From 1975b54aa3909858c01c67ed29f8c2c1c5c976c7 Mon Sep 17 00:00:00 2001 From: BhasherBEL Date: Tue, 26 Sep 2023 11:14:50 +0200 Subject: [PATCH] Merge rpi to shp --- bxl-shp/apps/docker-compose.invoice.yaml | 50 +------------------ bxl-shp/apps/docker-compose.matrix.yaml | 11 +++- bxl-shp/apps/docker-compose.well-known.yaml | 20 ++++++++ bxl-shp/config/dashy/config.yml | 6 +-- bxl-shp/config/riot/config.json | 6 +-- bxl-shp/config/well-known/nginx.conf | 31 ++++++++++++ bxl-shp/system/docker-compose.auth.yaml | 4 +- bxl-shp/system/docker-compose.monitoring.yaml | 6 +++ bxl-shp/system/docker-compose.portainer.yaml | 4 +- bxl-shp/system/docker-compose.traefik.yaml | 3 ++ 10 files changed, 79 insertions(+), 62 deletions(-) create mode 100644 bxl-shp/apps/docker-compose.well-known.yaml create mode 100644 bxl-shp/config/well-known/nginx.conf diff --git a/bxl-shp/apps/docker-compose.invoice.yaml b/bxl-shp/apps/docker-compose.invoice.yaml index 8b4a0af..21bf4db 100644 --- a/bxl-shp/apps/docker-compose.invoice.yaml +++ b/bxl-shp/apps/docker-compose.invoice.yaml @@ -1,51 +1,4 @@ services: -# invoicenginx: -# container_name: invoice_nginx -# image: nginx:latest -# restart: on-failure -# volumes: -# - $CONFIG/invoiceninja/in-vhost.conf:/etc/nginx/conf.d/in-vhost.conf:ro -# - $DATA/invoiceninja/public:/var/www/app/public:ro -# environment: -# - TRUSTED_PROXIES='*' -# depends_on: -# - invoiceninja -# networks: -# - invoice -# - external -# #labels: -# #- "traefik.enable=true" -# #- "traefik.http.routers.invoice.rule=Host(`invoice.bhasher.com`)" -# #- "traefik.http.services.invoice.loadbalancer.server.port=80" -# #- "traefik.http.routers.invoice.tls=true" -# #- "traefik.http.routers.invoice.tls.certresolver=http" -# #- "traefik.http.routers.invoice.entrypoints=internalsecure" -# -# invoiceninja: -# image: invoiceninja/invoiceninja:5 -# container_name: invoice_ninja -# environment: -# - APP_URL=https://invoice.bhasher.com -# - APP_KEY=${INVOICENINJA_APIKEY} -# - REQUIRE_HTTPS=true -# - PHANTOMJS_PDF_GENERATION=false -# - PDF_GENERATOR=snappdf -# - QUEUE_CONNECTION=database -# - DB_HOST=mariadb -# - DB_DATABASE=invoiceninja -# - DB_USERNAME=root -# - DB_PASSWORD=${MARIADB_ROOT} -# - IN_USER_EMAIL=invoice@bhasher.com -# - IN_PASSWORD=${INVOICENINJA_PASSWORD} -# - TRUSTED_PROXIES='*' -# restart: unless-stopped -# volumes: -# - $DATA/invoiceninja/public:/var/www/app/public:rw -# - $DATA/invoiceninja/storage:/var/www/app/storage:rw -# networks: -# - invoice -# - storage - invoiceplane: container_name: invoiceplane image: mhzawadi/invoiceplane:latest @@ -53,6 +6,7 @@ services: - $DATA/invoiceplane/uploads:/var/www/html/uploads - $DATA/invoiceplane/ipconfig.php:/var/www/html/ipconfig.php - /etc/localtime:/etc/localtime:ro + command: sh -c "apk add php7-mbstring php7-iconv php7-json gd && nginx -g 'daemon off;'" environment: - IP_URL=https://invoice.bhasher.com #- MYSQL_HOST=mariadb @@ -66,7 +20,7 @@ services: - "traefik.http.services.invoice.loadbalancer.server.port=80" - "traefik.http.routers.invoice.tls=true" - "traefik.http.routers.invoice.tls.certresolver=http" - - "traefik.http.routers.invoice.entrypoints=internalsecure" + - "traefik.http.routers.invoice.entrypoints=internalsecure,externalsecure" networks: - external - storage diff --git a/bxl-shp/apps/docker-compose.matrix.yaml b/bxl-shp/apps/docker-compose.matrix.yaml index 31ac056..2521765 100644 --- a/bxl-shp/apps/docker-compose.matrix.yaml +++ b/bxl-shp/apps/docker-compose.matrix.yaml @@ -1,13 +1,19 @@ services: matrix-synapse: container_name: matrix-synapse - image: matrixdotorg/synapse:latest + image: matrixdotorg/synapse:v1.92.3 restart: unless-stopped environment: - - SYNAPSE_SERVER_NAME=matrix.bhasher.com + - SYNAPSE_SERVER_NAME=bhasher.com - SYNAPSE_REPORT_STATS=no volumes: - $DATA/matrix/synapse:/data:rw + healthcheck: + test: ["CMD", "curl", "-fSs", "http://localhost:8008/health"] + interval: 15s + timeout: 5s + retries: 3 + start_period: 5s labels: - "traefik.enable=true" - "traefik.http.routers.matrix-synapse.rule=Host(`matrix.bhasher.com`)" @@ -34,6 +40,7 @@ services: networks: - external + networks: external: external: true diff --git a/bxl-shp/apps/docker-compose.well-known.yaml b/bxl-shp/apps/docker-compose.well-known.yaml new file mode 100644 index 0000000..fe8519d --- /dev/null +++ b/bxl-shp/apps/docker-compose.well-known.yaml @@ -0,0 +1,20 @@ +services: + wellknown-nginx: + container_name: wellknown-nginx + image: nginx:latest + restart: unless-stopped + volumes: + - $CONFIG/well-known/nginx.conf:/etc/nginx/nginx.conf:ro + labels: + - "traefik.enable=true" + - "traefik.http.routers.matrix-nginx.rule=Host(`bhasher.com`) && PathPrefix(`/.well-known`)" + - "traefik.http.routers.matrix-nginx.tls=true" + - "traefik.http.routers.matrix-nginx.tls.certresolver=http" + - "traefik.http.routers.matrix-nginx.entrypoints=internalsecure,externalsecure" + - "traefik.http.services.matrix-nginx.loadbalancer.server.port=80" + networks: + - external + +networks: + external: + external: true diff --git a/bxl-shp/config/dashy/config.yml b/bxl-shp/config/dashy/config.yml index d7129bd..324fb18 100644 --- a/bxl-shp/config/dashy/config.yml +++ b/bxl-shp/config/dashy/config.yml @@ -99,11 +99,11 @@ sections: url: https://portainer.bxl.bhasher.com statusCheckUrl: http://portainer:9000 id: 7_1631_portainer - - title: InvoiceNinja + - title: Invoiceplane icon: hl-invoiceninja url: https://invoice.bhasher.com - statusCheckUrl: http://invoicenginx - id: 8_1631_invoiceninja + statusCheckUrl: http://invoiceplane + id: 8_1631_invoiceplane - title: Dashboard icon: hl-dashy url: https://hub.bhasher.com diff --git a/bxl-shp/config/riot/config.json b/bxl-shp/config/riot/config.json index 2b97e4e..2b8759a 100644 --- a/bxl-shp/config/riot/config.json +++ b/bxl-shp/config/riot/config.json @@ -1,7 +1,3 @@ { - "default_server_config": { - "m.homeserver": { - "base_url": "https://matrix.bhasher.com" - } - } + "default_server_name": "bhasher.com" } diff --git a/bxl-shp/config/well-known/nginx.conf b/bxl-shp/config/well-known/nginx.conf new file mode 100644 index 0000000..10be289 --- /dev/null +++ b/bxl-shp/config/well-known/nginx.conf @@ -0,0 +1,31 @@ +events {} + +http { + server { + listen 80; + server_name localhost; + + location /.well-known/matrix/server { + default_type application/json; + return 200 '{"m.server": "matrix.bhasher.com:443"}'; + } + + location /.well-known/matrix/client { + default_type application/json; + add_header Access-Control-Allow-Origin *; + return 200 '{"m.homeserver":{"base_url":"https://matrix.bhasher.com"}}'; + } + + location /.well-known/carddav { + return 301 $scheme://baikal.bxl.bhasher.com/dav.php; + } + + location /.well-known/caldav { + return 301 $scheme://baikal.bxl.bhasher.com/dav.php; + } + + location / { + return 404; + } + } +} diff --git a/bxl-shp/system/docker-compose.auth.yaml b/bxl-shp/system/docker-compose.auth.yaml index 9a0c33a..9d85a05 100644 --- a/bxl-shp/system/docker-compose.auth.yaml +++ b/bxl-shp/system/docker-compose.auth.yaml @@ -44,7 +44,7 @@ services: - PASSWORD_HASH=SHA512CRYPT - ACCEPT_WEAK_PASSWORDS=false - LDAP_ACCOUNT_ADDITIONAL_ATTRIBUTES=jpegPhoto^:Profile picture,sshpubkey^+:SSH public key - #- REMOTE_HTTP_HEADERS_LOGIN=true + - REMOTE_HTTP_HEADERS_LOGIN=true labels: - "traefik.enable=true" - "traefik.http.routers.lum.rule=Host(`lum.bhasher.com`)" @@ -52,7 +52,7 @@ services: - "traefik.http.services.lum.loadbalancer.server.port=80" - "traefik.http.routers.lum.tls=true" - "traefik.http.routers.lum.tls.certresolver=http" - #- "traefik.http.routers.lum.middlewares=authelia@docker" + - "traefik.http.routers.lum.middlewares=authelia@docker" networks: - auth - external diff --git a/bxl-shp/system/docker-compose.monitoring.yaml b/bxl-shp/system/docker-compose.monitoring.yaml index 7fa6951..2caddeb 100644 --- a/bxl-shp/system/docker-compose.monitoring.yaml +++ b/bxl-shp/system/docker-compose.monitoring.yaml @@ -60,6 +60,7 @@ services: - GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH=contains(roles[*], 'admin') && 'Admin' || 'Viewer' - GF_AUTH_GENERIC_OAUTH_GROUPS_PATH=groups - GF_AUTH_GENERIC_OAUTH_ALLOWED_GROUPS=admin + - GF_AUTH_OAUTH_ALLOW_INSECURE_EMAIL_LOOKUP=true volumes: - $DATA/monitoring/grafana:/var/lib/grafana - /etc/localtime:/etc/localtime:ro @@ -76,6 +77,9 @@ services: - /sys:/sys:ro - /var/lib/docker/:/var/lib/docker:ro - /etc/localtime:/etc/localtime:ro + - /etc/machine-id:/etc/machine-id:ro + - /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:ro + - /dev/disk/:/dev/disk:ro restart: always command: - "--housekeeping_interval=60s" @@ -84,6 +88,8 @@ services: - "--disable_metrics=percpu,sched,tcp,udp,disk,diskIO,hugetlb,referenced_memory,cpu_topology,resctrl" networks: - monitoring + devices: + - /dev/kmsg healthcheck: test: wget --quiet --tries=1 --spider http://localhost:8080/healthz || exit 1 interval: 15s diff --git a/bxl-shp/system/docker-compose.portainer.yaml b/bxl-shp/system/docker-compose.portainer.yaml index 7c7a695..f0f7dbd 100644 --- a/bxl-shp/system/docker-compose.portainer.yaml +++ b/bxl-shp/system/docker-compose.portainer.yaml @@ -2,8 +2,8 @@ services: portainer: container_name: portainer image: portainer/portainer-ce:latest - ports: - - "9443:9443" + #ports: + #- "9443:9443" volumes: - $DATA/portainer:/data:rw - /var/run/docker.sock:/var/run/docker.sock diff --git a/bxl-shp/system/docker-compose.traefik.yaml b/bxl-shp/system/docker-compose.traefik.yaml index 77576b3..f23e3d9 100644 --- a/bxl-shp/system/docker-compose.traefik.yaml +++ b/bxl-shp/system/docker-compose.traefik.yaml @@ -24,6 +24,9 @@ services: #- "--log.level=DEBUG" - "--metrics.prometheus=true" - "--api.dashboard=true" + #- "--experimental.plugins.sablier.moduleName=github.com/acouvreur/sablier" + #- "--experimental.plugins.sablier.version=v1.3.0" + #- "--providers.file.filename=/etc/traefik/dynamic-config.yml" environment: - TZ=Europe/Paris ports: