary = 'native'; +$CFG->dbhost = 'moodle_edf5j-mariadb'; +$CFG->dbname = 'moodle'; +$CFG->dbuser = 'moodle'; +$CFG->dbpass = 'qB!5Glu37szh1bUd'; +$CFG->prefix = 'mdl_'; +$CFG->dboptions = array( + 'dbpersist' => 0, + 'dbport' => '3306', + 'dbsocket' => '', + 'dbcollation' => 'utf8mb4_unicode_ci', +); + +// IMPORTANT: Change to HTTPS +$CFG->wwwroot = 'https://safeline.websoft9.cn'; +$CFG->dataroot = '/var/moodledata'; +$CFG->admin = 'admin'; + +$CFG->directorypermissions = 0777; + +// HTTPS Reverse Proxy Support +if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') { + $_SERVER['HTTPS'] = 'on'; + $_SERVER['SERVER_PORT'] = 443; +} + +require_once(__DIR__ . '/lib/setup.php'); + +// There is no php closing tag in this file, +// it is intentional because it prevents trailing whitespace problems! +``` + +**Quick Fix Command**: + +```bash +# Method 1: Edit manually +docker exec -it moodle vi /var/www/html/config.php + +# Method 2: Use sed to update URL to HTTPS +docker exec -it moodle sed -i "s|http://safeline.websoft9.cn|https://safeline.websoft9.cn|g" /var/www/html/config.php + +# Then add reverse proxy config (manual edit required) +docker exec -it moodle vi /var/www/html/config.php +# Add the HTTP_X_FORWARDED_PROTO check before require_once() +``` + +**Update database** (also change to HTTPS): + +```bash +docker exec -it moodle_edf5j-mariadb mariadb -umoodle -pqB\!5Glu37szh1bUd moodle -e "UPDATE mdl_config SET value = 'https://safeline.websoft9.cn' WHERE name = 'wwwroot';" +``` + +**Clear cache**: + +```bash +docker exec -it moodle php /var/www/html/admin/cli/purge_caches.php +``` + +### Verify Nginx Proxy Manager Configuration + +Ensure your Nginx Proxy Manager has these settings: + +1. **SSL Certificate**: Valid and properly configured +2. **Force SSL**: Enabled +3. **Custom Nginx Configuration** (Advanced tab): + +```nginx +# Ensure these headers are passed to backend +proxy_set_header X-Forwarded-Proto $scheme; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Real-IP $remote_addr; +proxy_set_header Host $host; +``` + +## Troubleshooting + +### Issue: Infinite Redirect Loop +- **Cause**: Protocol mismatch between config.php (http) and actual access (https) +- **Solution**: Change `$CFG->wwwroot` to HTTPS and add reverse proxy support + +### Issue: "Site not secure" warning +- **Cause**: Mixed content (HTTP resources on HTTPS page) +- **Solution**: Ensure `$CFG->wwwroot` uses HTTPS + +### Issue: Session errors +- **Cause**: Cookie domain mismatch +- **Solution**: Clear browser cookies and cache after changing URL diff --git a/apps/moodle/docker-compose-custom.yml b/apps/moodle/docker-compose-custom.yml deleted file mode 100644 index 4439e9bd9..000000000 --- a/apps/moodle/docker-compose-custom.yml +++ /dev/null @@ -1,76 +0,0 @@ -# Custom Moodle with php:apache base image -# Official installation guide: https://docs.moodle.org/501/en/Installation_quick_guide - -version: "3.8" - -services: - moodle: - build: - context: . - dockerfile: Dockerfile - image: websoft9dev/moodle:${W9_VERSION} - container_name: ${W9_ID} - restart: unless-stopped - environment: - # Database configuration - - MOODLE_DB_TYPE=mariadb - - MOODLE_DB_HOST=${W9_ID}-mariadb - - MOODLE_DB_PORT=3306 - - MOODLE_DB_NAME=moodle - - MOODLE_DB_USER=moodle - - MOODLE_DB_PASSWORD=${W9_POWER_PASSWORD} - # Site configuration - - MOODLE_URL=http://${W9_URL} - - MOODLE_SITE_NAME=Moodle Learning Platform - - MOODLE_SITE_SHORT=Moodle - # Admin account - - MOODLE_ADMIN_USER=${W9_LOGIN_USER} - - MOODLE_ADMIN_PASSWORD=${W9_LOGIN_PASSWORD} - - MOODLE_ADMIN_EMAIL=${MOODLE_EMAIL} - # Data directory - - MOODLE_DATA=/var/moodledata - ports: - - "${W9_HTTP_PORT_SET}:80" - volumes: - - moodle_html:/var/www/html - - moodle_data:/var/moodledata - depends_on: - mariadb: - condition: service_healthy - networks: - - default - - mariadb: - image: mariadb:${W9_MARIADB_VERSION} - container_name: ${W9_ID}-mariadb - restart: unless-stopped - environment: - - MYSQL_ROOT_PASSWORD=${W9_POWER_PASSWORD} - - MYSQL_DATABASE=moodle - - MYSQL_USER=moodle - - MYSQL_PASSWORD=${W9_POWER_PASSWORD} - command: > - --character-set-server=utf8mb4 - --collation-server=utf8mb4_unicode_ci - --max_allowed_packet=512M - --innodb_buffer_pool_size=512M - --innodb_log_file_size=256M - volumes: - - mariadb_data:/var/lib/mysql - healthcheck: - test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"] - interval: 10s - timeout: 5s - retries: 5 - networks: - - default - -volumes: - moodle_html: - moodle_data: - mariadb_data: - -networks: - default: - name: ${W9_NETWORK} - external: true diff --git a/apps/moodle/docker-compose.yml b/apps/moodle/docker-compose.yml index c99503ed4..c4beb5831 100644 --- a/apps/moodle/docker-compose.yml +++ b/apps/moodle/docker-compose.yml @@ -1,5 +1,5 @@ -# image: https://hub.docker.com/r/bitnami/moodle -# compose: https://github.com/bitnami/containers/blob/main/bitnami/moodle/docker-compose.yml +# Custom Moodle with php:apache base image +# Official installation guide: https://docs.moodle.org/501/en/Installation_quick_guide version: "3.8" @@ -8,46 +8,59 @@ services: image: ${W9_REPO}:${W9_VERSION} container_name: ${W9_ID} restart: unless-stopped + env_file: .env environment: - - ALLOW_EMPTY_PASSWORD=no - - MOODLE_DATABASE_HOST=${W9_ID}-mariadb - - MOODLE_DATABASE_PORT_NUMBER=3306 - - MOODLE_DATABASE_USER=moodle - - MOODLE_DATABASE_PASSWORD=${W9_POWER_PASSWORD} - - MOODLE_DATABASE_NAME=moodle - - MOODLE_USERNAME=${W9_LOGIN_USER} - - MOODLE_PASSWORD=${W9_LOGIN_PASSWORD} + # Database configuration + - MOODLE_DB_TYPE=mariadb + - MOODLE_DB_HOST=${W9_ID}-mariadb + - MOODLE_DB_PORT=3306 + - MOODLE_DB_NAME=moodle + - MOODLE_DB_USER=moodle + - MOODLE_DB_PASSWORD=${W9_POWER_PASSWORD} + # Site configuration + - MOODLE_URL=http://${W9_URL} + - MOODLE_SITE_NAME=Moodle Learning Platform + - MOODLE_SITE_SHORT=Moodle + # Data directory + - MOODLE_DATA=/var/moodledata ports: - - "${W9_HTTP_PORT_SET}:${W9_HTTP_PORT}" - env_file: - - .env + - "${W9_HTTP_PORT_SET}:80" volumes: - - "moodle_data:/bitnami/moodle" - - "moodledata_data:/bitnami/moodledata" + - moodle_html:/var/www/html + - moodle_data:/var/moodledata depends_on: - - mariadb + mariadb: + condition: service_healthy mariadb: - image: bitnamilegacy/mariadb:$W9_MARIADB_VERSION + image: mariadb:${W9_MARIADB_VERSION} container_name: ${W9_ID}-mariadb restart: unless-stopped environment: - - ALLOW_EMPTY_PASSWORD=no - - MARIADB_USER=moodle - - MARIADB_PASSWORD=${W9_POWER_PASSWORD} - - MARIADB_ROOT_PASSWORD=${W9_POWER_PASSWORD} - - MARIADB_DATABASE=moodle - - MARIADB_CHARACTER_SET=utf8mb4 - - MARIADB_COLLATE=utf8mb4_unicode_ci + - MYSQL_ROOT_PASSWORD=${W9_POWER_PASSWORD} + - MYSQL_DATABASE=moodle + - MYSQL_USER=moodle + - MYSQL_PASSWORD=${W9_POWER_PASSWORD} + command: > + --character-set-server=utf8mb4 + --collation-server=utf8mb4_unicode_ci + --max_allowed_packet=512M + --innodb_buffer_pool_size=512M + --innodb_log_file_size=256M volumes: - - "mariadb_data:/bitnami/mariadb" - + - mariadb_data:/var/lib/mysql + healthcheck: + test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"] + interval: 10s + timeout: 5s + retries: 5 + volumes: - mariadb_data: + moodle_html: moodle_data: - moodledata_data: + mariadb_data: networks: default: name: ${W9_NETWORK} - external: true + external: true \ No newline at end of file diff --git a/apps/moodle/variables.json b/apps/moodle/variables.json index 222ba6fe1..2cef02f89 100644 --- a/apps/moodle/variables.json +++ b/apps/moodle/variables.json @@ -7,7 +7,7 @@ "edition": [ { "dist": "community", - "version": ["5.0","latest"] + "version": ["5.1.1","latest"] } ], "requirements": { diff --git a/apps/openclaw/.env b/apps/openclaw/.env new file mode 100644 index 000000000..c4477650f --- /dev/null +++ b/apps/openclaw/.env @@ -0,0 +1,57 @@ +# OpenClaw on Docker - Environment Configuration +# Edit this file to customize the deployment settings. +# Full documentation: https://docs.openclaw.ai/install/docker + +# ========================================================= +# Image +# version tags: https://github.com/openclaw/openclaw/releases +# ========================================================= +W9_REPO=ghcr.io/openclaw/openclaw +W9_DIST='community' +W9_VERSION='2026.3.13-1' + +# ========================================================= +# Authentication +# W9_POWER_PASSWORD is used as OPENCLAW_GATEWAY_TOKEN +# After startup, paste this token in the Control UI (Settings → Token) +# ========================================================= +W9_POWER_PASSWORD=1PrMxExC45LsCT + +# ========================================================= +# Ports +# W9_HTTP_PORT_SET: host port for Gateway Control UI + WS API (internal: 18789) +# W9_BRIDGE_PORT_SET: host port for browser/bridge control service (internal: 18790) +# Access Control UI: http://localhost:$W9_HTTP_PORT_SET/ +# ========================================================= +W9_HTTP_PORT_SET='9001' +W9_BRIDGE_PORT_SET='18790' + +#### -- Not allowed to edit below environments when recreate app based on existing data -- #### + +# ========================================================= +# System (managed by Websoft9, do not modify) +# ========================================================= +W9_ID='openclaw' +W9_HTTP_PORT=18789 +W9_URL='internet_ip:$W9_HTTP_PORT_SET' +W9_LOGIN_PASSWORD=$W9_POWER_PASSWORD +W9_NETWORK=websoft9 + +#### ---------------------------------------------------------------------------- #### + +# ========================================================= +# Application-specific settings +# ========================================================= + +# Gateway token (= W9_POWER_PASSWORD). Paste in Control UI → Settings → Token +OPENCLAW_GATEWAY_TOKEN=$W9_POWER_PASSWORD + +# Gateway bind mode. 'lan' is required for Docker port mapping to work. +OPENCLAW_GATEWAY_BIND=lan + +# Allow insecure private WebSocket connections (leave empty unless needed) +# Set to 'true' when accessing via HTTP on a non-localhost address (no HTTPS). +# This lets the server handle device identity instead of the browser's crypto.subtle API. +OPENCLAW_ALLOW_INSECURE_PRIVATE_WS=true + + diff --git a/apps/openclaw/CHANGELOG.md b/apps/openclaw/CHANGELOG.md new file mode 100644 index 000000000..582cf46c5 --- /dev/null +++ b/apps/openclaw/CHANGELOG.md @@ -0,0 +1,5 @@ +# CHANGELOG + +## Release +### Fixes and Enhancements + diff --git a/apps/openclaw/Notes.md b/apps/openclaw/Notes.md new file mode 100644 index 000000000..1fdbbb29d --- /dev/null +++ b/apps/openclaw/Notes.md @@ -0,0 +1,2 @@ +# Appname +## FAQ diff --git a/apps/openclaw/README.md b/apps/openclaw/README.md new file mode 100644 index 000000000..1bd4745b5 --- /dev/null +++ b/apps/openclaw/README.md @@ -0,0 +1,26 @@ +# OpenClaw on Docker + +This is an **[Docker Compose template](https://github.com/Websoft9/docker-library)** powered by [Websoft9](https://www.websoft9.com) based on Docker for OpenClaw: + + + - community: 2026.3.13-1 + + +## System Requirements + +The following are the minimal [recommended requirements](https://openclaw.ai): + +* **RAM**: 2 GB or more +* **CPU**: 2 cores or higher +* **Disk**: at least 10 GB of free space +* **bandwidth**: more fluent experience over 100M + +## Install + +You can install this OpenClaw by [How to use it?](https://github.com/Websoft9/docker-library#how-to-use-it). + +If you want use OpenClaw with **Websoft9 Business Support** free, you can [subscribe OpenClaw](https://www.websoft9.com/apps) on Cloud platform + +## Documentation + +[OpenClaw Administrator Guide](https://support.websoft9.com/docs/openclaw) powered by Websoft9 \ No newline at end of file diff --git a/apps/openclaw/docker-compose.yml b/apps/openclaw/docker-compose.yml new file mode 100644 index 000000000..5af45a076 --- /dev/null +++ b/apps/openclaw/docker-compose.yml @@ -0,0 +1,97 @@ +# image: https://github.com/openclaw/openclaw/pkgs/container/openclaw +# docs: https://docs.openclaw.ai/install/docker + +services: + # One-time permission fix so the named volume is writable by uid 1000 (node). + # Mirrors what the official docker-setup.sh does before starting the gateway. + openclaw-init: + image: $W9_REPO:$W9_VERSION + container_name: ${W9_ID}-init + restart: "no" + user: "0" + entrypoint: + - "sh" + - "-c" + - | + mkdir -p /home/node/.openclaw + [ ! -s /home/node/.openclaw/openclaw.json ] && cp /seed/openclaw.json /home/node/.openclaw/openclaw.json + chown -R 1000:1000 /home/node/.openclaw + volumes: + - openclaw_data:/home/node/.openclaw + - ./src/openclaw.json:/seed/openclaw.json:ro + + openclaw-gateway: + image: $W9_REPO:$W9_VERSION + container_name: $W9_ID + restart: unless-stopped + init: true + depends_on: + openclaw-init: + condition: service_completed_successfully + command: [ "node", "dist/index.js", "gateway", "--allow-unconfigured", "--bind", "${OPENCLAW_GATEWAY_BIND:-lan}", "--port", "18789" ] + ports: + - $W9_HTTP_PORT_SET:18789 + - $W9_BRIDGE_PORT_SET:18790 + env_file: .env + environment: + - HOME=/home/node + - NODE_ENV=production + - TERM=xterm-256color + - OPENCLAW_GATEWAY_TOKEN=$W9_POWER_PASSWORD + - OPENCLAW_GATEWAY_BIND=${OPENCLAW_GATEWAY_BIND} + - OPENCLAW_GATEWAY_PORT=18789 + - OPENCLAW_ALLOW_INSECURE_PRIVATE_WS=${OPENCLAW_ALLOW_INSECURE_PRIVATE_WS:-} + volumes: + - openclaw_data:/home/node/.openclaw + healthcheck: + test: + - "CMD" + - "node" + - "-e" + - "fetch('http://127.0.0.1:18789/healthz').then((r)=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))" + interval: 30s + timeout: 10s + retries: 3 + start_period: 30s + + # Optional CLI service for channel setup and management commands. + # Not started by default. Usage: + # docker compose --profile cli run --rm openclaw-cli channels login + # docker compose --profile cli run --rm openclaw-cli config set + # docker compose --profile cli run --rm openclaw-cli devices list + openclaw-cli: + image: $W9_REPO:$W9_VERSION + container_name: ${W9_ID}-cli + network_mode: "service:openclaw-gateway" + profiles: + - cli + cap_drop: + - NET_RAW + - NET_ADMIN + security_opt: + - no-new-privileges:true + environment: + - HOME=/home/node + - NODE_ENV=production + - TERM=xterm-256color + - OPENCLAW_GATEWAY_TOKEN=$W9_POWER_PASSWORD + - OPENCLAW_GATEWAY_BIND=${OPENCLAW_GATEWAY_BIND} + - OPENCLAW_ALLOW_INSECURE_PRIVATE_WS=${OPENCLAW_ALLOW_INSECURE_PRIVATE_WS:-} + - BROWSER=echo + volumes: + - openclaw_data:/home/node/.openclaw + stdin_open: true + tty: true + init: true + entrypoint: [ "node", "dist/index.js" ] + depends_on: + - openclaw-gateway + +volumes: + openclaw_data: + + +networks: + default: + name: ${W9_NETWORK} + external: true diff --git a/apps/openclaw/src/openclaw.json b/apps/openclaw/src/openclaw.json new file mode 100644 index 000000000..a00028f8d --- /dev/null +++ b/apps/openclaw/src/openclaw.json @@ -0,0 +1,8 @@ +{ + "gateway": { + "controlUi": { + "dangerouslyAllowHostHeaderOriginFallback": true, + "dangerouslyDisableDeviceAuth": true + } + } +} \ No newline at end of file diff --git a/apps/openclaw/variables.json b/apps/openclaw/variables.json new file mode 100644 index 000000000..4ce3ce579 --- /dev/null +++ b/apps/openclaw/variables.json @@ -0,0 +1,21 @@ +{ + "name": "openclaw", + "trademark": "OpenClaw", + "release": true, + "fork_url": "https://github.com/openclaw/openclaw", + "version_from": "https://github.com/openclaw/openclaw/releases", + "edition": [ + { + "dist": "community", + "version": [ + "2026.3.13-1" + ] + } + ], + "requirements": { + "cpu": "2", + "memory": "2", + "disk": "10", + "url": "https://openclaw.ai" + } +} \ No newline at end of file