~dricottone/huttese

Major updates

The sourcehut and redis images have been updated to the most recent
versions, each running on an Alpine 3.17 base image.

The postgresql image is being held back on a version 14 image for now.
v2 update

Image version is bumped. This corresponds to the major update in
huttese-apk.

Aside from that, there are a number of smaller updates included.

cron service isn't necessary inside the huttese container, so that has
been killed off.

make recipes for backups have been added. Restoration recipes are TODO,
but a rough implementation is available in comments next to each backup
recipe.

The make recipes have been cleaned up to (1) not check for services
being up constantly, and (2) to more closely mirror each other between
the docker and podman implementations.
sshd configuration

Need to enable TCP forwarding, in order to tunnel SMTP over SSH. This is
preferable to opening port 25 and exposing the mail server.
Slight fix to the LMTP routing
Version 1.1

Minor changes to the Makefile recipes, mostly to clean up the
repetitive tests/checks.

Added the `todo.sr.ht` Unix socket to Postfix configuration.
Version 1.0

Fully functional and mature implementation for x86 and aarch64, for
docker and podman. The process from source code to live deployment is
now reproducible and documented in both the README and the Makefile
recipes.

Git repos are now accessible by SSH or HTTP(S).

The `lists.sr.ht` functionality is deferred as out-of-scope and the
`builds.sr.ht` functionality is permanently declared out-of-scope.
Running the maintenance cron jobs is a TODO, as the relevence to this
project is dubious.
Progress on podman process

The podman process is now very mature, and some things can actually be
copied over to the original docker process.

Sourcehut now is fully functional, with possibly exception for the mail
service. Needs to be tested. Furthermore, the cron jobs should be
configured to run.

x86/aarch64 simultaneous support is also complete. See the sister repo,
huttese-apk.
Configuration updates

The NGINX and Sourcehut configurations now are set for the final domains
(i.e. git.dominic-ricottone.com not git.intra.dominic-ricottone.com).

Paths in Makefiles are now set for deployment.

The Makefile has been split between `docker` and `podman` versions. The
`docker` version is effectively final. I will be working with `podman`
from this point on.

All services are up and running via `supervisord`, with possible exception
for `todosrht-lmtp`. I continue to try small changes to Postfix and/or
`todosrht` configurations.
Fixes to configuration

metasrht now runs and is accessible. The /register path is broken
though, and I'll need to play with NGINX proxying to fix it.
The container-internal web port (8080) is being appended to the URL. The
simplest solution is probably to switch the web port back to 80.
Need to setup SSL/TLS certificate as well, so that I only have to
migrate this once.

A minor issue: the web page reads "Welcome to localhost:5000!". It seems
the `origin` key in the config files needs to be the public address, not
the internal address.

Also, now ready for persistent git repos.
Refactoring

The site is no more functional now. But the databases are now in
separate containers, and there is a working recipe for managing the
database initialization/migration (via `make dbinit` and `make dbmigrate`).
This should speed up image builds and container starts, and make the
entire development cycle faster.

Sourcehut files have been moved to `sr/`.
Initial commit

Site not yet working. Cannot reach meta.intra.dominic-ricottone.com
(502 Bad Gateway). Cannot get CGI or PHP FastCGI test scripts to work
reliably (502 Bad Gateway or 403 Forbidden). But static HTML is working
great, so the NGINX server is at least minimally working.

postgres database is working, though no migrations have been tested.

redis database is unknown.

postfix service is working within the container. Whether the sourcehut
services are configured to use it properly or not is unknown.

Need to find a better way to redact sensitive information than manual
edits.