diff --git a/.env.local.tmpl b/.env.local.tmpl index 22540bf..595b5b5 100644 --- a/.env.local.tmpl +++ b/.env.local.tmpl @@ -1,20 +1,10 @@ -# user-config/.env..local.yml -ACME_EMAIL="" +ACME_EMAIL= +CF_DNS_API_TOKEN= -HOST_UID="" -HOST_GID="" +SZ_USER_UID= +SZ_USER_GID= -INTERNAL_IP="192.168.1.11" - -# RUNTIPI's root on the docker host -# TIPI_VERSION="v3.8.0" -RUNTIPI_ROOT_FOLDER_HOST="/mnt//data/apps/runtipi" - -# ALT_ROOT_DOMAIN= # optional, alternative public domain ROOT_DOMAIN= -DOMAIN= -LOCAL_DOMAIN=tipi.local - -TZ="America/New_York" +LEGACY_ROOT_DOMAIN= # vi: ft=sh diff --git a/.gitignore b/.gitignore index 8554309..364aaa4 100644 --- a/.gitignore +++ b/.gitignore @@ -13,5 +13,3 @@ tmp.* *.tmp *.off -_secrets/* -!_secrets/README.md diff --git a/_bin/rtpctl.d b/_bin/rtpctl.d index 7c0ffc7..3cde351 100755 --- a/_bin/rtpctl.d +++ b/_bin/rtpctl.d @@ -15,7 +15,7 @@ BASE_NAME="$(basename -- "$0")" BASE_BASE_NAME="${BASE_NAME%.*}" RUNTIPI_ROOT="$(cd "${SCRIPT_DIR}/../.." && pwd)" -RUNTIPI_CLI="${RUNTIPI_ROOT}/runtipi-cli" +RUNTIPI_CLI="${RUNTIPI_ROOT}/runtipi_cli" set -e cd "${RUNTIPI_ROOT}" > /dev/null @@ -46,9 +46,6 @@ runtipi-app-docker-compose() { echo --file apps/${APP}/docker-compose.yml append_file_param --file repos/29ca930bfdaffa1dfabf5726336380ede7066bc53297e3c0c868b27c97282903/apps/docker-compose.common.yml append_file_param --file "user-config/${APP}/docker-compose.yml" - else - append_file_param --file "docker-compose.yml" - append_file_param --file "user-config/tipi-compose.yml" fi) \ ${@:2} } @@ -71,11 +68,7 @@ case "${1}" in runtipi-cli start --env-file user-config/.env.local --no-permissions ;; update) - if [ -z "${2}" ]; then - ${SCRIPT_DIR}/checkver.sh - else - runtipi-cli update --env-file user-config/.env.local --no-permissions "${2:?Must supply version}" "${@:3}" - fi + runtipi-cli update --env-file user-config/.env.local --no-permissions "${2:?Must supply version}" "${@:3}" ;; docker) docker "${@:2}" @@ -90,9 +83,6 @@ case "${1}" in cd "${RUNTIPI_ROOT}/../dockge/stacks/${2:?Must supply stack name}" > /dev/null docker compose "${@:3}" ;; - shell) - runtipi-app-docker-compose "${2:?}" exec ${5:+"${@:5}"} -it "${4:-${2}}" "${3:-bash}" - ;; setup) ln -s $2 "$(cd -- "${SCRIPT_DIR}" && pwd)/${BASE_NAME}" "${3:-$HOME/.local/bin/}" ;; @@ -118,10 +108,10 @@ case "${1}" in "" "dls" "stylized docker ls" \ "" "docker" "docker" \ "" "dockge" "docker compose for dockge stacks" \ - "" "shell" "enter an insteractive shell" \ "" "" "" \ "misc." "" ""\ "" "exec" "execute within the shell, START_DIR env applies" \ + "" "shell" "enter an insteractive shell" \ "" "" "" \ "" "setup" "setup runtipictl in user's .local/bin dir" \ "" "" "${BASE_NAME} setup" \ diff --git a/_secrets/README.md b/_secrets/README.md deleted file mode 100644 index b917fd4..0000000 --- a/_secrets/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# runtipi's user-config secrets - -the text files in this directory are referenced in the compose yaml files in runtipi's user-config. -the files in this directory (except this README.md file) are all ignored by git - diff --git a/_template/app.env b/_template/app.env index da04693..aa39a60 100644 --- a/_template/app.env +++ b/_template/app.env @@ -1,3 +1,2 @@ # VARIABLE=value #comment -APP_ROUTE_OPTIONAL=${ALT_ROOT_DOMAIN:+ || Host(`example.${ALT_ROOT_DOMAIN}`)} - +APP_ROUTE_OPTIONAL=${LEGACY_ROOT_DOMAIN:+ || Host(`example.${LEGACY_ROOT_DOMAIN}`)} \ No newline at end of file diff --git a/_template/docker-compose.yml b/_template/docker-compose.yml index 225fca1..cee7988 100644 --- a/_template/docker-compose.yml +++ b/_template/docker-compose.yml @@ -2,8 +2,8 @@ services: : hostname: .docker environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" # RUNTIPI Environment RUNTIPI_APP_PORT: "${APP_PORT}" RUNTIPI_APP_ID: "${APP_ID}" diff --git a/_traefik/dynamic/_templates/mw.fwd-auth-sysmgr.yml.bobo b/_traefik/dynamic/_templates/mw.fwd-auth-sysmgr.yml.bobo deleted file mode 100644 index 2dd85be..0000000 --- a/_traefik/dynamic/_templates/mw.fwd-auth-sysmgr.yml.bobo +++ /dev/null @@ -1,19 +0,0 @@ -http: - middlewares: - authentik_sysmgr: - forwardAuth: - address: https://auth.avital14.com/outpost.goauthentik.io/auth/traefik - trustForwardHeader: true - authResponseHeadersRegex: "^[Xx]-[Aa]uthentik" - # authResponseHeaders: - # - X-authentik-username - # - X-authentik-groups - # - X-authentik-email - # - X-authentik-name - # - X-authentik-uid - # - X-authentik-jwt - # - X-authentik-meta-jwks - # - X-authentik-meta-outpost - # - X-authentik-meta-provider - # - X-authentik-meta-app - # - X-authentik-meta-version diff --git a/_traefik/dynamic/_templates/rt.dockge.yml.bobo b/_traefik/dynamic/_templates/rt.dockge.yml.bobo deleted file mode 100644 index 7a9eaba..0000000 --- a/_traefik/dynamic/_templates/rt.dockge.yml.bobo +++ /dev/null @@ -1,23 +0,0 @@ -# http routing section -http: - routers: - # Define a connection between requests and services - home-assistant: - rule: "Host(`dockge.toronto.avital14.com`)" - entrypoints: - - websecure - # # If the rule matches, applies the middleware - # middlewares: - # - test-user - # If the rule matches, forward to the whoami service (declared below) - service: home-assistant - tls: - certresolver: myresolver - - services: - # Define how to reach an existing service on our infrastructure - home-assistant: - loadBalancer: - servers: - - url: "http://dockge:31014" - #- address: "ha.lan:8123" diff --git a/code-server/docker-compose.yml b/code-server/docker-compose.yml index 3ac012b..3b55b68 100644 --- a/code-server/docker-compose.yml +++ b/code-server/docker-compose.yml @@ -1,8 +1,8 @@ services: code-server: environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" volumes: - /var/run/docker.sock:/var/run/docker.sock - /:/mnt/runtipi.host diff --git a/ddns-updater/docker-compose.yml b/ddns-updater/docker-compose.yml index 2db7c3d..15c34ff 100644 --- a/ddns-updater/docker-compose.yml +++ b/ddns-updater/docker-compose.yml @@ -1,8 +1,8 @@ services: ddns-updater: environment: - USER_UID: "${HOST_UID}" - USER_GID: "${HOST_GID}" + USER_UID: "${SZ_USER_UID}" + USER_GID: "${SZ_USER_GID}" ### Configuration # DATADIR: "/updater/data" diff --git a/ddns-updater/local.app.env b/ddns-updater/local.app.env index 51a60a7..9b24410 100644 --- a/ddns-updater/local.app.env +++ b/ddns-updater/local.app.env @@ -1,2 +1,2 @@ -HOST_UID= -HOST_GID= +SZ_USER_UID= +SZ_USER_GID= diff --git a/dockge/docker-compose.yml b/dockge/docker-compose.yml index 29831af..f47787c 100644 --- a/dockge/docker-compose.yml +++ b/dockge/docker-compose.yml @@ -16,10 +16,10 @@ services: RUNTIPI_LOCAL_DOMAIN: "${LOCAL_DOMAIN}" RUNTIPI_DOMAIN: "${DOMAIN}" RUNTIPI_ROOT_DOMAIN: "${ROOT_DOMAIN}" - HOST_UID: "${HOST_UID}" - HOST_GID: "${HOST_GID}" - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + SZ_USER_UID: "${SZ_USER_UID}" + SZ_USER_GID: "${SZ_USER_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" TZ: "${TZ:?Did you forget to define TZ in the root RunTipi .env.local?}" labels: traefik.http.routers.dockge.rule: Host(`dockge.${ROOT_DOMAIN}`)${APP_ROUTE_OPTIONAL:-} diff --git a/dozzle/docker-compose.yml b/dozzle/docker-compose.yml index d595ab7..00b20f9 100644 --- a/dozzle/docker-compose.yml +++ b/dozzle/docker-compose.yml @@ -2,8 +2,8 @@ services: dozzle: hostname: dozzle.docker environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" # RUNTIPI Environment RUNTIPI_APP_PORT: "${APP_PORT}" RUNTIPI_APP_ID: "${APP_ID}" diff --git a/forgejo/docker-compose.yml b/forgejo/docker-compose.yml index d15c891..00a7e2a 100644 --- a/forgejo/docker-compose.yml +++ b/forgejo/docker-compose.yml @@ -1,8 +1,8 @@ services: forgejo: environment: - USER_UID: "${HOST_UID}" - USER_GID: "${HOST_GID}" + USER_UID: "${SZ_USER_UID}" + USER_GID: "${SZ_USER_GID}" FORGEJO__server__DOMAIN: "code.${ALT_ROOT_DOMAIN}" FORGEJO__server__ROOT_URL: "https://code.${ALT_ROOT_DOMAIN}" diff --git a/homepage/docker-compose.yml b/homepage/docker-compose.yml index c447da1..d5f972f 100644 --- a/homepage/docker-compose.yml +++ b/homepage/docker-compose.yml @@ -1,8 +1,8 @@ services: homepage: environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" # RUNTIPI Environment RUNTIPI_APP_PORT: "${APP_PORT}" RUNTIPI_APP_ID: "${APP_ID}" @@ -18,7 +18,7 @@ services: # Websecure traefik.http.routers.homepage.middlewares: authentik_sysmgr@file traefik.http.routers.homepage.rule: Host(`www.${ROOT_DOMAIN}`)${APP_ROUTE_OPTIONAL:-} - # #traefik.http.routers.homepage-more.rule: Host(`www.${ALT_ROOT_DOMAIN}`) + # #traefik.http.routers.homepage-more.rule: Host(`www.${LEGACY_ROOT_DOMAIN}`) # traefik.http.routers.homepage-more.entrypoints: websecure # traefik.http.routers.homepage-more.service: homepage # traefik.http.routers.homepage-more.middlewares: authentik_sysmgr@file diff --git a/overseerr/docker-compose.yml b/overseerr/docker-compose.yml index 0a138ce..3e41133 100644 --- a/overseerr/docker-compose.yml +++ b/overseerr/docker-compose.yml @@ -2,8 +2,8 @@ services: overseerr: hostname: overseerr.docker environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" # RUNTIPI Environment RUNTIPI_APP_PORT: "${APP_PORT}" RUNTIPI_APP_ID: "${APP_ID}" diff --git a/plex/docker-compose.yml b/plex/docker-compose.yml index 68d6a9e..8150da2 100644 --- a/plex/docker-compose.yml +++ b/plex/docker-compose.yml @@ -1,8 +1,8 @@ services: plex: environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" network_mode: "container:net-plex" #networks: [] volumes_from: diff --git a/prowlarr/docker-compose.yml b/prowlarr/docker-compose.yml index c192ff8..33751b9 100644 --- a/prowlarr/docker-compose.yml +++ b/prowlarr/docker-compose.yml @@ -2,8 +2,8 @@ services: prowlarr: hostname: prowlarr.docker environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" # RUNTIPI Environment RUNTIPI_APP_PORT: "${APP_PORT}" RUNTIPI_APP_ID: "${APP_ID}" diff --git a/radarr/docker-compose.yml b/radarr/docker-compose.yml index cc69990..5d30fae 100644 --- a/radarr/docker-compose.yml +++ b/radarr/docker-compose.yml @@ -2,8 +2,8 @@ services: radarr: hostname: radarr.docker environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" # RUNTIPI Environment RUNTIPI_APP_PORT: "${APP_PORT}" RUNTIPI_APP_ID: "${APP_ID}" diff --git a/sabnzbd/docker-compose.yml b/sabnzbd/docker-compose.yml index 39a8ec3..69a368f 100644 --- a/sabnzbd/docker-compose.yml +++ b/sabnzbd/docker-compose.yml @@ -2,8 +2,8 @@ services: sabnzbd: hostname: nzb.docker environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" # RUNTIPI Environment RUNTIPI_APP_PORT: "${APP_PORT}" RUNTIPI_APP_ID: "${APP_ID}" diff --git a/sonarr/docker-compose.yml b/sonarr/docker-compose.yml index 8438170..9008002 100644 --- a/sonarr/docker-compose.yml +++ b/sonarr/docker-compose.yml @@ -2,8 +2,8 @@ services: sonarr: hostname: sonarr.docker environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" # RUNTIPI Environment RUNTIPI_APP_PORT: "${APP_PORT}" RUNTIPI_APP_ID: "${APP_ID}" diff --git a/syncthing/docker-compose.yml b/syncthing/docker-compose.yml index b372058..edac563 100644 --- a/syncthing/docker-compose.yml +++ b/syncthing/docker-compose.yml @@ -2,8 +2,8 @@ services: syncthing: hostname: syncthing.docker environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" # RUNTIPI Environment RUNTIPI_APP_PORT: "${APP_PORT}" RUNTIPI_APP_ID: "${APP_ID}" diff --git a/szetup.sh b/szetup.sh index 0789ee1..bbc4988 100755 --- a/szetup.sh +++ b/szetup.sh @@ -24,6 +24,7 @@ else echo "No matching symbolic links found to delete." fi + find "$TOP_DIR/_templates" -maxdepth 1 -mindepth 1 -type f -name "*.${SYS_NAME}" -print0 \ | while IFS= read -r -d '' file; do base=$(basename "$file" ".${SYS_NAME}") @@ -32,38 +33,3 @@ find "$TOP_DIR/_templates" -maxdepth 1 -mindepth 1 -type f -name "*.${SYS_NAME}" ln -vrs "${file}" "${TOP_DIR}/${base%${ext}}local.$ext" done -SECRET_BASE="${SCRIPT_DIR}/_secrets" -SECRETS=( - "tipi_jwt_secret" - "tipi_postgres_password" - "tipi_redis_password" -) -for file in "${SECRETS[@]}"; do - secret="${SECRET_BASE}/${file}.txt" - printf '%s secret ' "${file}" - if [ -s "${secret}" ]; then - printf 'exists.' - else - printf 'generating... ' - curl -s "https://makemeapassword.ligos.net/api/v1/passphrase/plain?pc=1&wc=6&sp=y&maxCh=64" \ - | sed -Ee 's/ /-/g;' > "${secret}" - printf 'ready.' - fi - printf '\n' -done - -SECRETS=( - "traefik_cf_dns_api_token" -) -for file in "${SECRETS[@]}"; do - secret="${SECRET_BASE}/${file}.txt" - printf '%s secret ' "${file}" - if [ -s "${secret}" ]; then - printf 'exists.' - else - printf 'missing!' - fi - printf '\n' -done - -# vim: set ft=sh expandtab tabstop=4 shiftwidth=4: diff --git a/tautulli/docker-compose.yml b/tautulli/docker-compose.yml index 337545b..1ae9968 100644 --- a/tautulli/docker-compose.yml +++ b/tautulli/docker-compose.yml @@ -2,8 +2,8 @@ services: tautulli: hostname: tautulli.docker environment: - PUID: "${HOST_UID}" - PGID: "${HOST_GID}" + PUID: "${SZ_USER_UID}" + PGID: "${SZ_USER_GID}" # RUNTIPI Environment RUNTIPI_APP_PORT: "${APP_PORT}" RUNTIPI_APP_ID: "${APP_ID}" diff --git a/tipi-compose.yml b/tipi-compose.yml index d6a20ed..71e87d0 100644 --- a/tipi-compose.yml +++ b/tipi-compose.yml @@ -1,19 +1,5 @@ -secrets: -# tipi_jwt_secret: -# file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/tipi_jwt_secret.txt -# # JWT_SECRET: /run/secrets/tipi_jwt_secret -# tipi_postgres_password: -# file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/tipi_postgres_password.txt -# # POSTGRES_PASSWORD: /run/secrets/tipi_postgres_password -# tipi_redis_password: -# file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/tipi_redis_password.txt -# # REDIS_PASSWORD: /run/secrets/tipi_redis_password - traefik_cf_dns_api_token: - file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/traefik_cf_dns_api_token.txt services: runtipi-reverse-proxy: - secrets: - - traefik_cf_dns_api_token volumes: - type: bind source: ./traefik/shared @@ -44,20 +30,15 @@ services: - '--certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}' environment: CF_API_EMAIL: "${ACME_EMAIL:?}" - CF_DNS_API_TOKEN_FILE: /run/secrets/traefik_cf_dns_api_token + CF_DNS_API_TOKEN: "${CF_DNS_API_TOKEN:?}" TRAEFIK_API_DISABLEDASHBOARDAD: "true" networks: - tipi_main_network - tipi_internal_network - - ix-dockge networks: tipi_internal_network: internal: true attachable: true name: runtipi_internal_network - ix-dockge: - external: true - name: ix-dockge_default -# vim: set ft=yaml expandtab tabstop=2 shiftwidth=2: