mirror of
https://asciireactor.com/otho/stashapp
synced 2024-11-23 10:55:05 +00:00
Update for FreeBSD migration.
This commit is contained in:
parent
5a5b3f35e3
commit
18550b9baf
1
.gitignore
vendored
1
.gitignore
vendored
@ -4,3 +4,4 @@ vhost.d
|
||||
.env
|
||||
.cache
|
||||
.terraform.lock.hcl
|
||||
alpine.answers
|
82
Taskfile.yml
Normal file
82
Taskfile.yml
Normal file
@ -0,0 +1,82 @@
|
||||
---
|
||||
version: '3'
|
||||
|
||||
silent: false
|
||||
|
||||
vars:
|
||||
CONFIG_PATHS: |
|
||||
/zroot/vm/.templates/alpine.conf
|
||||
SERVICES: "haproxy apache24 nginx plexmediaserver"
|
||||
SERVICE_PORTS: 80 443 22 32400
|
||||
command: 'echo $(whoami)@$(hostname -f)'
|
||||
|
||||
dotenv:
|
||||
- .env
|
||||
env:
|
||||
GITLAB_PROJECT_ID: '{{ .stashapp_project_id }}'
|
||||
GITLAB_PROJECT_SLUG: stashapp
|
||||
|
||||
tasks:
|
||||
default:
|
||||
- task: services
|
||||
|
||||
run: ssh -tt "$stashapp_domain" '{{.command}}'
|
||||
run-root: ssh -qtt "$stashapp_domain" 'su -l root -c "{{.command}}"'
|
||||
host-run: ssh -tt "$stashbox_domain" '{{.command}}'
|
||||
host-run-root: ssh -qtt "$stashbox_domain" 'su -l root -c "{{.command}}"'
|
||||
|
||||
exec:
|
||||
- task: run
|
||||
vars:
|
||||
command: "{{.CLI_ARGS}}"
|
||||
exec-root:
|
||||
- task: run-root
|
||||
vars:
|
||||
command: "{{.CLI_ARGS}}"
|
||||
exec-host:
|
||||
- task: host-run
|
||||
vars:
|
||||
command: "{{.CLI_ARGS}}"
|
||||
exec-host-root:
|
||||
- task: host-run-root
|
||||
vars:
|
||||
command: "{{.CLI_ARGS}}"
|
||||
|
||||
services:
|
||||
- task: run
|
||||
vars:
|
||||
command: docker ps
|
||||
host-services:
|
||||
- task: host-run-root
|
||||
vars:
|
||||
command: vm list
|
||||
|
||||
# Terraform
|
||||
plan:
|
||||
- task: tf
|
||||
vars:
|
||||
CLI_ARGS: plan
|
||||
apply:
|
||||
- task: tf
|
||||
vars:
|
||||
CLI_ARGS: apply
|
||||
tf: source .env; terraform init; terraform {{.CLI_ARGS}}
|
||||
|
||||
# Utilities
|
||||
printenv: source .env; printenv
|
||||
path-update: echo scp "{{.local_path}}" "$stashapp_domain:{{.remote_path}}"
|
||||
path-backup: scp "$stashapp_domain:{{.remote_path}}" "./.$(basename {{.remote_path}})-$(date +%s)" || echo "No file found."
|
||||
path-diff:
|
||||
- task: path-backup
|
||||
vars:
|
||||
remote_path: "{{.remote_path}}"
|
||||
- diff "$(ls -c .$(basename {{.remote_path}})-*|head -n1)" "$(basename {{.remote_path}})" || [ "$?" == "1" ]
|
||||
safe-update:
|
||||
- task: path-backup
|
||||
vars:
|
||||
remote_path: "{{.remote_path}}"
|
||||
- echo scp "$(basename {{.remote_path}})" "$stashapp_domain:{{.remote_path}}"
|
||||
- task: path-diff
|
||||
vars:
|
||||
remote_path: "{{.remote_path}}"
|
||||
|
11
alpine-lts.config
Normal file
11
alpine-lts.config
Normal file
@ -0,0 +1,11 @@
|
||||
loader="grub"
|
||||
cpu=2
|
||||
memory=8G
|
||||
network0_type="virtio-net"
|
||||
network0_switch="feed"
|
||||
disk0_type="nvme"
|
||||
disk0_name="disk0.img"
|
||||
grub_install0="linux /boot/vmlinuz-lts initrd=/boot/initramfs-lts alpine_dev=cdrom:iso9660 modules=loop,squashfs,sd-mod,usb-storage,sr-mod"
|
||||
grub_install1="initrd /boot/initramfs-lts"
|
||||
grub_run0="linux /boot/vmlinuz-lts root=/dev/vda3 modules=ext4"
|
||||
grub_run1="initrd /boot/initramfs-lts"
|
14
alpine-setup.sh
Normal file
14
alpine-setup.sh
Normal file
@ -0,0 +1,14 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
cp /etc/apk/repositories /root/repositories.backup
|
||||
sed 's/^#\(.\+v3.19/community\)$/\1/' /etc/apk/repositories > /root/repositories.edited
|
||||
chmod 644 /root/repositories.edited
|
||||
mv /root/repositories.edited /etc/apk/repositories
|
||||
|
||||
apk add --update \
|
||||
git \
|
||||
docker \
|
||||
docker-compose
|
||||
|
||||
service docker start
|
||||
rc-update add docker boot
|
85
dns.tf
85
dns.tf
@ -6,48 +6,77 @@ terraform {
|
||||
}
|
||||
}
|
||||
|
||||
backend "http" {
|
||||
address = "https://asciireactor.com/api/v4/projects/131/terraform/state/library-app"
|
||||
lock_address = "https://asciireactor.com/api/v4/projects/131/terraform/state/library-app/lock"
|
||||
unlock_address = "https://asciireactor.com/api/v4/projects/131/terraform/state/library-app/lock"
|
||||
lock_method = "POST"
|
||||
unlock_method = "DELETE"
|
||||
retry_wait_min = 5
|
||||
}
|
||||
backend "http" {}
|
||||
}
|
||||
|
||||
provider "namecheap" {}
|
||||
|
||||
variable "host-rproxy" {
|
||||
variable "stashbox_ip4_ext" {
|
||||
type = string
|
||||
default = "rprxy.saline.o4data.net."
|
||||
default = "0.0.0.0"
|
||||
}
|
||||
|
||||
resource "namecheap_domain_records" "othonotes" {
|
||||
domain = "othonotes.com"
|
||||
record {
|
||||
hostname = "@"
|
||||
address = var.host-rproxy
|
||||
type = "ALIAS"
|
||||
ttl = 300
|
||||
}
|
||||
record {
|
||||
hostname = "www"
|
||||
address = "othonotes.com."
|
||||
type = "CNAME"
|
||||
}
|
||||
variable "stashbox_domain" {
|
||||
type = string
|
||||
default = "web.stash"
|
||||
}
|
||||
|
||||
resource "namecheap_domain_records" "othostash" {
|
||||
domain = "othostash.com"
|
||||
variable "stashapp_addr" {
|
||||
type = string
|
||||
default = "::2"
|
||||
}
|
||||
|
||||
variable "stashapp_domain" {
|
||||
type = string
|
||||
default = "app.stash"
|
||||
}
|
||||
|
||||
variable "stashapp_notes_domain" {
|
||||
type = string
|
||||
default = "notes.stash"
|
||||
}
|
||||
|
||||
resource "namecheap_domain_records" "stash" {
|
||||
domain = var.stashbox_domain
|
||||
record {
|
||||
hostname = "websites"
|
||||
address = var.host-rproxy
|
||||
hostname = "app"
|
||||
address = var.stashapp_addr
|
||||
type = "AAAA"
|
||||
ttl = 1799
|
||||
}
|
||||
record {
|
||||
hostname = "app"
|
||||
address = var.stashbox_ip4_ext
|
||||
type = "A"
|
||||
ttl = 1799
|
||||
}
|
||||
record {
|
||||
hostname = "clippings"
|
||||
address = var.stashapp_domain
|
||||
type = "CNAME"
|
||||
}
|
||||
record {
|
||||
hostname = "browse"
|
||||
address = var.host-rproxy
|
||||
address = var.stashapp_domain
|
||||
type = "CNAME"
|
||||
}
|
||||
}
|
||||
|
||||
# resource "namecheap_domain_records" "notes" {
|
||||
# domain = var.stashapp_notes_domain
|
||||
# record {
|
||||
# hostname = "www"
|
||||
# address = var.stashapp_addr
|
||||
# type = "AAAA"
|
||||
# }
|
||||
# record {
|
||||
# hostname = "www"
|
||||
# address = var.stashbox_ip4_ext
|
||||
# type = "A"
|
||||
# }
|
||||
# record {
|
||||
# hostname = "@"
|
||||
# type = "CNAME"
|
||||
# address = "www.${var.stashapp_notes_domain}"
|
||||
# }
|
||||
# }
|
||||
|
@ -14,82 +14,8 @@ networks:
|
||||
external: false
|
||||
|
||||
services:
|
||||
trilium:
|
||||
image: zadam/trilium
|
||||
container_name: trilium
|
||||
restart: always
|
||||
environment:
|
||||
- VIRTUAL_PORT=8080
|
||||
- VIRTUAL_HOST=${notebook_domain_list}
|
||||
- LETSENCRYPT_HOST=${notebook_domain_list}
|
||||
- TRILIUM_DATA_DIR=/home/node/data
|
||||
volumes:
|
||||
- ./.data/trilium:/home/node/data
|
||||
networks:
|
||||
- proxy
|
||||
|
||||
filestash:
|
||||
container_name: filestash
|
||||
image: machines/filestash
|
||||
restart: always
|
||||
environment:
|
||||
- VIRTUAL_PORT=8334
|
||||
- VIRTUAL_HOST=${filemanager_domain}
|
||||
- LETSENCRYPT_HOST=${filemanager_domain}
|
||||
- APPLICATION_URL=${filemanager_domain}
|
||||
- ONLYOFFICE_URL=http://onlyoffice
|
||||
volumes:
|
||||
- .data/filestash:/app/data
|
||||
networks:
|
||||
- proxy
|
||||
- onlyoffice
|
||||
|
||||
onlyoffice:
|
||||
container_name: onlyoffice
|
||||
image: onlyoffice/documentserver
|
||||
restart: always
|
||||
networks:
|
||||
- onlyoffice
|
||||
security_opt:
|
||||
- seccomp:unconfined
|
||||
|
||||
|
||||
archivebox:
|
||||
image: ${DOCKER_IMAGE:-archivebox/archivebox:master}
|
||||
container_name: archivebox
|
||||
command: server --quick-init 0.0.0.0:8000
|
||||
environment:
|
||||
- VIRTUAL_PORT=8000
|
||||
- VIRTUAL_HOST=${webarchive_domain_list}
|
||||
- LETSENCRYPT_HOST=${webarchive_domain_list}
|
||||
- MEDIA_MAX_SIZE=750m
|
||||
- SEARCH_BACKEND_ENGINE=sonic
|
||||
- SEARCH_BACKEND_HOST_NAME=sonic
|
||||
- SEARCH_BACKEND_PASSWORD=${pw_sonic}
|
||||
volumes:
|
||||
- ./.data/archivebox:/data
|
||||
networks:
|
||||
- proxy
|
||||
- archivebox
|
||||
|
||||
sonic:
|
||||
image: valeriansaliou/sonic:v1.3.0
|
||||
container_name: sonic
|
||||
expose:
|
||||
- 1491
|
||||
environment:
|
||||
- SEARCH_BACKEND_PASSWORD=${pw_sonic}
|
||||
volumes:
|
||||
- ./sonic.cfg:/etc/sonic.cfg:ro
|
||||
- sonic:/var/lib/sonic/store
|
||||
networks:
|
||||
- archivebox
|
||||
|
||||
####################################3
|
||||
## nginx proxy
|
||||
|
||||
nginx-proxy:
|
||||
image: nginxproxy/nginx-proxy
|
||||
image: ${stashapp_rproxy_image}
|
||||
container_name: nginx-proxy
|
||||
restart: always
|
||||
ports:
|
||||
@ -104,9 +30,8 @@ services:
|
||||
- /var/run/docker.sock:/tmp/docker.sock:ro
|
||||
networks:
|
||||
- proxy
|
||||
|
||||
letsencrypt-companion:
|
||||
image: nginxproxy/acme-companion
|
||||
image: ${stashapp_acme_image}
|
||||
container_name: acme-companion
|
||||
restart: always
|
||||
volumes:
|
||||
@ -119,3 +44,74 @@ services:
|
||||
- proxy
|
||||
depends_on:
|
||||
- nginx-proxy
|
||||
trilium:
|
||||
image: ${stashapp_trilium_image}
|
||||
container_name: trilium
|
||||
restart: always
|
||||
environment:
|
||||
- VIRTUAL_PORT=8080
|
||||
- VIRTUAL_HOST="${notes_domain},www.${notes_domain}"
|
||||
- LETSENCRYPT_HOST="${notes_domain},www.${notes_domain}"
|
||||
- TRILIUM_DATA_DIR=/home/node/data
|
||||
volumes:
|
||||
- ./.data/trilium:/home/node/data
|
||||
networks:
|
||||
- proxy
|
||||
|
||||
filestash:
|
||||
image: ${stashapp_filestash_image}
|
||||
container_name: filestash
|
||||
restart: always
|
||||
environment:
|
||||
- VIRTUAL_PORT=8334
|
||||
- VIRTUAL_HOST=${browse_domain}
|
||||
- LETSENCRYPT_HOST=${browse_domain}
|
||||
- APPLICATION_URL=${browse_domain}
|
||||
- ONLYOFFICE_URL=http://onlyoffice
|
||||
volumes:
|
||||
- .data/filestash:/app/data
|
||||
networks:
|
||||
- proxy
|
||||
- onlyoffice
|
||||
|
||||
onlyoffice:
|
||||
image: ${stashapp_onlyoffice_image}
|
||||
container_name: onlyoffice
|
||||
restart: always
|
||||
networks:
|
||||
- onlyoffice
|
||||
security_opt:
|
||||
- seccomp:unconfined
|
||||
|
||||
|
||||
archivebox:
|
||||
image: ${stashapp_archivebox_image}
|
||||
container_name: archivebox
|
||||
command: server --quick-init 0.0.0.0:8000
|
||||
environment:
|
||||
- VIRTUAL_PORT=8000
|
||||
- VIRTUAL_HOST="${clippings_domain},www.${clippings_domain}"
|
||||
- LETSENCRYPT_HOST="${clippings_domain},www.${clippings_domain}"
|
||||
- MEDIA_MAX_SIZE=750m
|
||||
- SEARCH_BACKEND_ENGINE=sonic
|
||||
- SEARCH_BACKEND_HOST_NAME=sonic
|
||||
- SEARCH_BACKEND_PASSWORD=${stashapp_sonic_pw}
|
||||
volumes:
|
||||
- ./.data/archivebox:/data
|
||||
networks:
|
||||
- proxy
|
||||
- archivebox
|
||||
|
||||
sonic:
|
||||
image: ${stashapp_sonic_image}
|
||||
container_name: sonic
|
||||
expose:
|
||||
- 1491
|
||||
environment:
|
||||
- SEARCH_BACKEND_PASSWORD=${stashapp_sonic_pw}
|
||||
volumes:
|
||||
- ./sonic.cfg:/etc/sonic.cfg:ro
|
||||
- sonic:/var/lib/sonic/store
|
||||
networks:
|
||||
- archivebox
|
||||
|
||||
|
@ -1,10 +0,0 @@
|
||||
## Start of configuration add by letsencrypt container
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
auth_basic off;
|
||||
auth_request off;
|
||||
allow all;
|
||||
root /usr/share/nginx/html;
|
||||
try_files $uri =404;
|
||||
break;
|
||||
}
|
||||
## End of configuration add by letsencrypt container
|
@ -1,11 +0,0 @@
|
||||
## Start of configuration add by letsencrypt container
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
auth_basic off;
|
||||
auth_request off;
|
||||
allow all;
|
||||
root /usr/share/nginx/html;
|
||||
try_files $uri =404;
|
||||
break;
|
||||
}
|
||||
## End of configuration add by letsencrypt container
|
||||
#client_max_body_size 10G
|
@ -1,11 +0,0 @@
|
||||
## Start of configuration add by letsencrypt container
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
auth_basic off;
|
||||
auth_request off;
|
||||
allow all;
|
||||
root /usr/share/nginx/html;
|
||||
try_files $uri =404;
|
||||
break;
|
||||
}
|
||||
## End of configuration add by letsencrypt container
|
||||
#client_max_body_size 10G
|
18
vm-setup.sh
Normal file
18
vm-setup.sh
Normal file
@ -0,0 +1,18 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
## For FreeBSD with vm-bhyve and ZFS.
|
||||
|
||||
zfs create data/vm
|
||||
vm datastore add stashvm zfs:data/vm
|
||||
vm create -d stashvm -t alpine -s 1T -m 8G -c 2 stashapp
|
||||
## Add `vm_list="stashapp"` to rc.conf.
|
||||
|
||||
vm switch create feed
|
||||
vm switch add feed re1
|
||||
## Update network in /data/vm/stashapp/stashapp.conf
|
||||
|
||||
## Change disk type to "nvme" in stashapp.conf
|
||||
|
||||
vm install stashapp /zroot/vm/.iso/alpine-standard-3.19.1-x86_64.iso
|
||||
vm console stashapp
|
||||
|
Loading…
Reference in New Issue
Block a user