Compare commits
33 commits
96024edac5
...
eb739c806d
Author | SHA1 | Date | |
---|---|---|---|
eb739c806d | |||
ec3e39857b | |||
ec6e84465c | |||
54d3050cdf | |||
dc15c137c9 | |||
4eb7fece98 | |||
7e8314d42a | |||
04538d936a | |||
59bca9ce9e | |||
0a59700a5d | |||
6561f4e5e7 | |||
47d50e1c1f | |||
da46d6966a | |||
acec4a484e | |||
d15487950b | |||
8fd621ac58 | |||
f0ebacee3f | |||
6bd9fb00ef | |||
4cdda3076e | |||
865a55e1be | |||
556e447617 | |||
3164d18193 | |||
57f56e0e9b | |||
522ebd9ede | |||
1b0f05da91 | |||
b4fd6aeb11 | |||
d10b51b99b | |||
ea66e36085 | |||
533e526952 | |||
c12f20bc77 | |||
14baa2cb78 | |||
cab8210b2f | |||
4cb61d56c6 |
35 changed files with 168 additions and 150 deletions
|
@ -2,7 +2,7 @@
|
|||
begin
|
||||
set -l name anki
|
||||
set -l dir (status dirname)
|
||||
set -l source "$dir/docker-compose.secrets.yml"
|
||||
set -l source "$dir/docker-compose.overrides.yml"
|
||||
source "$dir/../service.fish"
|
||||
|
||||
function installSW -V dir -V source
|
||||
|
@ -13,7 +13,7 @@ begin
|
|||
sudo cp "$dir/docker-compose.base.yml" (getServiceRoot $argv)
|
||||
|
||||
USER=$user yq "$userKey = env(USER)" "$source" | \
|
||||
sudo tee (getServiceSecretsConfig $argv) >/dev/null
|
||||
sudo tee (getServiceOverrides $argv) >/dev/null
|
||||
|
||||
installDockerService $argv
|
||||
end
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
include:
|
||||
- path:
|
||||
- docker-compose.base.yml
|
||||
- docker-compose.secrets.yml
|
||||
- docker-compose.overrides.yml
|
||||
|
|
|
@ -11,13 +11,13 @@ begin
|
|||
function installSW -V dir -V environments -V source
|
||||
set -l root (getServiceRoot $argv)
|
||||
set -l config "$root/docker-compose.base.yml"
|
||||
set -l secrets (getServiceSecretsConfig $argv)
|
||||
set -l overrides (getServiceOverrides $argv)
|
||||
set -l ciTemplate (yq -oj (getServiceKey ci-template) "$source")
|
||||
set -l dockerTemplate (yq -oj (getServiceKey docker-template) "$source")
|
||||
set -l sshTemplate (yq -oj (getServiceKey ssh-template) "$source")
|
||||
initializeServiceInstallation $argv
|
||||
echo "{}" | sudo tee "$config" >/dev/null
|
||||
echo "{}" | sudo tee "$secrets" >/dev/null
|
||||
echo "{}" | sudo tee "$overrides" >/dev/null
|
||||
|
||||
cp "$dir"/{ci.Dockerfile,docker-compose.core.yml,.dockerignore} "$root"
|
||||
echo "DRONE_JSONNET_ENABLED=true" | sudo tee "$root/server.common.env" >/dev/null
|
||||
|
@ -32,7 +32,7 @@ begin
|
|||
set -l runners ssh docker
|
||||
set -l services ci $runners
|
||||
set -l tmpConfig (mktemp)
|
||||
set -l tmpSecrets (mktemp)
|
||||
set -l tmpOverrides (mktemp)
|
||||
set -l ciName "$name-ci"
|
||||
set -l sshName "$name-ssh-runner"
|
||||
set -l dockerName "$name-docker-runner"
|
||||
|
@ -41,7 +41,7 @@ begin
|
|||
set -l dockerEnv
|
||||
|
||||
cp "$config" "$tmpConfig"
|
||||
cp "$secrets" "$tmpSecrets"
|
||||
cp "$overrides" "$tmpOverrides"
|
||||
|
||||
for serviceName in $services
|
||||
set -l file (mktemp)
|
||||
|
@ -83,8 +83,8 @@ begin
|
|||
rm "$file"
|
||||
end
|
||||
|
||||
PORT="127.0.0.1:1337:80" yq "$ciKey.ports = [ env(PORT) ]" "$tmpSecrets" | \
|
||||
sudo tee "$secrets" >/dev/null
|
||||
PORT="127.0.0.1:1337:80" yq "$ciKey.ports = [ env(PORT) ]" "$tmpOverrides" | \
|
||||
sudo tee "$overrides" >/dev/null
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -113,7 +113,7 @@ begin
|
|||
end
|
||||
|
||||
function getBackupArgs
|
||||
printf "%s\n" --hidden --no-ignore "data|\.secrets?\." (getServiceRoot $argv)
|
||||
printf "%s\n" --hidden --no-ignore "data|\.secret\.|\.overrides\." (getServiceRoot $argv)
|
||||
end
|
||||
|
||||
runInstaller --force $argv
|
||||
|
|
|
@ -13,8 +13,8 @@ begin
|
|||
|
||||
function installSW -V dir -V domain -V server -V service
|
||||
set -l root (getServiceRoot $argv)
|
||||
set -l secrets (getServiceSecretsConfig $argv)
|
||||
set -l source "$dir/$(basename "$secrets")"
|
||||
set -l overrides (getServiceOverrides $argv)
|
||||
set -l source "$dir/$(basename "$overrides")"
|
||||
set -l pw (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
|
||||
set -l port (getRandomPort)
|
||||
initializeServiceInstallation $argv
|
||||
|
@ -36,7 +36,7 @@ begin
|
|||
yq "$dbEnv.MARIADB_USER = env(USER)" | \
|
||||
yq "$dbEnv.MARIADB_PASSWORD = env(PW)" | \
|
||||
URL="https://$DOMAIN/" yq "$actEnv.GITEA_INSTANCE_URL = env(URL)" | \
|
||||
sudo tee "$secrets" >/dev/null
|
||||
sudo tee "$overrides" >/dev/null
|
||||
end
|
||||
|
||||
installDockerService $argv
|
||||
|
@ -51,7 +51,7 @@ begin
|
|||
set -l dir "$root/data"
|
||||
set -l bin "/usr/local/bin/forgejo"
|
||||
set -l config "$root/docker-compose.base.yml"
|
||||
set -l secrets (getServiceSecretsConfig $argv)
|
||||
set -l overrides (getServiceOverrides $argv)
|
||||
set -l envKey "$(getServiceKey "$service").environment"
|
||||
configureDockerService $argv
|
||||
cp "$config" "$file"
|
||||
|
@ -74,7 +74,7 @@ begin
|
|||
and chown -R $uid:$gid "$dir"
|
||||
rm "$file"
|
||||
|
||||
set port (yq (getSSHPortKey) "$secrets" | extractPort)
|
||||
set port (yq (getSSHPortKey) "$overrides" | extractPort)
|
||||
|
||||
begin
|
||||
printf "%s\n" \
|
||||
|
|
|
@ -4,7 +4,6 @@ services:
|
|||
restart: unless-stopped
|
||||
user: 1337:1337
|
||||
hostname: Jellyfin
|
||||
environment: {}
|
||||
volumes:
|
||||
- ./config/jellyfin:/config
|
||||
- cache:/cache
|
||||
|
@ -96,14 +95,43 @@ services:
|
|||
-o directory.default.set=/downloads
|
||||
-o 'method.set=group.seeding.ratio.command, "d.cloase = ; d.erase = "'
|
||||
volumes:
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- ./config/rtorrent:/config
|
||||
- ./downloads:/downloads
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- ./proton:/proton
|
||||
devices:
|
||||
- /dev/net/tun
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
# transmission:
|
||||
# build:
|
||||
# dockerfile: ./transmission.Dockerfile
|
||||
# context: .
|
||||
# restart: unless-stopped
|
||||
# hostname: transmission
|
||||
# env_file:
|
||||
# - ./proton.env
|
||||
# environment:
|
||||
# PUID: 1337
|
||||
# PGID: 1337
|
||||
# PVPN_TIER: 1337
|
||||
# TZ: Europe/Zurich
|
||||
# TRANSMISSION_WEB_HOME: /transmission
|
||||
# TRANSMISSION_WEB_USER: "scott"
|
||||
# TRANSMISSION_WEB_PASS: "tiger"
|
||||
# MAX_UPTIME: -1
|
||||
# command: --no-incomplete-dir
|
||||
# --download-dir /downloads
|
||||
# ports:
|
||||
# - 127.0.0.1:1337:9091
|
||||
# volumes:
|
||||
# - ./config/transmission:/config
|
||||
# - ./downloads:/downloads
|
||||
# - /etc/localtime:/etc/localtime:ro
|
||||
# devices:
|
||||
# - /dev/net/tun
|
||||
# cap_add:
|
||||
# - NET_ADMIN
|
||||
|
||||
volumes:
|
||||
cache: {}
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
services:
|
||||
jellyfin:
|
||||
environment: {}
|
||||
ports:
|
||||
- 127.0.0.1:1337:8096
|
||||
radarr:
|
|
@ -11,8 +11,8 @@ begin
|
|||
|
||||
function installSW -V dir -V domain -V server -V service
|
||||
set -l root (getServiceRoot $argv)
|
||||
set -l secrets (getServiceSecretsConfig $argv)
|
||||
set -l source "$dir/$(basename "$secrets")"
|
||||
set -l overrides (getServiceOverrides $argv)
|
||||
set -l source "$dir/$(basename "$overrides")"
|
||||
set -l port (getRandomPort)
|
||||
set -l servarrKeys
|
||||
initializeServiceInstallation $argv
|
||||
|
@ -20,7 +20,7 @@ begin
|
|||
sudo cp "$dir/.dockerignore" "$root"
|
||||
sudo cp "$dir/pvpn-cli.py" "$root"
|
||||
sudo cp "$dir/rtorrent.Dockerfile" "$root"
|
||||
sudo cp "$source" "$secrets"
|
||||
sudo cp "$source" "$overrides"
|
||||
|
||||
installDockerService $argv
|
||||
end
|
||||
|
@ -33,7 +33,7 @@ begin
|
|||
set -l root (getServiceRoot $argv)
|
||||
set -l bin "/usr/local/bin/forgejo"
|
||||
set -l config "$root/docker-compose.base.yml"
|
||||
set -l secrets (getServiceSecretsConfig $argv)
|
||||
set -l overrides (getServiceOverrides $argv)
|
||||
set -l envKey "$(getServiceKey "$service").environment"
|
||||
configureDockerService $argv
|
||||
|
||||
|
@ -62,9 +62,9 @@ begin
|
|||
sudo tee "$config" >/dev/null
|
||||
end
|
||||
|
||||
cp "$secrets" "$file"
|
||||
cp "$overrides" "$file"
|
||||
URL="https://$(getServiceDomain "$domain" "")/" yq "$(getServiceKey "$service").environment.JELLYFIN_PublishedServerUrl = env(URL)" "$file" | \
|
||||
sudo tee "$secrets" >/dev/null
|
||||
sudo tee "$overrides" >/dev/null
|
||||
|
||||
for dir in "$root"/{downloads,config/{,jellyfin,flood,rtorrent,radarr,sonarr,lidarr,prowlarr},media/{,movies,series,music}}
|
||||
sudo mkdir -p "$dir"
|
||||
|
|
|
@ -6,7 +6,7 @@ services:
|
|||
service: web
|
||||
volumes:
|
||||
- ./nginx/web.conf:/etc/nginx/nginx.conf
|
||||
- ./cloud/logs/nginx:/var/log/nginx
|
||||
- ./nginx/logs/nginx:/var/log/nginx
|
||||
depends_on:
|
||||
core:
|
||||
condition: service_healthy
|
||||
|
@ -19,7 +19,7 @@ services:
|
|||
entrypoint:
|
||||
- bash
|
||||
- -c
|
||||
- /entrypoint.sh php-fpm & while ! echo '' 2> /dev/null > /dev/tcp/127.0.0.1/9000; do sleep 1; done; kill -9 $!; true;
|
||||
- /entrypoint.sh php-fpm & while ! echo '' 2>/dev/null >/dev/tcp/127.0.0.1/9000; do sleep 1; done; kill -9 $!; true;
|
||||
db:
|
||||
image: mariadb:lts
|
||||
restart: unless-stopped
|
||||
|
@ -28,7 +28,7 @@ services:
|
|||
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
||||
MARIADB_MYSQL_LOCALHOST_USER: 1
|
||||
volumes:
|
||||
- ./cloud/database:/var/lib/mysql
|
||||
- ./data/db:/var/lib/mysql
|
||||
command:
|
||||
- --innodb_read_only_compressed=OFF
|
||||
healthcheck:
|
||||
|
@ -46,7 +46,7 @@ services:
|
|||
env_file:
|
||||
- cache.env
|
||||
volumes:
|
||||
- ./cloud/cache:/data
|
||||
- ./data/cache:/data
|
||||
healthcheck:
|
||||
test: [CMD, bash, -c, echo '' > /dev/tcp/127.0.0.1/6379]
|
||||
interval: 5s
|
||||
|
@ -88,7 +88,7 @@ services:
|
|||
image: shenxn/protonmail-bridge
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./bridge:/root
|
||||
- ./data/bridge:/root
|
||||
turn:
|
||||
image: instrumentisto/coturn
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -4,11 +4,11 @@ services:
|
|||
volumes:
|
||||
- webroot:/var/www/html:z
|
||||
- ./php.ini:/usr/local/etc/php/conf.d/nextcloud.ini
|
||||
- ./cloud/apps:/var/www/html/custom_apps
|
||||
- ./cloud/config:/var/www/html/config
|
||||
- ./cloud/data:/var/www/html/data
|
||||
- ./cloud/themes:/var/www/html/themes
|
||||
- ./cloud/public:/public
|
||||
- ./data/cloud/apps:/var/www/html/custom_apps
|
||||
- ./data/cloud/config:/var/www/html/config
|
||||
- ./data/cloud/data:/var/www/html/data
|
||||
- ./data/cloud/themes:/var/www/html/themes
|
||||
- ./data/public:/public
|
||||
- ../jellyfin/downloads:/downloads
|
||||
setup:
|
||||
extends:
|
||||
|
@ -29,4 +29,4 @@ services:
|
|||
environment:
|
||||
MYSQL_HOST: db
|
||||
REDIS_HOST: cache
|
||||
TRUSTED_PROXIED: 172.16.0.0/12
|
||||
TRUSTED_PROXIES: 172.16.0.0/12
|
||||
|
|
|
@ -4,8 +4,8 @@ services:
|
|||
- 127.0.0.1:1337:80
|
||||
turn:
|
||||
ports:
|
||||
- 127.0.0.1:1337:3478/tcp
|
||||
- 127.0.0.1:1337:3478/udp
|
||||
- 1337:3478/tcp
|
||||
- 1337:3478/udp
|
||||
command: [-n, --log-file=stdout, --min-port=49160, --max-port=49200, --use-auth-secret]
|
||||
collabora:
|
||||
ports:
|
|
@ -31,10 +31,8 @@ begin
|
|||
set -l source "$dir/docker-compose.core.yml"
|
||||
set -l core "$root/$(basename "$source")"
|
||||
set -l domain (getServiceDomain $domain)
|
||||
set -l base "$root/docker-compose.base.yml"
|
||||
set -l baseSource "$dir/$(basename "$base")"
|
||||
set -l secrets (getServiceSecretsConfig $argv)
|
||||
set -l secretsSource "$dir/$(basename "$secrets")"
|
||||
set -l overrides (getServiceOverrides $argv)
|
||||
set -l overridesSource "$dir/$(basename "$overrides")"
|
||||
set -l turnKey "$(getServiceKey "$turn")"
|
||||
set -l portKey "$turnKey.ports[1]"
|
||||
set -l officeEnv "$(getServiceKey "$office").environment"
|
||||
|
@ -45,7 +43,7 @@ begin
|
|||
set -l nextcloudPW ($genPW 64)
|
||||
|
||||
initializeServiceInstallation $argv
|
||||
sudo cp -r "$dir"/{cache.Dockerfile,cloud.Dockerfile,.dockerignore,fpm,nginx,php.ini} "$root"
|
||||
sudo cp -r "$dir"/{cache.Dockerfile,cloud.Dockerfile,docker-compose.{base,core}.yml,.dockerignore,fpm,nginx,php.ini} "$root"
|
||||
|
||||
begin
|
||||
printf "%s\n" \
|
||||
|
@ -59,38 +57,30 @@ begin
|
|||
begin
|
||||
printf "%s\n" \
|
||||
"NEXTCLOUD_ADMIN_USER=admin" \
|
||||
"NEXTCLOUD_ADMIN_PASSWORD=$nextcloudPW"
|
||||
"NEXTCLOUD_ADMIN_PASSWORD=$nextcloudPW" \
|
||||
"NEXTCLOUD_TRUSTED_DOMAINS=$domain" \
|
||||
"OVERWRITEPROTOCOL=https" \
|
||||
"OVERWRITEHOST=$domain" \
|
||||
"OVERWRITECLIURL=https://$domain"
|
||||
end | sudo tee "$root/nextcloud.env" >/dev/null
|
||||
|
||||
PROTO="https" DOMAIN="$domain" begin
|
||||
set -l envKey "$(getServiceKey "$service").environment"
|
||||
|
||||
yq "$envKey.NEXTCLOUD_TRUSTED_DOMAINS = env(DOMAIN)" "$source" | \
|
||||
yq "$envKey.OVERWRITEPROTOCOL = env(PROTO)" | \
|
||||
yq "$envKey.OVERWRITEHOST = env(DOMAIN)" | \
|
||||
URL="$PROTO://$DOMAIN" yq "$envKey.OVERWRITECLIURL = env(URL)" | \
|
||||
sudo tee "$core" >/dev/null
|
||||
|
||||
DOMAIN=(getServiceDomain $officeDomain) yq "$officeEnv.server_name = env(DOMAIN)" "$baseSource" | \
|
||||
URL="https://$(string escape --style regex "$DOMAIN"):443" yq "$officeEnv.aliasgroup1 = env(URL)" | \
|
||||
sudo tee "$base" >/dev/null
|
||||
end
|
||||
|
||||
begin
|
||||
set -l key "$turnKey.command"
|
||||
|
||||
PW="--static-auth-secret=$turnPW" \
|
||||
DOMAIN="--realm=$domain" \
|
||||
yq "$key |= . + [env(PW), env(DOMAIN)]" "$secretsSource" | \
|
||||
sudo tee "$secrets" >/dev/null
|
||||
yq "$key |= . + [env(PW), env(DOMAIN)]" "$overridesSource" | \
|
||||
DOMAIN=(getServiceDomain $officeDomain) yq "$officeEnv.server_name = env(DOMAIN)" | \
|
||||
URL="https://$(string escape --style regex "$DOMAIN"):443" yq "$officeEnv.aliasgroup1 = env(URL)" | \
|
||||
sudo tee "$overrides" >/dev/null
|
||||
end
|
||||
|
||||
installDockerService $argv
|
||||
set turnPort (yq (getServicePortKey "$turn") "$secrets" | extractPort)
|
||||
set turnPort (yq "$portKey" "$secrets" | mutatePort "$turnPort")
|
||||
set turnPort (yq (getServicePortKey "$turn") "$overrides" | extractPort)
|
||||
set turnPort (yq "$portKey" "$overrides" | mutatePort "$turnPort")
|
||||
|
||||
cp "$secrets" "$file"
|
||||
PORT="$turnPort" yq "$portKey = env(PORT)" "$file" | sudo tee "$secrets" >/dev/null
|
||||
cp "$overrides" "$file"
|
||||
PORT="$turnPort" yq "$portKey = env(PORT)" "$file" | sudo tee "$overrides" >/dev/null
|
||||
rm "$file"
|
||||
end
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@ begin
|
|||
set -l dir (status dirname)
|
||||
set -l domain "tracker" ""
|
||||
set -l service "ryot"
|
||||
set -l source "$dir/docker-compose.secrets.yml"
|
||||
set -l source "$dir/docker-compose.overrides.yml"
|
||||
source "$dir/../service.fish"
|
||||
|
||||
function installSW -V dir -V domain -V service -V source
|
||||
|
@ -13,13 +13,13 @@ begin
|
|||
set -l pw (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
|
||||
set -l envKey ".services.$service.environment"
|
||||
set -l dbKey "$envKey.DATABASE_URL"
|
||||
set -l dbUrl ( "$dbKey" "$source" | sed "s/^\(.*:\/\/.*:\).*\(@.*\/.*\)\$/\1$pw\2/")
|
||||
set -l dbUrl (yq "$dbKey" "$source" | sed "s/^\(.*:\/\/.*:\).*\(@.*\/.*\)\$/\1$pw\2/")
|
||||
initializeServiceInstallation $argv
|
||||
sudo cp "$file" "$root"
|
||||
|
||||
URL=$dbUrl yq "$dbKey = env(URL)" "$source" | \
|
||||
PW=$pw yq ".services.db.environment.POSTGRES_PASSWORD = env(PW)" | \
|
||||
sudo tee (getServiceSecretsConfig $argv) >/dev/null
|
||||
sudo tee (getServiceOverrides $argv) >/dev/null
|
||||
|
||||
installDockerService $argv
|
||||
end
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
begin
|
||||
set -l dir (status dirname)
|
||||
set -l root /usr/local/lib
|
||||
set -l secretsFile "docker-compose.secrets.yml"
|
||||
set -l overrides "docker-compose.overrides.yml"
|
||||
set -l nginxRoot "/etc/nginx/conf.d"
|
||||
source "$dir/../../../../lib/software.fish"
|
||||
|
||||
|
@ -11,7 +11,7 @@ begin
|
|||
end
|
||||
|
||||
function getPortPattern
|
||||
echo "^\([.[:digit:]]\+:\)\([[:digit:]]\+\)\(:[[:digit:]]\+\(\/tcp\|udp\)\?\)"
|
||||
echo "^\([.[:digit:]]\+:\)\?\([[:digit:]]\+\)\(:[[:digit:]]\+\(\/tcp\|udp\)\?\)"
|
||||
end
|
||||
|
||||
function __substitutePort -a substitution
|
||||
|
@ -48,11 +48,11 @@ begin
|
|||
echo "$nginxRoot/$(getServiceName $argv).conf"
|
||||
end
|
||||
|
||||
function getServiceSecretsConfig -V secretsFile
|
||||
echo "$(getServiceRoot $argv)/$secretsFile"
|
||||
function getServiceOverrides -V overrides
|
||||
echo "$(getServiceRoot $argv)/$overrides"
|
||||
end
|
||||
|
||||
function getServicePortKey -V secretsFile -a name
|
||||
function getServicePortKey -V overrides -a name
|
||||
echo "$(getServiceKey "$name").ports[0]"
|
||||
end
|
||||
|
||||
|
@ -78,7 +78,7 @@ begin
|
|||
function getServiceDefaultProxy -a domain service location
|
||||
argparse -i "comment=" "path=" "url=" -- $argv
|
||||
set -l url
|
||||
set -l config (getServiceSecretsConfig $argv)
|
||||
set -l config (getServiceOverrides $argv)
|
||||
set -l portKey (getServicePortKey "$service")
|
||||
set -l port (yq "$portKey" "$config" | extractPort)
|
||||
|
||||
|
@ -115,13 +115,13 @@ begin
|
|||
set -l root (getServiceRoot $argv)
|
||||
sudo mkdir -p (getServiceRoot $argv)
|
||||
sudo mkdir -p "$nginxRoot"
|
||||
sudo mkdir -p (dirname (getServiceSecretsConfig $argv))
|
||||
sudo mkdir -p (dirname (getServiceOverrides $argv))
|
||||
sudo touch "$root/docker-compose.overrides.yml"
|
||||
sudo cp "$dir/docker-compose.yml" "$root"
|
||||
end
|
||||
|
||||
function installDockerService -V dir -V nginxRoot
|
||||
set -l config (getServiceSecretsConfig $argv)
|
||||
set -l config (getServiceOverrides $argv)
|
||||
set -l servers (getServiceServers $argv | string split0)
|
||||
|
||||
for i in (seq 1 2 (count $servers))
|
||||
|
@ -184,6 +184,6 @@ begin
|
|||
set extraPatterns "|$extraPatterns"
|
||||
end
|
||||
|
||||
printf "%s\n" --base-directory (getServiceRoot $argv) --hidden --no-ignore "^(docker-compose\.(secrets|overrides)\.yml|data)\$$extraPatterns"
|
||||
printf "%s\n" --base-directory (getServiceRoot $argv) --hidden --no-ignore "^(docker-compose\.overrides\.yml|data)\$$extraPatterns"
|
||||
end
|
||||
end
|
||||
|
|
|
@ -10,10 +10,12 @@ services:
|
|||
TS3SERVER_DB_HOST: db
|
||||
TS3SERVER_DB_WAITUNTILREADY: 30
|
||||
TS3SERVER_LICENSE: accept
|
||||
volumes:
|
||||
- ./data/teamspeak:/var/ts3server
|
||||
db:
|
||||
image: mariadb
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
||||
volumes:
|
||||
- ./database:/var/lib/mysql
|
||||
- ./data/db:/var/lib/mysql
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/env fish
|
||||
begin
|
||||
set -l dir (status dirname)
|
||||
set -l source "$dir/docker-compose.secrets.yml"
|
||||
set -l source "$dir/docker-compose.overrides.yml"
|
||||
source "$dir/../service.fish"
|
||||
|
||||
function installSW -V dir -V domain -V source
|
||||
|
@ -25,7 +25,7 @@ begin
|
|||
yq "$tsEnv.TS3SERVER_DB_NAME = env(DB)" | \
|
||||
yq "$dbEnv.MARIADB_DATABASE = env(DB)"
|
||||
end | \
|
||||
sudo tee (getServiceSecretsConfig $argv) >/dev/null
|
||||
sudo tee (getServiceOverrides $argv) >/dev/null
|
||||
|
||||
installDockerService $argv
|
||||
end
|
||||
|
|
|
@ -11,7 +11,7 @@ services:
|
|||
environment:
|
||||
TM_XMLRPC_ALLOWED_REMOTE: xaseco
|
||||
volumes:
|
||||
- ./data/tm/cache:/app/GameData/Cache
|
||||
- ./data/tm/data:/app/GameData
|
||||
healthcheck:
|
||||
test: [CMD, bash, -c, echo '' >/dev/tcp/127.0.0.1/5000]
|
||||
start_period: 1m
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
services:
|
||||
tm:
|
||||
extends:
|
||||
file: docker-compose.core.secrets.yml
|
||||
file: docker-compose.core.overrides.yml
|
||||
service: tm
|
||||
volumes: &tm-volumes
|
||||
- tm-server:/app
|
||||
|
@ -17,7 +17,7 @@ services:
|
|||
- xaseco:/cache
|
||||
xaseco:
|
||||
extends:
|
||||
file: docker-compose.core.secrets.yml
|
||||
file: docker-compose.core.overrides.yml
|
||||
service: xaseco
|
||||
<<:
|
||||
- *xaseco-base
|
||||
|
@ -26,5 +26,5 @@ services:
|
|||
build: *xaseco-build
|
||||
db:
|
||||
extends:
|
||||
file: docker-compose.core.secrets.yml
|
||||
file: docker-compose.core.overrides.yml
|
||||
service: db
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
services:
|
||||
game:
|
||||
command:
|
||||
- /game_settings=MatchSettings/Nations/NationsBlue.txt
|
||||
environment: {}
|
||||
ports:
|
||||
- 2350:2350
|
||||
- 2350:2350/udp
|
||||
- 2353:2353
|
||||
- 2353:2353/udp
|
||||
command:
|
||||
- /game_settings=MatchSettings/Nations/NationsBlue.txt
|
||||
environment: {}
|
||||
xaseco:
|
||||
environment: {}
|
|
@ -1,4 +0,0 @@
|
|||
include:
|
||||
- path:
|
||||
- docker-compose.base.yml
|
||||
- docker-compose.secrets.yml
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/env fish
|
||||
begin
|
||||
set -l dir (status dirname)
|
||||
set -l source "$dir/docker-compose.core.secrets.yml"
|
||||
set -l source "$dir/docker-compose.core.overrides.yml"
|
||||
source "$dir/../service.fish"
|
||||
|
||||
function installSW -V dir -V domain -V source
|
||||
|
@ -10,7 +10,7 @@ begin
|
|||
set -l sqlPW (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
|
||||
initializeServiceInstallation $argv
|
||||
|
||||
cp -rf "$dir"/{.dockerignore,docker-compose{.base,{,.core}{,.secrets}}.yml,parser.patch,tmforever-entrypoint.sh,trackmania.Dockerfile,xaseco-entrypoint.sh,xaseco.Dockerfile} "$root"
|
||||
cp -rf "$dir"/{.dockerignore,docker-compose{.base,.overrides,.core{,.overrides}}.yml,parser.patch,tmforever-entrypoint.sh,trackmania.Dockerfile,xaseco-entrypoint.sh,xaseco.Dockerfile} "$root"
|
||||
|
||||
PW="$tmPW" yq "$(getServiceKey "tm").environment.TM_SUPERADMIN_PASSWORD = env(PW)" "$source" | \
|
||||
PW="$sqlPW" yq "$(getServiceKey "db").environment.MYSQL_PASSWORD = env(PW)" | \
|
||||
|
@ -30,7 +30,7 @@ begin
|
|||
end
|
||||
|
||||
function getBackupArgs
|
||||
printf "%s\n" --hidden --no-ignore "^docker-compose\.(.*\.)\?.secrets.yml|data\$" (getServiceRoot $argv)
|
||||
printf "%s\n" --hidden --no-ignore "^docker-compose\.(.*\.)\?.overrides.yml|data\$" (getServiceRoot $argv)
|
||||
end
|
||||
|
||||
runInstaller --force $argv --name "tm-forever"
|
||||
|
|
|
@ -2,9 +2,6 @@ FROM debian:11.3
|
|||
RUN apt-get update -y \
|
||||
&& apt-get install -y \
|
||||
expect \
|
||||
inotify-tools \
|
||||
parallel \
|
||||
rsync \
|
||||
unzip \
|
||||
wget \
|
||||
xmlstarlet \
|
||||
|
|
|
@ -12,6 +12,7 @@ data="/data"
|
|||
runDir="/opt/xaseco"
|
||||
entrypoint="$cache/aseco.php"
|
||||
config="$runDir/config.xml"
|
||||
adminConfig="$runDir/adminops.xml"
|
||||
dbConfig="$runDir/localdatabase.xml"
|
||||
dediConfig="$runDir/dedimania.xml"
|
||||
pluginConfig="$runDir/plugins.xml"
|
||||
|
@ -20,6 +21,8 @@ serverPath="$settingsPath/tmserver"
|
|||
pluginTag="plugin"
|
||||
pluginPath="/aseco_plugins"
|
||||
|
||||
userPattern="^(.+?)(@([[:digit:]]+(.[[:digit:]]+){3}))?\$"
|
||||
|
||||
tmOptions=(
|
||||
TM_SERVER_HOST ip
|
||||
TM_SERVER_PORT port
|
||||
|
@ -28,6 +31,11 @@ tmOptions=(
|
|||
TM_TIMEOUT timeout
|
||||
)
|
||||
|
||||
groups=(
|
||||
ADMINS admins
|
||||
OPERATORS operators
|
||||
)
|
||||
|
||||
sqlOptions=(
|
||||
MYSQL_HOST mysql_server
|
||||
MYSQL_USER mysql_login
|
||||
|
@ -114,6 +122,23 @@ for i in $(seq 0 2 $((${#tmOptions[@]} - 1))); do
|
|||
fi
|
||||
done
|
||||
|
||||
for i in $(seq 0 2 $((${#groups[@]} - 1))); do
|
||||
var="${groups[$i]}"
|
||||
group="${groups[$(($i + 1))]}"
|
||||
value="${!var}"
|
||||
path="/lists/$group"
|
||||
|
||||
echo "$value" | while read user; do
|
||||
name="$(echo "$user" | LC_ALL="C" perl -pe "s/$userPattern/\1/")"
|
||||
ip="$(echo "$user" | LC_ALL="C" perl -pe "s/$userPattern/\3/")"
|
||||
xmlstarlet edit --inplace --subnode "$path" --type elem -n "tmlogin" --value "$name" "$adminConfig"
|
||||
|
||||
if [ -n "$ip" ]; then
|
||||
xmlstarlet edit --inplace --subnode "$path" --type elem -n "ipaddress" --value "$ip" "$adminConfig"
|
||||
fi
|
||||
done
|
||||
done
|
||||
|
||||
for i in $(seq 0 2 $((${#sqlOptions[@]} - 1))); do
|
||||
var="${sqlOptions[$i]}"
|
||||
option="${sqlOptions[$(($i + 1))]}"
|
||||
|
@ -132,7 +157,6 @@ for i in $(seq 0 2 $((${#dediOptions[@]} - 1))); do
|
|||
done
|
||||
|
||||
if [ -n "$X1_EXTRA_PLUGINS" ]; then
|
||||
echo "adding plugins: $X1_EXTRA_PLUGINS"
|
||||
for plugin in $X1_EXTRA_PLUGINS; do
|
||||
xmlstarlet edit --inplace --subnode "$pluginPath" --type elem -n "$pluginTag" --value "$plugin" "$pluginConfig"
|
||||
done
|
||||
|
@ -150,6 +174,4 @@ if [ -n "$X1_DISABLED_PLUGINS" ]; then
|
|||
done
|
||||
fi
|
||||
|
||||
if [ "$1" != "download" ]; then
|
||||
$@
|
||||
fi
|
||||
$@
|
||||
|
|
|
@ -11,7 +11,8 @@ RUN apk update \
|
|||
# xmlstarlet dependencies
|
||||
musl \
|
||||
libxslt \
|
||||
libxml2
|
||||
libxml2 \
|
||||
perl
|
||||
RUN update-ca-certificates
|
||||
RUN docker-php-ext-install mysql
|
||||
COPY --from=base /usr/bin/xmlstarlet /usr/bin
|
||||
|
@ -29,6 +30,9 @@ ENV \
|
|||
MASTERADMIN_USER="" \
|
||||
MASTERADMIN_IP="" \
|
||||
\
|
||||
ADMINS="" \
|
||||
OPERATORS="" \
|
||||
\
|
||||
X1_EXTRA_PLUGINS="" \
|
||||
X1_DISABLED_PLUGINS="" \
|
||||
\
|
||||
|
|
|
@ -3,13 +3,11 @@ services:
|
|||
image: vaultwarden/server
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./data:/data
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- ./data/vault:/data
|
||||
environment:
|
||||
DOMAIN: null
|
||||
SMTP_HOST: bridge
|
||||
SMTP_FROM: null
|
||||
SMTP_FROM_VALUE: vaultwarden
|
||||
SMTP_FROM_VALUE: Vaultwarden
|
||||
SMTP_PORT: 25
|
||||
SMTP_ACCEPT_INVALID_CERTS: "true"
|
||||
SIGNUPS_ALLOWED: "false"
|
||||
|
@ -18,12 +16,12 @@ services:
|
|||
image: mariadb
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./db:/var/lib/mysql
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- ./data/db:/var/lib/mysql
|
||||
environment:
|
||||
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
||||
bridge:
|
||||
image: shenxn/protonmail-bridge
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./bridge:/root
|
||||
- ./data/bridge:/root
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
services:
|
||||
vaultwarden:
|
||||
environment:
|
||||
DOMAIN: null
|
||||
SMTP_FROM: null
|
||||
DATABASE_URL: mysql://vaultwarden:pw@db/vault
|
||||
ports:
|
||||
- 127.0.0.1:1337:80
|
|
@ -2,7 +2,7 @@
|
|||
begin
|
||||
set -l dir (status dirname)
|
||||
set -l domain "passwords"
|
||||
set -l source "$dir/docker-compose.secrets.yml"
|
||||
set -l source "$dir/docker-compose.overrides.yml"
|
||||
source "$dir/../service.fish"
|
||||
|
||||
function installSW -V dir -V domain -V source
|
||||
|
@ -12,14 +12,13 @@ begin
|
|||
set -l dbKey "$envKey.DATABASE_URL"
|
||||
set -l dbUrl (yq "$dbKey" "$source" | sed "s/^\(.*:\/\/.*:\).*\(@.*\/.*\)\$/\1$pw\2/")
|
||||
initializeServiceInstallation $argv
|
||||
cp "$dir/docker-compose.base.yml" (getServiceRoot $argv)
|
||||
|
||||
URL="https://$domain.$(getMachineFQDN)" yq "$envKey.DOMAIN = env(URL)" "$file" | \
|
||||
ADDRESS="noreply@$(getMachineFQDN)" yq "$envKey.SMTP_FROM = env(ADDRESS)" | \
|
||||
sudo tee "$(getServiceRoot $argv)/$(basename "$file")" >/dev/null
|
||||
|
||||
URL=$dbUrl yq "$dbKey = env(URL)" "$source" | \
|
||||
URL="https://$domain.$(getMachineFQDN)" yq "$envKey.DOMAIN = env(URL)" "$source" | \
|
||||
ADDRESS="no-reply@$(getMachineFQDN)" yq "$envKey.SMTP_FROM = env(ADDRESS)" | \
|
||||
URL=$dbUrl yq "$dbKey = env(URL)" | \
|
||||
PW=$pw yq ".services.db.environment.MARIADB_PASSWORD = env(PW)" | \
|
||||
sudo tee (getServiceSecretsConfig $argv) >/dev/null
|
||||
sudo tee (getServiceOverrides $argv) >/dev/null
|
||||
|
||||
installDockerService $argv
|
||||
end
|
||||
|
|
|
@ -7,7 +7,6 @@ services:
|
|||
user: 1337:1337
|
||||
environment:
|
||||
WRITABLE_PATH: /data
|
||||
ROOT_URL: https://example.com
|
||||
MONGO_URL: mongodb://db:27017/wekan
|
||||
MONGO_OPLOG_URL:
|
||||
WITH_API: "true"
|
||||
|
@ -21,7 +20,7 @@ services:
|
|||
command: mongod --logpath /dev/null --oplogSize 128 --quiet
|
||||
volumes:
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- ./data/database:/data/db
|
||||
- ./data/db:/data/db
|
||||
bridge:
|
||||
image: shenxn/protonmail-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
services:
|
||||
wekan:
|
||||
environment:
|
||||
ROOT_URL: https://example.com
|
||||
ports:
|
||||
- 127.0.0.1:1337:8080
|
|
@ -7,38 +7,17 @@ begin
|
|||
|
||||
function installSW -V dir -V service -V domain
|
||||
set -l domain (getServiceDomain $domain)
|
||||
set -l file "$dir/docker-compose.base.yml"
|
||||
set -l overrides (getServiceOverrides $argv)
|
||||
initializeServiceInstallation $argv
|
||||
|
||||
URL="https://$domain" yq "$(getServiceKey "$service").environment.DOMAIN = env(URL)" "$file" | \
|
||||
sudo tee "$(getServiceRoot $argv)/$(basename "$file")" >/dev/null
|
||||
sudo cp "$dir/docker-compose.base.yml" (getServiceRoot $argv)
|
||||
|
||||
URL="https://$domain" yq "$(getServiceKey "$service").environment.ROOT_URL = env(URL)" "$dir/$(basename "$overrides")" | \
|
||||
sudo tee "$overrides" >/dev/null
|
||||
|
||||
sudo cp "$dir/docker-compose.secrets.yml" (getServiceRoot $argv)
|
||||
installDockerService $argv
|
||||
end
|
||||
|
||||
function configureSW -V dir -V service
|
||||
set -l uid
|
||||
set -l gid
|
||||
set -l user "$service"
|
||||
set -l root (getServiceRoot $argv)
|
||||
set -l data "data/wekan"
|
||||
configureDockerService $argv
|
||||
|
||||
and sudo useradd \
|
||||
--system \
|
||||
--shell /bin/false \
|
||||
--comment 'Wekan server' \
|
||||
--create-home \
|
||||
"$user"
|
||||
|
||||
set uid (id -u "$user")
|
||||
set gid (id -g "$user")
|
||||
USER="$uid:$gid" yq -i "$(getServiceKey "$service").user = env(USER)" "$root/docker-compose.base.yml"
|
||||
mkdir -p "$root/$data"
|
||||
chown -R "$uid:$gid" "$root/$data"
|
||||
end
|
||||
|
||||
function getServiceServers -V domain
|
||||
printf "%s\0" $domain
|
||||
end
|
||||
|
|
|
@ -12,13 +12,13 @@ begin
|
|||
function installSW -V dir -V environments -V source
|
||||
set -l root (getServiceRoot $argv)
|
||||
set -l config "$root/docker-compose.base.yml"
|
||||
set -l secrets (getServiceSecretsConfig $argv)
|
||||
set -l overrides (getServiceOverrides $argv)
|
||||
set -l ciTemplate (yq -oj (getServiceKey ci-template) "$source")
|
||||
set -l agentTemplate (yq -oj (getServiceKey agent-template) "$source")
|
||||
set -l dbTemplate (yq -oj (getServiceKey db-template) "$source")
|
||||
initializeServiceInstallation $argv
|
||||
echo "{}" | sudo tee "$config" >/dev/null
|
||||
echo "{}" | sudo tee "$secrets" >/dev/null
|
||||
echo "{}" | sudo tee "$overrides" >/dev/null
|
||||
|
||||
cp "$dir/.dockerignore" "$root"
|
||||
sudo touch "$root"/{agent,ci}.common.env
|
||||
|
@ -30,7 +30,7 @@ begin
|
|||
set -l secret (openssl rand -hex 32)
|
||||
set -l services ci db agent
|
||||
set -l tmpConfig (mktemp)
|
||||
set -l tmpSecrets (mktemp)
|
||||
set -l tmpOverrides (mktemp)
|
||||
set -l ciName "$name-ci"
|
||||
set -l dbName "$name-db"
|
||||
set -l agentName "$name-agent"
|
||||
|
@ -46,7 +46,7 @@ begin
|
|||
set -l domain (getServiceDomain "$subdomain" "$domain")
|
||||
|
||||
cp "$config" "$tmpConfig"
|
||||
cp "$secrets" "$tmpSecrets"
|
||||
cp "$overrides" "$tmpOverrides"
|
||||
|
||||
for serviceName in $services
|
||||
set -l file (mktemp)
|
||||
|
@ -64,23 +64,23 @@ begin
|
|||
|
||||
yq "$ciKey = $ciTemplate" "$tmpConfig" | \
|
||||
DB="$dbName" yq "$ciKey.depends_on |= . + [ env(DB) ]" | \
|
||||
ENTRY="./data/$name/ci:/data" yq "$ciKey.volumes = [ env(ENTRY) ]" | \
|
||||
ENTRY="./data/$name/ci:/var/lib/woodpecker" yq "$ciKey.volumes = [ env(ENTRY) ]" | \
|
||||
yq "$ciKey.env_file |= . + [ env(SECRET_ENV) ]" | \
|
||||
yq "$agentKey = $agentTemplate" | \
|
||||
yq "$agentKey.depends_on |= . + [ env(CI_NAME) ]" | \
|
||||
yq "$agentKey.env_file |= . + [ env(SECRET_ENV) ]" | \
|
||||
SERVER="$ciName:9000" yq "$agentEnv.WOODPECKER_SERVER = env(SERVER)" | \
|
||||
yq "$dbKey = $dbTemplate" | \
|
||||
ENTRY="./data/$name/database:/var/lib/mysql" yq "$dbKey.volumes |= . + [ env(ENTRY) ]" | \
|
||||
ENTRY="./data/$name/db:/var/lib/mysql" yq "$dbKey.volumes |= . + [ env(ENTRY) ]" | \
|
||||
sudo tee "$config" >/dev/null
|
||||
|
||||
PORT="127.0.0.1:1337:8000" yq "$ciKey.ports = [ env(PORT) ]" "$tmpSecrets" | \
|
||||
HOST="https://$domain" yq "$ciEnv.WOODPECKER_HOST = env(HOST)" | \
|
||||
HOST="https://$domain" yq "$ciEnv.WOODPECKER_HOST = env(HOST)" "$tmpOverrides" | \
|
||||
PORT="127.0.0.1:1337:8000" yq "$ciKey.ports = [ env(PORT) ]" | \
|
||||
DB="$dbUser:$pw@tcp($dbName:3306)/$db?parseTime=true" yq "$ciEnv.WOODPECKER_DATABASE_DATASOURCE = env(DB)" | \
|
||||
USER="$dbUser" yq "$dbEnv.MARIADB_USER = env(USER)" | \
|
||||
PW="$pw" yq "$dbEnv.MARIADB_PASSWORD = env(PW)" | \
|
||||
DB="$db" yq "$dbEnv.MARIADB_DATABASE = env(DB)" | \
|
||||
sudo tee "$secrets" >/dev/null
|
||||
sudo tee "$overrides" >/dev/null
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -109,7 +109,7 @@ begin
|
|||
end
|
||||
|
||||
function getBackupArgs
|
||||
printf "%s\n" --hidden --no-ignore "data|\.secrets?\." (getServiceRoot $argv)
|
||||
printf "%s\n" --hidden --no-ignore "data|\.secret\.|docker-compose\.overrides\.yml" (getServiceRoot $argv)
|
||||
end
|
||||
|
||||
runInstaller --force $argv
|
||||
|
|
Loading…
Reference in a new issue