From 5cacb65ad01535b1a3119928c4e73b6f19013f6c Mon Sep 17 00:00:00 2001 From: Paul Walko Date: Tue, 5 Sep 2023 11:40:31 -0400 Subject: [PATCH] feat: lech --- lech/docker/.gitignore | 2 + lech/docker/Dockerfile.caddy | 8 +++ lech/docker/caddy.sh | 37 ++++++++++++ lech/docker/cavereveryhour.sh | 28 +++++++++ lech/docker/firefly.sh | 62 +++++++++++++++++++ lech/docker/geoserver.sh | 46 +++++++++++++++ lech/docker/gitea.sh | 37 ++++++++++++ lech/docker/mapproxy.sh | 26 ++++++++ lech/docker/mastodon.sh | 108 ++++++++++++++++++++++++++++++++++ lech/docker/minio.sh | 31 ++++++++++ lech/docker/plex.sh | 38 ++++++++++++ lech/docker/watchtower.sh | 23 ++++++++ 12 files changed, 446 insertions(+) create mode 100644 lech/docker/.gitignore create mode 100644 lech/docker/Dockerfile.caddy create mode 100755 lech/docker/caddy.sh create mode 100755 lech/docker/cavereveryhour.sh create mode 100755 lech/docker/firefly.sh create mode 100755 lech/docker/geoserver.sh create mode 100755 lech/docker/gitea.sh create mode 100755 lech/docker/mapproxy.sh create mode 100755 lech/docker/mastodon.sh create mode 100755 lech/docker/minio.sh create mode 100755 lech/docker/plex.sh create mode 100755 lech/docker/watchtower.sh diff --git a/lech/docker/.gitignore b/lech/docker/.gitignore new file mode 100644 index 0000000..296e7ff --- /dev/null +++ b/lech/docker/.gitignore @@ -0,0 +1,2 @@ +CaverEveryHour/ +*.env diff --git a/lech/docker/Dockerfile.caddy b/lech/docker/Dockerfile.caddy new file mode 100644 index 0000000..671ce41 --- /dev/null +++ b/lech/docker/Dockerfile.caddy @@ -0,0 +1,8 @@ +FROM caddy:2.7.4-builder AS builder + +RUN xcaddy build \ + --with github.com/caddyserver/replace-response + +FROM caddy:2.7.4 + +COPY --from=builder /usr/bin/caddy /usr/bin/caddy diff --git a/lech/docker/caddy.sh b/lech/docker/caddy.sh new file mode 100755 index 0000000..d129b72 --- /dev/null +++ b/lech/docker/caddy.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +set -e + +up () { + docker network create pew-net || true + + # main caddy container + docker build -t customcaddy:latest -f Dockerfile.caddy . + + docker run \ + --detach \ + --name caddy \ + --restart unless-stopped \ + --privileged \ + --volume /mammoth/files:/www/seaturtle.pw_files:ro \ + --volume /mammoth/gis/bigcavemaps.com:/www/bigcavemaps.com:ro \ + --volume /mammoth/gis/source:/gis/source:ro \ + --volume /mammoth/k8s-config/caddy/Caddyfile:/etc/caddy/Caddyfile:ro \ + --volume /mammoth/k8s-config/caddy/data:/data:rw \ + --publish 80:80 \ + --publish 443:443 \ + --publish 443:443/udp \ + --network pew-net \ + customcaddy:latest +} + +down () { + docker stop caddy || true + docker rm caddy || true +} + +logs () { + docker logs --follow caddy +} + +$@ diff --git a/lech/docker/cavereveryhour.sh b/lech/docker/cavereveryhour.sh new file mode 100755 index 0000000..f8e583c --- /dev/null +++ b/lech/docker/cavereveryhour.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +set -e + +up () { + docker run \ + --detach \ + --name cavereveryhour \ + --restart unless-stopped \ + --workdir /home/node/app \ + --env NODE_ENV=production \ + --env TZ='America/New_York' \ + --volume $PWD/CaverEveryHour:/home/node/app:rw \ + --volume $PWD/cavereveryhour.env:/home/node/app/.env:ro \ + --volume /mammoth/tmp/EveryHourBot/CaverEveryHour:/home/node/app/media:ro \ + docker.io/node:16 /bin/bash -c "npm install && node index.js" +} + +down () { + docker stop cavereveryhour || true + docker rm cavereveryhour || true +} + +logs () { + docker logs --follow cavereveryhour +} + +$@ diff --git a/lech/docker/firefly.sh b/lech/docker/firefly.sh new file mode 100755 index 0000000..b0b55d7 --- /dev/null +++ b/lech/docker/firefly.sh @@ -0,0 +1,62 @@ +#!/bin/bash + +set -e + +# Don't forget cron! +# https://docs.firefly-iii.org/firefly-iii/advanced-installation/cron/ + +up () { + # Exposed on port 8080 in pew-net + # env options: https://raw.githubusercontent.com/firefly-iii/firefly-iii/main/.env.example + # Create firefly.env with APP_KEY + docker run \ + --detach \ + --name firefly \ + --restart unless-stopped \ + --env-file firefly.env \ + --env SITE_OWNER=paul@bigcavemaps.com \ + --env TZ=US/Eastern \ + --env TRUSTED_PROXIES=** \ + --env DB_CONNECTION=mysql \ + --env DB_HOST=firefly-mariadb \ + --env DB_PORT=3306 \ + --env DB_DATABASE=firefly \ + --env DB_USERNAME=firefly \ + --env DB_PASSWORD=firefly \ + --env APP_URL=https://ff.seaturtle.pw \ + --volume /mammoth/k8s-config/firefly/data:/var/www/html/storage/upload:rw \ + --network pew-net \ + docker.io/fireflyiii/core:latest + + # Exposed on port 3306 in pew-net + docker run \ + --detach \ + --name firefly-mariadb \ + --restart unless-stopped \ + --label com.centurylinklabs.watchtower.enable=false \ + --env MYSQL_RANDOM_ROOT_PASSWORD=notnullvalue \ + --env MYSQL_PASSWORD=firefly \ + --env MYSQL_DATABASE=firefly \ + --env MYSQL_USER=firefly \ + --volume /mammoth/k8s-config/firefly/mariadb:/var/lib/mysql:rw \ + --network pew-net \ + docker.io/mariadb:10.5.6 +} + +down () { + docker stop firefly || true + docker rm firefly || true + docker stop firefly-mariadb || true + docker rm firefly-mariadb || true +} + +logs () { + docker logs --follow firefly +} + +logsm () { + docker logs --follow firefly-mariadb +} + + +$@ diff --git a/lech/docker/geoserver.sh b/lech/docker/geoserver.sh new file mode 100755 index 0000000..1bd51b9 --- /dev/null +++ b/lech/docker/geoserver.sh @@ -0,0 +1,46 @@ +#!/bin/bash + +set -e + +up () { + # Exposed on port 8080 in pew-net + docker run \ + --detach \ + --name geoserver \ + --restart unless-stopped \ + --volume /mammoth/gis/geoserver/config/geoserver-web.xml:/usr/local/geoserver/WEB-INF/web.xml:ro \ + --volume /mammoth/gis/geoserver/extensions:/var/local/geoserver-exts:ro \ + --volume /mammoth/gis/geoserver/data:/var/local/geoserver:rw \ + --volume /mammoth/gis/store:/gis/store:ro \ + --publish 8181:8080 \ + --network pew-net \ + docker.io/oscarfonts/geoserver:2.20.2 + #--volume /mammoth/k8s-config/geoserver/config/tomcat-web.xml:/usr/local/tomcat/conf/web.xml:ro \ + + # Exposed on port 5432 in pew-net + docker run \ + --detach \ + --name geoserver-postgis \ + --env POSTGRES_PASSWORD=postgres \ + --restart unless-stopped \ + --volume /mammoth/gis/geoserver/postgis:/var/lib/postgresql/data:rw \ + --network pew-net \ + docker.io/postgis/postgis:14-3.2-alpine +} + +down () { + docker stop geoserver || true + docker rm geoserver || true + docker stop geoserver-postgis || true + docker rm geoserver-postgis || true +} + +logs () { + docker logs --follow geoserver +} + +logsp () { + docker logs --follow geoserver-postgis +} + +$@ diff --git a/lech/docker/gitea.sh b/lech/docker/gitea.sh new file mode 100755 index 0000000..c878f49 --- /dev/null +++ b/lech/docker/gitea.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +set -e + +up () { + # Exposed on port 3000 in pew-net + docker run \ + --detach \ + --name gitea \ + --restart unless-stopped \ + --env RUN_MODE=prod \ + --env DOMAIN=git.seaturtle.pw \ + --env SSH_DOMAIN=git.seaturtle.pw \ + --env SSH_PORT=2222 \ + --env ROOT_URL=https://git.seaturtle.pw \ + --env LFS_START=true \ + --env DISABLE_REGISTRATION=true \ + --env REQUIRE_SIGNIN_VIEW=false \ + --env USER_UID=1000 \ + --volume /mammoth/k8s-config/gitea/data:/data:rw \ + --volume /etc/localtime:/etc/localtime:ro \ + --volume /etc/timezone:/etc/timezone:ro \ + --publish 2222:2222 \ + --network pew-net \ + docker.io/gitea/gitea:1.20 +} + +down () { + docker stop gitea || true + docker rm gitea || true +} + +logs () { + docker logs --follow gitea +} + +$@ diff --git a/lech/docker/mapproxy.sh b/lech/docker/mapproxy.sh new file mode 100755 index 0000000..f7b1e42 --- /dev/null +++ b/lech/docker/mapproxy.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +set -e + +up () { + # Exposed on port 8080 in pew-net + docker run \ + --detach \ + --name mapproxy \ + --volume /mammoth/k8s-config/mapproxy/mapproxy.yaml:/mapproxy/mapproxy.yaml:ro \ + --volume /mammoth/k8s-config/mapproxy/seed.yaml:/mapproxy/seed.yaml:ro \ + --volume /mammoth/gis/mapproxy/cache_data:/mapproxy/cache_data:rw \ + --network pew-net \ + docker.io/kartoza/mapproxy:latest +} + +down () { + docker stop mapproxy || true + docker rm mapproxy || true +} + +logs () { + docker logs --follow mapproxy +} + +$@ diff --git a/lech/docker/mastodon.sh b/lech/docker/mastodon.sh new file mode 100755 index 0000000..67f51bb --- /dev/null +++ b/lech/docker/mastodon.sh @@ -0,0 +1,108 @@ +#!/bin/bash + +set -e + +TRUSTED_PROXY_IP=172.25.0.0/16 +LOCAL_DOMAIN=social.bigcavemaps.com +REDIS_HOST=mastodon-redis +REDIS_PORT=6379 +DB_HOST=mastodon-pg +DB_USER=mastodon +DB_NAME=mastodon_production +DB_PASS=mastodon +DB_PORT=5432 + +up () { + docker run \ + --detach \ + --name mastodon-web \ + --restart unless-stopped \ + --env-file mastodon.env \ + --env TRUSTED_PROXY_IP=$TRUSTED_PROXY_IP \ + --env LOCAL_DOMAIN=$LOCAL_DOMAIN \ + --env REDIS_HOST=$REDIS_HOST \ + --env REDIS_PORT=$PORT \ + --env DB_HOST=$DB_HOST \ + --env DB_USER=$DB_USER \ + --env DB_NAME=$DB_NAME \ + --env DB_PASS=$DB_PASS \ + --env DB_PORT=$DB_PORT \ + --volume /mammoth/k8s-config/mastodon/public/system:/mastodon/public/system:rw \ + --network pew-net \ + ghcr.io/mastodon/mastodon:v4.1 bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" + + docker run \ + --detach \ + --name mastodon-streaming \ + --restart unless-stopped \ + --env-file mastodon.env \ + --env TRUSTED_PROXY_IP=$TRUSTED_PROXY_IP \ + --env LOCAL_DOMAIN=$LOCAL_DOMAIN \ + --env REDIS_HOST=$REDIS_HOST \ + --env REDIS_PORT=$PORT \ + --env DB_HOST=$DB_HOST \ + --env DB_USER=$DB_USER \ + --env DB_NAME=$DB_NAME \ + --env DB_PASS=$DB_PASS \ + --env DB_PORT=$DB_PORT \ + --network pew-net \ + ghcr.io/mastodon/mastodon:v4.1 node ./streaming + + docker run \ + --detach \ + --name mastodon-sidekiq \ + --restart unless-stopped \ + --env-file mastodon.env \ + --env TRUSTED_PROXY_IP=$TRUSTED_PROXY_IP \ + --env LOCAL_DOMAIN=$LOCAL_DOMAIN \ + --env REDIS_HOST=$REDIS_HOST \ + --env REDIS_PORT=$PORT \ + --env DB_HOST=$DB_HOST \ + --env DB_USER=$DB_USER \ + --env DB_NAME=$DB_NAME \ + --env DB_PASS=$DB_PASS \ + --env DB_PORT=$DB_PORT \ + --volume /mammoth/k8s-config/mastodon/public/system:/mastodon/public/system:rw \ + --network pew-net \ + ghcr.io/mastodon/mastodon:v4.1 bundle exec sidekiq + + # may have to run db:migrate if things don't work right away + docker run \ + --detach \ + --name mastodon-pg \ + --restart unless-stopped \ + --env POSTGRES_HOST_AUTH_METHOD=trust \ + --env POSTGRES_USER=$DB_USER \ + --env POSTGRES_DB=$DB_NAME \ + --env POSTGRES_PASSWORD=$DB_PASS \ + --volume /mammoth/k8s-config/mastodon/postgres/data:/var/lib/postgresql/data:rw \ + --network pew-net \ + docker.io/postgres:14-alpine + + docker run \ + --detach \ + --name mastodon-redis \ + --restart unless-stopped \ + --volume /mammoth/k8s-config/mastodon/redis/data:/data:rw \ + --network pew-net \ + docker.io/redis:7-alpine +} + +down () { + docker stop mastodon-web || true + docker rm mastodon-web || true + docker stop mastodon-streaming || true + docker rm mastodon-streaming || true + docker stop mastodon-sidekiq || true + docker rm mastodon-sidekiq || true + docker stop mastodon-pg || true + docker rm mastodon-pg || true + docker stop mastodon-redis || true + docker rm mastodon-redis || true +} + +logs () { + docker logs --follow mastodon +} + +$@ diff --git a/lech/docker/minio.sh b/lech/docker/minio.sh new file mode 100755 index 0000000..3cc6805 --- /dev/null +++ b/lech/docker/minio.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +set -e + +up () { + docker run \ + --detach \ + --name minio \ + --restart unless-stopped \ + --env-file minio.env \ + --env MINIO_BROWSER_REDIRECT_URL=https://s3.bigcavemaps.com \ + --env MINIO_ROOT_USER=admin \ + --env MINIO_SERVER_URL=https://s3.bigcavemaps.com:9000 \ + --volume /mammoth/minio:/data:rw \ + --volume /mammoth/k8s-config/caddy/data/caddy/certificates/acme.zerossl.com-v2-dv90/s3.bigcavemaps.com/s3.bigcavemaps.com.crt:/certs/public.crt:ro \ + --volume /mammoth/k8s-config/caddy/data/caddy/certificates/acme.zerossl.com-v2-dv90/s3.bigcavemaps.com/s3.bigcavemaps.com.key:/certs/private.key:ro \ + --publish 9000:9000 \ + --publish 9090:9090 \ + quay.io/minio/minio:latest server /data --console-address ":9090" --certs-dir /certs +} + +down () { + docker stop minio || true + docker rm minio || true +} + +logs () { + docker logs --follow minio +} + +$@ diff --git a/lech/docker/plex.sh b/lech/docker/plex.sh new file mode 100755 index 0000000..4fec192 --- /dev/null +++ b/lech/docker/plex.sh @@ -0,0 +1,38 @@ +#!/bin/bash + +set -e + +up () { + # Exposed on port 32400 in pew-net + docker run \ + --detach \ + --name plex \ + --restart unless-stopped \ + --env PUID=1000 \ + --env PGID=1000 \ + --env VERSION=docker \ + --env PLEX_CLAIM=claim-QCs9nSWJ23sex_75xQ_a \ + --volume /mammoth/k8s-config/caddy/data/caddy/certificates/acme.zerossl.com-v2-dv90/plex.seaturtle.pw:/certs:ro \ + --volume /mammoth/plex/config:/config:rw \ + --volume /mammoth/media/audiobooks:/media/audiobooks:ro \ + --volume /mammoth/media/movies:/media/movies:ro \ + --volume /mammoth/media/music:/media/music:ro \ + --volume /mammoth/media/radio:/media/radio:ro \ + --volume /mammoth/media/tv:/media/tv:ro \ + --volume /media-vtluug:/media/media-vtluug:ro \ + --volume /mammoth/tmp/plex/transcode:/transcode:rw \ + --device=/dev/dri:/dev/dri:rw \ + --network pew-net \ + ghcr.io/linuxserver/plex:latest +} + +down () { + docker stop plex || true + docker rm plex || true +} + +logs () { + docker logs --follow plex +} + +$@ diff --git a/lech/docker/watchtower.sh b/lech/docker/watchtower.sh new file mode 100755 index 0000000..2c1810d --- /dev/null +++ b/lech/docker/watchtower.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +set -e + +up () { + # Poll interval: 1800s (30 mins) + docker run \ + --detach \ + --name watchtower \ + --volume /var/run/docker.sock:/var/run/docker.sock:rw \ + ghcr.io/containrrr/watchtower:amd64-1.4.0 --interval 1800 +} + +down () { + docker stop watchtower || true + docker rm watchtower || true +} + +logs () { + docker logs --follow watchtower +} + +$@