From 81d57c1bc86359b8fa5c2cc537b05523e111ffdd Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 26 Jul 2021 09:48:59 +0200 Subject: [PATCH 001/193] chore(Redis): Upgrade to 6.0.15 https://github.com/redis/redis/releases/tag/6.0.15 --- nextcloud/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 8539c30..09887e8 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -73,7 +73,7 @@ services: - /etc/localtime:/etc/localtime:ro nextcloud-redis: - image: ${REDIS_IMAGE:-redis:6.0.14-alpine} + image: ${REDIS_IMAGE:-redis:6.0.15-alpine} container_name: nextcloud-redis restart: always environment: -- 2.40.1 From bcc5898212374f89535e68cd1c2f4d0dde72dd6a Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 26 Jul 2021 09:49:35 +0200 Subject: [PATCH 002/193] feat(Redis): Add redis service --- redis/docker-compose.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 redis/docker-compose.yml diff --git a/redis/docker-compose.yml b/redis/docker-compose.yml new file mode 100644 index 0000000..8a272b4 --- /dev/null +++ b/redis/docker-compose.yml @@ -0,0 +1,10 @@ +version: "3.8" + +services: + redis: + image: ${REDIS_IMAGE:-redis:6.2.5-alpine} + container_name: ${REDIS_CONTAINER_NAME:-redis} + restart: always + volumes: + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro -- 2.40.1 From fbb7de22ee515ab40064b9991daa9da0c8876e00 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 26 Jul 2021 10:10:56 +0200 Subject: [PATCH 003/193] chore(HedgeDoc): Upgrade to 1.8.2-ls23 https://github.com/linuxserver/docker-hedgedoc/releases/tag/1.8.2-ls23 --- hedgedoc/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index c7dd5f2..15f905d 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: hedgedoc: container_name: ${HEDGEDOC_CONTAINER_NAME:-hedgedoc} - image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.8.2-ls22} + image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.8.2-ls23} restart: always depends_on: - postgres -- 2.40.1 From 2224ca90476378d64aadd2f04b2d2c19591fd7a8 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 26 Jul 2021 16:12:39 +0200 Subject: [PATCH 004/193] fix(HedgeDoc): Connexion on database failed with multi services because postgres ip is not good --- hedgedoc/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index 15f905d..920ae2b 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -17,7 +17,7 @@ services: - /etc/localtime:/etc/localtime:ro environment: # https://docs.hedgedoc.org/configuration/ - CMD_DB_URL: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@postgres:${POSTGRES_PORT:-5432}/${POSTGRES_DB:?err} + CMD_DB_URL: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@${POSTGRES_CONTAINER_NAME}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:?err} CMD_DOMAIN: ${HEDGEDOC_DOMAIN:?err} NODE_ENV: ${NODE_ENV:-development} # `production` or `development` CMD_PROTOCOL_USESSL: ${CMD_PROTOCOL_USESSL:-false} -- 2.40.1 From 86dc33b6ac4d4bef880c548775ab12f873029b91 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 26 Jul 2021 23:59:28 +0200 Subject: [PATCH 005/193] docs(HedgeDoc): Homogenization .env file with prod --- hedgedoc/.env | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/hedgedoc/.env b/hedgedoc/.env index 2f4a1e5..91306dd 100644 --- a/hedgedoc/.env +++ b/hedgedoc/.env @@ -1,8 +1,11 @@ ######## # DOCKER -COMPOSE_FILE=./docker-compose.yml:../postgres/docker-compose.yml:../traefik/docker-compose.network.yml +#DOCKER_CONTEXT= #DOCKER_HOST= +SERVICES_DIR=.. +COMPOSE_FILE=./docker-compose.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/traefik/docker-compose.network.yml +#COMPOSE_PROJECT_NAME= ########## # HEDGEDOC -- 2.40.1 From 87cbb6949163d4be91c9ac75da0a39bd8ce7e38c Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 27 Jul 2021 00:00:20 +0200 Subject: [PATCH 006/193] fix(HedgeDoc): Database name to backup and restore --- hedgedoc/run | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hedgedoc/run b/hedgedoc/run index ae96f55..efe0d41 100644 --- a/hedgedoc/run +++ b/hedgedoc/run @@ -20,14 +20,14 @@ hedgedoc_backup() { POSTGRES_BACKUP_FILE=backups/${BACKUP_DATE}_${HEDGEDOC_DOMAIN}_postgres.sql postgres_backup - docker run -it --rm -v $HOME/backups/${HEDGEDOC_DOMAIN}:/backup --volumes-from hedgedoc alpine:3.12.3 ash -c "cd config && tar cvf /backup/${BACKUP_DATE}_${HEDGEDOC_DOMAIN}_config.tar ." + docker run -it --rm -v $HOME/backups/${HEDGEDOC_DOMAIN}:/backup --volumes-from ${HEDGEDOC_CONTAINER_NAME} alpine:3.12.3 ash -c "cd config && tar cvf /backup/${BACKUP_DATE}_${HEDGEDOC_DOMAIN}_config.tar ." } hedgedoc_restore() { script_env postgres_restore - docker run -it --rm -v $HOME/backups/${HEDGEDOC_DOMAIN}:/backup --volumes-from hedgedoc alpine:3.12.3 ash -c "cd /config && tar xvf /backup/${BACKUP_DATE}_${HEDGEDOC_DOMAIN}_config.tar --strip 1" + docker run -it --rm -v $HOME/backups/${HEDGEDOC_DOMAIN}:/backup --volumes-from ${HEDGEDOC_CONTAINER_NAME} alpine:3.12.3 ash -c "cd /config && tar xvf /backup/${BACKUP_DATE}_${HEDGEDOC_DOMAIN}_config.tar --strip 1" } if [ $# -ge 1 ]; then -- 2.40.1 From f9821adc68563faf4cd6caf67b6c83d79d21762f Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 27 Jul 2021 10:53:48 +0200 Subject: [PATCH 007/193] feat(HedgeDoc): Add variable to configure upload folder, session and permission --- examples/hedgedoc.exemple.fr/.env | 10 +++++++++- hedgedoc/.env | 6 ++++++ hedgedoc/docker-compose.yml | 4 ++++ 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/examples/hedgedoc.exemple.fr/.env b/examples/hedgedoc.exemple.fr/.env index dd63a1d..9383189 100644 --- a/examples/hedgedoc.exemple.fr/.env +++ b/examples/hedgedoc.exemple.fr/.env @@ -1,8 +1,10 @@ ######## # DOCKER +#DOCKER_CONTEXT= #DOCKER_HOST= -COMPOSE_FILE=../../hedgedoc/docker-compose.yml:../../hedgedoc/docker-compose.traefik.yml:../../postgres/docker-compose.yml +SERVICES_DIR=../.. +COMPOSE_FILE=${SERVICES_DIR}/hedgedoc/docker-compose.yml:${SERVICES_DIR}/hedgedoc/docker-compose.traefik.yml:${SERVICES_DIR}/postgres/docker-compose.yml COMPOSE_PROJECT_NAME=hedgedoc_exemple_fr ########## @@ -12,11 +14,17 @@ HEDGEDOC_DOMAIN=hedgedoc.exemple.fr HEDGEDOC_VOLUME_NAME=hedgedoc_exemple_fr_hedgedoc HEDGEDOC_CONTAINER_NAME=hedgedoc_exemple_fr_hedgedoc #HEDGEDOC_IMAGE= + +# https://docs.hedgedoc.org/configuration/ #NODE_ENV= #CMD_PROTOCOL_USESSL= #CMD_ALLOW_GRAVATAR= #CMD_ALLOW_FREEURL= #CMD_ALLOW_EMAIL_REGISTER= +CMD_SESSION_SECRET=/ADm6sOuQ/EOhUA+xcmkQOtk9QDhggjsFBKQCLKrC6U= +#CMD_DEFAULT_PERMISSION= +#PGID= +#PUID= ########## # POSTGRES diff --git a/hedgedoc/.env b/hedgedoc/.env index 91306dd..63786ca 100644 --- a/hedgedoc/.env +++ b/hedgedoc/.env @@ -14,11 +14,17 @@ HEDGEDOC_DOMAIN=md.cool.life #HEDGEDOC_VOLUME_NAME= #HEDGEDOC_CONTAINER_NAME= #HEDGEDOC_IMAGE= + +# https://docs.hedgedoc.org/configuration/ #NODE_ENV= #CMD_PROTOCOL_USESSL= #CMD_ALLOW_GRAVATAR= #CMD_ALLOW_FREEURL= #CMD_ALLOW_EMAIL_REGISTER= +#CMD_SESSION_SECRET= +#CMD_DEFAULT_PERMISSION= +#PGID= +#PUID= ########## # POSTGRES diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index 920ae2b..faecba5 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -19,8 +19,12 @@ services: # https://docs.hedgedoc.org/configuration/ CMD_DB_URL: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@${POSTGRES_CONTAINER_NAME}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:?err} CMD_DOMAIN: ${HEDGEDOC_DOMAIN:?err} + CMD_SESSION_SECRET: ${CMD_SESSION_SECRET:?err} NODE_ENV: ${NODE_ENV:-development} # `production` or `development` CMD_PROTOCOL_USESSL: ${CMD_PROTOCOL_USESSL:-false} CMD_ALLOW_GRAVATAR: ${CMD_ALLOW_GRAVATAR:-true} CMD_ALLOW_FREEURL: ${CMD_ALLOW_FREEURL:-false} CMD_ALLOW_EMAIL_REGISTER: ${CMD_ALLOW_EMAIL_REGISTER:-true} + CMD_DEFAULT_PERMISSION: ${CMD_DEFAULT_PERMISSION:-editable} + PGID: ${PGID:-1000} + PUID: ${PUID:-1000} -- 2.40.1 From e3e653d70071a4a6eecbe6fe4343d54f26a9f38f Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 29 Jul 2021 22:59:57 +0200 Subject: [PATCH 008/193] docs: Update documentation --- README.md | 10 ++++++---- .../.env | 16 ++++++++-------- hedgedoc/README.md | 9 +++++---- 3 files changed, 19 insertions(+), 16 deletions(-) rename examples/{hedgedoc.exemple.fr => hedgedoc.example.com}/.env (59%) diff --git a/README.md b/README.md index a05f9cb..05c3ba0 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,12 @@ # Services -Vous trouverez dans ce dépôt l'ensemble des services Open Source que je propose. +Vous trouverez dans ce dépôt l'ensemble des services Open Source que j'utilise et mets à jour quotidiennement. ## Liste des services ### Pour les utilisateurs -- [CodiMD](./codimd) : Prise de note en Markdown collaborative en temps réel +- [HedgeDoc](./hedgedoc) : Prise de note en Markdown collaborative en temps réel - [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration ### Pour les devs / ops @@ -51,17 +51,18 @@ En haut de chaque script il y a `set -eu` qui veut dire : - [Gestion de service avec Traefik](https://github.com/lfache/awesome-traefik) - [Exemple de service docker](https://github.com/crazy-max) +- [LinuxServer qui construit et maintient des images Docker](https://www.linuxserver.io/) ## Tâches Général : - [ ] Mettre en place une rotation des logs -- [ ] Mettre à jour la documentation des services (CodiMD, Drone, Gitea, Grafana, Nextcloud, Postgres, Prometheus, Registry, Traefik, Watchtower) +- [ ] Mettre à jour la documentation des services (HedgeDoc, Drone, Gitea, Grafana, Nextcloud, Postgres, Prometheus, Registry, Traefik, Watchtower) Services : -- [ ] [CodiMD] Modifier l'image pour utiliser le fork [HedgeDoc](https://hedgedoc.org/) surtout quand [la version 2.0](https://github.com/hedgedoc/hedgedoc/milestone/6) sera sortie +- [ ] [HedgeDoc] Mettre à jour les scripts de sauvegarde et restauration pour correspondre à la nouvelle architecture - [ ] [Drone] Création d'un script de sauvegarde et restauration - [ ] [Nextcloud] Ajout des informations SMTP - [ ] [Nextcloud] Prendre les bonnes pratique sur le dépot de [crazy-max](https://github.com/crazy-max/docker-nextcloud/blob/master/examples/traefik/docker-compose.yml) @@ -74,6 +75,7 @@ Services : Réalisées : +- [x] ~~[CodiMD] Modifier l'image pour utiliser le fork [HedgeDoc](https://hedgedoc.org/) (2021-07-27)~~ - [x] ~~[Nextcloud] Mise à jour de Redis en version [6.0.13](https://github.com/redis/redis/releases/tag/6.0.13) (2021-05-04)~~ - [x] ~~[Grafana] Mise à jour en version [7.5.5](https://github.com/grafana/grafana/releases/tag/v7.5.5) (2021-05-04)~~ - [x] ~~Mettre à jour la documentation général et rapatrier les tâches des services ici (2021-05-04)~~ diff --git a/examples/hedgedoc.exemple.fr/.env b/examples/hedgedoc.example.com/.env similarity index 59% rename from examples/hedgedoc.exemple.fr/.env rename to examples/hedgedoc.example.com/.env index 9383189..4347d02 100644 --- a/examples/hedgedoc.exemple.fr/.env +++ b/examples/hedgedoc.example.com/.env @@ -2,17 +2,17 @@ # DOCKER #DOCKER_CONTEXT= -#DOCKER_HOST= +#DOCKER_HOST= // Pour déployer sur un serveur distant SERVICES_DIR=../.. COMPOSE_FILE=${SERVICES_DIR}/hedgedoc/docker-compose.yml:${SERVICES_DIR}/hedgedoc/docker-compose.traefik.yml:${SERVICES_DIR}/postgres/docker-compose.yml -COMPOSE_PROJECT_NAME=hedgedoc_exemple_fr +COMPOSE_PROJECT_NAME=hedgedoc_example_com ########## # HEDGEDOC -HEDGEDOC_DOMAIN=hedgedoc.exemple.fr -HEDGEDOC_VOLUME_NAME=hedgedoc_exemple_fr_hedgedoc -HEDGEDOC_CONTAINER_NAME=hedgedoc_exemple_fr_hedgedoc +HEDGEDOC_DOMAIN=hedgedoc.example.com +HEDGEDOC_VOLUME_NAME=hedgedoc_example_com_hedgedoc +HEDGEDOC_CONTAINER_NAME=hedgedoc_example_com_hedgedoc #HEDGEDOC_IMAGE= # https://docs.hedgedoc.org/configuration/ @@ -32,12 +32,12 @@ CMD_SESSION_SECRET=/ADm6sOuQ/EOhUA+xcmkQOtk9QDhggjsFBKQCLKrC6U= POSTGRES_USER=user POSTGRES_PASSWORD=password POSTGRES_DB=database -POSTGRES_VOLUME_NAME=hedgedoc_exemple_fr_postgres -POSTGRES_CONTAINER_NAME=hedgedoc_exemple_fr_postgres +POSTGRES_VOLUME_NAME=hedgedoc_example_com_postgres +POSTGRES_CONTAINER_NAME=hedgedoc_example_com_postgres #POSTGRES_IMAGE= ######### # TRAEFIK #TRAEFIK_NETWORK_NAME= -TRAEFIK_ROUTER_NAME=hedgedoc_exemple_fr # Don't use char '.' +TRAEFIK_ROUTER_NAME=hedgedoc_example_com # Don't use char '.' diff --git a/hedgedoc/README.md b/hedgedoc/README.md index acd8ec8..3e21d12 100644 --- a/hedgedoc/README.md +++ b/hedgedoc/README.md @@ -5,14 +5,15 @@ ## Docker compose La configuration est séparé en 3 fichiers : -- docker-compose.yml avec le service spécifique à HedgeDoc -- ../postgres/docker-compose.yml pour la partie base de donnée +- [`./docker-compose.yml`](./docker-compose.yml) avec le service spécifique à HedgeDoc +- [`./docker-compose.traefik.yml`](./docker-compose.traefik.yml) pour la partie Traefik +- [`../postgres/docker-compose.yml`](../postgres/docker-compose.yml) pour la partie base de donnée PostgreSQL ## Configuration [De nombreuses variables d'environnement][documentation] peuvent être précisé pour configurer HedgeDoc. -Modifier les variables dans le fichier `.env`. +Modifier les variables dans le fichier [`.env`](../examples/hedgedoc.example.com/.env). Lancer le service : @@ -24,7 +25,7 @@ docker-compose up -d - [Site officiel][website] - [Github][github] -- [L'image Docker][docker] +- [L'image Docker de LinuxServer][docker] [website]: https://hedgedoc.org/ [docker]: https://hub.docker.com/r/linuxserver/hedgedoc -- 2.40.1 From 0c7150671a6971c7434e75ac78b70a8c2693fe7a Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 23 Aug 2021 11:44:58 +0200 Subject: [PATCH 009/193] chore(Grafana): Upgrade to 8.1.2 https://github.com/grafana/grafana/releases/tag/v8.1.2 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 51005f5..f7c2398 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -12,7 +12,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.0.6} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.1.2} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From cda56358442688d96b642af3b0b8c385e3276c8a Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 23 Aug 2021 11:49:12 +0200 Subject: [PATCH 010/193] chore(Gitea): Upgrade to 1.15.0 https://github.com/go-gitea/gitea/releases/tag/v1.15.0 --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index ff34747..b035853 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.14.5} + image: ${GITEA_IMAGE:-gitea/gitea:1.15.0} restart: always environment: # - USER_UID=1000 -- 2.40.1 From b97bc0f8b0ae6f4b901978aa56382b5c70ef7970 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 30 Aug 2021 15:46:54 +0200 Subject: [PATCH 011/193] chore(Nextcloud): Upgrade to 22.1.0 https://nextcloud.com/changelog/#22-1-0 --- nextcloud/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 09887e8..209a8ad 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -31,7 +31,7 @@ services: nextcloud-fpm: container_name: nextcloud-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:21.0.3-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:22.1.0-fpm-alpine} restart: always hostname: ${NEXTCLOUD_DOMAIN} depends_on: -- 2.40.1 From 6dc9a440cf384a12b86044bb1ad69ff80a80383e Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 6 Sep 2021 08:52:26 +0200 Subject: [PATCH 012/193] chore(Gitea): Upgrade to 1.15.2 https://github.com/go-gitea/gitea/releases/tag/v1.15.2 --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index b035853..20dac64 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.15.0} + image: ${GITEA_IMAGE:-gitea/gitea:1.15.2} restart: always environment: # - USER_UID=1000 -- 2.40.1 From 0590da19ee88e08ad907a18ef009ab1e79a12d1a Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 6 Sep 2021 08:58:22 +0200 Subject: [PATCH 013/193] chore(Traefik): Upgrade to 2.5.2 https://github.com/traefik/traefik/releases/tag/v2.5.2 --- traefik/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index e7eef11..7a9379b 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -11,7 +11,7 @@ networks: services: traefik: container_name: ${TRAEFIK_CONTAINER_NAME:-traefik} - image: ${TRAEFIK_IMAGE:-traefik:v2.4.11} + image: ${TRAEFIK_IMAGE:-traefik:v2.5.2} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock -- 2.40.1 From 3b9bd86846110226be148891b9607126dd831608 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 6 Sep 2021 09:33:59 +0200 Subject: [PATCH 014/193] chore(Nextcloud): Upgrade to 21.1.1 https://nextcloud.com/changelog/#22-1-1 --- nextcloud/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 209a8ad..10b6672 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -31,7 +31,7 @@ services: nextcloud-fpm: container_name: nextcloud-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:22.1.0-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:22.1.1-fpm-alpine} restart: always hostname: ${NEXTCLOUD_DOMAIN} depends_on: @@ -84,7 +84,7 @@ services: - /etc/localtime:/etc/localtime:ro nextcloud-cron: - image: ${NEXTCLOUD_IMAGE:-nextcloud:21.0.3-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:22.1.1-fpm-alpine} container_name: nextcloud-cron restart: always depends_on: -- 2.40.1 From c782b45363e7690bbad68e5255557ea4105bda53 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 6 Sep 2021 09:44:18 +0200 Subject: [PATCH 015/193] chore(Postgres): Upgrade to 13.4 and 12.8 https://www.postgresql.org/docs/release/12.8/ https://www.postgresql.org/docs/release/13.4/ --- nextcloud/docker-compose.yml | 2 +- postgres/docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 10b6672..060ff0a 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -59,7 +59,7 @@ services: nextcloud-postgres: container_name: ${POSTGRES_CONTAINER_NAME} - image: ${POSTGRES_IMAGE:-postgres:12.7-alpine} + image: ${POSTGRES_IMAGE:-postgres:12.8-alpine} restart: always environment: POSTGRES_USER: ${POSTGRES_USER} diff --git a/postgres/docker-compose.yml b/postgres/docker-compose.yml index fbfab48..91c3030 100644 --- a/postgres/docker-compose.yml +++ b/postgres/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: postgres: container_name: ${POSTGRES_CONTAINER_NAME:-postgres} - image: ${POSTGRES_IMAGE:-postgres:13.3-alpine} + image: ${POSTGRES_IMAGE:-postgres:13.4-alpine} restart: always environment: POSTGRES_USER: ${POSTGRES_USER:?err} -- 2.40.1 From a1ffc9f0fa3653082cbd5acaa696e0bf29355efa Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 6 Sep 2021 09:55:02 +0200 Subject: [PATCH 016/193] chore(Redis): Upgrade to 6.2.5 https://github.com/redis/redis/releases/tag/6.2.5 --- nextcloud/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 060ff0a..4300b5f 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -73,7 +73,7 @@ services: - /etc/localtime:/etc/localtime:ro nextcloud-redis: - image: ${REDIS_IMAGE:-redis:6.0.15-alpine} + image: ${REDIS_IMAGE:-redis:6.2.5-alpine} container_name: nextcloud-redis restart: always environment: -- 2.40.1 From e21e654177d88b63e91c5c0cb1191966e06102d6 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 6 Sep 2021 09:55:40 +0200 Subject: [PATCH 017/193] feat(Redis): Add PUID and GPID variable --- redis/docker-compose.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/redis/docker-compose.yml b/redis/docker-compose.yml index 8a272b4..1ddace0 100644 --- a/redis/docker-compose.yml +++ b/redis/docker-compose.yml @@ -5,6 +5,9 @@ services: image: ${REDIS_IMAGE:-redis:6.2.5-alpine} container_name: ${REDIS_CONTAINER_NAME:-redis} restart: always + environment: + PUID: ${REDIS_PUID:-1000} + PGID: ${REDIS_PGID:-1000} volumes: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro -- 2.40.1 From aba6862e2809e1a0a489ebbdb097a0e073b86c3a Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 6 Sep 2021 09:59:14 +0200 Subject: [PATCH 018/193] chore(Nginx): Upgrade to 1.21.1 http://nginx.org/en/CHANGES --- nextcloud/web/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/web/Dockerfile b/nextcloud/web/Dockerfile index 01cf2a6..d183bd2 100644 --- a/nextcloud/web/Dockerfile +++ b/nextcloud/web/Dockerfile @@ -1,3 +1,3 @@ -FROM nginx:1.19.6-alpine +FROM nginx:1.21.1-alpine COPY nginx.conf /etc/nginx/nginx.conf -- 2.40.1 From 3a17eb8b881e774c5136a2e140eb1aea2db63db2 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 13 Sep 2021 09:48:34 +0200 Subject: [PATCH 019/193] chore(Grafana): Upgrade to 8.1.3 https://github.com/grafana/grafana/releases/tag/v8.1.3 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index f7c2398..81d31a8 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -12,7 +12,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.1.2} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.1.3} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From b22d545ed6db19e89eb6392a4c33ffc0d1a85c1e Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 15 Sep 2021 22:31:45 +0200 Subject: [PATCH 020/193] fix(Hedgedoc): Backup uploaded files Environment variables take precedence over configurations from the config files, so don't backup it. --- hedgedoc/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index faecba5..4d15883 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -12,7 +12,7 @@ services: depends_on: - postgres volumes: - - hedgedoc:/config + - hedgedoc:/opt/hedgedoc/public/uploads - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro environment: -- 2.40.1 From c8f242428aee8393437d812db13fa0c37bc951b6 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 27 Sep 2021 10:27:14 +0200 Subject: [PATCH 021/193] chore(Hedgedoc): Upgrade to 1.9.0 https://github.com/linuxserver/docker-hedgedoc/releases/tag/1.9.0-ls31 --- hedgedoc/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index 4d15883..76d0e92 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: hedgedoc: container_name: ${HEDGEDOC_CONTAINER_NAME:-hedgedoc} - image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.8.2-ls23} + image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.9.0-ls31} restart: always depends_on: - postgres -- 2.40.1 From 0d52bdfd5930f5568abb28f46ac1018fac097d5f Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 27 Sep 2021 10:43:16 +0200 Subject: [PATCH 022/193] chore(Grafana): Upgrade to 8.1.5 https://github.com/grafana/grafana/releases/tag/v8.1.5 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 81d31a8..93aa795 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -12,7 +12,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.1.3} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.1.5} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From 9f4327cae2dfc7a9e3cd4467e871bec486fc3b49 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 27 Sep 2021 10:54:56 +0200 Subject: [PATCH 023/193] chore(Traefik): Upgrade to 2.5.3 https://github.com/traefik/traefik/releases/tag/v2.5.3 --- traefik/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 7a9379b..94cc865 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -11,7 +11,7 @@ networks: services: traefik: container_name: ${TRAEFIK_CONTAINER_NAME:-traefik} - image: ${TRAEFIK_IMAGE:-traefik:v2.5.2} + image: ${TRAEFIK_IMAGE:-traefik:v2.5.3} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock -- 2.40.1 From 2fbb7ca0ca16ad79ac179d5af98ef29a2568ee69 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 27 Sep 2021 11:06:54 +0200 Subject: [PATCH 024/193] chore(Gitea): Upgrade to 1.15.3 https://github.com/go-gitea/gitea/releases/tag/v1.15.3 --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 20dac64..0b23ede 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.15.2} + image: ${GITEA_IMAGE:-gitea/gitea:1.15.3} restart: always environment: # - USER_UID=1000 -- 2.40.1 From f204561f5ff216bbe1e38e9509089cb198e10a5f Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 8 Oct 2021 12:30:49 +0200 Subject: [PATCH 025/193] feat(Directus): Add new service --- README.md | 1 + directus/.env | 30 ++++++++++++++++++++++++ directus/README.md | 18 +++++++++++++++ directus/docker-compose.yml | 46 +++++++++++++++++++++++++++++++++++++ 4 files changed, 95 insertions(+) create mode 100644 directus/.env create mode 100644 directus/README.md create mode 100644 directus/docker-compose.yml diff --git a/README.md b/README.md index 05c3ba0..538cbe0 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que j'utilise - [HedgeDoc](./hedgedoc) : Prise de note en Markdown collaborative en temps réel - [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration +- [Directus](./directus) : Permet d'administrer une base de données ### Pour les devs / ops diff --git a/directus/.env b/directus/.env new file mode 100644 index 0000000..b9c3c90 --- /dev/null +++ b/directus/.env @@ -0,0 +1,30 @@ +######## +# DOCKER + +#DOCKER_CONTEXT= +#DOCKER_HOST= +SERVICES_DIR=.. +COMPOSE_FILE=./docker-compose.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml:${SERVICES_DIR}/traefik/docker-compose.network.yml +#COMPOSE_PROJECT_NAME= + +########## +# DIRECTUS +# +# see https://github.com/directus/directus/blob/main/api/example.env + +DIRECTUS_DOMAIN=directus.cool.life +DIRECTUS_KEY=255d861b-5ea1-5996-9aa3-922530ec40b1 +DIRECTUS_SECRET=6116487b-cda1-52c2-b5b5-c8022c45e263 +DIRECTUS_ADMIN_EMAIL=admin@example.com +DIRECTUS_ADMIN_PASSWORD=d1r3ctu5 +# DIRECTUS_PUID= +# DIRECTUS_PGID= + +########## +# POSTGRES + +POSTGRES_USER=user-example +POSTGRES_PASSWORD=password-example +POSTGRES_DB=postgres-database-name-example +POSTGRES_CONTAINER_NAME=directus-postgres +POSTGRES_VOLUME_NAME=directus-postgres diff --git a/directus/README.md b/directus/README.md new file mode 100644 index 0000000..acea0b2 --- /dev/null +++ b/directus/README.md @@ -0,0 +1,18 @@ +# Directus + +> Directus wraps your new or existing SQL database with a realtime GraphQL+REST API for developers, and an intuitive admin app for non-technical users. + +## Configuration + +[De nombreuses variables d'environnement][documentation] peuvent être précisé pour configurer Directus. + +## Liens + +- [Site officiel][website] +- [Github][github] +- [L'image Docker][docker] + +[website]: https://directus.io/ +[docker]: https://hub.docker.com/r/directus/directus +[github]: https://github.com/directus/directus/ +[documentation]: https://docs.directus.io/reference/environment-variables/ diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml new file mode 100644 index 0000000..f93b670 --- /dev/null +++ b/directus/docker-compose.yml @@ -0,0 +1,46 @@ +--- +version: "3.8" + +volumes: + directus: + name: ${DIRECTUS_VOLUME_NAME:-directus} + +services: + directus: + container_name: ${DIRECTUS_CONTAINER_NAME:-directus} + image: ${DIRECTUS_IMAGE:-directus/directus:9.0.0-rc.95} + restart: always + volumes: + - directus:/directus/uploads + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + depends_on: + - postgres + - redis + environment: + KEY: ${DIRECTUS_KEY:?err} + SECRET: ${DIRECTUS_SECRET:?err} + TELEMETRY: false + + ADMIN_EMAIL: ${DIRECTUS_ADMIN_EMAIL:?err} + ADMIN_PASSWORD: ${DIRECTUS_ADMIN_PASSWORD:?err} + PUBLIC_URL: ${DIRECTUS_PUBLIC_URL:?err} + + DB_CLIENT: 'pg' + DB_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} + DB_PORT: '5432' + DB_DATABASE: ${POSTGRES_DB:?err} + DB_USER: ${POSTGRES_USER:?err} + DB_PASSWORD: ${POSTGRES_PASSWORD:?err} + + CACHE_ENABLED: 'true' + CACHE_STORE: 'redis' + CACHE_REDIS: 'redis://${REDIS_CONTAINER_NAME:-redis}:6379' + + PUID: ${DIRECTUS_PUID:-1000} + PGID: ${DIRECTUS_PGID:-1000} + labels: + traefik.enable: 'true' + traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik} + traefik.http.routers.directus.rule: 'Host(`${DIRECTUS_DOMAIN:?err}`)' + traefik.http.routers.directus.entrypoints: 'web' -- 2.40.1 From d1b92e0a1705142071ad55d926eff3f2889ff524 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 8 Oct 2021 12:50:31 +0200 Subject: [PATCH 026/193] feat(Directus): Add variable for Traefik router name --- directus/docker-compose.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index f93b670..8da67b2 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -40,7 +40,7 @@ services: PUID: ${DIRECTUS_PUID:-1000} PGID: ${DIRECTUS_PGID:-1000} labels: - traefik.enable: 'true' - traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik} - traefik.http.routers.directus.rule: 'Host(`${DIRECTUS_DOMAIN:?err}`)' - traefik.http.routers.directus.entrypoints: 'web' + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-directus}.rule=Host(`${DIRECTUS_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-directus}.entrypoints=web -- 2.40.1 From 671d8e0d6db174e893950cd23a565e549b459f4a Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 11 Oct 2021 09:09:57 +0200 Subject: [PATCH 027/193] feat(Hedgedoc): Add authentication variable https://docs.hedgedoc.org/configuration/ --- hedgedoc/docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index 76d0e92..382d82b 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -24,6 +24,7 @@ services: CMD_PROTOCOL_USESSL: ${CMD_PROTOCOL_USESSL:-false} CMD_ALLOW_GRAVATAR: ${CMD_ALLOW_GRAVATAR:-true} CMD_ALLOW_FREEURL: ${CMD_ALLOW_FREEURL:-false} + CMD_REQUIRE_FREEURL_AUTHENTICATION: ${CMD_REQUIRE_FREEURL_AUTHENTICATION:-false} CMD_ALLOW_EMAIL_REGISTER: ${CMD_ALLOW_EMAIL_REGISTER:-true} CMD_DEFAULT_PERMISSION: ${CMD_DEFAULT_PERMISSION:-editable} PGID: ${PGID:-1000} -- 2.40.1 From 88af04b23324e1a519f25203948bdadae96406d4 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 11 Oct 2021 09:23:11 +0200 Subject: [PATCH 028/193] feat(Hedgedoc): Add configuration variables https://docs.hedgedoc.org/configuration/ --- hedgedoc/docker-compose.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index 382d82b..d92a571 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -23,9 +23,11 @@ services: NODE_ENV: ${NODE_ENV:-development} # `production` or `development` CMD_PROTOCOL_USESSL: ${CMD_PROTOCOL_USESSL:-false} CMD_ALLOW_GRAVATAR: ${CMD_ALLOW_GRAVATAR:-true} + CMD_ALLOW_ANONYMOUS: ${CMD_ALLOW_ANONYMOUS:-true} + CMD_ALLOW_ANONYMOUS_EDITS: ${CMD_ALLOW_ANONYMOUS_EDITS:-false} CMD_ALLOW_FREEURL: ${CMD_ALLOW_FREEURL:-false} CMD_REQUIRE_FREEURL_AUTHENTICATION: ${CMD_REQUIRE_FREEURL_AUTHENTICATION:-false} - CMD_ALLOW_EMAIL_REGISTER: ${CMD_ALLOW_EMAIL_REGISTER:-true} CMD_DEFAULT_PERMISSION: ${CMD_DEFAULT_PERMISSION:-editable} + CMD_ALLOW_EMAIL_REGISTER: ${CMD_ALLOW_EMAIL_REGISTER:-true} PGID: ${PGID:-1000} PUID: ${PUID:-1000} -- 2.40.1 From 50f2b22523b4a31cc18f101ce4b9228deba67851 Mon Sep 17 00:00:00 2001 From: Simon C Date: Sat, 23 Oct 2021 00:45:25 +0200 Subject: [PATCH 029/193] docs: Add more documentation --- README.md | 12 ++++++++---- examples/README.md | 2 ++ hedgedoc/README.md | 2 +- nextcloud/README.md | 4 +++- 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 538cbe0..ce25778 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Services -Vous trouverez dans ce dépôt l'ensemble des services Open Source que j'utilise et mets à jour quotidiennement. +Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien utilise et mets à jour de façon presque hebdomadaire. L'ensemble des variable d'environnement enregistré dans les fichiers `.env` sont présent pour une logique d'exemple et n'ont jamais été utilisé en production. Nous vous conseillons de jamais le faire si vous utilisez le dépôt. ## Liste des services @@ -12,18 +12,18 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que j'utilise ### Pour les devs / ops -- [Drone](./drone) `en pause` : Un service d'intégration continue +- [Drone](./drone) ⏸️ `en pause` : Un service d'intégration continue - [Gitea](./gitea) : Un service Git auto-hébergé très simple à installer et à utiliser. Il est similaire à GitHub, Bitbucket ou Gitlab. - [Grafana](./grafana) : Un outil de supervision simple et élégant - [PostgreSQL](./postgres) : PostgreSQL est un système de gestion de base de données relationnelle et objet. - [Prometheus](./prometheus) : Un logiciel de surveillance informatique - [Docker Registry](./registry) : Une application qui permet de distribuer des images Docker - [Traefik](./traefik) : Traefik, un reverse-proxy pour vos conteneurs -- [Watchtower](./watchtower) `en pause` : Automatiser la mise à jour d'image docker +- [Watchtower](./watchtower) : Automatiser la mise à jour d'image docker ## Comment ça marche ? -Vous pouvez réutiliser ce dépôt pour votre infrastructure. J'ai mis une documentation dans le dossier [_examples_](./examples). +Vous pouvez réutiliser ce dépôt pour vos services, une documentation dans le dossier [_examples_](./examples). ### Docker et Docker Compose @@ -36,6 +36,8 @@ Voici les commandes de base : ### ./run +> 🚧 RésiLien a changé de façon de faire et nous n'utilisons plus les scripts `run`. Nous passons maintenant par Ansible. Les scripts ne seront plus mise à jour et finirons peut être par être supprimé. Utilisez les avec précaution. + Vous pourrez trouver dans les dossiers des services un script bash `run`. Le principe est de faciliter la maintenance de chaque service. Vous pouvez lancer le script sans paramètre pour afficher la documentation du script. @@ -56,6 +58,8 @@ En haut de chaque script il y a `set -eu` qui veut dire : ## Tâches +> 🚧 Ses tâches ne sont pas à jour + Général : - [ ] Mettre en place une rotation des logs diff --git a/examples/README.md b/examples/README.md index 097bf2c..6979a90 100644 --- a/examples/README.md +++ b/examples/README.md @@ -13,3 +13,5 @@ Si nous allons dans le dossier `traefik.cool.life` par example, il est possible ## DOCKER_HOST Si vous gérez des serveurs à distance, il est possible d'utiliser la variable `DOCKER_HOST` dans votre fichier `.env` pour expliquer que le service doit s’exécuter sur ce serveur. + +> Résilien utilise maintenant ce système avec une génération automatique des fichiers .env à l'aide d'Ansible, nous permettant de facilement déployer un nouveau service, de le déplacer de serveur diff --git a/hedgedoc/README.md b/hedgedoc/README.md index 3e21d12..16c7803 100644 --- a/hedgedoc/README.md +++ b/hedgedoc/README.md @@ -11,7 +11,7 @@ La configuration est séparé en 3 fichiers : ## Configuration -[De nombreuses variables d'environnement][documentation] peuvent être précisé pour configurer HedgeDoc. +[De nombreuses variables d'environnement][documentation] peuvent être précisé pour configurer HedgeDoc, elles n'ont pas tous été intégrées. Modifier les variables dans le fichier [`.env`](../examples/hedgedoc.example.com/.env). diff --git a/nextcloud/README.md b/nextcloud/README.md index 57d7ad5..2f04a15 100644 --- a/nextcloud/README.md +++ b/nextcloud/README.md @@ -10,10 +10,12 @@ > > -- [Github][github] -On peut trouver [la documentation ici][documentation]. +On peut trouver [la documentation ici][documentation] en anglais ou ici pour la [traduction française](https://doc-nextcloud-fr.indie.host/fr/) fait par [IndieHosters](https://indiehosters.net/) et [Paquerette](https://paquerette.eu/). ## Aide +Exemple de commande : + ```sh docker exec --user www-data -it nextcloud bash -- 2.40.1 From f14f2cafebcdd211f3eb93975c05ce98cc3bb8ce Mon Sep 17 00:00:00 2001 From: Killian Kemps Date: Sat, 23 Oct 2021 16:06:42 +0200 Subject: [PATCH 030/193] style(doc): Fix some typos --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index ce25778..716004e 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Services -Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien utilise et mets à jour de façon presque hebdomadaire. L'ensemble des variable d'environnement enregistré dans les fichiers `.env` sont présent pour une logique d'exemple et n'ont jamais été utilisé en production. Nous vous conseillons de jamais le faire si vous utilisez le dépôt. +Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien utilise et met à jour de façon presque hebdomadaire. L'ensemble des variables d'environnement enregistrées dans les fichiers `.env` est présent pour une logique d'exemple et n'a jamais été utilisé en production. Nous vous conseillons de ne jamais le faire si vous utilisez le dépôt. ## Liste des services @@ -23,7 +23,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien ## Comment ça marche ? -Vous pouvez réutiliser ce dépôt pour vos services, une documentation dans le dossier [_examples_](./examples). +Vous pouvez réutiliser ce dépôt pour vos services, il existe une documentation dans le dossier [_examples_](./examples). ### Docker et Docker Compose @@ -36,11 +36,11 @@ Voici les commandes de base : ### ./run -> 🚧 RésiLien a changé de façon de faire et nous n'utilisons plus les scripts `run`. Nous passons maintenant par Ansible. Les scripts ne seront plus mise à jour et finirons peut être par être supprimé. Utilisez les avec précaution. +> 🚧 RésiLien a changé de façon de faire et nous n'utilisons plus les scripts `run`. Nous passons maintenant par Ansible. Les scripts ne seront plus mis à jour et finiront peut être par être supprimés. Utilisez les avec précaution. Vous pourrez trouver dans les dossiers des services un script bash `run`. Le principe est de faciliter la maintenance de chaque service. -Vous pouvez lancer le script sans paramètre pour afficher la documentation du script. +Vous pouvez lancer le script sans paramètres pour afficher la documentation du script. ## Documentation -- 2.40.1 From fd5e12a20188d4c2d9bda7488560bf027bb7ee2a Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 25 Oct 2021 09:52:26 +0200 Subject: [PATCH 031/193] chore(Gitea): Upgrade to 1.15.5 https://github.com/go-gitea/gitea/releases/tag/v1.15.4 https://github.com/go-gitea/gitea/releases/tag/v1.15.5 --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 0b23ede..255d520 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.15.3} + image: ${GITEA_IMAGE:-gitea/gitea:1.15.5} restart: always environment: # - USER_UID=1000 -- 2.40.1 From 8ee63ec4b2f1af22bf921c7b4dece9923b18c198 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 25 Oct 2021 10:33:04 +0200 Subject: [PATCH 032/193] chore(Grafana): Upgrade to 8.2.2 https://github.com/grafana/grafana/releases/tag/v8.2.2 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 93aa795..4e16751 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -12,7 +12,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.1.5} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.2.2} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From 80004a446009b2ff1bab5f69d5dfda390f50cc2e Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 25 Oct 2021 10:39:53 +0200 Subject: [PATCH 033/193] chore(Redis): Upgrade to 6.2.6 [SECURITY] https://github.com/redis/redis/releases/tag/6.2.6 --- nextcloud/docker-compose.yml | 2 +- redis/docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 4300b5f..ee5a877 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -73,7 +73,7 @@ services: - /etc/localtime:/etc/localtime:ro nextcloud-redis: - image: ${REDIS_IMAGE:-redis:6.2.5-alpine} + image: ${REDIS_IMAGE:-redis:6.2.6-alpine} container_name: nextcloud-redis restart: always environment: diff --git a/redis/docker-compose.yml b/redis/docker-compose.yml index 1ddace0..35755cd 100644 --- a/redis/docker-compose.yml +++ b/redis/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.8" services: redis: - image: ${REDIS_IMAGE:-redis:6.2.5-alpine} + image: ${REDIS_IMAGE:-redis:6.2.6-alpine} container_name: ${REDIS_CONTAINER_NAME:-redis} restart: always environment: -- 2.40.1 From 9786534a2e571b28a42504f012610c307171efe2 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 25 Oct 2021 10:50:14 +0200 Subject: [PATCH 034/193] chore(Nextcloud): Upgrade to 22.2.0 https://nextcloud.com/changelog/#22-2-0 --- nextcloud/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index ee5a877..811ae91 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -31,7 +31,7 @@ services: nextcloud-fpm: container_name: nextcloud-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:22.1.1-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.0-fpm-alpine} restart: always hostname: ${NEXTCLOUD_DOMAIN} depends_on: @@ -84,7 +84,7 @@ services: - /etc/localtime:/etc/localtime:ro nextcloud-cron: - image: ${NEXTCLOUD_IMAGE:-nextcloud:22.1.1-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.0-fpm-alpine} container_name: nextcloud-cron restart: always depends_on: -- 2.40.1 From abd1dd06fc7dad519307d81f239fbc56d205e67f Mon Sep 17 00:00:00 2001 From: Killian Kemps Date: Wed, 3 Nov 2021 12:23:09 +0100 Subject: [PATCH 035/193] feat(traefik_lb): Add a Traefik LB configuration --- traefik_lb/.env | 1 + traefik_lb/README.md | 3 ++ traefik_lb/docker-compose.yml | 82 +++++++++++++++++++++++++++++++++++ traefik_lb/run | 41 ++++++++++++++++++ 4 files changed, 127 insertions(+) create mode 100644 traefik_lb/.env create mode 100644 traefik_lb/README.md create mode 100644 traefik_lb/docker-compose.yml create mode 100644 traefik_lb/run diff --git a/traefik_lb/.env b/traefik_lb/.env new file mode 100644 index 0000000..853885a --- /dev/null +++ b/traefik_lb/.env @@ -0,0 +1 @@ +TRAEFIK_DOMAIN=localhost diff --git a/traefik_lb/README.md b/traefik_lb/README.md new file mode 100644 index 0000000..a07e029 --- /dev/null +++ b/traefik_lb/README.md @@ -0,0 +1,3 @@ +# Traefik Load Balancer + +Il s'agit d'une configuration dépendante du service [Traefik](../traefik) auquel une configuration de load balancer et de terminaison SSL/TLS a été ajoutée . diff --git a/traefik_lb/docker-compose.yml b/traefik_lb/docker-compose.yml new file mode 100644 index 0000000..94421e0 --- /dev/null +++ b/traefik_lb/docker-compose.yml @@ -0,0 +1,82 @@ +version: "3.8" + +networks: + default: + driver: bridge + traefik: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + # speedtest-exporter: + # image: ghcr.io/miguelndecarvalho/speedtest-exporter:v3.2.2 + # container_name: speedtest-exporter + # environment: + # # - SPEEDTEST_PORT= #optional + # - SPEEDTEST_SEVER=2023 #optional + # ports: + # - 9798:9798 + # restart: unless-stopped + # labels: + # traefik.enable: 'true' + # traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik} + # traefik.http.routers.speedtest.rule: 'Host(`speedtest.violet.weko.io`)' + # traefik.http.routers.speedtest.entrypoints: 'websecure' + + traefik: + ports: + - target: 443 + published: 443 + protocol: tcp + mode: host + environment: + OVH_APPLICATION_KEY: ${TRAEFIK_OVH_APPLICATION_KEY} + OVH_APPLICATION_SECRET: ${TRAEFIK_OVH_APPLICATION_SECRET} + OVH_CONSUMER_KEY: ${TRAEFIK_OVH_CONSUMER_KEY} + OVH_ENDPOINT: ovh-eu + OVH_POLLING_INTERVAL: 30 + OVH_PROPAGATION_TIMEOUT: 3600 + command: + # - --accesslog=true + - --api.insecure=true + - --log.level=INFO + - --global.sendanonymoususage=false + - --global.checknewversion=false + - --metrics.prometheus=true + - --pilot.dashboard=false + + - --providers.docker + - --providers.docker.exposedbydefault=false + - --providers.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - --providers.file.filename=/traefik/dynamic_conf.toml + + # Redirection HTTP to HTTPS + - --entrypoints.web.address=:80 + - --entrypoints.web.http.redirections.entrypoint.to=websecure + - --entrypoints.web.http.redirections.entrypoint.scheme=https + - --entrypoints.websecure.address=:443 + + # Redirection automatique https://www.* to https://* + #- --entrypoints.websecure.http.middlewares=redirect-www + + - --entryPoints.traefik.address=:8080 + + - --certificatesresolvers.letsencrypt.acme.httpchallenge=true + - --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web + - --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_EMAIL} + - --certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json + + - --certificatesResolvers.ovh.acme.dnsChallenge=true + - --certificatesResolvers.ovh.acme.dnsChallenge.provider=ovh + # - --certificatesResolvers.ovh.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory + - --certificatesresolvers.ovh.acme.storage=/traefik/ovh.json + - --certificatesresolvers.ovh.acme.email=${TRAEFIK_EMAIL} + labels: + traefik.http.middlewares.redirect-www.redirectregex.permanent: 'true' + traefik.http.middlewares.redirect-www.redirectregex.regex: 'https://www\.(.*)' + traefik.http.middlewares.redirect-www.redirectregex.replacement: 'https://$${1}' + traefik.entrypoints.websecure.http.middlewares: '["redirect-www"]' + + traefik.http.routers.traefik.entrypoints: 'websecure' + traefik.http.routers.traefik.tls.certResolver: 'letsencrypt' + traefik.http.routers.traefik.priority: '2000' + diff --git a/traefik_lb/run b/traefik_lb/run new file mode 100644 index 0000000..fc540d6 --- /dev/null +++ b/traefik_lb/run @@ -0,0 +1,41 @@ +#!/bin/bash + +set -eu + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" +. $DIR/../help.sh + +traefik_help() { + echo "./run backup : Lancement de la sauvegarde de Traefik" + echo "./run restore : Restauration de la sauvegarde de Traefik" +} + +traefik_backup() { + script_env + BACKUP_DATE_DEFAULT=`date +%Y%m%d_%H%M%S` + BACKUP_DATE=${BACKUP_DATE:-$BACKUP_DATE_DEFAULT} + backup_folder_create + + docker run -it --rm -v $HOME/backups/${TRAEFIK_DOMAIN}:/backup --volumes-from traefik alpine:3.12.3 ash -c "cd /traefik && tar cvf /backup/${BACKUP_DATE}_${TRAEFIK_DOMAIN}_config.tar ." +} + +traefik_restore() { + script_env + docker run -it --rm -v $HOME/backups/${TRAEFIK_DOMAIN}:/backup --volumes-from traefik alpine:3.12.3 ash -c "cd /traefik && tar xvf /backup/${BACKUP_DATE}_${TRAEFIK_DOMAIN}_config.tar --strip 1" +} + +if [ $# -ge 1 ]; then + if [ "${1}" == "backup" ]; then + script_start + traefik_backup + script_end + elif [ "${1}" == "restore" ]; then + script_start + traefik_restore + script_end + elif [ "${1}" != "--only-source" ]; then + traefik_help + fi +else + traefik_help +fi -- 2.40.1 From 0de0b289587bf802b48fac11d15db3e9fac8959b Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 11 Nov 2021 09:37:33 +0100 Subject: [PATCH 036/193] fix(Traefik): Volume and network name --- traefik/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 94cc865..0896dc0 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -15,7 +15,7 @@ services: restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock - - ${TRAEFIK_VOLUME_NAME:-traefik}:/traefik + - traefik:/traefik - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro ports: @@ -24,7 +24,7 @@ services: protocol: tcp mode: host networks: - - ${TRAEFIK_NETWORK_NAME:-traefik} + - traefik command: - --api.insecure=true - --log.level=INFO -- 2.40.1 From 1b3604715aec30b2f0fccf87b5e1ccbd968f586e Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 11 Nov 2021 09:43:12 +0100 Subject: [PATCH 037/193] feat(Traefik): Add explicite traefik entrypoint --- traefik/docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 0896dc0..9c5a3cf 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -37,6 +37,8 @@ services: - --providers.docker.exposedbydefault=false - --providers.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - --entryPoints.traefik.address=:8080 + - --entrypoints.web.address=:80 - --entryPoints.web.forwardedHeaders.insecure labels: -- 2.40.1 From 6822fa57887a0eb8c530cd092ff3b6135a1051ff Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 11 Nov 2021 09:45:30 +0100 Subject: [PATCH 038/193] feat(Traefik): Add variable to configure Traefik --- traefik/docker-compose.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 9c5a3cf..c316f1b 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -26,12 +26,12 @@ services: networks: - traefik command: - - --api.insecure=true - - --log.level=INFO - - --global.sendanonymoususage=false - - --global.checknewversion=false - - --pilot.dashboard=false - - --metrics.prometheus=true + - --api.insecure=${TRAEFIK_API_INSECURE:-true} + - --log.level=${TRAEFIK_LOG_LEVEL:-INFO} + - --global.sendanonymoususage=${TRAEFIK_GLOBAL_SENDANONYMOUSUSAGE:-false} + - --global.checknewversion=${TRAEFIK_GLOBAL_CHECKNEWVERSION:-false} + - --pilot.dashboard=${TRAEFIK_PILOT_DASHBOARD:-false} + - --metrics.prometheus=${TRAEFIK_METRICS_PROMETHEUS:-true} - --providers.docker - --providers.docker.exposedbydefault=false -- 2.40.1 From 39c2022925a1c1b6b86842a18510f00a459e7aba Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 11 Nov 2021 09:47:00 +0100 Subject: [PATCH 039/193] feat(Traefik): Add accesslog configuration --- traefik/docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index c316f1b..967bfaf 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -32,6 +32,7 @@ services: - --global.checknewversion=${TRAEFIK_GLOBAL_CHECKNEWVERSION:-false} - --pilot.dashboard=${TRAEFIK_PILOT_DASHBOARD:-false} - --metrics.prometheus=${TRAEFIK_METRICS_PROMETHEUS:-true} + - --accesslog=${TRAEFIK_ACCESSLOG:-false} - --providers.docker - --providers.docker.exposedbydefault=false -- 2.40.1 From 165d984b35841bf3fd159807edffdd45e740818d Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 11 Nov 2021 09:53:00 +0100 Subject: [PATCH 040/193] feat(Traefik): Add ovh, secure, redirect configuration --- traefik/docker-compose.ovh.yml | 17 +++++++++++++++++ traefik/docker-compose.redirect.yml | 14 ++++++++++++++ traefik/docker-compose.secure.yml | 25 +++++++++++++++++++++++++ 3 files changed, 56 insertions(+) create mode 100644 traefik/docker-compose.ovh.yml create mode 100644 traefik/docker-compose.redirect.yml create mode 100644 traefik/docker-compose.secure.yml diff --git a/traefik/docker-compose.ovh.yml b/traefik/docker-compose.ovh.yml new file mode 100644 index 0000000..e7889bc --- /dev/null +++ b/traefik/docker-compose.ovh.yml @@ -0,0 +1,17 @@ +version: "3.8" + +services: + traefik: + environment: + OVH_APPLICATION_KEY: ${TRAEFIK_OVH_APPLICATION_KEY} + OVH_APPLICATION_SECRET: ${TRAEFIK_OVH_APPLICATION_SECRET} + OVH_CONSUMER_KEY: ${TRAEFIK_OVH_CONSUMER_KEY} + OVH_ENDPOINT: ${OVH_ENDPOINT:-ovh-eu} + OVH_POLLING_INTERVAL: ${OVH_POLLING_INTERVAL:-30} + OVH_PROPAGATION_TIMEOUT: ${OVH_PROPAGATION_TIMEOUT:-3600} + command: + - --certificatesResolvers.ovh.acme.dnsChallenge=true + - --certificatesResolvers.ovh.acme.dnsChallenge.provider=ovh + # - --certificatesResolvers.ovh.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory + - --certificatesresolvers.ovh.acme.storage=/traefik/ovh.json + - --certificatesresolvers.ovh.acme.email=${TRAEFIK_EMAIL} diff --git a/traefik/docker-compose.redirect.yml b/traefik/docker-compose.redirect.yml new file mode 100644 index 0000000..c180a29 --- /dev/null +++ b/traefik/docker-compose.redirect.yml @@ -0,0 +1,14 @@ +version: "3.8" + +services: + traefik: + command: + # Redirection HTTP to HTTPS + - --entrypoints.web.http.redirections.entrypoint.to=websecure + - --entrypoints.web.http.redirections.entrypoint.scheme=https + labels: + # Redirection to remove www. + traefik.http.middlewares.redirect-www.redirectregex.permanent: 'true' + traefik.http.middlewares.redirect-www.redirectregex.regex: 'https://www\.(.*)' + traefik.http.middlewares.redirect-www.redirectregex.replacement: 'https://$${1}' + traefik.entrypoints.websecure.http.middlewares: '["redirect-www"]' diff --git a/traefik/docker-compose.secure.yml b/traefik/docker-compose.secure.yml new file mode 100644 index 0000000..bdaff66 --- /dev/null +++ b/traefik/docker-compose.secure.yml @@ -0,0 +1,25 @@ +version: "3.8" + +networks: + default: + driver: bridge + +services: + ports: + - target: 443 + published: 443 + protocol: tcp + mode: host + command: + - --providers.file.filename=/traefik/dynamic_conf.toml + + - --entrypoints.websecure.address=:443 + + - --certificatesresolvers.letsencrypt.acme.httpchallenge=true + - --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web + - --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_EMAIL} + - --certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json + labels: + traefik.http.routers.traefik.entrypoints: 'websecure' + traefik.http.routers.traefik.tls.certResolver: 'letsencrypt' + traefik.http.routers.traefik.priority: '2000' -- 2.40.1 From 3f3d0d92b1cd1e770ca30b2dd57dd4088f6d7eb6 Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 11 Nov 2021 09:53:38 +0100 Subject: [PATCH 041/193] feat(Traefik): Remove Traefik LB --- traefik_lb/.env | 1 - traefik_lb/README.md | 3 -- traefik_lb/docker-compose.yml | 82 ----------------------------------- traefik_lb/run | 41 ------------------ 4 files changed, 127 deletions(-) delete mode 100644 traefik_lb/.env delete mode 100644 traefik_lb/README.md delete mode 100644 traefik_lb/docker-compose.yml delete mode 100644 traefik_lb/run diff --git a/traefik_lb/.env b/traefik_lb/.env deleted file mode 100644 index 853885a..0000000 --- a/traefik_lb/.env +++ /dev/null @@ -1 +0,0 @@ -TRAEFIK_DOMAIN=localhost diff --git a/traefik_lb/README.md b/traefik_lb/README.md deleted file mode 100644 index a07e029..0000000 --- a/traefik_lb/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Traefik Load Balancer - -Il s'agit d'une configuration dépendante du service [Traefik](../traefik) auquel une configuration de load balancer et de terminaison SSL/TLS a été ajoutée . diff --git a/traefik_lb/docker-compose.yml b/traefik_lb/docker-compose.yml deleted file mode 100644 index 94421e0..0000000 --- a/traefik_lb/docker-compose.yml +++ /dev/null @@ -1,82 +0,0 @@ -version: "3.8" - -networks: - default: - driver: bridge - traefik: - name: ${TRAEFIK_NETWORK_NAME:-traefik} - -services: - # speedtest-exporter: - # image: ghcr.io/miguelndecarvalho/speedtest-exporter:v3.2.2 - # container_name: speedtest-exporter - # environment: - # # - SPEEDTEST_PORT= #optional - # - SPEEDTEST_SEVER=2023 #optional - # ports: - # - 9798:9798 - # restart: unless-stopped - # labels: - # traefik.enable: 'true' - # traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik} - # traefik.http.routers.speedtest.rule: 'Host(`speedtest.violet.weko.io`)' - # traefik.http.routers.speedtest.entrypoints: 'websecure' - - traefik: - ports: - - target: 443 - published: 443 - protocol: tcp - mode: host - environment: - OVH_APPLICATION_KEY: ${TRAEFIK_OVH_APPLICATION_KEY} - OVH_APPLICATION_SECRET: ${TRAEFIK_OVH_APPLICATION_SECRET} - OVH_CONSUMER_KEY: ${TRAEFIK_OVH_CONSUMER_KEY} - OVH_ENDPOINT: ovh-eu - OVH_POLLING_INTERVAL: 30 - OVH_PROPAGATION_TIMEOUT: 3600 - command: - # - --accesslog=true - - --api.insecure=true - - --log.level=INFO - - --global.sendanonymoususage=false - - --global.checknewversion=false - - --metrics.prometheus=true - - --pilot.dashboard=false - - - --providers.docker - - --providers.docker.exposedbydefault=false - - --providers.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} - - --providers.file.filename=/traefik/dynamic_conf.toml - - # Redirection HTTP to HTTPS - - --entrypoints.web.address=:80 - - --entrypoints.web.http.redirections.entrypoint.to=websecure - - --entrypoints.web.http.redirections.entrypoint.scheme=https - - --entrypoints.websecure.address=:443 - - # Redirection automatique https://www.* to https://* - #- --entrypoints.websecure.http.middlewares=redirect-www - - - --entryPoints.traefik.address=:8080 - - - --certificatesresolvers.letsencrypt.acme.httpchallenge=true - - --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web - - --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_EMAIL} - - --certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json - - - --certificatesResolvers.ovh.acme.dnsChallenge=true - - --certificatesResolvers.ovh.acme.dnsChallenge.provider=ovh - # - --certificatesResolvers.ovh.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory - - --certificatesresolvers.ovh.acme.storage=/traefik/ovh.json - - --certificatesresolvers.ovh.acme.email=${TRAEFIK_EMAIL} - labels: - traefik.http.middlewares.redirect-www.redirectregex.permanent: 'true' - traefik.http.middlewares.redirect-www.redirectregex.regex: 'https://www\.(.*)' - traefik.http.middlewares.redirect-www.redirectregex.replacement: 'https://$${1}' - traefik.entrypoints.websecure.http.middlewares: '["redirect-www"]' - - traefik.http.routers.traefik.entrypoints: 'websecure' - traefik.http.routers.traefik.tls.certResolver: 'letsencrypt' - traefik.http.routers.traefik.priority: '2000' - diff --git a/traefik_lb/run b/traefik_lb/run deleted file mode 100644 index fc540d6..0000000 --- a/traefik_lb/run +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash - -set -eu - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -. $DIR/../help.sh - -traefik_help() { - echo "./run backup : Lancement de la sauvegarde de Traefik" - echo "./run restore : Restauration de la sauvegarde de Traefik" -} - -traefik_backup() { - script_env - BACKUP_DATE_DEFAULT=`date +%Y%m%d_%H%M%S` - BACKUP_DATE=${BACKUP_DATE:-$BACKUP_DATE_DEFAULT} - backup_folder_create - - docker run -it --rm -v $HOME/backups/${TRAEFIK_DOMAIN}:/backup --volumes-from traefik alpine:3.12.3 ash -c "cd /traefik && tar cvf /backup/${BACKUP_DATE}_${TRAEFIK_DOMAIN}_config.tar ." -} - -traefik_restore() { - script_env - docker run -it --rm -v $HOME/backups/${TRAEFIK_DOMAIN}:/backup --volumes-from traefik alpine:3.12.3 ash -c "cd /traefik && tar xvf /backup/${BACKUP_DATE}_${TRAEFIK_DOMAIN}_config.tar --strip 1" -} - -if [ $# -ge 1 ]; then - if [ "${1}" == "backup" ]; then - script_start - traefik_backup - script_end - elif [ "${1}" == "restore" ]; then - script_start - traefik_restore - script_end - elif [ "${1}" != "--only-source" ]; then - traefik_help - fi -else - traefik_help -fi -- 2.40.1 From 8c802e3aa676af32da1de7747d94fed0bf37a691 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 16 Nov 2021 12:49:34 +0100 Subject: [PATCH 042/193] docs(Gitea): Add documentation to configure gitea with environment variables --- gitea/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/gitea/README.md b/gitea/README.md index 18632d2..3d33e51 100644 --- a/gitea/README.md +++ b/gitea/README.md @@ -4,6 +4,8 @@ > > [Documentation][documentation] +Il est possible de configurer l'intégralité du service à l'aide de variable d'environnement voir [la documentation officiel](https://docs.gitea.io/en-us/install-with-docker/#managing-deployments-with-environment-variables). + ## Commandes ```sh -- 2.40.1 From 5ecaffdfa21bc514937ba51c78a3946c5e872a0c Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 16 Nov 2021 12:50:36 +0100 Subject: [PATCH 043/193] feat(Gitea): Add configuration to enable prometheus metrics https://docs.gitea.io/en-us/config-cheat-sheet/#metrics-metrics --- gitea/docker-compose.metrics.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 gitea/docker-compose.metrics.yml diff --git a/gitea/docker-compose.metrics.yml b/gitea/docker-compose.metrics.yml new file mode 100644 index 0000000..c2a1cab --- /dev/null +++ b/gitea/docker-compose.metrics.yml @@ -0,0 +1,6 @@ +version: "3.8" + +services: + gitea: + environment: + - GITEA__METRICS__ENABLED=true -- 2.40.1 From 94c96bbd7d79c424969b63a37d950d04232b7515 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 16 Nov 2021 12:56:24 +0100 Subject: [PATCH 044/193] feat(Gitea): Add configuration to enable smtp https://docs.gitea.io/en-us/install-with-docker/#managing-deployments-with-environment-variables https://docs.gitea.io/en-us/email-setup/ --- gitea/docker-compose.smtp.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 gitea/docker-compose.smtp.yml diff --git a/gitea/docker-compose.smtp.yml b/gitea/docker-compose.smtp.yml new file mode 100644 index 0000000..fa37a1a --- /dev/null +++ b/gitea/docker-compose.smtp.yml @@ -0,0 +1,12 @@ +version: "3.8" + +services: + gitea: + environment: + - GITEA__mailer__ENABLED=true + - GITEA__mailer__FROM=${GITEA__mailer__FROM:?GITEA__mailer__FROM not set} + - GITEA__mailer__MAILER_TYPE=smtp + - GITEA__mailer__HOST=${GITEA__mailer__HOST:?GITEA__mailer__HOST not set} + - GITEA__mailer__IS_TLS_ENABLED=true + - GITEA__mailer__USER=${GITEA__mailer__USER:?GITEA__mailer__USER not set} + - GITEA__mailer__PASSWD="""${GITEA__mailer__PASSWD:?GITEA__mailer__PASSWD not set}""" -- 2.40.1 From 9793ae506deac9bd46ac68b6591a073b919b3201 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 23 Nov 2021 22:05:46 +0100 Subject: [PATCH 045/193] chore(Postgres): Upgrade to 14.1 https://www.postgresql.org/docs/release/14.1/ --- postgres/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/postgres/docker-compose.yml b/postgres/docker-compose.yml index 91c3030..0b3e92c 100644 --- a/postgres/docker-compose.yml +++ b/postgres/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: postgres: container_name: ${POSTGRES_CONTAINER_NAME:-postgres} - image: ${POSTGRES_IMAGE:-postgres:13.4-alpine} + image: ${POSTGRES_IMAGE:-postgres:14.1-alpine} restart: always environment: POSTGRES_USER: ${POSTGRES_USER:?err} -- 2.40.1 From 04388d48f0e99fbeb7d3a3c38eed80b6ec096199 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 23 Nov 2021 22:06:30 +0100 Subject: [PATCH 046/193] feat(Postgres): Add configuration of PUID and PGID --- postgres/docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/postgres/docker-compose.yml b/postgres/docker-compose.yml index 0b3e92c..95f5c69 100644 --- a/postgres/docker-compose.yml +++ b/postgres/docker-compose.yml @@ -13,6 +13,8 @@ services: POSTGRES_USER: ${POSTGRES_USER:?err} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?err} POSTGRES_DB: ${POSTGRES_DB:?err} + PUID: ${POSTGRES_PUID:-1000} + PGID: ${POSTGRES_PGID:-1000} volumes: - postgres:/var/lib/postgresql/data - /etc/timezone:/etc/timezone:ro -- 2.40.1 From a231c5c1cfaad9bf9bcd145fd26807cc58f5a75f Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 24 Nov 2021 10:42:52 +0100 Subject: [PATCH 047/193] feat(Nextcloud): Update docker-compose to add more configuration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit _Détails - Mise à jour de l'image docker nextcloud - Mise à jour de l'image nginx - Ajout d'une configuration spécifique Traefik séparé - Ajout d'une configuration spécifique SMTP séparé - Ajout d'une configuration spécifique pour lancer le container localemement - Ajout de 2 variables pour configurer spécifiquement un PUID et PGID - Suppression de la configuration Postgres spécifique pour utiliser le docker-compose généric - Suppression de la configuration Redis spécifique pour utiliser le docker-compose généric _Pourquoi - Pour permettre une meilleure intégration dans l'infrastructure RésiLien --- nextcloud/.env | 42 ++++++++-- nextcloud/docker-compose.local.yml | 6 ++ nextcloud/docker-compose.smtp.yml | 13 +++ nextcloud/docker-compose.traefik.yml | 18 ++++ nextcloud/docker-compose.yml | 118 +++++++++------------------ nextcloud/web/Dockerfile | 2 +- 6 files changed, 109 insertions(+), 90 deletions(-) create mode 100644 nextcloud/docker-compose.local.yml create mode 100644 nextcloud/docker-compose.smtp.yml create mode 100644 nextcloud/docker-compose.traefik.yml diff --git a/nextcloud/.env b/nextcloud/.env index b575f01..fd8e2e1 100644 --- a/nextcloud/.env +++ b/nextcloud/.env @@ -1,23 +1,49 @@ -## DOCKER +######## +# DOCKER -COMPOSE_FILE=./docker-compose.yml +#DOCKER_CONTEXT= #DOCKER_HOST= -TRAEFIK_NETWORK_NAME=kifeart +SERVICES_DIR=.. +COMPOSE_FILE=${SERVICES_DIR}/nextcloud/docker-compose.yml:${SERVICES_DIR}/nextcloud/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml +#COMPOSE_PROJECT_NAME= ## APP +NEXTCLOUD_DOMAIN=nextcloud.cool.life +NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_DOMAIN} NEXTCLOUD_CONTAINER_NAME=nextcloud NEXTCLOUD_VOLUME_NAME=nextcloud -NEXTCLOUD_DOMAIN=nextcloud.cool.life -NEXTCLOUD_ADMIN_USER: user -NEXTCLOUD_ADMIN_PASSWORD: password +NEXTCLOUD_ADMIN_USER=user +NEXTCLOUD_ADMIN_PASSWORD=password -# DATABASE -# Voir la description ../postgres/README.md +#SMTP_HOST=mail.test.org +#SMTP_SECURE= +#SMTP_PORT= +#SMTP_AUTHTYPE= +#SMTP_NAME=test@test.org +#SMTP_PASSWORD=blablablabla +#MAIL_FROM_ADDRESS=no-reply +#MAIL_DOMAIN=test.org + +########## +# POSTGRES POSTGRES_USER=user-example POSTGRES_PASSWORD=password-example POSTGRES_DB=postgres-database-name-example POSTGRES_CONTAINER_NAME=nextcloud-postgres POSTGRES_VOLUME_NAME=nextcloud-postgres +#POSTGRES_IMAGE= + +####### +# REDIS + +REDIS_CONTAINER_NAME=nextcloud-redis + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= # Don't use char '.' +#TRAEFIK_ENTRYPOINTS= diff --git a/nextcloud/docker-compose.local.yml b/nextcloud/docker-compose.local.yml new file mode 100644 index 0000000..f6bd168 --- /dev/null +++ b/nextcloud/docker-compose.local.yml @@ -0,0 +1,6 @@ +version: "3.8" + +services: + nextcloud-web: + ports: + - ${LOCAL_PORT:-80}:80 diff --git a/nextcloud/docker-compose.smtp.yml b/nextcloud/docker-compose.smtp.yml new file mode 100644 index 0000000..b8a880f --- /dev/null +++ b/nextcloud/docker-compose.smtp.yml @@ -0,0 +1,13 @@ +version: "3.8" + +services: + nextcloud-fpm: + environment: + SMTP_HOST: ${SMTP_HOST?err} # The hostname of the SMTP server. + SMTP_SECURE: ${SMTP_SECURE:-ssl} # Set to ssl to use SSL, or tls to use STARTTLS. + SMTP_PORT: ${SMTP_PORT:-465} + SMTP_AUTHTYPE: ${SMTP_AUTHTYPE:-LOGIN} + SMTP_NAME: ${SMTP_NAME?err} + SMTP_PASSWORD: ${SMTP_PASSWORD?err} + MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS} + MAIL_DOMAIN: ${MAIL_DOMAIN} diff --git a/nextcloud/docker-compose.traefik.yml b/nextcloud/docker-compose.traefik.yml new file mode 100644 index 0000000..75d9ffe --- /dev/null +++ b/nextcloud/docker-compose.traefik.yml @@ -0,0 +1,18 @@ +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + nextcloud-web: + environment: + TRUSTED_PROXIES: ${TRAEFIK_NETWORK_NAME:-traefik} + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-nextcloud}.rule=Host(`${NEXTCLOUD_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-nextcloud}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-nextcloud}.middlewares=nextcloud_redirect + - traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav + - traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/ diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 811ae91..2940391 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -1,99 +1,55 @@ version: "3.8" -networks: - default: - name: ${TRAEFIK_NETWORK_NAME} - volumes: nextcloud: - name: ${NEXTCLOUD_VOLUME_NAME} - nextcloud-postgres: - name: ${POSTGRES_VOLUME_NAME} + name: ${NEXTCLOUD_VOLUME_NAME:-nextcloud} services: + nextcloud-fpm: + container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm + image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.3-fpm-alpine} + restart: always + depends_on: + - postgres + - redis + volumes: + - nextcloud:/var/www/html + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + environment: + NEXTCLOUD_TRUSTED_DOMAINS: ${NEXTCLOUD_TRUSTED_DOMAINS?err} + NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER?err} + NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD?err} + OVERWRITEPROTOCOL: ${OVERWRITEPROTOCOL:-https} + POSTGRES_HOST: postgres # Name is same as ../postgres/docker-compose.yml:8 + POSTGRES_USER: ${POSTGRES_USER:?err} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?err} + POSTGRES_DB: ${POSTGRES_DB:?err} + REDIS_HOST: redis # Name is same as ../redis/docker-compose.yml:4 + PUID: ${NEXTCLOUD_PUID:-1000} + PGID: ${NEXTCLOUD_PGID:-1000} nextcloud-web: - container_name: nextcloud-web - build: ./web + container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-web + build: web restart: always + environment: + PUID: ${NEXTCLOUD_PUID:-1000} + PGID: ${NEXTCLOUD_PGID:-1000} depends_on: - nextcloud-fpm - volumes: - - nextcloud:/var/www/html - labels: - traefik.enable: 'true' - traefik.docker.network: ${TRAEFIK_NETWORK_NAME} - traefik.http.routers.nextcloud-fpm.rule: 'Host(`${NEXTCLOUD_DOMAIN}`)' - traefik.http.routers.nextcloud-fpm.entrypoints: 'web' - traefik.http.routers.nextcloud-fpm.middlewares: nextcloud_redirect - traefik.http.middlewares.nextcloud_redirect.redirectregex.regex: /.well-known/(card|cal)dav - traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement: /remote.php/dav/ - - nextcloud-fpm: - container_name: nextcloud-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.0-fpm-alpine} - restart: always - hostname: ${NEXTCLOUD_DOMAIN} - depends_on: - - nextcloud-postgres - - nextcloud-redis - volumes: - - nextcloud:/var/www/html - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - environment: - NEXTCLOUD_TRUSTED_DOMAINS: ${NEXTCLOUD_DOMAIN} - NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER} - NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD} - OVERWRITEPROTOCOL: 'https' - APACHE_DISABLE_REWRITE_IP: '1' - TRUSTED_PROXIES: ${TRAEFIK_NETWORK_NAME} - OVERWRITEPROTOCOL: 'https' - POSTGRES_HOST: ${POSTGRES_CONTAINER_NAME} - POSTGRES_DB: ${POSTGRES_DB} - POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} - POSTGRES_USER: ${POSTGRES_USER} - REDIS_HOST: 'nextcloud-redis' - PUID: 1001 - PGID: 119 - - nextcloud-postgres: - container_name: ${POSTGRES_CONTAINER_NAME} - image: ${POSTGRES_IMAGE:-postgres:12.8-alpine} - restart: always - environment: - POSTGRES_USER: ${POSTGRES_USER} - POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} - POSTGRES_DB: ${POSTGRES_DB} - PUID: 1001 - PGID: 119 - volumes: - - nextcloud-postgres:/var/lib/postgresql/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - - nextcloud-redis: - image: ${REDIS_IMAGE:-redis:6.2.6-alpine} - container_name: nextcloud-redis - restart: always - environment: - PUID: 1001 - PGID: 119 - volumes: - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro + volumes_from: + - nextcloud-fpm nextcloud-cron: - image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.0-fpm-alpine} - container_name: nextcloud-cron + image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.3-fpm-alpine} + container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-cron restart: always depends_on: - nextcloud-web entrypoint: /cron.sh environment: - PUID: 1001 - PGID: 119 - volumes: - - nextcloud:/var/www/html - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro + PUID: ${NEXTCLOUD_PUID:-1000} + PGID: ${NEXTCLOUD_PGID:-1000} + volumes_from: + - nextcloud-fpm diff --git a/nextcloud/web/Dockerfile b/nextcloud/web/Dockerfile index d183bd2..64dc53c 100644 --- a/nextcloud/web/Dockerfile +++ b/nextcloud/web/Dockerfile @@ -1,3 +1,3 @@ -FROM nginx:1.21.1-alpine +FROM nginx:1.21.4-alpine COPY nginx.conf /etc/nginx/nginx.conf -- 2.40.1 From 5bf6a8630c1cf0f182a09d4fff1ede72871f897e Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 24 Nov 2021 16:25:16 +0100 Subject: [PATCH 048/193] chore(Traefik): Upgrade to 2.5.4 https://github.com/traefik/traefik/releases/tag/v2.5.4 --- traefik/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 967bfaf..8abba1f 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -11,7 +11,7 @@ networks: services: traefik: container_name: ${TRAEFIK_CONTAINER_NAME:-traefik} - image: ${TRAEFIK_IMAGE:-traefik:v2.5.3} + image: ${TRAEFIK_IMAGE:-traefik:v2.5.4} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock -- 2.40.1 From b40f9ddde21bb3bd0a1d678adb4c229278ec5991 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 24 Nov 2021 16:28:03 +0100 Subject: [PATCH 049/193] refactor(Traefik): Change syntax to accept variable --- traefik/docker-compose.yml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 8abba1f..b7864e2 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -43,9 +43,7 @@ services: - --entrypoints.web.address=:80 - --entryPoints.web.forwardedHeaders.insecure labels: - traefik.enable: 'true' - - traefik.http.routers.traefik.rule: 'Host(`${TRAEFIK_DOMAIN:?err}`)' - traefik.http.routers.traefik.entrypoints: 'web' - - traefik.http.services.traefik.loadbalancer.server.port: '8080' + - traefik.enable=true + - traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:?err}`) + - traefik.http.routers.traefik.entrypoints=web + - traefik.http.services.traefik.loadbalancer.server.port=8080 -- 2.40.1 From 185dc3262586d6bc624a919c8dbdef5ec707da17 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 24 Nov 2021 16:30:03 +0100 Subject: [PATCH 050/193] feat(Traefik): Add variable to configure traefik router name --- traefik/docker-compose.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index b7864e2..2fcc7b0 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -38,12 +38,12 @@ services: - --providers.docker.exposedbydefault=false - --providers.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} - - --entryPoints.traefik.address=:8080 + - --entryPoints.${TRAEFIK_ROUTER_NAME:-traefik}.address=:8080 - --entrypoints.web.address=:80 - --entryPoints.web.forwardedHeaders.insecure labels: - traefik.enable=true - - traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:?err}`) - - traefik.http.routers.traefik.entrypoints=web - - traefik.http.services.traefik.loadbalancer.server.port=8080 + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-traefik}.rule=Host(`${TRAEFIK_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-traefik}.entrypoints=web + - traefik.http.services.${TRAEFIK_ROUTER_NAME:-traefik}.loadbalancer.server.port=8080 -- 2.40.1 From 57283af5af8adbb741fb608eb113a569817f8268 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 24 Nov 2021 16:31:11 +0100 Subject: [PATCH 051/193] feat(Traefik): Add variable to configure traefik entrypoints name --- traefik/docker-compose.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 2fcc7b0..acdb18c 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -40,10 +40,10 @@ services: - --entryPoints.${TRAEFIK_ROUTER_NAME:-traefik}.address=:8080 - - --entrypoints.web.address=:80 - - --entryPoints.web.forwardedHeaders.insecure + - --entrypoints.${TRAEFIK_ENTRYPOINTS:-web}.address=:80 + - --entryPoints.${TRAEFIK_ENTRYPOINTS:-web}.forwardedHeaders.insecure labels: - traefik.enable=true - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-traefik}.rule=Host(`${TRAEFIK_DOMAIN:?err}`) - - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-traefik}.entrypoints=web + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-traefik}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} - traefik.http.services.${TRAEFIK_ROUTER_NAME:-traefik}.loadbalancer.server.port=8080 -- 2.40.1 From 563ce1ed90e72ec341ce9ef65424c0e2e1e13399 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 24 Nov 2021 16:49:51 +0100 Subject: [PATCH 052/193] fix(Traefik): Remove variable for traefik router name --- traefik/docker-compose.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index acdb18c..ad8c22c 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -38,12 +38,12 @@ services: - --providers.docker.exposedbydefault=false - --providers.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} - - --entryPoints.${TRAEFIK_ROUTER_NAME:-traefik}.address=:8080 + - --entryPoints.traefik.address=:8080 - --entrypoints.${TRAEFIK_ENTRYPOINTS:-web}.address=:80 - --entryPoints.${TRAEFIK_ENTRYPOINTS:-web}.forwardedHeaders.insecure labels: - traefik.enable=true - - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-traefik}.rule=Host(`${TRAEFIK_DOMAIN:?err}`) - - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-traefik}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} - - traefik.http.services.${TRAEFIK_ROUTER_NAME:-traefik}.loadbalancer.server.port=8080 + - traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:?err}`) + - traefik.http.routers.traefik.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} + - traefik.http.services.traefik.loadbalancer.server.port=8080 -- 2.40.1 From 70aab13358902fdf4ba5e2b405d3ed4a295ed949 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 24 Nov 2021 17:15:03 +0100 Subject: [PATCH 053/193] feat(Nextcloud): Add configuration to PHP_UPLOAD_LIMIT see documentation https://github.com/nextcloud/docker --- nextcloud/docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 2940391..ace2001 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -21,6 +21,7 @@ services: NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER?err} NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD?err} OVERWRITEPROTOCOL: ${OVERWRITEPROTOCOL:-https} + PHP_UPLOAD_LIMIT: ${PHP_UPLOAD_LIMIT:-512M} POSTGRES_HOST: postgres # Name is same as ../postgres/docker-compose.yml:8 POSTGRES_USER: ${POSTGRES_USER:?err} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?err} -- 2.40.1 From 3d6d254f2161bc200e5778d28277ba0f1859b959 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 24 Nov 2021 18:00:32 +0100 Subject: [PATCH 054/193] fix(Nextcloud): Remove volume_from it's not valide on docker compose file v3 see https://stackoverflow.com/questions/45494746/docker-compose-volumes-from-usage-example --- nextcloud/docker-compose.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index ace2001..5b87ade 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -39,8 +39,10 @@ services: PGID: ${NEXTCLOUD_PGID:-1000} depends_on: - nextcloud-fpm - volumes_from: - - nextcloud-fpm + volumes: + - nextcloud:/var/www/html + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro nextcloud-cron: image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.3-fpm-alpine} @@ -52,5 +54,7 @@ services: environment: PUID: ${NEXTCLOUD_PUID:-1000} PGID: ${NEXTCLOUD_PGID:-1000} - volumes_from: - - nextcloud-fpm + volumes: + - nextcloud:/var/www/html + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro -- 2.40.1 From 2e99315fbcbdaa9ed3b40dfb32cc5aa118c6cebc Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 26 Nov 2021 16:33:58 +0100 Subject: [PATCH 055/193] chore(Grafana) Upgrade to 8.2.5 https://github.com/grafana/grafana/releases/tag/v8.2.5 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 4e16751..f538569 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -12,7 +12,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.2.2} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.2.5} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From f45b6eb13facc157909c49e4206523e7a28cbed5 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 26 Nov 2021 16:36:03 +0100 Subject: [PATCH 056/193] feat(Grafana): Splite traefik configuration --- grafana/docker-compose.traefik.yml | 13 +++++++++++++ grafana/docker-compose.yml | 11 +---------- 2 files changed, 14 insertions(+), 10 deletions(-) create mode 100644 grafana/docker-compose.traefik.yml diff --git a/grafana/docker-compose.traefik.yml b/grafana/docker-compose.traefik.yml new file mode 100644 index 0000000..35b694e --- /dev/null +++ b/grafana/docker-compose.traefik.yml @@ -0,0 +1,13 @@ +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + grafana: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-grafana}.rule=Host(`${GRAFANA_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-grafana}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index f538569..f23a4b4 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -1,9 +1,5 @@ --- -version: "3" - -networks: - default: - name: ${TRAEFIK_NETWORK_NAME:-traefik} +version: "3.8" volumes: grafana: @@ -21,8 +17,3 @@ services: GF_SECURITY_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD:?err} GF_USERS_ALLOW_SIGN_UP: ${GF_USERS_ALLOW_SIGN_UP:-false} GF_INSTALL_PLUGINS: ${GF_INSTALL_PLUGINS} - labels: - traefik.enable: 'true' - traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik} - traefik.http.routers.grafana.rule: 'Host(`${GRAFANA_DOMAIN:?err}`)' - traefik.http.routers.grafana.entrypoints: 'web' -- 2.40.1 From ab9d57f9a2ed79743d959234a0fb96c9aa359b7d Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 26 Nov 2021 16:36:37 +0100 Subject: [PATCH 057/193] feat(Grafana): Add more configuration --- grafana/docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index f23a4b4..ca82176 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -15,5 +15,7 @@ services: environment: GF_SECURITY_ADMIN_USER: ${GF_SECURITY_ADMIN_USER:?err} GF_SECURITY_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD:?err} + GF_SECURITY_DISABLE_GRAVATAR: ${GF_SECURITY_DISABLE_GRAVATAR:-true} + GF_SECURITY_COOKIE_SECURE: ${GF_SECURITY_COOKIE_SECURE:-true} GF_USERS_ALLOW_SIGN_UP: ${GF_USERS_ALLOW_SIGN_UP:-false} GF_INSTALL_PLUGINS: ${GF_INSTALL_PLUGINS} -- 2.40.1 From fc20ec584d21ae1b10b00f94a0f401b263c82f0e Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 26 Nov 2021 16:39:10 +0100 Subject: [PATCH 058/193] feat(Grafana): Add postgres configuration --- grafana/docker-compose.postgres.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 grafana/docker-compose.postgres.yml diff --git a/grafana/docker-compose.postgres.yml b/grafana/docker-compose.postgres.yml new file mode 100644 index 0000000..b9fc41c --- /dev/null +++ b/grafana/docker-compose.postgres.yml @@ -0,0 +1,11 @@ +version: "3.8" + +services: + grafana: + environment: + # https://grafana.com/docs/grafana/latest/administration/configuration/#database + GF_DATABASE_TYPE: postgres + GF_DATABASE_HOST: postgres # Name is same as ../postgres/docker-compose.yml:8 + GF_DATABASE_NAME: ${POSTGRES_DB:?err} + GF_DATABASE_USER: ${POSTGRES_USER:?err} + GF_DATABASE_PASSWORD: ${POSTGRES_PASSWORD:?err} -- 2.40.1 From 084bbd41689c5a433225e3b9fd1705f0683f4889 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 26 Nov 2021 16:39:47 +0100 Subject: [PATCH 059/193] feat(Grafana): Add redis configuration --- grafana/docker-compose.redis.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 grafana/docker-compose.redis.yml diff --git a/grafana/docker-compose.redis.yml b/grafana/docker-compose.redis.yml new file mode 100644 index 0000000..1e0d881 --- /dev/null +++ b/grafana/docker-compose.redis.yml @@ -0,0 +1,8 @@ +version: "3.8" + +services: + grafana: + environment: + # https://grafana.com/docs/grafana/latest/administration/configuration/#remote_cache + GF_REMOTE_CACHE_TYPE: redis + GF_REMOTE_CACHE_CONNSTR: ${GF_REMOTE_CACHE_CONNSTR:-addr=redis:6379,ssl=false} -- 2.40.1 From d69c6010674364e0a68db0442e74dea38a582049 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 26 Nov 2021 16:41:02 +0100 Subject: [PATCH 060/193] feat(Grafana): Add SMTP configuration --- grafana/docker-compose.smtp.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 grafana/docker-compose.smtp.yml diff --git a/grafana/docker-compose.smtp.yml b/grafana/docker-compose.smtp.yml new file mode 100644 index 0000000..5648c3e --- /dev/null +++ b/grafana/docker-compose.smtp.yml @@ -0,0 +1,12 @@ +version: "3.8" + +services: + grafana: + environment: + # https://grafana.com/docs/grafana/latest/administration/configuration/#smtp + GF_SMTP_ENABLED: true + GF_SMTP_HOST: ${GF_SMTP_HOST:?err} # with port + GF_SMTP_USER: ${GF_SMTP_USER:?err} + GF_SMTP_PASSWORD: ${GF_SMTP_PASSWORD:?err} + GF_SMTP_FROM_ADDRESS: ${GF_SMTP_FROM_ADDRESS:?err} + GF_SMTP_FROM_NAME: ${GF_SMTP_FROM_NAME:?err} -- 2.40.1 From 43c38a6b976987b21dca65e87969d58ac61eddc0 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 26 Nov 2021 16:47:15 +0100 Subject: [PATCH 061/193] feat(Grafana): Update default variable --- grafana/.env | 43 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/grafana/.env b/grafana/.env index 3630f33..a7ee3e6 100644 --- a/grafana/.env +++ b/grafana/.env @@ -1,3 +1,44 @@ +######## +# DOCKER + +#DOCKER_CONTEXT= +#DOCKER_HOST= +SERVICES_DIR=.. +COMPOSE_FILE=${SERVICES_DIR}/grafana/docker-compose.yml:${SERVICES_DIR}/grafana/docker-compose.traefik.yml +#COMPOSE_PROJECT_NAME= + +######### +# GRAFANA + GRAFANA_DOMAIN=grafana.cool.life +#GRAFANA_VOLUME_NAME= +#GRAFANA_CONTAINER_NAME= +#GRAFANA_IMAGE= + GF_SECURITY_ADMIN_USER=admin -GF_SECURITY_ADMIN_PASSWORD=admin +GF_SECURITY_ADMIN_PASSWORD=password +#GF_SECURITY_DISABLE_GRAVATAR= +#GF_SECURITY_COOKIE_SECURE= +#GF_USERS_ALLOW_SIGN_UP= +GF_INSTALL_PLUGINS=grafana-piechart-panel + +###### +# SMTP + +#GF_SMTP_HOST= +#GF_SMTP_USER= +#GF_SMTP_PASSWORD= +#GF_SMTP_FROM_ADDRESS= +#GF_SMTP_FROM_NAME= + +####### +# REDIS + +#GF_REMOTE_CACHE_CONNSTR= + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= # Don't use char '.' +#TRAEFIK_ENTRYPOINTS= -- 2.40.1 From 754f2f7834a3a257f3d695612f508a19cd0a40c4 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 26 Nov 2021 16:52:57 +0100 Subject: [PATCH 062/193] docs(Grafana): Add documentation --- grafana/README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 grafana/README.md diff --git a/grafana/README.md b/grafana/README.md new file mode 100644 index 0000000..974bba8 --- /dev/null +++ b/grafana/README.md @@ -0,0 +1,19 @@ +# Grafana + +> Grafana est un logiciel libre sous licence GNU Affero General Public License Version 32 (anciennement sous licence Apache 2.0 avant avril 2021) qui permet la visualisation de données. Il permet de réaliser des tableaux de bord et des graphiques depuis plusieurs sources dont des bases de données temporelles comme Graphite (en), InfluxDB et OpenTSDB3. +> +> -- [Wikipédia](https://fr.wikipedia.org/wiki/Grafana) + +## 🔧 Configuration + +La configuration du service ce base sur la documentation officiel plusieurs pages sont intéressante à lire : +- [Lancer l'image Docker de Grafana](https://grafana.com/docs/grafana/latest/installation/docker/) +- [Configuration l'image Docker Grafana](https://grafana.com/docs/grafana/latest/administration/configure-docker/) +- [Surcharger la configuration à l'aide des variables d'environment](https://grafana.com/docs/grafana/latest/administration/configuration/#override-configuration-with-environment-variables) + +## 🔗 Liens + +- [Site officiel](https://grafana.com) +- [La documentation](https://grafana.com/docs) +- [Github](https://github.com/grafana/grafana) +- [L'image Docker sur Docker Hub](https://hub.docker.com/r/grafana/grafana) -- 2.40.1 From d5e3a4ff7a844492637c3f613877535827b82ffb Mon Sep 17 00:00:00 2001 From: Killian Kemps Date: Thu, 9 Dec 2021 17:56:07 +0100 Subject: [PATCH 063/193] fix(traefik): Fix YAML mapping --- traefik/docker-compose.secure.yml | 33 ++++++++++++++++--------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/traefik/docker-compose.secure.yml b/traefik/docker-compose.secure.yml index bdaff66..2c46a2f 100644 --- a/traefik/docker-compose.secure.yml +++ b/traefik/docker-compose.secure.yml @@ -5,21 +5,22 @@ networks: driver: bridge services: - ports: - - target: 443 - published: 443 - protocol: tcp - mode: host - command: - - --providers.file.filename=/traefik/dynamic_conf.toml + traefik: + ports: + - target: 443 + published: 443 + protocol: tcp + mode: host + command: + - --providers.file.filename=/traefik/dynamic_conf.toml - - --entrypoints.websecure.address=:443 + - --entrypoints.websecure.address=:443 - - --certificatesresolvers.letsencrypt.acme.httpchallenge=true - - --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web - - --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_EMAIL} - - --certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json - labels: - traefik.http.routers.traefik.entrypoints: 'websecure' - traefik.http.routers.traefik.tls.certResolver: 'letsencrypt' - traefik.http.routers.traefik.priority: '2000' + - --certificatesresolvers.letsencrypt.acme.httpchallenge=true + - --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web + - --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_EMAIL} + - --certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json + labels: + traefik.http.routers.traefik.entrypoints: 'websecure' + traefik.http.routers.traefik.tls.certResolver: 'letsencrypt' + traefik.http.routers.traefik.priority: '2000' -- 2.40.1 From 5ae74fc85645d1a00d2fbcad4de267528bf31f72 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 13 Dec 2021 16:43:39 +0100 Subject: [PATCH 064/193] chore(Grafana): Upgrade to 8.3.2 https://github.com/grafana/grafana/releases/tag/v8.3.2 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index ca82176..3c5e70e 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.2.5} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.3.2} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From 68d529fa2159c8820a28fcd1241f8521486f3fde Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 13 Dec 2021 16:44:37 +0100 Subject: [PATCH 065/193] feat(Grafana): Add more configuration variable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - [GF_ANALYTICS_CHECK_FOR_UPDATES](https://grafana.com/docs/grafana/latest/administration/configuration/#check_for_updates) dans la doc la variable est à true par défaut, chez nous j'ai décidé de le mettre à _false_ pour éviter des requêtes toutes les 10 minutes... - [GF_ANALYTICS_REPORTING_ENABLED](https://grafana.com/docs/grafana/latest/administration/configuration/#reporting_enabled) parreil sauf que c'est toutes les 24h - [GF_SERVER_PROTOCOL](https://grafana.com/docs/grafana/latest/administration/configuration/#protocol) pour mettre en HTTPS facilement --- grafana/docker-compose.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 3c5e70e..00ab896 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -13,9 +13,12 @@ services: volumes: - grafana:/var/lib/grafana environment: + GF_ANALYTICS_CHECK_FOR_UPDATES: ${$GF_ANALYTICS_CHECK_FOR_UPDATES:-false} + GF_ANALYTICS_REPORTING_ENABLED: ${$GF_ANALYTICS_REPORTING_ENABLED:-false} + GF_INSTALL_PLUGINS: ${GF_INSTALL_PLUGINS} GF_SECURITY_ADMIN_USER: ${GF_SECURITY_ADMIN_USER:?err} GF_SECURITY_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD:?err} GF_SECURITY_DISABLE_GRAVATAR: ${GF_SECURITY_DISABLE_GRAVATAR:-true} GF_SECURITY_COOKIE_SECURE: ${GF_SECURITY_COOKIE_SECURE:-true} + GF_SERVER_PROTOCOL: ${GF_SERVER_PROTOCOL:-http} GF_USERS_ALLOW_SIGN_UP: ${GF_USERS_ALLOW_SIGN_UP:-false} - GF_INSTALL_PLUGINS: ${GF_INSTALL_PLUGINS} -- 2.40.1 From 126a4e2048f80df91992a13a03c2b313b3234cf1 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 28 Dec 2021 15:13:04 +0100 Subject: [PATCH 066/193] chore(Traefik): Upgrade to 2.5.6 https://github.com/traefik/traefik/releases/tag/v2.5.6 --- traefik/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index ad8c22c..dda54ae 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -11,7 +11,7 @@ networks: services: traefik: container_name: ${TRAEFIK_CONTAINER_NAME:-traefik} - image: ${TRAEFIK_IMAGE:-traefik:v2.5.4} + image: ${TRAEFIK_IMAGE:-traefik:v2.5.6} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock -- 2.40.1 From bcb8aa8a2dfe0d2f03e705f11b1e2b71c7bc4a06 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 28 Dec 2021 15:17:10 +0100 Subject: [PATCH 067/193] chore(Grafana): Upgrade to 8.3.3 https://github.com/grafana/grafana/releases/tag/v8.3.3 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 00ab896..90d67de 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.3.2} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.3.3} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From 132fb026c571b1391ba5d394ee11fc2fdf6b45b8 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 28 Dec 2021 15:46:56 +0100 Subject: [PATCH 068/193] chore(HedgeDoc): Upgrade to 1.9.2 https://github.com/hedgedoc/hedgedoc/releases/tag/1.9.2 --- hedgedoc/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index d92a571..8b47dc8 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: hedgedoc: container_name: ${HEDGEDOC_CONTAINER_NAME:-hedgedoc} - image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.9.0-ls31} + image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.9.2-ls39} restart: always depends_on: - postgres -- 2.40.1 From c5b4223bbb0aebffec16f514ad95cf9f4da97962 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 28 Dec 2021 15:47:17 +0100 Subject: [PATCH 069/193] docs(HedgeDoc): Add documentation to debug --- hedgedoc/README.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/hedgedoc/README.md b/hedgedoc/README.md index 16c7803..d89e9b1 100644 --- a/hedgedoc/README.md +++ b/hedgedoc/README.md @@ -21,6 +21,23 @@ Lancer le service : docker-compose up -d ``` +## Debug + +### Se connecter à la base de données + +```shell +. .env +docker exec -it $POSTGRES_CONTAINER_NAME psql $POSTGRES_DB -U $POSTGRES_USER +``` + +### Traitement des notes vides + +``` +SELECT count(*) FROM public."Notes" WHERE content = ''; +SELECT * FROM public."Notes" WHERE content = ''; +DELETE FROM public."Notes" WHERE content = ''; +``` + ## Liens - [Site officiel][website] -- 2.40.1 From b571aa1ecd1c43bbfe8d13fee6e71276bd18889c Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 28 Dec 2021 17:42:12 +0100 Subject: [PATCH 070/193] chore(Directus): Upgrade to 9.4.0 https://github.com/directus/directus/releases/tag/v9.4.0 --- directus/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index 8da67b2..992ee91 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: directus: container_name: ${DIRECTUS_CONTAINER_NAME:-directus} - image: ${DIRECTUS_IMAGE:-directus/directus:9.0.0-rc.95} + image: ${DIRECTUS_IMAGE:-directus/directus:9.4.0} restart: always volumes: - directus:/directus/uploads -- 2.40.1 From 3d61fa584d10075e192dfc72c25d330c1615bad4 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 29 Dec 2021 14:55:06 +0100 Subject: [PATCH 071/193] fix(Grafana): Remove unnecessary char $ --- grafana/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 90d67de..566b19f 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -13,8 +13,8 @@ services: volumes: - grafana:/var/lib/grafana environment: - GF_ANALYTICS_CHECK_FOR_UPDATES: ${$GF_ANALYTICS_CHECK_FOR_UPDATES:-false} - GF_ANALYTICS_REPORTING_ENABLED: ${$GF_ANALYTICS_REPORTING_ENABLED:-false} + GF_ANALYTICS_CHECK_FOR_UPDATES: ${GF_ANALYTICS_CHECK_FOR_UPDATES:-false} + GF_ANALYTICS_REPORTING_ENABLED: ${GF_ANALYTICS_REPORTING_ENABLED:-false} GF_INSTALL_PLUGINS: ${GF_INSTALL_PLUGINS} GF_SECURITY_ADMIN_USER: ${GF_SECURITY_ADMIN_USER:?err} GF_SECURITY_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD:?err} -- 2.40.1 From e376de5443e40b054d4bbc54053f9e5e851b7b5b Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 29 Dec 2021 15:13:42 +0100 Subject: [PATCH 072/193] feat(Prometheus): Add new service --- prometheus/.env | 21 +++++++++++++++++++++ prometheus/Dockerfile | 3 +++ prometheus/README.md | 16 ++++++++++++++++ prometheus/docker-compose.traefik.yml | 15 +++++++++++++++ prometheus/docker-compose.yml | 18 ++++++++++++++++++ 5 files changed, 73 insertions(+) create mode 100644 prometheus/.env create mode 100644 prometheus/Dockerfile create mode 100644 prometheus/README.md create mode 100644 prometheus/docker-compose.traefik.yml create mode 100644 prometheus/docker-compose.yml diff --git a/prometheus/.env b/prometheus/.env new file mode 100644 index 0000000..803d12c --- /dev/null +++ b/prometheus/.env @@ -0,0 +1,21 @@ +######## +# DOCKER + +#DOCKER_CONTEXT= +#DOCKER_HOST= +SERVICES_DIR=.. +COMPOSE_FILE=${SERVICES_DIR}/prometheus/docker-compose.yml:${SERVICES_DIR}/prometheus/docker-compose.traefik.yml +#COMPOSE_PROJECT_NAME= + +############ +# PROMETHEUS + +#PROMETHEUS_IMAGE= +PROMETHEUS_DOMAIN=prometheus.cool.life + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= +#TRAEFIK_ENTRYPOINTS= diff --git a/prometheus/Dockerfile b/prometheus/Dockerfile new file mode 100644 index 0000000..159f2ac --- /dev/null +++ b/prometheus/Dockerfile @@ -0,0 +1,3 @@ +ARG PROMETHEUS_IMAGE +FROM $PROMETHEUS_IMAGE +ADD prometheus.yml /etc/prometheus/ diff --git a/prometheus/README.md b/prometheus/README.md new file mode 100644 index 0000000..3bc879d --- /dev/null +++ b/prometheus/README.md @@ -0,0 +1,16 @@ +# Prometheus + +> Prometheus est un logiciel libre de surveillance informatique et générateur d'alertes. Il enregistre des métriques en temps réel dans une base de données de séries temporelles (avec une capacité d'acquisition élevée) en se basant sur le contenu de point d'entrée exposé à l'aide du protocole HTTP. +> +> -- [Wikipédia](https://fr.wikipedia.org/wiki/Prometheus_(logiciel)) + +## 🔧 Configuration + +Pour configurer le service il faut ajouter un fichier prometheus.yml décrivant votre configuration. Vous retrouverz toutes les informations sur la page de [documentation officiel](https://prometheus.io/docs/prometheus/latest/configuration/configuration/). + +## 🔗 Liens + +- [Site officiel](https://prometheus.io/) +- [La documentation](https://prometheus.io/docs/) +- [Github](https://github.com/prometheus/prometheus) +- [L'image Docker sur Docker Hub](https://hub.docker.com/r/prom/prometheus) diff --git a/prometheus/docker-compose.traefik.yml b/prometheus/docker-compose.traefik.yml new file mode 100644 index 0000000..5f3fe21 --- /dev/null +++ b/prometheus/docker-compose.traefik.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + prometheus: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-prometheus}.rule=Host(`${PROMETHEUS_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-prometheus}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} diff --git a/prometheus/docker-compose.yml b/prometheus/docker-compose.yml new file mode 100644 index 0000000..9299d38 --- /dev/null +++ b/prometheus/docker-compose.yml @@ -0,0 +1,18 @@ +--- + +version: '3.8' + +volumes: + prometheus: + name: ${PROMETHEUS_VOLUME_NAME:-prometheus} + +services: + prometheus: + container_name: ${PROMETHEUS_CONTAINER_NAME:-prometheus} + build: + context: . + args: + PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.32.1} + volumes: + - prometheus:/prometheus + restart: always -- 2.40.1 From c3b9f78ef6e8ac901518a121e5b02d9948dfcdcd Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 29 Dec 2021 15:33:08 +0100 Subject: [PATCH 073/193] feat(Node-Exporter): Remove this service We don't use it, so I prefer remove it on this repository --- prometheus/node-exporter/docker-compose.yml | 16 ---------------- 1 file changed, 16 deletions(-) delete mode 100644 prometheus/node-exporter/docker-compose.yml diff --git a/prometheus/node-exporter/docker-compose.yml b/prometheus/node-exporter/docker-compose.yml deleted file mode 100644 index 9a2b46e..0000000 --- a/prometheus/node-exporter/docker-compose.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -version: '3.8' - -services: - node_exporter: - image: ${NODE_EXPORTER_IMAGE:-quay.io/prometheus/node-exporter:v1.2.0} - container_name: node_exporter - command: - - '--path.rootfs=/host --collector.textfile.directory=/host/var/lib/node_exporter/textfile_collector' - network_mode: host - pid: host - restart: unless-stopped - expose: - - 9100 - volumes: - - '/:/host:ro,rslave' -- 2.40.1 From 23f2bf72dfc6ed1eafac51189bef059206d4a387 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 31 Dec 2021 13:48:56 +0100 Subject: [PATCH 074/193] feat(Directus): Split configuration and add SMTP variable --- directus/.env | 25 ++++++++++++++++++++++++- directus/docker-compose.redis.yml | 10 ++++++++++ directus/docker-compose.smtp.yml | 15 +++++++++++++++ directus/docker-compose.traefik.yml | 15 +++++++++++++++ directus/docker-compose.yml | 10 +--------- 5 files changed, 65 insertions(+), 10 deletions(-) create mode 100644 directus/docker-compose.redis.yml create mode 100644 directus/docker-compose.smtp.yml create mode 100644 directus/docker-compose.traefik.yml diff --git a/directus/.env b/directus/.env index b9c3c90..6541d13 100644 --- a/directus/.env +++ b/directus/.env @@ -4,7 +4,7 @@ #DOCKER_CONTEXT= #DOCKER_HOST= SERVICES_DIR=.. -COMPOSE_FILE=./docker-compose.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml:${SERVICES_DIR}/traefik/docker-compose.network.yml +COMPOSE_FILE=${SERVICES_DIR}/directus/docker-compose.yml:${SERVICES_DIR}/directus/docker-compose.traefik.yml:${SERVICES_DIR}/directus/docker-compose.smtp.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml #COMPOSE_PROJECT_NAME= ########## @@ -13,10 +13,20 @@ COMPOSE_FILE=./docker-compose.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${ # see https://github.com/directus/directus/blob/main/api/example.env DIRECTUS_DOMAIN=directus.cool.life +DIRECTUS_PUBLIC_URL=https://${DIRECTUS_DOMAIN} DIRECTUS_KEY=255d861b-5ea1-5996-9aa3-922530ec40b1 DIRECTUS_SECRET=6116487b-cda1-52c2-b5b5-c8022c45e263 DIRECTUS_ADMIN_EMAIL=admin@example.com DIRECTUS_ADMIN_PASSWORD=d1r3ctu5 + +EMAIL_FROM=no-reply@${DIRECTUS_DOMAIN} +EMAIL_SMTP_HOST=mail.example.org +#EMAIL_SMTP_PORT= +EMAIL_SMTP_USER=user +EMAIL_SMTP_PASSWORD=password +#EMAIL_SMTP_SECURE= +#EMAIL_SMTP_IGNORE_TLS= + # DIRECTUS_PUID= # DIRECTUS_PGID= @@ -28,3 +38,16 @@ POSTGRES_PASSWORD=password-example POSTGRES_DB=postgres-database-name-example POSTGRES_CONTAINER_NAME=directus-postgres POSTGRES_VOLUME_NAME=directus-postgres +#POSTGRES_IMAGE= + +####### +# REDIS + +#REDIS_CONTAINER_NAME= + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= # Don't use char '.' +#TRAEFIK_ENTRYPOINTS= diff --git a/directus/docker-compose.redis.yml b/directus/docker-compose.redis.yml new file mode 100644 index 0000000..f71501e --- /dev/null +++ b/directus/docker-compose.redis.yml @@ -0,0 +1,10 @@ +--- + +version: "3.8" + +services: + directus: + environment: + CACHE_ENABLED: 'true' + CACHE_STORE: 'redis' + CACHE_REDIS: 'redis://${REDIS_CONTAINER_NAME:-redis}:6379' diff --git a/directus/docker-compose.smtp.yml b/directus/docker-compose.smtp.yml new file mode 100644 index 0000000..825e198 --- /dev/null +++ b/directus/docker-compose.smtp.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +services: + directus: + environment: + EMAIL_TRANSPORT: smtp + EMAIL_FROM: ${EMAIL_FROM:?err} + EMAIL_SMTP_HOST: ${EMAIL_SMTP_HOST} + EMAIL_SMTP_PORT: ${EMAIL_SMTP_PORT:-465} + EMAIL_SMTP_USER: ${EMAIL_SMTP_USER:?err} + EMAIL_SMTP_PASSWORD: ${EMAIL_SMTP_PASSWORD:?err} + EMAIL_SMTP_SECURE: ${EMAIL_SMTP_SECURE:-true} + EMAIL_SMTP_IGNORE_TLS: ${EMAIL_SMTP_IGNORE_TLS:-false} diff --git a/directus/docker-compose.traefik.yml b/directus/docker-compose.traefik.yml new file mode 100644 index 0000000..c199f12 --- /dev/null +++ b/directus/docker-compose.traefik.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + directus: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-directus}.rule=Host(`${DIRECTUS_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-directus}.entrypoints=web diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index 992ee91..4db6a8a 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -1,4 +1,5 @@ --- + version: "3.8" volumes: @@ -33,14 +34,5 @@ services: DB_USER: ${POSTGRES_USER:?err} DB_PASSWORD: ${POSTGRES_PASSWORD:?err} - CACHE_ENABLED: 'true' - CACHE_STORE: 'redis' - CACHE_REDIS: 'redis://${REDIS_CONTAINER_NAME:-redis}:6379' - PUID: ${DIRECTUS_PUID:-1000} PGID: ${DIRECTUS_PGID:-1000} - labels: - - traefik.enable=true - - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} - - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-directus}.rule=Host(`${DIRECTUS_DOMAIN:?err}`) - - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-directus}.entrypoints=web -- 2.40.1 From afa9b3a9979dc01cc66e708b2ad186dae59f65c0 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 3 Jan 2022 14:33:15 +0100 Subject: [PATCH 075/193] fix(Nextcloud): Update default host on postgres and redis --- nextcloud/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 5b87ade..7973c91 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -22,11 +22,11 @@ services: NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD?err} OVERWRITEPROTOCOL: ${OVERWRITEPROTOCOL:-https} PHP_UPLOAD_LIMIT: ${PHP_UPLOAD_LIMIT:-512M} - POSTGRES_HOST: postgres # Name is same as ../postgres/docker-compose.yml:8 + POSTGRES_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8 POSTGRES_USER: ${POSTGRES_USER:?err} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?err} POSTGRES_DB: ${POSTGRES_DB:?err} - REDIS_HOST: redis # Name is same as ../redis/docker-compose.yml:4 + REDIS_HOST: ${REDIS_CONTAINER_NAME:-redis} # Default name is same as ../redis/docker-compose.yml:4 PUID: ${NEXTCLOUD_PUID:-1000} PGID: ${NEXTCLOUD_PGID:-1000} -- 2.40.1 From dc1e6273303a61e94f3fc0d98fcdc672aca6cfef Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 3 Jan 2022 17:57:35 +0100 Subject: [PATCH 076/193] feat(Nextcloud): Nginx configuration use envsubst to use variable on Nextcloud fpm --- nextcloud/docker-compose.yml | 1 + nextcloud/web/Dockerfile | 2 +- nextcloud/web/nextcloud.conf.template | 145 +++++++++++++++++++++ nextcloud/web/nginx.conf | 174 -------------------------- 4 files changed, 147 insertions(+), 175 deletions(-) create mode 100644 nextcloud/web/nextcloud.conf.template delete mode 100644 nextcloud/web/nginx.conf diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 7973c91..6e8f99b 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -35,6 +35,7 @@ services: build: web restart: always environment: + NEXTCLOUD_FPM_CONTAINER_NAME: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm PUID: ${NEXTCLOUD_PUID:-1000} PGID: ${NEXTCLOUD_PGID:-1000} depends_on: diff --git a/nextcloud/web/Dockerfile b/nextcloud/web/Dockerfile index 64dc53c..60143f5 100644 --- a/nextcloud/web/Dockerfile +++ b/nextcloud/web/Dockerfile @@ -1,3 +1,3 @@ FROM nginx:1.21.4-alpine -COPY nginx.conf /etc/nginx/nginx.conf +COPY nextcloud.conf.template /etc/nginx/templates/default.conf.template diff --git a/nextcloud/web/nextcloud.conf.template b/nextcloud/web/nextcloud.conf.template new file mode 100644 index 0000000..ca15645 --- /dev/null +++ b/nextcloud/web/nextcloud.conf.template @@ -0,0 +1,145 @@ +upstream php-handler { + server ${NEXTCLOUD_FPM_CONTAINER_NAME}:9000; +} + +server { + listen 80; + + # Add headers to serve security related headers + # Before enabling Strict-Transport-Security headers please read into this + # topic first. + #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; + # + # WARNING: Only add the preload option once you read about + # the consequences in https://hstspreload.org/. This option + # will add the domain to a hardcoded list that is shipped + # in all major browsers and getting removed from this list + # could take several months. + add_header Referrer-Policy "no-referrer" always; + add_header X-Content-Type-Options "nosniff" always; + add_header X-Download-Options "noopen" always; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Permitted-Cross-Domain-Policies "none" always; + add_header X-Robots-Tag "none" always; + add_header X-XSS-Protection "1; mode=block" always; + + # Remove X-Powered-By, which is an information leak + fastcgi_hide_header X-Powered-By; + + # Path to the root of your installation + root /var/www/html; + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # The following 2 rules are only needed for the user_webfinger app. + # Uncomment it if you're planning to use this app. + #rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + + # The following rule is only needed for the Social app. + # Uncomment it if you're planning to use this app. + #rewrite ^/.well-known/webfinger /public.php?service=webfinger last; + + location = /.well-known/carddav { + return 301 $scheme://$host:$server_port/remote.php/dav; + } + + location = /.well-known/caldav { + return 301 $scheme://$host:$server_port/remote.php/dav; + } + + # location /nginx_status { + # stub_status; + # allow 192.168.1.0/24; #only allow requests from local network + # deny all; #deny all other hosts + # } + + # set max upload size + client_max_body_size 10G; + fastcgi_buffers 64 4K; + + # Enable gzip but do not remove ETag headers + gzip on; + gzip_vary on; + gzip_comp_level 4; + gzip_min_length 256; + gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; + gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; + + # Uncomment if your server is build with the ngx_pagespeed module + # This module is currently not supported. + #pagespeed off; + + location / { + rewrite ^ /index.php; + } + + location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ { + deny all; + } + location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) { + deny all; + } + + location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) { + fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; + set $path_info $fastcgi_path_info; + try_files $fastcgi_script_name =404; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $path_info; + # fastcgi_param HTTPS on; + + # Avoid sending the security headers twice + fastcgi_param modHeadersAvailable true; + + # Enable pretty urls + fastcgi_param front_controller_active true; + fastcgi_pass php-handler; + fastcgi_intercept_errors on; + fastcgi_request_buffering off; + } + + location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) { + try_files $uri/ =404; + index index.php; + } + + # Adding the cache control header for js, css and map files + # Make sure it is BELOW the PHP block + location ~ \.(?:css|js|woff2?|svg|gif|map)$ { + try_files $uri /index.php$request_uri; + add_header Cache-Control "public, max-age=15778463"; + # Add headers to serve security related headers (It is intended to + # have those duplicated to the ones above) + # Before enabling Strict-Transport-Security headers please read into + # this topic first. + #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; + # + # WARNING: Only add the preload option once you read about + # the consequences in https://hstspreload.org/. This option + # will add the domain to a hardcoded list that is shipped + # in all major browsers and getting removed from this list + # could take several months. + add_header Referrer-Policy "no-referrer" always; + add_header X-Content-Type-Options "nosniff" always; + add_header X-Download-Options "noopen" always; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Permitted-Cross-Domain-Policies "none" always; + add_header X-Robots-Tag "none" always; + add_header X-XSS-Protection "1; mode=block" always; + + # Optional: Don't log access to assets + access_log off; + } + + location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ { + try_files $uri /index.php$request_uri; + # Optional: Don't log access to other assets + access_log off; + } +} diff --git a/nextcloud/web/nginx.conf b/nextcloud/web/nginx.conf deleted file mode 100644 index b076ed2..0000000 --- a/nextcloud/web/nginx.conf +++ /dev/null @@ -1,174 +0,0 @@ -worker_processes auto; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - - -events { - worker_connections 1024; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - #tcp_nopush on; - - keepalive_timeout 65; - - #gzip on; - - upstream php-handler { - server nextcloud-fpm:9000; - } - - server { - listen 80; - - # Add headers to serve security related headers - # Before enabling Strict-Transport-Security headers please read into this - # topic first. - #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; - # - # WARNING: Only add the preload option once you read about - # the consequences in https://hstspreload.org/. This option - # will add the domain to a hardcoded list that is shipped - # in all major browsers and getting removed from this list - # could take several months. - add_header Referrer-Policy "no-referrer" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-Download-Options "noopen" always; - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Permitted-Cross-Domain-Policies "none" always; - add_header X-Robots-Tag "none" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Remove X-Powered-By, which is an information leak - fastcgi_hide_header X-Powered-By; - - # Path to the root of your installation - root /var/www/html; - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # The following 2 rules are only needed for the user_webfinger app. - # Uncomment it if you're planning to use this app. - #rewrite ^/.well-known/host-meta /public.php?service=host-meta last; - #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; - - # The following rule is only needed for the Social app. - # Uncomment it if you're planning to use this app. - #rewrite ^/.well-known/webfinger /public.php?service=webfinger last; - - location = /.well-known/carddav { - return 301 $scheme://$host:$server_port/remote.php/dav; - } - - location = /.well-known/caldav { - return 301 $scheme://$host:$server_port/remote.php/dav; - } - - # location /nginx_status { - # stub_status; - # allow 192.168.1.0/24; #only allow requests from local network - # deny all; #deny all other hosts - # } - - # set max upload size - client_max_body_size 10G; - fastcgi_buffers 64 4K; - - # Enable gzip but do not remove ETag headers - gzip on; - gzip_vary on; - gzip_comp_level 4; - gzip_min_length 256; - gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; - gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; - - # Uncomment if your server is build with the ngx_pagespeed module - # This module is currently not supported. - #pagespeed off; - - location / { - rewrite ^ /index.php; - } - - location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ { - deny all; - } - location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) { - deny all; - } - - location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) { - fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; - set $path_info $fastcgi_path_info; - try_files $fastcgi_script_name =404; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $path_info; - # fastcgi_param HTTPS on; - - # Avoid sending the security headers twice - fastcgi_param modHeadersAvailable true; - - # Enable pretty urls - fastcgi_param front_controller_active true; - fastcgi_pass php-handler; - fastcgi_intercept_errors on; - fastcgi_request_buffering off; - } - - location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) { - try_files $uri/ =404; - index index.php; - } - - # Adding the cache control header for js, css and map files - # Make sure it is BELOW the PHP block - location ~ \.(?:css|js|woff2?|svg|gif|map)$ { - try_files $uri /index.php$request_uri; - add_header Cache-Control "public, max-age=15778463"; - # Add headers to serve security related headers (It is intended to - # have those duplicated to the ones above) - # Before enabling Strict-Transport-Security headers please read into - # this topic first. - #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; - # - # WARNING: Only add the preload option once you read about - # the consequences in https://hstspreload.org/. This option - # will add the domain to a hardcoded list that is shipped - # in all major browsers and getting removed from this list - # could take several months. - add_header Referrer-Policy "no-referrer" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-Download-Options "noopen" always; - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Permitted-Cross-Domain-Policies "none" always; - add_header X-Robots-Tag "none" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Optional: Don't log access to assets - access_log off; - } - - location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ { - try_files $uri /index.php$request_uri; - # Optional: Don't log access to other assets - access_log off; - } - } -} -- 2.40.1 From 97f12a40bb10384b02a06c6d9200f37646bf41fa Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 3 Jan 2022 18:01:02 +0100 Subject: [PATCH 077/193] chore(Nginx): Upgrade to 1.21.5 http://nginx.org/en/CHANGES --- nextcloud/web/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/web/Dockerfile b/nextcloud/web/Dockerfile index 60143f5..2cde763 100644 --- a/nextcloud/web/Dockerfile +++ b/nextcloud/web/Dockerfile @@ -1,3 +1,3 @@ -FROM nginx:1.21.4-alpine +FROM nginx:1.21.5-alpine COPY nextcloud.conf.template /etc/nginx/templates/default.conf.template -- 2.40.1 From 2c9b9257f90d0b8dce90deeab327bc95a1cf9ce6 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 5 Jan 2022 00:41:26 +0100 Subject: [PATCH 078/193] feat(Mobilizon): Add new service --- geoip/.env | 9 ++++ geoip/docker-compose.yml | 22 ++++++++++ mobilizon/.env | 63 ++++++++++++++++++++++++++++ mobilizon/README.md | 22 ++++++++++ mobilizon/docker-compose.local.yml | 8 ++++ mobilizon/docker-compose.traefik.yml | 15 +++++++ mobilizon/docker-compose.yml | 47 +++++++++++++++++++++ 7 files changed, 186 insertions(+) create mode 100644 geoip/.env create mode 100644 geoip/docker-compose.yml create mode 100644 mobilizon/.env create mode 100644 mobilizon/README.md create mode 100644 mobilizon/docker-compose.local.yml create mode 100644 mobilizon/docker-compose.traefik.yml create mode 100644 mobilizon/docker-compose.yml diff --git a/geoip/.env b/geoip/.env new file mode 100644 index 0000000..608b262 --- /dev/null +++ b/geoip/.env @@ -0,0 +1,9 @@ +#GEOIP_VOLUME_NAME= +#GEOIP_IMAGE= +#GEOIP_CONTAINER_NAME= + +#GEOIP_EDITION_IDS= +GEOIP_LICENSE_KEY=blablabla +#GEOIP_DOWNLOAD_PATH= +#GEOIP_SCHEDULE= +#GEOIP_LOG_LEVEL= diff --git a/geoip/docker-compose.yml b/geoip/docker-compose.yml new file mode 100644 index 0000000..a9b25bb --- /dev/null +++ b/geoip/docker-compose.yml @@ -0,0 +1,22 @@ +--- + +version: "3.8" + +volumes: + geoip: + name: ${GEOIP_VOLUME_NAME:-geoip} + +services: + geoip: + image: ${GEOIP_IMAGE:-crazymax/geoip-updater:latest} + container_name: ${GEOIP_CONTAINER_NAME:-geoip-updater} + restart: always + volumes: + - geoip:${GEOIP_DOWNLOAD_PATH:-/data} + environment: + EDITION_IDS: ${GEOIP_EDITION_IDS:-GeoLite2-City} + LICENSE_KEY: ${GEOIP_LICENSE_KEY:-err} + DOWNLOAD_PATH: ${GEOIP_DOWNLOAD_PATH:-/data} + SCHEDULE: ${GEOIP_SCHEDULE:-0 0 * * 0} # Every Sunday + LOG_LEVEL: ${GEOIP_LOG_LEVEL:-info} + LOG_JSON: ${GEOIP_LOG_JSON:-false} diff --git a/mobilizon/.env b/mobilizon/.env new file mode 100644 index 0000000..6066034 --- /dev/null +++ b/mobilizon/.env @@ -0,0 +1,63 @@ +######## +# DOCKER + +#DOCKER_CONTEXT= +#DOCKER_HOST= +SERVICES_DIR=.. +COMPOSE_FILE=${SERVICES_DIR}/mobilizon/docker-compose.yml:${SERVICES_DIR}/mobilizon/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/geoip/docker-compose.yml +#COMPOSE_PROJECT_NAME= + +############ +## MOBILIZON + +MOBILIZON_INSTANCE_NAME="RésiLien - Mobilizon" +MOBILIZON_DOMAIN=mobilizon.lan +MOBILIZON_INSTANCE_PORT=4000 +MOBILIZON_INSTANCE_EMAIL=no-reply@mobilizon.lan + +MOBILIZON_REPLY_EMAIL=contact@mobilizon.lan +MOBILIZON_ADMIN_EMAIL=admin@mobilizon.lan +MOBILIZON_INSTANCE_REGISTRATIONS_OPEN=true + +MOBILIZON_INSTANCE_SECRET_KEY_BASE=changethis +MOBILIZON_INSTANCE_SECRET_KEY=changethis + +MOBILIZON_SMTP_SERVER=localhost +MOBILIZON_SMTP_HOSTNAME=localhost +MOBILIZON_SMTP_PORT=25 +MOBILIZON_SMTP_SSL=false +MOBILIZON_SMTP_USERNAME=noreply@mobilizon.lan +MOBILIZON_SMTP_PASSWORD=password + +#MOBILIZON_PUID= +#MOBILIZON_PGID= + +####### +# GEOIP + +#GEOIP_VOLUME_NAME= +#GEOIP_IMAGE= +#GEOIP_CONTAINER_NAME= + +#GEOIP_EDITION_IDS= +GEOIP_LICENSE_KEY= +#GEOIP_DOWNLOAD_PATH= +#GEOIP_SCHEDULE= +#GEOIP_LOG_LEVEL= + +########## +# POSTGRES + +POSTGRES_USER=mobilizon_user +POSTGRES_PASSWORD=mobilizon_password +POSTGRES_DB=mobilizon_db +#POSTGRES_CONTAINER_NAME=mobilizon_postgres +#POSTGRES_VOLUME_NAME=mobilizon_postgres +POSTGRES_IMAGE=kartoza/postgis:14-3.1 + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= # Don't use char '.' +#TRAEFIK_ENTRYPOINTS= diff --git a/mobilizon/README.md b/mobilizon/README.md new file mode 100644 index 0000000..8519ff5 --- /dev/null +++ b/mobilizon/README.md @@ -0,0 +1,22 @@ +# Mobilizon + +> Mobilizon est un logiciel libre d'organisation d'évènements et de gestion de groupes (Meet-up) lancé en octobre 20203 par Framasoft pour proposer une alternative libre aux plateformes des GAFAM4,5 (Facebook, Meetup.com, EventBrite). +> +> -- [Wikipedia](https://fr.wikipedia.org/wiki/Mobilizon) + +On peut retrouver la documentation sur le [site officiel](https://docs.joinmobilizon.org/fr/). + +## Configuration + +Mobilizon utilise de la géolocalisation pour les évènements et du coup il faut : +- une base de données spécifique postgis qui se base sur Postgres. Actuellement la configuration Postgres est compatible il faut donc juste changer l'image et utiliser [kartoza/postgis](https://hub.docker.com/r/kartoza/postgis). +- un fichier GeoLite2 et pour cela il faut créer une clé pour accéder au service en ligne de [maxmind](https://www.maxmind.com), on utilise ensuite l'image docker [geoip-updater](https://crazymax.dev/geoip-updater/install/docker/) de crazymax pour automatiser le téléchargement et la mise à jour. + +## Liens + +- 🌐 Official website: https://joinmobilizon.org +- 🔢 Pick an instance https://mobilizon.org +- 💻 Source: https://framagit.org/framasoft/mobilizon +- 📜 Documentation https://docs.joinmobilizon.org +- [Dépôt GIT Docker Compose](https://framagit.org/framasoft/joinmobilizon/docker) +- [Docker Hub](https://hub.docker.com/r/framasoft/mobilizon) diff --git a/mobilizon/docker-compose.local.yml b/mobilizon/docker-compose.local.yml new file mode 100644 index 0000000..156150e --- /dev/null +++ b/mobilizon/docker-compose.local.yml @@ -0,0 +1,8 @@ +--- + +version: "3.8" + +services: + mobilizon: + ports: + - "4000:${MOBILIZON_PORT:-4000}" diff --git a/mobilizon/docker-compose.traefik.yml b/mobilizon/docker-compose.traefik.yml new file mode 100644 index 0000000..a37a013 --- /dev/null +++ b/mobilizon/docker-compose.traefik.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + mobilizon: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-mobilizon}.rule=Host(`${MOBILIZON_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-mobilizon}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} diff --git a/mobilizon/docker-compose.yml b/mobilizon/docker-compose.yml new file mode 100644 index 0000000..3f55e57 --- /dev/null +++ b/mobilizon/docker-compose.yml @@ -0,0 +1,47 @@ +--- + +version: "3.8" + +volumes: + mobilizon: + name: ${MOBILIZON_VOLUME_NAME:-mobilizon} + +services: + mobilizon: + container_name: ${MOBILIZON_CONTAINER_NAME:-mobilizon} + image: ${MOBILIZON_IMAGE:-framasoft/mobilizon:2.0.2} + restart: always + depends_on: + - postgres + - geoip + volumes: + - mobilizon:/var/lib/mobilizon/uploads + # - ${PWD}/config.exs:/etc/mobilizon/config.exs:ro + - geoip:/var/lib/mobilizon/geo_db + environment: + MOBILIZON_INSTANCE_NAME: ${MOBILIZON_INSTANCE_NAME} + MOBILIZON_INSTANCE_HOST: ${MOBILIZON_DOMAIN} + MOBILIZON_INSTANCE_PORT: ${MOBILIZON_INSTANCE_PORT} + MOBILIZON_INSTANCE_EMAIL: ${MOBILIZON_INSTANCE_EMAIL} + + MOBILIZON_REPLY_EMAIL: ${MOBILIZON_REPLY_EMAIL} + MOBILIZON_ADMIN_EMAIL: ${MOBILIZON_ADMIN_EMAIL} + MOBILIZON_INSTANCE_REGISTRATIONS_OPEN: ${MOBILIZON_INSTANCE_REGISTRATIONS_OPEN:-false} + + MOBILIZON_DATABASE_USERNAME: ${POSTGRES_USER} + MOBILIZON_DATABASE_PASSWORD: ${POSTGRES_PASSWORD} + MOBILIZON_DATABASE_DBNAME: ${POSTGRES_DB} + MOBILIZON_DATABASE_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} + + MOBILIZON_INSTANCE_SECRET_KEY_BASE: ${MOBILIZON_INSTANCE_SECRET_KEY_BASE:?err} + MOBILIZON_INSTANCE_SECRET_KEY: ${MOBILIZON_INSTANCE_SECRET_KEY:?err} + + MOBILIZON_SMTP_SERVER: ${MOBILIZON_SMTP_SERVER:?err} + MOBILIZON_SMTP_HOSTNAME: ${MOBILIZON_SMTP_HOSTNAME:?err} + MOBILIZON_SMTP_PORT: ${MOBILIZON_SMTP_PORT:?err} + MOBILIZON_SMTP_SSL: ${MOBILIZON_SMTP_SSL:?err} + MOBILIZON_SMTP_USERNAME: ${MOBILIZON_SMTP_USERNAME:?err} + MOBILIZON_SMTP_PASSWORD: ${MOBILIZON_SMTP_PASSWORD:?err} + + PUID: ${MOBILIZON_PUID:-1000} + PGID: ${MOBILIZON_PGID:-1000} -- 2.40.1 From 80250b899b2d6661a8231e9a4ab1d7b76641eee4 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 10 Jan 2022 10:27:22 +0100 Subject: [PATCH 079/193] feat(Mobilizon): Add default port --- mobilizon/.env | 2 +- mobilizon/docker-compose.local.yml | 2 +- mobilizon/docker-compose.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/mobilizon/.env b/mobilizon/.env index 6066034..fadbbf9 100644 --- a/mobilizon/.env +++ b/mobilizon/.env @@ -12,7 +12,7 @@ COMPOSE_FILE=${SERVICES_DIR}/mobilizon/docker-compose.yml:${SERVICES_DIR}/mobili MOBILIZON_INSTANCE_NAME="RésiLien - Mobilizon" MOBILIZON_DOMAIN=mobilizon.lan -MOBILIZON_INSTANCE_PORT=4000 +#MOBILIZON_INSTANCE_PORT=4000 MOBILIZON_INSTANCE_EMAIL=no-reply@mobilizon.lan MOBILIZON_REPLY_EMAIL=contact@mobilizon.lan diff --git a/mobilizon/docker-compose.local.yml b/mobilizon/docker-compose.local.yml index 156150e..4cd53ce 100644 --- a/mobilizon/docker-compose.local.yml +++ b/mobilizon/docker-compose.local.yml @@ -5,4 +5,4 @@ version: "3.8" services: mobilizon: ports: - - "4000:${MOBILIZON_PORT:-4000}" + - "${MOBILIZON_INSTANCE_PORT:-4000}:${MOBILIZON_PORT:-4000}" diff --git a/mobilizon/docker-compose.yml b/mobilizon/docker-compose.yml index 3f55e57..e7f5c41 100644 --- a/mobilizon/docker-compose.yml +++ b/mobilizon/docker-compose.yml @@ -21,7 +21,7 @@ services: environment: MOBILIZON_INSTANCE_NAME: ${MOBILIZON_INSTANCE_NAME} MOBILIZON_INSTANCE_HOST: ${MOBILIZON_DOMAIN} - MOBILIZON_INSTANCE_PORT: ${MOBILIZON_INSTANCE_PORT} + MOBILIZON_INSTANCE_PORT: ${MOBILIZON_INSTANCE_PORT:-4000} MOBILIZON_INSTANCE_EMAIL: ${MOBILIZON_INSTANCE_EMAIL} MOBILIZON_REPLY_EMAIL: ${MOBILIZON_REPLY_EMAIL} -- 2.40.1 From 26842cadd3354f1fe221d7507d8da9e202c540af Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 10 Jan 2022 10:52:17 +0100 Subject: [PATCH 080/193] =?UTF-8?q?docs(Mobilizon):=20Mise=20=C3=A0=20jour?= =?UTF-8?q?=20de=20la=20documentation?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- mobilizon/README.md | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/mobilizon/README.md b/mobilizon/README.md index 8519ff5..9614c9a 100644 --- a/mobilizon/README.md +++ b/mobilizon/README.md @@ -1,6 +1,6 @@ # Mobilizon -> Mobilizon est un logiciel libre d'organisation d'évènements et de gestion de groupes (Meet-up) lancé en octobre 20203 par Framasoft pour proposer une alternative libre aux plateformes des GAFAM4,5 (Facebook, Meetup.com, EventBrite). +> Mobilizon est un logiciel libre d'organisation d'évènements et de gestion de groupes (Meet-up) lancé en octobre 2020 par Framasoft pour proposer une alternative libre aux plateformes des GAFAM (Facebook, Meetup.com, EventBrite). > > -- [Wikipedia](https://fr.wikipedia.org/wiki/Mobilizon) @@ -9,14 +9,15 @@ On peut retrouver la documentation sur le [site officiel](https://docs.joinmobil ## Configuration Mobilizon utilise de la géolocalisation pour les évènements et du coup il faut : -- une base de données spécifique postgis qui se base sur Postgres. Actuellement la configuration Postgres est compatible il faut donc juste changer l'image et utiliser [kartoza/postgis](https://hub.docker.com/r/kartoza/postgis). -- un fichier GeoLite2 et pour cela il faut créer une clé pour accéder au service en ligne de [maxmind](https://www.maxmind.com), on utilise ensuite l'image docker [geoip-updater](https://crazymax.dev/geoip-updater/install/docker/) de crazymax pour automatiser le téléchargement et la mise à jour. +- une base de données spécifique _[PostGIS](https://fr.wikipedia.org/wiki/PostGIS)_ qui se base sur _Postgres_. Actuellement la configuration de l'image Docker Postgres est compatible il faut donc juste changer le nom de l'image et utiliser [kartoza/postgis](https://hub.docker.com/r/kartoza/postgis) à la place. +- un fichier GeoLite2 et pour cela il faut créer une clé pour accéder au service en ligne de [maxmind](https://www.maxmind.com), on utilise ensuite l'image docker [geoip-updater](https://crazymax.dev/geoip-updater/install/docker/) de crazymax pour automatiser le téléchargement et la mise à jour du fichier. ## Liens -- 🌐 Official website: https://joinmobilizon.org -- 🔢 Pick an instance https://mobilizon.org -- 💻 Source: https://framagit.org/framasoft/mobilizon -- 📜 Documentation https://docs.joinmobilizon.org -- [Dépôt GIT Docker Compose](https://framagit.org/framasoft/joinmobilizon/docker) -- [Docker Hub](https://hub.docker.com/r/framasoft/mobilizon) +- 🌐 [Site website](https://joinmobilizon.org) +- 🔢 [voir les instances](https://instances.joinmobilizon.org/instances) +- 💻 Source officiel : + - [le logiciel](https://framagit.org/framasoft/mobilizon) + - [l'image _Docker_](https://framagit.org/framasoft/joinmobilizon/docker) +- 📜 [Documentation](https://docs.joinmobilizon.org) +- 🐳 [Docker Hub](https://hub.docker.com/r/framasoft/mobilizon) -- 2.40.1 From d23ab55885ff38b569af1c2ec7e19fded1bd2d42 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 10 Jan 2022 13:54:21 +0100 Subject: [PATCH 081/193] chore(Directus): Upgrade to 9.4.3 https://github.com/directus/directus/releases/tag/v9.4.3 --- directus/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index 4db6a8a..f41d446 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: directus: container_name: ${DIRECTUS_CONTAINER_NAME:-directus} - image: ${DIRECTUS_IMAGE:-directus/directus:9.4.0} + image: ${DIRECTUS_IMAGE:-directus/directus:9.4.3} restart: always volumes: - directus:/directus/uploads -- 2.40.1 From 567349390c24a045956a27cc9b20d61757403c02 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 19 Jan 2022 15:07:02 +0100 Subject: [PATCH 082/193] feat(Drone): Add more configuration and split it --- README.md | 2 +- drone/.env | 37 ------------- drone/README.md | 16 ++++++ drone/docker-compose.gitea.yml | 10 ---- drone/docker-compose.traefik.yml | 22 -------- drone/docker-compose.yml | 41 -------------- drone/runner/.env | 36 +++++++++++++ drone/runner/README.md | 11 ++++ drone/runner/docker-compose.dashboard.yml | 15 ++++++ drone/runner/docker-compose.local.yml | 8 +++ drone/runner/docker-compose.logging.yml | 15 ++++++ drone/runner/docker-compose.traefik.yml | 15 ++++++ drone/runner/docker-compose.yml | 26 +++++++++ drone/server/.env | 65 +++++++++++++++++++++++ drone/server/README.md | 41 ++++++++++++++ drone/server/docker-compose.cookie.yml | 13 +++++ drone/server/docker-compose.gitea.yml | 17 ++++++ drone/server/docker-compose.header.yml | 13 +++++ drone/server/docker-compose.local.yml | 8 +++ drone/server/docker-compose.logging.yml | 19 +++++++ drone/server/docker-compose.postgres.yml | 16 ++++++ drone/server/docker-compose.traefik.yml | 15 ++++++ drone/server/docker-compose.user.yml | 15 ++++++ drone/server/docker-compose.yml | 24 +++++++++ 24 files changed, 389 insertions(+), 111 deletions(-) delete mode 100644 drone/.env delete mode 100644 drone/docker-compose.gitea.yml delete mode 100644 drone/docker-compose.traefik.yml delete mode 100644 drone/docker-compose.yml create mode 100644 drone/runner/.env create mode 100644 drone/runner/README.md create mode 100644 drone/runner/docker-compose.dashboard.yml create mode 100644 drone/runner/docker-compose.local.yml create mode 100644 drone/runner/docker-compose.logging.yml create mode 100644 drone/runner/docker-compose.traefik.yml create mode 100644 drone/runner/docker-compose.yml create mode 100644 drone/server/.env create mode 100644 drone/server/README.md create mode 100644 drone/server/docker-compose.cookie.yml create mode 100644 drone/server/docker-compose.gitea.yml create mode 100644 drone/server/docker-compose.header.yml create mode 100644 drone/server/docker-compose.local.yml create mode 100644 drone/server/docker-compose.logging.yml create mode 100644 drone/server/docker-compose.postgres.yml create mode 100644 drone/server/docker-compose.traefik.yml create mode 100644 drone/server/docker-compose.user.yml create mode 100644 drone/server/docker-compose.yml diff --git a/README.md b/README.md index 716004e..98a42f2 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien ### Pour les devs / ops -- [Drone](./drone) ⏸️ `en pause` : Un service d'intégration continue +- [Drone](./drone) : Un service d'intégration continue - [Gitea](./gitea) : Un service Git auto-hébergé très simple à installer et à utiliser. Il est similaire à GitHub, Bitbucket ou Gitlab. - [Grafana](./grafana) : Un outil de supervision simple et élégant - [PostgreSQL](./postgres) : PostgreSQL est un système de gestion de base de données relationnelle et objet. diff --git a/drone/.env b/drone/.env deleted file mode 100644 index a698659..0000000 --- a/drone/.env +++ /dev/null @@ -1,37 +0,0 @@ -## DOCKER - -COMPOSE_FILE=./docker-compose.yml:./docker-compose.gitea.yml:./docker-compose.traefik.yml -TRAEFIK_NETWORK_NAME=kifeart - - -## DRONE SERVER - -# https://hub.docker.com/r/drone/drone/tags -DRONE_SERVER_IMAGE=drone/drone:1.7.0 - -DRONE_SERVER_VOLUME_NAME=drone-server -DRONE_SERVER_CONTAINER_NAME=drone-server - -# https://docs.drone.io/server/reference/ -DRONE_GIT_ALWAYS_AUTH=true -DRONE_RPC_SECRET=9VjG2Dj34Kdo2JYvn5iVxd7JjT5 -DRONE_SERVER_HOST=ci.cool.life -DRONE_SERVER_PROTO=https - -# https://docs.drone.io/server/provider/gitea/ -DRONE_GITEA_SERVER=gitea.cool.life -DRONE_GITEA_CLIENT_ID=UI76T78G-HDZ8-7CSD-6SDZ-YUIDG8Z7DSQ8 -DRONE_GITEA_CLIENT_SECRET=y9ruXnEqluXjKUcfs5yIFlH83yb1OpP32NCf0h5YJwg= - - - -## DRONE RUNNER - -# https://hub.docker.com/r/drone/drone-runner-docker/tags -DRONE_RUNNER_IMAGE=drone/drone-runner-docker:1.3.0 -DRONE_RUNNER_CONTAINER_NAME=drone-runner -DRONE_RUNNER_CAPACITY=2 -DRONE_RUNNER_HOST=ci-runner.cool.life -DRONE_RUNNER_NAME=ci-runner.cool.life -DRONE_RUNNER_UI_USERNAME=kosssi -DRONE_RUNNER_UI_PASSWORD=$not$a$password diff --git a/drone/README.md b/drone/README.md index 6b84604..b1f2662 100644 --- a/drone/README.md +++ b/drone/README.md @@ -4,6 +4,22 @@ > > [Codeflow][article] +## Documentation + +Drone est un logiciel d'intégration continue léger. Il est utilisé comme plate-forme de test et/ou de livraison automatisée. + +Le service est basé sur 2 briques : +- le coté serveur qui prend en compte les demande de l'extérieur avec une interface (_[server](./server)_) +- le coté exécution des tâches (_[runner](./runner)_). + +### Génération de clé + +Dans la documentation officielle, il est conseillé de générer les clés avec la commande : + +``` +openssl rand -hex 16 +``` + ## Liens - [Site internet][site] diff --git a/drone/docker-compose.gitea.yml b/drone/docker-compose.gitea.yml deleted file mode 100644 index 4c4a925..0000000 --- a/drone/docker-compose.gitea.yml +++ /dev/null @@ -1,10 +0,0 @@ -version: "3.8" - -# https://docs.drone.io/server/provider/gitea/ - -services: - drone-server: - environment: - DRONE_GITEA_SERVER: ${DRONE_GITEA_SERVER} - DRONE_GITEA_CLIENT_ID: ${DRONE_GITEA_CLIENT_ID} - DRONE_GITEA_CLIENT_SECRET: ${DRONE_GITEA_CLIENT_SECRET} diff --git a/drone/docker-compose.traefik.yml b/drone/docker-compose.traefik.yml deleted file mode 100644 index 5a03918..0000000 --- a/drone/docker-compose.traefik.yml +++ /dev/null @@ -1,22 +0,0 @@ -version: "3.8" - -networks: - default: - name: ${TRAEFIK_NETWORK_NAME} - -services: - drone-server: - labels: - traefik.enable: 'true' - traefik.docker.network: ${TRAEFIK_NETWORK_NAME} - - traefik.http.routers.drone-server.rule: 'Host(`${DRONE_SERVER_HOST}`)' - traefik.http.routers.drone-server.entrypoints: 'web' - - drone-runner: - labels: - traefik.enable: 'true' - traefik.docker.network: ${TRAEFIK_NETWORK_NAME} - - traefik.http.routers.drone-runner.rule: 'Host(`${DRONE_RUNNER_HOST}`)' - traefik.http.routers.drone-runner.entrypoints: 'web' diff --git a/drone/docker-compose.yml b/drone/docker-compose.yml deleted file mode 100644 index 78bd9b6..0000000 --- a/drone/docker-compose.yml +++ /dev/null @@ -1,41 +0,0 @@ -version: "3.8" - -volumes: - drone-server: - name: ${DRONE_SERVER_VOLUME_NAME} - -services: - drone-server: - container_name: ${DRONE_SERVER_CONTAINER_NAME} - image: ${DRONE_SERVER_IMAGE} - restart: always - environment: - DRONE_GIT_ALWAYS_AUTH: ${DRONE_GIT_ALWAYS_AUTH} - DRONE_RPC_SECRET: ${DRONE_RPC_SECRET} - DRONE_SERVER_HOST: ${DRONE_SERVER_HOST} - DRONE_SERVER_PROTO: ${DRONE_SERVER_PROTO} - DRONE_LOGS_DEBUG: 'true' - volumes: - - drone-server:/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - - drone-runner: - container_name: ${DRONE_RUNNER_CONTAINER_NAME} - image: ${DRONE_RUNNER_IMAGE} - restart: always - depends_on: - - drone-server - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - environment: - DRONE_RPC_PROTO: http - DRONE_RPC_HOST: ${DRONE_SERVER_CONTAINER_NAME} - DRONE_RPC_SECRET: ${DRONE_RPC_SECRET} - DRONE_RUNNER_CAPACITY: ${DRONE_RUNNER_CAPACITY} - DRONE_RUNNER_NAME: ${DRONE_RUNNER_NAME} - DRONE_UI_USERNAME: ${DRONE_RUNNER_UI_USERNAME} - DRONE_UI_PASSWORD: ${DRONE_RUNNER_UI_PASSWORD} - DRONE_DEBUG: 'true' diff --git a/drone/runner/.env b/drone/runner/.env new file mode 100644 index 0000000..5d5dbf0 --- /dev/null +++ b/drone/runner/.env @@ -0,0 +1,36 @@ +######## +# DOCKER + +#DOCKER_CONTEXT= +#DOCKER_HOST= +SERVICES_DIR=../.. +COMPOSE_FILE=${SERVICES_DIR}/drone/runner/docker-compose.yml:${SERVICES_DIR}/drone/runner/docker-compose.traefik.yml:${SERVICES_DIR}/drone/runner/docker-compose.dashboard.yml +#COMPOSE_PROJECT_NAME= + + +## DRONE RUNNER +#https://docs.drone.io/runner/docker/configuration/reference/ + +### Docker +# https://hub.docker.com/r/drone/drone-runner-docker/tags +DRONE_RUNNER_IMAGE=drone/drone-runner-docker:1.8.0 +DRONE_RUNNER_CONTAINER_NAME=drone-server + +### Drone +# https://docs.drone.io/runner/docker/installation/linux/ +DRONE_RPC_HOST=drone.cool.life +DRONE_RPC_PROTO=https +DRONE_RPC_SECRET=change-me +DRONE_RUNNER_HOST=ci-runner.cool.life +DRONE_RUNNER_CAPACITY=2 +DRONE_RUNNER_NAME=drone-runner +DRONE_UI_USERNAME=resilien +DRONE_UI_PASSWORD=change-me +DRONE_UI_DISABLE=false + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= # Don't use char '.' +#TRAEFIK_ENTRYPOINTS= diff --git a/drone/runner/README.md b/drone/runner/README.md new file mode 100644 index 0000000..6f41ef4 --- /dev/null +++ b/drone/runner/README.md @@ -0,0 +1,11 @@ +# Drone CI Runner + +Il existe plusieurs _runner_ nous parlerons ici que du _runner_ Docker. + +## Installation + +L'installation de la partie _runner_ a été coupée en plusieurs fichiers dont les noms sont assez explicites. De nombreux liens vers la documentation officielle ont été mis dans les fichiers _Docker Compose_. + +Il est possible de mettre en place une interface utilisateur pour visualiser les logs, les tâches exécutées. C'est pratique pour débugger. + +Le coté multiplatforme permet d'avoir plusieurs _runner_ sur des architectures différentes selon là où on les déploie. diff --git a/drone/runner/docker-compose.dashboard.yml b/drone/runner/docker-compose.dashboard.yml new file mode 100644 index 0000000..4448db6 --- /dev/null +++ b/drone/runner/docker-compose.dashboard.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +# https://docs.drone.io/runner/docker/configuration/dashboard/ + +services: + drone-runner: + environment: + # https://docs.drone.io/runner/docker/configuration/reference/drone-ui-username/ + DRONE_UI_USERNAME: ${DRONE_UI_USERNAME:?err} + # https://docs.drone.io/runner/docker/configuration/reference/drone-ui-password/ + DRONE_UI_PASSWORD: ${DRONE_UI_PASSWORD:?err} + # https://docs.drone.io/runner/docker/configuration/reference/drone-ui-disable/ + DRONE_UI_DISABLE: ${DRONE_UI_DISABLE:-false} diff --git a/drone/runner/docker-compose.local.yml b/drone/runner/docker-compose.local.yml new file mode 100644 index 0000000..59c143a --- /dev/null +++ b/drone/runner/docker-compose.local.yml @@ -0,0 +1,8 @@ +--- + +version: "3.8" + +services: + drone-runner: + ports: + - "3000:3000" diff --git a/drone/runner/docker-compose.logging.yml b/drone/runner/docker-compose.logging.yml new file mode 100644 index 0000000..0d717ae --- /dev/null +++ b/drone/runner/docker-compose.logging.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +# https://docs.drone.io/runner/docker/configuration/logging/ + +services: + drone-runner: + environment: + # https://docs.drone.io/runner/docker/configuration/reference/drone-debug/ + DRONE_DEBUG: ${DRONE_DEBUG:-false} + # https://docs.drone.io/runner/docker/configuration/reference/drone-rpc-dump-http/ + DRONE_RPC_DUMP_HTTP: ${DRONE_RPC_DUMP_HTTP:-false} + # https://docs.drone.io/runner/docker/configuration/reference/drone-rpc-dump-http-body/ + DRONE_RPC_DUMP_HTTP_BODY: ${DRONE_RPC_DUMP_HTTP_BODY-:false} diff --git a/drone/runner/docker-compose.traefik.yml b/drone/runner/docker-compose.traefik.yml new file mode 100644 index 0000000..175112c --- /dev/null +++ b/drone/runner/docker-compose.traefik.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME} + +services: + drone-runner: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-drone-runner}.rule=Host(`${DRONE_RUNNER_HOST:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-drone-runner}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} diff --git a/drone/runner/docker-compose.yml b/drone/runner/docker-compose.yml new file mode 100644 index 0000000..fcfd73b --- /dev/null +++ b/drone/runner/docker-compose.yml @@ -0,0 +1,26 @@ +--- + +version: "3.8" + +# https://docs.drone.io/runner/docker/installation/linux/ + +services: + drone-runner: + container_name: ${DRONE_RUNNER_CONTAINER_NAME} + image: ${DRONE_RUNNER_IMAGE:-drone/drone-runner-docker:1.8.0} + restart: always + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + environment: + # https://docs.drone.io/runner/docker/configuration/reference/drone-rpc-host/ + DRONE_RPC_HOST: ${DRONE_RPC_HOST:?err} + # https://docs.drone.io/runner/docker/configuration/reference/drone-rpc-proto/ + DRONE_RPC_PROTO: ${DRONE_RPC_PROTO:-https} + # https://docs.drone.io/runner/docker/configuration/reference/drone-rpc-secret/ + DRONE_RPC_SECRET: ${DRONE_RPC_SECRET:?err} + # https://docs.drone.io/runner/docker/configuration/reference/drone-runner-capacity/ + DRONE_RUNNER_CAPACITY: ${DRONE_RUNNER_CAPACITY:-2} + # https://docs.drone.io/runner/docker/configuration/reference/drone-runner-name/ + DRONE_RUNNER_NAME: ${DRONE_RUNNER_NAME} diff --git a/drone/server/.env b/drone/server/.env new file mode 100644 index 0000000..bd84bb6 --- /dev/null +++ b/drone/server/.env @@ -0,0 +1,65 @@ +######## +# DOCKER + +#DOCKER_CONTEXT= +#DOCKER_HOST= +SERVICES_DIR=../.. +COMPOSE_FILE=${SERVICES_DIR}/drone/server/docker-compose.yml:${SERVICES_DIR}/drone/server/docker-compose.user.yml:${SERVICES_DIR}/drone/server/docker-compose.traefik.yml:${SERVICES_DIR}/drone/server/docker-compose.postgres.yml:${SERVICES_DIR}/drone/server/docker-compose.header.yml:${SERVICES_DIR}/drone/server/docker-compose.gitea.yml:${SERVICES_DIR}/drone/server/docker-compose.cookie.yml:${SERVICES_DIR}/postgres/docker-compose.yml +#COMPOSE_PROJECT_NAME= + + +## DRONE SERVER +# https://docs.drone.io/server/reference/ + +### Docker +# https://hub.docker.com/r/drone/drone/tags +DRONE_SERVER_IMAGE=drone/drone:2.8.0 +DRONE_SERVER_VOLUME_NAME=drone-server +DRONE_SERVER_CONTAINER_NAME=drone-server + +### Drone + +DRONE_RPC_SECRET=change-me +DRONE_SERVER_HOST=ci.cool.life +DRONE_SERVER_PROTO=https + +### User +DRONE_ADMIN_USER=resilien +DRONE_ADMIN_TOKEN=change-me +DRONE_USER_FILTER=resilien +DRONE_REGISTRATION_CLOSED=true + +### Gitea +# https://docs.drone.io/server/provider/gitea/ +#DRONE_GIT_ALWAYS_AUTH= +DRONE_GITEA_SERVER=gitea.cool.life +DRONE_GITEA_CLIENT_ID=UI76T78G-HDZ8-7CSD-6SDZ-YUIDG8Z7DSQ8 +DRONE_GITEA_CLIENT_SECRET=change-me + +## Header +# https://docs.drone.io/server/headers/ +#DRONE_HTTP_SSL_REDIRECT= +#DRONE_HTTP_SSL_TEMPORARY_REDIRECT= +#DRONE_HTTP_SSL_HOST= +#DRONE_HTTP_STS_SECONDS= + +### Cookie +# https://docs.drone.io/server/cookie/ +DRONE_COOKIE_SECRET=change-me +#DRONE_COOKIE_TIMEOUT=720h + +### POSTGRES +# https://docs.drone.io/server/storage/encryption/ +DRONE_DATABASE_SECRET=change-me +POSTGRES_USER=user +POSTGRES_PASSWORD=password +POSTGRES_VOLUME_NAME=postgres +POSTGRES_CONTAINER_NAME=postgres +POSTGRES_DB=drone + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= # Don't use char '.' +#TRAEFIK_ENTRYPOINTS= diff --git a/drone/server/README.md b/drone/server/README.md new file mode 100644 index 0000000..fc748b6 --- /dev/null +++ b/drone/server/README.md @@ -0,0 +1,41 @@ +# Drone CI Server + +## Installation + +L'installation de la partie serveur a été coupée en plusieurs fichiers dont les noms sont assez explicites. De nombreux liens vers la documentation officielle ont été mis dans les fichiers _Docker Compose_. + +## Configuration + +Une fois un Drone installé il faut le configurer avec l'utilisation du CLI. + +### Installation du CLI + +Voir la [documentation officielle](https://docs.drone.io/cli/install/#install-on-linux). + +### Configuration du CLI en local + +Il faut : +- l'url de l'instance (`DRONE_SERVER_HOST`) +- le protocol de l'instance (`DRONE_SERVER_PROTO`) +- le token de l'administrateur (`DRONE_ADMIN_TOKEN`) + +``` +export DRONE_SERVER=${DRONE_SERVER_PROTO}://${DRONE_SERVER_HOST} +export DRONE_TOKEN=${DRONE_ADMIN_TOKEN} +``` + +[Documentation officielle](https://docs.drone.io/cli/configure/) + +### Les utilisateurs + +Il faut ajouter les utilisateurs non admin : + +``` +drone user add kosssi +drone user add killian +drone user add prometheus --machine --token=${PROMETHEUS_TOKEN} +``` + +En n'oubliant pas au moment de l'installation d'identifier précisément les utilisateurs ayant le droit d'exécuter Drone avec la variable `DRONE_USER_FILTER=kosssi,killian,prometheus,${DRONE_ADMIN_USER}` + +[Documentation officielle](https://docs.drone.io/cli/user/drone-user-add/) diff --git a/drone/server/docker-compose.cookie.yml b/drone/server/docker-compose.cookie.yml new file mode 100644 index 0000000..99736ba --- /dev/null +++ b/drone/server/docker-compose.cookie.yml @@ -0,0 +1,13 @@ +--- + +version: "3.8" + +# https://docs.drone.io/server/cookie/ + +services: + drone-server: + environment: + # https://docs.drone.io/server/reference/drone-cookie-secret/ + DRONE_COOKIE_SECRET: ${DRONE_COOKIE_SECRET:?err} + # https://docs.drone.io/server/reference/drone-cookie-timeout/ + DRONE_COOKIE_TIMEOUT: ${DRONE_COOKIE_TIMEOUT:-720h} # Default value 30 days diff --git a/drone/server/docker-compose.gitea.yml b/drone/server/docker-compose.gitea.yml new file mode 100644 index 0000000..9ca4760 --- /dev/null +++ b/drone/server/docker-compose.gitea.yml @@ -0,0 +1,17 @@ +--- + +version: "3.8" + +# https://docs.drone.io/server/provider/gitea/ + +services: + drone-server: + environment: + # https://docs.drone.io/server/reference/drone-git-always-auth/ + DRONE_GIT_ALWAYS_AUTH: ${DRONE_GIT_ALWAYS_AUTH:-true} + # https://docs.drone.io/server/reference/drone-gitea-server/ + DRONE_GITEA_SERVER: ${DRONE_GITEA_SERVER:?err} + # https://docs.drone.io/server/reference/drone-gitea-client-id/ + DRONE_GITEA_CLIENT_ID: ${DRONE_GITEA_CLIENT_ID:?err} + # https://docs.drone.io/server/reference/drone-gitea-client-secret/ + DRONE_GITEA_CLIENT_SECRET: ${DRONE_GITEA_CLIENT_SECRET:?err} diff --git a/drone/server/docker-compose.header.yml b/drone/server/docker-compose.header.yml new file mode 100644 index 0000000..3607c71 --- /dev/null +++ b/drone/server/docker-compose.header.yml @@ -0,0 +1,13 @@ +--- + +version: "3.8" + +# https://docs.drone.io/server/headers/ + +services: + drone-server: + environment: + DRONE_HTTP_SSL_REDIRECT: ${DRONE_HTTP_SSL_REDIRECT:-true} + DRONE_HTTP_SSL_TEMPORARY_REDIRECT: ${DRONE_HTTP_SSL_TEMPORARY_REDIRECT:-true} + DRONE_HTTP_SSL_HOST: ${DRONE_SERVER_HOST} + DRONE_HTTP_STS_SECONDS: ${DRONE_HTTP_STS_SECONDS:-315360000} diff --git a/drone/server/docker-compose.local.yml b/drone/server/docker-compose.local.yml new file mode 100644 index 0000000..06436db --- /dev/null +++ b/drone/server/docker-compose.local.yml @@ -0,0 +1,8 @@ +--- + +version: "3.8" + +services: + drone-server: + ports: + - "3000:3000" diff --git a/drone/server/docker-compose.logging.yml b/drone/server/docker-compose.logging.yml new file mode 100644 index 0000000..62cc675 --- /dev/null +++ b/drone/server/docker-compose.logging.yml @@ -0,0 +1,19 @@ +--- + +version: "3.8" + +# https://docs.drone.io/server/logging/ + +services: + drone-server: + environment: + # https://docs.drone.io/server/reference/drone-logs-debug/ + DRONE_LOGS_DEBUG: ${DRONE_LOGS_DEBUG:-true} + # https://docs.drone.io/server/reference/drone-logs-text/ + DRONE_LOGS_TEXT: ${DRONE_LOGS_TEXT:-true} + # https://docs.drone.io/server/reference/drone-logs-pretty/ + DRONE_LOGS_PRETTY: ${DRONE_LOGS_PRETTY:-true} + # https://docs.drone.io/server/reference/drone-logs-color/ + DRONE_LOGS_COLOR: ${DRONE_LOGS_COLOR:-true} + # https://docs.drone.io/server/reference/drone-logs-trace/ + DRONE_LOGS_TRACE: ${DRONE_LOGS_TRACE:-false} diff --git a/drone/server/docker-compose.postgres.yml b/drone/server/docker-compose.postgres.yml new file mode 100644 index 0000000..c7e2be2 --- /dev/null +++ b/drone/server/docker-compose.postgres.yml @@ -0,0 +1,16 @@ +--- + +version: "3.8" + +# https://docs.drone.io/server/storage/database/ +# https://docs.drone.io/server/storage/encryption/ + +services: + drone-server: + environment: + # https://docs.drone.io/server/reference/drone-database-secret/ + DRONE_DATABASE_SECRET: ${DRONE_DATABASE_SECRET} + # https://docs.drone.io/server/reference/drone-database-driver/ + DRONE_DATABASE_DRIVER: postgres + # https://docs.drone.io/server/reference/drone-database-datasource/ + DRONE_DATABASE_DATASOURCE: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@${POSTGRES_CONTAINER_NAME:-postgres}:5432/${POSTGRES_DB:?err}?sslmode=disable diff --git a/drone/server/docker-compose.traefik.yml b/drone/server/docker-compose.traefik.yml new file mode 100644 index 0000000..47dc794 --- /dev/null +++ b/drone/server/docker-compose.traefik.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME} + +services: + drone-server: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-drone-server}.rule=Host(`${DRONE_SERVER_HOST:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-drone-server}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} diff --git a/drone/server/docker-compose.user.yml b/drone/server/docker-compose.user.yml new file mode 100644 index 0000000..c4244e2 --- /dev/null +++ b/drone/server/docker-compose.user.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +# https://docs.drone.io/server/user/registration/ + +services: + drone-server: + environment: + # https://docs.drone.io/server/reference/drone-user-create/ + DRONE_USER_CREATE: username:${DRONE_ADMIN_USER:?err},machine:false,admin:true,token:${DRONE_ADMIN_TOKEN:?err} + # https://docs.drone.io/server/reference/drone-user-filter/ + DRONE_USER_FILTER: ${DRONE_USER_FILTER:?err} + # https://docs.drone.io/server/reference/drone-registration-closed/ + DRONE_REGISTRATION_CLOSED: ${DRONE_REGISTRATION_CLOSED:-true} diff --git a/drone/server/docker-compose.yml b/drone/server/docker-compose.yml new file mode 100644 index 0000000..b8ed7f7 --- /dev/null +++ b/drone/server/docker-compose.yml @@ -0,0 +1,24 @@ +--- + +version: "3.8" + +volumes: + drone-server: + name: ${DRONE_SERVER_VOLUME_NAME:-drone-server} + +services: + drone-server: + container_name: ${DRONE_SERVER_CONTAINER_NAME:-drone-server} + image: ${DRONE_SERVER_IMAGE:-drone/drone:2.8.0} + restart: always + environment: + # https://docs.drone.io/server/reference/drone-rpc-secret/ + DRONE_RPC_SECRET: ${DRONE_RPC_SECRET} + # https://docs.drone.io/server/reference/drone-server-host/ + DRONE_SERVER_HOST: ${DRONE_SERVER_HOST} + # https://docs.drone.io/server/reference/drone-server-proto/ + DRONE_SERVER_PROTO: ${DRONE_SERVER_PROTO:-https} + volumes: + - drone-server:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro -- 2.40.1 From 34e08f918372ef744104315a124176016211a7cd Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 26 Jan 2022 10:59:42 +0100 Subject: [PATCH 083/193] docs: Update documentation --- directus/.env | 1 + gitea/README.md | 2 +- grafana/README.md | 2 +- prometheus/README.md | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/directus/.env b/directus/.env index 6541d13..fd81f08 100644 --- a/directus/.env +++ b/directus/.env @@ -12,6 +12,7 @@ COMPOSE_FILE=${SERVICES_DIR}/directus/docker-compose.yml:${SERVICES_DIR}/directu # # see https://github.com/directus/directus/blob/main/api/example.env +DIRECTUS_CONTAINER_NAME=directus_cool_life DIRECTUS_DOMAIN=directus.cool.life DIRECTUS_PUBLIC_URL=https://${DIRECTUS_DOMAIN} DIRECTUS_KEY=255d861b-5ea1-5996-9aa3-922530ec40b1 diff --git a/gitea/README.md b/gitea/README.md index 3d33e51..18021d5 100644 --- a/gitea/README.md +++ b/gitea/README.md @@ -4,7 +4,7 @@ > > [Documentation][documentation] -Il est possible de configurer l'intégralité du service à l'aide de variable d'environnement voir [la documentation officiel](https://docs.gitea.io/en-us/install-with-docker/#managing-deployments-with-environment-variables). +Il est possible de configurer l'intégralité du service à l'aide de variable d'environnement voir [la documentation officielle](https://docs.gitea.io/en-us/install-with-docker/#managing-deployments-with-environment-variables). ## Commandes diff --git a/grafana/README.md b/grafana/README.md index 974bba8..8692bac 100644 --- a/grafana/README.md +++ b/grafana/README.md @@ -6,7 +6,7 @@ ## 🔧 Configuration -La configuration du service ce base sur la documentation officiel plusieurs pages sont intéressante à lire : +La configuration du service ce base sur la documentation officielle, plusieurs pages sont intéressantes à lire : - [Lancer l'image Docker de Grafana](https://grafana.com/docs/grafana/latest/installation/docker/) - [Configuration l'image Docker Grafana](https://grafana.com/docs/grafana/latest/administration/configure-docker/) - [Surcharger la configuration à l'aide des variables d'environment](https://grafana.com/docs/grafana/latest/administration/configuration/#override-configuration-with-environment-variables) diff --git a/prometheus/README.md b/prometheus/README.md index 3bc879d..caca743 100644 --- a/prometheus/README.md +++ b/prometheus/README.md @@ -6,7 +6,7 @@ ## 🔧 Configuration -Pour configurer le service il faut ajouter un fichier prometheus.yml décrivant votre configuration. Vous retrouverz toutes les informations sur la page de [documentation officiel](https://prometheus.io/docs/prometheus/latest/configuration/configuration/). +Pour configurer le service il faut ajouter un fichier prometheus.yml décrivant votre configuration. Vous retrouverz toutes les informations sur la page de [documentation officielle](https://prometheus.io/docs/prometheus/latest/configuration/configuration/). ## 🔗 Liens -- 2.40.1 From e301bb6b6472b2debffa78e7c1b9dca9bbd2a431 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 26 Jan 2022 11:09:23 +0100 Subject: [PATCH 084/193] fix(Postgres): Add container name or postgres by default on postgres host --- directus/docker-compose.yml | 2 +- gitea/docker-compose.yml | 2 +- grafana/docker-compose.postgres.yml | 2 +- hedgedoc/docker-compose.yml | 2 +- mobilizon/docker-compose.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index f41d446..3b588c0 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -28,7 +28,7 @@ services: PUBLIC_URL: ${DIRECTUS_PUBLIC_URL:?err} DB_CLIENT: 'pg' - DB_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} + DB_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8 DB_PORT: '5432' DB_DATABASE: ${POSTGRES_DB:?err} DB_USER: ${POSTGRES_USER:?err} diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 255d520..15415df 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -13,7 +13,7 @@ services: # - USER_UID=1000 # - USER_GID=1000 DB_TYPE: postgres - DB_HOST: postgres:5432 + DB_HOST: ${POSTGRES_CONTAINER_NAME:-postgres}:5432 # Default name is same as ../postgres/docker-compose.yml:8 DB_NAME: ${POSTGRES_DB} DB_USER: ${POSTGRES_USER} DB_PASSWD: ${POSTGRES_PASSWORD} diff --git a/grafana/docker-compose.postgres.yml b/grafana/docker-compose.postgres.yml index b9fc41c..2958291 100644 --- a/grafana/docker-compose.postgres.yml +++ b/grafana/docker-compose.postgres.yml @@ -5,7 +5,7 @@ services: environment: # https://grafana.com/docs/grafana/latest/administration/configuration/#database GF_DATABASE_TYPE: postgres - GF_DATABASE_HOST: postgres # Name is same as ../postgres/docker-compose.yml:8 + GF_DATABASE_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8 GF_DATABASE_NAME: ${POSTGRES_DB:?err} GF_DATABASE_USER: ${POSTGRES_USER:?err} GF_DATABASE_PASSWORD: ${POSTGRES_PASSWORD:?err} diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index 8b47dc8..0928bce 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -17,7 +17,7 @@ services: - /etc/localtime:/etc/localtime:ro environment: # https://docs.hedgedoc.org/configuration/ - CMD_DB_URL: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@${POSTGRES_CONTAINER_NAME}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:?err} + CMD_DB_URL: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@${POSTGRES_CONTAINER_NAME:-postgres}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:?err} CMD_DOMAIN: ${HEDGEDOC_DOMAIN:?err} CMD_SESSION_SECRET: ${CMD_SESSION_SECRET:?err} NODE_ENV: ${NODE_ENV:-development} # `production` or `development` diff --git a/mobilizon/docker-compose.yml b/mobilizon/docker-compose.yml index e7f5c41..7a29ec5 100644 --- a/mobilizon/docker-compose.yml +++ b/mobilizon/docker-compose.yml @@ -31,7 +31,7 @@ services: MOBILIZON_DATABASE_USERNAME: ${POSTGRES_USER} MOBILIZON_DATABASE_PASSWORD: ${POSTGRES_PASSWORD} MOBILIZON_DATABASE_DBNAME: ${POSTGRES_DB} - MOBILIZON_DATABASE_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} + MOBILIZON_DATABASE_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8 MOBILIZON_INSTANCE_SECRET_KEY_BASE: ${MOBILIZON_INSTANCE_SECRET_KEY_BASE:?err} MOBILIZON_INSTANCE_SECRET_KEY: ${MOBILIZON_INSTANCE_SECRET_KEY:?err} -- 2.40.1 From c68c7ab7495d57e8a84c367359d1ed802e453900 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Feb 2022 10:14:52 +0100 Subject: [PATCH 085/193] chore(Drone): Upgrade to 2.9.1 https://github.com/harness/drone/blob/master/CHANGELOG.md --- drone/server/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drone/server/docker-compose.yml b/drone/server/docker-compose.yml index b8ed7f7..3cae11b 100644 --- a/drone/server/docker-compose.yml +++ b/drone/server/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: drone-server: container_name: ${DRONE_SERVER_CONTAINER_NAME:-drone-server} - image: ${DRONE_SERVER_IMAGE:-drone/drone:2.8.0} + image: ${DRONE_SERVER_IMAGE:-drone/drone:2.9.1} restart: always environment: # https://docs.drone.io/server/reference/drone-rpc-secret/ -- 2.40.1 From d75ffc2ad63fab154cc4d2c3ac0311491dc2fa19 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Feb 2022 10:20:40 +0100 Subject: [PATCH 086/193] chore(Traefik): Upgrade to 2.6.0 https://github.com/traefik/traefik/releases/tag/v2.6.0 --- traefik/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index dda54ae..c07e956 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -11,7 +11,7 @@ networks: services: traefik: container_name: ${TRAEFIK_CONTAINER_NAME:-traefik} - image: ${TRAEFIK_IMAGE:-traefik:v2.5.6} + image: ${TRAEFIK_IMAGE:-traefik:v2.6.0} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock -- 2.40.1 From 23c932580faa60e459cee9ef3c1bc92f6e64dd03 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Feb 2022 10:24:01 +0100 Subject: [PATCH 087/193] chore(Prometheus): Upgrade to 2.33.1 https://github.com/prometheus/prometheus/releases/tag/v2.33.1 --- prometheus/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prometheus/docker-compose.yml b/prometheus/docker-compose.yml index 9299d38..4b922e7 100644 --- a/prometheus/docker-compose.yml +++ b/prometheus/docker-compose.yml @@ -12,7 +12,7 @@ services: build: context: . args: - PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.32.1} + PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.33.1} volumes: - prometheus:/prometheus restart: always -- 2.40.1 From 55430b3e8fddcee8e790f080607847d2b6d9f343 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Feb 2022 10:27:59 +0100 Subject: [PATCH 088/193] chore(Grafana): Upgrade to 8.3.4 https://github.com/grafana/grafana/releases/tag/v8.3.4 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 566b19f..74fc068 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.3.3} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.3.4} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From 478fbac2be9493804ffe2bb5bc1a631c17415697 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Feb 2022 10:33:27 +0100 Subject: [PATCH 089/193] chore(Directus): Upgrade to 9.5.1 https://github.com/directus/directus/releases/tag/v9.5.1 --- directus/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index 3b588c0..125f497 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: directus: container_name: ${DIRECTUS_CONTAINER_NAME:-directus} - image: ${DIRECTUS_IMAGE:-directus/directus:9.4.3} + image: ${DIRECTUS_IMAGE:-directus/directus:9.5.1} restart: always volumes: - directus:/directus/uploads -- 2.40.1 From 7f4140dea6bbe3c34509f312e8f3e64514dc77ce Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 9 Feb 2022 17:30:15 +0100 Subject: [PATCH 090/193] =?UTF-8?q?typo:=20R=C3=A9silien=20to=20R=C3=A9siL?= =?UTF-8?q?ien?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- examples/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/README.md b/examples/README.md index 6979a90..4853c00 100644 --- a/examples/README.md +++ b/examples/README.md @@ -14,4 +14,4 @@ Si nous allons dans le dossier `traefik.cool.life` par example, il est possible Si vous gérez des serveurs à distance, il est possible d'utiliser la variable `DOCKER_HOST` dans votre fichier `.env` pour expliquer que le service doit s’exécuter sur ce serveur. -> Résilien utilise maintenant ce système avec une génération automatique des fichiers .env à l'aide d'Ansible, nous permettant de facilement déployer un nouveau service, de le déplacer de serveur +> RésiLien utilise maintenant ce système avec une génération automatique des fichiers .env à l'aide d'Ansible, nous permettant de facilement déployer un nouveau service, de le déplacer de serveur -- 2.40.1 From d6671e5f1b04261a056d7b223fa2c50e8f90bb58 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 9 Feb 2022 17:57:03 +0100 Subject: [PATCH 091/193] docs: Update services --- README.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 98a42f2..ee1b9dd 100644 --- a/README.md +++ b/README.md @@ -6,9 +6,10 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien ### Pour les utilisateurs -- [HedgeDoc](./hedgedoc) : Prise de note en Markdown collaborative en temps réel -- [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration - [Directus](./directus) : Permet d'administrer une base de données +- [HedgeDoc](./hedgedoc) : Prise de note en Markdown collaborative en temps réel +- [Mobilizon](./mobilizon): Permet l'organisation d'évènements et de gestion de groupes +- [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration ### Pour les devs / ops @@ -17,7 +18,8 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien - [Grafana](./grafana) : Un outil de supervision simple et élégant - [PostgreSQL](./postgres) : PostgreSQL est un système de gestion de base de données relationnelle et objet. - [Prometheus](./prometheus) : Un logiciel de surveillance informatique -- [Docker Registry](./registry) : Une application qui permet de distribuer des images Docker +- [Redis](./redis) : Système de gestion de base de données clé-valeur extensible, très hautes performances +- [Registry Docker](./registry) : Une application qui permet de distribuer des images Docker - [Traefik](./traefik) : Traefik, un reverse-proxy pour vos conteneurs - [Watchtower](./watchtower) : Automatiser la mise à jour d'image docker -- 2.40.1 From 31935e4acf2215213c84fde351b34f0758e48d7f Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 14 Feb 2022 10:12:43 +0100 Subject: [PATCH 092/193] chore(Gitea): Upgrade to 1.16.1 https://github.com/go-gitea/gitea/releases/tag/v1.16.1 --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 15415df..7014e8c 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.15.5} + image: ${GITEA_IMAGE:-gitea/gitea:1.16.1@sha256:bd36095359861e6970705a70d58ae0536f92f0d3f2d25c18ed663e94380c546a} restart: always environment: # - USER_UID=1000 -- 2.40.1 From fe99e604d749c975f532ea2768be4b2af1c95361 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 14 Feb 2022 10:13:40 +0100 Subject: [PATCH 093/193] chore(Grafana): Upgrade to 8.3.6 https://github.com/grafana/grafana/releases/tag/v8.3.6 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 74fc068..6efdc70 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.3.4} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.3.6@sha256:5b71534e0a0329f243994a09340db6625b55a33ae218d71e34ec73f824ec1e48} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From 6bed3d6aa2d29dcb0eda1342e19f8f92ac931a31 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 14 Feb 2022 10:14:39 +0100 Subject: [PATCH 094/193] chore(Postgres): Upgrade to 14.2 https://www.postgresql.org/docs/release/14.2/ --- postgres/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/postgres/docker-compose.yml b/postgres/docker-compose.yml index 95f5c69..70dd15c 100644 --- a/postgres/docker-compose.yml +++ b/postgres/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: postgres: container_name: ${POSTGRES_CONTAINER_NAME:-postgres} - image: ${POSTGRES_IMAGE:-postgres:14.1-alpine} + image: ${POSTGRES_IMAGE:-postgres:14.2-alpine@sha256:536bc3ad5d53f1b84db958be04013024aae70449c931943ad0a55c56c28f68b3} restart: always environment: POSTGRES_USER: ${POSTGRES_USER:?err} -- 2.40.1 From 7992eb4ffa28cc9707890c5cf5edd0eae79d2760 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 14 Feb 2022 10:15:30 +0100 Subject: [PATCH 095/193] chore(Prometheus): Upgrade to 2.33.3 https://github.com/prometheus/prometheus/releases/tag/v2.33.3 --- prometheus/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prometheus/docker-compose.yml b/prometheus/docker-compose.yml index 4b922e7..32e9f77 100644 --- a/prometheus/docker-compose.yml +++ b/prometheus/docker-compose.yml @@ -12,7 +12,7 @@ services: build: context: . args: - PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.33.1} + PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.33.3@sha256:20c90b9a99b12b4349150e347811cc44dccdb05c291d385320be63dc12cce73b} volumes: - prometheus:/prometheus restart: always -- 2.40.1 From 60394b5c9d7a4d595c07e9312c50f479d1f9729f Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 14 Feb 2022 10:16:20 +0100 Subject: [PATCH 096/193] chore(Registry): Upgrade to 2.8.0 https://github.com/distribution/distribution/releases/tag/v2.8.0 --- registry/.env | 2 +- registry/docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/registry/.env b/registry/.env index ac4869e..6771d73 100644 --- a/registry/.env +++ b/registry/.env @@ -5,7 +5,7 @@ TRAEFIK_NETWORK_NAME=kifeart ## REGISTRY -REGISTRY_IMAGE=registry:2.7.1 +#REGISTRY_IMAGE= REGISTRY_CUSTOM_IMAGE=custom/registry REGISTRY_DOMAIN=registry.cool.life REGISTRY_VOLUME_NAME=registry diff --git a/registry/docker-compose.yml b/registry/docker-compose.yml index c987491..a6457ba 100644 --- a/registry/docker-compose.yml +++ b/registry/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: registry: container_name: ${REGISTRY_CONTAINER_NAME} - image: ${REGISTRY_IMAGE} + image: ${REGISTRY_IMAGE:-registry:2.8.0@sha256:c26590bcf53822a542e78fab5c88e1dfbcdee91c1882f4656b7db7b542d91d97} restart: always environment: REGISTRY_AUTH: htpasswd -- 2.40.1 From b0a72c954cb0c2d85254bbed0c5613823a62c4a7 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 14 Feb 2022 10:16:59 +0100 Subject: [PATCH 097/193] chore(Watchtower): Upgrade to 1.4.0 https://github.com/containrrr/watchtower/releases/tag/v1.4.0 --- watchtower/.env | 2 +- watchtower/docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/watchtower/.env b/watchtower/.env index a00e64d..722e5d5 100644 --- a/watchtower/.env +++ b/watchtower/.env @@ -1,5 +1,5 @@ WATCHTOWER_CONTAINER_NAME=watchtower -WATCHTOWER_IMAGE=containrrr/watchtower:1.0.3 +#WATCHTOWER_IMAGE= REGISTRY_DOMAIN=registry.cool.life REGISTRY_USER=kosssi REGISTRY_PASSWORD=z91PjNYpswd4ai5YoMCw58VoygJSZev7qNJ0cAlPmPBD5pVz9O diff --git a/watchtower/docker-compose.yml b/watchtower/docker-compose.yml index 52ee210..e0344e1 100644 --- a/watchtower/docker-compose.yml +++ b/watchtower/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.8' services: watchtower: container_name: ${WATCHTOWER_CONTAINER_NAME} - image: ${WATCHTOWER_IMAGE} + image: ${WATCHTOWER_IMAGE:-containrrr/watchtower:1.4.0@sha256:bbf9794a691b59ed2ed3089fec53844f14ada249ee5e372ff0e595b73f4e9ab3} restart: always command: -i 60 --label-enable --cleanup --debug # --debug -- 2.40.1 From 9f9948950cb74ef7335a149816d74b0f0c8e5697 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 14 Feb 2022 10:17:49 +0100 Subject: [PATCH 098/193] feat(Docker): Add all sha256 on services --- directus/docker-compose.yml | 2 +- drone/runner/docker-compose.yml | 2 +- drone/server/docker-compose.yml | 2 +- hedgedoc/docker-compose.yml | 2 +- mobilizon/docker-compose.yml | 2 +- nextcloud/docker-compose.yml | 2 +- redis/docker-compose.yml | 2 +- traefik/docker-compose.yml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index 125f497..e19e469 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: directus: container_name: ${DIRECTUS_CONTAINER_NAME:-directus} - image: ${DIRECTUS_IMAGE:-directus/directus:9.5.1} + image: ${DIRECTUS_IMAGE:-directus/directus:9.5.1@sha256:c21099315f8720a12c65eea30b7450a96845ba17e9313e95a3fd23867b96c289} restart: always volumes: - directus:/directus/uploads diff --git a/drone/runner/docker-compose.yml b/drone/runner/docker-compose.yml index fcfd73b..6cdb98b 100644 --- a/drone/runner/docker-compose.yml +++ b/drone/runner/docker-compose.yml @@ -7,7 +7,7 @@ version: "3.8" services: drone-runner: container_name: ${DRONE_RUNNER_CONTAINER_NAME} - image: ${DRONE_RUNNER_IMAGE:-drone/drone-runner-docker:1.8.0} + image: ${DRONE_RUNNER_IMAGE:-drone/drone-runner-docker:1.8.0@sha256:70da970bb76a62567edbea1ac8002d9484664267f4cbb49fbd7c87a753d02260} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock diff --git a/drone/server/docker-compose.yml b/drone/server/docker-compose.yml index 3cae11b..daa903a 100644 --- a/drone/server/docker-compose.yml +++ b/drone/server/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: drone-server: container_name: ${DRONE_SERVER_CONTAINER_NAME:-drone-server} - image: ${DRONE_SERVER_IMAGE:-drone/drone:2.9.1} + image: ${DRONE_SERVER_IMAGE:-drone/drone:2.9.1@sha256:674e62c62cf41e06773c1b5e89687f1d514d49db6d1bb78678a5ef86927bc479} restart: always environment: # https://docs.drone.io/server/reference/drone-rpc-secret/ diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index 0928bce..142e092 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: hedgedoc: container_name: ${HEDGEDOC_CONTAINER_NAME:-hedgedoc} - image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.9.2-ls39} + image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.9.2-ls44@sha256:e3e0ec428e043104ec626a4c89e09baf61bc8939f8a28979bdadf3a4fa6f513f} restart: always depends_on: - postgres diff --git a/mobilizon/docker-compose.yml b/mobilizon/docker-compose.yml index 7a29ec5..2317e3b 100644 --- a/mobilizon/docker-compose.yml +++ b/mobilizon/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: mobilizon: container_name: ${MOBILIZON_CONTAINER_NAME:-mobilizon} - image: ${MOBILIZON_IMAGE:-framasoft/mobilizon:2.0.2} + image: ${MOBILIZON_IMAGE:-framasoft/mobilizon:2.0.2@sha256:a703d399c35b3b685be7c154bf2ac74f5acd88d8c28dd42f05f68859d76edfd3} restart: always depends_on: - postgres diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 6e8f99b..7156317 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: nextcloud-fpm: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.3-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.3-fpm-alpine@sha256:de87108415631635649ad4b1027b6a6d06b80e28bcab87e38c59c1b943ef36d8} restart: always depends_on: - postgres diff --git a/redis/docker-compose.yml b/redis/docker-compose.yml index 35755cd..ed57335 100644 --- a/redis/docker-compose.yml +++ b/redis/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.8" services: redis: - image: ${REDIS_IMAGE:-redis:6.2.6-alpine} + image: ${REDIS_IMAGE:-redis:6.2.6-alpine@sha256:4bed291aa5efb9f0d77b76ff7d4ab71eee410962965d052552db1fb80576431d} container_name: ${REDIS_CONTAINER_NAME:-redis} restart: always environment: diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index c07e956..7f80d3d 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -11,7 +11,7 @@ networks: services: traefik: container_name: ${TRAEFIK_CONTAINER_NAME:-traefik} - image: ${TRAEFIK_IMAGE:-traefik:v2.6.0} + image: ${TRAEFIK_IMAGE:-traefik:v2.6.0@sha256:b22bd53ef626cf3667390c3e3651936b08f9c0c9107e3a6faf02e6dc06b3e0c0} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock -- 2.40.1 From c4735acbc5e95144342086b3af5ffed430e381ae Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 14 Feb 2022 10:31:18 +0100 Subject: [PATCH 099/193] chore(Nextcloud): Upgrade to 23.0.0 https://nextcloud.com/changelog/#latest23 --- nextcloud/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 7156317..7290799 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: nextcloud-fpm: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.3-fpm-alpine@sha256:de87108415631635649ad4b1027b6a6d06b80e28bcab87e38c59c1b943ef36d8} + image: ${NEXTCLOUD_IMAGE:-nextcloud:23.0.0-fpm-alpine@sha256:b02448c82a7fec3d1d0aacbeab466707929a9acbe7c069db4dca14166878ceb1} restart: always depends_on: - postgres -- 2.40.1 From ca15dfeca1178868e42919d7c092128f24f111a1 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 21 Feb 2022 22:47:11 +0100 Subject: [PATCH 100/193] chore(Grafana): Upgrade to 8.4.1 https://github.com/grafana/grafana/releases/tag/v8.4.0 https://github.com/grafana/grafana/releases/tag/v8.4.1 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 6efdc70..e0e054a 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.3.6@sha256:5b71534e0a0329f243994a09340db6625b55a33ae218d71e34ec73f824ec1e48} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.4.1@sha256:c97cdf5f24c6a8a618ec416c7c9d3568f92e2b196f89e8c656e646c06d45975e} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From 248f2fc174c5dbea2b261b41426be055f6e7ee2c Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 21 Feb 2022 22:56:02 +0100 Subject: [PATCH 101/193] chore(Nextcloud): Upgrade to 23.0.2 https://nextcloud.com/changelog/#latest23 --- nextcloud/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 7290799..3050e3e 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: nextcloud-fpm: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:23.0.0-fpm-alpine@sha256:b02448c82a7fec3d1d0aacbeab466707929a9acbe7c069db4dca14166878ceb1} + image: ${NEXTCLOUD_IMAGE:-nextcloud:23.0.2-fpm-alpine@sha256:a9dec35fab6e244a7916afd6b6f738f26590ff8c94356406f34e5a3ea30bb8be} restart: always depends_on: - postgres -- 2.40.1 From ec62e7a14c3d9f51a4b9fddbf2bcb67146110f43 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 21 Feb 2022 23:00:00 +0100 Subject: [PATCH 102/193] chore(Traefik): Upgrade to 2.6.1 https://github.com/traefik/traefik/releases/tag/v2.6.1 --- traefik/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 7f80d3d..de947d3 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -11,7 +11,7 @@ networks: services: traefik: container_name: ${TRAEFIK_CONTAINER_NAME:-traefik} - image: ${TRAEFIK_IMAGE:-traefik:v2.6.0@sha256:b22bd53ef626cf3667390c3e3651936b08f9c0c9107e3a6faf02e6dc06b3e0c0} + image: ${TRAEFIK_IMAGE:-traefik:v2.6.1@sha256:9c248cbc8c7f53de29903b1875a6d188e736916a0ef040e18707279993f39fe9} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock -- 2.40.1 From 4f2ae331df59944209117c96e0aa9a7d0e346acb Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 22 Feb 2022 11:51:34 +0100 Subject: [PATCH 103/193] feat(Redis): Add volume name --- redis/docker-compose.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/redis/docker-compose.yml b/redis/docker-compose.yml index ed57335..cb7632b 100644 --- a/redis/docker-compose.yml +++ b/redis/docker-compose.yml @@ -1,5 +1,9 @@ version: "3.8" +volumes: + redis: + name: ${REDIS_VOLUME_NAME:-redis} + services: redis: image: ${REDIS_IMAGE:-redis:6.2.6-alpine@sha256:4bed291aa5efb9f0d77b76ff7d4ab71eee410962965d052552db1fb80576431d} @@ -9,5 +13,6 @@ services: PUID: ${REDIS_PUID:-1000} PGID: ${REDIS_PGID:-1000} volumes: + - redis:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro -- 2.40.1 From 557d35b9bfcf3034738f775ddd164b9823418762 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 22 Feb 2022 11:56:17 +0100 Subject: [PATCH 104/193] docs(Redis): Add default variable on .env files --- directus/.env | 2 ++ grafana/.env | 4 ++++ nextcloud/.env | 2 ++ 3 files changed, 8 insertions(+) diff --git a/directus/.env b/directus/.env index fd81f08..b97bdd4 100644 --- a/directus/.env +++ b/directus/.env @@ -44,7 +44,9 @@ POSTGRES_VOLUME_NAME=directus-postgres ####### # REDIS +#REDIS_IMAGE= #REDIS_CONTAINER_NAME= +#REDIS_VOLUME_NAME= ######### # TRAEFIK diff --git a/grafana/.env b/grafana/.env index a7ee3e6..866aef5 100644 --- a/grafana/.env +++ b/grafana/.env @@ -34,6 +34,10 @@ GF_INSTALL_PLUGINS=grafana-piechart-panel ####### # REDIS +#REDIS_IMAGE= +#REDIS_CONTAINER_NAME= +#REDIS_VOLUME_NAME= + #GF_REMOTE_CACHE_CONNSTR= ######### diff --git a/nextcloud/.env b/nextcloud/.env index fd8e2e1..8cd5d60 100644 --- a/nextcloud/.env +++ b/nextcloud/.env @@ -39,7 +39,9 @@ POSTGRES_VOLUME_NAME=nextcloud-postgres ####### # REDIS +#REDIS_IMAGE= REDIS_CONTAINER_NAME=nextcloud-redis +#REDIS_VOLUME_NAME= ######### # TRAEFIK -- 2.40.1 From 0e1c155fbfcd05514a8f3e8d8de669c0d84fb9fa Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 22 Feb 2022 15:55:18 +0100 Subject: [PATCH 105/193] feat(Docker): Remove hash because it depends on the architecture --- directus/docker-compose.yml | 2 +- drone/runner/docker-compose.yml | 2 +- drone/server/docker-compose.yml | 2 +- gitea/docker-compose.yml | 2 +- grafana/docker-compose.yml | 2 +- hedgedoc/docker-compose.yml | 2 +- mobilizon/docker-compose.yml | 2 +- nextcloud/docker-compose.yml | 2 +- postgres/docker-compose.yml | 2 +- prometheus/docker-compose.yml | 2 +- redis/docker-compose.yml | 2 +- registry/docker-compose.yml | 2 +- traefik/docker-compose.yml | 2 +- watchtower/docker-compose.yml | 2 +- 14 files changed, 14 insertions(+), 14 deletions(-) diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index e19e469..125f497 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: directus: container_name: ${DIRECTUS_CONTAINER_NAME:-directus} - image: ${DIRECTUS_IMAGE:-directus/directus:9.5.1@sha256:c21099315f8720a12c65eea30b7450a96845ba17e9313e95a3fd23867b96c289} + image: ${DIRECTUS_IMAGE:-directus/directus:9.5.1} restart: always volumes: - directus:/directus/uploads diff --git a/drone/runner/docker-compose.yml b/drone/runner/docker-compose.yml index 6cdb98b..fcfd73b 100644 --- a/drone/runner/docker-compose.yml +++ b/drone/runner/docker-compose.yml @@ -7,7 +7,7 @@ version: "3.8" services: drone-runner: container_name: ${DRONE_RUNNER_CONTAINER_NAME} - image: ${DRONE_RUNNER_IMAGE:-drone/drone-runner-docker:1.8.0@sha256:70da970bb76a62567edbea1ac8002d9484664267f4cbb49fbd7c87a753d02260} + image: ${DRONE_RUNNER_IMAGE:-drone/drone-runner-docker:1.8.0} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock diff --git a/drone/server/docker-compose.yml b/drone/server/docker-compose.yml index daa903a..3cae11b 100644 --- a/drone/server/docker-compose.yml +++ b/drone/server/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: drone-server: container_name: ${DRONE_SERVER_CONTAINER_NAME:-drone-server} - image: ${DRONE_SERVER_IMAGE:-drone/drone:2.9.1@sha256:674e62c62cf41e06773c1b5e89687f1d514d49db6d1bb78678a5ef86927bc479} + image: ${DRONE_SERVER_IMAGE:-drone/drone:2.9.1} restart: always environment: # https://docs.drone.io/server/reference/drone-rpc-secret/ diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 7014e8c..7c3280e 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.16.1@sha256:bd36095359861e6970705a70d58ae0536f92f0d3f2d25c18ed663e94380c546a} + image: ${GITEA_IMAGE:-gitea/gitea:1.16.1} restart: always environment: # - USER_UID=1000 diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index e0e054a..2d7c4f6 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.4.1@sha256:c97cdf5f24c6a8a618ec416c7c9d3568f92e2b196f89e8c656e646c06d45975e} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.4.1} restart: always volumes: - grafana:/var/lib/grafana diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index 142e092..07ca998 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: hedgedoc: container_name: ${HEDGEDOC_CONTAINER_NAME:-hedgedoc} - image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.9.2-ls44@sha256:e3e0ec428e043104ec626a4c89e09baf61bc8939f8a28979bdadf3a4fa6f513f} + image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.9.2-ls44} restart: always depends_on: - postgres diff --git a/mobilizon/docker-compose.yml b/mobilizon/docker-compose.yml index 2317e3b..7a29ec5 100644 --- a/mobilizon/docker-compose.yml +++ b/mobilizon/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: mobilizon: container_name: ${MOBILIZON_CONTAINER_NAME:-mobilizon} - image: ${MOBILIZON_IMAGE:-framasoft/mobilizon:2.0.2@sha256:a703d399c35b3b685be7c154bf2ac74f5acd88d8c28dd42f05f68859d76edfd3} + image: ${MOBILIZON_IMAGE:-framasoft/mobilizon:2.0.2} restart: always depends_on: - postgres diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 3050e3e..c6efa21 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: nextcloud-fpm: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:23.0.2-fpm-alpine@sha256:a9dec35fab6e244a7916afd6b6f738f26590ff8c94356406f34e5a3ea30bb8be} + image: ${NEXTCLOUD_IMAGE:-nextcloud:23.0.2-fpm-alpine} restart: always depends_on: - postgres diff --git a/postgres/docker-compose.yml b/postgres/docker-compose.yml index 70dd15c..44e7d0a 100644 --- a/postgres/docker-compose.yml +++ b/postgres/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: postgres: container_name: ${POSTGRES_CONTAINER_NAME:-postgres} - image: ${POSTGRES_IMAGE:-postgres:14.2-alpine@sha256:536bc3ad5d53f1b84db958be04013024aae70449c931943ad0a55c56c28f68b3} + image: ${POSTGRES_IMAGE:-postgres:14.2-alpine} restart: always environment: POSTGRES_USER: ${POSTGRES_USER:?err} diff --git a/prometheus/docker-compose.yml b/prometheus/docker-compose.yml index 32e9f77..ddad060 100644 --- a/prometheus/docker-compose.yml +++ b/prometheus/docker-compose.yml @@ -12,7 +12,7 @@ services: build: context: . args: - PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.33.3@sha256:20c90b9a99b12b4349150e347811cc44dccdb05c291d385320be63dc12cce73b} + PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.33.3} volumes: - prometheus:/prometheus restart: always diff --git a/redis/docker-compose.yml b/redis/docker-compose.yml index cb7632b..cb0bd58 100644 --- a/redis/docker-compose.yml +++ b/redis/docker-compose.yml @@ -6,7 +6,7 @@ volumes: services: redis: - image: ${REDIS_IMAGE:-redis:6.2.6-alpine@sha256:4bed291aa5efb9f0d77b76ff7d4ab71eee410962965d052552db1fb80576431d} + image: ${REDIS_IMAGE:-redis:6.2.6-alpine} container_name: ${REDIS_CONTAINER_NAME:-redis} restart: always environment: diff --git a/registry/docker-compose.yml b/registry/docker-compose.yml index a6457ba..003cce9 100644 --- a/registry/docker-compose.yml +++ b/registry/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: registry: container_name: ${REGISTRY_CONTAINER_NAME} - image: ${REGISTRY_IMAGE:-registry:2.8.0@sha256:c26590bcf53822a542e78fab5c88e1dfbcdee91c1882f4656b7db7b542d91d97} + image: ${REGISTRY_IMAGE:-registry:2.8.0} restart: always environment: REGISTRY_AUTH: htpasswd diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index de947d3..61e093e 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -11,7 +11,7 @@ networks: services: traefik: container_name: ${TRAEFIK_CONTAINER_NAME:-traefik} - image: ${TRAEFIK_IMAGE:-traefik:v2.6.1@sha256:9c248cbc8c7f53de29903b1875a6d188e736916a0ef040e18707279993f39fe9} + image: ${TRAEFIK_IMAGE:-traefik:v2.6.1} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock diff --git a/watchtower/docker-compose.yml b/watchtower/docker-compose.yml index e0344e1..ed51860 100644 --- a/watchtower/docker-compose.yml +++ b/watchtower/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.8' services: watchtower: container_name: ${WATCHTOWER_CONTAINER_NAME} - image: ${WATCHTOWER_IMAGE:-containrrr/watchtower:1.4.0@sha256:bbf9794a691b59ed2ed3089fec53844f14ada249ee5e372ff0e595b73f4e9ab3} + image: ${WATCHTOWER_IMAGE:-containrrr/watchtower:1.4.0} restart: always command: -i 60 --label-enable --cleanup --debug # --debug -- 2.40.1 From 58e5685b4d3674bdc742cb91ace1bd8dfdc8bee0 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 22 Feb 2022 15:55:45 +0100 Subject: [PATCH 106/193] docs(Postgres): Add default variable --- postgres/.env | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/postgres/.env b/postgres/.env index 74b5f0e..1b5f33e 100644 --- a/postgres/.env +++ b/postgres/.env @@ -1,3 +1,7 @@ +#POSTGRES_VOLUME_NAME= +#POSTGRES_CONTAINER_NAME= +#POSTGRES_IMAGE= + POSTGRES_USER=user-example POSTGRES_PASSWORD=password-example POSTGRES_DB=postgres-database-name-example -- 2.40.1 From 607e6c83c28cf931f1765ab19a6593b5c871d2c4 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 22 Feb 2022 16:01:09 +0100 Subject: [PATCH 107/193] feat(ClickHouse): Add new service --- README.md | 1 + clickhouse/.env | 3 +++ clickhouse/README.md | 16 ++++++++++++++++ clickhouse/docker-compose.yml | 19 +++++++++++++++++++ 4 files changed, 39 insertions(+) create mode 100644 clickhouse/.env create mode 100644 clickhouse/README.md create mode 100644 clickhouse/docker-compose.yml diff --git a/README.md b/README.md index ee1b9dd..05ba9ec 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien ### Pour les devs / ops +- [ClickHouse](./clickhouse) : Un logiciel libre de base de données orientée colonnes pour le traitement analytique en ligne - [Drone](./drone) : Un service d'intégration continue - [Gitea](./gitea) : Un service Git auto-hébergé très simple à installer et à utiliser. Il est similaire à GitHub, Bitbucket ou Gitlab. - [Grafana](./grafana) : Un outil de supervision simple et élégant diff --git a/clickhouse/.env b/clickhouse/.env new file mode 100644 index 0000000..f3216ca --- /dev/null +++ b/clickhouse/.env @@ -0,0 +1,3 @@ +#CLICKHOUSE_VOLUME_NAME= +#CLICKHOUSE_CONTAINER_NAME= +#CLICKHOUSE_IMAGE= diff --git a/clickhouse/README.md b/clickhouse/README.md new file mode 100644 index 0000000..54182f5 --- /dev/null +++ b/clickhouse/README.md @@ -0,0 +1,16 @@ +# ClickHouse + +> ClickHouse est un logiciel libre de base de données orientée colonnes (DBMS) pour le traitement analytique en ligne (OLAP). +> +> [Wikipédia][wikipedia] + +## Liens + +- [Site Officiel][site] +- [Code source][source] +- [Docker Hub][dockerhub] + +[wikipedia]: https://fr.wikipedia.org/wiki/ClickHouse +[site]: https://clickhouse.com/ +[source]: https://github.com/ClickHouse/ClickHouse +[dockerhub]: https://hub.docker.com/r/clickhouse/clickhouse-server diff --git a/clickhouse/docker-compose.yml b/clickhouse/docker-compose.yml new file mode 100644 index 0000000..f22b192 --- /dev/null +++ b/clickhouse/docker-compose.yml @@ -0,0 +1,19 @@ +version: "3.8" + +volumes: + clickhouse: + name: ${CLICKHOUSE_VOLUME_NAME:-clickhouse} + +services: + clickhouse: + container_name: ${CLICKHOUSE_CONTAINER_NAME:-clickhouse} + image: ${CLICKHOUSE_IMAGE:-clickhouse/clickhouse-server:22.2.2.1-alpine} + restart: always + volumes: + - clickhouse:/var/lib/clickhouse + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ulimits: + nofile: + soft: 262144 + hard: 262144 -- 2.40.1 From 895623732fc6aff2cca321d460fbdb8ce189e535 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 22 Feb 2022 16:01:45 +0100 Subject: [PATCH 108/193] feat(GeoIP Update): Add new service --- README.md | 1 + geoipupdate/.env | 10 ++++++++++ geoipupdate/README.md | 14 ++++++++++++++ geoipupdate/docker-compose.yml | 22 ++++++++++++++++++++++ 4 files changed, 47 insertions(+) create mode 100644 geoipupdate/.env create mode 100644 geoipupdate/README.md create mode 100644 geoipupdate/docker-compose.yml diff --git a/README.md b/README.md index 05ba9ec..983d768 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien - [ClickHouse](./clickhouse) : Un logiciel libre de base de données orientée colonnes pour le traitement analytique en ligne - [Drone](./drone) : Un service d'intégration continue +- [GeoIP Update](./geoipupdate) : Permet de télécharger la base de données GeoIP2 permettant de localiser les IPs - [Gitea](./gitea) : Un service Git auto-hébergé très simple à installer et à utiliser. Il est similaire à GitHub, Bitbucket ou Gitlab. - [Grafana](./grafana) : Un outil de supervision simple et élégant - [PostgreSQL](./postgres) : PostgreSQL est un système de gestion de base de données relationnelle et objet. diff --git a/geoipupdate/.env b/geoipupdate/.env new file mode 100644 index 0000000..78546bd --- /dev/null +++ b/geoipupdate/.env @@ -0,0 +1,10 @@ +#GEOIPUPDATE_VOLUME_NAME= +#GEOIPUPDATE_IMAGE= +#GEOIPUPDATE_CONTAINER_NAME= + +GEOIPUPDATE_ACCOUNT_ID= +GEOIPUPDATE_LICENSE_KEY= +#GEOIPUPDATE_EDITION_IDS= +#GEOIPUPDATE_FREQUENCY= +#GEOIPUPDATE_VERBOSE= +#GEOIPUPDATE_DB_DIR= diff --git a/geoipupdate/README.md b/geoipupdate/README.md new file mode 100644 index 0000000..7efc7fc --- /dev/null +++ b/geoipupdate/README.md @@ -0,0 +1,14 @@ +# HedgeDoc + +> Permet de télécharger la base de données GeoIP2 permettant de localiser les IPs + +## Liens + +- [Site officiel][website] +- [Github][github] +- [L'image Docker de LinuxServer][docker] + +[website]: https://www.maxmind.com/en/home +[docker]: https://hub.docker.com/r/maxmindinc/geoipupdate +[github]: https://github.com/maxmind/geoipupdate +[documentation]: https://dev.maxmind.com/geoip/updating-databases diff --git a/geoipupdate/docker-compose.yml b/geoipupdate/docker-compose.yml new file mode 100644 index 0000000..215090b --- /dev/null +++ b/geoipupdate/docker-compose.yml @@ -0,0 +1,22 @@ +--- + +version: "3.8" + +volumes: + geoipupdate: + name: ${GEOIPUPDATE_VOLUME_NAME:-geoipupdate} + +services: + geoipupdate: + image: ${GEOIPUPDATE_IMAGE:-maxmindinc/geoipupdate:v4.9.0} + container_name: ${GEOIPUPDATE_CONTAINER_NAME:-geoip-updater} + restart: always + volumes: + - geoip:${GEOIPUPDATE_DB_DIR:-/usr/share/GeoIP} + environment: + GEOIPUPDATE_ACCOUNT_ID: ${GEOIPUPDATE_ACCOUNT_ID:?err} + GEOIPUPDATE_LICENSE_KEY: ${GEOIPUPDATE_LICENSE_KEY:?err} + GEOIPUPDATE_EDITION_IDS: ${GEOIPUPDATE_EDITION_IDS:-GeoLite2-City} + GEOIPUPDATE_FREQUENCY: ${GEOIP_SCHEDULE:-72} + GEOIPUPDATE_VERBOSE: ${GEOIPUPDATE_VERBOSE:-false} + GEOIPUPDATE_DB_DIR: ${GEOIPUPDATE_DB_DIR:-/usr/share/GeoIP} -- 2.40.1 From 5d4d7ad7fb31a2a194cb4c410802a541cb2075a1 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 22 Feb 2022 16:02:03 +0100 Subject: [PATCH 109/193] feat(Plausible): Add new service --- README.md | 1 + plausible/.env | 68 +++++++++++++++++++++++++ plausible/README.md | 15 ++++++ plausible/clickhouse-config.xml | 14 +++++ plausible/clickhouse-user-config.xml | 8 +++ plausible/docker-compose.clickhouse.yml | 7 +++ plausible/docker-compose.geoip.yml | 10 ++++ plausible/docker-compose.google.yml | 7 +++ plausible/docker-compose.local.yml | 6 +++ plausible/docker-compose.smtp.yml | 12 +++++ plausible/docker-compose.traefik.yml | 13 +++++ plausible/docker-compose.yml | 28 ++++++++++ 12 files changed, 189 insertions(+) create mode 100644 plausible/.env create mode 100644 plausible/README.md create mode 100644 plausible/clickhouse-config.xml create mode 100644 plausible/clickhouse-user-config.xml create mode 100644 plausible/docker-compose.clickhouse.yml create mode 100644 plausible/docker-compose.geoip.yml create mode 100644 plausible/docker-compose.google.yml create mode 100644 plausible/docker-compose.local.yml create mode 100644 plausible/docker-compose.smtp.yml create mode 100644 plausible/docker-compose.traefik.yml create mode 100644 plausible/docker-compose.yml diff --git a/README.md b/README.md index 983d768..60e30a6 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien - [HedgeDoc](./hedgedoc) : Prise de note en Markdown collaborative en temps réel - [Mobilizon](./mobilizon): Permet l'organisation d'évènements et de gestion de groupes - [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration +- [Plausible](./plausible) : Plausible est une plateforme d'analyse Web légère et open source. ### Pour les devs / ops diff --git a/plausible/.env b/plausible/.env new file mode 100644 index 0000000..755d2c5 --- /dev/null +++ b/plausible/.env @@ -0,0 +1,68 @@ +######## +# DOCKER + +#DOCKER_CONTEXT= +#DOCKER_HOST= +SERVICES_DIR=.. +COMPOSE_FILE=${SERVICES_DIR}/plausible/docker-compose.yml:${SERVICES_DIR}/plausible/docker-compose.clickhouse.yml:${SERVICES_DIR}/plausible/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/clickhouse/docker-compose.yml +#COMPOSE_PROJECT_NAME= + +## APP + +PLAUSIBLE_DOMAIN=http://localhost:8000 +#PLAUSIBLE_CONTAINER_NAME=plausible +#PLAUSIBLE_VOLUME_NAME=plausible +#PLAUSIBLE_IMAGE=plausible/analytics:v1.4.4 + +ADMIN_USER_NAME=example +ADMIN_USER_EMAIL=email@example.org +ADMIN_USER_PWD=change-me +SECRET_KEY_BASE=AFnMQwN54ovHIqCQQGFZX5gUFpgpxasCEnzQwQsyfZLPRbiwzDYAqYDJQlQM8SbmicVJr97axXaSCfXD9zSEQQ== + +## POSTGRES + +#POSTGRES_VOLUME_NAME= +#POSTGRES_CONTAINER_NAME= +#POSTGRES_IMAGE= +POSTGRES_USER=user-example +POSTGRES_PASSWORD=password-example +POSTGRES_DB=plausible_dev + +## CLICKHOUSE + +#CLICKHOUSE_VOLUME_NAME= +#CLICKHOUSE_CONTAINER_NAME= +#CLICKHOUSE_IMAGE= + +## SMTP + +#MAILER_EMAIL= +#SMTP_HOST_ADDR= +#SMTP_HOST_PORT= +#SMTP_USER_NAME= +#SMTP_USER_PWD= +#SMTP_HOST_SSL_ENABLED= +#SMTP_RETRIES= + +## GOOGLE SEARCH CONSOLE + +#GOOGLE_CLIENT_ID= +#GOOGLE_CLIENT_SECRET= + +## GEOIPUPDATE + +#GEOIPUPDATE_VOLUME_NAME= +#GEOIPUPDATE_IMAGE= +#GEOIPUPDATE_CONTAINER_NAME= +#GEOIPUPDATE_ACCOUNT_ID= +#GEOIPUPDATE_LICENSE_KEY= +#GEOIPUPDATE_EDITION_IDS=GeoLite2-Country +#GEOIPUPDATE_FREQUENCY= +#GEOIPUPDATE_VERBOSE= +#GEOIPUPDATE_DB_DIR= + +## TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= +#TRAEFIK_ENTRYPOINTS= diff --git a/plausible/README.md b/plausible/README.md new file mode 100644 index 0000000..30e97e1 --- /dev/null +++ b/plausible/README.md @@ -0,0 +1,15 @@ +# Plausible + +> Plausible est une plateforme d'analyse Web légère et open source. + +## Liens + +- [Site Officiel][site] +- [Documentation][documentation] +- [Code source][source] +- [Docker Hub][dockerhub] + +[site]: https://plausible.io/ +[source]: https://github.com/plausible/analytics +[documentation]: https://plausible.io/docs +[dockerhub]: https://hub.docker.com/r/plausible/analytics diff --git a/plausible/clickhouse-config.xml b/plausible/clickhouse-config.xml new file mode 100644 index 0000000..ddd5f1c --- /dev/null +++ b/plausible/clickhouse-config.xml @@ -0,0 +1,14 @@ + + + warning + true + + + + + + + + + + diff --git a/plausible/clickhouse-user-config.xml b/plausible/clickhouse-user-config.xml new file mode 100644 index 0000000..f795286 --- /dev/null +++ b/plausible/clickhouse-user-config.xml @@ -0,0 +1,8 @@ + + + + 0 + 0 + + + diff --git a/plausible/docker-compose.clickhouse.yml b/plausible/docker-compose.clickhouse.yml new file mode 100644 index 0000000..443d044 --- /dev/null +++ b/plausible/docker-compose.clickhouse.yml @@ -0,0 +1,7 @@ +version: "3.8" + +services: + clickhouse: + volumes: + - ./clickhouse-config.xml:/etc/clickhouse-server/config.d/logging.xml:ro + - ./clickhouse-user-config.xml:/etc/clickhouse-server/users.d/logging.xml:ro diff --git a/plausible/docker-compose.geoip.yml b/plausible/docker-compose.geoip.yml new file mode 100644 index 0000000..6c9fe71 --- /dev/null +++ b/plausible/docker-compose.geoip.yml @@ -0,0 +1,10 @@ +version: "3.8" + +services: + plausible: + depends_on: + - geoipupdate + environment: + - GEOLITE2_COUNTRY_DB=/geoip/GeoLite2-Country.mmdb + volumes: + - geoipupdate:/geoip:ro diff --git a/plausible/docker-compose.google.yml b/plausible/docker-compose.google.yml new file mode 100644 index 0000000..dfb4c6c --- /dev/null +++ b/plausible/docker-compose.google.yml @@ -0,0 +1,7 @@ +version: "3.8" + +services: + plausible: + environment: + GOOGLE_CLIENT_ID: ${GOOGLE_CLIENT_ID:?err} + GOOGLE_CLIENT_SECRET: ${GOOGLE_CLIENT_SECRET:?err} diff --git a/plausible/docker-compose.local.yml b/plausible/docker-compose.local.yml new file mode 100644 index 0000000..f1ceb7f --- /dev/null +++ b/plausible/docker-compose.local.yml @@ -0,0 +1,6 @@ +version: "3.8" + +services: + plausible: + ports: + - ${LOCAL_PORT:-8000}:8000 diff --git a/plausible/docker-compose.smtp.yml b/plausible/docker-compose.smtp.yml new file mode 100644 index 0000000..fc0dea5 --- /dev/null +++ b/plausible/docker-compose.smtp.yml @@ -0,0 +1,12 @@ +version: "3.8" + +services: + plausible: + environment: + MAILER_EMAIL: ${MAILER_EMAIL:-hello@plausible.local} + SMTP_HOST_ADDR: ${SMTP_HOST_ADDR:-localhost} + SMTP_HOST_PORT: ${SMTP_HOST_PORT:-25} + SMTP_USER_NAME: ${SMTP_USER_NAME} + SMTP_USER_PWD: ${SMTP_USER_PWD} + SMTP_HOST_SSL_ENABLED: ${SMTP_HOST_SSL_ENABLED:-false} + SMTP_RETRIES: ${SMTP_RETRIES:-2} diff --git a/plausible/docker-compose.traefik.yml b/plausible/docker-compose.traefik.yml new file mode 100644 index 0000000..04cd7b6 --- /dev/null +++ b/plausible/docker-compose.traefik.yml @@ -0,0 +1,13 @@ +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + plausible: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-plausible}.rule=Host(`${PLAUSIBLE_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-plausible}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} diff --git a/plausible/docker-compose.yml b/plausible/docker-compose.yml new file mode 100644 index 0000000..b535e93 --- /dev/null +++ b/plausible/docker-compose.yml @@ -0,0 +1,28 @@ +version: "3.8" + +volumes: + plausible: + name: ${PLAUSIBLE_VOLUME_NAME:-plausible} + +services: + plausible: + container_name: ${PLAUSIBLE_CONTAINER_NAME:-plausible} + image: ${PLAUSIBLE_IMAGE:-plausible/analytics:v1.4.4} + restart: always + command: ${PLAUSIBLE_DOCKER_COMMAND:-sh -c "sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh db init-admin && /entrypoint.sh run"} + depends_on: + - clickhouse + - postgres + environment: + ADMIN_USER_NAME: ${ADMIN_USER_NAME:?err} + ADMIN_USER_EMAIL: ${ADMIN_USER_EMAIL:?err} + ADMIN_USER_PWD: ${ADMIN_USER_PWD:?err} + BASE_URL: ${PLAUSIBLE_DOMAIN} + SECRET_KEY_BASE: ${SECRET_KEY_BASE:?err} + DISABLE_AUTH: ${DISABLE_AUTH:-false} + DISABLE_REGISTRATION: ${DISABLE_REGISTRATION:-false} + DATABASE_URL: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@${POSTGRES_CONTAINER_NAME:-postgres}:5432/${POSTGRES_DB:?err} + CLICKHOUSE_DATABASE_URL: http://${CLICKHOUSE_CONTAINER_NAME:-clickhouse}:8123/${CLICKHOUSE_CONTAINER_NAME:-clickhouse} + volumes: + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro -- 2.40.1 From 7bc9788cd8ea66cb7088cf7be2df1b5c37d23f01 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 22 Feb 2022 16:28:41 +0100 Subject: [PATCH 110/193] fix(Plausible): BASE_URL != PLAUSIBLE_DOMAIN --- plausible/.env | 3 ++- plausible/docker-compose.yml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/plausible/.env b/plausible/.env index 755d2c5..f4b4b29 100644 --- a/plausible/.env +++ b/plausible/.env @@ -9,7 +9,8 @@ COMPOSE_FILE=${SERVICES_DIR}/plausible/docker-compose.yml:${SERVICES_DIR}/plausi ## APP -PLAUSIBLE_DOMAIN=http://localhost:8000 +PLAUSIBLE_DOMAIN=localhost +BASE_URL=http://${PLAUSIBLE_DOMAIN}:8000 #PLAUSIBLE_CONTAINER_NAME=plausible #PLAUSIBLE_VOLUME_NAME=plausible #PLAUSIBLE_IMAGE=plausible/analytics:v1.4.4 diff --git a/plausible/docker-compose.yml b/plausible/docker-compose.yml index b535e93..f8875e4 100644 --- a/plausible/docker-compose.yml +++ b/plausible/docker-compose.yml @@ -17,7 +17,7 @@ services: ADMIN_USER_NAME: ${ADMIN_USER_NAME:?err} ADMIN_USER_EMAIL: ${ADMIN_USER_EMAIL:?err} ADMIN_USER_PWD: ${ADMIN_USER_PWD:?err} - BASE_URL: ${PLAUSIBLE_DOMAIN} + BASE_URL: ${BASE_URL} SECRET_KEY_BASE: ${SECRET_KEY_BASE:?err} DISABLE_AUTH: ${DISABLE_AUTH:-false} DISABLE_REGISTRATION: ${DISABLE_REGISTRATION:-false} -- 2.40.1 From 361f9b7d69ab7c65857f4ca2fd3a776919ae0f27 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 22 Feb 2022 16:58:44 +0100 Subject: [PATCH 111/193] fix(GeoIp Update): volume name --- geoipupdate/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/geoipupdate/docker-compose.yml b/geoipupdate/docker-compose.yml index 215090b..dc3a99d 100644 --- a/geoipupdate/docker-compose.yml +++ b/geoipupdate/docker-compose.yml @@ -12,7 +12,7 @@ services: container_name: ${GEOIPUPDATE_CONTAINER_NAME:-geoip-updater} restart: always volumes: - - geoip:${GEOIPUPDATE_DB_DIR:-/usr/share/GeoIP} + - geoipupdate:${GEOIPUPDATE_DB_DIR:-/usr/share/GeoIP} environment: GEOIPUPDATE_ACCOUNT_ID: ${GEOIPUPDATE_ACCOUNT_ID:?err} GEOIPUPDATE_LICENSE_KEY: ${GEOIPUPDATE_LICENSE_KEY:?err} -- 2.40.1 From 30fd1db0a325d1690686527b78813291a1371a1e Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 22 Feb 2022 19:12:54 +0100 Subject: [PATCH 112/193] fix(GeoIP Update): Frequency --- geoipupdate/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/geoipupdate/docker-compose.yml b/geoipupdate/docker-compose.yml index dc3a99d..9e83d1e 100644 --- a/geoipupdate/docker-compose.yml +++ b/geoipupdate/docker-compose.yml @@ -17,6 +17,6 @@ services: GEOIPUPDATE_ACCOUNT_ID: ${GEOIPUPDATE_ACCOUNT_ID:?err} GEOIPUPDATE_LICENSE_KEY: ${GEOIPUPDATE_LICENSE_KEY:?err} GEOIPUPDATE_EDITION_IDS: ${GEOIPUPDATE_EDITION_IDS:-GeoLite2-City} - GEOIPUPDATE_FREQUENCY: ${GEOIP_SCHEDULE:-72} + GEOIPUPDATE_FREQUENCY: ${GEOIPUPDATE_FREQUENCY:-72} GEOIPUPDATE_VERBOSE: ${GEOIPUPDATE_VERBOSE:-false} GEOIPUPDATE_DB_DIR: ${GEOIPUPDATE_DB_DIR:-/usr/share/GeoIP} -- 2.40.1 From d951d0c8f56df301c5de361b9daaaf6033eb2d82 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 22 Feb 2022 19:13:15 +0100 Subject: [PATCH 113/193] docs(Plausible): Add default variables --- plausible/.env | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plausible/.env b/plausible/.env index f4b4b29..80eebb8 100644 --- a/plausible/.env +++ b/plausible/.env @@ -19,6 +19,8 @@ ADMIN_USER_NAME=example ADMIN_USER_EMAIL=email@example.org ADMIN_USER_PWD=change-me SECRET_KEY_BASE=AFnMQwN54ovHIqCQQGFZX5gUFpgpxasCEnzQwQsyfZLPRbiwzDYAqYDJQlQM8SbmicVJr97axXaSCfXD9zSEQQ== +#DISABLE_AUTH= +#DISABLE_REGISTRATION= ## POSTGRES -- 2.40.1 From 768bf9b71d6731cb7f479f979322c62d40637800 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 23 Feb 2022 09:59:05 +0100 Subject: [PATCH 114/193] feat(Plausible): Add more environment variables --- plausible/docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plausible/docker-compose.yml b/plausible/docker-compose.yml index f8875e4..56ed4f9 100644 --- a/plausible/docker-compose.yml +++ b/plausible/docker-compose.yml @@ -23,6 +23,8 @@ services: DISABLE_REGISTRATION: ${DISABLE_REGISTRATION:-false} DATABASE_URL: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@${POSTGRES_CONTAINER_NAME:-postgres}:5432/${POSTGRES_DB:?err} CLICKHOUSE_DATABASE_URL: http://${CLICKHOUSE_CONTAINER_NAME:-clickhouse}:8123/${CLICKHOUSE_CONTAINER_NAME:-clickhouse} + SITE_LIMIT: ${SITE_LIMIT:-3} + SELFHOST: ${SELFHOST:-true} volumes: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro -- 2.40.1 From 47ce108eb6c990208e8e5c6f45afa846fa3d596d Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Mar 2022 10:58:08 +0100 Subject: [PATCH 115/193] chore(Directus): Upgrade to 9.6.0 https://github.com/directus/directus/releases/tag/v9.6.0 --- directus/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index 125f497..b44ba75 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: directus: container_name: ${DIRECTUS_CONTAINER_NAME:-directus} - image: ${DIRECTUS_IMAGE:-directus/directus:9.5.1} + image: ${DIRECTUS_IMAGE:-directus/directus:9.6.0} restart: always volumes: - directus:/directus/uploads -- 2.40.1 From a60026a6726b14d1df33c710f77cc807c577f99f Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Mar 2022 11:09:18 +0100 Subject: [PATCH 116/193] chore(Grafana): Upgrade to 8.4.3 https://github.com/grafana/grafana/releases/tag/v8.4.3 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 2d7c4f6..dcba3c7 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.4.1} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.4.3} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From 63246c442c008f64f999066342be21232f7f85c6 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Mar 2022 11:11:39 +0100 Subject: [PATCH 117/193] chore(Prometheus): Upgrade to 2.33.4 https://github.com/prometheus/prometheus/releases/tag/v2.33.4 --- prometheus/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prometheus/docker-compose.yml b/prometheus/docker-compose.yml index ddad060..66fd702 100644 --- a/prometheus/docker-compose.yml +++ b/prometheus/docker-compose.yml @@ -12,7 +12,7 @@ services: build: context: . args: - PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.33.3} + PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.33.4} volumes: - prometheus:/prometheus restart: always -- 2.40.1 From 1931adafa4c304461e7cc61928bc0fa5c374a571 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Mar 2022 11:15:32 +0100 Subject: [PATCH 118/193] chore(Drone Server): Upgrade to 2.10.0 https://github.com/harness/drone/releases/tag/v2.10.0 --- drone/server/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drone/server/docker-compose.yml b/drone/server/docker-compose.yml index 3cae11b..ed28ce5 100644 --- a/drone/server/docker-compose.yml +++ b/drone/server/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: drone-server: container_name: ${DRONE_SERVER_CONTAINER_NAME:-drone-server} - image: ${DRONE_SERVER_IMAGE:-drone/drone:2.9.1} + image: ${DRONE_SERVER_IMAGE:-drone/drone:2.10.0} restart: always environment: # https://docs.drone.io/server/reference/drone-rpc-secret/ -- 2.40.1 From 1f7e6102970c60cc722bf38745b1e0b0035e9dc3 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Mar 2022 11:20:33 +0100 Subject: [PATCH 119/193] chore(Gitea): Upgrade to 1.16.3 https://github.com/go-gitea/gitea/releases/tag/v1.16.3 --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 7c3280e..a43804e 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.16.1} + image: ${GITEA_IMAGE:-gitea/gitea:1.16.3} restart: always environment: # - USER_UID=1000 -- 2.40.1 From cfd8b5a2ce5f9ce4282167c15c9af50169904c7a Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Mar 2022 11:51:21 +0100 Subject: [PATCH 120/193] feat(Directus): Add timezone variable --- directus/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index b44ba75..cc5f093 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -13,8 +13,6 @@ services: restart: always volumes: - directus:/directus/uploads - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro depends_on: - postgres - redis @@ -34,5 +32,7 @@ services: DB_USER: ${POSTGRES_USER:?err} DB_PASSWORD: ${POSTGRES_PASSWORD:?err} + TZ: ${TZ:-Europe/Paris} + PUID: ${DIRECTUS_PUID:-1000} PGID: ${DIRECTUS_PGID:-1000} -- 2.40.1 From c4248a6f97b5b9bc45d7225ef87849d86524ba4f Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Mar 2022 11:51:48 +0100 Subject: [PATCH 121/193] feat(Plausible): Add log level variable --- plausible/docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/plausible/docker-compose.yml b/plausible/docker-compose.yml index 56ed4f9..1834df3 100644 --- a/plausible/docker-compose.yml +++ b/plausible/docker-compose.yml @@ -25,6 +25,7 @@ services: CLICKHOUSE_DATABASE_URL: http://${CLICKHOUSE_CONTAINER_NAME:-clickhouse}:8123/${CLICKHOUSE_CONTAINER_NAME:-clickhouse} SITE_LIMIT: ${SITE_LIMIT:-3} SELFHOST: ${SELFHOST:-true} + LOG_LEVEL: ${LOG_LEVEL:-warn} volumes: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro -- 2.40.1 From db74e9229169a74f1eb891d5c374cb30c86b9abc Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 7 Mar 2022 16:02:21 +0100 Subject: [PATCH 122/193] fix(Hedgedoc): Update backup folder --- hedgedoc/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index 07ca998..27c08a6 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -12,7 +12,7 @@ services: depends_on: - postgres volumes: - - hedgedoc:/opt/hedgedoc/public/uploads + - hedgedoc:/config/uploads - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro environment: -- 2.40.1 From 9d3175df696e2c20a0c6a397271a382afad50a8d Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 13 Apr 2022 22:56:15 +0200 Subject: [PATCH 123/193] chore(Directus): Upgrade to 9.8.0 https://github.com/directus/directus/releases/tag/v9.8.0 --- directus/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index cc5f093..1422d1d 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: directus: container_name: ${DIRECTUS_CONTAINER_NAME:-directus} - image: ${DIRECTUS_IMAGE:-directus/directus:9.6.0} + image: ${DIRECTUS_IMAGE:-directus/directus:9.8.0} restart: always volumes: - directus:/directus/uploads -- 2.40.1 From 62a5159232de209d18dbbe51c15d5eb31bf3ec02 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 13 Apr 2022 22:58:18 +0200 Subject: [PATCH 124/193] chore(Drone): Upgrade to 2.11.1 https://github.com/harness/drone/releases/tag/v2.11.1 --- drone/server/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drone/server/docker-compose.yml b/drone/server/docker-compose.yml index ed28ce5..ae49725 100644 --- a/drone/server/docker-compose.yml +++ b/drone/server/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: drone-server: container_name: ${DRONE_SERVER_CONTAINER_NAME:-drone-server} - image: ${DRONE_SERVER_IMAGE:-drone/drone:2.10.0} + image: ${DRONE_SERVER_IMAGE:-drone/drone:2.11.1} restart: always environment: # https://docs.drone.io/server/reference/drone-rpc-secret/ -- 2.40.1 From 3a7e863d0cf343ad57db63bf856f66fc25a1e6c7 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 13 Apr 2022 22:59:46 +0200 Subject: [PATCH 125/193] chore(Gitea): Upgrade to 1.16.5 https://github.com/go-gitea/gitea/releases/tag/v1.16.5 --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index a43804e..a2ae51c 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.16.3} + image: ${GITEA_IMAGE:-gitea/gitea:1.16.5} restart: always environment: # - USER_UID=1000 -- 2.40.1 From 7498f639746ba5b3f645aa7c9ae03209d07653da Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 13 Apr 2022 23:03:44 +0200 Subject: [PATCH 126/193] chore(Grafana): Upgrade to 8.4.6 https://github.com/grafana/grafana/releases/tag/v8.4.6 --- grafana/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index dcba3c7..88aa1f9 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: grafana: container_name: ${GRAFANA_CONTAINER_NAME:-grafana} - image: ${GRAFANA_IMAGE:-grafana/grafana:8.4.3} + image: ${GRAFANA_IMAGE:-grafana/grafana:8.4.6} restart: always volumes: - grafana:/var/lib/grafana -- 2.40.1 From 5b6ce7cfcdec19677a61a117e8eb25f8b7f17920 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 13 Apr 2022 23:08:01 +0200 Subject: [PATCH 127/193] chore(Hedgedoc): Upgrade to 1.9.3 https://github.com/hedgedoc/hedgedoc/releases/tag/1.9.3 --- hedgedoc/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index 27c08a6..204d0a2 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: hedgedoc: container_name: ${HEDGEDOC_CONTAINER_NAME:-hedgedoc} - image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.9.2-ls44} + image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.9.3-ls53} restart: always depends_on: - postgres -- 2.40.1 From ec4ae3a8b8571d7be1aa162a08e59bb7169debac Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 13 Apr 2022 23:10:15 +0200 Subject: [PATCH 128/193] chore(Nextcloud): Upgrade to 23.0.3 https://nextcloud.com/changelog/#latest23 --- nextcloud/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index c6efa21..909e536 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: nextcloud-fpm: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:23.0.2-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:23.0.3-fpm-alpine} restart: always depends_on: - postgres -- 2.40.1 From 10337ac53cbbfab3f8fbccdbdf551aa743bf9fe5 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 13 Apr 2022 23:13:22 +0200 Subject: [PATCH 129/193] chore(Prometheus): Upgrade to 2.34.0 https://github.com/prometheus/prometheus/releases/tag/v2.34.0 --- prometheus/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prometheus/docker-compose.yml b/prometheus/docker-compose.yml index 66fd702..b97b1e3 100644 --- a/prometheus/docker-compose.yml +++ b/prometheus/docker-compose.yml @@ -12,7 +12,7 @@ services: build: context: . args: - PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.33.4} + PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.34.0} volumes: - prometheus:/prometheus restart: always -- 2.40.1 From 8da5cc41eda6c103eca0c586f4a5d0d71eb021cc Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 13 Apr 2022 23:15:32 +0200 Subject: [PATCH 130/193] chore(Registry): Upgrade to 2.8.1 https://github.com/distribution/distribution/releases/tag/v2.8.1 --- registry/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/registry/docker-compose.yml b/registry/docker-compose.yml index 003cce9..fd228a9 100644 --- a/registry/docker-compose.yml +++ b/registry/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: registry: container_name: ${REGISTRY_CONTAINER_NAME} - image: ${REGISTRY_IMAGE:-registry:2.8.0} + image: ${REGISTRY_IMAGE:-registry:2.8.1} restart: always environment: REGISTRY_AUTH: htpasswd -- 2.40.1 From ec25f4b76f8317f756cdebf25907396fafb694d9 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 13 Apr 2022 23:16:23 +0200 Subject: [PATCH 131/193] chore(Traefik): Upgrade to 2.6.3 https://github.com/traefik/traefik/releases/tag/v2.6.3 --- traefik/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 61e093e..651a062 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -11,7 +11,7 @@ networks: services: traefik: container_name: ${TRAEFIK_CONTAINER_NAME:-traefik} - image: ${TRAEFIK_IMAGE:-traefik:v2.6.1} + image: ${TRAEFIK_IMAGE:-traefik:v2.6.3} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock -- 2.40.1 From efcd3891ba37daa11d4a45a8b0c395e552256697 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 15 Apr 2022 14:54:08 +0200 Subject: [PATCH 132/193] feat(Vikunja): Add new service --- README.md | 3 +- vikunja/.env | 86 +++++++++++++++++++++++++++ vikunja/README.md | 12 ++++ vikunja/docker-compose.local.yml | 11 ++++ vikunja/docker-compose.logs.yml | 17 ++++++ vikunja/docker-compose.postgres.yml | 19 ++++++ vikunja/docker-compose.prometheus.yml | 10 ++++ vikunja/docker-compose.redis.yml | 16 +++++ vikunja/docker-compose.smtp.yml | 18 ++++++ vikunja/docker-compose.traefik.yml | 21 +++++++ vikunja/docker-compose.yml | 42 +++++++++++++ 11 files changed, 254 insertions(+), 1 deletion(-) create mode 100644 vikunja/.env create mode 100644 vikunja/README.md create mode 100644 vikunja/docker-compose.local.yml create mode 100644 vikunja/docker-compose.logs.yml create mode 100644 vikunja/docker-compose.postgres.yml create mode 100644 vikunja/docker-compose.prometheus.yml create mode 100644 vikunja/docker-compose.redis.yml create mode 100644 vikunja/docker-compose.smtp.yml create mode 100644 vikunja/docker-compose.traefik.yml create mode 100644 vikunja/docker-compose.yml diff --git a/README.md b/README.md index 60e30a6..f3ee893 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,8 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien - [HedgeDoc](./hedgedoc) : Prise de note en Markdown collaborative en temps réel - [Mobilizon](./mobilizon): Permet l'organisation d'évènements et de gestion de groupes - [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration -- [Plausible](./plausible) : Plausible est une plateforme d'analyse Web légère et open source. +- [Plausible](./plausible) : Plausible est une plateforme d'analyse Web légère et open source +- [Vikunja](./vikunja) : L'application pour organiser sa vie ### Pour les devs / ops diff --git a/vikunja/.env b/vikunja/.env new file mode 100644 index 0000000..62a1d6f --- /dev/null +++ b/vikunja/.env @@ -0,0 +1,86 @@ +######## +# DOCKER + +#DOCKER_CONTEXT= +#DOCKER_HOST= +SERVICES_DIR=.. +COMPOSE_FILE=${SERVICES_DIR}/vikunja/docker-compose.yml:${SERVICES_DIR}/vikunja/docker-compose.local.yml:${SERVICES_DIR}/vikunja/docker-compose.postgres.yml:${SERVICES_DIR}/postgres/docker-compose.yml +#COMPOSE_PROJECT_NAME= + +## APP + +#VIKUNJA_API_IMAGE= +#VIKUNJA_FRONTEND_IMAGE= +VIKUNJA_CONTAINER_NAME=vikunja +VIKUNJA_VOLUME_NAME=vikunja + +VIKUNJA_DOMAIN=vikunja.example.org +VIKUNJA_SERVICE_FRONTENDURL=https://vikunja.example.org/ + +VIKUNJA_SERVICE_JWTSECRET=change-me +#VIKUNJA_SERVICE_JWTTTL=259200 +#VIKUNJA_SERVICE_JWTTTLLONG=2592000 +#VIKUNJA_SERVICE_MAXITEMSPERPAGE=50 +#VIKUNJA_SERVICE_ENABLECALDAV=true +#VIKUNJA_SERVICE_ENABLELINKSHARING=true +#VIKUNJA_SERVICE_ENABLEREGISTRATION=true +#VIKUNJA_SERVICE_ENABLETASKATTACHMENTS=true +#VIKUNJA_SERVICE_TIMEZONE=GMT +#VIKUNJA_SERVICE_ENABLETASKCOMMENTS=true +#VIKUNJA_SERVICE_ENABLETOTP=true +#VIKUNJA_SERVICE_ENABLEEMAILREMINDERS=true +#VIKUNJA_SERVICE_ENABLEUSERDELETION=true +#VIKUNJA_FILES_BASEPATH=./files +#VIKUNJA_FILES_MAXSIZE=20MB + +########## +# POSTGRES + +#POSTGRES_IMAGE= +POSTGRES_CONTAINER_NAME=vikunja-postgres-example +POSTGRES_DB=vikunja-postgres-database-example +POSTGRES_USER=vikunja-postgres-user-example +POSTGRES_PASSWORD=vikunja-postgres-password-example +POSTGRES_VOLUME_NAME=vikunja-postgres-example + +#VIKUNJA_DATABASE_TYPE=postgres +#VIKUNJA_DATABASE_MAXOPENCONNECTIONS=100 +#VIKUNJA_DATABASE_MAXIDLECONNECTIONS=50 +#VIKUNJA_DATABASE_MAXCONNECTIONLIFETIME=10000 +#VIKUNJA_DATABASE_SSLMODE=disable + +###### +# SMTP + +#VIKUNJA_MAILER_ENABLED=true +#VIKUNJA_MAILER_SKIPTLSVERIFY=false +#VIKUNJA_MAILER_QUEUELENGTH=100 +#VIKUNJA_MAILER_QUEUETIMEOUT=30 +#VIKUNJA_MAILER_FORCESSL=false + +VIKUNJA_MAILER_HOST= +#VIKUNJA_MAILER_PORT=465 +VIKUNJA_MAILER_USERNAME= +VIKUNJA_MAILER_PASSWORD= +VIKUNJA_MAILER_FROMEMAIL= + +############ +# PROMETHEUS + +#VIKUNJA_METRICS_ENABLED=false +#VIKUNJA_METRICS_USERNAME= +#VIKUNJA_METRICS_PASSWORD= + +####### +# REDIS + +#REDIS_IMAGE= +REDIS_CONTAINER_NAME=vikunja-redis +REDIS_VOLUME_NAME=vikunja-redis + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME=traefik +#TRAEFIK_ROUTER_NAME=vikunja +#TRAEFIK_ENTRYPOINTS=web diff --git a/vikunja/README.md b/vikunja/README.md new file mode 100644 index 0000000..708a150 --- /dev/null +++ b/vikunja/README.md @@ -0,0 +1,12 @@ +# Vikunja + +> Vikunja est une application auto-hébergeable (facilement installable avec Yunohost) de gestion de tâches, utilisable depuis son navigateur ou un client desktop. Bien que jeune, l'application offre déjà de nombreuses fonctionnalités. +> +> [Framalibre](https://framalibre.org/content/vikunja) + +## Liens + +- [Site officiel](https://vikunja.io/) +- [Code source](https://kolaente.dev/vikunja/) +- [Docker Hub](https://hub.docker.com/u/vikunja) +- [Forum](https://community.vikunja.io/) diff --git a/vikunja/docker-compose.local.yml b/vikunja/docker-compose.local.yml new file mode 100644 index 0000000..dbfbc28 --- /dev/null +++ b/vikunja/docker-compose.local.yml @@ -0,0 +1,11 @@ +version: "3.8" + +services: + vikunja_api: + ports: + - 3456:3456 + vikunja_frontend: + ports: + - ${LOCAL_PORT:-80}:80 + environment: + VIKUNJA_API_URL: http://localhost:3456/api/v1 \ No newline at end of file diff --git a/vikunja/docker-compose.logs.yml b/vikunja/docker-compose.logs.yml new file mode 100644 index 0000000..ec74292 --- /dev/null +++ b/vikunja/docker-compose.logs.yml @@ -0,0 +1,17 @@ +version: "3.8" + +# https://vikunja.io/docs/config-options/#log + +services: + vikunja_api: + environment: + # VIKUNJA_LOG_PATH + VIKUNJA_LOG_ENABLED: ${VIKUNJA_LOG_ENABLED:-true} + VIKUNJA_LOG_STANDARD: ${VIKUNJA_LOG_STANDARD:-stdout} + VIKUNJA_LOG_LEVEL: ${VIKUNJA_LOG_LEVEL:-INFO} # Possible values (case-insensitive) are CRITICAL, ERROR, WARNING, NOTICE, INFO, DEBUG. + VIKUNJA_LOG_DATABASE: ${VIKUNJA_LOG_DATABASE:-off} # Possible values are stdout, stderr, file or off to disable database + VIKUNJA_LOG_DATABASELEVEL: ${VIKUNJA_LOG_DATABASELEVEL:-WARNING} # Possible values (case-insensitive) are CRITICAL, ERROR, WARNING, NOTICE, INFO, DEBUG + VIKUNJA_LOG_HTTP: ${VIKUNJA_LOG_HTTP:-stdout} # Possible values are stdout, stderr, file or off to disable http logging. + VIKUNJA_LOG_ECHO: ${VIKUNJA_LOG_ECHO:-off} # Possible values are stdout, stderr, file or off to disable standard logging. + VIKUNJA_LOG_EVENTS: ${VIKUNJA_LOG_EVENTS:-stdout} # Possible values are stdout, stderr, file or off to disable events logging. + VIKUNJA_LOG_EVENTSLEVEL: ${VIKUNJA_LOG_EVENTSLEVEL:-INFO} # Possible values (case-insensitive) are ERROR, INFO, DEBUG. diff --git a/vikunja/docker-compose.postgres.yml b/vikunja/docker-compose.postgres.yml new file mode 100644 index 0000000..4193043 --- /dev/null +++ b/vikunja/docker-compose.postgres.yml @@ -0,0 +1,19 @@ +version: "3.8" + +# https://vikunja.io/docs/config-options/#database + +services: + vikunja_api: + depends_on: + - postgres + environment: + VIKUNJA_DATABASE_TYPE: ${VIKUNJA_DATABASE_TYPE:-postgres} + VIKUNJA_DATABASE_MAXOPENCONNECTIONS: ${VIKUNJA_DATABASE_MAXOPENCONNECTIONS:-100} + VIKUNJA_DATABASE_MAXIDLECONNECTIONS: ${VIKUNJA_DATABASE_MAXIDLECONNECTIONS:-50} + VIKUNJA_DATABASE_MAXCONNECTIONLIFETIME: ${VIKUNJA_DATABASE_MAXCONNECTIONLIFETIME:-10000} + VIKUNJA_DATABASE_SSLMODE: ${VIKUNJA_DATABASE_SSLMODE:-disable} + + VIKUNJA_DATABASE_HOST: ${POSTGRES_CONTAINER_NAME:-postgres}:5432 # Default name is same as ../postgres/docker-compose.yml:8 + VIKUNJA_DATABASE_DATABASE: ${POSTGRES_DB:?err} + VIKUNJA_DATABASE_USER: ${POSTGRES_USER:?err} + VIKUNJA_DATABASE_PASSWORD: ${POSTGRES_PASSWORD:?err} diff --git a/vikunja/docker-compose.prometheus.yml b/vikunja/docker-compose.prometheus.yml new file mode 100644 index 0000000..219ce35 --- /dev/null +++ b/vikunja/docker-compose.prometheus.yml @@ -0,0 +1,10 @@ +version: "3.8" + +# https://vikunja.io/docs/config-options/#metrics + +services: + vikunja_api: + environment: + VIKUNJA_METRICS_ENABLED: ${VIKUNJA_METRICS_ENABLED-:false} + VIKUNJA_METRICS_USERNAME: ${VIKUNJA_METRICS_USERNAME} + VIKUNJA_METRICS_PASSWORD: ${VIKUNJA_METRICS_PASSWORD} diff --git a/vikunja/docker-compose.redis.yml b/vikunja/docker-compose.redis.yml new file mode 100644 index 0000000..72289d6 --- /dev/null +++ b/vikunja/docker-compose.redis.yml @@ -0,0 +1,16 @@ +version: "3.8" + +# https://vikunja.io/docs/config-options/#redis + +services: + vikunja_api: + depends_on: + - redis + environment: + VIKUNJA_CACHE_ENABLED: 'true' + VIKUNJA_CACHE_TYPE: redis + VIKUNJA_REDIS_ENABLED: 'true' + + VIKUNJA_REDIS_HOST: ${REDIS_CONTAINER_NAME:-redis}:6379 # It's default port because we don't have yet configuration for redis port + #VIKUNJA_REDIS_PASSWORD: ${VIKUNJA_REDIS_PASSWORD} # We don't have yet configuration for redis with password + VIKUNJA_REDIS_DB: 0 # It's default becouse we don't have yet configuration for redis database name diff --git a/vikunja/docker-compose.smtp.yml b/vikunja/docker-compose.smtp.yml new file mode 100644 index 0000000..c9f98c2 --- /dev/null +++ b/vikunja/docker-compose.smtp.yml @@ -0,0 +1,18 @@ +version: "3.8" + +# https://vikunja.io/docs/config-options/#mailer + +services: + vikunja_api: + environment: + VIKUNJA_MAILER_ENABLED: ${VIKUNJA_MAILER_ENABLED:-true} + VIKUNJA_MAILER_SKIPTLSVERIFY: ${VIKUNJA_MAILER_SKIPTLSVERIFY:-false} + VIKUNJA_MAILER_QUEUELENGTH: ${VIKUNJA_MAILER_QUEUELENGTH:-100} + VIKUNJA_MAILER_QUEUETIMEOUT: ${VIKUNJA_MAILER_QUEUETIMEOUT:-30} + VIKUNJA_MAILER_FORCESSL: ${VIKUNJA_MAILER_FORCESSL:-false} + + VIKUNJA_MAILER_HOST: ${VIKUNJA_MAILER_HOST:?err} + VIKUNJA_MAILER_PORT: ${VIKUNJA_MAILER_PORT:-587} + VIKUNJA_MAILER_USERNAME: ${VIKUNJA_MAILER_USERNAME:?err} + VIKUNJA_MAILER_PASSWORD: ${VIKUNJA_MAILER_PASSWORD:?err} + VIKUNJA_MAILER_FROMEMAIL: ${VIKUNJA_MAILER_FROMEMAIL:?err} diff --git a/vikunja/docker-compose.traefik.yml b/vikunja/docker-compose.traefik.yml new file mode 100644 index 0000000..eabf6d1 --- /dev/null +++ b/vikunja/docker-compose.traefik.yml @@ -0,0 +1,21 @@ +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +# https://vikunja.io/docs/full-docker-example/#example-with-traefik-2 + +services: + vikunja_api: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vikunja}-api.rule=Host(`${VIKUNJA_DOMAIN:?err}`) && PathPrefix(`/api/v1`, `/dav/`, `/.well-known/`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vikunja}-api.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} + vikunja_frontend: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vikunja}-frontend.rule=Host(`${VIKUNJA_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vikunja}-frontend.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml new file mode 100644 index 0000000..db11ae4 --- /dev/null +++ b/vikunja/docker-compose.yml @@ -0,0 +1,42 @@ +version: "3.8" + +# https://vikunja.io/docs/config-options +# https://vikunja.io/docs/full-docker-example/ + +volumes: + vikunja: + name: ${VIKUNJA_VOLUME_NAME:-vikunja} + +services: + vikunja_api: + container_name: ${VIKUNJA_CONTAINER_NAME:-vikunja}_api + image: ${VIKUNJA_API_IMAGE:-vikunja/api:0.18.1} + restart: always + environment: + VIKUNJA_SERVICE_JWTSECRET: ${VIKUNJA_SERVICE_JWTSECRET} + VIKUNJA_SERVICE_JWTTTL: ${VIKUNJA_SERVICE_JWTTTL:-259200} + VIKUNJA_SERVICE_JWTTTLLONG: ${VIKUNJA_SERVICE_JWTTTLLONG:-2592000} + + VIKUNJA_SERVICE_FRONTENDURL: ${VIKUNJA_SERVICE_FRONTENDURL:?err} + VIKUNJA_SERVICE_MAXITEMSPERPAGE: ${VIKUNJA_SERVICE_MAXITEMSPERPAGE:-50} + VIKUNJA_SERVICE_ENABLECALDAV: ${VIKUNJA_SERVICE_ENABLECALDAV:-true} + VIKUNJA_SERVICE_ENABLELINKSHARING: ${VIKUNJA_SERVICE_ENABLELINKSHARING:-true} + VIKUNJA_SERVICE_ENABLEREGISTRATION: ${VIKUNJA_SERVICE_ENABLEREGISTRATION:-true} + VIKUNJA_SERVICE_ENABLETASKATTACHMENTS: ${VIKUNJA_SERVICE_ENABLETASKATTACHMENTS:-true} + VIKUNJA_SERVICE_TIMEZONE: ${VIKUNJA_SERVICE_TIMEZONE:-GMT} + VIKUNJA_SERVICE_ENABLETASKCOMMENTS: ${VIKUNJA_SERVICE_ENABLETASKCOMMENTS:-true} + VIKUNJA_SERVICE_ENABLETOTP: ${VIKUNJA_SERVICE_ENABLETOTP:-true} + VIKUNJA_SERVICE_ENABLEEMAILREMINDERS: ${VIKUNJA_SERVICE_ENABLEEMAILREMINDERS:-true} + VIKUNJA_SERVICE_ENABLEUSERDELETION: ${VIKUNJA_SERVICE_ENABLEUSERDELETION:-true} + + VIKUNJA_FILES_BASEPATH: ${VIKUNJA_FILES_BASEPATH:-./files} + VIKUNJA_FILES_MAXSIZE: ${VIKUNJA_FILES_MAXSIZE:-20MB} + PUID: ${VIKUNJA_PUID:-1000} + PGID: ${VIKUNJA_PGID:-1000} + volumes: + - vikunja:/app/vikunja/files + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + vikunja_frontend: + container_name: ${VIKUNJA_CONTAINER_NAME:-vikunja}_frontend + image: ${VIKUNJA_FRONTEND_IMAGE:-vikunja/frontend:0.18.2} -- 2.40.1 From cfc0771bb5dacab647e32961c3269da4185202b8 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 12 Jul 2022 10:23:14 +0200 Subject: [PATCH 133/193] docs(Registry): Add command to clean registry --- registry/README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/registry/README.md b/registry/README.md index a644b38..56deffa 100644 --- a/registry/README.md +++ b/registry/README.md @@ -36,6 +36,12 @@ Pour se connecter : docker login https://$REGISTRY_DOMAIN ``` +## Nettoyer le registre + +```sh +docker exec registry bin/registry garbage-collect /etc/docker/registry/config.yml --delete-untagged=true +``` + ## Aide Pour connaître les images du registry : -- 2.40.1 From 912fe146af88a95ecd5553d8f614cf95b1773ffd Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 29 Nov 2022 22:55:55 +0100 Subject: [PATCH 134/193] feat(listmonk): Add new service --- README.md | 1 + listmonk/.env | 26 ++++++++++++++++++++++++ listmonk/README.md | 37 ++++++++++++++++++++++++++++++++++ listmonk/docker-compose.yml | 40 +++++++++++++++++++++++++++++++++++++ 4 files changed, 104 insertions(+) create mode 100644 listmonk/.env create mode 100644 listmonk/README.md create mode 100644 listmonk/docker-compose.yml diff --git a/README.md b/README.md index f3ee893..348c871 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien - [Directus](./directus) : Permet d'administrer une base de données - [HedgeDoc](./hedgedoc) : Prise de note en Markdown collaborative en temps réel +- [listmonk](./listmonk) : Gestionnaire de listes de diffusion et de newsletter - [Mobilizon](./mobilizon): Permet l'organisation d'évènements et de gestion de groupes - [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration - [Plausible](./plausible) : Plausible est une plateforme d'analyse Web légère et open source diff --git a/listmonk/.env b/listmonk/.env new file mode 100644 index 0000000..0dea747 --- /dev/null +++ b/listmonk/.env @@ -0,0 +1,26 @@ +######## +# DOCKER + +#DOCKER_CONTEXT= +#DOCKER_HOST= +SERVICES_DIR=.. +COMPOSE_FILE=${SERVICES_DIR}/listmonk/docker-compose.yml:${SERVICES_DIR}/postgres/docker-compose.yml +#COMPOSE_PROJECT_NAME= + +## APP + +LISTMONK_DOMAIN=localhost +LISTMONK_ADMIN_USERNAME= +LISTMONK_ADMIN_PASSWORD= +#LISTMONK_CONTAINER_NAME=listmonk +#LISTMONK_VOLUME_NAME=listmonk +#LISTMONK_IMAGE=listmonk/listmonk:v2.3.0 + +## POSTGRES + +#POSTGRES_VOLUME_NAME= +#POSTGRES_CONTAINER_NAME= +#POSTGRES_IMAGE= +POSTGRES_USER=listmonk +POSTGRES_PASSWORD=listmonk +POSTGRES_DB=listmonk diff --git a/listmonk/README.md b/listmonk/README.md new file mode 100644 index 0000000..50c403a --- /dev/null +++ b/listmonk/README.md @@ -0,0 +1,37 @@ +# listmonk + +> Gestionnaire de listes de diffusion et de newsletter + +## Documentation + +listmonk ne gère actuellement pas le multicompte. + +Pour utiliser avec une configuration avec les variables d'environnements il faut la commande suivante : + +``` +command: [sh, -c, "./listmonk --config ''"] +``` + +Pour l'installation il faut lancer la commande suivante pour initialiser la base de donnée : + +``` +command: [sh, -c, "yes | ./listmonk --install --config '' && ./listmonk --config ''"] +``` + +Pour faire les mise à jour et ainsi migrer la base de donnée : + +``` +command: [sh, -c, "yes | ./listmonk --upgrade --config '' && ./listmonk --config ''"] +``` + +## Liens + +- [Site Officiel][site] +- [Documentation][documentation] +- [Code source][source] +- [Docker Hub][dockerhub] + +[site]: https://listmonk.app/ +[source]: https://github.com/knadh/listmonk +[documentation]: https://listmonk.app/docs/ +[dockerhub]: https://hub.docker.com/r/listmonk/listmonk diff --git a/listmonk/docker-compose.yml b/listmonk/docker-compose.yml new file mode 100644 index 0000000..9732d9a --- /dev/null +++ b/listmonk/docker-compose.yml @@ -0,0 +1,40 @@ +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +volumes: + listmonk: + name: ${LISTMONK_VOLUME_NAME:-listmonk} + +services: + listmonk: + container_name: ${LISTMONK_CONTAINER_NAME:-listmonk} + image: ${LISTMONK_IMAGE:-listmonk/listmonk:v2.3.0} + restart: always + #command: [sh, -c, "yes | ./listmonk --install --config '' && ./listmonk --config ''"] + #command: [sh, -c, "yes | ./listmonk --upgrade --config '' && ./listmonk --config ''"] + command: [sh, -c, "./listmonk --config ''"] + depends_on: + - postgres + environment: + LISTMONK_app__address: 0.0.0.0:9000 + LISTMONK_app__admin_username: ${LISTMONK_ADMIN_USERNAME:?err} + LISTMONK_app__admin_password: ${LISTMONK_ADMIN_PASSWORD:?err} + LISTMONK_db__host: ${POSTGRES_CONTAINER_NAME:?err} + LISTMONK_db__port: 5432 + LISTMONK_db__user: ${POSTGRES_USER:?err} + LISTMONK_db__password: ${POSTGRES_PASSWORD:?err} + LISTMONK_db__database: ${POSTGRES_DB:?err} + LISTMONK_db__ssl_mode: disable + TZ: Europe/Paris + volumes: + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + - listmonk:/listmonk/uploads + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-listmonk}.rule=Host(`${LISTMONK_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-listmonk}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} -- 2.40.1 From cae7eafbe05361d5b572d57fc95029823d4c9b97 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 9 Dec 2022 21:12:55 +0100 Subject: [PATCH 135/193] feat(Uptime Kuma): Add new service --- README.md | 3 ++- uptimekuma/README.md | 21 +++++++++++++++++++++ uptimekuma/docker-compose.local.yml | 8 ++++++++ uptimekuma/docker-compose.traefik.yml | 15 +++++++++++++++ uptimekuma/docker-compose.yml | 17 +++++++++++++++++ 5 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 uptimekuma/README.md create mode 100644 uptimekuma/docker-compose.local.yml create mode 100644 uptimekuma/docker-compose.traefik.yml create mode 100644 uptimekuma/docker-compose.yml diff --git a/README.md b/README.md index 348c871..f3dcd8f 100644 --- a/README.md +++ b/README.md @@ -19,13 +19,14 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien - [ClickHouse](./clickhouse) : Un logiciel libre de base de données orientée colonnes pour le traitement analytique en ligne - [Drone](./drone) : Un service d'intégration continue - [GeoIP Update](./geoipupdate) : Permet de télécharger la base de données GeoIP2 permettant de localiser les IPs -- [Gitea](./gitea) : Un service Git auto-hébergé très simple à installer et à utiliser. Il est similaire à GitHub, Bitbucket ou Gitlab. +- [Gitea](./gitea) : Un service Git très simple à installer et à utiliser. Il est similaire à GitHub, Bitbucket ou Gitlab. - [Grafana](./grafana) : Un outil de supervision simple et élégant - [PostgreSQL](./postgres) : PostgreSQL est un système de gestion de base de données relationnelle et objet. - [Prometheus](./prometheus) : Un logiciel de surveillance informatique - [Redis](./redis) : Système de gestion de base de données clé-valeur extensible, très hautes performances - [Registry Docker](./registry) : Une application qui permet de distribuer des images Docker - [Traefik](./traefik) : Traefik, un reverse-proxy pour vos conteneurs +- [Uptime Kuma](./uptimekuma) : outil de surveillance de site ou service WEB - [Watchtower](./watchtower) : Automatiser la mise à jour d'image docker ## Comment ça marche ? diff --git a/uptimekuma/README.md b/uptimekuma/README.md new file mode 100644 index 0000000..1d1a56f --- /dev/null +++ b/uptimekuma/README.md @@ -0,0 +1,21 @@ +# Uptime Kuma + +> Uptime Kuma est un service pour surveiller des applications et services auto-hébergés. Il surveille le fonctionnement de services à travers des sondes HTTP(S), TCP, Ping, enregistrement DNS… sans limites. + +## Information + +- L'ensemble des variables d'environnement se trouve [ici](https://github.com/louislam/uptime-kuma/wiki/Environment-Variables) +- Actuellement Uptime Kuma support seulement sqlite3, [une PR](https://github.com/louislam/uptime-kuma/pull/1139) est en court pour le support de MySQL à suivre. +- Il y aurait des problèmes de DNS avec l'image Docker Alpine et [le support ne sera plus la dans la v2](https://github.com/louislam/uptime-kuma/pull/2085) donc on prend la version debian un peu plus lourde. + +## Liens + +- [Site Officiel][site] +- [Documentation][documentation] +- [Code source][source] +- [Docker Hub][dockerhub] + +[site]: https://uptime.kuma.pet/ +[source]: https://github.com/louislam/uptime-kuma +[documentation]: https://github.com/louislam/uptime-kuma/wiki +[dockerhub]: https://hub.docker.com/r/louislam/uptime-kuma/ \ No newline at end of file diff --git a/uptimekuma/docker-compose.local.yml b/uptimekuma/docker-compose.local.yml new file mode 100644 index 0000000..7a90473 --- /dev/null +++ b/uptimekuma/docker-compose.local.yml @@ -0,0 +1,8 @@ +--- + +version: "3.8" + +services: + uptimekuma: + ports: + - 3001:3001 diff --git a/uptimekuma/docker-compose.traefik.yml b/uptimekuma/docker-compose.traefik.yml new file mode 100644 index 0000000..ff7d31c --- /dev/null +++ b/uptimekuma/docker-compose.traefik.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + uptimekuma: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-uptimekuma}.rule=Host(`${UPTIMEKUMA_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-uptimekuma}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} diff --git a/uptimekuma/docker-compose.yml b/uptimekuma/docker-compose.yml new file mode 100644 index 0000000..8a087de --- /dev/null +++ b/uptimekuma/docker-compose.yml @@ -0,0 +1,17 @@ +--- + +version: "3.8" + +volumes: + uptimekuma: + name: ${UPTIMEKUMA_VOLUME_NAME:-uptimekuma} + +services: + uptimekuma: + container_name: ${UPTIMEKUMA_CONTAINER_NAME:-uptimekuma} + image: ${UPTIMEKUMA_IMAGE:-louislam/uptime-kuma:1.18.5} + restart: always + volumes: + - uptimekuma:/app/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro -- 2.40.1 From c9ef1d34a107f67c88aa69f3a05fca8ae07639b6 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 9 Dec 2022 22:12:23 +0100 Subject: [PATCH 136/193] feat(Uptime Kuma): Add documentation and default .env --- uptimekuma/.env | 20 ++++++++++++++++++++ uptimekuma/README.md | 1 + 2 files changed, 21 insertions(+) create mode 100644 uptimekuma/.env diff --git a/uptimekuma/.env b/uptimekuma/.env new file mode 100644 index 0000000..a67d401 --- /dev/null +++ b/uptimekuma/.env @@ -0,0 +1,20 @@ +######## +# DOCKER + +SERVICES_DIR=".." +COMPOSE_FILE=${SERVICES_DIR}/uptimekuma/docker-compose.yml:${SERVICES_DIR}/uptimekuma/docker-compose.local.yml +# COMPOSE_PROJECT_NAME= + +## APP + +# UPTIMEKUMA_DOMAIN={{ UPTIMEKUMA_DOMAIN }} +UPTIMEKUMA_CONTAINER_NAME=uptimekuma +UPTIMEKUMA_VOLUME_NAME=uptimekuma +# UPTIMEKUMA_IMAGE= + +######### +# TRAEFIK + +# TRAEFIK_NETWORK_NAME= +# TRAEFIK_ROUTER_NAME= +# TRAEFIK_ENTRYPOINTS= diff --git a/uptimekuma/README.md b/uptimekuma/README.md index 1d1a56f..0505ee5 100644 --- a/uptimekuma/README.md +++ b/uptimekuma/README.md @@ -7,6 +7,7 @@ - L'ensemble des variables d'environnement se trouve [ici](https://github.com/louislam/uptime-kuma/wiki/Environment-Variables) - Actuellement Uptime Kuma support seulement sqlite3, [une PR](https://github.com/louislam/uptime-kuma/pull/1139) est en court pour le support de MySQL à suivre. - Il y aurait des problèmes de DNS avec l'image Docker Alpine et [le support ne sera plus la dans la v2](https://github.com/louislam/uptime-kuma/pull/2085) donc on prend la version debian un peu plus lourde. +- Pour l'instant [il n'est pas possible d'avoir plusieurs comptes](https://github.com/louislam/uptime-kuma/issues/128) ## Liens -- 2.40.1 From 747d158f583ea04fc834f3030b23e47086d79431 Mon Sep 17 00:00:00 2001 From: Simon C Date: Sat, 31 Dec 2022 14:35:36 +0100 Subject: [PATCH 137/193] feat(Vaultwarden): Add new service --- README.md | 1 + vaultwarden/.env | 46 +++++++++++++++++++++++++ vaultwarden/README.md | 21 +++++++++++ vaultwarden/docker-compose.postgres.yml | 8 +++++ vaultwarden/docker-compose.smtp.yml | 15 ++++++++ vaultwarden/docker-compose.traefik.yml | 15 ++++++++ vaultwarden/docker-compose.yml | 23 +++++++++++++ 7 files changed, 129 insertions(+) create mode 100644 vaultwarden/.env create mode 100644 vaultwarden/README.md create mode 100644 vaultwarden/docker-compose.postgres.yml create mode 100644 vaultwarden/docker-compose.smtp.yml create mode 100644 vaultwarden/docker-compose.traefik.yml create mode 100644 vaultwarden/docker-compose.yml diff --git a/README.md b/README.md index f3dcd8f..065f41f 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien - [Mobilizon](./mobilizon): Permet l'organisation d'évènements et de gestion de groupes - [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration - [Plausible](./plausible) : Plausible est une plateforme d'analyse Web légère et open source +- [Vaultwarden](./vaultwarden) : Gestionnaire de mot de passe compatible avec Bitwarden - [Vikunja](./vikunja) : L'application pour organiser sa vie ### Pour les devs / ops diff --git a/vaultwarden/.env b/vaultwarden/.env new file mode 100644 index 0000000..0c01add --- /dev/null +++ b/vaultwarden/.env @@ -0,0 +1,46 @@ +######## +# DOCKER + +SERVICES_DIR=".." +COMPOSE_FILE=${SERVICES_DIR}/vaultwarden/docker-compose.yml +#COMPOSE_PROJECT_NAME= + +## APP + +#VAULTWARDEN_IMAGE= +#VAULTWARDEN_VOLUME_NAME= +VAULTWARDEN_DOMAIN=vaultwarden.local + +#VAULTWARDEN_LOG_LEVEL= +#VAULTWARDEN_SIGNUPS_ALLOWED=false +VAULTWARDEN_ADMIN_TOKEN="mytoken" +#VAULTWARDEN_INVITATION_ORG_NAME="RésiLien" + +########## +# POSTGRES + +#POSTGRES_IMAGE= +#POSTGRES_CONTAINER_NAME= +#POSTGRES_DB= +#POSTGRES_USER= +#POSTGRES_PASSWORD= +#POSTGRES_VOLUME_NAME= + +###### +# SMTP + +#VAULTWARDEN_SMTP_HOST= +#VAULTWARDEN_SMTP_FROM= +#VAULTWARDEN_SMTP_FROM_NAME= +#VAULTWARDEN_SMTP_SECURITY= +#VAULTWARDEN_SMTP_PORT= +#VAULTWARDEN_SMTP_USERNAME= +#VAULTWARDEN_SMTP_PASSWORD= +#VAULTWARDEN_SMTP_AUTH_MECHANISM= + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= +#TRAEFIK_ENTRYPOINTS= diff --git a/vaultwarden/README.md b/vaultwarden/README.md new file mode 100644 index 0000000..b799a9d --- /dev/null +++ b/vaultwarden/README.md @@ -0,0 +1,21 @@ +# Vaultwarden + +> Gestionnaire de mot de passe compatible avec Bitwarden mais écrit en Rust pour être plus sobre en ressource système. + +## Configuration + +Toutes les variables de configuration du service sont disponibles à [cette adresse](https://github.com/dani-garcia/vaultwarden/blob/main/.env.template). + +## Clients + +[Les clients de Bitwarden](https://bitwarden.com/#download) sont compatibles avec le serveur. + +## Liens + +- [Documentation][documentation] +- [Code source][source] +- [Docker Hub][dockerhub] + +[source]: https://github.com/dani-garcia/vaultwarden +[documentation]: https://github.com/dani-garcia/vaultwarden/wiki +[dockerhub]: https://hub.docker.com/r/vaultwarden/server \ No newline at end of file diff --git a/vaultwarden/docker-compose.postgres.yml b/vaultwarden/docker-compose.postgres.yml new file mode 100644 index 0000000..49fc448 --- /dev/null +++ b/vaultwarden/docker-compose.postgres.yml @@ -0,0 +1,8 @@ +--- + +version: "3.8" + +services: + vaultwarden: + environment: + DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_CONTAINER_NAME}:5432/${POSTGRES_DB} \ No newline at end of file diff --git a/vaultwarden/docker-compose.smtp.yml b/vaultwarden/docker-compose.smtp.yml new file mode 100644 index 0000000..21ca579 --- /dev/null +++ b/vaultwarden/docker-compose.smtp.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +services: + vaultwarden: + environment: + SMTP_HOST: ${VAULTWARDEN_SMTP_HOST:?err} + SMTP_FROM: ${VAULTWARDEN_SMTP_FROM:?err} + SMTP_FROM_NAME: ${VAULTWARDEN_SMTP_FROM_NAME:?err} + SMTP_SECURITY: ${VAULTWARDEN_SMTP_SECURITY:?err} + SMTP_PORT: ${VAULTWARDEN_SMTP_PORT:?err} + SMTP_USERNAME: ${VAULTWARDEN_SMTP_USERNAME:?err} + SMTP_PASSWORD: ${VAULTWARDEN_SMTP_PASSWORD:?err} + SMTP_AUTH_MECHANISM: ${VAULTWARDEN_SMTP_AUTH_MECHANISM:?err} diff --git a/vaultwarden/docker-compose.traefik.yml b/vaultwarden/docker-compose.traefik.yml new file mode 100644 index 0000000..e191542 --- /dev/null +++ b/vaultwarden/docker-compose.traefik.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + vaultwarden: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.rule=Host(`${VAULTWARDEN_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} \ No newline at end of file diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml new file mode 100644 index 0000000..59cbb88 --- /dev/null +++ b/vaultwarden/docker-compose.yml @@ -0,0 +1,23 @@ +--- + +version: "3.8" + +volumes: + vaultwarden: + name: ${VAULTWARDEN_VOLUME_NAME:-vaultwarden} + +services: + vaultwarden: + image: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden/server:1.27.0-alpine} + container_name: vaultwarden + restart: always + depends_on: + - postgres + environment: + ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err} + DOMAIN: https://${VAULTWARDEN_DOMAIN:?err} + INVITATION_ORG_NAME: ${VAULTWARDEN_INVITATION_ORG_NAME:-Vaultwarden} + LOG_LEVEL: ${VAULTWARDEN_LOG_LEVEL:-Info} + SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true} + volumes: + - vaultwarden:/data -- 2.40.1 From c631f47ae10f59f88a20e4fd3ad734fab65a1b5c Mon Sep 17 00:00:00 2001 From: Simon C Date: Sat, 31 Dec 2022 15:14:20 +0100 Subject: [PATCH 138/193] feat(Vaultwarden): Add timezone information --- vaultwarden/docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index 59cbb88..288e328 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -21,3 +21,5 @@ services: SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true} volumes: - vaultwarden:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro -- 2.40.1 From 62334b2f85be93643752909f352135e9e938ffb4 Mon Sep 17 00:00:00 2001 From: Simon C Date: Sat, 31 Dec 2022 15:22:32 +0100 Subject: [PATCH 139/193] feat(Vaultwarden): Ajout de la variable pour configurer le nom du service --- vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index 288e328..07b34db 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: vaultwarden: image: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden/server:1.27.0-alpine} - container_name: vaultwarden + container_name: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden} restart: always depends_on: - postgres -- 2.40.1 From 4bf479d0e0dcea45ef1c6c0c44fa7f635e51de38 Mon Sep 17 00:00:00 2001 From: Simon C Date: Sat, 31 Dec 2022 15:24:38 +0100 Subject: [PATCH 140/193] feat(Vaultwarden): Move postgres dependency on postgres file --- vaultwarden/docker-compose.postgres.yml | 4 +++- vaultwarden/docker-compose.yml | 2 -- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/vaultwarden/docker-compose.postgres.yml b/vaultwarden/docker-compose.postgres.yml index 49fc448..58e2bf7 100644 --- a/vaultwarden/docker-compose.postgres.yml +++ b/vaultwarden/docker-compose.postgres.yml @@ -4,5 +4,7 @@ version: "3.8" services: vaultwarden: + depends_on: + - postgres environment: - DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_CONTAINER_NAME}:5432/${POSTGRES_DB} \ No newline at end of file + DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_CONTAINER_NAME}:5432/${POSTGRES_DB} diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index 07b34db..c2ca4a1 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -11,8 +11,6 @@ services: image: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden/server:1.27.0-alpine} container_name: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden} restart: always - depends_on: - - postgres environment: ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err} DOMAIN: https://${VAULTWARDEN_DOMAIN:?err} -- 2.40.1 From 4e32136c261a82b26ed6284d946992843cca9919 Mon Sep 17 00:00:00 2001 From: Simon C Date: Sat, 31 Dec 2022 15:28:28 +0100 Subject: [PATCH 141/193] fix(Vaultwarden): Update image variable name --- vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index c2ca4a1..97553ca 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: vaultwarden: - image: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden/server:1.27.0-alpine} + image: ${VAULTWARDEN_IMAGE:-vaultwarden/server:1.27.0-alpine} container_name: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden} restart: always environment: -- 2.40.1 From 0af258dcaedc6eccf175d141cea6c2424903039f Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 21:08:06 +0100 Subject: [PATCH 142/193] feat(Nextcloud): SMTP configuration should not be empty --- nextcloud/docker-compose.smtp.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nextcloud/docker-compose.smtp.yml b/nextcloud/docker-compose.smtp.yml index b8a880f..6343eed 100644 --- a/nextcloud/docker-compose.smtp.yml +++ b/nextcloud/docker-compose.smtp.yml @@ -3,11 +3,11 @@ version: "3.8" services: nextcloud-fpm: environment: - SMTP_HOST: ${SMTP_HOST?err} # The hostname of the SMTP server. + SMTP_HOST: ${SMTP_HOST:?err} # The hostname of the SMTP server. SMTP_SECURE: ${SMTP_SECURE:-ssl} # Set to ssl to use SSL, or tls to use STARTTLS. SMTP_PORT: ${SMTP_PORT:-465} SMTP_AUTHTYPE: ${SMTP_AUTHTYPE:-LOGIN} - SMTP_NAME: ${SMTP_NAME?err} - SMTP_PASSWORD: ${SMTP_PASSWORD?err} - MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS} - MAIL_DOMAIN: ${MAIL_DOMAIN} + SMTP_NAME: ${SMTP_NAME:?err} + SMTP_PASSWORD: ${SMTP_PASSWORD:?err} + MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS:?err} + MAIL_DOMAIN: ${MAIL_DOMAIN:?err} -- 2.40.1 From fd63036294583b7698dcc3e4a7a9281b8b9811cf Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 21:08:48 +0100 Subject: [PATCH 143/193] feat(Nextcloud): Add all configuration on cron container --- nextcloud/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 909e536..5e06ef4 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -17,6 +17,7 @@ services: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro environment: + &fpm-configuration NEXTCLOUD_TRUSTED_DOMAINS: ${NEXTCLOUD_TRUSTED_DOMAINS?err} NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER?err} NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD?err} @@ -53,8 +54,7 @@ services: - nextcloud-web entrypoint: /cron.sh environment: - PUID: ${NEXTCLOUD_PUID:-1000} - PGID: ${NEXTCLOUD_PGID:-1000} + <<: *fpm-configuration volumes: - nextcloud:/var/www/html - /etc/timezone:/etc/timezone:ro -- 2.40.1 From 2281c4337c8088f5b6506b5aa05b6b22a6e32ed0 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 21:09:37 +0100 Subject: [PATCH 144/193] feat(Nextcloud): Update web folder path with generic SERVICES_DIR --- nextcloud/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 5e06ef4..f32a9f0 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -33,7 +33,7 @@ services: nextcloud-web: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-web - build: web + build: ${SERVICES_DIR}/nextcloud/web restart: always environment: NEXTCLOUD_FPM_CONTAINER_NAME: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm -- 2.40.1 From 0198c030e93e459329c0901d35ef7e990c5bdaed Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 21:20:13 +0100 Subject: [PATCH 145/193] feat(Nextcloud): Add environment variables to configure server --- nextcloud/.env | 2 +- nextcloud/docker-compose.config.yml | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 nextcloud/docker-compose.config.yml diff --git a/nextcloud/.env b/nextcloud/.env index 8cd5d60..15a8d09 100644 --- a/nextcloud/.env +++ b/nextcloud/.env @@ -4,7 +4,7 @@ #DOCKER_CONTEXT= #DOCKER_HOST= SERVICES_DIR=.. -COMPOSE_FILE=${SERVICES_DIR}/nextcloud/docker-compose.yml:${SERVICES_DIR}/nextcloud/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml +COMPOSE_FILE=${SERVICES_DIR}/nextcloud/docker-compose.yml:${SERVICES_DIR}/nextcloud/docker-compose.config.yml:${SERVICES_DIR}/nextcloud/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml #COMPOSE_PROJECT_NAME= ## APP diff --git a/nextcloud/docker-compose.config.yml b/nextcloud/docker-compose.config.yml new file mode 100644 index 0000000..f7491ce --- /dev/null +++ b/nextcloud/docker-compose.config.yml @@ -0,0 +1,21 @@ +--- +version: "3.8" + +services: + nextcloud-fpm: + environment: + &nextcloud-configuration + NC_trashbin_retention_obligation: ${NC_trashbin_retention_obligation:-auto, 30} + NC_force_language: ${NC_force_language:-fr} + NC_default_locale: ${NC_default_locale:-fr_FR} + NC_force_locale: ${NC_force_locale:-fr_FR} + NC_default_language: ${NC_default_language:-fr} + NC_default_phone_region: ${NC_default_phone_region:-FR} + NC_defaultapp: ${NC_defaultapp:-files} + NC_preview_max_x: ${NC_preview_max_x:-2048} + NC_preview_max_y: ${NC_preview_max_y:-2048} + NC_jpeg_quality: ${NC_jpeg_quality:-60} + + nextcloud-cron: + environment: + <<: *nextcloud-configuration -- 2.40.1 From b3dce58f7b18d24f18856e18875df1267d3611a8 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 21:47:02 +0100 Subject: [PATCH 146/193] feat(Nextcloud): Update SMTP environment variables --- nextcloud/docker-compose.smtp.yml | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/nextcloud/docker-compose.smtp.yml b/nextcloud/docker-compose.smtp.yml index 6343eed..60136d8 100644 --- a/nextcloud/docker-compose.smtp.yml +++ b/nextcloud/docker-compose.smtp.yml @@ -3,11 +3,16 @@ version: "3.8" services: nextcloud-fpm: environment: - SMTP_HOST: ${SMTP_HOST:?err} # The hostname of the SMTP server. - SMTP_SECURE: ${SMTP_SECURE:-ssl} # Set to ssl to use SSL, or tls to use STARTTLS. - SMTP_PORT: ${SMTP_PORT:-465} - SMTP_AUTHTYPE: ${SMTP_AUTHTYPE:-LOGIN} - SMTP_NAME: ${SMTP_NAME:?err} - SMTP_PASSWORD: ${SMTP_PASSWORD:?err} - MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS:?err} - MAIL_DOMAIN: ${MAIL_DOMAIN:?err} + &smtp-configuration + NC_mail_smtphost: ${NC_mail_smtphost:?err} # The hostname of the SMTP server. + NC_mail_smtpsecure: ${NC_mail_smtpsecure:-ssl} # Set to ssl to use SSL, or tls to use STARTTLS. + NC_mail_smtpport: ${NC_mail_smtpport:-465} + NC_mail_smtpauthtype: ${NC_mail_smtpauthtype:-LOGIN} + NC_mail_smtpname: ${NC_mail_smtpname:?err} + NC_mail_smtppassword: ${NC_mail_smtppassword:?err} + NC_mail_from_address: ${NC_mail_from_address:?err} + NC_mail_domain: ${NC_mail_domain:?err} + + nextcloud-cron: + environment: + <<: *smtp-configuration -- 2.40.1 From b54891ec38af9bb4557acea97792fc1c752f68fd Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 22:01:55 +0100 Subject: [PATCH 147/193] chore(Nginx): Upgrade to 1.23.3 --- nextcloud/web/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/web/Dockerfile b/nextcloud/web/Dockerfile index 2cde763..345321a 100644 --- a/nextcloud/web/Dockerfile +++ b/nextcloud/web/Dockerfile @@ -1,3 +1,3 @@ -FROM nginx:1.21.5-alpine +FROM nginx:1.23.3-alpine COPY nextcloud.conf.template /etc/nginx/templates/default.conf.template -- 2.40.1 From 669866b44e45dbbd36d7121d34c211b758c538df Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 22:10:29 +0100 Subject: [PATCH 148/193] docs(Nextcloud): Add environment variables documentation --- nextcloud/README.md | 83 +++++++++++++++++++++++++++++++-------------- 1 file changed, 58 insertions(+), 25 deletions(-) diff --git a/nextcloud/README.md b/nextcloud/README.md index 2f04a15..0aca8d8 100644 --- a/nextcloud/README.md +++ b/nextcloud/README.md @@ -14,45 +14,78 @@ On peut trouver [la documentation ici][documentation] en anglais ou ici pour la ## Aide -Exemple de commande : +Commande pour se connecter à un serveur : ```sh -docker exec --user www-data -it nextcloud bash +. .env +docker exec --user www-data -it ${NEXTCLOUD_CONTAINER_NAME}-fpm ash +``` -docker-compose exec --user www-data nextcloud php occ db:add-missing-primary-keys +Pour mettre un site en maintenance : + +```sh +. .env +docker exec --user www-data -it ${NEXTCLOUD_CONTAINER_NAME}-fpm php occ maintenance:mode --on ``` ## Configuration -Il est possible de configurer certaines parties avec des variables d'environnement, mais ce n'est pas le cas de l'ensemble de la configuration. +Il est possible de configurer certaines parties avec des variables d'environnement : +- Soit les variables sont spécifique à l'image Docker +- soit avec des variables du type `NC_` + clé (exemple : NC_default_phone_region=FR) -Voici les modifications que j'effectue : +### Création d'un groupe ``` -docker-compose exec --user www-data nextcloud-fpm ash -vi config/config.php -``` -Ajout de la configuration suivante : -``` - 'default_language' => 'fr', - 'default_locale' => 'fr_FR', - 'default_phone_region' => 'FR', - 'defaultapp' => 'files', - 'preview_max_x' => 2048, - 'preview_max_y' => 2048, - 'jpeg_quality' => 60, +export NC_GROUP=com-en-aubrac +php occ group:add $NC_GROUP ``` -Ajout de imagemagick : -``` -docker-compose exec nextcloud-fpm apk add --no-cache imagemagick -``` - -ou +### Création d'un utilisateur ``` -ssh -docker exec nextcloud-fpm apk add --no-cache imagemagick +# La variable OC_PASS est spécifique pour l'utilisation de --password-from-env +export OC_PASS=unmotdepasse! + +export NC_USER=simon +export NC_NAME=Simon +export NC_MAIL=simon@example.org +export NC_QUOTA="180 GB" + +php occ user:add --password-from-env --display-name=$NC_NAME --group="$NC_GROUP" $NC_USER +php occ user:setting $NC_USER settings email $NC_MAIL +``` + +### Quota + +Pour bien comprendre les quotas dans Nextcloud : https://docs.nextcloud.com/server/latest/user_manual/en/files/quota.html + +``` +export NC_USER=simon +export NC_QUOTA="10 GB" +php occ user:setting $NC_USER files quota "$NC_QUOTA" +``` + +### imagemagick + +> Le module php-imagick n’a aucun support SVG dans cette instance. Pour une meilleure compatibilité, il est recommandé de l’installer. + +Pour résoudre ce problème il faut ajouter le paquet `imagemagick` + +``` +. .env +docker exec -it ${NEXTCLOUD_CONTAINER_NAME}-fpm apk add --no-cache imagemagick +``` + +## Application + +Suppression d'application : + +``` +php occ app:disable dashboard +php occ app:disable photos +php occ app:disable weather_status +php occ app:disable user_status ``` ## PHP-FPM: remédier à server reached pm.max_children -- 2.40.1 From 264688abf82d2460677c8aa239767186bd3595d0 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 22:11:02 +0100 Subject: [PATCH 149/193] feat(Nextcloud): Remove run script --- nextcloud/run | 49 ------------------------------------------------- 1 file changed, 49 deletions(-) delete mode 100755 nextcloud/run diff --git a/nextcloud/run b/nextcloud/run deleted file mode 100755 index a98ccba..0000000 --- a/nextcloud/run +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash - -set -eu - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -. $DIR/../help.sh -. $DIR/../postgres/run --only-source - -nextcloud_help() { - echo "./run backup : Lancement de la sauvegarde de Nextcloud" - echo "./run restore : Restauration de la sauvegarde de Nextcloud" -} - -nextcloud_backup() { - script_env - BACKUP_DATE_DEFAULT=`date +%Y%m%d_%H%M%S` - BACKUP_DATE=${BACKUP_DATE:-$BACKUP_DATE_DEFAULT} - backup_folder_create - - POSTGRES_BACKUP_FILE=backups/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_postgres.sql - docker-compose exec --user www-data nextcloud php occ maintenance:mode --on - postgres_backup - - docker run -it --rm -v $HOME/backups/${NEXTCLOUD_DOMAIN}:/backup --volumes-from nextcloud alpine:3.12.3 ash -c "cd /var/www/html && tar cvf /backup/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_files.tar ." - docker-compose exec --user www-data nextcloud php occ maintenance:mode --off -} - -nextcloud_restore() { - script_env - - postgres_restore - docker run -it --rm -v $HOME/backups/${NEXTCLOUD_DOMAIN}:/backup -v nextcloud:/var/www/html alpine:3.12.3 ash -c "cd /var/www/html && tar xvf /backup/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_files.tar --strip 1" -} - -if [ $# -ge 1 ]; then - if [ "${1}" == "backup" ]; then - script_start - nextcloud_backup - script_end - elif [ "${1}" == "restore" ]; then - script_start - nextcloud_restore - script_end - elif [ "${1}" != "--only-source" ]; then - nextcloud_help - fi -else - nextcloud_help -fi -- 2.40.1 From e3dcc0efd516663dadaeaaa5f95f17e225e32e4b Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 22:15:37 +0100 Subject: [PATCH 150/193] chore(Nextcloud): Upgrade to 25.0.2 https://nextcloud.com/changelog/#25-0-2 --- nextcloud/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index f32a9f0..351eb38 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: nextcloud-fpm: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:23.0.3-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:25.0.2-fpm-alpine} restart: always depends_on: - postgres @@ -47,7 +47,7 @@ services: - /etc/localtime:/etc/localtime:ro nextcloud-cron: - image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.3-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:25.0.2-fpm-alpine} container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-cron restart: always depends_on: -- 2.40.1 From de2a8eef465956b8b26f9d29778740431f22fca2 Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 2 Feb 2023 12:59:09 +0100 Subject: [PATCH 151/193] feat(Vikunja): Restart container & explicite dependency --- vikunja/docker-compose.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml index db11ae4..ac99c02 100644 --- a/vikunja/docker-compose.yml +++ b/vikunja/docker-compose.yml @@ -40,3 +40,6 @@ services: vikunja_frontend: container_name: ${VIKUNJA_CONTAINER_NAME:-vikunja}_frontend image: ${VIKUNJA_FRONTEND_IMAGE:-vikunja/frontend:0.18.2} + restart: always + depends_on: + - vikunja_api -- 2.40.1 From ba29719ed102a7569b4da5d7b196d414dbc12b74 Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 2 Feb 2023 16:50:59 +0100 Subject: [PATCH 152/193] feat(Traefik): Pilot is deprecated https://traefik.io/blog/announcing-traefik-proxy-2-8/ --- traefik/docker-compose.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 651a062..f030402 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -30,7 +30,6 @@ services: - --log.level=${TRAEFIK_LOG_LEVEL:-INFO} - --global.sendanonymoususage=${TRAEFIK_GLOBAL_SENDANONYMOUSUSAGE:-false} - --global.checknewversion=${TRAEFIK_GLOBAL_CHECKNEWVERSION:-false} - - --pilot.dashboard=${TRAEFIK_PILOT_DASHBOARD:-false} - --metrics.prometheus=${TRAEFIK_METRICS_PROMETHEUS:-true} - --accesslog=${TRAEFIK_ACCESSLOG:-false} -- 2.40.1 From e8a022e7e3f4de32385ff2f7b15b84cb30aa345f Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 21 Feb 2023 11:58:06 +0100 Subject: [PATCH 153/193] feat(Gitea): Upgrade to 1.19 and update configuration --- gitea/docker-compose.smtp.yml | 11 +++++++---- gitea/docker-compose.traefik.yml | 12 +++++------- gitea/docker-compose.yml | 20 ++++++++++++-------- 3 files changed, 24 insertions(+), 19 deletions(-) diff --git a/gitea/docker-compose.smtp.yml b/gitea/docker-compose.smtp.yml index fa37a1a..f01131d 100644 --- a/gitea/docker-compose.smtp.yml +++ b/gitea/docker-compose.smtp.yml @@ -4,9 +4,12 @@ services: gitea: environment: - GITEA__mailer__ENABLED=true - - GITEA__mailer__FROM=${GITEA__mailer__FROM:?GITEA__mailer__FROM not set} - - GITEA__mailer__MAILER_TYPE=smtp - - GITEA__mailer__HOST=${GITEA__mailer__HOST:?GITEA__mailer__HOST not set} - - GITEA__mailer__IS_TLS_ENABLED=true + - GITEA__mailer__PROTOCOL=${GITEA__mailer__PROTOCOL:-smtp} + - GITEA__mailer__SMTP_ADDR=${GITEA__mailer__SMTP_ADDR:?GITEA__mailer__SMTP_ADDR not set} + - GITEA__mailer__SMTP_PORT=${GITEA__mailer__SMTP_PORT:?GITEA__mailer__SMTP_PORT not set} + - GITEA__mailer__USER=${GITEA__mailer__USER:?GITEA__mailer__USER not set} - GITEA__mailer__PASSWD="""${GITEA__mailer__PASSWD:?GITEA__mailer__PASSWD not set}""" + + - GITEA__mailer__FROM=${GITEA__mailer__FROM:?GITEA__mailer__FROM not set} + - GITEA__mailer__HOST=${GITEA__mailer__HOST:?GITEA__mailer__HOST not set} diff --git a/gitea/docker-compose.traefik.yml b/gitea/docker-compose.traefik.yml index b4b8447..f3a5562 100644 --- a/gitea/docker-compose.traefik.yml +++ b/gitea/docker-compose.traefik.yml @@ -7,10 +7,8 @@ networks: services: gitea: labels: - traefik.enable: 'true' - traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik} - - traefik.http.routers.gitea.rule: 'Host(`${GITEA_DOMAIN:?err}`)' - traefik.http.routers.gitea.entrypoints: 'web' - - traefik.http.services.gitea.loadbalancer.server.port: '3000' + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-gitea}.rule=Host(`${GITEA_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-gitea}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} + - traefik.http.services.${TRAEFIK_ROUTER_NAME:-gitea}.loadbalancer.server.port=3000 diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index a2ae51c..67eb748 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -7,16 +7,20 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.16.5} + image: ${GITEA_IMAGE:-gitea/gitea:1.18.4} restart: always environment: - # - USER_UID=1000 - # - USER_GID=1000 - DB_TYPE: postgres - DB_HOST: ${POSTGRES_CONTAINER_NAME:-postgres}:5432 # Default name is same as ../postgres/docker-compose.yml:8 - DB_NAME: ${POSTGRES_DB} - DB_USER: ${POSTGRES_USER} - DB_PASSWD: ${POSTGRES_PASSWORD} + - USER_UID=${GITEA_UID:-1000} + - USER_GID=${GITEA_GID:-1000} + # Database + - GITEA__database__DB_TYPE=postgres + - GITEA__database__HOST=${POSTGRES_CONTAINER_NAME:-postgres}:5432 + - GITEA__database__NAME=${POSTGRES_DB} + - GITEA__database__USER=${POSTGRES_USER} + - GITEA__database__PASSWD=${POSTGRES_PASSWORD} + # Security + - GITEA__security__SECRET_KEY=${GITEA_SECRET_KEY:-} + - GITEA__security__INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN:-} volumes: - gitea:/data - /etc/timezone:/etc/timezone:ro -- 2.40.1 From 8f5fcec3a9bf8684eae5fee31f476790f63470cd Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 21 Feb 2023 12:44:00 +0100 Subject: [PATCH 154/193] feat(Gitea): Update configuration --- gitea/.env | 36 +++++++++++++++++++++-------------- gitea/docker-compose.smtp.yml | 1 - gitea/docker-compose.yml | 6 ++++-- 3 files changed, 26 insertions(+), 17 deletions(-) diff --git a/gitea/.env b/gitea/.env index 3db8400..2b34046 100644 --- a/gitea/.env +++ b/gitea/.env @@ -1,26 +1,34 @@ -COMPOSE_FILE=../postgres/docker-compose.yml:./docker-compose.yml:./docker-compose.override.yml +######## +# DOCKER -# APP +SERVICES_DIR=".." +COMPOSE_FILE=${SERVICES_DIR}/gitea/docker-compose.yml:${SERVICES_DIR}/gitea/docker-compose.traefik.yml:${SERVICES_DIR}/gitea/docker-compose.smtp.yml:${SERVICES_DIR}/gitea/docker-compose.metrics.yml:${SERVICES_DIR}/postgres/docker-compose.yml +COMPOSE_PROJECT_NAME=$GITEA_DOMAIN -GITEA_VOLUME_NAME=gitea -GITEA_PROTOCOL=http -GITEA_DOMAIN=gitea.lan - -# APP CONFIG +####### +# GITEA # https://docs.gitea.io/en-us/install-with-docker/#environments-variables -DISABLE_SSH=true -RUN_MODE=prod -ROOT_URL=${GITEA_PROTOCOL}://${GITEA_DOMAIN} -DISABLE_REGISTRATION=true -DISABLE_GRAVATAR=true -#INSTALL_LOCK=true +GITEA_DOMAIN=gitea.lan +GITEA_VOLUME_NAME=gitea +GITEA_IMAGE=gitea/gitea:1.18.4 +GITEA_PROTOCOL=http +GITEA_SECRET_KEY=kt5UdK0m9lI9MDyhVOFEB5jk7VwFynDyaxcUjEJUpWJBrC6FyH4dkUDKLYEa7hGn +GITEA_INTERNAL_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NzY5NzkxMzZ9.Iopu6DBUhglmNPzEyYylfmTmEUpYLHYEsNrm50GoBkU + +# SMTP + +GITEA__mailer__FROM='"Name" ' +GITEA__mailer__SMTP_ADDR=smtp.gitea.lan +GITEA__mailer__SMTP_PORT=465 +GITEA__mailer__USER=gitea.lan +GITEA__mailer__PASSWD=gitea.lan # DATABASE -# Voir la description ../postgres/README.md POSTGRES_USER=user-example POSTGRES_PASSWORD=password-example POSTGRES_DB=postgres-database-name-example POSTGRES_CONTAINER_NAME=gitea-postgres POSTGRES_VOLUME_NAME=gitea-postgres +POSTGRES_IMAGE=postgres:15.2-alpine diff --git a/gitea/docker-compose.smtp.yml b/gitea/docker-compose.smtp.yml index f01131d..af25854 100644 --- a/gitea/docker-compose.smtp.yml +++ b/gitea/docker-compose.smtp.yml @@ -12,4 +12,3 @@ services: - GITEA__mailer__PASSWD="""${GITEA__mailer__PASSWD:?GITEA__mailer__PASSWD not set}""" - GITEA__mailer__FROM=${GITEA__mailer__FROM:?GITEA__mailer__FROM not set} - - GITEA__mailer__HOST=${GITEA__mailer__HOST:?GITEA__mailer__HOST not set} diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 67eb748..f30608b 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -19,8 +19,10 @@ services: - GITEA__database__USER=${POSTGRES_USER} - GITEA__database__PASSWD=${POSTGRES_PASSWORD} # Security - - GITEA__security__SECRET_KEY=${GITEA_SECRET_KEY:-} - - GITEA__security__INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN:-} + # docker run -it --rm gitea/gitea:1 gitea generate secret SECRET_KEY + - GITEA__security__SECRET_KEY=${GITEA_SECRET_KEY} + # docker run -it --rm gitea/gitea:1 gitea generate secret INTERNAL_TOKEN + - GITEA__security__INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN} volumes: - gitea:/data - /etc/timezone:/etc/timezone:ro -- 2.40.1 From 745d69aade3c312c0b0f9170142ee88d556a2397 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 10 May 2023 21:54:52 +0200 Subject: [PATCH 155/193] fix(Nextcloud): Add variable to configure SMTP --- nextcloud/docker-compose.smtp.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/nextcloud/docker-compose.smtp.yml b/nextcloud/docker-compose.smtp.yml index 60136d8..25809d8 100644 --- a/nextcloud/docker-compose.smtp.yml +++ b/nextcloud/docker-compose.smtp.yml @@ -4,14 +4,14 @@ services: nextcloud-fpm: environment: &smtp-configuration - NC_mail_smtphost: ${NC_mail_smtphost:?err} # The hostname of the SMTP server. - NC_mail_smtpsecure: ${NC_mail_smtpsecure:-ssl} # Set to ssl to use SSL, or tls to use STARTTLS. - NC_mail_smtpport: ${NC_mail_smtpport:-465} - NC_mail_smtpauthtype: ${NC_mail_smtpauthtype:-LOGIN} - NC_mail_smtpname: ${NC_mail_smtpname:?err} - NC_mail_smtppassword: ${NC_mail_smtppassword:?err} - NC_mail_from_address: ${NC_mail_from_address:?err} - NC_mail_domain: ${NC_mail_domain:?err} + SMTP_HOST: ${SMTP_HOST:?err} + SMTP_SECURE: ${SMTP_SECURE:-ssl} + SMTP_PORT: ${SMTP_PORT:-465} + SMTP_AUTHTYPE: ${SMTP_AUTHTYPE:-LOGIN} + SMTP_NAME: ${SMTP_NAME:?err} + SMTP_PASSWORD: ${SMTP_PASSWORD:?err} + MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS:?err} + MAIL_DOMAIN: ${MAIL_DOMAIN:?err} nextcloud-cron: environment: -- 2.40.1 From 982c1322bc703b1a043f712e2aadab4ba8d78868 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 23 May 2023 11:56:12 +0200 Subject: [PATCH 156/193] fix(Nextcloud): Trusted proxies is for fpm not web container --- nextcloud/docker-compose.traefik.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/nextcloud/docker-compose.traefik.yml b/nextcloud/docker-compose.traefik.yml index 75d9ffe..2b9b7d2 100644 --- a/nextcloud/docker-compose.traefik.yml +++ b/nextcloud/docker-compose.traefik.yml @@ -5,9 +5,10 @@ networks: name: ${TRAEFIK_NETWORK_NAME:-traefik} services: - nextcloud-web: + nextcloud-fpm: environment: TRUSTED_PROXIES: ${TRAEFIK_NETWORK_NAME:-traefik} + nextcloud-web: labels: - traefik.enable=true - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} -- 2.40.1 From e2d0a53db4204dd03a3aa0a10c55cc6d1079ecf3 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 5 Jun 2023 10:05:20 +0200 Subject: [PATCH 157/193] docs(Drone): Add documentation --- drone/server/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drone/server/README.md b/drone/server/README.md index fc748b6..821a640 100644 --- a/drone/server/README.md +++ b/drone/server/README.md @@ -33,9 +33,10 @@ Il faut ajouter les utilisateurs non admin : ``` drone user add kosssi drone user add killian +export PROMETHEUS_TOKEN=`openssl rand -hex 16` drone user add prometheus --machine --token=${PROMETHEUS_TOKEN} ``` En n'oubliant pas au moment de l'installation d'identifier précisément les utilisateurs ayant le droit d'exécuter Drone avec la variable `DRONE_USER_FILTER=kosssi,killian,prometheus,${DRONE_ADMIN_USER}` -[Documentation officielle](https://docs.drone.io/cli/user/drone-user-add/) +[Documentation officielle](https://docs.drone.io/server/user/machine/#create-accounts) [cli](https://docs.drone.io/cli/user/drone-user-add/) -- 2.40.1 From 692a26ddff44c5bdfe9d310ba688edd35ec745e7 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 5 Jun 2023 10:06:03 +0200 Subject: [PATCH 158/193] docs(Redis): Add documentation --- redis/README.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 redis/README.md diff --git a/redis/README.md b/redis/README.md new file mode 100644 index 0000000..42e9bf8 --- /dev/null +++ b/redis/README.md @@ -0,0 +1,6 @@ +# Redis + +## Information + +- Port par défaut : 6379 +- La configuration de mot de passe : https://github.com/docker-library/redis/issues/46 -- 2.40.1 From 573cd5a462d1bc0e22945d4d7d7de0799bf046f0 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 5 Jun 2023 10:31:11 +0200 Subject: [PATCH 159/193] feat(Signaturepdf): Add new service --- README.md | 1 + signaturepdf/.env | 30 +++++++++++++++++++++++++ signaturepdf/README.md | 19 ++++++++++++++++ signaturepdf/docker-compose.traefik.yml | 15 +++++++++++++ signaturepdf/docker-compose.yml | 22 ++++++++++++++++++ 5 files changed, 87 insertions(+) create mode 100644 signaturepdf/.env create mode 100644 signaturepdf/README.md create mode 100644 signaturepdf/docker-compose.traefik.yml create mode 100644 signaturepdf/docker-compose.yml diff --git a/README.md b/README.md index 065f41f..b9ac8fd 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien - [listmonk](./listmonk) : Gestionnaire de listes de diffusion et de newsletter - [Mobilizon](./mobilizon): Permet l'organisation d'évènements et de gestion de groupes - [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration +- [signaturepdf](./signaturepdf) : Logiciel WEB libre permettant de modifier un fichier PDF facilement - [Plausible](./plausible) : Plausible est une plateforme d'analyse Web légère et open source - [Vaultwarden](./vaultwarden) : Gestionnaire de mot de passe compatible avec Bitwarden - [Vikunja](./vikunja) : L'application pour organiser sa vie diff --git a/signaturepdf/.env b/signaturepdf/.env new file mode 100644 index 0000000..f3b2e88 --- /dev/null +++ b/signaturepdf/.env @@ -0,0 +1,30 @@ +######## +# DOCKER + +#DOCKER_CONTEXT= +#DOCKER_HOST= +SERVICES_DIR=.. +COMPOSE_FILE=${SERVICES_DIR}/signaturepdf/docker-compose.yml:${SERVICES_DIR}/signaturepdf/docker-compose.traefik.yml +#COMPOSE_PROJECT_NAME= + +#SIGNATUREPDF_VOLUME_NAME= +#SIGNATUREPDF_CONTAINER_NAME= +#SIGNATUREPDF_IMAGE= + +############## +# SIGNATUREPDF + +SIGNATUREPDF_DOMAIN=pdf.cool.life +UPLOAD_MAX_FILESIZE=24M +POST_MAX_SIZE=24M +MAX_FILE_UPLOADS=201 +PDF_STORAGE_PATH=/data +DISABLE_ORGANIZATION=false +PDF_DEMO_LINK=true + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= +#TRAEFIK_ENTRYPOINTS= diff --git a/signaturepdf/README.md b/signaturepdf/README.md new file mode 100644 index 0000000..3401099 --- /dev/null +++ b/signaturepdf/README.md @@ -0,0 +1,19 @@ +# Signature de PDF + +Logiciel WEB libre permettant de modifier un fichier PDF facilement. + +## Information + +Le service n'a pas d'image Docker officiel. Actuellement l'image a été construite et poussé sur Hub de Docker par Simon : + +``` +git clone git@github.com:24eme/signaturepdf.git +cd signaturepdf +docker build -t simonc/signaturepdf:latest . +docker push simonc/signaturepdf:latest +``` + +## 🔗 Liens + +- [Github](https://github.com/24eme/signaturepdf) +- [L'image Docker sur Docker Hub](https://hub.docker.com/r/simonc/signaturepdf) diff --git a/signaturepdf/docker-compose.traefik.yml b/signaturepdf/docker-compose.traefik.yml new file mode 100644 index 0000000..180558c --- /dev/null +++ b/signaturepdf/docker-compose.traefik.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + signaturepdf: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.rule=Host(`${SIGNATUREPDF_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.entrypoints=web diff --git a/signaturepdf/docker-compose.yml b/signaturepdf/docker-compose.yml new file mode 100644 index 0000000..d8a468a --- /dev/null +++ b/signaturepdf/docker-compose.yml @@ -0,0 +1,22 @@ +--- + +version: "3.8" + +volumes: + signaturepdf: + name: ${SIGNATUREPDF_VOLUME_NAME:-signaturepdf} + +services: + signaturepdf: + container_name: ${SIGNATUREPDF_CONTAINER_NAME:-signaturepdf} + image: ${SIGNATUREPDF_IMAGE} + volumes: + - signaturepdf:/data + environment: + SERVERNAME: ${SIGNATUREPDF_DOMAIN} + UPLOAD_MAX_FILESIZE: ${UPLOAD_MAX_FILESIZE} + POST_MAX_SIZE: ${POST_MAX_SIZE} + MAX_FILE_UPLOADS: ${MAX_FILE_UPLOADS} + PDF_STORAGE_PATH: ${PDF_STORAGE_PATH} + DISABLE_ORGANIZATION: ${DISABLE_ORGANIZATION} + PDF_DEMO_LINK: ${PDF_DEMO_LINK} -- 2.40.1 From 980ced43c44d7c94355fa4f75e8242cb28c90456 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 12 Jun 2023 16:53:38 +0200 Subject: [PATCH 160/193] feat(Signaturepdf): Add default image --- signaturepdf/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/signaturepdf/docker-compose.yml b/signaturepdf/docker-compose.yml index d8a468a..5e078b2 100644 --- a/signaturepdf/docker-compose.yml +++ b/signaturepdf/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: signaturepdf: container_name: ${SIGNATUREPDF_CONTAINER_NAME:-signaturepdf} - image: ${SIGNATUREPDF_IMAGE} + image: ${SIGNATUREPDF_IMAGE:-simonc/signaturepdf:latest} volumes: - signaturepdf:/data environment: -- 2.40.1 From b7862e8fe55f8f820be1c2beba5580938d8d9387 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 12 Jun 2023 16:54:08 +0200 Subject: [PATCH 161/193] feat(Signaturepdf): Add restart parameter --- signaturepdf/docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/signaturepdf/docker-compose.yml b/signaturepdf/docker-compose.yml index 5e078b2..1a32b7e 100644 --- a/signaturepdf/docker-compose.yml +++ b/signaturepdf/docker-compose.yml @@ -12,6 +12,7 @@ services: image: ${SIGNATUREPDF_IMAGE:-simonc/signaturepdf:latest} volumes: - signaturepdf:/data + restart: always environment: SERVERNAME: ${SIGNATUREPDF_DOMAIN} UPLOAD_MAX_FILESIZE: ${UPLOAD_MAX_FILESIZE} -- 2.40.1 From 06f1e2910f7d680491dd5e7b6000286eae10c99e Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 5 Jul 2023 14:57:00 +0200 Subject: [PATCH 162/193] feat(LLDAP): Add new service --- README.md | 1 + lldap/.env | 50 +++++++++++++++++++++++++++++++ lldap/README.md | 27 +++++++++++++++++ lldap/docker-compose.local.yml | 13 ++++++++ lldap/docker-compose.postgres.yml | 8 +++++ lldap/docker-compose.smtp.yml | 16 ++++++++++ lldap/docker-compose.traefik.yml | 23 ++++++++++++++ lldap/docker-compose.yml | 26 ++++++++++++++++ 8 files changed, 164 insertions(+) create mode 100644 lldap/.env create mode 100644 lldap/README.md create mode 100644 lldap/docker-compose.local.yml create mode 100644 lldap/docker-compose.postgres.yml create mode 100644 lldap/docker-compose.smtp.yml create mode 100644 lldap/docker-compose.traefik.yml create mode 100644 lldap/docker-compose.yml diff --git a/README.md b/README.md index b9ac8fd..5995101 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien - [GeoIP Update](./geoipupdate) : Permet de télécharger la base de données GeoIP2 permettant de localiser les IPs - [Gitea](./gitea) : Un service Git très simple à installer et à utiliser. Il est similaire à GitHub, Bitbucket ou Gitlab. - [Grafana](./grafana) : Un outil de supervision simple et élégant +- [LLDAP](./lldap): Implémentation légère de LDAP pour l'authentification - [PostgreSQL](./postgres) : PostgreSQL est un système de gestion de base de données relationnelle et objet. - [Prometheus](./prometheus) : Un logiciel de surveillance informatique - [Redis](./redis) : Système de gestion de base de données clé-valeur extensible, très hautes performances diff --git a/lldap/.env b/lldap/.env new file mode 100644 index 0000000..d254f6c --- /dev/null +++ b/lldap/.env @@ -0,0 +1,50 @@ +######## +# DOCKER + +SERVICES_DIR=.. +COMPOSE_FILE=${SERVICES_DIR}/lldap/docker-compose.yml:${SERVICES_DIR}/lldap/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml +#COMPOSE_PROJECT_NAME= + +####### +# LLDAP + +LLDAP_DOMAIN=lldap.cool.life +LLDAP_VOLUME_NAME=lldap_cool_life +LLDAP_CONTAINER_NAME=lldap_cool_life +LLDAP_IMAGE=nitnelave/lldap:v0.4.3 + +LLDAP_JWT_SECRET="6IeP8UUbEkQXrkUNbnu1sGpcZOu29wUTWh3uiEgMorI=" +LLDAP_VERBOSE=true + +LLDAP_LDAP_BASE_DN="dc=cool,dc=life" +LLDAP_LDAP_USER_DN="myuser" +LLDAP_LDAP_USER_EMAIL="admin@cool.life" +LLDAP_LDAP_USER_PASS="mon-mot-de-passe" + +# LLDAP_TEST_EMAIL_TO= +# LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET= +# LLDAP_SMTP_OPTIONS__SERVER= +# LLDAP_SMTP_OPTIONS__PORT= +# LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION= +# LLDAP_SMTP_OPTIONS__USER= +# LLDAP_SMTP_OPTIONS__PASSWORD= +# LLDAP_SMTP_OPTIONS__FROM= +# LLDAP_SMTP_OPTIONS__REPLY_TO= + + +########## +# POSTGRES + +POSTGRES_USER=user-example +POSTGRES_PASSWORD=password-example +POSTGRES_DB=postgres-database-name-example +POSTGRES_CONTAINER_NAME=lldap-postgres +POSTGRES_VOLUME_NAME=lldap-postgres +#POSTGRES_IMAGE= + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= # Don't use char '.' +#TRAEFIK_ENTRYPOINTS= diff --git a/lldap/README.md b/lldap/README.md new file mode 100644 index 0000000..edefb1e --- /dev/null +++ b/lldap/README.md @@ -0,0 +1,27 @@ +# LLDAP + +> Implémentation légère de LDAP pour l'authentification : +> Ce projet est un serveur d'authentification léger (écrit en rust) qui fournit une interface LDAP simplifiée pour l'authentification. Il s'intègre avec de nombreux backends, de KeyCloak à [Authelia](https://github.com/lldap/lldap/blob/main/example_configs/authelia_config.yml) en passant par Nextcloud et plus encore ! + +## Documentation + +- Le fichier [`lldap_config.docker_template.toml`](https://github.com/lldap/lldap/blob/main/lldap_config.docker_template.toml) contient toute la configuration possible de l'outil. +- De base le projet utilise SQLite, mais on peut utiliser Postgres voir le fichier [`docker-compose.postgres.yml`](./docker-compose.postgres.yml) +- Le projet n'est pas [traduit](https://github.com/lldap/lldap/issues/20) actuellement +- Lors du lancement du service une clé est généré aléatoirement dans le fichier `private_key` du dossier `/data` du container, ce fichier est important il faut donc le sauvegarder puisque les mots de passe sont chiffrés en base avec. + +## Configuration + +La configuration a été séparée en 5 fichiers : + +- [`docker-compose.yml`](./docker-compose.yml) contient la configuration de base +- [`docker-compose.local.yml`](./docker-compose.local.yml) permettant de tester le service sans Traefik +- [`docker-compose.smtp.yml`](./docker-compose.smtp.yml) correspondant à la configuration du service SMTP +- [`docker-compose.postgres.yml`](./docker-compose.postgres.yml) pour configurer le service Postgres +- [`docker-compose.traefik.yml`](./docker-compose.traefik.yml) pour configurer automatiquement Traefik + +## Liens + +- [Code source](https://github.com/lldap/lldap) +- [Docker Hub](https://hub.docker.com/r/nitnelave/lldap) +- [Documentation](https://github.com/lldap/lldap/blob/main/lldap_config.docker_template.toml) diff --git a/lldap/docker-compose.local.yml b/lldap/docker-compose.local.yml new file mode 100644 index 0000000..b18217b --- /dev/null +++ b/lldap/docker-compose.local.yml @@ -0,0 +1,13 @@ +--- + +version: "3.8" + +services: + lldap: + ports: + # For LDAP + - "3890:3890" + # For LDAPS (LDAP Over SSL), enable port if LLDAP_LDAPS_OPTIONS__ENABLED set true, look env below + - "6360:6360" + # For the web front-end + - "17170:17170" diff --git a/lldap/docker-compose.postgres.yml b/lldap/docker-compose.postgres.yml new file mode 100644 index 0000000..cb017f8 --- /dev/null +++ b/lldap/docker-compose.postgres.yml @@ -0,0 +1,8 @@ +--- + +version: "3.8" + +services: + lldap: + environment: + - LLDAP_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_CONTAINER_NAME}/${POSTGRES_DB} diff --git a/lldap/docker-compose.smtp.yml b/lldap/docker-compose.smtp.yml new file mode 100644 index 0000000..23024ae --- /dev/null +++ b/lldap/docker-compose.smtp.yml @@ -0,0 +1,16 @@ +--- + +version: "3.8" + +services: + lldap: + environment: + - LLDAP_TEST_EMAIL_TO=${LLDAP_TEST_EMAIL_TO} + - LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET=${LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET} + - LLDAP_SMTP_OPTIONS__SERVER=${LLDAP_SMTP_OPTIONS__SERVER} + - LLDAP_SMTP_OPTIONS__PORT=${LLDAP_SMTP_OPTIONS__PORT} + - LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION=${LLDAP_SMTP_OPTIONS__ENCRYPTION} + - LLDAP_SMTP_OPTIONS__USER=${LLDAP_SMTP_OPTIONS__USER} + - LLDAP_SMTP_OPTIONS__PASSWORD=${LLDAP_SMTP_OPTIONS__PASSWORD} + - LLDAP_SMTP_OPTIONS__FROM=${LLDAP_SMTP_OPTIONS__FROM} + - LLDAP_SMTP_OPTIONS__REPLY_TO=${LLDAP_SMTP_OPTIONS__TO} diff --git a/lldap/docker-compose.traefik.yml b/lldap/docker-compose.traefik.yml new file mode 100644 index 0000000..2ad1790 --- /dev/null +++ b/lldap/docker-compose.traefik.yml @@ -0,0 +1,23 @@ +--- + +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + lldap: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=Host(`${LLDAP_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} + # - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.tls.certResolver=letsencrypt + - traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=17170 + - traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.scheme=http + + # https://github.com/lldap/lldap/issues/247#issuecomment-1489962511 + # - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=HostSNI(`${LLDAP_DOMAIN:?err}`) + # - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} + # - traefik.tcp.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=3890 diff --git a/lldap/docker-compose.yml b/lldap/docker-compose.yml new file mode 100644 index 0000000..31d7a44 --- /dev/null +++ b/lldap/docker-compose.yml @@ -0,0 +1,26 @@ +--- + +version: "3.8" + +volumes: + lldap: + name: ${LLDAP_VOLUME_NAME:-lldap} + +services: + lldap: + container_name: ${LLDAP_CONTAINER_NAME:-lldap} + image: ${LLDAP_IMAGE:-nitnelave/lldap:v0.4.3} + restart: always + volumes: + - "lldap:/data" + environment: + - TZ=${TIMEZONE:-Europe/Paris} + - LLDAP_VERBOSE=${LLDAP_VERBOSE:-false} + + - LLDAP_JWT_SECRET=${LLDAP_JWT_SECRET:?err} + - LLDAP_HTTP_URL=https://${LLDAP_DOMAIN:?err} + + - LLDAP_LDAP_BASE_DN=${LLDAP_LDAP_BASE_DN:?err} + - LLDAP_LDAP_USER_DN=${LLDAP_LDAP_USER_DN:?err} + - LLDAP_LDAP_USER_EMAIL=${LLDAP_LDAP_USER_EMAIL:?err} + - LLDAP_LDAP_USER_PASS=${LLDAP_LDAP_USER_PASS:?err} -- 2.40.1 From 0e06b651e8c2e0d3d3429e01cbc359d855da8bfc Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 17 Jul 2023 12:33:30 +0200 Subject: [PATCH 163/193] fix(Docker): Network should be external with docker compose 2.20.0 --- directus/docker-compose.traefik.yml | 1 + drone/runner/docker-compose.traefik.yml | 1 + gitea/docker-compose.traefik.yml | 1 + grafana/docker-compose.traefik.yml | 1 + hedgedoc/docker-compose.traefik.yml | 1 + listmonk/docker-compose.yml | 1 + lldap/docker-compose.traefik.yml | 1 + mobilizon/docker-compose.traefik.yml | 1 + nextcloud/docker-compose.traefik.yml | 1 + plausible/docker-compose.traefik.yml | 1 + prometheus/docker-compose.traefik.yml | 1 + registry/docker-compose.traefik.yml | 1 + signaturepdf/docker-compose.traefik.yml | 1 + uptimekuma/docker-compose.traefik.yml | 1 + vaultwarden/docker-compose.traefik.yml | 1 + vikunja/docker-compose.traefik.yml | 1 + 16 files changed, 16 insertions(+) diff --git a/directus/docker-compose.traefik.yml b/directus/docker-compose.traefik.yml index c199f12..8b7fadf 100644 --- a/directus/docker-compose.traefik.yml +++ b/directus/docker-compose.traefik.yml @@ -5,6 +5,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: directus: diff --git a/drone/runner/docker-compose.traefik.yml b/drone/runner/docker-compose.traefik.yml index 175112c..29ca771 100644 --- a/drone/runner/docker-compose.traefik.yml +++ b/drone/runner/docker-compose.traefik.yml @@ -5,6 +5,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME} + external: true services: drone-runner: diff --git a/gitea/docker-compose.traefik.yml b/gitea/docker-compose.traefik.yml index f3a5562..41a1394 100644 --- a/gitea/docker-compose.traefik.yml +++ b/gitea/docker-compose.traefik.yml @@ -3,6 +3,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: gitea: diff --git a/grafana/docker-compose.traefik.yml b/grafana/docker-compose.traefik.yml index 35b694e..faa651c 100644 --- a/grafana/docker-compose.traefik.yml +++ b/grafana/docker-compose.traefik.yml @@ -3,6 +3,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: grafana: diff --git a/hedgedoc/docker-compose.traefik.yml b/hedgedoc/docker-compose.traefik.yml index 36ec09a..db879db 100644 --- a/hedgedoc/docker-compose.traefik.yml +++ b/hedgedoc/docker-compose.traefik.yml @@ -3,6 +3,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: hedgedoc: diff --git a/listmonk/docker-compose.yml b/listmonk/docker-compose.yml index 9732d9a..61f1f65 100644 --- a/listmonk/docker-compose.yml +++ b/listmonk/docker-compose.yml @@ -3,6 +3,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true volumes: listmonk: diff --git a/lldap/docker-compose.traefik.yml b/lldap/docker-compose.traefik.yml index 2ad1790..b185bea 100644 --- a/lldap/docker-compose.traefik.yml +++ b/lldap/docker-compose.traefik.yml @@ -5,6 +5,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: lldap: diff --git a/mobilizon/docker-compose.traefik.yml b/mobilizon/docker-compose.traefik.yml index a37a013..2341a7f 100644 --- a/mobilizon/docker-compose.traefik.yml +++ b/mobilizon/docker-compose.traefik.yml @@ -5,6 +5,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: mobilizon: diff --git a/nextcloud/docker-compose.traefik.yml b/nextcloud/docker-compose.traefik.yml index 2b9b7d2..4e869a2 100644 --- a/nextcloud/docker-compose.traefik.yml +++ b/nextcloud/docker-compose.traefik.yml @@ -3,6 +3,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: nextcloud-fpm: diff --git a/plausible/docker-compose.traefik.yml b/plausible/docker-compose.traefik.yml index 04cd7b6..206c221 100644 --- a/plausible/docker-compose.traefik.yml +++ b/plausible/docker-compose.traefik.yml @@ -3,6 +3,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: plausible: diff --git a/prometheus/docker-compose.traefik.yml b/prometheus/docker-compose.traefik.yml index 5f3fe21..f3c4cf5 100644 --- a/prometheus/docker-compose.traefik.yml +++ b/prometheus/docker-compose.traefik.yml @@ -5,6 +5,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: prometheus: diff --git a/registry/docker-compose.traefik.yml b/registry/docker-compose.traefik.yml index 9c8f6ea..73a9837 100644 --- a/registry/docker-compose.traefik.yml +++ b/registry/docker-compose.traefik.yml @@ -3,6 +3,7 @@ version: '3.8' networks: default: name: ${TRAEFIK_NETWORK_NAME} + external: true services: registry: diff --git a/signaturepdf/docker-compose.traefik.yml b/signaturepdf/docker-compose.traefik.yml index 180558c..4970dd8 100644 --- a/signaturepdf/docker-compose.traefik.yml +++ b/signaturepdf/docker-compose.traefik.yml @@ -5,6 +5,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: signaturepdf: diff --git a/uptimekuma/docker-compose.traefik.yml b/uptimekuma/docker-compose.traefik.yml index ff7d31c..47c2230 100644 --- a/uptimekuma/docker-compose.traefik.yml +++ b/uptimekuma/docker-compose.traefik.yml @@ -5,6 +5,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: uptimekuma: diff --git a/vaultwarden/docker-compose.traefik.yml b/vaultwarden/docker-compose.traefik.yml index e191542..16a23fc 100644 --- a/vaultwarden/docker-compose.traefik.yml +++ b/vaultwarden/docker-compose.traefik.yml @@ -5,6 +5,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true services: vaultwarden: diff --git a/vikunja/docker-compose.traefik.yml b/vikunja/docker-compose.traefik.yml index eabf6d1..8ba220e 100644 --- a/vikunja/docker-compose.traefik.yml +++ b/vikunja/docker-compose.traefik.yml @@ -3,6 +3,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} + external: true # https://vikunja.io/docs/full-docker-example/#example-with-traefik-2 -- 2.40.1 From b5ea07c70a5376b2f1e2a3780b948f8cf7d91c7b Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 17 Jul 2023 17:56:24 +0200 Subject: [PATCH 164/193] fix(lldap): variables name --- lldap/docker-compose.smtp.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lldap/docker-compose.smtp.yml b/lldap/docker-compose.smtp.yml index 23024ae..e88e694 100644 --- a/lldap/docker-compose.smtp.yml +++ b/lldap/docker-compose.smtp.yml @@ -9,8 +9,8 @@ services: - LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET=${LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET} - LLDAP_SMTP_OPTIONS__SERVER=${LLDAP_SMTP_OPTIONS__SERVER} - LLDAP_SMTP_OPTIONS__PORT=${LLDAP_SMTP_OPTIONS__PORT} - - LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION=${LLDAP_SMTP_OPTIONS__ENCRYPTION} + - LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION=${LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION} - LLDAP_SMTP_OPTIONS__USER=${LLDAP_SMTP_OPTIONS__USER} - LLDAP_SMTP_OPTIONS__PASSWORD=${LLDAP_SMTP_OPTIONS__PASSWORD} - LLDAP_SMTP_OPTIONS__FROM=${LLDAP_SMTP_OPTIONS__FROM} - - LLDAP_SMTP_OPTIONS__REPLY_TO=${LLDAP_SMTP_OPTIONS__TO} + - LLDAP_SMTP_OPTIONS__REPLY_TO=${LLDAP_SMTP_OPTIONS__REPLY_TO} -- 2.40.1 From 72621b893ddfda37103f0b021d53ddb98e2a0b5b Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 18 Jul 2023 16:17:15 +0200 Subject: [PATCH 165/193] feat(Directus): Add CORS_ENABLED variable --- directus/README.md | 2 ++ directus/docker-compose.yml | 1 + 2 files changed, 3 insertions(+) diff --git a/directus/README.md b/directus/README.md index acea0b2..faa9464 100644 --- a/directus/README.md +++ b/directus/README.md @@ -6,6 +6,8 @@ [De nombreuses variables d'environnement][documentation] peuvent être précisé pour configurer Directus. +- `CORS_ENABLED` à comme valeur par défaut `false` et peut prendre `true` pour accepter toutes les connexions mais il est préférable de spécifier directement les sites comme ceci `array:https://example.com,https://staging.example.com`. + ## Liens - [Site officiel][website] diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index 1422d1d..b3c1421 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -24,6 +24,7 @@ services: ADMIN_EMAIL: ${DIRECTUS_ADMIN_EMAIL:?err} ADMIN_PASSWORD: ${DIRECTUS_ADMIN_PASSWORD:?err} PUBLIC_URL: ${DIRECTUS_PUBLIC_URL:?err} + CORS_ENABLED: ${CORS_ENABLED:-false} DB_CLIENT: 'pg' DB_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8 -- 2.40.1 From 353c1bd812c8deb3c88e4c27fda5ea59caea6961 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 18 Jul 2023 16:27:26 +0200 Subject: [PATCH 166/193] feat(Directus): Add CORS_ORIGIN variable --- directus/README.md | 2 +- directus/docker-compose.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/directus/README.md b/directus/README.md index faa9464..1f1c369 100644 --- a/directus/README.md +++ b/directus/README.md @@ -6,7 +6,7 @@ [De nombreuses variables d'environnement][documentation] peuvent être précisé pour configurer Directus. -- `CORS_ENABLED` à comme valeur par défaut `false` et peut prendre `true` pour accepter toutes les connexions mais il est préférable de spécifier directement les sites comme ceci `array:https://example.com,https://staging.example.com`. +- `CORS_ORIGIN` à comme valeur par défaut `false` et peut prendre `true` pour accepter toutes les connexions, mais il est préférable de spécifier directement les sites comme ceci `array:https://example.com,https://staging.example.com`. ## Liens diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index b3c1421..8a865bf 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -25,6 +25,7 @@ services: ADMIN_PASSWORD: ${DIRECTUS_ADMIN_PASSWORD:?err} PUBLIC_URL: ${DIRECTUS_PUBLIC_URL:?err} CORS_ENABLED: ${CORS_ENABLED:-false} + CORS_ORIGIN: ${CORS_ORIGIN:-false} DB_CLIENT: 'pg' DB_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8 -- 2.40.1 From b803eedf8c3c72ea5a20975cf1cf7e90a8412466 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 18 Jul 2023 16:32:30 +0200 Subject: [PATCH 167/193] feat(Directus): Add DIRECTUS_ prefix like others variables --- directus/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index 8a865bf..6aab188 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -24,8 +24,8 @@ services: ADMIN_EMAIL: ${DIRECTUS_ADMIN_EMAIL:?err} ADMIN_PASSWORD: ${DIRECTUS_ADMIN_PASSWORD:?err} PUBLIC_URL: ${DIRECTUS_PUBLIC_URL:?err} - CORS_ENABLED: ${CORS_ENABLED:-false} - CORS_ORIGIN: ${CORS_ORIGIN:-false} + CORS_ENABLED: ${DIRECTUS_CORS_ENABLED:-false} + CORS_ORIGIN: ${DIRECTUS_CORS_ORIGIN:-false} DB_CLIENT: 'pg' DB_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8 -- 2.40.1 From 6d5884343eeca3fa83705fc9b8114e7635b0ac71 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 27 Sep 2023 15:17:40 +0200 Subject: [PATCH 168/193] feat(Traefik): Upgrade and disable dashboard ad --- traefik/docker-compose.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index f030402..52f68fb 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -11,7 +11,7 @@ networks: services: traefik: container_name: ${TRAEFIK_CONTAINER_NAME:-traefik} - image: ${TRAEFIK_IMAGE:-traefik:v2.6.3} + image: ${TRAEFIK_IMAGE:-traefik:v2.10.4} restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock @@ -27,6 +27,7 @@ services: - traefik command: - --api.insecure=${TRAEFIK_API_INSECURE:-true} + - --api.disabledashboardad=${TRAEFIK_API_DISABLEDASHBOARDAD:-true} - --log.level=${TRAEFIK_LOG_LEVEL:-INFO} - --global.sendanonymoususage=${TRAEFIK_GLOBAL_SENDANONYMOUSUSAGE:-false} - --global.checknewversion=${TRAEFIK_GLOBAL_CHECKNEWVERSION:-false} -- 2.40.1 From 9078d9d04fdac28cbe26024ff6835badc4158445 Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 28 Sep 2023 11:58:49 +0200 Subject: [PATCH 169/193] feat(Gitea): Split Postgres configuration --- gitea/docker-compose.metrics.yml | 2 ++ gitea/docker-compose.override.yml | 2 ++ gitea/docker-compose.postgres.yml | 14 ++++++++++++++ gitea/docker-compose.smtp.yml | 2 ++ gitea/docker-compose.traefik.yml | 2 ++ gitea/docker-compose.yml | 10 ++-------- 6 files changed, 24 insertions(+), 8 deletions(-) create mode 100644 gitea/docker-compose.postgres.yml diff --git a/gitea/docker-compose.metrics.yml b/gitea/docker-compose.metrics.yml index c2a1cab..61c7a80 100644 --- a/gitea/docker-compose.metrics.yml +++ b/gitea/docker-compose.metrics.yml @@ -1,3 +1,5 @@ +--- + version: "3.8" services: diff --git a/gitea/docker-compose.override.yml b/gitea/docker-compose.override.yml index 06972df..0c78b23 100644 --- a/gitea/docker-compose.override.yml +++ b/gitea/docker-compose.override.yml @@ -1,3 +1,5 @@ +--- + version: "3.8" services: diff --git a/gitea/docker-compose.postgres.yml b/gitea/docker-compose.postgres.yml new file mode 100644 index 0000000..e07d1d5 --- /dev/null +++ b/gitea/docker-compose.postgres.yml @@ -0,0 +1,14 @@ +--- + +version: "3.8" + +services: + gitea: + environment: + - GITEA__database__DB_TYPE=postgres + - GITEA__database__HOST=${POSTGRES_CONTAINER_NAME:-postgres}:5432 + - GITEA__database__NAME=${POSTGRES_DB} + - GITEA__database__USER=${POSTGRES_USER} + - GITEA__database__PASSWD=${POSTGRES_PASSWORD} + depends_on: + - postgres diff --git a/gitea/docker-compose.smtp.yml b/gitea/docker-compose.smtp.yml index af25854..c05ac16 100644 --- a/gitea/docker-compose.smtp.yml +++ b/gitea/docker-compose.smtp.yml @@ -1,3 +1,5 @@ +--- + version: "3.8" services: diff --git a/gitea/docker-compose.traefik.yml b/gitea/docker-compose.traefik.yml index 41a1394..4ebea4c 100644 --- a/gitea/docker-compose.traefik.yml +++ b/gitea/docker-compose.traefik.yml @@ -1,3 +1,5 @@ +--- + version: "3.8" networks: diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index f30608b..9f947f6 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -1,3 +1,5 @@ +--- + version: "3.8" volumes: @@ -12,12 +14,6 @@ services: environment: - USER_UID=${GITEA_UID:-1000} - USER_GID=${GITEA_GID:-1000} - # Database - - GITEA__database__DB_TYPE=postgres - - GITEA__database__HOST=${POSTGRES_CONTAINER_NAME:-postgres}:5432 - - GITEA__database__NAME=${POSTGRES_DB} - - GITEA__database__USER=${POSTGRES_USER} - - GITEA__database__PASSWD=${POSTGRES_PASSWORD} # Security # docker run -it --rm gitea/gitea:1 gitea generate secret SECRET_KEY - GITEA__security__SECRET_KEY=${GITEA_SECRET_KEY} @@ -27,5 +23,3 @@ services: - gitea:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro - depends_on: - - postgres -- 2.40.1 From b0473195568c2d75b1d2aaf51fc49d5256f1f585 Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 28 Sep 2023 12:00:00 +0200 Subject: [PATCH 170/193] chore(Gitea): Upgrade default version to 1.20.4 --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 9f947f6..6b899d5 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.18.4} + image: ${GITEA_IMAGE:-gitea/gitea:1.20.4} restart: always environment: - USER_UID=${GITEA_UID:-1000} -- 2.40.1 From ab822795adbdce9855246869b6996cb57dfb7717 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Oct 2023 10:10:45 +0200 Subject: [PATCH 171/193] chore(Vikunja): Upgrade to 0.21.0 https://vikunja.io/blog/2023/07/whats-new-in-vikunja-0.21.0/ --- vikunja/docker-compose.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml index ac99c02..7983708 100644 --- a/vikunja/docker-compose.yml +++ b/vikunja/docker-compose.yml @@ -10,7 +10,7 @@ volumes: services: vikunja_api: container_name: ${VIKUNJA_CONTAINER_NAME:-vikunja}_api - image: ${VIKUNJA_API_IMAGE:-vikunja/api:0.18.1} + image: ${VIKUNJA_API_IMAGE:-vikunja/api:0.21.0} restart: always environment: VIKUNJA_SERVICE_JWTSECRET: ${VIKUNJA_SERVICE_JWTSECRET} @@ -34,12 +34,12 @@ services: PUID: ${VIKUNJA_PUID:-1000} PGID: ${VIKUNJA_PGID:-1000} volumes: - - vikunja:/app/vikunja/files + - vikunja:${VIKUNJA_SERVICE_ROOTPATH:-/app/vikunja/files} - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro vikunja_frontend: container_name: ${VIKUNJA_CONTAINER_NAME:-vikunja}_frontend - image: ${VIKUNJA_FRONTEND_IMAGE:-vikunja/frontend:0.18.2} + image: ${VIKUNJA_FRONTEND_IMAGE:-vikunja/frontend:0.21.0} restart: always depends_on: - vikunja_api -- 2.40.1 From 225015a5c9dad8a09294ff19833c9b5fd16bbd04 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Oct 2023 10:11:26 +0200 Subject: [PATCH 172/193] feat(Vikunja): Add more configuration --- vikunja/docker-compose.yml | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml index 7983708..2aa6391 100644 --- a/vikunja/docker-compose.yml +++ b/vikunja/docker-compose.yml @@ -13,10 +13,23 @@ services: image: ${VIKUNJA_API_IMAGE:-vikunja/api:0.21.0} restart: always environment: + VIKUNJA_DATABASE_PATH: ${VIKUNJA_DATABASE_PATH:-./vikunja.db} + + VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_NAME: ${VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_NAME:-true} + VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_EMAIL: ${VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_EMAIL:-true} + VIKUNJA_DEFAULTSETTINGS_WEEK_START: ${VIKUNJA_DEFAULTSETTINGS_WEEK_START:-1} + VIKUNJA_DEFAULTSETTINGS_LANGUAGE: ${VIKUNJA_DEFAULTSETTINGS_LANGUAGE:-fr} + VIKUNJA_DEFAULTSETTINGS_TIMEZONE: ${VIKUNJA_DEFAULTSETTINGS_TIMEZONE:-Europe/Paris} + + VIKUNJA_FILES_BASEPATH: ${VIKUNJA_FILES_BASEPATH:-./files} + VIKUNJA_FILES_MAXSIZE: ${VIKUNJA_FILES_MAXSIZE:-20MB} + + VIKUNJA_LEGAL_IMPRINTURL: ${VIKUNJA_LEGAL_IMPRINTURL} + VIKUNJA_LEGAL_PRIVACYURL: ${VIKUNJA_LEGAL_PRIVACYURL} + VIKUNJA_SERVICE_JWTSECRET: ${VIKUNJA_SERVICE_JWTSECRET} VIKUNJA_SERVICE_JWTTTL: ${VIKUNJA_SERVICE_JWTTTL:-259200} VIKUNJA_SERVICE_JWTTTLLONG: ${VIKUNJA_SERVICE_JWTTTLLONG:-2592000} - VIKUNJA_SERVICE_FRONTENDURL: ${VIKUNJA_SERVICE_FRONTENDURL:?err} VIKUNJA_SERVICE_MAXITEMSPERPAGE: ${VIKUNJA_SERVICE_MAXITEMSPERPAGE:-50} VIKUNJA_SERVICE_ENABLECALDAV: ${VIKUNJA_SERVICE_ENABLECALDAV:-true} @@ -28,13 +41,12 @@ services: VIKUNJA_SERVICE_ENABLETOTP: ${VIKUNJA_SERVICE_ENABLETOTP:-true} VIKUNJA_SERVICE_ENABLEEMAILREMINDERS: ${VIKUNJA_SERVICE_ENABLEEMAILREMINDERS:-true} VIKUNJA_SERVICE_ENABLEUSERDELETION: ${VIKUNJA_SERVICE_ENABLEUSERDELETION:-true} + VIKUNJA_SERVICE_ROOTPATH: ${VIKUNJA_SERVICE_ROOTPATH:-/app/vikunja/} - VIKUNJA_FILES_BASEPATH: ${VIKUNJA_FILES_BASEPATH:-./files} - VIKUNJA_FILES_MAXSIZE: ${VIKUNJA_FILES_MAXSIZE:-20MB} PUID: ${VIKUNJA_PUID:-1000} PGID: ${VIKUNJA_PGID:-1000} volumes: - - vikunja:${VIKUNJA_SERVICE_ROOTPATH:-/app/vikunja/files} + - vikunja:${VIKUNJA_VOLUME_PATH:-/app/vikunja/files} - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro vikunja_frontend: -- 2.40.1 From 06d35b9c9a35ff424a75463414bea0dfab37ad0f Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Oct 2023 10:49:51 +0200 Subject: [PATCH 173/193] fix(Vikunja): Add default values --- vikunja/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml index 2aa6391..c570496 100644 --- a/vikunja/docker-compose.yml +++ b/vikunja/docker-compose.yml @@ -24,8 +24,8 @@ services: VIKUNJA_FILES_BASEPATH: ${VIKUNJA_FILES_BASEPATH:-./files} VIKUNJA_FILES_MAXSIZE: ${VIKUNJA_FILES_MAXSIZE:-20MB} - VIKUNJA_LEGAL_IMPRINTURL: ${VIKUNJA_LEGAL_IMPRINTURL} - VIKUNJA_LEGAL_PRIVACYURL: ${VIKUNJA_LEGAL_PRIVACYURL} + VIKUNJA_LEGAL_IMPRINTURL: ${VIKUNJA_LEGAL_IMPRINTURL:-''} + VIKUNJA_LEGAL_PRIVACYURL: ${VIKUNJA_LEGAL_PRIVACYURL:-''} VIKUNJA_SERVICE_JWTSECRET: ${VIKUNJA_SERVICE_JWTSECRET} VIKUNJA_SERVICE_JWTTTL: ${VIKUNJA_SERVICE_JWTTTL:-259200} -- 2.40.1 From 847bc2b014a0398b935369a51d58d61c8bfb67fe Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Oct 2023 14:17:11 +0200 Subject: [PATCH 174/193] fix(Vikunja): Fix default language --- vikunja/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml index c570496..dd59270 100644 --- a/vikunja/docker-compose.yml +++ b/vikunja/docker-compose.yml @@ -18,7 +18,7 @@ services: VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_NAME: ${VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_NAME:-true} VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_EMAIL: ${VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_EMAIL:-true} VIKUNJA_DEFAULTSETTINGS_WEEK_START: ${VIKUNJA_DEFAULTSETTINGS_WEEK_START:-1} - VIKUNJA_DEFAULTSETTINGS_LANGUAGE: ${VIKUNJA_DEFAULTSETTINGS_LANGUAGE:-fr} + VIKUNJA_DEFAULTSETTINGS_LANGUAGE: ${VIKUNJA_DEFAULTSETTINGS_LANGUAGE:-fr-FR} VIKUNJA_DEFAULTSETTINGS_TIMEZONE: ${VIKUNJA_DEFAULTSETTINGS_TIMEZONE:-Europe/Paris} VIKUNJA_FILES_BASEPATH: ${VIKUNJA_FILES_BASEPATH:-./files} -- 2.40.1 From 11f89a1c8c9d5888bd8cba3427b0e277e5c56b45 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Oct 2023 14:17:29 +0200 Subject: [PATCH 175/193] feat(Vikunja): Split configuration --- vikunja/docker-compose.legal.yml | 9 +++++++++ vikunja/docker-compose.yml | 2 -- 2 files changed, 9 insertions(+), 2 deletions(-) create mode 100644 vikunja/docker-compose.legal.yml diff --git a/vikunja/docker-compose.legal.yml b/vikunja/docker-compose.legal.yml new file mode 100644 index 0000000..aa45158 --- /dev/null +++ b/vikunja/docker-compose.legal.yml @@ -0,0 +1,9 @@ +--- + +version: "3.8" + +services: + vikunja_api: + environment: + VIKUNJA_LEGAL_IMPRINTURL: ${VIKUNJA_LEGAL_IMPRINTURL} + VIKUNJA_LEGAL_PRIVACYURL: ${VIKUNJA_LEGAL_PRIVACYURL} diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml index dd59270..370147d 100644 --- a/vikunja/docker-compose.yml +++ b/vikunja/docker-compose.yml @@ -24,8 +24,6 @@ services: VIKUNJA_FILES_BASEPATH: ${VIKUNJA_FILES_BASEPATH:-./files} VIKUNJA_FILES_MAXSIZE: ${VIKUNJA_FILES_MAXSIZE:-20MB} - VIKUNJA_LEGAL_IMPRINTURL: ${VIKUNJA_LEGAL_IMPRINTURL:-''} - VIKUNJA_LEGAL_PRIVACYURL: ${VIKUNJA_LEGAL_PRIVACYURL:-''} VIKUNJA_SERVICE_JWTSECRET: ${VIKUNJA_SERVICE_JWTSECRET} VIKUNJA_SERVICE_JWTTTL: ${VIKUNJA_SERVICE_JWTTTL:-259200} -- 2.40.1 From d88b1829f184d62f535285bc16af5c76d5d3eadc Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Oct 2023 14:53:44 +0200 Subject: [PATCH 176/193] feat(Vikunja): Add all default variables --- vikunja/docker-compose.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml index 370147d..97d05ec 100644 --- a/vikunja/docker-compose.yml +++ b/vikunja/docker-compose.yml @@ -15,8 +15,14 @@ services: environment: VIKUNJA_DATABASE_PATH: ${VIKUNJA_DATABASE_PATH:-./vikunja.db} + VIKUNJA_DEFAULTSETTINGS_AVATAR_PROVIDER: ${VIKUNJA_DEFAULTSETTINGS_AVATAR_PROVIDER:-initials} + VIKUNJA_DEFAULTSETTINGS_AVATAR_FILE_ID: ${VIKUNJA_DEFAULTSETTINGS_AVATAR_FILE_ID:-0} + VIKUNJA_DEFAULTSETTINGS_EMAIL_REMINDERS_ENABLED: ${VIKUNJA_DEFAULTSETTINGS_EMAIL_REMINDERS_ENABLED:-false} VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_NAME: ${VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_NAME:-true} VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_EMAIL: ${VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_EMAIL:-true} + VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_ENABLED: ${VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_ENABLED:-false} + VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_TIME: ${VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_TIME:-9:00} + VIKUNJA_DEFAULTSETTINGS_DEFAULT_PROJECT_ID: ${VIKUNJA_DEFAULTSETTINGS_DEFAULT_PROJECT_ID:-0} VIKUNJA_DEFAULTSETTINGS_WEEK_START: ${VIKUNJA_DEFAULTSETTINGS_WEEK_START:-1} VIKUNJA_DEFAULTSETTINGS_LANGUAGE: ${VIKUNJA_DEFAULTSETTINGS_LANGUAGE:-fr-FR} VIKUNJA_DEFAULTSETTINGS_TIMEZONE: ${VIKUNJA_DEFAULTSETTINGS_TIMEZONE:-Europe/Paris} -- 2.40.1 From a26e2913966d18f5985d25cbb4aac5fdf792f780 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Oct 2023 22:21:58 +0200 Subject: [PATCH 177/193] feat(Nextcloud): Split redis & postgres configuration --- nextcloud/docker-compose.config.yml | 1 + nextcloud/docker-compose.local.yml | 2 ++ nextcloud/docker-compose.postgres.yml | 18 ++++++++++++++++++ nextcloud/docker-compose.redis.yml | 15 +++++++++++++++ nextcloud/docker-compose.smtp.yml | 2 ++ nextcloud/docker-compose.traefik.yml | 2 ++ nextcloud/docker-compose.yml | 10 ++-------- 7 files changed, 42 insertions(+), 8 deletions(-) create mode 100644 nextcloud/docker-compose.postgres.yml create mode 100644 nextcloud/docker-compose.redis.yml diff --git a/nextcloud/docker-compose.config.yml b/nextcloud/docker-compose.config.yml index f7491ce..2dfecac 100644 --- a/nextcloud/docker-compose.config.yml +++ b/nextcloud/docker-compose.config.yml @@ -1,4 +1,5 @@ --- + version: "3.8" services: diff --git a/nextcloud/docker-compose.local.yml b/nextcloud/docker-compose.local.yml index f6bd168..7a6ea13 100644 --- a/nextcloud/docker-compose.local.yml +++ b/nextcloud/docker-compose.local.yml @@ -1,3 +1,5 @@ +--- + version: "3.8" services: diff --git a/nextcloud/docker-compose.postgres.yml b/nextcloud/docker-compose.postgres.yml new file mode 100644 index 0000000..1bf8b14 --- /dev/null +++ b/nextcloud/docker-compose.postgres.yml @@ -0,0 +1,18 @@ +--- + +version: "3.8" + +services: + nextcloud-fpm: + depends_on: + - postgres + environment: + &postgres-configuration + POSTGRES_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8 + POSTGRES_USER: ${POSTGRES_USER:?err} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?err} + POSTGRES_DB: ${POSTGRES_DB:?err} + + nextcloud-cron: + environment: + <<: *postgres-configuration diff --git a/nextcloud/docker-compose.redis.yml b/nextcloud/docker-compose.redis.yml new file mode 100644 index 0000000..7f7be97 --- /dev/null +++ b/nextcloud/docker-compose.redis.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +services: + nextcloud-fpm: + depends_on: + - redis + environment: + &redis-configuration + REDIS_HOST: ${REDIS_CONTAINER_NAME:-redis} # Default name is same as ../redis/docker-compose.yml:4 + + nextcloud-cron: + environment: + <<: *redis-configuration diff --git a/nextcloud/docker-compose.smtp.yml b/nextcloud/docker-compose.smtp.yml index 25809d8..40c1a15 100644 --- a/nextcloud/docker-compose.smtp.yml +++ b/nextcloud/docker-compose.smtp.yml @@ -1,3 +1,5 @@ +--- + version: "3.8" services: diff --git a/nextcloud/docker-compose.traefik.yml b/nextcloud/docker-compose.traefik.yml index 4e869a2..f383350 100644 --- a/nextcloud/docker-compose.traefik.yml +++ b/nextcloud/docker-compose.traefik.yml @@ -1,3 +1,5 @@ +--- + version: "3.8" networks: diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 351eb38..23eb63a 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -1,3 +1,5 @@ +--- + version: "3.8" volumes: @@ -9,9 +11,6 @@ services: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm image: ${NEXTCLOUD_IMAGE:-nextcloud:25.0.2-fpm-alpine} restart: always - depends_on: - - postgres - - redis volumes: - nextcloud:/var/www/html - /etc/timezone:/etc/timezone:ro @@ -23,11 +22,6 @@ services: NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD?err} OVERWRITEPROTOCOL: ${OVERWRITEPROTOCOL:-https} PHP_UPLOAD_LIMIT: ${PHP_UPLOAD_LIMIT:-512M} - POSTGRES_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8 - POSTGRES_USER: ${POSTGRES_USER:?err} - POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?err} - POSTGRES_DB: ${POSTGRES_DB:?err} - REDIS_HOST: ${REDIS_CONTAINER_NAME:-redis} # Default name is same as ../redis/docker-compose.yml:4 PUID: ${NEXTCLOUD_PUID:-1000} PGID: ${NEXTCLOUD_PGID:-1000} -- 2.40.1 From b516600e506405f4b92fd081c041893be8d4be29 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 5 Feb 2024 14:27:00 +0100 Subject: [PATCH 178/193] feat(Nextcloud): Update nginx template https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html --- nextcloud/web/nextcloud.conf.template | 223 +++++++++++++++----------- 1 file changed, 125 insertions(+), 98 deletions(-) diff --git a/nextcloud/web/nextcloud.conf.template b/nextcloud/web/nextcloud.conf.template index ca15645..cb09b61 100644 --- a/nextcloud/web/nextcloud.conf.template +++ b/nextcloud/web/nextcloud.conf.template @@ -2,64 +2,32 @@ upstream php-handler { server ${NEXTCLOUD_FPM_CONTAINER_NAME}:9000; } +# Set the `immutable` cache control options only for assets with a cache busting `v` argument +map $arg_v $asset_immutable { + "" ""; + default "immutable"; +} + server { listen 80; - # Add headers to serve security related headers - # Before enabling Strict-Transport-Security headers please read into this - # topic first. - #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; - # + # Path to the root of your installation + root /var/www/html; + + # Prevent nginx HTTP Server Detection + server_tokens off; + + # HSTS settings # WARNING: Only add the preload option once you read about # the consequences in https://hstspreload.org/. This option # will add the domain to a hardcoded list that is shipped # in all major browsers and getting removed from this list # could take several months. - add_header Referrer-Policy "no-referrer" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-Download-Options "noopen" always; - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Permitted-Cross-Domain-Policies "none" always; - add_header X-Robots-Tag "none" always; - add_header X-XSS-Protection "1; mode=block" always; + #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always; - # Remove X-Powered-By, which is an information leak - fastcgi_hide_header X-Powered-By; - - # Path to the root of your installation - root /var/www/html; - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # The following 2 rules are only needed for the user_webfinger app. - # Uncomment it if you're planning to use this app. - #rewrite ^/.well-known/host-meta /public.php?service=host-meta last; - #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; - - # The following rule is only needed for the Social app. - # Uncomment it if you're planning to use this app. - #rewrite ^/.well-known/webfinger /public.php?service=webfinger last; - - location = /.well-known/carddav { - return 301 $scheme://$host:$server_port/remote.php/dav; - } - - location = /.well-known/caldav { - return 301 $scheme://$host:$server_port/remote.php/dav; - } - - # location /nginx_status { - # stub_status; - # allow 192.168.1.0/24; #only allow requests from local network - # deny all; #deny all other hosts - # } - - # set max upload size + # set max upload size and increase upload timeout: client_max_body_size 10G; + client_body_timeout 300s; fastcgi_buffers 64 4K; # Enable gzip but do not remove ETag headers @@ -68,78 +36,137 @@ server { gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; - gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; + gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; - # Uncomment if your server is build with the ngx_pagespeed module - # This module is currently not supported. + # Pagespeed is not supported by Nextcloud, so if your server is built + # with the `ngx_pagespeed` module, uncomment this line to disable it. #pagespeed off; - location / { - rewrite ^ /index.php; + # The settings allows you to optimize the HTTP2 bandwidth. + # See https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/ + # for tuning hints + client_body_buffer_size 512k; + + # HTTP response headers borrowed from Nextcloud `.htaccess` + add_header Referrer-Policy "no-referrer" always; + add_header X-Content-Type-Options "nosniff" always; + add_header X-Download-Options "noopen" always; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Permitted-Cross-Domain-Policies "none" always; + add_header X-Robots-Tag "noindex, nofollow" always; + add_header X-XSS-Protection "1; mode=block" always; + + # Remove X-Powered-By, which is an information leak + fastcgi_hide_header X-Powered-By; + + # Add .mjs as a file extension for javascript + # Either include it in the default mime.types list + # or include you can include that list explicitly and add the file extension + # only for Nextcloud like below: + include mime.types; + types { + text/javascript js mjs; } - location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ { - deny all; - } - location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) { - deny all; + # Specify how to handle directories -- specifying `/index.php$request_uri` + # here as the fallback means that Nginx always exhibits the desired behaviour + # when a client requests a path that corresponds to a directory that exists + # on the server. In particular, if that directory contains an index.php file, + # that file is correctly served; if it doesn't, then the request is passed to + # the front-end controller. This consistent behaviour means that we don't need + # to specify custom rules for certain paths (e.g. images and other assets, + # `/updater`, `/ocs-provider`), and thus + # `try_files $uri $uri/ /index.php$request_uri` + # always provides the desired behaviour. + index index.php index.html /index.php$request_uri; + + # Rule borrowed from `.htaccess` to handle Microsoft DAV clients + location = / { + if ( $http_user_agent ~ ^DavClnt ) { + return 302 /remote.php/webdav/$is_args$args; + } } - location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) { - fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Make a regex exception for `/.well-known` so that clients can still + # access it despite the existence of the regex rule + # `location ~ /(\.|autotest|...)` which would otherwise handle requests + # for `/.well-known`. + location ^~ /.well-known { + # The rules in this block are an adaptation of the rules + # in `.htaccess` that concern `/.well-known`. + + location = /.well-known/carddav { return 301 /remote.php/dav/; } + location = /.well-known/caldav { return 301 /remote.php/dav/; } + + location /.well-known/acme-challenge { try_files $uri $uri/ =404; } + location /.well-known/pki-validation { try_files $uri $uri/ =404; } + + # Let Nextcloud's API for `/.well-known` URIs handle all other + # requests by passing them to the front-end controller. + return 301 /index.php$request_uri; + } + + # Rules borrowed from `.htaccess` to hide certain paths from clients + location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; } + location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } + + # Ensure this block, which passes PHP files to the PHP process, is above the blocks + # which handle static assets (as seen below). If this block is not declared first, + # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php` + # to the URI, resulting in a HTTP 500 error response. + location ~ \.php(?:$|/) { + # Required for legacy support + rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri; + + fastcgi_split_path_info ^(.+?\.php)(/.*)$; set $path_info $fastcgi_path_info; + try_files $fastcgi_script_name =404; + include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $path_info; - # fastcgi_param HTTPS on; + fastcgi_param HTTPS on; - # Avoid sending the security headers twice - fastcgi_param modHeadersAvailable true; - - # Enable pretty urls - fastcgi_param front_controller_active true; + fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice + fastcgi_param front_controller_active true; # Enable pretty urls fastcgi_pass php-handler; + fastcgi_intercept_errors on; fastcgi_request_buffering off; + + fastcgi_max_temp_file_size 0; } - location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) { - try_files $uri/ =404; - index index.php; - } - - # Adding the cache control header for js, css and map files - # Make sure it is BELOW the PHP block - location ~ \.(?:css|js|woff2?|svg|gif|map)$ { + # Serve static files + location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ { try_files $uri /index.php$request_uri; - add_header Cache-Control "public, max-age=15778463"; - # Add headers to serve security related headers (It is intended to - # have those duplicated to the ones above) - # Before enabling Strict-Transport-Security headers please read into - # this topic first. - #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; - # - # WARNING: Only add the preload option once you read about - # the consequences in https://hstspreload.org/. This option - # will add the domain to a hardcoded list that is shipped - # in all major browsers and getting removed from this list - # could take several months. - add_header Referrer-Policy "no-referrer" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-Download-Options "noopen" always; - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Permitted-Cross-Domain-Policies "none" always; - add_header X-Robots-Tag "none" always; - add_header X-XSS-Protection "1; mode=block" always; + add_header Cache-Control "public, max-age=15778463, $asset_immutable"; + access_log off; # Optional: Don't log access to assets - # Optional: Don't log access to assets - access_log off; + location ~ \.wasm$ { + default_type application/wasm; + } } - location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ { + location ~ \.woff2?$ { try_files $uri /index.php$request_uri; - # Optional: Don't log access to other assets - access_log off; + expires 7d; # Cache-Control policy borrowed from `.htaccess` + access_log off; # Optional: Don't log access to assets + } + + # Rule borrowed from `.htaccess` + location /remote { + return 301 /remote.php$request_uri; + } + + location / { + try_files $uri $uri/ /index.php$request_uri; } } -- 2.40.1 From 4c2ebac4e7986fc7dde3a6aa383a7222751c7ff4 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 5 Feb 2024 14:27:33 +0100 Subject: [PATCH 179/193] chore(Nextcloud): Upgrade nginx --- nextcloud/web/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/web/Dockerfile b/nextcloud/web/Dockerfile index 345321a..2a96365 100644 --- a/nextcloud/web/Dockerfile +++ b/nextcloud/web/Dockerfile @@ -1,3 +1,3 @@ -FROM nginx:1.23.3-alpine +FROM nginx:1.25.3-alpine COPY nextcloud.conf.template /etc/nginx/templates/default.conf.template -- 2.40.1 From 68820ec8591b02be2e570cdf83c9fa210c640c35 Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 25 Mar 2024 14:18:23 +0100 Subject: [PATCH 180/193] feat(Drone Server): Add external parameter for network --- drone/server/docker-compose.traefik.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/drone/server/docker-compose.traefik.yml b/drone/server/docker-compose.traefik.yml index 47dc794..c154450 100644 --- a/drone/server/docker-compose.traefik.yml +++ b/drone/server/docker-compose.traefik.yml @@ -5,6 +5,7 @@ version: "3.8" networks: default: name: ${TRAEFIK_NETWORK_NAME} + external: true services: drone-server: -- 2.40.1 From 4f3c112404b7f304b2555eb2dff688c52080fe5f Mon Sep 17 00:00:00 2001 From: Simon C Date: Mon, 25 Mar 2024 14:34:59 +0100 Subject: [PATCH 181/193] feat(Docker Compose): Remove obsolete version variable see: https://github.com/docker/compose/issues/11628 --- clickhouse/docker-compose.yml | 2 +- directus/docker-compose.redis.yml | 2 -- directus/docker-compose.smtp.yml | 2 -- directus/docker-compose.traefik.yml | 2 -- directus/docker-compose.yml | 2 -- drone/runner/docker-compose.dashboard.yml | 2 -- drone/runner/docker-compose.local.yml | 2 -- drone/runner/docker-compose.logging.yml | 2 -- drone/runner/docker-compose.traefik.yml | 2 -- drone/runner/docker-compose.yml | 2 -- drone/server/docker-compose.cookie.yml | 2 -- drone/server/docker-compose.gitea.yml | 2 -- drone/server/docker-compose.header.yml | 2 -- drone/server/docker-compose.local.yml | 2 -- drone/server/docker-compose.logging.yml | 2 -- drone/server/docker-compose.postgres.yml | 2 -- drone/server/docker-compose.traefik.yml | 2 -- drone/server/docker-compose.user.yml | 2 -- drone/server/docker-compose.yml | 2 -- geoip/docker-compose.yml | 2 -- geoipupdate/docker-compose.yml | 2 -- gitea/docker-compose.metrics.yml | 2 -- gitea/docker-compose.override.yml | 2 -- gitea/docker-compose.postgres.yml | 2 -- gitea/docker-compose.smtp.yml | 2 -- gitea/docker-compose.traefik.yml | 2 -- gitea/docker-compose.yml | 2 -- grafana/docker-compose.postgres.yml | 2 +- grafana/docker-compose.redis.yml | 2 +- grafana/docker-compose.smtp.yml | 2 +- grafana/docker-compose.traefik.yml | 2 +- grafana/docker-compose.yml | 1 - hedgedoc/docker-compose.traefik.yml | 2 +- hedgedoc/docker-compose.yml | 2 +- listmonk/docker-compose.yml | 2 +- lldap/docker-compose.local.yml | 2 -- lldap/docker-compose.postgres.yml | 2 -- lldap/docker-compose.smtp.yml | 2 -- lldap/docker-compose.traefik.yml | 2 -- lldap/docker-compose.yml | 2 -- mobilizon/docker-compose.local.yml | 2 -- mobilizon/docker-compose.traefik.yml | 2 -- mobilizon/docker-compose.yml | 2 -- nextcloud/docker-compose.config.yml | 2 -- nextcloud/docker-compose.local.yml | 2 -- nextcloud/docker-compose.postgres.yml | 2 -- nextcloud/docker-compose.redis.yml | 2 -- nextcloud/docker-compose.smtp.yml | 2 -- nextcloud/docker-compose.traefik.yml | 2 -- nextcloud/docker-compose.yml | 2 -- plausible/docker-compose.clickhouse.yml | 2 +- plausible/docker-compose.geoip.yml | 2 +- plausible/docker-compose.google.yml | 2 +- plausible/docker-compose.local.yml | 2 +- plausible/docker-compose.smtp.yml | 2 +- plausible/docker-compose.traefik.yml | 2 +- plausible/docker-compose.yml | 2 +- postgres/docker-compose.yml | 2 +- prometheus/docker-compose.traefik.yml | 2 -- redis/docker-compose.yml | 2 +- signaturepdf/docker-compose.traefik.yml | 2 -- signaturepdf/docker-compose.yml | 2 -- traefik/docker-compose.network.yml | 2 +- traefik/docker-compose.ovh.yml | 2 +- traefik/docker-compose.redirect.yml | 2 +- traefik/docker-compose.secure.yml | 2 +- traefik/docker-compose.yml | 2 +- uptimekuma/docker-compose.local.yml | 2 -- uptimekuma/docker-compose.traefik.yml | 2 -- uptimekuma/docker-compose.yml | 2 -- vaultwarden/docker-compose.postgres.yml | 2 -- vaultwarden/docker-compose.smtp.yml | 2 -- vaultwarden/docker-compose.traefik.yml | 2 -- vaultwarden/docker-compose.yml | 2 -- vikunja/docker-compose.local.yml | 2 +- vikunja/docker-compose.prometheus.yml | 2 +- vikunja/docker-compose.redis.yml | 2 +- vikunja/docker-compose.smtp.yml | 2 +- vikunja/docker-compose.traefik.yml | 2 +- vikunja/docker-compose.yml | 2 +- 80 files changed, 28 insertions(+), 131 deletions(-) diff --git a/clickhouse/docker-compose.yml b/clickhouse/docker-compose.yml index f22b192..a1127c8 100644 --- a/clickhouse/docker-compose.yml +++ b/clickhouse/docker-compose.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- volumes: clickhouse: diff --git a/directus/docker-compose.redis.yml b/directus/docker-compose.redis.yml index f71501e..7bd13f4 100644 --- a/directus/docker-compose.redis.yml +++ b/directus/docker-compose.redis.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: directus: environment: diff --git a/directus/docker-compose.smtp.yml b/directus/docker-compose.smtp.yml index 825e198..51a46eb 100644 --- a/directus/docker-compose.smtp.yml +++ b/directus/docker-compose.smtp.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: directus: environment: diff --git a/directus/docker-compose.traefik.yml b/directus/docker-compose.traefik.yml index 8b7fadf..a7327d1 100644 --- a/directus/docker-compose.traefik.yml +++ b/directus/docker-compose.traefik.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} diff --git a/directus/docker-compose.yml b/directus/docker-compose.yml index 6aab188..19c57f8 100644 --- a/directus/docker-compose.yml +++ b/directus/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - volumes: directus: name: ${DIRECTUS_VOLUME_NAME:-directus} diff --git a/drone/runner/docker-compose.dashboard.yml b/drone/runner/docker-compose.dashboard.yml index 4448db6..362642f 100644 --- a/drone/runner/docker-compose.dashboard.yml +++ b/drone/runner/docker-compose.dashboard.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - # https://docs.drone.io/runner/docker/configuration/dashboard/ services: diff --git a/drone/runner/docker-compose.local.yml b/drone/runner/docker-compose.local.yml index 59c143a..20bfed4 100644 --- a/drone/runner/docker-compose.local.yml +++ b/drone/runner/docker-compose.local.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: drone-runner: ports: diff --git a/drone/runner/docker-compose.logging.yml b/drone/runner/docker-compose.logging.yml index 0d717ae..3183469 100644 --- a/drone/runner/docker-compose.logging.yml +++ b/drone/runner/docker-compose.logging.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - # https://docs.drone.io/runner/docker/configuration/logging/ services: diff --git a/drone/runner/docker-compose.traefik.yml b/drone/runner/docker-compose.traefik.yml index 29ca771..8d07ca1 100644 --- a/drone/runner/docker-compose.traefik.yml +++ b/drone/runner/docker-compose.traefik.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - networks: default: name: ${TRAEFIK_NETWORK_NAME} diff --git a/drone/runner/docker-compose.yml b/drone/runner/docker-compose.yml index fcfd73b..431ea6b 100644 --- a/drone/runner/docker-compose.yml +++ b/drone/runner/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - # https://docs.drone.io/runner/docker/installation/linux/ services: diff --git a/drone/server/docker-compose.cookie.yml b/drone/server/docker-compose.cookie.yml index 99736ba..fed88c8 100644 --- a/drone/server/docker-compose.cookie.yml +++ b/drone/server/docker-compose.cookie.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - # https://docs.drone.io/server/cookie/ services: diff --git a/drone/server/docker-compose.gitea.yml b/drone/server/docker-compose.gitea.yml index 9ca4760..f6e29ec 100644 --- a/drone/server/docker-compose.gitea.yml +++ b/drone/server/docker-compose.gitea.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - # https://docs.drone.io/server/provider/gitea/ services: diff --git a/drone/server/docker-compose.header.yml b/drone/server/docker-compose.header.yml index 3607c71..120b3b9 100644 --- a/drone/server/docker-compose.header.yml +++ b/drone/server/docker-compose.header.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - # https://docs.drone.io/server/headers/ services: diff --git a/drone/server/docker-compose.local.yml b/drone/server/docker-compose.local.yml index 06436db..9f8780b 100644 --- a/drone/server/docker-compose.local.yml +++ b/drone/server/docker-compose.local.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: drone-server: ports: diff --git a/drone/server/docker-compose.logging.yml b/drone/server/docker-compose.logging.yml index 62cc675..6a81993 100644 --- a/drone/server/docker-compose.logging.yml +++ b/drone/server/docker-compose.logging.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - # https://docs.drone.io/server/logging/ services: diff --git a/drone/server/docker-compose.postgres.yml b/drone/server/docker-compose.postgres.yml index c7e2be2..79c88a2 100644 --- a/drone/server/docker-compose.postgres.yml +++ b/drone/server/docker-compose.postgres.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - # https://docs.drone.io/server/storage/database/ # https://docs.drone.io/server/storage/encryption/ diff --git a/drone/server/docker-compose.traefik.yml b/drone/server/docker-compose.traefik.yml index c154450..45a4def 100644 --- a/drone/server/docker-compose.traefik.yml +++ b/drone/server/docker-compose.traefik.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - networks: default: name: ${TRAEFIK_NETWORK_NAME} diff --git a/drone/server/docker-compose.user.yml b/drone/server/docker-compose.user.yml index c4244e2..a5d72be 100644 --- a/drone/server/docker-compose.user.yml +++ b/drone/server/docker-compose.user.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - # https://docs.drone.io/server/user/registration/ services: diff --git a/drone/server/docker-compose.yml b/drone/server/docker-compose.yml index ae49725..1fdbbd1 100644 --- a/drone/server/docker-compose.yml +++ b/drone/server/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - volumes: drone-server: name: ${DRONE_SERVER_VOLUME_NAME:-drone-server} diff --git a/geoip/docker-compose.yml b/geoip/docker-compose.yml index a9b25bb..1f65f75 100644 --- a/geoip/docker-compose.yml +++ b/geoip/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - volumes: geoip: name: ${GEOIP_VOLUME_NAME:-geoip} diff --git a/geoipupdate/docker-compose.yml b/geoipupdate/docker-compose.yml index 9e83d1e..84c9f0a 100644 --- a/geoipupdate/docker-compose.yml +++ b/geoipupdate/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - volumes: geoipupdate: name: ${GEOIPUPDATE_VOLUME_NAME:-geoipupdate} diff --git a/gitea/docker-compose.metrics.yml b/gitea/docker-compose.metrics.yml index 61c7a80..8def4a0 100644 --- a/gitea/docker-compose.metrics.yml +++ b/gitea/docker-compose.metrics.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: gitea: environment: diff --git a/gitea/docker-compose.override.yml b/gitea/docker-compose.override.yml index 0c78b23..f5902e7 100644 --- a/gitea/docker-compose.override.yml +++ b/gitea/docker-compose.override.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: gitea: ports: diff --git a/gitea/docker-compose.postgres.yml b/gitea/docker-compose.postgres.yml index e07d1d5..ec2615e 100644 --- a/gitea/docker-compose.postgres.yml +++ b/gitea/docker-compose.postgres.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: gitea: environment: diff --git a/gitea/docker-compose.smtp.yml b/gitea/docker-compose.smtp.yml index c05ac16..c584eab 100644 --- a/gitea/docker-compose.smtp.yml +++ b/gitea/docker-compose.smtp.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: gitea: environment: diff --git a/gitea/docker-compose.traefik.yml b/gitea/docker-compose.traefik.yml index 4ebea4c..e9e1175 100644 --- a/gitea/docker-compose.traefik.yml +++ b/gitea/docker-compose.traefik.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 6b899d5..3443d45 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - volumes: gitea: name: ${GITEA_VOLUME_NAME:-gitea} diff --git a/grafana/docker-compose.postgres.yml b/grafana/docker-compose.postgres.yml index 2958291..391c2b0 100644 --- a/grafana/docker-compose.postgres.yml +++ b/grafana/docker-compose.postgres.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- services: grafana: diff --git a/grafana/docker-compose.redis.yml b/grafana/docker-compose.redis.yml index 1e0d881..3484da3 100644 --- a/grafana/docker-compose.redis.yml +++ b/grafana/docker-compose.redis.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- services: grafana: diff --git a/grafana/docker-compose.smtp.yml b/grafana/docker-compose.smtp.yml index 5648c3e..45ab19d 100644 --- a/grafana/docker-compose.smtp.yml +++ b/grafana/docker-compose.smtp.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- services: grafana: diff --git a/grafana/docker-compose.traefik.yml b/grafana/docker-compose.traefik.yml index faa651c..4ffb84c 100644 --- a/grafana/docker-compose.traefik.yml +++ b/grafana/docker-compose.traefik.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- networks: default: diff --git a/grafana/docker-compose.yml b/grafana/docker-compose.yml index 88aa1f9..4efaac5 100644 --- a/grafana/docker-compose.yml +++ b/grafana/docker-compose.yml @@ -1,5 +1,4 @@ --- -version: "3.8" volumes: grafana: diff --git a/hedgedoc/docker-compose.traefik.yml b/hedgedoc/docker-compose.traefik.yml index db879db..d114d68 100644 --- a/hedgedoc/docker-compose.traefik.yml +++ b/hedgedoc/docker-compose.traefik.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- networks: default: diff --git a/hedgedoc/docker-compose.yml b/hedgedoc/docker-compose.yml index 204d0a2..e569ab9 100644 --- a/hedgedoc/docker-compose.yml +++ b/hedgedoc/docker-compose.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- volumes: hedgedoc: diff --git a/listmonk/docker-compose.yml b/listmonk/docker-compose.yml index 61f1f65..6edcd63 100644 --- a/listmonk/docker-compose.yml +++ b/listmonk/docker-compose.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- networks: default: diff --git a/lldap/docker-compose.local.yml b/lldap/docker-compose.local.yml index b18217b..91c06f6 100644 --- a/lldap/docker-compose.local.yml +++ b/lldap/docker-compose.local.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: lldap: ports: diff --git a/lldap/docker-compose.postgres.yml b/lldap/docker-compose.postgres.yml index cb017f8..8778a34 100644 --- a/lldap/docker-compose.postgres.yml +++ b/lldap/docker-compose.postgres.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: lldap: environment: diff --git a/lldap/docker-compose.smtp.yml b/lldap/docker-compose.smtp.yml index e88e694..bdcdcac 100644 --- a/lldap/docker-compose.smtp.yml +++ b/lldap/docker-compose.smtp.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: lldap: environment: diff --git a/lldap/docker-compose.traefik.yml b/lldap/docker-compose.traefik.yml index b185bea..35cb3a6 100644 --- a/lldap/docker-compose.traefik.yml +++ b/lldap/docker-compose.traefik.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} diff --git a/lldap/docker-compose.yml b/lldap/docker-compose.yml index 31d7a44..97c4194 100644 --- a/lldap/docker-compose.yml +++ b/lldap/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - volumes: lldap: name: ${LLDAP_VOLUME_NAME:-lldap} diff --git a/mobilizon/docker-compose.local.yml b/mobilizon/docker-compose.local.yml index 4cd53ce..89c5c94 100644 --- a/mobilizon/docker-compose.local.yml +++ b/mobilizon/docker-compose.local.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: mobilizon: ports: diff --git a/mobilizon/docker-compose.traefik.yml b/mobilizon/docker-compose.traefik.yml index 2341a7f..ec15cf0 100644 --- a/mobilizon/docker-compose.traefik.yml +++ b/mobilizon/docker-compose.traefik.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} diff --git a/mobilizon/docker-compose.yml b/mobilizon/docker-compose.yml index 7a29ec5..900773f 100644 --- a/mobilizon/docker-compose.yml +++ b/mobilizon/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - volumes: mobilizon: name: ${MOBILIZON_VOLUME_NAME:-mobilizon} diff --git a/nextcloud/docker-compose.config.yml b/nextcloud/docker-compose.config.yml index 2dfecac..f7ab652 100644 --- a/nextcloud/docker-compose.config.yml +++ b/nextcloud/docker-compose.config.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: nextcloud-fpm: environment: diff --git a/nextcloud/docker-compose.local.yml b/nextcloud/docker-compose.local.yml index 7a6ea13..546fac8 100644 --- a/nextcloud/docker-compose.local.yml +++ b/nextcloud/docker-compose.local.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: nextcloud-web: ports: diff --git a/nextcloud/docker-compose.postgres.yml b/nextcloud/docker-compose.postgres.yml index 1bf8b14..591840d 100644 --- a/nextcloud/docker-compose.postgres.yml +++ b/nextcloud/docker-compose.postgres.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: nextcloud-fpm: depends_on: diff --git a/nextcloud/docker-compose.redis.yml b/nextcloud/docker-compose.redis.yml index 7f7be97..85372d2 100644 --- a/nextcloud/docker-compose.redis.yml +++ b/nextcloud/docker-compose.redis.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: nextcloud-fpm: depends_on: diff --git a/nextcloud/docker-compose.smtp.yml b/nextcloud/docker-compose.smtp.yml index 40c1a15..0af1424 100644 --- a/nextcloud/docker-compose.smtp.yml +++ b/nextcloud/docker-compose.smtp.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: nextcloud-fpm: environment: diff --git a/nextcloud/docker-compose.traefik.yml b/nextcloud/docker-compose.traefik.yml index f383350..58110b6 100644 --- a/nextcloud/docker-compose.traefik.yml +++ b/nextcloud/docker-compose.traefik.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 23eb63a..7b8f8ad 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - volumes: nextcloud: name: ${NEXTCLOUD_VOLUME_NAME:-nextcloud} diff --git a/plausible/docker-compose.clickhouse.yml b/plausible/docker-compose.clickhouse.yml index 443d044..17b5762 100644 --- a/plausible/docker-compose.clickhouse.yml +++ b/plausible/docker-compose.clickhouse.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- services: clickhouse: diff --git a/plausible/docker-compose.geoip.yml b/plausible/docker-compose.geoip.yml index 6c9fe71..08058f6 100644 --- a/plausible/docker-compose.geoip.yml +++ b/plausible/docker-compose.geoip.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- services: plausible: diff --git a/plausible/docker-compose.google.yml b/plausible/docker-compose.google.yml index dfb4c6c..71aa80d 100644 --- a/plausible/docker-compose.google.yml +++ b/plausible/docker-compose.google.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- services: plausible: diff --git a/plausible/docker-compose.local.yml b/plausible/docker-compose.local.yml index f1ceb7f..7a1b076 100644 --- a/plausible/docker-compose.local.yml +++ b/plausible/docker-compose.local.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- services: plausible: diff --git a/plausible/docker-compose.smtp.yml b/plausible/docker-compose.smtp.yml index fc0dea5..d95284e 100644 --- a/plausible/docker-compose.smtp.yml +++ b/plausible/docker-compose.smtp.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- services: plausible: diff --git a/plausible/docker-compose.traefik.yml b/plausible/docker-compose.traefik.yml index 206c221..91cc910 100644 --- a/plausible/docker-compose.traefik.yml +++ b/plausible/docker-compose.traefik.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- networks: default: diff --git a/plausible/docker-compose.yml b/plausible/docker-compose.yml index 1834df3..931402a 100644 --- a/plausible/docker-compose.yml +++ b/plausible/docker-compose.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- volumes: plausible: diff --git a/postgres/docker-compose.yml b/postgres/docker-compose.yml index 44e7d0a..0b5a70c 100644 --- a/postgres/docker-compose.yml +++ b/postgres/docker-compose.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- volumes: postgres: diff --git a/prometheus/docker-compose.traefik.yml b/prometheus/docker-compose.traefik.yml index f3c4cf5..d857aea 100644 --- a/prometheus/docker-compose.traefik.yml +++ b/prometheus/docker-compose.traefik.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} diff --git a/redis/docker-compose.yml b/redis/docker-compose.yml index cb0bd58..427c7fa 100644 --- a/redis/docker-compose.yml +++ b/redis/docker-compose.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- volumes: redis: diff --git a/signaturepdf/docker-compose.traefik.yml b/signaturepdf/docker-compose.traefik.yml index 4970dd8..7597054 100644 --- a/signaturepdf/docker-compose.traefik.yml +++ b/signaturepdf/docker-compose.traefik.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} diff --git a/signaturepdf/docker-compose.yml b/signaturepdf/docker-compose.yml index 1a32b7e..a4cb103 100644 --- a/signaturepdf/docker-compose.yml +++ b/signaturepdf/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - volumes: signaturepdf: name: ${SIGNATUREPDF_VOLUME_NAME:-signaturepdf} diff --git a/traefik/docker-compose.network.yml b/traefik/docker-compose.network.yml index dd2f831..264ae51 100644 --- a/traefik/docker-compose.network.yml +++ b/traefik/docker-compose.network.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- networks: default: diff --git a/traefik/docker-compose.ovh.yml b/traefik/docker-compose.ovh.yml index e7889bc..5a0a2fd 100644 --- a/traefik/docker-compose.ovh.yml +++ b/traefik/docker-compose.ovh.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- services: traefik: diff --git a/traefik/docker-compose.redirect.yml b/traefik/docker-compose.redirect.yml index c180a29..6923bf8 100644 --- a/traefik/docker-compose.redirect.yml +++ b/traefik/docker-compose.redirect.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- services: traefik: diff --git a/traefik/docker-compose.secure.yml b/traefik/docker-compose.secure.yml index 2c46a2f..cd564c1 100644 --- a/traefik/docker-compose.secure.yml +++ b/traefik/docker-compose.secure.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- networks: default: diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 52f68fb..314fdda 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- volumes: traefik: diff --git a/uptimekuma/docker-compose.local.yml b/uptimekuma/docker-compose.local.yml index 7a90473..5661926 100644 --- a/uptimekuma/docker-compose.local.yml +++ b/uptimekuma/docker-compose.local.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: uptimekuma: ports: diff --git a/uptimekuma/docker-compose.traefik.yml b/uptimekuma/docker-compose.traefik.yml index 47c2230..a6f2823 100644 --- a/uptimekuma/docker-compose.traefik.yml +++ b/uptimekuma/docker-compose.traefik.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} diff --git a/uptimekuma/docker-compose.yml b/uptimekuma/docker-compose.yml index 8a087de..0f43d0c 100644 --- a/uptimekuma/docker-compose.yml +++ b/uptimekuma/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - volumes: uptimekuma: name: ${UPTIMEKUMA_VOLUME_NAME:-uptimekuma} diff --git a/vaultwarden/docker-compose.postgres.yml b/vaultwarden/docker-compose.postgres.yml index 58e2bf7..10acac6 100644 --- a/vaultwarden/docker-compose.postgres.yml +++ b/vaultwarden/docker-compose.postgres.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: vaultwarden: depends_on: diff --git a/vaultwarden/docker-compose.smtp.yml b/vaultwarden/docker-compose.smtp.yml index 21ca579..aba1ab7 100644 --- a/vaultwarden/docker-compose.smtp.yml +++ b/vaultwarden/docker-compose.smtp.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - services: vaultwarden: environment: diff --git a/vaultwarden/docker-compose.traefik.yml b/vaultwarden/docker-compose.traefik.yml index 16a23fc..bd79fa1 100644 --- a/vaultwarden/docker-compose.traefik.yml +++ b/vaultwarden/docker-compose.traefik.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - networks: default: name: ${TRAEFIK_NETWORK_NAME:-traefik} diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index 97553ca..80932c6 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -1,7 +1,5 @@ --- -version: "3.8" - volumes: vaultwarden: name: ${VAULTWARDEN_VOLUME_NAME:-vaultwarden} diff --git a/vikunja/docker-compose.local.yml b/vikunja/docker-compose.local.yml index dbfbc28..ffa0d69 100644 --- a/vikunja/docker-compose.local.yml +++ b/vikunja/docker-compose.local.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- services: vikunja_api: diff --git a/vikunja/docker-compose.prometheus.yml b/vikunja/docker-compose.prometheus.yml index 219ce35..7233311 100644 --- a/vikunja/docker-compose.prometheus.yml +++ b/vikunja/docker-compose.prometheus.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- # https://vikunja.io/docs/config-options/#metrics diff --git a/vikunja/docker-compose.redis.yml b/vikunja/docker-compose.redis.yml index 72289d6..3c1d9ef 100644 --- a/vikunja/docker-compose.redis.yml +++ b/vikunja/docker-compose.redis.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- # https://vikunja.io/docs/config-options/#redis diff --git a/vikunja/docker-compose.smtp.yml b/vikunja/docker-compose.smtp.yml index c9f98c2..2a1c20f 100644 --- a/vikunja/docker-compose.smtp.yml +++ b/vikunja/docker-compose.smtp.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- # https://vikunja.io/docs/config-options/#mailer diff --git a/vikunja/docker-compose.traefik.yml b/vikunja/docker-compose.traefik.yml index 8ba220e..22b7783 100644 --- a/vikunja/docker-compose.traefik.yml +++ b/vikunja/docker-compose.traefik.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- networks: default: diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml index 97d05ec..986273e 100644 --- a/vikunja/docker-compose.yml +++ b/vikunja/docker-compose.yml @@ -1,4 +1,4 @@ -version: "3.8" +--- # https://vikunja.io/docs/config-options # https://vikunja.io/docs/full-docker-example/ -- 2.40.1 From ec039c44749e88bfa92579967a703bacc472632e Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 29 Mar 2024 17:38:38 +0100 Subject: [PATCH 182/193] feat(Nextcloud): Update default value of SMTP --- nextcloud/docker-compose.smtp.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud/docker-compose.smtp.yml b/nextcloud/docker-compose.smtp.yml index 0af1424..0f06d77 100644 --- a/nextcloud/docker-compose.smtp.yml +++ b/nextcloud/docker-compose.smtp.yml @@ -5,8 +5,8 @@ services: environment: &smtp-configuration SMTP_HOST: ${SMTP_HOST:?err} - SMTP_SECURE: ${SMTP_SECURE:-ssl} - SMTP_PORT: ${SMTP_PORT:-465} + SMTP_SECURE: ${SMTP_SECURE:-} + SMTP_PORT: ${SMTP_PORT:-587} SMTP_AUTHTYPE: ${SMTP_AUTHTYPE:-LOGIN} SMTP_NAME: ${SMTP_NAME:?err} SMTP_PASSWORD: ${SMTP_PASSWORD:?err} -- 2.40.1 From e24754bc44d939d04dfdd6e5ea8a4bbc5ed90a30 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 31 Jul 2024 10:29:04 +0200 Subject: [PATCH 183/193] feat(SignaturePDF): Add Traefik entrypoints variable --- signaturepdf/docker-compose.traefik.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/signaturepdf/docker-compose.traefik.yml b/signaturepdf/docker-compose.traefik.yml index 7597054..8c6d75f 100644 --- a/signaturepdf/docker-compose.traefik.yml +++ b/signaturepdf/docker-compose.traefik.yml @@ -11,4 +11,4 @@ services: - traefik.enable=true - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.rule=Host(`${SIGNATUREPDF_DOMAIN:?err}`) - - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.entrypoints=web + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} -- 2.40.1 From 532c0a9c7b4b8e31bf2050a317b3e33476d6c710 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 31 Jul 2024 10:33:26 +0200 Subject: [PATCH 184/193] feat(SignaturePDF): Add default language variable --- signaturepdf/docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/signaturepdf/docker-compose.yml b/signaturepdf/docker-compose.yml index a4cb103..c98fd46 100644 --- a/signaturepdf/docker-compose.yml +++ b/signaturepdf/docker-compose.yml @@ -19,3 +19,4 @@ services: PDF_STORAGE_PATH: ${PDF_STORAGE_PATH} DISABLE_ORGANIZATION: ${DISABLE_ORGANIZATION} PDF_DEMO_LINK: ${PDF_DEMO_LINK} + DEFAULT_LANGUAGE: ${DEFAULT_LANGUAGE:-fr_FR.UTF-8} -- 2.40.1 From f4d72bff1203b696a9ac6d55f2b34d4d0a0feab5 Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 31 Jul 2024 10:34:02 +0200 Subject: [PATCH 185/193] feat(SignaturePDF): Add default variable for # Installation variable --- signaturepdf/docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/signaturepdf/docker-compose.yml b/signaturepdf/docker-compose.yml index c98fd46..807b7ce 100644 --- a/signaturepdf/docker-compose.yml +++ b/signaturepdf/docker-compose.yml @@ -20,3 +20,4 @@ services: DISABLE_ORGANIZATION: ${DISABLE_ORGANIZATION} PDF_DEMO_LINK: ${PDF_DEMO_LINK} DEFAULT_LANGUAGE: ${DEFAULT_LANGUAGE:-fr_FR.UTF-8} + PDF_STORAGE_ENCRYPTION: ${PDF_STORAGE_ENCRYPTION:-true} -- 2.40.1 From fad68813ae5b14cda24d4178eef60428a288ac1d Mon Sep 17 00:00:00 2001 From: Simon C Date: Wed, 31 Jul 2024 10:44:57 +0200 Subject: [PATCH 186/193] feat(SignaturePDF): Add Traefik redirection --- signaturepdf/docker-compose.traefik.https.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 signaturepdf/docker-compose.traefik.https.yml diff --git a/signaturepdf/docker-compose.traefik.https.yml b/signaturepdf/docker-compose.traefik.https.yml new file mode 100644 index 0000000..1f58dcf --- /dev/null +++ b/signaturepdf/docker-compose.traefik.https.yml @@ -0,0 +1,11 @@ +--- +services: + signaturepdf: + labels: + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}.tls.certResolver=letsencrypt + # redirect HTTP to HTTPS + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.rule=Host(`${SIGNATUREPDF_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.entrypoints=web + - traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https.redirectscheme.scheme=https + - traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https.redirectscheme.permanent=true + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-signaturepdf}_http.middlewares=${TRAEFIK_ROUTER_NAME:-signaturepdf}_redirect_https -- 2.40.1 From 3f2a4b78fbbd31f2531542d47b402ae4e9f33da1 Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 1 Aug 2024 15:34:58 +0200 Subject: [PATCH 187/193] feat(Vaultwarden): Ajout d'une configuration de Traefik pour redirection automatique HTTP --- vaultwarden/docker-compose.traefik.https.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 vaultwarden/docker-compose.traefik.https.yml diff --git a/vaultwarden/docker-compose.traefik.https.yml b/vaultwarden/docker-compose.traefik.https.yml new file mode 100644 index 0000000..9c6a818 --- /dev/null +++ b/vaultwarden/docker-compose.traefik.https.yml @@ -0,0 +1,12 @@ +--- + +services: + vaultwarden: + labels: + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.tls.certResolver=letsencrypt + # redirect HTTP to HTTPS + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.rule=Host(`${VAULTWARDEN_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.entrypoints=web + - traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https.redirectscheme.scheme=https + - traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https.redirectscheme.permanent=true + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.middlewares=${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https -- 2.40.1 From 2630301d58fa6a95612f87cabe0a03414f190c4b Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 1 Aug 2024 15:51:30 +0200 Subject: [PATCH 188/193] feat(Vaultwarden): Ajout de documentation pour la traduction des mails --- vaultwarden/README.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/vaultwarden/README.md b/vaultwarden/README.md index b799a9d..8455a1f 100644 --- a/vaultwarden/README.md +++ b/vaultwarden/README.md @@ -10,6 +10,20 @@ Toutes les variables de configuration du service sont disponibles à [cette adre [Les clients de Bitwarden](https://bitwarden.com/#download) sont compatibles avec le serveur. +## Ajout des mails en Français + +Il est possible de [traduire les mails](https://github.com/dani-garcia/vaultwarden/wiki/Translating-the-email-templates). + +``` +. .env +cd /var/lib/docker/volumes/${VAULTWARDEN_VOLUME_NAME}/_data/ +mkdir templates && cd templates +wget https://github.com/YoanSimco/vaultwarden-lang-fr/archive/refs/heads/main.zip +unzip main.zip +mv vaultwarden-lang-fr/email . +rm vaultwarden-lang-fr-main/ main.zip -rf +``` + ## Liens - [Documentation][documentation] -- 2.40.1 From 78300c3bf4f7ad282c86519677ebac44bfaf7653 Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 1 Aug 2024 15:52:05 +0200 Subject: [PATCH 189/193] feat(Vaultwarden): Ajout de variable de configuration du service --- vaultwarden/docker-compose.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index 80932c6..8edc19c 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -12,9 +12,14 @@ services: environment: ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err} DOMAIN: https://${VAULTWARDEN_DOMAIN:?err} + SENDS_ALLOWED: ${SENDS_ALLOWED:-true} + TRASH_AUTO_DELETE_DAYS: ${TRASH_AUTO_DELETE_DAYS:-} + DISABLE_ICON_DOWNLOAD: ${DISABLE_ICON_DOWNLOAD:-false} + SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true} + SIGNUPS_VERIFY: ${SIGNUPS_VERIFY:-false} + SIGNUPS_DOMAINS_WHITELIST: ${SIGNUPS_DOMAINS_WHITELIST:-} INVITATION_ORG_NAME: ${VAULTWARDEN_INVITATION_ORG_NAME:-Vaultwarden} LOG_LEVEL: ${VAULTWARDEN_LOG_LEVEL:-Info} - SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true} volumes: - vaultwarden:/data - /etc/timezone:/etc/timezone:ro -- 2.40.1 From b2509bfd6774b6db6ca2d64d4f9822024ed45162 Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 1 Aug 2024 15:57:07 +0200 Subject: [PATCH 190/193] feat(Vaultwarden): Ajout de la configuration SSO --- vaultwarden/docker-compose.sso.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 vaultwarden/docker-compose.sso.yml diff --git a/vaultwarden/docker-compose.sso.yml b/vaultwarden/docker-compose.sso.yml new file mode 100644 index 0000000..939ebff --- /dev/null +++ b/vaultwarden/docker-compose.sso.yml @@ -0,0 +1,25 @@ +--- + +services: + vaultwarden: + environment: + SSO_ENABLED: ${SSO_ENABLED:-true} + SSO_ONLY: ${SSO_ONLY:-true} + SSO_SIGNUPS_MATCH_EMAIL: ${SSO_SIGNUPS_MATCH_EMAIL:-true} + SSO_AUTHORITY: ${SSO_AUTHORITY} + SSO_SCOPES: ${SSO_SCOPES:-email groups profile offline_access} + SSO_AUTHORIZE_EXTRA_PARAMS: ${SSO_AUTHORIZE_EXTRA_PARAMS:-} + SSO_PKCE: ${SSO_PKCE:-false} + SSO_CLIENT_ID: ${SSO_CLIENT_ID} + SSO_CLIENT_SECRET: ${SSO_CLIENT_SECRET} + SSO_MASTER_PASSWORD_POLICY: ${SSO_MASTER_PASSWORD_POLICY:-} + SSO_AUTH_ONLY_NOT_SESSION: ${SSO_AUTH_ONLY_NOT_SESSION:-false} + SSO_CLIENT_CACHE_EXPIRATION: ${SSO_CLIENT_CACHE_EXPIRATION:-0} + SSO_DEBUG_TOKENS: ${SSO_DEBUG_TOKENS:-false} + + SSO_FRONTEND: ${SSO_FRONTEND:-override} + SSO_EXPERIMENTAL_NO_MASTER_PWD: ${SSO_EXPERIMENTAL_NO_MASTER_PWD:-false} + SSO_ROLES_ENABLED: ${SSO_ROLES_ENABLED:-false} + SSO_ROLES_DEFAULT_TO_USER: ${SSO_ROLES_DEFAULT_TO_USER:-false} + + SSO_ORGANIZATIONS_INVITE: ${SSO_ORGANIZATIONS_INVITE:-false} -- 2.40.1 From d9653fc21557bc5d07b36f7159d679c2e88a9c49 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 2 Aug 2024 16:52:20 +0200 Subject: [PATCH 191/193] feat(Vaultwarden): Remove experimental configuration --- vaultwarden/docker-compose.sso.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vaultwarden/docker-compose.sso.yml b/vaultwarden/docker-compose.sso.yml index 939ebff..07005ca 100644 --- a/vaultwarden/docker-compose.sso.yml +++ b/vaultwarden/docker-compose.sso.yml @@ -12,13 +12,13 @@ services: SSO_PKCE: ${SSO_PKCE:-false} SSO_CLIENT_ID: ${SSO_CLIENT_ID} SSO_CLIENT_SECRET: ${SSO_CLIENT_SECRET} - SSO_MASTER_PASSWORD_POLICY: ${SSO_MASTER_PASSWORD_POLICY:-} + # SSO_MASTER_PASSWORD_POLICY: ${SSO_MASTER_PASSWORD_POLICY:-} SSO_AUTH_ONLY_NOT_SESSION: ${SSO_AUTH_ONLY_NOT_SESSION:-false} SSO_CLIENT_CACHE_EXPIRATION: ${SSO_CLIENT_CACHE_EXPIRATION:-0} SSO_DEBUG_TOKENS: ${SSO_DEBUG_TOKENS:-false} SSO_FRONTEND: ${SSO_FRONTEND:-override} - SSO_EXPERIMENTAL_NO_MASTER_PWD: ${SSO_EXPERIMENTAL_NO_MASTER_PWD:-false} + # SSO_EXPERIMENTAL_NO_MASTER_PWD: ${SSO_EXPERIMENTAL_NO_MASTER_PWD:-false} SSO_ROLES_ENABLED: ${SSO_ROLES_ENABLED:-false} SSO_ROLES_DEFAULT_TO_USER: ${SSO_ROLES_DEFAULT_TO_USER:-false} -- 2.40.1 From e2931630c6c44f24dc66e231230bb1a659b3be98 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 1 Oct 2024 10:49:32 +0200 Subject: [PATCH 192/193] feat(Vaultwarden): Change domain variable --- vaultwarden/.env | 2 +- vaultwarden/docker-compose.traefik.https.yml | 2 +- vaultwarden/docker-compose.traefik.yml | 2 +- vaultwarden/docker-compose.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/vaultwarden/.env b/vaultwarden/.env index 0c01add..d2ad988 100644 --- a/vaultwarden/.env +++ b/vaultwarden/.env @@ -9,7 +9,7 @@ COMPOSE_FILE=${SERVICES_DIR}/vaultwarden/docker-compose.yml #VAULTWARDEN_IMAGE= #VAULTWARDEN_VOLUME_NAME= -VAULTWARDEN_DOMAIN=vaultwarden.local +SERVICE_DOMAIN=vaultwarden.local #VAULTWARDEN_LOG_LEVEL= #VAULTWARDEN_SIGNUPS_ALLOWED=false diff --git a/vaultwarden/docker-compose.traefik.https.yml b/vaultwarden/docker-compose.traefik.https.yml index 9c6a818..49dc32d 100644 --- a/vaultwarden/docker-compose.traefik.https.yml +++ b/vaultwarden/docker-compose.traefik.https.yml @@ -5,7 +5,7 @@ services: labels: - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.tls.certResolver=letsencrypt # redirect HTTP to HTTPS - - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.rule=Host(`${VAULTWARDEN_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.rule=Host(`${SERVICE_DOMAIN:?err}`) - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}_http.entrypoints=web - traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https.redirectscheme.scheme=https - traefik.http.middlewares.${TRAEFIK_ROUTER_NAME:-vaultwarden}_redirect_https.redirectscheme.permanent=true diff --git a/vaultwarden/docker-compose.traefik.yml b/vaultwarden/docker-compose.traefik.yml index bd79fa1..96451f6 100644 --- a/vaultwarden/docker-compose.traefik.yml +++ b/vaultwarden/docker-compose.traefik.yml @@ -10,5 +10,5 @@ services: labels: - traefik.enable=true - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} - - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.rule=Host(`${VAULTWARDEN_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.rule=Host(`${SERVICE_DOMAIN:?err}`) - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} \ No newline at end of file diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index 8edc19c..d2fd38e 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -11,7 +11,7 @@ services: restart: always environment: ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err} - DOMAIN: https://${VAULTWARDEN_DOMAIN:?err} + DOMAIN: https://${SERVICE_DOMAIN:?err} SENDS_ALLOWED: ${SENDS_ALLOWED:-true} TRASH_AUTO_DELETE_DAYS: ${TRASH_AUTO_DELETE_DAYS:-} DISABLE_ICON_DOWNLOAD: ${DISABLE_ICON_DOWNLOAD:-false} -- 2.40.1 From a5b7aca9b79c9d353b1627cb446fae88cf02fd70 Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 17 Oct 2024 14:13:47 +0200 Subject: [PATCH 193/193] =?UTF-8?q?feat(LLDAP):=20Utilisation=20de=20la=20?= =?UTF-8?q?nouvelle=20variable=20plus=20g=C3=A9n=C3=A9ric?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lldap/.env | 2 +- lldap/docker-compose.traefik.yml | 4 ++-- lldap/docker-compose.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lldap/.env b/lldap/.env index d254f6c..512f22f 100644 --- a/lldap/.env +++ b/lldap/.env @@ -8,7 +8,7 @@ COMPOSE_FILE=${SERVICES_DIR}/lldap/docker-compose.yml:${SERVICES_DIR}/lldap/dock ####### # LLDAP -LLDAP_DOMAIN=lldap.cool.life +SERVICE_DOMAIN=lldap.cool.life LLDAP_VOLUME_NAME=lldap_cool_life LLDAP_CONTAINER_NAME=lldap_cool_life LLDAP_IMAGE=nitnelave/lldap:v0.4.3 diff --git a/lldap/docker-compose.traefik.yml b/lldap/docker-compose.traefik.yml index 35cb3a6..e062d02 100644 --- a/lldap/docker-compose.traefik.yml +++ b/lldap/docker-compose.traefik.yml @@ -10,13 +10,13 @@ services: labels: - traefik.enable=true - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} - - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=Host(`${LLDAP_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=Host(`${SERVICE_DOMAIN:?err}`) - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} # - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-lldap}.tls.certResolver=letsencrypt - traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=17170 - traefik.http.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.scheme=http # https://github.com/lldap/lldap/issues/247#issuecomment-1489962511 - # - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=HostSNI(`${LLDAP_DOMAIN:?err}`) + # - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.rule=HostSNI(`${SERVICE_DOMAIN:?err}`) # - traefik.tcp.routers.${TRAEFIK_ROUTER_NAME:-lldap}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} # - traefik.tcp.services.${TRAEFIK_ROUTER_NAME:-lldap}.loadbalancer.server.port=3890 diff --git a/lldap/docker-compose.yml b/lldap/docker-compose.yml index 97c4194..798c37c 100644 --- a/lldap/docker-compose.yml +++ b/lldap/docker-compose.yml @@ -16,7 +16,7 @@ services: - LLDAP_VERBOSE=${LLDAP_VERBOSE:-false} - LLDAP_JWT_SECRET=${LLDAP_JWT_SECRET:?err} - - LLDAP_HTTP_URL=https://${LLDAP_DOMAIN:?err} + - LLDAP_HTTP_URL=https://${SERVICE_DOMAIN:?err} - LLDAP_LDAP_BASE_DN=${LLDAP_LDAP_BASE_DN:?err} - LLDAP_LDAP_USER_DN=${LLDAP_LDAP_USER_DN:?err} -- 2.40.1