Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Images & dependencies update #1036

Open
wants to merge 16 commits into
base: main
Choose a base branch
from
Open

Images & dependencies update #1036

wants to merge 16 commits into from

Conversation

laurfb
Copy link

@laurfb laurfb commented Jul 3, 2024

Description

Update some image & python packages; mitigate some CVE.
Rise max upload file size to 100G. Remove nginx file size limitation.

Steps

Pre-deploy

Post-deploy

laurfb added 16 commits July 3, 2024 07:02
@laurfb
Create .env
294ac5b 
Resolve warning messages "The POSTGRES_DB/USER variable is not set. Defaulting to a blank string."
@laurfb
Update Dockerfile
674ec35 
Update images and some packages; mitigate some CVEs.
@laurfb
Update requirements.txt
9b8dbc9 
Update some packages; Remove/mitigate some CVEs.
@laurfb
Update docker-compose.yaml
b5070aa 
Update postgres image.
@laurfb
Update docker-compose-dev.yaml
387e922 
Update postgres image.
@laurfb
Update docker-compose-http-proxy.yaml
2dea733 
Update postgres image.
@laurfb
Update docker-compose-https-proxy.yaml
142ae75 
Update postgres image.
@laurfb
Update docker-compose-letsencrypt.yaml
1c64938 
Update postgres image.
@laurfb
Update docker-compose-named-volumes.yaml
11f37ce 
Update postgres image.
@laurfb
Update local_settings.py
5d1adc1 
Set UPLOAD_MAX_SIZE = 100G
@laurfb
Update settings.py
fbd252d 
Set UPLOAD_MAX_SIZE = 100G
@laurfb
Update nginx.conf
11ab88b 
Unlimited file size for nginx.
@laurfb
Update nginx.conf
ddafcc1
@laurfb
Fix CVE-2024-39689
43fe330
@laurfb
Dockerfile_Alpine image alternative
297df4c 
- migrate from ubuntu to alpine
- fixing most current vulnerabilities (CVE)
- 54% reduce image size with slightly speed change
@laurfb
Update Dockerfile_Alpine
b09cb33
@mgogoulos
Copy link
Contributor

Hey, I'd like to merge this but first want to ask you whether you want to update with even more recent versions, eg latest Django version. If not, I can still merge it and work towards updating these myself.

Question, why are you resetting the client_max_body_size parameter?
Also I think the setting that sets a 5GB limit needs to be there, as is it a sane default value. It could be risky to set to unlimited for a generic installation. can you revert it plz?

@laurfb
Copy link
Author

laurfb commented Oct 2, 2024 via email

@mgogoulos
Copy link
Contributor

Hi, formatting broke so I'll attempt to discuss all issues

Hi. Some (more) recent version update broke some mediacms functionality... I went up to the maximum possible version which did not block/alter mediacms functionality.

Do you remember which these libraries/systems have been?

large clips and external storage management
I haven't tried to upload large files but I would assume that even the current uploader should be able to handle them. I'd like to change the uploader with uppy.io since it's modern + allows for passing some metadata as the file path, which can be used to construct a structure on the system, when uploading a folder.
also external storage is a big topic by itself, there have been attempts with S3 and there are installations that utilize it, it's just that the PRs didn't find their way in main...

Feel free to share what you are building/working on!

Hi. Some (more) recent version update broke some mediacms functionality... I went up to the maximum possible version which did not block/alter mediacms functionality. Regarding client_max_body_size – sometime I need to upload large clips (10-20-50GB). At least on my case. :) But I think you're right, maybe it's better to let everyone decide for themselves, with particular settings. Not everyone needs that. I wonder if you have/will have enough time for a new upload app, for large clips and external storage management (clips already stored in external NAS/SMB shares). 😊 Thanks you for your hard work on mediacms! Laur From: Markos Gogoulos @.> Sent: Wednesday, October 2, 2024 11:40 AM To: mediacms-io/mediacms @.> Cc: Laurentiu @.>; Author @.> Subject: Re: [mediacms-io/mediacms] Images & dependencies update (PR #1036) Hey, I'd like to merge this but first want to ask you whether you want to update with even more recent versions, eg latest Django version. If not, I can still merge it and work towards updating these myself. Question, why are you resetting the client_max_body_size parameter? Also I think the setting that sets a 5GB limit needs to be there, as is it a sane default value. It could be risky to set to unlimited for a generic installation. can you revert it plz? — Reply to this email directly, view it on GitHub <#1036 (comment)> , or unsubscribe https://github.com/notifications/unsubscribe-auth/ABHY3UTCEZUCGAPT32LKKXDZZOWNLAVCNFSM6AAAAABKIX6ULOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGOBXHEZTANBWHA . You are receiving this because you authored the thread. https://github.com/notifications/beacon/ABHY3UVZ4AQA3L7OWD2YIS3ZZOWNLA5CNFSM6AAAAABKIX6ULOWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTUOKTWWI.gif Message ID: @.*** @.***> >

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@laurfb @mgogoulos