Fixes for each service, new proxy config, removing spare volumes, random things
This commit is contained in:
Derek Crudgington
parent
873f213f36
commit
f175d23e34
@ -180,6 +180,8 @@ collabora IN A $EXTERNALIP
|
|||||||
jitsi IN A $EXTERNALIP
|
jitsi IN A $EXTERNALIP
|
||||||
matrix IN A $EXTERNALIP
|
matrix IN A $EXTERNALIP
|
||||||
element IN A $EXTERNALIP
|
element IN A $EXTERNALIP
|
||||||
|
listmonk IN A $EXTERNALIP
|
||||||
|
vaultwarden IN A $EXTERNALIP
|
||||||
$DOMAIN. IN A $EXTERNALIP
|
$DOMAIN. IN A $EXTERNALIP
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
|||||||
@ -10,11 +10,12 @@ config_jitsi() {
|
|||||||
SPINPID=$!
|
SPINPID=$!
|
||||||
|
|
||||||
if [ ! -d "fstack/jitsi" ]; then
|
if [ ! -d "fstack/jitsi" ]; then
|
||||||
mkdir -p fstack/jitsi/data/config/keys &> /dev/null
|
mkdir -p fstack/jitsi
|
||||||
cp -rf fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/*.pem fstack/jitsi/data/config/keys
|
# mkdir -p fstack/jitsi/data/config/keys &> /dev/null
|
||||||
mv fstack/jitsi/data/config/keys/fullchain1.pem fstack/jitsi/data/config/keys/cert.crt
|
# cp -rf fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/*.pem fstack/jitsi/data/config/keys
|
||||||
mv fstack/jitsi/data/config/keys/privkey1.pem fstack/jitsi/data/config/keys/cert.key
|
# mv fstack/jitsi/data/config/keys/fullchain1.pem fstack/jitsi/data/config/keys/cert.crt
|
||||||
chmod 644 fstack/jitsi/data/config/keys/*.pem
|
# mv fstack/jitsi/data/config/keys/privkey1.pem fstack/jitsi/data/config/keys/cert.key
|
||||||
|
# chmod 644 fstack/jitsi/data/config/keys/*.pem
|
||||||
fi
|
fi
|
||||||
|
|
||||||
DOMAIN_ARRAY=(${DOMAIN//./ })
|
DOMAIN_ARRAY=(${DOMAIN//./ })
|
||||||
@ -32,19 +33,19 @@ version: '3.7'
|
|||||||
services:
|
services:
|
||||||
# Frontend
|
# Frontend
|
||||||
web:
|
web:
|
||||||
image: jitsi/web:${JITSI_IMAGE_VERSION:-stable-7882}
|
image: jitsi/web:\${JITSI_IMAGE_VERSION:-stable-7882}
|
||||||
restart: ${RESTART_POLICY:-unless-stopped}
|
restart: \${RESTART_POLICY:-unless-stopped}
|
||||||
ports:
|
ports:
|
||||||
- '${HTTP_PORT}:80'
|
- '\${HTTP_PORT}:80'
|
||||||
- '${HTTPS_PORT}:443'
|
- '\${HTTPS_PORT}:443'
|
||||||
volumes:
|
volumes:
|
||||||
- ${CONFIG}/web:/config:Z
|
- \${CONFIG}/web:/config:Z
|
||||||
- ${CONFIG}/web/crontabs:/var/spool/cron/crontabs:Z
|
- \${CONFIG}/web/crontabs:/var/spool/cron/crontabs:Z
|
||||||
- ${CONFIG}/transcripts:/usr/share/jitsi-meet/transcripts:Z
|
- \${CONFIG}/transcripts:/usr/share/jitsi-meet/transcripts:Z
|
||||||
- ./data/config/keys:/config/keys:Z
|
- ./data/config/keys:/config/keys:Z
|
||||||
environment:
|
environment:
|
||||||
- VIRTUAL_PROTO=https
|
- VIRTUAL_PROTO=http
|
||||||
- VIRTUAL_PORT=443
|
- VIRTUAL_PORT=80
|
||||||
- VIRTUAL_HOST=jitsi.$DOMAIN
|
- VIRTUAL_HOST=jitsi.$DOMAIN
|
||||||
- AMPLITUDE_ID
|
- AMPLITUDE_ID
|
||||||
- ANALYTICS_SCRIPT_URLS
|
- ANALYTICS_SCRIPT_URLS
|
||||||
@ -184,15 +185,15 @@ services:
|
|||||||
|
|
||||||
# XMPP server
|
# XMPP server
|
||||||
prosody:
|
prosody:
|
||||||
image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable-7882}
|
image: jitsi/prosody:\${JITSI_IMAGE_VERSION:-stable-7882}
|
||||||
restart: ${RESTART_POLICY:-unless-stopped}
|
restart: \${RESTART_POLICY:-unless-stopped}
|
||||||
expose:
|
expose:
|
||||||
- '${XMPP_PORT:-5222}'
|
- '\${XMPP_PORT:-5222}'
|
||||||
- '5347'
|
- '5347'
|
||||||
- '5280'
|
- '5280'
|
||||||
volumes:
|
volumes:
|
||||||
- ${CONFIG}/prosody/config:/config:Z
|
- \${CONFIG}/prosody/config:/config:Z
|
||||||
- ${CONFIG}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
|
- \${CONFIG}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
|
||||||
environment:
|
environment:
|
||||||
- AUTH_TYPE
|
- AUTH_TYPE
|
||||||
- DISABLE_POLLS
|
- DISABLE_POLLS
|
||||||
@ -282,10 +283,10 @@ services:
|
|||||||
|
|
||||||
# Focus component
|
# Focus component
|
||||||
jicofo:
|
jicofo:
|
||||||
image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable-7882}
|
image: jitsi/jicofo:\${JITSI_IMAGE_VERSION:-stable-7882}
|
||||||
restart: ${RESTART_POLICY:-unless-stopped}
|
restart: \${RESTART_POLICY:-unless-stopped}
|
||||||
volumes:
|
volumes:
|
||||||
- ${CONFIG}/jicofo:/config:Z
|
- \${CONFIG}/jicofo:/config:Z
|
||||||
environment:
|
environment:
|
||||||
- AUTH_TYPE
|
- AUTH_TYPE
|
||||||
- BRIDGE_AVG_PARTICIPANT_STRESS
|
- BRIDGE_AVG_PARTICIPANT_STRESS
|
||||||
@ -314,7 +315,7 @@ services:
|
|||||||
- JVB_BREWERY_MUC
|
- JVB_BREWERY_MUC
|
||||||
- MAX_BRIDGE_PARTICIPANTS
|
- MAX_BRIDGE_PARTICIPANTS
|
||||||
- OCTO_BRIDGE_SELECTION_STRATEGY
|
- OCTO_BRIDGE_SELECTION_STRATEGY
|
||||||
- SENTRY_DSN="${JICOFO_SENTRY_DSN:-0}"
|
- SENTRY_DSN="\${JICOFO_SENTRY_DSN:-0}"
|
||||||
- SENTRY_ENVIRONMENT
|
- SENTRY_ENVIRONMENT
|
||||||
- SENTRY_RELEASE
|
- SENTRY_RELEASE
|
||||||
- TZ
|
- TZ
|
||||||
@ -333,13 +334,13 @@ services:
|
|||||||
|
|
||||||
# Video bridge
|
# Video bridge
|
||||||
jvb:
|
jvb:
|
||||||
image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable-7882}
|
image: jitsi/jvb:\${JITSI_IMAGE_VERSION:-stable-7882}
|
||||||
restart: ${RESTART_POLICY:-unless-stopped}
|
restart: \${RESTART_POLICY:-unless-stopped}
|
||||||
ports:
|
ports:
|
||||||
- '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp'
|
- '\${JVB_PORT:-10000}:\${JVB_PORT:-10000}/udp'
|
||||||
- '127.0.0.1:${JVB_COLIBRI_PORT:-9090}:9090'
|
- '127.0.0.1:\${JVB_COLIBRI_PORT:-9090}:9090'
|
||||||
volumes:
|
volumes:
|
||||||
- ${CONFIG}/jvb:/config:Z
|
- \${CONFIG}/jvb:/config:Z
|
||||||
environment:
|
environment:
|
||||||
- DOCKER_HOST_ADDRESS
|
- DOCKER_HOST_ADDRESS
|
||||||
- ENABLE_COLIBRI_WEBSOCKET
|
- ENABLE_COLIBRI_WEBSOCKET
|
||||||
@ -360,7 +361,7 @@ services:
|
|||||||
- JVB_WS_DOMAIN
|
- JVB_WS_DOMAIN
|
||||||
- JVB_WS_SERVER_ID
|
- JVB_WS_SERVER_ID
|
||||||
- PUBLIC_URL
|
- PUBLIC_URL
|
||||||
- SENTRY_DSN="${JVB_SENTRY_DSN:-0}"
|
- SENTRY_DSN="\${JVB_SENTRY_DSN:-0}"
|
||||||
- SENTRY_ENVIRONMENT
|
- SENTRY_ENVIRONMENT
|
||||||
- SENTRY_RELEASE
|
- SENTRY_RELEASE
|
||||||
- COLIBRI_REST_ENABLED
|
- COLIBRI_REST_ENABLED
|
||||||
@ -375,6 +376,10 @@ services:
|
|||||||
networks:
|
networks:
|
||||||
fstack:
|
fstack:
|
||||||
ipv4_address: 172.99.0.28
|
ipv4_address: 172.99.0.28
|
||||||
|
|
||||||
|
networks:
|
||||||
|
fstack:
|
||||||
|
external: true
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
# Create Jitsi .env file
|
# Create Jitsi .env file
|
||||||
@ -630,7 +635,7 @@ start_jitsi() {
|
|||||||
break
|
break
|
||||||
else
|
else
|
||||||
if [ "$RETRY" == 1 ]; then
|
if [ "$RETRY" == 1 ]; then
|
||||||
cd fstack/jitsi && docker-compose -f docker-compose.yml -p jitsi down &> /dev/null
|
docker-compose -f docker-compose.yml -p jitsi down &> /dev/null
|
||||||
kill -9 $SPINPID &> /dev/null
|
kill -9 $SPINPID &> /dev/null
|
||||||
fail "There was a problem starting service fstack/jitsi\nCheck the output of 'docker logs jitsi' or turn on\ndebug with -d"
|
fail "There was a problem starting service fstack/jitsi\nCheck the output of 'docker logs jitsi' or turn on\ndebug with -d"
|
||||||
fi
|
fi
|
||||||
|
|||||||
@ -10,7 +10,7 @@ config_listmonk() {
|
|||||||
SPINPID=$!
|
SPINPID=$!
|
||||||
|
|
||||||
if [ ! -d "fstack/listmonk" ]; then
|
if [ ! -d "fstack/listmonk" ]; then
|
||||||
mkdir -p fstack/listmonk/static
|
mkdir -p fstack/listmonk/static fstack/listmonk/data/listmonk
|
||||||
fi
|
fi
|
||||||
|
|
||||||
DOMAIN_ARRAY=(${DOMAIN//./ })
|
DOMAIN_ARRAY=(${DOMAIN//./ })
|
||||||
@ -76,10 +76,10 @@ start_listmonk() {
|
|||||||
|
|
||||||
if [ $DEBUG ]; then
|
if [ $DEBUG ]; then
|
||||||
# Start fstack/listmonk with output to console for debug
|
# Start fstack/listmonk with output to console for debug
|
||||||
docker-compose -f fstack/listmonk/docker-compose.yml -p listmonk up --build
|
docker-compose -f fstack/listmonk/docker-compose.yml -p listmonk up
|
||||||
[ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/listmonk"
|
[ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/listmonk"
|
||||||
else
|
else
|
||||||
docker-compose -f fstack/listmonk/docker-compose.yml -p listmonk up --build -d &> /dev/null
|
docker-compose -f fstack/listmonk/docker-compose.yml -p listmonk up -d &> /dev/null
|
||||||
|
|
||||||
# Keep trying listmonk port 9000 to make sure it's up
|
# Keep trying listmonk port 9000 to make sure it's up
|
||||||
# before we proceed
|
# before we proceed
|
||||||
|
|||||||
@ -10,7 +10,7 @@ config_matrix() {
|
|||||||
SPINPID=$!
|
SPINPID=$!
|
||||||
|
|
||||||
if [ ! -d "fstack/matrix" ]; then
|
if [ ! -d "fstack/matrix" ]; then
|
||||||
mkdir -p fstack/matrix/data/root/certs fstack/matrix/data/matrix fstack/matrix/data/element &> /dev/null
|
mkdir -p fstack/matrix/data/matrix fstack/matrix/data/element &> /dev/null
|
||||||
cp -rf fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/*.pem fstack/matrix/data/matrix
|
cp -rf fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/*.pem fstack/matrix/data/matrix
|
||||||
chmod 644 fstack/matrix/data/matrix/*.pem
|
chmod 644 fstack/matrix/data/matrix/*.pem
|
||||||
fi
|
fi
|
||||||
@ -139,11 +139,28 @@ cat > fstack/matrix/data/element/element-config.json <<EOF
|
|||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
# Generate the matrix homeserver.yaml file
|
||||||
docker run -it --rm -v "`pwd`/fstack/matrix/data/matrix:/data" -e SYNAPSE_SERVER_NAME=matrix.$DOMAIN -e SYNAPSE_REPORT_STATS=yes matrixdotorg/synapse:latest generate &> /dev/null
|
docker run -it --rm -v "`pwd`/fstack/matrix/data/matrix:/data" -e SYNAPSE_SERVER_NAME=matrix.$DOMAIN -e SYNAPSE_REPORT_STATS=yes matrixdotorg/synapse:latest generate &> /dev/null
|
||||||
[ $? -ne 0 ] && fail "Couldn't run docker matrixdotorg/synapse:latest generate"
|
[ $? -ne 0 ] && fail "Couldn't run docker matrixdotorg/synapse:latest generate"
|
||||||
|
|
||||||
|
# Take out default Sqlite database config
|
||||||
|
sed -i 's!database: /data/homeserver.db!!g' fstack/matrix/data/matrix/homeserver.yaml
|
||||||
|
sed -i 's!database:!!g' fstack/matrix/data/matrix/homeserver.yaml
|
||||||
|
sed -i 's!name: sqlite3!!g' fstack/matrix/data/matrix/homeserver.yaml
|
||||||
|
sed -i 's!args:!!g' fstack/matrix/data/matrix/homeserver.yaml
|
||||||
|
|
||||||
|
# Insert our Postgres and LDAP config
|
||||||
cat >> fstack/matrix/data/matrix/homeserver.yaml <<EOF
|
cat >> fstack/matrix/data/matrix/homeserver.yaml <<EOF
|
||||||
|
|
||||||
|
database:
|
||||||
|
name: psycopg2
|
||||||
|
args:
|
||||||
|
user: matrix
|
||||||
|
password: d3r3k123
|
||||||
|
host: postgresql.$DOMAIN
|
||||||
|
database: matrix
|
||||||
|
cp_min: 5
|
||||||
|
cp_max: 10
|
||||||
modules:
|
modules:
|
||||||
- module: "ldap_auth_provider.LdapAuthProviderModule"
|
- module: "ldap_auth_provider.LdapAuthProviderModule"
|
||||||
config:
|
config:
|
||||||
|
|||||||
19
fstack/lib/network.sh.old
Normal file
19
fstack/lib/network.sh.old
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# Federated Computer Network
|
||||||
|
|
||||||
|
PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
||||||
|
|
||||||
|
config_network() {
|
||||||
|
echo -ne "\n* Configuring federated network.."
|
||||||
|
spin &
|
||||||
|
SPINPID=$!
|
||||||
|
|
||||||
|
if [ ! `docker network ls -q --filter name=fstack` ]; then
|
||||||
|
docker network create --subnet 172.99.0.0/16 fstack &> /dev/null
|
||||||
|
[ $? -ne 0 ] && fail "Couldn't run docker network create"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo -ne "done."
|
||||||
|
kill -9 $SPINPID &> /dev/null
|
||||||
|
}
|
||||||
@ -10,10 +10,7 @@ config_nextcloud() {
|
|||||||
SPINPID=$!
|
SPINPID=$!
|
||||||
|
|
||||||
if [ ! -d "fstack/nextcloud" ]; then
|
if [ ! -d "fstack/nextcloud" ]; then
|
||||||
mkdir -p fstack/nextcloud/data/root/certs &> /dev/null
|
|
||||||
mkdir -p fstack/nextcloud/data/var/www/html &> /dev/null
|
mkdir -p fstack/nextcloud/data/var/www/html &> /dev/null
|
||||||
mkdir -p fstack/nextcloud/data/etc/apache2/sites-enabled &> /dev/null
|
|
||||||
cp -rf fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/*.pem fstack/nextcloud/data/root/certs/
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
DOMAIN_ARRAY=(${DOMAIN//./ })
|
DOMAIN_ARRAY=(${DOMAIN//./ })
|
||||||
@ -36,19 +33,13 @@ services:
|
|||||||
networks:
|
networks:
|
||||||
fstack:
|
fstack:
|
||||||
ipv4_address: 172.99.0.15
|
ipv4_address: 172.99.0.15
|
||||||
ports:
|
|
||||||
- "8000:80"
|
|
||||||
- "8444:443"
|
|
||||||
extra_hosts:
|
extra_hosts:
|
||||||
- "collabora.$DOMAIN:$EXTERNALIP"
|
- "collabora.$DOMAIN:$EXTERNALIP"
|
||||||
volumes:
|
volumes:
|
||||||
- ./data/root:/root
|
|
||||||
- ./data/etc/apache2/sites-enabled:/etc/apache2/sites-enabled
|
|
||||||
- ./data/var/www/html:/var/www/html
|
- ./data/var/www/html:/var/www/html
|
||||||
environment:
|
environment:
|
||||||
- CERT_NAME=$DOMAIN
|
- VIRTUAL_PROTO=http
|
||||||
- VIRTUAL_PROTO=https
|
- VIRTUAL_PORT=80
|
||||||
- VIRTUAL_PORT=443
|
|
||||||
- VIRTUAL_HOST=nextcloud.$DOMAIN
|
- VIRTUAL_HOST=nextcloud.$DOMAIN
|
||||||
- PHP_MEMORY_LIMIT=2048M
|
- PHP_MEMORY_LIMIT=2048M
|
||||||
- PHP_UPLOAD_LIMIT=2048M
|
- PHP_UPLOAD_LIMIT=2048M
|
||||||
@ -110,7 +101,7 @@ ENV NEXTCLOUD_UPDATE=1
|
|||||||
CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
|
CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
cat > fstack/nextcloud/data/root/nextcloud.sh <<EOF
|
cat > fstack/nextcloud/data/nextcloud.sh <<EOF
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
PATH=/var/www/html:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/sbin:/bin
|
PATH=/var/www/html:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/sbin:/bin
|
||||||
@ -173,29 +164,7 @@ ADMINUUID=\`./occ user:list | grep admin | awk '{ print \$2 }' | awk -F: '{ prin
|
|||||||
./occ config:app:set --value "" richdocuments disable_certificate_verification
|
./occ config:app:set --value "" richdocuments disable_certificate_verification
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
chmod +x fstack/nextcloud/data/root/*.sh
|
chmod +x fstack/nextcloud/data/nextcloud.sh
|
||||||
|
|
||||||
cat > fstack/nextcloud/data/etc/apache2/sites-enabled/000-default.conf <<'EOF'
|
|
||||||
LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so
|
|
||||||
|
|
||||||
<VirtualHost *:80>
|
|
||||||
ServerAdmin admin@localhost
|
|
||||||
DocumentRoot /var/www/html
|
|
||||||
ErrorLog ${APACHE_LOG_DIR}/error.log
|
|
||||||
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
|
||||||
</VirtualHost>
|
|
||||||
|
|
||||||
<VirtualHost *:443>
|
|
||||||
SSLEngine on
|
|
||||||
SSLCertificateFile /root/certs/fullchain1.pem
|
|
||||||
SSLCertificateKeyFile /root/certs/privkey1.pem
|
|
||||||
|
|
||||||
ServerAdmin admin@localhost
|
|
||||||
DocumentRoot /var/www/html
|
|
||||||
ErrorLog ${APACHE_LOG_DIR}/error.log
|
|
||||||
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
|
||||||
</VirtualHost>
|
|
||||||
EOF
|
|
||||||
|
|
||||||
kill -9 $SPINPID &> /dev/null
|
kill -9 $SPINPID &> /dev/null
|
||||||
echo -ne "done."
|
echo -ne "done."
|
||||||
@ -233,7 +202,7 @@ start_nextcloud() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# Move nextcloud.sh and set nextcloud.sh executable
|
# Move nextcloud.sh and set nextcloud.sh executable
|
||||||
docker exec -it nextcloud mv /root/nextcloud.sh /var/www/html/
|
mv fstack/nextcloud/data/nextcloud.sh fstack/nextcloud/data/var/www/html/
|
||||||
docker exec -it nextcloud chown www-data:root /var/www/html/nextcloud.sh
|
docker exec -it nextcloud chown www-data:root /var/www/html/nextcloud.sh
|
||||||
docker exec -it nextcloud chmod 755 /var/www/html/nextcloud.sh
|
docker exec -it nextcloud chmod 755 /var/www/html/nextcloud.sh
|
||||||
[ $? -ne 0 ] && fail "Couldn't chown nextcloud.sh in fstack/nextcloud container"
|
[ $? -ne 0 ] && fail "Couldn't chown nextcloud.sh in fstack/nextcloud container"
|
||||||
@ -242,12 +211,6 @@ start_nextcloud() {
|
|||||||
docker exec -it -u 33 nextcloud /var/www/html/nextcloud.sh &> /dev/null
|
docker exec -it -u 33 nextcloud /var/www/html/nextcloud.sh &> /dev/null
|
||||||
[ $? -ne 0 ] && fail "Couldn't run nextcloud.sh inside fstack/nextcloud container"
|
[ $? -ne 0 ] && fail "Couldn't run nextcloud.sh inside fstack/nextcloud container"
|
||||||
|
|
||||||
# Enable SSL module in fstack/nextcloud
|
|
||||||
docker exec -it nextcloud a2enmod ssl &> /dev/null
|
|
||||||
[ $? -ne 0 ] && fail "Couldn't run a2enmod ssl in fstack/nextcloud container"
|
|
||||||
|
|
||||||
docker exec -it nextcloud service apache2 restart &> /dev/null
|
|
||||||
|
|
||||||
kill -9 $SPINPID &> /dev/null
|
kill -9 $SPINPID &> /dev/null
|
||||||
echo -ne "done."
|
echo -ne "done."
|
||||||
}
|
}
|
||||||
|
|||||||
@ -10,8 +10,7 @@ config_panel() {
|
|||||||
SPINPID=$!
|
SPINPID=$!
|
||||||
|
|
||||||
if [ ! -d "fstack/panel" ]; then
|
if [ ! -d "fstack/panel" ]; then
|
||||||
mkdir -p fstack/panel/data/root/certs &> /dev/null
|
mkdir -p fstack/panel
|
||||||
cp -rf fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/*.pem fstack/panel/data/root/certs/
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
DOMAIN_ARRAY=(${DOMAIN//./ })
|
DOMAIN_ARRAY=(${DOMAIN//./ })
|
||||||
@ -59,15 +58,9 @@ services:
|
|||||||
networks:
|
networks:
|
||||||
fstack:
|
fstack:
|
||||||
ipv4_address: 172.99.0.12
|
ipv4_address: 172.99.0.12
|
||||||
ports:
|
|
||||||
- 8080:80
|
|
||||||
- 8443:443
|
|
||||||
volumes:
|
|
||||||
- ./data/root/certs:/opt/ssl
|
|
||||||
environment:
|
environment:
|
||||||
- CERT_NAME=$DOMAIN
|
- VIRTUAL_PROTO=http
|
||||||
- VIRTUAL_PROTO=https
|
- VIRTUAL_PORT=80
|
||||||
- VIRTUAL_PORT=443
|
|
||||||
- VIRTUAL_HOST=panel.$DOMAIN
|
- VIRTUAL_HOST=panel.$DOMAIN
|
||||||
- SERVER_HOSTNAME=panel.$DOMAIN
|
- SERVER_HOSTNAME=panel.$DOMAIN
|
||||||
- LDAP_URI=ldap://ldap.$DOMAIN
|
- LDAP_URI=ldap://ldap.$DOMAIN
|
||||||
@ -86,10 +79,7 @@ services:
|
|||||||
- SMTP_PASSWORD=$ADMINPASS
|
- SMTP_PASSWORD=$ADMINPASS
|
||||||
- EMAIL_FROM_ADDRESS=admin@$DOMAIN
|
- EMAIL_FROM_ADDRESS=admin@$DOMAIN
|
||||||
- SMTP_USE_TLS=true
|
- SMTP_USE_TLS=true
|
||||||
- NO_HTTPS=false
|
- NO_HTTPS=true
|
||||||
- SERVER_CERT_FILENAME=fullchain1.pem
|
|
||||||
- SERVER_KEY_FILENAME=privkey1.pem
|
|
||||||
- CA_CERT_FILENAME=chain1.pem
|
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
fstack:
|
fstack:
|
||||||
@ -117,7 +107,7 @@ start_panel() {
|
|||||||
# before we proceed
|
# before we proceed
|
||||||
RETRY="30"
|
RETRY="30"
|
||||||
while [ $RETRY -gt 0 ]; do
|
while [ $RETRY -gt 0 ]; do
|
||||||
nc -z 172.99.0.12 443 &> /dev/null
|
nc -z 172.99.0.12 80 &> /dev/null
|
||||||
if [ $? -eq 0 ]; then
|
if [ $? -eq 0 ]; then
|
||||||
break
|
break
|
||||||
else
|
else
|
||||||
|
|||||||
@ -38,10 +38,12 @@ services:
|
|||||||
- ./data/var/lib/postgresql/server.crt:/var/lib/postgresql/server.crt
|
- ./data/var/lib/postgresql/server.crt:/var/lib/postgresql/server.crt
|
||||||
- ./data/var/lib/postgresql/server.key:/var/lib/postgresql/server.key
|
- ./data/var/lib/postgresql/server.key:/var/lib/postgresql/server.key
|
||||||
- ./data/var/lib/postgresql/data:/var/lib/postgresql/data
|
- ./data/var/lib/postgresql/data:/var/lib/postgresql/data
|
||||||
|
- ./data/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
|
||||||
environment:
|
environment:
|
||||||
- POSTGRES_DB=nextcloud
|
- POSTGRES_DB=nextcloud
|
||||||
- POSTGRES_USER=nextcloud
|
- POSTGRES_USER=nextcloud
|
||||||
- POSTGRES_PASSWORD=$ADMINPASS
|
- POSTGRES_PASSWORD=$ADMINPASS
|
||||||
|
- POSTGRES_INITDB_ARGS=--encoding='UTF8' --lc-collate='C' --lc-ctype='C'
|
||||||
command: >
|
command: >
|
||||||
-c ssl=on
|
-c ssl=on
|
||||||
-c ssl_cert_file=/var/lib/postgresql/server.crt
|
-c ssl_cert_file=/var/lib/postgresql/server.crt
|
||||||
@ -65,6 +67,9 @@ GRANT ALL PRIVILEGES ON DATABASE vaultwarden TO vaultwarden;
|
|||||||
CREATE USER listmonk WITH PASSWORD '$ADMINPASS';
|
CREATE USER listmonk WITH PASSWORD '$ADMINPASS';
|
||||||
CREATE DATABASE listmonk;
|
CREATE DATABASE listmonk;
|
||||||
GRANT ALL PRIVILEGES ON DATABASE listmonk TO listmonk;
|
GRANT ALL PRIVILEGES ON DATABASE listmonk TO listmonk;
|
||||||
|
CREATE USER matrix WITH PASSWORD '$ADMINPASS';
|
||||||
|
CREATE DATABASE matrix;
|
||||||
|
GRANT ALL PRIVILEGES ON DATABASE matrix TO matrix;
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
kill -9 $SPINPID &> /dev/null
|
kill -9 $SPINPID &> /dev/null
|
||||||
@ -79,10 +84,10 @@ start_postgresql() {
|
|||||||
|
|
||||||
if [ $DEBUG ]; then
|
if [ $DEBUG ]; then
|
||||||
# Start fstack/postgresql with output to console for debug
|
# Start fstack/postgresql with output to console for debug
|
||||||
docker-compose -f fstack/postgresql/docker-compose.yml -p postgresql up --build
|
docker-compose -f fstack/postgresql/docker-compose.yml -p postgresql up
|
||||||
[ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/postgresql"
|
[ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/postgresql"
|
||||||
else
|
else
|
||||||
docker-compose -f fstack/postgresql/docker-compose.yml -p postgresql up --build -d &> /dev/null
|
docker-compose -f fstack/postgresql/docker-compose.yml -p postgresql up -d &> /dev/null
|
||||||
|
|
||||||
# Keep trying postgresql port 5432 to make sure it's up
|
# Keep trying postgresql port 5432 to make sure it's up
|
||||||
# before we proceed
|
# before we proceed
|
||||||
|
|||||||
@ -59,10 +59,10 @@ start_vaultwarden() {
|
|||||||
|
|
||||||
if [ $DEBUG ]; then
|
if [ $DEBUG ]; then
|
||||||
# Start fstack/vaultwarden with output to console for debug
|
# Start fstack/vaultwarden with output to console for debug
|
||||||
docker-compose -f fstack/vaultwarden/docker-compose.yml -p vaultwarden up --build
|
docker-compose -f fstack/vaultwarden/docker-compose.yml -p vaultwarden up
|
||||||
[ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/vaultwarden"
|
[ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/vaultwarden"
|
||||||
else
|
else
|
||||||
docker-compose -f fstack/vaultwarden/docker-compose.yml -p vaultwarden up --build -d &> /dev/null
|
docker-compose -f fstack/vaultwarden/docker-compose.yml -p vaultwarden up -d &> /dev/null
|
||||||
|
|
||||||
# Keep trying vaultwarden port 80 to make sure it's up
|
# Keep trying vaultwarden port 80 to make sure it's up
|
||||||
# before we proceed
|
# before we proceed
|
||||||
|
|||||||
@ -47,12 +47,15 @@ get_config() {
|
|||||||
. fstack/lib/checks.sh
|
. fstack/lib/checks.sh
|
||||||
. fstack/lib/network.sh
|
. fstack/lib/network.sh
|
||||||
. fstack/lib/dns.sh
|
. fstack/lib/dns.sh
|
||||||
|
. fstack/lib/postgresql.sh
|
||||||
. fstack/lib/ldap.sh
|
. fstack/lib/ldap.sh
|
||||||
. fstack/lib/mail.sh
|
. fstack/lib/mail.sh
|
||||||
. fstack/lib/collabora.sh
|
. fstack/lib/collabora.sh
|
||||||
. fstack/lib/nextcloud.sh
|
. fstack/lib/nextcloud.sh
|
||||||
. fstack/lib/matrix.sh
|
. fstack/lib/matrix.sh
|
||||||
. fstack/lib/jitsi.sh
|
. fstack/lib/jitsi.sh
|
||||||
|
. fstack/lib/listmonk.sh
|
||||||
|
. fstack/lib/vaultwarden.sh
|
||||||
. fstack/lib/panel.sh
|
. fstack/lib/panel.sh
|
||||||
. fstack/lib/proxy.sh
|
. fstack/lib/proxy.sh
|
||||||
|
|
||||||
@ -85,9 +88,7 @@ check_ports
|
|||||||
config_network
|
config_network
|
||||||
|
|
||||||
# Configure and start each federated service
|
# Configure and start each federated service
|
||||||
#for i in dns ldap mail collabora nextcloud matrix jitsi panel proxy; do
|
for i in dns postgresql ldap mail collabora nextcloud matrix jitsi listmonk vaultwarden panel proxy; do
|
||||||
#for i in ldap mail collabora nextcloud matrix jitsi panel proxy; do
|
|
||||||
for i in nextcloud; do
|
|
||||||
config_$i
|
config_$i
|
||||||
start_$i
|
start_$i
|
||||||
done
|
done
|
||||||
|
|||||||
6
start.sh
6
start.sh
@ -3,7 +3,7 @@
|
|||||||
# Federated Start Script
|
# Federated Start Script
|
||||||
|
|
||||||
usage() {
|
usage() {
|
||||||
echo "$0: all|dns|ldap|mail|collabora|nextcloud|matrix|jitsi|panel|proxy"
|
echo "$0: all|dns|postgresql|ldap|mail|collabora|nextcloud|matrix|jitsi|listmonk|vaultwarden|panel|proxy"
|
||||||
exit 2
|
exit 2
|
||||||
}
|
}
|
||||||
startservice() {
|
startservice() {
|
||||||
@ -11,7 +11,7 @@ startservice() {
|
|||||||
cd fstack/$SERVICE && docker-compose -f docker-compose.yml -p $SERVICE up -d
|
cd fstack/$SERVICE && docker-compose -f docker-compose.yml -p $SERVICE up -d
|
||||||
}
|
}
|
||||||
startservice_all() {
|
startservice_all() {
|
||||||
for i in dns ldap mail collabora nextcloud matrix jitsi panel proxy; do
|
for i in dns postgresql ldap mail collabora nextcloud matrix jitsi listmonk vaultwarden panel proxy; do
|
||||||
echo "* Starting $i.."
|
echo "* Starting $i.."
|
||||||
cd fstack/$i && docker-compose -f docker-compose.yml -p $i up -d
|
cd fstack/$i && docker-compose -f docker-compose.yml -p $i up -d
|
||||||
done
|
done
|
||||||
@ -22,6 +22,6 @@ SERVICE=$1
|
|||||||
|
|
||||||
case "$SERVICE" in
|
case "$SERVICE" in
|
||||||
all) startservice_all;;
|
all) startservice_all;;
|
||||||
dns|ldap|mail|collabora|nextcloud|matrix|jitsi|panel|proxy) startservice;;
|
dns|postgresql|ldap|mail|collabora|nextcloud|matrix|jitsi|listmonk|vaultwarden|panel|proxy) startservice;;
|
||||||
*) usage;;
|
*) usage;;
|
||||||
esac
|
esac
|
||||||
|
|||||||
6
stop.sh
6
stop.sh
@ -3,7 +3,7 @@
|
|||||||
# Federated Stop Script
|
# Federated Stop Script
|
||||||
|
|
||||||
usage() {
|
usage() {
|
||||||
echo "$0: all|dns|ldap|mail|collabora|nextcloud|matrix|jitsi|panel|proxy"
|
echo "$0: all|dns|postgresql|ldap|mail|collabora|nextcloud|matrix|jitsi|listmonk|vaultwarden|panel|proxy"
|
||||||
exit 2
|
exit 2
|
||||||
}
|
}
|
||||||
stopservice() {
|
stopservice() {
|
||||||
@ -11,7 +11,7 @@ stopservice() {
|
|||||||
docker-compose -f fstack/$SERVICE/docker-compose.yml -p $SERVICE down
|
docker-compose -f fstack/$SERVICE/docker-compose.yml -p $SERVICE down
|
||||||
}
|
}
|
||||||
stopservice_all() {
|
stopservice_all() {
|
||||||
for i in dns ldap mail collabora nextcloud matrix jitsi panel proxy; do
|
for i in dns postgresql ldap mail collabora nextcloud matrix jitsi listmonk vaultwarden panel proxy; do
|
||||||
echo "* Stopping $i.."
|
echo "* Stopping $i.."
|
||||||
docker-compose -f fstack/$i/docker-compose.yml -p $i down
|
docker-compose -f fstack/$i/docker-compose.yml -p $i down
|
||||||
done
|
done
|
||||||
@ -22,6 +22,6 @@ SERVICE=$1
|
|||||||
|
|
||||||
case "$SERVICE" in
|
case "$SERVICE" in
|
||||||
all) stopservice_all;;
|
all) stopservice_all;;
|
||||||
dns|ldap|mail|collabora|nextcloud|matrix|jitsi|panel|proxy) stopservice;;
|
dns|postgresql|ldap|mail|collabora|nextcloud|matrix|jitsi|listmonk|vaultwarden|panel|proxy) stopservice;;
|
||||||
*) usage;;
|
*) usage;;
|
||||||
esac
|
esac
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user