Compare commits
1 Commits
Author | SHA1 | Date |
---|---|---|
Killian Kemps | f323ee23ad |
|
@ -8,7 +8,7 @@ COMPOSE_FILE=${SERVICES_DIR}/lldap/docker-compose.yml:${SERVICES_DIR}/lldap/dock
|
||||||
#######
|
#######
|
||||||
# LLDAP
|
# LLDAP
|
||||||
|
|
||||||
SERVICE_DOMAIN=lldap.cool.life
|
LLDAP_DOMAIN=lldap.cool.life
|
||||||
LLDAP_VOLUME_NAME=lldap_cool_life
|
LLDAP_VOLUME_NAME=lldap_cool_life
|
||||||
LLDAP_CONTAINER_NAME=lldap_cool_life
|
LLDAP_CONTAINER_NAME=lldap_cool_life
|
||||||
LLDAP_IMAGE=nitnelave/lldap:v0.4.3
|
LLDAP_IMAGE=nitnelave/lldap:v0.4.3
|
||||||
|
|
|
@ -10,13 +10,13 @@ services:
|
||||||
labels:
|
labels:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=Host(`${SERVICE_DOMAIN:?err}`)
|
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=Host(`${LLDAP_DOMAIN:?err}`)
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
||||||
# - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.tls.certResolver=letsencrypt
|
# - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.tls.certResolver=letsencrypt
|
||||||
- traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=17170
|
- traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=17170
|
||||||
- traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.scheme=http
|
- traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.scheme=http
|
||||||
|
|
||||||
# https://github.com/lldap/lldap/issues/247#issuecomment-1489962511
|
# https://github.com/lldap/lldap/issues/247#issuecomment-1489962511
|
||||||
# - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=HostSNI(`${SERVICE_DOMAIN:?err}`)
|
# - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=HostSNI(`${LLDAP_DOMAIN:?err}`)
|
||||||
# - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
# - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
||||||
# - traefik.tcp.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=3890
|
# - traefik.tcp.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=3890
|
||||||
|
|
|
@ -16,7 +16,7 @@ services:
|
||||||
- LLDAP_VERBOSE=${LLDAP_VERBOSE:-false}
|
- LLDAP_VERBOSE=${LLDAP_VERBOSE:-false}
|
||||||
|
|
||||||
- LLDAP_JWT_SECRET=${LLDAP_JWT_SECRET:?err}
|
- LLDAP_JWT_SECRET=${LLDAP_JWT_SECRET:?err}
|
||||||
- LLDAP_HTTP_URL=https://${SERVICE_DOMAIN:?err}
|
- LLDAP_HTTP_URL=https://${LLDAP_DOMAIN:?err}
|
||||||
|
|
||||||
- LLDAP_LDAP_BASE_DN=${LLDAP_LDAP_BASE_DN:?err}
|
- LLDAP_LDAP_BASE_DN=${LLDAP_LDAP_BASE_DN:?err}
|
||||||
- LLDAP_LDAP_USER_DN=${LLDAP_LDAP_USER_DN:?err}
|
- LLDAP_LDAP_USER_DN=${LLDAP_LDAP_USER_DN:?err}
|
||||||
|
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
services:
|
|
||||||
signaturepdf:
|
|
||||||
labels:
|
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.tls.certResolver=letsencrypt
|
|
||||||
# redirect HTTP to HTTPS
|
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.rule=Host(`${SIGNATUREPDF_DOMAIN:?err}`)
|
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.entrypoints=web
|
|
||||||
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https.redirectscheme.scheme=https
|
|
||||||
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https.redirectscheme.permanent=true
|
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.middlewares=${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https
|
|
|
@ -11,4 +11,4 @@ services:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.rule=Host(`${SIGNATUREPDF_DOMAIN:?err}`)
|
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.rule=Host(`${SIGNATUREPDF_DOMAIN:?err}`)
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.entrypoints=web
|
||||||
|
|
|
@ -19,5 +19,3 @@ services:
|
||||||
PDF_STORAGE_PATH: ${PDF_STORAGE_PATH}
|
PDF_STORAGE_PATH: ${PDF_STORAGE_PATH}
|
||||||
DISABLE_ORGANIZATION: ${DISABLE_ORGANIZATION}
|
DISABLE_ORGANIZATION: ${DISABLE_ORGANIZATION}
|
||||||
PDF_DEMO_LINK: ${PDF_DEMO_LINK}
|
PDF_DEMO_LINK: ${PDF_DEMO_LINK}
|
||||||
DEFAULT_LANGUAGE: ${DEFAULT_LANGUAGE:-fr_FR.UTF-8}
|
|
||||||
PDF_STORAGE_ENCRYPTION: ${PDF_STORAGE_ENCRYPTION:-true}
|
|
||||||
|
|
|
@ -0,0 +1,24 @@
|
||||||
|
########
|
||||||
|
# DOCKER
|
||||||
|
|
||||||
|
SERVICES_DIR=".."
|
||||||
|
COMPOSE_FILE=${SERVICES_DIR}/snikket/docker-compose.yml:${SERVICES_DIR}/snikket/docker-compose.local.yml
|
||||||
|
# COMPOSE_PROJECT_NAME=
|
||||||
|
|
||||||
|
## APP
|
||||||
|
|
||||||
|
# SNIKKET_DOMAIN={{ SNIKKET_DOMAIN }}
|
||||||
|
SNIKKET_CONTAINER_NAME=snikket
|
||||||
|
SNIKKET_DATA_VOLUME_NAME=snikket_data
|
||||||
|
SNIKKET_ACME_CHALLENGES_VOLUME_NAME=acme_challenges
|
||||||
|
# SNIKKET_SERVER_IMAGE=
|
||||||
|
# SNIKKET_WEB_PORTAL_IMAGE=
|
||||||
|
# SNIKKET_CERT_MANAGER_IMAGE
|
||||||
|
# SNIKKET_WEB_PROXY_IMAGE
|
||||||
|
|
||||||
|
#########
|
||||||
|
# TRAEFIK
|
||||||
|
|
||||||
|
# TRAEFIK_NETWORK_NAME=
|
||||||
|
# TRAEFIK_ROUTER_NAME=
|
||||||
|
# TRAEFIK_ENTRYPOINTS=
|
|
@ -0,0 +1,22 @@
|
||||||
|
# Snikket
|
||||||
|
|
||||||
|
> Snikket est un service de messagerie instantanée basée sur le protocole XMPP destiné à être utilisé d'abord sur téléphone.
|
||||||
|
|
||||||
|
## Clients
|
||||||
|
|
||||||
|
Pour utiliser Snikket sur un téléphone Android, vous pouvez télécharger l'application sur F-droid (recommandé) ou sur le Google Play Store.
|
||||||
|
|
||||||
|
Sur Linux, nous recommandons le client Dino (d'abord créer son compte Snikket via le téléphone).
|
||||||
|
Sur iPhone, vous pouvez aussi télécharger l'application Snikket qui sera cependant moins complète que sur Android.
|
||||||
|
|
||||||
|
## Liens
|
||||||
|
|
||||||
|
- [Site Officiel][site]
|
||||||
|
- [Documentation][documentation]
|
||||||
|
- [Code source][source]
|
||||||
|
- [Docker Hub][dockerhub]
|
||||||
|
|
||||||
|
[site]: https://snikket.org
|
||||||
|
[source]: https://github.com/snikket-im/snikket-selfhosted
|
||||||
|
[documentation]: https://snikket.org/service/quickstart/
|
||||||
|
[dockerhub]: https://hub.docker.com/r/snikket/snikket-server
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
snikket_proxy:
|
||||||
|
network_mode: host
|
||||||
|
snikket_certs:
|
||||||
|
network_mode: host
|
||||||
|
snikket_portal:
|
||||||
|
network_mode: host
|
||||||
|
snikket_server:
|
||||||
|
network_mode: host
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
networks:
|
||||||
|
default:
|
||||||
|
name: ${TRAEFIK_NETWORK_NAME:-traefik}
|
||||||
|
|
||||||
|
services:
|
||||||
|
snikket_proxy:
|
||||||
|
labels:
|
||||||
|
- traefik.enable=true
|
||||||
|
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
||||||
|
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-snikket}.rule=Host(`${SNIKKET_DOMAIN:?err}`)
|
||||||
|
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-snikket}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
|
@ -0,0 +1,48 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
version: "3.3"
|
||||||
|
|
||||||
|
services:
|
||||||
|
snikket_proxy:
|
||||||
|
container_name: ${SNIKKET_CONTAINER_NAME:-snikket}_proxy
|
||||||
|
image: ${SNIKKET_WEB_PROXY_IMAGE:-snikket/snikket-web-proxy:beta}
|
||||||
|
environment:
|
||||||
|
- SNIKKET_DOMAIN: ${SNIKKET_DOMAIN:?err}
|
||||||
|
- SNIKKET_ADMIN_EMAIL: ${SNIKKET_ADMIN_EMAIL:?err}
|
||||||
|
volumes:
|
||||||
|
- snikket_data:/snikket
|
||||||
|
- acme_challenges:/var/www/html/.well-known/acme-challenge
|
||||||
|
restart: "unless-stopped"
|
||||||
|
snikket_certs:
|
||||||
|
container_name: ${SNIKKET_CONTAINER_NAME:-snikket}-certs
|
||||||
|
image: ${SNIKKET_CERT_MANAGER_IMAGE:-snikket/snikket-cert-manager:beta}
|
||||||
|
environment:
|
||||||
|
- SNIKKET_DOMAIN: ${SNIKKET_DOMAIN:?err}
|
||||||
|
- SNIKKET_ADMIN_EMAIL: ${SNIKKET_ADMIN_EMAIL:?err}
|
||||||
|
volumes:
|
||||||
|
- snikket_data:/snikket
|
||||||
|
- acme_challenges:/var/www/.well-known/acme-challenge
|
||||||
|
restart: "unless-stopped"
|
||||||
|
snikket_portal:
|
||||||
|
container_name: ${SNIKKET_CONTAINER_NAME:-snikket}-portal
|
||||||
|
image: ${SNIKKET_WEB_PORTAL_IMAGE:-snikket/snikket-web-portal:beta}
|
||||||
|
environment:
|
||||||
|
- SNIKKET_DOMAIN: ${SNIKKET_DOMAIN:?err}
|
||||||
|
- SNIKKET_ADMIN_EMAIL: ${SNIKKET_ADMIN_EMAIL:?err}
|
||||||
|
restart: "unless-stopped"
|
||||||
|
|
||||||
|
snikket_server:
|
||||||
|
container_name: ${SNIKKET_CONTAINER_NAME:-snikket}
|
||||||
|
image: ${SNIKKET_SERVER_IMAGE:-snikket/snikket-server:beta}
|
||||||
|
volumes:
|
||||||
|
- snikket_data:/snikket
|
||||||
|
environment:
|
||||||
|
- SNIKKET_DOMAIN: ${SNIKKET_DOMAIN:?err}
|
||||||
|
- SNIKKET_ADMIN_EMAIL: ${SNIKKET_ADMIN_EMAIL:?err}
|
||||||
|
restart: "unless-stopped"
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
acme_challenges:
|
||||||
|
name: ${SNIKKET_ACME_CHALLENGES_VOLUME_NAME:-acme_challenges}
|
||||||
|
snikket_data:
|
||||||
|
name: ${SNIKKET_DATA_VOLUME_NAME:-snikket_data}
|
|
@ -9,7 +9,7 @@ COMPOSE_FILE=${SERVICES_DIR}/vaultwarden/docker-compose.yml
|
||||||
|
|
||||||
#VAULTWARDEN_IMAGE=
|
#VAULTWARDEN_IMAGE=
|
||||||
#VAULTWARDEN_VOLUME_NAME=
|
#VAULTWARDEN_VOLUME_NAME=
|
||||||
SERVICE_DOMAIN=vaultwarden.local
|
VAULTWARDEN_DOMAIN=vaultwarden.local
|
||||||
|
|
||||||
#VAULTWARDEN_LOG_LEVEL=
|
#VAULTWARDEN_LOG_LEVEL=
|
||||||
#VAULTWARDEN_SIGNUPS_ALLOWED=false
|
#VAULTWARDEN_SIGNUPS_ALLOWED=false
|
||||||
|
|
|
@ -10,20 +10,6 @@ Toutes les variables de configuration du service sont disponibles à [cette adre
|
||||||
|
|
||||||
[Les clients de Bitwarden](https://bitwarden.com/#download) sont compatibles avec le serveur.
|
[Les clients de Bitwarden](https://bitwarden.com/#download) sont compatibles avec le serveur.
|
||||||
|
|
||||||
## Ajout des mails en Français
|
|
||||||
|
|
||||||
Il est possible de [traduire les mails](https://github.com/dani-garcia/vaultwarden/wiki/Translating-the-email-templates).
|
|
||||||
|
|
||||||
```
|
|
||||||
. .env
|
|
||||||
cd /var/lib/docker/volumes/${VAULTWARDEN_VOLUME_NAME}/_data/
|
|
||||||
mkdir templates && cd templates
|
|
||||||
wget https://github.com/YoanSimco/vaultwarden-lang-fr/archive/refs/heads/main.zip
|
|
||||||
unzip main.zip
|
|
||||||
mv vaultwarden-lang-fr/email .
|
|
||||||
rm vaultwarden-lang-fr-main/ main.zip -rf
|
|
||||||
```
|
|
||||||
|
|
||||||
## Liens
|
## Liens
|
||||||
|
|
||||||
- [Documentation][documentation]
|
- [Documentation][documentation]
|
||||||
|
|
|
@ -1,25 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
services:
|
|
||||||
vaultwarden:
|
|
||||||
environment:
|
|
||||||
SSO_ENABLED: ${SSO_ENABLED:-true}
|
|
||||||
SSO_ONLY: ${SSO_ONLY:-true}
|
|
||||||
SSO_SIGNUPS_MATCH_EMAIL: ${SSO_SIGNUPS_MATCH_EMAIL:-true}
|
|
||||||
SSO_AUTHORITY: ${SSO_AUTHORITY}
|
|
||||||
SSO_SCOPES: ${SSO_SCOPES:-email groups profile offline_access}
|
|
||||||
SSO_AUTHORIZE_EXTRA_PARAMS: ${SSO_AUTHORIZE_EXTRA_PARAMS:-}
|
|
||||||
SSO_PKCE: ${SSO_PKCE:-false}
|
|
||||||
SSO_CLIENT_ID: ${SSO_CLIENT_ID}
|
|
||||||
SSO_CLIENT_SECRET: ${SSO_CLIENT_SECRET}
|
|
||||||
# SSO_MASTER_PASSWORD_POLICY: ${SSO_MASTER_PASSWORD_POLICY:-}
|
|
||||||
SSO_AUTH_ONLY_NOT_SESSION: ${SSO_AUTH_ONLY_NOT_SESSION:-false}
|
|
||||||
SSO_CLIENT_CACHE_EXPIRATION: ${SSO_CLIENT_CACHE_EXPIRATION:-0}
|
|
||||||
SSO_DEBUG_TOKENS: ${SSO_DEBUG_TOKENS:-false}
|
|
||||||
|
|
||||||
SSO_FRONTEND: ${SSO_FRONTEND:-override}
|
|
||||||
# SSO_EXPERIMENTAL_NO_MASTER_PWD: ${SSO_EXPERIMENTAL_NO_MASTER_PWD:-false}
|
|
||||||
SSO_ROLES_ENABLED: ${SSO_ROLES_ENABLED:-false}
|
|
||||||
SSO_ROLES_DEFAULT_TO_USER: ${SSO_ROLES_DEFAULT_TO_USER:-false}
|
|
||||||
|
|
||||||
SSO_ORGANIZATIONS_INVITE: ${SSO_ORGANIZATIONS_INVITE:-false}
|
|
|
@ -1,12 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
services:
|
|
||||||
vaultwarden:
|
|
||||||
labels:
|
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.tls.certResolver=letsencrypt
|
|
||||||
# redirect HTTP to HTTPS
|
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.rule=Host(`${SERVICE_DOMAIN:?err}`)
|
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.entrypoints=web
|
|
||||||
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https.redirectscheme.scheme=https
|
|
||||||
- traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https.redirectscheme.permanent=true
|
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.middlewares=${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https
|
|
|
@ -10,5 +10,5 @@ services:
|
||||||
labels:
|
labels:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.rule=Host(`${SERVICE_DOMAIN:?err}`)
|
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.rule=Host(`${VAULTWARDEN_DOMAIN:?err}`)
|
||||||
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
|
|
@ -11,15 +11,10 @@ services:
|
||||||
restart: always
|
restart: always
|
||||||
environment:
|
environment:
|
||||||
ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err}
|
ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err}
|
||||||
DOMAIN: https://${SERVICE_DOMAIN:?err}
|
DOMAIN: https://${VAULTWARDEN_DOMAIN:?err}
|
||||||
SENDS_ALLOWED: ${SENDS_ALLOWED:-true}
|
|
||||||
TRASH_AUTO_DELETE_DAYS: ${TRASH_AUTO_DELETE_DAYS:-}
|
|
||||||
DISABLE_ICON_DOWNLOAD: ${DISABLE_ICON_DOWNLOAD:-false}
|
|
||||||
SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true}
|
|
||||||
SIGNUPS_VERIFY: ${SIGNUPS_VERIFY:-false}
|
|
||||||
SIGNUPS_DOMAINS_WHITELIST: ${SIGNUPS_DOMAINS_WHITELIST:-}
|
|
||||||
INVITATION_ORG_NAME: ${VAULTWARDEN_INVITATION_ORG_NAME:-Vaultwarden}
|
INVITATION_ORG_NAME: ${VAULTWARDEN_INVITATION_ORG_NAME:-Vaultwarden}
|
||||||
LOG_LEVEL: ${VAULTWARDEN_LOG_LEVEL:-Info}
|
LOG_LEVEL: ${VAULTWARDEN_LOG_LEVEL:-Info}
|
||||||
|
SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true}
|
||||||
volumes:
|
volumes:
|
||||||
- vaultwarden:/data
|
- vaultwarden:/data
|
||||||
- /etc/timezone:/etc/timezone:ro
|
- /etc/timezone:/etc/timezone:ro
|
||||||
|
|
Loading…
Reference in New Issue