From 2d2a6f66c88338f618bb6b6e5ceb6c26aec64b89 Mon Sep 17 00:00:00 2001
From: Dominic Ricottone <me@dominic-ricottone.com>
Date: Sat, 1 Apr 2023 18:57:41 -0500
Subject: [PATCH] Major updates

The sourcehut and redis images have been updated to the most recent
versions, each running on an Alpine 3.17 base image.

The postgresql image is being held back on a version 14 image for now.
---
 Makefile.docker                 |  6 +++---
 Makefile.podman                 | 14 +++++++-------
 sr/Dockerfile.aarch64           |  4 ++--
 sr/Dockerfile.x86               |  2 +-
 sr/etc/apk/repositories.aarch64 |  4 ++--
 sr/etc/apk/repositories.x86     |  6 +++---
 sr/etc/nginx/http.d/git.conf    |  2 +-
 sr/etc/nginx/http.d/meta.conf   |  6 +++++-
 sr/etc/nginx/http.d/todo.conf   |  2 +-
 9 files changed, 25 insertions(+), 21 deletions(-)

diff --git a/Makefile.docker b/Makefile.docker
index c2608a7..4c89e59 100644
--- a/Makefile.docker
+++ b/Makefile.docker
@@ -8,12 +8,12 @@ HUTTESE_REDIS=huttredis
 HUTTESE_POSTGRES=huttpg
 
 # configure redis
-REDIS_TARGET=redis:alpine3.15
+REDIS_TARGET=redis:alpine3.17
 REDIS_LOCALNAME=my-redis
 REDIS_DATADIR=/var/deploy/data/redis
 
 # configure postgres
-POSTGRES_TARGET=postgres:alpine3.15
+POSTGRES_TARGET=postgres:alpine3.17
 POSTGRES_LOCALNAME=my-postgres
 POSTGRES_DATADIR=/var/deploy/data/postgres
 POSTGRES_CONF=/var/deploy/conf/postgres/postgresql.conf
@@ -23,7 +23,7 @@ GIT_DATADIR=/var/deploy/data/git
 
 # set image tag data
 SRHT_LOCALNAME=srht
-SRHT_LOCALVERSION=2
+SRHT_LOCALVERSION=3
 
 CERTDIR=/var/deploy/certs
 
diff --git a/Makefile.podman b/Makefile.podman
index ef4033f..be57ebe 100644
--- a/Makefile.podman
+++ b/Makefile.podman
@@ -8,12 +8,12 @@ HUTTESE_REDIS=huttredis
 HUTTESE_POSTGRES=huttpg
 
 # configure redis
-REDIS_TARGET=docker.io/library/redis:alpine3.15
+REDIS_TARGET=docker.io/library/redis:alpine3.17
 REDIS_LOCALNAME=my-redis
 REDIS_DATADIR=/var/deploy/data/redis
 
 # configure postgres
-POSTGRES_TARGET=docker.io/library/postgres:alpine3.15
+POSTGRES_TARGET=docker.io/library/postgres:14-alpine
 POSTGRES_LOCALNAME=my-postgres
 POSTGRES_DATADIR=/var/deploy/data/postgres
 POSTGRES_CONF=/var/deploy/conf/postgres/postgresql.conf
@@ -23,7 +23,7 @@ GIT_DATADIR=/var/deploy/data/git
 
 # set image tag data
 SRHT_LOCALNAME=srht
-SRHT_LOCALVERSION=2
+SRHT_LOCALVERSION=3
 
 CERTDIR=/var/deploy/certs
 
@@ -166,25 +166,25 @@ backups/db-postgres-backup.sql:
 	mkdir -p backups
 	$(CONMAN) exec -it $(HUTTESE_POSTGRES) bash -c 'pg_dump --clean --dbname=postgres --username=postgres > /db-postgres-backup.sql'
 	$(CONMAN) cp $(HUTTESE_POSTGRES):/db-postgres-backup.sql backups/db-postgres-backup.sql
-	#try: $(CONMAN) cp backups/db-postgres-backup.sql cp $(HUTTESE_POSTGRES):/db-postgres-backup.sql && $(CONMAN) exec -it $(HUTTESE_POSTGRES) pg_restore --clean --dbname=postgres --username=postgres /db-postgres-backup.sql
+	#try: $(CONMAN) cp backups/db-postgres-backup.sql $(HUTTESE_POSTGRES):/db-postgres-backup.sql && $(CONMAN) exec -it $(HUTTESE_POSTGRES) pg_restore --clean --dbname=postgres --username=postgres /db-postgres-backup.sql
 
 backups/db-meta.sr.ht-backup.sql:
 	mkdir -p backups
 	$(CONMAN) exec -it $(HUTTESE_POSTGRES) bash -c 'pg_dump --clean --dbname=meta.sr.ht --username=postgres > /db-meta.sr.ht-backup.sql'
 	$(CONMAN) cp $(HUTTESE_POSTGRES):/db-meta.sr.ht-backup.sql backups/db-meta.sr.ht-backup.sql
-	#try: $(CONMAN) cp backups/db-meta.sr.ht-backup.sql cp $(HUTTESE_POSTGRES):/db-meta.sr.ht-backup.sql && $(CONMAN) exec -it $(HUTTESE_POSTGRES) pg_restore --clean --dbname=meta.sr.ht --username=postgres /db-meta.sr.ht-backup.sql
+	#try: $(CONMAN) cp backups/db-meta.sr.ht-backup.sql $(HUTTESE_POSTGRES):/db-meta.sr.ht-backup.sql && $(CONMAN) exec -it $(HUTTESE_POSTGRES) pg_restore --clean --dbname=meta.sr.ht --username=postgres /db-meta.sr.ht-backup.sql
 
 backups/db-git.sr.ht-backup.sql:
 	mkdir -p backups
 	$(CONMAN) exec -it $(HUTTESE_POSTGRES) bash -c 'pg_dump --clean --dbname=git.sr.ht --username=postgres > /db-git.sr.ht-backup.sql'
 	$(CONMAN) cp $(HUTTESE_POSTGRES):/db-git.sr.ht-backup.sql backups/db-git.sr.ht-backup.sql
-	#try: $(CONMAN) cp backups/db-git.sr.ht-backup.sql cp $(HUTTESE_POSTGRES):/db-git.sr.ht-backup.sql && $(CONMAN) exec -it $(HUTTESE_POSTGRES) pg_restore --clean --dbname=git.sr.ht --username=postgres /db-git.sr.ht-backup.sql
+	#try: $(CONMAN) cp backups/db-git.sr.ht-backup.sql $(HUTTESE_POSTGRES):/db-git.sr.ht-backup.sql && $(CONMAN) exec -it $(HUTTESE_POSTGRES) pg_restore --clean --dbname=git.sr.ht --username=postgres /db-git.sr.ht-backup.sql
 
 backups/db-todo.sr.ht-backup.sql:
 	mkdir -p backups
 	$(CONMAN) exec -it $(HUTTESE_POSTGRES) bash -c 'pg_dump --clean --dbname=todo.sr.ht --username=postgres > /db-todo.sr.ht-backup.sql'
 	$(CONMAN) cp $(HUTTESE_POSTGRES):/db-todo.sr.ht-backup.sql backups/db-todo.sr.ht-backup.sql
-	#try: $(CONMAN) cp backups/db-todo.sr.ht-backup.sql cp $(HUTTESE_POSTGRES):/db-todo.sr.ht-backup.sql && $(CONMAN) exec -it $(HUTTESE_POSTGRES) pg_restore --clean --dbname=todo.sr.ht --username=postgres /db-todo.sr.ht-backup.sql
+	#try: $(CONMAN) cp backups/db-todo.sr.ht-backup.sql $(HUTTESE_POSTGRES):/db-todo.sr.ht-backup.sql && $(CONMAN) exec -it $(HUTTESE_POSTGRES) pg_restore --clean --dbname=todo.sr.ht --username=postgres /db-todo.sr.ht-backup.sql
 
 backups/git-backup.tar.gz:
 	mkdir -p backups
diff --git a/sr/Dockerfile.aarch64 b/sr/Dockerfile.aarch64
index 6ca8802..f31aa1c 100644
--- a/sr/Dockerfile.aarch64
+++ b/sr/Dockerfile.aarch64
@@ -1,10 +1,10 @@
-FROM alpine:3.15
+FROM alpine:3.17
 
 # apk
 COPY pkg /var/huttese-apk
 COPY etc/apk/repositories.aarch64 /etc/apk/repositories
 COPY etc/apk/keys/*.rsa.pub /etc/apk/keys/
-RUN apk add --no-cache postfix meta.sr.ht git.sr.ht todo.sr.ht supervisor nginx fcgiwrap spawn-fcgi git-daemon py3-gunicorn openssh
+RUN apk add --no-cache py3-srht postfix meta.sr.ht git.sr.ht todo.sr.ht supervisor nginx fcgiwrap spawn-fcgi git-daemon py3-gunicorn openssh
 
 # supervisor
 RUN mkdir /var/log/supervisord
diff --git a/sr/Dockerfile.x86 b/sr/Dockerfile.x86
index c9b4737..2fa9d8f 100644
--- a/sr/Dockerfile.x86
+++ b/sr/Dockerfile.x86
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.17
 
 # apk
 COPY etc/apk/repositories.x86 /etc/apk/repositories
diff --git a/sr/etc/apk/repositories.aarch64 b/sr/etc/apk/repositories.aarch64
index ccdf3e6..724efd4 100644
--- a/sr/etc/apk/repositories.aarch64
+++ b/sr/etc/apk/repositories.aarch64
@@ -1,3 +1,3 @@
 /var/huttese-apk
-https://dl-cdn.alpinelinux.org/alpine/v3.15/main
-https://dl-cdn.alpinelinux.org/alpine/v3.15/community
+https://dl-cdn.alpinelinux.org/alpine/v3.17/main
+https://dl-cdn.alpinelinux.org/alpine/v3.17/community
diff --git a/sr/etc/apk/repositories.x86 b/sr/etc/apk/repositories.x86
index f818e7b..ec91b7e 100644
--- a/sr/etc/apk/repositories.x86
+++ b/sr/etc/apk/repositories.x86
@@ -1,3 +1,3 @@
-https://mirror.sr.ht/alpine/v3.15/sr.ht
-https://dl-cdn.alpinelinux.org/alpine/v3.15/main
-https://dl-cdn.alpinelinux.org/alpine/v3.15/community
+https://mirror.sr.ht/alpine/v3.17/sr.ht
+https://dl-cdn.alpinelinux.org/alpine/v3.17/main
+https://dl-cdn.alpinelinux.org/alpine/v3.17/community
diff --git a/sr/etc/nginx/http.d/git.conf b/sr/etc/nginx/http.d/git.conf
index fd7cf61..ce8d7b2 100644
--- a/sr/etc/nginx/http.d/git.conf
+++ b/sr/etc/nginx/http.d/git.conf
@@ -46,7 +46,7 @@ server {
 	}
 
 	location /static {
-		root /usr/lib/python3.9/site-packages/gitsrht;
+		root /usr/lib/python3.10/site-packages/gitsrht;
 		expires 30d;
 	}
 
diff --git a/sr/etc/nginx/http.d/meta.conf b/sr/etc/nginx/http.d/meta.conf
index 05ea137..a8084d8 100644
--- a/sr/etc/nginx/http.d/meta.conf
+++ b/sr/etc/nginx/http.d/meta.conf
@@ -43,6 +43,10 @@ server {
 		add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline' *.stripe.com *.stripe.network; frame-src *.stripe.com *.stripe.network" always;
 	}
 
+	location /.well-known/oauth-authorization-server {
+		proxy_pass http://127.0.0.1:5000;
+	}
+
 	location /query {
 		proxy_read_timeout 300s;
 		proxy_connect_timeout 75s;
@@ -51,7 +55,7 @@ server {
 	}
 
 	location /static {
-		root /usr/lib/python3.9/site-packages/metasrht;
+		root /usr/lib/python3.10/site-packages/metasrht;
 		expires 30d;
 	}
 
diff --git a/sr/etc/nginx/http.d/todo.conf b/sr/etc/nginx/http.d/todo.conf
index 3ccff7a..f4763d9 100644
--- a/sr/etc/nginx/http.d/todo.conf
+++ b/sr/etc/nginx/http.d/todo.conf
@@ -46,7 +46,7 @@ server {
 	}
 
 	location /static {
-		root /usr/lib/python3.9/site-packages/todosrht;
+		root /usr/lib/python3.10/site-packages/todosrht;
 		expires 30d;
 	}
 
-- 
2.45.2