From a096a0383f13521025c7f732f5f9839706cff33f Mon Sep 17 00:00:00 2001 From: khorshuheng Date: Sat, 11 Jan 2025 23:21:59 +0800 Subject: [PATCH] fix: minio redirect url shouldn't use API_EXTERNAL_URL --- deploy.env | 9 ++++++--- doc/DEPLOYMENT.md | 41 +++++++---------------------------------- docker-compose.yml | 2 +- 3 files changed, 14 insertions(+), 38 deletions(-) diff --git a/deploy.env b/deploy.env index 9ac7af53..873c1efe 100644 --- a/deploy.env +++ b/deploy.env @@ -1,6 +1,10 @@ # This file is a template for docker compose deployment # Copy this file to .env and change the values as needed +# Fully qualified domain name for the deployment. Replace localhost with your domain, +# such as http://mydomain.com. +FQDN=http://localhost + # PostgreSQL Settings POSTGRES_HOST=postgres POSTGRES_USER=postgres @@ -74,9 +78,8 @@ GOTRUE_ADMIN_PASSWORD=password # Set this to true if users can only join by invite GOTRUE_DISABLE_SIGNUP=false -# External URL where the GoTrue service is exposed. Replace `your-host` with your domain. -# For example, if your host is `appflowy.home.com`, API_EXTERNAL_URL should be set to `http://appflowy.home.com/gotrue` -API_EXTERNAL_URL=http://your-host/gotrue +# External URL where the GoTrue service is exposed. +API_EXTERNAL_URL=${FQDN}/gotrue # GoTrue connect to postgres using this url. If your password contains special characters, # replace ${SUPABASE_PASSWORD} with the url encoded version. For example, `p@ssword` will become `p%40ssword` diff --git a/doc/DEPLOYMENT.md b/doc/DEPLOYMENT.md index bb65676a..4db1e9a1 100644 --- a/doc/DEPLOYMENT.md +++ b/doc/DEPLOYMENT.md @@ -68,34 +68,16 @@ cp deploy.env .env ``` - Kindly read through the comments for each option -- Modify the values in `.env` according to your needs +- Modify the values in `.env` according to your needs. Minimally, you will have to update $FQDN + to match your host server's domain, unless you are deploying on localhost. -For authentication details, refer to the [Authentication](./AUTHENTICATION.md) documentation. You will need to update -the -redirect URI to match your host server's public IP or hostname, such -as `http:///gotrue/callback`. -If using localhost, then just keep the default value. +If you would like to use one of the identity providers to log in, refer to the [Authentication](./AUTHENTICATION.md) documentation. -```bash -GOTRUE_EXTERNAL_GOOGLE_ENABLED=true -GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID= -GOTRUE_EXTERNAL_GOOGLE_SECRET= -GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI=http://your-host/gotrue/callback +If you would like to use magic link to log in, you will need to set up env variables related to SMTP. -# GitHub OAuth2 -GOTRUE_EXTERNAL_GITHUB_ENABLED=true -GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=your-github-client-id -GOTRUE_EXTERNAL_GITHUB_SECRET=your-github-secret -GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI=http://your-host/gotrue/callback - -# Discord OAuth2 -GOTRUE_EXTERNAL_DISCORD_ENABLED=true -GOTRUE_EXTERNAL_DISCORD_CLIENT_ID=your-discord-client-id -GOTRUE_EXTERNAL_DISCORD_SECRET=your-discord-secret -GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI=http://your-host/gotrue/callback -``` - -### 3. Running the services +If neither of the above are configured, then the only was to sign in is via the admin portal (the home page), using the admin email +and password. After logging in as an admin, you can add users and set their passwords. The new user will be able to login to the admin +portal using this credential. #### Start and run AppFlowy-Cloud @@ -121,9 +103,6 @@ admin/debug tasks. - `portainer`/`portainer_init` (Web UI to provide some monitoring and ease of container management) - `tunnel` (Cloudflare tunnel to provide a secure way to connect AppFlowy to Cloudflare without a publicly routable IP address) -- `admin_frontend` (admin portal to manage accounts and add authentication methods. We recommend to keep this) - If you wish to deploy those, edit the file accordingly and do: - ``` docker compose --file docker-compose-extras.yml up -d ``` @@ -224,12 +203,6 @@ by setting the `GOTRUE_DISABLE_SIGNUP` environment variable to `true`. The default configuration assumes that TLS is used for SMTP, typically on port 465. If you are using STARTTLS, such as when using port 587, please change `APPFLOWY_MAILER_SMTP_TLS_KIND` to `opportunistic`. -### Can I sign in using only using email and password? - -The AppFlowy clients currently do not support email and password sign in. However, you can login to the admin portal using the admin -email and password. In the admin section, you can then add users and set their passwords. Subseqently, users can login to the portal -using their email and password, and launch the AppFlowy client via the portal. - ### What functionality will I lose if the SMTP server is not set up? Sign in via magic link will not be possible. Inviting users to workspace and accepting invitation will have to be diff --git a/docker-compose.yml b/docker-compose.yml index ffb1c08f..7e3e22eb 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,7 +17,7 @@ services: restart: on-failure image: minio/minio environment: - - MINIO_BROWSER_REDIRECT_URL=${API_EXTERNAL_URL}/minio + - MINIO_BROWSER_REDIRECT_URL=${FQDN?:err}/minio - MINIO_ROOT_USER=${APPFLOWY_S3_ACCESS_KEY:-minioadmin} - MINIO_ROOT_PASSWORD=${APPFLOWY_S3_SECRET_KEY:-minioadmin} command: server /data --console-address ":9001"