STI
/
myos
3
2
Fork 1
Code Issues 3 Pull Requests Projects Releases Wiki Activity

improve stack detection

This commit is contained in:
Yann Autissier 2023-10-26 04:42:08 +02:00
parent be9cb1ea30
commit ed4f2e3cc6
62 changed files with 51 additions and 329 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
make/apps/def.docker.mk
View File

@ -1,4 +1,4 @@
COMPOSE_FILE ?= $(wildcard docker-compose.yml docker/docker-compose.yml $(foreach file,$(patsubst docker/docker-compose.%,%,$(basename $(wildcard docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),docker/docker-compose.$(file).yml)))
COMPOSE_FILE ?= $(STACK_MYOS_FILE) $(wildcard docker-compose.yml docker/docker-compose.yml $(foreach file,$(patsubst docker/docker-compose.%,%,$(basename $(wildcard docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),docker/docker-compose.$(file).yml)))
COMPOSE_FILE_$(ENV) ?= true
COMPOSE_FILE_DEBUG ?= $(if $(DEBUG),true)
COMPOSE_FILE_MYOS ?= true
@ -135,8 +135,8 @@ define docker-stack-update
$(eval stack := $(patsubst %.yml,%,$(notdir $(1))))
$(eval name := $(firstword $(subst :, ,$(stack))))
$(eval version := $(or $(2),$(if $(findstring :,$(stack)),$(lastword $(subst :, ,$(stack))),latest)))
$(eval path := $(patsubst %/,%,$(or $(3),$(if $(findstring /,$(1)),$(if $(wildcard stack/$(1) stack/$(1).yml),stack/$(if $(findstring .yml,$(1)),$(dir $(1)),$(if $(wildcard stack/$(1).yml),$(dir $(1)),$(1))),$(dir $(1)))),stack/$(name))))
$(eval COMPOSE_FILE += $(wildcard $(foreach file,$(name) $(name).$(ENV) $(name).$(ENV).$(version) $(name).$(version),$(path)/$(file).yml)))
$(eval path := $(patsubst %/,%,$(or $(3),$(if $(findstring /,$(1)),$(if $(wildcard stack/$(1) stack/$(1).yml),stack/$(if $(findstring .yml,$(1)),$(dir $(1)),$(if $(wildcard stack/$(1).yml),$(dir $(1)),$(1))),$(if $(wildcard stack/$(stackz)/$(1) stack/$(stackz)/$(1).yml),stack/$(stackz)/$(if $(findstring .yml,$(1)),$(dir $(1)),$(if $(wildcard stack/$(stackz)/$(1).yml),$(dir $(1)),$(1))),$(dir $(1))))),$(firstword $(wildcard stack/$(stackz)/$(name) stack/$(stackz) stack/$(name))))))
$(eval COMPOSE_FILE += $(wildcard $(foreach file,$(name) $(name).$(ENV) $(name).$(ENV).$(version) $(name).$(version) $(foreach env,$(COMPOSE_FILE_ENV),$(name).$(env)),$(path)/$(file).yml)))
$(eval COMPOSE_FILE := $(strip $(COMPOSE_FILE)))
$(if $(wildcard $(path)/.env.dist),$(call .env,,$(path)/.env.dist,$(wildcard $(CONFIG)/$(ENV)/$(APP)/.env $(path)/.env.$(ENV) .env)))
endef

8
make/def.app.mk
View File

@ -16,7 +16,7 @@ define app-bootstrap
$(eval APP := $(or $(1), $(APP)))
$(eval APP_DIR := $(or $(2), $(RELATIVE)$(APP)))
$(eval APP_NAME := $(or $(3),$(subst -,,$(subst .,,$(call LOWERCASE,$(APP))))))
$(eval COMPOSE_FILE := $(wildcard $(APP_DIR)/docker-compose.yml $(APP_DIR)/docker-compose.$(ENV).yml $(APP_DIR)/docker/docker-compose.yml $(foreach file,$(patsubst $(APP_DIR)/docker/docker-compose.%,%,$(basename $(wildcard $(APP_DIR)/docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),$(APP_DIR)/docker/docker-compose.$(file).yml))))
$(eval COMPOSE_FILE := $(STACK_MYOS_FILE) $(wildcard $(APP_DIR)/docker-compose.yml $(APP_DIR)/docker-compose.$(ENV).yml $(APP_DIR)/docker/docker-compose.yml $(foreach file,$(patsubst $(APP_DIR)/docker/docker-compose.%,%,$(basename $(wildcard $(APP_DIR)/docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),$(APP_DIR)/docker/docker-compose.$(file).yml))))
$(eval DOCKER_BUILD_DIR := $(APP_DIR))
$(if $(wildcard $(APP_DIR)/.env.dist), $(call .env,$(APP_DIR)/.env,$(APP_DIR)/.env.dist))
$(if $(wildcard $(APP_DIR)/.env.example), $(call .env,$(APP_DIR)/.env,$(APP_DIR)/.env.example))
@ -33,6 +33,12 @@ define app-build
)
endef
# function app-config: Call docker-compose config with each docker-compose.yml in dir 1
define app-config
$(call INFO,app-config,$(1)$(comma))
$(call docker-compose,config)
endef
# function app-connect: Call docker exec $(DOCKER_SHELL) for each Dockerfile in dir 1
define app-connect
$(call INFO,app-connect,$(1)$(comma))

2
make/def.docker.mk
View File

@ -27,6 +27,8 @@ HOST_GID ?= 100
HOST_UID ?= 123
RESU_DOCKER_REPOSITORY ?= $(subst -,/,$(USER_COMPOSE_PROJECT_NAME))
STACK_HOST ?= $(filter host,$(firstword $(subst /, ,$(STACK))))
STACK_MYOS ?= stack/myos
STACK_MYOS_FILE ?= $(STACK_MYOS)/networks.yml $(wildcard $(STACK_MYOS)/*.$(ENV).yml)
STACK_USER ?= $(filter User,$(firstword $(subst /, ,$(STACK))))
USER_COMPOSE_PROJECT_NAME ?= $(subst .,-,$(RESU))
USER_COMPOSE_SERVICE_NAME ?= $(USER_COMPOSE_PROJECT_NAME)

5
stack/User/User.yml
View File

@ -49,8 +49,3 @@ volumes:
user:
external: true
name: ${USER_DOCKER_VOLUME}
networks:
private:
external: true
name: ${DOCKER_NETWORK}

8
stack/User/ipfs.yml
View File

@ -94,11 +94,3 @@ volumes:
home:
external: true
name: ${HOST_DOCKER_VOLUME}_home
networks:
private:
external: true
name: ${DOCKER_NETWORK}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/cloud/nextcloud.yml
View File

@ -23,11 +23,3 @@ services:
volumes:
nextcloud:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

5
stack/drone/drone-runner-docker.yml
View File

@ -17,8 +17,3 @@ services:
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}

8
stack/drone/drone.yml
View File

@ -33,11 +33,3 @@ services:
volumes:
drone:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

5
stack/drone/gc.yml
View File

@ -11,8 +11,3 @@ services:
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}

8
stack/elastic/apm-server-oss.yml
View File

@ -19,11 +19,3 @@ services:
ports:
- 8200
restart: always
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/elastic/apm-server.yml
View File

@ -16,11 +16,3 @@ services:
ports:
- 8200
restart: always
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

5
stack/elastic/curator.yml
View File

@ -19,8 +19,3 @@ services:
networks:
- private
restart: always
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}

1
stack/elastic/elasticsearch.local.7.4.yml
View File

@ -4,4 +4,3 @@ services:
elasticsearch:
environment:
- discovery.type=single-node

8
stack/elastic/elasticsearch.yml
View File

@ -38,11 +38,3 @@ services:
volumes:
elasticsearch:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/elastic/kibana-oss.yml
View File

@ -12,11 +12,3 @@ services:
ports:
- 5601
restart: always
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/elastic/kibana.yml
View File

@ -12,11 +12,3 @@ services:
ports:
- 5601
restart: always
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/grafana/grafana.yml
View File

@ -30,11 +30,3 @@ services:
volumes:
grafana:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

4
stack/host/acme.mk
View File

@ -1,3 +1,5 @@
ENV_VARS += HOST_ACME_POST_HOOK HOST_ACME_PRE_HOOK
HOST_ACME_DOMAIN_PATH_VALID ?= $$(echo $${DOMAIN_PATH:-} |awk "'"/^[0-9a-z_\-\.+\/]+@[0-9a-z_\-\.]+\.[a-z0-9_\-\.\+\/]+$$/"'")
HOST_ACME_POST_HOOK ?= [ "$(HOST_ACME_DOMAIN_PATH_VALID)" ] && cp fullchain.cer /host/certs/$${domain}-cert.pem 2>/dev/null && cp $${domain}.key /host/certs/$${domain}-key.pem
HOST_ACME_DOMAIN_CERT_MODULUS ?= $$(openssl x509 -in fullchain.cer -noout -modulus)
HOST_ACME_DOMAIN_KEY_MODULUS ?= $$(openssl rsa -in $${domain}.key -noout -modulus)
HOST_ACME_POST_HOOK ?= [ "$(HOST_ACME_DOMAIN_PATH_VALID)" ] && cp -a fullchain.cer /host/certs/$${domain}-cert.pem 2>/dev/null && [ "$(HOST_ACME_DOMAIN_CERT_MODULUS)" = "$(HOST_ACME_DOMAIN_KEY_MODULUS)" ] && cp -a $${domain}.key /host/certs/$${domain}-key.pem

5
stack/host/acme.yml
View File

@ -31,8 +31,3 @@ volumes:
host:
external: true
name: ${HOST_DOCKER_VOLUME}
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

1
stack/host/apache/php5.www.yml
View File

@ -9,4 +9,3 @@ services:
volumes:
www:

5
stack/host/apache/php5.yml
View File

@ -29,8 +29,3 @@ services:
volumes:
backup:
web:
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC:-localhost}

1
stack/host/backup/restic.yml
View File

@ -18,4 +18,3 @@ services:
volumes:
restic:

5
stack/host/exporter/cadvisor.yml
View File

@ -20,8 +20,3 @@ services:
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
- /var/run:/var/run:rw
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

5
stack/host/exporter/node.yml
View File

@ -23,8 +23,3 @@ services:
- /:/rootfs:ro
- /proc:/host/proc:ro
- /sys:/host/sys:ro
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

1
stack/host/ftps.mk Normal file
View File

@ -0,0 +1 @@
HOST_FTPS_UFW_DOCKER ?= 21/tcp 18700/tcp 18701/tcp 18702/tcp 18703/tcp 18704/tcp 18705/tcp 18706/tcp 18707/tcp 18708/tcp 18709/tcp 18710/tcp

32
stack/host/ftps.yml Normal file
View File

@ -0,0 +1,32 @@
version: '3.6'
services:
ftps:
container_name: ${HOST_COMPOSE_PROJECT_NAME}-ftps
environment:
- FTPS_EXTERNAL_IP=${DOCKER_HOST_INET4}
- FTPS_PASS=${HOST_FTPS_PASS}
- FTPS_USER=${HOST_FTPS_USER}
- FTPS_UID=${HOST_FTPS_UID}
image: bfren/ftps:latest
labels:
- SERVICE_21_CHECK_TCP=true
- SERVICE_21_NAME=${COMPOSE_SERVICE_NAME}-ftps-21
networks:
- private
- public
ports:
- 21:21
- 18700-18710:18700-18710
restart: always
volumes:
- backup:/files
- host:/host
- ssl:/ssl
volumes:
backup:
host:
external: true
name: ${HOST_DOCKER_VOLUME}
ssl:

1
stack/host/ipfs.home.yml
View File

@ -7,4 +7,3 @@ services:
volumes:
home:

1
stack/host/ipfs.yml
View File

@ -86,4 +86,3 @@ services:
volumes:
ipfs:

3
stack/host/mail.mk
View File

@ -1,6 +1,7 @@
# ENV_VARS += HOST_MAILSERVER_ENABLE_MANAGESIEVE HOST_MAILSERVER_SPOOF_PROTECTION HOST_MAILSERVER_SSL_TYPE HOST_MAILSERVER_ENABLE_UPDATE_CHECK
HOST_MAILSERVER_ENABLE_FAIL2BAN ?= 1
HOST_MAILSERVER_ENABLE_MANAGESIEVE ?= 1
HOST_MAILSERVER_ENABLE_UPDATE_CHECK ?= 0
HOST_MAILSERVER_SPOOF_PROTECTION ?= 1
HOST_MAILSERVER_SSL_TYPE ?= letsencrypt
HOST_MAILSERVER_ENABLE_UPDATE_CHECK ?= 0
HOST_MAILSERVER_UFW_DOCKER ?= 25/tcp 465/tcp 587/tcp 993/tcp

7
stack/host/mail/mailserver.yml
View File

@ -28,7 +28,7 @@ services:
- ENABLE_AMAVIS=${HOST_MAILSERVER_ENABLE_AMAVIS:-1}
- AMAVIS_LOGLEVEL=${HOST_MAILSERVER_AMAVIS_LOGLEVEL:-0}
- ENABLE_DNSBL=${HOST_MAILSERVER_ENABLE_DNSBL:-0}
- ENABLE_FAIL2BAN=${HOST_MAILSERVER_ENABLE_FAIL2BAN:-0}
- ENABLE_FAIL2BAN=${HOST_MAILSERVER_ENABLE_FAIL2BAN:-1}
- FAIL2BAN_BLOCKTYPE=${HOST_MAILSERVER_FAIL2BAN_BLOCKTYPE:-drop}
- ENABLE_MANAGESIEVE=${HOST_MAILSERVER_ENABLE_MANAGESIEVE:-1}
- POSTSCREEN_ACTION=${HOST_MAILSERVER_POSTSCREEN_ACTION:-enforce}
@ -155,8 +155,3 @@ volumes:
host:
external: true
name: ${HOST_DOCKER_VOLUME}
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

1
stack/host/nginx.dns.yml
View File

@ -9,4 +9,3 @@ services:
volumes:
dns:

1
stack/host/nginx.www.yml
View File

@ -7,4 +7,3 @@ services:
volumes:
www:

5
stack/host/nginx.yml
View File

@ -51,8 +51,3 @@ volumes:
htpasswd:
log:
vhost:
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

1
stack/host/php.dns.yml
View File

@ -7,4 +7,3 @@ services:
volumes:
dns:

1
stack/host/php.www.yml
View File

@ -7,4 +7,3 @@ services:
volumes:
www:

5
stack/host/php.yml
View File

@ -14,8 +14,3 @@ services:
networks:
- public
restart: always
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

5
stack/host/portainer.yml
View File

@ -21,8 +21,3 @@ services:
volumes:
portainer:
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

5
stack/host/static.yml
View File

@ -18,8 +18,3 @@ services:
volumes:
static:
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

5
stack/host/vdi/vdi.yml
View File

@ -40,11 +40,6 @@ services:
- shared:/shared:cached
- shm:/dev/shm:delegated
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}
volumes:
home:
shared:

9
stack/host/volumes.dns.local.yml
View File

@ -1,9 +0,0 @@
version: '3.6'
volumes:
dns:
driver: local
driver_opts:
device: /dns
o: bind
type: none

10
stack/host/volumes.home.local.yml
View File

@ -1,10 +0,0 @@
version: '3.6'
volumes:
home:
driver: local
driver_opts:
device: /home
o: bind
type: none

9
stack/host/volumes.log.local.yml
View File

@ -1,9 +0,0 @@
version: '3.6'
volumes:
log:
driver: local
driver_opts:
device: /var/log
o: bind
type: none

9
stack/host/volumes.www.local.yml
View File

@ -1,9 +0,0 @@
version: '3.6'
volumes:
www:
driver: local
driver_opts:
device: /var/www
o: bind
type: none

8
stack/ipfs/ipfs.yml
View File

@ -92,11 +92,3 @@ volumes:
type: none
device: ${HOME}/.ipfs
o: bind
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

5
stack/memcached/memcached.yml
View File

@ -11,8 +11,3 @@ services:
ports:
- 11211
restart: always
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}

5
stack/mysql/mysql.yml
View File

@ -17,8 +17,3 @@ services:
volumes:
mysql:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}

5
stack/newrelic/php-daemon.yml
View File

@ -12,8 +12,3 @@ services:
ports:
- 31339
restart: always
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}

8
stack/nginx/nginx.yml
View File

@ -45,11 +45,3 @@ volumes:
type: none
device: ${MONOREPO_DIR}
o: bind
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE:-docker}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC:-localhost}

8
stack/nginx/static.yml
View File

@ -19,11 +19,3 @@ services:
volumes:
static:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE:-docker}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC:-static.localhost}

5
stack/portainer/portainer.yml
View File

@ -20,8 +20,3 @@ services:
volumes:
portainer:
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

5
stack/postgres/postgres.yml
View File

@ -20,8 +20,3 @@ services:
volumes:
postgres:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}

8
stack/prometheus/alertmanager.yml
View File

@ -19,11 +19,3 @@ services:
ports:
- 9093
restart: always
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/prometheus/blackbox.yml
View File

@ -18,11 +18,3 @@ services:
ports:
- 9115
restart: always
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/prometheus/es-exporter.yml
View File

@ -19,11 +19,3 @@ services:
ports:
- 9206
restart: always
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/prometheus/prometheus.yml
View File

@ -25,11 +25,3 @@ services:
volumes:
prometheus:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/rabbitmq/rabbitmq.yml
View File

@ -25,11 +25,3 @@ services:
volumes:
rabbitmq:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/redis/redis.yml
View File

@ -17,11 +17,3 @@ services:
volumes:
redis:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/redmine/redmine.yml
View File

@ -37,11 +37,3 @@ services:
volumes:
redmine:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/redmine/redmine3.yml
View File

@ -30,11 +30,3 @@ services:
volumes:
redmine3:
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

5
stack/sematext/logagent.yml
View File

@ -21,8 +21,3 @@ services:
restart: always
volumes:
- /var/run/docker.sock:/tmp/docker.sock
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}

8
stack/theia/theia.yml
View File

@ -46,11 +46,3 @@ volumes:
user:
external: true
name: ${USER_DOCKER_VOLUME}
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

8
stack/x2go/vdi.yml
View File

@ -40,14 +40,6 @@ services:
- vdi-shared:/shared:cached
- vdi-shm:/dev/shm:delegated
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}
volumes:
vdi-home:
vdi-shared: