Trez/rinoa-docker
4
0
Fork 0
Code Issues 1 Pull Requests 9 Actions 2 Activity

Merge branch 'add-cloudflare-action-deployment'

Browse Source
This commit is contained in:
Trez.One
2025-01-03 15:59:05 -05:00
parent 7c46dd85f5 f2f6b32a34
commit e36149844c
2 changed files with 100 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/deployment.yml
+57 -4
View File
@@ -30,11 +30,11 @@ jobs:
with:
url: ${{ gitea.server_url }}
token: ${{ secrets.BOT_GITEA_TOKEN }}
assignee: ${{ gitea.actor }}
pr-label: 'auto-deploy-pr'
docker-compose-test:
name: Docker Compose Test
needs: [create-pr]
needs: [check-and-create-pr]
runs-on: ubuntu-latest
steps:
- name: Checkout
@@ -56,10 +56,64 @@ jobs:
env:
DOCKER_HOST: tcp://dockerproxy:2375
cloudflare-dns-setup:
name: Cloudflare DNS Setup
needs: [docker-compose-test]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install jq
uses: dcarbone/install-jq-action@v3.0.1
- name: Install yq
uses: dcarbone/install-yq-action@v1
- name: Install flarectl
uses: supplypike/setup-bin@v4
with:
uri: 'https://github.com/cloudflare/cloudflare-go/releases/download/v0.113.0/flarectl_0.113.0_linux_amd64.tar.gz'
name: 'flarectl'
version: '0.113.0'
- name: Grab Subdomains from Docker Compose & Cloudflare
id: grab-subdomains
env:
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
CF_API_EMAIL: ${{ secrets.CF_API_EMAIL }}
run: |
echo "Grabbing subdomains from docker-compose.yml..."
yq '.services[].labels.swag_url' docker-compose.yml | egrep -v 'null' | sed -e 's|"||g' | awk -F'.' '{print $1}' | sort > compose_subdomains.txt
echo "Grabbing subdomains from Cloudflare..."
flarectl --json dns list --zone "trez.wtf" --type=CNAME --content "trez.wtf" | jq '.[].Name' | sed -e 's|"||g' | awk -F"." '{print $1}' | sort > cloudflare_subdomains.txt
- name: Compare Subdomains
id: compare-subdomains
uses: LouisBrunner/diff-action@v2.2.0
with:
old: compose_subdomains.txt
new: cloudflare_subdomains.txt
mode: addition
tolerance: mixed-better
output: domain_compare.txt
- name: Create Subdomains
if: steps.compare-subdomains.outputs.output != ''
env:
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
CF_API_EMAIL: ${{ secrets.CF_API_EMAIL }}
run: |
cat domain_compare.txt | egrep '^-[a-z]' | sed -e 's|-||g' | while read -r subdomain; do
echo "Creating $subdomain.trez.wtf..."
flarectl dns create --zone "trez.wtf" --name "${subdomain}" --type=CNAME --content "trez.wtf"
done
merge-pr:
name: PR Merge
runs-on: ubuntu-latest
needs: [docker-compose-test]
if: ${{ always() }}
needs: [cloudflare-dns-setup]
steps:
- name: Checkout
uses: actions/checkout@v4
@@ -70,6 +124,5 @@ jobs:
chmod +x /usr/local/bin/tea
echo "Merging PR..."
tea login add --name gitea-rinoa --url ${{ vars.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
echo ${{ gitea.ref_name }}
pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ gitea.ref_name }} | awk -F, '{print $1}' | sed -e 's|"||g')
tea pr m --repo ${{ github.repository }} --title "${{ github.ref_name }} Auto Merge" --message "Merged by ${{ gitea.actor }}" --output table ${pr_index}
docker-compose.yml
+43 -49
View File
@@ -46,6 +46,18 @@ services:
homepage.widget.url: http://adguard:80
homepage.widget.username: admin
homepage.widget.password: ${ADGUARD_PASSWORD}
swag: enable
swag_proto: http
swag_url: adgh.${MY_TLD}
homepage.group: System Administration
homepage.name: AdGuard Home
homepage.icon: adguard-home.png
homepage.href: https://adgh.${MY_TLD}
homepage.description: Ad-blocking/DNS
homepage.widget.type: adguard
homepage.widget.url: http://adguard:80
homepage.widget.username: admin
homepage.widget.password: ${ADGUARD_PASSWORD}
networks:
default: null
ports:
@@ -474,6 +486,11 @@ services:
swag_url: bsky.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.url: https://bsky.${MY_TLD}
swag: enable
swag_port: 3000
swag_url: bsky.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.url: https://bsky.${MY_TLD}
restart: unless-stopped
volumes:
- type: bind
@@ -500,6 +517,10 @@ services:
swag_proto: http
swag_port: 3000
swag_url: browse.${MY_TLD}
swag: enable
swag_proto: http
swag_port: 3000
swag_url: browse.${MY_TLD}
networks:
default: null
restart: unless-stopped
@@ -691,7 +712,7 @@ services:
homepage.group: System Administration
homepage.name: Czkawka
homepage.href: https://czkawka.${MY_TLD}
homepage.icon: sh-czkawka.png
homepage.icon: /icons/czkawka.png
homepage.description: Smart file management
swag: enable
swag_port: 5800
@@ -2851,6 +2872,12 @@ services:
LLDAP_JWT_SECRET: ${LLDAP_JWT_SECRET}
LLDAP_KEY_SEED: ${LLDAP_KEY_SEED}
LLDAP_LDAP_BASE_DN: dc=trez,dc=wtf
UID: ${PUID}
GID: ${PGID}
TZ: ${TZ}
LLDAP_JWT_SECRET: ${LLDAP_JWT_SECRET}
LLDAP_KEY_SEED: ${LLDAP_KEY_SEED}
LLDAP_LDAP_BASE_DN: dc=trez,dc=wtf
image: lldap/lldap:stable
labels:
homepage.group: System Administration
@@ -3008,52 +3035,19 @@ services:
type: bind
bind:
create_host_path: true
mastodon:
container_name: mastodon
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
LOCAL_DOMAIN: trez.wtf
REDIS_HOST: redis
REDIS_PORT: 6379
DB_HOST: mastodon-pg-db
DB_USER: mastodon
DB_NAME: mastodon
DB_PASS: ${MASTODON_PG_DB_PASSWORD}
DB_PORT: 5432
ES_ENABLED: false
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY:
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY:
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT:
SECRET_KEY_BASE:
OTP_SECRET:
VAPID_PRIVATE_KEY:
VAPID_PUBLIC_KEY:
SMTP_SERVER: postal-smtp
SMTP_PORT: 25
SMTP_LOGIN: ${POSTAL_SMTP_AUTH_USER}
SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
SMTP_FROM_ADDRESS: noreply@trez.wtf
S3_ENABLED: true
S3_BUCKET: mastodon
AWS_ACCESS_KEY_ID: ${MASTODON_MINIO_ACCESS_KEY}
AWS_SECRET_ACCESS_KEY: ${MASTODON_MINIO_SECRET_KEY}
image: lscr.io/linuxserver/mastodon:latest
meshcentral:
container_name: meshcentral
image: ghcr.io/ylianst/meshcentral:master
labels:
swag: enable
swag_proto: http
swag_port: 5678
swag_url: mastodon.${MY_TLD}
swag.uptime-kuma.enabled: true
swag.uptime-kuma.monitor.url: https://mastodon.${MY_TLD}
homepage.group: Social
homepage.name: Mastodon
homepage.href: https://mastodon.${MY_TLD}
homepage.icon: mastodon.svg
homepage.description: Open-source social network
homepage.widget.type: mastodon
homepage.widget.url: http://mastodon
- homepage.group=System Administration
- homepage.name=MeshCentral
- homepage.href=https://mesh.${MY_TLD}
- homepage.icon=meshcentral.png
- homepage.description=
- swag=enable
- swag_proto=http
- swag_port=80
- swag_url=mesh.${MY_TLD}
ports:
- 9044:80
- 3444:443
@@ -4405,7 +4399,7 @@ services:
homepage.group: Servarr Stack
homepage.name: Sonashow
homepage.href: https://sonashow.${MY_TLD}
homepage.icon: sh-sonashow.png
homepage.icon: /icons/sonashow.png
homepage.description: TV show discovery based on library/tastes
swag: enable
swag_auth: authelia
@@ -4452,7 +4446,7 @@ services:
homepage.group: Downloaders
homepage.description: Modern client-server application for the Soulseek file-sharing network.
homepage.href: https://slsk.${MY_TLD}
homepage.icon: sh-slskd.svg
homepage.icon: /icons/slskd.png
swag: enable
swag_proto: http
swag_url: slsk.${MY_TLD}
@@ -6481,7 +6475,7 @@ services:
homepage.group: System Administration
homepage.name: WhoDB
homepage.href: https://dbs.${MY_TLD}
homepage.icon: sh-whodb.png
homepage.icon: /icons/whodb.png
homepage.description: Web-based DB management
swag: enable
swag_proto: http