resilien
/
services
Archived
2
0
Fork 0
Code Issues Pull Requests 2 Releases Wiki Activity

Compare commits

merge into: resilien:fix_hedgedoc_backup
Branches Tags
resilien:main
resilien:matomo
resilien:mariadb
resilien:docs
resilien:fix_hedgedoc_backup
...
pull from: resilien:main
Branches Tags
resilien:main
resilien:matomo
resilien:mariadb
resilien:docs
resilien:fix_hedgedoc_backup
This repository has been archived on 2023-02-21. You can view files and clone it, but cannot push or open issues or pull requests.

183 Commits
fix_hedged ... main

Author SHA1 Message Date
Simon d5e61d35a5 Merge pull request 'feat(Gitea): Update configuration' (#54) from gitea into main 
Reviewed-on: #54
 2023-02-21 12:44:50 +01:00
Simon 8f5fcec3a9 feat(Gitea): Update configuration 2023-02-21 12:44:23 +01:00
Simon 0798bab099 Merge pull request 'feat(Gitea): Upgrade to 1.19 and update configuration' (#53) from gitea into main 
Reviewed-on: #53
 2023-02-21 11:58:40 +01:00
Simon e8a022e7e3 feat(Gitea): Upgrade to 1.19 and update configuration 2023-02-21 11:58:06 +01:00
Simon c8c945ad64 Merge pull request 'feat(Traefik): Pilot is deprecated' (#52) from traefik into main 
Reviewed-on: #52
 2023-02-02 16:51:23 +01:00
Simon ba29719ed1 feat(Traefik): Pilot is deprecated 
https://traefik.io/blog/announcing-traefik-proxy-2-8/
 2023-02-02 16:51:07 +01:00
Simon f598c06029 Merge pull request 'feat(Vikunja): Restart container & explicite dependency' (#51) from nextcloud into main 
Reviewed-on: #51
 2023-02-02 13:02:45 +01:00
Simon de2a8eef46 feat(Vikunja): Restart container & explicite dependency 2023-02-02 12:59:09 +01:00
Simon 6334a88085 Merge pull request 'Mise à jour de Nextcloud' (#50) from nextcloud into main 
## Détails

1. Modification de la syntaxe d'erreur coté SMTP `?err` -> `:?err`
2. Ajout des variables de configuration dans le conteneur cron
3. Fix le chemin du dossier pour construire l'image Docker web
4. Ajout de variables d'envionnement pour surcharger la configuration de `config.php`
5. Modification des variables SMTP pour utiliser plutôt les variables d'environnement plutôt que le script d'installation
6. Mise à jour de Nginx
7. Modification de la documentation en fonction des changements
8. Mise à jour de Nextcloud

## Pourquoi

1. Les variables SMTP ne doivent pas être vide
2. Le conteneur cron doit avoir la même configuration que fpm
3. Il y avait un problème de build lorsque l'on ajoutait un fichier docker-compose.yml à coté du dossier contenant le fichier `.env`
4. Pour pouvoir surcharger correctement la configuration et ne pas seulement les configurer à l'installation
5. La même raison que 4
6. Pour être à jour
7. Pour être à jour
8. Pour être à jour

Reviewed-on: #50
 2023-01-03 22:27:02 +01:00
Simon e3dcc0efd5 chore(Nextcloud): Upgrade to 25.0.2 
https://nextcloud.com/changelog/#25-0-2
 2023-01-03 22:15:37 +01:00
Simon 264688abf8 feat(Nextcloud): Remove run script 2023-01-03 22:11:02 +01:00
Simon 669866b44e docs(Nextcloud): Add environment variables documentation 2023-01-03 22:10:29 +01:00
Simon b54891ec38 chore(Nginx): Upgrade to 1.23.3 2023-01-03 22:01:55 +01:00
Simon b3dce58f7b feat(Nextcloud): Update SMTP environment variables 2023-01-03 21:47:02 +01:00
Simon 0198c030e9 feat(Nextcloud): Add environment variables to configure server 2023-01-03 21:36:36 +01:00
Simon 2281c4337c feat(Nextcloud): Update web folder path with generic SERVICES_DIR 2023-01-03 21:09:37 +01:00
Simon fd63036294 feat(Nextcloud): Add all configuration on cron container 2023-01-03 21:08:48 +01:00
Simon 0af258dcae feat(Nextcloud): SMTP configuration should not be empty 2023-01-03 21:08:06 +01:00
Simon f78676d3ee Merge pull request 'fix(Vaultwarden): Update image variable name' (#49) from vaultwarden into main 
## Détails

Fix le nom de la variable de l'image de Vaultwarden

## Pourquoi

Pour être cohérent

Reviewed-on: #49
 2022-12-31 15:29:33 +01:00
Simon 4e32136c26 fix(Vaultwarden): Update image variable name 2022-12-31 15:28:35 +01:00
Simon c68a73b55b Merge pull request 'feat(Vaultwarden): Ajout de la variable pour configurer le nom du service' (#48) from vaultwarden into main 
## Détails

- Ajout de la variable pour le nom du conteneur
- Déplace la dépendance à postgres dans le fichier spécifique postgres

## Pourquoi

- Pour être facilement configurable

Reviewed-on: #48
 2022-12-31 15:25:34 +01:00
Simon 4bf479d0e0 feat(Vaultwarden): Move postgres dependency on postgres file 2022-12-31 15:24:38 +01:00
Simon 62334b2f85 feat(Vaultwarden): Ajout de la variable pour configurer le nom du service 2022-12-31 15:22:38 +01:00
Simon 250f015535 Merge pull request 'feat(Vaultwarden): Add timezone information' (#47) from vaultwarden into main 
## Détails

Ajout de la timezone du serveur dans le contenaire même si c'est une image Alpine qui ne prend pas en compte la valeur sauf en installant le package _tzdata_.

## Pourquoi

Pour avoir l'heure du serveur

Reviewed-on: #47
 2022-12-31 15:20:02 +01:00
Simon c631f47ae1 feat(Vaultwarden): Add timezone information 2022-12-31 15:17:51 +01:00
Simon ea59336efb Merge pull request 'feat(Vaultwarden): Add new service' (#46) from vaultwarden into main 
## Détails
un serveur compatible Bitwarden mais écrit en Rust pour économiser des ressources système

## Pourquoi

Actuellement j'utilisais Nextcloud Password mais son évolution est lente et la comunnauté trop petite pour faire comfiance à son développement. Ainsi nous pourrons proposer se service à d'autres personnes.

Reviewed-on: #46
 2022-12-31 14:55:45 +01:00
Simon 747d158f58 feat(Vaultwarden): Add new service 2022-12-31 14:55:18 +01:00
Simon 347ff1d19b Merge pull request 'feat(Uptime Kuma): Add documentation and default .env' (#45) from uptime-kuma into main 
## Détails

- Ajout de documentation pour Uptime Kuma
- Ajout d'un fichier d'environnement par defaut

## Pourquoi

- Pour renseigner qu'il n'est actuellement pas possible de créer des comptes
- Pour faciliter l'utilisation du service

Reviewed-on: #45
 2022-12-09 22:14:17 +01:00
Simon c9ef1d34a1 feat(Uptime Kuma): Add documentation and default .env 2022-12-09 22:12:41 +01:00
Simon ce43797716 Merge pull request 'feat(Uptime Kuma): Add new service' (#44) from uptime-kuma into main 
## Détails

- Mise en place du nouveau service Uptime Kuma

## Pourquoi

- Pour pouvoir monitorer nos services avec notre propre outil

Reviewed-on: #44
 2022-12-09 21:17:39 +01:00
Simon cae7eafbe0 feat(Uptime Kuma): Add new service 2022-12-09 21:16:41 +01:00
Simon 6026bb7709 Merge pull request 'feat(listmonk): Add new service' (#43) from listmonk into main 
## Détail

- Ajout du service listmonk

## Pourquoi

- Pour faciliter la création de liste de diffusion ainsi que des newsletters

Reviewed-on: #43
 2022-11-29 23:02:01 +01:00
Simon 912fe146af feat(listmonk): Add new service 2022-11-29 23:01:51 +01:00
Simon 01060abda6 Merge pull request 'docs(Registry): Add command to clean registry' (#42) from registry_clean into main 
## Détails

- Ajout de la commande pour supprimer toutes les images non taggées

## Pourquoi

- Pour ce souvenir de la commande et permettre de faire de la place rapidement sur un serveur

### Ticket

https://tree.taiga.io/project/killiankemps-resilien/us/634

Reviewed-on: #42
Reviewed-by: killian <developer@killiankemps.fr>
 2022-07-18 17:16:58 +02:00
Simon cfc0771bb5 docs(Registry): Add command to clean registry 2022-07-12 10:23:14 +02:00
Simon add83cd745 Merge pull request 'feat(Vikunja): Add new service' (#41) from vikunja into main 
## Détails

- [x] Ajout du service [Vikunja](https://vikunja.io/)
- [x] Ajout d'un documentation
- [x] Ajout de l'url des releases dans le processus de [mise à jour](https://tree.taiga.io/project/killiankemps-resilien/us/374)

## Pourquoi

Pour nous organiser autour d'un outil simple et performant

Reviewed-on: #41
Reviewed-by: killian <developer@killiankemps.fr>
 2022-04-21 16:38:36 +02:00
Simon efcd3891ba feat(Vikunja): Add new service 2022-04-20 17:48:08 +02:00
Simon d8414788ef Merge pull request 'Mise à jour des applications' (#40) from upgrade into main 
* ec25f4b chore(Traefik): Upgrade to 2.6.3
* 8da5cc4 chore(Registry): Upgrade to 2.8.1
* 10337ac chore(Prometheus): Upgrade to 2.34.0
* ec4ae3a chore(Nextcloud): Upgrade to 23.0.3
* 5b6ce7c chore(Hedgedoc): Upgrade to 1.9.3
* 7498f63 chore(Grafana): Upgrade to 8.4.6
* 3a7e863 chore(Gitea): Upgrade to 1.16.5
* 62a5159 chore(Drone): Upgrade to 2.11.1
* 9d3175d chore(Directus): Upgrade to 9.8.0

Reviewed-on: #40
Reviewed-by: killian <developer@killiankemps.fr>
 2022-04-15 09:11:59 +02:00
Simon ec25f4b76f chore(Traefik): Upgrade to 2.6.3 
https://github.com/traefik/traefik/releases/tag/v2.6.3
 2022-04-13 23:16:23 +02:00
Simon 8da5cc41ed chore(Registry): Upgrade to 2.8.1 
https://github.com/distribution/distribution/releases/tag/v2.8.1
 2022-04-13 23:15:32 +02:00
Simon 10337ac53c chore(Prometheus): Upgrade to 2.34.0 
https://github.com/prometheus/prometheus/releases/tag/v2.34.0
 2022-04-13 23:13:22 +02:00
Simon ec4ae3a8b8 chore(Nextcloud): Upgrade to 23.0.3 
https://nextcloud.com/changelog/#latest23
 2022-04-13 23:10:15 +02:00
Simon 5b6ce7cfcd chore(Hedgedoc): Upgrade to 1.9.3 
https://github.com/hedgedoc/hedgedoc/releases/tag/1.9.3
 2022-04-13 23:08:01 +02:00
Simon 7498f63974 chore(Grafana): Upgrade to 8.4.6 
https://github.com/grafana/grafana/releases/tag/v8.4.6
 2022-04-13 23:03:44 +02:00
Simon 3a7e863d0c chore(Gitea): Upgrade to 1.16.5 
https://github.com/go-gitea/gitea/releases/tag/v1.16.5
 2022-04-13 22:59:46 +02:00
Simon 62a5159232 chore(Drone): Upgrade to 2.11.1 
https://github.com/harness/drone/releases/tag/v2.11.1
 2022-04-13 22:58:18 +02:00
Simon 9d3175df69 chore(Directus): Upgrade to 9.8.0 
https://github.com/directus/directus/releases/tag/v9.8.0
 2022-04-13 22:56:15 +02:00
Simon 7939150137 Merge pull request 'fix(Hedgedoc): Update backup folder' (#39) from fix_hedgedoc into main 
## Détails

- Mise à jour du dossier de backup des fichiers téléversés

## Pourquoi

- Pour correctement sauvegarder les images téléversés

## Liens

- [Ticket](https://tree.taiga.io/project/killiankemps-resilien/us/407)

Reviewed-on: #39
 2022-03-07 16:04:01 +01:00
Simon db74e92291 fix(Hedgedoc): Update backup folder 2022-03-07 16:02:21 +01:00
Simon 8f1a45969d Merge pull request 'Add configuration' (#38) from config into main 
## Détails

- Ajout d'une variable d'environnement spécifique pour le timezone de l'image Docker Directus. (Fonctionnalité arrivé dans la dernière version)
- Ajout d'une variable d'environnement pour les log de Plausible

## Pourquoi

- Pour résoudre un bug d'affichage lorsque l'on selectionnait une date la valeur par défaut n'était pas sur le même fuseau horaire ce qui faisait reculer d'un jour...
- Permet d'afficher plus de logs

Reviewed-on: #38
 2022-03-07 11:54:39 +01:00
Simon c4248a6f97 feat(Plausible): Add log level variable 2022-03-07 11:51:48 +01:00
Simon cfd8b5a2ce feat(Directus): Add timezone variable 2022-03-07 11:51:21 +01:00
Simon 1cee679407 Merge pull request 'upgrade services' (#37) from upgrade into main 
## Détails

- Mise à jour de [Directus](https://github.com/directus/directus/releases/tag/v9.6.0)
- Mise à jour de [Grafana](https://github.com/grafana/grafana/releases/tag/v8.4.3)
- Mise à jour de [Prometheus](https://github.com/prometheus/prometheus/releases/tag/v2.33.4)
- Mise à jour de [Drone Server](https://github.com/harness/drone/releases/tag/v2.10.0)
- Mise à Jour de [Gitea](https://github.com/go-gitea/gitea/releases/tag/v1.16.3)

## Pourquoi

- Pour suivre les évolutions des différents projets

## Liens

- [Ticket](https://tree.taiga.io/project/killiankemps-resilien/us/374)

Reviewed-on: #37
 2022-03-07 11:46:24 +01:00
Simon 1f7e610297 chore(Gitea): Upgrade to 1.16.3 
https://github.com/go-gitea/gitea/releases/tag/v1.16.3
 2022-03-07 11:20:33 +01:00
Simon 1931adafa4 chore(Drone Server): Upgrade to 2.10.0 
https://github.com/harness/drone/releases/tag/v2.10.0
 2022-03-07 11:15:32 +01:00
Simon 63246c442c chore(Prometheus): Upgrade to 2.33.4 
https://github.com/prometheus/prometheus/releases/tag/v2.33.4
 2022-03-07 11:11:39 +01:00
Simon a60026a672 chore(Grafana): Upgrade to 8.4.3 
https://github.com/grafana/grafana/releases/tag/v8.4.3
 2022-03-07 11:09:18 +01:00
Simon 47ce108eb6 chore(Directus): Upgrade to 9.6.0 
https://github.com/directus/directus/releases/tag/v9.6.0
 2022-03-07 10:58:08 +01:00
Simon a295e42fc5 Merge pull request 'feat(Plausible): Add more environment variables' (#36) from plausible into main 
## Détails

- Ajout de nouvelles variables pour configurer Plausible

## Pourquoi

- Pour pouvoir configurer plus précisément le service

## Liens

- [ticket](https://tree.taiga.io/project/killiankemps-resilien/us/390)
- [config](26e34596c8/config/.env.test)

Reviewed-on: #36
 2022-02-23 10:03:26 +01:00
Simon 768bf9b71d feat(Plausible): Add more environment variables 2022-02-23 09:59:12 +01:00
Simon 8e1cb72245 Merge pull request 'plausible' (#35) from plausible into main 
Reviewed-on: #35
 2022-02-22 19:13:49 +01:00
Simon d951d0c8f5 docs(Plausible): Add default variables 2022-02-22 19:13:28 +01:00
Simon 30fd1db0a3 fix(GeoIP Update): Frequency 2022-02-22 19:13:28 +01:00
Simon b8814b4391 Merge pull request 'fix(GeoIp Update): volume name' (#34) from plausible into main 
Reviewed-on: #34
 2022-02-22 16:59:09 +01:00
Simon 361f9b7d69 fix(GeoIp Update): volume name 2022-02-22 16:58:50 +01:00
Simon 903ba0283e Merge pull request 'fix(Plausible): BASE_URL != PLAUSIBLE_DOMAIN' (#33) from plausible into main 
Reviewed-on: #33
 2022-02-22 16:29:10 +01:00
Simon 7bc9788cd8 fix(Plausible): BASE_URL != PLAUSIBLE_DOMAIN 2022-02-22 16:28:52 +01:00
Simon 9cb520624f Merge pull request 'plausible' (#32) from plausible into main 
## Détails

- Suppression des hash Docker
- Ajout des variables par défaut dans Postgres
- Ajout du service ClickHouse
- Ajout du service GeoIP Update
- Ajout du service Plausible

## Pourquoi

- Les hash Docker sont dépendant de la platforme hors nous gérons plusieurs type de platforme
- Pour simplifier la lecture des variables Postgres
- Pour proposer à nos utilisateurs Plausible

Reviewed-on: #32
 2022-02-22 16:12:00 +01:00
Simon 5d4d7ad7fb feat(Plausible): Add new service 2022-02-22 16:10:46 +01:00
Simon 895623732f feat(GeoIP Update): Add new service 2022-02-22 16:01:45 +01:00
Simon 607e6c83c2 feat(ClickHouse): Add new service 2022-02-22 16:01:09 +01:00
Simon 58e5685b4d docs(Postgres): Add default variable 2022-02-22 15:55:45 +01:00
Simon 0e1c155fbf feat(Docker): Remove hash because it depends on the architecture 2022-02-22 15:55:18 +01:00
Simon cf44901c1d Merge pull request 'docs(Redis): Add default variable on .env files' (#31) from redis into main 
## Détails

- Ajout des variables non défini de Redis

## Pourquoi

- Pour clarifier l'utilisation des variables Redis

Reviewed-on: #31
 2022-02-22 11:57:42 +01:00
Simon 557d35b9bf docs(Redis): Add default variable on .env files 2022-02-22 11:56:17 +01:00
Simon af49fefe12 Merge pull request 'feat(Redis): Add volume name' (#30) from redis into main 
## Détails

- Ajout d'un volume dans le conteneur Redis

## Pourquoi

- Pour permettre de persister les données de Redis permettant de redémarrer un conteneur sans être déconnecté

Reviewed-on: #30
 2022-02-22 11:53:15 +01:00
Simon 4f2ae331df feat(Redis): Add volume name 2022-02-22 11:51:34 +01:00
Simon dbe1cd0f0e Merge pull request 'upgrade' (#29) from upgrade into main 
## Détails

- Mise à jour de Traefik en [2.6.1](https://github.com/traefik/traefik/releases/tag/v2.6.1)
- Mise à jour de Nextcloud en [23.0.2](https://nextcloud.com/changelog/#latest23)
- Mise à jour de Grafana en [8.4.1](https://github.com/grafana/grafana/releases/tag/v8.4.1)

## Pourquoi

- Pour être à jour

Reviewed-on: #29
 2022-02-21 23:05:06 +01:00
Simon ec62e7a14c chore(Traefik): Upgrade to 2.6.1 
https://github.com/traefik/traefik/releases/tag/v2.6.1
 2022-02-21 23:00:00 +01:00
Simon 248f2fc174 chore(Nextcloud): Upgrade to 23.0.2 
https://nextcloud.com/changelog/#latest23
 2022-02-21 22:56:02 +01:00
Simon ca15dfeca1 chore(Grafana): Upgrade to 8.4.1 
https://github.com/grafana/grafana/releases/tag/v8.4.0
https://github.com/grafana/grafana/releases/tag/v8.4.1
 2022-02-21 22:47:11 +01:00
Simon fe99557d1b Merge pull request 'upgrade' (#26) from upgrade into main 
## Détails

- Mise à jour de :
    * Watchtower en [1.4.0](https://github.com/containrrr/watchtower/releases/tag/v1.4.0)
    * Registry en [2.8.0](https://github.com/distribution/distribution/releases/tag/v2.8.0)
    * Prometheus en [2.33.3](https://github.com/prometheus/prometheus/releases/tag/v2.33.3)
    * Postgres en [14.2](https://www.postgresql.org/docs/release/14.2/)
    * Grafana en [8.3.6](https://github.com/grafana/grafana/releases/tag/v8.3.6)
    * Gitea en [1.16.1](https://github.com/go-gitea/gitea/releases/tag/v1.16.1)
    * Nextcloud en [23.0.0](https://nextcloud.com/changelog/#latest23)
- Ajout des sha256 des images docker

## Pourquoi

- Pour avoir les derniers fix de sécurité
- Pour ajouter de la sécurité lors du téléchargement des images

## Liens

- [ticket](https://tree.taiga.io/project/killiankemps-resilien/us/374)

Reviewed-on: #26
Reviewed-by: killian <developer@killiankemps.fr>
 2022-02-14 14:15:55 +01:00
Simon c4735acbc5 chore(Nextcloud): Upgrade to 23.0.0 
https://nextcloud.com/changelog/#latest23
 2022-02-14 10:31:18 +01:00
Simon 9f9948950c feat(Docker): Add all sha256 on services 2022-02-14 10:18:03 +01:00
Simon b0a72c954c chore(Watchtower): Upgrade to 1.4.0 
https://github.com/containrrr/watchtower/releases/tag/v1.4.0
 2022-02-14 10:18:03 +01:00
Simon 60394b5c9d chore(Registry): Upgrade to 2.8.0 
https://github.com/distribution/distribution/releases/tag/v2.8.0
 2022-02-14 10:18:03 +01:00
Simon 7992eb4ffa chore(Prometheus): Upgrade to 2.33.3 
https://github.com/prometheus/prometheus/releases/tag/v2.33.3
 2022-02-14 10:18:03 +01:00
Simon 6bed3d6aa2 chore(Postgres): Upgrade to 14.2 
https://www.postgresql.org/docs/release/14.2/
 2022-02-14 10:18:03 +01:00
Simon fe99e604d7 chore(Grafana): Upgrade to 8.3.6 
https://github.com/grafana/grafana/releases/tag/v8.3.6
 2022-02-14 10:18:03 +01:00
Simon 31935e4acf chore(Gitea): Upgrade to 1.16.1 
https://github.com/go-gitea/gitea/releases/tag/v1.16.1
 2022-02-14 10:18:03 +01:00
Simon 3109e64b6d Merge pull request 'upgrade' (#25) from upgrade into main 
## Détails

- Mise à jour de :
  - Directus en [9.5.1](https://github.com/directus/directus/releases/tag/v9.5.1)
  - Grafana en [8.3.4](https://github.com/grafana/grafana/releases/tag/v8.3.4)
  - Prometheus en [2.33.1](https://github.com/prometheus/prometheus/releases/tag/v2.33.1)
  - Traefik en [2.6.0](https://github.com/traefik/traefik/releases/tag/v2.6.0)
  - Drone en [2.9.1](https://github.com/harness/drone/blob/master/CHANGELOG.md)
- fix une typo
- Mise à jour de la documentation

## Pourquoi

- Pour avoir les derniers fix de sécurité
- RésiLien n'a qu'une seul écriture :D
- Pour afficher vraiment tous les services

## Liens

- [ticket](https://tree.taiga.io/project/killiankemps-resilien/us/374)

Reviewed-on: #25
Reviewed-by: killian <developer@killiankemps.fr>
 2022-02-09 21:00:53 +01:00
Simon d6671e5f1b docs: Update services 2022-02-09 17:57:03 +01:00
Simon 7f4140dea6 typo: Résilien to RésiLien 2022-02-09 17:30:15 +01:00
Simon 478fbac2be chore(Directus): Upgrade to 9.5.1 
https://github.com/directus/directus/releases/tag/v9.5.1
 2022-02-07 10:33:27 +01:00
Simon 55430b3e8f chore(Grafana): Upgrade to 8.3.4 
https://github.com/grafana/grafana/releases/tag/v8.3.4
 2022-02-07 10:27:59 +01:00
Simon 23c932580f chore(Prometheus): Upgrade to 2.33.1 
https://github.com/prometheus/prometheus/releases/tag/v2.33.1
 2022-02-07 10:24:01 +01:00
Simon d75ffc2ad6 chore(Traefik): Upgrade to 2.6.0 
https://github.com/traefik/traefik/releases/tag/v2.6.0
 2022-02-07 10:21:25 +01:00
Simon c68c7ab749 chore(Drone): Upgrade to 2.9.1 
https://github.com/harness/drone/blob/master/CHANGELOG.md
 2022-02-07 10:21:25 +01:00
Simon 1b77dbfa48 Merge pull request 'fix(Postgres): Add container name or postgres by default on postgres host' (#23) from postgres into main 
## Détails

- Homogénéisation de la déclaration des _host_ Postgres

## Pourquoi

- Pour harmoniser notre code et surtout éviter des erreurs (par exemple pour Gitea on ne pouvait actuellement héberger seulement un seul Gitea sur un même serveur).

## Liens

- [ticket](https://tree.taiga.io/project/killiankemps-resilien/us/348)

Reviewed-on: #23
Reviewed-by: killian <developer@killiankemps.fr>
 2022-01-27 00:23:49 +01:00
Simon e301bb6b64 fix(Postgres): Add container name or postgres by default on postgres host 2022-01-27 00:23:22 +01:00
Simon 5e2338036e Merge pull request 'docs: Update documentation' (#24) from add_docs into main 
Reviewed-on: #24
 2022-01-26 11:26:48 +01:00
Simon 34e08f9183 docs: Update documentation 2022-01-26 10:59:42 +01:00
Simon cb5d8cf5ff Merge pull request 'feat(Drone): Add more configuration and split it' (#22) from drone into main 
## Détails

- intégration d'option pour l'utilisation de Drone
- séparation des docker-compose en plusieurs fichiers

## Pourquoi

- Pour permettre une configuration plus avancé de Drone
- Pour nous permettre d'intégrer facilement Drone avec les options que l'on veut

Reviewed-on: #22
Reviewed-by: killian <developer@killiankemps.fr>
 2022-01-26 10:54:06 +01:00
Simon 567349390c feat(Drone): Add more configuration and split it 2022-01-26 10:53:11 +01:00
Simon 87554f4ada Merge pull request 'Mise à jour des services' (#21) from upgrade into main 
## Détails

Mise à jour de l'ensemble des services

## Pourquoi

Pour être à jour au niveau des applications

Reviewed-on: #21
Reviewed-by: killian <developer@killiankemps.fr>
 2022-01-11 23:13:50 +01:00
Simon d23ab55885 chore(Directus): Upgrade to 9.4.3 
https://github.com/directus/directus/releases/tag/v9.4.3
 2022-01-11 23:12:56 +01:00
Simon 08d6448897 Merge pull request 'feat(Mobilizon): Add default port' (#20) from mobilizon into main 
## Détails

- ajout du port par défaut dans le fichier `mobilizon/docker-compose.yml`
- mise à jour du port dans le fichier `mobilizon/docker-compose.local.yml` utile surtout pour des tests locaux

## Pourquoi

Pour permettre d'éviter une configuration dans notre infrastructure et d'utiliser la valeur par défaut.

## Liens

- [Ticket](https://tree.taiga.io/project/killiankemps-resilien/task/256)
- [Voir la demande d'ajout coté infra](https://git.weko.io/resilien/infra/pulls/68/files#issuecomment-970)

Reviewed-on: https://git.weko.io/resilien/services/pulls/20
Reviewed-by: killian <developer@killiankemps.fr>
 2022-01-11 22:57:20 +01:00
Simon 26842cadd3 docs(Mobilizon): Mise à jour de la documentation 2022-01-10 10:52:17 +01:00
Simon 80250b899b feat(Mobilizon): Add default port 2022-01-10 10:51:49 +01:00
Simon 2c9b9257f9 feat(Mobilizon): Add new service 2022-01-05 00:41:26 +01:00
Simon bb99235ccc Merge pull request 'Modifications des hosts avec le nom des conteneurs' (#19) from fix_hosts into main 
## Détails

- Mise à jour des hosts dans docker compose
- Mise à jour du reverse proxy Nginx pour utiliser la variable
- Mise à jour de Nginx

## Pourquoi

- Pour utiliser le nom des containers comme addresse et non le nom des services déclarés dans docker compose sinon il peut y avoir des problèmes de communications entre les conteneurs
- La configuration du reverse proxy Nginx doit connaitre l'adresse du conteneur FPM pour rediriger les requêtes. Nginx met à disposition un système de template utilisant les variables d'environnement comme subtitution avec l'outil `envsubst`.
- Pour rester à jour

Reviewed-on: #19
 2022-01-03 18:19:00 +01:00
Simon 97f12a40bb chore(Nginx): Upgrade to 1.21.5 
http://nginx.org/en/CHANGES
 2022-01-03 18:01:02 +01:00
Simon dc1e627330 feat(Nextcloud): Nginx configuration use envsubst to use variable on Nextcloud fpm 2022-01-03 17:57:35 +01:00
Simon afa9b3a997 fix(Nextcloud): Update default host on postgres and redis 2022-01-03 14:42:34 +01:00
Simon 862a5f5228 Merge pull request 'feat(Directus): Split configuration and add SMTP variable' (#18) from directus into main 
Reviewed-on: #18
 2022-01-03 09:43:24 +01:00
Simon 23f2bf72df feat(Directus): Split configuration and add SMTP variable 2021-12-31 13:50:22 +01:00
Simon c3b9f78ef6 feat(Node-Exporter): Remove this service 
We don't use it, so I prefer remove it on this repository
 2021-12-29 15:33:08 +01:00
Simon e376de5443 feat(Prometheus): Add new service 2021-12-29 15:16:33 +01:00
Simon 3d61fa584d fix(Grafana): Remove unnecessary char $ 2021-12-29 14:55:06 +01:00
Simon b571aa1ecd chore(Directus): Upgrade to 9.4.0 
https://github.com/directus/directus/releases/tag/v9.4.0
 2021-12-28 17:42:12 +01:00
Simon c5b4223bbb docs(HedgeDoc): Add documentation to debug 2021-12-28 15:47:17 +01:00
Simon 132fb026c5 chore(HedgeDoc): Upgrade to 1.9.2 
https://github.com/hedgedoc/hedgedoc/releases/tag/1.9.2
 2021-12-28 15:46:56 +01:00
Simon bcb8aa8a2d chore(Grafana): Upgrade to 8.3.3 
https://github.com/grafana/grafana/releases/tag/v8.3.3
 2021-12-28 15:17:10 +01:00
Simon 126a4e2048 chore(Traefik): Upgrade to 2.5.6 
https://github.com/traefik/traefik/releases/tag/v2.5.6
 2021-12-28 15:13:13 +01:00
Simon 9f37a9695b Merge pull request 'Mise à jour de Grafana + ajout de variables de configuration' (#17) from grafana into main 
Reviewed-on: #17
 2021-12-13 16:59:01 +01:00
Simon 68d529fa21 feat(Grafana): Add more configuration variable 
- [GF_ANALYTICS_CHECK_FOR_UPDATES](https://grafana.com/docs/grafana/latest/administration/configuration/#check_for_updates) dans la doc la variable est à true par défaut, chez nous j'ai décidé de le mettre à _false_ pour éviter des requêtes toutes les 10 minutes...
- [GF_ANALYTICS_REPORTING_ENABLED](https://grafana.com/docs/grafana/latest/administration/configuration/#reporting_enabled) parreil sauf que c'est toutes les 24h
- [GF_SERVER_PROTOCOL](https://grafana.com/docs/grafana/latest/administration/configuration/#protocol) pour mettre en HTTPS facilement
 2021-12-13 16:54:18 +01:00
Simon 5ae74fc856 chore(Grafana): Upgrade to 8.3.2 
https://github.com/grafana/grafana/releases/tag/v8.3.2
 2021-12-13 16:43:39 +01:00
killian 84927499f6 Merge pull request 'fix(traefik): Fix YAML mapping' (#15) from fix-traefik into main 
Reviewed-on: #15
 2021-12-10 11:55:32 +01:00
Killian Kemps d5e3a4ff7a fix(traefik): Fix YAML mapping 2021-12-09 17:56:07 +01:00
Simon c6821a547f Merge pull request 'Configuration de Grafana' (#14) from grafana into main 
Reviewed-on: #14
 2021-11-28 15:49:26 +01:00
Simon 754f2f7834 docs(Grafana): Add documentation 2021-11-26 16:52:57 +01:00
Simon 43c38a6b97 feat(Grafana): Update default variable 2021-11-26 16:47:15 +01:00
Simon d69c601067 feat(Grafana): Add SMTP configuration 2021-11-26 16:41:02 +01:00
Simon 084bbd4168 feat(Grafana): Add redis configuration 2021-11-26 16:39:47 +01:00
Simon fc20ec584d feat(Grafana): Add postgres configuration 2021-11-26 16:39:10 +01:00
Simon ab9d57f9a2 feat(Grafana): Add more configuration 2021-11-26 16:36:37 +01:00
Simon f45b6eb13f feat(Grafana): Splite traefik configuration 2021-11-26 16:36:03 +01:00
Simon 2e99315fbc chore(Grafana) Upgrade to 8.2.5 
https://github.com/grafana/grafana/releases/tag/v8.2.5
 2021-11-26 16:33:58 +01:00
Simon 012823e1a3 Merge pull request 'fix(Nextcloud): Remove volume_from it's not valide on docker compose file v3' (#13) from nextcloud into main 
Reviewed-on: #13
 2021-11-24 18:03:18 +01:00
Simon 3d6d254f21 fix(Nextcloud): Remove volume_from it's not valide on docker compose file v3 
see https://stackoverflow.com/questions/45494746/docker-compose-volumes-from-usage-example
 2021-11-24 18:01:40 +01:00
Simon f705596bce Merge pull request 'feat(Nextcloud): Add configuration to PHP_UPLOAD_LIMIT' (#12) from nextcloud into main 
Reviewed-on: #12
 2021-11-24 17:18:03 +01:00
Simon 70aab13358 feat(Nextcloud): Add configuration to PHP_UPLOAD_LIMIT 
see documentation https://github.com/nextcloud/docker
 2021-11-24 17:17:28 +01:00
Simon a364dce66c Merge pull request 'fix(Traefik): Remove variable for traefik router name' (#11) from traefik into main 
Reviewed-on: #11
 2021-11-24 16:51:53 +01:00
Simon 563ce1ed90 fix(Traefik): Remove variable for traefik router name 2021-11-24 16:49:51 +01:00
Simon 514ba4bd42 Merge pull request 'Mise à jour de Traefik' (#10) from traefik into main 
Reviewed-on: #10
 2021-11-24 16:38:02 +01:00
Simon 57283af5af feat(Traefik): Add variable to configure traefik entrypoints name 2021-11-24 16:31:28 +01:00
Simon 185dc32625 feat(Traefik): Add variable to configure traefik router name 2021-11-24 16:31:28 +01:00
Simon b40f9ddde2 refactor(Traefik): Change syntax to accept variable 2021-11-24 16:31:28 +01:00
Simon 5bf6a8630c chore(Traefik): Upgrade to 2.5.4 
https://github.com/traefik/traefik/releases/tag/v2.5.4
 2021-11-24 16:31:28 +01:00
Simon e6ac037b11 Merge pull request 'feat(Nextcloud): Update docker-compose to add more configuration' (#9) from nextcloud into main 
Reviewed-on: #9
 2021-11-24 15:13:55 +01:00
Simon a231c5c1cf feat(Nextcloud): Update docker-compose to add more configuration 
_Détails

- Mise à jour de l'image docker nextcloud
- Mise à jour de l'image nginx
- Ajout d'une configuration spécifique Traefik séparé
- Ajout d'une configuration spécifique SMTP séparé
- Ajout d'une configuration spécifique pour lancer le container localemement
- Ajout de 2 variables pour configurer spécifiquement un PUID et PGID
- Suppression de la configuration Postgres spécifique pour utiliser le docker-compose généric
- Suppression de la configuration Redis spécifique pour utiliser le docker-compose généric

_Pourquoi

- Pour permettre une meilleure intégration dans l'infrastructure RésiLien
 2021-11-24 10:56:43 +01:00
Simon 23c1af409a Merge pull request 'Mise à jour de Postgres + configuration' (#8) from postgres into main 
Reviewed-on: #8
 2021-11-24 09:21:44 +01:00
Simon 04388d48f0 feat(Postgres): Add configuration of PUID and PGID 2021-11-23 22:30:09 +01:00
Simon 9793ae506d chore(Postgres): Upgrade to 14.1 
https://www.postgresql.org/docs/release/14.1/
 2021-11-23 22:05:46 +01:00
Simon 6ffd081de2 Merge pull request 'Ajout de documentation et de configuration pour Gitea' (#7) from gitea into main 
Reviewed-on: #7
 2021-11-16 14:24:26 +01:00
Simon 94c96bbd7d feat(Gitea): Add configuration to enable smtp 
https://docs.gitea.io/en-us/install-with-docker/#managing-deployments-with-environment-variables
https://docs.gitea.io/en-us/email-setup/
 2021-11-16 12:56:24 +01:00
Simon 5ecaffdfa2 feat(Gitea): Add configuration to enable prometheus metrics 
https://docs.gitea.io/en-us/config-cheat-sheet/#metrics-metrics
 2021-11-16 12:51:01 +01:00
Simon 8c802e3aa6 docs(Gitea): Add documentation to configure gitea with environment variables 2021-11-16 12:49:34 +01:00
Simon bed39a6286 Merge pull request 'feat(traefik_lb): Add a Traefik LB configuration' (#6) from traefik-lb into main 
Reviewed-on: #6
 2021-11-15 10:07:31 +01:00
Simon 3f3d0d92b1 feat(Traefik): Remove Traefik LB 2021-11-11 09:53:38 +01:00
Simon 165d984b35 feat(Traefik): Add ovh, secure, redirect configuration 2021-11-11 09:53:00 +01:00
Simon 39c2022925 feat(Traefik): Add accesslog configuration 2021-11-11 09:47:00 +01:00
Simon 6822fa5788 feat(Traefik): Add variable to configure Traefik 2021-11-11 09:45:30 +01:00
Simon 1b3604715a feat(Traefik): Add explicite traefik entrypoint 2021-11-11 09:43:12 +01:00
Simon 0de0b28958 fix(Traefik): Volume and network name 2021-11-11 09:37:33 +01:00
Killian Kemps abd1dd06fc feat(traefik_lb): Add a Traefik LB configuration 2021-11-03 12:23:09 +01:00
Simon 9786534a2e chore(Nextcloud): Upgrade to 22.2.0 
https://nextcloud.com/changelog/#22-2-0
 2021-10-25 10:50:40 +02:00
Simon 80004a4460 chore(Redis): Upgrade to 6.2.6 [SECURITY] 
https://github.com/redis/redis/releases/tag/6.2.6
 2021-10-25 10:42:42 +02:00
Simon 8ee63ec4b2 chore(Grafana): Upgrade to 8.2.2 
https://github.com/grafana/grafana/releases/tag/v8.2.2
 2021-10-25 10:33:04 +02:00
Simon fd5e12a201 chore(Gitea): Upgrade to 1.15.5 
https://github.com/go-gitea/gitea/releases/tag/v1.15.4
https://github.com/go-gitea/gitea/releases/tag/v1.15.5
 2021-10-25 09:53:20 +02:00
killian cd5366b34e Merge pull request 'docs: Add more documentation' (#5) from docs into main 
Reviewed-on: #5
 2021-10-23 16:07:16 +02:00
Killian Kemps f14f2cafeb style(doc): Fix some typos 2021-10-23 16:06:42 +02:00
Simon 50f2b22523 docs: Add more documentation 2021-10-23 00:45:25 +02:00
Simon 88af04b233 feat(Hedgedoc): Add configuration variables 
https://docs.hedgedoc.org/configuration/
 2021-10-11 09:23:11 +02:00
Simon 671d8e0d6d feat(Hedgedoc): Add authentication variable 
https://docs.hedgedoc.org/configuration/
 2021-10-11 09:09:57 +02:00
Simon d1b92e0a17 feat(Directus): Add variable for Traefik router name 2021-10-08 12:50:31 +02:00
Simon 6c4c387234 Merge pull request 'feat(Directus): Add new service' (#4) from directus into master 
Reviewed-on: weko/services#4
 2021-10-08 12:33:23 +02:00
Simon f204561f5f feat(Directus): Add new service 2021-10-08 12:30:49 +02:00
Simon 2fbb7ca0ca chore(Gitea): Upgrade to 1.15.3 
https://github.com/go-gitea/gitea/releases/tag/v1.15.3
 2021-09-27 11:06:54 +02:00
Simon 9f4327cae2 chore(Traefik): Upgrade to 2.5.3 
https://github.com/traefik/traefik/releases/tag/v2.5.3
 2021-09-27 10:54:56 +02:00
Simon 0d52bdfd59 chore(Grafana): Upgrade to 8.1.5 
https://github.com/grafana/grafana/releases/tag/v8.1.5
 2021-09-27 10:43:16 +02:00
Simon c8f242428a chore(Hedgedoc): Upgrade to 1.9.0 
https://github.com/linuxserver/docker-hedgedoc/releases/tag/1.9.0-ls31
 2021-09-27 10:27:14 +02:00
Simon b22d545ed6 fix(Hedgedoc): Backup uploaded files 
Environment variables take precedence over configurations from the config files, so don't backup it.
 2021-09-15 22:38:23 +02:00
123 changed files with 2315 additions and 535 deletions
Show Stats Expand all files Collapse all files

28
README.md
View File

@ -1,28 +1,38 @@
# Services
Vous trouverez dans ce dépôt l'ensemble des services Open Source que j'utilise et mets à jour quotidiennement.
Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien utilise et met à jour de façon presque hebdomadaire. L'ensemble des variables d'environnement enregistrées dans les fichiers `.env` est présent pour une logique d'exemple et n'a jamais été utilisé en production. Nous vous conseillons de ne jamais le faire si vous utilisez le dépôt.
## Liste des services
### Pour les utilisateurs
- [Directus](./directus) : Permet d'administrer une base de données
- [HedgeDoc](./hedgedoc) : Prise de note en Markdown collaborative en temps réel
- [listmonk](./listmonk) : Gestionnaire de listes de diffusion et de newsletter
- [Mobilizon](./mobilizon): Permet l'organisation d'évènements et de gestion de groupes
- [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration
- [Plausible](./plausible) : Plausible est une plateforme d'analyse Web légère et open source
- [Vaultwarden](./vaultwarden) : Gestionnaire de mot de passe compatible avec Bitwarden
- [Vikunja](./vikunja) : L'application pour organiser sa vie
### Pour les devs / ops
- [Drone](./drone) `en pause` : Un service d'intégration continue
- [Gitea](./gitea) : Un service Git auto-hébergé très simple à installer et à utiliser. Il est similaire à GitHub, Bitbucket ou Gitlab.
- [ClickHouse](./clickhouse) : Un logiciel libre de base de données orientée colonnes pour le traitement analytique en ligne
- [Drone](./drone) : Un service d'intégration continue
- [GeoIP Update](./geoipupdate) : Permet de télécharger la base de données GeoIP2 permettant de localiser les IPs
- [Gitea](./gitea) : Un service Git très simple à installer et à utiliser. Il est similaire à GitHub, Bitbucket ou Gitlab.
- [Grafana](./grafana) : Un outil de supervision simple et élégant
- [PostgreSQL](./postgres) : PostgreSQL est un système de gestion de base de données relationnelle et objet.
- [Prometheus](./prometheus) : Un logiciel de surveillance informatique
- [Docker Registry](./registry) : Une application qui permet de distribuer des images Docker
- [Redis](./redis) : Système de gestion de base de données clé-valeur extensible, très hautes performances
- [Registry Docker](./registry) : Une application qui permet de distribuer des images Docker
- [Traefik](./traefik) : Traefik, un reverse-proxy pour vos conteneurs
- [Watchtower](./watchtower) `en pause` : Automatiser la mise à jour d'image docker
- [Uptime Kuma](./uptimekuma) : outil de surveillance de site ou service WEB
- [Watchtower](./watchtower) : Automatiser la mise à jour d'image docker
## Comment ça marche ?
Vous pouvez réutiliser ce dépôt pour votre infrastructure. J'ai mis une documentation dans le dossier [_examples_](./examples).
Vous pouvez réutiliser ce dépôt pour vos services, il existe une documentation dans le dossier [_examples_](./examples).
### Docker et Docker Compose
@ -35,9 +45,11 @@ Voici les commandes de base :
### ./run
> 🚧 RésiLien a changé de façon de faire et nous n'utilisons plus les scripts `run`. Nous passons maintenant par Ansible. Les scripts ne seront plus mis à jour et finiront peut être par être supprimés. Utilisez les avec précaution.
Vous pourrez trouver dans les dossiers des services un script bash `run`. Le principe est de faciliter la maintenance de chaque service.
Vous pouvez lancer le script sans paramètre pour afficher la documentation du script.
Vous pouvez lancer le script sans paramètres pour afficher la documentation du script.
## Documentation
@ -55,6 +67,8 @@ En haut de chaque script il y a `set -eu` qui veut dire :
## Tâches
> 🚧 Ses tâches ne sont pas à jour
Général :
- [ ] Mettre en place une rotation des logs

3
clickhouse/.env Normal file
View File

@ -0,0 +1,3 @@
#CLICKHOUSE_VOLUME_NAME=
#CLICKHOUSE_CONTAINER_NAME=
#CLICKHOUSE_IMAGE=

16
clickhouse/README.md Normal file
View File

@ -0,0 +1,16 @@
# ClickHouse
> ClickHouse est un logiciel libre de base de données orientée colonnes (DBMS) pour le traitement analytique en ligne (OLAP).
>
> <cite>[Wikipédia][wikipedia]</cite>
## Liens
- [Site Officiel][site]
- [Code source][source]
- [Docker Hub][dockerhub]
[wikipedia]: https://fr.wikipedia.org/wiki/ClickHouse
[site]: https://clickhouse.com/
[source]: https://github.com/ClickHouse/ClickHouse
[dockerhub]: https://hub.docker.com/r/clickhouse/clickhouse-server

19
clickhouse/docker-compose.yml Normal file
View File

@ -0,0 +1,19 @@
version: "3.8"
volumes:
clickhouse:
name: ${CLICKHOUSE_VOLUME_NAME:-clickhouse}
services:
clickhouse:
container_name: ${CLICKHOUSE_CONTAINER_NAME:-clickhouse}
image: ${CLICKHOUSE_IMAGE:-clickhouse/clickhouse-server:22.2.2.1-alpine}
restart: always
volumes:
- clickhouse:/var/lib/clickhouse
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ulimits:
nofile:
soft: 262144
hard: 262144

56
directus/.env Normal file
View File

@ -0,0 +1,56 @@
########
# DOCKER
#DOCKER_CONTEXT=
#DOCKER_HOST=
SERVICES_DIR=..
COMPOSE_FILE=${SERVICES_DIR}/directus/docker-compose.yml:${SERVICES_DIR}/directus/docker-compose.traefik.yml:${SERVICES_DIR}/directus/docker-compose.smtp.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml
#COMPOSE_PROJECT_NAME=
##########
# DIRECTUS
#
# see https://github.com/directus/directus/blob/main/api/example.env
DIRECTUS_CONTAINER_NAME=directus_cool_life
DIRECTUS_DOMAIN=directus.cool.life
DIRECTUS_PUBLIC_URL=https://${DIRECTUS_DOMAIN}
DIRECTUS_KEY=255d861b-5ea1-5996-9aa3-922530ec40b1
DIRECTUS_SECRET=6116487b-cda1-52c2-b5b5-c8022c45e263
DIRECTUS_ADMIN_EMAIL=admin@example.com
DIRECTUS_ADMIN_PASSWORD=d1r3ctu5
EMAIL_FROM=no-reply@${DIRECTUS_DOMAIN}
EMAIL_SMTP_HOST=mail.example.org
#EMAIL_SMTP_PORT=
EMAIL_SMTP_USER=user
EMAIL_SMTP_PASSWORD=password
#EMAIL_SMTP_SECURE=
#EMAIL_SMTP_IGNORE_TLS=
# DIRECTUS_PUID=
# DIRECTUS_PGID=
##########
# POSTGRES
POSTGRES_USER=user-example
POSTGRES_PASSWORD=password-example
POSTGRES_DB=postgres-database-name-example
POSTGRES_CONTAINER_NAME=directus-postgres
POSTGRES_VOLUME_NAME=directus-postgres
#POSTGRES_IMAGE=
#######
# REDIS
#REDIS_IMAGE=
#REDIS_CONTAINER_NAME=
#REDIS_VOLUME_NAME=
#########
# TRAEFIK
#TRAEFIK_NETWORK_NAME=
#TRAEFIK_ROUTER_NAME= # Don't use char '.'
#TRAEFIK_ENTRYPOINTS=

18
directus/README.md Normal file
View File

@ -0,0 +1,18 @@
# Directus
> Directus wraps your new or existing SQL database with a realtime GraphQL+REST API for developers, and an intuitive admin app for non-technical users.
## Configuration
[De nombreuses variables d'environnement][documentation] peuvent être précisé pour configurer Directus.
## Liens
- [Site officiel][website]
- [Github][github]
- [L'image Docker][docker]
[website]: https://directus.io/
[docker]: https://hub.docker.com/r/directus/directus
[github]: https://github.com/directus/directus/
[documentation]: https://docs.directus.io/reference/environment-variables/

10
directus/docker-compose.redis.yml Normal file
View File

@ -0,0 +1,10 @@
---
version: "3.8"
services:
directus:
environment:
CACHE_ENABLED: 'true'
CACHE_STORE: 'redis'
CACHE_REDIS: 'redis://${REDIS_CONTAINER_NAME:-redis}:6379'

15
directus/docker-compose.smtp.yml Normal file
View File

@ -0,0 +1,15 @@
---
version: "3.8"
services:
directus:
environment:
EMAIL_TRANSPORT: smtp
EMAIL_FROM: ${EMAIL_FROM:?err}
EMAIL_SMTP_HOST: ${EMAIL_SMTP_HOST}
EMAIL_SMTP_PORT: ${EMAIL_SMTP_PORT:-465}
EMAIL_SMTP_USER: ${EMAIL_SMTP_USER:?err}
EMAIL_SMTP_PASSWORD: ${EMAIL_SMTP_PASSWORD:?err}
EMAIL_SMTP_SECURE: ${EMAIL_SMTP_SECURE:-true}
EMAIL_SMTP_IGNORE_TLS: ${EMAIL_SMTP_IGNORE_TLS:-false}

15
directus/docker-compose.traefik.yml Normal file
View File

@ -0,0 +1,15 @@
---
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME:-traefik}
services:
directus:
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-directus}.rule=Host(`${DIRECTUS_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-directus}.entrypoints=web

38
directus/docker-compose.yml Normal file
View File

@ -0,0 +1,38 @@
---
version: "3.8"
volumes:
directus:
name: ${DIRECTUS_VOLUME_NAME:-directus}
services:
directus:
container_name: ${DIRECTUS_CONTAINER_NAME:-directus}
image: ${DIRECTUS_IMAGE:-directus/directus:9.8.0}
restart: always
volumes:
- directus:/directus/uploads
depends_on:
- postgres
- redis
environment:
KEY: ${DIRECTUS_KEY:?err}
SECRET: ${DIRECTUS_SECRET:?err}
TELEMETRY: false
ADMIN_EMAIL: ${DIRECTUS_ADMIN_EMAIL:?err}
ADMIN_PASSWORD: ${DIRECTUS_ADMIN_PASSWORD:?err}
PUBLIC_URL: ${DIRECTUS_PUBLIC_URL:?err}
DB_CLIENT: 'pg'
DB_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8
DB_PORT: '5432'
DB_DATABASE: ${POSTGRES_DB:?err}
DB_USER: ${POSTGRES_USER:?err}
DB_PASSWORD: ${POSTGRES_PASSWORD:?err}
TZ: ${TZ:-Europe/Paris}
PUID: ${DIRECTUS_PUID:-1000}
PGID: ${DIRECTUS_PGID:-1000}

37
drone/.env
View File

@ -1,37 +0,0 @@
## DOCKER
COMPOSE_FILE=./docker-compose.yml:./docker-compose.gitea.yml:./docker-compose.traefik.yml
TRAEFIK_NETWORK_NAME=kifeart
## DRONE SERVER
# https://hub.docker.com/r/drone/drone/tags
DRONE_SERVER_IMAGE=drone/drone:1.7.0
DRONE_SERVER_VOLUME_NAME=drone-server
DRONE_SERVER_CONTAINER_NAME=drone-server
# https://docs.drone.io/server/reference/
DRONE_GIT_ALWAYS_AUTH=true
DRONE_RPC_SECRET=9VjG2Dj34Kdo2JYvn5iVxd7JjT5
DRONE_SERVER_HOST=ci.cool.life
DRONE_SERVER_PROTO=https
# https://docs.drone.io/server/provider/gitea/
DRONE_GITEA_SERVER=gitea.cool.life
DRONE_GITEA_CLIENT_ID=UI76T78G-HDZ8-7CSD-6SDZ-YUIDG8Z7DSQ8
DRONE_GITEA_CLIENT_SECRET=y9ruXnEqluXjKUcfs5yIFlH83yb1OpP32NCf0h5YJwg=
## DRONE RUNNER
# https://hub.docker.com/r/drone/drone-runner-docker/tags
DRONE_RUNNER_IMAGE=drone/drone-runner-docker:1.3.0
DRONE_RUNNER_CONTAINER_NAME=drone-runner
DRONE_RUNNER_CAPACITY=2
DRONE_RUNNER_HOST=ci-runner.cool.life
DRONE_RUNNER_NAME=ci-runner.cool.life
DRONE_RUNNER_UI_USERNAME=kosssi
DRONE_RUNNER_UI_PASSWORD=$not$a$password

16
drone/README.md
View File

@ -4,6 +4,22 @@
>
> <cite>[Codeflow][article]</cite>
## Documentation
Drone est un logiciel d'intégration continue léger. Il est utilisé comme plate-forme de test et/ou de livraison automatisée.
Le service est basé sur 2 briques :
- le coté serveur qui prend en compte les demande de l'extérieur avec une interface (_[server](./server)_)
- le coté exécution des tâches (_[runner](./runner)_).
### Génération de clé
Dans la documentation officielle, il est conseillé de générer les clés avec la commande :
```
openssl rand -hex 16
```
## Liens
- [Site internet][site]

10
drone/docker-compose.gitea.yml
View File

@ -1,10 +0,0 @@
version: "3.8"
# https://docs.drone.io/server/provider/gitea/
services:
drone-server:
environment:
DRONE_GITEA_SERVER: ${DRONE_GITEA_SERVER}
DRONE_GITEA_CLIENT_ID: ${DRONE_GITEA_CLIENT_ID}
DRONE_GITEA_CLIENT_SECRET: ${DRONE_GITEA_CLIENT_SECRET}

22
drone/docker-compose.traefik.yml
View File

@ -1,22 +0,0 @@
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME}
services:
drone-server:
labels:
traefik.enable: 'true'
traefik.docker.network: ${TRAEFIK_NETWORK_NAME}
traefik.http.routers.drone-server.rule: 'Host(`${DRONE_SERVER_HOST}`)'
traefik.http.routers.drone-server.entrypoints: 'web'
drone-runner:
labels:
traefik.enable: 'true'
traefik.docker.network: ${TRAEFIK_NETWORK_NAME}
traefik.http.routers.drone-runner.rule: 'Host(`${DRONE_RUNNER_HOST}`)'
traefik.http.routers.drone-runner.entrypoints: 'web'

41
drone/docker-compose.yml
View File

@ -1,41 +0,0 @@
version: "3.8"
volumes:
drone-server:
name: ${DRONE_SERVER_VOLUME_NAME}
services:
drone-server:
container_name: ${DRONE_SERVER_CONTAINER_NAME}
image: ${DRONE_SERVER_IMAGE}
restart: always
environment:
DRONE_GIT_ALWAYS_AUTH: ${DRONE_GIT_ALWAYS_AUTH}
DRONE_RPC_SECRET: ${DRONE_RPC_SECRET}
DRONE_SERVER_HOST: ${DRONE_SERVER_HOST}
DRONE_SERVER_PROTO: ${DRONE_SERVER_PROTO}
DRONE_LOGS_DEBUG: 'true'
volumes:
- drone-server:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
drone-runner:
container_name: ${DRONE_RUNNER_CONTAINER_NAME}
image: ${DRONE_RUNNER_IMAGE}
restart: always
depends_on:
- drone-server
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
DRONE_RPC_PROTO: http
DRONE_RPC_HOST: ${DRONE_SERVER_CONTAINER_NAME}
DRONE_RPC_SECRET: ${DRONE_RPC_SECRET}
DRONE_RUNNER_CAPACITY: ${DRONE_RUNNER_CAPACITY}
DRONE_RUNNER_NAME: ${DRONE_RUNNER_NAME}
DRONE_UI_USERNAME: ${DRONE_RUNNER_UI_USERNAME}
DRONE_UI_PASSWORD: ${DRONE_RUNNER_UI_PASSWORD}
DRONE_DEBUG: 'true'

36
drone/runner/.env Normal file
View File

@ -0,0 +1,36 @@
########
# DOCKER
#DOCKER_CONTEXT=
#DOCKER_HOST=
SERVICES_DIR=../..
COMPOSE_FILE=${SERVICES_DIR}/drone/runner/docker-compose.yml:${SERVICES_DIR}/drone/runner/docker-compose.traefik.yml:${SERVICES_DIR}/drone/runner/docker-compose.dashboard.yml
#COMPOSE_PROJECT_NAME=
## DRONE RUNNER
#https://docs.drone.io/runner/docker/configuration/reference/
### Docker
# https://hub.docker.com/r/drone/drone-runner-docker/tags
DRONE_RUNNER_IMAGE=drone/drone-runner-docker:1.8.0
DRONE_RUNNER_CONTAINER_NAME=drone-server
### Drone
# https://docs.drone.io/runner/docker/installation/linux/
DRONE_RPC_HOST=drone.cool.life
DRONE_RPC_PROTO=https
DRONE_RPC_SECRET=change-me
DRONE_RUNNER_HOST=ci-runner.cool.life
DRONE_RUNNER_CAPACITY=2
DRONE_RUNNER_NAME=drone-runner
DRONE_UI_USERNAME=resilien
DRONE_UI_PASSWORD=change-me
DRONE_UI_DISABLE=false
#########
# TRAEFIK
#TRAEFIK_NETWORK_NAME=
#TRAEFIK_ROUTER_NAME= # Don't use char '.'
#TRAEFIK_ENTRYPOINTS=

11
drone/runner/README.md Normal file
View File

@ -0,0 +1,11 @@
# Drone CI Runner
Il existe plusieurs _runner_ nous parlerons ici que du _runner_ Docker.
## Installation
L'installation de la partie _runner_ a été coupée en plusieurs fichiers dont les noms sont assez explicites. De nombreux liens vers la documentation officielle ont été mis dans les fichiers _Docker Compose_.
Il est possible de mettre en place une interface utilisateur pour visualiser les logs, les tâches exécutées. C'est pratique pour débugger.
Le coté multiplatforme permet d'avoir plusieurs _runner_ sur des architectures différentes selon là où on les déploie.

15
drone/runner/docker-compose.dashboard.yml Normal file
View File

@ -0,0 +1,15 @@
---
version: "3.8"
# https://docs.drone.io/runner/docker/configuration/dashboard/
services:
drone-runner:
environment:
# https://docs.drone.io/runner/docker/configuration/reference/drone-ui-username/
DRONE_UI_USERNAME: ${DRONE_UI_USERNAME:?err}
# https://docs.drone.io/runner/docker/configuration/reference/drone-ui-password/
DRONE_UI_PASSWORD: ${DRONE_UI_PASSWORD:?err}
# https://docs.drone.io/runner/docker/configuration/reference/drone-ui-disable/
DRONE_UI_DISABLE: ${DRONE_UI_DISABLE:-false}

8
drone/runner/docker-compose.local.yml Normal file
View File

@ -0,0 +1,8 @@
---
version: "3.8"
services:
drone-runner:
ports:
- "3000:3000"

15
drone/runner/docker-compose.logging.yml Normal file
View File

@ -0,0 +1,15 @@
---
version: "3.8"
# https://docs.drone.io/runner/docker/configuration/logging/
services:
drone-runner:
environment:
# https://docs.drone.io/runner/docker/configuration/reference/drone-debug/
DRONE_DEBUG: ${DRONE_DEBUG:-false}
# https://docs.drone.io/runner/docker/configuration/reference/drone-rpc-dump-http/
DRONE_RPC_DUMP_HTTP: ${DRONE_RPC_DUMP_HTTP:-false}
# https://docs.drone.io/runner/docker/configuration/reference/drone-rpc-dump-http-body/
DRONE_RPC_DUMP_HTTP_BODY: ${DRONE_RPC_DUMP_HTTP_BODY-:false}

15
drone/runner/docker-compose.traefik.yml Normal file
View File

@ -0,0 +1,15 @@
---
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME}
services:
drone-runner:
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-drone-runner}.rule=Host(`${DRONE_RUNNER_HOST:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-drone-runner}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}

26
drone/runner/docker-compose.yml Normal file
View File

@ -0,0 +1,26 @@
---
version: "3.8"
# https://docs.drone.io/runner/docker/installation/linux/
services:
drone-runner:
container_name: ${DRONE_RUNNER_CONTAINER_NAME}
image: ${DRONE_RUNNER_IMAGE:-drone/drone-runner-docker:1.8.0}
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
# https://docs.drone.io/runner/docker/configuration/reference/drone-rpc-host/
DRONE_RPC_HOST: ${DRONE_RPC_HOST:?err}
# https://docs.drone.io/runner/docker/configuration/reference/drone-rpc-proto/
DRONE_RPC_PROTO: ${DRONE_RPC_PROTO:-https}
# https://docs.drone.io/runner/docker/configuration/reference/drone-rpc-secret/
DRONE_RPC_SECRET: ${DRONE_RPC_SECRET:?err}
# https://docs.drone.io/runner/docker/configuration/reference/drone-runner-capacity/
DRONE_RUNNER_CAPACITY: ${DRONE_RUNNER_CAPACITY:-2}
# https://docs.drone.io/runner/docker/configuration/reference/drone-runner-name/
DRONE_RUNNER_NAME: ${DRONE_RUNNER_NAME}

65
drone/server/.env Normal file
View File

@ -0,0 +1,65 @@
########
# DOCKER
#DOCKER_CONTEXT=
#DOCKER_HOST=
SERVICES_DIR=../..
COMPOSE_FILE=${SERVICES_DIR}/drone/server/docker-compose.yml:${SERVICES_DIR}/drone/server/docker-compose.user.yml:${SERVICES_DIR}/drone/server/docker-compose.traefik.yml:${SERVICES_DIR}/drone/server/docker-compose.postgres.yml:${SERVICES_DIR}/drone/server/docker-compose.header.yml:${SERVICES_DIR}/drone/server/docker-compose.gitea.yml:${SERVICES_DIR}/drone/server/docker-compose.cookie.yml:${SERVICES_DIR}/postgres/docker-compose.yml
#COMPOSE_PROJECT_NAME=
## DRONE SERVER
# https://docs.drone.io/server/reference/
### Docker
# https://hub.docker.com/r/drone/drone/tags
DRONE_SERVER_IMAGE=drone/drone:2.8.0
DRONE_SERVER_VOLUME_NAME=drone-server
DRONE_SERVER_CONTAINER_NAME=drone-server
### Drone
DRONE_RPC_SECRET=change-me
DRONE_SERVER_HOST=ci.cool.life
DRONE_SERVER_PROTO=https
### User
DRONE_ADMIN_USER=resilien
DRONE_ADMIN_TOKEN=change-me
DRONE_USER_FILTER=resilien
DRONE_REGISTRATION_CLOSED=true
### Gitea
# https://docs.drone.io/server/provider/gitea/
#DRONE_GIT_ALWAYS_AUTH=
DRONE_GITEA_SERVER=gitea.cool.life
DRONE_GITEA_CLIENT_ID=UI76T78G-HDZ8-7CSD-6SDZ-YUIDG8Z7DSQ8
DRONE_GITEA_CLIENT_SECRET=change-me
## Header
# https://docs.drone.io/server/headers/
#DRONE_HTTP_SSL_REDIRECT=
#DRONE_HTTP_SSL_TEMPORARY_REDIRECT=
#DRONE_HTTP_SSL_HOST=
#DRONE_HTTP_STS_SECONDS=
### Cookie
# https://docs.drone.io/server/cookie/
DRONE_COOKIE_SECRET=change-me
#DRONE_COOKIE_TIMEOUT=720h
### POSTGRES
# https://docs.drone.io/server/storage/encryption/
DRONE_DATABASE_SECRET=change-me
POSTGRES_USER=user
POSTGRES_PASSWORD=password
POSTGRES_VOLUME_NAME=postgres
POSTGRES_CONTAINER_NAME=postgres
POSTGRES_DB=drone
#########
# TRAEFIK
#TRAEFIK_NETWORK_NAME=
#TRAEFIK_ROUTER_NAME= # Don't use char '.'
#TRAEFIK_ENTRYPOINTS=

41
drone/server/README.md Normal file
View File

@ -0,0 +1,41 @@
# Drone CI Server
## Installation
L'installation de la partie serveur a été coupée en plusieurs fichiers dont les noms sont assez explicites. De nombreux liens vers la documentation officielle ont été mis dans les fichiers _Docker Compose_.
## Configuration
Une fois un Drone installé il faut le configurer avec l'utilisation du CLI.
### Installation du CLI
Voir la [documentation officielle](https://docs.drone.io/cli/install/#install-on-linux).
### Configuration du CLI en local
Il faut :
- l'url de l'instance (`DRONE_SERVER_HOST`)
- le protocol de l'instance (`DRONE_SERVER_PROTO`)
- le token de l'administrateur (`DRONE_ADMIN_TOKEN`)
```
export DRONE_SERVER=${DRONE_SERVER_PROTO}://${DRONE_SERVER_HOST}
export DRONE_TOKEN=${DRONE_ADMIN_TOKEN}
```
[Documentation officielle](https://docs.drone.io/cli/configure/)
### Les utilisateurs
Il faut ajouter les utilisateurs non admin :
```
drone user add kosssi
drone user add killian
drone user add prometheus --machine --token=${PROMETHEUS_TOKEN}
```
En n'oubliant pas au moment de l'installation d'identifier précisément les utilisateurs ayant le droit d'exécuter Drone avec la variable `DRONE_USER_FILTER=kosssi,killian,prometheus,${DRONE_ADMIN_USER}`
[Documentation officielle](https://docs.drone.io/cli/user/drone-user-add/)

13
drone/server/docker-compose.cookie.yml Normal file
View File

@ -0,0 +1,13 @@
---
version: "3.8"
# https://docs.drone.io/server/cookie/
services:
drone-server:
environment:
# https://docs.drone.io/server/reference/drone-cookie-secret/
DRONE_COOKIE_SECRET: ${DRONE_COOKIE_SECRET:?err}
# https://docs.drone.io/server/reference/drone-cookie-timeout/
DRONE_COOKIE_TIMEOUT: ${DRONE_COOKIE_TIMEOUT:-720h} # Default value 30 days

17
drone/server/docker-compose.gitea.yml Normal file
View File

@ -0,0 +1,17 @@
---
version: "3.8"
# https://docs.drone.io/server/provider/gitea/
services:
drone-server:
environment:
# https://docs.drone.io/server/reference/drone-git-always-auth/
DRONE_GIT_ALWAYS_AUTH: ${DRONE_GIT_ALWAYS_AUTH:-true}
# https://docs.drone.io/server/reference/drone-gitea-server/
DRONE_GITEA_SERVER: ${DRONE_GITEA_SERVER:?err}
# https://docs.drone.io/server/reference/drone-gitea-client-id/
DRONE_GITEA_CLIENT_ID: ${DRONE_GITEA_CLIENT_ID:?err}
# https://docs.drone.io/server/reference/drone-gitea-client-secret/
DRONE_GITEA_CLIENT_SECRET: ${DRONE_GITEA_CLIENT_SECRET:?err}

13
drone/server/docker-compose.header.yml Normal file
View File

@ -0,0 +1,13 @@
---
version: "3.8"
# https://docs.drone.io/server/headers/
services:
drone-server:
environment:
DRONE_HTTP_SSL_REDIRECT: ${DRONE_HTTP_SSL_REDIRECT:-true}
DRONE_HTTP_SSL_TEMPORARY_REDIRECT: ${DRONE_HTTP_SSL_TEMPORARY_REDIRECT:-true}
DRONE_HTTP_SSL_HOST: ${DRONE_SERVER_HOST}
DRONE_HTTP_STS_SECONDS: ${DRONE_HTTP_STS_SECONDS:-315360000}

8
drone/server/docker-compose.local.yml Normal file
View File

@ -0,0 +1,8 @@
---
version: "3.8"
services:
drone-server:
ports:
- "3000:3000"

19
drone/server/docker-compose.logging.yml Normal file
View File

@ -0,0 +1,19 @@
---
version: "3.8"
# https://docs.drone.io/server/logging/
services:
drone-server:
environment:
# https://docs.drone.io/server/reference/drone-logs-debug/
DRONE_LOGS_DEBUG: ${DRONE_LOGS_DEBUG:-true}
# https://docs.drone.io/server/reference/drone-logs-text/
DRONE_LOGS_TEXT: ${DRONE_LOGS_TEXT:-true}
# https://docs.drone.io/server/reference/drone-logs-pretty/
DRONE_LOGS_PRETTY: ${DRONE_LOGS_PRETTY:-true}
# https://docs.drone.io/server/reference/drone-logs-color/
DRONE_LOGS_COLOR: ${DRONE_LOGS_COLOR:-true}
# https://docs.drone.io/server/reference/drone-logs-trace/
DRONE_LOGS_TRACE: ${DRONE_LOGS_TRACE:-false}

16
drone/server/docker-compose.postgres.yml Normal file
View File

@ -0,0 +1,16 @@
---
version: "3.8"
# https://docs.drone.io/server/storage/database/
# https://docs.drone.io/server/storage/encryption/
services:
drone-server:
environment:
# https://docs.drone.io/server/reference/drone-database-secret/
DRONE_DATABASE_SECRET: ${DRONE_DATABASE_SECRET}
# https://docs.drone.io/server/reference/drone-database-driver/
DRONE_DATABASE_DRIVER: postgres
# https://docs.drone.io/server/reference/drone-database-datasource/
DRONE_DATABASE_DATASOURCE: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@${POSTGRES_CONTAINER_NAME:-postgres}:5432/${POSTGRES_DB:?err}?sslmode=disable

15
drone/server/docker-compose.traefik.yml Normal file
View File

@ -0,0 +1,15 @@
---
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME}
services:
drone-server:
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-drone-server}.rule=Host(`${DRONE_SERVER_HOST:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-drone-server}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}

15
drone/server/docker-compose.user.yml Normal file
View File

@ -0,0 +1,15 @@
---
version: "3.8"
# https://docs.drone.io/server/user/registration/
services:
drone-server:
environment:
# https://docs.drone.io/server/reference/drone-user-create/
DRONE_USER_CREATE: username:${DRONE_ADMIN_USER:?err},machine:false,admin:true,token:${DRONE_ADMIN_TOKEN:?err}
# https://docs.drone.io/server/reference/drone-user-filter/
DRONE_USER_FILTER: ${DRONE_USER_FILTER:?err}
# https://docs.drone.io/server/reference/drone-registration-closed/
DRONE_REGISTRATION_CLOSED: ${DRONE_REGISTRATION_CLOSED:-true}

24
drone/server/docker-compose.yml Normal file
View File

@ -0,0 +1,24 @@
---
version: "3.8"
volumes:
drone-server:
name: ${DRONE_SERVER_VOLUME_NAME:-drone-server}
services:
drone-server:
container_name: ${DRONE_SERVER_CONTAINER_NAME:-drone-server}
image: ${DRONE_SERVER_IMAGE:-drone/drone:2.11.1}
restart: always
environment:
# https://docs.drone.io/server/reference/drone-rpc-secret/
DRONE_RPC_SECRET: ${DRONE_RPC_SECRET}
# https://docs.drone.io/server/reference/drone-server-host/
DRONE_SERVER_HOST: ${DRONE_SERVER_HOST}
# https://docs.drone.io/server/reference/drone-server-proto/
DRONE_SERVER_PROTO: ${DRONE_SERVER_PROTO:-https}
volumes:
- drone-server:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro

2
examples/README.md
View File

@ -13,3 +13,5 @@ Si nous allons dans le dossier `traefik.cool.life` par example, il est possible
## DOCKER_HOST
Si vous gérez des serveurs à distance, il est possible d'utiliser la variable `DOCKER_HOST` dans votre fichier `.env` pour expliquer que le service doit sexécuter sur ce serveur.
> RésiLien utilise maintenant ce système avec une génération automatique des fichiers .env à l'aide d'Ansible, nous permettant de facilement déployer un nouveau service, de le déplacer de serveur

9
geoip/.env Normal file
View File

@ -0,0 +1,9 @@
#GEOIP_VOLUME_NAME=
#GEOIP_IMAGE=
#GEOIP_CONTAINER_NAME=
#GEOIP_EDITION_IDS=
GEOIP_LICENSE_KEY=blablabla
#GEOIP_DOWNLOAD_PATH=
#GEOIP_SCHEDULE=
#GEOIP_LOG_LEVEL=

22
geoip/docker-compose.yml Normal file
View File

@ -0,0 +1,22 @@
---
version: "3.8"
volumes:
geoip:
name: ${GEOIP_VOLUME_NAME:-geoip}
services:
geoip:
image: ${GEOIP_IMAGE:-crazymax/geoip-updater:latest}
container_name: ${GEOIP_CONTAINER_NAME:-geoip-updater}
restart: always
volumes:
- geoip:${GEOIP_DOWNLOAD_PATH:-/data}
environment:
EDITION_IDS: ${GEOIP_EDITION_IDS:-GeoLite2-City}
LICENSE_KEY: ${GEOIP_LICENSE_KEY:-err}
DOWNLOAD_PATH: ${GEOIP_DOWNLOAD_PATH:-/data}
SCHEDULE: ${GEOIP_SCHEDULE:-0 0 * * 0} # Every Sunday
LOG_LEVEL: ${GEOIP_LOG_LEVEL:-info}
LOG_JSON: ${GEOIP_LOG_JSON:-false}

10
geoipupdate/.env Normal file
View File

@ -0,0 +1,10 @@
#GEOIPUPDATE_VOLUME_NAME=
#GEOIPUPDATE_IMAGE=
#GEOIPUPDATE_CONTAINER_NAME=
GEOIPUPDATE_ACCOUNT_ID=<change-me>
GEOIPUPDATE_LICENSE_KEY=<change-me>
#GEOIPUPDATE_EDITION_IDS=
#GEOIPUPDATE_FREQUENCY=
#GEOIPUPDATE_VERBOSE=
#GEOIPUPDATE_DB_DIR=

14
geoipupdate/README.md Normal file
View File

@ -0,0 +1,14 @@
# HedgeDoc
> Permet de télécharger la base de données GeoIP2 permettant de localiser les IPs
## Liens
- [Site officiel][website]
- [Github][github]
- [L'image Docker de LinuxServer][docker]
[website]: https://www.maxmind.com/en/home
[docker]: https://hub.docker.com/r/maxmindinc/geoipupdate
[github]: https://github.com/maxmind/geoipupdate
[documentation]: https://dev.maxmind.com/geoip/updating-databases

22
geoipupdate/docker-compose.yml Normal file
View File

@ -0,0 +1,22 @@
---
version: "3.8"
volumes:
geoipupdate:
name: ${GEOIPUPDATE_VOLUME_NAME:-geoipupdate}
services:
geoipupdate:
image: ${GEOIPUPDATE_IMAGE:-maxmindinc/geoipupdate:v4.9.0}
container_name: ${GEOIPUPDATE_CONTAINER_NAME:-geoip-updater}
restart: always
volumes:
- geoipupdate:${GEOIPUPDATE_DB_DIR:-/usr/share/GeoIP}
environment:
GEOIPUPDATE_ACCOUNT_ID: ${GEOIPUPDATE_ACCOUNT_ID:?err}
GEOIPUPDATE_LICENSE_KEY: ${GEOIPUPDATE_LICENSE_KEY:?err}
GEOIPUPDATE_EDITION_IDS: ${GEOIPUPDATE_EDITION_IDS:-GeoLite2-City}
GEOIPUPDATE_FREQUENCY: ${GEOIPUPDATE_FREQUENCY:-72}
GEOIPUPDATE_VERBOSE: ${GEOIPUPDATE_VERBOSE:-false}
GEOIPUPDATE_DB_DIR: ${GEOIPUPDATE_DB_DIR:-/usr/share/GeoIP}

36
gitea/.env
View File

@ -1,26 +1,34 @@
COMPOSE_FILE=../postgres/docker-compose.yml:./docker-compose.yml:./docker-compose.override.yml
########
# DOCKER
# APP
SERVICES_DIR=".."
COMPOSE_FILE=${SERVICES_DIR}/gitea/docker-compose.yml:${SERVICES_DIR}/gitea/docker-compose.traefik.yml:${SERVICES_DIR}/gitea/docker-compose.smtp.yml:${SERVICES_DIR}/gitea/docker-compose.metrics.yml:${SERVICES_DIR}/postgres/docker-compose.yml
COMPOSE_PROJECT_NAME=$GITEA_DOMAIN
GITEA_VOLUME_NAME=gitea
GITEA_PROTOCOL=http
GITEA_DOMAIN=gitea.lan
# APP CONFIG
#######
# GITEA
# https://docs.gitea.io/en-us/install-with-docker/#environments-variables
DISABLE_SSH=true
RUN_MODE=prod
ROOT_URL=${GITEA_PROTOCOL}://${GITEA_DOMAIN}
DISABLE_REGISTRATION=true
DISABLE_GRAVATAR=true
#INSTALL_LOCK=true
GITEA_DOMAIN=gitea.lan
GITEA_VOLUME_NAME=gitea
GITEA_IMAGE=gitea/gitea:1.18.4
GITEA_PROTOCOL=http
GITEA_SECRET_KEY=kt5UdK0m9lI9MDyhVOFEB5jk7VwFynDyaxcUjEJUpWJBrC6FyH4dkUDKLYEa7hGn
GITEA_INTERNAL_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NzY5NzkxMzZ9.Iopu6DBUhglmNPzEyYylfmTmEUpYLHYEsNrm50GoBkU
# SMTP
GITEA__mailer__FROM='"Name" <email@example.com>'
GITEA__mailer__SMTP_ADDR=smtp.gitea.lan
GITEA__mailer__SMTP_PORT=465
GITEA__mailer__USER=gitea.lan
GITEA__mailer__PASSWD=gitea.lan
# DATABASE
# Voir la description ../postgres/README.md
POSTGRES_USER=user-example
POSTGRES_PASSWORD=password-example
POSTGRES_DB=postgres-database-name-example
POSTGRES_CONTAINER_NAME=gitea-postgres
POSTGRES_VOLUME_NAME=gitea-postgres
POSTGRES_IMAGE=postgres:15.2-alpine

2
gitea/README.md
View File

@ -4,6 +4,8 @@
>
> <cite>[Documentation][documentation]</cite>
Il est possible de configurer l'intégralité du service à l'aide de variable d'environnement voir [la documentation officielle](https://docs.gitea.io/en-us/install-with-docker/#managing-deployments-with-environment-variables).
## Commandes
```sh

6
gitea/docker-compose.metrics.yml Normal file
View File

@ -0,0 +1,6 @@
version: "3.8"
services:
gitea:
environment:
- GITEA__METRICS__ENABLED=true

14
gitea/docker-compose.smtp.yml Normal file
View File

@ -0,0 +1,14 @@
version: "3.8"
services:
gitea:
environment:
- GITEA__mailer__ENABLED=true
- GITEA__mailer__PROTOCOL=${GITEA__mailer__PROTOCOL:-smtp}
- GITEA__mailer__SMTP_ADDR=${GITEA__mailer__SMTP_ADDR:?GITEA__mailer__SMTP_ADDR not set}
- GITEA__mailer__SMTP_PORT=${GITEA__mailer__SMTP_PORT:?GITEA__mailer__SMTP_PORT not set}
- GITEA__mailer__USER=${GITEA__mailer__USER:?GITEA__mailer__USER not set}
- GITEA__mailer__PASSWD="""${GITEA__mailer__PASSWD:?GITEA__mailer__PASSWD not set}"""
- GITEA__mailer__FROM=${GITEA__mailer__FROM:?GITEA__mailer__FROM not set}

12
gitea/docker-compose.traefik.yml
View File

@ -7,10 +7,8 @@ networks:
services:
gitea:
labels:
traefik.enable: 'true'
traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik}
traefik.http.routers.gitea.rule: 'Host(`${GITEA_DOMAIN:?err}`)'
traefik.http.routers.gitea.entrypoints: 'web'
traefik.http.services.gitea.loadbalancer.server.port: '3000'
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-gitea}.rule=Host(`${GITEA_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-gitea}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
- traefik.http.services.${TRAEFIK_ROUTER_NAME:-gitea}.loadbalancer.server.port=3000

22
gitea/docker-compose.yml
View File

@ -7,16 +7,22 @@ volumes:
services:
gitea:
container_name: ${GITEA_CONTAINER_NAME:-gitea}
image: ${GITEA_IMAGE:-gitea/gitea:1.15.2}
image: ${GITEA_IMAGE:-gitea/gitea:1.18.4}
restart: always
environment:
# - USER_UID=1000
# - USER_GID=1000
DB_TYPE: postgres
DB_HOST: postgres:5432
DB_NAME: ${POSTGRES_DB}
DB_USER: ${POSTGRES_USER}
DB_PASSWD: ${POSTGRES_PASSWORD}
- USER_UID=${GITEA_UID:-1000}
- USER_GID=${GITEA_GID:-1000}
# Database
- GITEA__database__DB_TYPE=postgres
- GITEA__database__HOST=${POSTGRES_CONTAINER_NAME:-postgres}:5432
- GITEA__database__NAME=${POSTGRES_DB}
- GITEA__database__USER=${POSTGRES_USER}
- GITEA__database__PASSWD=${POSTGRES_PASSWORD}
# Security
# docker run -it --rm gitea/gitea:1 gitea generate secret SECRET_KEY
- GITEA__security__SECRET_KEY=${GITEA_SECRET_KEY}
# docker run -it --rm gitea/gitea:1 gitea generate secret INTERNAL_TOKEN
- GITEA__security__INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN}
volumes:
- gitea:/data
- /etc/timezone:/etc/timezone:ro

47
grafana/.env
View File

@ -1,3 +1,48 @@
########
# DOCKER
#DOCKER_CONTEXT=
#DOCKER_HOST=
SERVICES_DIR=..
COMPOSE_FILE=${SERVICES_DIR}/grafana/docker-compose.yml:${SERVICES_DIR}/grafana/docker-compose.traefik.yml
#COMPOSE_PROJECT_NAME=
#########
# GRAFANA
GRAFANA_DOMAIN=grafana.cool.life
#GRAFANA_VOLUME_NAME=
#GRAFANA_CONTAINER_NAME=
#GRAFANA_IMAGE=
GF_SECURITY_ADMIN_USER=admin
GF_SECURITY_ADMIN_PASSWORD=admin
GF_SECURITY_ADMIN_PASSWORD=password
#GF_SECURITY_DISABLE_GRAVATAR=
#GF_SECURITY_COOKIE_SECURE=
#GF_USERS_ALLOW_SIGN_UP=
GF_INSTALL_PLUGINS=grafana-piechart-panel
######
# SMTP
#GF_SMTP_HOST=
#GF_SMTP_USER=
#GF_SMTP_PASSWORD=
#GF_SMTP_FROM_ADDRESS=
#GF_SMTP_FROM_NAME=
#######
# REDIS
#REDIS_IMAGE=
#REDIS_CONTAINER_NAME=
#REDIS_VOLUME_NAME=
#GF_REMOTE_CACHE_CONNSTR=
#########
# TRAEFIK
#TRAEFIK_NETWORK_NAME=
#TRAEFIK_ROUTER_NAME= # Don't use char '.'
#TRAEFIK_ENTRYPOINTS=

19
grafana/README.md Normal file
View File

@ -0,0 +1,19 @@
# Grafana
> Grafana est un logiciel libre sous licence GNU Affero General Public License Version 32 (anciennement sous licence Apache 2.0 avant avril 2021) qui permet la visualisation de données. Il permet de réaliser des tableaux de bord et des graphiques depuis plusieurs sources dont des bases de données temporelles comme Graphite (en), InfluxDB et OpenTSDB3.
>
> -- <cite>[Wikipédia](https://fr.wikipedia.org/wiki/Grafana)</cite>
## 🔧 Configuration
La configuration du service ce base sur la documentation officielle, plusieurs pages sont intéressantes à lire :
- [Lancer l'image Docker de Grafana](https://grafana.com/docs/grafana/latest/installation/docker/)
- [Configuration l'image Docker Grafana](https://grafana.com/docs/grafana/latest/administration/configure-docker/)
- [Surcharger la configuration à l'aide des variables d'environment](https://grafana.com/docs/grafana/latest/administration/configuration/#override-configuration-with-environment-variables)
## 🔗 Liens
- [Site officiel](https://grafana.com)
- [La documentation](https://grafana.com/docs)
- [Github](https://github.com/grafana/grafana)
- [L'image Docker sur Docker Hub](https://hub.docker.com/r/grafana/grafana)

11
grafana/docker-compose.postgres.yml Normal file
View File

@ -0,0 +1,11 @@
version: "3.8"
services:
grafana:
environment:
# https://grafana.com/docs/grafana/latest/administration/configuration/#database
GF_DATABASE_TYPE: postgres
GF_DATABASE_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8
GF_DATABASE_NAME: ${POSTGRES_DB:?err}
GF_DATABASE_USER: ${POSTGRES_USER:?err}
GF_DATABASE_PASSWORD: ${POSTGRES_PASSWORD:?err}

8
grafana/docker-compose.redis.yml Normal file
View File

@ -0,0 +1,8 @@
version: "3.8"
services:
grafana:
environment:
# https://grafana.com/docs/grafana/latest/administration/configuration/#remote_cache
GF_REMOTE_CACHE_TYPE: redis
GF_REMOTE_CACHE_CONNSTR: ${GF_REMOTE_CACHE_CONNSTR:-addr=redis:6379,ssl=false}

12
grafana/docker-compose.smtp.yml Normal file
View File

@ -0,0 +1,12 @@
version: "3.8"
services:
grafana:
environment:
# https://grafana.com/docs/grafana/latest/administration/configuration/#smtp
GF_SMTP_ENABLED: true
GF_SMTP_HOST: ${GF_SMTP_HOST:?err} # with port
GF_SMTP_USER: ${GF_SMTP_USER:?err}
GF_SMTP_PASSWORD: ${GF_SMTP_PASSWORD:?err}
GF_SMTP_FROM_ADDRESS: ${GF_SMTP_FROM_ADDRESS:?err}
GF_SMTP_FROM_NAME: ${GF_SMTP_FROM_NAME:?err}

13
grafana/docker-compose.traefik.yml Normal file
View File

@ -0,0 +1,13 @@
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME:-traefik}
services:
grafana:
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-grafana}.rule=Host(`${GRAFANA_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-grafana}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}

20
grafana/docker-compose.yml
View File

@ -1,9 +1,5 @@
---
version: "3"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME:-traefik}
version: "3.8"
volumes:
grafana:
@ -12,17 +8,17 @@ volumes:
services:
grafana:
container_name: ${GRAFANA_CONTAINER_NAME:-grafana}
image: ${GRAFANA_IMAGE:-grafana/grafana:8.1.3}
image: ${GRAFANA_IMAGE:-grafana/grafana:8.4.6}
restart: always
volumes:
- grafana:/var/lib/grafana
environment:
GF_ANALYTICS_CHECK_FOR_UPDATES: ${GF_ANALYTICS_CHECK_FOR_UPDATES:-false}
GF_ANALYTICS_REPORTING_ENABLED: ${GF_ANALYTICS_REPORTING_ENABLED:-false}
GF_INSTALL_PLUGINS: ${GF_INSTALL_PLUGINS}
GF_SECURITY_ADMIN_USER: ${GF_SECURITY_ADMIN_USER:?err}
GF_SECURITY_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD:?err}
GF_SECURITY_DISABLE_GRAVATAR: ${GF_SECURITY_DISABLE_GRAVATAR:-true}
GF_SECURITY_COOKIE_SECURE: ${GF_SECURITY_COOKIE_SECURE:-true}
GF_SERVER_PROTOCOL: ${GF_SERVER_PROTOCOL:-http}
GF_USERS_ALLOW_SIGN_UP: ${GF_USERS_ALLOW_SIGN_UP:-false}
GF_INSTALL_PLUGINS: ${GF_INSTALL_PLUGINS}
labels:
traefik.enable: 'true'
traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik}
traefik.http.routers.grafana.rule: 'Host(`${GRAFANA_DOMAIN:?err}`)'
traefik.http.routers.grafana.entrypoints: 'web'

19
hedgedoc/README.md
View File

@ -11,7 +11,7 @@ La configuration est séparé en 3 fichiers :
## Configuration
[De nombreuses variables d'environnement][documentation] peuvent être précisé pour configurer HedgeDoc.
[De nombreuses variables d'environnement][documentation] peuvent être précisé pour configurer HedgeDoc, elles n'ont pas tous été intégrées.
Modifier les variables dans le fichier [`.env`](../examples/hedgedoc.example.com/.env).
@ -21,6 +21,23 @@ Lancer le service :
docker-compose up -d
```
## Debug
### Se connecter à la base de données
```shell
. .env
docker exec -it $POSTGRES_CONTAINER_NAME psql $POSTGRES_DB -U $POSTGRES_USER
```
### Traitement des notes vides
```
SELECT count(*) FROM public."Notes" WHERE content = '';
SELECT * FROM public."Notes" WHERE content = '';
DELETE FROM public."Notes" WHERE content = '';
```
## Liens
- [Site officiel][website]

11
hedgedoc/docker-compose.yml
View File

@ -7,24 +7,27 @@ volumes:
services:
hedgedoc:
container_name: ${HEDGEDOC_CONTAINER_NAME:-hedgedoc}
image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.8.2-ls23}
image: ${HEDGEDOC_IMAGE:-linuxserver/hedgedoc:1.9.3-ls53}
restart: always
depends_on:
- postgres
volumes:
- hedgedoc:/config
- hedgedoc:/config/uploads
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
# https://docs.hedgedoc.org/configuration/
CMD_DB_URL: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@${POSTGRES_CONTAINER_NAME}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:?err}
CMD_DB_URL: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@${POSTGRES_CONTAINER_NAME:-postgres}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:?err}
CMD_DOMAIN: ${HEDGEDOC_DOMAIN:?err}
CMD_SESSION_SECRET: ${CMD_SESSION_SECRET:?err}
NODE_ENV: ${NODE_ENV:-development} # `production` or `development`
CMD_PROTOCOL_USESSL: ${CMD_PROTOCOL_USESSL:-false}
CMD_ALLOW_GRAVATAR: ${CMD_ALLOW_GRAVATAR:-true}
CMD_ALLOW_ANONYMOUS: ${CMD_ALLOW_ANONYMOUS:-true}
CMD_ALLOW_ANONYMOUS_EDITS: ${CMD_ALLOW_ANONYMOUS_EDITS:-false}
CMD_ALLOW_FREEURL: ${CMD_ALLOW_FREEURL:-false}
CMD_ALLOW_EMAIL_REGISTER: ${CMD_ALLOW_EMAIL_REGISTER:-true}
CMD_REQUIRE_FREEURL_AUTHENTICATION: ${CMD_REQUIRE_FREEURL_AUTHENTICATION:-false}
CMD_DEFAULT_PERMISSION: ${CMD_DEFAULT_PERMISSION:-editable}
CMD_ALLOW_EMAIL_REGISTER: ${CMD_ALLOW_EMAIL_REGISTER:-true}
PGID: ${PGID:-1000}
PUID: ${PUID:-1000}

26
listmonk/.env Normal file
View File

@ -0,0 +1,26 @@
########
# DOCKER
#DOCKER_CONTEXT=
#DOCKER_HOST=
SERVICES_DIR=..
COMPOSE_FILE=${SERVICES_DIR}/listmonk/docker-compose.yml:${SERVICES_DIR}/postgres/docker-compose.yml
#COMPOSE_PROJECT_NAME=
## APP
LISTMONK_DOMAIN=localhost
LISTMONK_ADMIN_USERNAME=
LISTMONK_ADMIN_PASSWORD=
#LISTMONK_CONTAINER_NAME=listmonk
#LISTMONK_VOLUME_NAME=listmonk
#LISTMONK_IMAGE=listmonk/listmonk:v2.3.0
## POSTGRES
#POSTGRES_VOLUME_NAME=
#POSTGRES_CONTAINER_NAME=
#POSTGRES_IMAGE=
POSTGRES_USER=listmonk
POSTGRES_PASSWORD=listmonk
POSTGRES_DB=listmonk

37
listmonk/README.md Normal file
View File

@ -0,0 +1,37 @@
# listmonk
> Gestionnaire de listes de diffusion et de newsletter
## Documentation
listmonk ne gère actuellement pas le multicompte.
Pour utiliser avec une configuration avec les variables d'environnements il faut la commande suivante :
```
command: [sh, -c, "./listmonk --config ''"]
```
Pour l'installation il faut lancer la commande suivante pour initialiser la base de donnée :
```
command: [sh, -c, "yes | ./listmonk --install --config '' && ./listmonk --config ''"]
```
Pour faire les mise à jour et ainsi migrer la base de donnée :
```
command: [sh, -c, "yes | ./listmonk --upgrade --config '' && ./listmonk --config ''"]
```
## Liens
- [Site Officiel][site]
- [Documentation][documentation]
- [Code source][source]
- [Docker Hub][dockerhub]
[site]: https://listmonk.app/
[source]: https://github.com/knadh/listmonk
[documentation]: https://listmonk.app/docs/
[dockerhub]: https://hub.docker.com/r/listmonk/listmonk

40
listmonk/docker-compose.yml Normal file
View File

@ -0,0 +1,40 @@
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME:-traefik}
volumes:
listmonk:
name: ${LISTMONK_VOLUME_NAME:-listmonk}
services:
listmonk:
container_name: ${LISTMONK_CONTAINER_NAME:-listmonk}
image: ${LISTMONK_IMAGE:-listmonk/listmonk:v2.3.0}
restart: always
#command: [sh, -c, "yes | ./listmonk --install --config '' && ./listmonk --config ''"]
#command: [sh, -c, "yes | ./listmonk --upgrade --config '' && ./listmonk --config ''"]
command: [sh, -c, "./listmonk --config ''"]
depends_on:
- postgres
environment:
LISTMONK_app__address: 0.0.0.0:9000
LISTMONK_app__admin_username: ${LISTMONK_ADMIN_USERNAME:?err}
LISTMONK_app__admin_password: ${LISTMONK_ADMIN_PASSWORD:?err}
LISTMONK_db__host: ${POSTGRES_CONTAINER_NAME:?err}
LISTMONK_db__port: 5432
LISTMONK_db__user: ${POSTGRES_USER:?err}
LISTMONK_db__password: ${POSTGRES_PASSWORD:?err}
LISTMONK_db__database: ${POSTGRES_DB:?err}
LISTMONK_db__ssl_mode: disable
TZ: Europe/Paris
volumes:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- listmonk:/listmonk/uploads
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-listmonk}.rule=Host(`${LISTMONK_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-listmonk}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}

63
mobilizon/.env Normal file
View File

@ -0,0 +1,63 @@
########
# DOCKER
#DOCKER_CONTEXT=
#DOCKER_HOST=
SERVICES_DIR=..
COMPOSE_FILE=${SERVICES_DIR}/mobilizon/docker-compose.yml:${SERVICES_DIR}/mobilizon/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/geoip/docker-compose.yml
#COMPOSE_PROJECT_NAME=
############
## MOBILIZON
MOBILIZON_INSTANCE_NAME="RésiLien - Mobilizon"
MOBILIZON_DOMAIN=mobilizon.lan
#MOBILIZON_INSTANCE_PORT=4000
MOBILIZON_INSTANCE_EMAIL=no-reply@mobilizon.lan
MOBILIZON_REPLY_EMAIL=contact@mobilizon.lan
MOBILIZON_ADMIN_EMAIL=admin@mobilizon.lan
MOBILIZON_INSTANCE_REGISTRATIONS_OPEN=true
MOBILIZON_INSTANCE_SECRET_KEY_BASE=changethis
MOBILIZON_INSTANCE_SECRET_KEY=changethis
MOBILIZON_SMTP_SERVER=localhost
MOBILIZON_SMTP_HOSTNAME=localhost
MOBILIZON_SMTP_PORT=25
MOBILIZON_SMTP_SSL=false
MOBILIZON_SMTP_USERNAME=noreply@mobilizon.lan
MOBILIZON_SMTP_PASSWORD=password
#MOBILIZON_PUID=
#MOBILIZON_PGID=
#######
# GEOIP
#GEOIP_VOLUME_NAME=
#GEOIP_IMAGE=
#GEOIP_CONTAINER_NAME=
#GEOIP_EDITION_IDS=
GEOIP_LICENSE_KEY=
#GEOIP_DOWNLOAD_PATH=
#GEOIP_SCHEDULE=
#GEOIP_LOG_LEVEL=
##########
# POSTGRES
POSTGRES_USER=mobilizon_user
POSTGRES_PASSWORD=mobilizon_password
POSTGRES_DB=mobilizon_db
#POSTGRES_CONTAINER_NAME=mobilizon_postgres
#POSTGRES_VOLUME_NAME=mobilizon_postgres
POSTGRES_IMAGE=kartoza/postgis:14-3.1
#########
# TRAEFIK
#TRAEFIK_NETWORK_NAME=
#TRAEFIK_ROUTER_NAME= # Don't use char '.'
#TRAEFIK_ENTRYPOINTS=

23
mobilizon/README.md Normal file
View File

@ -0,0 +1,23 @@
# Mobilizon
> Mobilizon est un logiciel libre d'organisation d'évènements et de gestion de groupes (Meet-up) lancé en octobre 2020 par Framasoft pour proposer une alternative libre aux plateformes des GAFAM (Facebook, Meetup.com, EventBrite).
>
> -- <cite>[Wikipedia](https://fr.wikipedia.org/wiki/Mobilizon)</cite>
On peut retrouver la documentation sur le [site officiel](https://docs.joinmobilizon.org/fr/).
## Configuration
Mobilizon utilise de la géolocalisation pour les évènements et du coup il faut :
- une base de données spécifique _[PostGIS](https://fr.wikipedia.org/wiki/PostGIS)_ qui se base sur _Postgres_. Actuellement la configuration de l'image Docker Postgres est compatible il faut donc juste changer le nom de l'image et utiliser [kartoza/postgis](https://hub.docker.com/r/kartoza/postgis) à la place.
- un fichier GeoLite2 et pour cela il faut créer une clé pour accéder au service en ligne de [maxmind](https://www.maxmind.com), on utilise ensuite l'image docker [geoip-updater](https://crazymax.dev/geoip-updater/install/docker/) de crazymax pour automatiser le téléchargement et la mise à jour du fichier.
## Liens
- 🌐 [Site website](https://joinmobilizon.org)
- 🔢 [voir les instances](https://instances.joinmobilizon.org/instances)
- 💻 Source officiel :
- [le logiciel](https://framagit.org/framasoft/mobilizon)
- [l'image _Docker_](https://framagit.org/framasoft/joinmobilizon/docker)
- 📜 [Documentation](https://docs.joinmobilizon.org)
- 🐳 [Docker Hub](https://hub.docker.com/r/framasoft/mobilizon)

8
mobilizon/docker-compose.local.yml Normal file
View File

@ -0,0 +1,8 @@
---
version: "3.8"
services:
mobilizon:
ports:
- "${MOBILIZON_INSTANCE_PORT:-4000}:${MOBILIZON_PORT:-4000}"

15
mobilizon/docker-compose.traefik.yml Normal file
View File

@ -0,0 +1,15 @@
---
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME:-traefik}
services:
mobilizon:
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-mobilizon}.rule=Host(`${MOBILIZON_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-mobilizon}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}

47
mobilizon/docker-compose.yml Normal file
View File

@ -0,0 +1,47 @@
---
version: "3.8"
volumes:
mobilizon:
name: ${MOBILIZON_VOLUME_NAME:-mobilizon}
services:
mobilizon:
container_name: ${MOBILIZON_CONTAINER_NAME:-mobilizon}
image: ${MOBILIZON_IMAGE:-framasoft/mobilizon:2.0.2}
restart: always
depends_on:
- postgres
- geoip
volumes:
- mobilizon:/var/lib/mobilizon/uploads
# - ${PWD}/config.exs:/etc/mobilizon/config.exs:ro
- geoip:/var/lib/mobilizon/geo_db
environment:
MOBILIZON_INSTANCE_NAME: ${MOBILIZON_INSTANCE_NAME}
MOBILIZON_INSTANCE_HOST: ${MOBILIZON_DOMAIN}
MOBILIZON_INSTANCE_PORT: ${MOBILIZON_INSTANCE_PORT:-4000}
MOBILIZON_INSTANCE_EMAIL: ${MOBILIZON_INSTANCE_EMAIL}
MOBILIZON_REPLY_EMAIL: ${MOBILIZON_REPLY_EMAIL}
MOBILIZON_ADMIN_EMAIL: ${MOBILIZON_ADMIN_EMAIL}
MOBILIZON_INSTANCE_REGISTRATIONS_OPEN: ${MOBILIZON_INSTANCE_REGISTRATIONS_OPEN:-false}
MOBILIZON_DATABASE_USERNAME: ${POSTGRES_USER}
MOBILIZON_DATABASE_PASSWORD: ${POSTGRES_PASSWORD}
MOBILIZON_DATABASE_DBNAME: ${POSTGRES_DB}
MOBILIZON_DATABASE_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8
MOBILIZON_INSTANCE_SECRET_KEY_BASE: ${MOBILIZON_INSTANCE_SECRET_KEY_BASE:?err}
MOBILIZON_INSTANCE_SECRET_KEY: ${MOBILIZON_INSTANCE_SECRET_KEY:?err}
MOBILIZON_SMTP_SERVER: ${MOBILIZON_SMTP_SERVER:?err}
MOBILIZON_SMTP_HOSTNAME: ${MOBILIZON_SMTP_HOSTNAME:?err}
MOBILIZON_SMTP_PORT: ${MOBILIZON_SMTP_PORT:?err}
MOBILIZON_SMTP_SSL: ${MOBILIZON_SMTP_SSL:?err}
MOBILIZON_SMTP_USERNAME: ${MOBILIZON_SMTP_USERNAME:?err}
MOBILIZON_SMTP_PASSWORD: ${MOBILIZON_SMTP_PASSWORD:?err}
PUID: ${MOBILIZON_PUID:-1000}
PGID: ${MOBILIZON_PGID:-1000}

44
nextcloud/.env
View File

@ -1,23 +1,51 @@
## DOCKER
########
# DOCKER
COMPOSE_FILE=./docker-compose.yml
#DOCKER_CONTEXT=
#DOCKER_HOST=
TRAEFIK_NETWORK_NAME=kifeart
SERVICES_DIR=..
COMPOSE_FILE=${SERVICES_DIR}/nextcloud/docker-compose.yml:${SERVICES_DIR}/nextcloud/docker-compose.config.yml:${SERVICES_DIR}/nextcloud/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/redis/docker-compose.yml
#COMPOSE_PROJECT_NAME=
## APP
NEXTCLOUD_DOMAIN=nextcloud.cool.life
NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_DOMAIN}
NEXTCLOUD_CONTAINER_NAME=nextcloud
NEXTCLOUD_VOLUME_NAME=nextcloud
NEXTCLOUD_DOMAIN=nextcloud.cool.life
NEXTCLOUD_ADMIN_USER: user
NEXTCLOUD_ADMIN_PASSWORD: password
NEXTCLOUD_ADMIN_USER=user
NEXTCLOUD_ADMIN_PASSWORD=password
# DATABASE
# Voir la description ../postgres/README.md
#SMTP_HOST=mail.test.org
#SMTP_SECURE=
#SMTP_PORT=
#SMTP_AUTHTYPE=
#SMTP_NAME=test@test.org
#SMTP_PASSWORD=blablablabla
#MAIL_FROM_ADDRESS=no-reply
#MAIL_DOMAIN=test.org
##########
# POSTGRES
POSTGRES_USER=user-example
POSTGRES_PASSWORD=password-example
POSTGRES_DB=postgres-database-name-example
POSTGRES_CONTAINER_NAME=nextcloud-postgres
POSTGRES_VOLUME_NAME=nextcloud-postgres
#POSTGRES_IMAGE=
#######
# REDIS
#REDIS_IMAGE=
REDIS_CONTAINER_NAME=nextcloud-redis
#REDIS_VOLUME_NAME=
#########
# TRAEFIK
#TRAEFIK_NETWORK_NAME=
#TRAEFIK_ROUTER_NAME= # Don't use char '.'
#TRAEFIK_ENTRYPOINTS=

87
nextcloud/README.md
View File

@ -10,47 +10,82 @@
>
> -- <cite>[Github][github]</cite>
On peut trouver [la documentation ici][documentation].
On peut trouver [la documentation ici][documentation] en anglais ou ici pour la [traduction française](https://doc-nextcloud-fr.indie.host/fr/) fait par [IndieHosters](https://indiehosters.net/) et [Paquerette](https://paquerette.eu/).
## Aide
```sh
docker exec --user www-data -it nextcloud bash
Commande pour se connecter à un serveur :
docker-compose exec --user www-data nextcloud php occ db:add-missing-primary-keys
```sh
. .env
docker exec --user www-data -it ${NEXTCLOUD_CONTAINER_NAME}-fpm ash
```
Pour mettre un site en maintenance :
```sh
. .env
docker exec --user www-data -it ${NEXTCLOUD_CONTAINER_NAME}-fpm php occ maintenance:mode --on
```
## Configuration
Il est possible de configurer certaines parties avec des variables d'environnement, mais ce n'est pas le cas de l'ensemble de la configuration.
Il est possible de configurer certaines parties avec des variables d'environnement :
- Soit les variables sont spécifique à l'image Docker
- soit avec des variables du type `NC_` + clé (exemple : NC_default_phone_region=FR)
Voici les modifications que j'effectue :
### Création d'un groupe
```
docker-compose exec --user www-data nextcloud-fpm ash
vi config/config.php
```
Ajout de la configuration suivante :
```
'default_language' => 'fr',
'default_locale' => 'fr_FR',
'default_phone_region' => 'FR',
'defaultapp' => 'files',
'preview_max_x' => 2048,
'preview_max_y' => 2048,
'jpeg_quality' => 60,
export NC_GROUP=com-en-aubrac
php occ group:add $NC_GROUP
```
Ajout de imagemagick :
```
docker-compose exec nextcloud-fpm apk add --no-cache imagemagick
```
ou
### Création d'un utilisateur
```
ssh <server>
docker exec nextcloud-fpm apk add --no-cache imagemagick
# La variable OC_PASS est spécifique pour l'utilisation de --password-from-env
export OC_PASS=unmotdepasse!
export NC_USER=simon
export NC_NAME=Simon
export NC_MAIL=simon@example.org
export NC_QUOTA="180 GB"
php occ user:add --password-from-env --display-name=$NC_NAME --group="$NC_GROUP" $NC_USER
php occ user:setting $NC_USER settings email $NC_MAIL
```
### Quota
Pour bien comprendre les quotas dans Nextcloud : https://docs.nextcloud.com/server/latest/user_manual/en/files/quota.html
```
export NC_USER=simon
export NC_QUOTA="10 GB"
php occ user:setting $NC_USER files quota "$NC_QUOTA"
```
### imagemagick
> Le module php-imagick na aucun support SVG dans cette instance. Pour une meilleure compatibilité, il est recommandé de linstaller.
Pour résoudre ce problème il faut ajouter le paquet `imagemagick`
```
. .env
docker exec -it ${NEXTCLOUD_CONTAINER_NAME}-fpm apk add --no-cache imagemagick
```
## Application
Suppression d'application :
```
php occ app:disable dashboard
php occ app:disable photos
php occ app:disable weather_status
php occ app:disable user_status
```
## PHP-FPM: remédier à server reached pm.max_children

21
nextcloud/docker-compose.config.yml Normal file
View File

@ -0,0 +1,21 @@
---
version: "3.8"
services:
nextcloud-fpm:
environment:
&nextcloud-configuration
NC_trashbin_retention_obligation: ${NC_trashbin_retention_obligation:-auto, 30}
NC_force_language: ${NC_force_language:-fr}
NC_default_locale: ${NC_default_locale:-fr_FR}
NC_force_locale: ${NC_force_locale:-fr_FR}
NC_default_language: ${NC_default_language:-fr}
NC_default_phone_region: ${NC_default_phone_region:-FR}
NC_defaultapp: ${NC_defaultapp:-files}
NC_preview_max_x: ${NC_preview_max_x:-2048}
NC_preview_max_y: ${NC_preview_max_y:-2048}
NC_jpeg_quality: ${NC_jpeg_quality:-60}
nextcloud-cron:
environment:
<<: *nextcloud-configuration

6
nextcloud/docker-compose.local.yml Normal file
View File

@ -0,0 +1,6 @@
version: "3.8"
services:
nextcloud-web:
ports:
- ${LOCAL_PORT:-80}:80

18
nextcloud/docker-compose.smtp.yml Normal file
View File

@ -0,0 +1,18 @@
version: "3.8"
services:
nextcloud-fpm:
environment:
&smtp-configuration
NC_mail_smtphost: ${NC_mail_smtphost:?err} # The hostname of the SMTP server.
NC_mail_smtpsecure: ${NC_mail_smtpsecure:-ssl} # Set to ssl to use SSL, or tls to use STARTTLS.
NC_mail_smtpport: ${NC_mail_smtpport:-465}
NC_mail_smtpauthtype: ${NC_mail_smtpauthtype:-LOGIN}
NC_mail_smtpname: ${NC_mail_smtpname:?err}
NC_mail_smtppassword: ${NC_mail_smtppassword:?err}
NC_mail_from_address: ${NC_mail_from_address:?err}
NC_mail_domain: ${NC_mail_domain:?err}
nextcloud-cron:
environment:
<<: *smtp-configuration

18
nextcloud/docker-compose.traefik.yml Normal file
View File

@ -0,0 +1,18 @@
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME:-traefik}
services:
nextcloud-web:
environment:
TRUSTED_PROXIES: ${TRAEFIK_NETWORK_NAME:-traefik}
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-nextcloud}.rule=Host(`${NEXTCLOUD_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-nextcloud}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-nextcloud}.middlewares=nextcloud_redirect
- traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav
- traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/

108
nextcloud/docker-compose.yml
View File

@ -1,98 +1,60 @@
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME}
volumes:
nextcloud:
name: ${NEXTCLOUD_VOLUME_NAME}
nextcloud-postgres:
name: ${POSTGRES_VOLUME_NAME}
name: ${NEXTCLOUD_VOLUME_NAME:-nextcloud}
services:
nextcloud-fpm:
container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm
image: ${NEXTCLOUD_IMAGE:-nextcloud:25.0.2-fpm-alpine}
restart: always
depends_on:
- postgres
- redis
volumes:
- nextcloud:/var/www/html
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
&fpm-configuration
NEXTCLOUD_TRUSTED_DOMAINS: ${NEXTCLOUD_TRUSTED_DOMAINS?err}
NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER?err}
NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD?err}
OVERWRITEPROTOCOL: ${OVERWRITEPROTOCOL:-https}
PHP_UPLOAD_LIMIT: ${PHP_UPLOAD_LIMIT:-512M}
POSTGRES_HOST: ${POSTGRES_CONTAINER_NAME:-postgres} # Default name is same as ../postgres/docker-compose.yml:8
POSTGRES_USER: ${POSTGRES_USER:?err}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?err}
POSTGRES_DB: ${POSTGRES_DB:?err}
REDIS_HOST: ${REDIS_CONTAINER_NAME:-redis} # Default name is same as ../redis/docker-compose.yml:4
PUID: ${NEXTCLOUD_PUID:-1000}
PGID: ${NEXTCLOUD_PGID:-1000}
nextcloud-web:
container_name: nextcloud-web
build: ./web
container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-web
build: ${SERVICES_DIR}/nextcloud/web
restart: always
environment:
NEXTCLOUD_FPM_CONTAINER_NAME: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-fpm
PUID: ${NEXTCLOUD_PUID:-1000}
PGID: ${NEXTCLOUD_PGID:-1000}
depends_on:
- nextcloud-fpm
volumes:
- nextcloud:/var/www/html
labels:
traefik.enable: 'true'
traefik.docker.network: ${TRAEFIK_NETWORK_NAME}
traefik.http.routers.nextcloud-fpm.rule: 'Host(`${NEXTCLOUD_DOMAIN}`)'
traefik.http.routers.nextcloud-fpm.entrypoints: 'web'
traefik.http.routers.nextcloud-fpm.middlewares: nextcloud_redirect
traefik.http.middlewares.nextcloud_redirect.redirectregex.regex: /.well-known/(card|cal)dav
traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement: /remote.php/dav/
nextcloud-fpm:
container_name: nextcloud-fpm
image: ${NEXTCLOUD_IMAGE:-nextcloud:22.1.1-fpm-alpine}
restart: always
hostname: ${NEXTCLOUD_DOMAIN}
depends_on:
- nextcloud-postgres
- nextcloud-redis
volumes:
- nextcloud:/var/www/html
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
NEXTCLOUD_TRUSTED_DOMAINS: ${NEXTCLOUD_DOMAIN}
NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER}
NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD}
OVERWRITEPROTOCOL: 'https'
APACHE_DISABLE_REWRITE_IP: '1'
TRUSTED_PROXIES: ${TRAEFIK_NETWORK_NAME}
OVERWRITEPROTOCOL: 'https'
POSTGRES_HOST: ${POSTGRES_CONTAINER_NAME}
POSTGRES_DB: ${POSTGRES_DB}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_USER: ${POSTGRES_USER}
REDIS_HOST: 'nextcloud-redis'
PUID: 1001
PGID: 119
nextcloud-postgres:
container_name: ${POSTGRES_CONTAINER_NAME}
image: ${POSTGRES_IMAGE:-postgres:12.8-alpine}
restart: always
environment:
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DB: ${POSTGRES_DB}
PUID: 1001
PGID: 119
volumes:
- nextcloud-postgres:/var/lib/postgresql/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
nextcloud-redis:
image: ${REDIS_IMAGE:-redis:6.2.5-alpine}
container_name: nextcloud-redis
restart: always
environment:
PUID: 1001
PGID: 119
volumes:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
nextcloud-cron:
image: ${NEXTCLOUD_IMAGE:-nextcloud:22.1.1-fpm-alpine}
container_name: nextcloud-cron
image: ${NEXTCLOUD_IMAGE:-nextcloud:25.0.2-fpm-alpine}
container_name: ${NEXTCLOUD_CONTAINER_NAME:-nextcloud}-cron
restart: always
depends_on:
- nextcloud-web
entrypoint: /cron.sh
environment:
PUID: 1001
PGID: 119
<<: *fpm-configuration
volumes:
- nextcloud:/var/www/html
- /etc/timezone:/etc/timezone:ro

49
nextcloud/run
View File

@ -1,49 +0,0 @@
#!/bin/bash
set -eu
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
. $DIR/../help.sh
. $DIR/../postgres/run --only-source
nextcloud_help() {
echo "./run backup : Lancement de la sauvegarde de Nextcloud"
echo "./run restore : Restauration de la sauvegarde de Nextcloud"
}
nextcloud_backup() {
script_env
BACKUP_DATE_DEFAULT=`date +%Y%m%d_%H%M%S`
BACKUP_DATE=${BACKUP_DATE:-$BACKUP_DATE_DEFAULT}
backup_folder_create
POSTGRES_BACKUP_FILE=backups/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_postgres.sql
docker-compose exec --user www-data nextcloud php occ maintenance:mode --on
postgres_backup
docker run -it --rm -v $HOME/backups/${NEXTCLOUD_DOMAIN}:/backup --volumes-from nextcloud alpine:3.12.3 ash -c "cd /var/www/html && tar cvf /backup/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_files.tar ."
docker-compose exec --user www-data nextcloud php occ maintenance:mode --off
}
nextcloud_restore() {
script_env
postgres_restore
docker run -it --rm -v $HOME/backups/${NEXTCLOUD_DOMAIN}:/backup -v nextcloud:/var/www/html alpine:3.12.3 ash -c "cd /var/www/html && tar xvf /backup/${BACKUP_DATE}_${NEXTCLOUD_DOMAIN}_files.tar --strip 1"
}
if [ $# -ge 1 ]; then
if [ "${1}" == "backup" ]; then
script_start
nextcloud_backup
script_end
elif [ "${1}" == "restore" ]; then
script_start
nextcloud_restore
script_end
elif [ "${1}" != "--only-source" ]; then
nextcloud_help
fi
else
nextcloud_help
fi

4
nextcloud/web/Dockerfile
View File

@ -1,3 +1,3 @@
FROM nginx:1.21.1-alpine
FROM nginx:1.23.3-alpine
COPY nginx.conf /etc/nginx/nginx.conf
COPY nextcloud.conf.template /etc/nginx/templates/default.conf.template

145
nextcloud/web/nextcloud.conf.template Normal file
View File

@ -0,0 +1,145 @@
upstream php-handler {
server ${NEXTCLOUD_FPM_CONTAINER_NAME}:9000;
}
server {
listen 80;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Path to the root of your installation
root /var/www/html;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
# The following rule is only needed for the Social app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
location = /.well-known/carddav {
return 301 $scheme://$host:$server_port/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host:$server_port/remote.php/dav;
}
# location /nginx_status {
# stub_status;
# allow 192.168.1.0/24; #only allow requests from local network
# deny all; #deny all other hosts
# }
# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
location / {
rewrite ^ /index.php;
}
location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
deny all;
}
location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
# fastcgi_param HTTPS on;
# Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
# Enable pretty urls
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js, css and map files
# Make sure it is BELOW the PHP block
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into
# this topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Optional: Don't log access to assets
access_log off;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ {
try_files $uri /index.php$request_uri;
# Optional: Don't log access to other assets
access_log off;
}
}

174
nextcloud/web/nginx.conf
View File

@ -1,174 +0,0 @@
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
upstream php-handler {
server nextcloud-fpm:9000;
}
server {
listen 80;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Path to the root of your installation
root /var/www/html;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
# The following rule is only needed for the Social app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
location = /.well-known/carddav {
return 301 $scheme://$host:$server_port/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host:$server_port/remote.php/dav;
}
# location /nginx_status {
# stub_status;
# allow 192.168.1.0/24; #only allow requests from local network
# deny all; #deny all other hosts
# }
# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
location / {
rewrite ^ /index.php;
}
location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
deny all;
}
location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
# fastcgi_param HTTPS on;
# Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
# Enable pretty urls
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js, css and map files
# Make sure it is BELOW the PHP block
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into
# this topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Optional: Don't log access to assets
access_log off;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ {
try_files $uri /index.php$request_uri;
# Optional: Don't log access to other assets
access_log off;
}
}
}

71
plausible/.env Normal file
View File

@ -0,0 +1,71 @@
########
# DOCKER
#DOCKER_CONTEXT=
#DOCKER_HOST=
SERVICES_DIR=..
COMPOSE_FILE=${SERVICES_DIR}/plausible/docker-compose.yml:${SERVICES_DIR}/plausible/docker-compose.clickhouse.yml:${SERVICES_DIR}/plausible/docker-compose.local.yml:${SERVICES_DIR}/postgres/docker-compose.yml:${SERVICES_DIR}/clickhouse/docker-compose.yml
#COMPOSE_PROJECT_NAME=
## APP
PLAUSIBLE_DOMAIN=localhost
BASE_URL=http://${PLAUSIBLE_DOMAIN}:8000
#PLAUSIBLE_CONTAINER_NAME=plausible
#PLAUSIBLE_VOLUME_NAME=plausible
#PLAUSIBLE_IMAGE=plausible/analytics:v1.4.4
ADMIN_USER_NAME=example
ADMIN_USER_EMAIL=email@example.org
ADMIN_USER_PWD=change-me
SECRET_KEY_BASE=AFnMQwN54ovHIqCQQGFZX5gUFpgpxasCEnzQwQsyfZLPRbiwzDYAqYDJQlQM8SbmicVJr97axXaSCfXD9zSEQQ==
#DISABLE_AUTH=
#DISABLE_REGISTRATION=
## POSTGRES
#POSTGRES_VOLUME_NAME=
#POSTGRES_CONTAINER_NAME=
#POSTGRES_IMAGE=
POSTGRES_USER=user-example
POSTGRES_PASSWORD=password-example
POSTGRES_DB=plausible_dev
## CLICKHOUSE
#CLICKHOUSE_VOLUME_NAME=
#CLICKHOUSE_CONTAINER_NAME=
#CLICKHOUSE_IMAGE=
## SMTP
#MAILER_EMAIL=
#SMTP_HOST_ADDR=
#SMTP_HOST_PORT=
#SMTP_USER_NAME=
#SMTP_USER_PWD=
#SMTP_HOST_SSL_ENABLED=
#SMTP_RETRIES=
## GOOGLE SEARCH CONSOLE
#GOOGLE_CLIENT_ID=
#GOOGLE_CLIENT_SECRET=
## GEOIPUPDATE
#GEOIPUPDATE_VOLUME_NAME=
#GEOIPUPDATE_IMAGE=
#GEOIPUPDATE_CONTAINER_NAME=
#GEOIPUPDATE_ACCOUNT_ID=
#GEOIPUPDATE_LICENSE_KEY=
#GEOIPUPDATE_EDITION_IDS=GeoLite2-Country
#GEOIPUPDATE_FREQUENCY=
#GEOIPUPDATE_VERBOSE=
#GEOIPUPDATE_DB_DIR=
## TRAEFIK
#TRAEFIK_NETWORK_NAME=
#TRAEFIK_ROUTER_NAME=
#TRAEFIK_ENTRYPOINTS=

15
plausible/README.md Normal file
View File

@ -0,0 +1,15 @@
# Plausible
> Plausible est une plateforme d'analyse Web légère et open source.
## Liens
- [Site Officiel][site]
- [Documentation][documentation]
- [Code source][source]
- [Docker Hub][dockerhub]
[site]: https://plausible.io/
[source]: https://github.com/plausible/analytics
[documentation]: https://plausible.io/docs
[dockerhub]: https://hub.docker.com/r/plausible/analytics

14
plausible/clickhouse-config.xml Normal file
View File

@ -0,0 +1,14 @@
<yandex>
<logger>
<level>warning</level>
<console>true</console>
</logger>
<!-- Stop all the unnecessary logging -->
<query_thread_log remove="remove"/>
<query_log remove="remove"/>
<text_log remove="remove"/>
<trace_log remove="remove"/>
<metric_log remove="remove"/>
<asynchronous_metric_log remove="remove"/>
</yandex>

8
plausible/clickhouse-user-config.xml Normal file
View File

@ -0,0 +1,8 @@
<yandex>
<profiles>
<default>
<log_queries>0</log_queries>
<log_query_threads>0</log_query_threads>
</default>
</profiles>
</yandex>

7
plausible/docker-compose.clickhouse.yml Normal file
View File

@ -0,0 +1,7 @@
version: "3.8"
services:
clickhouse:
volumes:
- ./clickhouse-config.xml:/etc/clickhouse-server/config.d/logging.xml:ro
- ./clickhouse-user-config.xml:/etc/clickhouse-server/users.d/logging.xml:ro

10
plausible/docker-compose.geoip.yml Normal file
View File

@ -0,0 +1,10 @@
version: "3.8"
services:
plausible:
depends_on:
- geoipupdate
environment:
- GEOLITE2_COUNTRY_DB=/geoip/GeoLite2-Country.mmdb
volumes:
- geoipupdate:/geoip:ro

7
plausible/docker-compose.google.yml Normal file
View File

@ -0,0 +1,7 @@
version: "3.8"
services:
plausible:
environment:
GOOGLE_CLIENT_ID: ${GOOGLE_CLIENT_ID:?err}
GOOGLE_CLIENT_SECRET: ${GOOGLE_CLIENT_SECRET:?err}

6
plausible/docker-compose.local.yml Normal file
View File

@ -0,0 +1,6 @@
version: "3.8"
services:
plausible:
ports:
- ${LOCAL_PORT:-8000}:8000

12
plausible/docker-compose.smtp.yml Normal file
View File

@ -0,0 +1,12 @@
version: "3.8"
services:
plausible:
environment:
MAILER_EMAIL: ${MAILER_EMAIL:-hello@plausible.local}
SMTP_HOST_ADDR: ${SMTP_HOST_ADDR:-localhost}
SMTP_HOST_PORT: ${SMTP_HOST_PORT:-25}
SMTP_USER_NAME: ${SMTP_USER_NAME}
SMTP_USER_PWD: ${SMTP_USER_PWD}
SMTP_HOST_SSL_ENABLED: ${SMTP_HOST_SSL_ENABLED:-false}
SMTP_RETRIES: ${SMTP_RETRIES:-2}

13
plausible/docker-compose.traefik.yml Normal file
View File

@ -0,0 +1,13 @@
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME:-traefik}
services:
plausible:
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-plausible}.rule=Host(`${PLAUSIBLE_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-plausible}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}

31
plausible/docker-compose.yml Normal file
View File

@ -0,0 +1,31 @@
version: "3.8"
volumes:
plausible:
name: ${PLAUSIBLE_VOLUME_NAME:-plausible}
services:
plausible:
container_name: ${PLAUSIBLE_CONTAINER_NAME:-plausible}
image: ${PLAUSIBLE_IMAGE:-plausible/analytics:v1.4.4}
restart: always
command: ${PLAUSIBLE_DOCKER_COMMAND:-sh -c "sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh db init-admin && /entrypoint.sh run"}
depends_on:
- clickhouse
- postgres
environment:
ADMIN_USER_NAME: ${ADMIN_USER_NAME:?err}
ADMIN_USER_EMAIL: ${ADMIN_USER_EMAIL:?err}
ADMIN_USER_PWD: ${ADMIN_USER_PWD:?err}
BASE_URL: ${BASE_URL}
SECRET_KEY_BASE: ${SECRET_KEY_BASE:?err}
DISABLE_AUTH: ${DISABLE_AUTH:-false}
DISABLE_REGISTRATION: ${DISABLE_REGISTRATION:-false}
DATABASE_URL: postgres://${POSTGRES_USER:?err}:${POSTGRES_PASSWORD:?err}@${POSTGRES_CONTAINER_NAME:-postgres}:5432/${POSTGRES_DB:?err}
CLICKHOUSE_DATABASE_URL: http://${CLICKHOUSE_CONTAINER_NAME:-clickhouse}:8123/${CLICKHOUSE_CONTAINER_NAME:-clickhouse}
SITE_LIMIT: ${SITE_LIMIT:-3}
SELFHOST: ${SELFHOST:-true}
LOG_LEVEL: ${LOG_LEVEL:-warn}
volumes:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro

4
postgres/.env
View File

@ -1,3 +1,7 @@
#POSTGRES_VOLUME_NAME=
#POSTGRES_CONTAINER_NAME=
#POSTGRES_IMAGE=
POSTGRES_USER=user-example
POSTGRES_PASSWORD=password-example
POSTGRES_DB=postgres-database-name-example

4
postgres/docker-compose.yml
View File

@ -7,12 +7,14 @@ volumes:
services:
postgres:
container_name: ${POSTGRES_CONTAINER_NAME:-postgres}
image: ${POSTGRES_IMAGE:-postgres:13.4-alpine}
image: ${POSTGRES_IMAGE:-postgres:14.2-alpine}
restart: always
environment:
POSTGRES_USER: ${POSTGRES_USER:?err}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?err}
POSTGRES_DB: ${POSTGRES_DB:?err}
PUID: ${POSTGRES_PUID:-1000}
PGID: ${POSTGRES_PGID:-1000}
volumes:
- postgres:/var/lib/postgresql/data
- /etc/timezone:/etc/timezone:ro

21
prometheus/.env Normal file
View File

@ -0,0 +1,21 @@
########
# DOCKER
#DOCKER_CONTEXT=
#DOCKER_HOST=
SERVICES_DIR=..
COMPOSE_FILE=${SERVICES_DIR}/prometheus/docker-compose.yml:${SERVICES_DIR}/prometheus/docker-compose.traefik.yml
#COMPOSE_PROJECT_NAME=
############
# PROMETHEUS
#PROMETHEUS_IMAGE=
PROMETHEUS_DOMAIN=prometheus.cool.life
#########
# TRAEFIK
#TRAEFIK_NETWORK_NAME=
#TRAEFIK_ROUTER_NAME=
#TRAEFIK_ENTRYPOINTS=

3
prometheus/Dockerfile Normal file
View File

@ -0,0 +1,3 @@
ARG PROMETHEUS_IMAGE
FROM $PROMETHEUS_IMAGE
ADD prometheus.yml /etc/prometheus/

16
prometheus/README.md Normal file
View File

@ -0,0 +1,16 @@
# Prometheus
> Prometheus est un logiciel libre de surveillance informatique et générateur d'alertes. Il enregistre des métriques en temps réel dans une base de données de séries temporelles (avec une capacité d'acquisition élevée) en se basant sur le contenu de point d'entrée exposé à l'aide du protocole HTTP.
>
> -- <cite>[Wikipédia](https://fr.wikipedia.org/wiki/Prometheus_(logiciel))</cite>
## 🔧 Configuration
Pour configurer le service il faut ajouter un fichier prometheus.yml décrivant votre configuration. Vous retrouverz toutes les informations sur la page de [documentation officielle](https://prometheus.io/docs/prometheus/latest/configuration/configuration/).
## 🔗 Liens
- [Site officiel](https://prometheus.io/)
- [La documentation](https://prometheus.io/docs/)
- [Github](https://github.com/prometheus/prometheus)
- [L'image Docker sur Docker Hub](https://hub.docker.com/r/prom/prometheus)

15
prometheus/docker-compose.traefik.yml Normal file
View File

@ -0,0 +1,15 @@
---
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME:-traefik}
services:
prometheus:
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-prometheus}.rule=Host(`${PROMETHEUS_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-prometheus}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}

18
prometheus/docker-compose.yml Normal file
View File

@ -0,0 +1,18 @@
---
version: '3.8'
volumes:
prometheus:
name: ${PROMETHEUS_VOLUME_NAME:-prometheus}
services:
prometheus:
container_name: ${PROMETHEUS_CONTAINER_NAME:-prometheus}
build:
context: .
args:
PROMETHEUS_IMAGE: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.34.0}
volumes:
- prometheus:/prometheus
restart: always

16
prometheus/node-exporter/docker-compose.yml
View File

@ -1,16 +0,0 @@
---
version: '3.8'
services:
node_exporter:
image: ${NODE_EXPORTER_IMAGE:-quay.io/prometheus/node-exporter:v1.2.0}
container_name: node_exporter
command:
- '--path.rootfs=/host --collector.textfile.directory=/host/var/lib/node_exporter/textfile_collector'
network_mode: host
pid: host
restart: unless-stopped
expose:
- 9100
volumes:
- '/:/host:ro,rslave'

7
redis/docker-compose.yml
View File

@ -1,13 +1,18 @@
version: "3.8"
volumes:
redis:
name: ${REDIS_VOLUME_NAME:-redis}
services:
redis:
image: ${REDIS_IMAGE:-redis:6.2.5-alpine}
image: ${REDIS_IMAGE:-redis:6.2.6-alpine}
container_name: ${REDIS_CONTAINER_NAME:-redis}
restart: always
environment:
PUID: ${REDIS_PUID:-1000}
PGID: ${REDIS_PGID:-1000}
volumes:
- redis:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro

2
registry/.env
View File

@ -5,7 +5,7 @@ TRAEFIK_NETWORK_NAME=kifeart
## REGISTRY
REGISTRY_IMAGE=registry:2.7.1
#REGISTRY_IMAGE=
REGISTRY_CUSTOM_IMAGE=custom/registry
REGISTRY_DOMAIN=registry.cool.life
REGISTRY_VOLUME_NAME=registry

6
registry/README.md
View File

@ -36,6 +36,12 @@ Pour se connecter :
docker login https://$REGISTRY_DOMAIN
```
## Nettoyer le registre
```sh
docker exec registry bin/registry garbage-collect /etc/docker/registry/config.yml --delete-untagged=true
```
## Aide
Pour connaître les images du registry :

2
registry/docker-compose.yml
View File

@ -7,7 +7,7 @@ volumes:
services:
registry:
container_name: ${REGISTRY_CONTAINER_NAME}
image: ${REGISTRY_IMAGE}
image: ${REGISTRY_IMAGE:-registry:2.8.1}
restart: always
environment:
REGISTRY_AUTH: htpasswd

17
traefik/docker-compose.ovh.yml Normal file
View File

@ -0,0 +1,17 @@
version: "3.8"
services:
traefik:
environment:
OVH_APPLICATION_KEY: ${TRAEFIK_OVH_APPLICATION_KEY}
OVH_APPLICATION_SECRET: ${TRAEFIK_OVH_APPLICATION_SECRET}
OVH_CONSUMER_KEY: ${TRAEFIK_OVH_CONSUMER_KEY}
OVH_ENDPOINT: ${OVH_ENDPOINT:-ovh-eu}
OVH_POLLING_INTERVAL: ${OVH_POLLING_INTERVAL:-30}
OVH_PROPAGATION_TIMEOUT: ${OVH_PROPAGATION_TIMEOUT:-3600}
command:
- --certificatesResolvers.ovh.acme.dnsChallenge=true
- --certificatesResolvers.ovh.acme.dnsChallenge.provider=ovh
# - --certificatesResolvers.ovh.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.ovh.acme.storage=/traefik/ovh.json
- --certificatesresolvers.ovh.acme.email=${TRAEFIK_EMAIL}

14
traefik/docker-compose.redirect.yml Normal file
View File

@ -0,0 +1,14 @@
version: "3.8"
services:
traefik:
command:
# Redirection HTTP to HTTPS
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
labels:
# Redirection to remove www.
traefik.http.middlewares.redirect-www.redirectregex.permanent: 'true'
traefik.http.middlewares.redirect-www.redirectregex.regex: 'https://www\.(.*)'
traefik.http.middlewares.redirect-www.redirectregex.replacement: 'https://$${1}'
traefik.entrypoints.websecure.http.middlewares: '["redirect-www"]'

26
traefik/docker-compose.secure.yml Normal file
View File

@ -0,0 +1,26 @@
version: "3.8"
networks:
default:
driver: bridge
services:
traefik:
ports:
- target: 443
published: 443
protocol: tcp
mode: host
command:
- --providers.file.filename=/traefik/dynamic_conf.toml
- --entrypoints.websecure.address=:443
- --certificatesresolvers.letsencrypt.acme.httpchallenge=true
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
- --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_EMAIL}
- --certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json
labels:
traefik.http.routers.traefik.entrypoints: 'websecure'
traefik.http.routers.traefik.tls.certResolver: 'letsencrypt'
traefik.http.routers.traefik.priority: '2000'

34
traefik/docker-compose.yml
View File

@ -11,11 +11,11 @@ networks:
services:
traefik:
container_name: ${TRAEFIK_CONTAINER_NAME:-traefik}
image: ${TRAEFIK_IMAGE:-traefik:v2.5.2}
image: ${TRAEFIK_IMAGE:-traefik:v2.6.3}
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ${TRAEFIK_VOLUME_NAME:-traefik}:/traefik
- traefik:/traefik
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
@ -24,25 +24,25 @@ services:
protocol: tcp
mode: host
networks:
- ${TRAEFIK_NETWORK_NAME:-traefik}
- traefik
command:
- --api.insecure=true
- --log.level=INFO
- --global.sendanonymoususage=false
- --global.checknewversion=false
- --pilot.dashboard=false
- --metrics.prometheus=true
- --api.insecure=${TRAEFIK_API_INSECURE:-true}
- --log.level=${TRAEFIK_LOG_LEVEL:-INFO}
- --global.sendanonymoususage=${TRAEFIK_GLOBAL_SENDANONYMOUSUSAGE:-false}
- --global.checknewversion=${TRAEFIK_GLOBAL_CHECKNEWVERSION:-false}
- --metrics.prometheus=${TRAEFIK_METRICS_PROMETHEUS:-true}
- --accesslog=${TRAEFIK_ACCESSLOG:-false}
- --providers.docker
- --providers.docker.exposedbydefault=false
- --providers.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- --entrypoints.web.address=:80
- --entryPoints.web.forwardedHeaders.insecure
- --entryPoints.traefik.address=:8080
- --entrypoints.${TRAEFIK_ENTRYPOINTS:-web}.address=:80
- --entryPoints.${TRAEFIK_ENTRYPOINTS:-web}.forwardedHeaders.insecure
labels:
traefik.enable: 'true'
traefik.http.routers.traefik.rule: 'Host(`${TRAEFIK_DOMAIN:?err}`)'
traefik.http.routers.traefik.entrypoints: 'web'
traefik.http.services.traefik.loadbalancer.server.port: '8080'
- traefik.enable=true
- traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:?err}`)
- traefik.http.routers.traefik.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}
- traefik.http.services.traefik.loadbalancer.server.port=8080

Some files were not shown because too many files have changed in this diff Show More