From c9ef1d34a107f67c88aa69f3a05fca8ae07639b6 Mon Sep 17 00:00:00 2001 From: Simon C Date: Fri, 9 Dec 2022 22:12:23 +0100 Subject: [PATCH 01/19] feat(Uptime Kuma): Add documentation and default .env --- uptimekuma/.env | 20 ++++++++++++++++++++ uptimekuma/README.md | 1 + 2 files changed, 21 insertions(+) create mode 100644 uptimekuma/.env diff --git a/uptimekuma/.env b/uptimekuma/.env new file mode 100644 index 0000000..a67d401 --- /dev/null +++ b/uptimekuma/.env @@ -0,0 +1,20 @@ +######## +# DOCKER + +SERVICES_DIR=".." +COMPOSE_FILE=${SERVICES_DIR}/uptimekuma/docker-compose.yml:${SERVICES_DIR}/uptimekuma/docker-compose.local.yml +# COMPOSE_PROJECT_NAME= + +## APP + +# UPTIMEKUMA_DOMAIN={{ UPTIMEKUMA_DOMAIN }} +UPTIMEKUMA_CONTAINER_NAME=uptimekuma +UPTIMEKUMA_VOLUME_NAME=uptimekuma +# UPTIMEKUMA_IMAGE= + +######### +# TRAEFIK + +# TRAEFIK_NETWORK_NAME= +# TRAEFIK_ROUTER_NAME= +# TRAEFIK_ENTRYPOINTS= diff --git a/uptimekuma/README.md b/uptimekuma/README.md index 1d1a56f..0505ee5 100644 --- a/uptimekuma/README.md +++ b/uptimekuma/README.md @@ -7,6 +7,7 @@ - L'ensemble des variables d'environnement se trouve [ici](https://github.com/louislam/uptime-kuma/wiki/Environment-Variables) - Actuellement Uptime Kuma support seulement sqlite3, [une PR](https://github.com/louislam/uptime-kuma/pull/1139) est en court pour le support de MySQL à suivre. - Il y aurait des problèmes de DNS avec l'image Docker Alpine et [le support ne sera plus la dans la v2](https://github.com/louislam/uptime-kuma/pull/2085) donc on prend la version debian un peu plus lourde. +- Pour l'instant [il n'est pas possible d'avoir plusieurs comptes](https://github.com/louislam/uptime-kuma/issues/128) ## Liens -- 2.40.1 From 747d158f583ea04fc834f3030b23e47086d79431 Mon Sep 17 00:00:00 2001 From: Simon C Date: Sat, 31 Dec 2022 14:35:36 +0100 Subject: [PATCH 02/19] feat(Vaultwarden): Add new service --- README.md | 1 + vaultwarden/.env | 46 +++++++++++++++++++++++++ vaultwarden/README.md | 21 +++++++++++ vaultwarden/docker-compose.postgres.yml | 8 +++++ vaultwarden/docker-compose.smtp.yml | 15 ++++++++ vaultwarden/docker-compose.traefik.yml | 15 ++++++++ vaultwarden/docker-compose.yml | 23 +++++++++++++ 7 files changed, 129 insertions(+) create mode 100644 vaultwarden/.env create mode 100644 vaultwarden/README.md create mode 100644 vaultwarden/docker-compose.postgres.yml create mode 100644 vaultwarden/docker-compose.smtp.yml create mode 100644 vaultwarden/docker-compose.traefik.yml create mode 100644 vaultwarden/docker-compose.yml diff --git a/README.md b/README.md index f3dcd8f..065f41f 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien - [Mobilizon](./mobilizon): Permet l'organisation d'évènements et de gestion de groupes - [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration - [Plausible](./plausible) : Plausible est une plateforme d'analyse Web légère et open source +- [Vaultwarden](./vaultwarden) : Gestionnaire de mot de passe compatible avec Bitwarden - [Vikunja](./vikunja) : L'application pour organiser sa vie ### Pour les devs / ops diff --git a/vaultwarden/.env b/vaultwarden/.env new file mode 100644 index 0000000..0c01add --- /dev/null +++ b/vaultwarden/.env @@ -0,0 +1,46 @@ +######## +# DOCKER + +SERVICES_DIR=".." +COMPOSE_FILE=${SERVICES_DIR}/vaultwarden/docker-compose.yml +#COMPOSE_PROJECT_NAME= + +## APP + +#VAULTWARDEN_IMAGE= +#VAULTWARDEN_VOLUME_NAME= +VAULTWARDEN_DOMAIN=vaultwarden.local + +#VAULTWARDEN_LOG_LEVEL= +#VAULTWARDEN_SIGNUPS_ALLOWED=false +VAULTWARDEN_ADMIN_TOKEN="mytoken" +#VAULTWARDEN_INVITATION_ORG_NAME="RésiLien" + +########## +# POSTGRES + +#POSTGRES_IMAGE= +#POSTGRES_CONTAINER_NAME= +#POSTGRES_DB= +#POSTGRES_USER= +#POSTGRES_PASSWORD= +#POSTGRES_VOLUME_NAME= + +###### +# SMTP + +#VAULTWARDEN_SMTP_HOST= +#VAULTWARDEN_SMTP_FROM= +#VAULTWARDEN_SMTP_FROM_NAME= +#VAULTWARDEN_SMTP_SECURITY= +#VAULTWARDEN_SMTP_PORT= +#VAULTWARDEN_SMTP_USERNAME= +#VAULTWARDEN_SMTP_PASSWORD= +#VAULTWARDEN_SMTP_AUTH_MECHANISM= + +######### +# TRAEFIK + +#TRAEFIK_NETWORK_NAME= +#TRAEFIK_ROUTER_NAME= +#TRAEFIK_ENTRYPOINTS= diff --git a/vaultwarden/README.md b/vaultwarden/README.md new file mode 100644 index 0000000..b799a9d --- /dev/null +++ b/vaultwarden/README.md @@ -0,0 +1,21 @@ +# Vaultwarden + +> Gestionnaire de mot de passe compatible avec Bitwarden mais écrit en Rust pour être plus sobre en ressource système. + +## Configuration + +Toutes les variables de configuration du service sont disponibles à [cette adresse](https://github.com/dani-garcia/vaultwarden/blob/main/.env.template). + +## Clients + +[Les clients de Bitwarden](https://bitwarden.com/#download) sont compatibles avec le serveur. + +## Liens + +- [Documentation][documentation] +- [Code source][source] +- [Docker Hub][dockerhub] + +[source]: https://github.com/dani-garcia/vaultwarden +[documentation]: https://github.com/dani-garcia/vaultwarden/wiki +[dockerhub]: https://hub.docker.com/r/vaultwarden/server \ No newline at end of file diff --git a/vaultwarden/docker-compose.postgres.yml b/vaultwarden/docker-compose.postgres.yml new file mode 100644 index 0000000..49fc448 --- /dev/null +++ b/vaultwarden/docker-compose.postgres.yml @@ -0,0 +1,8 @@ +--- + +version: "3.8" + +services: + vaultwarden: + environment: + DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_CONTAINER_NAME}:5432/${POSTGRES_DB} \ No newline at end of file diff --git a/vaultwarden/docker-compose.smtp.yml b/vaultwarden/docker-compose.smtp.yml new file mode 100644 index 0000000..21ca579 --- /dev/null +++ b/vaultwarden/docker-compose.smtp.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +services: + vaultwarden: + environment: + SMTP_HOST: ${VAULTWARDEN_SMTP_HOST:?err} + SMTP_FROM: ${VAULTWARDEN_SMTP_FROM:?err} + SMTP_FROM_NAME: ${VAULTWARDEN_SMTP_FROM_NAME:?err} + SMTP_SECURITY: ${VAULTWARDEN_SMTP_SECURITY:?err} + SMTP_PORT: ${VAULTWARDEN_SMTP_PORT:?err} + SMTP_USERNAME: ${VAULTWARDEN_SMTP_USERNAME:?err} + SMTP_PASSWORD: ${VAULTWARDEN_SMTP_PASSWORD:?err} + SMTP_AUTH_MECHANISM: ${VAULTWARDEN_SMTP_AUTH_MECHANISM:?err} diff --git a/vaultwarden/docker-compose.traefik.yml b/vaultwarden/docker-compose.traefik.yml new file mode 100644 index 0000000..e191542 --- /dev/null +++ b/vaultwarden/docker-compose.traefik.yml @@ -0,0 +1,15 @@ +--- + +version: "3.8" + +networks: + default: + name: ${TRAEFIK_NETWORK_NAME:-traefik} + +services: + vaultwarden: + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.rule=Host(`${VAULTWARDEN_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-vaultwarden}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} \ No newline at end of file diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml new file mode 100644 index 0000000..59cbb88 --- /dev/null +++ b/vaultwarden/docker-compose.yml @@ -0,0 +1,23 @@ +--- + +version: "3.8" + +volumes: + vaultwarden: + name: ${VAULTWARDEN_VOLUME_NAME:-vaultwarden} + +services: + vaultwarden: + image: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden/server:1.27.0-alpine} + container_name: vaultwarden + restart: always + depends_on: + - postgres + environment: + ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err} + DOMAIN: https://${VAULTWARDEN_DOMAIN:?err} + INVITATION_ORG_NAME: ${VAULTWARDEN_INVITATION_ORG_NAME:-Vaultwarden} + LOG_LEVEL: ${VAULTWARDEN_LOG_LEVEL:-Info} + SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true} + volumes: + - vaultwarden:/data -- 2.40.1 From c631f47ae10f59f88a20e4fd3ad734fab65a1b5c Mon Sep 17 00:00:00 2001 From: Simon C Date: Sat, 31 Dec 2022 15:14:20 +0100 Subject: [PATCH 03/19] feat(Vaultwarden): Add timezone information --- vaultwarden/docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index 59cbb88..288e328 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -21,3 +21,5 @@ services: SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true} volumes: - vaultwarden:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro -- 2.40.1 From 62334b2f85be93643752909f352135e9e938ffb4 Mon Sep 17 00:00:00 2001 From: Simon C Date: Sat, 31 Dec 2022 15:22:32 +0100 Subject: [PATCH 04/19] feat(Vaultwarden): Ajout de la variable pour configurer le nom du service --- vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index 288e328..07b34db 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -9,7 +9,7 @@ volumes: services: vaultwarden: image: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden/server:1.27.0-alpine} - container_name: vaultwarden + container_name: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden} restart: always depends_on: - postgres -- 2.40.1 From 4bf479d0e0dcea45ef1c6c0c44fa7f635e51de38 Mon Sep 17 00:00:00 2001 From: Simon C Date: Sat, 31 Dec 2022 15:24:38 +0100 Subject: [PATCH 05/19] feat(Vaultwarden): Move postgres dependency on postgres file --- vaultwarden/docker-compose.postgres.yml | 4 +++- vaultwarden/docker-compose.yml | 2 -- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/vaultwarden/docker-compose.postgres.yml b/vaultwarden/docker-compose.postgres.yml index 49fc448..58e2bf7 100644 --- a/vaultwarden/docker-compose.postgres.yml +++ b/vaultwarden/docker-compose.postgres.yml @@ -4,5 +4,7 @@ version: "3.8" services: vaultwarden: + depends_on: + - postgres environment: - DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_CONTAINER_NAME}:5432/${POSTGRES_DB} \ No newline at end of file + DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_CONTAINER_NAME}:5432/${POSTGRES_DB} diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index 07b34db..c2ca4a1 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -11,8 +11,6 @@ services: image: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden/server:1.27.0-alpine} container_name: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden} restart: always - depends_on: - - postgres environment: ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err} DOMAIN: https://${VAULTWARDEN_DOMAIN:?err} -- 2.40.1 From 4e32136c261a82b26ed6284d946992843cca9919 Mon Sep 17 00:00:00 2001 From: Simon C Date: Sat, 31 Dec 2022 15:28:28 +0100 Subject: [PATCH 06/19] fix(Vaultwarden): Update image variable name --- vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index c2ca4a1..97553ca 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: vaultwarden: - image: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden/server:1.27.0-alpine} + image: ${VAULTWARDEN_IMAGE:-vaultwarden/server:1.27.0-alpine} container_name: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden} restart: always environment: -- 2.40.1 From 0af258dcaedc6eccf175d141cea6c2424903039f Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 21:08:06 +0100 Subject: [PATCH 07/19] feat(Nextcloud): SMTP configuration should not be empty --- nextcloud/docker-compose.smtp.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nextcloud/docker-compose.smtp.yml b/nextcloud/docker-compose.smtp.yml index b8a880f..6343eed 100644 --- a/nextcloud/docker-compose.smtp.yml +++ b/nextcloud/docker-compose.smtp.yml @@ -3,11 +3,11 @@ version: "3.8" services: nextcloud-fpm: environment: - SMTP_HOST: ${SMTP_HOST?err} # The hostname of the SMTP server. + SMTP_HOST: ${SMTP_HOST:?err} # The hostname of the SMTP server. SMTP_SECURE: ${SMTP_SECURE:-ssl} # Set to ssl to use SSL, or tls to use STARTTLS. SMTP_PORT: ${SMTP_PORT:-465} SMTP_AUTHTYPE: ${SMTP_AUTHTYPE:-LOGIN} - SMTP_NAME: ${SMTP_NAME?err} - SMTP_PASSWORD: ${SMTP_PASSWORD?err} - MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS} - MAIL_DOMAIN: ${MAIL_DOMAIN} + SMTP_NAME: ${SMTP_NAME:?err} + SMTP_PASSWORD: ${SMTP_PASSWORD:?err} + MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS:?err} + MAIL_DOMAIN: ${MAIL_DOMAIN:?err} -- 2.40.1 From fd63036294583b7698dcc3e4a7a9281b8b9811cf Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 21:08:48 +0100 Subject: [PATCH 08/19] feat(Nextcloud): Add all configuration on cron container --- nextcloud/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 909e536..5e06ef4 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -17,6 +17,7 @@ services: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro environment: + &fpm-configuration NEXTCLOUD_TRUSTED_DOMAINS: ${NEXTCLOUD_TRUSTED_DOMAINS?err} NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER?err} NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD?err} @@ -53,8 +54,7 @@ services: - nextcloud-web entrypoint: /cron.sh environment: - PUID: ${NEXTCLOUD_PUID:-1000} - PGID: ${NEXTCLOUD_PGID:-1000} + <<: *fpm-configuration volumes: - nextcloud:/var/www/html - /etc/timezone:/etc/timezone:ro -- 2.40.1 From 2281c4337c8088f5b6506b5aa05b6b22a6e32ed0 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 21:09:37 +0100 Subject: [PATCH 09/19] feat(Nextcloud): Update web folder path with generic SERVICES_DIR --- nextcloud/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 5e06ef4..f32a9f0 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -33,7 +33,7 @@ services: nextcloud-web: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-web - build: web + build: ${SERVICES_DIR}/nextcloud/web restart: always environment: NEXTCLOUD_FPM_CONTAINER_NAME: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm -- 2.40.1 From 0198c030e93e459329c0901d35ef7e990c5bdaed Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 21:20:13 +0100 Subject: [PATCH 10/19] feat(Nextcloud): Add environment variables to configure server --- nextcloud/.env | 2 +- nextcloud/docker-compose.config.yml | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 nextcloud/docker-compose.config.yml diff --git a/nextcloud/.env b/nextcloud/.env index 8cd5d60..15a8d09 100644 --- a/nextcloud/.env +++ b/nextcloud/.env @@ -4,7 +4,7 @@ #DOCKER_CONTEXT= #DOCKER_HOST= SERVICES_DIR=.. -COMPOSE_FILE=${SERVICES_DIR}/nextcloud/docker-compose.yml:${SERVICES_DIR}/nextcloud/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml +COMPOSE_FILE=${SERVICES_DIR}/nextcloud/docker-compose.yml:${SERVICES_DIR}/nextcloud/docker-compose.config.yml:${SERVICES_DIR}/nextcloud/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml #COMPOSE_PROJECT_NAME= ## APP diff --git a/nextcloud/docker-compose.config.yml b/nextcloud/docker-compose.config.yml new file mode 100644 index 0000000..f7491ce --- /dev/null +++ b/nextcloud/docker-compose.config.yml @@ -0,0 +1,21 @@ +--- +version: "3.8" + +services: + nextcloud-fpm: + environment: + &nextcloud-configuration + NC_trashbin_retention_obligation: ${NC_trashbin_retention_obligation:-auto, 30} + NC_force_language: ${NC_force_language:-fr} + NC_default_locale: ${NC_default_locale:-fr_FR} + NC_force_locale: ${NC_force_locale:-fr_FR} + NC_default_language: ${NC_default_language:-fr} + NC_default_phone_region: ${NC_default_phone_region:-FR} + NC_defaultapp: ${NC_defaultapp:-files} + NC_preview_max_x: ${NC_preview_max_x:-2048} + NC_preview_max_y: ${NC_preview_max_y:-2048} + NC_jpeg_quality: ${NC_jpeg_quality:-60} + + nextcloud-cron: + environment: + <<: *nextcloud-configuration -- 2.40.1 From b3dce58f7b18d24f18856e18875df1267d3611a8 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 21:47:02 +0100 Subject: [PATCH 11/19] feat(Nextcloud): Update SMTP environment variables --- nextcloud/docker-compose.smtp.yml | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/nextcloud/docker-compose.smtp.yml b/nextcloud/docker-compose.smtp.yml index 6343eed..60136d8 100644 --- a/nextcloud/docker-compose.smtp.yml +++ b/nextcloud/docker-compose.smtp.yml @@ -3,11 +3,16 @@ version: "3.8" services: nextcloud-fpm: environment: - SMTP_HOST: ${SMTP_HOST:?err} # The hostname of the SMTP server. - SMTP_SECURE: ${SMTP_SECURE:-ssl} # Set to ssl to use SSL, or tls to use STARTTLS. - SMTP_PORT: ${SMTP_PORT:-465} - SMTP_AUTHTYPE: ${SMTP_AUTHTYPE:-LOGIN} - SMTP_NAME: ${SMTP_NAME:?err} - SMTP_PASSWORD: ${SMTP_PASSWORD:?err} - MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS:?err} - MAIL_DOMAIN: ${MAIL_DOMAIN:?err} + &smtp-configuration + NC_mail_smtphost: ${NC_mail_smtphost:?err} # The hostname of the SMTP server. + NC_mail_smtpsecure: ${NC_mail_smtpsecure:-ssl} # Set to ssl to use SSL, or tls to use STARTTLS. + NC_mail_smtpport: ${NC_mail_smtpport:-465} + NC_mail_smtpauthtype: ${NC_mail_smtpauthtype:-LOGIN} + NC_mail_smtpname: ${NC_mail_smtpname:?err} + NC_mail_smtppassword: ${NC_mail_smtppassword:?err} + NC_mail_from_address: ${NC_mail_from_address:?err} + NC_mail_domain: ${NC_mail_domain:?err} + + nextcloud-cron: + environment: + <<: *smtp-configuration -- 2.40.1 From b54891ec38af9bb4557acea97792fc1c752f68fd Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 22:01:55 +0100 Subject: [PATCH 12/19] chore(Nginx): Upgrade to 1.23.3 --- nextcloud/web/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/web/Dockerfile b/nextcloud/web/Dockerfile index 2cde763..345321a 100644 --- a/nextcloud/web/Dockerfile +++ b/nextcloud/web/Dockerfile @@ -1,3 +1,3 @@ -FROM nginx:1.21.5-alpine +FROM nginx:1.23.3-alpine COPY nextcloud.conf.template /etc/nginx/templates/default.conf.template -- 2.40.1 From 669866b44e45dbbd36d7121d34c211b758c538df Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 22:10:29 +0100 Subject: [PATCH 13/19] docs(Nextcloud): Add environment variables documentation --- nextcloud/README.md | 83 +++++++++++++++++++++++++++++++-------------- 1 file changed, 58 insertions(+), 25 deletions(-) diff --git a/nextcloud/README.md b/nextcloud/README.md index 2f04a15..0aca8d8 100644 --- a/nextcloud/README.md +++ b/nextcloud/README.md @@ -14,45 +14,78 @@ On peut trouver [la documentation ici][documentation] en anglais ou ici pour la ## Aide -Exemple de commande : +Commande pour se connecter à un serveur : ```sh -docker exec --user www-data -it nextcloud bash +. .env +docker exec --user www-data -it ${NEXTCLOUD_CONTAINER_NAME}-fpm ash +``` -docker-compose exec --user www-data nextcloud php occ db:add-missing-primary-keys +Pour mettre un site en maintenance : + +```sh +. .env +docker exec --user www-data -it ${NEXTCLOUD_CONTAINER_NAME}-fpm php occ maintenance:mode --on ``` ## Configuration -Il est possible de configurer certaines parties avec des variables d'environnement, mais ce n'est pas le cas de l'ensemble de la configuration. +Il est possible de configurer certaines parties avec des variables d'environnement : +- Soit les variables sont spécifique à l'image Docker +- soit avec des variables du type `NC_` + clé (exemple : NC_default_phone_region=FR) -Voici les modifications que j'effectue : +### Création d'un groupe ``` -docker-compose exec --user www-data nextcloud-fpm ash -vi config/config.php -``` -Ajout de la configuration suivante : -``` - 'default_language' => 'fr', - 'default_locale' => 'fr_FR', - 'default_phone_region' => 'FR', - 'defaultapp' => 'files', - 'preview_max_x' => 2048, - 'preview_max_y' => 2048, - 'jpeg_quality' => 60, +export NC_GROUP=com-en-aubrac +php occ group:add $NC_GROUP ``` -Ajout de imagemagick : -``` -docker-compose exec nextcloud-fpm apk add --no-cache imagemagick -``` - -ou +### Création d'un utilisateur ``` -ssh -docker exec nextcloud-fpm apk add --no-cache imagemagick +# La variable OC_PASS est spécifique pour l'utilisation de --password-from-env +export OC_PASS=unmotdepasse! + +export NC_USER=simon +export NC_NAME=Simon +export NC_MAIL=simon@example.org +export NC_QUOTA="180 GB" + +php occ user:add --password-from-env --display-name=$NC_NAME --group="$NC_GROUP" $NC_USER +php occ user:setting $NC_USER settings email $NC_MAIL +``` + +### Quota + +Pour bien comprendre les quotas dans Nextcloud : https://docs.nextcloud.com/server/latest/user_manual/en/files/quota.html + +``` +export NC_USER=simon +export NC_QUOTA="10 GB" +php occ user:setting $NC_USER files quota "$NC_QUOTA" +``` + +### imagemagick + +> Le module php-imagick n’a aucun support SVG dans cette instance. Pour une meilleure compatibilité, il est recommandé de l’installer. + +Pour résoudre ce problème il faut ajouter le paquet `imagemagick` + +``` +. .env +docker exec -it ${NEXTCLOUD_CONTAINER_NAME}-fpm apk add --no-cache imagemagick +``` + +## Application + +Suppression d'application : + +``` +php occ app:disable dashboard +php occ app:disable photos +php occ app:disable weather_status +php occ app:disable user_status ``` ## PHP-FPM: remédier à server reached pm.max_children -- 2.40.1 From 264688abf82d2460677c8aa239767186bd3595d0 Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 22:11:02 +0100 Subject: [PATCH 14/19] feat(Nextcloud): Remove run script --- nextcloud/run | 49 ------------------------------------------------- 1 file changed, 49 deletions(-) delete mode 100755 nextcloud/run diff --git a/nextcloud/run b/nextcloud/run deleted file mode 100755 index a98ccba..0000000 --- a/nextcloud/run +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash - -set -eu - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -. $DIR/../help.sh -. $DIR/../postgres/run --only-source - -nextcloud_help() { - echo "./run backup : Lancement de la sauvegarde de Nextcloud" - echo "./run restore : Restauration de la sauvegarde de Nextcloud" -} - -nextcloud_backup() { - script_env - BACKUP_DATE_DEFAULT=`date +%Y%m%d_%H%M%S` - BACKUP_DATE=${BACKUP_DATE:-$BACKUP_DATE_DEFAULT} - backup_folder_create - - POSTGRES_BACKUP_FILE=backups/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_postgres.sql - docker-compose exec --user www-data nextcloud php occ maintenance:mode --on - postgres_backup - - docker run -it --rm -v $HOME/backups/${NEXTCLOUD_DOMAIN}:/backup --volumes-from nextcloud alpine:3.12.3 ash -c "cd /var/www/html && tar cvf /backup/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_files.tar ." - docker-compose exec --user www-data nextcloud php occ maintenance:mode --off -} - -nextcloud_restore() { - script_env - - postgres_restore - docker run -it --rm -v $HOME/backups/${NEXTCLOUD_DOMAIN}:/backup -v nextcloud:/var/www/html alpine:3.12.3 ash -c "cd /var/www/html && tar xvf /backup/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_files.tar --strip 1" -} - -if [ $# -ge 1 ]; then - if [ "${1}" == "backup" ]; then - script_start - nextcloud_backup - script_end - elif [ "${1}" == "restore" ]; then - script_start - nextcloud_restore - script_end - elif [ "${1}" != "--only-source" ]; then - nextcloud_help - fi -else - nextcloud_help -fi -- 2.40.1 From e3dcc0efd516663dadaeaaa5f95f17e225e32e4b Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 3 Jan 2023 22:15:37 +0100 Subject: [PATCH 15/19] chore(Nextcloud): Upgrade to 25.0.2 https://nextcloud.com/changelog/#25-0-2 --- nextcloud/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index f32a9f0..351eb38 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: nextcloud-fpm: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:23.0.3-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:25.0.2-fpm-alpine} restart: always depends_on: - postgres @@ -47,7 +47,7 @@ services: - /etc/localtime:/etc/localtime:ro nextcloud-cron: - image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.3-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:25.0.2-fpm-alpine} container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-cron restart: always depends_on: -- 2.40.1 From de2a8eef465956b8b26f9d29778740431f22fca2 Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 2 Feb 2023 12:59:09 +0100 Subject: [PATCH 16/19] feat(Vikunja): Restart container & explicite dependency --- vikunja/docker-compose.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml index db11ae4..ac99c02 100644 --- a/vikunja/docker-compose.yml +++ b/vikunja/docker-compose.yml @@ -40,3 +40,6 @@ services: vikunja_frontend: container_name: ${VIKUNJA_CONTAINER_NAME:-vikunja}_frontend image: ${VIKUNJA_FRONTEND_IMAGE:-vikunja/frontend:0.18.2} + restart: always + depends_on: + - vikunja_api -- 2.40.1 From ba29719ed102a7569b4da5d7b196d414dbc12b74 Mon Sep 17 00:00:00 2001 From: Simon C Date: Thu, 2 Feb 2023 16:50:59 +0100 Subject: [PATCH 17/19] feat(Traefik): Pilot is deprecated https://traefik.io/blog/announcing-traefik-proxy-2-8/ --- traefik/docker-compose.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 651a062..f030402 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -30,7 +30,6 @@ services: - --log.level=${TRAEFIK_LOG_LEVEL:-INFO} - --global.sendanonymoususage=${TRAEFIK_GLOBAL_SENDANONYMOUSUSAGE:-false} - --global.checknewversion=${TRAEFIK_GLOBAL_CHECKNEWVERSION:-false} - - --pilot.dashboard=${TRAEFIK_PILOT_DASHBOARD:-false} - --metrics.prometheus=${TRAEFIK_METRICS_PROMETHEUS:-true} - --accesslog=${TRAEFIK_ACCESSLOG:-false} -- 2.40.1 From e8a022e7e3f4de32385ff2f7b15b84cb30aa345f Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 21 Feb 2023 11:58:06 +0100 Subject: [PATCH 18/19] feat(Gitea): Upgrade to 1.19 and update configuration --- gitea/docker-compose.smtp.yml | 11 +++++++---- gitea/docker-compose.traefik.yml | 12 +++++------- gitea/docker-compose.yml | 20 ++++++++++++-------- 3 files changed, 24 insertions(+), 19 deletions(-) diff --git a/gitea/docker-compose.smtp.yml b/gitea/docker-compose.smtp.yml index fa37a1a..f01131d 100644 --- a/gitea/docker-compose.smtp.yml +++ b/gitea/docker-compose.smtp.yml @@ -4,9 +4,12 @@ services: gitea: environment: - GITEA__mailer__ENABLED=true - - GITEA__mailer__FROM=${GITEA__mailer__FROM:?GITEA__mailer__FROM not set} - - GITEA__mailer__MAILER_TYPE=smtp - - GITEA__mailer__HOST=${GITEA__mailer__HOST:?GITEA__mailer__HOST not set} - - GITEA__mailer__IS_TLS_ENABLED=true + - GITEA__mailer__PROTOCOL=${GITEA__mailer__PROTOCOL:-smtp} + - GITEA__mailer__SMTP_ADDR=${GITEA__mailer__SMTP_ADDR:?GITEA__mailer__SMTP_ADDR not set} + - GITEA__mailer__SMTP_PORT=${GITEA__mailer__SMTP_PORT:?GITEA__mailer__SMTP_PORT not set} + - GITEA__mailer__USER=${GITEA__mailer__USER:?GITEA__mailer__USER not set} - GITEA__mailer__PASSWD="""${GITEA__mailer__PASSWD:?GITEA__mailer__PASSWD not set}""" + + - GITEA__mailer__FROM=${GITEA__mailer__FROM:?GITEA__mailer__FROM not set} + - GITEA__mailer__HOST=${GITEA__mailer__HOST:?GITEA__mailer__HOST not set} diff --git a/gitea/docker-compose.traefik.yml b/gitea/docker-compose.traefik.yml index b4b8447..f3a5562 100644 --- a/gitea/docker-compose.traefik.yml +++ b/gitea/docker-compose.traefik.yml @@ -7,10 +7,8 @@ networks: services: gitea: labels: - traefik.enable: 'true' - traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik} - - traefik.http.routers.gitea.rule: 'Host(`${GITEA_DOMAIN:?err}`)' - traefik.http.routers.gitea.entrypoints: 'web' - - traefik.http.services.gitea.loadbalancer.server.port: '3000' + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-gitea}.rule=Host(`${GITEA_DOMAIN:?err}`) + - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-gitea}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} + - traefik.http.services.${TRAEFIK_ROUTER_NAME:-gitea}.loadbalancer.server.port=3000 diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index a2ae51c..67eb748 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -7,16 +7,20 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.16.5} + image: ${GITEA_IMAGE:-gitea/gitea:1.18.4} restart: always environment: - # - USER_UID=1000 - # - USER_GID=1000 - DB_TYPE: postgres - DB_HOST: ${POSTGRES_CONTAINER_NAME:-postgres}:5432 # Default name is same as ../postgres/docker-compose.yml:8 - DB_NAME: ${POSTGRES_DB} - DB_USER: ${POSTGRES_USER} - DB_PASSWD: ${POSTGRES_PASSWORD} + - USER_UID=${GITEA_UID:-1000} + - USER_GID=${GITEA_GID:-1000} + # Database + - GITEA__database__DB_TYPE=postgres + - GITEA__database__HOST=${POSTGRES_CONTAINER_NAME:-postgres}:5432 + - GITEA__database__NAME=${POSTGRES_DB} + - GITEA__database__USER=${POSTGRES_USER} + - GITEA__database__PASSWD=${POSTGRES_PASSWORD} + # Security + - GITEA__security__SECRET_KEY=${GITEA_SECRET_KEY:-} + - GITEA__security__INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN:-} volumes: - gitea:/data - /etc/timezone:/etc/timezone:ro -- 2.40.1 From 8f5fcec3a9bf8684eae5fee31f476790f63470cd Mon Sep 17 00:00:00 2001 From: Simon C Date: Tue, 21 Feb 2023 12:44:00 +0100 Subject: [PATCH 19/19] feat(Gitea): Update configuration --- gitea/.env | 36 +++++++++++++++++++++-------------- gitea/docker-compose.smtp.yml | 1 - gitea/docker-compose.yml | 6 ++++-- 3 files changed, 26 insertions(+), 17 deletions(-) diff --git a/gitea/.env b/gitea/.env index 3db8400..2b34046 100644 --- a/gitea/.env +++ b/gitea/.env @@ -1,26 +1,34 @@ -COMPOSE_FILE=../postgres/docker-compose.yml:./docker-compose.yml:./docker-compose.override.yml +######## +# DOCKER -# APP +SERVICES_DIR=".." +COMPOSE_FILE=${SERVICES_DIR}/gitea/docker-compose.yml:${SERVICES_DIR}/gitea/docker-compose.traefik.yml:${SERVICES_DIR}/gitea/docker-compose.smtp.yml:${SERVICES_DIR}/gitea/docker-compose.metrics.yml:${SERVICES_DIR}/postgres/docker-compose.yml +COMPOSE_PROJECT_NAME=$GITEA_DOMAIN -GITEA_VOLUME_NAME=gitea -GITEA_PROTOCOL=http -GITEA_DOMAIN=gitea.lan - -# APP CONFIG +####### +# GITEA # https://docs.gitea.io/en-us/install-with-docker/#environments-variables -DISABLE_SSH=true -RUN_MODE=prod -ROOT_URL=${GITEA_PROTOCOL}://${GITEA_DOMAIN} -DISABLE_REGISTRATION=true -DISABLE_GRAVATAR=true -#INSTALL_LOCK=true +GITEA_DOMAIN=gitea.lan +GITEA_VOLUME_NAME=gitea +GITEA_IMAGE=gitea/gitea:1.18.4 +GITEA_PROTOCOL=http +GITEA_SECRET_KEY=kt5UdK0m9lI9MDyhVOFEB5jk7VwFynDyaxcUjEJUpWJBrC6FyH4dkUDKLYEa7hGn +GITEA_INTERNAL_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NzY5NzkxMzZ9.Iopu6DBUhglmNPzEyYylfmTmEUpYLHYEsNrm50GoBkU + +# SMTP + +GITEA__mailer__FROM='"Name" ' +GITEA__mailer__SMTP_ADDR=smtp.gitea.lan +GITEA__mailer__SMTP_PORT=465 +GITEA__mailer__USER=gitea.lan +GITEA__mailer__PASSWD=gitea.lan # DATABASE -# Voir la description ../postgres/README.md POSTGRES_USER=user-example POSTGRES_PASSWORD=password-example POSTGRES_DB=postgres-database-name-example POSTGRES_CONTAINER_NAME=gitea-postgres POSTGRES_VOLUME_NAME=gitea-postgres +POSTGRES_IMAGE=postgres:15.2-alpine diff --git a/gitea/docker-compose.smtp.yml b/gitea/docker-compose.smtp.yml index f01131d..af25854 100644 --- a/gitea/docker-compose.smtp.yml +++ b/gitea/docker-compose.smtp.yml @@ -12,4 +12,3 @@ services: - GITEA__mailer__PASSWD="""${GITEA__mailer__PASSWD:?GITEA__mailer__PASSWD not set}""" - GITEA__mailer__FROM=${GITEA__mailer__FROM:?GITEA__mailer__FROM not set} - - GITEA__mailer__HOST=${GITEA__mailer__HOST:?GITEA__mailer__HOST not set} diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 67eb748..f30608b 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -19,8 +19,10 @@ services: - GITEA__database__USER=${POSTGRES_USER} - GITEA__database__PASSWD=${POSTGRES_PASSWORD} # Security - - GITEA__security__SECRET_KEY=${GITEA_SECRET_KEY:-} - - GITEA__security__INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN:-} + # docker run -it --rm gitea/gitea:1 gitea generate secret SECRET_KEY + - GITEA__security__SECRET_KEY=${GITEA_SECRET_KEY} + # docker run -it --rm gitea/gitea:1 gitea generate secret INTERNAL_TOKEN + - GITEA__security__INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN} volumes: - gitea:/data - /etc/timezone:/etc/timezone:ro -- 2.40.1