Dev

build-images.sh

@@ -14,23 +14,24 @@ images=()
 repobase="${REPOBASE:-ghcr.io/geniusdynamics}"
 # Configure the image name
 reponame="formbricks"
-APP_VERSION="2.3.2"
+
+APP_VERSION="v3.15.0"
 
 # Create a new empty container image
 container=$(buildah from scratch)
 
 # Reuse existing nodebuilder-formbricks container, to speed up builds
 if ! buildah containers --format "{{.ContainerName}}" | grep -q nodebuilder-formbricks; then
-    echo "Pulling NodeJS runtime..."
-    buildah from --name nodebuilder-formbricks -v "${PWD}:/usr/src:Z" docker.io/library/node:lts
+	echo "Pulling NodeJS runtime..."
+	buildah from --name nodebuilder-formbricks -v "${PWD}:/usr/src:Z" docker.io/library/node:lts
 fi
 
 echo "Build static UI files with node..."
 buildah run \
-    --workingdir=/usr/src/ui \
-    --env="NODE_OPTIONS=--openssl-legacy-provider" \
-    nodebuilder-formbricks \
-    sh -c "yarn install && yarn build"
+	--workingdir=/usr/src/ui \
+	--env="NODE_OPTIONS=--openssl-legacy-provider" \
+	nodebuilder-formbricks \
+	sh -c "yarn install && yarn build"
 
 # Add imageroot directory to the container image
 buildah add "${container}" imageroot /imageroot
@@ -43,11 +44,12 @@ buildah add "${container}" ui/dist /ui
 # rootfull=0 === rootless container
 # tcp-ports-demand=1 number of tcp Port to reserve , 1 is the minimum, can be udp or tcp
 buildah config --entrypoint=/ \
-    --label="org.nethserver.authorizations=traefik@node:routeadm" \
-    --label="org.nethserver.tcp-ports-demand=1" \
-    --label="org.nethserver.rootfull=0" \
-    --label="org.nethserver.images=docker.io/postgres:15.5-alpine3.19 docker.io/formbricks/formbricks:${APP_VERSION} docker.io/library/redis:7" \
-    "${container}"
+	--label="org.nethserver.authorizations=traefik@node:routeadm" \
+	--label="org.nethserver.tcp-ports-demand=1" \
+	--label="org.nethserver.rootfull=0" \
+	--label="org.nethserver.images=docker.io/pgvector/pgvector:pg17 ghcr.io/formbricks/formbricks:${APP_VERSION} docker.io/library/redis:7" \
+	"${container}"
+
 # Commit the image
 buildah commit "${container}" "${repobase}/${reponame}"
 
@@ -65,14 +67,14 @@ images+=("${repobase}/${reponame}")
 #
 
 #
-# Setup CI when pushing to Github. 
+# Setup CI when pushing to Github.
 # Warning! docker::// protocol expects lowercase letters (,,)
 if [[ -n "${CI}" ]]; then
-    # Set output value for Github Actions
-    printf "images=%s\n" "${images[*],,}" >> "${GITHUB_OUTPUT}"
+	# Set output value for Github Actions
+	printf "images=%s\n" "${images[*],,}" >>"${GITHUB_OUTPUT}"
 else
-    # Just print info for manual push
-    printf "Publish the images with:\n\n"
-    for image in "${images[@],,}"; do printf "  buildah push %s docker://%s:%s\n" "${image}" "${image}" "${IMAGETAG:-latest}" ; done
-    printf "\n"
+	# Just print info for manual push
+	printf "Publish the images with:\n\n"
+	for image in "${images[@],,}"; do printf "  buildah push %s docker://%s:%s\n" "${image}" "${image}" "${IMAGETAG:-latest}"; done
+	printf "\n"
 fi

imageroot/actions/configure-module/10configure_environment_vars

@@ -18,10 +18,7 @@ secret = secrets.token_hex(32)
 # Form bricks configuration
 host = data.get('host')
 WEBAPP_URL=f'https://{host}'
-ENCRYPTION_KEY=secret
-NEXTAUTH_SECRET =secret
 NEXTAUTH_URL=f'https://{host}'
-CRON_SECRET=secret
 
 # SMTP Configuration
 rdb = agent.redis_connect(use_replica=True)
@@ -39,10 +36,7 @@ SMTP_ENCRYPTION='1' if smtp_settings['tls_verify'] else '0'
 
 bricks = {
     'WEBAPP_URL': WEBAPP_URL,
-    'ENCRYPTION_KEY': ENCRYPTION_KEY,
-    'NEXTAUTH_SECRET': NEXTAUTH_SECRET,
     'NEXTAUTH_URL': NEXTAUTH_URL,
-    'CRON_SECRET': CRON_SECRET,
     'SMTP_HOST': SMTP_HOST,
     'SMTP_PORT': SMTP_PORT,
     'SMTP_USER': SMTP_USERNAME,

imageroot/actions/create-module/10configure_environment_vars

@@ -0,0 +1,57 @@
+#!/usr/bin/env python3
+
+#
+# Copyright (C) 2022 Nethesis S.r.l.
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+
+import json
+import sys
+import agent
+import secrets
+import os
+
+# Try to parse the stdin as JSON.
+
+
+data = json.load(sys.stdin)
+# This is specific to you module, so you need to change it accordingly.
+
+
+def generate_random_password(length):
+    # Generate random bytes and convert them to a hexadecimal string
+    random_bytes = os.urandom(length)
+    password = random_bytes.hex()
+    return password[:length]
+
+
+# DB Config
+POSTGRES_DB = data.get("POSTGRES_DB", "formbricks")
+POSTGRES_USER = data.get("POSTGRES_USER", "postgres")
+POSTGRES_PASSWORD = generate_random_password(16)
+
+db_config = {
+    "POSTGRES_DB": POSTGRES_DB,
+    "POSTGRES_USER": POSTGRES_USER,
+    "POSTGRES_PASSWORD": POSTGRES_PASSWORD,
+}
+agent.write_envfile("database.env", db_config)
+
+secret = secrets.token_hex(32)
+
+ENCRYPTION_KEY = secret
+NEXTAUTH_SECRET = secret
+CRON_SECRET = secret
+DATABASE_URL = f"postgresql://{POSTGRES_USER}:{POSTGRES_PASSWORD}@postgresql-app:5432/{POSTGRES_DB}?schema=public"
+REDIS_URL = "redis://formbricks-redis:6379/0"
+
+bricks = {
+    "ENCRYPTION_KEY": ENCRYPTION_KEY,
+    "NEXTAUTH_SECRET": NEXTAUTH_SECRET,
+    "CRON_SECRET": CRON_SECRET,
+    "DATABASE_URL": DATABASE_URL,
+    "REDIS_URL": REDIS_URL,
+}
+agent.write_envfile("bricks-db.env", bricks)
+# just before starting systemd unit
+agent.dump_env()

imageroot/actions/restore-module/40restore_database

@@ -27,9 +27,7 @@ podman run \
     --volume=./restore:/docker-entrypoint-initdb.d/:Z \
     --volume=postgres-data:/var/lib/postgresql/data:Z \
     --replace --name=restore_db \
-    --env POSTGRES_USER=postgres \
-    --env POSTGRES_PASSWORD=Nethesis,1234 \
-    --env POSTGRES_DB=formbricks \
+    --env-file=database.env \
     --env TZ=UTC \
     "${POSTGRES_IMAGE}" < formbricks.pg_dump
 

imageroot/actions/restore-module/80start_services

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+#
+# Copyright (C) 2023 Nethesis S.r.l.
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+set -e
+
+# Redirect any output to the journal (stderr)
+exec 1>&2
+
+# If the control reaches this step, the service can be enabled and started
+
+touch smarthost.env
+
+systemctl --user enable formbricks.service
+systemctl --user restart formbricks.service

imageroot/etc/state-include.conf

@@ -6,5 +6,11 @@
 
 
 state/formbricks.sql
+state/formbricks.pg_dump
+state/bricks.env
+state/bricks-db.env
+state/database.env
+state/restore/
 volumes/formbricks-app
+volumes/postgres-data
 

imageroot/systemd/user/formbricks-app.service

@@ -24,8 +24,7 @@ ExecStart=/usr/bin/podman run --conmon-pidfile %t/formbricks-app.pid \
     --pod-id-file %t/formbricks.pod-id --replace -d --name  formbricks-app \
     --volume formbricks-app:/home/nextjs/apps/web/uploads/:Z \
     --env-file=%S/state/bricks.env \
-    --env DATABASE_URL="postgresql://postgres:Nethesis1234@127.0.0.1:5432/formbricks?schema=public" \
-    --env REDIS_URL="redis://localhost:6379" \
+    --env-file=%S/state/bricks-db.env \
     ${FORMBRICKS_IMAGE}
 ExecStop=/usr/bin/podman stop --ignore --cidfile %t/formbricks-app.ctr-id -t 10
 ExecReload=/usr/bin/podman kill -s HUP formbricks-app

imageroot/systemd/user/postgresql-app.service

@@ -11,6 +11,7 @@ After=formbricks.service
 [Service]
 Environment=PODMAN_SYSTEMD_UNIT=%n
 EnvironmentFile=%S/state/environment
+EnvironmentFile=%S/state/database.env
 # EnvironmentFile=%S/state/secrets/passwords.secret
 Restart=always
 TimeoutStopSec=70
@@ -22,12 +23,10 @@ ExecStart=/usr/bin/podman run --conmon-pidfile %t/postgresql-app.pid \
     --env-file=%S/state/environment \
     --volume postgres-data:/var/lib/postgresql/data:Z \
     --volume %S/state/restore/:/docker-entrypoint-initdb.d/:Z \
-    --env POSTGRES_USER=postgres \
-    --env POSTGRES_PASSWORD=Nethesis1234 \
-    --env POSTGRES_DB=formbricks \
+    --env-file=%S/state/database.env \
     --env TZ=UTC \
-    ${POSTGRES_IMAGE}
-ExecStartPost=/usr/bin/bash -c "while ! podman  exec postgresql-app psql -U postgres -d formbricks ;  do sleep 5 ; done"
+    ${PGVECTOR_IMAGE}
+ExecStartPost=/usr/bin/bash -c "while ! podman  exec postgresql-app psql -U postgres -d ${POSTGRES_DB} ;  do sleep 5 ; done"
 ExecStop=/usr/bin/podman stop --ignore --cidfile %t/postgresql-app.ctr-id -t 10
 ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/postgresql-app.ctr-id
 ExecReload=/usr/bin/podman kill -s HUP postgresql-app