feat: lech

master
Paul Walko 2023-09-05 11:40:31 -04:00
parent 25a83b9076
commit 5cacb65ad0
12 changed files with 446 additions and 0 deletions

2
lech/docker/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
CaverEveryHour/
*.env

View File

@ -0,0 +1,8 @@
FROM caddy:2.7.4-builder AS builder
RUN xcaddy build \
--with github.com/caddyserver/replace-response
FROM caddy:2.7.4
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

37
lech/docker/caddy.sh Executable file
View File

@ -0,0 +1,37 @@
#!/bin/bash
set -e
up () {
docker network create pew-net || true
# main caddy container
docker build -t customcaddy:latest -f Dockerfile.caddy .
docker run \
--detach \
--name caddy \
--restart unless-stopped \
--privileged \
--volume /mammoth/files:/www/seaturtle.pw_files:ro \
--volume /mammoth/gis/bigcavemaps.com:/www/bigcavemaps.com:ro \
--volume /mammoth/gis/source:/gis/source:ro \
--volume /mammoth/k8s-config/caddy/Caddyfile:/etc/caddy/Caddyfile:ro \
--volume /mammoth/k8s-config/caddy/data:/data:rw \
--publish 80:80 \
--publish 443:443 \
--publish 443:443/udp \
--network pew-net \
customcaddy:latest
}
down () {
docker stop caddy || true
docker rm caddy || true
}
logs () {
docker logs --follow caddy
}
$@

28
lech/docker/cavereveryhour.sh Executable file
View File

@ -0,0 +1,28 @@
#!/bin/bash
set -e
up () {
docker run \
--detach \
--name cavereveryhour \
--restart unless-stopped \
--workdir /home/node/app \
--env NODE_ENV=production \
--env TZ='America/New_York' \
--volume $PWD/CaverEveryHour:/home/node/app:rw \
--volume $PWD/cavereveryhour.env:/home/node/app/.env:ro \
--volume /mammoth/tmp/EveryHourBot/CaverEveryHour:/home/node/app/media:ro \
docker.io/node:16 /bin/bash -c "npm install && node index.js"
}
down () {
docker stop cavereveryhour || true
docker rm cavereveryhour || true
}
logs () {
docker logs --follow cavereveryhour
}
$@

62
lech/docker/firefly.sh Executable file
View File

@ -0,0 +1,62 @@
#!/bin/bash
set -e
# Don't forget cron!
# https://docs.firefly-iii.org/firefly-iii/advanced-installation/cron/
up () {
# Exposed on port 8080 in pew-net
# env options: https://raw.githubusercontent.com/firefly-iii/firefly-iii/main/.env.example
# Create firefly.env with APP_KEY
docker run \
--detach \
--name firefly \
--restart unless-stopped \
--env-file firefly.env \
--env SITE_OWNER=paul@bigcavemaps.com \
--env TZ=US/Eastern \
--env TRUSTED_PROXIES=** \
--env DB_CONNECTION=mysql \
--env DB_HOST=firefly-mariadb \
--env DB_PORT=3306 \
--env DB_DATABASE=firefly \
--env DB_USERNAME=firefly \
--env DB_PASSWORD=firefly \
--env APP_URL=https://ff.seaturtle.pw \
--volume /mammoth/k8s-config/firefly/data:/var/www/html/storage/upload:rw \
--network pew-net \
docker.io/fireflyiii/core:latest
# Exposed on port 3306 in pew-net
docker run \
--detach \
--name firefly-mariadb \
--restart unless-stopped \
--label com.centurylinklabs.watchtower.enable=false \
--env MYSQL_RANDOM_ROOT_PASSWORD=notnullvalue \
--env MYSQL_PASSWORD=firefly \
--env MYSQL_DATABASE=firefly \
--env MYSQL_USER=firefly \
--volume /mammoth/k8s-config/firefly/mariadb:/var/lib/mysql:rw \
--network pew-net \
docker.io/mariadb:10.5.6
}
down () {
docker stop firefly || true
docker rm firefly || true
docker stop firefly-mariadb || true
docker rm firefly-mariadb || true
}
logs () {
docker logs --follow firefly
}
logsm () {
docker logs --follow firefly-mariadb
}
$@

46
lech/docker/geoserver.sh Executable file
View File

@ -0,0 +1,46 @@
#!/bin/bash
set -e
up () {
# Exposed on port 8080 in pew-net
docker run \
--detach \
--name geoserver \
--restart unless-stopped \
--volume /mammoth/gis/geoserver/config/geoserver-web.xml:/usr/local/geoserver/WEB-INF/web.xml:ro \
--volume /mammoth/gis/geoserver/extensions:/var/local/geoserver-exts:ro \
--volume /mammoth/gis/geoserver/data:/var/local/geoserver:rw \
--volume /mammoth/gis/store:/gis/store:ro \
--publish 8181:8080 \
--network pew-net \
docker.io/oscarfonts/geoserver:2.20.2
#--volume /mammoth/k8s-config/geoserver/config/tomcat-web.xml:/usr/local/tomcat/conf/web.xml:ro \
# Exposed on port 5432 in pew-net
docker run \
--detach \
--name geoserver-postgis \
--env POSTGRES_PASSWORD=postgres \
--restart unless-stopped \
--volume /mammoth/gis/geoserver/postgis:/var/lib/postgresql/data:rw \
--network pew-net \
docker.io/postgis/postgis:14-3.2-alpine
}
down () {
docker stop geoserver || true
docker rm geoserver || true
docker stop geoserver-postgis || true
docker rm geoserver-postgis || true
}
logs () {
docker logs --follow geoserver
}
logsp () {
docker logs --follow geoserver-postgis
}
$@

37
lech/docker/gitea.sh Executable file
View File

@ -0,0 +1,37 @@
#!/bin/bash
set -e
up () {
# Exposed on port 3000 in pew-net
docker run \
--detach \
--name gitea \
--restart unless-stopped \
--env RUN_MODE=prod \
--env DOMAIN=git.seaturtle.pw \
--env SSH_DOMAIN=git.seaturtle.pw \
--env SSH_PORT=2222 \
--env ROOT_URL=https://git.seaturtle.pw \
--env LFS_START=true \
--env DISABLE_REGISTRATION=true \
--env REQUIRE_SIGNIN_VIEW=false \
--env USER_UID=1000 \
--volume /mammoth/k8s-config/gitea/data:/data:rw \
--volume /etc/localtime:/etc/localtime:ro \
--volume /etc/timezone:/etc/timezone:ro \
--publish 2222:2222 \
--network pew-net \
docker.io/gitea/gitea:1.20
}
down () {
docker stop gitea || true
docker rm gitea || true
}
logs () {
docker logs --follow gitea
}
$@

26
lech/docker/mapproxy.sh Executable file
View File

@ -0,0 +1,26 @@
#!/bin/bash
set -e
up () {
# Exposed on port 8080 in pew-net
docker run \
--detach \
--name mapproxy \
--volume /mammoth/k8s-config/mapproxy/mapproxy.yaml:/mapproxy/mapproxy.yaml:ro \
--volume /mammoth/k8s-config/mapproxy/seed.yaml:/mapproxy/seed.yaml:ro \
--volume /mammoth/gis/mapproxy/cache_data:/mapproxy/cache_data:rw \
--network pew-net \
docker.io/kartoza/mapproxy:latest
}
down () {
docker stop mapproxy || true
docker rm mapproxy || true
}
logs () {
docker logs --follow mapproxy
}
$@

108
lech/docker/mastodon.sh Executable file
View File

@ -0,0 +1,108 @@
#!/bin/bash
set -e
TRUSTED_PROXY_IP=172.25.0.0/16
LOCAL_DOMAIN=social.bigcavemaps.com
REDIS_HOST=mastodon-redis
REDIS_PORT=6379
DB_HOST=mastodon-pg
DB_USER=mastodon
DB_NAME=mastodon_production
DB_PASS=mastodon
DB_PORT=5432
up () {
docker run \
--detach \
--name mastodon-web \
--restart unless-stopped \
--env-file mastodon.env \
--env TRUSTED_PROXY_IP=$TRUSTED_PROXY_IP \
--env LOCAL_DOMAIN=$LOCAL_DOMAIN \
--env REDIS_HOST=$REDIS_HOST \
--env REDIS_PORT=$PORT \
--env DB_HOST=$DB_HOST \
--env DB_USER=$DB_USER \
--env DB_NAME=$DB_NAME \
--env DB_PASS=$DB_PASS \
--env DB_PORT=$DB_PORT \
--volume /mammoth/k8s-config/mastodon/public/system:/mastodon/public/system:rw \
--network pew-net \
ghcr.io/mastodon/mastodon:v4.1 bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
docker run \
--detach \
--name mastodon-streaming \
--restart unless-stopped \
--env-file mastodon.env \
--env TRUSTED_PROXY_IP=$TRUSTED_PROXY_IP \
--env LOCAL_DOMAIN=$LOCAL_DOMAIN \
--env REDIS_HOST=$REDIS_HOST \
--env REDIS_PORT=$PORT \
--env DB_HOST=$DB_HOST \
--env DB_USER=$DB_USER \
--env DB_NAME=$DB_NAME \
--env DB_PASS=$DB_PASS \
--env DB_PORT=$DB_PORT \
--network pew-net \
ghcr.io/mastodon/mastodon:v4.1 node ./streaming
docker run \
--detach \
--name mastodon-sidekiq \
--restart unless-stopped \
--env-file mastodon.env \
--env TRUSTED_PROXY_IP=$TRUSTED_PROXY_IP \
--env LOCAL_DOMAIN=$LOCAL_DOMAIN \
--env REDIS_HOST=$REDIS_HOST \
--env REDIS_PORT=$PORT \
--env DB_HOST=$DB_HOST \
--env DB_USER=$DB_USER \
--env DB_NAME=$DB_NAME \
--env DB_PASS=$DB_PASS \
--env DB_PORT=$DB_PORT \
--volume /mammoth/k8s-config/mastodon/public/system:/mastodon/public/system:rw \
--network pew-net \
ghcr.io/mastodon/mastodon:v4.1 bundle exec sidekiq
# may have to run db:migrate if things don't work right away
docker run \
--detach \
--name mastodon-pg \
--restart unless-stopped \
--env POSTGRES_HOST_AUTH_METHOD=trust \
--env POSTGRES_USER=$DB_USER \
--env POSTGRES_DB=$DB_NAME \
--env POSTGRES_PASSWORD=$DB_PASS \
--volume /mammoth/k8s-config/mastodon/postgres/data:/var/lib/postgresql/data:rw \
--network pew-net \
docker.io/postgres:14-alpine
docker run \
--detach \
--name mastodon-redis \
--restart unless-stopped \
--volume /mammoth/k8s-config/mastodon/redis/data:/data:rw \
--network pew-net \
docker.io/redis:7-alpine
}
down () {
docker stop mastodon-web || true
docker rm mastodon-web || true
docker stop mastodon-streaming || true
docker rm mastodon-streaming || true
docker stop mastodon-sidekiq || true
docker rm mastodon-sidekiq || true
docker stop mastodon-pg || true
docker rm mastodon-pg || true
docker stop mastodon-redis || true
docker rm mastodon-redis || true
}
logs () {
docker logs --follow mastodon
}
$@

31
lech/docker/minio.sh Executable file
View File

@ -0,0 +1,31 @@
#!/bin/bash
set -e
up () {
docker run \
--detach \
--name minio \
--restart unless-stopped \
--env-file minio.env \
--env MINIO_BROWSER_REDIRECT_URL=https://s3.bigcavemaps.com \
--env MINIO_ROOT_USER=admin \
--env MINIO_SERVER_URL=https://s3.bigcavemaps.com:9000 \
--volume /mammoth/minio:/data:rw \
--volume /mammoth/k8s-config/caddy/data/caddy/certificates/acme.zerossl.com-v2-dv90/s3.bigcavemaps.com/s3.bigcavemaps.com.crt:/certs/public.crt:ro \
--volume /mammoth/k8s-config/caddy/data/caddy/certificates/acme.zerossl.com-v2-dv90/s3.bigcavemaps.com/s3.bigcavemaps.com.key:/certs/private.key:ro \
--publish 9000:9000 \
--publish 9090:9090 \
quay.io/minio/minio:latest server /data --console-address ":9090" --certs-dir /certs
}
down () {
docker stop minio || true
docker rm minio || true
}
logs () {
docker logs --follow minio
}
$@

38
lech/docker/plex.sh Executable file
View File

@ -0,0 +1,38 @@
#!/bin/bash
set -e
up () {
# Exposed on port 32400 in pew-net
docker run \
--detach \
--name plex \
--restart unless-stopped \
--env PUID=1000 \
--env PGID=1000 \
--env VERSION=docker \
--env PLEX_CLAIM=claim-QCs9nSWJ23sex_75xQ_a \
--volume /mammoth/k8s-config/caddy/data/caddy/certificates/acme.zerossl.com-v2-dv90/plex.seaturtle.pw:/certs:ro \
--volume /mammoth/plex/config:/config:rw \
--volume /mammoth/media/audiobooks:/media/audiobooks:ro \
--volume /mammoth/media/movies:/media/movies:ro \
--volume /mammoth/media/music:/media/music:ro \
--volume /mammoth/media/radio:/media/radio:ro \
--volume /mammoth/media/tv:/media/tv:ro \
--volume /media-vtluug:/media/media-vtluug:ro \
--volume /mammoth/tmp/plex/transcode:/transcode:rw \
--device=/dev/dri:/dev/dri:rw \
--network pew-net \
ghcr.io/linuxserver/plex:latest
}
down () {
docker stop plex || true
docker rm plex || true
}
logs () {
docker logs --follow plex
}
$@

23
lech/docker/watchtower.sh Executable file
View File

@ -0,0 +1,23 @@
#!/bin/bash
set -e
up () {
# Poll interval: 1800s (30 mins)
docker run \
--detach \
--name watchtower \
--volume /var/run/docker.sock:/var/run/docker.sock:rw \
ghcr.io/containrrr/watchtower:amd64-1.4.0 --interval 1800
}
down () {
docker stop watchtower || true
docker rm watchtower || true
}
logs () {
docker logs --follow watchtower
}
$@