Merge branch 'tests/install' into 39-request-allow-setting-default-port-for-tipi

.github/workflows/build-images.yml

@@ -1,53 +0,0 @@
-name: Docker build
-
-on:
-  push:
-    branches:
-      - 'master'
-
-jobs:
-  docker:
-    runs-on: ubuntu-latest
-    steps:
-      -
-        name: Checkout
-        uses: actions/checkout@v3
-      -
-        name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-      -
-        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-      -
-        name: Login to DockerHub
-        uses: docker/login-action@v1 
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      -
-        name: Get tag from VERSION file
-        id: meta
-        run: |
-          VERSION=$(cat VERSION)
-          TAG=${VERSION}
-          echo "::set-output name=tag::${TAG}"
-      -
-        name: Build and push dashboard
-        uses: docker/build-push-action@v2
-        with:
-          context: ./packages/dashboard
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: meienberger/tipi-dashboard:latest,meienberger/tipi-dashboard:${{ steps.meta.outputs.TAG }}
-          cache-from: type=registry,ref=meienberger/tipi-dashboard:latest
-          cache-to: type=inline
-      -
-        name: Build and push api
-        uses: docker/build-push-action@v2
-        with:
-          context: ./packages/system-api
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: meienberger/tipi-api:latest,meienberger/tipi-api:${{ steps.meta.outputs.TAG }}
-          cache-from: type=registry,ref=meienberger/tipi-api:latest
-          cache-to: type=inline

.github/workflows/ci.yml

@@ -46,5 +46,4 @@ jobs:
         run: pnpm -r lint
       
       - name: Run tests
-        run: pnpm -r test
-
+        run: pnpm -r test

.github/workflows/release-candidate.yml

@@ -0,0 +1,101 @@
+name: Release candidate
+
+on:
+  pull_request:
+    branches:
+      - master
+
+jobs:
+  verify:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 2
+
+      - uses: technote-space/get-diff-action@v6
+        with:
+          FILES: |
+            VERSION
+
+      - name: Ensure env.MATCHED_FILES has VERSION in it
+        id: check-version
+        run: |
+          if [[ -z "${{ env.MATCHED_FILES }}" ]]; then
+            echo "::error::VERSION not modified"
+            exit 1
+          fi
+          if [[ ! "${{ env.MATCHED_FILES }}" =~ VERSION ]]; then
+            echo "::error::VERSION not modified"
+            exit 1
+          fi
+      
+      - uses: vishnudxb/cancel-workflow@v1.2
+        if: failure()
+        with:
+          repo: meienberger/runtipi
+          workflow_id: ${{ github.run_id }}
+          access_token: ${{ github.token }}
+  
+  # Build images and publish RCs to DockerHub
+  build-images:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      
+      - name: Login to DockerHub
+        uses: docker/login-action@v1 
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      
+      - name: Get tag from VERSION file
+        id: meta
+        run: |
+          VERSION=$(cat VERSION)
+          TAG=${VERSION}
+          echo "::set-output name=tag::${TAG}"
+      
+      - name: Build and push dashboard
+        uses: docker/build-push-action@v2
+        with:
+          context: ./packages/dashboard
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: meienberger/tipi-dashboard:rc-${{ steps.meta.outputs.TAG }}
+          cache-from: type=registry,ref=meienberger/tipi-dashboard:latest
+          cache-to: type=inline
+      
+      - name: Build and push api
+        uses: docker/build-push-action@v2
+        with:
+          context: ./packages/system-api
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: meienberger/tipi-api:rc-${{ steps.meta.outputs.TAG }}
+          cache-from: type=registry,ref=meienberger/tipi-api:latest
+          cache-to: type=inline
+
+  # Test installation script
+  test-install:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+
+      - name: Check if user id 1000 exists
+        run: |
+          if [[ ! $(id -u 1000) -eq 1000 ]]; then
+            echo "Creating user 1000"
+            sudo useradd -u 1000 test
+          fi
+        id: check-user-id
+          
+      - name: Run install script
+        run: sudo ./scripts/start.sh --rc --ci
+
+          

.github/workflows/release.yml

@@ -1,5 +1,5 @@
 
-name: Build & Deploy
+name: Publish release
 on:
   push:
     branches:    
@@ -29,4 +29,50 @@ jobs:
           tag_name: ${{ steps.create_tag.outputs.version }}
           release_name: ${{ steps.create_tag.outputs.version }}
           draft: false
-          prerelease: false
+          prerelease: false
+
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v3
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1 
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Get tag from VERSION file
+        id: meta
+        run: |
+          VERSION=$(cat VERSION)
+          TAG=${VERSION}
+          echo "::set-output name=tag::${TAG}"
+      -
+        name: Build and push dashboard
+        uses: docker/build-push-action@v2
+        with:
+          context: ./packages/dashboard
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: meienberger/tipi-dashboard:latest,meienberger/tipi-dashboard:${{ steps.meta.outputs.TAG }}
+          cache-from: type=registry,ref=meienberger/tipi-dashboard:latest
+          cache-to: type=inline
+      -
+        name: Build and push api
+        uses: docker/build-push-action@v2
+        with:
+          context: ./packages/system-api
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: meienberger/tipi-api:latest,meienberger/tipi-api:${{ steps.meta.outputs.TAG }}
+          cache-from: type=registry,ref=meienberger/tipi-api:latest
+          cache-to: type=inline

.github/workflows/verify-release.yml

@@ -1,33 +0,0 @@
-name: Verify release
-
-on:
-  pull_request:
-    branches:
-      - master
-
-jobs:
-  verify:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 2
-
-      - uses: technote-space/get-diff-action@v6
-        with:
-          FILES: |
-            VERSION
-
-      - name: Ensure env.MATCHED_FILES has VERSION in it
-        id: check-version
-        run: |
-          if [[ -z "${{ env.MATCHED_FILES }}" ]]; then
-            echo "::error::VERSION not modified"
-            exit 1
-          fi
-          if [[ ! "${{ env.MATCHED_FILES }}" =~ VERSION ]]; then
-            echo "::error::VERSION not modified"
-            exit 1
-          fi
-          

ansible/host_vars/tipi.yml

@@ -1,4 +1,4 @@
 packages:
   - jq
   - coreutils
-  - docker
+  - docker

ansible/tasks/common/docker.yml

@@ -21,11 +21,11 @@
   when: lsb_release.stdout == 'Debian'
 
 - name: Add deb repo for docker (Ubuntu)
-  shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+  shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
   when: lsb_release.stdout == 'Ubuntu'
 
 - name: Add deb repo for docker (Debian)
-  shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+  shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
   when: lsb_release.stdout == 'Debian'
 
 - name: Update packages

ansible/tasks/common/essential.yml

@@ -8,6 +8,10 @@
     name: "{{ packages }}"
     state: latest
 
+- name: Upgrade packages
+  apt:
+    upgrade: yes
+
 - name: Add user to root group
   user:
     name: "{{ username }}"
@@ -26,3 +30,4 @@
     user: "{{ username }}"
     minute: "*/1"
     job: "{{ playbook_dir }}/../scripts/system-info.sh"
+  ignore_errors: yes

docker-compose.rc.yml

@@ -0,0 +1,60 @@
+version: "3.7"
+
+services:
+  reverse-proxy:
+    container_name: reverse-proxy
+    image: traefik:v2.6
+    restart: always
+    ports:
+      - 80:80
+      - 8080:8080
+    command: --api.insecure=true --providers.docker
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ${PWD}/traefik:/root/.config
+    networks:
+      - tipi_main_network
+
+  api:
+    image: meienberger/tipi-api:rc-${TIPI_VERSION}
+    container_name: api
+    ports:
+      - 3001:3001
+    volumes:
+      ## Docker sock
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ${PWD}:/tipi
+    environment:
+      - INTERNAL_IP=${INTERNAL_IP}
+      - TIPI_VERSION=${TIPI_VERSION}
+      - JWT_SECRET=${JWT_SECRET}
+      - ROOT_FOLDER_HOST=${ROOT_FOLDER_HOST}
+    networks:
+      - tipi_main_network
+
+  dashboard:
+    image: meienberger/tipi-dashboard:rc-${TIPI_VERSION}
+    container_name: dashboard
+    ports:
+      - 3000:3000
+    networks:
+      - tipi_main_network
+    environment:
+      - INTERNAL_IP=${INTERNAL_IP}
+    labels:
+      traefik.enable: true
+      traefik.http.routers.dashboard.rule: PathPrefix("/") # Host(`tipi.local`) &&
+      traefik.http.routers.dashboard.entrypoints: webinsecure
+      traefik.http.routers.dashboard.service: dashboard
+      traefik.http.services.dashboard.loadbalancer.server.port: 3000
+
+networks:
+  tipi_main_network:
+    driver: bridge
+    driver_opts:
+      com.docker.network.bridge.enable_ip_masquerade: "true"
+      com.docker.network.bridge.enable_icc: "true"
+    ipam:
+      driver: default
+      config:
+        - subnet: 10.21.21.0/24

package.json

@@ -7,6 +7,7 @@
     "act:test-install": "act --container-architecture linux/amd64 -j test-install",
     "act:docker": "act --container-architecture linux/amd64 --secret-file github.secrets -j docker",
     "start:dev": "docker-compose -f docker-compose.dev.yml --env-file .env.dev up --build",
+    "start:rc": "docker-compose -f docker-compose.rc.yml --env-file .env up --build",
     "start:prod": "docker-compose --env-file .env up --build"
   },
   "dependencies": {},

packages/dashboard/.prettierrc.js

@@ -1,6 +1,6 @@
 module.exports = {
   singleQuote: true,
   semi: true,
-  trailingComma: "all",
+  trailingComma: 'all',
   printWidth: 200,
 };

packages/dashboard/Dockerfile

@@ -1,13 +1,13 @@
-FROM node:18
+FROM node:18-buster-slim 
 
 WORKDIR /app
 
 COPY ./package.json ./
 
-RUN yarn
+RUN npm install
 
 COPY ./ ./
 
-RUN yarn build
+RUN npm run build
 
-CMD ["yarn", "start"]
+CMD ["npm", "run", "start"]

packages/dashboard/Dockerfile.dev

@@ -1,4 +1,4 @@
-FROM node:latest
+FROM node:18-buster-slim 
 
 WORKDIR /app
 

packages/system-api/src/modules/system/system.controller.ts

@@ -75,7 +75,9 @@ const getVersion = async (_: Request, res: Response<{ current: string; latest: s
     version = json.name.replace('v', '');
   }
 
-  res.status(200).send({ current: config.VERSION, latest: version });
+  TipiCache.set('latestVersion', version.replace('v', ''));
+
+  res.status(200).send({ current: config.VERSION, latest: version.replace('v', '') });
 };
 
 export default { getCpuInfo, getDiskInfo, getMemoryInfo, getVersion };

requirements.txt

@@ -0,0 +1 @@
+ansible

scripts/configure.sh

@@ -15,15 +15,50 @@ echo "=============== TIPI ================="
 echo "======================================"
 echo
 
-# Install ansible if not installed
-if ! command -v ansible-playbook > /dev/null; then
-  echo "Installing Ansible..."
-  sudo apt-get update
-  sudo apt-get install python3 python3-pip -y
-  sudo pip3 install ansible
+# Enable passwordless sudo for $USERNAME
+if ! grep -q "${USERNAME} ALL=(ALL) NOPASSWD: ALL" /etc/sudoers; then
+  echo "${USERNAME} ALL=(ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers
 fi
 
-ansible-playbook ansible/setup.yml -i ansible/hosts -K -e username="$USERNAME"
+sudo apt-get update
+sudo apt-get install -y jq coreutils ca-certificates curl gnupg lsb-release
+
+LSB="$(lsb_release -is)"
+
+# Add docker gpg key (Debian)
+if [[ "${LSB}" == "Debian" ]]; then
+  curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+fi
+
+# Add docker gpg key (Ubuntu)
+if [[ "${LSB}" == "Ubuntu" ]]; then
+  curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+fi
+
+# Add deb repo for docker (Debian)
+if [[ "${LSB}" == "Debian" ]]; then
+  echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+fi
+
+# Add deb repo for docker (Ubuntu)
+if [[ "${LSB}" == "Ubuntu" ]]; then
+  echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+fi
+
+sudo apt-get update
+sudo apt-get install -y docker-ce docker-ce-cli containerd.io
+
+# Install docker compose if not here
+if ! command -v docker-compose > /dev/null; then
+  sudo curl -L "https://github.com/docker/compose/releases/download/v2.3.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
+  sudo chmod +x /usr/local/bin/docker-compose
+fi
+
+# create docker group
+if ! getent group docker > /dev/null; then
+  sudo groupadd docker
+fi
+sudo usermod -aG docker "${USERNAME}"
 
 # echo "Configuring permissions..."
 # echo

scripts/start.sh

@@ -8,15 +8,34 @@ else
   readlink=readlink
 fi
 
+while [ -n "$1" ]; do # while loop starts
+
+	case "$1" in
+	--rc) rc="true" ;;
+	--ci) ci="true" ;;
+	--)
+		shift # The double dash makes them parameters
+		break
+		;;
+	*) echo "Option $1 not recognized" && exit 1 ;;
+	esac
+	shift
+done
+
+# Check we are on linux
+if [[ "$(uname)" != "Linux" ]]; then
+  echo "Tipi only works on Linux"
+  exit 1
+fi
+
 ROOT_FOLDER="$($readlink -f $(dirname "${BASH_SOURCE[0]}")/..)"
 STATE_FOLDER="${ROOT_FOLDER}/state"
 SED_ROOT_FOLDER="$(echo $ROOT_FOLDER | sed 's/\//\\\//g')"
 INTERNAL_IP="$(hostname -I | awk '{print $1}')"
 DNS_IP=9.9.9.9 # Default to Quad9 DNS
-USERNAME="$(id -nu 1000)"
 ARCHITECTURE="$(uname -m)"
 
-if [[ "$architecture" == "aarch64" ]]; then
+if [[ "$ARCHITECTURE" == "aarch64" ]]; then
   ARCHITECTURE="arm64"
 fi
 
@@ -44,7 +63,7 @@ function get_json_field() {
 function derive_entropy() {
   SEED_FILE="${STATE_FOLDER}/seed"
   identifier="${1}"
-  tipi_seed=$(cat "${SEED_FILE}") || true
+  tipi_seed=$(cat "${SEED_FILE}") || true 
 
   if [[ -z "$tipi_seed" ]] || [[ -z "$identifier" ]]; then
     >&2 echo "Missing derivation parameter, this is unsafe, exiting."
@@ -72,6 +91,11 @@ fi
 chown -R 1000:1000 "${STATE_FOLDER}/apps.json"
 chown -R 1000:1000 "${STATE_FOLDER}/users.json"
 
+# Get current dns from host
+if [[ -f "/etc/resolv.conf" ]]; then
+  TEMP=$(cat /etc/resolv.conf | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | head -n 1)
+fi
+
 # Get dns ip if pihole is installed
 str=$(get_json_field ${STATE_FOLDER}/apps.json installed)
 
@@ -121,24 +145,28 @@ mv -f "$ENV_FILE" "$ROOT_FOLDER/.env"
 echo "Running system-info.sh..."
 bash "${ROOT_FOLDER}/scripts/system-info.sh"
 
-# ansible-playbook ansible/start.yml -i ansible/hosts -K -e username="$USERNAME"
-
-docker-compose --env-file "${ROOT_FOLDER}/.env" pull
-# Run docker-compose
-docker-compose --env-file "${ROOT_FOLDER}/.env" up --detach --remove-orphans --build || {
-  echo "Failed to start containers"
-  exit 1
-}
-
-# str=$(get_json_field ${STATE_FOLDER}/apps.json installed)
-# apps_to_start=($str)
-
-# for app in "${apps_to_start[@]}"; do
-#     "${ROOT_FOLDER}/scripts/app.sh" start $app
-# done
-
 # Give permissions 1000:1000 to app data
-chown -R 1000:1000 "${ROOT_FOLDER}/app-data"
+# chown -R 1000:1000 "${ROOT_FOLDER}/app-data"
+
+## Don't run if config-only
+if [[ ! $ci == "true" ]]; then
+
+  if [[ $rc == "true" ]]; then
+    docker-compose -f docker-compose.rc.yml --env-file "${ROOT_FOLDER}/.env" pull
+    # Run docker-compose
+    docker-compose -f docker-compose.rc.yml --env-file "${ROOT_FOLDER}/.env" up --detach --remove-orphans --build || {
+      echo "Failed to start containers"
+      exit 1
+    }
+  else
+    docker-compose --env-file "${ROOT_FOLDER}/.env" pull
+    # Run docker-compose
+    docker-compose --env-file "${ROOT_FOLDER}/.env" up --detach --remove-orphans --build || {
+      echo "Failed to start containers"
+      exit 1
+    }
+  fi
+fi
 
 echo "Tipi is now running"
 echo ""