Trez/paine-raspap
4
0
Fork 0
Code Issues 1 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Initial commit.

Browse Source
This commit is contained in:
Trez.One
2026-05-09 12:16:24 -04:00
commit 0348cf506b
8 changed files with 712 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/compose-services-readme.yml
+88
View File
@@ -0,0 +1,88 @@
name: List of Services README Generation
on:
schedule:
- cron: 30 */2 * * *
workflow_dispatch:
env:
HC_VAULT_VERSION: "1.21.4"
jobs:
readme-services:
name: Generate Services List
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
with:
ref: 'main'
submodules: true
- name: Install yq
uses: dcarbone/install-yq-action@4075b4dca348d74bd83f2bf82d30f25d7c54539b # v1.3.1
- name: Generate .env from Hashicorp Vault
uses: https://git.trez.wtf/Trez/hc-vault-env@main
with:
HC_VAULT_VERSION: ${{ env.HC_VAULT_VERSION }}
HC_VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
HC_VAULT_AUTH: token
HC_VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
HC_VAULT_SECRETS_PATH: rinoa-docker/env
- name: Find docker-compose YAML files
id: find-compose-files
run: |
COMPOSE_FILES=$(find . -type f -name "docker-compose*.yml" \
-a ! -name "*windows*" \
-a ! -name "*gui*" \
-a ! -name "*macos*" \
-a ! -name "*hivemind*" \
-a ! -name "*server*" \
| sort)
echo "compose_files<<EOF" >> "$GITHUB_OUTPUT"
echo "$COMPOSE_FILES" >> "$GITHUB_OUTPUT"
echo "EOF" >> "$GITHUB_OUTPUT"
echo "Found Compose files:"
echo "$COMPOSE_FILES"
- name: Generate combined service list
run: |
echo "Processing combined Compose files:"
echo "${{ steps.find-compose-files.outputs.compose_files }}"
docker_compose_args=""
while IFS= read -r f; do
[ -z "$f" ] && continue
docker_compose_args="$docker_compose_args -f $f"
done <<< "${{ steps.find-compose-files.outputs.compose_files }}"
echo "Running: docker compose --env-file .env $docker_compose_args config"
docker compose --env-file .env $docker_compose_args config > combined_compose.yml
echo "Extracting services..."
yq eval -o=json '.services | to_entries | map({"service": .key, "image": (.value.image | sub("@sha256:.*$"; "") // "N/A")})' combined_compose.yml > temp_services.json
jq -s add temp_services.json | jq 'unique_by(.service)' > services.json
- name: Generate Markdown Table
uses: gazab/create-markdown-table@6686233d7008e8d8b9d4bbdbfd1fb1ae510019f0 # v1.0.7
id: service-table
with:
file: ./services.json
- name: Regenerate README
run: |
echo "# List of Services" > README.md
echo -e "\n\n" >> README.md
echo "${{ steps.service-table.outputs.table }}" >> README.md
- name: Add/Commit README.md
id: commit-readme
uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4
with:
message: "chore: Update README"
add: "README.md"
.gitea/workflows/pr-docker-deploy.yml
+325
View File
@@ -0,0 +1,325 @@
name: Gitea Branch PR & Docker Deployment
on:
workflow_dispatch:
push:
branches-ignore:
- "main"
paths:
- "**/docker-compose.yml"
env:
HC_VAULT_VERSION: "1.21.4"
TEA_VERSION: "0.14.0"
jobs:
check-and-create-pr:
if: github.ref != 'refs/heads/main'
name: Check and Create PR
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
with:
fetch-depth: 1
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: PR Check @ Benedikta"
notification_message: "Checking for existing PR... 🔍"
- name: PR Check/Creation
uses: https://git.trez.wtf/Trez/gitea-auto-pr@main
with:
url: ${{ secrets.TREZ_GITEA_URL }}
token: ${{ secrets.BOT_GITEA_TOKEN }}
pr-label: docker-compose,manual
assignee: ${{ github.actor }}
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: PR Check @ Benedikta"
notification_message: "PR Check done 🎟️"
generate-service-list:
name: Generate list of added/modified/deleted services
runs-on: ubuntu-latest
needs: [check-and-create-pr]
outputs:
svc_deploy_list: ${{ steps.detect_services.outputs.docker_svc_list }}
steps:
- name: Checkout
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
- name: Fetch base branch
run: |
git fetch origin ${{ github.event.pull_request.base.ref }}
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: Services TBD"
notification_message: "Generating list of services to deploy..."
- name: Save both versions of docker-compose.yml
run: |
git show origin/main:docker-compose.yml > docker-compose-main.yml || touch docker-compose-main.yml
cp docker-compose.yml docker-compose-head.yml
- name: Detect added, deleted, and modified services
id: detect_services
run: |
echo "Getting services from main and ${{ github.ref_name }}"
yq '.services | keys | .[]' docker-compose-main.yml | sort > services_main.txt
yq '.services | keys | .[]' docker-compose-head.yml | sort > services_head.txt
echo "Creating list of modified services..."
touch service_changes.txt
comm -13 services_main.txt services_head.txt | while read service; do
echo "$service: added" >> service_changes.txt
done
comm -12 services_main.txt services_head.txt | while read service; do
yq ".services[\"$service\"]" docker-compose-main.yml > tmp_main.yml
yq ".services[\"$service\"]" docker-compose-head.yml > tmp_head.yml
if ! diff -q tmp_main.yml tmp_head.yml > /dev/null; then
echo "$service: modified" >> service_changes.txt
fi
done
echo "Detected service changes:"
cat service_changes.txt
mod_svcs=$(cut -d':' -f1 service_changes.txt | sort | uniq | tr '\n' ' ' | sed 's/ *$//')
echo "docker_svc_list<<EOF" >> "$GITHUB_OUTPUT"
echo "$mod_svcs" >> "$GITHUB_OUTPUT"
echo "EOF" >> "$GITHUB_OUTPUT"
- name: List of Services for (Re)Deployment
run: |
echo -e "${{ steps.detect_services.outputs.docker_svc_list }}"
docker-compose-dry-run:
name: Docker Compose Dry Run
needs: [generate-service-list]
runs-on: ubuntu-latest
outputs:
compose_file_list: ${{ steps.compose_file_list.outputs.compose_list }}
env:
VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
VAULT_NAMESPACE: ""
REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }}
DOCKER_SVC_LIST: ${{ needs.generate-service-list.outputs.svc_deploy_list }}
steps:
- name: Checkout
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
- name: Login to Docker Hub
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
env:
DOCKER_HOST: tcp://192.168.1.240:2375
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
env:
DOCKER_HOST: tcp://192.168.1.240:2375
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USER }}
password: ${{ secrets.GHCR_LOGIN_TOKEN }}
- name: Login to Private Gitea Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
env:
DOCKER_HOST: tcp://192.168.1.240:2375
with:
registry: git.trez.wtf
username: ${{ secrets.BOT_GITEA_USER }}
password: ${{ secrets.BOT_GITEA_PASSWORD }}
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: Docker Compose Dry Run @ Benedikta"
notification_message: "Starting Docker Compose dry run..."
- name: Get list of Compose files
id: compose_file_list
run: |
compose_list=$(find . -type f -name "docker-compose*.yml" \
-a ! -name "*windows*" \
-a ! -name "*gui*" \
-a ! -name "*macos*" \
-a ! -name "*hivemind*" \
-a ! -name "*server*" \
| sed -e ':a;N;$!ba;s/[\r\n]/ /g')
echo "compose_list=$compose_list" >> "$GITHUB_OUTPUT"
echo "Compose files: $compose_list"
- name: Generate .env from Hashicorp Vault
uses: https://git.trez.wtf/Trez/hc-vault-env@main
with:
HC_VAULT_VERSION: ${{ env.HC_VAULT_VERSION }}
HC_VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
HC_VAULT_AUTH: token
HC_VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
HC_VAULT_SECRETS_PATH: benedikta-docker/env
- name: Docker Compose Dry Run
uses: cssnr/stack-deploy-action@28c3c6f42b225af7100652b459621c0c966fd901 # v1.5.0
with:
mode: compose
file: ${{ steps.compose_file_list.outputs.compose_list }}
name: "benedikta"
host: 192.168.1.240
user: charish
ssh_key: ${{ secrets.RUNNER_SSH_PRIVATE_KEY }}
args: --remove-orphans --dry-run ${{ needs.generate-service-list.outputs.svc_deploy_list }}
env_file: ".env"
summary: true
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: Docker Compose Dry Run @ Benedikta"
notification_message: "Docker Compose dry run completed successfully."
pr-merge:
name: PR Merge
needs: [generate-service-list, docker-compose-dry-run]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
- name: Cache tea CLI
id: cache-tea
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
with:
path: /opt/hostedtoolcache/tea/${{ env.TEA_VERSION }}/x64
key: tea-${{ runner.os }}-${{ env.TEA_VERSION }}
- name: Install tea
uses: supplypike/setup-bin@8e3f88b4f143d9b5c3497f0fc12d45c83c123787 # v4.0.1
with:
uri: https://gitea.com/gitea/tea/releases/download/v${{ env.TEA_VERSION }}/tea-${{ env.TEA_VERSION }}-linux-amd64
name: tea
version: ${{ env.TEA_VERSION }}
- name: PR Merge
id: pr_merge
run: |
tea login add --name gitea-rinoa --url ${{ secrets.TREZ_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
tea login default gitea-rinoa
echo "Merging PR..."
pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ github.ref_name }} | awk -F"," '{print $1}' | sed -e 's|"||g')
tea pr m --repo ${{ github.repository }} --title "Auto Merge of PR ${pr_index} - ${{ github.ref_name }}" --message "Merged by ${{ github.actor }}" ${pr_index}
echo "pr_index=${pr_index}" >> $GITHUB_OUTPUT
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: PR Merge Successful"
notification_message: "PR #${{ steps.pr_merge.outputs.pr_index }} merged."
docker-compose-deploy:
name: Docker Compose Deployment
runs-on: ubuntu-latest
needs: [generate-service-list, docker-compose-dry-run, pr-merge]
env:
VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }}
steps:
- name: Checkout
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
with:
ref: main
- name: Login to Docker Hub
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
continue-on-error: true
env:
DOCKER_HOST: tcp://192.168.1.240:2375
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
continue-on-error: true
env:
DOCKER_HOST: tcp://192.168.1.240:2375
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USER }}
password: ${{ secrets.GHCR_LOGIN_TOKEN }}
- name: Login to Private Gitea Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
continue-on-error: true
env:
DOCKER_HOST: tcp://192.168.1.240:2375
with:
registry: git.trez.wtf
username: ${{ secrets.BOT_GITEA_USER }}
password: ${{ secrets.BOT_GITEA_PASSWORD }}
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: Docker Compose Deployment @ Benedikta"
notification_message: "Starting Docker Compose run..."
- name: Generate .env from Hashicorp Vault
uses: https://git.trez.wtf/Trez/hc-vault-env@main
with:
HC_VAULT_VERSION: ${{ env.HC_VAULT_VERSION }}
HC_VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
HC_VAULT_AUTH: token
HC_VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
HC_VAULT_SECRETS_PATH: benedikta-docker/env
- name: Docker Compose Deployment
uses: cssnr/stack-deploy-action@28c3c6f42b225af7100652b459621c0c966fd901 # v1.5.0
with:
mode: compose
file: ${{ needs.docker-compose-dry-run.outputs.compose_file_list }}
name: "benedikta"
host: 192.168.1.240
user: charish
ssh_key: ${{ secrets.RUNNER_SSH_PRIVATE_KEY }}
args: --remove-orphans ${{ needs.generate-service-list.outputs.svc_deploy_list }}
env_file: ".env"
summary: true
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: Docker Compose Deployment @ Benedikta"
notification_message: "Deployment completed successfully."
.gitea/workflows/renovate-pr-deploy.yml
+133
View File
@@ -0,0 +1,133 @@
name: Renovate PR Deployment
on:
workflow_dispatch:
pull_request:
types: [closed]
branches:
- main
paths:
- "**/docker-compose*.yml"
env:
VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
HC_VAULT_VERSION: "1.21.4"
jobs:
deploy:
name: Renovate PR Deployment
if: |
github.event.pull_request.merged == true &&
github.event.pull_request.user.login == 'renovate-bot'
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
with:
fetch-depth: 0
- name: Save docker-compose.yml after merge (new)
run: |
git show origin/main:docker-compose.yml > docker-compose-new.yml
- name: Detect services with image tag/digest changes
id: detect_services
run: |
set -euo pipefail
echo "Flattening docker-compose files..."
yq eval '... comments=""' docker-compose-old.yml > docker-compose-old-flat.yml
yq eval '... comments=""' docker-compose-new.yml > docker-compose-new-flat.yml
echo "Getting service names..."
yq eval '.services | keys | .[]' docker-compose-old-flat.yml | sort > services_old.txt
yq eval '.services | keys | .[]' docker-compose-new-flat.yml | sort > services_new.txt
echo "Checking for image changes..."
: > service_changes.txt
comm -12 services_old.txt services_new.txt | while read service; do
old_image=$(yq eval-all --yaml-fix-merge-anchor-to-spec=true ".services[\"$service\"].image // \"\"" docker-compose-old-flat.yml)
new_image=$(yq eval-all --yaml-fix-merge-anchor-to-spec=true ".services[\"$service\"].image // \"\"" docker-compose-new-flat.yml)
if [ "$old_image" != "$new_image" ]; then
echo "$service" >> service_changes.txt
fi
done
echo "Detected services with changed images:"
cat service_changes.txt || true
# Prepare multiline output for GitHub Actions
echo "docker_svc_list<<EOF" >> "$GITHUB_OUTPUT"
sort -u service_changes.txt >> "$GITHUB_OUTPUT"
echo "EOF" >> "$GITHUB_OUTPUT"
- name: List of Services for (Re)Deployment
run: |
echo -e "${{ steps.services.outputs.docker_svc_list }}"
- name: Login to Docker Hub
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
env:
DOCKER_HOST: tcp://192.168.1.240:2375
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
env:
DOCKER_HOST: tcp://192.168.1.240:2375
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USER }}
password: ${{ secrets.GHCR_LOGIN_TOKEN }}
- name: Login to Private Gitea Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
env:
DOCKER_HOST: tcp://192.168.1.240:2375
with:
registry: git.trez.wtf
username: ${{ secrets.BOT_GITEA_USER }}
password: ${{ secrets.BOT_GITEA_PASSWORD }}
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: [RENOVATE] Docker Compose Deployment @ Benedikta"
notification_message: "Starting Docker Compose run..."
- name: Generate .env from Hashicorp Vault
uses: https://git.trez.wtf/Trez/hc-vault-env@main
with:
HC_VAULT_VERSION: ${{ env.HC_VAULT_VERSION }}
HC_VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
HC_VAULT_AUTH: token
HC_VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
HC_VAULT_SECRETS_PATH: benedikta-docker/env
- name: Docker Compose Deployment
uses: cssnr/stack-deploy-action@28c3c6f42b225af7100652b459621c0c966fd901 # v1.5.0
with:
mode: compose
file: ${{ steps.compose_file_list.outputs.compose_list }}
name: "benedikta"
host: 192.168.1.250
user: charish
ssh_key: ${{ secrets.RUNNER_SSH_PRIVATE_KEY }}
args: --remove-orphans ${{ steps.services.outputs.docker_svc_list }}
env_file: ".env"
summary: true
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: [RENOVATE] Docker Compose Deployment @ Benedikta"
notification_message: "Deployment completed successfully."
.gitea/workflows/renovate.yml
+65
View File
@@ -0,0 +1,65 @@
name: Renovate
on:
schedule:
- cron: "0/30 * * * *"
workflow_dispatch:
env:
RENOVATE_VERSION: "42.50.3"
jobs:
renovate:
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
- name: Renovate Run
env:
DOCKER_HOST: tcp://dockerproxy:2375
RENOVATE_PLATFORM: gitea
RENOVATE_ENDPOINT: https://git.trez.wtf/api/v1
RENOVATE_TOKEN: ${{ secrets.RENOVATE_BOT_TOKEN }}
LOG_LEVEL: ${{ vars.RENOVATE_LOG_LEVEL }}
RENOVATE_GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_TOKEN }}
RENOVATE_CONFIG_FILE: renovate.json
RENOVATE_REPOSITORIES: trez/benedikta-ovos
RENOVATE_HOST_RULES: |
[
{
"description": "Docker Hub authentication",
"hostType": "docker",
"matchHost": "docker.io",
"username": "${{ secrets.DOCKERHUB_USER }}",
"password": "${{ secrets.DOCKERHUB_PASSWORD }}"
},
{
"description": "GitHub Container Registry (GHCR)",
"hostType": "docker",
"matchHost": "ghcr.io",
"username": "${{ secrets.GHCR_USER }}",
"password": "${{ secrets.GHCR_LOGIN_TOKEN }}"
},
{
"description": "Self-hosted Gitea Docker Registry",
"hostType": "docker",
"matchHost": "git.trez.wtf",
"username": "${{ secrets.BOT_GITEA_USER }}",
"password": "${{ secrets.BOT_GITEA_PASSWORD }}"
}
]
run: |
docker run --rm \
-e RENOVATE_PLATFORM \
-e RENOVATE_ENDPOINT \
-e RENOVATE_TOKEN \
-e LOG_LEVEL \
-e RENOVATE_GITHUB_COM_TOKEN \
-e RENOVATE_CONFIG_FILE \
-e RENOVATE_REPOSITORIES \
-e RENOVATE_HOST_RULES \
--volumes-from ${{ env.JOB_CONTAINER_NAME }} \
-w ${GITHUB_WORKSPACE} \
renovate/renovate:${{ env.RENOVATE_VERSION }}-full
.gitignore
+2
View File
@@ -0,0 +1,2 @@
**/.env
**/.cache_ggshield
README.md
View File
docker-compose.yml
+92
View File
@@ -0,0 +1,92 @@
name: paine
services:
beszel-agent:
container_name: beszel-agent
environment:
LISTEN: 45876
KEY: ${BESZEL_PAINE_AGENT_KEY}
TOKEN: ${BESZEL_PAINE_TOKEN}
HUB_URL: http://192.168.1.254:22220
expose:
- 45876
image: henrygd/beszel-agent:latest@sha256:8874e2c53f9de5e063a6a80d6b617e20fa593ac5dc4eb4c6ce1f912f510f38f8
network_mode: host
restart: unless-stopped
volumes:
- beszel-agent-data:/var/lib/beszel-agent
- /var/run/docker.sock:/var/run/docker.sock:ro
- /dev/mmcblk0:/extra-filesystems/dev/mmcblk0:ro
docker-socket-proxy:
container_name: dockerproxy
environment:
AUTH: 1
BUILD: 1
COMMIT: 1
CONFIGS: 1
CONTAINERS: 1
DISTRIBUTION: 1
EVENTS: 1
EXEC: 1
GPRC: 1
IMAGES: 1
INFO: 1
NETWORKS: 1
NODES: 1
POST: 1
PLUGINS: 1
SERVICES: 1
SESSION: 1
SYSTEM: 1
TASKS: 1
VOLUMES: 1
LOG_LEVEL: debug
image: ghcr.io/tecnativa/docker-socket-proxy:latest@sha256:1f3a6f303320723d199d2316a3e82b2e2685d86c275d5e3deeaf182573b47476
ports:
- 2375:2375
privileged: true
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
portainer-agent:
container_name: portainer_agent
image: portainer/agent:latest@sha256:7af856876dcb2778108bf6846f3da31b176443db90e3de31fcfdf17e5ab7857e
volumes:
- /:/host
- /var/lib/docker/volumes:/var/lib/docker/volumes
- /var/run/docker.sock:/var/run/docker.sock
restart: always
ports:
- 9001:9001
raspap:
container_name: raspap
image: ghcr.io/raspap/raspap-docker:latest
ports:
- "8081:8081"
privileged: true
network_mode: host
cgroup: host
environment:
RASPAP_SSID: raspap-webgui
RASPAP_SSID_PASS: ${RASPAP_SSID_PASS}
RASPAP_COUNTRY: US
RASPAP_WEBGUI_USER: admin
RASPAP_WEBGUI_PASS: ${RASPAP_WEBGUI_PASS}
RASPAP_WEBGUI_PORT: 8081
cap_add:
- SYS_ADMIN
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw
restart: unless-stopped
signoz-logspout:
command: signoz://192.168.1.254:8082
container_name: signoz-logspout
environment:
ENV: prod
SIGNOZ_LOG_ENDPOINT: http://192.168.1.254:8082
image: pavanputhra/logspout-signoz@sha256:6da8ce12279a5262de8b2d5c083ce82d4c878c4eab702b4d328afe147ed7553b
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
volumes:
beszel-agent-data:
name: beszel-agent-data
renovate.json
+7
View File
@@ -0,0 +1,7 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": ["local>trez/renovate-config"],
"git-submodules": {
"enabled": true
}
}