Credentials for S3 can now be specified using the
following docker-compose based envvars:
* S3_MINIO_ACCESS_KEY
* S3_MINIO_SECRET_KEY
Connects-to: #48
Change-type: minor
Signed-off-by: Heds Simons <heds@balena.io>
For convenience, also add instructions what to install.
Tha change also addresses invalid usage of 'local' outside of a function.
Change-type: patch
Signed-off-by: Roman Mazur <mazur.roman@gmail.com>
The VPN CA shouldn't need to be signed by the same CA that the HAproxy service
certificate is signed by. By removing this chain we are able to use a
different CA for the HTTPS services without impacting on the VPN service.
Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
In order to have concrete releases of openBalena we should pin each
service to a given version. This PR is the start of this and marks
the first version of openBalena with known service tags.
Change-type: major
Signed-off-by: Rich Bayliss <rich@balena.io>
Add a service which will acquire certificates from an ACME cert
provider, such as LetsEncrypt (), to allow an openBalena instance
to use a publicly trusted certificate instead of the self-signed
one it wil generate on setup.
Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
We are currently exposing the DB and Redis ports to the host, making the services externally accessible, which is very useful for a development environment.
`docker-compose` is however the only deployment method we currently support, and our Getting Started guide uses the very same configuration to guide users through the process of deploying open-balena on a public server (mostly because it’s easier with regards to DNS). This means we’re effectively guiding users to deploy open-balena in a very insecure way.
This commit removes host port bindings for the database and Redis services, effectively making them externally inaccessible.
Fixes#34
Change-type: minor
Vagrant machine is based on Ubuntu 18.04 including:
- docker
- docker-compose
Provisions some helper functions to the CLI:
- dc (shortcut to ./scripts/compose)
- enter {service} (opens a terminal in the service's container)
- logs {service} (access the journal of the service)
Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
Fix versionist formatting error in CHANGELOG.md.
Also re-formatted previous changelog entries for consistency with the
new format.
Change-type: patch
Signed-off-by: Giovanni Garufi <giovanni@balena.io>
Allows the credentials to be passed via the environment in order
that the application can create the user on start up.
Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>