A lot of improvements

[karlprieb]

So, I really love this project. There's no way to self host feedbin without this project. Thanks a lot @angristan

I've been using this project for some months now and I already made a lot of changes on my feedbin deploy. I think that all my changes are not aligned with this project, but today I updated my fork with those changes and I think it make sense to create this PR. If some changes don't make sense for this project I can create other PR with just the changes that you @angristan agree with :)

I know that is not a good practice to make a huge PR like that, but it's easier for me, so... that's it :)

To the changes:

• Alpine based images. I consider more secure and it's a lot smaller. Counting all the images that this projects use we have something like 8.2g, with alpine based images this size is reduced to something like 4.3g. I didn't noticed any difference on performance.
• Updated caddy to v2
  • Add FLoC optout
  • Add api workaround
  • Safer headers by default
• Simpler .env file. The complexity from the .env file is on the docker-compose.yml file now. It make the .env file simpler with less duplicated variables. Also it pass only the environment variables needed for each image, making it more secure.
• Add healthcheck for postgres and redis.
• Move feedbin-web and feedbin-workers Dockerfile to feedbin-web folder.
• Automatic creation of Minio bucket, so you don't have to deal with Minio, just start and it will create the bucket and change the permissions.

That's all :)

[angristan]

That looks good! Thank for your work!

[karlprieb]

I fixed the things that you commented. As before we still have some linting issues regarding some alpine packages not having your versions pinned. I really don't think that should be an issue as the packages that we really need to pin are already pinned. What do you think @angristan ? Another issue is [ERROR] Please set a [GITHUB_TOKEN] from the main workflow environment to take advantage of multiple status reports!. There's nothing I could do to fix that as it should be a repository secret, right?

[karlprieb]

@angristan any update?

[angristan]

Let me fix the CI

[angristan]

Mmmh yeah, you can add DL3018 to .github/linters/.hadolint.yml

[karlprieb]

@angristan done :)

[angristan]

Thank you again for your work 👌

[iSwiftLiu]

Thank you very much.

[kzshantonu]

Hi thanks for everything. Minio seems fixed and uploading OPMLs work. But they don't import successfully. I get this in sidekiq:

Excon::Error::Socket: SSL_connect returned=1 errno=0 state=error: tlsv1 alert internal error (OpenSSL::SSL::SSLError)

[karlprieb]

Hey @kzshantonu ill take a look as soon as I have some time... In the meanwhile can you open an issue about this?

[kzshantonu]

@karlprieb sure thanks