From 4e4bb96bbb3a880992c64cfb35fe12f518dbbd7f Mon Sep 17 00:00:00 2001 From: Paul Walko Date: Mon, 12 Feb 2024 09:56:56 -0500 Subject: [PATCH] fix watchtower, clean up stuff --- lech/docker/caddy.sh | 12 +++--- lech/docker/firefly.sh | 62 ------------------------------ lech/docker/mapproxy.yaml | 50 ++++++++++++------------ lech/docker/minio.sh | 38 ------------------ lech/docker/picoshare.sh | 23 +++++++++++ lech/docker/qgis-server.sh | 30 +++++++++++++++ lech/docker/qgis-server/Dockerfile | 50 ++++++++++++++++++++++++ lech/docker/qgis-server/cmd.sh | 5 +++ lech/docker/watchtower.sh | 1 + 9 files changed, 142 insertions(+), 129 deletions(-) delete mode 100755 lech/docker/firefly.sh delete mode 100755 lech/docker/minio.sh create mode 100755 lech/docker/picoshare.sh create mode 100755 lech/docker/qgis-server.sh create mode 100644 lech/docker/qgis-server/Dockerfile create mode 100644 lech/docker/qgis-server/cmd.sh diff --git a/lech/docker/caddy.sh b/lech/docker/caddy.sh index 118825b..e215a8a 100755 --- a/lech/docker/caddy.sh +++ b/lech/docker/caddy.sh @@ -14,12 +14,14 @@ up () { --restart unless-stopped \ --label com.centurylinklabs.watchtower.enable=false \ --privileged \ - --volume /mammoth/archive/vpicc/public:/www/files/bigcavemaps.com/vpicc:ro \ - --volume /mammoth/archive/websites/wacz:/www/files/bigcavemaps.com/websites:ro \ - --volume /mammoth/files/seaturtle.pw:/www/files/seaturtle.pw:ro \ - --volume /mammoth/gis/bigcavemaps.com:/www/gis/bigcavemaps.com:ro \ - --volume /mammoth/gis/source:/gis/source:ro \ + --volume /mammoth/archive:/www/bigcavemaps.com/files/paul/archive:ro \ + --volume /mammoth/archive/cavepedia/cavepedia-data/00_files:/www/bigcavemaps.com/files/cavepedia-data/00_files:ro \ + --volume /mammoth/archive/vpicc/public:/www/bigcavemaps.com/files/vpicc:ro \ + --volume /mammoth/archive/websites/wacz:/www/bigcavemaps.com/files/websites:ro \ + --volume /mammoth/gis/bigcavemaps.com:/www/bigcavemaps.com/index:ro \ + --volume /mammoth/gis/source/public:/www/bigcavemaps.com/files/gis/source/public:ro \ --volume /mammoth/replayweb.page:/www/files/bigcavemaps.com/replayweb.page:ro \ + --volume /mammoth/files/seaturtle.pw:/www/seaturtle.pw/files:ro \ --volume $HOME/scripts-private/lech/Caddyfile:/etc/caddy/Caddyfile:ro \ --volume /mammoth/caddy/data:/data:rw \ --publish 80:80 \ diff --git a/lech/docker/firefly.sh b/lech/docker/firefly.sh deleted file mode 100755 index 2430175..0000000 --- a/lech/docker/firefly.sh +++ /dev/null @@ -1,62 +0,0 @@ -#!/bin/bash - -set -e - -# Don't forget cron! -# https://docs.firefly-iii.org/firefly-iii/advanced-installation/cron/ - -up () { - # Exposed on port 8080 in pew-net - # env options: https://raw.githubusercontent.com/firefly-iii/firefly-iii/main/.env.example - # Create firefly.env with APP_KEY - docker run \ - --detach \ - --name firefly \ - --restart unless-stopped \ - --env-file firefly.env \ - --env SITE_OWNER=paul@bigcavemaps.com \ - --env TZ=US/Eastern \ - --env TRUSTED_PROXIES=** \ - --env DB_CONNECTION=mysql \ - --env DB_HOST=firefly-mariadb \ - --env DB_PORT=3306 \ - --env DB_DATABASE=firefly \ - --env DB_USERNAME=firefly \ - --env DB_PASSWORD=firefly \ - --env APP_URL=https://ff.seaturtle.pw \ - --volume /mammoth/firefly/data:/var/www/html/storage/upload:rw \ - --network pew-net \ - docker.io/fireflyiii/core:latest - - # Exposed on port 3306 in pew-net - docker run \ - --detach \ - --name firefly-mariadb \ - --restart unless-stopped \ - --label com.centurylinklabs.watchtower.enable=false \ - --env MYSQL_RANDOM_ROOT_PASSWORD=notnullvalue \ - --env MYSQL_PASSWORD=firefly \ - --env MYSQL_DATABASE=firefly \ - --env MYSQL_USER=firefly \ - --volume /mammoth/firefly/mariadb:/var/lib/mysql:rw \ - --network pew-net \ - docker.io/mariadb:10.5.6 -} - -down () { - docker stop firefly || true - docker rm firefly || true - docker stop firefly-mariadb || true - docker rm firefly-mariadb || true -} - -logs () { - docker logs --follow firefly -} - -logsm () { - docker logs --follow firefly-mariadb -} - - -$@ diff --git a/lech/docker/mapproxy.yaml b/lech/docker/mapproxy.yaml index 139dc3e..44805e3 100644 --- a/lech/docker/mapproxy.yaml +++ b/lech/docker/mapproxy.yaml @@ -29,38 +29,50 @@ services: '/{Layer}/{TileMatrixSet}/{TileMatrix}/{TileCol}/{TileRow}.png' layers: - - name: blacksburg_lidar - title: Blacksburg Lidar - sources: [blacksburg_lidar_cache] + - name: cogtest + title: COG Testing Layer + sources: [cogtest_cache] + - name: cogtest-color + title: COG Color Testing Layer + sources: [cogtestcolor_cache] - name: osm title: OSM sources: [osm_cache] - name: osmTopo title: OSM Topo sources: [osmTopo_cache] - - name: VAPublicSinkholes - title: VA Public Sinkholes - sources: [va_public_sinkholes] caches: - blacksburg_lidar_cache: + cogtest_cache: grids: [GLOBAL_WEBMERCATOR] - sources: [blacksburg_lidar] + sources: [cogtest] + cogtestcolor_cache: + grids: [GLOBAL_WEBMERCATOR] + sources: [cogtestcolor] osm_cache: grids: [GLOBAL_WEBMERCATOR] sources: [osm_tiles] osmTopo_cache: grids: [GLOBAL_WEBMERCATOR] sources: [osmTopo_tiles] - va_public_sinkholes: - grids: [GLOBAL_WEBMERCATOR] - sources: [va_public_sinkholes] sources: - blacksburg_lidar: - type: tile + cogtestcolor: + coverage: + bbox: [-9588062.0710,4451079.4345,-9565234.9894,4474013.5009] + srs: 'EPSG:3857' grid: GLOBAL_WEBMERCATOR - url: https://tile.bigcavemaps.com/geoserver/gwc/service/wmts/rest/bburg:lidar/line/WebMercatorQuad/%(z)s/%(x)s/%(y)s?format=image/png + transparent: true + type: tile + url: https://qgis.bigcavemaps.com/?SERVICE=WMTS&REQUEST=GetTile&VERSION=1.0.0&LAYER=MACA-test-terrain-simple&STYLE=default&FORMAT=image%%2Fjpeg&TILEMATRIXSET=EPSG%%3A3857&TILEMATRIX=%(z)s&TILEROW=%(y)s&TILECOL=%(x)s + cogtest: + coverage: + bbox: [-9588062.0710,4451079.4345,-9565234.9894,4474013.5009] + srs: 'EPSG:3857' + grid: GLOBAL_WEBMERCATOR + transparent: true + type: tile + url: https://qgis.bigcavemaps.com/?SERVICE=WMTS&REQUEST=GetTile&VERSION=1.0.0&LAYER=MACA_Phase2_WGS84_joe_terrain.cog&STYLE=default&FORMAT=image%%2Fjpeg&TILEMATRIXSET=EPSG%%3A3857&TILEMATRIX=%(z)s&TILEROW=%(y)s&TILECOL=%(x)s osm_tiles: type: tile grid: GLOBAL_WEBMERCATOR @@ -69,15 +81,5 @@ sources: type: tile grid: GLOBAL_WEBMERCATOR url: https://b.tile.opentopomap.org/%(z)s/%(x)s/%(y)s.png - va_public_sinkholes: - type: arcgis - req: - layers: VA Sinkholes - transparent: true - url: https://vanhde.org/arcgis/rest/services/VA_Public/pred_Sinkholes/MapServer - on_error: - 500: - response: transparent - cache: True globals: diff --git a/lech/docker/minio.sh b/lech/docker/minio.sh deleted file mode 100755 index 274cc90..0000000 --- a/lech/docker/minio.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash - -set -e - -CERTS=/mammoth/caddy/data/caddy/certificates/acme.zerossl.com-v2-dv90 - -up () { - echo -n "Enter MINIO_ROOT_PASSWORD: " - read MINIO_ROOT_PASSWORD - - docker run \ - --detach \ - --name minio \ - --restart unless-stopped \ - --env MINIO_BROWSER_REDIRECT_URL=https://s3.console.bigcavemaps.com \ - --env MINIO_ROOT_USER=admin \ - --env MINIO_ROOT_PASSWORD=$MINIO_ROOT_PASSWORD \ - --env MINIO_SERVER_URL=https://s3.bigcavemaps.com \ - --volume /mammoth/minio:/data:rw \ - --volume $CERTS/s3.bigcavemaps.com/s3.bigcavemaps.com.crt:/certs/public.crt:ro \ - --volume $CERTS/s3.bigcavemaps.com/s3.bigcavemaps.com.key:/certs/private.key:ro \ - --volume $CERTS/s3.console.bigcavemaps.com/s3.console.bigcavemaps.com.crt:/certs/console/public.crt:ro \ - --volume $CERTS/s3.console.bigcavemaps.com/s3.console.bigcavemaps.com.key:/certs/console/private.key:ro \ - --publish 9000:9000 \ - --publish 9090:9090 \ - quay.io/minio/minio:latest server /data --console-address ":9090" --certs-dir /certs -} - -down () { - docker stop minio || true - docker rm minio || true -} - -logs () { - docker logs --follow minio -} - -$@ diff --git a/lech/docker/picoshare.sh b/lech/docker/picoshare.sh new file mode 100755 index 0000000..d86a365 --- /dev/null +++ b/lech/docker/picoshare.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +set -e + +up () { + # Exposed on port 4001 in pew-net + docker run \ + --detach \ + --name picoshare \ + --env PS_BEHIND_PROXY=true \ + --env-file picoshare.env \ + --restart unless-stopped \ + --volume /mammoth/picoshare/data:/data:rw \ + --network pew-net \ + mtlynch/picoshare:latest -db /data/store.db +} + +down () { + docker stop picoshare || true + docker rm picoshare || true +} + +$@ diff --git a/lech/docker/qgis-server.sh b/lech/docker/qgis-server.sh new file mode 100755 index 0000000..5cc7589 --- /dev/null +++ b/lech/docker/qgis-server.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +set -e + +up () { + pushd qgis-server &>/dev/null + docker build -t qgis-server:dev . + popd &>/dev/null + + # Exposed on port 5555 in pew-net + docker run \ + --detach \ + --name qgis-server \ + --restart unless-stopped \ + --label com.centurylinklabs.watchtower.enable=false \ + --env DEBUG=1 \ + --env LANG=en_EN.UTF-8 \ + --env QGIS_PROJECT_FILE=/data/cogtest/cogtest.qgz \ + --env QGIS_SERVER_LOG_LEVEL=0 \ + --volume /mammoth/gis/qgis-server/data:/data:ro \ + --network pew-net \ + qgis-server:dev +} + +down () { + docker stop qgis-server || true + docker rm qgis-server || true +} + +$@ diff --git a/lech/docker/qgis-server/Dockerfile b/lech/docker/qgis-server/Dockerfile new file mode 100644 index 0000000..cc5d318 --- /dev/null +++ b/lech/docker/qgis-server/Dockerfile @@ -0,0 +1,50 @@ +FROM debian:bullseye-slim + +ENV LANG=en_EN.UTF-8 + + +RUN apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests --allow-unauthenticated -y \ + gnupg \ + ca-certificates \ + wget \ + locales \ + && localedef -i en_US -f UTF-8 en_US.UTF-8 \ + # Add the current key for package downloading + # Please refer to QGIS install documentation (https://www.qgis.org/fr/site/forusers/alldownloads.html#debian-ubuntu) + && mkdir -m755 -p /etc/apt/keyrings \ + && wget -O /etc/apt/keyrings/qgis-archive-keyring.gpg https://download.qgis.org/downloads/qgis-archive-keyring.gpg \ + # Add repository for latest version of qgis-server + # Please refer to QGIS repositories documentation if you want other version (https://qgis.org/en/site/forusers/alldownloads.html#repositories) + && echo "deb [signed-by=/etc/apt/keyrings/qgis-archive-keyring.gpg] https://qgis.org/debian bullseye main" | tee /etc/apt/sources.list.d/qgis.list \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests --allow-unauthenticated -y \ + qgis-server \ + spawn-fcgi \ + xauth \ + xvfb \ + && apt-get remove --purge -y \ + gnupg \ + wget \ + && rm -rf /var/lib/apt/lists/* + +RUN useradd -m qgis + +ENV TINI_VERSION v0.19.0 +ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini +RUN chmod +x /tini + +ENV QGIS_PREFIX_PATH /usr +ENV QGIS_SERVER_LOG_STDERR 1 +ENV QGIS_SERVER_LOG_LEVEL 2 + +COPY cmd.sh /home/qgis/cmd.sh +RUN chmod -R 777 /home/qgis/cmd.sh +RUN chown qgis:qgis /home/qgis/cmd.sh + +USER qgis +WORKDIR /home/qgis + +ENTRYPOINT ["/tini", "--"] + +CMD ["/home/qgis/cmd.sh"] diff --git a/lech/docker/qgis-server/cmd.sh b/lech/docker/qgis-server/cmd.sh new file mode 100644 index 0000000..7ceee99 --- /dev/null +++ b/lech/docker/qgis-server/cmd.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +[[ $DEBUG == "1" ]] && env + +exec /usr/bin/xvfb-run --auto-servernum --server-num=1 /usr/bin/spawn-fcgi -p 5555 -n -d /home/qgis -- /usr/lib/cgi-bin/qgis_mapserv.fcgi diff --git a/lech/docker/watchtower.sh b/lech/docker/watchtower.sh index da118ca..2e21c38 100755 --- a/lech/docker/watchtower.sh +++ b/lech/docker/watchtower.sh @@ -7,6 +7,7 @@ up () { docker run \ --detach \ --name watchtower \ + --restart unless-stopped \ --volume /var/run/docker.sock:/var/run/docker.sock:rw \ ghcr.io/containrrr/watchtower:amd64-1.7.1 --interval 1800 }