diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 00000000..ee5673f0 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @kwypchlo @meeh0w diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 188d8d70..00000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,71 +0,0 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# -name: "CodeQL" - -on: - push: - branches: [ main ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ main ] - schedule: - - cron: '32 21 * * 0' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'javascript', 'python' ] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] - # Learn more: - # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed - - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v1 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v1 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/lint-dockerfiles.yml b/.github/workflows/lint-dockerfiles.yml deleted file mode 100644 index a766db46..00000000 --- a/.github/workflows/lint-dockerfiles.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: Dockerfile Lint - -on: - push: - branches: - - master - pull_request: - -jobs: - hadolint: - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - dockerfile: - - docker/sia/Dockerfile - steps: - - uses: actions/checkout@v3 - - uses: hadolint/hadolint-action@v2.0.0 - with: - dockerfile: ${{ matrix.dockerfile }} diff --git a/docker-compose.accounts.yml b/docker-compose.accounts.yml index 8f62a42b..76e23eda 100644 --- a/docker-compose.accounts.yml +++ b/docker-compose.accounts.yml @@ -22,7 +22,7 @@ services: accounts: # uncomment "build" and comment out "image" to build from sources # build: https://github.com/SkynetLabs/skynet-accounts.git#main - image: skynetlabs/skynet-accounts:1.2.2 + image: skynetlabs/skynet-accounts:1.2.3 container_name: accounts restart: unless-stopped logging: *default-logging @@ -59,15 +59,12 @@ services: # build: # context: https://github.com/SkynetLabs/webportal-accounts-dashboard.git#main # dockerfile: Dockerfile - image: skynetlabs/webportal-accounts-dashboard:1.1.2 + image: skynetlabs/webportal-accounts-dashboard:2.0.0 container_name: dashboard restart: unless-stopped logging: *default-logging env_file: - .env - environment: - - GATSBY_PORTAL_DOMAIN=${PORTAL_DOMAIN} - - GATSBY_STRIPE_PUBLISHABLE_KEY=${STRIPE_PUBLISHABLE_KEY} volumes: - ./docker/data/dashboard/.cache:/usr/app/.cache - ./docker/data/dashboard/public:/usr/app/public diff --git a/docker-compose.jaeger.yml b/docker-compose.jaeger.yml index 9dfabb2a..740da435 100644 --- a/docker-compose.jaeger.yml +++ b/docker-compose.jaeger.yml @@ -21,7 +21,7 @@ services: - JAEGER_REPORTER_LOG_SPANS=false jaeger-agent: - image: jaegertracing/jaeger-agent:1.32.0 + image: jaegertracing/jaeger-agent:1.36.0 command: [ "--reporter.grpc.host-port=jaeger-collector:14250", @@ -43,7 +43,7 @@ services: - jaeger-collector jaeger-collector: - image: jaegertracing/jaeger-collector:1.32.0 + image: jaegertracing/jaeger-collector:1.36.0 entrypoint: /wait_to_start.sh container_name: jaeger-collector restart: on-failure @@ -68,7 +68,7 @@ services: - elasticsearch jaeger-query: - image: jaegertracing/jaeger-query:1.32.0 + image: jaegertracing/jaeger-query:1.36.0 entrypoint: /wait_to_start.sh container_name: jaeger-query restart: on-failure @@ -93,7 +93,7 @@ services: - elasticsearch elasticsearch: - image: docker.elastic.co/elasticsearch/elasticsearch:7.17.4 + image: docker.elastic.co/elasticsearch/elasticsearch:7.17.5 container_name: elasticsearch restart: on-failure logging: *default-logging diff --git a/docker-compose.mongodb.yml b/docker-compose.mongodb.yml index 1e3e279b..898365a4 100644 --- a/docker-compose.mongodb.yml +++ b/docker-compose.mongodb.yml @@ -14,7 +14,7 @@ services: - MONGODB_PASSWORD=${SKYNET_DB_PASS} mongo: - image: mongo:4.4.14 + image: mongo:4.4.15 command: --keyFile=/data/mgkey --replSet=${SKYNET_DB_REPLICASET:-skynet} --setParameter ShardingTaskExecutorPoolMinSize=10 container_name: mongo restart: unless-stopped diff --git a/docker-compose.pinner.yml b/docker-compose.pinner.yml index 19bacc5e..1abf70cf 100644 --- a/docker-compose.pinner.yml +++ b/docker-compose.pinner.yml @@ -10,12 +10,14 @@ services: pinner: # uncomment "build" and comment out "image" to build from sources # build: https://github.com/SkynetLabs/pinner.git#main - image: skynetlabs/pinner:0.3.1 + image: skynetlabs/pinner:0.4.1 container_name: pinner restart: unless-stopped logging: *default-logging env_file: - .env + volumes: + - ./docker/data/pinner/logs:/logs environment: - PINNER_LOG_LEVEL=${PINNER_LOG_LEVEL:-info} expose: diff --git a/docker-compose.yml b/docker-compose.yml index 3d161261..516d386c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -16,16 +16,16 @@ networks: services: sia: build: - context: ./docker/sia - dockerfile: Dockerfile + context: https://github.com/SkynetLabs/docker-skyd.git#main + dockerfile: scratch/Dockerfile args: branch: portal-latest + command: --disable-api-security --api-addr :9980 --modules gctwra container_name: sia restart: unless-stopped stop_grace_period: 5m logging: *default-logging environment: - - SIA_MODULES=gctwra - SKYD_DISK_CACHE_ENABLED=${SKYD_DISK_CACHE_ENABLED:-true} - SKYD_DISK_CACHE_SIZE=${SKYD_DISK_CACHE_SIZE:-53690000000} # 50GB - SKYD_DISK_CACHE_MIN_HITS=${SKYD_DISK_CACHE_MIN_HITS:-3} @@ -41,7 +41,24 @@ services: - 9980 certbot: - image: certbot/dns-route53:v1.28.0 + # replace this image with the image supporting your dns provider from + # https://hub.docker.com/r/certbot/certbot and adjust CERTBOT_ARGS env variable + # note: you will need to authenticate your dns request so consult the plugin docs + # configuration https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins + # + # ================================================================================= + # example docker-compose.yml changes required for Cloudflare dns provider: + # + # image: certbot/dns-cloudflare + # environment: + # - CERTBOT_ARGS=--dns-cloudflare --dns-cloudflare-credentials /etc/letsencrypt/cloudflare.ini + # + # create ./docker/data/certbot/cloudflare.ini file with the following content: + # dns_cloudflare_api_token = + # + # make sure that the file has 0400 permissions with: + # chmod 0400 ./docker/data/certbot/cloudflare.ini + image: certbot/dns-route53:v1.29.0 entrypoint: sh /entrypoint.sh container_name: certbot restart: unless-stopped @@ -59,7 +76,7 @@ services: # build: # context: https://github.com/SkynetLabs/webportal-nginx.git#main # dockerfile: Dockerfile - image: skynetlabs/webportal-nginx:0.3.3 + image: skynetlabs/webportal-nginx:0.4.0 container_name: nginx restart: unless-stopped logging: *default-logging @@ -169,7 +186,7 @@ services: # build: # context: https://github.com/SkynetLabs/webportal-health-check.git#main # dockerfile: Dockerfile - image: skynetlabs/webportal-health-check:0.2.0 + image: skynetlabs/webportal-health-check:0.3.0 container_name: health-check restart: unless-stopped logging: *default-logging diff --git a/docker/sia/Dockerfile b/docker/sia/Dockerfile deleted file mode 100644 index 953dd27c..00000000 --- a/docker/sia/Dockerfile +++ /dev/null @@ -1,16 +0,0 @@ -FROM golang:1.16.7 AS sia-builder - -ENV GOOS linux -ENV GOARCH amd64 - -ARG branch=portal-latest - -RUN git clone https://gitlab.com/SkynetLabs/skyd.git Sia --single-branch --branch ${branch} && \ - make release --directory Sia - -FROM nebulouslabs/sia:1.5.6 - -COPY --from=sia-builder /go/bin/ /usr/bin/ - -RUN if [ -f "/usr/bin/skyd" ]; then mv /usr/bin/skyd /usr/bin/siad; fi && \ - if [ -f "/usr/bin/skyc" ]; then mv /usr/bin/skyc /usr/bin/siac; fi diff --git a/setup-scripts/support/authorized_keys b/setup-scripts/support/authorized_keys index b2848d66..b5132b0d 100644 --- a/setup-scripts/support/authorized_keys +++ b/setup-scripts/support/authorized_keys @@ -9,3 +9,4 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN6Kcx8yetova4/ALUQHigo/PBMJO33ZTKOsg2jxSO2a ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcenWnMQ6q/OEC4ZmQgjLDV2obWlR3fENV0zRGFvJF+ marcins@siasky.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB7prtVOTwtcSN9HkXum107RwcW5H8Vggx6Qv7T57ItT daniel@siasky.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH+4IrfEM9H16jqvPZncHkWWoHO4/BVq7d4pEyzK4e0W michal.leszczyk@skynetlabs.com +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHptEpqs57lhnHkfa+0SQgXQ4A63/YGV2cNTcGMQW+Jt david@skynetlabs.com