diff --git a/gitea/.env b/gitea/.env index 2b34046..3db8400 100644 --- a/gitea/.env +++ b/gitea/.env @@ -1,34 +1,26 @@ -######## -# DOCKER +COMPOSE_FILE=../postgres/docker-compose.yml:./docker-compose.yml:./docker-compose.override.yml -SERVICES_DIR=".." -COMPOSE_FILE=${SERVICES_DIR}/gitea/docker-compose.yml:${SERVICES_DIR}/gitea/docker-compose.traefik.yml:${SERVICES_DIR}/gitea/docker-compose.smtp.yml:${SERVICES_DIR}/gitea/docker-compose.metrics.yml:${SERVICES_DIR}/postgres/docker-compose.yml -COMPOSE_PROJECT_NAME=$GITEA_DOMAIN +# APP -####### -# GITEA +GITEA_VOLUME_NAME=gitea +GITEA_PROTOCOL=http +GITEA_DOMAIN=gitea.lan + +# APP CONFIG # https://docs.gitea.io/en-us/install-with-docker/#environments-variables -GITEA_DOMAIN=gitea.lan -GITEA_VOLUME_NAME=gitea -GITEA_IMAGE=gitea/gitea:1.18.4 -GITEA_PROTOCOL=http -GITEA_SECRET_KEY=kt5UdK0m9lI9MDyhVOFEB5jk7VwFynDyaxcUjEJUpWJBrC6FyH4dkUDKLYEa7hGn -GITEA_INTERNAL_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NzY5NzkxMzZ9.Iopu6DBUhglmNPzEyYylfmTmEUpYLHYEsNrm50GoBkU - -# SMTP - -GITEA__mailer__FROM='"Name" ' -GITEA__mailer__SMTP_ADDR=smtp.gitea.lan -GITEA__mailer__SMTP_PORT=465 -GITEA__mailer__USER=gitea.lan -GITEA__mailer__PASSWD=gitea.lan +DISABLE_SSH=true +RUN_MODE=prod +ROOT_URL=${GITEA_PROTOCOL}://${GITEA_DOMAIN} +DISABLE_REGISTRATION=true +DISABLE_GRAVATAR=true +#INSTALL_LOCK=true # DATABASE +# Voir la description ../postgres/README.md POSTGRES_USER=user-example POSTGRES_PASSWORD=password-example POSTGRES_DB=postgres-database-name-example POSTGRES_CONTAINER_NAME=gitea-postgres POSTGRES_VOLUME_NAME=gitea-postgres -POSTGRES_IMAGE=postgres:15.2-alpine diff --git a/gitea/docker-compose.smtp.yml b/gitea/docker-compose.smtp.yml index af25854..fa37a1a 100644 --- a/gitea/docker-compose.smtp.yml +++ b/gitea/docker-compose.smtp.yml @@ -4,11 +4,9 @@ services: gitea: environment: - GITEA__mailer__ENABLED=true - - GITEA__mailer__PROTOCOL=${GITEA__mailer__PROTOCOL:-smtp} - - GITEA__mailer__SMTP_ADDR=${GITEA__mailer__SMTP_ADDR:?GITEA__mailer__SMTP_ADDR not set} - - GITEA__mailer__SMTP_PORT=${GITEA__mailer__SMTP_PORT:?GITEA__mailer__SMTP_PORT not set} - + - GITEA__mailer__FROM=${GITEA__mailer__FROM:?GITEA__mailer__FROM not set} + - GITEA__mailer__MAILER_TYPE=smtp + - GITEA__mailer__HOST=${GITEA__mailer__HOST:?GITEA__mailer__HOST not set} + - GITEA__mailer__IS_TLS_ENABLED=true - GITEA__mailer__USER=${GITEA__mailer__USER:?GITEA__mailer__USER not set} - GITEA__mailer__PASSWD="""${GITEA__mailer__PASSWD:?GITEA__mailer__PASSWD not set}""" - - - GITEA__mailer__FROM=${GITEA__mailer__FROM:?GITEA__mailer__FROM not set} diff --git a/gitea/docker-compose.traefik.yml b/gitea/docker-compose.traefik.yml index f3a5562..b4b8447 100644 --- a/gitea/docker-compose.traefik.yml +++ b/gitea/docker-compose.traefik.yml @@ -7,8 +7,10 @@ networks: services: gitea: labels: - - traefik.enable=true - - traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik} - - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-gitea}.rule=Host(`${GITEA_DOMAIN:?err}`) - - traefik.http.routers.${TRAEFIK_ROUTER_NAME:-gitea}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web} - - traefik.http.services.${TRAEFIK_ROUTER_NAME:-gitea}.loadbalancer.server.port=3000 + traefik.enable: 'true' + traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik} + + traefik.http.routers.gitea.rule: 'Host(`${GITEA_DOMAIN:?err}`)' + traefik.http.routers.gitea.entrypoints: 'web' + + traefik.http.services.gitea.loadbalancer.server.port: '3000' diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index f30608b..a2ae51c 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -7,22 +7,16 @@ volumes: services: gitea: container_name: ${GITEA_CONTAINER_NAME:-gitea} - image: ${GITEA_IMAGE:-gitea/gitea:1.18.4} + image: ${GITEA_IMAGE:-gitea/gitea:1.16.5} restart: always environment: - - USER_UID=${GITEA_UID:-1000} - - USER_GID=${GITEA_GID:-1000} - # Database - - GITEA__database__DB_TYPE=postgres - - GITEA__database__HOST=${POSTGRES_CONTAINER_NAME:-postgres}:5432 - - GITEA__database__NAME=${POSTGRES_DB} - - GITEA__database__USER=${POSTGRES_USER} - - GITEA__database__PASSWD=${POSTGRES_PASSWORD} - # Security - # docker run -it --rm gitea/gitea:1 gitea generate secret SECRET_KEY - - GITEA__security__SECRET_KEY=${GITEA_SECRET_KEY} - # docker run -it --rm gitea/gitea:1 gitea generate secret INTERNAL_TOKEN - - GITEA__security__INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN} + # - USER_UID=1000 + # - USER_GID=1000 + DB_TYPE: postgres + DB_HOST: ${POSTGRES_CONTAINER_NAME:-postgres}:5432 # Default name is same as ../postgres/docker-compose.yml:8 + DB_NAME: ${POSTGRES_DB} + DB_USER: ${POSTGRES_USER} + DB_PASSWD: ${POSTGRES_PASSWORD} volumes: - gitea:/data - /etc/timezone:/etc/timezone:ro diff --git a/nextcloud/.env b/nextcloud/.env index 15a8d09..8cd5d60 100644 --- a/nextcloud/.env +++ b/nextcloud/.env @@ -4,7 +4,7 @@ #DOCKER_CONTEXT= #DOCKER_HOST= SERVICES_DIR=.. -COMPOSE_FILE=${SERVICES_DIR}/nextcloud/docker-compose.yml:${SERVICES_DIR}/nextcloud/docker-compose.config.yml:${SERVICES_DIR}/nextcloud/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml +COMPOSE_FILE=${SERVICES_DIR}/nextcloud/docker-compose.yml:${SERVICES_DIR}/nextcloud/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml #COMPOSE_PROJECT_NAME= ## APP diff --git a/nextcloud/README.md b/nextcloud/README.md index 0aca8d8..2f04a15 100644 --- a/nextcloud/README.md +++ b/nextcloud/README.md @@ -14,78 +14,45 @@ On peut trouver [la documentation ici][documentation] en anglais ou ici pour la ## Aide -Commande pour se connecter à un serveur : +Exemple de commande : ```sh -. .env -docker exec --user www-data -it ${NEXTCLOUD_CONTAINER_NAME}-fpm ash -``` +docker exec --user www-data -it nextcloud bash -Pour mettre un site en maintenance : - -```sh -. .env -docker exec --user www-data -it ${NEXTCLOUD_CONTAINER_NAME}-fpm php occ maintenance:mode --on +docker-compose exec --user www-data nextcloud php occ db:add-missing-primary-keys ``` ## Configuration -Il est possible de configurer certaines parties avec des variables d'environnement : -- Soit les variables sont spécifique à l'image Docker -- soit avec des variables du type `NC_` + clé (exemple : NC_default_phone_region=FR) +Il est possible de configurer certaines parties avec des variables d'environnement, mais ce n'est pas le cas de l'ensemble de la configuration. -### Création d'un groupe +Voici les modifications que j'effectue : ``` -export NC_GROUP=com-en-aubrac -php occ group:add $NC_GROUP +docker-compose exec --user www-data nextcloud-fpm ash +vi config/config.php +``` +Ajout de la configuration suivante : +``` + 'default_language' => 'fr', + 'default_locale' => 'fr_FR', + 'default_phone_region' => 'FR', + 'defaultapp' => 'files', + 'preview_max_x' => 2048, + 'preview_max_y' => 2048, + 'jpeg_quality' => 60, ``` -### Création d'un utilisateur - +Ajout de imagemagick : ``` -# La variable OC_PASS est spécifique pour l'utilisation de --password-from-env -export OC_PASS=unmotdepasse! - -export NC_USER=simon -export NC_NAME=Simon -export NC_MAIL=simon@example.org -export NC_QUOTA="180 GB" - -php occ user:add --password-from-env --display-name=$NC_NAME --group="$NC_GROUP" $NC_USER -php occ user:setting $NC_USER settings email $NC_MAIL +docker-compose exec nextcloud-fpm apk add --no-cache imagemagick ``` -### Quota - -Pour bien comprendre les quotas dans Nextcloud : https://docs.nextcloud.com/server/latest/user_manual/en/files/quota.html +ou ``` -export NC_USER=simon -export NC_QUOTA="10 GB" -php occ user:setting $NC_USER files quota "$NC_QUOTA" -``` - -### imagemagick - -> Le module php-imagick n’a aucun support SVG dans cette instance. Pour une meilleure compatibilité, il est recommandé de l’installer. - -Pour résoudre ce problème il faut ajouter le paquet `imagemagick` - -``` -. .env -docker exec -it ${NEXTCLOUD_CONTAINER_NAME}-fpm apk add --no-cache imagemagick -``` - -## Application - -Suppression d'application : - -``` -php occ app:disable dashboard -php occ app:disable photos -php occ app:disable weather_status -php occ app:disable user_status +ssh +docker exec nextcloud-fpm apk add --no-cache imagemagick ``` ## PHP-FPM: remédier à server reached pm.max_children diff --git a/nextcloud/docker-compose.config.yml b/nextcloud/docker-compose.config.yml deleted file mode 100644 index f7491ce..0000000 --- a/nextcloud/docker-compose.config.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -version: "3.8" - -services: - nextcloud-fpm: - environment: - &nextcloud-configuration - NC_trashbin_retention_obligation: ${NC_trashbin_retention_obligation:-auto, 30} - NC_force_language: ${NC_force_language:-fr} - NC_default_locale: ${NC_default_locale:-fr_FR} - NC_force_locale: ${NC_force_locale:-fr_FR} - NC_default_language: ${NC_default_language:-fr} - NC_default_phone_region: ${NC_default_phone_region:-FR} - NC_defaultapp: ${NC_defaultapp:-files} - NC_preview_max_x: ${NC_preview_max_x:-2048} - NC_preview_max_y: ${NC_preview_max_y:-2048} - NC_jpeg_quality: ${NC_jpeg_quality:-60} - - nextcloud-cron: - environment: - <<: *nextcloud-configuration diff --git a/nextcloud/docker-compose.smtp.yml b/nextcloud/docker-compose.smtp.yml index 60136d8..b8a880f 100644 --- a/nextcloud/docker-compose.smtp.yml +++ b/nextcloud/docker-compose.smtp.yml @@ -3,16 +3,11 @@ version: "3.8" services: nextcloud-fpm: environment: - &smtp-configuration - NC_mail_smtphost: ${NC_mail_smtphost:?err} # The hostname of the SMTP server. - NC_mail_smtpsecure: ${NC_mail_smtpsecure:-ssl} # Set to ssl to use SSL, or tls to use STARTTLS. - NC_mail_smtpport: ${NC_mail_smtpport:-465} - NC_mail_smtpauthtype: ${NC_mail_smtpauthtype:-LOGIN} - NC_mail_smtpname: ${NC_mail_smtpname:?err} - NC_mail_smtppassword: ${NC_mail_smtppassword:?err} - NC_mail_from_address: ${NC_mail_from_address:?err} - NC_mail_domain: ${NC_mail_domain:?err} - - nextcloud-cron: - environment: - <<: *smtp-configuration + SMTP_HOST: ${SMTP_HOST?err} # The hostname of the SMTP server. + SMTP_SECURE: ${SMTP_SECURE:-ssl} # Set to ssl to use SSL, or tls to use STARTTLS. + SMTP_PORT: ${SMTP_PORT:-465} + SMTP_AUTHTYPE: ${SMTP_AUTHTYPE:-LOGIN} + SMTP_NAME: ${SMTP_NAME?err} + SMTP_PASSWORD: ${SMTP_PASSWORD?err} + MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS} + MAIL_DOMAIN: ${MAIL_DOMAIN} diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 351eb38..909e536 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -7,7 +7,7 @@ volumes: services: nextcloud-fpm: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm - image: ${NEXTCLOUD_IMAGE:-nextcloud:25.0.2-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:23.0.3-fpm-alpine} restart: always depends_on: - postgres @@ -17,7 +17,6 @@ services: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro environment: - &fpm-configuration NEXTCLOUD_TRUSTED_DOMAINS: ${NEXTCLOUD_TRUSTED_DOMAINS?err} NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER?err} NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD?err} @@ -33,7 +32,7 @@ services: nextcloud-web: container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-web - build: ${SERVICES_DIR}/nextcloud/web + build: web restart: always environment: NEXTCLOUD_FPM_CONTAINER_NAME: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm @@ -47,14 +46,15 @@ services: - /etc/localtime:/etc/localtime:ro nextcloud-cron: - image: ${NEXTCLOUD_IMAGE:-nextcloud:25.0.2-fpm-alpine} + image: ${NEXTCLOUD_IMAGE:-nextcloud:22.2.3-fpm-alpine} container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-cron restart: always depends_on: - nextcloud-web entrypoint: /cron.sh environment: - <<: *fpm-configuration + PUID: ${NEXTCLOUD_PUID:-1000} + PGID: ${NEXTCLOUD_PGID:-1000} volumes: - nextcloud:/var/www/html - /etc/timezone:/etc/timezone:ro diff --git a/nextcloud/run b/nextcloud/run new file mode 100755 index 0000000..a98ccba --- /dev/null +++ b/nextcloud/run @@ -0,0 +1,49 @@ +#!/bin/bash + +set -eu + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" +. $DIR/../help.sh +. $DIR/../postgres/run --only-source + +nextcloud_help() { + echo "./run backup : Lancement de la sauvegarde de Nextcloud" + echo "./run restore : Restauration de la sauvegarde de Nextcloud" +} + +nextcloud_backup() { + script_env + BACKUP_DATE_DEFAULT=`date +%Y%m%d_%H%M%S` + BACKUP_DATE=${BACKUP_DATE:-$BACKUP_DATE_DEFAULT} + backup_folder_create + + POSTGRES_BACKUP_FILE=backups/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_postgres.sql + docker-compose exec --user www-data nextcloud php occ maintenance:mode --on + postgres_backup + + docker run -it --rm -v $HOME/backups/${NEXTCLOUD_DOMAIN}:/backup --volumes-from nextcloud alpine:3.12.3 ash -c "cd /var/www/html && tar cvf /backup/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_files.tar ." + docker-compose exec --user www-data nextcloud php occ maintenance:mode --off +} + +nextcloud_restore() { + script_env + + postgres_restore + docker run -it --rm -v $HOME/backups/${NEXTCLOUD_DOMAIN}:/backup -v nextcloud:/var/www/html alpine:3.12.3 ash -c "cd /var/www/html && tar xvf /backup/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_files.tar --strip 1" +} + +if [ $# -ge 1 ]; then + if [ "${1}" == "backup" ]; then + script_start + nextcloud_backup + script_end + elif [ "${1}" == "restore" ]; then + script_start + nextcloud_restore + script_end + elif [ "${1}" != "--only-source" ]; then + nextcloud_help + fi +else + nextcloud_help +fi diff --git a/nextcloud/web/Dockerfile b/nextcloud/web/Dockerfile index 345321a..2cde763 100644 --- a/nextcloud/web/Dockerfile +++ b/nextcloud/web/Dockerfile @@ -1,3 +1,3 @@ -FROM nginx:1.23.3-alpine +FROM nginx:1.21.5-alpine COPY nextcloud.conf.template /etc/nginx/templates/default.conf.template diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index f030402..651a062 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -30,6 +30,7 @@ services: - --log.level=${TRAEFIK_LOG_LEVEL:-INFO} - --global.sendanonymoususage=${TRAEFIK_GLOBAL_SENDANONYMOUSUSAGE:-false} - --global.checknewversion=${TRAEFIK_GLOBAL_CHECKNEWVERSION:-false} + - --pilot.dashboard=${TRAEFIK_PILOT_DASHBOARD:-false} - --metrics.prometheus=${TRAEFIK_METRICS_PROMETHEUS:-true} - --accesslog=${TRAEFIK_ACCESSLOG:-false} diff --git a/vaultwarden/docker-compose.postgres.yml b/vaultwarden/docker-compose.postgres.yml index 58e2bf7..49fc448 100644 --- a/vaultwarden/docker-compose.postgres.yml +++ b/vaultwarden/docker-compose.postgres.yml @@ -4,7 +4,5 @@ version: "3.8" services: vaultwarden: - depends_on: - - postgres environment: - DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_CONTAINER_NAME}:5432/${POSTGRES_DB} + DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_CONTAINER_NAME}:5432/${POSTGRES_DB} \ No newline at end of file diff --git a/vaultwarden/docker-compose.yml b/vaultwarden/docker-compose.yml index 97553ca..59cbb88 100644 --- a/vaultwarden/docker-compose.yml +++ b/vaultwarden/docker-compose.yml @@ -8,9 +8,11 @@ volumes: services: vaultwarden: - image: ${VAULTWARDEN_IMAGE:-vaultwarden/server:1.27.0-alpine} - container_name: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden} + image: ${VAULTWARDEN_CONTAINER_NAME:-vaultwarden/server:1.27.0-alpine} + container_name: vaultwarden restart: always + depends_on: + - postgres environment: ADMIN_TOKEN: ${VAULTWARDEN_ADMIN_TOKEN:?err} DOMAIN: https://${VAULTWARDEN_DOMAIN:?err} @@ -19,5 +21,3 @@ services: SIGNUPS_ALLOWED: ${VAULTWARDEN_SIGNUPS_ALLOWED:-true} volumes: - vaultwarden:/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro diff --git a/vikunja/docker-compose.yml b/vikunja/docker-compose.yml index ac99c02..db11ae4 100644 --- a/vikunja/docker-compose.yml +++ b/vikunja/docker-compose.yml @@ -40,6 +40,3 @@ services: vikunja_frontend: container_name: ${VIKUNJA_CONTAINER_NAME:-vikunja}_frontend image: ${VIKUNJA_FRONTEND_IMAGE:-vikunja/frontend:0.18.2} - restart: always - depends_on: - - vikunja_api