Bhasher/homelab
Bhasher
/
homelab
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge rpi to shp

This commit is contained in:
Brieuc Dubois 2023-09-26 11:14:50 +02:00 committed by shp
parent cffee089d3
commit 1975b54aa3
10 changed files with 79 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
bxl-shp/apps/docker-compose.invoice.yaml
View File

@ -1,51 +1,4 @@
services:
# invoicenginx:
# container_name: invoice_nginx
# image: nginx:latest
# restart: on-failure
# volumes:
# - $CONFIG/invoiceninja/in-vhost.conf:/etc/nginx/conf.d/in-vhost.conf:ro
# - $DATA/invoiceninja/public:/var/www/app/public:ro
# environment:
# - TRUSTED_PROXIES='*'
# depends_on:
# - invoiceninja
# networks:
# - invoice
# - external
# #labels:
# #- "traefik.enable=true"
# #- "traefik.http.routers.invoice.rule=Host(`invoice.bhasher.com`)"
# #- "traefik.http.services.invoice.loadbalancer.server.port=80"
# #- "traefik.http.routers.invoice.tls=true"
# #- "traefik.http.routers.invoice.tls.certresolver=http"
# #- "traefik.http.routers.invoice.entrypoints=internalsecure"
#
# invoiceninja:
# image: invoiceninja/invoiceninja:5
# container_name: invoice_ninja
# environment:
# - APP_URL=https://invoice.bhasher.com
# - APP_KEY=${INVOICENINJA_APIKEY}
# - REQUIRE_HTTPS=true
# - PHANTOMJS_PDF_GENERATION=false
# - PDF_GENERATOR=snappdf
# - QUEUE_CONNECTION=database
# - DB_HOST=mariadb
# - DB_DATABASE=invoiceninja
# - DB_USERNAME=root
# - DB_PASSWORD=${MARIADB_ROOT}
# - IN_USER_EMAIL=invoice@bhasher.com
# - IN_PASSWORD=${INVOICENINJA_PASSWORD}
# - TRUSTED_PROXIES='*'
# restart: unless-stopped
# volumes:
# - $DATA/invoiceninja/public:/var/www/app/public:rw
# - $DATA/invoiceninja/storage:/var/www/app/storage:rw
# networks:
# - invoice
# - storage
invoiceplane:
container_name: invoiceplane
image: mhzawadi/invoiceplane:latest
@ -53,6 +6,7 @@ services:
- $DATA/invoiceplane/uploads:/var/www/html/uploads
- $DATA/invoiceplane/ipconfig.php:/var/www/html/ipconfig.php
- /etc/localtime:/etc/localtime:ro
command: sh -c "apk add php7-mbstring php7-iconv php7-json gd && nginx -g 'daemon off;'"
environment:
- IP_URL=https://invoice.bhasher.com
#- MYSQL_HOST=mariadb
@ -66,7 +20,7 @@ services:
- "traefik.http.services.invoice.loadbalancer.server.port=80"
- "traefik.http.routers.invoice.tls=true"
- "traefik.http.routers.invoice.tls.certresolver=http"
- "traefik.http.routers.invoice.entrypoints=internalsecure"
- "traefik.http.routers.invoice.entrypoints=internalsecure,externalsecure"
networks:
- external
- storage

11
bxl-shp/apps/docker-compose.matrix.yaml
View File

@ -1,13 +1,19 @@
services:
matrix-synapse:
container_name: matrix-synapse
image: matrixdotorg/synapse:latest
image: matrixdotorg/synapse:v1.92.3
restart: unless-stopped
environment:
- SYNAPSE_SERVER_NAME=matrix.bhasher.com
- SYNAPSE_SERVER_NAME=bhasher.com
- SYNAPSE_REPORT_STATS=no
volumes:
- $DATA/matrix/synapse:/data:rw
healthcheck:
test: ["CMD", "curl", "-fSs", "http://localhost:8008/health"]
interval: 15s
timeout: 5s
retries: 3
start_period: 5s
labels:
- "traefik.enable=true"
- "traefik.http.routers.matrix-synapse.rule=Host(`matrix.bhasher.com`)"
@ -34,6 +40,7 @@ services:
networks:
- external
networks:
external:
external: true

20
bxl-shp/apps/docker-compose.well-known.yaml Normal file
View File

@ -0,0 +1,20 @@
services:
wellknown-nginx:
container_name: wellknown-nginx
image: nginx:latest
restart: unless-stopped
volumes:
- $CONFIG/well-known/nginx.conf:/etc/nginx/nginx.conf:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.matrix-nginx.rule=Host(`bhasher.com`) && PathPrefix(`/.well-known`)"
- "traefik.http.routers.matrix-nginx.tls=true"
- "traefik.http.routers.matrix-nginx.tls.certresolver=http"
- "traefik.http.routers.matrix-nginx.entrypoints=internalsecure,externalsecure"
- "traefik.http.services.matrix-nginx.loadbalancer.server.port=80"
networks:
- external
networks:
external:
external: true

6
bxl-shp/config/dashy/config.yml
View File

@ -99,11 +99,11 @@ sections:
url: https://portainer.bxl.bhasher.com
statusCheckUrl: http://portainer:9000
id: 7_1631_portainer
- title: InvoiceNinja
- title: Invoiceplane
icon: hl-invoiceninja
url: https://invoice.bhasher.com
statusCheckUrl: http://invoicenginx
id: 8_1631_invoiceninja
statusCheckUrl: http://invoiceplane
id: 8_1631_invoiceplane
- title: Dashboard
icon: hl-dashy
url: https://hub.bhasher.com

6
bxl-shp/config/riot/config.json
View File

@ -1,7 +1,3 @@
{
"default_server_config": {
"m.homeserver": {
"base_url": "https://matrix.bhasher.com"
}
}
"default_server_name": "bhasher.com"
}

31
bxl-shp/config/well-known/nginx.conf Normal file
View File

@ -0,0 +1,31 @@
events {}
http {
server {
listen 80;
server_name localhost;
location /.well-known/matrix/server {
default_type application/json;
return 200 '{"m.server": "matrix.bhasher.com:443"}';
}
location /.well-known/matrix/client {
default_type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '{"m.homeserver":{"base_url":"https://matrix.bhasher.com"}}';
}
location /.well-known/carddav {
return 301 $scheme://baikal.bxl.bhasher.com/dav.php;
}
location /.well-known/caldav {
return 301 $scheme://baikal.bxl.bhasher.com/dav.php;
}
location / {
return 404;
}
}
}

4
bxl-shp/system/docker-compose.auth.yaml
View File

@ -44,7 +44,7 @@ services:
- PASSWORD_HASH=SHA512CRYPT
- ACCEPT_WEAK_PASSWORDS=false
- LDAP_ACCOUNT_ADDITIONAL_ATTRIBUTES=jpegPhoto^:Profile picture,sshpubkey^+:SSH public key
#- REMOTE_HTTP_HEADERS_LOGIN=true
- REMOTE_HTTP_HEADERS_LOGIN=true
labels:
- "traefik.enable=true"
- "traefik.http.routers.lum.rule=Host(`lum.bhasher.com`)"
@ -52,7 +52,7 @@ services:
- "traefik.http.services.lum.loadbalancer.server.port=80"
- "traefik.http.routers.lum.tls=true"
- "traefik.http.routers.lum.tls.certresolver=http"
#- "traefik.http.routers.lum.middlewares=authelia@docker"
- "traefik.http.routers.lum.middlewares=authelia@docker"
networks:
- auth
- external

6
bxl-shp/system/docker-compose.monitoring.yaml
View File

@ -60,6 +60,7 @@ services:
- GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH=contains(roles[*], 'admin') && 'Admin' || 'Viewer'
- GF_AUTH_GENERIC_OAUTH_GROUPS_PATH=groups
- GF_AUTH_GENERIC_OAUTH_ALLOWED_GROUPS=admin
- GF_AUTH_OAUTH_ALLOW_INSECURE_EMAIL_LOOKUP=true
volumes:
- $DATA/monitoring/grafana:/var/lib/grafana
- /etc/localtime:/etc/localtime:ro
@ -76,6 +77,9 @@ services:
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
- /etc/localtime:/etc/localtime:ro
- /etc/machine-id:/etc/machine-id:ro
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:ro
- /dev/disk/:/dev/disk:ro
restart: always
command:
- "--housekeeping_interval=60s"
@ -84,6 +88,8 @@ services:
- "--disable_metrics=percpu,sched,tcp,udp,disk,diskIO,hugetlb,referenced_memory,cpu_topology,resctrl"
networks:
- monitoring
devices:
- /dev/kmsg
healthcheck:
test: wget --quiet --tries=1 --spider http://localhost:8080/healthz || exit 1
interval: 15s

4
bxl-shp/system/docker-compose.portainer.yaml
View File

@ -2,8 +2,8 @@ services:
portainer:
container_name: portainer
image: portainer/portainer-ce:latest
ports:
- "9443:9443"
#ports:
#- "9443:9443"
volumes:
- $DATA/portainer:/data:rw
- /var/run/docker.sock:/var/run/docker.sock

3
bxl-shp/system/docker-compose.traefik.yaml
View File

@ -24,6 +24,9 @@ services:
#- "--log.level=DEBUG"
- "--metrics.prometheus=true"
- "--api.dashboard=true"
#- "--experimental.plugins.sablier.moduleName=github.com/acouvreur/sablier"
#- "--experimental.plugins.sablier.version=v1.3.0"
#- "--providers.file.filename=/etc/traefik/dynamic-config.yml"
environment:
- TZ=Europe/Paris
ports: