more ipfs config

This commit is contained in:
Yann Autissier 2022-07-26 21:57:34 +02:00
parent 07a9729c73
commit 069713b923
23 changed files with 270 additions and 114 deletions

View File

@ -8,7 +8,7 @@ This is work in progress ;)
## Requirements
You need `git` and `make`.
You need `docker`, `git` and `make`.
## Usage
@ -47,6 +47,8 @@ $ make shutdown
$ make install
```
Install myos on a server and manage server config with ansible.
### Variables
* DEBUG

72
docker/ipfs/ipfs-config.sh Normal file → Executable file
View File

@ -11,12 +11,6 @@ set -e
# Please inspect if changes impact go-ipfs users, and update expectedDefaultServiceLimits in rcmgr_defaults.go to remove this message
# FATAL p2pnode libp2p/rcmgr_defaults.go:115 daemon will refuse to run with the resource manager until this is resolved
## Astroport.One
ipfs config Pubsub.Router gossipsub
ipfs config --json Experimental.Libp2pStreamMounting true
ipfs config --json Experimental.P2pHttpProxy true
ipfs config Addresses.Gateway "/ip4/0.0.0.0/tcp/8080"
## ipfs client needs API address
# search for ip address of $(hostname).${IPFS_ADDRESSES_API_DOMAIN}
[ -n "${IPFS_ADDRESSES_API_DOMAIN}" ] && [ -z "${IPFS_ADDRESSES_API_INET4}" ] \
@ -28,5 +22,67 @@ echo "${IPFS_ADDRESSES_API_INET4}" |awk -F. '{ for ( i=1; i<=4; i++ ) if ($i >=
|| unset IPFS_ADDRESSES_API_PORT
ipfs config Addresses.Api "${IPFS_ADDRESSES_API:-/ip4/${IPFS_ADDRESSES_API_INET4:-127.0.0.1}/tcp/${IPFS_ADDRESSES_API_PORT:-5001}}"
## REMOVE IPFS BOOTSTRAP
ipfs bootstrap rm --all
## gateway address
# search for ip address of $(hostname).${IPFS_ADDRESSES_GATEWAY_DOMAIN}
[ -n "${IPFS_ADDRESSES_GATEWAY_DOMAIN}" ] && [ -z "${IPFS_ADDRESSES_GATEWAY_INET4}" ] \
&& IPFS_ADDRESSES_GATEWAY_INET4=$(nslookup -type=A "$(hostname).${IPFS_ADDRESSES_GATEWAY_DOMAIN}" |awk 'found && /^Address:/ {print $2; found=0}; /^Name:\t'"$(hostname).${IPFS_ADDRESSES_GATEWAY_DOMAIN}"'/ {found=1};')
# check ${IPFS_ADDRESSES_GATEWAY_INET4} format
echo "${IPFS_ADDRESSES_GATEWAY_INET4}" |awk -F. '{ for ( i=1; i<=4; i++ ) if ($i >= 0 && $i <= 255); else exit 1;}; NF != 4 {exit 1;}' || unset IPFS_ADDRESSES_GATEWAY_INET4
# check ${IPFS_ADDRESSES_GATEWAY_PORT} format
[ "${IPFS_ADDRESSES_GATEWAY_PORT}" -eq "${IPFS_ADDRESSES_GATEWAY_PORT}" ] 2>/dev/null && [ "${IPFS_ADDRESSES_GATEWAY_PORT}" -ge 1 ] && [ "${IPFS_ADDRESSES_GATEWAY_PORT}" -le 65535 ] \
|| unset IPFS_ADDRESSES_GATEWAY_PORT
ipfs config Addresses.Gateway "${IPFS_ADDRESSES_GATEWAY:-/ip4/${IPFS_ADDRESSES_GATEWAY_INET4:-127.0.0.1}/tcp/${IPFS_ADDRESSES_GATEWAY_PORT:-8080}}"
## api http headers
ipfs config --json API.HTTPHeaders "${IPFS_API_HTTPHEADERS:-{
\"Access-Control-Allow-Credentials\": ${IPFS_API_HTTPHEADERS_ACA_CREDENTIALS:-null},
\"Access-Control-Allow-Headers\": ${IPFS_API_HTTPHEADERS_ACA_HEADERS:-null},
\"Access-Control-Allow-Methods\": ${IPFS_API_HTTPSHEADERS_ACA_METHODS:-null},
\"Access-Control-Allow-Origin\": ${IPFS_API_HTTPHEADERS_ACA_ORIGIN:-null}
}}"
## bootstrap
[ -n "${IPFS_BOOTSTRAP}" ] && ipfs config --json Bootstrap "${IPFS_BOOTSTRAP}"
## storage
# limit disk usage to 50 percent of disk size
diskSize=$(df -P ${IPFS_PATH:-~/.ipfs} | awk 'NR>1{size+=$2}END{print size}')
ipfs config Datastore.StorageMax "$((diskSize * ${IPFS_DISK_USAGE_PERCENT:-50/100}))"
# garbage collector
[ -n "${IPFS_DATASTORE_GCPERIOD}" ] && ipfs config Datastore.GCPeriod "${IPFS_DATASTORE_GCPERIOD}"
## experimental features
[ -n "${IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT}" ] && ipfs config --json Experimental.AcceleratedDHTClient "${IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT}"
[ -n "${IPFS_EXPERIMENTAL_FILESTOREENABLED}" ] && ipfs config --json Experimental.FilestoreEnabled "${IPFS_EXPERIMENTAL_FILESTOREENABLED}"
[ -n "${IPFS_EXPERIMENTAL_GRAPHSYNCENABLED}" ] && ipfs config --json Experimental.GraphsyncEnabled "${IPFS_EXPERIMENTAL_GRAPHSYNCENABLED}"
[ -n "${IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING}" ] && ipfs config --json Experimental.Libp2pStreamMounting "${IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING}"
[ -n "${IPFS_EXPERIMENTAL_P2PHTTPPROXY}" ] && ipfs config --json Experimental.P2pHttpProxy "${IPFS_EXPERIMENTAL_P2PHTTPPROXY}"
[ -n "${IPFS_EXPERIMENTAL_STRATEGICPROVIDING}" ] && ipfs config --json Experimental.StrategicProviding "${IPFS_EXPERIMENTAL_STRATEGICPROVIDING}"
[ -n "${IPFS_EXPERIMENTAL_URLSTOREENABLED}" ] && ipfs config --json Experimental.UrlstoreEnabled "${IPFS_EXPERIMENTAL_URLSTOREENABLED}"
## api http headers
ipfs config --json Gateway.HTTPHeaders "${IPFS_GATEWAY_HTTPHEADERS:-{
\"Access-Control-Allow-Credentials\": ${IPFS_GATEWAY_HTTPHEADERS_ACA_CREDENTIALS:-null},
\"Access-Control-Allow-Headers\": ${IPFS_GATEWAY_HTTPHEADERS_ACA_HEADERS:-[ \"X-Requested-With\", \"Range\", \"User-Agent\" ]},
\"Access-Control-Allow-Methods\": ${IPFS_GATEWAY_HTTPSHEADERS_ACA_METHODS:-[ \"GET\" ]},
\"Access-Control-Allow-Origin\": ${IPFS_GATEWAY_HTTPHEADERS_ACA_ORIGIN:-[ \"*\" ]}
}}"
## ipns
[ -n "${IPFS_IPNS_REPUBLISHPERIOD}" ] && ipfs config Ipns.RepublishPeriod "${IPFS_IPNS_REPUBLISHPERIOD}"
[ -n "${IPFS_IPNS_RECORDLIFETIME}" ] && ipfs config Ipns.RecordLifetime "${IPFS_IPNS_RECORDLIFETIME}"
[ -n "${IPFS_IPNS_USEPUBSUB}" ] && ipfs config --json Ipns.UsePubsub "${IPFS_IPNS_USEPUBSUB}"
## dht pubsub mode
[ -n "${IPFS_PUBSUB_ENABLE}" ] && ipfs config --json Pubsub.Enabled "${IPFS_PUBSUB_ENABLE}"
[ -n "${IPFS_PUBSUB_ROUTER}" ] && ipfs config Pubsub.Router "${IPFS_PUBSUB_ROUTER}"
## routing
[ -n "${IPFS_ROUTING_TYPE}" ] && ipfs config Routing.Type "${IPFS_ROUTING_TYPE}"
## swarm config
[ -n "${IPFS_SWARM_CONNMGR_LOWWATER}" ] && ipfs config --json Swarm.ConnMgr.LowWater "${IPFS_SWARM_CONNMGR_LOWWATER}"
[ -n "${IPFS_SWARM_CONNMGR_HIGHWATER}" ] && ipfs config --json Swarm.ConnMgr.HighWater "${IPFS_SWARM_CONNMGR_HIGHWATER}"
## REMOVE IPFS BOOTSTRAP for private usage
[ ${IPFS_NETWORK:-public} = "public" ] || ipfs bootstrap rm --all

View File

@ -61,13 +61,13 @@ endif
define docker-compose
$(call INFO,docker-compose,$(1))
$(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION)))
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_NODE),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_USER),$(COMPOSE_PROJECT_NAME))) $(1)))
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(NODE_COMPOSE_PROJECT_NAME),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(USER_COMPOSE_PROJECT_NAME),$(COMPOSE_PROJECT_NAME))) $(1)))
endef
# function docker-compose-exec: Run docker-compose-exec with arg 2 in service 1
define docker-compose-exec
$(call INFO,docker-compose-exec,$(1)$(comma) $(2))
$(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION)))
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_NODE),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_USER),$(COMPOSE_PROJECT_NAME))) exec -T $(1) sh -c '$(2)'))
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(NODE_COMPOSE_PROJECT_NAME),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(USER_COMPOSE_PROJECT_NAME),$(COMPOSE_PROJECT_NAME))) exec -T $(1) sh -c '$(2)'))
endef
# function docker-build: Build docker image
define docker-build

View File

@ -9,7 +9,7 @@ docker-build: docker-images-myos
# target docker-build-%: Call docker-build for each Dockerfile in docker/% folder
.PHONY: docker-build-%
docker-build-%:
if grep -q DOCKER_REPOSITORY docker/$*/Dockerfile 2>/dev/null; then $(eval DOCKER_BUILD_ARGS:=$(subst $(DOCKER_REPOSITORY),$(DOCKER_REPOSITORY_USER),$(DOCKER_BUILD_ARGS))) true; fi
if grep -q DOCKER_REPOSITORY docker/$*/Dockerfile 2>/dev/null; then $(eval DOCKER_BUILD_ARGS:=$(subst $(DOCKER_REPOSITORY),$(USER_DOCKER_REPOSITORY),$(DOCKER_BUILD_ARGS))) true; fi
$(if $(wildcard docker/$*/Dockerfile),$(call docker-build,docker/$*))
$(if $(findstring :,$*),$(eval DOCKERFILES := $(wildcard docker/$(subst :,/,$*)/Dockerfile)),$(eval DOCKERFILES := $(wildcard docker/$*/*/Dockerfile)))
$(foreach dockerfile,$(DOCKERFILES),$(call docker-build,$(dir $(dockerfile)),$(DOCKER_REPOSITORY)/$(word 2,$(subst /, ,$(dir $(dockerfile)))):$(lastword $(subst /, ,$(dir $(dockerfile)))),"") && true)

View File

@ -1,17 +1,11 @@
COMPOSE_PROJECT_NAME_NODE ?= node
COMPOSE_PROJECT_NAME_USER ?= $(USER)_$(ENV)
COMPOSE_SERVICE_NAME_NODE ?= $(subst _,-,$(COMPOSE_PROJECT_NAME_NODE))
COMPOSE_SERVICE_NAME_USER ?= $(subst _,-,$(COMPOSE_PROJECT_NAME_USER))
DOCKER_ENV_ARGS ?= $(docker_env_args)
DOCKER_EXEC_OPTIONS ?=
DOCKER_GID ?= $(call gid,docker)
DOCKER_IMAGE ?= $(DOCKER_REPOSITORY_USER)/myos
DOCKER_NAME ?= $(COMPOSE_PROJECT_NAME_USER)_myos
DOCKER_IMAGE ?= $(USER_DOCKER_REPOSITORY)/myos:${DOCKER_IMAGE_TAG}
DOCKER_NAME ?= $(USER_COMPOSE_PROJECT_NAME)_myos
DOCKER_NETWORK ?= $(DOCKER_NETWORK_PRIVATE)
DOCKER_NETWORK_PRIVATE ?= $(COMPOSE_PROJECT_NAME_USER)
DOCKER_NETWORK_PUBLIC ?= $(COMPOSE_PROJECT_NAME_NODE)
DOCKER_REPOSITORY_USER ?= $(subst -,/,$(subst _,/,$(COMPOSE_PROJECT_NAME_USER)))
DOCKER_REPOSITORY_NODE ?= $(subst -,/,$(subst _,/,$(COMPOSE_PROJECT_NAME_NODE)))
DOCKER_NETWORK_PRIVATE ?= $(USER_COMPOSE_PROJECT_NAME)
DOCKER_NETWORK_PUBLIC ?= $(NODE_COMPOSE_PROJECT_NAME)
# DOCKER_RUN: if empty, run system command, else run it in a docker
DOCKER_RUN ?= $(if $(filter-out false False FALSE,$(DOCKER)),$(DOCKER))
# DOCKER_RUN_OPTIONS: default options of `docker run` command
@ -19,8 +13,14 @@ DOCKER_RUN_OPTIONS += --rm
# DOCKER_RUN_VOLUME: options -v of `docker run` command to mount additionnal volumes
DOCKER_RUN_VOLUME += -v /var/run/docker.sock:/var/run/docker.sock
DOCKER_RUN_WORKDIR ?= -w $(PWD)
DOCKER_VOLUME ?= $(COMPOSE_PROJECT_NAME_USER)_myos
ENV_VARS += COMPOSE_PROJECT_NAME_NODE COMPOSE_PROJECT_NAME_USER COMPOSE_SERVICE_NAME_NODE COMPOSE_SERVICE_NAME_USER DOCKER_IMAGE DOCKER_NAME DOCKER_NETWORK_PRIVATE DOCKER_NETWORK_PUBLIC DOCKER_REPOSITORY_USER DOCKER_REPOSITORY_NODE DOCKER_VOLUME
DOCKER_VOLUME ?= $(USER_COMPOSE_PROJECT_NAME)_myos
ENV_VARS += NODE_COMPOSE_PROJECT_NAME USER_COMPOSE_PROJECT_NAME NODE_COMPOSE_SERVICE_NAME USER_COMPOSE_SERVICE_NAME DOCKER_IMAGE DOCKER_NAME DOCKER_NETWORK_PRIVATE DOCKER_NETWORK_PUBLIC USER_DOCKER_REPOSITORY NODE_DOCKER_REPOSITORY DOCKER_VOLUME
NODE_COMPOSE_PROJECT_NAME ?= node
NODE_COMPOSE_SERVICE_NAME ?= $(subst _,-,$(NODE_COMPOSE_PROJECT_NAME))
NODE_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(NODE_COMPOSE_PROJECT_NAME)))
USER_COMPOSE_PROJECT_NAME ?= $(USER)_$(ENV)
USER_COMPOSE_SERVICE_NAME ?= $(subst _,-,$(USER_COMPOSE_PROJECT_NAME))
USER_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(USER_COMPOSE_PROJECT_NAME)))
# https://github.com/docker/libnetwork/pull/2348
ifeq ($(OPERATING_SYSTEM),Darwin)

View File

@ -1,6 +1,6 @@
MYOS_RC_PROMPT_SET=true
MYOS_RC_PS1_SET=true
MYOS_RC_SCREEN_ATTACH=true
MYOS_RC_SOURCE=/etc/profile.d/rc_functions.sh
MYOS_RC_SSH_ADD=true
MYOS_RC_TMUX_ATTACH=false
USER_MYOS_RC_PROMPT_SET=true
USER_MYOS_RC_PS1_SET=true
USER_MYOS_RC_SCREEN_ATTACH=true
USER_MYOS_RC_SOURCE=/etc/profile.d/rc_functions.sh
USER_MYOS_RC_SSH_ADD=true
USER_MYOS_RC_TMUX_ATTACH=false

View File

@ -20,14 +20,14 @@ services:
container_name: ${DOCKER_NAME}
environment:
- ENV=${ENV}
- RC_00_SOURCE=${MYOS_RC_SOURCE}
- RC_01_PS1_SET=${MYOS_RC_PS1_SET}
- RC_02_PROMPT_SET=${MYOS_RC_PROMPT_SET}
- RC_03_SSH_ADD=${MYOS_RC_SSH_ADD}
- RC_04_TMUX_ATTACH=${MYOS_RC_TMUX_ATTACH}
- RC_05_SCREEN_ATTACH=${MYOS_RC_SCREEN_ATTACH}
- RC_00_SOURCE=${USER_MYOS_RC_SOURCE}
- RC_01_PS1_SET=${USER_MYOS_RC_PS1_SET}
- RC_02_PROMPT_SET=${USER_MYOS_RC_PROMPT_SET}
- RC_03_SSH_ADD=${USER_MYOS_RC_SSH_ADD}
- RC_04_TMUX_ATTACH=${USER_MYOS_RC_TMUX_ATTACH}
- RC_05_SCREEN_ATTACH=${USER_MYOS_RC_SCREEN_ATTACH}
- SHELL=${DOCKER_SHELL}
image: ${DOCKER_IMAGE}:${DOCKER_IMAGE_TAG}
image: ${DOCKER_IMAGE}
networks:
- private
restart: always

View File

@ -1,4 +1,9 @@
IPFS_ADDRESSES_API_DOMAIN=${DOCKER_NETWORK_PRIVATE}
IPFS_ADDRESSES_GATEWAY_INET4=0.0.0.0
IPFS_IPNS_USEPUBSUB=true
IPFS_LOGGING=error
IPFS_PUBSUB_ENABLE=true
IPFS_PUBSUB_ROUTER=gossipsub
IPFS_ROUTING_TYPE=dht
IPFS_SERVICE_8080_CHECK_TCP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${APP_DOMAIN}/

View File

@ -9,15 +9,42 @@ services:
- UID=${UID}
context: ../..
dockerfile: docker/ipfs/Dockerfile
command: daemon --migrate=true
command: daemon --agent-version-suffix=${COMPOSE_PROJECT_NAME} --enable-gc --migrate
cpus: 0.5
environment:
- IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API}
- IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN}
- IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4}
- IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT}
- IPFS_ADDRESSES_GATEWAY=${IPFS_ADDRESSES_GATEWAY}
- IPFS_ADDRESSES_GATEWAY_DOMAIN=${IPFS_ADDRESSES_GATEWAY_DOMAIN}
- IPFS_ADDRESSES_GATEWAY_INET4=${IPFS_ADDRESSES_GATEWAY_INET4}
- IPFS_ADDRESSES_GATEWAY_PORT=${IPFS_ADDRESSES_GATEWAY_PORT}
- IPFS_API_HTTPHEADERS=${IPFS_API_HTTPHEADERS}
- IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=${IPFS_API_HTTPHEADERS_ACA_CREDENTIALS}
- IPFS_API_HTTPHEADERS_ACA_HEADERS=${IPFS_API_HTTPHEADERS_ACA_HEADERS}
- IPFS_API_HTTPHEADERS_ACA_METHODS=${IPFS_API_HTTPHEADERS_ACA_METHODS}
- IPFS_API_HTTPHEADERS_ACA_ORIGIN=${IPFS_API_HTTPHEADERS_ACA_ORIGIN}
- IPFS_BOOTSTRAP=${IPFS_BOOTSTRAP}
- IPFS_DATASTORE_GCPERIOD=${IPFS_DATASTORE_GCPERIOD}
- IPFS_DISK_USAGE_PERCENT=${IPFS_DISK_USAGE_PERCENT}
- IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT=${IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT}
- IPFS_EXPERIMENTAL_FILESTOREENABLED=${IPFS_EXPERIMENTAL_FILESTOREENABLED}
- IPFS_EXPERIMENTAL_GRAPHSYNCENABLED=${IPFS_EXPERIMENTAL_GRAPHSYNCENABLED}
- IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=${IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING}
- IPFS_EXPERIMENTAL_P2PHTTPPROXY=${IPFS_EXPERIMENTAL_P2PHTTPPROXY}
- IPFS_EXPERIMENTAL_STRATEGICPROVIDING=${IPFS_EXPERIMENTAL_STRATEGICPROVIDING}
- IPFS_EXPERIMENTAL_URLSTOREENABLED=${IPFS_EXPERIMENTAL_URLSTOREENABLED}
- IPFS_IPNS_REPUBLISHPERIOD=${IPFS_IPNS_REPUBLISHPERIOD}
- IPFS_IPNS_RECORDLIFETIME=${IPFS_IPNS_RECORDLIFETIME}
- IPFS_IPNS_USEPUBSUB=${IPFS_IPNS_USEPUBSUB}
- IPFS_LOGGING=${IPFS_LOGGING}
- IPFS_PROFILE=${IPFS_PROFILE}
- IPFS_PUBSUB_ENABLE=${IPFS_PUBSUB_ENABLE}
- IPFS_PUBSUB_ROUTER=${IPFS_PUBSUB_ROUTER}
- IPFS_ROUTING_TYPE=${IPFS_ROUTING_TYPE}
- IPFS_SWARM_CONNMGR_HIGHWATER=${IPFS_SWARM_CONNMGR_HIGHWATER}
- IPFS_SWARM_CONNMGR_LOWWATER=${IPFS_SWARM_CONNMGR_LOWWATER}
image: ${DOCKER_REPOSITORY}/ipfs:${DOCKER_IMAGE_TAG}
labels:
- SERVICE_4001_CHECK_TCP=true
@ -35,13 +62,13 @@ services:
- 4001
- 5001/tcp
- 8080/tcp
restart: always
ulimits:
nofile:
soft: 65536
hard: 65536
volumes:
- ipfs:/data/ipfs:delegated
restart: always
volumes:
ipfs:

View File

@ -1,4 +1,4 @@
node ?= node/node
node ?= node/node node/portainer
ENV_VARS += DOCKER_HOST_IFACE DOCKER_HOST_INET4 DOCKER_INTERNAL_DOCKER_HOST IPFS_PROFILE
IPFS_PROFILE ?= $(if $(filter-out amd64 x86_64,$(PROCESSOR_ARCHITECTURE)),lowpower,server)
@ -16,8 +16,8 @@ node-%: stack-node-%;
# target node-ssl-certs: Create ${DOMAIN}.key.pem and ${DOMAIN}.crt.pem files
.PHONY: node-ssl-certs
node-ssl-certs:
docker run --rm --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine [ -f /certs/$(DOMAIN).crt.pem -a -f /certs/$(DOMAIN).key.pem ] \
|| $(RUN) docker run --rm -e DOMAIN=$(DOMAIN) --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine sh -c "\
docker run --rm --mount source=$(NODE_COMPOSE_PROJECT_NAME)_ssl-certs,target=/certs alpine [ -f /certs/$(DOMAIN).crt.pem -a -f /certs/$(DOMAIN).key.pem ] \
|| $(RUN) docker run --rm -e DOMAIN=$(DOMAIN) --mount source=$(NODE_COMPOSE_PROJECT_NAME)_ssl-certs,target=/certs alpine sh -c "\
apk --no-cache add openssl \
&& { [ -f /certs/${DOMAIN}.key.pem ] || openssl genrsa -out /certs/${DOMAIN}.key.pem 2048; } \
&& openssl req -key /certs/${DOMAIN}.key.pem -out /certs/${DOMAIN}.crt.pem \

View File

@ -1,7 +1,4 @@
CONSUL_ACL_TOKENS_MASTER=01234567-89AB-CDEF-0123-456789ABCDEF
CONSUL_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF
CONSUL_SERVICE_8500_TAGS=urlprefix-consul.${DOMAIN}/
FABIO_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF
FABIO_SERVICE_9998_TAGS=urlprefix-fabio.${DOMAIN}/
PORTAINER_SERVICE_9000_TAGS=urlprefix-portainer.${DOMAIN}/
REGISTRATOR_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF
NODE_CONSUL_ACL_TOKENS_MASTER=01234567-89AB-CDEF-0123-456789ABCDEF
NODE_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF
NODE_CONSUL_SERVICE_8500_TAGS=urlprefix-consul.${DOMAIN}/
NODE_FABIO_SERVICE_9998_TAGS=urlprefix-fabio.${DOMAIN}/

View File

@ -1,2 +1,2 @@
CADVISOR_EXPORTER_SERVICE_8080_TAGS=urlprefix-cadvisor-exporter.${DOMAIN}/
NODE_CADVISOR_EXPORTER_SERVICE_8080_TAGS=urlprefix-cadvisor-exporter.${DOMAIN}/
NODE_EXPORTER_SERVICE_9100_TAGS=urlprefix-node-exporter.${DOMAIN}/

View File

@ -2,13 +2,13 @@ version: '3.6'
services:
cadvisor-exporter:
container_name: ${COMPOSE_PROJECT_NAME_NODE}_cadvisor-exporter
container_name: ${NODE_COMPOSE_PROJECT_NAME}_cadvisor-exporter
hostname: ${HOSTNAME}
image: google/cadvisor:latest
labels:
- SERVICE_8080_CHECK_TCP=true
- SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME_NODE}-cadvisor-exporter:8080
- SERVICE_8080_TAGS=${CADVISOR_SERVICE_EXPORTER_8080_TAGS}
- SERVICE_8080_NAME=${NODE_COMPOSE_SERVICE_NAME}-cadvisor-exporter:8080
- SERVICE_8080_TAGS=${NODE_CADVISOR_EXPORTER_SERVICE_8080_TAGS}
- SERVICE_9200_IGNORE=true
networks:
- public
@ -26,13 +26,13 @@ services:
- "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)"
- '--path.procfs=/host/proc'
- '--path.sysfs=/host/sys'
container_name: ${COMPOSE_PROJECT_NAME_NODE}_node-exporter
container_name: ${NODE_COMPOSE_PROJECT_NAME}_node-exporter
hostname: ${HOSTNAME}
image: prom/node-exporter:latest
labels:
- SERVICE_9100_CHECK_TCP=true
- SERVICE_9100_NAME=${COMPOSE_SERVICE_NAME_NODE}-node-exporter:9100
- SERVICE_9100_TAGS=${SERVICE_NODE_EXPORTER_HTTP_TAGS}
- SERVICE_9100_NAME=${NODE_COMPOSE_SERVICE_NAME}-node-exporter:9100
- SERVICE_9100_TAGS=${NODE_EXPORTER_SERVICE_9100_TAGS}
networks:
- public
ports:

View File

@ -1,4 +1,9 @@
IPFS_ADDRESSES_API_DOMAIN_NODE=${DOCKER_NETWORK_PUBLIC}
IPFS_LOGGING_NODE=error
IPFS_SERVICE_8080_CHECK_TCP_NODE=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
IPFS_SERVICE_8080_TAGS_NODE=urlprefix-ipfs.${DOMAIN}/
NODE_IPFS_ADDRESSES_API_DOMAIN=${DOCKER_NETWORK_PUBLIC}
NODE_IPFS_ADDRESSES_GATEWAY_INET4=0.0.0.0
NODE_IPFS_IPNS_USEPUBSUB=true
NODE_IPFS_LOGGING=error
NODE_IPFS_PUBSUB_ENABLE=true
NODE_IPFS_PUBSUB_ROUTER=gossipsub
NODE_IPFS_ROUTING_TYPE=dht
NODE_IPFS_SERVICE_8080_CHECK_TCP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
NODE_IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${DOMAIN}/

View File

@ -8,25 +8,52 @@ services:
- IPFS_VERSION=0.13.0
context: ../..
dockerfile: docker/ipfs/Dockerfile
command: daemon --migrate=true
container_name: ${COMPOSE_PROJECT_NAME_NODE}_ipfs
command: daemon --agent-version-suffix=${NODE_COMPOSE_PROJECT_NAME} --enable-gc --migrate
container_name: ${NODE_COMPOSE_PROJECT_NAME}_ipfs
cpus: 0.5
environment:
- IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API_NODE}
- IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN_NODE}
- IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4_NODE}
- IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT_NODE}
- IPFS_LOGGING=${IPFS_LOGGING_NODE}
- IPFS_ADDRESSES_API=${NODE_IPFS_ADDRESSES_API}
- IPFS_ADDRESSES_API_DOMAIN=${NODE_IPFS_ADDRESSES_API_DOMAIN}
- IPFS_ADDRESSES_API_INET4=${NODE_IPFS_ADDRESSES_API_INET4}
- IPFS_ADDRESSES_API_PORT=${NODE_IPFS_ADDRESSES_API_PORT}
- IPFS_ADDRESSES_GATEWAY=${NODE_IPFS_ADDRESSES_GATEWAY}
- IPFS_ADDRESSES_GATEWAY_DOMAIN=${NODE_IPFS_ADDRESSES_GATEWAY_DOMAIN}
- IPFS_ADDRESSES_GATEWAY_INET4=${NODE_IPFS_ADDRESSES_GATEWAY_INET4}
- IPFS_ADDRESSES_GATEWAY_PORT=${NODE_IPFS_ADDRESSES_GATEWAY_PORT}
- IPFS_API_HTTPHEADERS=${NODE_IPFS_API_HTTPHEADERS}
- IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=${NODE_IPFS_API_HTTPHEADERS_ACA_CREDENTIALS}
- IPFS_API_HTTPHEADERS_ACA_HEADERS=${NODE_IPFS_API_HTTPHEADERS_ACA_HEADERS}
- IPFS_API_HTTPHEADERS_ACA_METHODS=${NODE_IPFS_API_HTTPHEADERS_ACA_METHODS}
- IPFS_API_HTTPHEADERS_ACA_ORIGIN=${NODE_IPFS_API_HTTPHEADERS_ACA_ORIGIN}
- IPFS_BOOTSTRAP=${NODE_IPFS_BOOTSTRAP}
- IPFS_DATASTORE_GCPERIOD=${NODE_IPFS_DATASTORE_GCPERIOD}
- IPFS_DISK_USAGE_PERCENT=${NODE_IPFS_DISK_USAGE_PERCENT}
- IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT=${NODE_IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT}
- IPFS_EXPERIMENTAL_FILESTOREENABLED=${NODE_IPFS_EXPERIMENTAL_FILESTOREENABLED}
- IPFS_EXPERIMENTAL_GRAPHSYNCENABLED=${NODE_IPFS_EXPERIMENTAL_GRAPHSYNCENABLED}
- IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=${NODE_IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING}
- IPFS_EXPERIMENTAL_P2PHTTPPROXY=${NODE_IPFS_EXPERIMENTAL_P2PHTTPPROXY}
- IPFS_EXPERIMENTAL_STRATEGICPROVIDING=${NODE_IPFS_EXPERIMENTAL_STRATEGICPROVIDING}
- IPFS_EXPERIMENTAL_URLSTOREENABLED=${NODE_IPFS_EXPERIMENTAL_URLSTOREENABLED}
- IPFS_IPNS_REPUBLISHPERIOD=${NODE_IPFS_IPNS_REPUBLISHPERIOD}
- IPFS_IPNS_RECORDLIFETIME=${NODE_IPFS_IPNS_RECORDLIFETIME}
- IPFS_IPNS_USEPUBSUB=${NODE_IPFS_IPNS_USEPUBSUB}
- IPFS_LOGGING=${NODE_IPFS_LOGGING}
- IPFS_PROFILE=${IPFS_PROFILE}
image: ${DOCKER_REPOSITORY_NODE}/ipfs:${DOCKER_IMAGE_TAG}
- IPFS_PUBSUB_ENABLE=${NODE_IPFS_PUBSUB_ENABLE}
- IPFS_PUBSUB_ROUTER=${NODE_IPFS_PUBSUB_ROUTER}
- IPFS_ROUTING_TYPE=${NODE_IPFS_ROUTING_TYPE}
- IPFS_SWARM_CONNMGR_HIGHWATER=${NODE_IPFS_SWARM_CONNMGR_HIGHWATER}
- IPFS_SWARM_CONNMGR_LOWWATER=${NODE_IPFS_SWARM_CONNMGR_LOWWATER}
image: ${NODE_DOCKER_REPOSITORY}/ipfs:${DOCKER_IMAGE_TAG}
labels:
- SERVICE_4001_CHECK_TCP=true
- SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:4001
- SERVICE_4001_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs:4001
- SERVICE_5001_CHECK_TCP=true
- SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:5001
- SERVICE_8080_CHECK_HTTP=${IPFS_SERVICE_8080_CHECK_TCP_NODE}
- SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:8080
- SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS_NODE}
- SERVICE_5001_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs:5001
- SERVICE_8080_CHECK_HTTP=${NODE_IPFS_SERVICE_8080_CHECK_TCP}
- SERVICE_8080_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs:8080
- SERVICE_8080_TAGS=${NODE_IPFS_SERVICE_8080_TAGS}
- SERVICE_8081_IGNORE=true
networks:
- public
@ -34,17 +61,17 @@ services:
- 4001:4001
- 5001/tcp
- 8080/tcp
restart: always
ulimits:
nofile:
soft: 65536
hard: 65536
volumes:
- ipfs:/data/ipfs:delegated
restart: always
volumes:
ipfs:
name: ${COMPOSE_PROJECT_NAME_NODE}_ipfs
name: ${NODE_COMPOSE_PROJECT_NAME}_ipfs
networks:
public:

View File

@ -8,20 +8,20 @@ services:
- DOCKER_BUILD_DIR=docker/consul
context: ../..
dockerfile: docker/consul/Dockerfile
container_name: ${COMPOSE_PROJECT_NAME_NODE}_consul
image: ${DOCKER_REPOSITORY_NODE}/consul:${DOCKER_IMAGE_TAG}
container_name: ${NODE_COMPOSE_PROJECT_NAME}_consul
image: ${NODE_DOCKER_REPOSITORY}/consul:${DOCKER_IMAGE_TAG}
environment:
CONSUL_BIND_INTERFACE: '${DOCKER_HOST_IFACE}'
CONSUL_CLIENT_INTERFACE: '${DOCKER_HOST_IFACE}'
CONSUL_HTTP_TOKEN: '${CONSUL_CONSUL_HTTP_TOKEN}'
CONSUL_HTTP_TOKEN: '${NODE_CONSUL_HTTP_TOKEN}'
CONSUL_LOCAL_CONFIG: '{ "log_level": "warn"
, "enable_script_checks": true
, "acl": { "enabled": true
, "default_policy": "deny"
, "down_policy": "extend-cache"
, "enable_token_persistence": true
, "tokens": { "initial_management": "$CONSUL_ACL_TOKENS_MASTER"
, "agent": "$CONSUL_CONSUL_HTTP_TOKEN"
, "tokens": { "initial_management": "${NODE_CONSUL_ACL_TOKENS_MASTER}"
, "agent": "${NODE_CONSUL_HTTP_TOKEN}"
}
}
}'
@ -31,8 +31,8 @@ services:
- SERVICE_8301_IGNORE=true
- SERVICE_8302_IGNORE=true
- SERVICE_8500_CHECK_HTTP=/v1/health/service/consul
- SERVICE_8500_NAME=${COMPOSE_SERVICE_NAME_NODE}-consul:8500
- SERVICE_8500_TAGS=${CONSUL_SERVICE_8500_TAGS}
- SERVICE_8500_NAME=${NODE_COMPOSE_SERVICE_NAME}-consul:8500
- SERVICE_8500_TAGS=${NODE_CONSUL_SERVICE_8500_TAGS}
- SERVICE_8600_IGNORE=true
- SERVICE_ADDRESS=${DOCKER_HOST_INET4}
- SERVICE_CHECK_SCRIPT=docker-healthcheck ${DOCKER_HOST_INET4}
@ -51,9 +51,9 @@ services:
- PROCESSOR_ARCHITECTURE=${PROCESSOR_ARCHITECTURE}
context: ../..
dockerfile: docker/fabio/Dockerfile
container_name: ${COMPOSE_PROJECT_NAME_NODE}_fabio
image: ${DOCKER_REPOSITORY_NODE}/fabio:${DOCKER_IMAGE_TAG}
command: -registry.backend "consul" -registry.consul.addr "consul:8500" -registry.consul.token "$FABIO_CONSUL_HTTP_TOKEN" -proxy.addr ":80,:443;cs=local" -proxy.cs "cs=local;type=file;cert=/certs/${DOMAIN}.crt.pem;key=/certs/${DOMAIN}.key.pem"
container_name: ${NODE_COMPOSE_PROJECT_NAME}_fabio
image: ${NODE_DOCKER_REPOSITORY}/fabio:${DOCKER_IMAGE_TAG}
command: -registry.backend "consul" -registry.consul.addr "consul:8500" -registry.consul.token "${NODE_CONSUL_HTTP_TOKEN}" -proxy.addr ":80,:443;cs=local" -proxy.cs "cs=local;type=file;cert=/certs/${DOMAIN}.crt.pem;key=/certs/${DOMAIN}.key.pem"
depends_on:
- consul
extra_hosts:
@ -61,12 +61,12 @@ services:
hostname: ${HOSTNAME}
labels:
- SERVICE_80_CHECK_TCP=true
- SERVICE_80_NAME=${COMPOSE_SERVICE_NAME_NODE}-fabio:80
- SERVICE_80_NAME=${NODE_COMPOSE_SERVICE_NAME}-fabio:80
- SERVICE_443_CHECK_TCP=true
- SERVICE_443_NAME=${COMPOSE_SERVICE_NAME_NODE}-fabio:443
- SERVICE_443_NAME=${NODE_COMPOSE_SERVICE_NAME}-fabio:443
- SERVICE_9998_CHECK_HTTP=/routes
- SERVICE_9998_NAME=${COMPOSE_SERVICE_NAME_NODE}-fabio:9998
- SERVICE_9998_TAGS=${FABIO_SERVICE_9998_TAGS}
- SERVICE_9998_NAME=${NODE_COMPOSE_SERVICE_NAME}-fabio:9998
- SERVICE_9998_TAGS=${NODE_FABIO_SERVICE_9998_TAGS}
- SERVICE_9999_IGNORE=true
ports:
- 80:80/tcp
@ -85,13 +85,13 @@ services:
- GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
context: ../..
dockerfile: docker/registrator/Dockerfile
container_name: ${COMPOSE_PROJECT_NAME_NODE}_registrator
image: ${DOCKER_REPOSITORY_NODE}/registrator:${DOCKER_IMAGE_TAG}
container_name: ${NODE_COMPOSE_PROJECT_NAME}_registrator
image: ${NODE_DOCKER_REPOSITORY}/registrator:${DOCKER_IMAGE_TAG}
command: -internal -cleanup -deregister always -resync=30 -useIpFromNetwork "${DOCKER_NETWORK_PUBLIC}" -useIpFromLabel SERVICE_ADDRESS consul://consul:8500
depends_on:
- consul
environment:
- CONSUL_HTTP_TOKEN=${REGISTRATOR_CONSUL_HTTP_TOKEN}
- CONSUL_HTTP_TOKEN=${NODE_CONSUL_HTTP_TOKEN}
extra_hosts:
- consul:${DOCKER_INTERNAL_DOCKER_HOST}
hostname: ${HOSTNAME}
@ -102,10 +102,10 @@ services:
volumes:
consul:
name: ${COMPOSE_PROJECT_NAME_NODE}_consul
name: ${NODE_COMPOSE_PROJECT_NAME}_consul
ssl-certs:
external: true
name: ${COMPOSE_PROJECT_NAME_NODE}_ssl-certs
name: ${NODE_COMPOSE_PROJECT_NAME}_ssl-certs
networks:
public:

View File

@ -8,8 +8,8 @@ services:
context: ../..
dockerfile: docker/pdns-server/Dockerfile
command: /usr/local/sbin/pdns_recursor --local-address='192.168.0.1:53' --allow-from='127.0.0.0/8, 192.168.1.0/24, 172.16.0.0/12'
container_name: ${COMPOSE_PROJECT_NAME_NODE}_pdns-recursor
container_name: ${NODE_COMPOSE_PROJECT_NAME}_pdns-recursor
hostname: ${HOSTNAME}
image: ${DOCKER_REPOSITORY_NODE}/pdns-recursor:${DOCKER_IMAGE_TAG}
image: ${NODE_DOCKER_REPOSITORY}/pdns-recursor:${DOCKER_IMAGE_TAG}
network_mode: host
restart: always

View File

@ -0,0 +1 @@
NODE_PORTAINER_SERVICE_9000_TAGS=urlprefix-portainer.${DOMAIN}/

View File

@ -0,0 +1,28 @@
version: '3.6'
services:
portainer:
image: portainer/portainer:latest
labels:
- SERVICE_8000_IGNORE=true
- SERVICE_9000_CHECK_HTTP=/
- SERVICE_9000_NAME=${NODE_COMPOSE_SERVICE_NAME}-portainer:9000
- SERVICE_9000_TAGS=${NODE_PORTAINER_SERVICE_9000_TAGS}
networks:
- public
ports:
- 8000
- 9000
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer:/data
volumes:
portainer:
name: ${NODE_COMPOSE_PROJECT_NAME}_portainer
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

View File

@ -1,3 +1,3 @@
VSFTPD_S3_AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
VSFTPD_S3_AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
VSFTPD_S3_FTPD_USERS=ftpuser::ftppass::ftpbucket
NODE_VSFTPD_S3_AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
NODE_VSFTPD_S3_AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
NODE_VSFTPD_S3_FTPD_USERS=ftpuser::ftppass::ftpbucket

View File

@ -9,28 +9,28 @@ services:
dockerfile: docker/vsftpd-s3/Dockerfile
cap_add:
- sys_admin
container_name: ${COMPOSE_PROJECT_NAME_NODE}_vsftpd-s3
container_name: ${NODE_COMPOSE_PROJECT_NAME}_vsftpd-s3
devices:
- /dev/fuse
environment:
- AWS_ACCESS_KEY_ID=${VSFTPD_S3_AWS_ACCESS_KEY_ID}
- AWS_SECRET_ACCESS_KEY=${VSFTPD_S3_AWS_SECRET_ACCESS_KEY}
- DIR_REMOTE=${VSFTPD_S3_DIR_REMOTE}
- FTP_HOST=${VSFTPD_S3_FTP_HOST}
- FTP_PASS=${VSFTPD_S3_FTP_PASS}
- FTP_SYNC=${VSFTPD_S3_FTP_SYNC}
- FTP_USER=${VSFTPD_S3_FTP_USER}
- FTPD_USER=${VSFTPD_S3_FTPD_USER}
- FTPD_USERS=${VSFTPD_S3_FTPD_USERS}
- PASV_MAX_PORT=${VSFTPD_S3_PASV_MAX_PORT}
- PASV_MIN_PORT=${VSFTPD_S3_PASV_MIN_PORT}
- AWS_ACCESS_KEY_ID=${NODE_VSFTPD_S3_AWS_ACCESS_KEY_ID}
- AWS_SECRET_ACCESS_KEY=${NODE_VSFTPD_S3_AWS_SECRET_ACCESS_KEY}
- DIR_REMOTE=${NODE_VSFTPD_S3_DIR_REMOTE}
- FTP_HOST=${NODE_VSFTPD_S3_FTP_HOST}
- FTP_PASS=${NODE_VSFTPD_S3_FTP_PASS}
- FTP_SYNC=${NODE_VSFTPD_S3_FTP_SYNC}
- FTP_USER=${NODE_VSFTPD_S3_FTP_USER}
- FTPD_USER=${NODE_VSFTPD_S3_FTPD_USER}
- FTPD_USERS=${NODE_VSFTPD_S3_FTPD_USERS}
- PASV_MAX_PORT=${NODE_VSFTPD_S3_PASV_MAX_PORT}
- PASV_MIN_PORT=${NODE_VSFTPD_S3_PASV_MIN_PORT}
hostname: ${HOSTNAME}
image: ${DOCKER_REPOSITORY_NODE}/vsftpd-s3:${DOCKER_IMAGE_TAG}
image: ${NODE_DOCKER_REPOSITORY}/vsftpd-s3:${DOCKER_IMAGE_TAG}
labels:
- SERVICE_21_CHECK_TCP=true
- SERVICE_21_NAME=${COMPOSE_SERVICE_NAME_NODE}-vsftpd-s3:21
- SERVICE_21_NAME=${NODE_COMPOSE_SERVICE_NAME}-vsftpd-s3:21
- SERVICE_22_CHECK_TCP=true
- SERVICE_22_NAME=${COMPOSE_SERVICE_NAME_NODE}-vsftpd-s3:22
- SERVICE_22_NAME=${NODE_COMPOSE_SERVICE_NAME}-vsftpd-s3:22
- SERVICE_65000_IGNORE=true
security_opt:
- apparmor:unconfined

View File

@ -0,0 +1 @@
PORTAINER_SERVICE_9000_TAGS=urlprefix-portainer.${APP_DOMAIN}/

7
stack/zen/.env.dist Normal file
View File

@ -0,0 +1,7 @@
IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=["true"]
IPFS_API_HTTPHEADERS_ACA_METHODS=["PUT", "GET", "POST"]
IPFS_API_HTTPHEADERS_ACA_ORIGIN=["http://astroport", "https://astroport.com", "https://qo-op.com", "https://tube.copylaradio.com" ]
IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=true
IPFS_EXPERIMENTAL_P2PHTTPPROXY=true
IPFS_SWARM_CONNMGR_HIGHWATER=0
IPFS_SWARM_CONNMGR_LOWWATER=0