dec updates

master
Paul Walko 2024-12-16 20:33:10 -05:00
parent 52f7208473
commit a6555e95e2
10 changed files with 164 additions and 88 deletions

View File

@ -1,6 +1,7 @@
FROM caddy:2.7.5-builder AS builder FROM caddy:2.7.5-builder AS builder
RUN xcaddy build \ RUN xcaddy build \
--with github.com/caddy-dns/cloudflare \
--with github.com/caddy-dns/porkbun \ --with github.com/caddy-dns/porkbun \
--with github.com/caddyserver/replace-response --with github.com/caddyserver/replace-response

View File

@ -32,6 +32,9 @@ up () {
--volume /mammoth/caddy/logs:/logs:rw \ --volume /mammoth/caddy/logs:/logs:rw \
--publish 443:443 \ --publish 443:443 \
--publish 443:443/udp \ --publish 443:443/udp \
--publish 6233:6233 \
--publish [$(tailscale ip -4)]:8443:8443 \
--publish [$(tailscale ip -4)]:8443:8443/udp \
--publish [$(tailscale ip -6)]:8443:8443 \ --publish [$(tailscale ip -6)]:8443:8443 \
--publish [$(tailscale ip -6)]:8443:8443/udp \ --publish [$(tailscale ip -6)]:8443:8443/udp \
--network pew-net \ --network pew-net \

View File

@ -1,28 +0,0 @@
#!/bin/bash
set -e
up () {
docker run \
--detach \
--name cavereveryhour \
--restart unless-stopped \
--workdir /home/node/app \
--env NODE_ENV=production \
--env TZ='America/New_York' \
--volume $PWD/CaverEveryHour:/home/node/app:rw \
--volume $PWD/cavereveryhour.env:/home/node/app/.env:ro \
--volume /mammoth/tmp/EveryHourBot/CaverEveryHour:/home/node/app/media:ro \
docker.io/node:16 /bin/bash -c "npm install && node index.js"
}
down () {
docker stop cavereveryhour || true
docker rm cavereveryhour || true
}
logs () {
docker logs --follow cavereveryhour
}
$@

View File

@ -2,6 +2,11 @@
set -e set -e
. $HOME/scripts-private/lech/immich.env
VERSION=$(curl --silent https://api.github.com/repos/immich-app/immich/releases | grep "\"tag_name\": \"$MINOR_VERSION" | head -n 1 | sed -E 's/.*"([^"]+)".*/\1/')
echo
echo "VERSION: $VERSION"
up () { up () {
# Exposed on port 3001 in pew-net # Exposed on port 3001 in pew-net
docker run \ docker run \
@ -18,7 +23,7 @@ up () {
--volume /mammoth/photos:/external_library/photos:ro \ --volume /mammoth/photos:/external_library/photos:ro \
--volume /etc/localtime:/etc/localtime:ro \ --volume /etc/localtime:/etc/localtime:ro \
--network pew-net \ --network pew-net \
ghcr.io/immich-app/immich-server:v1.120.2 ghcr.io/immich-app/immich-server:$VERSION
docker run \ docker run \
--detach \ --detach \
@ -32,7 +37,7 @@ up () {
--env REDIS_HOSTNAME=immich-redis \ --env REDIS_HOSTNAME=immich-redis \
--volume /mammoth/immich/cache:/cache:rw \ --volume /mammoth/immich/cache:/cache:rw \
--network pew-net \ --network pew-net \
ghcr.io/immich-app/immich-machine-learning:v1.120.2 ghcr.io/immich-app/immich-machine-learning:$VERSION
docker run \ docker run \
--detach \ --detach \
@ -51,7 +56,7 @@ up () {
--env POSTGRES_INITDB_ARGS=--data-checksums \ --env POSTGRES_INITDB_ARGS=--data-checksums \
--volume /mammoth/immich/postgres:/var/lib/postgresql/data:rw \ --volume /mammoth/immich/postgres:/var/lib/postgresql/data:rw \
--network pew-net \ --network pew-net \
docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0 \ docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0 \
postgres -c shared_preload_libraries=vectors.so -c 'search_path="$$user", public, vectors' -c logging_collector=on -c max_wal_size=2GB -c shared_buffers=512MB -c wal_compression=on postgres -c shared_preload_libraries=vectors.so -c 'search_path="$$user", public, vectors' -c logging_collector=on -c max_wal_size=2GB -c shared_buffers=512MB -c wal_compression=on
} }

View File

@ -4,38 +4,38 @@ set -e
sudo sysctl -w vm.max_map_count=262144 sudo sysctl -w vm.max_map_count=262144
up () { up () {
# docker run \ docker run \
# --detach \ --detach \
# --name mesh-mq \ --name mesh-mq \
# --volume /mammoth/mesh/mosquitto/mosquitto.conf:/mosquitto/config/mosquitto.conf:ro \ --volume /mammoth/mesh/mosquitto/mosquitto.conf:/mosquitto/config/mosquitto.conf:ro \
# --volume /mammoth/mesh/mosquitto/passwd:/mosquitto/config/passwd:ro \ --volume /mammoth/mesh/mosquitto/passwd:/mosquitto/config/passwd:ro \
# --publish 1883:1883 \ --publish 1883:1883 \
# eclipse-mosquitto:2 eclipse-mosquitto:2
#
# docker run \ docker run \
# --detach \ --detach \
# --name mesh-es \ --name mesh-es \
# --env discovery.type=single-node \ --env discovery.type=single-node \
# --env http.host=0.0.0.0 \ --env http.host=0.0.0.0 \
# --env xpack.security.enabled=false \ --env xpack.security.enabled=false \
# --volume /mammoth/mesh/elasticsearch/data:/usr/share/elasticsearch/data:rw \ --volume /mammoth/mesh/elasticsearch/data:/usr/share/elasticsearch/data:rw \
# --network pew-net \ --network pew-net \
# docker.elastic.co/elasticsearch/elasticsearch:8.15.2 docker.elastic.co/elasticsearch/elasticsearch:8.15.2
#
# docker run \ docker run \
# --detach \ --detach \
# --name mesh-kb \ --name mesh-kb \
# --env SERVER_PUBLICBASEURL=https://kibana.caving.dev:8443 \ --env SERVER_PUBLICBASEURL=https://kibana.caving.dev:8443 \
# --env ELASTICSEARCH_HOST='["http://mesh-es:9200"]' \ --env ELASTICSEARCH_HOST='["http://mesh-es:9200"]' \
# --volume /mammoth/mesh/kibana/data:/usr/share/kibana/data:rw \ --volume /mammoth/mesh/kibana/data:/usr/share/kibana/data:rw \
# --network pew-net \ --network pew-net \
# docker.elastic.co/kibana/kibana:8.15.2 docker.elastic.co/kibana/kibana:8.15.2
#
# docker run \ docker run \
# --detach \ --detach \
# --name mesh-mc \ --name mesh-mc \
# --network pew-net \ --network pew-net \
# memcached:1.6 memcached:1.6
docker run \ docker run \
--detach \ --detach \
@ -43,34 +43,34 @@ up () {
--volume /mammoth/mesh/filebeat/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro \ --volume /mammoth/mesh/filebeat/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro \
--network pew-net \ --network pew-net \
docker.elastic.co/beats/filebeat:8.15.2 docker.elastic.co/beats/filebeat:8.15.2
#
# docker run \ docker run \
# --detach \ --detach \
# --name mesh-lg \ --name mesh-lg \
# --volume /mammoth/mesh/logstash/pipeline:/usr/share/logstash/pipeline:ro \ --volume /mammoth/mesh/logstash/pipeline:/usr/share/logstash/pipeline:ro \
# --network pew-net \ --network pew-net \
# docker.elastic.co/logstash/logstash-oss:8.15.2 docker.elastic.co/logstash/logstash-oss:8.15.2
#
# docker run \ docker run \
# --detach \ --detach \
# --name mesh-gf \ --name mesh-gf \
# --user 1000 \ --user 1000 \
# --env GF_DOMAIN=mesh.caving.dev \ --env GF_DOMAIN=mesh.caving.dev \
# --env GF_SERVER_ROOT_URL=https://mesh.caving.dev \ --env GF_SERVER_ROOT_URL=https://mesh.caving.dev \
# --volume /mammoth/mesh/grafana/grafana:/var/lib/grafana:rw \ --volume /mammoth/mesh/grafana/grafana:/var/lib/grafana:rw \
# --network pew-net \ --network pew-net \
# grafana/grafana-oss:11.2.1 grafana/grafana-oss:11.2.1
} }
down () { down () {
# docker stop mesh-mq || true docker stop mesh-mq || true
# docker rm mesh-mq || true docker rm mesh-mq || true
docker stop mesh-es || true docker stop mesh-es || true
docker rm mesh-es || true docker rm mesh-es || true
docker stop mesh-kb || true docker stop mesh-kb || true
docker rm mesh-kb || true docker rm mesh-kb || true
# docker stop mesh-mc || true docker stop mesh-mc || true
# docker rm mesh-mc || true docker rm mesh-mc || true
docker stop mesh-fb || true docker stop mesh-fb || true
docker rm mesh-fb || true docker rm mesh-fb || true
docker stop mesh-lg || true docker stop mesh-lg || true

View File

@ -10,6 +10,7 @@ up () {
docker run \ docker run \
--detach \ --detach \
--name meshmap-db \ --name meshmap-db \
--restart unless-stopped \
--env MARIADB_DATABASE=meshtastic-map_db \ --env MARIADB_DATABASE=meshtastic-map_db \
--env MARIADB_ROOT_PASSWORD=meshtastic-map_pw \ --env MARIADB_ROOT_PASSWORD=meshtastic-map_pw \
--volume /mammoth/meshmap/db/mariadb:/bitnami/mariadb:rw \ --volume /mammoth/meshmap/db/mariadb:/bitnami/mariadb:rw \
@ -23,6 +24,8 @@ up () {
--detach \ --detach \
--name meshmap-mqtt \ --name meshmap-mqtt \
--env-file $HOME/scripts-private/lech/meshmap.env \ --env-file $HOME/scripts-private/lech/meshmap.env \
--restart unless-stopped \
--label com.centurylinklabs.watchtower.enable=false \
--env DATABASE_URL="mysql://root:meshtastic-map_pw@meshmap-db:3306/meshtastic-map_db?connection_limit=100" \ --env DATABASE_URL="mysql://root:meshtastic-map_pw@meshmap-db:3306/meshtastic-map_db?connection_limit=100" \
--network pew-net \ --network pew-net \
meshtastic-map:latest /app/docker/mqtt.sh meshtastic-map:latest /app/docker/mqtt.sh
@ -31,6 +34,8 @@ up () {
docker run \ docker run \
--detach \ --detach \
--name meshmap-map \ --name meshmap-map \
--restart unless-stopped \
--label com.centurylinklabs.watchtower.enable=false \
--env DATABASE_URL="mysql://root:meshtastic-map_pw@meshmap-db:3306/meshtastic-map_db?connection_limit=100" \ --env DATABASE_URL="mysql://root:meshtastic-map_pw@meshmap-db:3306/meshtastic-map_db?connection_limit=100" \
--network pew-net \ --network pew-net \
meshtastic-map:latest /app/docker/map.sh meshtastic-map:latest /app/docker/map.sh

36
lech/docker/netdata.sh Executable file
View File

@ -0,0 +1,36 @@
#!/bin/bash
set -e
up () {
docker run \
--name netdata \
--detach \
--restart unless-stopped \
--cap-add SYS_PTRACE \
--cap-add SYS_ADMIN \
--pid host \
--security-opt apparmor=unconfined \
--env-file $HOME/scripts-private/lech/netdata.env \
--volume /mammoth/netdata/netdata/etc/netdata:/etc/netdata:rw \
--volume /mammoth/netdata/netdata/var/lib/netdata:/var/lib/netdata:rw \
--volume /mammoth/netdata/netdata/var/cache/netdata:/var/cache/netdata:rw \
--volume /:/host/root:ro,rslave \
--volume /etc/group:/host/etc/group:ro \
--volume /etc/localtime:/etc/localtime:ro \
--volume /etc/os-release:/host/etc/os-release:ro \
--volume /etc/passwd:/host/etc/passwd:ro \
--volume /proc:/host/proc:ro \
--volume /sys:/host/sys:ro \
--volume /var/log:/host/var/log:ro \
--volume /var/run/docker.sock:/var/run/docker.sock:ro \
--network host \
netdata/netdata:stable
}
down () {
docker stop netdata || true
docker rm netdata || true
}
$@

View File

@ -37,12 +37,12 @@ up () {
} }
down () { down () {
docker stop pretix || true
docker rm pretix || true
docker stop pretix-db || true docker stop pretix-db || true
docker rm pretix-db || true docker rm pretix-db || true
docker stop pretix-redis || true docker stop pretix-redis || true
docker rm pretix-redis || true docker rm pretix-redis || true
docker stop pretix || true
docker rm pretix || true
} }

36
lech/docker/scrutiny.sh Executable file
View File

@ -0,0 +1,36 @@
#!/bin/bash
set -e
up () {
docker network create pew-net || true
# 8080 -> webapp
# 8086 -> influxdb admin
docker run \
--detach \
--name scrutiny \
--restart unless-stopped \
--cap-add SYS_RAWIO \
--device=/dev/sda \
--device=/dev/sdb \
--device=/dev/sdc \
--device=/dev/sdd \
--device=/dev/sde \
--device=/dev/sdf \
--device=/dev/sdg \
--device=/dev/sdh \
--device=/dev/sdi \
--volume /run/udev:/run/udev:ro \
--volume /mammoth/scrutiny/scrutiny/config:/opt/scrutiny/config:rw \
--volume /mammoth/scrutiny/influxdb:/opt/scrutiny/influxdb:rw \
--network pew-net \
ghcr.io/analogj/scrutiny:master-omnibus
}
down () {
docker stop scrutiny || true
docker rm scrutiny || true
}
$@

View File

@ -24,6 +24,22 @@ up () {
echo 'Waiting 5 seconds for mariadb to start up...' echo 'Waiting 5 seconds for mariadb to start up...'
sleep 5 sleep 5
docker run \
--name seafile-oodc \
--detach \
--restart unless-stopped \
--env DB_TYPE=mariadb \
--env DB_HOST=seafile-db \
--env DB_USER=root \
--env DB_PWD=seafile_pw \
--env JWT_ENABLED=true \
--env JWT_SECRET=notasecret \
--volume /mammoth/seafile/oodc/var/lib/openoffice:/var/lib/onlyoffice:rw \
--volume /mammoth/seafile/oodc/var/log/openoffice:/var/log/onlyoffice:rw \
--volume /mammoth/seafile/oodc/var/www/onlyoffice/Data:/var/www/onlyoffice/Data:rw \
--network pew-net \
onlyoffice/documentserver:8.1.0.1
# Exposed on port 80 in pew-net # Exposed on port 80 in pew-net
docker run \ docker run \
--detach \ --detach \
@ -41,12 +57,14 @@ up () {
} }
down () { down () {
docker stop seafile || true
docker rm seafile || true
docker stop seafile-db || true docker stop seafile-db || true
docker rm seafile-db || true docker rm seafile-db || true
docker stop seafile-mc || true docker stop seafile-mc || true
docker rm seafile-mc || true docker rm seafile-mc || true
docker stop seafile-oodc || true
docker rm seafile-oodc || true
docker stop seafile || true
docker rm seafile || true
} }