From 65a618d0198e207301498c86b3f2e6f17fc3cd80 Mon Sep 17 00:00:00 2001 From: Derrik Milligan <37845846+DerrikMilligan@users.noreply.github.com> Date: Tue, 2 Jul 2024 12:02:38 -0600 Subject: [PATCH 1/2] Add arch as supported os Update `SUPPORTED_OS` to include the id `arch`. The install script supports `arch` but you can't proceed with a server install because `arch` isn't a `SUPPORTED_OS` --- bootstrap/helpers/constants.php | 1 + 1 file changed, 1 insertion(+) diff --git a/bootstrap/helpers/constants.php b/bootstrap/helpers/constants.php index e0272fa4c..24e596a0f 100644 --- a/bootstrap/helpers/constants.php +++ b/bootstrap/helpers/constants.php @@ -40,6 +40,7 @@ const SUPPORTED_OS = [ 'ubuntu debian raspbian', 'centos fedora rhel ol rocky amzn almalinux', 'sles opensuse-leap opensuse-tumbleweed', + 'arch', ]; const SHARED_VARIABLE_TYPES = ['team', 'project', 'environment']; From aaa6f434a94dd5ca1a25068ac2596ff333afa9a5 Mon Sep 17 00:00:00 2001 From: Jan Biasi Date: Thu, 11 Jul 2024 18:35:43 +0200 Subject: [PATCH 2/2] feat: add security and storage access key env to twenty template --- templates/compose/twenty.yaml | 40 ++++++++++++++++++++++++++++------- 1 file changed, 32 insertions(+), 8 deletions(-) diff --git a/templates/compose/twenty.yaml b/templates/compose/twenty.yaml index aa340f669..f643b9623 100644 --- a/templates/compose/twenty.yaml +++ b/templates/compose/twenty.yaml @@ -12,13 +12,15 @@ services: - SERVER_URL=$SERVICE_FQDN_TWENTY - FRONT_BASE_URL=$SERVICE_FQDN_TWENTY - ENABLE_DB_MIGRATIONS=true - - SIGN_IN_PREFILLED=false + - CACHE_STORAGE_TYPE=${CACHE_STORAGE_TYPE:-redis} + - REDIS_HOST=redis + - REDIS_PORT=6379 - - STORAGE_TYPE=${STORAGE_TYPE:-local} - - STORAGE_S3_REGION=$STORAGE_S3_REGION - - STORAGE_S3_NAME=$STORAGE_S3_NAME - - STORAGE_S3_ENDPOINT=$STORAGE_S3_ENDPOINT + # https://twenty.com/developers/section/self-hosting/self-hosting-var#security + - API_RATE_LIMITING_TTL=${API_RATE_LIMITING_TTL:-100} + - API_RATE_LIMITING_LIMIT=${API_RATE_LIMITING_LIMIT:-100} + # https://twenty.com/developers/section/self-hosting/self-hosting-var#tokens - ACCESS_TOKEN_SECRET=$SERVICE_BASE64_32_ACCESS - LOGIN_TOKEN_SECRET=$SERVICE_BASE64_32_LOGIN - REFRESH_TOKEN_SECRET=$SERVICE_BASE64_32_REFRESH @@ -26,6 +28,26 @@ services: - POSTGRES_ADMIN_PASSWORD=$SERVICE_PASSWORD_POSTGRES - PG_DATABASE_URL=postgres://postgres:$SERVICE_PASSWORD_POSTGRES@postgres:5432/default + # https://twenty.com/developers/section/self-hosting/self-hosting-var#auth + - IS_SIGN_UP_DISABLED=${IS_SIGN_UP_DISABLED:-false} + - PASSWORD_RESET_TOKEN_EXPIRES_IN=${PASSWORD_RESET_TOKEN_EXPIRES_IN:-5m} + + # https://twenty.com/developers/section/self-hosting/self-hosting-var#workspace-cleaning + - WORKSPACE_INACTIVE_DAYS_BEFORE_NOTIFICATION=$WORKSPACE_INACTIVE_DAYS_BEFORE_NOTIFICATION + - WORKSPACE_INACTIVE_DAYS_BEFORE_DELETION=$WORKSPACE_INACTIVE_DAYS_BEFORE_DELETION + + # https://twenty.com/developers/section/self-hosting/self-hosting-var#captcha + - STORAGE_TYPE=${STORAGE_TYPE:-local} + - STORAGE_S3_REGION=$STORAGE_S3_REGION + - STORAGE_S3_NAME=$STORAGE_S3_NAME + - STORAGE_S3_ENDPOINT=$STORAGE_S3_ENDPOINT + - STORAGE_S3_ACCESS_KEY_ID=$STORAGE_S3_ACCESS_KEY_ID + - STORAGE_S3_SECRET_ACCESS_KEY=$STORAGE_S3_SECRET_ACCESS_KEY + + # https://twenty.com/developers/section/self-hosting/self-hosting-var#message-queue + - MESSAGE_QUEUE_TYPE=$MESSAGE_QUEUE_TYPE + + # https://twenty.com/developers/section/self-hosting/self-hosting-var#email - EMAIL_FROM_ADDRESS=$EMAIL_FROM_ADDRESS - EMAIL_FROM_NAME=$EMAIL_FROM_NAME - EMAIL_SYSTEM_ADDRESS=$EMAIL_SYSTEM_ADDRESS @@ -35,10 +57,12 @@ services: - EMAIL_SMTP_USER=$EMAIL_SMTP_USER - EMAIL_SMTP_PASSWORD=$EMAIL_SMTP_PASSWORD + # https://twenty.com/developers/section/self-hosting/self-hosting-var#debug-/-development + - SIGN_IN_PREFILLED=false + - DEBUG_MODE=${DEBUG_MODE:-false} + + # https://twenty.com/developers/section/self-hosting/self-hosting-var#telemetry - TELEMETRY_ENABLED=${TELEMETRY_ENABLED:-false} - - CACHE_STORAGE_TYPE=${CACHE_STORAGE_TYPE:-redis} - - REDIS_HOST=redis - - REDIS_PORT=6379 depends_on: postgres: condition: service_healthy