diff --git a/docker/ipfs/ipfs-config.sh b/docker/ipfs/ipfs-config.sh index c0faddf..3f3bf36 100755 --- a/docker/ipfs/ipfs-config.sh +++ b/docker/ipfs/ipfs-config.sh @@ -5,12 +5,10 @@ set -e ## fix resource manager fatal error on arm64/linux with 2Gb RAM # ipfs config --json Swarm.ResourceMgr.Enabled false # ERROR p2pnode libp2p/rcmgr_defaults.go:107 ===> OOF! go-libp2p changed DefaultServiceLimits -# => changes ('test' represents the old value): -# {"op":"test","path":"/SystemLimits/Memory","value":1073741824} -# {"op":"replace","path":"/SystemLimits/Memory","value":256560128} -# => go-libp2p SetDefaultServiceLimits update needs a review: -# Please inspect if changes impact go-ipfs users, and update expectedDefaultServiceLimits in rcmgr_defaults.go to remove this message -# FATAL p2pnode libp2p/rcmgr_defaults.go:115 daemon will refuse to run with the resource manager until this is resolved + +# set ipfs peer id +[ -n "${IPFS_IDENTITY_PEERID}" ] && [ -n "${IPFS_IDENTITY_PRIVKEY}" ] \ + && sed -i 's/"PeerID":.*/"PeerID": "'"${IPFS_IDENTITY_PEERID}"'",/;s/"PrivKey":.*/"PrivKey": "'"${IPFS_IDENTITY_PRIVKEY}"'"/' "${IPFS_PATH}/config" ## ipfs client needs API address # search for ip address of $(hostname).${IPFS_ADDRESSES_API_DOMAIN} diff --git a/make/apps/common.mk b/make/apps/common.mk index 2834800..44b1577 100644 --- a/make/apps/common.mk +++ b/make/apps/common.mk @@ -204,7 +204,7 @@ stack-%: $(eval command := $(lastword $(subst -, ,$*))) $(if $(findstring -,$*), \ $(if $(filter $(command),$(filter-out %-%,$(patsubst docker-compose-%,%,$(filter docker-compose-%,$(MAKE_TARGETS))))), \ - $(call make,$(command) STACK="$(stack)",,ARGS COMPOSE_IGNORE_ORPHANS SERVICE User node))) + $(call make,$(command) STACK="$(stack)",,ARGS COMPOSE_IGNORE_ORPHANS DOCKER_COMPOSE_PROJECT_NAME SERVICE User node))) # target start app-start: Start application dockers # on local host diff --git a/make/apps/def.docker.mk b/make/apps/def.docker.mk index e07e365..90815af 100644 --- a/make/apps/def.docker.mk +++ b/make/apps/def.docker.mk @@ -12,11 +12,11 @@ else COMPOSE_FILE_APP ?= true endif COMPOSE_IGNORE_ORPHANS ?= false -COMPOSE_PROJECT_NAME ?= $(subst .,,$(call LOWERCASE,$(USER)-$(APP_NAME)-$(ENV)$(addprefix -,$(subst /,,$(subst -,,$(APP_PATH)))))) -COMPOSE_SERVICE_NAME ?= $(subst _,-,$(COMPOSE_PROJECT_NAME)) +COMPOSE_PROJECT_NAME ?= $(if $(DOCKER_COMPOSE_PROJECT_NAME),$(DOCKER_COMPOSE_PROJECT_NAME),$(subst .,,$(call LOWERCASE,$(USER)-$(APP_NAME)-$(ENV)$(addprefix -,$(subst /,,$(subst -,,$(APP_PATH))))))) +COMPOSE_SERVICE_NAME ?= $(if $(DOCKER_COMPOSE_SERVICE_NAME),$(DOCKER_COMPOSE_SERVICE_NAME),$(subst _,-,$(COMPOSE_PROJECT_NAME))) COMPOSE_VERSION ?= 2.5.0 CONTEXT += COMPOSE_FILE DOCKER_REPOSITORY -CONTEXT_DEBUG += DOCKER_BUILD_TARGET DOCKER_IMAGE_TAG DOCKER_REGISTRY DOCKER_SERVICE DOCKER_SERVICES +CONTEXT_DEBUG += DOCKER_BUILD_TARGET DOCKER_COMPOSE_PROJECT_NAME DOCKER_IMAGE_TAG DOCKER_REGISTRY DOCKER_SERVICE DOCKER_SERVICES DOCKER_AUTHOR ?= $(DOCKER_AUTHOR_NAME) <$(DOCKER_AUTHOR_EMAIL)> DOCKER_AUTHOR_EMAIL ?= $(subst +git,+docker,$(GIT_AUTHOR_EMAIL)) DOCKER_AUTHOR_NAME ?= $(GIT_AUTHOR_NAME) @@ -30,8 +30,9 @@ DOCKER_BUILD_TARGETS ?= $(ENV_DEPLOY) DOCKER_BUILD_VARS ?= APP BRANCH COMPOSE_VERSION DOCKER_GID DOCKER_MACHINE DOCKER_REPOSITORY DOCKER_SYSTEM GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME SSH_REMOTE_HOSTS USER VERSION DOCKER_COMPOSE ?= $(if $(DOCKER_RUN),docker/compose:$(COMPOSE_VERSION),$(or $(shell docker compose >/dev/null 2>&1 && printf 'docker compose\n'),docker-compose)) $(COMPOSE_ARGS) DOCKER_COMPOSE_DOWN_OPTIONS ?= -DOCKER_COMPOSE_PROJECT_NAME ?= $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(NODE_COMPOSE_PROJECT_NAME),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(USER_COMPOSE_PROJECT_NAME),$(COMPOSE_PROJECT_NAME))) +DOCKER_COMPOSE_PROJECT_NAME ?= $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(NODE_COMPOSE_PROJECT_NAME),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(USER_COMPOSE_PROJECT_NAME))) DOCKER_COMPOSE_RUN_OPTIONS ?= --rm +DOCKER_COMPOSE_SERVICE_NAME ?= $(subst _,-,$(DOCKER_COMPOSE_PROJECT_NAME)) DOCKER_COMPOSE_UP_OPTIONS ?= -d DOCKER_IMAGE_TAG ?= $(if $(filter true,$(DEPLOY)),$(if $(filter $(ENV),$(ENV_DEPLOY)),$(VERSION)),$(if $(DRONE_BUILD_NUMBER),$(DRONE_BUILD_NUMBER),latest)) DOCKER_IMAGES ?= $(patsubst %/,%,$(patsubst docker/%,%,$(dir $(wildcard docker/*/Dockerfile)))) @@ -43,7 +44,7 @@ DOCKER_PLUGIN_S3FS_OPTIONS ?= allow_other,nonempty,use_path_request_style,u DOCKER_PLUGIN_S3FS_SECRETKEY ?= $(AWS_SECRET_ACCESS_KEY) DOCKER_PLUGIN_S3FS_REGION ?= eu-west-1 DOCKER_PLUGIN_VARS ?= S3FS_ACCESSKEY S3FS_OPTIONS S3FS_SECRETKEY S3FS_REGION -DOCKER_REGISTRY ?= my.os +DOCKER_REGISTRY ?= $(DOMAIN) DOCKER_REGISTRY_USERNAME ?= $(USER) DOCKER_REGISTRY_REPOSITORY ?= $(addsuffix /,$(DOCKER_REGISTRY))$(subst $(USER),$(DOCKER_REGISTRY_USERNAME),$(DOCKER_REPOSITORY)) DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(COMPOSE_PROJECT_NAME))) @@ -83,13 +84,13 @@ endef define docker-compose $(call INFO,docker-compose,$(1)) $(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION))) - $(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(DOCKER_COMPOSE_PROJECT_NAME) $(1))) + $(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) $(1))) endef # function docker-compose-exec-sh: Run docker-compose-exec sh -c 'arg 2' in service 1 define docker-compose-exec-sh $(call INFO,docker-compose-exec-sh,$(1)$(comma) $(2)) $(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION))) - $(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(DOCKER_COMPOSE_PROJECT_NAME) exec -T $(1) sh -c '$(2)')) + $(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) exec -T $(1) sh -c '$(2)')) endef # function docker-push: Push docker image define docker-push diff --git a/make/apps/docker.mk b/make/apps/docker.mk index e01e614..403a88c 100644 --- a/make/apps/docker.mk +++ b/make/apps/docker.mk @@ -134,9 +134,9 @@ docker-images-rm-%: docker-login: myos-user $(RUN) docker login -# target docker-network: Fire docker-network-create-% for DOCKER_NETWORK_PRIVATE and DOCKER_NETWORK_PUBLIC +# target docker-network: Fire docker-network-create-% for DOCKER_NETWORK and DOCKER_NETWORK_PUBLIC .PHONY: docker-network -docker-network: docker-network-create-$(DOCKER_NETWORK_PRIVATE) docker-network-create-$(DOCKER_NETWORK_PUBLIC) +docker-network: docker-network-create docker-network-create-$(DOCKER_NETWORK_PUBLIC) # target docker-network-create: Fire docker-network-create-% for DOCKER_NETWORK .PHONY: docker-network-create diff --git a/make/def.docker.mk b/make/def.docker.mk index 282fb55..bdfe8a6 100644 --- a/make/def.docker.mk +++ b/make/def.docker.mk @@ -4,9 +4,9 @@ DOCKER_GID ?= $(call gid,docker) DOCKER_IMAGE ?= $(USER_DOCKER_IMAGE) DOCKER_MACHINE ?= $(shell docker run --rm alpine uname -m 2>/dev/null) DOCKER_NAME ?= $(USER_DOCKER_NAME) -DOCKER_NETWORK ?= $(DOCKER_NETWORK_PRIVATE) -DOCKER_NETWORK_PRIVATE ?= $(USER_COMPOSE_PROJECT_NAME) -DOCKER_NETWORK_PUBLIC ?= $(NODE_COMPOSE_PROJECT_NAME) +DOCKER_NETWORK ?= $(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(USER),$(DOCKER_NETWORK_PRIVATE)) +DOCKER_NETWORK_PRIVATE ?= $(USER)-$(ENV) +DOCKER_NETWORK_PUBLIC ?= $(HOSTNAME) # DOCKER_RUN: if empty, run system command, else run it in a docker DOCKER_RUN ?= $(if $(filter-out false False FALSE,$(DOCKER)),$(DOCKER)) DOCKER_RUN_LABELS ?= $(patsubst %,-l %,$(DOCKER_LABELS)) @@ -16,18 +16,19 @@ DOCKER_RUN_OPTIONS += --rm --network $(DOCKER_NETWORK) DOCKER_RUN_VOLUME += -v /var/run/docker.sock:/var/run/docker.sock DOCKER_RUN_WORKDIR ?= -w $(PWD) DOCKER_SYSTEM ?= $(shell docker run --rm alpine uname -s 2>/dev/null) -ENV_VARS += DOCKER_MACHINE DOCKER_NETWORK_PRIVATE DOCKER_NETWORK_PUBLIC DOCKER_SYSTEM NODE_COMPOSE_PROJECT_NAME NODE_COMPOSE_SERVICE_NAME NODE_DOCKER_REPOSITORY NODE_DOCKER_VOLUME NODE_GID NODE_UID USER_COMPOSE_PROJECT_NAME USER_COMPOSE_SERVICE_NAME USER_DOCKER_IMAGE USER_DOCKER_NAME USER_DOCKER_REPOSITORY USER_DOCKER_VOLUME +ENV_VARS += DOCKER_MACHINE DOCKER_NETWORK DOCKER_NETWORK_PRIVATE DOCKER_NETWORK_PUBLIC DOCKER_SYSTEM NODE_COMPOSE_PROJECT_NAME NODE_COMPOSE_SERVICE_NAME NODE_DOCKER_REPOSITORY NODE_DOCKER_VOLUME NODE_GID NODE_UID USER_COMPOSE_PROJECT_NAME USER_COMPOSE_SERVICE_NAME USER_DOCKER_IMAGE USER_DOCKER_NAME USER_DOCKER_REPOSITORY USER_DOCKER_VOLUME NODE_COMPOSE_PROJECT_NAME ?= $(HOSTNAME) NODE_COMPOSE_SERVICE_NAME ?= $(subst _,-,$(NODE_COMPOSE_PROJECT_NAME)) NODE_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(NODE_COMPOSE_PROJECT_NAME))) NODE_DOCKER_VOLUME ?= $(NODE_COMPOSE_PROJECT_NAME) NODE_GID ?= 100 NODE_UID ?= 123 -USER_COMPOSE_PROJECT_NAME ?= $(USER)-$(ENV) +RESU_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(USER_COMPOSE_PROJECT_NAME))) +USER_COMPOSE_PROJECT_NAME ?= $(strip $(RESU)) USER_COMPOSE_SERVICE_NAME ?= $(subst _,-,$(USER_COMPOSE_PROJECT_NAME)) USER_DOCKER_IMAGE ?= $(USER_DOCKER_REPOSITORY):${DOCKER_IMAGE_TAG} USER_DOCKER_NAME ?= $(USER_COMPOSE_PROJECT_NAME) -USER_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(USER_COMPOSE_PROJECT_NAME))) +USER_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(USER))) USER_DOCKER_VOLUME ?= $(USER_COMPOSE_PROJECT_NAME) # https://github.com/docker/libnetwork/pull/2348 @@ -81,7 +82,7 @@ define run $(if $(DOCKER_RUN_NAME), $(if $(call docker-running,^$(DOCKER_RUN_NAME)$$), $(call ERROR,Found already running docker,$(DOCKER_RUN_NAME)) - ) + ) ) $(RUN) docker run $(DOCKER_ENV_ARGS) $(DOCKER_RUN_LABELS) $(DOCKER_RUN_OPTIONS) $(DOCKER_RUN_VOLUME) $(DOCKER_RUN_WORKDIR) $(DOCKER_SSH_AUTH) $(DOCKER_RUN_NAME) $(2)$(1) endef diff --git a/make/def.mk b/make/def.mk index 65bb26c..41b8077 100644 --- a/make/def.mk +++ b/make/def.mk @@ -53,10 +53,10 @@ ENV_ARGS ?= $(env_args) ENV_FILE ?= $(wildcard $(if $(filter-out myos,$(MYOS)),$(MONOREPO_DIR)/.env) $(CONFIG)/$(ENV)/$(APP)/.env .env) ENV_LIST ?= $(shell ls .git/refs/heads/ 2>/dev/null) ENV_RESET ?= false -ENV_VARS ?= APP BRANCH DOMAIN ENV HOME HOSTNAME GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME GROUP MONOREPO MONOREPO_DIR TAG UID USER VERSION +ENV_VARS ?= APP BRANCH DOMAIN ENV HOME HOSTNAME GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME GROUP MAIL MONOREPO MONOREPO_DIR TAG UID USER VERSION GID ?= $(shell id -g 2>/dev/null) GIDS ?= $(shell id -G 2>/dev/null) -GIT_AUTHOR_EMAIL ?= $(or $(shell git config user.email 2>/dev/null),$(USER)@my.os) +GIT_AUTHOR_EMAIL ?= $(or $(shell git config user.email 2>/dev/null),$(USER)@$(DOMAIN)) GIT_AUTHOR_NAME ?= $(or $(shell git config user.name 2>/dev/null),$(USER)) GIT_BRANCH ?= $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null) GIT_COMMIT ?= $(shell git rev-parse $(BRANCH) 2>/dev/null) @@ -75,6 +75,7 @@ INSTALL ?= $(RUN) $(SUDO) $(subst &&,&& $(RUN) $(SUDO),$ INSTALL_CMDS ?= APK_INSTALL APT_INSTALL $(foreach cmd,$(INSTALL_CMDS),$(if $(CMD_$(cmd)),$(eval INSTALL_CMD ?= $(CMD_$(cmd))))) LOG_LEVEL ?= $(if $(DEBUG),debug,$(if $(VERBOSE),info,error)) +MAIL ?= $(GIT_AUTHOR_EMAIL) MAKE_ARGS ?= $(foreach var,$(MAKE_VARS),$(if $($(var)),$(var)='$($(var))')) MAKE_SUBDIRS ?= $(if $(filter myos,$(MYOS)),monorepo,$(if $(APP),apps $(foreach type,$(APP_LOAD),$(if $(wildcard $(MAKE_DIR)/apps/$(type)),apps/$(type))))) MAKE_CMD_ARGS ?= $(foreach var,$(MAKE_CMD_VARS),$(var)='$($(var))') @@ -151,6 +152,53 @@ printf '${COLOR_ERROR}ERROR:${COLOR_RESET} ${COLOR_INFO}$(APP)${COLOR_RESET}[${C && printf '\n' >&$(ERROR_FD) \ && exit 2 +INFO_FD := 2 +# macro INFO: print colorized info +INFO = $(if $(VERBOSE),$(if $(filter-out true,$(IGNORE_VERBOSE)), \ + printf '${COLOR_INFO}$(APP)${COLOR_RESET}[${COLOR_VALUE}$(MAKELEVEL)${COLOR_RESET}]$(if $@, ${COLOR_VALUE}$@${COLOR_RESET}):${COLOR_RESET} ' >&$(INFO_FD) \ + $(if $(2), \ + && printf 'Calling ${COLOR_HIGHLIGHT}$(1)${COLOR_RESET}$(lbracket)' >&$(INFO_FD) \ + && $(or $(strip $(call PRINTF,$(2))),printf '$(2)') >&$(INFO_FD) \ + && printf '$(rbracket)' >&$(INFO_FD) \ + $(if $(3),&& printf ' ${COLOR_VALUE}in${COLOR_RESET} $(3)' >&$(INFO_FD)) \ + , \ + && $(strip $(call PRINTF,$(1)) >&$(INFO_FD)) \ + ) \ + && printf '\n' >&$(INFO_FD) \ +)) + +# macro RESU: Print USER associated to MAIL +RESU = \ +$(if $(findstring @,$(MAIL)), \ + $(eval user := $(subst +,,$(subst -,,$(subst .,,$(call LOWERCASE,$(shell printf '$(MAIL)' |awk -F "@" '{print $$1}')))))) \ + $(eval domain := $(call LOWERCASE,$(call subst,_,,$(shell printf '$(MAIL)' |awk -F "@" '{print $$NF}')))) \ + $(if $(domain), \ + $(eval mail := $(MAIL)) \ + $(eval niamod := $(subst $(space),_,$(strip $(call reverse,$(subst .,$(space),$(domain)))))) \ + $(eval resu := $(niamod)_$(user)) \ + $(eval resu_path := $(subst _,/,$(niamod))/$(user)) \ + $(resu) \ + , $(USER) \ + ) \ +, $(USER) \ +) + +# macro TIME: Print time elapsed since unixtime 1 +TIME = awk '{printf "%02d:%02d:%02d\n",int($$1/3600),int(($$1%3600)/60),int($$1%60)}' \ + <<< $(shell awk 'BEGIN {current=$(or $(2),$(MAKE_UNIXTIME_CURRENT)); start=$(or $(1),$(MAKE_UNIXTIME_START)); print (current - start)}' 2>/dev/null) + +WARNING_FD := 2 +# macro WARNING: print colorized warning +WARNING = \ +printf '${COLOR_WARNING}WARNING:${COLOR_RESET} ${COLOR_INFO}$(APP)${COLOR_RESET}[${COLOR_VALUE}$(MAKELEVEL)${COLOR_RESET}]$(if $@, ${COLOR_VALUE}$@${COLOR_RESET}):${COLOR_RESET} ' >&$(WARNING_FD) \ + $(if $(2), \ + && printf '$(1) ${COLOR_HIGHLIGHT}$(2)${COLOR_RESET}' >&$(WARNING_FD) \ + $(if $(3),&& printf ' $(3)$(if $(4), ${COLOR_VALUE}$(4)${COLOR_RESET})' >&$(WARNING_FD)) \ + , \ + && $(strip $(call PRINTF,$(1)) >&$(WARNING_FD)) \ + ) \ + && printf '\n' >&$(WARNING_FD) + # macro force: Run command 1 sine die ## it starts command 1 if it is not already running ## it returns never @@ -172,43 +220,12 @@ force = $$(while true; do \ # macro gid: Return GID of group 1 gid = $(shell awk -F':' '$$1 == "$(1)" {print $$3}' /etc/group 2>/dev/null) -INFO_FD := 2 -# macro INFO: print colorized info -INFO = $(if $(VERBOSE),$(if $(filter-out true,$(IGNORE_VERBOSE)), \ - printf '${COLOR_INFO}$(APP)${COLOR_RESET}[${COLOR_VALUE}$(MAKELEVEL)${COLOR_RESET}]$(if $@, ${COLOR_VALUE}$@${COLOR_RESET}):${COLOR_RESET} ' >&$(INFO_FD) \ - $(if $(2), \ - && printf 'Calling ${COLOR_HIGHLIGHT}$(1)${COLOR_RESET}$(lbracket)' >&$(INFO_FD) \ - && $(or $(strip $(call PRINTF,$(2))),printf '$(2)') >&$(INFO_FD) \ - && printf '$(rbracket)' >&$(INFO_FD) \ - $(if $(3),&& printf ' ${COLOR_VALUE}in${COLOR_RESET} $(3)' >&$(INFO_FD)) \ - , \ - && $(strip $(call PRINTF,$(1)) >&$(INFO_FD)) \ - ) \ - && printf '\n' >&$(INFO_FD) \ -)) - # macro pop: Return last word of string 1 according to separator 2 pop = $(patsubst %$(or $(2),/)$(lastword $(subst $(or $(2),/), ,$(1))),%,$(1)) # macro sed: Run sed script 1 on file 2 sed = $(RUN) sed -i $(SED_SUFFIX) '$(1)' $(2) -# macro TIME: Print time elapsed since unixtime 1 -TIME = awk '{printf "%02d:%02d:%02d\n",int($$1/3600),int(($$1%3600)/60),int($$1%60)}' \ - <<< $(shell awk 'BEGIN {current=$(or $(2),$(MAKE_UNIXTIME_CURRENT)); start=$(or $(1),$(MAKE_UNIXTIME_START)); print (current - start)}' 2>/dev/null) - -WARNING_FD := 2 -# macro WARNING: print colorized warning -WARNING = \ -printf '${COLOR_WARNING}WARNING:${COLOR_RESET} ${COLOR_INFO}$(APP)${COLOR_RESET}[${COLOR_VALUE}$(MAKELEVEL)${COLOR_RESET}]$(if $@, ${COLOR_VALUE}$@${COLOR_RESET}):${COLOR_RESET} ' >&$(WARNING_FD) \ - $(if $(2), \ - && printf '$(1) ${COLOR_HIGHLIGHT}$(2)${COLOR_RESET}' >&$(WARNING_FD) \ - $(if $(3),&& printf ' $(3)$(if $(4), ${COLOR_VALUE}$(4)${COLOR_RESET})' >&$(WARNING_FD)) \ - , \ - && $(strip $(call PRINTF,$(1)) >&$(WARNING_FD)) \ - ) \ - && printf '\n' >&$(WARNING_FD) - # function conf: Extract variable=value line from configuration files ## it prints the line with variable 3 definition from block 2 in file 1 define conf diff --git a/make/include.mk b/make/include.mk index 3a1181f..cc8e7d2 100644 --- a/make/include.mk +++ b/make/include.mk @@ -21,6 +21,6 @@ include $(filter-out $(wildcard $(MAKE_FILE) $(MAKE_FIRST) $(MAKE_LATEST)),$(wil ## it includes $(MAKE_DIR)/*/*.mk include $(foreach subdir,$(MAKE_SUBDIRS),$(filter-out $(wildcard $(MAKE_DIR)/$(subdir)/def.mk $(MAKE_DIR)/$(subdir)/def.*.mk),$(wildcard $(MAKE_DIR)/$(subdir)/*.mk))) ## it includes *.mk */*.mk if not myos nor monorepo, stack/*.mk if myos -include $(if $(filter-out myos,$(MYOS)),$(if $(filter-out .,$(MYOS)),$(filter-out $(wildcard def.mk def.*.mk */def.mk */def.*.mk),$(wildcard *.mk */*.mk)),$(wildcard stack/*.mk))) +include $(if $(filter-out myos,$(MYOS)),$(if $(filter-out .,$(MYOS)),$(filter-out $(wildcard def.mk def.*.mk */def.mk */def.*.mk),$(wildcard *.mk */*.mk)),$(wildcard stack/*.mk stack/*/*.mk))) ## it includes $(MAKE_LATEST) include $(wildcard $(MAKE_LATEST)) diff --git a/stack/User.mk b/stack/User.mk index 0c644f9..5f06b42 100644 --- a/stack/User.mk +++ b/stack/User.mk @@ -1,9 +1,8 @@ CMDARGS += user-exec user-exec:% user-exec@% user-run user-run:% user-run@% -User ?= User/User - -# target bootstrap-stack-User: Fire docker-network-create -.PHONY: bootstrap-stack-User -bootstrap-stack-User: +ENV_VARS += USER_DOMAIN user_domain +USER_DOMAIN ?= $(USER).$(DOMAIN) +User ?= $(patsubst stack/%,%,$(patsubst %.yml,%,$(wildcard stack/User/*.yml))) +user_domain ?= $(user).$(domain) # target start-stack-User: Fire ssh-add .PHONY: start-stack-User @@ -11,8 +10,10 @@ start-stack-User: ssh-add # target user: Fire start-stack-User if DOCKER_RUN or fire start-stack-User .PHONY: User user +User user: STACK := User User user: $(if $(DOCKER_RUN),stack-User-up,start-stack-User) # target User-% user-%; Fire target stack-User-% .PHONY: User-% user-% +User-% user-%: STACK := User User-% user-%: stack-User-%; diff --git a/stack/User/User.yml b/stack/User/User.yml index 2494c73..4804974 100644 --- a/stack/User/User.yml +++ b/stack/User/User.yml @@ -34,23 +34,23 @@ services: user: ${UID}:${GID} volumes: - ${HOME}:${HOME}:cached - - monorepo:${MONOREPO_DIR}:cached - - myos:/tmp/ssh-agent + - sources:${MONOREPO_DIR}:cached + - user:/tmp/ssh-agent working_dir: ${MONOREPO_DIR} volumes: - monorepo: + sources: driver: local driver_opts: type: none device: ${MONOREPO_DIR} o: bind - name: ${USER_COMPOSE_PROJECT_NAME} - myos: + name: ${USER}_sources + user: external: true name: ${USER_DOCKER_VOLUME} networks: private: external: true - name: ${DOCKER_NETWORK_PRIVATE} + name: ${DOCKER_NETWORK} diff --git a/stack/User/ipfs.mk b/stack/User/ipfs.mk new file mode 100644 index 0000000..c7c0150 --- /dev/null +++ b/stack/User/ipfs.mk @@ -0,0 +1,4 @@ +ENV_VARS += USER_IPFS_API_HTTPHEADERS_ACA_ORIGIN USER_IPFS_SERVICE_5001_TAGS USER_IPFS_SERVICE_8080_TAGS +USER_IPFS_API_HTTPHEADERS_ACA_ORIGIN ?= ["https://ipfs.$(USER_DOMAIN)", "http://ipfs.localhost:8080"] +USER_IPFS_SERVICE_5001_TAGS ?= urlprefix-ipfs.$(USER_DOMAIN)/user/$(user_domain)/api +USER_IPFS_SERVICE_8080_TAGS ?= urlprefix-ipfs.$(USER_DOMAIN)/user/$(user_domain),urlprefix-*.ipfs.$(USER_DOMAIN)/user/$(user_domain),urlprefix-ipns.$(USER_DOMAIN)/user/$(user_domain),urlprefix-*.ipns.$(USER_DOMAIN)/user/$(user_domain) diff --git a/stack/User/ipfs.yml b/stack/User/ipfs.yml new file mode 100644 index 0000000..d4b8fd1 --- /dev/null +++ b/stack/User/ipfs.yml @@ -0,0 +1,100 @@ +version: '3.6' + +services: + ipfs: + build: + args: + - DOCKER_BUILD_DIR=docker/ipfs + - GID=${GID} + - IPFS_VERSION=${IPFS_VERSION} + - UID=${UID} + context: ../.. + dockerfile: docker/ipfs/Dockerfile + command: daemon --agent-version-suffix=${COMPOSE_PROJECT_NAME} ${USER_IPFS_DAEMON_ARGS:---migrate} + container_name: ${COMPOSE_PROJECT_NAME}-ipfs + cpus: 0.5 + environment: + - IPFS_ADDRESSES_API=${USER_IPFS_ADDRESSES_API:-} + - IPFS_ADDRESSES_API_DOMAIN=${USER_IPFS_ADDRESSES_API_DOMAIN:-${DOCKER_NETWORK_PUBLIC}} + - IPFS_ADDRESSES_API_INET4=${USER_IPFS_ADDRESSES_API_INET4:-} + - IPFS_ADDRESSES_API_PORT=${USER_IPFS_ADDRESSES_API_PORT:-} + - IPFS_ADDRESSES_GATEWAY=${USER_IPFS_ADDRESSES_GATEWAY:-} + - IPFS_ADDRESSES_GATEWAY_DOMAIN=${USER_IPFS_ADDRESSES_GATEWAY_DOMAIN:-} + - IPFS_ADDRESSES_GATEWAY_INET4=${USER_IPFS_ADDRESSES_GATEWAY_INET4:-0.0.0.0} + - IPFS_ADDRESSES_GATEWAY_PORT=${USER_IPFS_ADDRESSES_GATEWAY_PORT:-} + - IPFS_ADDRESSES_NOANNOUNCE=${USER_IPFS_ADDRESSES_NOANNOUNCE:-} + - IPFS_API_HTTPHEADERS=${USER_IPFS_API_HTTPHEADERS:-} + - IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=${USER_IPFS_API_HTTPHEADERS_ACA_CREDENTIALS:-["true"]} + - IPFS_API_HTTPHEADERS_ACA_HEADERS=${USER_IPFS_API_HTTPHEADERS_ACA_HEADERS:-["X-Requested-With", "Range", "User-Agent"]} + - IPFS_API_HTTPHEADERS_ACA_METHODS=${USER_IPFS_API_HTTPHEADERS_ACA_METHODS:-["OPTIONS", "POST"]} + - IPFS_API_HTTPHEADERS_ACA_ORIGIN=${USER_IPFS_API_HTTPHEADERS_ACA_ORIGIN:-} + - IPFS_BOOTSTRAP=${USER_IPFS_BOOTSTRAP:-} + - IPFS_DATASTORE_GCPERIOD=${USER_IPFS_DATASTORE_GCPERIOD:-} + - IPFS_DISK_USAGE_PERCENT=${USER_IPFS_DISK_USAGE_PERCENT:-} + - IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT=${USER_IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT:-} + - IPFS_EXPERIMENTAL_FILESTOREENABLED=${USER_IPFS_EXPERIMENTAL_FILESTOREENABLED:-} + - IPFS_EXPERIMENTAL_GRAPHSYNCENABLED=${USER_IPFS_EXPERIMENTAL_GRAPHSYNCENABLED:-} + - IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=${USER_IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING:-} + - IPFS_EXPERIMENTAL_P2PHTTPPROXY=${USER_IPFS_EXPERIMENTAL_P2PHTTPPROXY:-} + - IPFS_EXPERIMENTAL_STRATEGICPROVIDING=${USER_IPFS_EXPERIMENTAL_STRATEGICPROVIDING:-} + - IPFS_EXPERIMENTAL_URLSTOREENABLED=${USER_IPFS_EXPERIMENTAL_URLSTOREENABLED:-} + - IPFS_IDENTITY_PEERID=${USER_IPFS_IDENTITY_PEERID:-} + - IPFS_IDENTITY_PRIVKEY=${USER_IPFS_IDENTITY_PRIVKEY:-} + - IPFS_IPNS_REPUBLISHPERIOD=${USER_IPFS_IPNS_REPUBLISHPERIOD:-} + - IPFS_IPNS_RECORDLIFETIME=${USER_IPFS_IPNS_RECORDLIFETIME:-} + - IPFS_IPNS_USEPUBSUB=${USER_IPFS_IPNS_USEPUBSUB:-true} + - IPFS_LOGGING=${USER_IPFS_LOGGING:-error} + - IPFS_NETWORK=${USER_IPFS_NETWORK:-private} + - IPFS_PROFILE=${USER_IPFS_PROFILE:-${IPFS_PROFILE}} + - IPFS_PUBSUB_ENABLE=${USER_IPFS_PUBSUB_ENABLE:-true} + - IPFS_PUBSUB_ROUTER=${USER_IPFS_PUBSUB_ROUTER:-gossipsub} + - IPFS_ROUTING_TYPE=${USER_IPFS_ROUTING_TYPE:-dht} + - IPFS_REPROVIDER_INTERVAL=${USER_IPFS_REPROVIDER_INTERVAL:-} + - IPFS_REPROVIDER_STRATEGY=${USER_IPFS_REPROVIDER_STRATEGY:-} + - IPFS_SWARM_CONNMGR_HIGHWATER=${USER_IPFS_SWARM_CONNMGR_HIGHWATER:-} + - IPFS_SWARM_CONNMGR_LOWWATER=${USER_IPFS_SWARM_CONNMGR_LOWWATER:-} + - IPFS_SWARM_CONNMGR_TYPE=${USER_IPFS_SWARM_CONNMGR_TYPE:-} + - IPFS_SWARM_DISABLENATPORTMAP=${USER_IPFS_SWARM_DISABLENATPORTMAP:-} + - IPFS_SWARM_ENABLEHOLEPUNCHING=${USER_IPFS_SWARM_ENABLEHOLEPUNCHING:-} + - IPFS_SWARM_KEY=${USER_IPFS_SWARM_KEY:-} + - IPFS_SWARM_RELAYCLIENT_ENABLED=${USER_IPFS_SWARM_RELAYCLIENT_ENABLED:-} + - IPFS_SWARM_RELAYSERVICE_ENABLED=${USER_IPFS_SWARM_RELAYSERVICE_ENABLED:-} + - IPFS_SWARM_TRANSPORTS_NETWORK_RELAY=${USER_IPFS_SWARM_TRANSPORTS_NETWORK_RELAY:-} + image: ${USER_DOCKER_REPOSITORY}/ipfs:${DOCKER_IMAGE_TAG} + labels: + - SERVICE_4001_CHECK_TCP=true + - SERVICE_4001_NAME=${USER_COMPOSE_SERVICE_NAME}-ipfs-4001 + - SERVICE_5001_CHECK_HTTP=${USER_IPFS_SERVICE_5001_CHECK_HTTP:-/api/v0/diag/sys} + - SERVICE_5001_CHECK_HTTP_METHOD=${USER_IPFS_SERVICE_5001_CHECK_HTTP_METHOD:-POST} + - SERVICE_5001_NAME=${USER_COMPOSE_SERVICE_NAME}-ipfs-5001 + - SERVICE_5001_TAGS=${USER_IPFS_SERVICE_5001_TAGS:-} + - SERVICE_8080_CHECK_HTTP=${USER_IPFS_SERVICE_8080_CHECK_HTTP:-/ipfs/QmUNLLsPACCz1vLxQVkXqqLX5R1X345qqfHbsf67hvA3Nn} + - SERVICE_8080_NAME=${USER_COMPOSE_SERVICE_NAME}-ipfs-8080 + - SERVICE_8080_TAGS=${USER_IPFS_SERVICE_8080_TAGS:-} + - SERVICE_8081_IGNORE=true + networks: + - private + - public + ports: + - 4001/tcp + - 4001/udp + - 5001/tcp + - 8080/tcp + restart: always + ulimits: + nofile: + soft: 65536 + hard: 65536 + volumes: + - ipfs:/data/ipfs:delegated + +volumes: + ipfs: + +networks: + private: + external: true + name: ${DOCKER_NETWORK} + public: + external: true + name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/elastic.mk b/stack/elastic.mk index 1b4a0b0..12c57fe 100644 --- a/stack/elastic.mk +++ b/stack/elastic.mk @@ -8,4 +8,4 @@ elastic ?= elastic/curator elastic/elasticsearch elastic # target elasticsearch-delete-%: delete elasticsearch index % .PHONY: elasticsearch-delete-% elasticsearch-delete-%: - docker ps |awk '$$NF ~ /myos_$(ENV)_elasticsearch/' |sed 's/^.*:\([0-9]*\)->9200\/tcp.*$$/\1/' |while read port; do echo -e "DELETE /$* HTTP/1.0\n\n" |nc localhost $$port; done + docker ps |awk '$$NF ~ /$(USER)-myos-$(ENV)-elasticsearch/' |sed 's/^.*:\([0-9]*\)->9200\/tcp.*$$/\1/' |while read port; do echo -e "DELETE /$* HTTP/1.0\n\n" |nc localhost $$port; done diff --git a/stack/ipfs.mk b/stack/ipfs.mk index ad25b78..3fe8a10 100644 --- a/stack/ipfs.mk +++ b/stack/ipfs.mk @@ -1,6 +1,11 @@ -ENV_VARS += IPFS_DAEMON_ARGS IPFS_PROFILE IPFS_VERSION -IPFS_PROFILE ?= $(if $(filter-out amd64 x86_64,$(MACHINE)),lowpower,server) -IPFS_VERSION ?= 0.16.0 +ENV_VARS += IPFS_API_HTTPHEADERS_ACA_ORIGIN IPFS_DAEMON_ARGS IPFS_PROFILE IPFS_SERVICE_5001_TAGS IPFS_SERVICE_8080_TAGS IPFS_VERSION +IPFS_API_HTTPHEADERS_ACA_ORIGIN ?= ["https://ipfs.$(APP_DOMAIN)","http://ipfs.localhost:8080"] +IPFS_PROFILE ?= $(if $(filter-out amd64 x86_64,$(MACHINE)),lowpower,server) +IPFS_SERVICE_5001_TAGS ?= urlprefix-ipfs.$(APP_DOMAIN)/api +IPFS_SERVICE_8080_CHECK_HTTP ?= /ipfs/QmUNLLsPACCz1vLxQVkXqqLX5R1X345qqfHbsf67hvA3Nn +IPFS_SERVICE_8080_TAGS ?= urlprefix-ipfs.$(APP_DOMAIN)/,urlprefix-*.ipfs.$(APP_DOMAIN),urlprefix-ipns.$(APP_DOMAIN)/,urlprefix-*.ipns.$(APP_DOMAIN)/ +IPFS_VERSION ?= 0.16.0 +UFW_DOCKER_IPFS ?= 4001/tcp 4001/udp 8080 .PHONY: bootstrap-stack-ipfs bootstrap-stack-ipfs: ~/.ipfs setup-sysctl diff --git a/stack/ipfs/.env.dist b/stack/ipfs/.env.dist deleted file mode 100644 index a9be73f..0000000 --- a/stack/ipfs/.env.dist +++ /dev/null @@ -1,17 +0,0 @@ -IPFS_ADDRESSES_API_DOMAIN=${DOCKER_NETWORK_PUBLIC} -IPFS_ADDRESSES_GATEWAY_INET4=0.0.0.0 -IPFS_DAEMON_ARGS=--migrate -IPFS_IPNS_USEPUBSUB=true -IPFS_LOGGING=warning -IPFS_NETWORK=private -IPFS_PUBSUB_ENABLE=true -IPFS_PUBSUB_ROUTER=gossipsub -IPFS_ROUTING_TYPE=dht -IPFS_SERVICE_5001_CHECK_HTTP=/api/v0/diag/sys -IPFS_SERVICE_5001_TAGS=urlprefix-ipfs.${APP_DOMAIN}/api -IPFS_SERVICE_8080_CHECK_HTTP=/ipfs/QmUNLLsPACCz1vLxQVkXqqLX5R1X345qqfHbsf67hvA3Nn -IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${APP_DOMAIN}/,urlprefix-*.ipfs.${APP_DOMAIN}/,urlprefix-ipns.${APP_DOMAIN}/,urlprefix-*.ipns.${APP_DOMAIN}/ -IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=["true"] -IPFS_API_HTTPHEADERS_ACA_HEADERS=["X-Requested-With", "Range", "User-Agent"] -IPFS_API_HTTPHEADERS_ACA_METHODS=["OPTIONS", "POST"] -IPFS_API_HTTPHEADERS_ACA_ORIGIN=["http://ipfs.${APP_DOMAIN}"] diff --git a/stack/ipfs/ipfs.yml b/stack/ipfs/ipfs.yml index e26d49c..6df386d 100644 --- a/stack/ipfs/ipfs.yml +++ b/stack/ipfs/ipfs.yml @@ -9,22 +9,22 @@ services: - UID=${UID} context: ../.. dockerfile: docker/ipfs/Dockerfile - command: daemon --agent-version-suffix=${COMPOSE_PROJECT_NAME} ${IPFS_DAEMON_ARGS} + command: daemon --agent-version-suffix=${COMPOSE_PROJECT_NAME} ${IPFS_DAEMON_ARGS:---migrate} cpus: 0.5 environment: - IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API:-} - - IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN:-} + - IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN:-${DOCKER_NETWORK_PRIVATE}} - IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4:-} - IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT:-} - IPFS_ADDRESSES_GATEWAY=${IPFS_ADDRESSES_GATEWAY:-} - IPFS_ADDRESSES_GATEWAY_DOMAIN=${IPFS_ADDRESSES_GATEWAY_DOMAIN:-} - - IPFS_ADDRESSES_GATEWAY_INET4=${IPFS_ADDRESSES_GATEWAY_INET4:-} + - IPFS_ADDRESSES_GATEWAY_INET4=${IPFS_ADDRESSES_GATEWAY_INET4:-0.0.0.0} - IPFS_ADDRESSES_GATEWAY_PORT=${IPFS_ADDRESSES_GATEWAY_PORT:-} - IPFS_ADDRESSES_NOANNOUNCE=${IPFS_ADDRESSES_NOANNOUNCE:-} - IPFS_API_HTTPHEADERS=${IPFS_API_HTTPHEADERS:-} - - IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=${IPFS_API_HTTPHEADERS_ACA_CREDENTIALS:-} - - IPFS_API_HTTPHEADERS_ACA_HEADERS=${IPFS_API_HTTPHEADERS_ACA_HEADERS:-} - - IPFS_API_HTTPHEADERS_ACA_METHODS=${IPFS_API_HTTPHEADERS_ACA_METHODS:-} + - IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=${IPFS_API_HTTPHEADERS_ACA_CREDENTIALS:-["true"]} + - IPFS_API_HTTPHEADERS_ACA_HEADERS=${IPFS_API_HTTPHEADERS_ACA_HEADERS:-["X-Requested-With", "Range", "User-Agent"]} + - IPFS_API_HTTPHEADERS_ACA_METHODS=${IPFS_API_HTTPHEADERS_ACA_METHODS:-["OPTIONS", "POST"]} - IPFS_API_HTTPHEADERS_ACA_ORIGIN=${IPFS_API_HTTPHEADERS_ACA_ORIGIN:-} - IPFS_BOOTSTRAP=${IPFS_BOOTSTRAP:-} - IPFS_DATASTORE_GCPERIOD=${IPFS_DATASTORE_GCPERIOD:-} @@ -36,15 +36,17 @@ services: - IPFS_EXPERIMENTAL_P2PHTTPPROXY=${IPFS_EXPERIMENTAL_P2PHTTPPROXY:-} - IPFS_EXPERIMENTAL_STRATEGICPROVIDING=${IPFS_EXPERIMENTAL_STRATEGICPROVIDING:-} - IPFS_EXPERIMENTAL_URLSTOREENABLED=${IPFS_EXPERIMENTAL_URLSTOREENABLED:-} + - IPFS_IDENTITY_PEERID=${IPFS_IDENTITY_PEERID:-} + - IPFS_IDENTITY_PRIVKEY=${IPFS_IDENTITY_PRIVKEY:-} - IPFS_IPNS_REPUBLISHPERIOD=${IPFS_IPNS_REPUBLISHPERIOD:-} - IPFS_IPNS_RECORDLIFETIME=${IPFS_IPNS_RECORDLIFETIME:-} - - IPFS_IPNS_USEPUBSUB=${IPFS_IPNS_USEPUBSUB:-} - - IPFS_LOGGING=${IPFS_LOGGING:-} - - IPFS_NETWORK=${IPFS_NETWORK:-} + - IPFS_IPNS_USEPUBSUB=${IPFS_IPNS_USEPUBSUB:-true} + - IPFS_LOGGING=${IPFS_LOGGING:-error} + - IPFS_NETWORK=${IPFS_NETWORK:-private} - IPFS_PROFILE=${IPFS_PROFILE:-} - - IPFS_PUBSUB_ENABLE=${IPFS_PUBSUB_ENABLE:-} - - IPFS_PUBSUB_ROUTER=${IPFS_PUBSUB_ROUTER:-} - - IPFS_ROUTING_TYPE=${IPFS_ROUTING_TYPE:-} + - IPFS_PUBSUB_ENABLE=${IPFS_PUBSUB_ENABLE:-true} + - IPFS_PUBSUB_ROUTER=${IPFS_PUBSUB_ROUTER:-gossipsub} + - IPFS_ROUTING_TYPE=${IPFS_ROUTING_TYPE:-dht} - IPFS_REPROVIDER_INTERVAL=${IPFS_REPROVIDER_INTERVAL:-} - IPFS_REPROVIDER_STRATEGY=${IPFS_REPROVIDER_STRATEGY:-} - IPFS_SWARM_CONNMGR_HIGHWATER=${IPFS_SWARM_CONNMGR_HIGHWATER:-} @@ -52,6 +54,7 @@ services: - IPFS_SWARM_CONNMGR_TYPE=${IPFS_SWARM_CONNMGR_TYPE:-} - IPFS_SWARM_DISABLENATPORTMAP=${IPFS_SWARM_DISABLENATPORTMAP:-} - IPFS_SWARM_ENABLEHOLEPUNCHING=${IPFS_SWARM_ENABLEHOLEPUNCHING:-} + - IPFS_SWARM_KEY=${IPFS_SWARM_KEY:-} - IPFS_SWARM_RELAYCLIENT_ENABLED=${IPFS_SWARM_RELAYCLIENT_ENABLED:-} - IPFS_SWARM_RELAYSERVICE_ENABLED=${IPFS_SWARM_RELAYSERVICE_ENABLED:-} - IPFS_SWARM_TRANSPORTS_NETWORK_RELAY=${IPFS_SWARM_TRANSPORTS_NETWORK_RELAY:-} @@ -59,17 +62,16 @@ services: labels: - SERVICE_4001_CHECK_TCP=true - SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME}-ipfs-4001 - - SERVICE_5001_CHECK_HTTP=${IPFS_SERVICE_5001_CHECK_HTTP} - - SERVICE_5001_CHECK_HTTP_METHOD=POST + - SERVICE_5001_CHECK_HTTP=${IPFS_SERVICE_5001_CHECK_HTTP:-/api/v0/diag/sys} + - SERVICE_5001_CHECK_HTTP_METHOD=${IPFS_SERVICE_5001_CHECK_HTTP_METHOD:-POST} - SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME}-ipfs-5001 - - SERVICE_5001_TAGS=${IPFS_SERVICE_5001_TAGS} - - SERVICE_8080_CHECK_HTTP=${IPFS_SERVICE_8080_CHECK_HTTP} + - SERVICE_5001_TAGS=${IPFS_SERVICE_5001_TAGS:-} + - SERVICE_8080_CHECK_HTTP=${IPFS_SERVICE_8080_CHECK_HTTP:-/ipfs/QmUNLLsPACCz1vLxQVkXqqLX5R1X345qqfHbsf67hvA3Nn} - SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME}-ipfs-8080 - - SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS} + - SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS:-} - SERVICE_8081_IGNORE=true networks: - private - - public ports: - 4001/tcp - 4001/udp diff --git a/stack/node/certbot.yml b/stack/node/certbot.yml index df25c37..479024b 100644 --- a/stack/node/certbot.yml +++ b/stack/node/certbot.yml @@ -13,10 +13,10 @@ services: network_mode: host restart: always volumes: - - myos:/etc/letsencrypt + - node:/etc/letsencrypt volumes: - myos: + node: external: true name: ${NODE_DOCKER_VOLUME} diff --git a/stack/node/fabio.yml b/stack/node/fabio.yml index 669aa50..9d8a0ee 100644 --- a/stack/node/fabio.yml +++ b/stack/node/fabio.yml @@ -35,10 +35,10 @@ services: - public restart: always volumes: - - myos:/etc/letsencrypt:ro + - node:/etc/letsencrypt:ro volumes: - myos: + node: external: true name: ${NODE_DOCKER_VOLUME} diff --git a/stack/node/ipfs.mk b/stack/node/ipfs.mk new file mode 100644 index 0000000..ec2b6ff --- /dev/null +++ b/stack/node/ipfs.mk @@ -0,0 +1,4 @@ +ENV_VARS += NODE_IPFS_API_HTTPHEADERS_ACA_ORIGIN NODE_IPFS_SERVICE_5001_TAGS NODE_IPFS_SERVICE_8080_TAGS +NODE_IPFS_API_HTTPHEADERS_ACA_ORIGIN ?= ["https://ipfs.$(DOMAIN)"] +NODE_IPFS_SERVICE_5001_TAGS ?= urlprefix-ipfs.$(DOMAIN)/api +NODE_IPFS_SERVICE_8080_TAGS ?= urlprefix-ipfs.$(DOMAIN)/,urlprefix-*.ipfs.$(DOMAIN),urlprefix-ipns.$(DOMAIN)/,urlprefix-*.ipns.$(DOMAIN)/ diff --git a/stack/node/ipfs/ipfs.yml b/stack/node/ipfs.yml similarity index 78% rename from stack/node/ipfs/ipfs.yml rename to stack/node/ipfs.yml index aade9d9..77ed559 100644 --- a/stack/node/ipfs/ipfs.yml +++ b/stack/node/ipfs.yml @@ -10,23 +10,23 @@ services: - UID=${NODE_UID} context: ../.. dockerfile: docker/ipfs/Dockerfile - command: daemon --agent-version-suffix=${NODE_COMPOSE_PROJECT_NAME} ${NODE_IPFS_DAEMON_ARGS} + command: daemon --agent-version-suffix=${NODE_COMPOSE_PROJECT_NAME} ${NODE_IPFS_DAEMON_ARGS:---migrate} container_name: ${NODE_COMPOSE_PROJECT_NAME}-ipfs cpus: 0.5 environment: - IPFS_ADDRESSES_API=${NODE_IPFS_ADDRESSES_API:-} - - IPFS_ADDRESSES_API_DOMAIN=${NODE_IPFS_ADDRESSES_API_DOMAIN:-} + - IPFS_ADDRESSES_API_DOMAIN=${NODE_IPFS_ADDRESSES_API_DOMAIN:-${DOCKER_NETWORK_PUBLIC}} - IPFS_ADDRESSES_API_INET4=${NODE_IPFS_ADDRESSES_API_INET4:-} - IPFS_ADDRESSES_API_PORT=${NODE_IPFS_ADDRESSES_API_PORT:-} - IPFS_ADDRESSES_GATEWAY=${NODE_IPFS_ADDRESSES_GATEWAY:-} - IPFS_ADDRESSES_GATEWAY_DOMAIN=${NODE_IPFS_ADDRESSES_GATEWAY_DOMAIN:-} - - IPFS_ADDRESSES_GATEWAY_INET4=${NODE_IPFS_ADDRESSES_GATEWAY_INET4:-} + - IPFS_ADDRESSES_GATEWAY_INET4=${NODE_IPFS_ADDRESSES_GATEWAY_INET4:-0.0.0.0} - IPFS_ADDRESSES_GATEWAY_PORT=${NODE_IPFS_ADDRESSES_GATEWAY_PORT:-} - IPFS_ADDRESSES_NOANNOUNCE=${NODE_IPFS_ADDRESSES_NOANNOUNCE:-} - IPFS_API_HTTPHEADERS=${NODE_IPFS_API_HTTPHEADERS:-} - - IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=${NODE_IPFS_API_HTTPHEADERS_ACA_CREDENTIALS:-} - - IPFS_API_HTTPHEADERS_ACA_HEADERS=${NODE_IPFS_API_HTTPHEADERS_ACA_HEADERS:-} - - IPFS_API_HTTPHEADERS_ACA_METHODS=${NODE_IPFS_API_HTTPHEADERS_ACA_METHODS:-} + - IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=${NODE_IPFS_API_HTTPHEADERS_ACA_CREDENTIALS:-["true"]} + - IPFS_API_HTTPHEADERS_ACA_HEADERS=${NODE_IPFS_API_HTTPHEADERS_ACA_HEADERS:-["X-Requested-With", "Range", "User-Agent"]} + - IPFS_API_HTTPHEADERS_ACA_METHODS=${NODE_IPFS_API_HTTPHEADERS_ACA_METHODS:-["OPTIONS", "POST"]} - IPFS_API_HTTPHEADERS_ACA_ORIGIN=${NODE_IPFS_API_HTTPHEADERS_ACA_ORIGIN:-} - IPFS_BOOTSTRAP=${NODE_IPFS_BOOTSTRAP:-} - IPFS_DATASTORE_GCPERIOD=${NODE_IPFS_DATASTORE_GCPERIOD:-} @@ -38,15 +38,17 @@ services: - IPFS_EXPERIMENTAL_P2PHTTPPROXY=${NODE_IPFS_EXPERIMENTAL_P2PHTTPPROXY:-} - IPFS_EXPERIMENTAL_STRATEGICPROVIDING=${NODE_IPFS_EXPERIMENTAL_STRATEGICPROVIDING:-} - IPFS_EXPERIMENTAL_URLSTOREENABLED=${NODE_IPFS_EXPERIMENTAL_URLSTOREENABLED:-} + - IPFS_IDENTITY_PEERID=${NODE_IPFS_IDENTITY_PEERID:-} + - IPFS_IDENTITY_PRIVKEY=${NODE_IPFS_IDENTITY_PRIVKEY:-} - IPFS_IPNS_REPUBLISHPERIOD=${NODE_IPFS_IPNS_REPUBLISHPERIOD:-} - IPFS_IPNS_RECORDLIFETIME=${NODE_IPFS_IPNS_RECORDLIFETIME:-} - - IPFS_IPNS_USEPUBSUB=${NODE_IPFS_IPNS_USEPUBSUB:-} - - IPFS_LOGGING=${NODE_IPFS_LOGGING:-} - - IPFS_NETWORK=${NODE_IPFS_NETWORK:-} - - IPFS_PROFILE=${NODE_IPFS_PROFILE:-} - - IPFS_PUBSUB_ENABLE=${NODE_IPFS_PUBSUB_ENABLE:-} - - IPFS_PUBSUB_ROUTER=${NODE_IPFS_PUBSUB_ROUTER:-} - - IPFS_ROUTING_TYPE=${NODE_IPFS_ROUTING_TYPE:-} + - IPFS_IPNS_USEPUBSUB=${NODE_IPFS_IPNS_USEPUBSUB:-true} + - IPFS_LOGGING=${NODE_IPFS_LOGGING:-error} + - IPFS_NETWORK=${NODE_IPFS_NETWORK:-public} + - IPFS_PROFILE=${NODE_IPFS_PROFILE:-${IPFS_PROFILE}} + - IPFS_PUBSUB_ENABLE=${NODE_IPFS_PUBSUB_ENABLE:-true} + - IPFS_PUBSUB_ROUTER=${NODE_IPFS_PUBSUB_ROUTER:-gossipsub} + - IPFS_ROUTING_TYPE=${NODE_IPFS_ROUTING_TYPE:-dht} - IPFS_REPROVIDER_INTERVAL=${NODE_IPFS_REPROVIDER_INTERVAL:-} - IPFS_REPROVIDER_STRATEGY=${NODE_IPFS_REPROVIDER_STRATEGY:-} - IPFS_SWARM_CONNMGR_HIGHWATER=${NODE_IPFS_SWARM_CONNMGR_HIGHWATER:-} @@ -54,6 +56,7 @@ services: - IPFS_SWARM_CONNMGR_TYPE=${NODE_IPFS_SWARM_CONNMGR_TYPE:-} - IPFS_SWARM_DISABLENATPORTMAP=${NODE_IPFS_SWARM_DISABLENATPORTMAP:-} - IPFS_SWARM_ENABLEHOLEPUNCHING=${NODE_IPFS_SWARM_ENABLEHOLEPUNCHING:-} + - IPFS_SWARM_KEY=${NODE_IPFS_SWARM_KEY:-} - IPFS_SWARM_RELAYCLIENT_ENABLED=${NODE_IPFS_SWARM_RELAYCLIENT_ENABLED:-} - IPFS_SWARM_RELAYSERVICE_ENABLED=${NODE_IPFS_SWARM_RELAYSERVICE_ENABLED:-} - IPFS_SWARM_TRANSPORTS_NETWORK_RELAY=${NODE_IPFS_SWARM_TRANSPORTS_NETWORK_RELAY:-} @@ -61,13 +64,13 @@ services: labels: - SERVICE_4001_CHECK_TCP=true - SERVICE_4001_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs-4001 - - SERVICE_5001_CHECK_HTTP=${NODE_IPFS_SERVICE_5001_CHECK_HTTP} - - SERVICE_5001_CHECK_HTTP_METHOD=POST + - SERVICE_5001_CHECK_HTTP=${NODE_IPFS_SERVICE_5001_CHECK_HTTP:-/api/v0/diag/sys} + - SERVICE_5001_CHECK_HTTP_METHOD=${NODE_IPFS_SERVICE_5001_CHECK_HTTP_METHOD:-POST} - SERVICE_5001_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs-5001 - - SERVICE_5001_TAGS=${NODE_IPFS_SERVICE_5001_TAGS} - - SERVICE_8080_CHECK_HTTP=${NODE_IPFS_SERVICE_8080_CHECK_HTTP} + - SERVICE_5001_TAGS=${NODE_IPFS_SERVICE_5001_TAGS:-} + - SERVICE_8080_CHECK_HTTP=${NODE_IPFS_SERVICE_8080_CHECK_HTTP:-/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme} - SERVICE_8080_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs-8080 - - SERVICE_8080_TAGS=${NODE_IPFS_SERVICE_8080_TAGS} + - SERVICE_8080_TAGS=${NODE_IPFS_SERVICE_8080_TAGS:-} - SERVICE_8081_IGNORE=true networks: - public diff --git a/stack/node/ipfs/.env.dist b/stack/node/ipfs/.env.dist deleted file mode 100644 index 41904c4..0000000 --- a/stack/node/ipfs/.env.dist +++ /dev/null @@ -1,19 +0,0 @@ -NODE_IPFS_ADDRESSES_API_DOMAIN=${DOCKER_NETWORK_PUBLIC} -NODE_IPFS_ADDRESSES_GATEWAY_INET4=0.0.0.0 -NODE_IPFS_DAEMON_ARGS=--migrate -NODE_IPFS_IPNS_USEPUBSUB=true -NODE_IPFS_LOGGING=error -NODE_IPFS_NETWORK=public -NODE_IPFS_PROFILE=${IPFS_PROFILE} -NODE_IPFS_PUBSUB_ENABLE=true -NODE_IPFS_PUBSUB_ROUTER=gossipsub -NODE_IPFS_ROUTING_TYPE=dht -NODE_IPFS_SERVICE_5001_CHECK_HTTP=/api/v0/diag/sys -NODE_IPFS_SERVICE_5001_TAGS=urlprefix-ipfs.${DOMAIN}/api -NODE_IPFS_SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme -NODE_IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${DOMAIN}/,urlprefix-*.ipfs.${DOMAIN}/,urlprefix-ipns.${DOMAIN}/,urlprefix-*.ipns.${DOMAIN}/ -NODE_IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=["true"] -NODE_IPFS_API_HTTPHEADERS_ACA_HEADERS=["X-Requested-With", "Range", "User-Agent"] -NODE_IPFS_API_HTTPHEADERS_ACA_METHODS=["OPTIONS", "POST"] -NODE_IPFS_API_HTTPHEADERS_ACA_ORIGIN=["https://ipfs.${DOMAIN}", "http://ipfs.${DOMAIN}", "http://ipfs.localhost:8080"] -UFW_DOCKER_ipfs=4001/tcp 4001/udp 8080 diff --git a/stack/node/mail/mailserver.yml b/stack/node/mail/mailserver.yml index d5f10e8..f1d9665 100644 --- a/stack/node/mail/mailserver.yml +++ b/stack/node/mail/mailserver.yml @@ -145,7 +145,7 @@ services: - mailserver-data:/var/mail - mailserver-logs:/var/log/mail - mailserver-state:/var/mail-state - - myos:/etc/letsencrypt:ro + - node:/etc/letsencrypt:ro restart: always stop_grace_period: 1m volumes: @@ -153,7 +153,7 @@ volumes: mailserver-data: mailserver-logs: mailserver-state: - myos: + node: external: true name: ${NODE_DOCKER_VOLUME} diff --git a/stack/theia/theia.yml b/stack/theia/theia.yml index 209c332..cd114d6 100644 --- a/stack/theia/theia.yml +++ b/stack/theia/theia.yml @@ -31,19 +31,19 @@ services: - public restart: always volumes: - - monorepo:/Sources:cached - - myos:/tmp/ssh-agent:ro + - sources:/Sources:cached + - user:/tmp/ssh-agent:ro - /var/run/docker.sock:/var/run/docker.sock volumes: - monorepo: + sources: driver: local driver_opts: type: none device: ${MONOREPO_DIR} o: bind name: ${USER_COMPOSE_PROJECT_NAME} - myos: + user: external: true name: ${USER_DOCKER_VOLUME}