RomanNum3ral
/
vert
mirror of https://github.com/VERT-sh/VERT.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs: add references to PUB_DISABLE_ALL_EXTERNAL_REQUESTS

This commit is contained in:
not-nullptr 2025-10-19 18:23:49 +01:00
parent 9bae3620ce
commit c51acba26f
5 changed files with 76 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.env.example
View File

@ -2,6 +2,7 @@ PUB_HOSTNAME=localhost:5173 # only gets used for plausible (for now)
PUB_PLAUSIBLE_URL=https://plausible.example.com # can be empty
PUB_ENV=development # "production", "development", or "nightly"
PUB_VERTD_URL=https://vertd.vert.sh # default vertd instance
DISABLE_ALL_EXTERNAL_REQUESTS=false # disables vertd, stripe, plausible, etc. use if your boss complains about privacy
# please do not change these. donations help a lot
PUB_DONATION_URL=https://donations.vert.sh

125
.github/workflows/docker.yml vendored
View File

@ -1,67 +1,68 @@
name: Docker Image CI
on:
push:
branches: [ "main" ]
tags: [ 'v*' ]
paths:
- 'src/**'
- 'static/**'
pull_request:
branches: [ "main" ]
paths:
- 'src/**'
- 'static/**'
workflow_dispatch:
push:
branches: ["main"]
tags: ["v*"]
paths:
- "src/**"
- "static/**"
pull_request:
branches: ["main"]
paths:
- "src/**"
- "static/**"
workflow_dispatch:
jobs:
build-and-push:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,format=short
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
PUB_ENV=production
PUB_HOSTNAME=${{ vars.PUB_HOSTNAME || '' }}
PUB_PLAUSIBLE_URL=${{ vars.PUB_PLAUSIBLE_URL || '' }}
PUB_VERTD_URL=https://vertd.vert.sh
PUB_DONATION_URL=https://donations.vert.sh
PUB_STRIPE_KEY=pk_live_51RDVmAGSxPVad6bQwzVNnbc28nlmzA30krLWk1fefCMpUPiSRPkavMMbGqa8A3lUaOCMlsUEVy2CWDYg0ip3aPpL00ZJlsMkf2
build-and-push:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,format=short
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
PUB_ENV=production
PUB_HOSTNAME=${{ vars.PUB_HOSTNAME || '' }}
PUB_PLAUSIBLE_URL=${{ vars.PUB_PLAUSIBLE_URL || '' }}
PUB_VERTD_URL=https://vertd.vert.sh
PUB_DISABLE_ALL_EXTERNAL_REQUESTS=false
PUB_DONATION_URL=https://donations.vert.sh
PUB_STRIPE_KEY=pk_live_51RDVmAGSxPVad6bQwzVNnbc28nlmzA30krLWk1fefCMpUPiSRPkavMMbGqa8A3lUaOCMlsUEVy2CWDYg0ip3aPpL00ZJlsMkf2

4
Dockerfile
View File

@ -6,6 +6,7 @@ ARG PUB_ENV
ARG PUB_HOSTNAME
ARG PUB_PLAUSIBLE_URL
ARG PUB_VERTD_URL
ARG PUB_DISABLE_ALL_EXTERNAL_REQUESTS
ARG PUB_DONATION_URL
ARG PUB_STRIPE_KEY
@ -13,6 +14,7 @@ ENV PUB_ENV=${PUB_ENV}
ENV PUB_HOSTNAME=${PUB_HOSTNAME}
ENV PUB_PLAUSIBLE_URL=${PUB_PLAUSIBLE_URL}
ENV PUB_VERTD_URL=${PUB_VERTD_URL}
ENV PUB_DISABLE_ALL_EXTERNAL_REQUESTS=${PUB_DISABLE_ALL_EXTERNAL_REQUESTS}
ENV PUB_DONATION_URL=${PUB_DONATION_URL}
ENV PUB_STRIPE_KEY=${PUB_STRIPE_KEY}
@ -33,4 +35,4 @@ COPY ./nginx/default.conf /etc/nginx/conf.d/default.conf
COPY --from=builder /app/build /usr/share/nginx/html
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD curl --fail --silent --output /dev/null http://localhost || exit 1
CMD curl --fail --silent --output /dev/null http://localhost || exit 1

1
docker-compose.yml
View File

@ -8,6 +8,7 @@ services:
PUB_HOSTNAME: ${PUB_HOSTNAME:-localhost:5173}
PUB_PLAUSIBLE_URL: ${PUB_PLAUSIBLE_URL:-}
PUB_ENV: ${PUB_ENV:-production}
PUB_DISABLE_ALL_EXTERNAL_REQUESTS: ${DISABLE_ALL_EXTERNAL_REQUESTS:-false}
PUB_VERTD_URL: ${PUB_VERTD_URL:-}
PUB_DONATION_URL: ${PUB_DONATION_URL:-https://donations.vert.sh}
PUB_STRIPE_KEY: ${PUB_STRIPE_KEY:-pk_live_51RDVmAGSxPVad6bQwzVNnbc28nlmzA30krLWk1fefCMpUPiSRPkavMMbGqa8A3lUaOCMlsUEVy2CWDYg0ip3aPpL00ZJlsMkf2}

8
docs/DOCKER.md
View File

@ -6,13 +6,16 @@ This file covers how to run VERT under a Docker container.
- [Using an image from the GitHub Container Registry](#using-an-image-from-the-github-container-registry)
### Manually building the image
First, clone the repository:
```shell
$ git clone https://github.com/VERT-sh/VERT
$ cd VERT/
```
Then build a Docker image with:
```shell
$ docker build -t vert-sh/vert \
--build-arg PUB_ENV=production \
@ -20,10 +23,12 @@ $ docker build -t vert-sh/vert \
--build-arg PUB_PLAUSIBLE_URL=https://plausible.example.com \
--build-arg PUB_VERTD_URL=https://vertd.vert.sh \
--build-arg PUB_DONATION_URL=https://donations.vert.sh \
--build-arg PUB_DISABLE_ALL_EXTERNAL_REQUESTS=false
--build-arg PUB_STRIPE_KEY="" .
```
You can then run it by using:
```shell
$ docker run -d \
--restart unless-stopped \
@ -33,6 +38,7 @@ $ docker run -d \
```
This will do the following:
- Use the previously built image as the container `vert`, in detached mode
- Continuously restart the container until manually stopped
- Map `3000/tcp` (host) to `80/tcp` (container)
@ -40,7 +46,9 @@ This will do the following:
We also have a [`docker-compose.yml`](/docker-compose.yml) file available. Use `docker compose up` if you want to start the stack, or `docker compose down` to bring it down. You can pass `--build` to `docker compose up` to rebuild the Docker image (useful if you've changed any of the environment variables) as well as `-d` to start it in detached mode. You can read more about Docker Compose in general [here](https://docs.docker.com/compose/intro/compose-application-model/).
### Using an image from the GitHub Container Registry
While there's an image you can pull instead of cloning the repo and building the image yourself, you will not be able to update any of the environment variables (e.g. `PUB_PLAUSIBLE_URL`) as they're baked directly into the image and not obtained during runtime. If you're okay with this, you can simply run this command instead:
```shell
$ docker run -d \
--restart unless-stopped \