selfhosted
/
jackson
mirror of https://github.com/boxyhq/jackson.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add missing env to one click deploy (#122) 

* Fix env from heroku

* Add missing envs

* Support DATABASE_URL env

* Fix IDP_ENABLED env check

* Remove env setting

* SAML_AUDIENCE env value and not required change

* CLIENT_SECRET_VERIFIER not required

* Fix envLink and add variables

* Use defaultDb util across npm and service

* Add IDP_ENABLED
This commit is contained in:
Aswin V 2022-03-19 00:07:44 +05:30 committed by GitHub
parent 9b35af0897
commit 6f2384c97e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 90 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Procfile
View File

@ -1 +1 @@
web: export DB_URL=$POSTGRES_URL JACKSON_API_KEYS=$JACKSON_API_KEYS && ./node_modules/.bin/next start -p $PORT
web: ./node_modules/.bin/next start -p $PORT

2
README.md
View File

@ -12,7 +12,7 @@
<a href="https://raw.githubusercontent.com/boxyhq/jackson/main/swagger/swagger.json"><img src="https://img.shields.io/swagger/valid/3.0?specUrl=https%3A%2F%2Fraw.githubusercontent.com%2Fboxyhq%2Fjackson%2Fmain%2Fswagger%2Fswagger.json" alt="Swagger Validator"></a>
</p>
[![Deploy with Vercel](https://vercel.com/button)](<https://vercel.com/new/clone?repository-url=https%3A%2F%2Fgithub.com%2Fboxyhq%2Fjackson&env=DB_ENGINE,DB_TYPE,DB_URL,JACKSON_API_KEYS,DB_ENCRYPTION_KEY,EXTERNAL_URL&envDescription=DB%20configuration%20and%20keys%20for%20encryption%20and%20authentication.EXTERNAL_URL%20(Usually%20https%3A%2F%2F%3Cproject-name-from-above%3E.vercel.app)%20can%20be%20set%20after%20deployment%20from%20the%20project%20dashboard.Set%20to%20''%20if%20not%20applicable.&envLink=https://boxyhq.com/docs/jackson/env-variables>)
[![Deploy with Vercel](https://vercel.com/button)](<https://vercel.com/new/clone?repository-url=https%3A%2F%2Fgithub.com%2Fboxyhq%2Fjackson&env=DB_ENGINE,DB_TYPE,DB_URL,DB_ENCRYPTION_KEY,DB_TTL,DB_CLEANUP_LIMIT,JACKSON_API_KEYS,EXTERNAL_URL,IDP_ENABLED,SAML_AUDIENCE,CLIENT_SECRET_VERIFIER,SMTP_HOST,SMTP_PORT,SMTP_USER,SMTP_PASSWORD,SMTP_FROM,NEXTAUTH_URL,NEXTAUTH_SECRET,NEXTAUTH_ACL&envDescription=DB%20configuration%20and%20keys%20for%20encryption%20and%20authentication.EXTERNAL_URL%20(Usually%20https%3A%2F%2F%3Cproject-name-from-above%3E.vercel.app)%20can%20be%20set%20after%20deployment%20from%20the%20project%20dashboard.Set%20to%20''%20if%20not%20applicable.&envLink=https://boxyhq.com/docs/jackson/deploy/env-variables>)
[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy)
SAML service [SAML in a box from BoxyHQ]

69
app.json
View File

@ -18,6 +18,75 @@
"EXTERNAL_URL": {
"description": "The public URL of the app. See https://boxyhq.com/docs/jackson/env-variables#external_url . Replace <HEROKU_APP_NAME> below with 'App name' from above",
"value": "https://<HEROKU_APP_NAME>.herokuapp.com"
},
"IDP_ENABLED": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#idp_enabled",
"required": false
},
"CLIENT_SECRET_VERIFIER": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#client_secret_verifier",
"required": false
},
"SAML_AUDIENCE": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#saml_audience",
"value": "https://saml.boxyhq.com",
"required": false
},
"DB_ENGINE": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_engine Leave empty to use the heroku-postgresql",
"required": false
},
"DB_URL": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_url Leave empty to use the heroku-postgresql",
"required": false
},
"DB_TYPE": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_type Leave empty to use the heroku-postgresql",
"required": false
},
"DB_TTL": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_ttl",
"required": false
},
"DB_CLEANUP_LIMIT": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_cleanup_limit",
"required": false
},
"DB_ENCRYPTION_KEY": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_encryption_key",
"required": false
},
"SMTP_HOST": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#smtp_host",
"required": false
},
"SMTP_PORT": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#smtp_port",
"required": false
},
"SMTP_USER": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#smtp_user",
"required": false
},
"SMTP_PASSWORD": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#smtp_password",
"required": false
},
"SMTP_FROM": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#smtp_from",
"required": false
},
"NEXTAUTH_URL": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#nextauth_url",
"required": false
},
"NEXTAUTH_SECRET": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#nextauth_secret",
"required": false
},
"NEXTAUTH_ACL": {
"description": "https://boxyhq.com/docs/jackson/deploy/env-variables#nextauth_acl",
"required": false
}
}
}

4
lib/env.ts
View File

@ -10,10 +10,10 @@ const apiKeys = (process.env.JACKSON_API_KEYS || '').split(',');
const samlAudience = process.env.SAML_AUDIENCE;
const preLoadedConfig = process.env.PRE_LOADED_CONFIG;
const idpEnabled = !!process.env.IDP_ENABLED;
const idpEnabled = process.env.IDP_ENABLED === 'true';
const db = {
engine: process.env.DB_ENGINE ? <DatabaseEngine>process.env.DB_ENGINE : undefined,
url: process.env.DB_URL,
url: process.env.DB_URL || process.env.DATABASE_URL,
type: process.env.DB_TYPE ? <DatabaseType>process.env.DB_TYPE : undefined,
ttl: process.env.DB_TTL ? Number(process.env.DB_TTL) : undefined,
encryptionKey: process.env.DB_ENCRYPTION_KEY,

4
lib/nextAuthAdapter.ts
View File

@ -3,12 +3,14 @@ import DB from 'npm/src/db/db';
import opts from './env';
import type { AdapterUser, VerificationToken } from 'next-auth/adapters';
import { validateEmailWithACL } from './utils';
import defaultDb from 'npm/src/db/defaultDb';
const g = global as any;
export async function initNextAuthDB(): Promise<Storable> {
if (!g.adminAuthStore) {
const db = await DB.new(opts.db);
const _opts = defaultDb(opts);
const db = await DB.new(_opts.db);
g.adminAuthStore = db.store('admin:auth');
}
return g.adminAuthStore as Storable;

12
npm/src/db/defaultDb.ts Normal file
View File

@ -0,0 +1,12 @@
import { JacksonOption } from '../typings';
export default function defaultDb(opts: JacksonOption) {
opts.db = opts.db || {};
opts.db.engine = opts.db.engine || 'sql';
opts.db.url = opts.db.url || 'postgresql://postgres:postgres@localhost:5432/postgres';
opts.db.type = opts.db.type || 'postgres'; // Only needed if DB_ENGINE is sql.
opts.db.ttl = (opts.db.ttl || 300) * 1; // TTL for the code, session and token stores (in seconds)
opts.db.cleanupLimit = (opts.db.cleanupLimit || 1000) * 1; // Limit cleanup of TTL entries to this many items at a time
return opts;
}

8
npm/src/index.ts
View File

@ -4,6 +4,7 @@ import { AdminController } from './controller/admin';
import DB from './db/db';
import readConfig from './read-config';
import { JacksonOption } from './typings';
import defaultDb from './db/defaultDb';
const defaultOpts = (opts: JacksonOption): JacksonOption => {
const newOpts = {
@ -22,12 +23,7 @@ const defaultOpts = (opts: JacksonOption): JacksonOption => {
newOpts.preLoadedConfig = newOpts.preLoadedConfig || ''; // path to folder containing static SAML config that will be preloaded. This is useful for self-hosted deployments that only have to support a single tenant (or small number of known tenants).
newOpts.idpEnabled = newOpts.idpEnabled === true;
newOpts.db = newOpts.db || {};
newOpts.db.engine = newOpts.db.engine || 'sql';
newOpts.db.url = newOpts.db.url || 'postgresql://postgres:postgres@localhost:5432/postgres';
newOpts.db.type = newOpts.db.type || 'postgres'; // Only needed if DB_ENGINE is sql.
newOpts.db.ttl = (newOpts.db.ttl || 300) * 1; // TTL for the code, session and token stores (in seconds)
newOpts.db.cleanupLimit = (newOpts.db.cleanupLimit || 1000) * 1; // Limit cleanup of TTL entries to this many items at a time
defaultDb(newOpts);
newOpts.clientSecretVerifier = newOpts.clientSecretVerifier || 'dummy';