Since these files are intended to be automatically generated by
entrypoint.sh at container startup time, these files are at best
useless and at worst could result in users ending up with copies of
the secrets generated when the Docker image they were using was built.
The ignore option was removed a long time ago, and the settings style
variable for RabbitMQ is very old backwards-compatibility code that is
no longer needed.
Single quotes in YAML have fewer situations where escaping is relevant
than double-quotes, which means using them as the default will help
prevent users from running into escaping issues.
Using an actual tool designed to do this is a lot more robust and
fixes some nasty escaping issues involving secrets containing `~` that
were reported in #143.
This fixes#150, and should eliminate the possibility for future bugs
in the same vein.
I still want to eliminate this whole type-detection system, but that's
for future work.
This docker image has only really supported Git leading up to Zulip
1.9 for a while now. Now that there's a release candidate out, it
makes sense to declare that explicitly.
This commit will be tagged 1.9.0-rc1-0.
The upstream rabbitmq project configures a persistent storage volume
(where data like the authentication details for the server are
stored), and it's a lot better for us to configure this explicitly, so
that all persistent state is stored in /opt/docker/zulip.
The task is to generate a self-signed cert so Zulip can be started, then
to wait until Zulip is up before using certbot to generate new certs.
Zulip needs to be up so it can meet certbot's challenge. Using a deploy
hook, certs are persisted in the data directory. The same applies to
renewal.
Tweaked by tabbott mostly to edit comments remove an unnecessary
setting before merging.
Fixes#120.
This removes the fork of the core Zulip nginx configuration file that
we were maintaining in the docker-zulip project; doing so improves the
maintainability of this project for the future, since we don't need to
check on every Zulip upgrade whether we've made any changes to the
`nginx` package in zulip/zulip.
The only feature we were using that for was the DISABLE_HTTPS setting
in docker-zulip, and it's now possible to do that by editing
zulip.conf instead.
Fixes#114.
First, we stop deleting the `puppet` directory, which is important for
being able to run `zulip-puppet-apply` inside the container (super
useful for debugging).
Second, we call this inside the code block for the `nginx` option, in
order to support the `DISABLE_HTTPS` option working without any copied
nginx configuration code in docker-zulip.
See #137 for how we could optimize this away.
This prevents Zulip from wasting a bunch of resources repeatedly
trying to deliver emails with invalid configuration (because
`EMAIL_HOST` not being set results in the dummy email backend being
used).
This makes it much simpler for us to keep the total installation size
of the docker image nice and small, and means we can avoid installing
a static asset compiler into the production image.
