Docker-managed volumes[^1] are more cross-platform compatible than
hard-coded paths, and will work even if the Docker user cannot write
to the arbitrary path of `/opt/docker/zulip` on the Docker host.
[^1]: https://docs.docker.com/storage/volumes/
Co-authored-by: Alex Vandiver <alexmv@zulip.com>
With previous `%D` format preventable errors like
```
tar (child): /data/backups/backup-09/05/22-03-22-03.tar.gz: Cannot open: No such file or directory
```
will occur. Let's use a more sane[^1] date format where possible.
The -I flag to date(1) was added in roughly 1999[^2] and is portable across
GNU coreutils and BusyBox. Piping to tr(1) to remove colons in filenames
is largely a Windows-compatibility concern, as Win32 does not allow for
that character in filenames[^3], and it's possible that the backups target
directory could be a volume mount to a Windows host (for example on
Docker Desktop For Windows).
[^1]: https://xkcd.com/1179/
[^2]: https://unix.stackexchange.com/a/164834
[^3]: https://learn.microsoft.com/en-us/windows/win32/fileio/naming-a-file#naming-conventions
Co-Authored-By: Josh Klar <josh@zulip.com>
`restart:` was previously inconsistently provided to service definitions
(only memcached and rabbitmq) and at that, the restart policy was
`always`. `always` can lead to surprising behavior where restarts of the
docker daemon will resurrect explicitly-stopped containers, whereas
`unless-stopped` will leave explicitly-stopped containers stopped.
Set all services in the docker-compose file to `restart:
unless-stopped`.
Further reading: https://linuxhandbook.com/docker-restart-policy/
A helm chart is added for the installation of Zulip into Kubernetes
clusters. The chart is based on a version of PR #287, but contains
significant changes.
The chart depends on Bitnami helm charts for the installation of
Memcached, Postgresql, Rabbitmq and Redis.
The chart includes the possibility to add `postSetup` scripts which
are mounted to `/data/post-setup.d` and executed by the docker-zulip
Docker container.
More information can be found in the chart's README in
kubernetes/chart/zulip/README.md
This is required for connecting to a LDAPS server without validating certificators:
```
SETTING_AUTH_LDAP_GLOBAL_OPTIONS: "{ ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER }"
```
Using `SETTING_AUTH_LDAP_CONNECTION_OPTIONS` doesn't work.
The configuration files need to be placed in
`/opt/docker/zulip/zulip/settings/etc-zulip` so that Zulip will pick
them up properly. This commit clarifies that in the README.md file.
