Compare commits
11 Commits
ff5c949f5d
...
19bf22a19f
Author | SHA1 | Date |
---|---|---|
Lockszmith (@kateryna) | 19bf22a19f | |
Lockszmith (@kateryna) | ba135cde97 | |
Lockszmith (@kateryna) | 954a6935ac | |
Lockszmith (runtipi@kateryna) | 52a35d6fa9 | |
Lockszmith (runtipi@kateryna) | 1a5fcea90e | |
Lockszmith (runtipi@kateryna) | bb6531fc44 | |
Lockszmith (runtipi@kateryna) | b8b33c280f | |
Lockszmith (runtipi@kateryna) | fca5cfed8a | |
Lockszmith (runtipi@kateryna) | 57254b4bf3 | |
Lockszmith (runtipi@kateryna) | 35049fb94c | |
Lockszmith (runtipi@kateryna) | a31e7c6cd3 |
|
@ -1,5 +1,5 @@
|
|||
.env.local
|
||||
_copy_to_traefik/tls
|
||||
_copy_to_traefik/shared/acme.json
|
||||
_traefik.dynamic/tls
|
||||
_traefik.dynamic/shared/acme.json
|
||||
**/app.env
|
||||
ddns-updater/config.json
|
||||
|
|
|
@ -58,8 +58,8 @@ dls() {
|
|||
local base='{{.Status}}\t{{.ID}}\t{{.Names}}\t{{.Image}}' #'\t{{.Networks}}\t{{.Ports}}\t{{.Mounts}}'
|
||||
local compose='{{.Label "com.docker.compose.project"}}\t{{.Label "com.docker.compose.service"}}'
|
||||
local format="table $compose\t$base"
|
||||
ROOT_EXEC=1 jlmkr-exec \
|
||||
docker "container ls --all --format '$format' | ( sed -u 1q ; sed -Ee 's|^|555|; s|^555runtipi|000runtipi|;' | sort | sed -Ee 's/^[[:digit:]]{3}//' )"
|
||||
ROOT_EXEC=1 QUIET=${QUIET:-0} jlmkr-exec \
|
||||
docker "container ls --all --format '$format' | ( sed -u '1s/.*/\U&/; q'; sed -Ee 's|^|555|; s|^555runtipi|000runtipi|;' | sort | sed -Ee 's/^[[:digit:]]{3}//' )"
|
||||
}
|
||||
|
||||
case "${1}" in
|
||||
|
@ -67,7 +67,7 @@ case "${1}" in
|
|||
runtipi-cli "${@:2}"
|
||||
;;
|
||||
log)
|
||||
jlmkr-exec docker compose --env-file user-config/.env.local logs --tail=${TAIL:-40} "${2:-runtipi}" ${3:+"${@:3}"}
|
||||
jlmkr-exec "POSTGRES_PASSWORD=_ TIPI_VERSION=_ LOCAL_DOMAIN=_ DOMAIN=_" docker compose --env-file user-config/.env.local logs --tail=${TAIL:-40} "${2:-runtipi}" ${3:+"${@:3}"}
|
||||
;;
|
||||
start)
|
||||
runtipi-cli start --env-file user-config/.env.local --no-permissions
|
||||
|
@ -108,6 +108,7 @@ case "${1}" in
|
|||
"" "" "" \
|
||||
"" "cli" "runtipi-cli" \
|
||||
"" "dcoapp" "docker compose for runtipi apps" \
|
||||
"" "dls" "stylized docker ls" \
|
||||
"" "docker" "docker" \
|
||||
"" "dockge" "dokcer compose for dockge stacks" \
|
||||
"" "exec" "execute within the shell, START_DIR env applies" \
|
||||
|
|
|
@ -1,18 +0,0 @@
|
|||
http:
|
||||
middlewares:
|
||||
authentik_sysmgr:
|
||||
forwardAuth:
|
||||
address: https://auth.szk.li/outpost.goauthentik.io/auth/traefik
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-authentik-username
|
||||
- X-authentik-groups
|
||||
- X-authentik-email
|
||||
- X-authentik-name
|
||||
- X-authentik-uid
|
||||
- X-authentik-jwt
|
||||
- X-authentik-meta-jwks
|
||||
- X-authentik-meta-outpost
|
||||
- X-authentik-meta-provider
|
||||
- X-authentik-meta-app
|
||||
- X-authentik-meta-version
|
File diff suppressed because one or more lines are too long
|
@ -1,2 +1,2 @@
|
|||
# VARIABLE=value #comment# VARIABLE=value #comment
|
||||
# APP_ROUTE_OPTIONAL=" || Host(`www.example.com`)"
|
||||
# VARIABLE=value #comment
|
||||
APP_ROUTE_OPTIONAL=${LEGACY_ROOT_DOMAIN:+ || Host(`example.${LEGACY_ROOT_DOMAIN}`)}
|
|
@ -2,6 +2,8 @@ services:
|
|||
<service-name>:
|
||||
hostname: <service-name>.docker
|
||||
environment:
|
||||
PUID: "${SZ_USER_UID}"
|
||||
PGID: "${SZ_USER_GID}"
|
||||
# RUNTIPI Environment
|
||||
RUNTIPI_APP_PORT: "${APP_PORT}"
|
||||
RUNTIPI_APP_ID: "${APP_ID}"
|
||||
|
@ -12,8 +14,6 @@ services:
|
|||
RUNTIPI_LOCAL_DOMAIN: "${LOCAL_DOMAIN}"
|
||||
RUNTIPI_DOMAIN: "${DOMAIN}"
|
||||
RUNTIPI_ROOT_DOMAIN: "${ROOT_DOMAIN}"
|
||||
PUID: "${SZ_USER_UID}"
|
||||
PGID: "${SZ_USER_GID}"
|
||||
# volumes_from:
|
||||
# - "container:vols-dl"
|
||||
# - "container:vols-personal-media"
|
||||
|
|
|
@ -2,6 +2,7 @@ http:
|
|||
serversTransports:
|
||||
insecuretransport:
|
||||
insecureSkipVerify: true
|
||||
|
||||
middlewares:
|
||||
secureHeaders:
|
||||
headers:
|
|
@ -0,0 +1,19 @@
|
|||
http:
|
||||
middlewares:
|
||||
authentik_sysmgr:
|
||||
forwardAuth:
|
||||
address: https://auth.szk.li/outpost.goauthentik.io/auth/traefik
|
||||
trustForwardHeader: true
|
||||
authResponseHeadersRegex: "^[Xx]-[Aa]uthentik"
|
||||
# authResponseHeaders:
|
||||
# - X-authentik-username
|
||||
# - X-authentik-groups
|
||||
# - X-authentik-email
|
||||
# - X-authentik-name
|
||||
# - X-authentik-uid
|
||||
# - X-authentik-jwt
|
||||
# - X-authentik-meta-jwks
|
||||
# - X-authentik-meta-outpost
|
||||
# - X-authentik-meta-provider
|
||||
# - X-authentik-meta-app
|
||||
# - X-authentik-meta-version
|
|
@ -1,23 +1,12 @@
|
|||
# http routing section
|
||||
http:
|
||||
routers:
|
||||
to-auth:
|
||||
rule: "Host(`auth.lksz.me`)"
|
||||
entrypoints:
|
||||
- websecure
|
||||
service: kateryna-traefik
|
||||
tls:
|
||||
certresolver: myresolver
|
||||
to-syncthing:
|
||||
rule: "Host(`sync.lksz.me`)"
|
||||
entrypoints:
|
||||
- websecure
|
||||
service: kateryna-traefik
|
||||
tls:
|
||||
certresolver: myresolver
|
||||
to-kateryna:
|
||||
rule: "Host(`kateryna.szk.li`)
|
||||
|| Host(`kateryna.lksz.me`)
|
||||
|| Host(`m.lksz.me`)
|
||||
|| Host(`auth.lksz.me`)
|
||||
|| Host(`sync.lksz.me`)
|
||||
|| Host(`radarr.lksz.me`)
|
||||
|| Host(`sonarr.lksz.me`)
|
||||
|| Host(`prowlarr.lksz.me`)
|
|
@ -14,6 +14,10 @@ providers:
|
|||
entryPoints:
|
||||
web:
|
||||
address: ':80'
|
||||
forwardedHeaders:
|
||||
trustedIPs:
|
||||
- "127.0.0.1/32"
|
||||
- "172.16.0.0/12"
|
||||
http:
|
||||
redirections:
|
||||
entryPoint:
|
||||
|
@ -21,6 +25,10 @@ entryPoints:
|
|||
scheme: 'https'
|
||||
websecure:
|
||||
address: ':443'
|
||||
forwardedHeaders:
|
||||
trustedIPs:
|
||||
- "127.0.0.1/32"
|
||||
- "172.16.0.0/12"
|
||||
|
||||
certificatesResolvers:
|
||||
httpresolver:
|
|
@ -3,33 +3,49 @@ services:
|
|||
environment:
|
||||
USER_UID: "${SZ_USER_UID}"
|
||||
USER_GID: "${SZ_USER_GID}"
|
||||
# user: "${SZ_USER_UID}"
|
||||
|
||||
# environment:
|
||||
# - CONFIG=
|
||||
# - PERIOD=5m
|
||||
# - UPDATE_COOLDOWN_PERIOD=5m
|
||||
# - PUBLICIP_FETCHERS=all
|
||||
# - PUBLICIP_HTTP_PROVIDERS=all
|
||||
# - PUBLICIPV4_HTTP_PROVIDERS=all
|
||||
# - PUBLICIPV6_HTTP_PROVIDERS=all
|
||||
# - PUBLICIP_DNS_PROVIDERS=all
|
||||
# - PUBLICIP_DNS_TIMEOUT=3s
|
||||
# - HTTP_TIMEOUT=10s
|
||||
### Configuration
|
||||
# DATADIR: "/updater/data"
|
||||
# CONFIG_FILEPATH: "/updater/data/config.json"
|
||||
# CONFIG: ""
|
||||
# PERIOD: "5m"
|
||||
|
||||
# UPDATE_COOLDOWN_PERIOD: "5m"
|
||||
# PUBLICIP_FETCHERS: "all"
|
||||
# PUBLICIP_HTTP_PROVIDERS: "all"
|
||||
# PUBLICIPV4_HTTP_PROVIDERS: "all"
|
||||
# PUBLICIPV6_HTTP_PROVIDERS: "all"
|
||||
# PUBLICIP_DNS_PROVIDERS: "all"
|
||||
# PUBLICIP_DNS_TIMEOUT: "3s"
|
||||
# HTTP_TIMEOUT: "10s"
|
||||
|
||||
# # Web UI
|
||||
# - LISTENING_ADDRESS=:8000
|
||||
# - ROOT_URL=/
|
||||
# RESOLVER_ADDRESS: ""
|
||||
# RESOLVER_TIMEOUT: "5s"
|
||||
|
||||
# # Backup
|
||||
# - BACKUP_PERIOD=0 # 0 to disable
|
||||
# - BACKUP_DIRECTORY=/updater/data
|
||||
### Web UI
|
||||
# SERVER_ENABLED: "yes"
|
||||
# LISTENING_ADDRESS: ":8000"
|
||||
# ROOT_URL: "/"
|
||||
|
||||
# # Other
|
||||
# - LOG_LEVEL=info
|
||||
# - LOG_CALLER=hidden
|
||||
# - SHOUTRRR_ADDRESSES=
|
||||
# restart: always
|
||||
### Backup
|
||||
# BACKUP_PERIOD: "0"
|
||||
# BACKUP_DIRECTORY: "/updater/data"
|
||||
|
||||
### Other
|
||||
# LOG_LEVEL: "info"
|
||||
# LOG_CALLER: "hidden"
|
||||
|
||||
### SHOUTRRR
|
||||
# SHOUTRRR_ADDRESSES: ""
|
||||
# SHOUTRRR_DEFAULT_TITLE: "DDNS Updater"
|
||||
|
||||
### Health Check
|
||||
# HEALTH_SERVER_ADDRESS: "127.0.0.1:9999"
|
||||
# HEALTH_HEALTHCHECKSIO_BASE_URL: "https://hc-ping.com"
|
||||
# HEALTH_HEALTHCHECKSIO_UUID: ""
|
||||
labels:
|
||||
traefik.http.routers.ddns-updater.rule: Host(`ddns.${ROOT_DOMAIN}`)
|
||||
traefik.http.routers.ddns-updater.middlewares: authentik_sysmgr@file
|
||||
|
||||
volumes:
|
||||
#- dummy:/updater/data:ro
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
services:
|
||||
forgejo:
|
||||
environment:
|
||||
USER_UID: "${SZ_USER_UID}"
|
||||
USER_GID: "${SZ_USER_GID}"
|
||||
|
||||
FORGEJO__server__DOMAIN: "code.${ALT_ROOT_DOMAIN}"
|
||||
FORGEJO__server__ROOT_URL: "https://code.${ALT_ROOT_DOMAIN}"
|
||||
FORGEJO__server__SSH_DOMAIN: "code.${ALT_ROOT_DOMAIN}"
|
||||
|
||||
labels:
|
||||
# Websecure
|
||||
traefik.http.routers.forgejo-more.rule: Host(`code.${ROOT_DOMAIN}`)${APP_ROUTE_OPTIONAL:-}
|
||||
traefik.http.routers.forgejo-more.entrypoints: websecure
|
||||
traefik.http.routers.forgejo-more.service: forgejo
|
||||
# traefik.http.routers.forgejo-more.middlewares: authentik_sysmgr@file
|
||||
traefik.http.routers.forgejo-more.tls: true
|
||||
traefik.http.routers.forgejo-more.tls.certresolver: myresolver
|
|
@ -4,11 +4,20 @@ services:
|
|||
- 8080:8080
|
||||
command:
|
||||
- '--providers.docker'
|
||||
- '--providers.file.directory=/srv/runtipi/traefik/dynamic'
|
||||
- '--providers.file.directory=/srv/runtipi/user-config/_traefik.dynamic'
|
||||
- '--certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}'
|
||||
- '--certificatesresolvers.myresolver.acme.storage=/shared/acme.json'
|
||||
- '--certificatesresolvers.myresolver.acme.dnshallenge.entrypoint=cloudflare'
|
||||
- '--certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare'
|
||||
environment:
|
||||
CF_API_EMAIL: "${ACME_EMAIL}"
|
||||
CF_DNS_API_TOKEN: "${CF_DNS_API_TOKEN}"
|
||||
networks:
|
||||
- tipi_main_network
|
||||
- tipi_internal_network
|
||||
|
||||
networks:
|
||||
tipi_internal_network:
|
||||
internal: true
|
||||
attachable: true
|
||||
name: runtipi_internal_network
|
||||
|
||||
|
|
Loading…
Reference in New Issue