Compare commits
11 Commits
e89e552227
...
4f21668399
Author | SHA1 | Date |
---|---|---|
aynic.os | 4f21668399 | |
aynic.os | 750e451bab | |
aynic.os | e15701b5a3 | |
Yann Autissier | 2ad02d500c | |
Yann Autissier | 6ff838624c | |
Yann Autissier | 1d2cc6a9a7 | |
Yann Autissier | ed4f2e3cc6 | |
Yann Autissier | be9cb1ea30 | |
aynic.os | 4cc840d392 | |
aynic.os | 7c8da80cbb | |
aynic.os | b0a2a9851b |
|
@ -10,7 +10,7 @@ ARG DOCKER_SYSTEM=Linux
|
|||
RUN apk update \
|
||||
&& apk add --no-cache ca-certificates \
|
||||
&& OS="$(echo ${DOCKER_SYSTEM} |awk '{print tolower($0)}')"; \
|
||||
ARCH="$(echo ${DOCKER_MACHINE})"; \
|
||||
ARCH="$(echo ${DOCKER_MACHINE} |awk '/armv7l/ {print "armv7"}')"; \
|
||||
wget -qO /usr/bin/docker-compose ${COMPOSE_REMOTE}/releases/download/v${COMPOSE_VERSION}/docker-compose-${OS}-${ARCH} \
|
||||
&& chmod +x /usr/bin/docker-compose
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ ARG FABIO_VERSION=1.6.0
|
|||
RUN apk update \
|
||||
&& apk add --no-cache ca-certificates \
|
||||
&& OS="$(echo ${DOCKER_SYSTEM} |awk '{print tolower($0)}')"; \
|
||||
ARCH="$(echo ${DOCKER_MACHINE} |awk '/x86_64/ {print "amd64"}; /aarch64/ {print "arm64"}')"; \
|
||||
ARCH="$(echo ${DOCKER_MACHINE} |awk '/x86_64/ {print "amd64"}; /aarch64/ {print "arm64"}; /armv7/ {print "arm"};')"; \
|
||||
wget -qO /usr/bin/fabio ${FABIO_REMOTE}/releases/download/v${FABIO_VERSION}/fabio-${FABIO_VERSION}-${OS}_${ARCH} \
|
||||
&& chmod +x /usr/bin/fabio
|
||||
|
||||
|
|
|
@ -2,10 +2,10 @@ FROM pinidh/nginx-proxy:alpine
|
|||
ARG DOCKER_BUILD_DIR
|
||||
|
||||
RUN sed -i 's/\(function _resolvers() {\)$/function _nginx_config() {\n\t\/app\/nginx-config.sh\n}\n\n\1/;s/\(\t_default_certificate\)$/\1\n\n\t_nginx_config/' /app/docker-entrypoint.sh \
|
||||
&& sed -i 's|\(\treturn 503;\)$|\t{{ if (exists (printf "/etc/nginx/vhost.d/%s" (or $.Env.DEFAULT "default"))) }}\n\tinclude {{ printf "/etc/nginx/vhost.d/%s" (or $.Env.DEFAULT "default") }};\n\t {{ if (exists (printf "/etc/nginx/vhost.d/default_location")) }}\n{{ if $.Env.DEFAULT_LOCATION }}\tinclude {{ printf "/etc/nginx/vhost.d/default_location" }};{{ end }}\n\t {{ if (exists (printf "/etc/nginx/vhost.d/default_location_php")) }}\n{{ if $.Env.DEFAULT_LOCATION_PHP }}\tinclude {{ printf "/etc/nginx/vhost.d/default_location_php" }};{{ end }}\n\t {{ end }}\n\t {{ if (exists (printf "/etc/nginx/vhost.d/default_location_ipfs")) }}\n{{ if $.Env.DEFAULT_LOCATION_IPFS }}\tinclude {{ printf "/etc/nginx/vhost.d/default_location_ipfs" }};{{ end }}\n\t {{ end }}\n\t {{ end }}\n\t{{ else }}\n\1\n\t{{ end }}|' /app/nginx.tmpl \
|
||||
&& sed -i 's|\({{ if (exists "/etc/nginx/proxy.conf") }}\)|{{ if (exists "/etc/nginx/vhost.d/nginx.conf") }}\ninclude /etc/nginx/vhost.d/nginx.conf;\n{{ end }}\n\n\1|' /app/nginx.tmpl \
|
||||
&& sed -i 's|exists "/etc/nginx/vhost.d/default"|exists (printf "/etc/nginx/vhost.d/%s" (or $.Env.DEFAULT "default"))|;s|include /etc/nginx/vhost.d/default;|include {{ printf "/etc/nginx/vhost.d/%s" (or $.Env.DEFAULT "default") }};|' /app/nginx.tmpl \
|
||||
&& sed -i 's|\(include /etc/nginx/vhost.d/default_location;\)|\1\n\t\t{{ if (exists (printf "/etc/nginx/vhost.d/default_location_php")) }}\n{{ if $.Env.DEFAULT_LOCATION_PHP }}\tinclude {{ printf "/etc/nginx/vhost.d/default_location_php" }};{{ end }}\n\t\t{{ end }}\n\t\t{{ if (exists (printf "/etc/nginx/vhost.d/default_location_ipfs")) }}\n{{ if $.Env.DEFAULT_LOCATION_IPFS }}\tinclude {{ printf "/etc/nginx/vhost.d/default_location_ipfs" }};{{ end }}\n\t\t{{ end }}|' /app/nginx.tmpl \
|
||||
&& sed -i 's|\(include /etc/nginx/vhost.d/default_location;\)|\1\n {{- end }}\n {{- if (and (exists "/etc/nginx/vhost.d/default_location_php") ($.Env.DEFAULT_LOCATION_PHP)) }}\n include /etc/nginx/vhost.d/default_location_php;\n {{- end }}\n {{- if (and (exists "/etc/nginx/vhost.d/default_location_ipfs") ($.Env.DEFAULT_LOCATION_IPFS)) }}\n include /etc/nginx/vhost.d/default_location_ipfs;|' /app/nginx.tmpl \
|
||||
&& sed -i 's|\( return 503;\)$|{{- if (exists (printf "/etc/nginx/vhost.d/%s" (or $.Env.DEFAULT "default"))) }}\n include {{ (printf "/etc/nginx/vhost.d/%s" (or $.Env.DEFAULT "default")) }};\n{{- if (and (exists "/etc/nginx/vhost.d/default_location") ($.Env.DEFAULT_LOCATION)) }}\n include /etc/nginx/vhost.d/default_location;\n{{- end }}\n{{- if (and (exists "/etc/nginx/vhost.d/default_location_php") ($.Env.DEFAULT_LOCATION_PHP)) }}\n include /etc/nginx/vhost.d/default_location_php;\n{{- end }}\n{{- if (and (exists "/etc/nginx/vhost.d/default_location_ipfs") ($.Env.DEFAULT_LOCATION_IPFS)) }}\n include /etc/nginx/vhost.d/default_location_ipfs;\n{{- end }}\n{{- else }}\n\1\n{{- end }}|' /app/nginx.tmpl \
|
||||
&& sed -i 's|\({{-\? if (exists "/etc/nginx/proxy.conf") }}\)|{{- if (exists "/etc/nginx/vhost.d/nginx.conf") }}\ninclude /etc/nginx/vhost.d/nginx.conf;\n{{ end }}\n\n\1|' /app/nginx.tmpl \
|
||||
&& sed -i 's|exists "/etc/nginx/vhost.d/default"|exists (printf "/etc/nginx/vhost.d/%s" (or $.Env.DEFAULT "default"))|;s|include /etc/nginx/vhost.d/default;|include {{ (printf "/etc/nginx/vhost.d/%s" (or $.Env.DEFAULT "default")) }};|' /app/nginx.tmpl \
|
||||
&& awk '/proxy_pass \{\{ trim .Proto \}\}/{sub(/else/, "else if ne .Proto \"local\"", last)} NR>1{print last} {last=$0} END {print last}' /app/nginx.tmpl > /tmp/nginx.tmpl && mv /tmp/nginx.tmpl /app/
|
||||
|
||||
COPY ${DOCKER_BUILD_DIR}/nginx* /app
|
||||
|
|
|
@ -4,7 +4,7 @@ set -eu
|
|||
##
|
||||
# CONFIG
|
||||
|
||||
sed -i 's/fastcgi_param * SERVER_SOFTWARE *.*/fastcgi_param SERVER_SOFTWARE nginx;/' /etc/nginx/fastcgi_params
|
||||
sed -i 's/fastcgi_param * SERVER_SOFTWARE *.*/fastcgi_param SERVER_SOFTWARE nstix;/' /etc/nginx/fastcgi_params
|
||||
|
||||
##
|
||||
# DEFAULT
|
||||
|
|
|
@ -7,3 +7,10 @@ map $host $host_dir {
|
|||
~(?:(?<sd>[a-z0-9-]+)\.)(?<dom>[a-z0-9-]+)\.(?<tld>[a-z0-9-]+)$ ${tld}/${dom}/${sd};
|
||||
~(?<dom>[a-z0-9-]+)\.(?<tld>[a-z0-9-]+)$ ${tld}/${dom};
|
||||
}
|
||||
|
||||
set_real_ip_from 192.168.0.0/16;
|
||||
set_real_ip_from 172.16.0.0/12;
|
||||
set_real_ip_from 10.0.0.0/8;
|
||||
set_real_ip_from 2001:0db8::/32;
|
||||
real_ip_header X-Forwarded-For;
|
||||
real_ip_recursive on;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
COMPOSE_FILE ?= $(wildcard docker-compose.yml docker/docker-compose.yml $(foreach file,$(patsubst docker/docker-compose.%,%,$(basename $(wildcard docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),docker/docker-compose.$(file).yml)))
|
||||
COMPOSE_FILE ?= $(wildcard docker-compose.yml docker/docker-compose.yml $(foreach file,$(patsubst docker/docker-compose.%,%,$(basename $(wildcard docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),docker/docker-compose.$(file).yml)) $(MYOS_STACK_FILE))
|
||||
COMPOSE_FILE_$(ENV) ?= true
|
||||
COMPOSE_FILE_DEBUG ?= $(if $(DEBUG),true)
|
||||
COMPOSE_FILE_MYOS ?= true
|
||||
|
@ -18,7 +18,7 @@ CONTEXT_DEBUG += DOCKER_BUILD_TARGET DOCKER_COMPOSE_PROJECT_NA
|
|||
DOCKER_AUTHOR ?= $(DOCKER_AUTHOR_NAME) <$(DOCKER_AUTHOR_EMAIL)>
|
||||
DOCKER_AUTHOR_EMAIL ?= $(subst +git,+docker,$(GIT_AUTHOR_EMAIL))
|
||||
DOCKER_AUTHOR_NAME ?= $(GIT_AUTHOR_NAME)
|
||||
DOCKER_BUILD_ARGS ?= $(if $(filter true,$(DOCKER_BUILD_NO_CACHE)),--pull --no-cache) $(foreach var,$(DOCKER_BUILD_VARS),$(if $($(var)),--build-arg $(var)='$($(var))')) --build-arg GID='$(if $(STACK_HOST),$(HOST_GID),$(GID))' --build-arg UID='$(if $(STACK_HOST),$(HOST_UID),$(UID))'
|
||||
DOCKER_BUILD_ARGS ?= $(if $(filter true,$(DOCKER_BUILD_NO_CACHE)),--pull --no-cache) $(foreach var,$(DOCKER_BUILD_VARS),$(if $($(var)),--build-arg $(var)='$($(var))')) --build-arg GID='$(if $(HOST_STACK),$(HOST_GID),$(GID))' --build-arg UID='$(if $(HOST_STACK),$(HOST_UID),$(UID))'
|
||||
DOCKER_BUILD_CACHE ?= true
|
||||
DOCKER_BUILD_LABEL ?= $(foreach var,$(filter $(BUILD_LABEL_VARS),$(MAKE_FILE_VARS)),$(if $($(var)),--label $(var)='$($(var))'))
|
||||
DOCKER_BUILD_NO_CACHE ?= false
|
||||
|
@ -29,7 +29,7 @@ DOCKER_BUILD_VARS ?= APP BRANCH COMPOSE_VERSION DOCKER_GID DOCKER_
|
|||
DOCKER_COMPOSE ?= $(or $(shell docker-compose --version 2>/dev/null |awk '$$4 != "v'"$(COMPOSE_VERSION)"'" {exit 1} END {if (NR == 0) exit 1}' && printf 'docker-compose\n'),$(shell docker compose >/dev/null 2>&1 && printf 'docker compose\n'))
|
||||
DOCKER_COMPOSE_ARGS ?= --ansi=auto
|
||||
DOCKER_COMPOSE_DOWN_OPTIONS ?=
|
||||
DOCKER_COMPOSE_PROJECT_NAME ?= $(if $(STACK_HOST),$(HOST_COMPOSE_PROJECT_NAME),$(if $(STACK_USER),$(USER_COMPOSE_PROJECT_NAME)))
|
||||
DOCKER_COMPOSE_PROJECT_NAME ?= $(if $(HOST_STACK),$(HOST_COMPOSE_PROJECT_NAME),$(if $(USER_STACK),$(USER_COMPOSE_PROJECT_NAME)))
|
||||
DOCKER_COMPOSE_RUN_ENTRYPOINT ?= $(patsubst %,--entrypoint=%,$(DOCKER_COMPOSE_ENTRYPOINT))
|
||||
DOCKER_COMPOSE_RUN_OPTIONS ?= --rm $(DOCKER_COMPOSE_RUN_ENTRYPOINT) $(DOCKER_COMPOSE_RUN_WORKDIR)
|
||||
DOCKER_COMPOSE_RUN_WORKDIR ?= $(if $(DOCKER_COMPOSE_WORKDIR),-w $(DOCKER_COMPOSE_WORKDIR))
|
||||
|
@ -135,8 +135,8 @@ define docker-stack-update
|
|||
$(eval stack := $(patsubst %.yml,%,$(notdir $(1))))
|
||||
$(eval name := $(firstword $(subst :, ,$(stack))))
|
||||
$(eval version := $(or $(2),$(if $(findstring :,$(stack)),$(lastword $(subst :, ,$(stack))),latest)))
|
||||
$(eval path := $(patsubst %/,%,$(or $(3),$(if $(findstring /,$(1)),$(if $(wildcard stack/$(1) stack/$(1).yml),stack/$(if $(findstring .yml,$(1)),$(dir $(1)),$(if $(wildcard stack/$(1).yml),$(dir $(1)),$(1))),$(dir $(1)))),stack/$(name))))
|
||||
$(eval COMPOSE_FILE += $(wildcard $(path)/$(name).yml $(path)/$(name).$(ENV).yml $(path)/$(name).$(ENV).$(version).yml $(path)/$(name).$(version).yml))
|
||||
$(eval path := $(patsubst %/,%,$(or $(3),$(if $(findstring /,$(1)),$(if $(wildcard stack/$(1) stack/$(1).yml),stack/$(if $(findstring .yml,$(1)),$(dir $(1)),$(if $(wildcard stack/$(1).yml),$(dir $(1)),$(1))),$(if $(wildcard stack/$(stackz)/$(1) stack/$(stackz)/$(1).yml),stack/$(stackz)/$(if $(findstring .yml,$(1)),$(dir $(1)),$(if $(wildcard stack/$(stackz)/$(1).yml),$(dir $(1)),$(1))),$(dir $(1))))),$(firstword $(wildcard stack/$(stackz)/$(name) stack/$(stackz) stack/$(name))))))
|
||||
$(eval COMPOSE_FILE += $(wildcard $(foreach file,$(name) $(name).$(ENV) $(name).$(ENV).$(version) $(name).$(version) $(foreach env,$(COMPOSE_FILE_ENV),$(name).$(env)),$(path)/$(file).yml)))
|
||||
$(eval COMPOSE_FILE := $(strip $(COMPOSE_FILE)))
|
||||
$(if $(wildcard $(path)/.env.dist),$(call .env,,$(path)/.env.dist,$(wildcard $(CONFIG)/$(ENV)/$(APP)/.env $(path)/.env.$(ENV) .env)))
|
||||
endef
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
APP_DIR ?= $(CURDIR)
|
||||
APP_DOMAIN ?= $(patsubst %,$(APP_DOMAIN_PREFIX)%,$(DOMAIN))
|
||||
APP_DOMAIN_PREFIX ?= $(if $(STACK_HOST),,$(addsuffix .,$(filter-out $(ENV_DEPLOY),$(ENV)))$(USER).)
|
||||
APP_DOMAIN_PREFIX ?= $(if $(HOST_STACK),,$(addsuffix .,$(filter-out $(ENV_DEPLOY),$(ENV)))$(USER).)
|
||||
APP_HOST ?= $(patsubst %,$(APP_HOST_PREFIX)%,$(APP_DOMAIN))$(if $(HOST_LB),$(space)$(APP_DOMAIN))
|
||||
APP_HOST_PREFIX ?= $(addsuffix .,$(if $(STACK_HOST),$(HOSTNAME),$(if $(APP_LB),,$(APP_NAME))))
|
||||
APP_HOST_PREFIX ?= $(addsuffix .,$(if $(HOST_STACK),$(HOSTNAME),$(if $(APP_LB),,$(APP_NAME))))
|
||||
APP_INSTALLED ?= $(APPS)
|
||||
APP_PARENT ?= $(MONOREPO)
|
||||
APP_PARENT_DIR ?= $(MONOREPO_DIR)
|
||||
|
|
|
@ -221,6 +221,7 @@ docker-run:
|
|||
|
||||
# target docker-run-%: Call docker-run with image % and command ARGS
|
||||
.PHONY: docker-run-%
|
||||
docker-run-%: DOCKER_RUN_OPTIONS += -it
|
||||
docker-run-%: docker-build-%
|
||||
$(eval command := $(ARGS))
|
||||
$(eval path := $(patsubst %/,%,$*))
|
||||
|
|
|
@ -39,14 +39,7 @@ endif
|
|||
|
||||
# target setup-ufw: Install ufw-docker
|
||||
.PHONY: setup-ufw
|
||||
setup-ufw: COMPOSE_PROJECT_NAME := $(HOST_COMPOSE_PROJECT_NAME)
|
||||
setup-ufw: DOCKER_RUN_NETWORK :=
|
||||
setup-ufw: DOCKER_RUN_OPTIONS := --rm -d --cap-add NET_ADMIN -v /etc/ufw:/etc/ufw $(if wildcard /etc/default/ufw,-v /etc/default/ufw:/etc/default/ufw) --network host
|
||||
setup-ufw:
|
||||
setup-ufw: ufw-install ufw-bootstrap ufw-build ufw-up
|
||||
ifeq ($(SETUP_UFW),true)
|
||||
$(call app-install,$(SETUP_UFW_REPOSITORY))
|
||||
$(call app-bootstrap,$(lastword $(subst /, ,$(SETUP_UFW_REPOSITORY))))
|
||||
$(call app-build)
|
||||
$(call app-up)
|
||||
$(call ufw-docker,install)
|
||||
endif
|
||||
|
|
|
@ -3,6 +3,14 @@
|
|||
ufw:
|
||||
$(call ufw,$(ARGS))
|
||||
|
||||
# target ufw-bootstrap: Eval ufw-docker app variables
|
||||
ufw-bootstrap:
|
||||
$(call app-bootstrap,$(lastword $(subst /, ,$(SETUP_UFW_REPOSITORY))))
|
||||
|
||||
# target ufw-build: Build ufw-docker docker
|
||||
ufw-build:
|
||||
$(call app-build)
|
||||
|
||||
# target ufw-delete: Fire ufw-update UFW_DELETE=true
|
||||
.PHONY: ufw-delete
|
||||
ufw-delete: UFW_DELETE := true
|
||||
|
@ -13,13 +21,24 @@ ufw-delete: ufw-update
|
|||
ufw-docker:
|
||||
$(call ufw-docker,$(ARGS))
|
||||
|
||||
# target ufw-docker: Call ufw and ufw-docker foreach service UFW_UPDATE
|
||||
# target ufw-install: Download ufw-docker application
|
||||
ufw-install:
|
||||
$(call app-install,$(SETUP_UFW_REPOSITORY))
|
||||
|
||||
# target ufw-up: Start ufw-docker docker
|
||||
ufw-up: COMPOSE_PROJECT_NAME := $(HOST_COMPOSE_PROJECT_NAME)
|
||||
ufw-up: DOCKER_RUN_NETWORK :=
|
||||
ufw-up: DOCKER_RUN_OPTIONS := --rm -d --cap-add NET_ADMIN -v /etc/ufw:/etc/ufw $(if wildcard /etc/default/ufw,-v /etc/default/ufw:/etc/default/ufw) --network host
|
||||
ufw-up:
|
||||
$(call app-up)
|
||||
|
||||
# target ufw-update: Call ufw and ufw-docker foreach service UFW_UPDATE
|
||||
.PHONY: ufw-update
|
||||
ufw-update: debug-UFW_UPDATE
|
||||
$(eval name := $(COMPOSE_PROJECT_NAME))
|
||||
$(foreach UPDATE,$(call UPPERCASE,$(UFW_UPDATE)), \
|
||||
$(eval ufw_update := $($(if $(STACK_HOST),HOST_)$(UPDATE)_UFW_UPDATE)) \
|
||||
$(eval ufw_docker := $($(if $(STACK_HOST),HOST_)$(UPDATE)_UFW_DOCKER)) \
|
||||
$(eval ufw_update := $($(if $(HOST_STACK),HOST_)$(UPDATE)_UFW_UPDATE)) \
|
||||
$(eval ufw_docker := $($(if $(HOST_STACK),HOST_)$(UPDATE)_UFW_DOCKER)) \
|
||||
$(foreach port,$(ufw_docker), \
|
||||
$(call ufw-docker,$(if $(UFW_DELETE),delete) allow $(name)-$(call LOWERCASE,$(UPDATE)) $(port) ||:) \
|
||||
) \
|
||||
|
@ -28,8 +47,9 @@ ufw-update: debug-UFW_UPDATE
|
|||
) \
|
||||
)
|
||||
|
||||
# target ufw-%: Call ufw target for specific stack
|
||||
## ex: ufw-host-update will update ufw rules for stack host
|
||||
.PHONY: stack-%
|
||||
.PHONY: ufw-%
|
||||
ufw-%:
|
||||
$(eval stack := $(subst -$(lastword $(subst -, ,$*)),,$*))
|
||||
$(eval command := $(lastword $(subst -, ,$*)))
|
||||
|
|
|
@ -16,7 +16,9 @@ define app-bootstrap
|
|||
$(eval APP := $(or $(1), $(APP)))
|
||||
$(eval APP_DIR := $(or $(2), $(RELATIVE)$(APP)))
|
||||
$(eval APP_NAME := $(or $(3),$(subst -,,$(subst .,,$(call LOWERCASE,$(APP))))))
|
||||
$(eval COMPOSE_FILE := $(wildcard $(APP_DIR)/docker-compose.yml $(APP_DIR)/docker-compose.$(ENV).yml $(APP_DIR)/docker/docker-compose.yml $(foreach file,$(patsubst $(APP_DIR)/docker/docker-compose.%,%,$(basename $(wildcard $(APP_DIR)/docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),$(APP_DIR)/docker/docker-compose.$(file).yml))))
|
||||
$(eval COMPOSE_FILE := $(wildcard $(APP_DIR)/docker-compose.yml $(APP_DIR)/docker-compose.$(ENV).yml $(APP_DIR)/docker/docker-compose.yml $(foreach file,$(patsubst $(APP_DIR)/docker/docker-compose.%,%,$(basename $(wildcard $(APP_DIR)/docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),$(APP_DIR)/docker/docker-compose.$(file).yml)) $(foreach file,$(APP) $(APP).$(ENV) $(foreach env,$(COMPOSE_FILE_ENV),$(APP).$(env)),apps/$(APP)/$(file).yml)) $(MYOS_STACK_FILE))
|
||||
$(eval COMPOSE_PROJECT_NAME := $(if $(DOCKER_COMPOSE_PROJECT_NAME),$(DOCKER_COMPOSE_PROJECT_NAME),$(subst .,,$(call LOWERCASE,$(USER)-$(APP_NAME)-$(ENV)$(addprefix -,$(subst /,,$(subst -,,$(APP_PATH))))))))
|
||||
$(eval COMPOSE_SERVICE_NAME := $(if $(DOCKER_COMPOSE_SERVICE_NAME),$(DOCKER_COMPOSE_SERVICE_NAME),$(subst _,-,$(COMPOSE_PROJECT_NAME))))
|
||||
$(eval DOCKER_BUILD_DIR := $(APP_DIR))
|
||||
$(if $(wildcard $(APP_DIR)/.env.dist), $(call .env,$(APP_DIR)/.env,$(APP_DIR)/.env.dist))
|
||||
$(if $(wildcard $(APP_DIR)/.env.example), $(call .env,$(APP_DIR)/.env,$(APP_DIR)/.env.example))
|
||||
|
@ -33,6 +35,12 @@ define app-build
|
|||
)
|
||||
endef
|
||||
|
||||
# function app-config: Call docker-compose config with each docker-compose.yml in dir 1
|
||||
define app-config
|
||||
$(call INFO,app-config,$(1)$(comma))
|
||||
$(call docker-compose,config)
|
||||
endef
|
||||
|
||||
# function app-connect: Call docker exec $(DOCKER_SHELL) for each Dockerfile in dir 1
|
||||
define app-connect
|
||||
$(call INFO,app-connect,$(1)$(comma))
|
||||
|
@ -62,11 +70,12 @@ endef
|
|||
# function app-down: Call docker rm for each Dockerfile in dir 1
|
||||
define app-down
|
||||
$(call INFO,app-down,$(1)$(comma))
|
||||
$(if $(filter-out $(MYOS_STACK_FILE),$(COMPOSE_FILE)),$(call docker-compose,down -v),
|
||||
$(call docker-file,$(1))
|
||||
$(foreach dockerfile,$(DOCKER_FILE),
|
||||
$(call app-docker,$(dockerfile))
|
||||
$(call docker-rm)
|
||||
)
|
||||
))
|
||||
endef
|
||||
|
||||
# function app-exec: Call docker exec $(ARGS) for each Dockerfile in dir 1
|
||||
|
@ -94,11 +103,12 @@ endef
|
|||
# function app-logs: Call docker logs $(ARGS) for each Dockerfile in dir 1
|
||||
define app-logs
|
||||
$(call INFO,app-logs,$(1)$(comma) $(2))
|
||||
$(if $(filter-out $(MYOS_STACK_FILE),$(COMPOSE_FILE)),$(call docker-compose,logs),
|
||||
$(call docker-file,$(1))
|
||||
$(foreach dockerfile,$(DOCKER_FILE),
|
||||
$(call app-docker,$(dockerfile))
|
||||
$(call docker-logs)
|
||||
)
|
||||
))
|
||||
endef
|
||||
|
||||
# function app-ps: Call docker ps for each Dockerfile in dir 1
|
||||
|
@ -138,10 +148,11 @@ endef
|
|||
define app-up
|
||||
$(call INFO,app-up,$(1)$(comma))
|
||||
$(eval DOCKER_RUN_OPTIONS += -d)
|
||||
$(if $(filter-out $(MYOS_STACK_FILE),$(COMPOSE_FILE)),$(call docker-compose,up),
|
||||
$(if $(shell docker ps -q -f name=$(DOCKER_NAME) 2>/dev/null),
|
||||
$(call INFO,docker $(DOCKER_NAME) already running)
|
||||
, $(call app-run,$(1))
|
||||
)
|
||||
))
|
||||
endef
|
||||
|
||||
# function app-update: Run 'cd dir 1 && git pull' or Call app-install
|
||||
|
|
|
@ -4,7 +4,7 @@ DOCKER_GID ?= $(call gid,docker)
|
|||
DOCKER_IMAGE ?= $(USER_DOCKER_IMAGE)
|
||||
DOCKER_MACHINE ?= $(shell docker run --rm alpine uname -m 2>/dev/null)
|
||||
DOCKER_NAME ?= $(USER_DOCKER_NAME)
|
||||
DOCKER_NETWORK ?= $(if $(STACK_USER),$(USER),$(DOCKER_NETWORK_PRIVATE))
|
||||
DOCKER_NETWORK ?= $(if $(USER_STACK),$(USER),$(DOCKER_NETWORK_PRIVATE))
|
||||
DOCKER_NETWORK_PRIVATE ?= $(USER)-$(ENV)
|
||||
DOCKER_NETWORK_PUBLIC ?= $(HOSTNAME)
|
||||
# DOCKER_RUN: if empty, run system command, else run it in a docker
|
||||
|
@ -25,15 +25,17 @@ HOST_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(HOST_COMPOSE_PROJEC
|
|||
HOST_DOCKER_VOLUME ?= $(HOST_COMPOSE_PROJECT_NAME)
|
||||
HOST_GID ?= 100
|
||||
HOST_UID ?= 123
|
||||
HOST_STACK ?= $(filter host,$(firstword $(subst /, ,$(STACK))))
|
||||
MYOS_STACK ?= $(MYOS)/stack/myos
|
||||
MYOS_STACK_FILE ?= $(wildcard $(MYOS_STACK)/networks.yml $(MYOS_STACK)/*.$(ENV).yml)
|
||||
RESU_DOCKER_REPOSITORY ?= $(subst -,/,$(USER_COMPOSE_PROJECT_NAME))
|
||||
STACK_HOST ?= $(filter host,$(firstword $(subst /, ,$(STACK))))
|
||||
STACK_USER ?= $(filter User,$(firstword $(subst /, ,$(STACK))))
|
||||
USER_COMPOSE_PROJECT_NAME ?= $(subst .,-,$(RESU))
|
||||
USER_COMPOSE_SERVICE_NAME ?= $(USER_COMPOSE_PROJECT_NAME)
|
||||
USER_DOCKER_IMAGE ?= $(USER_DOCKER_REPOSITORY):${DOCKER_IMAGE_TAG}
|
||||
USER_DOCKER_NAME ?= $(USER_COMPOSE_PROJECT_NAME)
|
||||
USER_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(USER)))
|
||||
USER_DOCKER_VOLUME ?= $(USER_COMPOSE_PROJECT_NAME)
|
||||
USER_STACK ?= $(filter User,$(firstword $(subst /, ,$(STACK))))
|
||||
|
||||
# https://github.com/docker/libnetwork/pull/2348
|
||||
ifeq ($(SYSTEM),Darwin)
|
||||
|
|
10
make/def.mk
10
make/def.mk
|
@ -90,7 +90,7 @@ MAKE_OLDFILE ?= $@
|
|||
MAKE_TARGETS ?= $(filter-out $(.VARIABLES),$(shell $(MAKE) -qp 2>/dev/null |awk -F':' '/^[a-zA-Z0-9][^$$\#\/\t=]*:([^=]|$$)/ {print $$1}' 2>/dev/null |sort -u))
|
||||
MAKE_UNIXTIME_START := $(shell date -u +'%s' 2>/dev/null)
|
||||
MAKE_UNIXTIME_CURRENT = $(shell date -u "+%s" 2>/dev/null)
|
||||
MAKE_VARS ?= ENV
|
||||
MAKE_VARS ?= ENV DOCKER_COMPOSE DOCKER_MACHINE DOCKER_SYSTEM
|
||||
MAKECMDARGS ?= apps-install install-app
|
||||
MONOREPO ?= $(if $(filter myos,$(MYOS)),$(notdir $(CURDIR)),$(if $(APP),$(notdir $(realpath $(CURDIR)/..))))
|
||||
MONOREPO_DIR ?= $(if $(MONOREPO),$(if $(filter myos,$(MYOS)),$(realpath $(CURDIR)),$(if $(APP),$(realpath $(CURDIR)/..))))
|
||||
|
@ -126,13 +126,13 @@ endif
|
|||
|
||||
# Guess OS
|
||||
ifeq ($(OSTYPE),cygwin)
|
||||
SYSTEM := cygwin
|
||||
SYSTEM ?= cygwin
|
||||
else ifeq ($(OS),Windows_NT)
|
||||
SYSTEM := Windows_NT
|
||||
SYSTEM ?= Windows_NT
|
||||
else
|
||||
SYSTEM := $(shell uname -s 2>/dev/null)
|
||||
SYSTEM ?= $(shell uname -s 2>/dev/null)
|
||||
endif
|
||||
MACHINE := $(shell uname -m 2>/dev/null)
|
||||
MACHINE ?= $(shell uname -m 2>/dev/null)
|
||||
|
||||
ifeq ($(SYSTEM),Darwin)
|
||||
SED_SUFFIX := ''
|
||||
|
|
|
@ -49,8 +49,3 @@ volumes:
|
|||
user:
|
||||
external: true
|
||||
name: ${USER_DOCKER_VOLUME}
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK}
|
||||
|
|
|
@ -88,17 +88,9 @@ services:
|
|||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- host:/home:delegated
|
||||
- home:/home:delegated
|
||||
|
||||
volumes:
|
||||
host:
|
||||
home:
|
||||
external: true
|
||||
name: ${HOST_DOCKER_VOLUME}_home
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -23,11 +23,3 @@ services:
|
|||
|
||||
volumes:
|
||||
nextcloud:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -17,8 +17,3 @@ services:
|
|||
restart: always
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
|
|
|
@ -33,11 +33,3 @@ services:
|
|||
|
||||
volumes:
|
||||
drone:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -11,8 +11,3 @@ services:
|
|||
restart: always
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
|
|
|
@ -19,11 +19,3 @@ services:
|
|||
ports:
|
||||
- 8200
|
||||
restart: always
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -16,11 +16,3 @@ services:
|
|||
ports:
|
||||
- 8200
|
||||
restart: always
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -19,8 +19,3 @@ services:
|
|||
networks:
|
||||
- private
|
||||
restart: always
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
|
|
|
@ -4,4 +4,3 @@ services:
|
|||
elasticsearch:
|
||||
environment:
|
||||
- discovery.type=single-node
|
||||
|
||||
|
|
|
@ -38,11 +38,3 @@ services:
|
|||
|
||||
volumes:
|
||||
elasticsearch:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -12,11 +12,3 @@ services:
|
|||
ports:
|
||||
- 5601
|
||||
restart: always
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -12,11 +12,3 @@ services:
|
|||
ports:
|
||||
- 5601
|
||||
restart: always
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -30,11 +30,3 @@ services:
|
|||
|
||||
volumes:
|
||||
grafana:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
ENV_VARS += HOST_ACME_POST_HOOK HOST_ACME_PRE_HOOK
|
||||
HOST_ACME_DOMAIN_PATH_VALID ?= $$(echo $${DOMAIN_PATH:-} |awk "'"/^[0-9a-z_\-\.\+\/]+@[0-9a-z_\-\.]+\.[a-z0-9_\-\.\+\/]+$$/"'")
|
||||
HOST_ACME_POST_HOOK ?= [ "$(HOST_ACME_DOMAIN_PATH_VALID)" ] && cp fullchain.cer /host/certs/$${domain}-cert.pem 2>/dev/null && cp $${domain}.key /host/certs/$${domain}-key.pem
|
||||
HOST_ACME_DOMAIN_PATH_VALID ?= $$(echo $${DOMAIN_PATH:-} |awk "'"/^[0-9a-z_\-\.+\/]+@[0-9a-z_\-\.]+\.[a-z0-9_\-\.\+\/]+$$/"'")
|
||||
HOST_ACME_DOMAIN_CERT_MODULUS ?= $$(openssl x509 -in fullchain.cer -noout -modulus)
|
||||
HOST_ACME_DOMAIN_KEY_MODULUS ?= $$(openssl rsa -in $${domain}.key -noout -modulus)
|
||||
HOST_ACME_POST_HOOK ?= [ "$(HOST_ACME_DOMAIN_PATH_VALID)" ] && cp -a fullchain.cer /host/certs/$${domain}-cert.pem 2>/dev/null && [ "$(HOST_ACME_DOMAIN_CERT_MODULUS)" = "$(HOST_ACME_DOMAIN_KEY_MODULUS)" ] && cp -a $${domain}.key /host/certs/$${domain}-key.pem
|
||||
|
|
|
@ -31,8 +31,3 @@ volumes:
|
|||
host:
|
||||
external: true
|
||||
name: ${HOST_DOCKER_VOLUME}
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -6,12 +6,6 @@ services:
|
|||
- DOCUMENT_ROOT=/var/www
|
||||
volumes:
|
||||
- www:/var/www
|
||||
nginx:
|
||||
volumes:
|
||||
- www:/var/www
|
||||
php:
|
||||
volumes:
|
||||
- www:/var/www
|
||||
|
||||
volumes:
|
||||
www:
|
|
@ -29,8 +29,3 @@ services:
|
|||
volumes:
|
||||
backup:
|
||||
web:
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC:-localhost}
|
||||
|
|
|
@ -18,4 +18,3 @@ services:
|
|||
|
||||
volumes:
|
||||
restic:
|
||||
|
||||
|
|
|
@ -20,8 +20,3 @@ services:
|
|||
- /sys:/sys:ro
|
||||
- /var/lib/docker/:/var/lib/docker:ro
|
||||
- /var/run:/var/run:rw
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -23,8 +23,3 @@ services:
|
|||
- /:/rootfs:ro
|
||||
- /proc:/host/proc:ro
|
||||
- /sys:/host/sys:ro
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
HOST_FTPS_UFW_DOCKER ?= 21/tcp 18700/tcp 18701/tcp 18702/tcp 18703/tcp 18704/tcp 18705/tcp 18706/tcp 18707/tcp 18708/tcp 18709/tcp 18710/tcp
|
|
@ -0,0 +1,32 @@
|
|||
version: '3.6'
|
||||
|
||||
services:
|
||||
ftps:
|
||||
container_name: ${HOST_COMPOSE_PROJECT_NAME}-ftps
|
||||
environment:
|
||||
- FTPS_EXTERNAL_IP=${DOCKER_HOST_INET4}
|
||||
- FTPS_PASS=${HOST_FTPS_PASS}
|
||||
- FTPS_USER=${HOST_FTPS_USER}
|
||||
- FTPS_UID=${HOST_FTPS_UID}
|
||||
image: bfren/ftps:latest
|
||||
labels:
|
||||
- SERVICE_21_CHECK_TCP=true
|
||||
- SERVICE_21_NAME=${COMPOSE_SERVICE_NAME}-ftps-21
|
||||
networks:
|
||||
- private
|
||||
- public
|
||||
ports:
|
||||
- 21:21
|
||||
- 18700-18710:18700-18710
|
||||
restart: always
|
||||
volumes:
|
||||
- backup:/files
|
||||
- host:/host
|
||||
- ssl:/ssl
|
||||
|
||||
volumes:
|
||||
backup:
|
||||
host:
|
||||
external: true
|
||||
name: ${HOST_DOCKER_VOLUME}
|
||||
ssl:
|
|
@ -0,0 +1,9 @@
|
|||
version: '3.6'
|
||||
|
||||
services:
|
||||
ipfs:
|
||||
volumes:
|
||||
- home:/home:delegated
|
||||
|
||||
volumes:
|
||||
home:
|
|
@ -6,5 +6,5 @@ HOST_IPFS_SERVICE_5001_PATH ?= api/
|
|||
HOST_IPFS_SERVICE_5001_TAGS ?= $(call tagprefix,HOST_IPFS,5001)
|
||||
HOST_IPFS_SERVICE_8080_ENVS ?= host
|
||||
HOST_IPFS_SERVICE_8080_TAGS ?= $(call urlprefix,,,$(HOST_IPFS_SERVICE_8080_URIS) $(call servicenvs,HOST_IPFS,8080,URIS))
|
||||
HOST_IPFS_SERVICE_8080_URIS ?= $(call uriprefix,*ipfs *ipns)
|
||||
HOST_IPFS_UFW_DOCKER ?= 4001/tcp 4001/udp 8080
|
||||
HOST_IPFS_SERVICE_8080_URIS ?= $(call uriprefix,ipfs *.ipns)
|
||||
HOST_IPFS_UFW_UPDATE ?= 4001/tcp 4001/udp 8080
|
||||
|
|
|
@ -31,11 +31,11 @@ services:
|
|||
- IPFS_BOOTSTRAP=${HOST_IPFS_BOOTSTRAP:-}
|
||||
- IPFS_DATASTORE_GCPERIOD=${HOST_IPFS_DATASTORE_GCPERIOD:-}
|
||||
- IPFS_DISK_USAGE_PERCENT=${HOST_IPFS_DISK_USAGE_PERCENT:-}
|
||||
- IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT=${HOST_IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT:-}
|
||||
- IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT=${HOST_IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT:-true}
|
||||
- IPFS_EXPERIMENTAL_FILESTOREENABLED=${HOST_IPFS_EXPERIMENTAL_FILESTOREENABLED:-}
|
||||
- IPFS_EXPERIMENTAL_GRAPHSYNCENABLED=${HOST_IPFS_EXPERIMENTAL_GRAPHSYNCENABLED:-}
|
||||
- IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=${HOST_IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING:-}
|
||||
- IPFS_EXPERIMENTAL_P2PHTTPPROXY=${HOST_IPFS_EXPERIMENTAL_P2PHTTPPROXY:-}
|
||||
- IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=${HOST_IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING:-true}
|
||||
- IPFS_EXPERIMENTAL_P2PHTTPPROXY=${HOST_IPFS_EXPERIMENTAL_P2PHTTPPROXY:-true}
|
||||
- IPFS_EXPERIMENTAL_STRATEGICPROVIDING=${HOST_IPFS_EXPERIMENTAL_STRATEGICPROVIDING:-}
|
||||
- IPFS_EXPERIMENTAL_URLSTOREENABLED=${HOST_IPFS_EXPERIMENTAL_URLSTOREENABLED:-}
|
||||
- IPFS_IDENTITY_PEERID=${HOST_IPFS_IDENTITY_PEERID:-}
|
||||
|
@ -45,12 +45,13 @@ services:
|
|||
- IPFS_IPNS_USEPUBSUB=${HOST_IPFS_IPNS_USEPUBSUB:-true}
|
||||
- IPFS_LOGGING=${HOST_IPFS_LOGGING:-error}
|
||||
- IPFS_NETWORK=${HOST_IPFS_NETWORK:-public}
|
||||
- IPFS_PATH=${HOST_IPFS_PATH:-/data/ipfs}
|
||||
- IPFS_PROFILE=${HOST_IPFS_PROFILE:-${IPFS_PROFILE}}
|
||||
- IPFS_PUBSUB_ENABLE=${HOST_IPFS_PUBSUB_ENABLE:-true}
|
||||
- IPFS_PUBSUB_ROUTER=${HOST_IPFS_PUBSUB_ROUTER:-gossipsub}
|
||||
- IPFS_ROUTING_TYPE=${HOST_IPFS_ROUTING_TYPE:-dht}
|
||||
- IPFS_REPROVIDER_INTERVAL=${HOST_IPFS_REPROVIDER_INTERVAL:-}
|
||||
- IPFS_REPROVIDER_STRATEGY=${HOST_IPFS_REPROVIDER_STRATEGY:-}
|
||||
- IPFS_REPROVIDER_STRATEGY=${HOST_IPFS_REPROVIDER_STRATEGY:-roots}
|
||||
- IPFS_SWARM_CONNMGR_HIGHWATER=${HOST_IPFS_SWARM_CONNMGR_HIGHWATER:-}
|
||||
- IPFS_SWARM_CONNMGR_LOWWATER=${HOST_IPFS_SWARM_CONNMGR_LOWWATER:-}
|
||||
- IPFS_SWARM_CONNMGR_TYPE=${HOST_IPFS_SWARM_CONNMGR_TYPE:-}
|
||||
|
@ -60,6 +61,8 @@ services:
|
|||
- IPFS_SWARM_RELAYCLIENT_ENABLED=${HOST_IPFS_SWARM_RELAYCLIENT_ENABLED:-}
|
||||
- IPFS_SWARM_RELAYSERVICE_ENABLED=${HOST_IPFS_SWARM_RELAYSERVICE_ENABLED:-}
|
||||
- IPFS_SWARM_TRANSPORTS_NETWORK_RELAY=${HOST_IPFS_SWARM_TRANSPORTS_NETWORK_RELAY:-}
|
||||
healthcheck:
|
||||
timeout: 5s
|
||||
image: ${HOST_DOCKER_REPOSITORY}/ipfs:${DOCKER_IMAGE_TAG}
|
||||
labels:
|
||||
- SERVICE_4001_CHECK_TCP=true
|
||||
|
@ -72,13 +75,7 @@ services:
|
|||
- SERVICE_8080_NAME=${HOST_COMPOSE_SERVICE_NAME}-ipfs-8080
|
||||
- SERVICE_8080_TAGS=${HOST_IPFS_SERVICE_8080_TAGS:-}
|
||||
- SERVICE_8081_IGNORE=true
|
||||
networks:
|
||||
- public
|
||||
ports:
|
||||
- 4001:4001/tcp
|
||||
- 4001:4001/udp
|
||||
- 5001:5001/tcp
|
||||
- 8080:8080/tcp
|
||||
network_mode: host
|
||||
restart: always
|
||||
ulimits:
|
||||
nofile:
|
||||
|
@ -89,8 +86,3 @@ services:
|
|||
|
||||
volumes:
|
||||
ipfs:
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
# ENV_VARS += HOST_MAILSERVER_ENABLE_MANAGESIEVE HOST_MAILSERVER_SPOOF_PROTECTION HOST_MAILSERVER_SSL_TYPE HOST_MAILSERVER_ENABLE_UPDATE_CHECK
|
||||
HOST_MAILSERVER_ENABLE_FAIL2BAN ?= 1
|
||||
HOST_MAILSERVER_ENABLE_MANAGESIEVE ?= 1
|
||||
HOST_MAILSERVER_ENABLE_UPDATE_CHECK ?= 0
|
||||
HOST_MAILSERVER_SPOOF_PROTECTION ?= 1
|
||||
HOST_MAILSERVER_SSL_TYPE ?= letsencrypt
|
||||
HOST_MAILSERVER_ENABLE_UPDATE_CHECK ?= 0
|
||||
HOST_MAILSERVER_UFW_DOCKER ?= 25/tcp 465/tcp 587/tcp 993/tcp
|
||||
|
|
|
@ -28,7 +28,7 @@ services:
|
|||
- ENABLE_AMAVIS=${HOST_MAILSERVER_ENABLE_AMAVIS:-1}
|
||||
- AMAVIS_LOGLEVEL=${HOST_MAILSERVER_AMAVIS_LOGLEVEL:-0}
|
||||
- ENABLE_DNSBL=${HOST_MAILSERVER_ENABLE_DNSBL:-0}
|
||||
- ENABLE_FAIL2BAN=${HOST_MAILSERVER_ENABLE_FAIL2BAN:-0}
|
||||
- ENABLE_FAIL2BAN=${HOST_MAILSERVER_ENABLE_FAIL2BAN:-1}
|
||||
- FAIL2BAN_BLOCKTYPE=${HOST_MAILSERVER_FAIL2BAN_BLOCKTYPE:-drop}
|
||||
- ENABLE_MANAGESIEVE=${HOST_MAILSERVER_ENABLE_MANAGESIEVE:-1}
|
||||
- POSTSCREEN_ACTION=${HOST_MAILSERVER_POSTSCREEN_ACTION:-enforce}
|
||||
|
@ -155,8 +155,3 @@ volumes:
|
|||
host:
|
||||
external: true
|
||||
name: ${HOST_DOCKER_VOLUME}
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -1,19 +1,11 @@
|
|||
version: '3.6'
|
||||
|
||||
services:
|
||||
apache-php5:
|
||||
environment:
|
||||
- DOCUMENT_ROOT=/dns
|
||||
volumes:
|
||||
- dns:/dns
|
||||
nginx:
|
||||
environment:
|
||||
- DEFAULT=default_dns
|
||||
volumes:
|
||||
- dns:/dns
|
||||
php:
|
||||
volumes:
|
||||
- dns:/dns
|
||||
|
||||
volumes:
|
||||
dns:
|
|
@ -0,0 +1,9 @@
|
|||
version: '3.6'
|
||||
|
||||
services:
|
||||
nginx:
|
||||
volumes:
|
||||
- www:/var/www
|
||||
|
||||
volumes:
|
||||
www:
|
|
@ -15,7 +15,7 @@ services:
|
|||
- DEFAULT_LOCATION_PHP=${HOST_NGINX_DEFAULT_LOCATION_PHP:-}
|
||||
- DEFAULT_LOCATION_IPFS=${HOST_NGINX_DEFAULT_LOCATION_IPFS:-}
|
||||
- LETSENCRYPT_HOST=${HOST_NGINX_LETSENCRYPT_HOST:-${HOST_NGINX_VIRTUAL_HOST:-}}
|
||||
- LETSENCRYPT_EMAIL=${HOST_NGINX_LETSENCRYPT_EMAIL:-${DEFAULT_EMAIL:-${MAIL:-nginx@localhost}}}
|
||||
- LETSENCRYPT_EMAIL=${HOST_NGINX_LETSENCRYPT_EMAIL:-${HOST_ACME_DEFAULT_EMAIL:-${DEFAULT_EMAIL:-${MAIL:-nginx@localhost}}}}
|
||||
- LETSENCRYPT_SINGLE_DOMAIN_CERTS=${HOST_NGINX_LETSENCRYPT_SINGLE_DOMAIN_CERTS:-true}
|
||||
- LETSENCRYPT_TEST=${HOST_NGINX_LETSENCRYPT_TEST:-${LETSENCRYPT_TEST:-}}
|
||||
- SSL_POLICY=${HOST_NGINX_SSL_POLICY:-Mozilla-Modern}
|
||||
|
@ -51,8 +51,3 @@ volumes:
|
|||
htpasswd:
|
||||
log:
|
||||
vhost:
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
version: '3.6'
|
||||
|
||||
services:
|
||||
php:
|
||||
volumes:
|
||||
- dns:/dns
|
||||
|
||||
volumes:
|
||||
dns:
|
|
@ -0,0 +1,9 @@
|
|||
version: '3.6'
|
||||
|
||||
services:
|
||||
php:
|
||||
volumes:
|
||||
- www:/var/www
|
||||
|
||||
volumes:
|
||||
www:
|
|
@ -13,8 +13,4 @@ services:
|
|||
image: php:fpm-alpine
|
||||
networks:
|
||||
- public
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
restart: always
|
||||
|
|
|
@ -21,8 +21,3 @@ services:
|
|||
|
||||
volumes:
|
||||
portainer:
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -18,8 +18,3 @@ services:
|
|||
|
||||
volumes:
|
||||
static:
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -40,11 +40,6 @@ services:
|
|||
- shared:/shared:cached
|
||||
- shm:/dev/shm:delegated
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
||||
volumes:
|
||||
home:
|
||||
shared:
|
||||
|
|
|
@ -5,8 +5,8 @@ IPFS_SERVICE_NAME ?= ipfs
|
|||
IPFS_SERVICE_5001_PATH ?= api/
|
||||
IPFS_SERVICE_5001_TAGS ?= $(call tagprefix,ipfs,5001)
|
||||
IPFS_SERVICE_8080_CHECK_HTTP ?= /ipfs/QmUNLLsPACCz1vLxQVkXqqLX5R1X345qqfHbsf67hvA3Nn
|
||||
IPFS_SERVICE_8080_TAGS ?= $(call tagprefix,ipfs,8080)
|
||||
IPFS_SERVICE_8080_URIS ?= $(patsubst %,ipfs.%,$(APP_URIS)) $(patsubst %,*.ipfs.%,$(APP_URIS)) $(patsubst %,ipns.%,$(APP_URIS)) $(patsubst %,*.ipns.%,$(APP_URIS))
|
||||
IPFS_SERVICE_8080_TAGS ?= $(call urlprefix,,,$(IPFS_SERVICE_8080_URIS))
|
||||
IPFS_SERVICE_8080_URIS ?= $(call uriprefix,ipfs *.ipns)
|
||||
IPFS_VERSION ?= 0.16.0
|
||||
|
||||
.PHONY: bootstrap-stack-ipfs
|
||||
|
|
|
@ -92,11 +92,3 @@ volumes:
|
|||
type: none
|
||||
device: ${HOME}/.ipfs
|
||||
o: bind
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -11,8 +11,3 @@ services:
|
|||
ports:
|
||||
- 11211
|
||||
restart: always
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE:-docker}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC:-localhost}
|
|
@ -0,0 +1,9 @@
|
|||
version: '3.6'
|
||||
|
||||
volumes:
|
||||
backup:
|
||||
driver: local
|
||||
driver_opts:
|
||||
device: /var/lib/backup
|
||||
o: bind
|
||||
type: none
|
|
@ -0,0 +1,9 @@
|
|||
version: '3.6'
|
||||
|
||||
volumes:
|
||||
home:
|
||||
driver: local
|
||||
driver_opts:
|
||||
device: /home
|
||||
o: bind
|
||||
type: none
|
|
@ -17,8 +17,3 @@ services:
|
|||
|
||||
volumes:
|
||||
mysql:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
|
|
|
@ -12,8 +12,3 @@ services:
|
|||
ports:
|
||||
- 31339
|
||||
restart: always
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
|
|
|
@ -45,11 +45,3 @@ volumes:
|
|||
type: none
|
||||
device: ${MONOREPO_DIR}
|
||||
o: bind
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE:-docker}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC:-localhost}
|
||||
|
|
|
@ -19,11 +19,3 @@ services:
|
|||
|
||||
volumes:
|
||||
static:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE:-docker}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC:-static.localhost}
|
||||
|
|
|
@ -20,8 +20,3 @@ services:
|
|||
|
||||
volumes:
|
||||
portainer:
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -2,4 +2,4 @@ version: '3.6'
|
|||
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:latest
|
||||
image: postgres:alpine
|
||||
|
|
|
@ -4,6 +4,7 @@ services:
|
|||
postgres:
|
||||
environment:
|
||||
- POSTGRES_DB=${POSTGRES_DB:-postgres}
|
||||
- POSTGRES_HOST_AUTH_METHOD=${POSTGRES_HOST_AUTH_METHOD:-trust}
|
||||
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-postgres}
|
||||
- POSTGRES_USER=${POSTGRES_USER:-postgres}
|
||||
labels:
|
||||
|
@ -19,8 +20,3 @@ services:
|
|||
|
||||
volumes:
|
||||
postgres:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
|
|
|
@ -19,11 +19,3 @@ services:
|
|||
ports:
|
||||
- 9093
|
||||
restart: always
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -18,11 +18,3 @@ services:
|
|||
ports:
|
||||
- 9115
|
||||
restart: always
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -19,11 +19,3 @@ services:
|
|||
ports:
|
||||
- 9206
|
||||
restart: always
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -25,11 +25,3 @@ services:
|
|||
|
||||
volumes:
|
||||
prometheus:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -25,11 +25,3 @@ services:
|
|||
|
||||
volumes:
|
||||
rabbitmq:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -17,11 +17,3 @@ services:
|
|||
|
||||
volumes:
|
||||
redis:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -37,11 +37,3 @@ services:
|
|||
|
||||
volumes:
|
||||
redmine:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -30,11 +30,3 @@ services:
|
|||
|
||||
volumes:
|
||||
redmine3:
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -21,8 +21,3 @@ services:
|
|||
restart: always
|
||||
volumes:
|
||||
- /var/run/docker.sock:/tmp/docker.sock
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
|
|
|
@ -46,11 +46,3 @@ volumes:
|
|||
user:
|
||||
external: true
|
||||
name: ${USER_DOCKER_VOLUME}
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
|
|
@ -40,14 +40,6 @@ services:
|
|||
- vdi-shared:/shared:cached
|
||||
- vdi-shm:/dev/shm:delegated
|
||||
|
||||
networks:
|
||||
private:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PRIVATE}
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
||||
|
||||
volumes:
|
||||
vdi-home:
|
||||
vdi-shared:
|
||||
|
|
Loading…
Reference in New Issue