Compare commits
11 Commits
ff5c949f5d
...
19bf22a19f
Author | SHA1 | Date |
---|---|---|
Lockszmith (@kateryna) | 19bf22a19f | |
Lockszmith (@kateryna) | ba135cde97 | |
Lockszmith (@kateryna) | 954a6935ac | |
Lockszmith (runtipi@kateryna) | 52a35d6fa9 | |
Lockszmith (runtipi@kateryna) | 1a5fcea90e | |
Lockszmith (runtipi@kateryna) | bb6531fc44 | |
Lockszmith (runtipi@kateryna) | b8b33c280f | |
Lockszmith (runtipi@kateryna) | fca5cfed8a | |
Lockszmith (runtipi@kateryna) | 57254b4bf3 | |
Lockszmith (runtipi@kateryna) | 35049fb94c | |
Lockszmith (runtipi@kateryna) | a31e7c6cd3 |
|
@ -1,5 +1,5 @@
|
||||||
.env.local
|
.env.local
|
||||||
_copy_to_traefik/tls
|
_traefik.dynamic/tls
|
||||||
_copy_to_traefik/shared/acme.json
|
_traefik.dynamic/shared/acme.json
|
||||||
**/app.env
|
**/app.env
|
||||||
ddns-updater/config.json
|
ddns-updater/config.json
|
||||||
|
|
|
@ -58,8 +58,8 @@ dls() {
|
||||||
local base='{{.Status}}\t{{.ID}}\t{{.Names}}\t{{.Image}}' #'\t{{.Networks}}\t{{.Ports}}\t{{.Mounts}}'
|
local base='{{.Status}}\t{{.ID}}\t{{.Names}}\t{{.Image}}' #'\t{{.Networks}}\t{{.Ports}}\t{{.Mounts}}'
|
||||||
local compose='{{.Label "com.docker.compose.project"}}\t{{.Label "com.docker.compose.service"}}'
|
local compose='{{.Label "com.docker.compose.project"}}\t{{.Label "com.docker.compose.service"}}'
|
||||||
local format="table $compose\t$base"
|
local format="table $compose\t$base"
|
||||||
ROOT_EXEC=1 jlmkr-exec \
|
ROOT_EXEC=1 QUIET=${QUIET:-0} jlmkr-exec \
|
||||||
docker "container ls --all --format '$format' | ( sed -u 1q ; sed -Ee 's|^|555|; s|^555runtipi|000runtipi|;' | sort | sed -Ee 's/^[[:digit:]]{3}//' )"
|
docker "container ls --all --format '$format' | ( sed -u '1s/.*/\U&/; q'; sed -Ee 's|^|555|; s|^555runtipi|000runtipi|;' | sort | sed -Ee 's/^[[:digit:]]{3}//' )"
|
||||||
}
|
}
|
||||||
|
|
||||||
case "${1}" in
|
case "${1}" in
|
||||||
|
@ -67,7 +67,7 @@ case "${1}" in
|
||||||
runtipi-cli "${@:2}"
|
runtipi-cli "${@:2}"
|
||||||
;;
|
;;
|
||||||
log)
|
log)
|
||||||
jlmkr-exec docker compose --env-file user-config/.env.local logs --tail=${TAIL:-40} "${2:-runtipi}" ${3:+"${@:3}"}
|
jlmkr-exec "POSTGRES_PASSWORD=_ TIPI_VERSION=_ LOCAL_DOMAIN=_ DOMAIN=_" docker compose --env-file user-config/.env.local logs --tail=${TAIL:-40} "${2:-runtipi}" ${3:+"${@:3}"}
|
||||||
;;
|
;;
|
||||||
start)
|
start)
|
||||||
runtipi-cli start --env-file user-config/.env.local --no-permissions
|
runtipi-cli start --env-file user-config/.env.local --no-permissions
|
||||||
|
@ -108,6 +108,7 @@ case "${1}" in
|
||||||
"" "" "" \
|
"" "" "" \
|
||||||
"" "cli" "runtipi-cli" \
|
"" "cli" "runtipi-cli" \
|
||||||
"" "dcoapp" "docker compose for runtipi apps" \
|
"" "dcoapp" "docker compose for runtipi apps" \
|
||||||
|
"" "dls" "stylized docker ls" \
|
||||||
"" "docker" "docker" \
|
"" "docker" "docker" \
|
||||||
"" "dockge" "dokcer compose for dockge stacks" \
|
"" "dockge" "dokcer compose for dockge stacks" \
|
||||||
"" "exec" "execute within the shell, START_DIR env applies" \
|
"" "exec" "execute within the shell, START_DIR env applies" \
|
||||||
|
|
|
@ -1,18 +0,0 @@
|
||||||
http:
|
|
||||||
middlewares:
|
|
||||||
authentik_sysmgr:
|
|
||||||
forwardAuth:
|
|
||||||
address: https://auth.szk.li/outpost.goauthentik.io/auth/traefik
|
|
||||||
trustForwardHeader: true
|
|
||||||
authResponseHeaders:
|
|
||||||
- X-authentik-username
|
|
||||||
- X-authentik-groups
|
|
||||||
- X-authentik-email
|
|
||||||
- X-authentik-name
|
|
||||||
- X-authentik-uid
|
|
||||||
- X-authentik-jwt
|
|
||||||
- X-authentik-meta-jwks
|
|
||||||
- X-authentik-meta-outpost
|
|
||||||
- X-authentik-meta-provider
|
|
||||||
- X-authentik-meta-app
|
|
||||||
- X-authentik-meta-version
|
|
File diff suppressed because one or more lines are too long
|
@ -1,2 +1,2 @@
|
||||||
# VARIABLE=value #comment# VARIABLE=value #comment
|
# VARIABLE=value #comment
|
||||||
# APP_ROUTE_OPTIONAL=" || Host(`www.example.com`)"
|
APP_ROUTE_OPTIONAL=${LEGACY_ROOT_DOMAIN:+ || Host(`example.${LEGACY_ROOT_DOMAIN}`)}
|
|
@ -2,6 +2,8 @@ services:
|
||||||
<service-name>:
|
<service-name>:
|
||||||
hostname: <service-name>.docker
|
hostname: <service-name>.docker
|
||||||
environment:
|
environment:
|
||||||
|
PUID: "${SZ_USER_UID}"
|
||||||
|
PGID: "${SZ_USER_GID}"
|
||||||
# RUNTIPI Environment
|
# RUNTIPI Environment
|
||||||
RUNTIPI_APP_PORT: "${APP_PORT}"
|
RUNTIPI_APP_PORT: "${APP_PORT}"
|
||||||
RUNTIPI_APP_ID: "${APP_ID}"
|
RUNTIPI_APP_ID: "${APP_ID}"
|
||||||
|
@ -12,8 +14,6 @@ services:
|
||||||
RUNTIPI_LOCAL_DOMAIN: "${LOCAL_DOMAIN}"
|
RUNTIPI_LOCAL_DOMAIN: "${LOCAL_DOMAIN}"
|
||||||
RUNTIPI_DOMAIN: "${DOMAIN}"
|
RUNTIPI_DOMAIN: "${DOMAIN}"
|
||||||
RUNTIPI_ROOT_DOMAIN: "${ROOT_DOMAIN}"
|
RUNTIPI_ROOT_DOMAIN: "${ROOT_DOMAIN}"
|
||||||
PUID: "${SZ_USER_UID}"
|
|
||||||
PGID: "${SZ_USER_GID}"
|
|
||||||
# volumes_from:
|
# volumes_from:
|
||||||
# - "container:vols-dl"
|
# - "container:vols-dl"
|
||||||
# - "container:vols-personal-media"
|
# - "container:vols-personal-media"
|
||||||
|
|
|
@ -2,6 +2,7 @@ http:
|
||||||
serversTransports:
|
serversTransports:
|
||||||
insecuretransport:
|
insecuretransport:
|
||||||
insecureSkipVerify: true
|
insecureSkipVerify: true
|
||||||
|
|
||||||
middlewares:
|
middlewares:
|
||||||
secureHeaders:
|
secureHeaders:
|
||||||
headers:
|
headers:
|
|
@ -0,0 +1,19 @@
|
||||||
|
http:
|
||||||
|
middlewares:
|
||||||
|
authentik_sysmgr:
|
||||||
|
forwardAuth:
|
||||||
|
address: https://auth.szk.li/outpost.goauthentik.io/auth/traefik
|
||||||
|
trustForwardHeader: true
|
||||||
|
authResponseHeadersRegex: "^[Xx]-[Aa]uthentik"
|
||||||
|
# authResponseHeaders:
|
||||||
|
# - X-authentik-username
|
||||||
|
# - X-authentik-groups
|
||||||
|
# - X-authentik-email
|
||||||
|
# - X-authentik-name
|
||||||
|
# - X-authentik-uid
|
||||||
|
# - X-authentik-jwt
|
||||||
|
# - X-authentik-meta-jwks
|
||||||
|
# - X-authentik-meta-outpost
|
||||||
|
# - X-authentik-meta-provider
|
||||||
|
# - X-authentik-meta-app
|
||||||
|
# - X-authentik-meta-version
|
|
@ -1,23 +1,12 @@
|
||||||
# http routing section
|
# http routing section
|
||||||
http:
|
http:
|
||||||
routers:
|
routers:
|
||||||
to-auth:
|
|
||||||
rule: "Host(`auth.lksz.me`)"
|
|
||||||
entrypoints:
|
|
||||||
- websecure
|
|
||||||
service: kateryna-traefik
|
|
||||||
tls:
|
|
||||||
certresolver: myresolver
|
|
||||||
to-syncthing:
|
|
||||||
rule: "Host(`sync.lksz.me`)"
|
|
||||||
entrypoints:
|
|
||||||
- websecure
|
|
||||||
service: kateryna-traefik
|
|
||||||
tls:
|
|
||||||
certresolver: myresolver
|
|
||||||
to-kateryna:
|
to-kateryna:
|
||||||
rule: "Host(`kateryna.szk.li`)
|
rule: "Host(`kateryna.szk.li`)
|
||||||
|| Host(`kateryna.lksz.me`)
|
|| Host(`kateryna.lksz.me`)
|
||||||
|
|| Host(`m.lksz.me`)
|
||||||
|
|| Host(`auth.lksz.me`)
|
||||||
|
|| Host(`sync.lksz.me`)
|
||||||
|| Host(`radarr.lksz.me`)
|
|| Host(`radarr.lksz.me`)
|
||||||
|| Host(`sonarr.lksz.me`)
|
|| Host(`sonarr.lksz.me`)
|
||||||
|| Host(`prowlarr.lksz.me`)
|
|| Host(`prowlarr.lksz.me`)
|
|
@ -14,6 +14,10 @@ providers:
|
||||||
entryPoints:
|
entryPoints:
|
||||||
web:
|
web:
|
||||||
address: ':80'
|
address: ':80'
|
||||||
|
forwardedHeaders:
|
||||||
|
trustedIPs:
|
||||||
|
- "127.0.0.1/32"
|
||||||
|
- "172.16.0.0/12"
|
||||||
http:
|
http:
|
||||||
redirections:
|
redirections:
|
||||||
entryPoint:
|
entryPoint:
|
||||||
|
@ -21,6 +25,10 @@ entryPoints:
|
||||||
scheme: 'https'
|
scheme: 'https'
|
||||||
websecure:
|
websecure:
|
||||||
address: ':443'
|
address: ':443'
|
||||||
|
forwardedHeaders:
|
||||||
|
trustedIPs:
|
||||||
|
- "127.0.0.1/32"
|
||||||
|
- "172.16.0.0/12"
|
||||||
|
|
||||||
certificatesResolvers:
|
certificatesResolvers:
|
||||||
httpresolver:
|
httpresolver:
|
|
@ -3,33 +3,49 @@ services:
|
||||||
environment:
|
environment:
|
||||||
USER_UID: "${SZ_USER_UID}"
|
USER_UID: "${SZ_USER_UID}"
|
||||||
USER_GID: "${SZ_USER_GID}"
|
USER_GID: "${SZ_USER_GID}"
|
||||||
# user: "${SZ_USER_UID}"
|
|
||||||
|
|
||||||
# environment:
|
### Configuration
|
||||||
# - CONFIG=
|
# DATADIR: "/updater/data"
|
||||||
# - PERIOD=5m
|
# CONFIG_FILEPATH: "/updater/data/config.json"
|
||||||
# - UPDATE_COOLDOWN_PERIOD=5m
|
# CONFIG: ""
|
||||||
# - PUBLICIP_FETCHERS=all
|
# PERIOD: "5m"
|
||||||
# - PUBLICIP_HTTP_PROVIDERS=all
|
|
||||||
# - PUBLICIPV4_HTTP_PROVIDERS=all
|
# UPDATE_COOLDOWN_PERIOD: "5m"
|
||||||
# - PUBLICIPV6_HTTP_PROVIDERS=all
|
# PUBLICIP_FETCHERS: "all"
|
||||||
# - PUBLICIP_DNS_PROVIDERS=all
|
# PUBLICIP_HTTP_PROVIDERS: "all"
|
||||||
# - PUBLICIP_DNS_TIMEOUT=3s
|
# PUBLICIPV4_HTTP_PROVIDERS: "all"
|
||||||
# - HTTP_TIMEOUT=10s
|
# PUBLICIPV6_HTTP_PROVIDERS: "all"
|
||||||
|
# PUBLICIP_DNS_PROVIDERS: "all"
|
||||||
|
# PUBLICIP_DNS_TIMEOUT: "3s"
|
||||||
|
# HTTP_TIMEOUT: "10s"
|
||||||
|
|
||||||
# # Web UI
|
# RESOLVER_ADDRESS: ""
|
||||||
# - LISTENING_ADDRESS=:8000
|
# RESOLVER_TIMEOUT: "5s"
|
||||||
# - ROOT_URL=/
|
|
||||||
|
|
||||||
# # Backup
|
### Web UI
|
||||||
# - BACKUP_PERIOD=0 # 0 to disable
|
# SERVER_ENABLED: "yes"
|
||||||
# - BACKUP_DIRECTORY=/updater/data
|
# LISTENING_ADDRESS: ":8000"
|
||||||
|
# ROOT_URL: "/"
|
||||||
|
|
||||||
# # Other
|
### Backup
|
||||||
# - LOG_LEVEL=info
|
# BACKUP_PERIOD: "0"
|
||||||
# - LOG_CALLER=hidden
|
# BACKUP_DIRECTORY: "/updater/data"
|
||||||
# - SHOUTRRR_ADDRESSES=
|
|
||||||
# restart: always
|
### Other
|
||||||
|
# LOG_LEVEL: "info"
|
||||||
|
# LOG_CALLER: "hidden"
|
||||||
|
|
||||||
|
### SHOUTRRR
|
||||||
|
# SHOUTRRR_ADDRESSES: ""
|
||||||
|
# SHOUTRRR_DEFAULT_TITLE: "DDNS Updater"
|
||||||
|
|
||||||
|
### Health Check
|
||||||
|
# HEALTH_SERVER_ADDRESS: "127.0.0.1:9999"
|
||||||
|
# HEALTH_HEALTHCHECKSIO_BASE_URL: "https://hc-ping.com"
|
||||||
|
# HEALTH_HEALTHCHECKSIO_UUID: ""
|
||||||
|
labels:
|
||||||
|
traefik.http.routers.ddns-updater.rule: Host(`ddns.${ROOT_DOMAIN}`)
|
||||||
|
traefik.http.routers.ddns-updater.middlewares: authentik_sysmgr@file
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
#- dummy:/updater/data:ro
|
#- dummy:/updater/data:ro
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
services:
|
||||||
|
forgejo:
|
||||||
|
environment:
|
||||||
|
USER_UID: "${SZ_USER_UID}"
|
||||||
|
USER_GID: "${SZ_USER_GID}"
|
||||||
|
|
||||||
|
FORGEJO__server__DOMAIN: "code.${ALT_ROOT_DOMAIN}"
|
||||||
|
FORGEJO__server__ROOT_URL: "https://code.${ALT_ROOT_DOMAIN}"
|
||||||
|
FORGEJO__server__SSH_DOMAIN: "code.${ALT_ROOT_DOMAIN}"
|
||||||
|
|
||||||
|
labels:
|
||||||
|
# Websecure
|
||||||
|
traefik.http.routers.forgejo-more.rule: Host(`code.${ROOT_DOMAIN}`)${APP_ROUTE_OPTIONAL:-}
|
||||||
|
traefik.http.routers.forgejo-more.entrypoints: websecure
|
||||||
|
traefik.http.routers.forgejo-more.service: forgejo
|
||||||
|
# traefik.http.routers.forgejo-more.middlewares: authentik_sysmgr@file
|
||||||
|
traefik.http.routers.forgejo-more.tls: true
|
||||||
|
traefik.http.routers.forgejo-more.tls.certresolver: myresolver
|
|
@ -4,11 +4,20 @@ services:
|
||||||
- 8080:8080
|
- 8080:8080
|
||||||
command:
|
command:
|
||||||
- '--providers.docker'
|
- '--providers.docker'
|
||||||
- '--providers.file.directory=/srv/runtipi/traefik/dynamic'
|
- '--providers.file.directory=/srv/runtipi/user-config/_traefik.dynamic'
|
||||||
- '--certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}'
|
- '--certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}'
|
||||||
- '--certificatesresolvers.myresolver.acme.storage=/shared/acme.json'
|
- '--certificatesresolvers.myresolver.acme.storage=/shared/acme.json'
|
||||||
- '--certificatesresolvers.myresolver.acme.dnshallenge.entrypoint=cloudflare'
|
- '--certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare'
|
||||||
environment:
|
environment:
|
||||||
CF_API_EMAIL: "${ACME_EMAIL}"
|
CF_API_EMAIL: "${ACME_EMAIL}"
|
||||||
CF_DNS_API_TOKEN: "${CF_DNS_API_TOKEN}"
|
CF_DNS_API_TOKEN: "${CF_DNS_API_TOKEN}"
|
||||||
|
networks:
|
||||||
|
- tipi_main_network
|
||||||
|
- tipi_internal_network
|
||||||
|
|
||||||
|
networks:
|
||||||
|
tipi_internal_network:
|
||||||
|
internal: true
|
||||||
|
attachable: true
|
||||||
|
name: runtipi_internal_network
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue