Compare commits
23 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Trez.One
|
c195968e04 | ||
|
Trez.One
|
346677c903 | ||
|
Trez.One
|
ebb61cd0e4 | ||
|
Trez.One
|
040251b3e0 | ||
|
Trez.One
|
31b61fb4a2 | ||
|
Trez.One
|
6920ff6201 | ||
|
Trez.One
|
daff8cac33 | ||
|
Trez.One
|
6e34477f15 | ||
|
Trez.One
|
af67babef5 | ||
|
Trez.One
|
29308c6220 | ||
|
Trez.One
|
18700d3b95 | ||
|
Trez.One
|
5fa8a8229e | ||
|
Trez.One
|
087c5ed5e0 | ||
|
Trez.One
|
fe67a6fa73 | ||
|
Trez.One
|
58fcdb870d | ||
|
Trez.One
|
ab3630f2bd | ||
|
Trez.One
|
dc999a8a34 | ||
|
Trez.One
|
9a6fb3a34e | ||
|
Trez.One
|
34d1f3c214 | ||
|
Trez.One
|
13d3341597 | ||
 gitea-sonarqube-bot
|
cdcf86a1a1 | ||
 Trez.One
|
5a71cb877d | ||
|
Trez.One
|
7e332e413e |
@@ -0,0 +1,192 @@
|
|||||||
|
name: Gitea Branch PR & Ansible Deployment
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches-ignore:
|
||||||
|
- 'main'
|
||||||
|
paths:
|
||||||
|
- '**.j2'
|
||||||
|
- 'ansible/**.yml'
|
||||||
|
jobs:
|
||||||
|
check-and-create-pr:
|
||||||
|
if: github.ref != 'refs/heads/main'
|
||||||
|
name: Check and Create PR
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout Code
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
fetch-depth: 1
|
||||||
|
- name: Cache tea CLI
|
||||||
|
id: cache-tea
|
||||||
|
uses: actions/cache@v4
|
||||||
|
with:
|
||||||
|
path: /opt/hostedtoolcache/tea/0.9.2/x64
|
||||||
|
key: tea-${{ runner.os }}-0.9.2
|
||||||
|
- name: Install tea
|
||||||
|
uses: supplypike/setup-bin@v4
|
||||||
|
with:
|
||||||
|
uri: 'https://gitea.com/gitea/tea/releases/download/v0.9.2/tea-0.9.2-linux-amd64'
|
||||||
|
name: 'tea'
|
||||||
|
version: '0.9.2'
|
||||||
|
- name: Gotify Notification
|
||||||
|
uses: eikendev/gotify-action@master
|
||||||
|
with:
|
||||||
|
gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
|
||||||
|
gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
||||||
|
notification_title: 'GITEA: PR Check'
|
||||||
|
notification_message: 'Checking for existing PR... 🔍'
|
||||||
|
- name: Check if open PR exists
|
||||||
|
id: check-opened-pr-step
|
||||||
|
continue-on-error: true
|
||||||
|
run: |
|
||||||
|
tea login add --name gitea-rinoa --url "${{ secrets.RINOA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
|
||||||
|
pr_exists=$(tea pr list --repo ${{ github.repository }} --state open --fields index,title,head | egrep ${{ github.ref_name }} | tail -1 | wc -l)
|
||||||
|
echo "exists=$pr_exists" >> $GITHUB_OUTPUT
|
||||||
|
- name: Create PR
|
||||||
|
if: ${{ steps.check-opened-pr-step.outputs.exists == '0' }}
|
||||||
|
run: |
|
||||||
|
tea login default gitea-rinoa
|
||||||
|
pr_index_old=$(tea pr ls --repo ${{ github.repository }} --state all --fields index,title,head --output csv | sed -e 's|"||g' | egrep '^[0-9]' | head -1 | awk -F"," '{print $1}')
|
||||||
|
pr_index_new=$(expr ${pr_index_old} + 1)
|
||||||
|
tea pr c -r ${{ github.repository }} -t "Automated PR for ${{ github.ref_name }} - #${pr_index_new}" -d "Automatically created PR for branch: ${{ github.ref_name }}" -a ${{ github.actor }} -L "Docker Compose, Ansible Configs.j2"
|
||||||
|
- name: Gotify Notification
|
||||||
|
uses: eikendev/gotify-action@master
|
||||||
|
with:
|
||||||
|
gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
|
||||||
|
gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
||||||
|
notification_title: 'GITEA: PR Check'
|
||||||
|
notification_message: 'PR Created 🎟️'
|
||||||
|
ansible-linting:
|
||||||
|
name: Docker Compose & Ansible Lints
|
||||||
|
needs: [check-and-create-pr]
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
env:
|
||||||
|
VAULT_ADDR: ${{ secrets.RINOA_VAULT_ADDR }}
|
||||||
|
VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
|
||||||
|
VAULT_NAMESPACE: ""
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
- name: Fetch base branch
|
||||||
|
run: |
|
||||||
|
git fetch origin ${{ github.event.pull_request.base.ref }}
|
||||||
|
- name: Cache Ansible Galaxy Collections
|
||||||
|
uses: actions/cache@v3
|
||||||
|
with:
|
||||||
|
path: ansible/collections
|
||||||
|
key: ${{ runner.os }}-ansible-${{ hashFiles('./ansible/collections/requirements.yml') }}
|
||||||
|
restore-keys: |
|
||||||
|
${{ runner.os }}-ansible-
|
||||||
|
- name: Install Ansible
|
||||||
|
uses: alex-oleshkevich/setup-ansible@v1.0.1
|
||||||
|
with:
|
||||||
|
version: "11.0.0"
|
||||||
|
- name: Install Vault
|
||||||
|
uses: cpanato/vault-installer@main
|
||||||
|
- name: Install hvac
|
||||||
|
run: pip install hvac
|
||||||
|
- name: Gotify Notification
|
||||||
|
uses: eikendev/gotify-action@master
|
||||||
|
with:
|
||||||
|
gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
|
||||||
|
gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
||||||
|
notification_title: 'GITEA: Ansible Config Dry Run @ Rinoa'
|
||||||
|
notification_message: 'Starting Ansible dry run...'
|
||||||
|
- name: Ansible Playbook Dry Run
|
||||||
|
uses: arillso/action.playbook@0.1.0
|
||||||
|
with:
|
||||||
|
check: true
|
||||||
|
galaxy_collections_path: ansible/collections
|
||||||
|
galaxy_requirements_file: ansible/collections/requirements.yml
|
||||||
|
inventory: ansible/inventory/hosts.yml
|
||||||
|
playbook: ansible/docker_config_deploy.yml
|
||||||
|
private_key: ${{ secrets.RINOA_ANSIBLE_PRIVATE_KEY }}
|
||||||
|
vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }}
|
||||||
|
verbose: 0
|
||||||
|
- name: Gotify Notification
|
||||||
|
uses: eikendev/gotify-action@master
|
||||||
|
with:
|
||||||
|
gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
|
||||||
|
gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
||||||
|
notification_title: 'GITEA: Docker Compose Dry Run @ Rinoa'
|
||||||
|
notification_message: 'Docker Compose dry run completed successfully.'
|
||||||
|
pr-merge:
|
||||||
|
name: PR Merge
|
||||||
|
needs: [regenerate-readme-modified-services]
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
- name: Install tea
|
||||||
|
uses: supplypike/setup-bin@v4
|
||||||
|
with:
|
||||||
|
uri: 'https://gitea.com/gitea/tea/releases/download/v0.9.2/tea-0.9.2-linux-amd64'
|
||||||
|
name: 'tea'
|
||||||
|
version: '0.9.2'
|
||||||
|
- name: PR Merge
|
||||||
|
id: pr_merge
|
||||||
|
run: |
|
||||||
|
tea login add --name gitea-rinoa --url ${{ secrets.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
|
||||||
|
tea login default gitea-rinoa
|
||||||
|
echo "Merging PR..."
|
||||||
|
pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ github.ref_name }} | awk -F"," '{print $1}' | sed -e 's|"||g')
|
||||||
|
tea pr m --repo ${{ github.repository }} --title "Auto Merge of PR ${pr_index} - ${{ github.ref_name }}" --message "Merged by ${{ github.actor }}" ${pr_index}
|
||||||
|
echo "pr_index=${pr_index}" >> $GITHUB_OUTPUT
|
||||||
|
- name: Gotify Notification
|
||||||
|
uses: eikendev/gotify-action@master
|
||||||
|
with:
|
||||||
|
gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
|
||||||
|
gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
||||||
|
notification_title: 'GITEA: PR Merge Successful'
|
||||||
|
notification_message: 'PR #${{ steps.pr_merge.outputs.pr_index }} merged.'
|
||||||
|
ansible-config-docker-compose-deploy:
|
||||||
|
name: Ansible Configs & Docker Compose Deployment
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
needs: [pr-merge]
|
||||||
|
env:
|
||||||
|
VAULT_ADDR: ${{ secrets.RINOA_VAULT_ADDR }}
|
||||||
|
VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
|
||||||
|
DOCKER_HOST: tcp://dockerproxy:2375
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
ref: main
|
||||||
|
- name: Cache Vault install
|
||||||
|
id: cache-vault
|
||||||
|
uses: actions/cache@v4
|
||||||
|
with:
|
||||||
|
path: /opt/hostedtoolcache/vault/1.18.0/x64
|
||||||
|
key: vault-${{ runner.os }}-1.18.0
|
||||||
|
- name: Install Ansible
|
||||||
|
uses: alex-oleshkevich/setup-ansible@v1.0.1
|
||||||
|
with:
|
||||||
|
version: "11.0.0"
|
||||||
|
- name: Install Vault
|
||||||
|
uses: cpanato/vault-installer@main
|
||||||
|
- name: Install hvac
|
||||||
|
run: pip install hvac
|
||||||
|
- name: Gotify Notification
|
||||||
|
uses: eikendev/gotify-action@master
|
||||||
|
with:
|
||||||
|
gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
|
||||||
|
gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
||||||
|
notification_title: 'GITEA: Ansible Config Deployment @ Rinoa'
|
||||||
|
notification_message: 'Starting config deployment with Ansible...'
|
||||||
|
- name: Ansible Playbook Dry Run
|
||||||
|
uses: arillso/action.playbook@0.1.0
|
||||||
|
with:
|
||||||
|
check: false
|
||||||
|
galaxy_collections_path: ansible/collections
|
||||||
|
galaxy_requirements_file: ansible/collections/requirements.yml
|
||||||
|
inventory: ansible/inventory/hosts.yml
|
||||||
|
playbook: ansible/docker_config_deploy.yml
|
||||||
|
private_key: ${{ secrets.RINOA_ANSIBLE_PRIVATE_KEY }}
|
||||||
|
vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }}
|
||||||
|
- name: Gotify Notification
|
||||||
|
uses: eikendev/gotify-action@master
|
||||||
|
with:
|
||||||
|
gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
|
||||||
|
gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
||||||
|
notification_title: 'GITEA: Ansible Config Deployment @ Rinoa'
|
||||||
|
notification_message: 'Deployment completed successfully.'
|
||||||
@@ -1,10 +1,10 @@
|
|||||||
name: Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment
|
name: Gitea Branch PR, Cloudflare DNS, README generation, & Docker Deployment
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches-ignore:
|
branches-ignore:
|
||||||
- 'main'
|
- 'main'
|
||||||
paths:
|
paths:
|
||||||
- '**.yml'
|
- '**/docker-compose.yml'
|
||||||
- '!ansible/**.yml'
|
- '!ansible/**.yml'
|
||||||
jobs:
|
jobs:
|
||||||
check-and-create-pr:
|
check-and-create-pr:
|
||||||
@@ -74,10 +74,6 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
git show origin/main:docker-compose.yml > docker-compose-main.yml || touch docker-compose-main.yml
|
git show origin/main:docker-compose.yml > docker-compose-main.yml || touch docker-compose-main.yml
|
||||||
cp docker-compose.yml docker-compose-head.yml
|
cp docker-compose.yml docker-compose-head.yml
|
||||||
# - name: Compare Docker Compose changes
|
|
||||||
# run: |
|
|
||||||
# git show origin/main:docker-compose.yml > docker-compose-main.yml || touch docker-compose-main.yml
|
|
||||||
# cp docker-compose.yml docker-compose-head.yml
|
|
||||||
- name: Detect added, deleted, and modified services
|
- name: Detect added, deleted, and modified services
|
||||||
id: detect_services
|
id: detect_services
|
||||||
run: |
|
run: |
|
||||||
@@ -105,39 +101,8 @@ jobs:
|
|||||||
|
|
||||||
svc_list=$(paste -sd '|' service_changes.txt)
|
svc_list=$(paste -sd '|' service_changes.txt)
|
||||||
echo "classified_services=$svc_list" >> "$GITHUB_OUTPUT"
|
echo "classified_services=$svc_list" >> "$GITHUB_OUTPUT"
|
||||||
# - name: Cache Ansible Galaxy Collections
|
|
||||||
# uses: actions/cache@v3
|
|
||||||
# with:
|
|
||||||
# path: ansible/collections
|
|
||||||
# key: ${{ runner.os }}-ansible-${{ hashFiles('./ansible/collections/requirements.yml') }}
|
|
||||||
# restore-keys: |
|
|
||||||
# ${{ runner.os }}-ansible-
|
|
||||||
# - name: Install Ansible
|
|
||||||
# uses: alex-oleshkevich/setup-ansible@v1.0.1
|
|
||||||
# with:
|
|
||||||
# version: "11.0.0"
|
|
||||||
- name: Install Vault
|
- name: Install Vault
|
||||||
uses: cpanato/vault-installer@main
|
uses: cpanato/vault-installer@main
|
||||||
# - name: Install hvac
|
|
||||||
# run: pip install hvac
|
|
||||||
# - name: Gotify Notification
|
|
||||||
# uses: eikendev/gotify-action@master
|
|
||||||
# with:
|
|
||||||
# gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
|
|
||||||
# gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
|
||||||
# notification_title: 'GITEA: Ansible Config Dry Run @ Rinoa'
|
|
||||||
# notification_message: 'Starting Ansible dry run...'
|
|
||||||
# - name: Ansible Playbook Dry Run
|
|
||||||
# uses: arillso/action.playbook@0.1.0
|
|
||||||
# with:
|
|
||||||
# check: true
|
|
||||||
# galaxy_collections_path: ansible/collections
|
|
||||||
# galaxy_requirements_file: ansible/collections/requirements.yml
|
|
||||||
# inventory: ansible/inventory/hosts.yml
|
|
||||||
# playbook: ansible/docker_config_deploy.yml
|
|
||||||
# private_key: ${{ secrets.RINOA_ANSIBLE_PRIVATE_KEY }}
|
|
||||||
# vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }}
|
|
||||||
# verbose: 0
|
|
||||||
- name: Gotify Notification
|
- name: Gotify Notification
|
||||||
uses: eikendev/gotify-action@master
|
uses: eikendev/gotify-action@master
|
||||||
with:
|
with:
|
||||||
@@ -250,28 +215,11 @@ jobs:
|
|||||||
name: Update README & Generate List of Modified Services
|
name: Update README & Generate List of Modified Services
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
needs: [cloudflare-dns-setup]
|
needs: [cloudflare-dns-setup]
|
||||||
# outputs:
|
|
||||||
# pr-pushed: ${{ steps.commit-readme.outputs.pushed }}
|
|
||||||
# modified_services: ${{ steps.compare-services.outputs.modified_services }}
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
- name: Install yq
|
- name: Install yq
|
||||||
uses: dcarbone/install-yq-action@v1
|
uses: dcarbone/install-yq-action@v1
|
||||||
# - name: Fetch main branch for comparison
|
|
||||||
# run: |
|
|
||||||
# git fetch origin main:main
|
|
||||||
# - name: Compare services using yq
|
|
||||||
# continue-on-error: true
|
|
||||||
# id: compare-services
|
|
||||||
# run: |
|
|
||||||
# current_services=$(yq '.services | to_entries' docker-compose.yml)
|
|
||||||
# git show main:docker-compose.yml > main_compose.yml
|
|
||||||
# main_services=$(yq '.services | to_entries' main_compose.yml)
|
|
||||||
# modified_services_file=$(comm -13 <(echo "$main_services") <(echo "$current_services") > changes_compose.yml)
|
|
||||||
# modified_services=${egrep '^ [a-z]' changes.yml | sed -e 's|^ ||g' -e 's|:||g' | sed ':a;N;$!ba;s/\n/ /g'}
|
|
||||||
# echo "Modified services: $modified_services"
|
|
||||||
# echo "modified_services=$modified_services" >> $GITHUB_OUTPUT
|
|
||||||
- name: Gotify Notification
|
- name: Gotify Notification
|
||||||
uses: eikendev/gotify-action@master
|
uses: eikendev/gotify-action@master
|
||||||
with:
|
with:
|
||||||
@@ -365,32 +313,6 @@ jobs:
|
|||||||
registry: git.trez.wtf
|
registry: git.trez.wtf
|
||||||
username: gitea-sonarqube-bot
|
username: gitea-sonarqube-bot
|
||||||
password: ${{ secrets.BOT_GITEA_TOKEN }}
|
password: ${{ secrets.BOT_GITEA_TOKEN }}
|
||||||
- name: Install hvac
|
|
||||||
run: pip install hvac
|
|
||||||
- name: Gotify Notification
|
|
||||||
uses: eikendev/gotify-action@master
|
|
||||||
with:
|
|
||||||
gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
|
|
||||||
gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
|
||||||
notification_title: 'GITEA: Ansible Config Deployment @ Rinoa'
|
|
||||||
notification_message: 'Starting config deployment with Ansible.'
|
|
||||||
- name: Deploy Docker Configs via Ansible
|
|
||||||
uses: dawidd6/action-ansible-playbook@v2
|
|
||||||
with:
|
|
||||||
directory: ansible/
|
|
||||||
playbook: docker_config_deploy.yml
|
|
||||||
key: ${{secrets.RINOA_ANSIBLE_PRIVATE_KEY}}
|
|
||||||
options: |
|
|
||||||
--inventory inventory/hosts.yml
|
|
||||||
requirements: collections/requirements.yml
|
|
||||||
vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }}
|
|
||||||
- name: Gotify Notification
|
|
||||||
uses: eikendev/gotify-action@master
|
|
||||||
with:
|
|
||||||
gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
|
|
||||||
gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
|
||||||
notification_title: 'GITEA: Ansible Config Deployment @ Rinoa'
|
|
||||||
notification_message: 'Deployment completed successfully.'
|
|
||||||
- name: Gotify Notification
|
- name: Gotify Notification
|
||||||
uses: eikendev/gotify-action@master
|
uses: eikendev/gotify-action@master
|
||||||
with:
|
with:
|
||||||
|
|||||||
@@ -23,6 +23,6 @@ jobs:
|
|||||||
uses: cpanato/vault-installer@main
|
uses: cpanato/vault-installer@main
|
||||||
- name: Unseal Vault
|
- name: Unseal Vault
|
||||||
run: |
|
run: |
|
||||||
for vault_shard in $(cat ${VAULT_SHARDS}); do
|
for vault_shard in $(echo ${VAULT_SHARDS}); do
|
||||||
vault operator unseal -address=${VAULT_ADDR} -non-interactive "${vault_shard}"
|
vault operator unseal -address=${VAULT_ADDR} -non-interactive "${vault_shard}"
|
||||||
done
|
done
|
||||||
@@ -19,7 +19,6 @@
|
|||||||
| bitwarden | vaultwarden/server:latest |
|
| bitwarden | vaultwarden/server:latest |
|
||||||
| bluesky-pds | code.modernleft.org/gravityfargo/bluesky-pds:v0.4.98 |
|
| bluesky-pds | code.modernleft.org/gravityfargo/bluesky-pds:v0.4.98 |
|
||||||
| browserless | ghcr.io/browserless/chromium:latest |
|
| browserless | ghcr.io/browserless/chromium:latest |
|
||||||
| bytebase | bytebase/bytebase:3.5.0 |
|
|
||||||
| bytestash | ghcr.io/jordan-dalby/bytestash:latest |
|
| bytestash | ghcr.io/jordan-dalby/bytestash:latest |
|
||||||
| castopod | castopod/castopod:latest |
|
| castopod | castopod/castopod:latest |
|
||||||
| cloudflared | cloudflare/cloudflared:latest |
|
| cloudflared | cloudflare/cloudflared:latest |
|
||||||
@@ -33,10 +32,11 @@
|
|||||||
| dawarich-app | freikin/dawarich:latest |
|
| dawarich-app | freikin/dawarich:latest |
|
||||||
| dawarich-pg-db | postgis/postgis:17-3.5-alpine |
|
| dawarich-pg-db | postgis/postgis:17-3.5-alpine |
|
||||||
| dawarich-sidekiq | freikin/dawarich:latest |
|
| dawarich-sidekiq | freikin/dawarich:latest |
|
||||||
|
| dead-man-hand | ghcr.io/bkupidura/dead-man-hand:latest |
|
||||||
| delugevpn | ghcr.io/binhex/arch-delugevpn:latest |
|
| delugevpn | ghcr.io/binhex/arch-delugevpn:latest |
|
||||||
| docker-socket-proxy | ghcr.io/tecnativa/docker-socket-proxy:latest |
|
| docker-socket-proxy | ghcr.io/tecnativa/docker-socket-proxy:latest |
|
||||||
| docker-volume-backup | offen/docker-volume-backup:v2 |
|
|
||||||
| duplicati | lscr.io/linuxserver/duplicati:latest |
|
| duplicati | lscr.io/linuxserver/duplicati:latest |
|
||||||
|
| excalidraw | excalidraw/excalidraw:latest |
|
||||||
| explo | ghcr.io/lumepart/explo:latest |
|
| explo | ghcr.io/lumepart/explo:latest |
|
||||||
| fastenhealth | ghcr.io/fastenhealth/fasten-onprem:main |
|
| fastenhealth | ghcr.io/fastenhealth/fasten-onprem:main |
|
||||||
| flaresolverr | ghcr.io/flaresolverr/flaresolverr:latest |
|
| flaresolverr | ghcr.io/flaresolverr/flaresolverr:latest |
|
||||||
@@ -61,6 +61,8 @@
|
|||||||
| invidious | quay.io/invidious/invidious:latest |
|
| invidious | quay.io/invidious/invidious:latest |
|
||||||
| invidious-sig-helper | quay.io/invidious/inv-sig-helper:latest |
|
| invidious-sig-helper | quay.io/invidious/inv-sig-helper:latest |
|
||||||
| invidious-db | docker.io/library/postgres:14 |
|
| invidious-db | docker.io/library/postgres:14 |
|
||||||
|
| invoice-ninja | invoiceninja/invoiceninja-debian:5 |
|
||||||
|
| invoice-ninja_proxy | nginx |
|
||||||
| it-tools | ghcr.io/corentinth/it-tools:latest |
|
| it-tools | ghcr.io/corentinth/it-tools:latest |
|
||||||
| jellyfin | jellyfin/jellyfin |
|
| jellyfin | jellyfin/jellyfin |
|
||||||
| jitsi-etherpad | etherpad/etherpad:1.8.6 |
|
| jitsi-etherpad | etherpad/etherpad:1.8.6 |
|
||||||
@@ -72,6 +74,7 @@
|
|||||||
| jitsi-web | jitsi/web:stable |
|
| jitsi-web | jitsi/web:stable |
|
||||||
| joplin-db | postgres:17-alpine |
|
| joplin-db | postgres:17-alpine |
|
||||||
| joplin | joplin/server:latest |
|
| joplin | joplin/server:latest |
|
||||||
|
| languagetool | elestio/languagetool:latest |
|
||||||
| librechat-api | ghcr.io/danny-avila/librechat-dev:latest |
|
| librechat-api | ghcr.io/danny-avila/librechat-dev:latest |
|
||||||
| librechat-vectordb | ankane/pgvector:latest |
|
| librechat-vectordb | ankane/pgvector:latest |
|
||||||
| librechat-rag-api | ghcr.io/danny-avila/librechat-rag-api-dev-lite:latest |
|
| librechat-rag-api | ghcr.io/danny-avila/librechat-rag-api-dev-lite:latest |
|
||||||
@@ -98,12 +101,15 @@
|
|||||||
| ollama | ollama/ollama |
|
| ollama | ollama/ollama |
|
||||||
| ombi | lscr.io/linuxserver/ombi:latest |
|
| ombi | lscr.io/linuxserver/ombi:latest |
|
||||||
| omni-tools | iib0011/omni-tools:latest |
|
| omni-tools | iib0011/omni-tools:latest |
|
||||||
|
| omnipoly | kweg/omnipoly:latest |
|
||||||
| paperless-ngx | ghcr.io/paperless-ngx/paperless-ngx:latest |
|
| paperless-ngx | ghcr.io/paperless-ngx/paperless-ngx:latest |
|
||||||
| pgbackweb | eduardolat/pgbackweb:latest |
|
| pgbackweb | eduardolat/pgbackweb:latest |
|
||||||
| pgbackweb-db | postgres:16-alpine |
|
| pgbackweb-db | postgres:16-alpine |
|
||||||
| plantuml-server | plantuml/plantuml-server:jetty |
|
| plantuml-server | plantuml/plantuml-server:jetty |
|
||||||
| portainer | portainer/portainer-ce:alpine |
|
| portainer | portainer/portainer-ce:alpine |
|
||||||
| portall | need4swede/portall:latest |
|
| portnote-web | haedlessdev/portnote:latest |
|
||||||
|
| portnote-agent | haedlessdev/portnote-agent:latest |
|
||||||
|
| portnote-pg-db | postgres:17-alpine |
|
||||||
| postal-smtp | ghcr.io/postalserver/postal:latest |
|
| postal-smtp | ghcr.io/postalserver/postal:latest |
|
||||||
| postal-web | ghcr.io/postalserver/postal:latest |
|
| postal-web | ghcr.io/postalserver/postal:latest |
|
||||||
| postal-worker | ghcr.io/postalserver/postal:latest |
|
| postal-worker | ghcr.io/postalserver/postal:latest |
|
||||||
@@ -140,6 +146,7 @@
|
|||||||
| wallos | bellamy/wallos:latest |
|
| wallos | bellamy/wallos:latest |
|
||||||
| watchtower | ghcr.io/containrrr/watchtower:latest |
|
| watchtower | ghcr.io/containrrr/watchtower:latest |
|
||||||
| web-check | lissy93/web-check |
|
| web-check | lissy93/web-check |
|
||||||
|
| whodb | clidey/whodb |
|
||||||
| youtubedl | nbr23/youtube-dl-server:latest |
|
| youtubedl | nbr23/youtube-dl-server:latest |
|
||||||
| zammad-backup | ghcr.io/zammad/zammad:6.5.0-15 |
|
| zammad-backup | ghcr.io/zammad/zammad:6.5.0-15 |
|
||||||
| zammad-elasticsearch | bitnami/elasticsearch:8.17.4 |
|
| zammad-elasticsearch | bitnami/elasticsearch:8.17.4 |
|
||||||
|
|||||||
@@ -0,0 +1,101 @@
|
|||||||
|
# Example configuration file, it's safe to copy this as the default config file without any modification.
|
||||||
|
|
||||||
|
# You don't have to copy this file to your instance,
|
||||||
|
# just run `./act_runner generate-config > config.yaml` to generate a config file.
|
||||||
|
|
||||||
|
log:
|
||||||
|
# The level of logging, can be trace, debug, info, warn, error, fatal
|
||||||
|
level: info
|
||||||
|
|
||||||
|
runner:
|
||||||
|
# Where to store the registration result.
|
||||||
|
file: .runner
|
||||||
|
# Execute how many tasks concurrently at the same time.
|
||||||
|
capacity: 3
|
||||||
|
# Extra environment variables to run jobs.
|
||||||
|
# envs:
|
||||||
|
# A_TEST_ENV_NAME_1: a_test_env_value_1
|
||||||
|
# A_TEST_ENV_NAME_2: a_test_env_value_2
|
||||||
|
# Extra environment variables to run jobs from a file.
|
||||||
|
# It will be ignored if it's empty or the file doesn't exist.
|
||||||
|
# env_file: .env
|
||||||
|
# The timeout for a job to be finished.
|
||||||
|
# Please note that the Gitea instance also has a timeout (3h by default) for the job.
|
||||||
|
# So the job could be stopped by the Gitea instance if it's timeout is shorter than this.
|
||||||
|
timeout: 3h
|
||||||
|
# The timeout for the runner to wait for running jobs to finish when shutting down.
|
||||||
|
# Any running jobs that haven't finished after this timeout will be cancelled.
|
||||||
|
shutdown_timeout: 0s
|
||||||
|
# Whether skip verifying the TLS certificate of the Gitea instance.
|
||||||
|
insecure: false
|
||||||
|
# The timeout for fetching the job from the Gitea instance.
|
||||||
|
fetch_timeout: 5s
|
||||||
|
# The interval for fetching the job from the Gitea instance.
|
||||||
|
fetch_interval: 2s
|
||||||
|
# The labels of a runner are used to determine which jobs the runner can run, and how to run them.
|
||||||
|
# Like: "macos-arm64:host" or "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest"
|
||||||
|
# Find more images provided by Gitea at https://gitea.com/gitea/runner-images .
|
||||||
|
# If it's empty when registering, it will ask for inputting labels.
|
||||||
|
# If it's empty when execute `daemon`, will use labels in `.runner` file.
|
||||||
|
labels:
|
||||||
|
- "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest"
|
||||||
|
- "ubuntu-22.04:docker://gitea/runner-images:ubuntu-22.04"
|
||||||
|
- "ubuntu-20.04:docker://gitea/runner-images:ubuntu-20.04"
|
||||||
|
|
||||||
|
cache:
|
||||||
|
# Enable cache server to use actions/cache.
|
||||||
|
enabled: true
|
||||||
|
# The directory to store the cache data.
|
||||||
|
# If it's empty, the cache data will be stored in $HOME/.cache/actcache.
|
||||||
|
dir: ""
|
||||||
|
# The host of the cache server.
|
||||||
|
# It's not for the address to listen, but the address to connect from job containers.
|
||||||
|
# So 0.0.0.0 is a bad choice, leave it empty to detect automatically.
|
||||||
|
host: "192.168.1.254"
|
||||||
|
# The port of the cache server.
|
||||||
|
# 0 means to use a random available port.
|
||||||
|
port: 63604
|
||||||
|
# The external cache server URL. Valid only when enable is true.
|
||||||
|
# If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself.
|
||||||
|
# The URL should generally end with "/".
|
||||||
|
external_server: ""
|
||||||
|
|
||||||
|
container:
|
||||||
|
# Specifies the network to which the container will connect.
|
||||||
|
# Could be host, bridge or the name of a custom network.
|
||||||
|
# If it's empty, act_runner will create a network automatically.
|
||||||
|
network: "compose_default"
|
||||||
|
# Whether to use privileged mode or not when launching task containers (privileged mode is required for Docker-in-Docker).
|
||||||
|
privileged: false
|
||||||
|
# And other options to be used when the container is started (eg, --add-host=my.gitea.url:host-gateway).
|
||||||
|
options:
|
||||||
|
# The parent directory of a job's working directory.
|
||||||
|
# NOTE: There is no need to add the first '/' of the path as act_runner will add it automatically.
|
||||||
|
# If the path starts with '/', the '/' will be trimmed.
|
||||||
|
# For example, if the parent directory is /path/to/my/dir, workdir_parent should be path/to/my/dir
|
||||||
|
# If it's empty, /workspace will be used.
|
||||||
|
workdir_parent:
|
||||||
|
# Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob
|
||||||
|
# You can specify multiple volumes. If the sequence is empty, no volumes can be mounted.
|
||||||
|
# For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to:
|
||||||
|
# valid_volumes:
|
||||||
|
# - data
|
||||||
|
# - /src/*.json
|
||||||
|
# If you want to allow any volume, please use the following configuration:
|
||||||
|
# valid_volumes:
|
||||||
|
# - '**'
|
||||||
|
valid_volumes: []
|
||||||
|
# overrides the docker client host with the specified one.
|
||||||
|
# If it's empty, act_runner will find an available docker host automatically.
|
||||||
|
# If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers.
|
||||||
|
# If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work.
|
||||||
|
docker_host: ""
|
||||||
|
# Pull docker image(s) even if already present
|
||||||
|
force_pull: false
|
||||||
|
# Rebuild docker image(s) even if already present
|
||||||
|
force_rebuild: false
|
||||||
|
|
||||||
|
host:
|
||||||
|
# The parent directory of a job's working directory.
|
||||||
|
# If it's empty, $HOME/.cache/act/ will be used.
|
||||||
|
workdir_parent:
|
||||||
+472
-4
@@ -2205,6 +2205,466 @@ services:
|
|||||||
- ${DOCKER_VOLUME_STORAGE}/Movies:/storage/movies
|
- ${DOCKER_VOLUME_STORAGE}/Movies:/storage/movies
|
||||||
- /etc/localtime:/etc/localtime
|
- /etc/localtime:/etc/localtime
|
||||||
- /usr/share/fonts:/usr/local/share/fonts/custom
|
- /usr/share/fonts:/usr/local/share/fonts/custom
|
||||||
|
jitsi-admin-app:
|
||||||
|
<<: *jitsi_admin_app
|
||||||
|
container_name: jitsi-admin-app
|
||||||
|
depends_on:
|
||||||
|
mariadb:
|
||||||
|
condition: service_healthy
|
||||||
|
environment:
|
||||||
|
APACHE_DOCUMENT_ROOT: "public/"
|
||||||
|
PHP_EXTENSION_XDEBUG: "1"
|
||||||
|
PHP_INI_MEMORY_LIMIT: "1G"
|
||||||
|
PHP_EXTENSION_LDAP: 1
|
||||||
|
PHP_EXTENSION_INTL: 1
|
||||||
|
PHP_INI_UPLOAD_MAX_FILESIZE: 8M
|
||||||
|
PHP_INI_POST_MAX_SIZE: 8M
|
||||||
|
MAILER_TRANSPORT: smtp
|
||||||
|
OAUTH_KEYCLOAK_CLIENT_ID: jitsiadmin
|
||||||
|
OAUTH_KEYCLOAK_REALM: jitsiadmin
|
||||||
|
input_settings_allow_timezone: 1
|
||||||
|
allowTimeZoneSwitch: 1
|
||||||
|
CRON_USER_1: root
|
||||||
|
CRON_SCHEDULE_1: "* * * * *"
|
||||||
|
CRON_COMMAND_1: "php /var/www/html/bin/console cron:run"
|
||||||
|
###> symfony/framework-bundle ###
|
||||||
|
APP_ENV: prod
|
||||||
|
APP_DEBUG: 0
|
||||||
|
APP_SECRET: ${JITSI_ADMIN_APP_SECRET}
|
||||||
|
|
||||||
|
###ODC Parameters###
|
||||||
|
IMPRINT: </impressum>
|
||||||
|
DATAPRIVACY: </datenschutzhinweis>
|
||||||
|
HELPURL: </help>
|
||||||
|
|
||||||
|
###Cron Parameters###
|
||||||
|
CRON_TOKEN: ${JITSI_ADMIN_CRON_TOKEN}
|
||||||
|
CRON_IPADRESS: 127.0.0.1
|
||||||
|
|
||||||
|
DATABASE_URL: mariadb://jitsiadmin:${JITSI__ADMIN_DB_PASSWORD}@mariadb:3306/jitsiadmin
|
||||||
|
DATABSE_SERVER: mariadb
|
||||||
|
MAILER_DSN: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25
|
||||||
|
|
||||||
|
TRUSTED_PROXIES: 127.0.0.1,172.18.0.0/16
|
||||||
|
|
||||||
|
###> demo ###
|
||||||
|
DEMO_INSTALLATION: prod
|
||||||
|
###< demo ###
|
||||||
|
|
||||||
|
###> matomo ###
|
||||||
|
MATOMO_ENABLE: 0
|
||||||
|
MATOMO_ID: 1
|
||||||
|
MATOMO_URL: analytics.local.com
|
||||||
|
###< matomo ###
|
||||||
|
|
||||||
|
|
||||||
|
###> LaF ###
|
||||||
|
LAF_BBB: 0
|
||||||
|
LAF_STARTPAGE: false
|
||||||
|
LAF_ONLYREGISTEREDPARTICIPENTS: 0
|
||||||
|
LAF_VERSION: 2.0.0-dev
|
||||||
|
LAF_PEXEL_API_KEY: ${JITSI_ADMIN_PEXEL_API_KEY}
|
||||||
|
LAF_PEXEL_REFRESH_TIME: 1200
|
||||||
|
LAF_EMAILTEXTLOGIN: 1
|
||||||
|
LAF_CREATESERVEROPENTOEVERYONE: 1
|
||||||
|
LAF_KEYCLOAKGROUPTOCREATESERVER: /user
|
||||||
|
LAF_ADMINISTRATOREMAIL: admin@localhost.de
|
||||||
|
LAF_NOTIFICATIONURL: ""
|
||||||
|
LAF_BBB_URL: ""
|
||||||
|
LAF_MAX_REPEAT: 56
|
||||||
|
LAF_REFRESHTIMEDASHBOARD: 10000
|
||||||
|
LAF_DARKMODEASDEFAULT: 0
|
||||||
|
LAF_SHOWNAME: "user.username$"
|
||||||
|
LAF_SHOWNAMEFRONTEND: "user.firstName$ user.lastName$"
|
||||||
|
LAF_ADDPARTICIPANTSNOINPUT: 0
|
||||||
|
LAF_ROOMSMOREOPTIONSCOLLAPSED: 1
|
||||||
|
LAF_LOBBY_REKNOCKTIME: 60
|
||||||
|
LAF_LOBBY_POPUPDURATION: 3000
|
||||||
|
###< LaF ###
|
||||||
|
|
||||||
|
###> Default Jitsi Server ###
|
||||||
|
DEFAULT_JITSI_SERVER_ID: 0
|
||||||
|
###< Default Jitsi Server ###
|
||||||
|
|
||||||
|
### Enterprise Settings ###
|
||||||
|
ENTERPRISE_NOEXTERNAL: 0
|
||||||
|
ALLOWTIMEZONESWITCH: 0
|
||||||
|
EMAILSENDERISMODERATOR: 0
|
||||||
|
###<Enterprise Settings>###
|
||||||
|
|
||||||
|
### LDAP Settings ###
|
||||||
|
LDAP_URL: "ldap://lldap:3890"
|
||||||
|
LDAP_BIND_DN: "cn=jitsi-admin,ou=people,dc=trez,dc=wtf"
|
||||||
|
LDAP_PASSWORD: ${JITSI_ADMIN_LDAP_BIND_PASSWORD}
|
||||||
|
LDAP_USER_DN: "ou=people,dc=trez,dc=wtf"
|
||||||
|
LDAP_USER_OBJECT_CLASSES: person,organizationalPerson,user;person,organizationalPerson,user
|
||||||
|
LDAP_SEARCH_SCOPE: sub;one
|
||||||
|
LDAP_USERNAME_ATTRIBUTE: uid
|
||||||
|
LDAP_ATTRIBUTE_MAPPER: '{"firstName":"givenName", "lastName":"sn", "email":"uid"};{"firstName":"givenName", "lastName":"sn", "email":"uid"}'
|
||||||
|
LDAP_BIND_TYPE: simple
|
||||||
|
LDAP_FILTER: ';'
|
||||||
|
LDAP_RDN_LDAP_ATTRIBUTE: uid
|
||||||
|
LDAP_UUID_LDAP_ATTRIBUTE: uuid
|
||||||
|
LDAP_SERVER_INDIVIDUALNAME: lldap
|
||||||
|
###<LDAP Settings>###
|
||||||
|
|
||||||
|
### UploadSetting
|
||||||
|
AWS_BUCKET_NAME: 'jitsi-admin'
|
||||||
|
AWS_BASE_URL: 'http://minio:9000'
|
||||||
|
AWS_KEY: ${JITSI_ADMIN_S3_ACCESS_KEY}
|
||||||
|
AWS_SECRET_KEY: ${JITSI_ADMIN_S3_SECRET_KEY}
|
||||||
|
###<UploadSettings>
|
||||||
|
expose:
|
||||||
|
- 80
|
||||||
|
healthcheck:
|
||||||
|
test: [ "CMD", "curl", "-s", "-f", "-i", "http://localhost:80/health/check" ]
|
||||||
|
interval: 20s
|
||||||
|
timeout: 10s
|
||||||
|
start_period: 30s
|
||||||
|
retries: 10
|
||||||
|
labels:
|
||||||
|
swag: enable
|
||||||
|
swag_proto: http
|
||||||
|
swag_port: 2283
|
||||||
|
swag_url: jadmin.${MY_TLD}
|
||||||
|
swag_server_custom_directive: |
|
||||||
|
access_log /config/log/$$host_access.log ;
|
||||||
|
error_log /config/log/$$host_error.log ;
|
||||||
|
|
||||||
|
location /ws {
|
||||||
|
proxy_pass http://jitsi-admin-websocket:3000;
|
||||||
|
}
|
||||||
|
location /keycloak {
|
||||||
|
proxy_pass http://jitsi-admin-keycloak:8080;
|
||||||
|
}
|
||||||
|
swag.uptime-kuma.enabled: true
|
||||||
|
swag.uptime-kuma.monitor.url: https://jadmin.${MY_TLD}
|
||||||
|
swag.uptime-kuma.monitor.interval: 300
|
||||||
|
homepage.group: Media Library
|
||||||
|
homepage.name: Jitsi Admin
|
||||||
|
homepage.href: https://jadmin.${MY_TLD}
|
||||||
|
homepage.description: Admin portal for Jitsi (web-conferencing system)
|
||||||
|
restart: unless-stopped
|
||||||
|
volumes:
|
||||||
|
- ja-theme_data:/var/www/html/theme
|
||||||
|
- ja-image_upload:/var/www/html/public/uploads/images
|
||||||
|
- ja-theme_assests_data:/var/www/html/public/theme
|
||||||
|
- ja-recording_uploads:/var/www/html/data/recording
|
||||||
|
jitsi-admin-keycloak:
|
||||||
|
command:
|
||||||
|
- start-dev
|
||||||
|
- --import-realm
|
||||||
|
container_name: jitsi-admin-keycloak
|
||||||
|
depends_on:
|
||||||
|
jitsi-admin-app:
|
||||||
|
condition: service_healthy
|
||||||
|
environment:
|
||||||
|
KEYCLOAK_ADMIN: admin
|
||||||
|
KC_DB: mariadb
|
||||||
|
KC_DB_USERNAME: keycloak
|
||||||
|
KC_HTTP_RELATIVE_PATH: /keycloak
|
||||||
|
KC_PROXY: edge
|
||||||
|
KC_HOSTNAME: https://jadmin.${MY_TLD}/keycloak
|
||||||
|
###> symfony/framework-bundle ###
|
||||||
|
APP_ENV: prod
|
||||||
|
APP_DEBUG: 0
|
||||||
|
APP_SECRET: ${JITSI_ADMIN_APP_SECRET}
|
||||||
|
|
||||||
|
###ODC Parameters###
|
||||||
|
IMPRINT: </impressum>
|
||||||
|
DATAPRIVACY: </datenschutzhinweis>
|
||||||
|
HELPURL: </help>
|
||||||
|
|
||||||
|
###Cron Parameters###
|
||||||
|
CRON_TOKEN: ${JITSI_ADMIN_CRON_TOKEN}
|
||||||
|
CRON_IPADRESS: 127.0.0.1
|
||||||
|
|
||||||
|
DATABASE_URL: mariadb://jitsiadmin:${JITSI__ADMIN_DB_PASSWORD}@mariadb:3306/jitsiadmin
|
||||||
|
DATABSE_SERVER: mariadb
|
||||||
|
MAILER_DSN: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25
|
||||||
|
|
||||||
|
TRUSTED_PROXIES: 127.0.0.1,172.18.0.0/16
|
||||||
|
|
||||||
|
###> demo ###
|
||||||
|
DEMO_INSTALLATION: prod
|
||||||
|
###< demo ###
|
||||||
|
|
||||||
|
###> matomo ###
|
||||||
|
MATOMO_ENABLE: 0
|
||||||
|
MATOMO_ID: 1
|
||||||
|
MATOMO_URL: analytics.local.com
|
||||||
|
###< matomo ###
|
||||||
|
|
||||||
|
|
||||||
|
###> LaF ###
|
||||||
|
LAF_BBB: 0
|
||||||
|
LAF_STARTPAGE: false
|
||||||
|
LAF_ONLYREGISTEREDPARTICIPENTS: 0
|
||||||
|
LAF_VERSION: 2.0.0-dev
|
||||||
|
LAF_PEXEL_API_KEY: ${JITSI_ADMIN_PEXEL_API_KEY}
|
||||||
|
LAF_PEXEL_REFRESH_TIME: 1200
|
||||||
|
LAF_EMAILTEXTLOGIN: 1
|
||||||
|
LAF_CREATESERVEROPENTOEVERYONE: 1
|
||||||
|
LAF_KEYCLOAKGROUPTOCREATESERVER: /user
|
||||||
|
LAF_ADMINISTRATOREMAIL: admin@localhost.de
|
||||||
|
LAF_NOTIFICATIONURL: ""
|
||||||
|
LAF_BBB_URL: ""
|
||||||
|
LAF_MAX_REPEAT: 56
|
||||||
|
LAF_REFRESHTIMEDASHBOARD: 10000
|
||||||
|
LAF_DARKMODEASDEFAULT: 0
|
||||||
|
LAF_SHOWNAME: "user.username$"
|
||||||
|
LAF_SHOWNAMEFRONTEND: "user.firstName$ user.lastName$"
|
||||||
|
LAF_ADDPARTICIPANTSNOINPUT: 0
|
||||||
|
LAF_ROOMSMOREOPTIONSCOLLAPSED: 1
|
||||||
|
LAF_LOBBY_REKNOCKTIME: 60
|
||||||
|
LAF_LOBBY_POPUPDURATION: 3000
|
||||||
|
###< LaF ###
|
||||||
|
|
||||||
|
###> Default Jitsi Server ###
|
||||||
|
DEFAULT_JITSI_SERVER_ID: 0
|
||||||
|
###< Default Jitsi Server ###
|
||||||
|
|
||||||
|
### Enterprise Settings ###
|
||||||
|
ENTERPRISE_NOEXTERNAL: 0
|
||||||
|
ALLOWTIMEZONESWITCH: 0
|
||||||
|
EMAILSENDERISMODERATOR: 0
|
||||||
|
###<Enterprise Settings>###
|
||||||
|
|
||||||
|
### LDAP Settings ###
|
||||||
|
LDAP_URL: "ldap://lldap:3890"
|
||||||
|
LDAP_BIND_DN: "cn=jitsi-admin,ou=people,dc=trez,dc=wtf"
|
||||||
|
LDAP_PASSWORD: ${JITSI_ADMIN_LDAP_BIND_PASSWORD}
|
||||||
|
LDAP_USER_DN: "ou=people,dc=trez,dc=wtf"
|
||||||
|
LDAP_USER_OBJECT_CLASSES: person,organizationalPerson,user;person,organizationalPerson,user
|
||||||
|
LDAP_SEARCH_SCOPE: sub;one
|
||||||
|
LDAP_USERNAME_ATTRIBUTE: uid
|
||||||
|
LDAP_ATTRIBUTE_MAPPER: '{"firstName":"givenName", "lastName":"sn", "email":"uid"};{"firstName":"givenName", "lastName":"sn", "email":"uid"}'
|
||||||
|
LDAP_BIND_TYPE: simple
|
||||||
|
LDAP_FILTER: ';'
|
||||||
|
LDAP_RDN_LDAP_ATTRIBUTE: uid
|
||||||
|
LDAP_UUID_LDAP_ATTRIBUTE: uuid
|
||||||
|
LDAP_SERVER_INDIVIDUALNAME: lldap
|
||||||
|
###<LDAP Settings>###
|
||||||
|
|
||||||
|
### UploadSetting
|
||||||
|
AWS_BUCKET_NAME: 'jitsi-admin'
|
||||||
|
AWS_BASE_URL: 'http://minio:9000'
|
||||||
|
AWS_KEY: ${JITSI_ADMIN_S3_ACCESS_KEY}
|
||||||
|
AWS_SECRET_KEY: ${JITSI_ADMIN_S3_SECRET_KEY}
|
||||||
|
###<UploadSettings>
|
||||||
|
expose:
|
||||||
|
- 8080
|
||||||
|
image: quay.io/keycloak/keycloak:26.1.0
|
||||||
|
restart: unless-stopped
|
||||||
|
volumes:
|
||||||
|
- ${DOCKER_VOLUME_CONFIG}/jitsi/admin/keycloak:/opt/keycloak/data/import
|
||||||
|
jitsi-admin-queue:
|
||||||
|
<<: *jitsi_admin_app
|
||||||
|
command: php /var/www/html/bin/console messenger:consume async --memory-limit=126m
|
||||||
|
hostname: app-queu
|
||||||
|
restart: unless-stopped
|
||||||
|
deploy:
|
||||||
|
mode: replicated
|
||||||
|
replicas: 2
|
||||||
|
environment:
|
||||||
|
###> symfony/framework-bundle ###
|
||||||
|
APP_ENV: prod
|
||||||
|
APP_DEBUG: 0
|
||||||
|
APP_SECRET: ${JITSI_ADMIN_APP_SECRET}
|
||||||
|
|
||||||
|
###ODC Parameters###
|
||||||
|
IMPRINT: </impressum>
|
||||||
|
DATAPRIVACY: </datenschutzhinweis>
|
||||||
|
HELPURL: </help>
|
||||||
|
|
||||||
|
###Cron Parameters###
|
||||||
|
CRON_TOKEN: ${JITSI_ADMIN_CRON_TOKEN}
|
||||||
|
CRON_IPADRESS: 127.0.0.1
|
||||||
|
|
||||||
|
DATABASE_URL: mariadb://jitsiadmin:${JITSI__ADMIN_DB_PASSWORD}@mariadb:3306/jitsiadmin
|
||||||
|
DATABSE_SERVER: mariadb
|
||||||
|
MAILER_DSN: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25
|
||||||
|
|
||||||
|
TRUSTED_PROXIES: 127.0.0.1,172.18.0.0/16
|
||||||
|
|
||||||
|
###> demo ###
|
||||||
|
DEMO_INSTALLATION: prod
|
||||||
|
###< demo ###
|
||||||
|
|
||||||
|
###> matomo ###
|
||||||
|
MATOMO_ENABLE: 0
|
||||||
|
MATOMO_ID: 1
|
||||||
|
MATOMO_URL: analytics.local.com
|
||||||
|
###< matomo ###
|
||||||
|
|
||||||
|
|
||||||
|
###> LaF ###
|
||||||
|
LAF_BBB: 0
|
||||||
|
LAF_STARTPAGE: false
|
||||||
|
LAF_ONLYREGISTEREDPARTICIPENTS: 0
|
||||||
|
LAF_VERSION: 2.0.0-dev
|
||||||
|
LAF_PEXEL_API_KEY: ${JITSI_ADMIN_PEXEL_API_KEY}
|
||||||
|
LAF_PEXEL_REFRESH_TIME: 1200
|
||||||
|
LAF_EMAILTEXTLOGIN: 1
|
||||||
|
LAF_CREATESERVEROPENTOEVERYONE: 1
|
||||||
|
LAF_KEYCLOAKGROUPTOCREATESERVER: /user
|
||||||
|
LAF_ADMINISTRATOREMAIL: admin@localhost.de
|
||||||
|
LAF_NOTIFICATIONURL: ""
|
||||||
|
LAF_BBB_URL: ""
|
||||||
|
LAF_MAX_REPEAT: 56
|
||||||
|
LAF_REFRESHTIMEDASHBOARD: 10000
|
||||||
|
LAF_DARKMODEASDEFAULT: 0
|
||||||
|
LAF_SHOWNAME: "user.username$"
|
||||||
|
LAF_SHOWNAMEFRONTEND: "user.firstName$ user.lastName$"
|
||||||
|
LAF_ADDPARTICIPANTSNOINPUT: 0
|
||||||
|
LAF_ROOMSMOREOPTIONSCOLLAPSED: 1
|
||||||
|
LAF_LOBBY_REKNOCKTIME: 60
|
||||||
|
LAF_LOBBY_POPUPDURATION: 3000
|
||||||
|
###< LaF ###
|
||||||
|
|
||||||
|
###> Default Jitsi Server ###
|
||||||
|
DEFAULT_JITSI_SERVER_ID: 0
|
||||||
|
###< Default Jitsi Server ###
|
||||||
|
|
||||||
|
### Enterprise Settings ###
|
||||||
|
ENTERPRISE_NOEXTERNAL: 0
|
||||||
|
ALLOWTIMEZONESWITCH: 0
|
||||||
|
EMAILSENDERISMODERATOR: 0
|
||||||
|
###<Enterprise Settings>###
|
||||||
|
|
||||||
|
### LDAP Settings ###
|
||||||
|
LDAP_URL: "ldap://lldap:3890"
|
||||||
|
LDAP_BIND_DN: "cn=jitsi-admin,ou=people,dc=trez,dc=wtf"
|
||||||
|
LDAP_PASSWORD: ${JITSI_ADMIN_LDAP_BIND_PASSWORD}
|
||||||
|
LDAP_USER_DN: "ou=people,dc=trez,dc=wtf"
|
||||||
|
LDAP_USER_OBJECT_CLASSES: person,organizationalPerson,user;person,organizationalPerson,user
|
||||||
|
LDAP_SEARCH_SCOPE: sub;one
|
||||||
|
LDAP_USERNAME_ATTRIBUTE: uid
|
||||||
|
LDAP_ATTRIBUTE_MAPPER: '{"firstName":"givenName", "lastName":"sn", "email":"uid"};{"firstName":"givenName", "lastName":"sn", "email":"uid"}'
|
||||||
|
LDAP_BIND_TYPE: simple
|
||||||
|
LDAP_FILTER: ';'
|
||||||
|
LDAP_RDN_LDAP_ATTRIBUTE: uid
|
||||||
|
LDAP_UUID_LDAP_ATTRIBUTE: uuid
|
||||||
|
LDAP_SERVER_INDIVIDUALNAME: lldap
|
||||||
|
###<LDAP Settings>###
|
||||||
|
|
||||||
|
### UploadSetting
|
||||||
|
AWS_BUCKET_NAME: 'jitsi-admin'
|
||||||
|
AWS_BASE_URL: 'http://minio:9000'
|
||||||
|
AWS_KEY: ${JITSI_ADMIN_S3_ACCESS_KEY}
|
||||||
|
AWS_SECRET_KEY: ${JITSI_ADMIN_S3_SECRET_KEY}
|
||||||
|
###<UploadSettings>
|
||||||
|
depends_on:
|
||||||
|
app-ja:
|
||||||
|
condition: service_healthy
|
||||||
|
volumes:
|
||||||
|
- ja-theme_data:/var/www/html/theme
|
||||||
|
jitsi-admin-websocket:
|
||||||
|
container_name: jitsi-admin-websocket
|
||||||
|
depends_on:
|
||||||
|
- swag
|
||||||
|
environment:
|
||||||
|
###> symfony/framework-bundle ###
|
||||||
|
APP_ENV: prod
|
||||||
|
APP_DEBUG: 0
|
||||||
|
APP_SECRET: ${JITSI_ADMIN_APP_SECRET}
|
||||||
|
|
||||||
|
###ODC Parameters###
|
||||||
|
IMPRINT: </impressum>
|
||||||
|
DATAPRIVACY: </datenschutzhinweis>
|
||||||
|
HELPURL: </help>
|
||||||
|
|
||||||
|
###Cron Parameters###
|
||||||
|
CRON_TOKEN: ${JITSI_ADMIN_CRON_TOKEN}
|
||||||
|
CRON_IPADRESS: 127.0.0.1
|
||||||
|
|
||||||
|
DATABASE_URL: mariadb://jitsiadmin:${JITSI__ADMIN_DB_PASSWORD}@mariadb:3306/jitsiadmin
|
||||||
|
DATABSE_SERVER: mariadb
|
||||||
|
MAILER_DSN: smtp://${POSTAL_SMTP_AUTH_USER}:${POSTAL_SMTP_AUTH_PASSWORD}@postal-smtp:25
|
||||||
|
|
||||||
|
TRUSTED_PROXIES: 127.0.0.1,172.18.0.0/16
|
||||||
|
|
||||||
|
###> demo ###
|
||||||
|
DEMO_INSTALLATION: prod
|
||||||
|
###< demo ###
|
||||||
|
|
||||||
|
###> matomo ###
|
||||||
|
MATOMO_ENABLE: 0
|
||||||
|
MATOMO_ID: 1
|
||||||
|
MATOMO_URL: analytics.local.com
|
||||||
|
###< matomo ###
|
||||||
|
|
||||||
|
|
||||||
|
###> LaF ###
|
||||||
|
LAF_BBB: 0
|
||||||
|
LAF_STARTPAGE: false
|
||||||
|
LAF_ONLYREGISTEREDPARTICIPENTS: 0
|
||||||
|
LAF_VERSION: 2.0.0-dev
|
||||||
|
LAF_PEXEL_API_KEY: ${JITSI_ADMIN_PEXEL_API_KEY}
|
||||||
|
LAF_PEXEL_REFRESH_TIME: 1200
|
||||||
|
LAF_EMAILTEXTLOGIN: 1
|
||||||
|
LAF_CREATESERVEROPENTOEVERYONE: 1
|
||||||
|
LAF_KEYCLOAKGROUPTOCREATESERVER: /user
|
||||||
|
LAF_ADMINISTRATOREMAIL: admin@localhost.de
|
||||||
|
LAF_NOTIFICATIONURL: ""
|
||||||
|
LAF_BBB_URL: ""
|
||||||
|
LAF_MAX_REPEAT: 56
|
||||||
|
LAF_REFRESHTIMEDASHBOARD: 10000
|
||||||
|
LAF_DARKMODEASDEFAULT: 0
|
||||||
|
LAF_SHOWNAME: "user.username$"
|
||||||
|
LAF_SHOWNAMEFRONTEND: "user.firstName$ user.lastName$"
|
||||||
|
LAF_ADDPARTICIPANTSNOINPUT: 0
|
||||||
|
LAF_ROOMSMOREOPTIONSCOLLAPSED: 1
|
||||||
|
LAF_LOBBY_REKNOCKTIME: 60
|
||||||
|
LAF_LOBBY_POPUPDURATION: 3000
|
||||||
|
###< LaF ###
|
||||||
|
|
||||||
|
###> Default Jitsi Server ###
|
||||||
|
DEFAULT_JITSI_SERVER_ID: 0
|
||||||
|
###< Default Jitsi Server ###
|
||||||
|
|
||||||
|
### Enterprise Settings ###
|
||||||
|
ENTERPRISE_NOEXTERNAL: 0
|
||||||
|
ALLOWTIMEZONESWITCH: 0
|
||||||
|
EMAILSENDERISMODERATOR: 0
|
||||||
|
###<Enterprise Settings>###
|
||||||
|
|
||||||
|
### LDAP Settings ###
|
||||||
|
LDAP_URL: "ldap://lldap:3890"
|
||||||
|
LDAP_BIND_DN: "cn=jitsi-admin,ou=people,dc=trez,dc=wtf"
|
||||||
|
LDAP_PASSWORD: ${JITSI_ADMIN_LDAP_BIND_PASSWORD}
|
||||||
|
LDAP_USER_DN: "ou=people,dc=trez,dc=wtf"
|
||||||
|
LDAP_USER_OBJECT_CLASSES: person,organizationalPerson,user;person,organizationalPerson,user
|
||||||
|
LDAP_SEARCH_SCOPE: sub;one
|
||||||
|
LDAP_USERNAME_ATTRIBUTE: uid
|
||||||
|
LDAP_ATTRIBUTE_MAPPER: '{"firstName":"givenName", "lastName":"sn", "email":"uid"};{"firstName":"givenName", "lastName":"sn", "email":"uid"}'
|
||||||
|
LDAP_BIND_TYPE: simple
|
||||||
|
LDAP_FILTER: ';'
|
||||||
|
LDAP_RDN_LDAP_ATTRIBUTE: uid
|
||||||
|
LDAP_UUID_LDAP_ATTRIBUTE: uuid
|
||||||
|
LDAP_SERVER_INDIVIDUALNAME: lldap
|
||||||
|
###<LDAP Settings>###
|
||||||
|
|
||||||
|
### UploadSetting
|
||||||
|
AWS_BUCKET_NAME: 'jitsi-admin'
|
||||||
|
AWS_BASE_URL: 'http://minio:9000'
|
||||||
|
AWS_KEY: ${JITSI_ADMIN_S3_ACCESS_KEY}
|
||||||
|
AWS_SECRET_KEY: ${JITSI_ADMIN_S3_SECRET_KEY}
|
||||||
|
###<UploadSettings>
|
||||||
|
expose:
|
||||||
|
- 3000
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000/healthz"]
|
||||||
|
interval: 10s
|
||||||
|
retries: 5
|
||||||
|
timeout: 10s
|
||||||
|
start_period: 10s
|
||||||
|
hostname: websocket-ja
|
||||||
|
image: h2invent/jitsi-admin-websocket:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
volumes:
|
||||||
|
- ja-caddy_data:/data
|
||||||
|
- ja-caddy_config:/config
|
||||||
jitsi-etherpad:
|
jitsi-etherpad:
|
||||||
container_name: jitsi-etherpad
|
container_name: jitsi-etherpad
|
||||||
environment:
|
environment:
|
||||||
@@ -5558,10 +6018,18 @@ volumes:
|
|||||||
name: invoice-ninja_public
|
name: invoice-ninja_public
|
||||||
invoice-ninja_storage:
|
invoice-ninja_storage:
|
||||||
name: invoice-ninja_storage
|
name: invoice-ninja_storage
|
||||||
jitsi-web-admin-theme:
|
ja-caddy_config:
|
||||||
name: jitsi-web-admin-theme
|
name: ja-caddy_config
|
||||||
jitsi-web-admin-upload:
|
ja-caddy_data:
|
||||||
name: jitsi-web-admin-upload
|
name: ja-caddy_data
|
||||||
|
ja-image_upload:
|
||||||
|
name: ja-image_upload
|
||||||
|
ja-recording_uploads:
|
||||||
|
name: ja-recording_uploads
|
||||||
|
ja-theme_assests_data:
|
||||||
|
name: ja-theme_assests_data
|
||||||
|
ja-theme_data:
|
||||||
|
name: ja-theme_data
|
||||||
joplin_data:
|
joplin_data:
|
||||||
name: joplin_data
|
name: joplin_data
|
||||||
linkstack_data:
|
linkstack_data:
|
||||||
|
|||||||
Reference in New Issue
Block a user