Compare commits
33 commits
96024edac5
...
eb739c806d
Author | SHA1 | Date | |
---|---|---|---|
eb739c806d | |||
ec3e39857b | |||
ec6e84465c | |||
54d3050cdf | |||
dc15c137c9 | |||
4eb7fece98 | |||
7e8314d42a | |||
04538d936a | |||
59bca9ce9e | |||
0a59700a5d | |||
6561f4e5e7 | |||
47d50e1c1f | |||
da46d6966a | |||
acec4a484e | |||
d15487950b | |||
8fd621ac58 | |||
f0ebacee3f | |||
6bd9fb00ef | |||
4cdda3076e | |||
865a55e1be | |||
556e447617 | |||
3164d18193 | |||
57f56e0e9b | |||
522ebd9ede | |||
1b0f05da91 | |||
b4fd6aeb11 | |||
d10b51b99b | |||
ea66e36085 | |||
533e526952 | |||
c12f20bc77 | |||
14baa2cb78 | |||
cab8210b2f | |||
4cb61d56c6 |
35 changed files with 168 additions and 150 deletions
|
@ -2,7 +2,7 @@
|
||||||
begin
|
begin
|
||||||
set -l name anki
|
set -l name anki
|
||||||
set -l dir (status dirname)
|
set -l dir (status dirname)
|
||||||
set -l source "$dir/docker-compose.secrets.yml"
|
set -l source "$dir/docker-compose.overrides.yml"
|
||||||
source "$dir/../service.fish"
|
source "$dir/../service.fish"
|
||||||
|
|
||||||
function installSW -V dir -V source
|
function installSW -V dir -V source
|
||||||
|
@ -13,7 +13,7 @@ begin
|
||||||
sudo cp "$dir/docker-compose.base.yml" (getServiceRoot $argv)
|
sudo cp "$dir/docker-compose.base.yml" (getServiceRoot $argv)
|
||||||
|
|
||||||
USER=$user yq "$userKey = env(USER)" "$source" | \
|
USER=$user yq "$userKey = env(USER)" "$source" | \
|
||||||
sudo tee (getServiceSecretsConfig $argv) >/dev/null
|
sudo tee (getServiceOverrides $argv) >/dev/null
|
||||||
|
|
||||||
installDockerService $argv
|
installDockerService $argv
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
include:
|
include:
|
||||||
- path:
|
- path:
|
||||||
- docker-compose.base.yml
|
- docker-compose.base.yml
|
||||||
- docker-compose.secrets.yml
|
|
||||||
- docker-compose.overrides.yml
|
- docker-compose.overrides.yml
|
||||||
|
|
|
@ -11,13 +11,13 @@ begin
|
||||||
function installSW -V dir -V environments -V source
|
function installSW -V dir -V environments -V source
|
||||||
set -l root (getServiceRoot $argv)
|
set -l root (getServiceRoot $argv)
|
||||||
set -l config "$root/docker-compose.base.yml"
|
set -l config "$root/docker-compose.base.yml"
|
||||||
set -l secrets (getServiceSecretsConfig $argv)
|
set -l overrides (getServiceOverrides $argv)
|
||||||
set -l ciTemplate (yq -oj (getServiceKey ci-template) "$source")
|
set -l ciTemplate (yq -oj (getServiceKey ci-template) "$source")
|
||||||
set -l dockerTemplate (yq -oj (getServiceKey docker-template) "$source")
|
set -l dockerTemplate (yq -oj (getServiceKey docker-template) "$source")
|
||||||
set -l sshTemplate (yq -oj (getServiceKey ssh-template) "$source")
|
set -l sshTemplate (yq -oj (getServiceKey ssh-template) "$source")
|
||||||
initializeServiceInstallation $argv
|
initializeServiceInstallation $argv
|
||||||
echo "{}" | sudo tee "$config" >/dev/null
|
echo "{}" | sudo tee "$config" >/dev/null
|
||||||
echo "{}" | sudo tee "$secrets" >/dev/null
|
echo "{}" | sudo tee "$overrides" >/dev/null
|
||||||
|
|
||||||
cp "$dir"/{ci.Dockerfile,docker-compose.core.yml,.dockerignore} "$root"
|
cp "$dir"/{ci.Dockerfile,docker-compose.core.yml,.dockerignore} "$root"
|
||||||
echo "DRONE_JSONNET_ENABLED=true" | sudo tee "$root/server.common.env" >/dev/null
|
echo "DRONE_JSONNET_ENABLED=true" | sudo tee "$root/server.common.env" >/dev/null
|
||||||
|
@ -32,7 +32,7 @@ begin
|
||||||
set -l runners ssh docker
|
set -l runners ssh docker
|
||||||
set -l services ci $runners
|
set -l services ci $runners
|
||||||
set -l tmpConfig (mktemp)
|
set -l tmpConfig (mktemp)
|
||||||
set -l tmpSecrets (mktemp)
|
set -l tmpOverrides (mktemp)
|
||||||
set -l ciName "$name-ci"
|
set -l ciName "$name-ci"
|
||||||
set -l sshName "$name-ssh-runner"
|
set -l sshName "$name-ssh-runner"
|
||||||
set -l dockerName "$name-docker-runner"
|
set -l dockerName "$name-docker-runner"
|
||||||
|
@ -41,7 +41,7 @@ begin
|
||||||
set -l dockerEnv
|
set -l dockerEnv
|
||||||
|
|
||||||
cp "$config" "$tmpConfig"
|
cp "$config" "$tmpConfig"
|
||||||
cp "$secrets" "$tmpSecrets"
|
cp "$overrides" "$tmpOverrides"
|
||||||
|
|
||||||
for serviceName in $services
|
for serviceName in $services
|
||||||
set -l file (mktemp)
|
set -l file (mktemp)
|
||||||
|
@ -83,8 +83,8 @@ begin
|
||||||
rm "$file"
|
rm "$file"
|
||||||
end
|
end
|
||||||
|
|
||||||
PORT="127.0.0.1:1337:80" yq "$ciKey.ports = [ env(PORT) ]" "$tmpSecrets" | \
|
PORT="127.0.0.1:1337:80" yq "$ciKey.ports = [ env(PORT) ]" "$tmpOverrides" | \
|
||||||
sudo tee "$secrets" >/dev/null
|
sudo tee "$overrides" >/dev/null
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -113,7 +113,7 @@ begin
|
||||||
end
|
end
|
||||||
|
|
||||||
function getBackupArgs
|
function getBackupArgs
|
||||||
printf "%s\n" --hidden --no-ignore "data|\.secrets?\." (getServiceRoot $argv)
|
printf "%s\n" --hidden --no-ignore "data|\.secret\.|\.overrides\." (getServiceRoot $argv)
|
||||||
end
|
end
|
||||||
|
|
||||||
runInstaller --force $argv
|
runInstaller --force $argv
|
||||||
|
|
|
@ -13,8 +13,8 @@ begin
|
||||||
|
|
||||||
function installSW -V dir -V domain -V server -V service
|
function installSW -V dir -V domain -V server -V service
|
||||||
set -l root (getServiceRoot $argv)
|
set -l root (getServiceRoot $argv)
|
||||||
set -l secrets (getServiceSecretsConfig $argv)
|
set -l overrides (getServiceOverrides $argv)
|
||||||
set -l source "$dir/$(basename "$secrets")"
|
set -l source "$dir/$(basename "$overrides")"
|
||||||
set -l pw (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
|
set -l pw (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
|
||||||
set -l port (getRandomPort)
|
set -l port (getRandomPort)
|
||||||
initializeServiceInstallation $argv
|
initializeServiceInstallation $argv
|
||||||
|
@ -36,7 +36,7 @@ begin
|
||||||
yq "$dbEnv.MARIADB_USER = env(USER)" | \
|
yq "$dbEnv.MARIADB_USER = env(USER)" | \
|
||||||
yq "$dbEnv.MARIADB_PASSWORD = env(PW)" | \
|
yq "$dbEnv.MARIADB_PASSWORD = env(PW)" | \
|
||||||
URL="https://$DOMAIN/" yq "$actEnv.GITEA_INSTANCE_URL = env(URL)" | \
|
URL="https://$DOMAIN/" yq "$actEnv.GITEA_INSTANCE_URL = env(URL)" | \
|
||||||
sudo tee "$secrets" >/dev/null
|
sudo tee "$overrides" >/dev/null
|
||||||
end
|
end
|
||||||
|
|
||||||
installDockerService $argv
|
installDockerService $argv
|
||||||
|
@ -51,7 +51,7 @@ begin
|
||||||
set -l dir "$root/data"
|
set -l dir "$root/data"
|
||||||
set -l bin "/usr/local/bin/forgejo"
|
set -l bin "/usr/local/bin/forgejo"
|
||||||
set -l config "$root/docker-compose.base.yml"
|
set -l config "$root/docker-compose.base.yml"
|
||||||
set -l secrets (getServiceSecretsConfig $argv)
|
set -l overrides (getServiceOverrides $argv)
|
||||||
set -l envKey "$(getServiceKey "$service").environment"
|
set -l envKey "$(getServiceKey "$service").environment"
|
||||||
configureDockerService $argv
|
configureDockerService $argv
|
||||||
cp "$config" "$file"
|
cp "$config" "$file"
|
||||||
|
@ -74,7 +74,7 @@ begin
|
||||||
and chown -R $uid:$gid "$dir"
|
and chown -R $uid:$gid "$dir"
|
||||||
rm "$file"
|
rm "$file"
|
||||||
|
|
||||||
set port (yq (getSSHPortKey) "$secrets" | extractPort)
|
set port (yq (getSSHPortKey) "$overrides" | extractPort)
|
||||||
|
|
||||||
begin
|
begin
|
||||||
printf "%s\n" \
|
printf "%s\n" \
|
||||||
|
|
|
@ -4,7 +4,6 @@ services:
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
user: 1337:1337
|
user: 1337:1337
|
||||||
hostname: Jellyfin
|
hostname: Jellyfin
|
||||||
environment: {}
|
|
||||||
volumes:
|
volumes:
|
||||||
- ./config/jellyfin:/config
|
- ./config/jellyfin:/config
|
||||||
- cache:/cache
|
- cache:/cache
|
||||||
|
@ -96,14 +95,43 @@ services:
|
||||||
-o directory.default.set=/downloads
|
-o directory.default.set=/downloads
|
||||||
-o 'method.set=group.seeding.ratio.command, "d.cloase = ; d.erase = "'
|
-o 'method.set=group.seeding.ratio.command, "d.cloase = ; d.erase = "'
|
||||||
volumes:
|
volumes:
|
||||||
|
- /etc/localtime:/etc/localtime:ro
|
||||||
- ./config/rtorrent:/config
|
- ./config/rtorrent:/config
|
||||||
- ./downloads:/downloads
|
- ./downloads:/downloads
|
||||||
- /etc/localtime:/etc/localtime:ro
|
|
||||||
- ./proton:/proton
|
- ./proton:/proton
|
||||||
devices:
|
devices:
|
||||||
- /dev/net/tun
|
- /dev/net/tun
|
||||||
cap_add:
|
cap_add:
|
||||||
- NET_ADMIN
|
- NET_ADMIN
|
||||||
|
# transmission:
|
||||||
|
# build:
|
||||||
|
# dockerfile: ./transmission.Dockerfile
|
||||||
|
# context: .
|
||||||
|
# restart: unless-stopped
|
||||||
|
# hostname: transmission
|
||||||
|
# env_file:
|
||||||
|
# - ./proton.env
|
||||||
|
# environment:
|
||||||
|
# PUID: 1337
|
||||||
|
# PGID: 1337
|
||||||
|
# PVPN_TIER: 1337
|
||||||
|
# TZ: Europe/Zurich
|
||||||
|
# TRANSMISSION_WEB_HOME: /transmission
|
||||||
|
# TRANSMISSION_WEB_USER: "scott"
|
||||||
|
# TRANSMISSION_WEB_PASS: "tiger"
|
||||||
|
# MAX_UPTIME: -1
|
||||||
|
# command: --no-incomplete-dir
|
||||||
|
# --download-dir /downloads
|
||||||
|
# ports:
|
||||||
|
# - 127.0.0.1:1337:9091
|
||||||
|
# volumes:
|
||||||
|
# - ./config/transmission:/config
|
||||||
|
# - ./downloads:/downloads
|
||||||
|
# - /etc/localtime:/etc/localtime:ro
|
||||||
|
# devices:
|
||||||
|
# - /dev/net/tun
|
||||||
|
# cap_add:
|
||||||
|
# - NET_ADMIN
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
cache: {}
|
cache: {}
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
services:
|
services:
|
||||||
jellyfin:
|
jellyfin:
|
||||||
|
environment: {}
|
||||||
ports:
|
ports:
|
||||||
- 127.0.0.1:1337:8096
|
- 127.0.0.1:1337:8096
|
||||||
radarr:
|
radarr:
|
|
@ -11,8 +11,8 @@ begin
|
||||||
|
|
||||||
function installSW -V dir -V domain -V server -V service
|
function installSW -V dir -V domain -V server -V service
|
||||||
set -l root (getServiceRoot $argv)
|
set -l root (getServiceRoot $argv)
|
||||||
set -l secrets (getServiceSecretsConfig $argv)
|
set -l overrides (getServiceOverrides $argv)
|
||||||
set -l source "$dir/$(basename "$secrets")"
|
set -l source "$dir/$(basename "$overrides")"
|
||||||
set -l port (getRandomPort)
|
set -l port (getRandomPort)
|
||||||
set -l servarrKeys
|
set -l servarrKeys
|
||||||
initializeServiceInstallation $argv
|
initializeServiceInstallation $argv
|
||||||
|
@ -20,7 +20,7 @@ begin
|
||||||
sudo cp "$dir/.dockerignore" "$root"
|
sudo cp "$dir/.dockerignore" "$root"
|
||||||
sudo cp "$dir/pvpn-cli.py" "$root"
|
sudo cp "$dir/pvpn-cli.py" "$root"
|
||||||
sudo cp "$dir/rtorrent.Dockerfile" "$root"
|
sudo cp "$dir/rtorrent.Dockerfile" "$root"
|
||||||
sudo cp "$source" "$secrets"
|
sudo cp "$source" "$overrides"
|
||||||
|
|
||||||
installDockerService $argv
|
installDockerService $argv
|
||||||
end
|
end
|
||||||
|
@ -33,7 +33,7 @@ begin
|
||||||
set -l root (getServiceRoot $argv)
|
set -l root (getServiceRoot $argv)
|
||||||
set -l bin "/usr/local/bin/forgejo"
|
set -l bin "/usr/local/bin/forgejo"
|
||||||
set -l config "$root/docker-compose.base.yml"
|
set -l config "$root/docker-compose.base.yml"
|
||||||
set -l secrets (getServiceSecretsConfig $argv)
|
set -l overrides (getServiceOverrides $argv)
|
||||||
set -l envKey "$(getServiceKey "$service").environment"
|
set -l envKey "$(getServiceKey "$service").environment"
|
||||||
configureDockerService $argv
|
configureDockerService $argv
|
||||||
|
|
||||||
|
@ -62,9 +62,9 @@ begin
|
||||||
sudo tee "$config" >/dev/null
|
sudo tee "$config" >/dev/null
|
||||||
end
|
end
|
||||||
|
|
||||||
cp "$secrets" "$file"
|
cp "$overrides" "$file"
|
||||||
URL="https://$(getServiceDomain "$domain" "")/" yq "$(getServiceKey "$service").environment.JELLYFIN_PublishedServerUrl = env(URL)" "$file" | \
|
URL="https://$(getServiceDomain "$domain" "")/" yq "$(getServiceKey "$service").environment.JELLYFIN_PublishedServerUrl = env(URL)" "$file" | \
|
||||||
sudo tee "$secrets" >/dev/null
|
sudo tee "$overrides" >/dev/null
|
||||||
|
|
||||||
for dir in "$root"/{downloads,config/{,jellyfin,flood,rtorrent,radarr,sonarr,lidarr,prowlarr},media/{,movies,series,music}}
|
for dir in "$root"/{downloads,config/{,jellyfin,flood,rtorrent,radarr,sonarr,lidarr,prowlarr},media/{,movies,series,music}}
|
||||||
sudo mkdir -p "$dir"
|
sudo mkdir -p "$dir"
|
||||||
|
|
|
@ -6,7 +6,7 @@ services:
|
||||||
service: web
|
service: web
|
||||||
volumes:
|
volumes:
|
||||||
- ./nginx/web.conf:/etc/nginx/nginx.conf
|
- ./nginx/web.conf:/etc/nginx/nginx.conf
|
||||||
- ./cloud/logs/nginx:/var/log/nginx
|
- ./nginx/logs/nginx:/var/log/nginx
|
||||||
depends_on:
|
depends_on:
|
||||||
core:
|
core:
|
||||||
condition: service_healthy
|
condition: service_healthy
|
||||||
|
@ -28,7 +28,7 @@ services:
|
||||||
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
||||||
MARIADB_MYSQL_LOCALHOST_USER: 1
|
MARIADB_MYSQL_LOCALHOST_USER: 1
|
||||||
volumes:
|
volumes:
|
||||||
- ./cloud/database:/var/lib/mysql
|
- ./data/db:/var/lib/mysql
|
||||||
command:
|
command:
|
||||||
- --innodb_read_only_compressed=OFF
|
- --innodb_read_only_compressed=OFF
|
||||||
healthcheck:
|
healthcheck:
|
||||||
|
@ -46,7 +46,7 @@ services:
|
||||||
env_file:
|
env_file:
|
||||||
- cache.env
|
- cache.env
|
||||||
volumes:
|
volumes:
|
||||||
- ./cloud/cache:/data
|
- ./data/cache:/data
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: [CMD, bash, -c, echo '' > /dev/tcp/127.0.0.1/6379]
|
test: [CMD, bash, -c, echo '' > /dev/tcp/127.0.0.1/6379]
|
||||||
interval: 5s
|
interval: 5s
|
||||||
|
@ -88,7 +88,7 @@ services:
|
||||||
image: shenxn/protonmail-bridge
|
image: shenxn/protonmail-bridge
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
volumes:
|
volumes:
|
||||||
- ./bridge:/root
|
- ./data/bridge:/root
|
||||||
turn:
|
turn:
|
||||||
image: instrumentisto/coturn
|
image: instrumentisto/coturn
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
|
@ -4,11 +4,11 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- webroot:/var/www/html:z
|
- webroot:/var/www/html:z
|
||||||
- ./php.ini:/usr/local/etc/php/conf.d/nextcloud.ini
|
- ./php.ini:/usr/local/etc/php/conf.d/nextcloud.ini
|
||||||
- ./cloud/apps:/var/www/html/custom_apps
|
- ./data/cloud/apps:/var/www/html/custom_apps
|
||||||
- ./cloud/config:/var/www/html/config
|
- ./data/cloud/config:/var/www/html/config
|
||||||
- ./cloud/data:/var/www/html/data
|
- ./data/cloud/data:/var/www/html/data
|
||||||
- ./cloud/themes:/var/www/html/themes
|
- ./data/cloud/themes:/var/www/html/themes
|
||||||
- ./cloud/public:/public
|
- ./data/public:/public
|
||||||
- ../jellyfin/downloads:/downloads
|
- ../jellyfin/downloads:/downloads
|
||||||
setup:
|
setup:
|
||||||
extends:
|
extends:
|
||||||
|
@ -29,4 +29,4 @@ services:
|
||||||
environment:
|
environment:
|
||||||
MYSQL_HOST: db
|
MYSQL_HOST: db
|
||||||
REDIS_HOST: cache
|
REDIS_HOST: cache
|
||||||
TRUSTED_PROXIED: 172.16.0.0/12
|
TRUSTED_PROXIES: 172.16.0.0/12
|
||||||
|
|
|
@ -4,8 +4,8 @@ services:
|
||||||
- 127.0.0.1:1337:80
|
- 127.0.0.1:1337:80
|
||||||
turn:
|
turn:
|
||||||
ports:
|
ports:
|
||||||
- 127.0.0.1:1337:3478/tcp
|
- 1337:3478/tcp
|
||||||
- 127.0.0.1:1337:3478/udp
|
- 1337:3478/udp
|
||||||
command: [-n, --log-file=stdout, --min-port=49160, --max-port=49200, --use-auth-secret]
|
command: [-n, --log-file=stdout, --min-port=49160, --max-port=49200, --use-auth-secret]
|
||||||
collabora:
|
collabora:
|
||||||
ports:
|
ports:
|
|
@ -31,10 +31,8 @@ begin
|
||||||
set -l source "$dir/docker-compose.core.yml"
|
set -l source "$dir/docker-compose.core.yml"
|
||||||
set -l core "$root/$(basename "$source")"
|
set -l core "$root/$(basename "$source")"
|
||||||
set -l domain (getServiceDomain $domain)
|
set -l domain (getServiceDomain $domain)
|
||||||
set -l base "$root/docker-compose.base.yml"
|
set -l overrides (getServiceOverrides $argv)
|
||||||
set -l baseSource "$dir/$(basename "$base")"
|
set -l overridesSource "$dir/$(basename "$overrides")"
|
||||||
set -l secrets (getServiceSecretsConfig $argv)
|
|
||||||
set -l secretsSource "$dir/$(basename "$secrets")"
|
|
||||||
set -l turnKey "$(getServiceKey "$turn")"
|
set -l turnKey "$(getServiceKey "$turn")"
|
||||||
set -l portKey "$turnKey.ports[1]"
|
set -l portKey "$turnKey.ports[1]"
|
||||||
set -l officeEnv "$(getServiceKey "$office").environment"
|
set -l officeEnv "$(getServiceKey "$office").environment"
|
||||||
|
@ -45,7 +43,7 @@ begin
|
||||||
set -l nextcloudPW ($genPW 64)
|
set -l nextcloudPW ($genPW 64)
|
||||||
|
|
||||||
initializeServiceInstallation $argv
|
initializeServiceInstallation $argv
|
||||||
sudo cp -r "$dir"/{cache.Dockerfile,cloud.Dockerfile,.dockerignore,fpm,nginx,php.ini} "$root"
|
sudo cp -r "$dir"/{cache.Dockerfile,cloud.Dockerfile,docker-compose.{base,core}.yml,.dockerignore,fpm,nginx,php.ini} "$root"
|
||||||
|
|
||||||
begin
|
begin
|
||||||
printf "%s\n" \
|
printf "%s\n" \
|
||||||
|
@ -59,38 +57,30 @@ begin
|
||||||
begin
|
begin
|
||||||
printf "%s\n" \
|
printf "%s\n" \
|
||||||
"NEXTCLOUD_ADMIN_USER=admin" \
|
"NEXTCLOUD_ADMIN_USER=admin" \
|
||||||
"NEXTCLOUD_ADMIN_PASSWORD=$nextcloudPW"
|
"NEXTCLOUD_ADMIN_PASSWORD=$nextcloudPW" \
|
||||||
|
"NEXTCLOUD_TRUSTED_DOMAINS=$domain" \
|
||||||
|
"OVERWRITEPROTOCOL=https" \
|
||||||
|
"OVERWRITEHOST=$domain" \
|
||||||
|
"OVERWRITECLIURL=https://$domain"
|
||||||
end | sudo tee "$root/nextcloud.env" >/dev/null
|
end | sudo tee "$root/nextcloud.env" >/dev/null
|
||||||
|
|
||||||
PROTO="https" DOMAIN="$domain" begin
|
PROTO="https" DOMAIN="$domain" begin
|
||||||
set -l envKey "$(getServiceKey "$service").environment"
|
|
||||||
|
|
||||||
yq "$envKey.NEXTCLOUD_TRUSTED_DOMAINS = env(DOMAIN)" "$source" | \
|
|
||||||
yq "$envKey.OVERWRITEPROTOCOL = env(PROTO)" | \
|
|
||||||
yq "$envKey.OVERWRITEHOST = env(DOMAIN)" | \
|
|
||||||
URL="$PROTO://$DOMAIN" yq "$envKey.OVERWRITECLIURL = env(URL)" | \
|
|
||||||
sudo tee "$core" >/dev/null
|
|
||||||
|
|
||||||
DOMAIN=(getServiceDomain $officeDomain) yq "$officeEnv.server_name = env(DOMAIN)" "$baseSource" | \
|
|
||||||
URL="https://$(string escape --style regex "$DOMAIN"):443" yq "$officeEnv.aliasgroup1 = env(URL)" | \
|
|
||||||
sudo tee "$base" >/dev/null
|
|
||||||
end
|
|
||||||
|
|
||||||
begin
|
|
||||||
set -l key "$turnKey.command"
|
set -l key "$turnKey.command"
|
||||||
|
|
||||||
PW="--static-auth-secret=$turnPW" \
|
PW="--static-auth-secret=$turnPW" \
|
||||||
DOMAIN="--realm=$domain" \
|
DOMAIN="--realm=$domain" \
|
||||||
yq "$key |= . + [env(PW), env(DOMAIN)]" "$secretsSource" | \
|
yq "$key |= . + [env(PW), env(DOMAIN)]" "$overridesSource" | \
|
||||||
sudo tee "$secrets" >/dev/null
|
DOMAIN=(getServiceDomain $officeDomain) yq "$officeEnv.server_name = env(DOMAIN)" | \
|
||||||
|
URL="https://$(string escape --style regex "$DOMAIN"):443" yq "$officeEnv.aliasgroup1 = env(URL)" | \
|
||||||
|
sudo tee "$overrides" >/dev/null
|
||||||
end
|
end
|
||||||
|
|
||||||
installDockerService $argv
|
installDockerService $argv
|
||||||
set turnPort (yq (getServicePortKey "$turn") "$secrets" | extractPort)
|
set turnPort (yq (getServicePortKey "$turn") "$overrides" | extractPort)
|
||||||
set turnPort (yq "$portKey" "$secrets" | mutatePort "$turnPort")
|
set turnPort (yq "$portKey" "$overrides" | mutatePort "$turnPort")
|
||||||
|
|
||||||
cp "$secrets" "$file"
|
cp "$overrides" "$file"
|
||||||
PORT="$turnPort" yq "$portKey = env(PORT)" "$file" | sudo tee "$secrets" >/dev/null
|
PORT="$turnPort" yq "$portKey = env(PORT)" "$file" | sudo tee "$overrides" >/dev/null
|
||||||
rm "$file"
|
rm "$file"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@ begin
|
||||||
set -l dir (status dirname)
|
set -l dir (status dirname)
|
||||||
set -l domain "tracker" ""
|
set -l domain "tracker" ""
|
||||||
set -l service "ryot"
|
set -l service "ryot"
|
||||||
set -l source "$dir/docker-compose.secrets.yml"
|
set -l source "$dir/docker-compose.overrides.yml"
|
||||||
source "$dir/../service.fish"
|
source "$dir/../service.fish"
|
||||||
|
|
||||||
function installSW -V dir -V domain -V service -V source
|
function installSW -V dir -V domain -V service -V source
|
||||||
|
@ -13,13 +13,13 @@ begin
|
||||||
set -l pw (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
|
set -l pw (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
|
||||||
set -l envKey ".services.$service.environment"
|
set -l envKey ".services.$service.environment"
|
||||||
set -l dbKey "$envKey.DATABASE_URL"
|
set -l dbKey "$envKey.DATABASE_URL"
|
||||||
set -l dbUrl ( "$dbKey" "$source" | sed "s/^\(.*:\/\/.*:\).*\(@.*\/.*\)\$/\1$pw\2/")
|
set -l dbUrl (yq "$dbKey" "$source" | sed "s/^\(.*:\/\/.*:\).*\(@.*\/.*\)\$/\1$pw\2/")
|
||||||
initializeServiceInstallation $argv
|
initializeServiceInstallation $argv
|
||||||
sudo cp "$file" "$root"
|
sudo cp "$file" "$root"
|
||||||
|
|
||||||
URL=$dbUrl yq "$dbKey = env(URL)" "$source" | \
|
URL=$dbUrl yq "$dbKey = env(URL)" "$source" | \
|
||||||
PW=$pw yq ".services.db.environment.POSTGRES_PASSWORD = env(PW)" | \
|
PW=$pw yq ".services.db.environment.POSTGRES_PASSWORD = env(PW)" | \
|
||||||
sudo tee (getServiceSecretsConfig $argv) >/dev/null
|
sudo tee (getServiceOverrides $argv) >/dev/null
|
||||||
|
|
||||||
installDockerService $argv
|
installDockerService $argv
|
||||||
end
|
end
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
begin
|
begin
|
||||||
set -l dir (status dirname)
|
set -l dir (status dirname)
|
||||||
set -l root /usr/local/lib
|
set -l root /usr/local/lib
|
||||||
set -l secretsFile "docker-compose.secrets.yml"
|
set -l overrides "docker-compose.overrides.yml"
|
||||||
set -l nginxRoot "/etc/nginx/conf.d"
|
set -l nginxRoot "/etc/nginx/conf.d"
|
||||||
source "$dir/../../../../lib/software.fish"
|
source "$dir/../../../../lib/software.fish"
|
||||||
|
|
||||||
|
@ -11,7 +11,7 @@ begin
|
||||||
end
|
end
|
||||||
|
|
||||||
function getPortPattern
|
function getPortPattern
|
||||||
echo "^\([.[:digit:]]\+:\)\([[:digit:]]\+\)\(:[[:digit:]]\+\(\/tcp\|udp\)\?\)"
|
echo "^\([.[:digit:]]\+:\)\?\([[:digit:]]\+\)\(:[[:digit:]]\+\(\/tcp\|udp\)\?\)"
|
||||||
end
|
end
|
||||||
|
|
||||||
function __substitutePort -a substitution
|
function __substitutePort -a substitution
|
||||||
|
@ -48,11 +48,11 @@ begin
|
||||||
echo "$nginxRoot/$(getServiceName $argv).conf"
|
echo "$nginxRoot/$(getServiceName $argv).conf"
|
||||||
end
|
end
|
||||||
|
|
||||||
function getServiceSecretsConfig -V secretsFile
|
function getServiceOverrides -V overrides
|
||||||
echo "$(getServiceRoot $argv)/$secretsFile"
|
echo "$(getServiceRoot $argv)/$overrides"
|
||||||
end
|
end
|
||||||
|
|
||||||
function getServicePortKey -V secretsFile -a name
|
function getServicePortKey -V overrides -a name
|
||||||
echo "$(getServiceKey "$name").ports[0]"
|
echo "$(getServiceKey "$name").ports[0]"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -78,7 +78,7 @@ begin
|
||||||
function getServiceDefaultProxy -a domain service location
|
function getServiceDefaultProxy -a domain service location
|
||||||
argparse -i "comment=" "path=" "url=" -- $argv
|
argparse -i "comment=" "path=" "url=" -- $argv
|
||||||
set -l url
|
set -l url
|
||||||
set -l config (getServiceSecretsConfig $argv)
|
set -l config (getServiceOverrides $argv)
|
||||||
set -l portKey (getServicePortKey "$service")
|
set -l portKey (getServicePortKey "$service")
|
||||||
set -l port (yq "$portKey" "$config" | extractPort)
|
set -l port (yq "$portKey" "$config" | extractPort)
|
||||||
|
|
||||||
|
@ -115,13 +115,13 @@ begin
|
||||||
set -l root (getServiceRoot $argv)
|
set -l root (getServiceRoot $argv)
|
||||||
sudo mkdir -p (getServiceRoot $argv)
|
sudo mkdir -p (getServiceRoot $argv)
|
||||||
sudo mkdir -p "$nginxRoot"
|
sudo mkdir -p "$nginxRoot"
|
||||||
sudo mkdir -p (dirname (getServiceSecretsConfig $argv))
|
sudo mkdir -p (dirname (getServiceOverrides $argv))
|
||||||
sudo touch "$root/docker-compose.overrides.yml"
|
sudo touch "$root/docker-compose.overrides.yml"
|
||||||
sudo cp "$dir/docker-compose.yml" "$root"
|
sudo cp "$dir/docker-compose.yml" "$root"
|
||||||
end
|
end
|
||||||
|
|
||||||
function installDockerService -V dir -V nginxRoot
|
function installDockerService -V dir -V nginxRoot
|
||||||
set -l config (getServiceSecretsConfig $argv)
|
set -l config (getServiceOverrides $argv)
|
||||||
set -l servers (getServiceServers $argv | string split0)
|
set -l servers (getServiceServers $argv | string split0)
|
||||||
|
|
||||||
for i in (seq 1 2 (count $servers))
|
for i in (seq 1 2 (count $servers))
|
||||||
|
@ -184,6 +184,6 @@ begin
|
||||||
set extraPatterns "|$extraPatterns"
|
set extraPatterns "|$extraPatterns"
|
||||||
end
|
end
|
||||||
|
|
||||||
printf "%s\n" --base-directory (getServiceRoot $argv) --hidden --no-ignore "^(docker-compose\.(secrets|overrides)\.yml|data)\$$extraPatterns"
|
printf "%s\n" --base-directory (getServiceRoot $argv) --hidden --no-ignore "^(docker-compose\.overrides\.yml|data)\$$extraPatterns"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -10,10 +10,12 @@ services:
|
||||||
TS3SERVER_DB_HOST: db
|
TS3SERVER_DB_HOST: db
|
||||||
TS3SERVER_DB_WAITUNTILREADY: 30
|
TS3SERVER_DB_WAITUNTILREADY: 30
|
||||||
TS3SERVER_LICENSE: accept
|
TS3SERVER_LICENSE: accept
|
||||||
|
volumes:
|
||||||
|
- ./data/teamspeak:/var/ts3server
|
||||||
db:
|
db:
|
||||||
image: mariadb
|
image: mariadb
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
environment:
|
environment:
|
||||||
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
||||||
volumes:
|
volumes:
|
||||||
- ./database:/var/lib/mysql
|
- ./data/db:/var/lib/mysql
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
#!/bin/env fish
|
#!/bin/env fish
|
||||||
begin
|
begin
|
||||||
set -l dir (status dirname)
|
set -l dir (status dirname)
|
||||||
set -l source "$dir/docker-compose.secrets.yml"
|
set -l source "$dir/docker-compose.overrides.yml"
|
||||||
source "$dir/../service.fish"
|
source "$dir/../service.fish"
|
||||||
|
|
||||||
function installSW -V dir -V domain -V source
|
function installSW -V dir -V domain -V source
|
||||||
|
@ -25,7 +25,7 @@ begin
|
||||||
yq "$tsEnv.TS3SERVER_DB_NAME = env(DB)" | \
|
yq "$tsEnv.TS3SERVER_DB_NAME = env(DB)" | \
|
||||||
yq "$dbEnv.MARIADB_DATABASE = env(DB)"
|
yq "$dbEnv.MARIADB_DATABASE = env(DB)"
|
||||||
end | \
|
end | \
|
||||||
sudo tee (getServiceSecretsConfig $argv) >/dev/null
|
sudo tee (getServiceOverrides $argv) >/dev/null
|
||||||
|
|
||||||
installDockerService $argv
|
installDockerService $argv
|
||||||
end
|
end
|
||||||
|
|
|
@ -11,7 +11,7 @@ services:
|
||||||
environment:
|
environment:
|
||||||
TM_XMLRPC_ALLOWED_REMOTE: xaseco
|
TM_XMLRPC_ALLOWED_REMOTE: xaseco
|
||||||
volumes:
|
volumes:
|
||||||
- ./data/tm/cache:/app/GameData/Cache
|
- ./data/tm/data:/app/GameData
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: [CMD, bash, -c, echo '' >/dev/tcp/127.0.0.1/5000]
|
test: [CMD, bash, -c, echo '' >/dev/tcp/127.0.0.1/5000]
|
||||||
start_period: 1m
|
start_period: 1m
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
services:
|
services:
|
||||||
tm:
|
tm:
|
||||||
extends:
|
extends:
|
||||||
file: docker-compose.core.secrets.yml
|
file: docker-compose.core.overrides.yml
|
||||||
service: tm
|
service: tm
|
||||||
volumes: &tm-volumes
|
volumes: &tm-volumes
|
||||||
- tm-server:/app
|
- tm-server:/app
|
||||||
|
@ -17,7 +17,7 @@ services:
|
||||||
- xaseco:/cache
|
- xaseco:/cache
|
||||||
xaseco:
|
xaseco:
|
||||||
extends:
|
extends:
|
||||||
file: docker-compose.core.secrets.yml
|
file: docker-compose.core.overrides.yml
|
||||||
service: xaseco
|
service: xaseco
|
||||||
<<:
|
<<:
|
||||||
- *xaseco-base
|
- *xaseco-base
|
||||||
|
@ -26,5 +26,5 @@ services:
|
||||||
build: *xaseco-build
|
build: *xaseco-build
|
||||||
db:
|
db:
|
||||||
extends:
|
extends:
|
||||||
file: docker-compose.core.secrets.yml
|
file: docker-compose.core.overrides.yml
|
||||||
service: db
|
service: db
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
services:
|
services:
|
||||||
game:
|
game:
|
||||||
|
command:
|
||||||
|
- /game_settings=MatchSettings/Nations/NationsBlue.txt
|
||||||
|
environment: {}
|
||||||
ports:
|
ports:
|
||||||
- 2350:2350
|
- 2350:2350
|
||||||
- 2350:2350/udp
|
- 2350:2350/udp
|
||||||
- 2353:2353
|
- 2353:2353
|
||||||
- 2353:2353/udp
|
- 2353:2353/udp
|
||||||
command:
|
|
||||||
- /game_settings=MatchSettings/Nations/NationsBlue.txt
|
|
||||||
environment: {}
|
|
||||||
xaseco:
|
xaseco:
|
||||||
environment: {}
|
environment: {}
|
|
@ -1,4 +0,0 @@
|
||||||
include:
|
|
||||||
- path:
|
|
||||||
- docker-compose.base.yml
|
|
||||||
- docker-compose.secrets.yml
|
|
|
@ -1,7 +1,7 @@
|
||||||
#!/bin/env fish
|
#!/bin/env fish
|
||||||
begin
|
begin
|
||||||
set -l dir (status dirname)
|
set -l dir (status dirname)
|
||||||
set -l source "$dir/docker-compose.core.secrets.yml"
|
set -l source "$dir/docker-compose.core.overrides.yml"
|
||||||
source "$dir/../service.fish"
|
source "$dir/../service.fish"
|
||||||
|
|
||||||
function installSW -V dir -V domain -V source
|
function installSW -V dir -V domain -V source
|
||||||
|
@ -10,7 +10,7 @@ begin
|
||||||
set -l sqlPW (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
|
set -l sqlPW (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
|
||||||
initializeServiceInstallation $argv
|
initializeServiceInstallation $argv
|
||||||
|
|
||||||
cp -rf "$dir"/{.dockerignore,docker-compose{.base,{,.core}{,.secrets}}.yml,parser.patch,tmforever-entrypoint.sh,trackmania.Dockerfile,xaseco-entrypoint.sh,xaseco.Dockerfile} "$root"
|
cp -rf "$dir"/{.dockerignore,docker-compose{.base,.overrides,.core{,.overrides}}.yml,parser.patch,tmforever-entrypoint.sh,trackmania.Dockerfile,xaseco-entrypoint.sh,xaseco.Dockerfile} "$root"
|
||||||
|
|
||||||
PW="$tmPW" yq "$(getServiceKey "tm").environment.TM_SUPERADMIN_PASSWORD = env(PW)" "$source" | \
|
PW="$tmPW" yq "$(getServiceKey "tm").environment.TM_SUPERADMIN_PASSWORD = env(PW)" "$source" | \
|
||||||
PW="$sqlPW" yq "$(getServiceKey "db").environment.MYSQL_PASSWORD = env(PW)" | \
|
PW="$sqlPW" yq "$(getServiceKey "db").environment.MYSQL_PASSWORD = env(PW)" | \
|
||||||
|
@ -30,7 +30,7 @@ begin
|
||||||
end
|
end
|
||||||
|
|
||||||
function getBackupArgs
|
function getBackupArgs
|
||||||
printf "%s\n" --hidden --no-ignore "^docker-compose\.(.*\.)\?.secrets.yml|data\$" (getServiceRoot $argv)
|
printf "%s\n" --hidden --no-ignore "^docker-compose\.(.*\.)\?.overrides.yml|data\$" (getServiceRoot $argv)
|
||||||
end
|
end
|
||||||
|
|
||||||
runInstaller --force $argv --name "tm-forever"
|
runInstaller --force $argv --name "tm-forever"
|
||||||
|
|
|
@ -2,9 +2,6 @@ FROM debian:11.3
|
||||||
RUN apt-get update -y \
|
RUN apt-get update -y \
|
||||||
&& apt-get install -y \
|
&& apt-get install -y \
|
||||||
expect \
|
expect \
|
||||||
inotify-tools \
|
|
||||||
parallel \
|
|
||||||
rsync \
|
|
||||||
unzip \
|
unzip \
|
||||||
wget \
|
wget \
|
||||||
xmlstarlet \
|
xmlstarlet \
|
||||||
|
|
|
@ -12,6 +12,7 @@ data="/data"
|
||||||
runDir="/opt/xaseco"
|
runDir="/opt/xaseco"
|
||||||
entrypoint="$cache/aseco.php"
|
entrypoint="$cache/aseco.php"
|
||||||
config="$runDir/config.xml"
|
config="$runDir/config.xml"
|
||||||
|
adminConfig="$runDir/adminops.xml"
|
||||||
dbConfig="$runDir/localdatabase.xml"
|
dbConfig="$runDir/localdatabase.xml"
|
||||||
dediConfig="$runDir/dedimania.xml"
|
dediConfig="$runDir/dedimania.xml"
|
||||||
pluginConfig="$runDir/plugins.xml"
|
pluginConfig="$runDir/plugins.xml"
|
||||||
|
@ -20,6 +21,8 @@ serverPath="$settingsPath/tmserver"
|
||||||
pluginTag="plugin"
|
pluginTag="plugin"
|
||||||
pluginPath="/aseco_plugins"
|
pluginPath="/aseco_plugins"
|
||||||
|
|
||||||
|
userPattern="^(.+?)(@([[:digit:]]+(.[[:digit:]]+){3}))?\$"
|
||||||
|
|
||||||
tmOptions=(
|
tmOptions=(
|
||||||
TM_SERVER_HOST ip
|
TM_SERVER_HOST ip
|
||||||
TM_SERVER_PORT port
|
TM_SERVER_PORT port
|
||||||
|
@ -28,6 +31,11 @@ tmOptions=(
|
||||||
TM_TIMEOUT timeout
|
TM_TIMEOUT timeout
|
||||||
)
|
)
|
||||||
|
|
||||||
|
groups=(
|
||||||
|
ADMINS admins
|
||||||
|
OPERATORS operators
|
||||||
|
)
|
||||||
|
|
||||||
sqlOptions=(
|
sqlOptions=(
|
||||||
MYSQL_HOST mysql_server
|
MYSQL_HOST mysql_server
|
||||||
MYSQL_USER mysql_login
|
MYSQL_USER mysql_login
|
||||||
|
@ -114,6 +122,23 @@ for i in $(seq 0 2 $((${#tmOptions[@]} - 1))); do
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
|
for i in $(seq 0 2 $((${#groups[@]} - 1))); do
|
||||||
|
var="${groups[$i]}"
|
||||||
|
group="${groups[$(($i + 1))]}"
|
||||||
|
value="${!var}"
|
||||||
|
path="/lists/$group"
|
||||||
|
|
||||||
|
echo "$value" | while read user; do
|
||||||
|
name="$(echo "$user" | LC_ALL="C" perl -pe "s/$userPattern/\1/")"
|
||||||
|
ip="$(echo "$user" | LC_ALL="C" perl -pe "s/$userPattern/\3/")"
|
||||||
|
xmlstarlet edit --inplace --subnode "$path" --type elem -n "tmlogin" --value "$name" "$adminConfig"
|
||||||
|
|
||||||
|
if [ -n "$ip" ]; then
|
||||||
|
xmlstarlet edit --inplace --subnode "$path" --type elem -n "ipaddress" --value "$ip" "$adminConfig"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
done
|
||||||
|
|
||||||
for i in $(seq 0 2 $((${#sqlOptions[@]} - 1))); do
|
for i in $(seq 0 2 $((${#sqlOptions[@]} - 1))); do
|
||||||
var="${sqlOptions[$i]}"
|
var="${sqlOptions[$i]}"
|
||||||
option="${sqlOptions[$(($i + 1))]}"
|
option="${sqlOptions[$(($i + 1))]}"
|
||||||
|
@ -132,7 +157,6 @@ for i in $(seq 0 2 $((${#dediOptions[@]} - 1))); do
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ -n "$X1_EXTRA_PLUGINS" ]; then
|
if [ -n "$X1_EXTRA_PLUGINS" ]; then
|
||||||
echo "adding plugins: $X1_EXTRA_PLUGINS"
|
|
||||||
for plugin in $X1_EXTRA_PLUGINS; do
|
for plugin in $X1_EXTRA_PLUGINS; do
|
||||||
xmlstarlet edit --inplace --subnode "$pluginPath" --type elem -n "$pluginTag" --value "$plugin" "$pluginConfig"
|
xmlstarlet edit --inplace --subnode "$pluginPath" --type elem -n "$pluginTag" --value "$plugin" "$pluginConfig"
|
||||||
done
|
done
|
||||||
|
@ -150,6 +174,4 @@ if [ -n "$X1_DISABLED_PLUGINS" ]; then
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$1" != "download" ]; then
|
|
||||||
$@
|
$@
|
||||||
fi
|
|
||||||
|
|
|
@ -11,7 +11,8 @@ RUN apk update \
|
||||||
# xmlstarlet dependencies
|
# xmlstarlet dependencies
|
||||||
musl \
|
musl \
|
||||||
libxslt \
|
libxslt \
|
||||||
libxml2
|
libxml2 \
|
||||||
|
perl
|
||||||
RUN update-ca-certificates
|
RUN update-ca-certificates
|
||||||
RUN docker-php-ext-install mysql
|
RUN docker-php-ext-install mysql
|
||||||
COPY --from=base /usr/bin/xmlstarlet /usr/bin
|
COPY --from=base /usr/bin/xmlstarlet /usr/bin
|
||||||
|
@ -29,6 +30,9 @@ ENV \
|
||||||
MASTERADMIN_USER="" \
|
MASTERADMIN_USER="" \
|
||||||
MASTERADMIN_IP="" \
|
MASTERADMIN_IP="" \
|
||||||
\
|
\
|
||||||
|
ADMINS="" \
|
||||||
|
OPERATORS="" \
|
||||||
|
\
|
||||||
X1_EXTRA_PLUGINS="" \
|
X1_EXTRA_PLUGINS="" \
|
||||||
X1_DISABLED_PLUGINS="" \
|
X1_DISABLED_PLUGINS="" \
|
||||||
\
|
\
|
||||||
|
|
|
@ -3,13 +3,11 @@ services:
|
||||||
image: vaultwarden/server
|
image: vaultwarden/server
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
volumes:
|
volumes:
|
||||||
- ./data:/data
|
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
|
- ./data/vault:/data
|
||||||
environment:
|
environment:
|
||||||
DOMAIN: null
|
|
||||||
SMTP_HOST: bridge
|
SMTP_HOST: bridge
|
||||||
SMTP_FROM: null
|
SMTP_FROM_VALUE: Vaultwarden
|
||||||
SMTP_FROM_VALUE: vaultwarden
|
|
||||||
SMTP_PORT: 25
|
SMTP_PORT: 25
|
||||||
SMTP_ACCEPT_INVALID_CERTS: "true"
|
SMTP_ACCEPT_INVALID_CERTS: "true"
|
||||||
SIGNUPS_ALLOWED: "false"
|
SIGNUPS_ALLOWED: "false"
|
||||||
|
@ -18,12 +16,12 @@ services:
|
||||||
image: mariadb
|
image: mariadb
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
volumes:
|
volumes:
|
||||||
- ./db:/var/lib/mysql
|
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
|
- ./data/db:/var/lib/mysql
|
||||||
environment:
|
environment:
|
||||||
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
||||||
bridge:
|
bridge:
|
||||||
image: shenxn/protonmail-bridge
|
image: shenxn/protonmail-bridge
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
volumes:
|
volumes:
|
||||||
- ./bridge:/root
|
- ./data/bridge:/root
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
services:
|
services:
|
||||||
vaultwarden:
|
vaultwarden:
|
||||||
environment:
|
environment:
|
||||||
|
DOMAIN: null
|
||||||
|
SMTP_FROM: null
|
||||||
DATABASE_URL: mysql://vaultwarden:pw@db/vault
|
DATABASE_URL: mysql://vaultwarden:pw@db/vault
|
||||||
ports:
|
ports:
|
||||||
- 127.0.0.1:1337:80
|
- 127.0.0.1:1337:80
|
|
@ -2,7 +2,7 @@
|
||||||
begin
|
begin
|
||||||
set -l dir (status dirname)
|
set -l dir (status dirname)
|
||||||
set -l domain "passwords"
|
set -l domain "passwords"
|
||||||
set -l source "$dir/docker-compose.secrets.yml"
|
set -l source "$dir/docker-compose.overrides.yml"
|
||||||
source "$dir/../service.fish"
|
source "$dir/../service.fish"
|
||||||
|
|
||||||
function installSW -V dir -V domain -V source
|
function installSW -V dir -V domain -V source
|
||||||
|
@ -12,14 +12,13 @@ begin
|
||||||
set -l dbKey "$envKey.DATABASE_URL"
|
set -l dbKey "$envKey.DATABASE_URL"
|
||||||
set -l dbUrl (yq "$dbKey" "$source" | sed "s/^\(.*:\/\/.*:\).*\(@.*\/.*\)\$/\1$pw\2/")
|
set -l dbUrl (yq "$dbKey" "$source" | sed "s/^\(.*:\/\/.*:\).*\(@.*\/.*\)\$/\1$pw\2/")
|
||||||
initializeServiceInstallation $argv
|
initializeServiceInstallation $argv
|
||||||
|
cp "$dir/docker-compose.base.yml" (getServiceRoot $argv)
|
||||||
|
|
||||||
URL="https://$domain.$(getMachineFQDN)" yq "$envKey.DOMAIN = env(URL)" "$file" | \
|
URL="https://$domain.$(getMachineFQDN)" yq "$envKey.DOMAIN = env(URL)" "$source" | \
|
||||||
ADDRESS="noreply@$(getMachineFQDN)" yq "$envKey.SMTP_FROM = env(ADDRESS)" | \
|
ADDRESS="no-reply@$(getMachineFQDN)" yq "$envKey.SMTP_FROM = env(ADDRESS)" | \
|
||||||
sudo tee "$(getServiceRoot $argv)/$(basename "$file")" >/dev/null
|
URL=$dbUrl yq "$dbKey = env(URL)" | \
|
||||||
|
|
||||||
URL=$dbUrl yq "$dbKey = env(URL)" "$source" | \
|
|
||||||
PW=$pw yq ".services.db.environment.MARIADB_PASSWORD = env(PW)" | \
|
PW=$pw yq ".services.db.environment.MARIADB_PASSWORD = env(PW)" | \
|
||||||
sudo tee (getServiceSecretsConfig $argv) >/dev/null
|
sudo tee (getServiceOverrides $argv) >/dev/null
|
||||||
|
|
||||||
installDockerService $argv
|
installDockerService $argv
|
||||||
end
|
end
|
||||||
|
|
|
@ -7,7 +7,6 @@ services:
|
||||||
user: 1337:1337
|
user: 1337:1337
|
||||||
environment:
|
environment:
|
||||||
WRITABLE_PATH: /data
|
WRITABLE_PATH: /data
|
||||||
ROOT_URL: https://example.com
|
|
||||||
MONGO_URL: mongodb://db:27017/wekan
|
MONGO_URL: mongodb://db:27017/wekan
|
||||||
MONGO_OPLOG_URL:
|
MONGO_OPLOG_URL:
|
||||||
WITH_API: "true"
|
WITH_API: "true"
|
||||||
|
@ -21,7 +20,7 @@ services:
|
||||||
command: mongod --logpath /dev/null --oplogSize 128 --quiet
|
command: mongod --logpath /dev/null --oplogSize 128 --quiet
|
||||||
volumes:
|
volumes:
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
- ./data/database:/data/db
|
- ./data/db:/data/db
|
||||||
bridge:
|
bridge:
|
||||||
image: shenxn/protonmail-bridge
|
image: shenxn/protonmail-bridge
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
|
@ -1,4 +1,6 @@
|
||||||
services:
|
services:
|
||||||
wekan:
|
wekan:
|
||||||
|
environment:
|
||||||
|
ROOT_URL: https://example.com
|
||||||
ports:
|
ports:
|
||||||
- 127.0.0.1:1337:8080
|
- 127.0.0.1:1337:8080
|
|
@ -7,38 +7,17 @@ begin
|
||||||
|
|
||||||
function installSW -V dir -V service -V domain
|
function installSW -V dir -V service -V domain
|
||||||
set -l domain (getServiceDomain $domain)
|
set -l domain (getServiceDomain $domain)
|
||||||
set -l file "$dir/docker-compose.base.yml"
|
set -l overrides (getServiceOverrides $argv)
|
||||||
initializeServiceInstallation $argv
|
initializeServiceInstallation $argv
|
||||||
|
|
||||||
URL="https://$domain" yq "$(getServiceKey "$service").environment.DOMAIN = env(URL)" "$file" | \
|
sudo cp "$dir/docker-compose.base.yml" (getServiceRoot $argv)
|
||||||
sudo tee "$(getServiceRoot $argv)/$(basename "$file")" >/dev/null
|
|
||||||
|
URL="https://$domain" yq "$(getServiceKey "$service").environment.ROOT_URL = env(URL)" "$dir/$(basename "$overrides")" | \
|
||||||
|
sudo tee "$overrides" >/dev/null
|
||||||
|
|
||||||
sudo cp "$dir/docker-compose.secrets.yml" (getServiceRoot $argv)
|
|
||||||
installDockerService $argv
|
installDockerService $argv
|
||||||
end
|
end
|
||||||
|
|
||||||
function configureSW -V dir -V service
|
|
||||||
set -l uid
|
|
||||||
set -l gid
|
|
||||||
set -l user "$service"
|
|
||||||
set -l root (getServiceRoot $argv)
|
|
||||||
set -l data "data/wekan"
|
|
||||||
configureDockerService $argv
|
|
||||||
|
|
||||||
and sudo useradd \
|
|
||||||
--system \
|
|
||||||
--shell /bin/false \
|
|
||||||
--comment 'Wekan server' \
|
|
||||||
--create-home \
|
|
||||||
"$user"
|
|
||||||
|
|
||||||
set uid (id -u "$user")
|
|
||||||
set gid (id -g "$user")
|
|
||||||
USER="$uid:$gid" yq -i "$(getServiceKey "$service").user = env(USER)" "$root/docker-compose.base.yml"
|
|
||||||
mkdir -p "$root/$data"
|
|
||||||
chown -R "$uid:$gid" "$root/$data"
|
|
||||||
end
|
|
||||||
|
|
||||||
function getServiceServers -V domain
|
function getServiceServers -V domain
|
||||||
printf "%s\0" $domain
|
printf "%s\0" $domain
|
||||||
end
|
end
|
||||||
|
|
|
@ -12,13 +12,13 @@ begin
|
||||||
function installSW -V dir -V environments -V source
|
function installSW -V dir -V environments -V source
|
||||||
set -l root (getServiceRoot $argv)
|
set -l root (getServiceRoot $argv)
|
||||||
set -l config "$root/docker-compose.base.yml"
|
set -l config "$root/docker-compose.base.yml"
|
||||||
set -l secrets (getServiceSecretsConfig $argv)
|
set -l overrides (getServiceOverrides $argv)
|
||||||
set -l ciTemplate (yq -oj (getServiceKey ci-template) "$source")
|
set -l ciTemplate (yq -oj (getServiceKey ci-template) "$source")
|
||||||
set -l agentTemplate (yq -oj (getServiceKey agent-template) "$source")
|
set -l agentTemplate (yq -oj (getServiceKey agent-template) "$source")
|
||||||
set -l dbTemplate (yq -oj (getServiceKey db-template) "$source")
|
set -l dbTemplate (yq -oj (getServiceKey db-template) "$source")
|
||||||
initializeServiceInstallation $argv
|
initializeServiceInstallation $argv
|
||||||
echo "{}" | sudo tee "$config" >/dev/null
|
echo "{}" | sudo tee "$config" >/dev/null
|
||||||
echo "{}" | sudo tee "$secrets" >/dev/null
|
echo "{}" | sudo tee "$overrides" >/dev/null
|
||||||
|
|
||||||
cp "$dir/.dockerignore" "$root"
|
cp "$dir/.dockerignore" "$root"
|
||||||
sudo touch "$root"/{agent,ci}.common.env
|
sudo touch "$root"/{agent,ci}.common.env
|
||||||
|
@ -30,7 +30,7 @@ begin
|
||||||
set -l secret (openssl rand -hex 32)
|
set -l secret (openssl rand -hex 32)
|
||||||
set -l services ci db agent
|
set -l services ci db agent
|
||||||
set -l tmpConfig (mktemp)
|
set -l tmpConfig (mktemp)
|
||||||
set -l tmpSecrets (mktemp)
|
set -l tmpOverrides (mktemp)
|
||||||
set -l ciName "$name-ci"
|
set -l ciName "$name-ci"
|
||||||
set -l dbName "$name-db"
|
set -l dbName "$name-db"
|
||||||
set -l agentName "$name-agent"
|
set -l agentName "$name-agent"
|
||||||
|
@ -46,7 +46,7 @@ begin
|
||||||
set -l domain (getServiceDomain "$subdomain" "$domain")
|
set -l domain (getServiceDomain "$subdomain" "$domain")
|
||||||
|
|
||||||
cp "$config" "$tmpConfig"
|
cp "$config" "$tmpConfig"
|
||||||
cp "$secrets" "$tmpSecrets"
|
cp "$overrides" "$tmpOverrides"
|
||||||
|
|
||||||
for serviceName in $services
|
for serviceName in $services
|
||||||
set -l file (mktemp)
|
set -l file (mktemp)
|
||||||
|
@ -64,23 +64,23 @@ begin
|
||||||
|
|
||||||
yq "$ciKey = $ciTemplate" "$tmpConfig" | \
|
yq "$ciKey = $ciTemplate" "$tmpConfig" | \
|
||||||
DB="$dbName" yq "$ciKey.depends_on |= . + [ env(DB) ]" | \
|
DB="$dbName" yq "$ciKey.depends_on |= . + [ env(DB) ]" | \
|
||||||
ENTRY="./data/$name/ci:/data" yq "$ciKey.volumes = [ env(ENTRY) ]" | \
|
ENTRY="./data/$name/ci:/var/lib/woodpecker" yq "$ciKey.volumes = [ env(ENTRY) ]" | \
|
||||||
yq "$ciKey.env_file |= . + [ env(SECRET_ENV) ]" | \
|
yq "$ciKey.env_file |= . + [ env(SECRET_ENV) ]" | \
|
||||||
yq "$agentKey = $agentTemplate" | \
|
yq "$agentKey = $agentTemplate" | \
|
||||||
yq "$agentKey.depends_on |= . + [ env(CI_NAME) ]" | \
|
yq "$agentKey.depends_on |= . + [ env(CI_NAME) ]" | \
|
||||||
yq "$agentKey.env_file |= . + [ env(SECRET_ENV) ]" | \
|
yq "$agentKey.env_file |= . + [ env(SECRET_ENV) ]" | \
|
||||||
SERVER="$ciName:9000" yq "$agentEnv.WOODPECKER_SERVER = env(SERVER)" | \
|
SERVER="$ciName:9000" yq "$agentEnv.WOODPECKER_SERVER = env(SERVER)" | \
|
||||||
yq "$dbKey = $dbTemplate" | \
|
yq "$dbKey = $dbTemplate" | \
|
||||||
ENTRY="./data/$name/database:/var/lib/mysql" yq "$dbKey.volumes |= . + [ env(ENTRY) ]" | \
|
ENTRY="./data/$name/db:/var/lib/mysql" yq "$dbKey.volumes |= . + [ env(ENTRY) ]" | \
|
||||||
sudo tee "$config" >/dev/null
|
sudo tee "$config" >/dev/null
|
||||||
|
|
||||||
PORT="127.0.0.1:1337:8000" yq "$ciKey.ports = [ env(PORT) ]" "$tmpSecrets" | \
|
HOST="https://$domain" yq "$ciEnv.WOODPECKER_HOST = env(HOST)" "$tmpOverrides" | \
|
||||||
HOST="https://$domain" yq "$ciEnv.WOODPECKER_HOST = env(HOST)" | \
|
PORT="127.0.0.1:1337:8000" yq "$ciKey.ports = [ env(PORT) ]" | \
|
||||||
DB="$dbUser:$pw@tcp($dbName:3306)/$db?parseTime=true" yq "$ciEnv.WOODPECKER_DATABASE_DATASOURCE = env(DB)" | \
|
DB="$dbUser:$pw@tcp($dbName:3306)/$db?parseTime=true" yq "$ciEnv.WOODPECKER_DATABASE_DATASOURCE = env(DB)" | \
|
||||||
USER="$dbUser" yq "$dbEnv.MARIADB_USER = env(USER)" | \
|
USER="$dbUser" yq "$dbEnv.MARIADB_USER = env(USER)" | \
|
||||||
PW="$pw" yq "$dbEnv.MARIADB_PASSWORD = env(PW)" | \
|
PW="$pw" yq "$dbEnv.MARIADB_PASSWORD = env(PW)" | \
|
||||||
DB="$db" yq "$dbEnv.MARIADB_DATABASE = env(DB)" | \
|
DB="$db" yq "$dbEnv.MARIADB_DATABASE = env(DB)" | \
|
||||||
sudo tee "$secrets" >/dev/null
|
sudo tee "$overrides" >/dev/null
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -109,7 +109,7 @@ begin
|
||||||
end
|
end
|
||||||
|
|
||||||
function getBackupArgs
|
function getBackupArgs
|
||||||
printf "%s\n" --hidden --no-ignore "data|\.secrets?\." (getServiceRoot $argv)
|
printf "%s\n" --hidden --no-ignore "data|\.secret\.|docker-compose\.overrides\.yml" (getServiceRoot $argv)
|
||||||
end
|
end
|
||||||
|
|
||||||
runInstaller --force $argv
|
runInstaller --force $argv
|
||||||
|
|
Loading…
Reference in a new issue