mirror of
https://asciireactor.com/otho/stashapp
synced 2024-11-24 12:05:07 +00:00
Compare commits
No commits in common. "29ba3f00716363166035a8d45ac10f13ce92e58a" and "5a5b3f35e34caccae5fbe0d3beccc63664d8f42b" have entirely different histories.
29ba3f0071
...
5a5b3f35e3
65
.env.dist
65
.env.dist
@ -1,65 +0,0 @@
|
||||
resolver="1.1.1.1"
|
||||
|
||||
gitlab_url="https://gitlab.com"
|
||||
gitlab_api_key="xxx"
|
||||
gitlab_user="xxx"
|
||||
|
||||
namecheap_user="xxx"
|
||||
namecheap_api_key="xxx"
|
||||
namecheap_sandbox_mode="false"
|
||||
|
||||
stashbox_project_id=1
|
||||
stashbox_domain="web.stashbox"
|
||||
stashbox_plex_domain="plex.stashbox"
|
||||
|
||||
stashbox_web_ip="fe80::dad:db"
|
||||
stashbox_rpx_ip="fe80::dad:feed"
|
||||
stashbox_ip4_ext="0.0.0.0"
|
||||
stashbox_ip4_int="127.0.0.1"
|
||||
|
||||
stashbox_stash_root="/data"
|
||||
stashbox_webdoc_root="/data/documents/web/stashbox"
|
||||
stashbox_webtheme_root="/data/documents/web/stashbox/theme"
|
||||
|
||||
stashapp_project_id=2
|
||||
|
||||
stashapp_domain="app.stashbox"
|
||||
stashapp_notes_domain="notes.stashbox"
|
||||
stashapp_filestash_domain="browse.stashbox"
|
||||
stashapp_archivebox_domain="clippings.stashbox"
|
||||
|
||||
stashapp_ip="fe80::dad:beef"
|
||||
stashapp_ip4_ext="$stashbox_ip4_ext"
|
||||
stashapp_ip4_int="$stashbox_ip4_int"
|
||||
|
||||
stashapp_sonic_pw="xxx"
|
||||
stashapp_trilium_image="zadam/trilium"
|
||||
stashapp_archivebox_image="archivebox/archivebox:master"
|
||||
stashapp_filestash_image="machines/filestash"
|
||||
stashapp_onlyoffice_image="onlyoffice/documentserver"
|
||||
stashapp_sonic_image="valeriansaliou/sonic:v1.3.0"
|
||||
stashapp_proxy_image="nginxproxy/nginx-proxy"
|
||||
stashapp_acme_image="nginxproxy/acme-companion"
|
||||
|
||||
export NAMECHEAP_USER_NAME="$namecheap_user"
|
||||
export NAMECHEAP_API_USER="$namecheap_user"
|
||||
export NAMECHEAP_API_KEY="$namecheap_api_key"
|
||||
export NAMECHEAP_USE_SANDBOX="$namecheap_sandbox_mode"
|
||||
|
||||
export TF_HTTP_USERNAME="$gitlab_user"
|
||||
export TF_HTTP_PASSWORD="$gitlab_api_key"
|
||||
export TF_HTTP_ADDRESS="$gitlab_url/api/v4/projects/$GITLAB_PROJECT_ID/terraform/state/$GITLAB_PROJECT_SLUG"
|
||||
export TF_HTTP_LOCK_ADDRESS="$gitlab_url/api/v4/projects/$GITLAB_PROJECT_ID/terraform/state/$GITLAB_PROJECT_SLUG/lock"
|
||||
export TF_HTTP_UNLOCK_ADDRESS="$gitlab_url/api/v4/projects/$GITLAB_PROJECT_ID/terraform/state/$GITLAB_PROJECT_SLUG/lock"
|
||||
export TF_HTTP_LOCK_METHOD="POST"
|
||||
export TF_HTTP_UNLOCK_METHOD="DELETE"
|
||||
export TF_HTTP_RETRY_WAIT_MIN="5"
|
||||
|
||||
export TF_VAR_stashbox_domain="$stashbox_domain"
|
||||
export TF_VAR_stashbox_web_addr="$stashbox_web_ip"
|
||||
export TF_VAR_stashbox_feed_addr="$stashbox_rpx_ip"
|
||||
export TF_VAR_stashapp_addr="$stashapp_ip"
|
||||
export TF_VAR_stashbox_ip4_ext="$stashapp_ip4_ext"
|
||||
|
||||
export TF_VAR_stashapp_domain="$stashapp_domain"
|
||||
export TF_VAR_stashapp_notes_domain="$stashapp_notes_domain"
|
1
.gitignore
vendored
1
.gitignore
vendored
@ -4,4 +4,3 @@ vhost.d
|
||||
.env
|
||||
.cache
|
||||
.terraform.lock.hcl
|
||||
alpine.answers
|
82
Taskfile.yml
82
Taskfile.yml
@ -1,82 +0,0 @@
|
||||
---
|
||||
version: '3'
|
||||
|
||||
silent: false
|
||||
|
||||
vars:
|
||||
CONFIG_PATHS: |
|
||||
/zroot/vm/.templates/alpine.conf
|
||||
SERVICES: "haproxy apache24 nginx plexmediaserver"
|
||||
SERVICE_PORTS: 80 443 22 32400
|
||||
command: 'echo $(whoami)@$(hostname -f)'
|
||||
|
||||
dotenv:
|
||||
- .env
|
||||
env:
|
||||
GITLAB_PROJECT_ID: '{{ .stashapp_project_id }}'
|
||||
GITLAB_PROJECT_SLUG: stashapp
|
||||
|
||||
tasks:
|
||||
default:
|
||||
- task: services
|
||||
|
||||
run: ssh -tt "$stashapp_domain" '{{.command}}'
|
||||
run-root: ssh -qtt "$stashapp_domain" 'su -l root -c "{{.command}}"'
|
||||
host-run: ssh -tt "$stashbox_domain" '{{.command}}'
|
||||
host-run-root: ssh -qtt "$stashbox_domain" 'su -l root -c "{{.command}}"'
|
||||
|
||||
exec:
|
||||
- task: run
|
||||
vars:
|
||||
command: "{{.CLI_ARGS}}"
|
||||
exec-root:
|
||||
- task: run-root
|
||||
vars:
|
||||
command: "{{.CLI_ARGS}}"
|
||||
exec-host:
|
||||
- task: host-run
|
||||
vars:
|
||||
command: "{{.CLI_ARGS}}"
|
||||
exec-host-root:
|
||||
- task: host-run-root
|
||||
vars:
|
||||
command: "{{.CLI_ARGS}}"
|
||||
|
||||
services:
|
||||
- task: run
|
||||
vars:
|
||||
command: docker ps
|
||||
host-services:
|
||||
- task: host-run-root
|
||||
vars:
|
||||
command: vm list
|
||||
|
||||
# Terraform
|
||||
plan:
|
||||
- task: tf
|
||||
vars:
|
||||
CLI_ARGS: plan
|
||||
apply:
|
||||
- task: tf
|
||||
vars:
|
||||
CLI_ARGS: apply
|
||||
tf: source .env; terraform init; terraform {{.CLI_ARGS}}
|
||||
|
||||
# Utilities
|
||||
printenv: source .env; printenv
|
||||
path-update: echo scp "{{.local_path}}" "$stashapp_domain:{{.remote_path}}"
|
||||
path-backup: scp "$stashapp_domain:{{.remote_path}}" "./.$(basename {{.remote_path}})-$(date +%s)" || echo "No file found."
|
||||
path-diff:
|
||||
- task: path-backup
|
||||
vars:
|
||||
remote_path: "{{.remote_path}}"
|
||||
- diff "$(ls -c .$(basename {{.remote_path}})-*|head -n1)" "$(basename {{.remote_path}})" || [ "$?" == "1" ]
|
||||
safe-update:
|
||||
- task: path-backup
|
||||
vars:
|
||||
remote_path: "{{.remote_path}}"
|
||||
- echo scp "$(basename {{.remote_path}})" "$stashapp_domain:{{.remote_path}}"
|
||||
- task: path-diff
|
||||
vars:
|
||||
remote_path: "{{.remote_path}}"
|
||||
|
@ -1,11 +0,0 @@
|
||||
loader="grub"
|
||||
cpu=2
|
||||
memory=8G
|
||||
network0_type="virtio-net"
|
||||
network0_switch="feed"
|
||||
disk0_type="nvme"
|
||||
disk0_name="disk0.img"
|
||||
grub_install0="linux /boot/vmlinuz-lts initrd=/boot/initramfs-lts alpine_dev=cdrom:iso9660 modules=loop,squashfs,sd-mod,usb-storage,sr-mod"
|
||||
grub_install1="initrd /boot/initramfs-lts"
|
||||
grub_run0="linux /boot/vmlinuz-lts root=/dev/vda3 modules=ext4"
|
||||
grub_run1="initrd /boot/initramfs-lts"
|
@ -1,14 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
cp /etc/apk/repositories /root/repositories.backup
|
||||
sed 's/^#\(.\+v3.19/community\)$/\1/' /etc/apk/repositories > /root/repositories.edited
|
||||
chmod 644 /root/repositories.edited
|
||||
mv /root/repositories.edited /etc/apk/repositories
|
||||
|
||||
apk add --update \
|
||||
git \
|
||||
docker \
|
||||
docker-compose
|
||||
|
||||
service docker start
|
||||
rc-update add docker boot
|
81
dns.tf
81
dns.tf
@ -6,77 +6,48 @@ terraform {
|
||||
}
|
||||
}
|
||||
|
||||
backend "http" {}
|
||||
backend "http" {
|
||||
address = "https://asciireactor.com/api/v4/projects/131/terraform/state/library-app"
|
||||
lock_address = "https://asciireactor.com/api/v4/projects/131/terraform/state/library-app/lock"
|
||||
unlock_address = "https://asciireactor.com/api/v4/projects/131/terraform/state/library-app/lock"
|
||||
lock_method = "POST"
|
||||
unlock_method = "DELETE"
|
||||
retry_wait_min = 5
|
||||
}
|
||||
}
|
||||
|
||||
provider "namecheap" {}
|
||||
|
||||
variable "stashbox_ip4_ext" {
|
||||
variable "host-rproxy" {
|
||||
type = string
|
||||
default = "0.0.0.0"
|
||||
default = "rprxy.saline.o4data.net."
|
||||
}
|
||||
|
||||
variable "stashbox_domain" {
|
||||
type = string
|
||||
default = "web.stash"
|
||||
}
|
||||
|
||||
variable "stashapp_addr" {
|
||||
type = string
|
||||
default = "::2"
|
||||
}
|
||||
|
||||
variable "stashapp_domain" {
|
||||
type = string
|
||||
default = "app.stash"
|
||||
}
|
||||
|
||||
variable "stashapp_notes_domain" {
|
||||
type = string
|
||||
default = "notes.stash"
|
||||
}
|
||||
|
||||
resource "namecheap_domain_records" "stash" {
|
||||
domain = var.stashbox_domain
|
||||
resource "namecheap_domain_records" "othonotes" {
|
||||
domain = "othonotes.com"
|
||||
record {
|
||||
hostname = "app"
|
||||
address = var.stashapp_addr
|
||||
type = "AAAA"
|
||||
ttl = 1799
|
||||
hostname = "@"
|
||||
address = var.host-rproxy
|
||||
type = "ALIAS"
|
||||
ttl = 300
|
||||
}
|
||||
record {
|
||||
hostname = "app"
|
||||
address = var.stashbox_ip4_ext
|
||||
type = "A"
|
||||
ttl = 1799
|
||||
hostname = "www"
|
||||
address = "othonotes.com."
|
||||
type = "CNAME"
|
||||
}
|
||||
}
|
||||
|
||||
resource "namecheap_domain_records" "othostash" {
|
||||
domain = "othostash.com"
|
||||
record {
|
||||
hostname = "clippings"
|
||||
address = var.stashapp_domain
|
||||
hostname = "websites"
|
||||
address = var.host-rproxy
|
||||
type = "CNAME"
|
||||
}
|
||||
record {
|
||||
hostname = "browse"
|
||||
address = var.stashapp_domain
|
||||
address = var.host-rproxy
|
||||
type = "CNAME"
|
||||
}
|
||||
}
|
||||
|
||||
# resource "namecheap_domain_records" "notes" {
|
||||
# domain = var.stashapp_notes_domain
|
||||
# record {
|
||||
# hostname = "www"
|
||||
# address = var.stashapp_addr
|
||||
# type = "AAAA"
|
||||
# }
|
||||
# record {
|
||||
# hostname = "www"
|
||||
# address = var.stashbox_ip4_ext
|
||||
# type = "A"
|
||||
# }
|
||||
# record {
|
||||
# hostname = "@"
|
||||
# type = "CNAME"
|
||||
# address = "www.${var.stashapp_notes_domain}"
|
||||
# }
|
||||
# }
|
||||
|
@ -14,8 +14,82 @@ networks:
|
||||
external: false
|
||||
|
||||
services:
|
||||
trilium:
|
||||
image: zadam/trilium
|
||||
container_name: trilium
|
||||
restart: always
|
||||
environment:
|
||||
- VIRTUAL_PORT=8080
|
||||
- VIRTUAL_HOST=${notebook_domain_list}
|
||||
- LETSENCRYPT_HOST=${notebook_domain_list}
|
||||
- TRILIUM_DATA_DIR=/home/node/data
|
||||
volumes:
|
||||
- ./.data/trilium:/home/node/data
|
||||
networks:
|
||||
- proxy
|
||||
|
||||
filestash:
|
||||
container_name: filestash
|
||||
image: machines/filestash
|
||||
restart: always
|
||||
environment:
|
||||
- VIRTUAL_PORT=8334
|
||||
- VIRTUAL_HOST=${filemanager_domain}
|
||||
- LETSENCRYPT_HOST=${filemanager_domain}
|
||||
- APPLICATION_URL=${filemanager_domain}
|
||||
- ONLYOFFICE_URL=http://onlyoffice
|
||||
volumes:
|
||||
- .data/filestash:/app/data
|
||||
networks:
|
||||
- proxy
|
||||
- onlyoffice
|
||||
|
||||
onlyoffice:
|
||||
container_name: onlyoffice
|
||||
image: onlyoffice/documentserver
|
||||
restart: always
|
||||
networks:
|
||||
- onlyoffice
|
||||
security_opt:
|
||||
- seccomp:unconfined
|
||||
|
||||
|
||||
archivebox:
|
||||
image: ${DOCKER_IMAGE:-archivebox/archivebox:master}
|
||||
container_name: archivebox
|
||||
command: server --quick-init 0.0.0.0:8000
|
||||
environment:
|
||||
- VIRTUAL_PORT=8000
|
||||
- VIRTUAL_HOST=${webarchive_domain_list}
|
||||
- LETSENCRYPT_HOST=${webarchive_domain_list}
|
||||
- MEDIA_MAX_SIZE=750m
|
||||
- SEARCH_BACKEND_ENGINE=sonic
|
||||
- SEARCH_BACKEND_HOST_NAME=sonic
|
||||
- SEARCH_BACKEND_PASSWORD=${pw_sonic}
|
||||
volumes:
|
||||
- ./.data/archivebox:/data
|
||||
networks:
|
||||
- proxy
|
||||
- archivebox
|
||||
|
||||
sonic:
|
||||
image: valeriansaliou/sonic:v1.3.0
|
||||
container_name: sonic
|
||||
expose:
|
||||
- 1491
|
||||
environment:
|
||||
- SEARCH_BACKEND_PASSWORD=${pw_sonic}
|
||||
volumes:
|
||||
- ./sonic.cfg:/etc/sonic.cfg:ro
|
||||
- sonic:/var/lib/sonic/store
|
||||
networks:
|
||||
- archivebox
|
||||
|
||||
####################################3
|
||||
## nginx proxy
|
||||
|
||||
nginx-proxy:
|
||||
image: ${stashapp_proxy_image}
|
||||
image: nginxproxy/nginx-proxy
|
||||
container_name: nginx-proxy
|
||||
restart: always
|
||||
ports:
|
||||
@ -30,8 +104,9 @@ services:
|
||||
- /var/run/docker.sock:/tmp/docker.sock:ro
|
||||
networks:
|
||||
- proxy
|
||||
|
||||
letsencrypt-companion:
|
||||
image: ${stashapp_acme_image}
|
||||
image: nginxproxy/acme-companion
|
||||
container_name: acme-companion
|
||||
restart: always
|
||||
volumes:
|
||||
@ -44,74 +119,3 @@ services:
|
||||
- proxy
|
||||
depends_on:
|
||||
- nginx-proxy
|
||||
trilium:
|
||||
image: ${stashapp_trilium_image}
|
||||
container_name: trilium
|
||||
restart: always
|
||||
environment:
|
||||
- VIRTUAL_PORT=8080
|
||||
- VIRTUAL_HOST=${stashapp_notes_domain},www.${stashapp_notes_domain}
|
||||
- LETSENCRYPT_HOST=${stashapp_notes_domain},www.${stashapp_notes_domain}
|
||||
- TRILIUM_DATA_DIR=/home/node/data
|
||||
volumes:
|
||||
- ./.data/trilium:/home/node/data
|
||||
networks:
|
||||
- proxy
|
||||
|
||||
filestash:
|
||||
image: ${stashapp_filestash_image}
|
||||
container_name: filestash
|
||||
restart: always
|
||||
environment:
|
||||
- VIRTUAL_PORT=8334
|
||||
- VIRTUAL_HOST=${stashapp_filestash_domain}
|
||||
- LETSENCRYPT_HOST=${stashapp_filestash_domain}
|
||||
- APPLICATION_URL=${stashapp_filestash_domain}
|
||||
- ONLYOFFICE_URL=http://onlyoffice
|
||||
volumes:
|
||||
- .data/filestash:/app/data
|
||||
networks:
|
||||
- proxy
|
||||
- onlyoffice
|
||||
|
||||
onlyoffice:
|
||||
image: ${stashapp_onlyoffice_image}
|
||||
container_name: onlyoffice
|
||||
restart: always
|
||||
networks:
|
||||
- onlyoffice
|
||||
security_opt:
|
||||
- seccomp:unconfined
|
||||
|
||||
|
||||
archivebox:
|
||||
image: ${stashapp_archivebox_image}
|
||||
container_name: archivebox
|
||||
command: server --quick-init 0.0.0.0:8000
|
||||
environment:
|
||||
- VIRTUAL_PORT=8000
|
||||
- VIRTUAL_HOST=${stashapp_archivebox_domain}
|
||||
- LETSENCRYPT_HOST=${stashapp_archivebox_domain}
|
||||
- MEDIA_MAX_SIZE=750m
|
||||
- SEARCH_BACKEND_ENGINE=sonic
|
||||
- SEARCH_BACKEND_HOST_NAME=sonic
|
||||
- SEARCH_BACKEND_PASSWORD=${stashapp_sonic_pw}
|
||||
volumes:
|
||||
- ./.data/archivebox:/data
|
||||
networks:
|
||||
- proxy
|
||||
- archivebox
|
||||
|
||||
sonic:
|
||||
image: ${stashapp_sonic_image}
|
||||
container_name: sonic
|
||||
expose:
|
||||
- 1491
|
||||
environment:
|
||||
- SEARCH_BACKEND_PASSWORD=${stashapp_sonic_pw}
|
||||
volumes:
|
||||
- ./sonic.cfg:/etc/sonic.cfg:ro
|
||||
- sonic:/var/lib/sonic/store
|
||||
networks:
|
||||
- archivebox
|
||||
|
10
vhost.d/default
Normal file
10
vhost.d/default
Normal file
@ -0,0 +1,10 @@
|
||||
## Start of configuration add by letsencrypt container
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
auth_basic off;
|
||||
auth_request off;
|
||||
allow all;
|
||||
root /usr/share/nginx/html;
|
||||
try_files $uri =404;
|
||||
break;
|
||||
}
|
||||
## End of configuration add by letsencrypt container
|
11
vhost.d/othonotes.com
Normal file
11
vhost.d/othonotes.com
Normal file
@ -0,0 +1,11 @@
|
||||
## Start of configuration add by letsencrypt container
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
auth_basic off;
|
||||
auth_request off;
|
||||
allow all;
|
||||
root /usr/share/nginx/html;
|
||||
try_files $uri =404;
|
||||
break;
|
||||
}
|
||||
## End of configuration add by letsencrypt container
|
||||
#client_max_body_size 10G
|
11
vhost.d/www.othonotes.com
Normal file
11
vhost.d/www.othonotes.com
Normal file
@ -0,0 +1,11 @@
|
||||
## Start of configuration add by letsencrypt container
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
auth_basic off;
|
||||
auth_request off;
|
||||
allow all;
|
||||
root /usr/share/nginx/html;
|
||||
try_files $uri =404;
|
||||
break;
|
||||
}
|
||||
## End of configuration add by letsencrypt container
|
||||
#client_max_body_size 10G
|
18
vm-setup.sh
18
vm-setup.sh
@ -1,18 +0,0 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
## For FreeBSD with vm-bhyve and ZFS.
|
||||
|
||||
zfs create data/vm
|
||||
vm datastore add stashvm zfs:data/vm
|
||||
vm create -d stashvm -t alpine -s 1T -m 8G -c 2 stashapp
|
||||
## Add `vm_list="stashapp"` to rc.conf.
|
||||
|
||||
vm switch create feed
|
||||
vm switch add feed re1
|
||||
## Update network in /data/vm/stashapp/stashapp.conf
|
||||
|
||||
## Change disk type to "nvme" in stashapp.conf
|
||||
|
||||
vm install stashapp /zroot/vm/.iso/alpine-standard-3.19.1-x86_64.iso
|
||||
vm console stashapp
|
||||
|
Loading…
Reference in New Issue
Block a user