feat: add docker recipe + environment with default interpolation in config

2023-10-30 20:05:00 +01:00
parent b2b839cab4
commit 0c9d86b850
10 changed files with 271 additions and 37 deletions
--- a/misc/docker/agent.yml
+++ b/misc/docker/agent.yml
@ -0,0 +1,32 @@
+logger:
+    level: ${EMISSARY_AGENT_LOGGER_LEVEL:-1}
+    format: ${EMISSARY_AGENT_LOGGER_FORMAT:-human}
+sentry:
+    dsn: ${EMISSARY_AGENT_SENTRY_DSN}
+agent:
+    serverUrl: ${EMISSARY_AGENT_SERVER_URL:-http://127.0.0.1:3000}
+    privateKeyPath: ${EMISSARY_AGENT_PRIVATE_KEY_PATH:-/data/agent-key.json}
+    reconciliationInterval: ${EMISSARY_AGENT_RECONCILIATION_INTERVAL:-30}
+    controllers:
+        persistence:
+            enabled: true
+            stateFile: ${EMISSARY_AGENT_CONTROLLERS_PERSISTENCE_STATE_FILE:-/data/state.json}
+        spec:
+            enabled: true
+        proxy:
+            enabled: true
+        uci:
+            enabled: false
+        app:
+            enabled: true
+            dataDir: ${EMISSARY_AGENT_CONTROLLERS_APP_DATA_DIR:-/data/apps/data}
+            downloadDir: ${EMISSARY_AGENT_CONTROLLERS_APP_DOWNLOAD_DIR:-/data/apps/bundles}
+        sysupgrade:
+            enabled: false
+        mdns:
+            enabled: true
+    collectors:
+        - name: uname
+          command: uname
+          args:
+            - -a
--- a/misc/docker/docker-agent-wrapper.sh
+++ b/misc/docker/docker-agent-wrapper.sh
@ -0,0 +1,10 @@
+#!/bin/sh
+
+set -e
+
+# Generate machine id if not exists
+if [ ! -f /etc/machine-id ]; then
+    cat /proc/sys/kernel/random/uuid > /etc/machine-id
+fi
+
+exec $@
--- a/misc/docker/server.yml
+++ b/misc/docker/server.yml
@ -0,0 +1,35 @@
+logger:
+    level: ${EMISSARY_SERVER_LOGGER_LEVEL:-1}
+    format: ${EMISSARY_SERVER_LOGGER_FORMAT:-human}
+sentry:
+    dsn: ${EMISSARY_SERVER_SENTRY_DSN}
+server:
+    http:
+        host: ${EMISSARY_SERVER_HTTP_HOST:-0.0.0.0}
+        port: ${EMISSARY_SERVER_HTTP_HOST:-3000}
+    database:
+        driver: ${EMISSARY_SERVER_DATABASE_DRIVER:-sqlite}
+        dsn: ${EMISSARY_SERVER_DATABASE_DSN:-sqlite:///data/emissary.sqlite?_pragma=foreign_keys(1)&_pragma=busy_timeout=150000&_pragma=journal_mode=WAL}
+    cors:
+        allowedOrigins:
+            - ${EMISSARY_SERVER_CORS_ALLOWED_ORIGINS:-http://localhost:3001}
+        allowCredentials: ${EMISSARY_SERVER_CORS_ALLOW_CREDENTIALS:-true}
+        allowMethods:
+            - POST
+            - GET
+            - PUT
+            - DELETE
+        allowedHeaders:
+            - Origin
+            - Accept
+            - Content-Type
+            - Authorization
+            - Sentry-Trace
+        debug: ${EMISSARY_SERVER_CORS_DEBUG:-false}
+    auth:
+        local:
+            privateKeyPath: ${EMISSARY_SERVER_AUTH_LOCAL_PRIVATE_KEY_PATH:-/data/server-key.json}
+        remote:
+            jwksUrl: "${EMISSARY_SERVER_AUTH_REMOTE_JWKS_URL}"
+        roleExtractionRules:
+            - "${EMISSARY_SERVER_AUTH_ROLE_EXTRACTION_RULES_0:-jwt.role != nil ? str(jwt.role) : ''}"