Compare commits

..

1 Commits

Author SHA1 Message Date
Killian Kemps f323ee23ad feat(snikket): Add Snikket service 2024-06-12 23:58:45 +02:00
17 changed files with 131 additions and 78 deletions

View File

@ -8,7 +8,7 @@ COMPOSE_FILE=${SERVICES_DIR}/lldap/docker-compose.yml:${SERVICES_DIR}/lldap/dock
####### #######
# LLDAP # LLDAP
SERVICE_DOMAIN=lldap.cool.life LLDAP_DOMAIN=lldap.cool.life
LLDAP_VOLUME_NAME=lldap_cool_life LLDAP_VOLUME_NAME=lldap_cool_life
LLDAP_CONTAINER_NAME=lldap_cool_life LLDAP_CONTAINER_NAME=lldap_cool_life
LLDAP_IMAGE=nitnelave/lldap:v0.4.3 LLDAP_IMAGE=nitnelave/lldap:v0.4.3

View File

@ -10,13 +10,13 @@ services:
labels: labels:
- traefik.enable=true - traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=Host(`${SERVICE_DOMAIN:?err}`) - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=Host(`${LLDAP_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
# - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.tls.certResolver=letsencrypt # - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.tls.certResolver=letsencrypt
- traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=17170 - traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=17170
- traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.scheme=http - traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.scheme=http
# https://github.com/lldap/lldap/issues/247#issuecomment-1489962511 # https://github.com/lldap/lldap/issues/247#issuecomment-1489962511
# - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=HostSNI(`${SERVICE_DOMAIN:?err}`) # - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=HostSNI(`${LLDAP_DOMAIN:?err}`)
# - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} # - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
# - traefik.tcp.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=3890 # - traefik.tcp.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=3890

View File

@ -16,7 +16,7 @@ services:
- LLDAP_VERBOSE=${LLDAP_VERBOSE:-false} - LLDAP_VERBOSE=${LLDAP_VERBOSE:-false}
- LLDAP_JWT_SECRET=${LLDAP_JWT_SECRET:?err} - LLDAP_JWT_SECRET=${LLDAP_JWT_SECRET:?err}
- LLDAP_HTTP_URL=https://${SERVICE_DOMAIN:?err} - LLDAP_HTTP_URL=https://${LLDAP_DOMAIN:?err}
- LLDAP_LDAP_BASE_DN=${LLDAP_LDAP_BASE_DN:?err} - LLDAP_LDAP_BASE_DN=${LLDAP_LDAP_BASE_DN:?err}
- LLDAP_LDAP_USER_DN=${LLDAP_LDAP_USER_DN:?err} - LLDAP_LDAP_USER_DN=${LLDAP_LDAP_USER_DN:?err}

View File

@ -1,11 +0,0 @@
---
services:
signaturepdf:
labels:
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.tls.certResolver=letsencrypt
# redirect HTTP to HTTPS
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.rule=Host(`${SIGNATUREPDF_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.entrypoints=web
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https.redirectscheme.scheme=https
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https.redirectscheme.permanent=true
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.middlewares=${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https

View File

@ -11,4 +11,4 @@ services:
- traefik.enable=true - traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.rule=Host(`${SIGNATUREPDF_DOMAIN:?err}`) - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.rule=Host(`${SIGNATUREPDF_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.entrypoints=web

View File

@ -19,5 +19,3 @@ services:
PDF_STORAGE_PATH: ${PDF_STORAGE_PATH} PDF_STORAGE_PATH: ${PDF_STORAGE_PATH}
DISABLE_ORGANIZATION: ${DISABLE_ORGANIZATION} DISABLE_ORGANIZATION: ${DISABLE_ORGANIZATION}
PDF_DEMO_LINK: ${PDF_DEMO_LINK} PDF_DEMO_LINK: ${PDF_DEMO_LINK}
DEFAULT_LANGUAGE: ${DEFAULT_LANGUAGE:-fr_FR.UTF-8}
PDF_STORAGE_ENCRYPTION: ${PDF_STORAGE_ENCRYPTION:-true}

24
snikket/.env Normal file
View File

@ -0,0 +1,24 @@
########
# DOCKER
SERVICES_DIR=".."
COMPOSE_FILE=${SERVICES_DIR}/snikket/docker-compose.yml:${SERVICES_DIR}/snikket/docker-compose.local.yml
# COMPOSE_PROJECT_NAME=
## APP
# SNIKKET_DOMAIN={{ SNIKKET_DOMAIN }}
SNIKKET_CONTAINER_NAME=snikket
SNIKKET_DATA_VOLUME_NAME=snikket_data
SNIKKET_ACME_CHALLENGES_VOLUME_NAME=acme_challenges
# SNIKKET_SERVER_IMAGE=
# SNIKKET_WEB_PORTAL_IMAGE=
# SNIKKET_CERT_MANAGER_IMAGE
# SNIKKET_WEB_PROXY_IMAGE
#########
# TRAEFIK
# TRAEFIK_NETWORK_NAME=
# TRAEFIK_ROUTER_NAME=
# TRAEFIK_ENTRYPOINTS=

22
snikket/README.md Normal file
View File

@ -0,0 +1,22 @@
# Snikket
> Snikket est un service de messagerie instantanée basée sur le protocole XMPP destiné à être utilisé d'abord sur téléphone.
## Clients
Pour utiliser Snikket sur un téléphone Android, vous pouvez télécharger l'application sur F-droid (recommandé) ou sur le Google Play Store.
Sur Linux, nous recommandons le client Dino (d'abord créer son compte Snikket via le téléphone).
Sur iPhone, vous pouvez aussi télécharger l'application Snikket qui sera cependant moins complète que sur Android.
## Liens
- [Site Officiel][site]
- [Documentation][documentation]
- [Code source][source]
- [Docker Hub][dockerhub]
[site]: https://snikket.org
[source]: https://github.com/snikket-im/snikket-selfhosted
[documentation]: https://snikket.org/service/quickstart/
[dockerhub]: https://hub.docker.com/r/snikket/snikket-server

View File

@ -0,0 +1,13 @@
---
version: "3.8"
services:
snikket_proxy:
network_mode: host
snikket_certs:
network_mode: host
snikket_portal:
network_mode: host
snikket_server:
network_mode: host

View File

@ -0,0 +1,15 @@
---
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME:-traefik}
services:
snikket_proxy:
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-snikket}.rule=Host(`${SNIKKET_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-snikket}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}

View File

@ -0,0 +1,48 @@
---
version: "3.3"
services:
snikket_proxy:
container_name: ${SNIKKET_CONTAINER_NAME:-snikket}_proxy
image: ${SNIKKET_WEB_PROXY_IMAGE:-snikket/snikket-web-proxy:beta}
environment:
- SNIKKET_DOMAIN: ${SNIKKET_DOMAIN:?err}
- SNIKKET_ADMIN_EMAIL: ${SNIKKET_ADMIN_EMAIL:?err}
volumes:
- snikket_data:/snikket
- acme_challenges:/var/www/html/.well-known/acme-challenge
restart: "unless-stopped"
snikket_certs:
container_name: ${SNIKKET_CONTAINER_NAME:-snikket}-certs
image: ${SNIKKET_CERT_MANAGER_IMAGE:-snikket/snikket-cert-manager:beta}
environment:
- SNIKKET_DOMAIN: ${SNIKKET_DOMAIN:?err}
- SNIKKET_ADMIN_EMAIL: ${SNIKKET_ADMIN_EMAIL:?err}
volumes:
- snikket_data:/snikket
- acme_challenges:/var/www/.well-known/acme-challenge
restart: "unless-stopped"
snikket_portal:
container_name: ${SNIKKET_CONTAINER_NAME:-snikket}-portal
image: ${SNIKKET_WEB_PORTAL_IMAGE:-snikket/snikket-web-portal:beta}
environment:
- SNIKKET_DOMAIN: ${SNIKKET_DOMAIN:?err}
- SNIKKET_ADMIN_EMAIL: ${SNIKKET_ADMIN_EMAIL:?err}
restart: "unless-stopped"
snikket_server:
container_name: ${SNIKKET_CONTAINER_NAME:-snikket}
image: ${SNIKKET_SERVER_IMAGE:-snikket/snikket-server:beta}
volumes:
- snikket_data:/snikket
environment:
- SNIKKET_DOMAIN: ${SNIKKET_DOMAIN:?err}
- SNIKKET_ADMIN_EMAIL: ${SNIKKET_ADMIN_EMAIL:?err}
restart: "unless-stopped"
volumes:
acme_challenges:
name: ${SNIKKET_ACME_CHALLENGES_VOLUME_NAME:-acme_challenges}
snikket_data:
name: ${SNIKKET_DATA_VOLUME_NAME:-snikket_data}

View File

@ -9,7 +9,7 @@ COMPOSE_FILE=${SERVICES_DIR}/vaultwarden/docker-compose.yml
#VAULTWARDEN_IMAGE= #VAULTWARDEN_IMAGE=
#VAULTWARDEN_VOLUME_NAME= #VAULTWARDEN_VOLUME_NAME=
SERVICE_DOMAIN=vaultwarden.local VAULTWARDEN_DOMAIN=vaultwarden.local
#VAULTWARDEN_LOG_LEVEL= #VAULTWARDEN_LOG_LEVEL=
#VAULTWARDEN_SIGNUPS_ALLOWED=false #VAULTWARDEN_SIGNUPS_ALLOWED=false

View File

@ -10,20 +10,6 @@ Toutes les variables de configuration du service sont disponibles à [cette adre
[Les clients de Bitwarden](https://bitwarden.com/#download) sont compatibles avec le serveur. [Les clients de Bitwarden](https://bitwarden.com/#download) sont compatibles avec le serveur.
## Ajout des mails en Français
Il est possible de [traduire les mails](https://github.com/dani-garcia/vaultwarden/wiki/Translating-the-email-templates).
```
. .env
cd /var/lib/docker/volumes/${VAULTWARDEN_VOLUME_NAME}/_data/
mkdir templates && cd templates
wget https://github.com/YoanSimco/vaultwarden-lang-fr/archive/refs/heads/main.zip
unzip main.zip
mv vaultwarden-lang-fr/email .
rm vaultwarden-lang-fr-main/ main.zip -rf
```
## Liens ## Liens
- [Documentation][documentation] - [Documentation][documentation]

View File

@ -1,25 +0,0 @@
---
services:
vaultwarden:
environment:
SSO_ENABLED: ${SSO_ENABLED:-true}
SSO_ONLY: ${SSO_ONLY:-true}
SSO_SIGNUPS_MATCH_EMAIL: ${SSO_SIGNUPS_MATCH_EMAIL:-true}
SSO_AUTHORITY: ${SSO_AUTHORITY}
SSO_SCOPES: ${SSO_SCOPES:-email groups profile offline_access}
SSO_AUTHORIZE_EXTRA_PARAMS: ${SSO_AUTHORIZE_EXTRA_PARAMS:-}
SSO_PKCE: ${SSO_PKCE:-false}
SSO_CLIENT_ID: ${SSO_CLIENT_ID}
SSO_CLIENT_SECRET: ${SSO_CLIENT_SECRET}
# SSO_MASTER_PASSWORD_POLICY: ${SSO_MASTER_PASSWORD_POLICY:-}
SSO_AUTH_ONLY_NOT_SESSION: ${SSO_AUTH_ONLY_NOT_SESSION:-false}
SSO_CLIENT_CACHE_EXPIRATION: ${SSO_CLIENT_CACHE_EXPIRATION:-0}
SSO_DEBUG_TOKENS: ${SSO_DEBUG_TOKENS:-false}
SSO_FRONTEND: ${SSO_FRONTEND:-override}
# SSO_EXPERIMENTAL_NO_MASTER_PWD: ${SSO_EXPERIMENTAL_NO_MASTER_PWD:-false}
SSO_ROLES_ENABLED: ${SSO_ROLES_ENABLED:-false}
SSO_ROLES_DEFAULT_TO_USER: ${SSO_ROLES_DEFAULT_TO_USER:-false}
SSO_ORGANIZATIONS_INVITE: ${SSO_ORGANIZATIONS_INVITE:-false}

View File

@ -1,12 +0,0 @@
---
services:
vaultwarden:
labels:
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.tls.certResolver=letsencrypt
# redirect HTTP to HTTPS
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.rule=Host(`${SERVICE_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.entrypoints=web
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https.redirectscheme.scheme=https
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https.redirectscheme.permanent=true
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.middlewares=${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https

View File

@ -10,5 +10,5 @@ services:
labels: labels:
- traefik.enable=true - traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.rule=Host(`${SERVICE_DOMAIN:?err}`) - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.rule=Host(`${VAULTWARDEN_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}

View File

@ -11,15 +11,10 @@ services:
restart: always restart: always
environment: environment:
ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err} ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err}
DOMAIN: https://${SERVICE_DOMAIN:?err} DOMAIN: https://${VAULTWARDEN_DOMAIN:?err}
SENDS_ALLOWED: ${SENDS_ALLOWED:-true}
TRASH_AUTO_DELETE_DAYS: ${TRASH_AUTO_DELETE_DAYS:-}
DISABLE_ICON_DOWNLOAD: ${DISABLE_ICON_DOWNLOAD:-false}
SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true}
SIGNUPS_VERIFY: ${SIGNUPS_VERIFY:-false}
SIGNUPS_DOMAINS_WHITELIST: ${SIGNUPS_DOMAINS_WHITELIST:-}
INVITATION_ORG_NAME: ${VAULTWARDEN_INVITATION_ORG_NAME:-Vaultwarden} INVITATION_ORG_NAME: ${VAULTWARDEN_INVITATION_ORG_NAME:-Vaultwarden}
LOG_LEVEL: ${VAULTWARDEN_LOG_LEVEL:-Info} LOG_LEVEL: ${VAULTWARDEN_LOG_LEVEL:-Info}
SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true}
volumes: volumes:
- vaultwarden:/data - vaultwarden:/data
- /etc/timezone:/etc/timezone:ro - /etc/timezone:/etc/timezone:ro