diff --git a/ansible/files/fogcutter/sshtunnel.service b/ansible/files/fogcutter/sshtunnel.service index 53692ae..dced462 100644 --- a/ansible/files/fogcutter/sshtunnel.service +++ b/ansible/files/fogcutter/sshtunnel.service @@ -15,6 +15,7 @@ ExecStart=/usr/bin/ssh -Nn \ -R 7001:127.0.0.1:443 \ -R 7002:127.0.0.1:2222 \ -R 7003:127.0.0.1:25565 \ + -R 7004:127.0.0.1:8000 \ pew@polyvalent.seaturtle.pw Restart=always RestartSec=30 diff --git a/ansible/files/polyvalent/haproxy.cfg b/ansible/files/polyvalent/haproxy.cfg index acaed0f..54feed1 100644 --- a/ansible/files/polyvalent/haproxy.cfg +++ b/ansible/files/polyvalent/haproxy.cfg @@ -35,8 +35,8 @@ listen proxy25565 bind :::25565 server proxy7003 127.0.0.1:7003 -# matrix federation -listen proxy8448 +# tunnelvr +listen proxy8000 mode tcp - bind :::8448 + bind :::8000 server proxy7004 127.0.0.1:7004 diff --git a/fogcutter/docker/firefly.sh b/fogcutter/docker/firefly.sh index 95dae80..c63fee0 100755 --- a/fogcutter/docker/firefly.sh +++ b/fogcutter/docker/firefly.sh @@ -25,13 +25,14 @@ up () { --env APP_URL=https://ff.seaturtle.pw \ --volume /bigdata/k8s-config/firefly/data:/var/www/html/storage/upload:rw \ --network pew-net \ - docker.io/fireflyiii/core:version-5.5.12 + docker.io/fireflyiii/core:latest # Exposed on port 3306 in pew-net docker run \ --detach \ --name firefly-mariadb \ --restart unless-stopped \ + --label com.centurylinklabs.watchtower.enable=false \ --env MYSQL_RANDOM_ROOT_PASSWORD=notnullvalue \ --env MYSQL_PASSWORD=firefly \ --env MYSQL_DATABASE=firefly \ diff --git a/fogcutter/docker/geoserver.sh b/fogcutter/docker/geoserver.sh new file mode 100755 index 0000000..f3587c1 --- /dev/null +++ b/fogcutter/docker/geoserver.sh @@ -0,0 +1,48 @@ +#!/bin/bash + +set -e + +up () { + docker network create pew-net || true + + # Exposed on port 8080 in pew-net + docker run \ + --detach \ + --name geoserver \ + --restart unless-stopped \ + --volume /bigdata/gis/geoserver/config/geoserver-web.xml:/usr/local/geoserver/WEB-INF/web.xml:ro \ + --volume /bigdata/gis/geoserver/extensions:/var/local/geoserver-exts:ro \ + --volume /bigdata/gis/geoserver/data:/var/local/geoserver:rw \ + --volume /bigdata/gis/store:/gis/store:ro \ + --publish 8181:8080 \ + --network pew-net \ + docker.io/oscarfonts/geoserver:2.20.2 + #--volume /bigdata/k8s-config/geoserver/config/tomcat-web.xml:/usr/local/tomcat/conf/web.xml:ro \ + + # Exposed on port 5432 in pew-net + docker run \ + --detach \ + --name geoserver-postgis \ + --env POSTGRES_PASSWORD=postgres \ + --restart unless-stopped \ + --volume /bigdata/gis/geoserver/postgis:/var/lib/postgresql/data:rw \ + --network pew-net \ + docker.io/postgis/postgis:14-3.2-alpine +} + +down () { + docker stop geoserver || true + docker rm geoserver || true + docker stop geoserver-postgis || true + docker rm geoserver-postgis || true +} + +logs () { + docker logs --follow geoserver +} + +logsp () { + docker logs --follow geoserver-postgis +} + +$@ diff --git a/fogcutter/docker/gitea.sh b/fogcutter/docker/gitea.sh index 2e93ed3..076b5d6 100755 --- a/fogcutter/docker/gitea.sh +++ b/fogcutter/docker/gitea.sh @@ -24,7 +24,7 @@ up () { --volume /etc/timezone:/etc/timezone:ro \ --publish 2222:2222 \ --network pew-net \ - docker.io/gitea/gitea:1.14.4 + docker.io/gitea/gitea:latest } down () { diff --git a/fogcutter/docker/jellyfin.sh b/fogcutter/docker/jellyfin.sh index bfca3a6..9407e63 100755 --- a/fogcutter/docker/jellyfin.sh +++ b/fogcutter/docker/jellyfin.sh @@ -18,7 +18,7 @@ up () { --volume /bigdata/media/movies:/media/movies:ro \ --volume /bigdata/media/music:/media/music:ro \ --network pew-net \ - ghcr.io/linuxserver/jellyfin:10.7.0-1-ls100 + ghcr.io/linuxserver/jellyfin:latest } down () { diff --git a/fogcutter/docker/minecraft.sh b/fogcutter/docker/minecraft.sh index b9b5c90..6c56b3e 100755 --- a/fogcutter/docker/minecraft.sh +++ b/fogcutter/docker/minecraft.sh @@ -9,8 +9,8 @@ up () { --restart unless-stopped \ --env EULA=TRUE \ --env MAX_MEMORY=8G \ - --env VERSION=1.15.2 \ - --volume /bigdata/k8s-config/minecraft/data:/data:rw \ + --env VERSION=1.18.1 \ + --volume /bigdata/k8s-config/minecraft/1.18-data:/data:rw \ --publish 127.0.0.1:25565:25565 \ docker.io/itzg/minecraft-server:latest } diff --git a/fogcutter/docker/nfs.sh b/fogcutter/docker/nfs.sh new file mode 100755 index 0000000..9378707 --- /dev/null +++ b/fogcutter/docker/nfs.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +set -e + +up () { + # Poll interval: 1800s (30 mins) + docker run \ + --detach \ + --name nfs \ + --volume /bigdata/tmp/echarlie-photos:/bigdata/tmp/echarlie-photos:rw \ + --volume /bigdata/k8s-config/nfs/exports.txt:/etc/exports.txt \ + --volume /var/run/docker.sock:/var/run/docker.sock:rw \ + erichough/nfs-server:latest +} + +down () { + docker stop nfs || true + docker rm nfs || true +} + +logs () { + docker logs --follow nfs +} + +$@ diff --git a/fogcutter/docker/nginx.sh b/fogcutter/docker/nginx.sh index 05cd031..c633f3c 100755 --- a/fogcutter/docker/nginx.sh +++ b/fogcutter/docker/nginx.sh @@ -17,16 +17,17 @@ up () { --env URL=seaturtle.pw \ --env VALIDATION=http \ --env EMAIL=paulsw.pw@gmail.com \ - --env SUBDOMAINS=airsonic,cave,ff,git,jf,nc,plex \ + --env SUBDOMAINS=cave,ff,git,jf,nc,plex \ + --env EXTRA_DOMAINS=paul.walko.org,tile.bigcavemaps.com \ --volume /bigdata/k8s-config/nginx/nginx.conf:/config/nginx/nginx.conf:ro \ --volume /bigdata/files:/files:ro \ --volume /bigdata/k8s-config/nginx/config:/config:rw \ --volume /bigdata/k8s-config/nginx/ssl.conf:/config/nginx/ssl.conf:ro \ --volume /bigdata/k8s-config/nginx/site-confs:/config/nginx/site-confs:ro \ - --publish 127.0.0.1:80:80 \ + --publish 80:80 \ --publish 443:443 \ --network pew-net \ - ghcr.io/linuxserver/swag:1.15.0-ls57 + ghcr.io/linuxserver/swag:latest } down () { diff --git a/fogcutter/docker/paperless.sh b/fogcutter/docker/paperless.sh new file mode 100755 index 0000000..0d45094 --- /dev/null +++ b/fogcutter/docker/paperless.sh @@ -0,0 +1,93 @@ +#!/bin/bash + +set -e + +up () { + docker network create pew-net || true + + # Exposed on port 8000 in pew-net + docker run \ + --detach \ + --name paperless \ + --restart unless-stopped \ + --env USERMAP_UID=1000 \ + --env USERMAP_GID=1000 \ + --env PAPERLESS_REDIS=redis://paperless-redis:6379 \ + --env PAPERLESS_DBHOST=paperless-psql \ + --env PAPERLESS_TIKA_ENABLED=1 \ + --env PAPERLESS_TIKA_GOTENBERG_EDPOINT=http://paperless-gotenberg:3000 \ + --env PAPERLESS_TIKA_ENDPOINT=http://paperless-tika:9998 \ + --volume /bigdata/k8s-config/paperless/paperless/data:/usr/src/paperless/data:rw \ + --volume /bigdata/k8s-config/paperless/paperless/media:/usr/src/paperless/media:rw \ + --volume /bigdata/k8s-config/paperless/paperless/export:/usr/src/paperless/export:rw \ + --volume /bigdata/k8s-config/paperless/paperless/consume:/usr/src/paperless/consume:rw \ + --network pew-net \ + docker.io/jonaswinkler/paperless-ng:latest + + docker run \ + --detach \ + --name paperless-gotenberg \ + --restart unless-stopped \ + --env DISABLE_GOOGLE_CHROME=1 \ + --network pew-net \ + docker.io/thecodingmachine/gotenberg:latest + + docker run \ + --detach \ + --name paperless-psql \ + --env POSTGRES_DB=paperless \ + --env POSTGRES_USER=paperless \ + --env POSTGRES_PASSWORD=paperless \ + --volume /bigdata/k8s-config/paperless/postgres:/var/lib/postgresql/data:rw \ + --network pew-net \ + docker.io/postgres:13 + + docker run \ + --detach \ + --name paperless-redis \ + --restart unless-stopped \ + --network pew-net \ + docker.io/redis:6.0 + + docker run \ + --detach \ + --name paperless-tika \ + --restart unless-stopped \ + --network pew-net \ + docker.io/apache/tika:latest +} + +down () { + docker stop paperless || true + docker rm paperless || true + docker stop paperless-gotenberg || true + docker rm paperless-gotenberg || true + docker stop paperless-psql || true + docker rm paperless-psql || true + docker stop paperless-redis || true + docker rm paperless-redis || true + docker stop paperless-tika || true + docker rm paperless-tika || true +} + +logs () { + docker logs --follow paperless +} + +logsg () { + docker logs --follow paperless-gotenberg +} + +logsp () { + docker logs --follow paperless-psql +} + +logsr () { + docker logs --follow paperless-redis +} + +logst () { + docker logs --follow paperless-tika +} + +$@ diff --git a/fogcutter/docker/plex.sh b/fogcutter/docker/plex.sh index ba5c09c..63bab91 100755 --- a/fogcutter/docker/plex.sh +++ b/fogcutter/docker/plex.sh @@ -18,7 +18,7 @@ up () { --volume /bigdata/media/music:/media/music:ro \ --volume /media-vtluug:/media/media-vtluug:ro \ --network pew-net \ - ghcr.io/linuxserver/plex:1.20.3.3483-211702a9f-ls122 + ghcr.io/linuxserver/plex:latest } down () { diff --git a/fogcutter/docker/tunnelvr-fileserver.sh b/fogcutter/docker/tunnelvr-fileserver.sh new file mode 100755 index 0000000..06e0b7f --- /dev/null +++ b/fogcutter/docker/tunnelvr-fileserver.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +set -e + +##### Update as follows ##### +#/etc/apache2/conf.d # cat dav_svn.conf +#LoadModule dav_svn_module /usr/lib/apache2/mod_dav_svn.so +#LoadModule authz_svn_module /usr/lib/apache2/mod_authz_svn.so +# +# +# DAV svn +# SVNParentPath /home/svn +# SVNListParentPath On +# Allow from All +# Satisfy Any +## AuthType Basic +## AuthName "Subversion Repository" +## AuthUserFile /etc/subversion/passwd +# AuthzSVNAccessFile /etc/subversion/subversion-access-control +## Require valid-user +# + + +# See https://github.com/elleFlorio/svn-docker for adding users + +up () { + docker network create pew-net || true + + # Exposed on port 80 in pew-net + docker run \ + --detach \ + --name tunnelvr-fileserver \ + --restart unless-stopped \ + --volume /bigdata/archive/vpicc-private/tunnelvr:/home/svn:rw \ + --volume svn_config:/etc/subversion \ + --volume svnadmin_config:/opt/svnadmin/data \ + --publish 10.42.0.203:8081:80 \ + --publish 10.42.0.203:3690:3690 \ + --network pew-net \ + elleflorio/svn-server:latest +} + +down () { + docker stop tunnelvr-fileserver || true + docker rm tunnelvr-fileserver || true +} + +logs () { + docker logs --follow tunnelvr-fileserver +} + +$@ diff --git a/fogcutter/docker/tunnelvr.sh b/fogcutter/docker/tunnelvr.sh new file mode 100755 index 0000000..ed35837 --- /dev/null +++ b/fogcutter/docker/tunnelvr.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +set -e + +up () { + # Exposed on port 8000 + docker run \ + --detach \ + --name tunnelvr \ + --restart unless-stopped \ + --volume /bigdata/k8s-config/tunnelvr/caddywebserver:/home/caver/.local/share/godot/app_userdata/tunnelvr_v0.7/caddywebserver:ro \ + --publish 127.0.0.1:8000:8000 \ + ghcr.io/paulwalko/tunnelvr-server:testv8 +} + +down () { + docker stop tunnelvr || true + docker rm tunnelvr || true +} + +logs () { + docker logs --follow tunnelvr +} + +$@ diff --git a/fogcutter/docker/unifi.sh b/fogcutter/docker/unifi.sh index 7600566..dea5d3e 100755 --- a/fogcutter/docker/unifi.sh +++ b/fogcutter/docker/unifi.sh @@ -14,7 +14,7 @@ up () { --publish 10001:10001/udp \ --publish 8080:8080/tcp \ --publish 8443:8443/tcp \ - ghcr.io/linuxserver/unifi-controller:6.2.26-ls116 + ghcr.io/linuxserver/unifi-controller:6.5.54-ls134 } down () { diff --git a/fogcutter/docker/watchtower.sh b/fogcutter/docker/watchtower.sh new file mode 100755 index 0000000..f67b36f --- /dev/null +++ b/fogcutter/docker/watchtower.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +set -e + +up () { + # Poll interval: 1800s (30 mins) + docker run \ + --detach \ + --name watchtower \ + --volume /var/run/docker.sock:/var/run/docker.sock:rw \ + ghcr.io/containrrr/watchtower:amd64-1.3.0 --interval 1800 +} + +down () { + docker stop watchtower || true + docker rm watchtower || true +} + +logs () { + docker logs --follow watchtower +} + +$@