Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 04451c6bde |
@@ -1 +0,0 @@
|
|||||||
{"last_found_secrets": [{"name": "Generic Password - /home/charish/app-configs/searxng_settings.yml.j2", "match": "6e0d657eb1f0fbc40cf0b8f3c3873ef627cc9cb7c4108d1c07d979c04bc8a4bb"}]}
|
|
||||||
+67
-91
@@ -1,48 +1,44 @@
|
|||||||
name: Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment
|
name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches-ignore:
|
branches-ignore:
|
||||||
- main
|
- main
|
||||||
paths:
|
|
||||||
- '**.yml'
|
|
||||||
jobs:
|
jobs:
|
||||||
|
# Job 1: Check if PR exists and create one if the branch is new
|
||||||
check-and-create-pr:
|
check-and-create-pr:
|
||||||
name: Check and Create PR
|
name: Check and Create PR
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout Code
|
- name: Checkout Code
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
with:
|
|
||||||
fetch-depth: 1
|
|
||||||
- name: Cache tea CLI
|
|
||||||
id: cache-tea
|
|
||||||
uses: actions/cache@v4
|
|
||||||
with:
|
|
||||||
path: /opt/hostedtoolcache/tea/0.9.2/x64
|
|
||||||
key: tea-${{ runner.os }}-0.9.2
|
|
||||||
- name: Install tea
|
- name: Install tea
|
||||||
uses: supplypike/setup-bin@v4
|
uses: supplypike/setup-bin@v4
|
||||||
with:
|
with:
|
||||||
uri: 'https://gitea.com/gitea/tea/releases/download/v0.9.2/tea-0.9.2-linux-amd64'
|
uri: 'https://gitea.com/gitea/tea/releases/download/v0.9.2/tea-0.9.2-linux-amd64'
|
||||||
name: 'tea'
|
name: 'tea'
|
||||||
version: '0.9.2'
|
version: '0.9.2'
|
||||||
- name: Check if open PR exists
|
|
||||||
id: check-opened-pr-step
|
- name: Check if PR exists & Create
|
||||||
continue-on-error: true
|
id: list-prs
|
||||||
run: |
|
|
||||||
tea login add --name gitea-rinoa --url "${{ secrets.RINOA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
|
|
||||||
pr_exists=$(tea pr list --repo ${{ github.repository }} --state open --fields index,title,head | egrep ${{ github.ref_name }} | tail -1 | wc -l)
|
|
||||||
echo ${pr_exists}
|
|
||||||
echo "exists=$pr_exists" >> $GITHUB_OUTPUT
|
|
||||||
- name: Create PR
|
|
||||||
if: ${{ steps.check-opened-pr-step.outputs.exists == '0' }}
|
|
||||||
run: |
|
run: |
|
||||||
|
tea login add --name gitea-rinoa --url ${{ secrets.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
|
||||||
tea login default gitea-rinoa
|
tea login default gitea-rinoa
|
||||||
pr_index_old=$(tea pr ls --repo ${{ github.repository }} --state all --fields index,title,head --output csv | sed -e 's|"||g' | egrep '^[0-9]' | head -1 | awk -F"," '{print $1}')
|
echo "Checking if PR exists for ${{ github.ref_name }}"
|
||||||
pr_index_new=$(expr ${pr_index_old} + 1)
|
tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state
|
||||||
tea pr c -r ${{ github.repository }} -t "Automated PR for ${{ github.ref_name }} - #${pr_index_new}" -d "Automatically created PR for branch: ${{ github.ref_name }}" -a ${{ github.actor }}
|
pr_state=$(tea pr ls --repo ${{ github.repository }} --state all --fields index,title,head,state --output csv | egrep '${{ gitea.ref_name }}' | head -1 |awk -F, '{print $4}' | sed -e 's|"||g')
|
||||||
docker-compose-ansible-lints:
|
echo "PR state: ${pr_state}"
|
||||||
name: Docker Compose & Ansible Lints
|
if [ "${pr_state}" != 'open' ]; then
|
||||||
|
echo "PR does not exist, creating..."
|
||||||
|
tea pr c -r "${{ github.repository }}" -t "Automated PR for ${{ github.ref_name }}" -d "Automated PR for ${{ github.ref_name }}"
|
||||||
|
elif [ "${pr_state}" = 'open' ]; then
|
||||||
|
echo "PR already exists, skipping creation..."
|
||||||
|
fi
|
||||||
|
|
||||||
|
docker-compose-test:
|
||||||
|
name: Docker Compose Test
|
||||||
needs: [check-and-create-pr]
|
needs: [check-and-create-pr]
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
env:
|
env:
|
||||||
@@ -51,27 +47,20 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
- name: Cache Vault install
|
|
||||||
id: cache-vault
|
- name: Install jq
|
||||||
uses: actions/cache@v4
|
uses: dcarbone/install-jq-action@v3.0.1
|
||||||
with:
|
|
||||||
path: /opt/hostedtoolcache/vault/1.18.0/x64
|
|
||||||
key: vault-${{ runner.os }}-1.18.0
|
|
||||||
- name: Install Vault
|
- name: Install Vault
|
||||||
uses: supplypike/setup-bin@v4
|
uses: cpanato/vault-installer@main
|
||||||
with:
|
with:
|
||||||
uri: 'https://releases.hashicorp.com/vault/1.18.0/vault_1.18.0_linux_amd64.zip'
|
vault-release: '1.18.3'
|
||||||
name: 'vault'
|
|
||||||
version: '1.18.0'
|
- name: Generate .env file for linting
|
||||||
- name: Generate .env file for Docker Compose Dry Run
|
|
||||||
run: |
|
run: |
|
||||||
vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
|
vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
|
||||||
- name: Cache .env Files
|
|
||||||
uses: actions/cache@v4
|
- name: Docker Compose Lint
|
||||||
with:
|
|
||||||
path: .env
|
|
||||||
key: ${{ runner.os }}-env-${{ hashFiles('docker-compose.yml') }}
|
|
||||||
- name: Docker Compose Dry Run
|
|
||||||
uses: yu-ichiro/spin-up-docker-compose-action@v1
|
uses: yu-ichiro/spin-up-docker-compose-action@v1
|
||||||
with:
|
with:
|
||||||
file: docker-compose.yml
|
file: docker-compose.yml
|
||||||
@@ -81,41 +70,39 @@ jobs:
|
|||||||
up-opts: --dry-run -d --remove-orphans
|
up-opts: --dry-run -d --remove-orphans
|
||||||
env:
|
env:
|
||||||
DOCKER_HOST: tcp://dockerproxy:2375
|
DOCKER_HOST: tcp://dockerproxy:2375
|
||||||
|
|
||||||
cloudflare-dns-setup:
|
cloudflare-dns-setup:
|
||||||
name: Cloudflare DNS Setup
|
name: Cloudflare DNS Setup
|
||||||
needs: [docker-compose-ansible-lints]
|
needs: [docker-compose-test]
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
with:
|
|
||||||
fetch-depth: 1
|
- name: Install jq
|
||||||
- name: Cache flarectl CLI
|
uses: dcarbone/install-jq-action@v3.0.1
|
||||||
uses: actions/cache@v4
|
|
||||||
with:
|
- name: Install yq
|
||||||
path: ~/.flarectl
|
uses: dcarbone/install-yq-action@v1
|
||||||
key: flarectl-${{ runner.os }}-${{ hashFiles('workflow-config.yml') }}
|
|
||||||
- name: Install flarectl
|
- name: Install flarectl
|
||||||
uses: supplypike/setup-bin@v4
|
uses: supplypike/setup-bin@v4
|
||||||
with:
|
with:
|
||||||
uri: 'https://github.com/cloudflare/cloudflare-go/releases/download/v0.113.0/flarectl_0.113.0_linux_amd64.tar.gz'
|
uri: 'https://github.com/cloudflare/cloudflare-go/releases/download/v0.113.0/flarectl_0.113.0_linux_amd64.tar.gz'
|
||||||
name: 'flarectl'
|
name: 'flarectl'
|
||||||
version: '0.113.0'
|
version: '0.113.0'
|
||||||
- name: Cache Subdomain Files
|
|
||||||
uses: actions/cache@v4
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
compose_subdomains.txt
|
|
||||||
cloudflare_subdomains.txt
|
|
||||||
key: ${{ runner.os }}-subdomains-${{ hashFiles('docker-compose.yml') }}
|
|
||||||
- name: Grab Subdomains from Docker Compose & Cloudflare
|
- name: Grab Subdomains from Docker Compose & Cloudflare
|
||||||
id: grab-subdomains
|
id: grab-subdomains
|
||||||
env:
|
env:
|
||||||
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
|
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
|
||||||
CF_API_EMAIL: ${{ secrets.CF_API_EMAIL }}
|
CF_API_EMAIL: ${{ secrets.CF_API_EMAIL }}
|
||||||
run: |
|
run: |
|
||||||
|
echo "Grabbing subdomains from docker-compose.yml..."
|
||||||
yq '.services[].labels.swag_url' docker-compose.yml | egrep -v 'null' | sed -e 's|"||g' | awk -F'.' '{print $1}' | sort > compose_subdomains.txt
|
yq '.services[].labels.swag_url' docker-compose.yml | egrep -v 'null' | sed -e 's|"||g' | awk -F'.' '{print $1}' | sort > compose_subdomains.txt
|
||||||
|
echo "Grabbing subdomains from Cloudflare..."
|
||||||
flarectl --json dns list --zone "trez.wtf" --type=CNAME --content "trez.wtf" | jq '.[].Name' | sed -e 's|"||g' | awk -F"." '{print $1}' | sort > cloudflare_subdomains.txt
|
flarectl --json dns list --zone "trez.wtf" --type=CNAME --content "trez.wtf" | jq '.[].Name' | sed -e 's|"||g' | awk -F"." '{print $1}' | sort > cloudflare_subdomains.txt
|
||||||
|
|
||||||
- name: Compare Subdomains
|
- name: Compare Subdomains
|
||||||
id: compare-subdomains
|
id: compare-subdomains
|
||||||
uses: LouisBrunner/diff-action@v2.2.0
|
uses: LouisBrunner/diff-action@v2.2.0
|
||||||
@@ -125,6 +112,7 @@ jobs:
|
|||||||
mode: addition
|
mode: addition
|
||||||
tolerance: mixed-better
|
tolerance: mixed-better
|
||||||
output: domain_compare.txt
|
output: domain_compare.txt
|
||||||
|
|
||||||
- name: Create Subdomains
|
- name: Create Subdomains
|
||||||
if: steps.compare-subdomains.outputs.output != ''
|
if: steps.compare-subdomains.outputs.output != ''
|
||||||
continue-on-error: true
|
continue-on-error: true
|
||||||
@@ -134,8 +122,9 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
cat domain_compare.txt | egrep '^-[a-z]' | sed -e 's|-||g' | while read -r subdomain; do
|
cat domain_compare.txt | egrep '^-[a-z]' | sed -e 's|-||g' | while read -r subdomain; do
|
||||||
echo "Creating $subdomain.trez.wtf..."
|
echo "Creating $subdomain.trez.wtf..."
|
||||||
flarectl dns create --zone "trez.wtf" --name "${subdomain}" --type=CNAME --content "trez.wtf" --proxy true
|
flarectl dns create --zone "trez.wtf" --name "${subdomain}" --type=CNAME --content "trez.wtf"
|
||||||
done
|
done
|
||||||
|
|
||||||
regenerate-readme:
|
regenerate-readme:
|
||||||
name: Update README
|
name: Update README
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
@@ -145,27 +134,33 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Install yq
|
- name: Install yq
|
||||||
uses: dcarbone/install-yq-action@v1
|
uses: dcarbone/install-yq-action@v1
|
||||||
|
|
||||||
- name: Generate service list
|
- name: Generate service list
|
||||||
run: |
|
run: |
|
||||||
yq '.services | to_entries | map({"service": .key, "image": .value.image})' docker-compose.yml > services.yml
|
yq '.services | to_entries | map({"service": .key, "image": .value.image})' docker-compose.yml > services.yml
|
||||||
|
|
||||||
- name: Generate Markdown Table
|
- name: Generate Markdown Table
|
||||||
uses: gazab/create-markdown-table@v1
|
uses: gazab/create-markdown-table@v1
|
||||||
id: service-table
|
id: service-table
|
||||||
with:
|
with:
|
||||||
file: ./services.yml
|
file: ./services.yml
|
||||||
|
|
||||||
- name: Regenerate README
|
- name: Regenerate README
|
||||||
run: |
|
run: |
|
||||||
echo "# List of Services" > README.md
|
echo "# List of Services" > README.md
|
||||||
echo -e "\n\n" >> README.md
|
echo -e "\n\n" >> README.md
|
||||||
echo "${{ steps.service-table.outputs.table }}" >> README.md
|
echo "${{ steps.service-table.outputs.table }}" >> README.md
|
||||||
|
|
||||||
- name: Add/Commit README.md
|
- name: Add/Commit README.md
|
||||||
id: commit-readme
|
id: commit-readme
|
||||||
uses: EndBug/add-and-commit@v9
|
uses: EndBug/add-and-commit@v9
|
||||||
with:
|
with:
|
||||||
message: "chore: Update README"
|
message: "chore: Update README"
|
||||||
add: "README.md"
|
add: "README.md"
|
||||||
|
|
||||||
pr-merge:
|
pr-merge:
|
||||||
name: PR Merge
|
name: PR Merge
|
||||||
needs: [regenerate-readme]
|
needs: [regenerate-readme]
|
||||||
@@ -173,23 +168,25 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Install tea
|
- name: Install tea
|
||||||
uses: supplypike/setup-bin@v4
|
uses: supplypike/setup-bin@v4
|
||||||
with:
|
with:
|
||||||
uri: 'https://gitea.com/gitea/tea/releases/download/v0.9.2/tea-0.9.2-linux-amd64'
|
uri: 'https://gitea.com/gitea/tea/releases/download/v0.9.2/tea-0.9.2-linux-amd64'
|
||||||
name: 'tea'
|
name: 'tea'
|
||||||
version: '0.9.2'
|
version: '0.9.2'
|
||||||
|
|
||||||
- name: PR Merge
|
- name: PR Merge
|
||||||
id: pr_merge
|
id: pr_merge
|
||||||
run: |
|
run: |
|
||||||
tea login add --name gitea-rinoa --url ${{ secrets.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
|
tea login add --name gitea-rinoa --url ${{ secrets.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
|
||||||
echo "Setting default login for Gitea..."
|
|
||||||
tea login default gitea-rinoa
|
tea login default gitea-rinoa
|
||||||
pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ github.ref_name }} | awk -F, '{print $1}' | sed -e 's|"||g')
|
pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ gitea.ref_name }} | awk -F, '{print $1}' | sed -e 's|"||g')
|
||||||
echo "${pr_index}"
|
tea pr m --repo ${{ github.repository }} --title "Auto Merge of PR #${pr_index} - ${{ gitea.ref_name }}" --message "Merged by ${{ gitea.actor }}" --output table ${pr_index}
|
||||||
tea pr m --repo ${{ github.repository }} --title "Auto Merge of PR #${pr_index} - ${{ github.ref_name }}" --message "Merged by ${{ github.actor }}" --output table ${pr_index}
|
|
||||||
ansible-config-docker-compose-deploy:
|
|
||||||
name: Deploy via Ansible & Docker Compose
|
docker-compose-deploy:
|
||||||
|
name: Deploy via Docker Compose
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
needs: [pr-merge]
|
needs: [pr-merge]
|
||||||
env:
|
env:
|
||||||
@@ -201,40 +198,19 @@ jobs:
|
|||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
with:
|
with:
|
||||||
ref: main
|
ref: main
|
||||||
# - name: Gotify Notification
|
|
||||||
# uses: eikendev/gotify-action@master
|
|
||||||
# with:
|
|
||||||
# gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}'
|
|
||||||
# gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
|
||||||
# notification_title: 'Ansible Config Deployment @ Rinoa'
|
|
||||||
# notification_message: 'Deployment completed successfully.'
|
|
||||||
- name: Cache Vault install
|
|
||||||
id: cache-vault
|
|
||||||
uses: actions/cache@v4
|
|
||||||
with:
|
|
||||||
path: /opt/hostedtoolcache/vault/1.18.0/x64
|
|
||||||
key: vault-${{ runner.os }}-1.18.0
|
|
||||||
- name: Install Vault
|
- name: Install Vault
|
||||||
uses: supplypike/setup-bin@v4
|
uses: cpanato/vault-installer@main
|
||||||
with:
|
|
||||||
uri: 'https://releases.hashicorp.com/vault/1.18.0/vault_1.18.0_linux_amd64.zip'
|
|
||||||
name: 'vault'
|
|
||||||
version: '1.18.0'
|
|
||||||
- name: Generate .env file for deployment
|
- name: Generate .env file for deployment
|
||||||
run: |
|
run: |
|
||||||
vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
|
vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
|
||||||
|
|
||||||
- name: Docker Compose Deployment
|
- name: Docker Compose Deployment
|
||||||
uses: keatonLiu/docker-compose-remote-action@v1.2
|
uses: keatonLiu/docker-compose-remote-action@v1.2
|
||||||
with:
|
with:
|
||||||
ssh_user: gitea-deploy
|
ssh_user: gitea-deploy
|
||||||
ssh_host: 192.168.1.254
|
ssh_host: 192.168.1.254
|
||||||
ssh_host_public_key: ${{ secrets.RINOA_GITEA_PUBLIC_SSH_KEY }}
|
ssh_host_public_key: ${{ secrets.RINOA_GITEA_PUBLIC_SSH_KEY }}
|
||||||
ssh_private_key: ${{ secrets.RINOA_GITEA_PRIVATE_SSH_KEY }}
|
ssh_private_key: ${{ secrets.RINOA_GITEA_PRIVATE_SSH_KEY }}
|
||||||
docker_compose_file: docker-compose.yml
|
docker_compose_file: docker-compose.yml
|
||||||
- name: Gotify Notification
|
|
||||||
uses: eikendev/gotify-action@master
|
|
||||||
with:
|
|
||||||
gotify_api_base: '${{ secrets.RINOA_GITEA_PUBLIC_SSH_KEY }}'
|
|
||||||
gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
|
|
||||||
notification_title: 'Docker Compose Deployment @ Rinoa'
|
|
||||||
notification_message: 'Deployment completed successfully.'
|
|
||||||
+2
-2
@@ -1,2 +1,2 @@
|
|||||||
**/.cache.ggshield
|
**/.env*
|
||||||
ansible/collections/ansible_collections/
|
**/*env*
|
||||||
|
|||||||
@@ -6,7 +6,6 @@
|
|||||||
| --- | --- |
|
| --- | --- |
|
||||||
| actual_server | docker.io/actualbudget/actual-server:latest |
|
| actual_server | docker.io/actualbudget/actual-server:latest |
|
||||||
| adguard | adguard/adguardhome:latest |
|
| adguard | adguard/adguardhome:latest |
|
||||||
| ansible0guy-webui | ansible0guy/webui:latest |
|
|
||||||
| apprise | lscr.io/linuxserver/apprise-api:latest |
|
| apprise | lscr.io/linuxserver/apprise-api:latest |
|
||||||
| audiobookshelf | ghcr.io/advplyr/audiobookshelf:latest |
|
| audiobookshelf | ghcr.io/advplyr/audiobookshelf:latest |
|
||||||
| authelia | authelia/authelia:master |
|
| authelia | authelia/authelia:master |
|
||||||
@@ -35,7 +34,7 @@
|
|||||||
| fastenhealth | ghcr.io/fastenhealth/fasten-onprem:main |
|
| fastenhealth | ghcr.io/fastenhealth/fasten-onprem:main |
|
||||||
| flaresolverr | ghcr.io/flaresolverr/flaresolverr:latest |
|
| flaresolverr | ghcr.io/flaresolverr/flaresolverr:latest |
|
||||||
| ghost | ghost:latest |
|
| ghost | ghost:latest |
|
||||||
| gitea | gitea/gitea:1.23.1 |
|
| gitea | gitea/gitea:1.22.6 |
|
||||||
| gitea-db | postgres:14 |
|
| gitea-db | postgres:14 |
|
||||||
| gitea-opengist | ghcr.io/thomiceli/opengist:latest |
|
| gitea-opengist | ghcr.io/thomiceli/opengist:latest |
|
||||||
| gitea-runner | gitea/act_runner:latest |
|
| gitea-runner | gitea/act_runner:latest |
|
||||||
@@ -68,13 +67,17 @@
|
|||||||
| jitsi-web | jitsi/web:stable |
|
| jitsi-web | jitsi/web:stable |
|
||||||
| joplin-db | postgres:17-alpine |
|
| joplin-db | postgres:17-alpine |
|
||||||
| joplin | joplin/server:latest |
|
| joplin | joplin/server:latest |
|
||||||
|
| komodo-core | ghcr.io/mbecker20/komodo:latest |
|
||||||
|
| komodo-ferretdb | ghcr.io/ferretdb/ferretdb |
|
||||||
|
| komodo-periphery | ghcr.io/mbecker20/periphery:latest |
|
||||||
|
| komodo-pg-db | postgres:17-alpine |
|
||||||
|
| librespeed | lscr.io/linuxserver/librespeed:latest |
|
||||||
| lidarr | lscr.io/linuxserver/lidarr:latest |
|
| lidarr | lscr.io/linuxserver/lidarr:latest |
|
||||||
| lidify | thewicklowwolf/lidify:latest |
|
| lidify | thewicklowwolf/lidify:latest |
|
||||||
| lldap | lldap/lldap:stable |
|
| lldap | lldap/lldap:stable |
|
||||||
| localai | localai/localai:latest-aio-cpu |
|
| localai | localai/localai:latest-aio-cpu |
|
||||||
| maloja | krateng/maloja:latest |
|
| maloja | krateng/maloja:latest |
|
||||||
| mariadb | linuxserver/mariadb |
|
| mariadb | ghcr.io/linuxserver/mariadb |
|
||||||
| mastodon | lscr.io/linuxserver/mastodon:latest |
|
|
||||||
| mastodon-pg-db | postgres:17-alpine |
|
| mastodon-pg-db | postgres:17-alpine |
|
||||||
| minio | minio/minio |
|
| minio | minio/minio |
|
||||||
| mongodb | mongo:7.0 |
|
| mongodb | mongo:7.0 |
|
||||||
@@ -87,8 +90,6 @@
|
|||||||
| ollama | ollama/ollama |
|
| ollama | ollama/ollama |
|
||||||
| ombi | lscr.io/linuxserver/ombi:latest |
|
| ombi | lscr.io/linuxserver/ombi:latest |
|
||||||
| paperless-ngx | ghcr.io/paperless-ngx/paperless-ngx:latest |
|
| paperless-ngx | ghcr.io/paperless-ngx/paperless-ngx:latest |
|
||||||
| pgbackweb | eduardolat/pgbackweb:latest |
|
|
||||||
| pgbackweb-db | postgres:16-alpine |
|
|
||||||
| plausible | ghcr.io/plausible/community-edition:v2.1.0 |
|
| plausible | ghcr.io/plausible/community-edition:v2.1.0 |
|
||||||
| plausible_db | postgres:16-alpine |
|
| plausible_db | postgres:16-alpine |
|
||||||
| plausible_events_db | clickhouse/clickhouse-server:24.3.3.102-alpine |
|
| plausible_events_db | clickhouse/clickhouse-server:24.3.3.102-alpine |
|
||||||
@@ -103,8 +104,6 @@
|
|||||||
| readarr | lscr.io/linuxserver/readarr:develop |
|
| readarr | lscr.io/linuxserver/readarr:develop |
|
||||||
| redis | redis:alpine |
|
| redis | redis:alpine |
|
||||||
| redlib | quay.io/redlib/redlib:latest |
|
| redlib | quay.io/redlib/redlib:latest |
|
||||||
| rundeck | rundeck/rundeck:5.8.0 |
|
|
||||||
| rundeck-pg-db | postgres:16-alpine |
|
|
||||||
| sabnzbdvpn | ghcr.io/binhex/arch-sabnzbdvpn:latest |
|
| sabnzbdvpn | ghcr.io/binhex/arch-sabnzbdvpn:latest |
|
||||||
| scraperr | jpyles0524/scraperr:latest |
|
| scraperr | jpyles0524/scraperr:latest |
|
||||||
| scraperr-api | jpyles0524/scraperr_api:latest |
|
| scraperr-api | jpyles0524/scraperr_api:latest |
|
||||||
@@ -121,7 +120,6 @@
|
|||||||
| sonashow | thewicklowwolf/sonashow:latest |
|
| sonashow | thewicklowwolf/sonashow:latest |
|
||||||
| soularr | mrusse08/soularr:latest |
|
| soularr | mrusse08/soularr:latest |
|
||||||
| soulseek | slskd/slskd |
|
| soulseek | slskd/slskd |
|
||||||
| speedtest-tracker | lscr.io/linuxserver/speedtest-tracker:latest |
|
|
||||||
| spotisub | blastbeng/spotisub:latest |
|
| spotisub | blastbeng/spotisub:latest |
|
||||||
| swag | lscr.io/linuxserver/swag:latest |
|
| swag | lscr.io/linuxserver/swag:latest |
|
||||||
| synapse | docker.io/matrixdotorg/synapse:latest |
|
| synapse | docker.io/matrixdotorg/synapse:latest |
|
||||||
@@ -142,7 +140,6 @@
|
|||||||
| wazuh.manager | wazuh/wazuh-manager: |
|
| wazuh.manager | wazuh/wazuh-manager: |
|
||||||
| web-check | lissy93/web-check |
|
| web-check | lissy93/web-check |
|
||||||
| whodb | clidey/whodb |
|
| whodb | clidey/whodb |
|
||||||
| yacht | selfhostedpro/yacht |
|
|
||||||
| your_spotify | lscr.io/linuxserver/your_spotify:latest |
|
| your_spotify | lscr.io/linuxserver/your_spotify:latest |
|
||||||
| youtubedl | nbr23/youtube-dl-server:latest |
|
| youtubedl | nbr23/youtube-dl-server:latest |
|
||||||
| zammad-backup | postgres: |
|
| zammad-backup | postgres: |
|
||||||
|
|||||||
@@ -1,167 +0,0 @@
|
|||||||
.logs/*
|
|
||||||
*.retry
|
|
||||||
*.vault
|
|
||||||
# https://raw.githubusercontent.com/github/gitignore/main/Python.gitignore
|
|
||||||
# Byte-compiled / optimized / DLL files
|
|
||||||
__pycache__/
|
|
||||||
*.py[cod]
|
|
||||||
*$py.class
|
|
||||||
.cache_ggshield
|
|
||||||
# Ansible Vault Password Files
|
|
||||||
*.pass
|
|
||||||
|
|
||||||
# C extensions
|
|
||||||
*.so
|
|
||||||
|
|
||||||
# Distribution / packaging
|
|
||||||
.Python
|
|
||||||
build/
|
|
||||||
develop-eggs/
|
|
||||||
dist/
|
|
||||||
downloads/
|
|
||||||
eggs/
|
|
||||||
.eggs/
|
|
||||||
lib/
|
|
||||||
lib64/
|
|
||||||
parts/
|
|
||||||
sdist/
|
|
||||||
var/
|
|
||||||
wheels/
|
|
||||||
share/python-wheels/
|
|
||||||
*.egg-info/
|
|
||||||
.installed.cfg
|
|
||||||
*.egg
|
|
||||||
MANIFEST
|
|
||||||
|
|
||||||
# PyInstaller
|
|
||||||
# Usually these files are written by a python script from a template
|
|
||||||
# before PyInstaller builds the exe, so as to inject date/other infos into it.
|
|
||||||
*.manifest
|
|
||||||
*.spec
|
|
||||||
|
|
||||||
# Installer logs
|
|
||||||
pip-log.txt
|
|
||||||
pip-delete-this-directory.txt
|
|
||||||
|
|
||||||
# Unit test / coverage reports
|
|
||||||
htmlcov/
|
|
||||||
.tox/
|
|
||||||
.nox/
|
|
||||||
.coverage
|
|
||||||
.coverage.*
|
|
||||||
.cache
|
|
||||||
nosetests.xml
|
|
||||||
coverage.xml
|
|
||||||
*.cover
|
|
||||||
*.py,cover
|
|
||||||
.hypothesis/
|
|
||||||
.pytest_cache/
|
|
||||||
cover/
|
|
||||||
|
|
||||||
# Translations
|
|
||||||
*.mo
|
|
||||||
*.pot
|
|
||||||
|
|
||||||
# Django stuff:
|
|
||||||
*.log
|
|
||||||
local_settings.py
|
|
||||||
db.sqlite3
|
|
||||||
db.sqlite3-journal
|
|
||||||
|
|
||||||
# Flask stuff:
|
|
||||||
instance/
|
|
||||||
.webassets-cache
|
|
||||||
|
|
||||||
# Scrapy stuff:
|
|
||||||
.scrapy
|
|
||||||
|
|
||||||
# Sphinx documentation
|
|
||||||
docs/_build/
|
|
||||||
|
|
||||||
# PyBuilder
|
|
||||||
.pybuilder/
|
|
||||||
target/
|
|
||||||
|
|
||||||
# Jupyter Notebook
|
|
||||||
.ipynb_checkpoints
|
|
||||||
|
|
||||||
# IPython
|
|
||||||
profile_default/
|
|
||||||
ipython_config.py
|
|
||||||
|
|
||||||
# pyenv
|
|
||||||
# For a library or package, you might want to ignore these files since the code is
|
|
||||||
# intended to run in multiple environments; otherwise, check them in:
|
|
||||||
# .python-version
|
|
||||||
|
|
||||||
# pipenv
|
|
||||||
# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
|
|
||||||
# However, in case of collaboration, if having platform-specific dependencies or dependencies
|
|
||||||
# having no cross-platform support, pipenv may install dependencies that don't work, or not
|
|
||||||
# install all needed dependencies.
|
|
||||||
#Pipfile.lock
|
|
||||||
|
|
||||||
# poetry
|
|
||||||
# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
|
|
||||||
# This is especially recommended for binary packages to ensure reproducibility, and is more
|
|
||||||
# commonly ignored for libraries.
|
|
||||||
# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
|
|
||||||
#poetry.lock
|
|
||||||
|
|
||||||
# pdm
|
|
||||||
# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
|
|
||||||
#pdm.lock
|
|
||||||
# pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
|
|
||||||
# in version control.
|
|
||||||
# https://pdm.fming.dev/#use-with-ide
|
|
||||||
.pdm.toml
|
|
||||||
|
|
||||||
# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
|
|
||||||
__pypackages__/
|
|
||||||
|
|
||||||
# Celery stuff
|
|
||||||
celerybeat-schedule
|
|
||||||
celerybeat.pid
|
|
||||||
|
|
||||||
# SageMath parsed files
|
|
||||||
*.sage.py
|
|
||||||
|
|
||||||
# Environments
|
|
||||||
.env
|
|
||||||
.venv
|
|
||||||
env/
|
|
||||||
venv/
|
|
||||||
ENV/
|
|
||||||
env.bak/
|
|
||||||
venv.bak/
|
|
||||||
|
|
||||||
# Spyder project settings
|
|
||||||
.spyderproject
|
|
||||||
.spyproject
|
|
||||||
|
|
||||||
# Rope project settings
|
|
||||||
.ropeproject
|
|
||||||
|
|
||||||
# mkdocs documentation
|
|
||||||
/site
|
|
||||||
|
|
||||||
# mypy
|
|
||||||
.mypy_cache/
|
|
||||||
.dmypy.json
|
|
||||||
dmypy.json
|
|
||||||
|
|
||||||
# Pyre type checker
|
|
||||||
.pyre/
|
|
||||||
|
|
||||||
# pytype static type analyzer
|
|
||||||
.pytype/
|
|
||||||
|
|
||||||
# Cython debug symbols
|
|
||||||
cython_debug/
|
|
||||||
|
|
||||||
# PyCharm
|
|
||||||
# JetBrains specific template is maintained in a separate JetBrains.gitignore that can
|
|
||||||
# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
|
|
||||||
# and can be added to the global gitignore or merged into this file. For a more nuclear
|
|
||||||
# option (not recommended) you can uncomment the following to ignore the entire idea folder.
|
|
||||||
#.idea/
|
|
||||||
@@ -1,45 +0,0 @@
|
|||||||
# Rinoa Docker_configs Ansible Project
|
|
||||||
|
|
||||||
## Included content/ Directory Structure
|
|
||||||
|
|
||||||
The directory structure follows best practices recommended by the Ansible community. Feel free to customize this template according to your specific project requirements.
|
|
||||||
|
|
||||||
```
|
|
||||||
ansible-project/
|
|
||||||
|── .devcontainer/
|
|
||||||
| └── docker/
|
|
||||||
| └── devcontainer.json
|
|
||||||
| └── podman/
|
|
||||||
| └── devcontainer.json
|
|
||||||
| └── devcontainer.json
|
|
||||||
|── .github/
|
|
||||||
| └── workflows/
|
|
||||||
| └── tests.yml
|
|
||||||
| └── ansible-code-bot.yml
|
|
||||||
|── .vscode/
|
|
||||||
| └── extensions.json
|
|
||||||
|── collections/
|
|
||||||
| └── requirements.yml
|
|
||||||
| └── ansible_collections/
|
|
||||||
| └── project_org/
|
|
||||||
| └── project_repo/
|
|
||||||
| └── README.md
|
|
||||||
| └── roles/sample_role/
|
|
||||||
| └── README.md
|
|
||||||
| └── tasks/main.yml
|
|
||||||
|── inventory/
|
|
||||||
| └── groups_vars/
|
|
||||||
| └── host_vars/
|
|
||||||
| └── hosts.yml
|
|
||||||
|── ansible-navigator.yml
|
|
||||||
|── ansible.cfg
|
|
||||||
|── devfile.yaml
|
|
||||||
|── linux_playbook.yml
|
|
||||||
|── network_playbook.yml
|
|
||||||
|── README.md
|
|
||||||
|── site.yml
|
|
||||||
```
|
|
||||||
|
|
||||||
## Compatible with Ansible-lint
|
|
||||||
|
|
||||||
Tested with ansible-lint >=24.2.0 releases and the current development version of ansible-core.
|
|
||||||
@@ -1,25 +0,0 @@
|
|||||||
[defaults]
|
|
||||||
# Specify the inventory file
|
|
||||||
inventory = hosts.yml
|
|
||||||
|
|
||||||
collections_path = ./collections
|
|
||||||
# Set the logging verbosity level
|
|
||||||
verbosity = 2
|
|
||||||
|
|
||||||
# Set the default user for SSH connections
|
|
||||||
remote_user = charish
|
|
||||||
|
|
||||||
# Define the default become method
|
|
||||||
become_method = sudo
|
|
||||||
|
|
||||||
host_key_checking = false
|
|
||||||
|
|
||||||
[persistent_connection]
|
|
||||||
# Controls how long the persistent connection will remain idle before it is destroyed
|
|
||||||
connect_timeout=30
|
|
||||||
|
|
||||||
# Controls the amount of time to wait for response from remote device before timing out persistent connection
|
|
||||||
command_timeout=30
|
|
||||||
|
|
||||||
[hashi_vault_collection]
|
|
||||||
auth_method = token
|
|
||||||
@@ -1,16 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
tunnel: 52bdee6e-8ccb-47be-ba9e-f8010b905e41
|
|
||||||
credentials-file: /etc/cloudflared/52bdee6e-8ccb-47be-ba9e-f8010b905e41.json
|
|
||||||
warp-routing:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
ingress:
|
|
||||||
- hostname: git-ssh.trez.wtf
|
|
||||||
service: ssh://gitea:22
|
|
||||||
- hostname: gist-ssh.trez.wtf
|
|
||||||
service: ssh://gitea-opengist:2222
|
|
||||||
- hostname: ssh.trez.wtf
|
|
||||||
service: ssh://192.168.1.254:22
|
|
||||||
- service: http_status:404 # Default for unmatched requests
|
|
||||||
@@ -1,15 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
|
|
||||||
source: journalctl
|
|
||||||
journalctl_filter:
|
|
||||||
- "--directory=/var/log/host/"
|
|
||||||
labels:
|
|
||||||
type: syslog
|
|
||||||
---
|
|
||||||
filenames:
|
|
||||||
- /var/log/swag/*
|
|
||||||
labels:
|
|
||||||
type: nginx
|
|
||||||
---
|
|
||||||
@@ -1,17 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
name: default_ip_remediation
|
|
||||||
#debug: true
|
|
||||||
filters:
|
|
||||||
- Alert.Remediation == true && Alert.GetScope() == "Ip"
|
|
||||||
decisions:
|
|
||||||
- type: ban
|
|
||||||
duration: 4h
|
|
||||||
#duration_expr: Sprintf('%dh', (GetDecisionsCount(Alert.GetValue()) + 1) * 4)
|
|
||||||
# notifications:
|
|
||||||
# - slack_default # Set the webhook in /etc/crowdsec/notifications/slack.yaml before enabling this.
|
|
||||||
# - splunk_default # Set the splunk url and token in /etc/crowdsec/notifications/splunk.yaml before enabling this.
|
|
||||||
# - http_default # Set the required http parameters in /etc/crowdsec/notifications/http.yaml before enabling this.
|
|
||||||
# - email_default # Set the required email parameters in /etc/crowdsec/notifications/email.yaml before enabling this.
|
|
||||||
on_success: break
|
|
||||||
@@ -1,81 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
# Gitea related configuration. Necessary for adding/updating comments on repository pull requests
|
|
||||||
gitea:
|
|
||||||
# Endpoint of your Gitea instance. Must be expandable by '/api/v1' to form the API base path as shown in Swagger UI.
|
|
||||||
url: https://git.trez.wtf
|
|
||||||
|
|
||||||
# Created access token for the user that shall be used as bot account.
|
|
||||||
# User needs "Read project" permissions with access to "Pull Requests"
|
|
||||||
token:
|
|
||||||
value: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_GITEA_TOKEN'] }}"
|
|
||||||
# # or path to file containing the plain text secret
|
|
||||||
# file: /path/to/gitea/token
|
|
||||||
|
|
||||||
# If the sent webhook has a signature header, the bot validates the request payload. If the value does not match, the
|
|
||||||
# request will be ignored.
|
|
||||||
# The bot looks for `X-Gitea-Signature` header containing the sha256 hmac hash of the plain text secret. If the header
|
|
||||||
# exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be validated.
|
|
||||||
webhook:
|
|
||||||
secret: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_GITEA_WEBHOOK_SECRET'] }}"
|
|
||||||
# # or path to file containing the plain text secret
|
|
||||||
# secretFile: /path/to/gitea/webhook/secret
|
|
||||||
|
|
||||||
# Pull Request status check settings.
|
|
||||||
statusCheck:
|
|
||||||
# Configure the label/name of the PR status check.
|
|
||||||
name: "gitea-sonarqube-bot"
|
|
||||||
|
|
||||||
# SonarQube related configuration. Necessary for requesting data from the API and processing the webhook.
|
|
||||||
sonarqube:
|
|
||||||
# Endpoint of your SonarQube instance. Must be expandable by '/api' to form the API base path.
|
|
||||||
url: https://sqube.trez.wtf
|
|
||||||
|
|
||||||
# Created access token for the user that shall be used as bot account.
|
|
||||||
# User needs "Browse on project" permissions
|
|
||||||
token:
|
|
||||||
value: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_SQUBE_TOKEN'] }}"
|
|
||||||
# # or path to file containing the plain text secret
|
|
||||||
# file: /path/to/sonarqube/token
|
|
||||||
|
|
||||||
# If the sent webhook has a signature header, the bot validates the request payload. If the value does not match, the
|
|
||||||
# request will be ignored.
|
|
||||||
# The bot looks for `X-Sonar-Webhook-HMAC-SHA256` header containing the sha256 hmac hash of the plain text secret.
|
|
||||||
# If the header exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be
|
|
||||||
# validated.
|
|
||||||
webhook:
|
|
||||||
secret: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_SQUBE_WEBHOOK_SECRET'] }}"
|
|
||||||
# # or path to file containing the plain text secret
|
|
||||||
# secretFile: /path/to/sonarqube/webhook/secret
|
|
||||||
|
|
||||||
# Some useful metrics depend on the edition in use. There are various ones like code_smells, vulnerabilities, bugs, etc.
|
|
||||||
# By default, the bot will extract "bugs,vulnerabilities,code_smells"
|
|
||||||
# Setting this option you can extend that default list by your own metrics.
|
|
||||||
# additionalMetrics: []
|
|
||||||
# - "new_security_hotspots"
|
|
||||||
|
|
||||||
# List of project mappings to take care of. Webhooks for other projects will be ignored.
|
|
||||||
# At least one must be configured. Otherwise, all webhooks (no matter which source) because the bot cannot map on its own.
|
|
||||||
projects:
|
|
||||||
- sonarqube:
|
|
||||||
key: rinoa-docker
|
|
||||||
# A repository specification contains the owner name and the repository name itself. The owner can be the name of a
|
|
||||||
# real account or an organization in which the repository is located.
|
|
||||||
gitea:
|
|
||||||
owner: Trez.One
|
|
||||||
name: rinoa-docker
|
|
||||||
|
|
||||||
# Define pull request names from SonarScanner analysis. Default pattern matches the Jenkins Gitea plugin schema.
|
|
||||||
namingPattern:
|
|
||||||
# Regular expression that MUST HAVE exactly ONE GROUP that matches the integer part of the PR.
|
|
||||||
# That integer part is identical to the pull request ID in Gitea.
|
|
||||||
regex: "^.*$"
|
|
||||||
|
|
||||||
# Valid Go format string. It MUST have one integer placeholder which will be replaced by the pull request ID.
|
|
||||||
# See: https://pkg.go.dev/fmt#hdr-Printing
|
|
||||||
template: "%s"
|
|
||||||
|
|
||||||
# Example for integer-only names
|
|
||||||
# # regex: "^(\\d+)$"
|
|
||||||
# # template: "%d"
|
|
||||||
@@ -1,125 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
APP_NAME = Gitea: Git with a cup of tea
|
|
||||||
RUN_MODE = prod
|
|
||||||
RUN_USER = git
|
|
||||||
WORK_PATH = /data/gitea
|
|
||||||
|
|
||||||
[repository]
|
|
||||||
ROOT = /data/git/repositories
|
|
||||||
DEFAULT_PRIVATE = last
|
|
||||||
EMABLE_PUSH_CREATE_USER = true
|
|
||||||
|
|
||||||
[repository.local]
|
|
||||||
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
|
|
||||||
|
|
||||||
[repository.upload]
|
|
||||||
TEMP_PATH = /data/gitea/uploads
|
|
||||||
|
|
||||||
[server]
|
|
||||||
APP_DATA_PATH = /data/gitea
|
|
||||||
DOMAIN = git.trez.wtf
|
|
||||||
SSH_DOMAIN = git-ssh.trez.wtf
|
|
||||||
HTTP_PORT = 3000
|
|
||||||
ROOT_URL = https://git.trez.wtf/
|
|
||||||
DISABLE_SSH = false
|
|
||||||
SSH_PORT = 22
|
|
||||||
SSH_LISTEN_PORT = 22
|
|
||||||
LFS_START_SERVER = true
|
|
||||||
LFS_JWT_SECRET = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_LFS_JWT_SECRET'] }}
|
|
||||||
OFFLINE_MODE = true
|
|
||||||
|
|
||||||
[database]
|
|
||||||
PATH = /data/gitea/gitea.db
|
|
||||||
DB_TYPE = postgres
|
|
||||||
HOST = gitea-db:5432
|
|
||||||
NAME = gitea
|
|
||||||
USER = gitea
|
|
||||||
PASSWD = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_PG_DB_PASSWORD'] }}
|
|
||||||
LOG_SQL = false
|
|
||||||
SCHEMA =
|
|
||||||
SSL_MODE = disable
|
|
||||||
|
|
||||||
[indexer]
|
|
||||||
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
|
|
||||||
REPO_INDEXER_ENABLED = true
|
|
||||||
REPO_INDEXER_PATH = indexers/repos.bleve
|
|
||||||
MAX_FILE_SIZE = 1048576
|
|
||||||
REPO_INDEXER_INCLUDE =
|
|
||||||
REPO_INDEXER_EXCLUDE = resources/bin/**
|
|
||||||
|
|
||||||
[session]
|
|
||||||
PROVIDER_CONFIG = /data/gitea/sessions
|
|
||||||
PROVIDER = file
|
|
||||||
|
|
||||||
[picture]
|
|
||||||
AVATAR_UPLOAD_PATH = /data/gitea/avatars
|
|
||||||
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
|
|
||||||
|
|
||||||
[attachment]
|
|
||||||
PATH = /data/gitea/attachments
|
|
||||||
|
|
||||||
[log]
|
|
||||||
MODE = console
|
|
||||||
LEVEL = info
|
|
||||||
ROOT_PATH = root
|
|
||||||
|
|
||||||
[security]
|
|
||||||
INSTALL_LOCK = true
|
|
||||||
SECRET_KEY =
|
|
||||||
REVERSE_PROXY_LIMIT = 1
|
|
||||||
REVERSE_PROXY_TRUSTED_PROXIES = *
|
|
||||||
INTERNAL_TOKEN = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_INTERNAL_TOKEN'] }}
|
|
||||||
PASSWORD_HASH_ALGO = pbkdf2
|
|
||||||
|
|
||||||
[service]
|
|
||||||
DISABLE_REGISTRATION = false
|
|
||||||
REQUIRE_SIGNIN_VIEW = false
|
|
||||||
REGISTER_EMAIL_CONFIRM = true
|
|
||||||
ENABLE_NOTIFY_MAIL = true
|
|
||||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
|
||||||
ENABLE_CAPTCHA = true
|
|
||||||
DEFAULT_KEEP_EMAIL_PRIVATE = true
|
|
||||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = false
|
|
||||||
DEFAULT_ENABLE_TIMETRACKING = false
|
|
||||||
NO_REPLY_ADDRESS = noreply@trez.wtf
|
|
||||||
|
|
||||||
[lfs]
|
|
||||||
PATH = /data/git/lfs
|
|
||||||
|
|
||||||
[mailer]
|
|
||||||
PASSWD = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}
|
|
||||||
PROTOCOL = smtp
|
|
||||||
ENABLED = true
|
|
||||||
FROM = '"Gitea" <noreply@trez.wtf>'
|
|
||||||
SMTP_PORT = 25
|
|
||||||
USER = rinoa/postal-smtp
|
|
||||||
SMTP_ADDR = postal-smtp
|
|
||||||
IS_TLS_ENABLED = faLse
|
|
||||||
|
|
||||||
[openid]
|
|
||||||
ENABLE_OPENID_SIGNIN = true
|
|
||||||
ENABLE_OPENID_SIGNUP = true
|
|
||||||
|
|
||||||
[cron.update_checker]
|
|
||||||
ENABLED = false
|
|
||||||
|
|
||||||
[repository.pull-request]
|
|
||||||
DEFAULT_MERGE_STYLE = merge
|
|
||||||
|
|
||||||
[repository.signing]
|
|
||||||
DEFAULT_TRUST_MODEL = committer
|
|
||||||
|
|
||||||
[oauth2]
|
|
||||||
JWT_SECRET = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_OAUTH2_JWT_SECRET'] }}
|
|
||||||
|
|
||||||
[ui]
|
|
||||||
THEMES = theme-catppuccin-blue-auto.css,theme-catppuccin-sapphire-auto.css,theme-catppuccin-yellow-auto.css,theme-catppuccin-maroon-auto.css,theme-catppuccin-mauve-auto.css,theme-catppuccin-peach-auto.css,theme-catppuccin-teal-auto.css,theme-catppuccin-flamingo-auto.css,theme-catppuccin-lavender-auto.css,theme-catppuccin-pink-auto.css,theme-catppuccin-red-auto.css,theme-catppuccin-rosewater-auto.css,theme-catppuccin-sky-auto.css,theme-catppuccin-green-auto.css
|
|
||||||
|
|
||||||
[actions]
|
|
||||||
ENABLED = true
|
|
||||||
|
|
||||||
[webhook]
|
|
||||||
ALLOWED_HOST_LIST = private,104.21.1.234,172.67.152.146
|
|
||||||
SKIP_TLS_VERIFY = true
|
|
||||||
@@ -1,404 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
// Agent globals
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
local.file "endpoints" {
|
|
||||||
// The endpoints file is used to define the endpoints, credentials and options
|
|
||||||
// for the Agent export to.
|
|
||||||
filename = "/etc/alloy/endpoints.json"
|
|
||||||
}
|
|
||||||
|
|
||||||
discovery.docker "rinoadocker" {
|
|
||||||
host = env("DOCKER_HOST")
|
|
||||||
}
|
|
||||||
|
|
||||||
tracing {
|
|
||||||
write_to = [otelcol.exporter.otlp.tempo.input]
|
|
||||||
}
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
// Metrics
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
prometheus.remote_write "mimir" {
|
|
||||||
endpoint {
|
|
||||||
url = json_path(local.file.endpoints.content, ".metrics.url")[0]
|
|
||||||
basic_auth {
|
|
||||||
username = json_path(local.file.endpoints.content, ".metrics.basicAuth.username")[0]
|
|
||||||
password = json_path(local.file.endpoints.content, ".metrics.basicAuth.password")[0]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
prometheus.scrape "prometheus" {
|
|
||||||
targets = [{
|
|
||||||
__address__ = "localhost:12345",
|
|
||||||
}]
|
|
||||||
forward_to = [prometheus.remote_write.mimir.receiver]
|
|
||||||
job_name = "prometheus"
|
|
||||||
}
|
|
||||||
|
|
||||||
prometheus.exporter.unix "rinoa" {
|
|
||||||
procfs_path = "/host/proc"
|
|
||||||
sysfs_path = "/host/sys"
|
|
||||||
rootfs_path = "/rootfs"
|
|
||||||
}
|
|
||||||
|
|
||||||
prometheus.scrape "rinoa" {
|
|
||||||
targets = prometheus.exporter.unix.rinoa.targets
|
|
||||||
forward_to = [prometheus.remote_write.mimir.receiver]
|
|
||||||
job_name = "rinoa_host"
|
|
||||||
}
|
|
||||||
|
|
||||||
prometheus.exporter.cadvisor "docker" {
|
|
||||||
docker_host = env("DOCKER_HOST")
|
|
||||||
storage_duration = "5m"
|
|
||||||
}
|
|
||||||
|
|
||||||
prometheus.scrape "docker" {
|
|
||||||
targets = prometheus.exporter.cadvisor.docker.targets
|
|
||||||
forward_to = [prometheus.remote_write.mimir.receiver]
|
|
||||||
job_name = "docker_stats"
|
|
||||||
}
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
// Logging
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
loki.write "loki" {
|
|
||||||
endpoint {
|
|
||||||
url = json_path(local.file.endpoints.content, ".logs.url")[0]
|
|
||||||
basic_auth {
|
|
||||||
username = json_path(local.file.endpoints.content, ".logs.basicAuth.username")[0]
|
|
||||||
password = json_path(local.file.endpoints.content, ".logs.basicAuth.password")[0]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
external_labels = {}
|
|
||||||
}
|
|
||||||
|
|
||||||
loki.source.journal "hostjournal" {
|
|
||||||
forward_to = [loki.write.loki.receiver]
|
|
||||||
max_age = "24h"
|
|
||||||
path = "/rootfs/var/log/journal/"
|
|
||||||
labels = {
|
|
||||||
job = "host-journal",
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
local.file_match "system" {
|
|
||||||
path_targets = [{
|
|
||||||
__address__ = "localhost",
|
|
||||||
__path__ = "/rootfs/var/log/*log",
|
|
||||||
job = "varlogs",
|
|
||||||
}]
|
|
||||||
}
|
|
||||||
|
|
||||||
loki.source.file "system" {
|
|
||||||
targets = local.file_match.system.targets
|
|
||||||
forward_to = [loki.write.loki.receiver]
|
|
||||||
}
|
|
||||||
|
|
||||||
loki.source.docker "containers" {
|
|
||||||
host = env("DOCKER_HOST")
|
|
||||||
targets = discovery.docker.rinoadocker.targets
|
|
||||||
forward_to = [loki.write.loki.receiver]
|
|
||||||
labels = {
|
|
||||||
job = "containerlogs",
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
loki.process "containers" {
|
|
||||||
forward_to = [loki.write.loki.receiver]
|
|
||||||
// stage.docker {}
|
|
||||||
stage.json {
|
|
||||||
expressions = {
|
|
||||||
attrs = "",
|
|
||||||
output = "log",
|
|
||||||
stream = "stream",
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
stage.json {
|
|
||||||
expressions = {
|
|
||||||
tag = "",
|
|
||||||
}
|
|
||||||
source = "attrs"
|
|
||||||
}
|
|
||||||
|
|
||||||
stage.regex {
|
|
||||||
expression = "(?P<image_name>(?:[^|]*[^|])).(?P<container_name>(?:[^|]*[^|])).(?P<image_id>(?:[^|]*[^|])).(?P<container_id>(?:[^|]*[^|]))"
|
|
||||||
source = "tag"
|
|
||||||
}
|
|
||||||
|
|
||||||
stage.timestamp {
|
|
||||||
source = "time"
|
|
||||||
format = "RFC3339Nano"
|
|
||||||
}
|
|
||||||
|
|
||||||
stage.labels {
|
|
||||||
values = {
|
|
||||||
container_id = null,
|
|
||||||
container_name = null,
|
|
||||||
image_id = null,
|
|
||||||
image_name = null,
|
|
||||||
stream = null,
|
|
||||||
tag = null,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
stage.output {
|
|
||||||
source = "output"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
// Traces
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
beyla.ebpf "rinoadocker" {
|
|
||||||
open_port = "80-65535"
|
|
||||||
routes {
|
|
||||||
unmatched = "heauristic"
|
|
||||||
}
|
|
||||||
output {
|
|
||||||
traces = [
|
|
||||||
otelcol.connector.servicegraph.tracemetrics.input,
|
|
||||||
otelcol.connector.spanmetrics.tracemetrics.input,
|
|
||||||
otelcol.processor.batch.default.input,
|
|
||||||
otelcol.connector.spanlogs.autologging.input,
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
prometheus.scrape "beyla" {
|
|
||||||
targets = beyla.ebpf.rinoadocker.targets
|
|
||||||
forward_to = [prometheus.remote_write.mimir.receiver]
|
|
||||||
}
|
|
||||||
|
|
||||||
otelcol.auth.headers "tempo" {
|
|
||||||
header {
|
|
||||||
key = "Authorization"
|
|
||||||
value = join(["Basic ", json_path(local.file.endpoints.content, ".traces.basicAuthToken")[0]], "")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
otelcol.processor.batch "default" {
|
|
||||||
// Wait until we've received 16K of data.
|
|
||||||
send_batch_size = 16384
|
|
||||||
send_batch_max_size = 16384
|
|
||||||
// Or until 2 seconds have elapsed.
|
|
||||||
timeout = "2s"
|
|
||||||
// When the Agent has enough batched data, send it to the OpenTelemetry exporter named 'tempo'.
|
|
||||||
output {
|
|
||||||
traces = [otelcol.exporter.otlp.tempo.input]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
otelcol.exporter.otlp "tempo" {
|
|
||||||
// Define the client for exporting.
|
|
||||||
client {
|
|
||||||
// Authentication block.
|
|
||||||
auth = otelcol.auth.headers.tempo.handler
|
|
||||||
|
|
||||||
// Send to the locally running Tempo instance, on port 4317 (OTLP gRPC).
|
|
||||||
endpoint = json_path(local.file.endpoints.content, ".traces.url")[0]
|
|
||||||
|
|
||||||
// Configure TLS settings for communicating with the endpoint.
|
|
||||||
tls {
|
|
||||||
// The connection is insecure.
|
|
||||||
insecure = json_path(local.file.endpoints.content, ".traces.tls.insecure")[0]
|
|
||||||
// Do not verify TLS certificates when connecting.
|
|
||||||
insecure_skip_verify = json_path(local.file.endpoints.content, ".traces.tls.insecureSkipVerify")[0]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
otelcol.connector.spanlogs "autologging" {
|
|
||||||
// We only want to output a line for each root span (ie. every single trace), and not for every
|
|
||||||
// process or span (outputting a line for every span would be extremely verbose).
|
|
||||||
spans = false
|
|
||||||
roots = true
|
|
||||||
processes = false
|
|
||||||
// We want to ensure that the following three span attributes are included in the log line, if
|
|
||||||
// present.
|
|
||||||
span_attributes = [ "http.method", "http.target", "http.status_code" ]
|
|
||||||
|
|
||||||
// Overrides the default key in the log line to be `traceId`, which is then used by Grafana to
|
|
||||||
// identify the trace ID for correlation with the Tempo datasource.
|
|
||||||
overrides {
|
|
||||||
trace_id_key = "traceId"
|
|
||||||
}
|
|
||||||
// Send to the OpenTelemetry Loki exporter.
|
|
||||||
output {
|
|
||||||
logs = [otelcol.exporter.loki.autologging.input]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Simply forwards the incoming OpenTelemetry log format out as a Loki log.
|
|
||||||
// We need this stage to ensure we can then process the logline as a Loki object.
|
|
||||||
otelcol.exporter.loki "autologging" {
|
|
||||||
forward_to = [loki.process.autologging.receiver]
|
|
||||||
}
|
|
||||||
|
|
||||||
// The Loki processor allows us to accept a correctly formatted Loki log and mutate it into
|
|
||||||
// a set of fields for output.
|
|
||||||
loki.process "autologging" {
|
|
||||||
// The JSON stage simply extracts the `body` (the actual logline) from the Loki log, ignoring
|
|
||||||
// all other fields.
|
|
||||||
stage.json {
|
|
||||||
expressions = { "body" = "" }
|
|
||||||
}
|
|
||||||
// The output stage takes the body (the main logline) and uses this as the source for the output
|
|
||||||
// logline. In this case, it essentially turns it into logfmt.
|
|
||||||
stage.output {
|
|
||||||
source = "body"
|
|
||||||
}
|
|
||||||
|
|
||||||
// Finally send the processed logline onto the Loki exporter.
|
|
||||||
forward_to = [loki.write.autologging.receiver]
|
|
||||||
}
|
|
||||||
|
|
||||||
// The Loki writer receives a processed Loki log and then writes it to a Loki instance.
|
|
||||||
loki.write "autologging" {
|
|
||||||
// Add the `agent` value to the `job` label, so we can identify it as having been generated
|
|
||||||
// by Grafana Agent when querying.
|
|
||||||
external_labels = {
|
|
||||||
job = "agent",
|
|
||||||
}
|
|
||||||
|
|
||||||
// Output the Loki log to the local Loki instance.
|
|
||||||
endpoint {
|
|
||||||
url = json_path(local.file.endpoints.content, ".logs.url")[0]
|
|
||||||
|
|
||||||
// The basic auth credentials for the Loki instance.
|
|
||||||
basic_auth {
|
|
||||||
username = json_path(local.file.endpoints.content, ".logs.basicAuth.username")[0]
|
|
||||||
password = json_path(local.file.endpoints.content, ".logs.basicAuth.password")[0]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// The Tail Sampling processor will use a set of policies to determine which received traces to keep
|
|
||||||
// and send to Tempo.
|
|
||||||
otelcol.processor.tail_sampling "errors" {
|
|
||||||
// Total wait time from the start of a trace before making a sampling decision. Note that smaller time
|
|
||||||
// periods can potentially cause a decision to be made before the end of a trace has occurred.
|
|
||||||
decision_wait = "30s"
|
|
||||||
|
|
||||||
// The following policies follow a logical OR pattern, meaning that if any of the policies match,
|
|
||||||
// the trace will be kept. For logical AND, you can use the `and` policy. Every span of a trace is
|
|
||||||
// examined by each policy in turn. A match will cause a short-circuit.
|
|
||||||
|
|
||||||
// This policy defines that traces that contain errors should be kept.
|
|
||||||
policy {
|
|
||||||
// The name of the policy can be used for logging purposes.
|
|
||||||
name = "sample-erroring-traces"
|
|
||||||
// The type must match the type of policy to be used, in this case examing the status code
|
|
||||||
// of every span in the trace.
|
|
||||||
type = "status_code"
|
|
||||||
// This block determines the error codes that should match in order to keep the trace,
|
|
||||||
// in this case the OpenTelemetry 'ERROR' code.
|
|
||||||
status_code {
|
|
||||||
status_codes = [ "ERROR" ]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// This policy defines that only traces that are longer than 200ms in total should be kept.
|
|
||||||
policy {
|
|
||||||
// The name of the policy can be used for logging purposes.
|
|
||||||
name = "sample-long-traces"
|
|
||||||
// The type must match the policy to be used, in this case the total latency of the trace.
|
|
||||||
type = "latency"
|
|
||||||
// This block determines the total length of the trace in milliseconds.
|
|
||||||
latency {
|
|
||||||
threshold_ms = 200
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// The output block forwards the kept traces onto the batch processor, which will marshall them
|
|
||||||
// for exporting to Tempo.
|
|
||||||
output {
|
|
||||||
traces = [otelcol.processor.batch.default.input]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// The Spanmetrics Connector will generate RED metrics based on the incoming trace span data.
|
|
||||||
otelcol.connector.spanmetrics "tracemetrics" {
|
|
||||||
// The namespace explicit adds a prefix to all the generated span metrics names.
|
|
||||||
// In this case, we'll ensure they match as closely as possible those generated by Tempo.
|
|
||||||
namespace = "traces.spanmetrics"
|
|
||||||
|
|
||||||
// Each extra dimension (metrics label) to be added to the generated metrics from matching span attributes. These
|
|
||||||
// need to be defined with a name and optionally a default value (in the following cases, we do not want a default
|
|
||||||
// value if the span attribute is not present).
|
|
||||||
dimension {
|
|
||||||
name = "http.method"
|
|
||||||
}
|
|
||||||
dimension {
|
|
||||||
name = "http.target"
|
|
||||||
}
|
|
||||||
dimension {
|
|
||||||
name = "http.status_code"
|
|
||||||
}
|
|
||||||
dimension {
|
|
||||||
name = "service.version"
|
|
||||||
}
|
|
||||||
|
|
||||||
// A histogram block must be present, either explicitly defining bucket values or via an exponential block.
|
|
||||||
// We do the latter here.
|
|
||||||
histogram {
|
|
||||||
explicit {
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// The exemplar block is added to ensure we generate exemplars for traces on relevant metric values.
|
|
||||||
exemplars {
|
|
||||||
enabled = true
|
|
||||||
}
|
|
||||||
|
|
||||||
// Generated metrics data is in OTLP format. We send this data to the OpenTelemetry Prometheus exporter to ensure
|
|
||||||
// it gets transformed into Prometheus format data.
|
|
||||||
output {
|
|
||||||
metrics = [otelcol.exporter.prometheus.tracemetrics.input]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// The Servicegraph Connector will generate service graph metrics (edges and nodes) based on incoming trace spans.
|
|
||||||
otelcol.connector.servicegraph "tracemetrics" {
|
|
||||||
// Extra dimensions (metrics labels) to be added to the generated metrics from matching span attributes.
|
|
||||||
// For this component, this is defined as an array. There are no default values and the labels will not be generated
|
|
||||||
// for missing span attributes.
|
|
||||||
dimensions = [
|
|
||||||
"http.method",
|
|
||||||
"http.target",
|
|
||||||
"http.status_code",
|
|
||||||
"service.version",
|
|
||||||
]
|
|
||||||
|
|
||||||
// Generated metrics data is in OTLP format. We send this data to the OpenTelemetry Prometheus exporter to ensure
|
|
||||||
// it gets transformed into Prometheus format data.
|
|
||||||
output {
|
|
||||||
metrics = [otelcol.exporter.prometheus.tracemetrics.input]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
otelcol.exporter.prometheus "tracemetrics" {
|
|
||||||
// Forward to our local Prometheus remote writer which will send the metrics to Mimir.
|
|
||||||
forward_to = [prometheus.remote_write.mimir.receiver]
|
|
||||||
}
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
// Profiling
|
|
||||||
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
|
||||||
|
|
||||||
pyroscope.write "pyroscope" {
|
|
||||||
endpoint {
|
|
||||||
url = json_path(local.file.endpoints.content, ".profiles.url")[0]
|
|
||||||
basic_auth {
|
|
||||||
username = json_path(local.file.endpoints.content, ".profiles.basicAuth.username")[0]
|
|
||||||
password = json_path(local.file.endpoints.content, ".profiles.basicAuth.password")[0]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
external_labels = {}
|
|
||||||
}
|
|
||||||
|
|
||||||
pyroscope.ebpf "rinoadocker" {
|
|
||||||
forward_to = [pyroscope.write.pyroscope.receiver]
|
|
||||||
targets = discovery.docker.rinoadocker.targets
|
|
||||||
}
|
|
||||||
@@ -1,34 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
{
|
|
||||||
"metrics": {
|
|
||||||
"url": "http://grafana-mimir:9009/api/v1/push",
|
|
||||||
"basicAuth": {
|
|
||||||
"username": "",
|
|
||||||
"password": ""
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"logs": {
|
|
||||||
"url": "http://grafana-loki:3100/loki/api/v1/push",
|
|
||||||
"basicAuth": {
|
|
||||||
"username": "",
|
|
||||||
"password": ""
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"traces": {
|
|
||||||
"url": "http://grafana-tempo:4317",
|
|
||||||
"basicAuthToken": "",
|
|
||||||
"tls": {
|
|
||||||
"insecure": true,
|
|
||||||
"insecureSkipVerify": true
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"profiles": {
|
|
||||||
"url": "http://grafana-pyroscope:4040",
|
|
||||||
"basicAuth": {
|
|
||||||
"username": "",
|
|
||||||
"password": ""
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
routes:
|
|
||||||
patterns:
|
|
||||||
- /*
|
|
||||||
unmatched: heuristic
|
|
||||||
@@ -1,77 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
multitenancy_enabled: false
|
|
||||||
no_auth_tenant: rinoa_mimir
|
|
||||||
# target: query-frontend
|
|
||||||
# api:
|
|
||||||
# prometheus_http_prefix: '/prometheus'
|
|
||||||
server:
|
|
||||||
http_listen_port: 9009
|
|
||||||
# frontend:
|
|
||||||
# split_queries_by_interval: 24h
|
|
||||||
# align_queries_with_step: true
|
|
||||||
# cache_results: true
|
|
||||||
# results_cache:
|
|
||||||
# backend: "memcached"
|
|
||||||
# memcached:
|
|
||||||
# addresses: "memcached-mimir:11211"
|
|
||||||
# downstream_url: http://grafana-agent:12345
|
|
||||||
|
|
||||||
common:
|
|
||||||
storage:
|
|
||||||
backend: s3
|
|
||||||
s3:
|
|
||||||
endpoint: minio:9000
|
|
||||||
access_key_id: "Q8KAihuXtGgmretKNh7C"
|
|
||||||
secret_access_key: "hOlRODtnvFlNlL26Bj3GizZG6Ys3rlpG8p6Vo3NX"
|
|
||||||
bucket_name: "mimir"
|
|
||||||
insecure: true
|
|
||||||
|
|
||||||
blocks_storage:
|
|
||||||
storage_prefix: rinoa
|
|
||||||
tsdb:
|
|
||||||
dir: /tmp/mimir/tsdb
|
|
||||||
|
|
||||||
memberlist:
|
|
||||||
tls_enabled: false
|
|
||||||
|
|
||||||
compactor:
|
|
||||||
# Directory to temporarily store blocks underdoing compaction.
|
|
||||||
data_dir: /tmp/mimir/compactor
|
|
||||||
# The sharding ring type used to share the hashed ring for the compactor.
|
|
||||||
sharding_ring:
|
|
||||||
# Use memberlist backend store (the default).
|
|
||||||
kvstore:
|
|
||||||
store: memberlist
|
|
||||||
|
|
||||||
# The distributor receives incoming metrics data for the system.
|
|
||||||
distributor:
|
|
||||||
# The ring to share hash ring data across instances.
|
|
||||||
ring:
|
|
||||||
# The address advertised in the ring. Localhost.
|
|
||||||
instance_addr: 127.0.0.1
|
|
||||||
# Use memberlist backend store (the default).
|
|
||||||
kvstore:
|
|
||||||
store: memberlist
|
|
||||||
|
|
||||||
# The ingester receives data from the distributor and processes it into indices and blocks.
|
|
||||||
ingester:
|
|
||||||
# The ring to share hash ring data across instances.
|
|
||||||
ring:
|
|
||||||
# The address advertised in the ring. Localhost.
|
|
||||||
instance_addr: 127.0.0.1
|
|
||||||
# Use memberlist backend store (the default).
|
|
||||||
kvstore:
|
|
||||||
store: memberlist
|
|
||||||
# Only run one instance of the ingesters.
|
|
||||||
# Note: It is highly recommended to run more than one ingester in production, the default is an RF of 3.
|
|
||||||
replication_factor: 1
|
|
||||||
|
|
||||||
# The store gateway block configures gateway storage.
|
|
||||||
store_gateway:
|
|
||||||
# Configuration for the hash ring.
|
|
||||||
sharding_ring:
|
|
||||||
# Only run a single instance. In production setups, the replication factor must
|
|
||||||
# be set on the querier and ruler as well.
|
|
||||||
replication_factor: 1
|
|
||||||
@@ -1,12 +0,0 @@
|
|||||||
storage:
|
|
||||||
backend: s3
|
|
||||||
s3:
|
|
||||||
bucket_name: pyroscope
|
|
||||||
endpoint: minio:9000
|
|
||||||
region: us-east-fh-pln
|
|
||||||
access_key_id: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_PYROSCOPE_STORAGE_ACCESS_KEY'] }}
|
|
||||||
secret_access_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_PYROSCOPE_STORAGE_SECRET_KEY'] }}
|
|
||||||
insecure: true
|
|
||||||
|
|
||||||
analytics:
|
|
||||||
reporting_enabled: false
|
|
||||||
@@ -1,787 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
target: all
|
|
||||||
http_api_prefix: ""
|
|
||||||
autocomplete_filtering_enabled: true
|
|
||||||
server:
|
|
||||||
http_listen_network: tcp
|
|
||||||
http_listen_address: ""
|
|
||||||
http_listen_port: 80
|
|
||||||
http_listen_conn_limit: 0
|
|
||||||
grpc_listen_network: tcp
|
|
||||||
grpc_listen_address: ""
|
|
||||||
grpc_listen_port: 9095
|
|
||||||
grpc_listen_conn_limit: 0
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: ""
|
|
||||||
http_tls_config:
|
|
||||||
cert: ""
|
|
||||||
key: null
|
|
||||||
client_ca: ""
|
|
||||||
cert_file: ""
|
|
||||||
key_file: ""
|
|
||||||
client_auth_type: ""
|
|
||||||
client_ca_file: ""
|
|
||||||
grpc_tls_config:
|
|
||||||
cert: ""
|
|
||||||
key: null
|
|
||||||
client_ca: ""
|
|
||||||
cert_file: ""
|
|
||||||
key_file: ""
|
|
||||||
client_auth_type: ""
|
|
||||||
client_ca_file: ""
|
|
||||||
register_instrumentation: true
|
|
||||||
report_grpc_codes_in_instrumentation_label_enabled: false
|
|
||||||
graceful_shutdown_timeout: 30s
|
|
||||||
http_server_read_timeout: 30s
|
|
||||||
http_server_read_header_timeout: 0s
|
|
||||||
http_server_write_timeout: 30s
|
|
||||||
http_server_idle_timeout: 2m0s
|
|
||||||
http_log_closed_connections_without_response_enabled: false
|
|
||||||
grpc_server_max_recv_msg_size: 16777216
|
|
||||||
grpc_server_max_send_msg_size: 16777216
|
|
||||||
grpc_server_max_concurrent_streams: 100
|
|
||||||
grpc_server_max_connection_idle: 2562047h47m16.854775807s
|
|
||||||
grpc_server_max_connection_age: 2562047h47m16.854775807s
|
|
||||||
grpc_server_max_connection_age_grace: 2562047h47m16.854775807s
|
|
||||||
grpc_server_keepalive_time: 2h0m0s
|
|
||||||
grpc_server_keepalive_timeout: 20s
|
|
||||||
grpc_server_min_time_between_pings: 10s
|
|
||||||
grpc_server_ping_without_stream_allowed: true
|
|
||||||
grpc_server_num_workers: 0
|
|
||||||
log_format: logfmt
|
|
||||||
log_level: info
|
|
||||||
log_source_ips_enabled: false
|
|
||||||
log_source_ips_header: ""
|
|
||||||
log_source_ips_regex: ""
|
|
||||||
log_request_headers: false
|
|
||||||
log_request_at_info_level_enabled: false
|
|
||||||
log_request_exclude_headers_list: ""
|
|
||||||
http_path_prefix: ""
|
|
||||||
internal_server:
|
|
||||||
http_listen_network: tcp
|
|
||||||
http_listen_address: ""
|
|
||||||
http_listen_port: 3101
|
|
||||||
http_listen_conn_limit: 0
|
|
||||||
grpc_listen_network: ""
|
|
||||||
grpc_listen_address: ""
|
|
||||||
grpc_listen_port: 0
|
|
||||||
grpc_listen_conn_limit: 0
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: ""
|
|
||||||
http_tls_config:
|
|
||||||
cert: ""
|
|
||||||
key: null
|
|
||||||
client_ca: ""
|
|
||||||
cert_file: ""
|
|
||||||
key_file: ""
|
|
||||||
client_auth_type: ""
|
|
||||||
client_ca_file: ""
|
|
||||||
grpc_tls_config:
|
|
||||||
cert: ""
|
|
||||||
key: null
|
|
||||||
client_ca: ""
|
|
||||||
cert_file: ""
|
|
||||||
key_file: ""
|
|
||||||
client_auth_type: ""
|
|
||||||
client_ca_file: ""
|
|
||||||
register_instrumentation: false
|
|
||||||
report_grpc_codes_in_instrumentation_label_enabled: false
|
|
||||||
graceful_shutdown_timeout: 30s
|
|
||||||
http_server_read_timeout: 30s
|
|
||||||
http_server_read_header_timeout: 0s
|
|
||||||
http_server_write_timeout: 30s
|
|
||||||
http_server_idle_timeout: 2m0s
|
|
||||||
http_log_closed_connections_without_response_enabled: false
|
|
||||||
grpc_server_max_recv_msg_size: 0
|
|
||||||
grpc_server_max_send_msg_size: 0
|
|
||||||
grpc_server_max_concurrent_streams: 0
|
|
||||||
grpc_server_max_connection_idle: 0s
|
|
||||||
grpc_server_max_connection_age: 0s
|
|
||||||
grpc_server_max_connection_age_grace: 0s
|
|
||||||
grpc_server_keepalive_time: 0s
|
|
||||||
grpc_server_keepalive_timeout: 0s
|
|
||||||
grpc_server_min_time_between_pings: 0s
|
|
||||||
grpc_server_ping_without_stream_allowed: false
|
|
||||||
grpc_server_num_workers: 0
|
|
||||||
log_format: logfmt
|
|
||||||
log_level: info
|
|
||||||
log_source_ips_enabled: false
|
|
||||||
log_source_ips_header: ""
|
|
||||||
log_source_ips_regex: ""
|
|
||||||
log_request_headers: false
|
|
||||||
log_request_at_info_level_enabled: false
|
|
||||||
log_request_exclude_headers_list: ""
|
|
||||||
http_path_prefix: ""
|
|
||||||
enable: false
|
|
||||||
distributor:
|
|
||||||
ring:
|
|
||||||
kvstore:
|
|
||||||
store: memberlist
|
|
||||||
prefix: collectors/
|
|
||||||
consul:
|
|
||||||
host: localhost:8500
|
|
||||||
acl_token: ""
|
|
||||||
http_client_timeout: 20s
|
|
||||||
consistent_reads: false
|
|
||||||
watch_rate_limit: 1
|
|
||||||
watch_burst_size: 1
|
|
||||||
cas_retry_delay: 1s
|
|
||||||
etcd:
|
|
||||||
endpoints: []
|
|
||||||
dial_timeout: 10s
|
|
||||||
max_retries: 10
|
|
||||||
tls_enabled: false
|
|
||||||
tls_cert_path: ""
|
|
||||||
tls_key_path: ""
|
|
||||||
tls_ca_path: ""
|
|
||||||
tls_server_name: ""
|
|
||||||
tls_insecure_skip_verify: false
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: ""
|
|
||||||
username: ""
|
|
||||||
password: ""
|
|
||||||
multi:
|
|
||||||
primary: ""
|
|
||||||
secondary: ""
|
|
||||||
mirror_enabled: false
|
|
||||||
mirror_timeout: 2s
|
|
||||||
heartbeat_period: 5s
|
|
||||||
heartbeat_timeout: 5m0s
|
|
||||||
instance_id: local-instance
|
|
||||||
instance_interface_names:
|
|
||||||
- eth0
|
|
||||||
- en0
|
|
||||||
instance_port: 0
|
|
||||||
instance_addr: ""
|
|
||||||
receivers: {}
|
|
||||||
override_ring_key: distributor
|
|
||||||
forwarders: []
|
|
||||||
extend_writes: true
|
|
||||||
retry_after_on_resource_exhausted: 0s
|
|
||||||
ingester_client:
|
|
||||||
pool_config:
|
|
||||||
checkinterval: 15s
|
|
||||||
healthcheckenabled: true
|
|
||||||
healthchecktimeout: 1s
|
|
||||||
maxconcurrenthealthchecks: 0
|
|
||||||
remote_timeout: 5s
|
|
||||||
grpc_client_config:
|
|
||||||
max_recv_msg_size: 104857600
|
|
||||||
max_send_msg_size: 104857600
|
|
||||||
grpc_compression: snappy
|
|
||||||
rate_limit: 0
|
|
||||||
rate_limit_burst: 0
|
|
||||||
backoff_on_ratelimits: false
|
|
||||||
backoff_config:
|
|
||||||
min_period: 100ms
|
|
||||||
max_period: 10s
|
|
||||||
max_retries: 10
|
|
||||||
initial_stream_window_size: 63KiB1023B
|
|
||||||
initial_connection_window_size: 63KiB1023B
|
|
||||||
tls_enabled: false
|
|
||||||
tls_cert_path: ""
|
|
||||||
tls_key_path: ""
|
|
||||||
tls_ca_path: ""
|
|
||||||
tls_server_name: ""
|
|
||||||
tls_insecure_skip_verify: false
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: ""
|
|
||||||
connect_timeout: 5s
|
|
||||||
connect_backoff_base_delay: 1s
|
|
||||||
connect_backoff_max_delay: 5s
|
|
||||||
metrics_generator_client:
|
|
||||||
pool_config:
|
|
||||||
checkinterval: 15s
|
|
||||||
healthcheckenabled: true
|
|
||||||
healthchecktimeout: 1s
|
|
||||||
maxconcurrenthealthchecks: 0
|
|
||||||
remote_timeout: 5s
|
|
||||||
grpc_client_config:
|
|
||||||
max_recv_msg_size: 104857600
|
|
||||||
max_send_msg_size: 104857600
|
|
||||||
grpc_compression: snappy
|
|
||||||
rate_limit: 0
|
|
||||||
rate_limit_burst: 0
|
|
||||||
backoff_on_ratelimits: false
|
|
||||||
backoff_config:
|
|
||||||
min_period: 100ms
|
|
||||||
max_period: 10s
|
|
||||||
max_retries: 10
|
|
||||||
initial_stream_window_size: 63KiB1023B
|
|
||||||
initial_connection_window_size: 63KiB1023B
|
|
||||||
tls_enabled: false
|
|
||||||
tls_cert_path: ""
|
|
||||||
tls_key_path: ""
|
|
||||||
tls_ca_path: ""
|
|
||||||
tls_server_name: ""
|
|
||||||
tls_insecure_skip_verify: false
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: ""
|
|
||||||
connect_timeout: 5s
|
|
||||||
connect_backoff_base_delay: 1s
|
|
||||||
connect_backoff_max_delay: 5s
|
|
||||||
querier:
|
|
||||||
search:
|
|
||||||
query_timeout: 30s
|
|
||||||
prefer_self: 10
|
|
||||||
external_hedge_requests_at: 8s
|
|
||||||
external_hedge_requests_up_to: 2
|
|
||||||
external_backend: ""
|
|
||||||
google_cloud_run: null
|
|
||||||
external_endpoints: []
|
|
||||||
trace_by_id:
|
|
||||||
query_timeout: 10s
|
|
||||||
max_concurrent_queries: 20
|
|
||||||
frontend_worker:
|
|
||||||
frontend_address: 127.0.0.1:9095
|
|
||||||
dns_lookup_duration: 10s
|
|
||||||
parallelism: 2
|
|
||||||
match_max_concurrent: true
|
|
||||||
id: ""
|
|
||||||
grpc_client_config:
|
|
||||||
max_recv_msg_size: 104857600
|
|
||||||
max_send_msg_size: 16777216
|
|
||||||
grpc_compression: gzip
|
|
||||||
rate_limit: 0
|
|
||||||
rate_limit_burst: 0
|
|
||||||
backoff_on_ratelimits: false
|
|
||||||
backoff_config:
|
|
||||||
min_period: 100ms
|
|
||||||
max_period: 1s
|
|
||||||
max_retries: 5
|
|
||||||
initial_stream_window_size: 0B
|
|
||||||
initial_connection_window_size: 0B
|
|
||||||
tls_enabled: false
|
|
||||||
tls_cert_path: ""
|
|
||||||
tls_key_path: ""
|
|
||||||
tls_ca_path: ""
|
|
||||||
tls_server_name: ""
|
|
||||||
tls_insecure_skip_verify: false
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: ""
|
|
||||||
connect_timeout: 0s
|
|
||||||
connect_backoff_base_delay: 0s
|
|
||||||
connect_backoff_max_delay: 0s
|
|
||||||
query_relevant_ingesters: false
|
|
||||||
query_frontend:
|
|
||||||
max_outstanding_per_tenant: 2000
|
|
||||||
querier_forget_delay: 0s
|
|
||||||
max_batch_size: 5
|
|
||||||
max_retries: 2
|
|
||||||
search:
|
|
||||||
concurrent_jobs: 1000
|
|
||||||
target_bytes_per_job: 104857600
|
|
||||||
default_result_limit: 20
|
|
||||||
max_result_limit: 0
|
|
||||||
max_duration: 168h0m0s
|
|
||||||
query_backend_after: 15m0s
|
|
||||||
query_ingesters_until: 30m0s
|
|
||||||
trace_by_id:
|
|
||||||
query_shards: 50
|
|
||||||
hedge_requests_at: 2s
|
|
||||||
hedge_requests_up_to: 2
|
|
||||||
metrics:
|
|
||||||
concurrent_jobs: 1000
|
|
||||||
target_bytes_per_job: 104857600
|
|
||||||
max_duration: 0s
|
|
||||||
query_backend_after: 1h0m0s
|
|
||||||
interval: 5m0s
|
|
||||||
multi_tenant_queries_enabled: true
|
|
||||||
compactor:
|
|
||||||
ring:
|
|
||||||
kvstore:
|
|
||||||
store: ""
|
|
||||||
prefix: collectors/
|
|
||||||
consul:
|
|
||||||
host: localhost:8500
|
|
||||||
acl_token: ""
|
|
||||||
http_client_timeout: 20s
|
|
||||||
consistent_reads: false
|
|
||||||
watch_rate_limit: 1
|
|
||||||
watch_burst_size: 1
|
|
||||||
cas_retry_delay: 1s
|
|
||||||
etcd:
|
|
||||||
endpoints: []
|
|
||||||
dial_timeout: 10s
|
|
||||||
max_retries: 10
|
|
||||||
tls_enabled: false
|
|
||||||
tls_cert_path: ""
|
|
||||||
tls_key_path: ""
|
|
||||||
tls_ca_path: ""
|
|
||||||
tls_server_name: ""
|
|
||||||
tls_insecure_skip_verify: false
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: ""
|
|
||||||
username: ""
|
|
||||||
password: ""
|
|
||||||
multi:
|
|
||||||
primary: ""
|
|
||||||
secondary: ""
|
|
||||||
mirror_enabled: false
|
|
||||||
mirror_timeout: 2s
|
|
||||||
heartbeat_period: 5s
|
|
||||||
heartbeat_timeout: 1m0s
|
|
||||||
wait_stability_min_duration: 1m0s
|
|
||||||
wait_stability_max_duration: 5m0s
|
|
||||||
instance_id: local-instance
|
|
||||||
instance_interface_names:
|
|
||||||
- eth0
|
|
||||||
- en0
|
|
||||||
instance_port: 0
|
|
||||||
instance_addr: ""
|
|
||||||
enable_inet6: false
|
|
||||||
wait_active_instance_timeout: 10m0s
|
|
||||||
compaction:
|
|
||||||
v2_in_buffer_bytes: 5242880
|
|
||||||
v2_out_buffer_bytes: 20971520
|
|
||||||
v2_prefetch_traces_count: 1000
|
|
||||||
compaction_window: 1h0m0s
|
|
||||||
max_compaction_objects: 6000000
|
|
||||||
max_block_bytes: 107374182400
|
|
||||||
block_retention: 336h0m0s
|
|
||||||
compacted_block_retention: 1h0m0s
|
|
||||||
retention_concurrency: 10
|
|
||||||
max_time_per_tenant: 5m0s
|
|
||||||
compaction_cycle: 30s
|
|
||||||
override_ring_key: compactor
|
|
||||||
ingester:
|
|
||||||
lifecycler:
|
|
||||||
ring:
|
|
||||||
kvstore:
|
|
||||||
store: inmemory
|
|
||||||
prefix: collectors/
|
|
||||||
consul:
|
|
||||||
host: localhost:8500
|
|
||||||
acl_token: ""
|
|
||||||
http_client_timeout: 20s
|
|
||||||
consistent_reads: false
|
|
||||||
watch_rate_limit: 1
|
|
||||||
watch_burst_size: 1
|
|
||||||
cas_retry_delay: 1s
|
|
||||||
etcd:
|
|
||||||
endpoints: []
|
|
||||||
dial_timeout: 10s
|
|
||||||
max_retries: 10
|
|
||||||
tls_enabled: false
|
|
||||||
tls_cert_path: ""
|
|
||||||
tls_key_path: ""
|
|
||||||
tls_ca_path: ""
|
|
||||||
tls_server_name: ""
|
|
||||||
tls_insecure_skip_verify: false
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: ""
|
|
||||||
username: ""
|
|
||||||
password: ""
|
|
||||||
multi:
|
|
||||||
primary: ""
|
|
||||||
secondary: ""
|
|
||||||
mirror_enabled: false
|
|
||||||
mirror_timeout: 2s
|
|
||||||
heartbeat_timeout: 5m0s
|
|
||||||
replication_factor: 1
|
|
||||||
zone_awareness_enabled: false
|
|
||||||
excluded_zones: ""
|
|
||||||
num_tokens: 128
|
|
||||||
heartbeat_period: 5s
|
|
||||||
heartbeat_timeout: 1m0s
|
|
||||||
observe_period: 0s
|
|
||||||
join_after: 0s
|
|
||||||
min_ready_duration: 15s
|
|
||||||
interface_names:
|
|
||||||
- en0
|
|
||||||
- bridge100
|
|
||||||
enable_inet6: false
|
|
||||||
final_sleep: 0s
|
|
||||||
tokens_file_path: ""
|
|
||||||
availability_zone: ""
|
|
||||||
unregister_on_shutdown: true
|
|
||||||
readiness_check_ring_health: true
|
|
||||||
address: 127.0.0.1
|
|
||||||
port: 0
|
|
||||||
id: local-instance
|
|
||||||
concurrent_flushes: 4
|
|
||||||
flush_check_period: 10s
|
|
||||||
flush_op_timeout: 5m0s
|
|
||||||
trace_idle_period: 10s
|
|
||||||
max_block_duration: 30m0s
|
|
||||||
max_block_bytes: 524288000
|
|
||||||
complete_block_timeout: 15m0s
|
|
||||||
override_ring_key: ring
|
|
||||||
flush_all_on_shutdown: false
|
|
||||||
metrics_generator:
|
|
||||||
ring:
|
|
||||||
kvstore:
|
|
||||||
store: inmemory
|
|
||||||
prefix: collectors/
|
|
||||||
consul:
|
|
||||||
host: localhost:8500
|
|
||||||
acl_token: ""
|
|
||||||
http_client_timeout: 20s
|
|
||||||
consistent_reads: false
|
|
||||||
watch_rate_limit: 1
|
|
||||||
watch_burst_size: 1
|
|
||||||
cas_retry_delay: 1s
|
|
||||||
etcd:
|
|
||||||
endpoints: []
|
|
||||||
dial_timeout: 10s
|
|
||||||
max_retries: 10
|
|
||||||
tls_enabled: false
|
|
||||||
tls_cert_path: ""
|
|
||||||
tls_key_path: ""
|
|
||||||
tls_ca_path: ""
|
|
||||||
tls_server_name: ""
|
|
||||||
tls_insecure_skip_verify: false
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: ""
|
|
||||||
username: ""
|
|
||||||
password: ""
|
|
||||||
multi:
|
|
||||||
primary: ""
|
|
||||||
secondary: ""
|
|
||||||
mirror_enabled: false
|
|
||||||
mirror_timeout: 2s
|
|
||||||
heartbeat_period: 5s
|
|
||||||
heartbeat_timeout: 1m0s
|
|
||||||
instance_id: local-instance
|
|
||||||
instance_interface_names:
|
|
||||||
- eth0
|
|
||||||
- en0
|
|
||||||
instance_addr: 127.0.0.1
|
|
||||||
instance_port: 0
|
|
||||||
enable_inet6: false
|
|
||||||
processor:
|
|
||||||
service_graphs:
|
|
||||||
wait: 10s
|
|
||||||
max_items: 10000
|
|
||||||
workers: 10
|
|
||||||
histogram_buckets:
|
|
||||||
- 0.1
|
|
||||||
- 0.2
|
|
||||||
- 0.4
|
|
||||||
- 0.8
|
|
||||||
- 1.6
|
|
||||||
- 3.2
|
|
||||||
- 6.4
|
|
||||||
- 12.8
|
|
||||||
dimensions: []
|
|
||||||
enable_client_server_prefix: false
|
|
||||||
peer_attributes:
|
|
||||||
- peer.service
|
|
||||||
- db.name
|
|
||||||
- db.system
|
|
||||||
span_multiplier_key: ""
|
|
||||||
span_metrics:
|
|
||||||
histogram_buckets:
|
|
||||||
- 0.002
|
|
||||||
- 0.004
|
|
||||||
- 0.008
|
|
||||||
- 0.016
|
|
||||||
- 0.032
|
|
||||||
- 0.064
|
|
||||||
- 0.128
|
|
||||||
- 0.256
|
|
||||||
- 0.512
|
|
||||||
- 1.024
|
|
||||||
- 2.048
|
|
||||||
- 4.096
|
|
||||||
- 8.192
|
|
||||||
- 16.384
|
|
||||||
intrinsic_dimensions:
|
|
||||||
service: true
|
|
||||||
span_name: true
|
|
||||||
span_kind: true
|
|
||||||
status_code: true
|
|
||||||
dimensions: []
|
|
||||||
dimension_mappings: []
|
|
||||||
enable_target_info: false
|
|
||||||
span_multiplier_key: ""
|
|
||||||
subprocessors:
|
|
||||||
0: true
|
|
||||||
1: true
|
|
||||||
2: true
|
|
||||||
filter_policies: []
|
|
||||||
target_info_excluded_dimensions: []
|
|
||||||
local_blocks:
|
|
||||||
block:
|
|
||||||
bloom_filter_false_positive: 0.01
|
|
||||||
bloom_filter_shard_size_bytes: 102400
|
|
||||||
version: vParquet3
|
|
||||||
search_encoding: snappy
|
|
||||||
search_page_size_bytes: 1048576
|
|
||||||
v2_index_downsample_bytes: 1048576
|
|
||||||
v2_index_page_size_bytes: 256000
|
|
||||||
v2_encoding: zstd
|
|
||||||
parquet_row_group_size_bytes: 100000000
|
|
||||||
parquet_dedicated_columns: []
|
|
||||||
search:
|
|
||||||
chunk_size_bytes: 1000000
|
|
||||||
prefetch_trace_count: 1000
|
|
||||||
read_buffer_count: 32
|
|
||||||
read_buffer_size_bytes: 1048576
|
|
||||||
cache_control:
|
|
||||||
footer: false
|
|
||||||
column_index: false
|
|
||||||
offset_index: false
|
|
||||||
flush_check_period: 10s
|
|
||||||
trace_idle_period: 10s
|
|
||||||
max_block_duration: 1m0s
|
|
||||||
max_block_bytes: 500000000
|
|
||||||
complete_block_timeout: 1h0m0s
|
|
||||||
max_live_traces: 0
|
|
||||||
concurrent_blocks: 10
|
|
||||||
filter_server_spans: true
|
|
||||||
registry:
|
|
||||||
collection_interval: 15s
|
|
||||||
stale_duration: 15m0s
|
|
||||||
max_label_name_length: 1024
|
|
||||||
max_label_value_length: 2048
|
|
||||||
storage:
|
|
||||||
path: ""
|
|
||||||
wal:
|
|
||||||
wal_segment_size: 134217728
|
|
||||||
wal_compression: none
|
|
||||||
stripe_size: 16384
|
|
||||||
truncate_frequency: 2h0m0s
|
|
||||||
min_wal_time: 300000
|
|
||||||
max_wal_time: 14400000
|
|
||||||
no_lockfile: false
|
|
||||||
remote_write_flush_deadline: 1m0s
|
|
||||||
remote_write_add_org_id_header: true
|
|
||||||
traces_storage:
|
|
||||||
path: ""
|
|
||||||
completedfilepath: ""
|
|
||||||
blocksfilepath: ""
|
|
||||||
v2_encoding: none
|
|
||||||
search_encoding: none
|
|
||||||
ingestion_time_range_slack: 0s
|
|
||||||
version: vParquet3
|
|
||||||
metrics_ingestion_time_range_slack: 30s
|
|
||||||
query_timeout: 30s
|
|
||||||
override_ring_key: metrics-generator
|
|
||||||
storage:
|
|
||||||
trace:
|
|
||||||
pool:
|
|
||||||
max_workers: 400
|
|
||||||
queue_depth: 20000
|
|
||||||
wal:
|
|
||||||
path: /tmp/tempo/wal
|
|
||||||
completedfilepath: /tmp/tempo/wal/completed
|
|
||||||
blocksfilepath: /tmp/tempo/wal/blocks
|
|
||||||
v2_encoding: snappy
|
|
||||||
search_encoding: none
|
|
||||||
ingestion_time_range_slack: 2m0s
|
|
||||||
version: vParquet3
|
|
||||||
block:
|
|
||||||
bloom_filter_false_positive: 0.01
|
|
||||||
bloom_filter_shard_size_bytes: 102400
|
|
||||||
version: vParquet3
|
|
||||||
search_encoding: snappy
|
|
||||||
search_page_size_bytes: 1048576
|
|
||||||
v2_index_downsample_bytes: 1048576
|
|
||||||
v2_index_page_size_bytes: 256000
|
|
||||||
v2_encoding: zstd
|
|
||||||
parquet_row_group_size_bytes: 100000000
|
|
||||||
parquet_dedicated_columns: []
|
|
||||||
search:
|
|
||||||
chunk_size_bytes: 1000000
|
|
||||||
prefetch_trace_count: 1000
|
|
||||||
read_buffer_count: 32
|
|
||||||
read_buffer_size_bytes: 1048576
|
|
||||||
cache_control:
|
|
||||||
footer: false
|
|
||||||
column_index: false
|
|
||||||
offset_index: false
|
|
||||||
blocklist_poll: 5m0s
|
|
||||||
blocklist_poll_concurrency: 50
|
|
||||||
blocklist_poll_fallback: true
|
|
||||||
blocklist_poll_tenant_index_builders: 2
|
|
||||||
blocklist_poll_stale_tenant_index: 0s
|
|
||||||
blocklist_poll_jitter_ms: 0
|
|
||||||
blocklist_poll_tolerate_consecutive_errors: 1
|
|
||||||
backend: local
|
|
||||||
local:
|
|
||||||
path: /tmp/tempo/traces
|
|
||||||
gcs:
|
|
||||||
bucket_name: ""
|
|
||||||
prefix: ""
|
|
||||||
chunk_buffer_size: 10485760
|
|
||||||
endpoint: ""
|
|
||||||
hedge_requests_at: 0s
|
|
||||||
hedge_requests_up_to: 2
|
|
||||||
insecure: false
|
|
||||||
object_cache_control: ""
|
|
||||||
object_metadata: {}
|
|
||||||
list_blocks_concurrency: 3
|
|
||||||
s3:
|
|
||||||
tls_cert_path: ""
|
|
||||||
tls_key_path: ""
|
|
||||||
tls_ca_path: ""
|
|
||||||
tls_server_name: ""
|
|
||||||
tls_insecure_skip_verify: false
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: VersionTLS12
|
|
||||||
bucket: ""
|
|
||||||
prefix: ""
|
|
||||||
endpoint: ""
|
|
||||||
region: ""
|
|
||||||
access_key: ""
|
|
||||||
secret_key: ""
|
|
||||||
session_token: ""
|
|
||||||
insecure: false
|
|
||||||
part_size: 0
|
|
||||||
hedge_requests_at: 0s
|
|
||||||
hedge_requests_up_to: 2
|
|
||||||
signature_v2: false
|
|
||||||
forcepathstyle: false
|
|
||||||
bucket_lookup_type: 0
|
|
||||||
tags: {}
|
|
||||||
storage_class: ""
|
|
||||||
metadata: {}
|
|
||||||
native_aws_auth_enabled: false
|
|
||||||
list_blocks_concurrency: 3
|
|
||||||
azure:
|
|
||||||
storage_account_name: ""
|
|
||||||
storage_account_key: ""
|
|
||||||
use_managed_identity: false
|
|
||||||
use_federated_token: false
|
|
||||||
user_assigned_id: ""
|
|
||||||
container_name: ""
|
|
||||||
prefix: ""
|
|
||||||
endpoint_suffix: blob.core.windows.net
|
|
||||||
max_buffers: 4
|
|
||||||
buffer_size: 3145728
|
|
||||||
hedge_requests_at: 0s
|
|
||||||
hedge_requests_up_to: 2
|
|
||||||
use_v2_sdk: false
|
|
||||||
cache: ""
|
|
||||||
background_cache:
|
|
||||||
writeback_goroutines: 10
|
|
||||||
writeback_buffer: 10000
|
|
||||||
memcached: null
|
|
||||||
redis: null
|
|
||||||
cache_min_compaction_level: 0
|
|
||||||
cache_max_block_age: 0s
|
|
||||||
overrides:
|
|
||||||
defaults:
|
|
||||||
ingestion:
|
|
||||||
rate_strategy: local
|
|
||||||
rate_limit_bytes: 15000000
|
|
||||||
burst_size_bytes: 20000000
|
|
||||||
max_traces_per_user: 10000
|
|
||||||
read:
|
|
||||||
max_bytes_per_tag_values_query: 5000000
|
|
||||||
global:
|
|
||||||
max_bytes_per_trace: 5000000
|
|
||||||
per_tenant_override_config: ""
|
|
||||||
per_tenant_override_period: 10s
|
|
||||||
user_configurable_overrides:
|
|
||||||
enabled: false
|
|
||||||
poll_interval: 1m0s
|
|
||||||
client:
|
|
||||||
backend: ""
|
|
||||||
confirm_versioning: true
|
|
||||||
local:
|
|
||||||
path: ""
|
|
||||||
gcs:
|
|
||||||
bucket_name: ""
|
|
||||||
prefix: ""
|
|
||||||
chunk_buffer_size: 10485760
|
|
||||||
endpoint: ""
|
|
||||||
hedge_requests_at: 0s
|
|
||||||
hedge_requests_up_to: 2
|
|
||||||
insecure: false
|
|
||||||
object_cache_control: ""
|
|
||||||
object_metadata: {}
|
|
||||||
list_blocks_concurrency: 3
|
|
||||||
s3:
|
|
||||||
tls_cert_path: ""
|
|
||||||
tls_key_path: ""
|
|
||||||
tls_ca_path: ""
|
|
||||||
tls_server_name: ""
|
|
||||||
tls_insecure_skip_verify: false
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: VersionTLS12
|
|
||||||
bucket: ""
|
|
||||||
prefix: ""
|
|
||||||
endpoint: ""
|
|
||||||
region: ""
|
|
||||||
access_key: ""
|
|
||||||
secret_key: ""
|
|
||||||
session_token: ""
|
|
||||||
insecure: false
|
|
||||||
part_size: 0
|
|
||||||
hedge_requests_at: 0s
|
|
||||||
hedge_requests_up_to: 2
|
|
||||||
signature_v2: false
|
|
||||||
forcepathstyle: false
|
|
||||||
bucket_lookup_type: 0
|
|
||||||
tags: {}
|
|
||||||
storage_class: ""
|
|
||||||
metadata: {}
|
|
||||||
native_aws_auth_enabled: false
|
|
||||||
list_blocks_concurrency: 3
|
|
||||||
azure:
|
|
||||||
storage_account_name: ""
|
|
||||||
storage_account_key: ""
|
|
||||||
use_managed_identity: false
|
|
||||||
use_federated_token: false
|
|
||||||
user_assigned_id: ""
|
|
||||||
container_name: ""
|
|
||||||
prefix: ""
|
|
||||||
endpoint_suffix: blob.core.windows.net
|
|
||||||
max_buffers: 4
|
|
||||||
buffer_size: 3145728
|
|
||||||
hedge_requests_at: 0s
|
|
||||||
hedge_requests_up_to: 2
|
|
||||||
use_v2_sdk: false
|
|
||||||
api:
|
|
||||||
check_for_conflicting_runtime_overrides: false
|
|
||||||
memberlist:
|
|
||||||
node_name: ""
|
|
||||||
randomize_node_name: true
|
|
||||||
stream_timeout: 2s
|
|
||||||
retransmit_factor: 2
|
|
||||||
pull_push_interval: 30s
|
|
||||||
gossip_interval: 1s
|
|
||||||
gossip_nodes: 2
|
|
||||||
gossip_to_dead_nodes_time: 30s
|
|
||||||
dead_node_reclaim_time: 0s
|
|
||||||
compression_enabled: false
|
|
||||||
advertise_addr: ""
|
|
||||||
advertise_port: 7946
|
|
||||||
cluster_label: ""
|
|
||||||
cluster_label_verification_disabled: false
|
|
||||||
join_members: []
|
|
||||||
min_join_backoff: 1s
|
|
||||||
max_join_backoff: 1m0s
|
|
||||||
max_join_retries: 10
|
|
||||||
abort_if_cluster_join_fails: false
|
|
||||||
rejoin_interval: 0s
|
|
||||||
left_ingesters_timeout: 5m0s
|
|
||||||
leave_timeout: 20s
|
|
||||||
message_history_buffer_bytes: 0
|
|
||||||
bind_addr: []
|
|
||||||
bind_port: 7946
|
|
||||||
packet_dial_timeout: 2s
|
|
||||||
packet_write_timeout: 5s
|
|
||||||
tls_enabled: false
|
|
||||||
tls_cert_path: ""
|
|
||||||
tls_key_path: ""
|
|
||||||
tls_ca_path: ""
|
|
||||||
tls_server_name: ""
|
|
||||||
tls_insecure_skip_verify: false
|
|
||||||
tls_cipher_suites: ""
|
|
||||||
tls_min_version: ""
|
|
||||||
usage_report:
|
|
||||||
reporting_enabled: true
|
|
||||||
backoff:
|
|
||||||
min_period: 100ms
|
|
||||||
max_period: 10s
|
|
||||||
max_retries: 0
|
|
||||||
cache:
|
|
||||||
background:
|
|
||||||
writeback_goroutines: 10
|
|
||||||
writeback_buffer: 10000
|
|
||||||
caches: []
|
|
||||||
@@ -1,54 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
|
|
||||||
server:
|
|
||||||
http_listen_port: 3200
|
|
||||||
|
|
||||||
distributor:
|
|
||||||
receivers: # this configuration will listen on all ports and protocols that tempo is capable of.
|
|
||||||
jaeger: # the receives all come from the OpenTelemetry collector. more configuration information can
|
|
||||||
protocols: # be found there: https://github.com/open-telemetry/opentelemetry-collector/tree/main/receiver
|
|
||||||
thrift_http: #
|
|
||||||
grpc: # for a production deployment you should only enable the receivers you need!
|
|
||||||
thrift_binary:
|
|
||||||
thrift_compact:
|
|
||||||
zipkin:
|
|
||||||
otlp:
|
|
||||||
protocols:
|
|
||||||
http:
|
|
||||||
grpc:
|
|
||||||
opencensus:
|
|
||||||
|
|
||||||
ingester:
|
|
||||||
max_block_duration: 5m # cut the headblock when this much time passes. this is being set for demo purposes and should probably be left alone normally
|
|
||||||
|
|
||||||
compactor:
|
|
||||||
compaction:
|
|
||||||
block_retention: 1h # overall Tempo trace retention. set for demo purposes
|
|
||||||
|
|
||||||
# metrics_generator:
|
|
||||||
# registry:
|
|
||||||
# external_labels:
|
|
||||||
# source: tempo
|
|
||||||
# cluster: docker-compose
|
|
||||||
# storage:
|
|
||||||
# path: /tmp/tempo/generator/wal
|
|
||||||
# remote_write:
|
|
||||||
# - url: http://grafana-alloy:12345/api/v1/write
|
|
||||||
# send_exemplars: true
|
|
||||||
|
|
||||||
storage:
|
|
||||||
trace:
|
|
||||||
backend: s3 # backend configuration to use
|
|
||||||
wal:
|
|
||||||
path: /tmp/tempo/wal # where to store the the wal locally
|
|
||||||
s3:
|
|
||||||
bucket: tempo # how to store data in s3
|
|
||||||
endpoint: minio:9000
|
|
||||||
access_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_TEMPO_STORAGE_ACCESS_KEY'] }}
|
|
||||||
secret_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_TEMPO_STORAGE_SECRET_KEY'] }}
|
|
||||||
insecure: true
|
|
||||||
|
|
||||||
usage_report:
|
|
||||||
reporting_enabled: false
|
|
||||||
@@ -1,22 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
|
|
||||||
---
|
|
||||||
# For configuration options and examples, please see:
|
|
||||||
# https://gethomepage.dev/en/configs/bookmarks
|
|
||||||
|
|
||||||
#- Developer:
|
|
||||||
# - Github:
|
|
||||||
# - abbr: GH
|
|
||||||
# href: https://github.com/
|
|
||||||
#
|
|
||||||
#- Social:
|
|
||||||
# - Reddit:
|
|
||||||
# - abbr: RE
|
|
||||||
# href: https://reddit.com/
|
|
||||||
#
|
|
||||||
#- Entertainment:
|
|
||||||
# - YouTube:
|
|
||||||
# - abbr: YT
|
|
||||||
# href: https://youtube.com/
|
|
||||||
@@ -1,15 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
|
|
||||||
---
|
|
||||||
# For configuration options and examples, please see:
|
|
||||||
# https://gethomepage.dev/en/configs/docker/
|
|
||||||
|
|
||||||
# my-docker:
|
|
||||||
# host: 127.0.0.1
|
|
||||||
# port: 2375
|
|
||||||
|
|
||||||
my-docker:
|
|
||||||
host: dockerproxy
|
|
||||||
port: 2375
|
|
||||||
@@ -1,6 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
|
|
||||||
---
|
|
||||||
# sample kubernetes config
|
|
||||||
@@ -1,33 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
---
|
|
||||||
# For configuration options and examples, please see:
|
|
||||||
# https://gethomepage.dev/en/configs/services
|
|
||||||
|
|
||||||
#- My First Group:
|
|
||||||
# - My First Service:
|
|
||||||
# href: http://localhost/
|
|
||||||
# description: Homepage is awesome
|
|
||||||
#
|
|
||||||
#- My Second Group:
|
|
||||||
# - My Second Service:
|
|
||||||
# href: http://localhost/
|
|
||||||
# description: Homepage is the best
|
|
||||||
#
|
|
||||||
#- My Third Group:
|
|
||||||
# - My Third Service:
|
|
||||||
# href: http://localhost/
|
|
||||||
# description: Homepage is 😎
|
|
||||||
|
|
||||||
- Automation:
|
|
||||||
- Home Assistant (Rikku):
|
|
||||||
href: https://ha.trez.wtf
|
|
||||||
description: Smart Home
|
|
||||||
icon: home-assistant.png
|
|
||||||
weight: 0
|
|
||||||
widget:
|
|
||||||
type: homeassistant
|
|
||||||
url: http://192.168.1.252:8123
|
|
||||||
key: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI5MTFlMDZiMzNlODc0MWYyYjM3Mzg0NDhiMzMyNzMxYiIsImlhdCI6MTcxMzEzODc3MiwiZXhwIjoyMDI4NDk4NzcyfQ.CXFBjf0sJAGdMrRd_PTCkkzU3LsCgkckG8HvbdSYEhs
|
|
||||||
|
|
||||||
@@ -1,60 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
---
|
|
||||||
# For configuration options and examples, please see:
|
|
||||||
# https://gethomepage.dev/en/configs/settings
|
|
||||||
|
|
||||||
providers:
|
|
||||||
openweathermap: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['HOMEPAGE_OPENWEATHERMAP_API_KEY'] }}
|
|
||||||
# weatherapi: weatherapiapikey
|
|
||||||
title: Rinoa Dashboard (trez.WTF)
|
|
||||||
headerStyle: underlined
|
|
||||||
color: slate
|
|
||||||
showStats: true
|
|
||||||
statusStyle: "dot"
|
|
||||||
favicon: /icons/favicon.ico
|
|
||||||
useEqualHeights: false
|
|
||||||
hideErrors: false
|
|
||||||
searchDescriptions: true
|
|
||||||
showSearchSuggestions: true
|
|
||||||
provider: duckduckgo
|
|
||||||
|
|
||||||
layout:
|
|
||||||
System Administration:
|
|
||||||
style: row
|
|
||||||
columns: 4
|
|
||||||
# fiveColumns: true
|
|
||||||
Infrastructure/App Performance Monitoring:
|
|
||||||
style: row
|
|
||||||
columns: 4
|
|
||||||
Automation:
|
|
||||||
style: columns
|
|
||||||
row: 2
|
|
||||||
Code/DevOps:
|
|
||||||
style: columms
|
|
||||||
row: 2
|
|
||||||
Privacy/Security:
|
|
||||||
style: columns
|
|
||||||
row: 5
|
|
||||||
Social:
|
|
||||||
style: columns
|
|
||||||
row: 4
|
|
||||||
Lifestyle:
|
|
||||||
style: row
|
|
||||||
columns: 4
|
|
||||||
Personal Services:
|
|
||||||
style: row
|
|
||||||
columns: 4
|
|
||||||
Professional Services:
|
|
||||||
style: row
|
|
||||||
columns: 3
|
|
||||||
Servarr Stack:
|
|
||||||
style: row
|
|
||||||
columns: 3
|
|
||||||
Downloaders:
|
|
||||||
style: row
|
|
||||||
columns: 3
|
|
||||||
Media Library:
|
|
||||||
style: row
|
|
||||||
columns: 4
|
|
||||||
@@ -1,33 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
---
|
|
||||||
# For configuration options and examples, please see:
|
|
||||||
# https://gethomepage.dev/en/configs/widgets
|
|
||||||
|
|
||||||
- resources:
|
|
||||||
label: System
|
|
||||||
cpu: true
|
|
||||||
memory: true
|
|
||||||
cputemp: true
|
|
||||||
uptime: true
|
|
||||||
|
|
||||||
- resources:
|
|
||||||
label: Storage
|
|
||||||
expanded: true
|
|
||||||
disk:
|
|
||||||
- /
|
|
||||||
- /rinoa-storage
|
|
||||||
|
|
||||||
- search:
|
|
||||||
provider: custom
|
|
||||||
url: https://search.trez.wtf/search?q=
|
|
||||||
target: _blank
|
|
||||||
|
|
||||||
- openweathermap:
|
|
||||||
label: New York
|
|
||||||
latitude: 40.72
|
|
||||||
longitude: -73.85
|
|
||||||
units: imperial
|
|
||||||
provider: openweathermap
|
|
||||||
cache: 10
|
|
||||||
@@ -1,52 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
# IN application vars
|
|
||||||
IN_APP_URL=http://in.localhost:8003
|
|
||||||
IN_APP_KEY=<insert your generated key in here>
|
|
||||||
IN_APP_DEBUG=true
|
|
||||||
IN_REQUIRE_HTTPS=false
|
|
||||||
IN_PHANTOMJS_PDF_GENERATION=false
|
|
||||||
IN_PDF_GENERATOR=snappdf
|
|
||||||
IN_TRUSTED_PROXIES='*'
|
|
||||||
|
|
||||||
|
|
||||||
IN_QUEUE_CONNECTION=database
|
|
||||||
|
|
||||||
# DB connection
|
|
||||||
IN_DB_HOST=db
|
|
||||||
IN_DB_PORT=3306
|
|
||||||
IN_DB_DATABASE=ninja
|
|
||||||
IN_DB_USERNAME=ninja
|
|
||||||
IN_DB_PASSWORD=ninja
|
|
||||||
|
|
||||||
# Create initial user
|
|
||||||
# Default to these values if empty
|
|
||||||
# IN_USER_EMAIL=admin@example.com
|
|
||||||
# IN_PASSWORD=changeme!
|
|
||||||
IN_USER_EMAIL=
|
|
||||||
IN_PASSWORD=
|
|
||||||
|
|
||||||
# Mail options
|
|
||||||
IN_MAIL_MAILER=log
|
|
||||||
IN_MAIL_HOST=smtp.mailtrap.io
|
|
||||||
IN_MAIL_PORT=2525
|
|
||||||
IN_MAIL_USERNAME=null
|
|
||||||
IN_MAIL_PASSWORD=null
|
|
||||||
IN_MAIL_ENCRYPTION=null
|
|
||||||
IN_MAIL_FROM_ADDRESS='user@example.com'
|
|
||||||
IN_MAIL_FROM_NAME='Self Hosted User'
|
|
||||||
|
|
||||||
# MySQL
|
|
||||||
IN_MYSQL_ROOT_PASSWORD=ninjaAdm1nPassword
|
|
||||||
IN_MYSQL_USER=ninja
|
|
||||||
IN_MYSQL_PASSWORD=ninja
|
|
||||||
IN_MYSQL_DATABASE=ninja
|
|
||||||
|
|
||||||
# GoCardless/Nordigen API key for banking integration
|
|
||||||
NORDIGEN_SECRET_ID=
|
|
||||||
NORDIGEN_SECRET_KEY=
|
|
||||||
|
|
||||||
# V4 env vars
|
|
||||||
# DB_STRICT=false
|
|
||||||
# APP_CIPHER=AES-256-CBC
|
|
||||||
@@ -1,477 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
###########################
|
|
||||||
# 🦎 KOMODO CORE CONFIG 🦎 #
|
|
||||||
###########################
|
|
||||||
|
|
||||||
## This is the offical "Default" config file for Komodo Core.
|
|
||||||
## It serves as documentation for the meaning of the fields.
|
|
||||||
## It is located at `https://github.com/mbecker20/komodo/blob/main/config/core.config.toml`.
|
|
||||||
|
|
||||||
## All fields with a "Default" provided are optional. If they are
|
|
||||||
## left out of the file, the "Default" value will be used.
|
|
||||||
|
|
||||||
## This file is bundled into the official image, `ghcr.io/mbecker20/komodo`,
|
|
||||||
## as the default config at `/config/config.toml`.
|
|
||||||
## Komodo can start with no external config file mounted.
|
|
||||||
|
|
||||||
## There is usually no need to create this file on your host.
|
|
||||||
## Most fields can instead be configured using environment variables.
|
|
||||||
## Environment variables will override values set in this file.
|
|
||||||
|
|
||||||
## This will be the document title on the web page.
|
|
||||||
## Env: KOMODO_TITLE
|
|
||||||
## Default: 'Komodo'
|
|
||||||
title = "Komodo @ Rinoa"
|
|
||||||
|
|
||||||
## This should be the url used to access Komodo in browser, potentially behind DNS.
|
|
||||||
## Eg https://komodo.example.com or http://12.34.56.78:9120. This should match the address configured in your Oauth app.
|
|
||||||
## Env: KOMODO_HOST
|
|
||||||
## Required, no default.
|
|
||||||
host = "https://komodo.trez.wtf"
|
|
||||||
|
|
||||||
## The port the core system will run on.
|
|
||||||
## Env: KOMODO_PORT
|
|
||||||
## Default: 9120
|
|
||||||
port = 9120
|
|
||||||
|
|
||||||
## This is the token used to authenticate core requests to periphery.
|
|
||||||
## Ensure this matches a passkey in the connected periphery configs.
|
|
||||||
## If the periphery servers don't have passkeys configured, this doesn't need to be changed.
|
|
||||||
## Env: KOMODO_PASSKEY or KOMODO_PASSKEY_FILE
|
|
||||||
## Required, no default
|
|
||||||
passkey = "JgzFdZYbE7JfH5zhrh5pWUEQEWA4MCXG"
|
|
||||||
|
|
||||||
## Ensure a server with this address exists on Core
|
|
||||||
## upon first startup. Example: `https://periphery:8120`
|
|
||||||
## Env: KOMODO_FIRST_SERVER
|
|
||||||
## Optional, no default.
|
|
||||||
first_server = ""
|
|
||||||
|
|
||||||
## Disables write support on resources in the UI.
|
|
||||||
## This protects users that that would normally have write priviledges during their UI usage,
|
|
||||||
## when they intend to fully rely on ResourceSyncs to manage config.
|
|
||||||
## Env: KOMODO_UI_WRITE_DISABLED
|
|
||||||
## Default: false
|
|
||||||
ui_write_disabled = false
|
|
||||||
|
|
||||||
## Disables the confirm dialogs on all actions. All buttons will now be double-click.
|
|
||||||
## Useful when only having http connection to core, as UI quick-copy button won't work.
|
|
||||||
## Env: KOMODO_DISABLE_CONFIRM_DIALOG
|
|
||||||
## Default: false
|
|
||||||
disable_confirm_dialog = false
|
|
||||||
|
|
||||||
## Configure the directory for sync files (inside the container).
|
|
||||||
## There shouldn't be a need to change this, just mount a volume.
|
|
||||||
## Env: KOMODO_SYNC_DIRECTORY
|
|
||||||
## Default: /syncs
|
|
||||||
sync_directory = "/syncs"
|
|
||||||
|
|
||||||
## Configure the repo directory (inside the container).
|
|
||||||
## There shouldn't be a need to change this, just mount a volume.
|
|
||||||
## Env: KOMODO_REPO_DIRECTORY
|
|
||||||
## Default: /repo-cache
|
|
||||||
repo_directory = "/repo-cache"
|
|
||||||
|
|
||||||
## Configure the action directory (inside the container).
|
|
||||||
## There shouldn't be a need to change this, or even mount a volume.
|
|
||||||
## Env: KOMODO_ACTION_DIRECTORY
|
|
||||||
## Default: /action-cache
|
|
||||||
action_directory = "/action-cache"
|
|
||||||
|
|
||||||
################
|
|
||||||
# AUTH / LOGIN #
|
|
||||||
################
|
|
||||||
|
|
||||||
## Allow user login with a username / password.
|
|
||||||
## The password will be hashed and stored in the db for login comparison.
|
|
||||||
##
|
|
||||||
## NOTE:
|
|
||||||
## Komodo has no API to recover account logins, but if this happens you can doctor the database using Mongo Compass.
|
|
||||||
## Create a new Komodo user (Sign Up button), login to the database with Compass, note down your old users username and _id.
|
|
||||||
## Then delete the old user, and update the new user to have the same username and _id.
|
|
||||||
## Make sure to set `enabled: true` and maybe `admin: true` on the new user as well, while using Compass.
|
|
||||||
##
|
|
||||||
## Env: KOMODO_LOCAL_AUTH
|
|
||||||
## Default: false
|
|
||||||
local_auth = true
|
|
||||||
|
|
||||||
## Normally new users will be registered, but not enabled until an Admin enables them.
|
|
||||||
## With `disable_user_registration = true`, only the first user to log in will registered as a user.
|
|
||||||
## Env: KOMODO_DISABLE_USER_REGISTRATION
|
|
||||||
## Default: false
|
|
||||||
disable_user_registration = false
|
|
||||||
|
|
||||||
## New users will be automatically enabled when they sign up.
|
|
||||||
## Otherwise, new users will be disabled on first login.
|
|
||||||
## The first user to login will always be enabled on creation.
|
|
||||||
## Env: KOMODO_ENABLE_NEW_USERS
|
|
||||||
## Default: false
|
|
||||||
enable_new_users = false
|
|
||||||
|
|
||||||
## Allows all users to have Read level access to all resources.
|
|
||||||
## Env: KOMODO_TRANSPARENT_MODE
|
|
||||||
## Default: false
|
|
||||||
transparent_mode = false
|
|
||||||
|
|
||||||
## Normally all enabled users can create resources.
|
|
||||||
## If `disable_non_admin_create = true`, only admin users can create resources.
|
|
||||||
## Env: KOMODO_DISABLE_NON_ADMIN_CREATE
|
|
||||||
## Default: false
|
|
||||||
disable_non_admin_create = false
|
|
||||||
|
|
||||||
## Optionally provide a specific jwt secret.
|
|
||||||
## Passing nothing or an empty string will cause one to be generated on every startup.
|
|
||||||
## This means users will have to log in again if Komodo restarts.
|
|
||||||
## Env: KOMODO_JWT_SECRET or KOMODO_JWT_SECRET_FILE
|
|
||||||
## Default: empty string, meaning a random secret will be generated at startup.
|
|
||||||
jwt_secret = "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['KOMODO_JWT_SECRET'] }}"
|
|
||||||
|
|
||||||
## Specify how long a user can stay logged in before they have to log in again.
|
|
||||||
## All jwts are invalidated on application restart unless `jwt_secret` is set.
|
|
||||||
## Env: KOMODO_JWT_TTL
|
|
||||||
## Options: 1-hr, 12-hr, 1-day, 3-day, 1-wk, 2-wk, 30-day
|
|
||||||
## Default: 1-day.
|
|
||||||
jwt_ttl = "1-day"
|
|
||||||
|
|
||||||
#############
|
|
||||||
# OIDC Auth #
|
|
||||||
#############
|
|
||||||
|
|
||||||
## Enable logins with configured OIDC provider.
|
|
||||||
## Env: KOMODO_OIDC_ENABLED
|
|
||||||
## Default: false
|
|
||||||
oidc_enabled = false
|
|
||||||
|
|
||||||
## Give the provider address.
|
|
||||||
##
|
|
||||||
## The path, ie /application/o/komodo for Authentik,
|
|
||||||
## is provider and configuration specific.
|
|
||||||
##
|
|
||||||
## Note. this address must be reachable from Komodo Core container.
|
|
||||||
##
|
|
||||||
## Env: KOMODO_OIDC_PROVIDER
|
|
||||||
## Optional, no default.
|
|
||||||
oidc_provider = "https://oidc.provider.internal/application/o/komodo"
|
|
||||||
|
|
||||||
## Configure OIDC user redirect host.
|
|
||||||
##
|
|
||||||
## This is the host address users are redirected to in their browser,
|
|
||||||
## and may be different from `oidc_provider` host depending on your networking.
|
|
||||||
## If not provided (or empty string ""), the `oidc_provider` will be used.
|
|
||||||
##
|
|
||||||
## Note. DO NOT include the `path` part of the URL.
|
|
||||||
## Example: `https://oidc.provider.external`
|
|
||||||
##
|
|
||||||
## Env: KOMODO_OIDC_REDIRECT_HOST
|
|
||||||
## Optional, no default.
|
|
||||||
oidc_redirect_host = ""
|
|
||||||
|
|
||||||
## Give the OIDC Client ID.
|
|
||||||
## Env: KOMODO_OIDC_CLIENT_ID or KOMODO_OIDC_CLIENT_ID_FILE
|
|
||||||
oidc_client_id = ""
|
|
||||||
|
|
||||||
## Give the OIDC Client Secret.
|
|
||||||
## Env: KOMODO_OIDC_CLIENT_SECRET or KOMODO_OIDC_CLIENT_SECRET_FILE
|
|
||||||
oidc_client_secret = ""
|
|
||||||
|
|
||||||
## If true, use the full email for usernames.
|
|
||||||
## Otherwise, the @address will be stripped,
|
|
||||||
## making usernames more concise.
|
|
||||||
## Env: KOMODO_OIDC_USE_FULL_EMAIL
|
|
||||||
## Default: false.
|
|
||||||
oidc_use_full_email = false
|
|
||||||
|
|
||||||
## Some providers attach other audiences in addition to the client_id.
|
|
||||||
## If you have this issue, `Invalid audiences: `...` is not a trusted audience"`,
|
|
||||||
## you can add the audience `...` to the list here (assuming it should be trusted).
|
|
||||||
## Env: KOMODO_OIDC_ADDITIONAL_AUDIENCES or KOMODO_OIDC_ADDITIONAL_AUDIENCES_FILE
|
|
||||||
## Default: empty
|
|
||||||
oidc_additional_audiences = []
|
|
||||||
|
|
||||||
#########
|
|
||||||
# OAUTH #
|
|
||||||
#########
|
|
||||||
|
|
||||||
## Google
|
|
||||||
|
|
||||||
## Env: KOMODO_GOOGLE_OAUTH_ENABLED
|
|
||||||
## Default: false
|
|
||||||
google_oauth.enabled = false
|
|
||||||
|
|
||||||
## Env: KOMODO_GOOGLE_OAUTH_ID or KOMODO_GOOGLE_OAUTH_ID_FILE
|
|
||||||
## Required if google_oauth is enabled.
|
|
||||||
google_oauth.id = ""
|
|
||||||
|
|
||||||
## Env: KOMODO_GOOGLE_OAUTH_SECRET or KOMODO_GOOGLE_OAUTH_SECRET_FILE
|
|
||||||
## Required if google_oauth is enabled.
|
|
||||||
google_oauth.secret = ""
|
|
||||||
|
|
||||||
## Github
|
|
||||||
|
|
||||||
## Env: KOMODO_GITHUB_OAUTH_ENABLED
|
|
||||||
## Default: false
|
|
||||||
github_oauth.enabled = false
|
|
||||||
|
|
||||||
## Env: KOMODO_GITHUB_OAUTH_ID or KOMODO_GITHUB_OAUTH_ID_FILE
|
|
||||||
## Required if github_oauth is enabled.
|
|
||||||
github_oauth.id = ""
|
|
||||||
|
|
||||||
## Env: KOMODO_GITHUB_OAUTH_SECRET or KOMODO_GITHUB_OAUTH_SECRET_FILE
|
|
||||||
## Required if github_oauth is enabled.
|
|
||||||
github_oauth.secret = ""
|
|
||||||
|
|
||||||
############
|
|
||||||
# Security #
|
|
||||||
############
|
|
||||||
|
|
||||||
## Enable HTTPS server using the given key and cert.
|
|
||||||
## Env: KOMODO_SSL_ENABLED
|
|
||||||
## Default: false
|
|
||||||
ssl_enabled = false
|
|
||||||
|
|
||||||
## Path to the ssl key.
|
|
||||||
## Env: KOMODO_SSL_KEY_FILE
|
|
||||||
## Default: /config/ssl/key.pem
|
|
||||||
ssl_key_file = "/config/ssl/key.pem"
|
|
||||||
|
|
||||||
## Path to the ssl cert.
|
|
||||||
## Env: KOMODO_SSL_CERT_FILE
|
|
||||||
## Default: /config/ssl/cert.pem
|
|
||||||
ssl_cert_file = "/config/ssl/cert.pem"
|
|
||||||
|
|
||||||
############
|
|
||||||
# DATABASE #
|
|
||||||
############
|
|
||||||
|
|
||||||
## Configure the database connection in one of the following ways:
|
|
||||||
|
|
||||||
## Pass a full Mongo URI to the database.
|
|
||||||
## Example: mongodb://username:password@localhost:27017
|
|
||||||
## Env: KOMODO_DATABASE_URI or KOMODO_DATABASE_URI_FILE
|
|
||||||
## Optional, can usually use `address`, `username`, `password` instead.
|
|
||||||
database.uri = "mongodb://komodo:jtyl2U8KZPUe8V9MOTXQDYRlg7QemGuF@komodo-ferretdb:27017/komodo?authMechanism=PLAIN"
|
|
||||||
|
|
||||||
## ==== * OR * ==== ##
|
|
||||||
|
|
||||||
# Construct the address as mongodb://{username}:{password}@{address}
|
|
||||||
## Env: KOMODO_DATABASE_ADDRESS
|
|
||||||
# database.address = "localhost:27017"
|
|
||||||
## Env: KOMODO_DATABASE_USERNAME or KOMODO_DATABASE_USERNAME_FILE
|
|
||||||
# database.username = ""
|
|
||||||
## Env: KOMODO_DATABASE_PASSWORD or KOMODO_DATABASE_PASSWORD_FILE
|
|
||||||
# database.password = ""
|
|
||||||
|
|
||||||
## ==== other ====
|
|
||||||
|
|
||||||
## Komodo will create its collections under this database name.
|
|
||||||
## The only reason to change this is if multiple Komodo Cores share the same db.
|
|
||||||
## Env: KOMODO_DATABASE_DB_NAME
|
|
||||||
## Default: komodo.
|
|
||||||
database.db_name = "komodo"
|
|
||||||
|
|
||||||
## This is the assigned app_name of the mongo client.
|
|
||||||
## The only reason to change this is if multiple Komodo Cores share the same db.
|
|
||||||
## Env: KOMODO_DATABASE_APP_NAME
|
|
||||||
## Default: komodo_core.
|
|
||||||
database.app_name = "komodo_core"
|
|
||||||
|
|
||||||
############
|
|
||||||
# WEBHOOKS #
|
|
||||||
############
|
|
||||||
|
|
||||||
## This token must be given to git provider during repo webhook config.
|
|
||||||
## The secret configured on the git provider side must match the secret configured here.
|
|
||||||
## If not provided,
|
|
||||||
## Env: KOMODO_WEBHOOK_SECRET or KOMODO_WEBHOOK_SECRET_FILE
|
|
||||||
## Optional, no default.
|
|
||||||
webhook_secret = "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['KOMODO_WEBHOOK_SECRET'] }}"
|
|
||||||
|
|
||||||
## An alternate base url that is used to recieve git webhook requests.
|
|
||||||
## If empty or not specified, will use 'host' address as base.
|
|
||||||
## This is useful if Komodo is on an internal network, but can have a
|
|
||||||
## proxy just allowing through the webhook listener api using NGINX.
|
|
||||||
## Env: KOMODO_WEBHOOK_BASE_URL
|
|
||||||
## Default: empty (none)
|
|
||||||
webhook_base_url = ""
|
|
||||||
|
|
||||||
## Configure Github webhook app. Enables webhook management apis.
|
|
||||||
## <INSERT LINK TO GUIDE>
|
|
||||||
## Env: KOMODO_GITHUB_WEBHOOK_APP_APP_ID or KOMODO_GITHUB_WEBHOOK_APP_APP_ID_FILE
|
|
||||||
# github_webhook_app.app_id = 1234455 # Find on the app page.
|
|
||||||
## Env:
|
|
||||||
## - KOMODO_GITHUB_WEBHOOK_APP_INSTALLATIONS_IDS or KOMODO_GITHUB_WEBHOOK_APP_INSTALLATIONS_IDS_FILE
|
|
||||||
## - KOMODO_GITHUB_WEBHOOK_APP_INSTALLATIONS_NAMESPACES
|
|
||||||
# github_webhook_app.installations = [
|
|
||||||
# ## Find the id after installing the app to user / organization. "namespace" is the username / organization name.
|
|
||||||
# { id = 1234, namespace = "mbecker20" }
|
|
||||||
# ]
|
|
||||||
|
|
||||||
## The path to Github webhook app private key. <INSERT LINK TO GUIDE>
|
|
||||||
## This is defaulted to `/github/private-key.pem`, and doesn't need to be changed if running core in Docker.
|
|
||||||
## Just mount the private key pem file on the host to `/github/private-key.pem` in the container.
|
|
||||||
## Eg. `/your/path/to/key.pem : /github/private-key.pem`
|
|
||||||
## Env: KOMODO_GITHUB_WEBHOOK_APP_PK_PATH
|
|
||||||
# github_webhook_app.pk_path = "/path/to/pk.pem"
|
|
||||||
|
|
||||||
###########
|
|
||||||
# LOGGING #
|
|
||||||
###########
|
|
||||||
|
|
||||||
## Specify the logging verbosity
|
|
||||||
## Env: KOMODO_LOGGING_LEVEL
|
|
||||||
## Options: off, error, warn, info, debug, trace
|
|
||||||
## Default: info
|
|
||||||
logging.level = "info"
|
|
||||||
|
|
||||||
## Specify the logging format for stdout / stderr.
|
|
||||||
## Env: KOMODO_LOGGING_STDIO
|
|
||||||
## Options: standard, json, none
|
|
||||||
## Default: standard
|
|
||||||
logging.stdio = "standard"
|
|
||||||
|
|
||||||
## Optionally specify a opentelemetry otlp endpoint to send traces to.
|
|
||||||
## Example: http://localhost:4317
|
|
||||||
## Env: KOMODO_LOGGING_OTLP_ENDPOINT
|
|
||||||
logging.otlp_endpoint = ""
|
|
||||||
|
|
||||||
## Set the opentelemetry service name.
|
|
||||||
## This will be attached to the telemetry Komodo will send.
|
|
||||||
## Env: KOMODO_LOGGING_OPENTELEMETRY_SERVICE_NAME
|
|
||||||
## Default: "Komodo"
|
|
||||||
logging.opentelemetry_service_name = "Komodo"
|
|
||||||
|
|
||||||
###########
|
|
||||||
# PRUNING #
|
|
||||||
###########
|
|
||||||
|
|
||||||
## The number of days to keep historical system stats around, or 0 to disable pruning.
|
|
||||||
## Stats older that are than this number of days are deleted on a daily cycle.
|
|
||||||
## Env: KOMODO_KEEP_STATS_FOR_DAYS
|
|
||||||
## Default: 14
|
|
||||||
keep_stats_for_days = 14
|
|
||||||
|
|
||||||
## The number of days to keep alerts around, or 0 to disable pruning.
|
|
||||||
## Alerts older that are than this number of days are deleted on a daily cycle.
|
|
||||||
## Env: KOMODO_KEEP_ALERTS_FOR_DAYS
|
|
||||||
## Default: 14
|
|
||||||
keep_alerts_for_days = 14
|
|
||||||
|
|
||||||
##################
|
|
||||||
# POLL INTERVALS #
|
|
||||||
##################
|
|
||||||
|
|
||||||
## Controls the rate at which servers are polled for health, system stats, and container status.
|
|
||||||
## This affects network usage, and the size of the stats stored in mongo.
|
|
||||||
## Env: KOMODO_MONITORING_INTERVAL
|
|
||||||
## Options: 1-sec, 5-sec, 15-sec, 30-sec, 1-min, 2-min, 5-min, 15-min
|
|
||||||
## Default: 15-sec
|
|
||||||
monitoring_interval = "15-sec"
|
|
||||||
|
|
||||||
## Interval at which to poll Resources for any updates / automated actions.
|
|
||||||
## Env: KOMODO_RESOURCE_POLL_INTERVAL
|
|
||||||
## Options: `15-sec`, `1-min`, `5-min`, `15-min`, `1-hr`.
|
|
||||||
## Default: 5-min
|
|
||||||
resource_poll_interval = "5-min"
|
|
||||||
|
|
||||||
###################
|
|
||||||
# CLOUD PROVIDERS #
|
|
||||||
###################
|
|
||||||
|
|
||||||
## Komodo can build images by deploying AWS EC2 instances,
|
|
||||||
## running the build, and afterwards destroying the instance.
|
|
||||||
|
|
||||||
## Additionally, Komodo can deploy cloud VPS on AWS EC2 and Hetzner.
|
|
||||||
## Use the Template resource to configure launch preferences.
|
|
||||||
## Hetzner is not supported for builds as their pricing model is by the hour,
|
|
||||||
## while AWS is by the minute. This is very important for builds.
|
|
||||||
|
|
||||||
## Provide AWS api keys for ephemeral builders / server launch
|
|
||||||
## Env: KOMODO_AWS_ACCESS_KEY_ID or KOMODO_AWS_ACCESS_KEY_ID_FILE
|
|
||||||
aws.access_key_id = ""
|
|
||||||
## Env: KOMODO_AWS_SECRET_ACCESS_KEY or KOMODO_AWS_SECRET_ACCESS_KEY_FILE
|
|
||||||
aws.secret_access_key = ""
|
|
||||||
|
|
||||||
## Provide Hetzner api token for server launch
|
|
||||||
## Env: KOMODO_HETZNER_TOKEN or KOMODO_HETZNER_TOKEN_FILE
|
|
||||||
hetzner.token = ""
|
|
||||||
|
|
||||||
#################
|
|
||||||
# GIT PROVIDERS #
|
|
||||||
#################
|
|
||||||
|
|
||||||
## These will be available to attach to Builds, Repos, Stacks, and Syncs.
|
|
||||||
## They allow these Resources to clone private repositories.
|
|
||||||
## They cannot be configured on the environment.
|
|
||||||
|
|
||||||
## configure git providers
|
|
||||||
# [[git_provider]]
|
|
||||||
# domain = "github.com"
|
|
||||||
# accounts = [
|
|
||||||
# { username = "mbecker20", token = "access_token_for_account" },
|
|
||||||
# { username = "moghtech", token = "access_token_for_other_account" },
|
|
||||||
# ]
|
|
||||||
|
|
||||||
# [[git_provider]]
|
|
||||||
# domain = "git.mogh.tech" # use a custom provider, like self-hosted gitea
|
|
||||||
# accounts = [
|
|
||||||
# { username = "mbecker20", token = "access_token_for_account" },
|
|
||||||
# ]
|
|
||||||
|
|
||||||
# [[git_provider]]
|
|
||||||
# domain = "localhost:8000" # use a custom provider, like self-hosted gitea
|
|
||||||
# https = false # use http://localhost:8000 as base-url for clone
|
|
||||||
# accounts = [
|
|
||||||
# { username = "mbecker20", token = "access_token_for_account" },
|
|
||||||
# ]
|
|
||||||
|
|
||||||
######################
|
|
||||||
# REGISTRY PROVIDERS #
|
|
||||||
######################
|
|
||||||
|
|
||||||
## These will be available to attach to Builds and Stacks.
|
|
||||||
## They allow these Resources to pull private images.
|
|
||||||
## They cannot be configured on the environment.
|
|
||||||
|
|
||||||
## configure docker registries
|
|
||||||
# [[docker_registry]]
|
|
||||||
# domain = "docker.io"
|
|
||||||
# accounts = [
|
|
||||||
# { username = "mbecker2020", token = "access_token_for_account" }
|
|
||||||
# ]
|
|
||||||
# organizations = ["DockerhubOrganization"]
|
|
||||||
|
|
||||||
[[gitea_rinoa]]
|
|
||||||
domain = "git.trez.wtf"
|
|
||||||
accounts = [
|
|
||||||
{ username = "gitea-sonarqube-bot", token = "594a3a9611bdb508bd6a3575e2ddb3ac4922a4da" }
|
|
||||||
]
|
|
||||||
|
|
||||||
[[gitea_rinoa_local]]
|
|
||||||
domain = "http://gitea:3000"
|
|
||||||
accounts = [
|
|
||||||
{ username = "gitea-sonarqube-bot", token = "594a3a9611bdb508bd6a3575e2ddb3ac4922a4da" }
|
|
||||||
]
|
|
||||||
|
|
||||||
# [[docker_registry]]
|
|
||||||
# domain = "git.mogh.tech" # use a custom provider, like self-hosted gitea
|
|
||||||
# accounts = [
|
|
||||||
# { username = "mbecker20", token = "access_token_for_account" },
|
|
||||||
# ]
|
|
||||||
# organizations = ["Mogh"] # These become available in the UI
|
|
||||||
|
|
||||||
###########
|
|
||||||
# SECRETS #
|
|
||||||
###########
|
|
||||||
|
|
||||||
## Provide Core based secrets.
|
|
||||||
## These will be available to interpolate into your Deployment / Stack environments,
|
|
||||||
## and will be hidden in the UI and logs.
|
|
||||||
## These are available to use on any Periphery (Server),
|
|
||||||
## but you can also limit access more by placing them in a single Periphery's config file instead.
|
|
||||||
## These cannot be configured in the Komodo Core environment, they must be passed in the file.
|
|
||||||
|
|
||||||
# [secrets]
|
|
||||||
# SECRET_1 = "value_1"
|
|
||||||
# SECRET_2 = "value_2"
|
|
||||||
@@ -1,21 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
<Config>
|
|
||||||
<BindAddress>*</BindAddress>
|
|
||||||
<Port>8686</Port>
|
|
||||||
<SslPort>6868</SslPort>
|
|
||||||
<EnableSsl>False</EnableSsl>
|
|
||||||
<LaunchBrowser>True</LaunchBrowser>
|
|
||||||
<ApiKey>{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIDARR_API_KEY'] }}</ApiKey>
|
|
||||||
<AuthenticationMethod>Forms</AuthenticationMethod>
|
|
||||||
<Branch>master</Branch>
|
|
||||||
<LogLevel>trace</LogLevel>
|
|
||||||
<SslCertPath></SslCertPath>
|
|
||||||
<SslCertPassword></SslCertPassword>
|
|
||||||
<UrlBase></UrlBase>
|
|
||||||
<InstanceName>Lidarr</InstanceName>
|
|
||||||
<UpdateMechanism>Docker</UpdateMechanism>
|
|
||||||
<Theme>auto</Theme>
|
|
||||||
<AuthenticationRequired>Enabled</AuthenticationRequired>
|
|
||||||
</Config>
|
|
||||||
@@ -1,25 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
{
|
|
||||||
"lidarr_address": "http://lidarr:8686",
|
|
||||||
"lidarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIDARR_API_KEY'] }}",
|
|
||||||
"spotify_client_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_SECRET'] }}",
|
|
||||||
"root_folder_path": "/data/media/music",
|
|
||||||
"spotify_client_id": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_ID'] }}",
|
|
||||||
"spotify_client_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_SECRET'] }}",
|
|
||||||
"fallback_to_top_result": false,
|
|
||||||
"lidarr_api_timeout": 120.0,
|
|
||||||
"quality_profile_id": 1,
|
|
||||||
"metadata_profile_id": 1,
|
|
||||||
"search_for_missing_albums": false,
|
|
||||||
"dry_run_adding_to_lidarr": true,
|
|
||||||
"app_name": "lidify",
|
|
||||||
"app_rev": "0.09",
|
|
||||||
"app_url": "lidify.trez.wtf",
|
|
||||||
"last_fm_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}",
|
|
||||||
"last_fm_api_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}",
|
|
||||||
"mode": "LastFM",
|
|
||||||
"auto_start": false,
|
|
||||||
"auto_start_delay": 60
|
|
||||||
}
|
|
||||||
@@ -1,63 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
{
|
|
||||||
"sourceDefaults": {
|
|
||||||
"maxPollRetries": 0, // optional, default # of automatic polling restarts on error. can be overridden by property in individual config
|
|
||||||
"maxRequestRetries": 1, // optional, default # of http request retries a source can make before error is thrown. can be overridden by property in individual config
|
|
||||||
"retryMultiplier": 1.5 // optional, default retry delay multiplier (retry attempt * multiplier = # of seconds to wait before retrying). can be overridden by property in individual config
|
|
||||||
},
|
|
||||||
"clientDefaults": {
|
|
||||||
"maxRequestRetries": 1, // optional, default # of http request retries a client can make before error is thrown. can be overridden by property in individual config
|
|
||||||
"retryMultiplier": 1.5 // optional, default retry delay multiplier (retry attempt * multiplier = # of seconds to wait before retrying). can be overridden by property in individual config
|
|
||||||
},
|
|
||||||
"clients": [
|
|
||||||
{
|
|
||||||
"name": "Last.fm Client",
|
|
||||||
"enable": true,
|
|
||||||
"configureAs": "client",
|
|
||||||
"data": {
|
|
||||||
"apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}",
|
|
||||||
"secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}",
|
|
||||||
"redirectUri": "http://localhost:9078/lastfm/callback"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "Last.fm Source",
|
|
||||||
"enable": true,
|
|
||||||
"configureAs": "source",
|
|
||||||
"data": {
|
|
||||||
"apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}",
|
|
||||||
"secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}",
|
|
||||||
"redirectUri": "http://localhost:9078/lastfm/callback"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "Maloja",
|
|
||||||
"enable": true,
|
|
||||||
"data": {
|
|
||||||
"url": "http://maloja:42010",
|
|
||||||
"apiKey": "myMalojaKey"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "ListenBrainz Client",
|
|
||||||
"enable": true,
|
|
||||||
"configureAs": "client",
|
|
||||||
"data": {
|
|
||||||
"token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}",
|
|
||||||
"username": "Trez.One"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "ListenBrainz Source",
|
|
||||||
"enable": true,
|
|
||||||
"configureAs": "source",
|
|
||||||
"data": {
|
|
||||||
"token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}",
|
|
||||||
"username": "Trez.One"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,11 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
<clickhouse>
|
|
||||||
<profiles>
|
|
||||||
<default>
|
|
||||||
<log_queries>0</log_queries>
|
|
||||||
<log_query_threads>0</log_query_threads>
|
|
||||||
</default>
|
|
||||||
</profiles>
|
|
||||||
</clickhouse>
|
|
||||||
@@ -1,59 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
version: 2
|
|
||||||
|
|
||||||
postal:
|
|
||||||
web_hostname: post.trez.wtf
|
|
||||||
web_protocol: http
|
|
||||||
smtp_hostname: post.trez.wtf
|
|
||||||
use_ip_pools: false
|
|
||||||
signing_key_path: /config/signing.key
|
|
||||||
trusted_proxies: [ "172.18.0.0/16" ]
|
|
||||||
|
|
||||||
web_server:
|
|
||||||
default_port: 5000
|
|
||||||
default_bind_address: 0.0.0.0
|
|
||||||
|
|
||||||
main_db:
|
|
||||||
host: mariadb
|
|
||||||
username: postal
|
|
||||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_MYSQL_PASSWORD'] }}
|
|
||||||
database: postal
|
|
||||||
|
|
||||||
message_db:
|
|
||||||
host: mariadb
|
|
||||||
username: postal
|
|
||||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_MYSQL_PASSWORD'] }}
|
|
||||||
prefix: postal
|
|
||||||
|
|
||||||
smtp_server:
|
|
||||||
default_port: 25
|
|
||||||
default_bind_address: "::"
|
|
||||||
|
|
||||||
dns:
|
|
||||||
# Specify the DNS records that you have configured. Refer to the documentation at
|
|
||||||
# https://github.com/atech/postal/wiki/Domains-&-DNS-Configuration for further
|
|
||||||
# information about these.
|
|
||||||
mx_records:
|
|
||||||
- mx.post.trez.wtf
|
|
||||||
spf_include: spf.post.trez.wtf
|
|
||||||
return_path_domain: rp.post.trez.wtf
|
|
||||||
route_domain: routes.post.trez.wtf
|
|
||||||
track_domain: track.post.trez.wtf
|
|
||||||
|
|
||||||
smtp:
|
|
||||||
# Specify an SMTP server that can be used to send messages from the Postal management
|
|
||||||
# system to users. You can configure this to use a Postal mail server once the
|
|
||||||
# your installation has been set up.
|
|
||||||
host: postal-smtp
|
|
||||||
port: 25
|
|
||||||
username: rinoa/postal-smtp
|
|
||||||
password: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}"
|
|
||||||
from_name: Postal @ Rinoa
|
|
||||||
from_address: noreply@trez.wtf
|
|
||||||
|
|
||||||
rails:
|
|
||||||
# This is generated automatically by the config initialization. It should be a random
|
|
||||||
# string unique to your installation.
|
|
||||||
secret_key: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_RAILS_SECRET_KEY'] }}"
|
|
||||||
@@ -1,21 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
<Config>
|
|
||||||
<BindAddress>*</BindAddress>
|
|
||||||
<Port>9696</Port>
|
|
||||||
<SslPort>6969</SslPort>
|
|
||||||
<EnableSsl>False</EnableSsl>
|
|
||||||
<LaunchBrowser>True</LaunchBrowser>
|
|
||||||
<ApiKey>{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['PROWLARR_API_KEY'] }}</ApiKey>
|
|
||||||
<AuthenticationMethod>Forms</AuthenticationMethod>
|
|
||||||
<AuthenticationRequired>Enabled</AuthenticationRequired>
|
|
||||||
<Branch>master</Branch>
|
|
||||||
<LogLevel>info</LogLevel>
|
|
||||||
<SslCertPath></SslCertPath>
|
|
||||||
<SslCertPassword></SslCertPassword>
|
|
||||||
<UrlBase></UrlBase>
|
|
||||||
<InstanceName>Prowlarr</InstanceName>
|
|
||||||
<UpdateMechanism>Docker</UpdateMechanism>
|
|
||||||
<Theme>light</Theme>
|
|
||||||
</Config>
|
|
||||||
@@ -1,20 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
{
|
|
||||||
"radarr_address": "http://radarr:7878",
|
|
||||||
"radarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['RADARR_API_KEY'] }}",
|
|
||||||
"root_folder_path": "/data/media/movies",
|
|
||||||
"tmdb_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['TMDB_API_KEY'] }}",
|
|
||||||
"fallback_to_top_result": false,
|
|
||||||
"radarr_api_timeout": 120.0,
|
|
||||||
"quality_profile_id": 1,
|
|
||||||
"metadata_profile_id": 1,
|
|
||||||
"search_for_movie": true,
|
|
||||||
"dry_run_adding_to_radarr": false,
|
|
||||||
"minimum_rating": 4.5,
|
|
||||||
"minimum_votes": 50,
|
|
||||||
"language_choice": "all",
|
|
||||||
"auto_start": true,
|
|
||||||
"auto_start_delay": 60.0
|
|
||||||
}
|
|
||||||
@@ -1,21 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
<Config>
|
|
||||||
<LogLevel>info</LogLevel>
|
|
||||||
<BindAddress>*</BindAddress>
|
|
||||||
<EnableSsl>False</EnableSsl>
|
|
||||||
<SslCertPath></SslCertPath>
|
|
||||||
<Port>7878</Port>
|
|
||||||
<UrlBase></UrlBase>
|
|
||||||
<ApiKey>{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['RADARR_API_KEY'] }}</ApiKey>
|
|
||||||
<AuthenticationMethod>Forms</AuthenticationMethod>
|
|
||||||
<UpdateMechanism>Docker</UpdateMechanism>
|
|
||||||
<SslPort>9898</SslPort>
|
|
||||||
<LaunchBrowser>True</LaunchBrowser>
|
|
||||||
<Branch>master</Branch>
|
|
||||||
<SslCertPassword></SslCertPassword>
|
|
||||||
<InstanceName>Radarr</InstanceName>
|
|
||||||
<Theme>auto</Theme>
|
|
||||||
<AuthenticationRequired>Enabled</AuthenticationRequired>
|
|
||||||
</Config>
|
|
||||||
@@ -1,21 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
<Config>
|
|
||||||
<BindAddress>*</BindAddress>
|
|
||||||
<Port>8787</Port>
|
|
||||||
<SslPort>6868</SslPort>
|
|
||||||
<EnableSsl>False</EnableSsl>
|
|
||||||
<LaunchBrowser>True</LaunchBrowser>
|
|
||||||
<ApiKey>{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['READARR_API_KEY'] }}</ApiKey>
|
|
||||||
<AuthenticationMethod>Forms</AuthenticationMethod>
|
|
||||||
<Branch>develop</Branch>
|
|
||||||
<LogLevel>info</LogLevel>
|
|
||||||
<SslCertPath></SslCertPath>
|
|
||||||
<SslCertPassword></SslCertPassword>
|
|
||||||
<UrlBase></UrlBase>
|
|
||||||
<InstanceName>Readarr</InstanceName>
|
|
||||||
<UpdateMechanism>Docker</UpdateMechanism>
|
|
||||||
<Theme>auto</Theme>
|
|
||||||
<AuthenticationRequired>Enabled</AuthenticationRequired>
|
|
||||||
</Config>
|
|
||||||
@@ -1,482 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
__version__ = 19
|
|
||||||
__encoding__ = utf-8
|
|
||||||
[misc]
|
|
||||||
pre_script = None
|
|
||||||
queue_complete = ""
|
|
||||||
queue_complete_pers = 0
|
|
||||||
bandwidth_perc = 0
|
|
||||||
refresh_rate = 1
|
|
||||||
queue_limit = 20
|
|
||||||
config_lock = 0
|
|
||||||
sched_converted = 2
|
|
||||||
notified_new_skin = 2
|
|
||||||
direct_unpack_tested = 1
|
|
||||||
check_new_rel = 1
|
|
||||||
auto_browser = 0
|
|
||||||
language = en
|
|
||||||
enable_https_verification = 1
|
|
||||||
host = 0.0.0.0
|
|
||||||
port = 8080
|
|
||||||
https_port = 8090
|
|
||||||
username = thetrezuredone
|
|
||||||
password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SABNZBDVPN_PASSWORD'] }}
|
|
||||||
bandwidth_max = 1000M
|
|
||||||
cache_limit = 1G
|
|
||||||
web_dir = Glitter
|
|
||||||
web_color = Auto
|
|
||||||
https_cert = server.cert
|
|
||||||
https_key = server.key
|
|
||||||
https_chain = ""
|
|
||||||
enable_https = 1
|
|
||||||
inet_exposure = 0
|
|
||||||
local_ranges = ,
|
|
||||||
api_key = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SABNZBDVPN_API_KEY'] }}
|
|
||||||
nzb_key = 3c0fa874bb2748b58c1bd7512e649946
|
|
||||||
permissions = 775
|
|
||||||
download_dir = /storage/downloads/incomplete
|
|
||||||
download_free = ""
|
|
||||||
complete_dir = /storage/downloads/completed/nzb
|
|
||||||
script_dir = ""
|
|
||||||
nzb_backup_dir = ""
|
|
||||||
admin_dir = admin
|
|
||||||
dirscan_dir = /storage/downloads/watch
|
|
||||||
dirscan_speed = 5
|
|
||||||
password_file = ""
|
|
||||||
log_dir = logs
|
|
||||||
max_art_tries = 3
|
|
||||||
load_balancing = 2
|
|
||||||
top_only = 0
|
|
||||||
sfv_check = 1
|
|
||||||
quick_check_ext_ignore = nfo, sfv, srr
|
|
||||||
script_can_fail = 0
|
|
||||||
ssl_ciphers = ""
|
|
||||||
enable_recursive = 1
|
|
||||||
flat_unpack = 0
|
|
||||||
par_option = ""
|
|
||||||
pre_check = 1
|
|
||||||
nice = ""
|
|
||||||
win_process_prio = 3
|
|
||||||
ionice = ""
|
|
||||||
fail_hopeless_jobs = 1
|
|
||||||
fast_fail = 1
|
|
||||||
auto_disconnect = 1
|
|
||||||
no_dupes = 3
|
|
||||||
no_series_dupes = 0
|
|
||||||
series_propercheck = 1
|
|
||||||
pause_on_pwrar = 2
|
|
||||||
ignore_samples = 1
|
|
||||||
deobfuscate_final_filenames = 0
|
|
||||||
auto_sort = ""
|
|
||||||
direct_unpack = 1
|
|
||||||
direct_unpack_threads = 3
|
|
||||||
propagation_delay = 0
|
|
||||||
folder_rename = 1
|
|
||||||
replace_spaces = 1
|
|
||||||
replace_dots = 1
|
|
||||||
safe_postproc = 1
|
|
||||||
pause_on_post_processing = 0
|
|
||||||
sanitize_safe = 0
|
|
||||||
cleanup_list = ,
|
|
||||||
unwanted_extensions = ,
|
|
||||||
action_on_unwanted_extensions = 0
|
|
||||||
new_nzb_on_failure = 1
|
|
||||||
history_retention = ""
|
|
||||||
enable_meta = 1
|
|
||||||
quota_size = ""
|
|
||||||
quota_day = ""
|
|
||||||
quota_resume = 0
|
|
||||||
quota_period = m
|
|
||||||
rating_enable = 0
|
|
||||||
rating_host = ""
|
|
||||||
rating_api_key = ""
|
|
||||||
rating_filter_enable = 0
|
|
||||||
rating_filter_abort_audio = 0
|
|
||||||
rating_filter_abort_video = 0
|
|
||||||
rating_filter_abort_encrypted = 0
|
|
||||||
rating_filter_abort_encrypted_confirm = 0
|
|
||||||
rating_filter_abort_spam = 0
|
|
||||||
rating_filter_abort_spam_confirm = 0
|
|
||||||
rating_filter_abort_downvoted = 0
|
|
||||||
rating_filter_abort_keywords = ""
|
|
||||||
rating_filter_pause_audio = 0
|
|
||||||
rating_filter_pause_video = 0
|
|
||||||
rating_filter_pause_encrypted = 0
|
|
||||||
rating_filter_pause_encrypted_confirm = 0
|
|
||||||
rating_filter_pause_spam = 0
|
|
||||||
rating_filter_pause_spam_confirm = 0
|
|
||||||
rating_filter_pause_downvoted = 0
|
|
||||||
rating_filter_pause_keywords = ""
|
|
||||||
enable_tv_sorting = 1
|
|
||||||
tv_sort_string = %sn/Season %s/%sn - %sx%0e - %en.%ext
|
|
||||||
tv_sort_countries = 1
|
|
||||||
tv_categories = tv,
|
|
||||||
enable_movie_sorting = 0
|
|
||||||
movie_sort_string = ""
|
|
||||||
movie_sort_extra = -cd%1
|
|
||||||
movie_extra_folder = 0
|
|
||||||
movie_categories = movies,
|
|
||||||
enable_date_sorting = 0
|
|
||||||
date_sort_string = ""
|
|
||||||
date_categories = tv,
|
|
||||||
schedlines = ,
|
|
||||||
rss_rate = 60
|
|
||||||
ampm = 0
|
|
||||||
replace_illegal = 1
|
|
||||||
start_paused = 0
|
|
||||||
enable_all_par = 1
|
|
||||||
enable_par_cleanup = 1
|
|
||||||
enable_unrar = 1
|
|
||||||
enable_unzip = 1
|
|
||||||
enable_7zip = 1
|
|
||||||
enable_filejoin = 1
|
|
||||||
enable_tsjoin = 1
|
|
||||||
overwrite_files = 0
|
|
||||||
ignore_unrar_dates = 0
|
|
||||||
backup_for_duplicates = 1
|
|
||||||
empty_postproc = 0
|
|
||||||
wait_for_dfolder = 0
|
|
||||||
rss_filenames = 0
|
|
||||||
api_logging = 1
|
|
||||||
html_login = 1
|
|
||||||
osx_menu = 1
|
|
||||||
osx_speed = 1
|
|
||||||
warn_dupl_jobs = 1
|
|
||||||
helpfull_warnings = 1
|
|
||||||
keep_awake = 1
|
|
||||||
win_menu = 1
|
|
||||||
allow_incomplete_nzb = 0
|
|
||||||
enable_bonjour = 1
|
|
||||||
max_art_opt = 0
|
|
||||||
ipv6_hosting = 0
|
|
||||||
fixed_ports = 1
|
|
||||||
api_warnings = 1
|
|
||||||
disable_api_key = 0
|
|
||||||
no_penalties = 0
|
|
||||||
x_frame_options = 1
|
|
||||||
require_modern_tls = 0
|
|
||||||
num_decoders = 3
|
|
||||||
rss_odd_titles = nzbindex.nl/, nzbindex.com/, nzbclub.com/
|
|
||||||
req_completion_rate = 100.2
|
|
||||||
selftest_host = self-test.sabnzbd.org
|
|
||||||
movie_rename_limit = 100M
|
|
||||||
size_limit = 0
|
|
||||||
show_sysload = 2
|
|
||||||
history_limit = 10
|
|
||||||
wait_ext_drive = 5
|
|
||||||
max_foldername_length = 246
|
|
||||||
nomedia_marker = ""
|
|
||||||
ipv6_servers = 1
|
|
||||||
url_base = /sabnzbd
|
|
||||||
host_whitelist = rinoa, sabnzbd.trez.wtf
|
|
||||||
max_url_retries = 10
|
|
||||||
email_server = ""
|
|
||||||
email_to = ,
|
|
||||||
email_from = ""
|
|
||||||
email_account = ""
|
|
||||||
email_pwd = ""
|
|
||||||
email_endjob = 0
|
|
||||||
email_full = 0
|
|
||||||
email_dir = ""
|
|
||||||
email_rss = 0
|
|
||||||
email_cats = *,
|
|
||||||
interface_settings = '{"dateFormat":"fromNow","extraQueueColumns":["category"],"extraHistoryColumns":[],"displayCompact":false,"displayFullWidth":false,"confirmDeleteQueue":true,"confirmDeleteHistory":true,"keyboardShortcuts":true}'
|
|
||||||
complete_free = ""
|
|
||||||
fulldisk_autoresume = 0
|
|
||||||
enable_broadcast = 1
|
|
||||||
downloader_sleep_time = 10
|
|
||||||
ssdp_broadcast_interval = 15
|
|
||||||
unwanted_extensions_mode = 0
|
|
||||||
process_unpacked_par2 = 1
|
|
||||||
episode_rename_limit = 20M
|
|
||||||
socks5_proxy_url = ""
|
|
||||||
preserve_paused_state = 0
|
|
||||||
helpful_warnings = 1
|
|
||||||
allow_old_ssl_tls = 0
|
|
||||||
num_simd_decoders = 2
|
|
||||||
ext_rename_ignore = ,
|
|
||||||
backup_dir = ""
|
|
||||||
replace_underscores = 0
|
|
||||||
tray_icon = 1
|
|
||||||
sorters_converted = 1
|
|
||||||
enable_season_sorting = 1
|
|
||||||
receive_threads = 2
|
|
||||||
switchinterval = 0.005
|
|
||||||
end_queue_script = None
|
|
||||||
no_smart_dupes = 1
|
|
||||||
dupes_propercheck = 1
|
|
||||||
enable_multipar = 1
|
|
||||||
verify_xff_header = 0
|
|
||||||
history_retention_option = all
|
|
||||||
history_retention_number = 1
|
|
||||||
ipv6_staging = 0
|
|
||||||
disable_archive = 0
|
|
||||||
config_conversion_version = 4
|
|
||||||
disable_par2cmdline = 0
|
|
||||||
[logging]
|
|
||||||
log_level = 1
|
|
||||||
max_log_size = 5242880
|
|
||||||
log_backups = 5
|
|
||||||
[ncenter]
|
|
||||||
ncenter_enable = 0
|
|
||||||
ncenter_cats = *,
|
|
||||||
ncenter_prio_startup = 0
|
|
||||||
ncenter_prio_download = 0
|
|
||||||
ncenter_prio_pause_resume = 0
|
|
||||||
ncenter_prio_pp = 0
|
|
||||||
ncenter_prio_complete = 0
|
|
||||||
ncenter_prio_failed = 0
|
|
||||||
ncenter_prio_disk_full = 0
|
|
||||||
ncenter_prio_new_login = 0
|
|
||||||
ncenter_prio_warning = 0
|
|
||||||
ncenter_prio_error = 0
|
|
||||||
ncenter_prio_queue_done = 0
|
|
||||||
ncenter_prio_other = 0
|
|
||||||
[acenter]
|
|
||||||
acenter_enable = 0
|
|
||||||
acenter_cats = *,
|
|
||||||
acenter_prio_startup = 0
|
|
||||||
acenter_prio_download = 0
|
|
||||||
acenter_prio_pause_resume = 0
|
|
||||||
acenter_prio_pp = 0
|
|
||||||
acenter_prio_complete = 0
|
|
||||||
acenter_prio_failed = 0
|
|
||||||
acenter_prio_disk_full = 0
|
|
||||||
acenter_prio_new_login = 0
|
|
||||||
acenter_prio_warning = 0
|
|
||||||
acenter_prio_error = 0
|
|
||||||
acenter_prio_queue_done = 0
|
|
||||||
acenter_prio_other = 0
|
|
||||||
[ntfosd]
|
|
||||||
ntfosd_enable = 0
|
|
||||||
ntfosd_cats = *,
|
|
||||||
ntfosd_prio_startup = 0
|
|
||||||
ntfosd_prio_download = 0
|
|
||||||
ntfosd_prio_pause_resume = 0
|
|
||||||
ntfosd_prio_pp = 0
|
|
||||||
ntfosd_prio_complete = 0
|
|
||||||
ntfosd_prio_failed = 0
|
|
||||||
ntfosd_prio_disk_full = 0
|
|
||||||
ntfosd_prio_new_login = 0
|
|
||||||
ntfosd_prio_warning = 0
|
|
||||||
ntfosd_prio_error = 0
|
|
||||||
ntfosd_prio_queue_done = 0
|
|
||||||
ntfosd_prio_other = 0
|
|
||||||
[prowl]
|
|
||||||
prowl_enable = 0
|
|
||||||
prowl_cats = *,
|
|
||||||
prowl_apikey = ""
|
|
||||||
prowl_prio_startup = -3
|
|
||||||
prowl_prio_download = -3
|
|
||||||
prowl_prio_pause_resume = -3
|
|
||||||
prowl_prio_pp = -3
|
|
||||||
prowl_prio_complete = 0
|
|
||||||
prowl_prio_failed = 1
|
|
||||||
prowl_prio_disk_full = 1
|
|
||||||
prowl_prio_new_login = -3
|
|
||||||
prowl_prio_warning = -3
|
|
||||||
prowl_prio_error = -3
|
|
||||||
prowl_prio_queue_done = 0
|
|
||||||
prowl_prio_other = -3
|
|
||||||
[pushover]
|
|
||||||
pushover_token = ""
|
|
||||||
pushover_userkey = ""
|
|
||||||
pushover_device = ""
|
|
||||||
pushover_emergency_expire = 3600
|
|
||||||
pushover_emergency_retry = 60
|
|
||||||
pushover_enable = 0
|
|
||||||
pushover_cats = *,
|
|
||||||
pushover_prio_startup = -3
|
|
||||||
pushover_prio_download = -2
|
|
||||||
pushover_prio_pause_resume = -2
|
|
||||||
pushover_prio_pp = -3
|
|
||||||
pushover_prio_complete = -1
|
|
||||||
pushover_prio_failed = -1
|
|
||||||
pushover_prio_disk_full = 1
|
|
||||||
pushover_prio_new_login = -3
|
|
||||||
pushover_prio_warning = 1
|
|
||||||
pushover_prio_error = 1
|
|
||||||
pushover_prio_queue_done = -1
|
|
||||||
pushover_prio_other = -3
|
|
||||||
[pushbullet]
|
|
||||||
pushbullet_enable = 0
|
|
||||||
pushbullet_cats = *,
|
|
||||||
pushbullet_apikey = ""
|
|
||||||
pushbullet_device = ""
|
|
||||||
pushbullet_prio_startup = 0
|
|
||||||
pushbullet_prio_download = 0
|
|
||||||
pushbullet_prio_pause_resume = 0
|
|
||||||
pushbullet_prio_pp = 0
|
|
||||||
pushbullet_prio_complete = 1
|
|
||||||
pushbullet_prio_failed = 1
|
|
||||||
pushbullet_prio_disk_full = 1
|
|
||||||
pushbullet_prio_new_login = 0
|
|
||||||
pushbullet_prio_warning = 0
|
|
||||||
pushbullet_prio_error = 0
|
|
||||||
pushbullet_prio_queue_done = 0
|
|
||||||
pushbullet_prio_other = 0
|
|
||||||
[nscript]
|
|
||||||
nscript_enable = 0
|
|
||||||
nscript_cats = *,
|
|
||||||
nscript_script = None
|
|
||||||
nscript_parameters = ""
|
|
||||||
nscript_prio_startup = 1
|
|
||||||
nscript_prio_download = 0
|
|
||||||
nscript_prio_pause_resume = 0
|
|
||||||
nscript_prio_pp = 0
|
|
||||||
nscript_prio_complete = 1
|
|
||||||
nscript_prio_failed = 1
|
|
||||||
nscript_prio_disk_full = 1
|
|
||||||
nscript_prio_new_login = 0
|
|
||||||
nscript_prio_warning = 0
|
|
||||||
nscript_prio_error = 0
|
|
||||||
nscript_prio_queue_done = 1
|
|
||||||
nscript_prio_other = 0
|
|
||||||
[servers]
|
|
||||||
[[news.newshosting.com]]
|
|
||||||
name = news.newshosting.com
|
|
||||||
displayname = Newshosting
|
|
||||||
host = news.newshosting.com
|
|
||||||
port = 563
|
|
||||||
timeout = 60
|
|
||||||
username = thetrezuredone
|
|
||||||
password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SLSKD_PASSWORD'] }}
|
|
||||||
connections = 8
|
|
||||||
ssl = 1
|
|
||||||
ssl_verify = 3
|
|
||||||
ssl_ciphers = ""
|
|
||||||
enable = 1
|
|
||||||
required = 0
|
|
||||||
optional = 0
|
|
||||||
retention = 0
|
|
||||||
expire_date = ""
|
|
||||||
quota = ""
|
|
||||||
usage_at_start = 0
|
|
||||||
priority = 0
|
|
||||||
notes = ""
|
|
||||||
[[news.easynews.com]]
|
|
||||||
name = news.easynews.com
|
|
||||||
displayname = EasyNews
|
|
||||||
host = news.easynews.com
|
|
||||||
port = 443
|
|
||||||
timeout = 60
|
|
||||||
username = TrezOne
|
|
||||||
password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SABNZBDVPN_EASYNEWS_PASSWORD'] }}
|
|
||||||
connections = 60
|
|
||||||
ssl = 0
|
|
||||||
ssl_verify = 3
|
|
||||||
ssl_ciphers = ""
|
|
||||||
enable = 1
|
|
||||||
required = 0
|
|
||||||
optional = 0
|
|
||||||
retention = 0
|
|
||||||
expire_date = ""
|
|
||||||
quota = ""
|
|
||||||
usage_at_start = 0
|
|
||||||
priority = 0
|
|
||||||
notes = ""
|
|
||||||
[categories]
|
|
||||||
[[software]]
|
|
||||||
name = software
|
|
||||||
order = 0
|
|
||||||
pp = ""
|
|
||||||
script = Default
|
|
||||||
dir = ""
|
|
||||||
newzbin = ""
|
|
||||||
priority = -100
|
|
||||||
[[*]]
|
|
||||||
name = *
|
|
||||||
order = 0
|
|
||||||
pp = 3
|
|
||||||
script = Default
|
|
||||||
dir = ""
|
|
||||||
newzbin = ""
|
|
||||||
priority = 0
|
|
||||||
[[tv]]
|
|
||||||
name = tv
|
|
||||||
order = 0
|
|
||||||
pp = ""
|
|
||||||
script = Default
|
|
||||||
dir = tv
|
|
||||||
newzbin = ""
|
|
||||||
priority = -100
|
|
||||||
[[audio]]
|
|
||||||
name = audio
|
|
||||||
order = 0
|
|
||||||
pp = 2
|
|
||||||
script = Default
|
|
||||||
dir = music
|
|
||||||
newzbin = ""
|
|
||||||
priority = 1
|
|
||||||
[[movies]]
|
|
||||||
name = movies
|
|
||||||
order = 0
|
|
||||||
pp = ""
|
|
||||||
script = Default
|
|
||||||
dir = movies
|
|
||||||
newzbin = ""
|
|
||||||
priority = -100
|
|
||||||
[[ebook]]
|
|
||||||
name = ebook
|
|
||||||
order = 0
|
|
||||||
pp = 2
|
|
||||||
script = Default
|
|
||||||
dir = ebooks
|
|
||||||
newzbin = ""
|
|
||||||
priority = -100
|
|
||||||
[[prowlarr]]
|
|
||||||
name = prowlarr
|
|
||||||
order = 0
|
|
||||||
pp = ""
|
|
||||||
script = Default
|
|
||||||
dir = ""
|
|
||||||
newzbin = ""
|
|
||||||
priority = -1
|
|
||||||
[[sonarr]]
|
|
||||||
name = sonarr
|
|
||||||
order = 1
|
|
||||||
pp = ""
|
|
||||||
script = Default
|
|
||||||
dir = tv
|
|
||||||
newzbin = ""
|
|
||||||
priority = -100
|
|
||||||
[sorters]
|
|
||||||
[[Series Sorting]]
|
|
||||||
name = Series Sorting
|
|
||||||
order = 0
|
|
||||||
min_size = 20M
|
|
||||||
multipart_label = ""
|
|
||||||
sort_string = %sn/Season %s/%sn - %sx%0e - %en.%ext
|
|
||||||
sort_cats = tv,
|
|
||||||
sort_type = 1,
|
|
||||||
is_active = 1
|
|
||||||
[apprise]
|
|
||||||
apprise_enable = 1
|
|
||||||
apprise_cats = *,
|
|
||||||
apprise_urls = apprise://apprise:8000/aef1ab3765b857585e13340f1f5f879b2babcc47b0eccead98a19e0a93fe1a35
|
|
||||||
apprise_target_startup = ""
|
|
||||||
apprise_target_startup_enable = 0
|
|
||||||
apprise_target_download = ""
|
|
||||||
apprise_target_download_enable = 0
|
|
||||||
apprise_target_pause_resume = ""
|
|
||||||
apprise_target_pause_resume_enable = 1
|
|
||||||
apprise_target_pp = ""
|
|
||||||
apprise_target_pp_enable = 0
|
|
||||||
apprise_target_complete = ""
|
|
||||||
apprise_target_complete_enable = 1
|
|
||||||
apprise_target_failed = ""
|
|
||||||
apprise_target_failed_enable = 1
|
|
||||||
apprise_target_disk_full = ""
|
|
||||||
apprise_target_disk_full_enable = 0
|
|
||||||
apprise_target_new_login = ""
|
|
||||||
apprise_target_new_login_enable = 1
|
|
||||||
apprise_target_warning = ""
|
|
||||||
apprise_target_warning_enable = 1
|
|
||||||
apprise_target_error = ""
|
|
||||||
apprise_target_error_enable = 1
|
|
||||||
apprise_target_queue_done = ""
|
|
||||||
apprise_target_queue_done_enable = 0
|
|
||||||
apprise_target_other = ""
|
|
||||||
apprise_target_other_enable = 1
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
bolt-path: /opt/scrutiny/influxdb/influxd.bolt
|
|
||||||
engine-path: /opt/scrutiny/influxdb/engine
|
|
||||||
http-bind-address: ":8086"
|
|
||||||
reporting-disabled: true
|
|
||||||
File diff suppressed because it is too large
Load Diff
@@ -1,49 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
[uwsgi]
|
|
||||||
# Who will run the code
|
|
||||||
uid = searxng
|
|
||||||
gid = searxng
|
|
||||||
|
|
||||||
# Number of workers (usually CPU count)
|
|
||||||
workers = %k
|
|
||||||
threads = 4
|
|
||||||
|
|
||||||
# The right granted on the created socket
|
|
||||||
chmod-socket = 666
|
|
||||||
|
|
||||||
# Plugin to use and interpreter config
|
|
||||||
single-interpreter = true
|
|
||||||
master = true
|
|
||||||
plugin = python3
|
|
||||||
lazy-apps = true
|
|
||||||
enable-threads = 4
|
|
||||||
|
|
||||||
# Module to import
|
|
||||||
module = searx.webapp
|
|
||||||
|
|
||||||
# Virtualenv and python path
|
|
||||||
pythonpath = /usr/local/searxng/
|
|
||||||
chdir = /usr/local/searxng/searx/
|
|
||||||
|
|
||||||
# automatically set processes name to something meaningful
|
|
||||||
auto-procname = true
|
|
||||||
|
|
||||||
# Disable request logging for privacy
|
|
||||||
disable-logging = true
|
|
||||||
log-5xx = true
|
|
||||||
|
|
||||||
# Set the max size of a request (request-body excluded)
|
|
||||||
buffer-size = 8192
|
|
||||||
|
|
||||||
# No keep alive
|
|
||||||
# See https://github.com/searx/searx-docker/issues/24
|
|
||||||
add-header = Connection: close
|
|
||||||
|
|
||||||
# uwsgi serves the static files
|
|
||||||
static-map = /static=/usr/local/searxng/searx/static
|
|
||||||
# expires set to one day
|
|
||||||
static-expires = /* 86400
|
|
||||||
static-gzip-all = True
|
|
||||||
offload-threads = 4
|
|
||||||
@@ -1,22 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = rinoa-docker/env %}
|
|
||||||
|
|
||||||
<Config>
|
|
||||||
<LogLevel>info</LogLevel>
|
|
||||||
<EnableSsl>False</EnableSsl>
|
|
||||||
<Port>8989</Port>
|
|
||||||
<SslPort>9898</SslPort>
|
|
||||||
<UrlBase></UrlBase>
|
|
||||||
<BindAddress>*</BindAddress>
|
|
||||||
<ApiKey>386baee1c0e741bea4a91f1f39c57f68</ApiKey>
|
|
||||||
<AuthenticationMethod>Forms</AuthenticationMethod>
|
|
||||||
<UpdateMechanism>Docker</UpdateMechanism>
|
|
||||||
<LaunchBrowser>True</LaunchBrowser>
|
|
||||||
<Branch>main</Branch>
|
|
||||||
<InstanceName>Sonarr</InstanceName>
|
|
||||||
<SyslogPort>514</SyslogPort>
|
|
||||||
<AuthenticationRequired>Enabled</AuthenticationRequired>
|
|
||||||
<SslCertPath></SslCertPath>
|
|
||||||
<SslCertPassword></SslCertPassword>
|
|
||||||
<Theme>auto</Theme>
|
|
||||||
</Config>
|
|
||||||
@@ -1,21 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
{
|
|
||||||
"sonarr_address": "http://192.168.1.2:8989",
|
|
||||||
"sonarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SONARR_API_KEY'] }}",
|
|
||||||
"root_folder_path": "/data/media/shows",
|
|
||||||
"tvdb_api_key": "",
|
|
||||||
"tmdb_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['TMDB_API_KEY'] }}",
|
|
||||||
"fallback_to_top_result": false,
|
|
||||||
"sonarr_api_timeout": 120.0,
|
|
||||||
"quality_profile_id": 1,
|
|
||||||
"metadata_profile_id": 1,
|
|
||||||
"search_for_missing_episodes": true,
|
|
||||||
"dry_run_adding_to_sonarr": false,
|
|
||||||
"minimum_rating": 4.5,
|
|
||||||
"minimum_votes": 50,
|
|
||||||
"language_choice": "all",
|
|
||||||
"auto_start": true,
|
|
||||||
"auto_start_delay": 60.0
|
|
||||||
}
|
|
||||||
@@ -1,238 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
# debug: false
|
|
||||||
# remote_configuration: false
|
|
||||||
# remote_file_management: false
|
|
||||||
# instance_name: default
|
|
||||||
# flags:
|
|
||||||
# no_logo: false
|
|
||||||
# no_start: false
|
|
||||||
# no_config_watch: false
|
|
||||||
# no_connect: false
|
|
||||||
# no_share_scan: false
|
|
||||||
# force_share_scan: false
|
|
||||||
# no_version_check: false
|
|
||||||
# log_sql: false
|
|
||||||
# experimental: false
|
|
||||||
# volatile: false
|
|
||||||
# case_sensitive_reg_ex: false
|
|
||||||
# legacy_windows_tcp_keepalive: false
|
|
||||||
# relay:
|
|
||||||
# enabled: false
|
|
||||||
# mode: controller # controller (default), agent, or debug (for local development)
|
|
||||||
# # controller config is required when running in 'agent' mode
|
|
||||||
# # this specifies the relay controller that will be controlling this agent
|
|
||||||
# controller:
|
|
||||||
# address: https://some.site.com:5000
|
|
||||||
# ignore_certificate_errors: false
|
|
||||||
# api_key: <a 16-255 character string corresponding to one of the controller's 'readwrite' or 'administrator' API keys>
|
|
||||||
# secret: <a 16-255 character shared secret matching the controller's config for this agent>
|
|
||||||
# downloads: false
|
|
||||||
# # agent config is optional when running in 'controller' mode
|
|
||||||
# # this specifies all of the agents capable of connecting
|
|
||||||
# agents:
|
|
||||||
# my_agent:
|
|
||||||
# instance_name: my_agent # make sure the top-level instance_name of the agent matches!
|
|
||||||
# secret: <a 16-255 character string unique to this agent>
|
|
||||||
# cidr: 0.0.0.0/0,::/0
|
|
||||||
# permissions:
|
|
||||||
# file:
|
|
||||||
# mode: ~ # not for Windows, chmod syntax, e.g. 644, 777. can't escalate beyond umask
|
|
||||||
# directories:
|
|
||||||
# incomplete: ~
|
|
||||||
# downloads: ~
|
|
||||||
# shares:
|
|
||||||
# directories:
|
|
||||||
# - ~
|
|
||||||
# filters:
|
|
||||||
# - \.ini$
|
|
||||||
# - Thumbs.db$
|
|
||||||
# - \.DS_Store$
|
|
||||||
# cache:
|
|
||||||
# storage_mode: memory
|
|
||||||
# workers: 16
|
|
||||||
# retention: ~ # retain indefinitely (do not automatically re-scan)
|
|
||||||
# rooms:
|
|
||||||
# - ~
|
|
||||||
# global:
|
|
||||||
# upload:
|
|
||||||
# slots: 20
|
|
||||||
# speed_limit: 1000 # in kibibytes
|
|
||||||
# limits:
|
|
||||||
# queued:
|
|
||||||
# files: 500
|
|
||||||
# megabytes: 5000
|
|
||||||
# daily:
|
|
||||||
# files: 1000
|
|
||||||
# megabytes: 10000
|
|
||||||
# failures: 200
|
|
||||||
# weekly:
|
|
||||||
# files: 5000
|
|
||||||
# megabytes: 50000
|
|
||||||
# failures: 1000
|
|
||||||
# download:
|
|
||||||
# slots: 500
|
|
||||||
# speed_limit: 1000
|
|
||||||
# groups:
|
|
||||||
# default:
|
|
||||||
# upload:
|
|
||||||
# priority: 500
|
|
||||||
# strategy: roundrobin
|
|
||||||
# slots: 10
|
|
||||||
# limits:
|
|
||||||
# queued:
|
|
||||||
# files: 150
|
|
||||||
# megabytes: 1500
|
|
||||||
# daily: ~ # no daily limits (weekly still apply)
|
|
||||||
# weekly:
|
|
||||||
# files: 1500
|
|
||||||
# megabytes: 15000
|
|
||||||
# failures: 150
|
|
||||||
# leechers:
|
|
||||||
# thresholds:
|
|
||||||
# files: 1
|
|
||||||
# directories: 1
|
|
||||||
# upload:
|
|
||||||
# priority: 999
|
|
||||||
# strategy: roundrobin
|
|
||||||
# slots: 1
|
|
||||||
# speed_limit: 100
|
|
||||||
# limits:
|
|
||||||
# queued:
|
|
||||||
# files: 15
|
|
||||||
# megabytes: 150
|
|
||||||
# daily:
|
|
||||||
# files: 30
|
|
||||||
# megabytes: 300
|
|
||||||
# failures: 10
|
|
||||||
# weekly:
|
|
||||||
# files: 150
|
|
||||||
# megabytes: 1500
|
|
||||||
# failures: 30
|
|
||||||
# blacklisted:
|
|
||||||
# members:
|
|
||||||
# - <username to blacklist>
|
|
||||||
# cidrs:
|
|
||||||
# - <CIDR to blacklist, e.g. 255.255.255.255/32>
|
|
||||||
# user_defined:
|
|
||||||
# my_buddies:
|
|
||||||
# upload:
|
|
||||||
# priority: 250
|
|
||||||
# strategy: firstinfirstout
|
|
||||||
# slots: 10
|
|
||||||
# limits:
|
|
||||||
# queued:
|
|
||||||
# files: 1000 # override global default
|
|
||||||
# members:
|
|
||||||
# - alice
|
|
||||||
# - bob
|
|
||||||
# blacklist:
|
|
||||||
# enabled: true
|
|
||||||
# file: <path to file containing CIDRs to blacklist>
|
|
||||||
# filters:
|
|
||||||
# search:
|
|
||||||
# request:
|
|
||||||
# - ^.{1,2}$
|
|
||||||
# web:
|
|
||||||
# port: 5030
|
|
||||||
# https:
|
|
||||||
# disabled: false
|
|
||||||
# port: 5031
|
|
||||||
# force: false
|
|
||||||
# certificate:
|
|
||||||
# pfx: ~
|
|
||||||
# password: ~
|
|
||||||
# url_base: /
|
|
||||||
# content_path: wwwroot
|
|
||||||
# logging: false
|
|
||||||
# authentication:
|
|
||||||
# disabled: false
|
|
||||||
# username: slskd
|
|
||||||
# password: slskd
|
|
||||||
# jwt:
|
|
||||||
# key: ~
|
|
||||||
# ttl: 604800000
|
|
||||||
# api_keys:
|
|
||||||
# my_api_key:
|
|
||||||
# key: <some example string between 16 and 255 characters>
|
|
||||||
# role: readonly # readonly, readwrite, administrator
|
|
||||||
# cidr: 0.0.0.0/0,::/0
|
|
||||||
# retention:
|
|
||||||
# transfers:
|
|
||||||
# upload:
|
|
||||||
# succeeded: 1440 # 1 day
|
|
||||||
# errored: 30
|
|
||||||
# cancelled: 5
|
|
||||||
# download:
|
|
||||||
# succeeded: 1440 # 1 day
|
|
||||||
# errored: 20160 # 2 weeks
|
|
||||||
# cancelled: 5
|
|
||||||
# files:
|
|
||||||
# complete: 20160 # 2 weeks
|
|
||||||
# incomplete: 43200 # 30 days
|
|
||||||
# logs: 259200 # 180 days
|
|
||||||
# logger:
|
|
||||||
# disk: false
|
|
||||||
# no_color: false
|
|
||||||
# loki: ~
|
|
||||||
# metrics:
|
|
||||||
# enabled: false
|
|
||||||
# url: /metrics
|
|
||||||
# authentication:
|
|
||||||
# disabled: false
|
|
||||||
# username: slskd
|
|
||||||
# password: slskd
|
|
||||||
# feature:
|
|
||||||
# swagger: false
|
|
||||||
# soulseek:
|
|
||||||
# address: vps.slsknet.org
|
|
||||||
# port: 2271
|
|
||||||
# username: ~
|
|
||||||
# password: ~
|
|
||||||
# description: |
|
|
||||||
# A slskd user. https://github.com/slskd/slskd
|
|
||||||
# listen_ip_address: 0.0.0.0
|
|
||||||
# listen_port: 50300
|
|
||||||
# diagnostic_level: Info
|
|
||||||
# distributed_network:
|
|
||||||
# disabled: false
|
|
||||||
# disable_children: false
|
|
||||||
# child_limit: 25
|
|
||||||
# logging: false
|
|
||||||
# connection:
|
|
||||||
# timeout:
|
|
||||||
# connect: 10000
|
|
||||||
# inactivity: 15000
|
|
||||||
# buffer:
|
|
||||||
# read: 16384
|
|
||||||
# write: 16384
|
|
||||||
# transfer: 262144
|
|
||||||
# write_queue: 250
|
|
||||||
# proxy:
|
|
||||||
# enabled: false
|
|
||||||
# address: ~
|
|
||||||
# port: ~
|
|
||||||
# username: ~
|
|
||||||
# password: ~
|
|
||||||
# integration:
|
|
||||||
# ftp:
|
|
||||||
# enabled: false
|
|
||||||
# address: ~
|
|
||||||
# port: ~
|
|
||||||
# username: ~
|
|
||||||
# password: ~
|
|
||||||
# remote_path: /
|
|
||||||
# encryption_mode: auto
|
|
||||||
# ignore_certificate_errors: false
|
|
||||||
# overwrite_existing: true
|
|
||||||
# connection_timeout: 5000
|
|
||||||
# retry_attempts: 3
|
|
||||||
# pushbullet:
|
|
||||||
# enabled: false
|
|
||||||
# access_token: ~
|
|
||||||
# notification_prefix: "From slskd:"
|
|
||||||
# notify_on_private_message: true
|
|
||||||
# notify_on_room_mention: true
|
|
||||||
# retry_attempts: 3
|
|
||||||
# cooldown_time: 900000
|
|
||||||
@@ -1,29 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
<?xml version='1.0' encoding='UTF-8'?>
|
|
||||||
|
|
||||||
<!DOCTYPE properties SYSTEM 'http://java.sun.com/dtd/properties.dtd'>
|
|
||||||
|
|
||||||
<properties>
|
|
||||||
|
|
||||||
<entry key='config.default'>./conf/default.xml</entry>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
|
|
||||||
This is the main configuration file. All your configuration parameters should be placed in this file.
|
|
||||||
|
|
||||||
Default configuration parameters are located in the "default.xml" file. You should not modify it to avoid issues
|
|
||||||
with upgrading to a new version. Parameters in the main config file override values in the default file. Do not
|
|
||||||
remove "config.default" parameter from this file unless you know what you are doing.
|
|
||||||
|
|
||||||
For list of available parameters see following page: https://www.traccar.org/configuration-file/
|
|
||||||
|
|
||||||
-->
|
|
||||||
|
|
||||||
<entry key='database.driver'>org.postgresql.Driver</entry>
|
|
||||||
<entry key='database.url'>jdbc:postgresql://traccar-pg:5432/traccar-db</entry>
|
|
||||||
<entry key='database.user'>traccar</entry>
|
|
||||||
<entry key='database.password'>{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['WAZUH_API_PASSWORD'] }}</entry>
|
|
||||||
|
|
||||||
</properties>
|
|
||||||
@@ -1,29 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
{
|
|
||||||
"always_keep_failed_tasks": true,
|
|
||||||
"auto_manage_completed_tasks": false,
|
|
||||||
"cache_path": "/tmp/unmanic",
|
|
||||||
"clear_pending_tasks_on_restart": false,
|
|
||||||
"concurrent_file_testers": 2,
|
|
||||||
"config_path": "/config/.unmanic/config",
|
|
||||||
"debugging": false,
|
|
||||||
"distributed_worker_count_target": 0,
|
|
||||||
"enable_library_scanner": false,
|
|
||||||
"first_run": false,
|
|
||||||
"follow_symlinks": true,
|
|
||||||
"installation_name": "Unmanic @ Rinoa",
|
|
||||||
"library_path": "/library",
|
|
||||||
"log_path": "/config/.unmanic/logs",
|
|
||||||
"max_age_of_completed_tasks": 91,
|
|
||||||
"number_of_workers": null,
|
|
||||||
"plugins_path": "/config/.unmanic/plugins",
|
|
||||||
"release_notes_viewed": "0.2.8",
|
|
||||||
"remote_installations": [],
|
|
||||||
"run_full_scan_on_start": false,
|
|
||||||
"schedule_full_scan_minutes": 1440,
|
|
||||||
"ui_port": 8888,
|
|
||||||
"userdata_path": "/config/.unmanic/userdata",
|
|
||||||
"worker_event_schedules": null
|
|
||||||
}
|
|
||||||
@@ -1,19 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
nodes:
|
|
||||||
# Wazuh indexer server nodes
|
|
||||||
indexer:
|
|
||||||
- name: wazuh.indexer
|
|
||||||
ip: wazuh.indexer
|
|
||||||
|
|
||||||
# Wazuh server nodes
|
|
||||||
# Use node_type only with more than one Wazuh manager
|
|
||||||
server:
|
|
||||||
- name: wazuh.manager
|
|
||||||
ip: wazuh.manager
|
|
||||||
|
|
||||||
# Wazuh dashboard node
|
|
||||||
dashboard:
|
|
||||||
- name: wazuh.dashboard
|
|
||||||
ip: wazuh.dashboard
|
|
||||||
@@ -1,33 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
network.host: "0.0.0.0"
|
|
||||||
node.name: "wazuh.indexer"
|
|
||||||
path.data: /var/lib/wazuh-indexer
|
|
||||||
path.logs: /var/log/wazuh-indexer
|
|
||||||
discovery.type: single-node
|
|
||||||
http.port: 9200-9299
|
|
||||||
transport.tcp.port: 9300-9399
|
|
||||||
compatibility.override_main_response_version: true
|
|
||||||
plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem
|
|
||||||
plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key
|
|
||||||
plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
|
|
||||||
plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem
|
|
||||||
plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key
|
|
||||||
plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
|
|
||||||
plugins.security.ssl.http.enabled: true
|
|
||||||
plugins.security.ssl.transport.enforce_hostname_verification: false
|
|
||||||
plugins.security.ssl.transport.resolve_hostname: false
|
|
||||||
plugins.security.authcz.admin_dn:
|
|
||||||
- "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
|
|
||||||
plugins.security.check_snapshot_restore_write_privileges: true
|
|
||||||
plugins.security.enable_snapshot_restore_privilege: true
|
|
||||||
plugins.security.nodes_dn:
|
|
||||||
- "CN=wazuh.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
|
|
||||||
plugins.security.restapi.roles_enabled:
|
|
||||||
- "all_access"
|
|
||||||
- "security_rest_api_access"
|
|
||||||
plugins.security.system_indices.enabled: true
|
|
||||||
plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"]
|
|
||||||
plugins.security.allow_default_init_securityindex: true
|
|
||||||
cluster.routing.allocation.disk.threshold_enabled: false
|
|
||||||
@@ -1,10 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
hosts:
|
|
||||||
- 1513629884013:
|
|
||||||
url: "https://wazuh.manager"
|
|
||||||
port: 55000
|
|
||||||
username: wazuh-wui
|
|
||||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['WAZUH_API_PASSWORD'] }}
|
|
||||||
run_as: false
|
|
||||||
@@ -1,19 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
ydl_server: # youtube-dl-server specific settings
|
|
||||||
port: 8080 # Port youtube-dl-server should listen on
|
|
||||||
host: 0.0.0.0 # IP youtube-dl-server should bind to
|
|
||||||
debug: False # Enable/Disable debug mode
|
|
||||||
metadata_db_path: '/youtube-dl/.ydl-metadata.db' # Path to metadata DB
|
|
||||||
output_playlist: '/youtube-dl/%(title)s [%(id)s].%(ext)s' # Playlist output directory template
|
|
||||||
update_poll_delay_min: 1440 # Automatically check for updates every 24h
|
|
||||||
max_log_entries: 100 # Maximum number of job log history to keep
|
|
||||||
forwarded_allow_ips: None # uvicorn Comma seperated list of IPs to trust with proxy headers.
|
|
||||||
proxy_headers: True # uvicorn flag Enable/Disable X-Forwarded-Proto, X-Forwarded-For, X-Forwarded-Port to populate remote address info.
|
|
||||||
|
|
||||||
ydl_options: # youtube-dl options
|
|
||||||
output: '/youtube-dl/%(title)s [%(id)s].%(ext)s' # output directory template
|
|
||||||
cache-dir: '/youtube-dl/.cache' # youtube-dl cache directory
|
|
||||||
ignore-errors: True # instruct youtube-dl to skip errors
|
|
||||||
age-limit: 6 # minimal age requirement / parental control setting
|
|
||||||
@@ -1,43 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
# All possible options and their defaults: https://github.com/zitadel/zitadel/blob/main/cmd/defaults.yaml
|
|
||||||
Log:
|
|
||||||
Level: 'debug'
|
|
||||||
|
|
||||||
# Make ZITADEL accessible over HTTPs, not HTTP
|
|
||||||
ExternalSecure: true
|
|
||||||
ExternalDomain: 'id.trez.wtf'
|
|
||||||
ExternalPort: 443
|
|
||||||
|
|
||||||
# If not using the docker compose example, adjust these values for connecting ZITADEL to your PostgreSQL
|
|
||||||
Database:
|
|
||||||
postgres:
|
|
||||||
Host: 'zitadel-pg-db'
|
|
||||||
Port: 5432
|
|
||||||
Database: zitadel
|
|
||||||
User:
|
|
||||||
SSL:
|
|
||||||
Mode: 'disable'
|
|
||||||
Admin:
|
|
||||||
SSL:
|
|
||||||
Mode: 'disable'
|
|
||||||
|
|
||||||
DefaultInstance:
|
|
||||||
DomainPolicy:
|
|
||||||
UserLoginMustBeDomain: false
|
|
||||||
|
|
||||||
LogStore:
|
|
||||||
Access:
|
|
||||||
Stdout:
|
|
||||||
Enabled: true
|
|
||||||
|
|
||||||
SMTPConfiguration:
|
|
||||||
# Configuration of the host
|
|
||||||
SMTP:
|
|
||||||
# must include the port, like smtp.mailtrap.io:2525. IPv6 is also supported, like [2001:db8::1]:2525
|
|
||||||
Host: 'postal-smtp:25'
|
|
||||||
User: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }}
|
|
||||||
Password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}
|
|
||||||
From: 'noreply@trez.wtf'
|
|
||||||
FromName: 'Zitadel @ Rinoa'
|
|
||||||
@@ -1,13 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
# All possible options and their defaults: https://github.com/zitadel/zitadel/blob/main/cmd/setup/steps.yaml
|
|
||||||
FirstInstance:
|
|
||||||
Org:
|
|
||||||
Human:
|
|
||||||
# use the loginname root@my-org.my.domain
|
|
||||||
Username: 'root'
|
|
||||||
Password: 'RootPassword1!'
|
|
||||||
Email:
|
|
||||||
Address: 'charish.patel@trez.wtf'
|
|
||||||
Verified: true
|
|
||||||
@@ -1,13 +0,0 @@
|
|||||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
||||||
{% set secrets_path = 'rinoa-docker/env' %}
|
|
||||||
|
|
||||||
# If not using the docker compose example, adjust these values for connecting ZITADEL to your PostgreSQL
|
|
||||||
Database:
|
|
||||||
postgres:
|
|
||||||
User:
|
|
||||||
# If the user doesn't exist already, it is created
|
|
||||||
Username: 'zitadel'
|
|
||||||
Password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ZITADEL_DB_PASSWORD'] }}
|
|
||||||
Admin:
|
|
||||||
Username: 'root'
|
|
||||||
Password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ZITADEL_DB_ADMIN_PASSWORD'] }}
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
collections:
|
|
||||||
- name: community.hashi_vault
|
|
||||||
version: 6.2.0
|
|
||||||
@@ -1,20 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Deploy config templates and trigger GitHub workflow
|
|
||||||
hosts: rinoa
|
|
||||||
vars:
|
|
||||||
appdata_base_path: "~/.docker/config/appdata"
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
- name: Ensure target directories exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ appdata_base_path }}/{{ (item | basename | regex_replace('\\.j2$', '') | regex_replace('_', '/') | regex_replace('/[^/]+$', '')) }}"
|
|
||||||
state: directory
|
|
||||||
mode: '0755'
|
|
||||||
loop: "{{ query('fileglob', 'app-configs/*.j2') }}"
|
|
||||||
|
|
||||||
- name: Deploy configuration templates
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ item }}"
|
|
||||||
dest: "{{ appdata_base_path }}/{{ item | basename | regex_replace('\\.j2$', '') | regex_replace('_', '/') }}"
|
|
||||||
mode: '0644'
|
|
||||||
loop: "{{ query('fileglob', 'app-configs/*.j2') }}"
|
|
||||||
@@ -1,14 +0,0 @@
|
|||||||
vault_addr: "https://vault.trez.wtf"
|
|
||||||
vault_token: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
66373236656261373330343233616231386539616566613864306436613635323533336365383232
|
|
||||||
6636653139393566643265303135343864363632393035380a643566373137316363626438356431
|
|
||||||
64653237313866316537326565386164373564353166346334663638636531353337303937346466
|
|
||||||
3539366634393337620a653133336530333963343638643934303336653935363932643665353234
|
|
||||||
63343565663632633563396131346139666236313863663332386131633831633566373366613738
|
|
||||||
63343634313539336534666632313736343338623538303434316230383764643432646663356238
|
|
||||||
61373132633062346436363036333533623931313037306633616662623032616137613734343638
|
|
||||||
63633031616161623437623935346366636433653435646333313638376161663237323130636433
|
|
||||||
31383031646666626163323966393738386233346137326231366263316532343563
|
|
||||||
vault_token_cleaned: "{{ vault_token | regex_replace('\\n', '') }}"
|
|
||||||
secrets_path: "rinoa-docker/env"
|
|
||||||
@@ -1,12 +0,0 @@
|
|||||||
ansible_host: 192.168.1.254
|
|
||||||
ansible_python_interpreter: /usr/bin/python3
|
|
||||||
ansible_ssh_port: 22
|
|
||||||
ansible_ssh_user: charish
|
|
||||||
ansible_ssh_pass: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
38346631616139316365316566386362396661323163306339303635646331373061323531626431
|
|
||||||
3435373031363739356261656239633835393963636663370a613166653463656337666366633639
|
|
||||||
37373637326633363430633336646165343764303063663636313835326130663532323037663331
|
|
||||||
6332353339656134370a353435396532663932313535646636333262353238386331313764633635
|
|
||||||
63383065623930653134666261353439366535646661383434386261393232373432353937636535
|
|
||||||
3432336137393737643735346665303832653630316439333565
|
|
||||||
@@ -1,12 +0,0 @@
|
|||||||
---
|
|
||||||
all:
|
|
||||||
hosts:
|
|
||||||
benedikta:
|
|
||||||
ansible_host: 192.168.1.241
|
|
||||||
ansible_user: charish
|
|
||||||
rikku:
|
|
||||||
ansible_host: 192.168.1.253
|
|
||||||
ansible_user: pi
|
|
||||||
rinoa:
|
|
||||||
ansible_host: 192.168.1.254
|
|
||||||
ansible_user: charish
|
|
||||||
@@ -1,7 +0,0 @@
|
|||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
65353131326537376561616630666531353731653835306564323565383332653437633533313932
|
|
||||||
6239663065306339366536326432323534303364663862350a353034623936363066303164333434
|
|
||||||
32666331326332363463383234316136323031626330366132643034376439616339396662636236
|
|
||||||
3633393039376438630a326138653031656465373966356564336463643465613638313838393166
|
|
||||||
36626366356266636535613862333631386231626134376264363731353264613261633037646662
|
|
||||||
6431393837653564366531316332616232336365636533643036
|
|
||||||
@@ -1,135 +0,0 @@
|
|||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
61353462613766353733306330373236633138333538613634653533316430363930633630626631
|
|
||||||
3035333733316133643133356134366366343337363032330a316536353561643436373536336563
|
|
||||||
61343566373439376138393533313064313537343831386536623632353262386566633464633661
|
|
||||||
6161396538323162310a333866383339393535303236633162303038343134623965646331653262
|
|
||||||
35633466383131646465393338313036393164323865353366316366313263303735616539386334
|
|
||||||
38666262373336326431306236633662666335303135633965326131663437356565613632636436
|
|
||||||
32636362393939336636376363666461653563356431316161306631633634376132623636396461
|
|
||||||
61353138323062333937313033313230343136343733303339386362616161383564653363383531
|
|
||||||
34646463666166326131626361653666626633366535356534396239613838373063613136303034
|
|
||||||
31623363633436303238646233363431343933393534346635383362336361323633396430366561
|
|
||||||
30323035613132323634656531353831613961646534306636346466623932383637303830396239
|
|
||||||
63646361386263316662393533336536396462623930646466393632363166353234383632313930
|
|
||||||
31633030303961343830346334613765333039653734313733396533326434383838626537656564
|
|
||||||
66646464616566356533653939333330376339666234656137336361633263396165323963343938
|
|
||||||
32313261353237636233343238366334306665353333643933376130336331323132393037663461
|
|
||||||
35653132333935636132666363333033396630643466303933393434646432336166633461386263
|
|
||||||
66316433663831623730303838343566633237363832353933333063356661353564306461383662
|
|
||||||
64646530336662346633616335313064663135613439653663653434623931303333613639356633
|
|
||||||
64613639653065613962373233656663366462343663623964313338356462336239373830623466
|
|
||||||
31316164346437333331336335613336333935323961353335313635636230386339363262616266
|
|
||||||
30316533313664623966323230373137653533626563376638386430613465663937343939626661
|
|
||||||
65663031663931383465366663383936343338383937356463623431656633653363363137336261
|
|
||||||
31663762643132386461333732613330636433326139663133633462343435353065313431663834
|
|
||||||
65616232353539653632393337653863346638316233656636383735386265343434613139636230
|
|
||||||
62653232653430356539663334653134663536336136343133666461396232303038343934376463
|
|
||||||
62623262356638663538343862376365333235366137383535643431353837303762306637653939
|
|
||||||
35333130346237353432616130353261386237666366306436353439396630646430343739323330
|
|
||||||
35373664656465626538313139383462356435396631343666623437343933393938666464383834
|
|
||||||
36613363663534613566633434643466666365396238363837326362646430353034653133616438
|
|
||||||
61336233663332336333643564663336333935343266353265376664666135396530656639623338
|
|
||||||
34313462333563636564366330636464656263663236303437366564363439646430356338373337
|
|
||||||
32353435313164323636336537386437656439306231656139633234303363623363303937383464
|
|
||||||
38663736656663316334303937626264666138643434623736336630353663373035363938373630
|
|
||||||
36303933613766613763646638316365306539373332623731373363643261373931393733323038
|
|
||||||
61303966373733623362353963346433653931303334313664636531313531373932313465326162
|
|
||||||
35366136386236613930663037353765393464366234303165636635393763363433316466363438
|
|
||||||
33396334623764356362393035626631666363646433356561333633313837303438333734313836
|
|
||||||
38343935626334313063316639356436303331643535633230653439326332386432333831336131
|
|
||||||
36633732636537353936663838393937326135623261663565323963393335616665323233336435
|
|
||||||
62663662303138643239313061323233316262333362323266333739333564316431303964643033
|
|
||||||
62313134613031363063333731653634393363356238313463343066636234356239303139313065
|
|
||||||
37346532383133323932323164626663663437313166343235653962383162383138373165663865
|
|
||||||
61363237323662616634626137393934396131303934623865363133313863396635353964613863
|
|
||||||
61376431663134303863663764353238626131623138623030363734366233613637623932356235
|
|
||||||
32343664346566383939353137343434316532393639326435616365326565393736663163303861
|
|
||||||
37316461303237333861306465613537626337396532356163356235626563356137316330613134
|
|
||||||
65636131663633633936613736326338643133336636316461316335653062666631363933323465
|
|
||||||
37656564396161363637363238373635626565373334626539633634336561643364316331633132
|
|
||||||
32643431616432616562343538366638663238376332666566343237626539336534663162643062
|
|
||||||
37376434363661323137356130623135346430633235643530356366343461326534656562363262
|
|
||||||
61653365326363366336363933326232373363626430353561646339376236333639346130383537
|
|
||||||
64323832323762353964346434313236613436643762306636666134373730646633313032346136
|
|
||||||
37636564633365653234373034303933333864636139666132386665666430663136393939626332
|
|
||||||
39343234363032646266323862663937626438623237313865656632306666373663633734353132
|
|
||||||
33646531333363313031666565653662333039653866633563626564666434356364396530666532
|
|
||||||
36326566663138663031616635366134666364656639313265643662633861353030373132306565
|
|
||||||
34366665366562623230393066643538396337653361346130326630326338363937353834333664
|
|
||||||
64343633373866333562313535386131323336643336376666663836343265306563356466636630
|
|
||||||
65363239333937386161616638393464613339316261313764636535326137663861386330353464
|
|
||||||
31653232313930663465663036336232306666363865646231643865316366303561303662383730
|
|
||||||
38653566356331613430613462643235366636313961373535366639353565623836336637363233
|
|
||||||
35333334613566326637633161346638663136666465356461383765663237623631663138613034
|
|
||||||
63633766313032363366633838666131303335656139373661316333326661326238366138343435
|
|
||||||
39363861393064333532666330313764316539636364393138613939366536653830653932326638
|
|
||||||
63303338333934353536646637333065386532383239643933366438616234353839646533336236
|
|
||||||
30633465353730653531663333356636393334616534616635333563363136306233323236653266
|
|
||||||
39626434363862656465336364333737623461346231613139373031326531396633366432386561
|
|
||||||
63363631376634373862646138363565366533636330623366393530306135363261333433303961
|
|
||||||
31366362333263636265386434333566616264666562323762666133646139356364626563343663
|
|
||||||
31313834303737356638393065336134323762663265623662333061626239393133363465663537
|
|
||||||
37633436356631643465313665646365336134653436633762653430326263623230663335633531
|
|
||||||
65313532616430616162386265333336323134393831613663386238383936376665346164646239
|
|
||||||
65353362626336373661373364313034313533646132623638623063353937313337313539353134
|
|
||||||
62623733363339386465633063306465333632353435363532316263303839343231643235313862
|
|
||||||
65346137613863353364383430616465643435356162373731323035623431643639396162646139
|
|
||||||
31376430386661303164366365653838636662373762623330306534376231313938633837353663
|
|
||||||
30333661303961363434313166323933613131366162623466306133333032353035343836646631
|
|
||||||
37336232386364663533313261376230336539303933353339323865363962303733316365316438
|
|
||||||
30636235393735396637353331623532376534636465666234373231313039323638366631633234
|
|
||||||
61353231666565373764663235313130303365613630393661653434383738333066663961366165
|
|
||||||
37323334643932626136636631373761393537343764663931646261613361313261373462386430
|
|
||||||
65623634303030366230373165623434316461656661336261626335653031633664336265633431
|
|
||||||
63646534616438326139353030336236303734616365383166343537393732623930316235616330
|
|
||||||
38366430633062313431396633626665376234626663336534643632616139373566303835303564
|
|
||||||
32326363393535663137616430616233663463636133363231663739336264663862613832313663
|
|
||||||
66343839323861646635666331613236356336316361376162323964313663393030633332313662
|
|
||||||
63323634363435346536663637363935323266346639366161643535313031663261633865313936
|
|
||||||
34643163323861663432393330663763346138343930313639613139376138376263323232656631
|
|
||||||
66623065326336323631313564666430363836386439396533393665396233323465646636643532
|
|
||||||
39666364643933643363666164633931333635313233323365373135363833663964333430653338
|
|
||||||
39643961626336376539653461643263626635383662323965363233623435386630653464303938
|
|
||||||
64633536386535363031333063353633643632666134323464336166653533396437316566373732
|
|
||||||
38366465646165313563396363656266653233393965623036623533623638643166356131623338
|
|
||||||
31393863346564303865336430376462333831623339653935353664376166636665626637313031
|
|
||||||
33353166366634656333663461353631633837663934333737393366373364663833313230333735
|
|
||||||
62333333353361653533643233613464616664633736613138636666613932613061666230373565
|
|
||||||
37643634376363373031643731366262303733313534303661326462366632656163393532666265
|
|
||||||
66383061363336343837373831326135383430383831366563376165303661663732323437623134
|
|
||||||
66633763313336376262376233363862663132356164313336393566313062386231633635653332
|
|
||||||
65616335343738663565623161383730643735323937316535653032633032363532633434393639
|
|
||||||
30343635666162373762376131663336653838626331306365333234333438306433666434613938
|
|
||||||
34346137326264633366663332666330646364333938663262633637356263643937343262623834
|
|
||||||
32323835623061656535313766643437373066363832353562633463636530386235313365376561
|
|
||||||
62303162316365396164333065653638643065633665646436386365323263366237616138636531
|
|
||||||
35313337643361656166643036333631656438326365386161303635613363383636346437613434
|
|
||||||
66313631343863343939333261396266346333323632623361656638306234656330633635333733
|
|
||||||
38376531353230343933613961376638353063346435623366343930313237663733346531323135
|
|
||||||
64336239396137353465393361346437383565393638343930356365313163363264333834326139
|
|
||||||
30383763336137346530653961613434306664373264316434616263306562623335663330616564
|
|
||||||
37346565653562363866343937653238353332336135663766383239653038643130373165353462
|
|
||||||
62306238643536336235623638363734656366663530373264663861313438373437306666393731
|
|
||||||
33333237636535623631303134303138353434323533653931653762323330643466306565313630
|
|
||||||
35366663346165333833626630323330336336303166643463396437383730643166303965363838
|
|
||||||
39313739333334613262393135616232316436643835636430653237383739653536373962346161
|
|
||||||
30643639303938393266613734346234316331633834643337373265313763393766323431333439
|
|
||||||
32353036326333356535633136376630623733306636663363393434653033636431643063393939
|
|
||||||
63653164363435306232636536333739633832346137373130303265383135396334343062396463
|
|
||||||
30303434613034316365653464343265393736386265623366643763386265316462396464346162
|
|
||||||
32623138393363613636336435666233366630653030326561336338306339663837303033366134
|
|
||||||
32616334313539653763396164656133613736303335646564633736393463313261613831623664
|
|
||||||
38613032333766376135363437313561643863333036363766343333303664303738623738666634
|
|
||||||
66623032306337326361383466303431616531313535316134336338656437653134653738393662
|
|
||||||
64373437363762633261373533313730383932306161376636393261623534663737633639653462
|
|
||||||
66663732306239313764383264663362346433346265303732333535613563613033616165343037
|
|
||||||
62633565643433353332663534366564616132646337356265346234366537653561316531356366
|
|
||||||
61666163303362666232613164373963383131616336613030626262306136636265633531306133
|
|
||||||
64646332336137353765626439346162636233363463313437633763656361653565343835393762
|
|
||||||
64343433373938636461646265303238646635346662626331333436343535636231666563326462
|
|
||||||
35373435396233313464366636343165376662616134633037376161393565336164646663323266
|
|
||||||
36386634383066383763353535616466396464623836646439323535323839646632323839653838
|
|
||||||
35383136343333326565383261653763383639313631663631343730353532613764306630326262
|
|
||||||
37363665313637633162373264623464346431306537386231613131663934623933353433623031
|
|
||||||
66326331666132643637323937376164306565343035363032623231303962313433356362613362
|
|
||||||
3233366530336137393333373639613864613561363465306239
|
|
||||||
+132
-235
@@ -118,28 +118,6 @@ services:
|
|||||||
type: bind
|
type: bind
|
||||||
bind:
|
bind:
|
||||||
create_host_path: true
|
create_host_path: true
|
||||||
ansible0guy-webui:
|
|
||||||
container_name: ansible-webui
|
|
||||||
environment:
|
|
||||||
AW_HOSTNAMES: ansible.trez.wtf
|
|
||||||
AW_PROXY: 1
|
|
||||||
AW_SECRET: ${ANSIBLE_WEBUI_SECRET}
|
|
||||||
image: ansible0guy/webui:latest
|
|
||||||
labels:
|
|
||||||
homepage.group: Code/DevOps
|
|
||||||
homepage.name: Ansible WebUI
|
|
||||||
homepage.icon: ansible.svg
|
|
||||||
homepage.href: https://ansible.${MY_TLD}
|
|
||||||
homepage.description: WebUI for Ansible
|
|
||||||
swag: enable
|
|
||||||
swag_url: ansible.${MY_TLD}
|
|
||||||
swag_proto: http
|
|
||||||
swag_port: 8000
|
|
||||||
swag.uptime-kuma.monitor.url: https://ansible.${MY_TLD}
|
|
||||||
swag.uptime-kuma.enabled: true
|
|
||||||
ports:
|
|
||||||
- 44448:8000
|
|
||||||
restart: unless-stopped
|
|
||||||
apprise:
|
apprise:
|
||||||
container_name: apprise
|
container_name: apprise
|
||||||
environment:
|
environment:
|
||||||
@@ -579,9 +557,8 @@ services:
|
|||||||
container_name: castopod
|
container_name: castopod
|
||||||
depends_on:
|
depends_on:
|
||||||
mariadb:
|
mariadb:
|
||||||
condition: service_started
|
condition: service_healthy
|
||||||
required: true
|
required: true
|
||||||
restart: true
|
|
||||||
environment:
|
environment:
|
||||||
MYSQL_DATABASE: castopod
|
MYSQL_DATABASE: castopod
|
||||||
MYSQL_USER: castopod
|
MYSQL_USER: castopod
|
||||||
@@ -1122,7 +1099,7 @@ services:
|
|||||||
container_name: ghost_blog
|
container_name: ghost_blog
|
||||||
depends_on:
|
depends_on:
|
||||||
mariadb:
|
mariadb:
|
||||||
condition: service_started
|
condition: service_healthy
|
||||||
required: true
|
required: true
|
||||||
restart: true
|
restart: true
|
||||||
environment:
|
environment:
|
||||||
@@ -1729,9 +1706,8 @@ services:
|
|||||||
container_name: hortusfox
|
container_name: hortusfox
|
||||||
depends_on:
|
depends_on:
|
||||||
mariadb:
|
mariadb:
|
||||||
condition: service_started
|
condition: service_healthy
|
||||||
required: true
|
required: true
|
||||||
restart: true
|
|
||||||
environment:
|
environment:
|
||||||
APP_ADMIN_EMAIL: charish.patel@trez.wtf
|
APP_ADMIN_EMAIL: charish.patel@trez.wtf
|
||||||
APP_ADMIN_PASSWORD: ${HORTUSFOX_ADMIN_PASSWORD}
|
APP_ADMIN_PASSWORD: ${HORTUSFOX_ADMIN_PASSWORD}
|
||||||
@@ -1828,7 +1804,7 @@ services:
|
|||||||
db:
|
db:
|
||||||
dbname: invidious
|
dbname: invidious
|
||||||
user: kemal
|
user: kemal
|
||||||
password: ${INVID_PG_DB_PASSWORD}
|
password: kemal
|
||||||
host: invidious-db
|
host: invidious-db
|
||||||
port: 5432
|
port: 5432
|
||||||
check_tables: true
|
check_tables: true
|
||||||
@@ -1867,7 +1843,7 @@ services:
|
|||||||
container_name: invidious-db
|
container_name: invidious-db
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_DB: invidious
|
POSTGRES_DB: invidious
|
||||||
POSTGRES_PASSWORD: ${INVID_PG_DB_PASSWORD}
|
POSTGRES_PASSWORD: kemal
|
||||||
POSTGRES_USER: kemal
|
POSTGRES_USER: kemal
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test:
|
test:
|
||||||
@@ -1894,11 +1870,6 @@ services:
|
|||||||
create_host_path: true
|
create_host_path: true
|
||||||
invoice_ninja:
|
invoice_ninja:
|
||||||
container_name: invoice_ninja
|
container_name: invoice_ninja
|
||||||
depends_on:
|
|
||||||
mariadb:
|
|
||||||
condition: service_started
|
|
||||||
required: true
|
|
||||||
restart: true
|
|
||||||
environment:
|
environment:
|
||||||
APP_DEBUG: true
|
APP_DEBUG: true
|
||||||
APP_KEY: ${IN_APP_KEY}
|
APP_KEY: ${IN_APP_KEY}
|
||||||
@@ -2707,6 +2678,121 @@ services:
|
|||||||
published: "22300"
|
published: "22300"
|
||||||
target: 22300
|
target: 22300
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
komodo-core:
|
||||||
|
container_name: komodo-core
|
||||||
|
depends_on:
|
||||||
|
- komodo-ferretdb
|
||||||
|
- komodo-periphery
|
||||||
|
image: ghcr.io/mbecker20/komodo:latest
|
||||||
|
labels:
|
||||||
|
homepage.group: System Administration
|
||||||
|
homepage.name: Komodo
|
||||||
|
homepage.href: https://komodo.${MY_TLD}
|
||||||
|
homepage.icon: /icons/komodo.png
|
||||||
|
homepage.description: Open-source note taking & to-do
|
||||||
|
komodo.skip: a
|
||||||
|
swag: enable
|
||||||
|
swag_url: komodo.${MY_TLD}
|
||||||
|
swag_port: 9120
|
||||||
|
swag_proto: http
|
||||||
|
ports:
|
||||||
|
- 9120:9120
|
||||||
|
restart: always
|
||||||
|
volumes:
|
||||||
|
- ${DOCKER_VOLUME_CONFIG}/komodo/core.config.toml:/config/config.toml
|
||||||
|
komodo-ferretdb:
|
||||||
|
container_name: komodo-ferretdb
|
||||||
|
depends_on:
|
||||||
|
- komodo-pg-db
|
||||||
|
image: ghcr.io/ferretdb/ferretdb
|
||||||
|
labels:
|
||||||
|
komodo.skip: a
|
||||||
|
restart: unless-stopped
|
||||||
|
expose:
|
||||||
|
- 27017
|
||||||
|
environment:
|
||||||
|
- FERRETDB_POSTGRESQL_URL=postgres://komodo-pg-db:5432/komodo
|
||||||
|
komodo-periphery:
|
||||||
|
container_name: komodo-periphery
|
||||||
|
environment:
|
||||||
|
DOCKER_HOST: tcp://dockerproxy:2375
|
||||||
|
PERIPHERY_PASSKEYS: ${KOMODO_PASSKEY}
|
||||||
|
PERIPHERY_SSL_ENABLED: false
|
||||||
|
PERIPHERY_INCLUDE_DISK_MOUNTS: /etc/hostname
|
||||||
|
# PERIPHERY_EXCLUDE_DISK_MOUNTS: /snap,/etc/repos
|
||||||
|
expose:
|
||||||
|
- 8120
|
||||||
|
image: ghcr.io/mbecker20/periphery:latest
|
||||||
|
labels:
|
||||||
|
komodo.skip: a
|
||||||
|
restart: always
|
||||||
|
volumes:
|
||||||
|
- /proc:/proc
|
||||||
|
komodo-pg-db:
|
||||||
|
container_name: komodo-pg-db
|
||||||
|
environment:
|
||||||
|
POSTGRES_USER: komodo
|
||||||
|
POSTGRES_PASSWORD: ${KOMODO_PG_DB_PASSWORD}
|
||||||
|
POSTGRES_DB: komodo
|
||||||
|
expose:
|
||||||
|
- 5432
|
||||||
|
labels:
|
||||||
|
komodo.skip: a
|
||||||
|
image: postgres:17-alpine
|
||||||
|
restart: unless-stopped
|
||||||
|
volumes:
|
||||||
|
- komodo-pg-data:/var/lib/postgresql/data
|
||||||
|
librespeed:
|
||||||
|
container_name: librespeed
|
||||||
|
environment:
|
||||||
|
DB_HOSTNAME:
|
||||||
|
DB_NAME:
|
||||||
|
DB_PASSWORD:
|
||||||
|
DB_TYPE: sqlite
|
||||||
|
DB_USERNAME:
|
||||||
|
PASSWORD:
|
||||||
|
PGID: 1000
|
||||||
|
PUID: 1000
|
||||||
|
TZ: America/New_York
|
||||||
|
DOCKER_MODS: ghcr.io/themepark-dev/theme.park:librespeed
|
||||||
|
hostname: Rinoa
|
||||||
|
image: lscr.io/linuxserver/librespeed:latest
|
||||||
|
labels:
|
||||||
|
homepage.group: System Administration
|
||||||
|
homepage.name: LibreSpeed
|
||||||
|
homepage.href: https://speed.${MY_TLD}
|
||||||
|
homepage.icon: librespeed.png
|
||||||
|
homepage.description: Speed test
|
||||||
|
homepage: enable
|
||||||
|
homepage_proto: http
|
||||||
|
homepage_url: speed.${MY_TLD}
|
||||||
|
homepage.uptime-kuma.enabled: true
|
||||||
|
homepage.uptime-kuma.monitor.url: https://speed.${MY_TLD}
|
||||||
|
networks:
|
||||||
|
default: null
|
||||||
|
ports:
|
||||||
|
- mode: ingress
|
||||||
|
protocol: tcp
|
||||||
|
published: "8014"
|
||||||
|
target: 80
|
||||||
|
restart: unless-stopped
|
||||||
|
volumes:
|
||||||
|
- bind:
|
||||||
|
create_host_path: true
|
||||||
|
read_only: true
|
||||||
|
source: /etc/localtime
|
||||||
|
target: /etc/localtime
|
||||||
|
type: bind
|
||||||
|
- bind:
|
||||||
|
create_host_path: true
|
||||||
|
source: ${DOCKER_VOLUME_CONFIG}/librespeed
|
||||||
|
target: /config
|
||||||
|
type: bind
|
||||||
|
- bind:
|
||||||
|
create_host_path: true
|
||||||
|
source: /rinoa-storage
|
||||||
|
target: /storage
|
||||||
|
type: bind
|
||||||
lidarr:
|
lidarr:
|
||||||
container_name: lidarr
|
container_name: lidarr
|
||||||
environment:
|
environment:
|
||||||
@@ -2941,7 +3027,12 @@ services:
|
|||||||
PGID: 1000
|
PGID: 1000
|
||||||
PUID: 1000
|
PUID: 1000
|
||||||
TZ: America/New_York
|
TZ: America/New_York
|
||||||
MYSQL_PASSWORD: ${NEXTCLOUD_MARIADB_PASSWORD}
|
MYSQL_PASSWORD: VQU23wHKRNmfpAPt5E9BxMaSGJdWjLuz
|
||||||
|
healthcheck:
|
||||||
|
test: "/usr/bin/mariadb -u root -p${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD} -e \"SHOW DATABASES;\""
|
||||||
|
interval: 30s
|
||||||
|
timeout: 3s
|
||||||
|
retries: 5
|
||||||
hostname: Rinoa
|
hostname: Rinoa
|
||||||
image: linuxserver/mariadb
|
image: linuxserver/mariadb
|
||||||
networks:
|
networks:
|
||||||
@@ -2974,58 +3065,6 @@ services:
|
|||||||
type: bind
|
type: bind
|
||||||
bind:
|
bind:
|
||||||
create_host_path: true
|
create_host_path: true
|
||||||
mastodon:
|
|
||||||
container_name: mastodon
|
|
||||||
environment:
|
|
||||||
PUID: ${PUID}
|
|
||||||
PGID: ${PGID}
|
|
||||||
TZ: ${TZ}
|
|
||||||
LOCAL_DOMAIN: trez.wtf
|
|
||||||
REDIS_HOST: redis
|
|
||||||
REDIS_PORT: 6379
|
|
||||||
DB_HOST: mastodon-pg-db
|
|
||||||
DB_USER: mastodon
|
|
||||||
DB_NAME: mastodon
|
|
||||||
DB_PASS: ${MASTODON_PG_DB_PASSWORD}
|
|
||||||
DB_PORT: 5432
|
|
||||||
ES_ENABLED: false
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY:
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY:
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT:
|
|
||||||
SECRET_KEY_BASE:
|
|
||||||
OTP_SECRET:
|
|
||||||
VAPID_PRIVATE_KEY:
|
|
||||||
VAPID_PUBLIC_KEY:
|
|
||||||
SMTP_SERVER: postal-smtp
|
|
||||||
SMTP_PORT: 25
|
|
||||||
SMTP_LOGIN: ${POSTAL_SMTP_AUTH_USER}
|
|
||||||
SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
|
|
||||||
SMTP_FROM_ADDRESS: noreply@trez.wtf
|
|
||||||
S3_ENABLED: true
|
|
||||||
S3_BUCKET: mastodon
|
|
||||||
AWS_ACCESS_KEY_ID: ${MASTODON_MINIO_ACCESS_KEY}
|
|
||||||
AWS_SECRET_ACCESS_KEY: ${MASTODON_MINIO_SECRET_KEY}
|
|
||||||
image: lscr.io/linuxserver/mastodon:latest
|
|
||||||
labels:
|
|
||||||
swag: enable
|
|
||||||
swag_proto: http
|
|
||||||
swag_port: 5678
|
|
||||||
swag_url: mastodon.${MY_TLD}
|
|
||||||
swag.uptime-kuma.enabled: true
|
|
||||||
swag.uptime-kuma.monitor.url: https://mastodon.${MY_TLD}
|
|
||||||
homepage.group: Social
|
|
||||||
homepage.name: Mastodon
|
|
||||||
homepage.href: https://mastodon.${MY_TLD}
|
|
||||||
homepage.icon: mastodon.svg
|
|
||||||
homepage.description: Open-source social network
|
|
||||||
homepage.widget.type: mastodon
|
|
||||||
homepage.widget.url: http://mastodon
|
|
||||||
ports:
|
|
||||||
- 9044:80
|
|
||||||
- 3444:443
|
|
||||||
restart: unless-stopped
|
|
||||||
volumes:
|
|
||||||
- ${DOCKER_VOLUME_CONFIG}/mastodon:/config
|
|
||||||
mastodon-pg-db:
|
mastodon-pg-db:
|
||||||
container_name: mastodon-pg-db
|
container_name: mastodon-pg-db
|
||||||
environment:
|
environment:
|
||||||
@@ -3281,9 +3320,8 @@ services:
|
|||||||
container_name: nextcloud
|
container_name: nextcloud
|
||||||
depends_on:
|
depends_on:
|
||||||
mariadb:
|
mariadb:
|
||||||
condition: service_started
|
condition: service_healthy
|
||||||
required: true
|
required: true
|
||||||
restart: true
|
|
||||||
environment:
|
environment:
|
||||||
PGID: 1000
|
PGID: 1000
|
||||||
PUID: 1000
|
PUID: 1000
|
||||||
@@ -3398,9 +3436,8 @@ services:
|
|||||||
container_name: paperless-ngx
|
container_name: paperless-ngx
|
||||||
depends_on:
|
depends_on:
|
||||||
mariadb:
|
mariadb:
|
||||||
condition: service_started
|
condition: service_healthy
|
||||||
required: true
|
required: true
|
||||||
restart: true
|
|
||||||
environment:
|
environment:
|
||||||
PAPERLESS_DBENGINE: mariadb
|
PAPERLESS_DBENGINE: mariadb
|
||||||
PAPERLESS_DBHOST: mariadb
|
PAPERLESS_DBHOST: mariadb
|
||||||
@@ -3455,44 +3492,6 @@ services:
|
|||||||
type: bind
|
type: bind
|
||||||
bind:
|
bind:
|
||||||
create_host_path: true
|
create_host_path: true
|
||||||
pgbackweb:
|
|
||||||
container_name: pgbackweb
|
|
||||||
depends_on:
|
|
||||||
pgbackweb-db:
|
|
||||||
condition: service_healthy
|
|
||||||
environment:
|
|
||||||
PBW_ENCRYPTION_KEY: ${PGBACKWEB_ENCRYPTION_KEY}
|
|
||||||
PBW_POSTGRES_CONN_STRING: "postgresql://pgbackweb:${PGBACKWEB_PG_DB_PASSWD}@pgbackweb-db:5432/pgbackweb?sslmode=disable"
|
|
||||||
TZ: ${TZ}
|
|
||||||
image: eduardolat/pgbackweb:latest
|
|
||||||
labels:
|
|
||||||
homepage.group: System Administration
|
|
||||||
homepage.name: PGBackweb
|
|
||||||
homepage.href: https://pg.${MY_TLD}
|
|
||||||
homepage.icon: sh-pg-back-web.svg
|
|
||||||
homepage.description: Backups for PostgreSQL
|
|
||||||
swag: enable
|
|
||||||
swag_proto: http
|
|
||||||
swag_port: 8085
|
|
||||||
swag_url: pg.${MY_TLD}
|
|
||||||
ports:
|
|
||||||
- "8085:8085" # Access the web interface at http://localhost:8085
|
|
||||||
pgbackweb-db:
|
|
||||||
container_name: pgbackweb-db
|
|
||||||
environment:
|
|
||||||
POSTGRES_USER: pgbackweb
|
|
||||||
POSTGRES_DB: pgbackweb
|
|
||||||
POSTGRES_PASSWORD: ${PGBACKWEB_PG_DB_PASSWD}
|
|
||||||
expose:
|
|
||||||
- 5432
|
|
||||||
healthcheck:
|
|
||||||
test: ["CMD-SHELL", "pg_isready -U postgres"]
|
|
||||||
interval: 5s
|
|
||||||
timeout: 5s
|
|
||||||
retries: 5
|
|
||||||
image: postgres:16-alpine
|
|
||||||
volumes:
|
|
||||||
- pgbackweb-data:/var/lib/postgresql/data
|
|
||||||
plausible:
|
plausible:
|
||||||
command: sh -c "sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh run"
|
command: sh -c "sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh run"
|
||||||
container_name: plausible
|
container_name: plausible
|
||||||
@@ -3963,52 +3962,6 @@ services:
|
|||||||
security_opt:
|
security_opt:
|
||||||
- no-new-privileges=true
|
- no-new-privileges=true
|
||||||
user: nobody
|
user: nobody
|
||||||
rundeck:
|
|
||||||
container_name: rundeck
|
|
||||||
depends_on:
|
|
||||||
rundeck-pg-db:
|
|
||||||
condition: service_started
|
|
||||||
required: true
|
|
||||||
image: rundeck/rundeck:5.8.0
|
|
||||||
environment:
|
|
||||||
RUNDECK_SERVER_ADDRESS: 0.0.0.0
|
|
||||||
RUNDECK_GRAILS_URL: https://rundeck.trez.wtf
|
|
||||||
RUNDECK_SERVER_FORWARDED: true
|
|
||||||
RUNDECK_DATABASE_DRIVER: jdbc:postgresql://rundeck-pg-db/rundeck?autoReconnect=true&useSSL=false&allowPublicKeyRetrieval=true
|
|
||||||
RUNDECK_DATABASE_USERNAME: rundeck
|
|
||||||
RUNDECK_DATABASE_PASSWORD: ${RUNDECK_PG_DB_PASSWD}
|
|
||||||
RUNDECK_MAIL_SMTP_HOST: postal-smtp
|
|
||||||
RUNDECK_MAIL_SMTP_PORT: 25
|
|
||||||
RUNDECK_MAIL_SMTP_USERNAME: ${POSTAL_SMTP_AUTH_USER}
|
|
||||||
RUNDECK_MAIL_SMTP_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
|
|
||||||
RUNDECK_MAIL_FROM: noreply@trez.wtf
|
|
||||||
labels:
|
|
||||||
homepage.group: Code/DevOps
|
|
||||||
homepage.name: Rundeck
|
|
||||||
homepage.icon: rundeck.svg
|
|
||||||
homepage.description: Open-source automation service with a web console, command line tools, and web API
|
|
||||||
swag: enable
|
|
||||||
swag_proto: http
|
|
||||||
swag_port: 4440
|
|
||||||
swag_url: rundeck.${MY_TLD}
|
|
||||||
swag.uptime-kuma.enabled: true
|
|
||||||
swag.uptime-kuma.monitor.url: https://rundeck.${MY_TLD}
|
|
||||||
ports:
|
|
||||||
- 4440:4440
|
|
||||||
restart: unless-stopped
|
|
||||||
volumes:
|
|
||||||
- rundeck-data:/home/rundeck/server/data
|
|
||||||
rundeck-pg-db:
|
|
||||||
container_name: rundeck-pg-db
|
|
||||||
image: postgres:16-alpine
|
|
||||||
expose:
|
|
||||||
- 5432
|
|
||||||
environment:
|
|
||||||
POSTGRES_DB: rundeck
|
|
||||||
POSTGRES_USER: rundeck
|
|
||||||
POSTGRES_PASSWORD: ${RUNDECK_PG_DB_PASSWD}
|
|
||||||
volumes:
|
|
||||||
- rundeck-db-data:/var/lib/postgresql/data
|
|
||||||
sabnzbdvpn:
|
sabnzbdvpn:
|
||||||
cap_add:
|
cap_add:
|
||||||
- NET_ADMIN
|
- NET_ADMIN
|
||||||
@@ -4551,31 +4504,6 @@ services:
|
|||||||
type: bind
|
type: bind
|
||||||
bind:
|
bind:
|
||||||
create_host_path: true
|
create_host_path: true
|
||||||
speedtest-tracker:
|
|
||||||
container_name: speedtest-tracker
|
|
||||||
image: lscr.io/linuxserver/speedtest-tracker:latest
|
|
||||||
environment:
|
|
||||||
PUID: ${PUID}
|
|
||||||
PGID: ${PGID}
|
|
||||||
APP_KEY: ${SPEEDTEST_TRACKER_APP_KEY}
|
|
||||||
DB_CONNECTION: sqlite
|
|
||||||
labels:
|
|
||||||
homepage.name: Speedtest Traccker
|
|
||||||
homepage.group: System Administration
|
|
||||||
homepage.description: Self-hosted internet performance tracking
|
|
||||||
homepage.href: https://speed.${MY_TLD}
|
|
||||||
homepage.icon: speedtest-tracker.png
|
|
||||||
swag: enable
|
|
||||||
swag_proto: http
|
|
||||||
swag_url: speed.${MY_TLD}
|
|
||||||
swag.uptime-kuma.enabled: true
|
|
||||||
swag.uptime-kuma.monitor.url: https://slsk.${MY_TLD}
|
|
||||||
ports:
|
|
||||||
- 47512:80
|
|
||||||
- 62777:443
|
|
||||||
restart: unless-stopped
|
|
||||||
volumes:
|
|
||||||
- ${DOCKER_VOLUME_CONFIG}/speedtest-tracker:/config
|
|
||||||
spotisub:
|
spotisub:
|
||||||
container_name: spotisub
|
container_name: spotisub
|
||||||
environment:
|
environment:
|
||||||
@@ -4731,7 +4659,7 @@ services:
|
|||||||
homepage.group: Lifestyle
|
homepage.group: Lifestyle
|
||||||
homepage.name: Tandoor Recipes
|
homepage.name: Tandoor Recipes
|
||||||
homepage.href: https://recipes.${MY_TLD}
|
homepage.href: https://recipes.${MY_TLD}
|
||||||
homepage.icon: tandoor-recipes.svg
|
homepage.icon: tandoor.svg
|
||||||
homepage.description: Recipes, cookbooks, meal-planning, & grocery lists
|
homepage.description: Recipes, cookbooks, meal-planning, & grocery lists
|
||||||
homepage.widget.type: tandoor
|
homepage.widget.type: tandoor
|
||||||
homepage.widget.url: http://tandoor-recipes:8080
|
homepage.widget.url: http://tandoor-recipes:8080
|
||||||
@@ -6157,9 +6085,8 @@ services:
|
|||||||
container_name: wallabag
|
container_name: wallabag
|
||||||
depends_on:
|
depends_on:
|
||||||
mariadb:
|
mariadb:
|
||||||
condition: service_started
|
condition: service_healthy
|
||||||
required: true
|
required: true
|
||||||
restart: true
|
|
||||||
redis:
|
redis:
|
||||||
condition: service_started
|
condition: service_started
|
||||||
required: true
|
required: true
|
||||||
@@ -6601,32 +6528,6 @@ services:
|
|||||||
published: "8900"
|
published: "8900"
|
||||||
target: 8080
|
target: 8080
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
yacht:
|
|
||||||
container_name: yacht
|
|
||||||
depends_on:
|
|
||||||
docker-socket-proxy:
|
|
||||||
condition: service_started
|
|
||||||
required: true
|
|
||||||
environment:
|
|
||||||
DOCKER_HOST: tcp://dockerproxy:2375
|
|
||||||
image: selfhostedpro/yacht
|
|
||||||
labels:
|
|
||||||
homepage.group: System Administration
|
|
||||||
homepage.name: Yacht
|
|
||||||
homepage.href: https://yacht.${MY_TLD}
|
|
||||||
homepage.icon: yacht.svg
|
|
||||||
homepage.description: Web interface for managing docker containers
|
|
||||||
swag: enable
|
|
||||||
swag_proto: http
|
|
||||||
swag_port: 8000
|
|
||||||
swag_url: yacht.${MY_TLD}
|
|
||||||
swag.uptime-kuma.enabled: true
|
|
||||||
swag.uptime-kuma.monitor.url: https://yacht.${MY_TLD}
|
|
||||||
ports:
|
|
||||||
- 19733:8000
|
|
||||||
restart: unless-stopped
|
|
||||||
volumes:
|
|
||||||
- ${DOCKER_VOLUME_CONFIG}/yacht:/config
|
|
||||||
your_spotify:
|
your_spotify:
|
||||||
container_name: your_spotify
|
container_name: your_spotify
|
||||||
environment:
|
environment:
|
||||||
@@ -7160,6 +7061,8 @@ volumes:
|
|||||||
name: jitsi-web-admin-upload
|
name: jitsi-web-admin-upload
|
||||||
joplin_data:
|
joplin_data:
|
||||||
name: joplin_data
|
name: joplin_data
|
||||||
|
komodo-pg-data:
|
||||||
|
name: komodo-pg-data
|
||||||
lldap_data:
|
lldap_data:
|
||||||
name: lldap_data
|
name: lldap_data
|
||||||
localai_data:
|
localai_data:
|
||||||
@@ -7182,8 +7085,6 @@ volumes:
|
|||||||
name: paperless-ngx-media
|
name: paperless-ngx-media
|
||||||
paperless-ngx-pg:
|
paperless-ngx-pg:
|
||||||
name: paperless-ngx-pg
|
name: paperless-ngx-pg
|
||||||
pgbackweb-data:
|
|
||||||
name: pgbackweb-data
|
|
||||||
plausible-db-data:
|
plausible-db-data:
|
||||||
name: plausible-db-data
|
name: plausible-db-data
|
||||||
plausible-event-data:
|
plausible-event-data:
|
||||||
@@ -7192,10 +7093,6 @@ volumes:
|
|||||||
name: plausible-event-logs
|
name: plausible-event-logs
|
||||||
reactive-resume-pg:
|
reactive-resume-pg:
|
||||||
name: reactive-resume-pg
|
name: reactive-resume-pg
|
||||||
rundeck-data:
|
|
||||||
name: rundeck-data
|
|
||||||
rundeck-db-data:
|
|
||||||
name: rundeck-db-data
|
|
||||||
semaphore_config:
|
semaphore_config:
|
||||||
name: semaphore_config
|
name: semaphore_config
|
||||||
semaphore_data:
|
semaphore_data:
|
||||||
|
|||||||
+842
@@ -0,0 +1,842 @@
|
|||||||
|
# Global Settings
|
||||||
|
COMPOSE_HTTP_TIMEOUT=''
|
||||||
|
DOCKER_GID=''
|
||||||
|
DOCKER_HOSTNAME=''
|
||||||
|
DOCKER_VOLUME_CONFIG=''
|
||||||
|
DOCKER_VOLUME_STORAGE=''
|
||||||
|
PGID=''
|
||||||
|
PUID=''
|
||||||
|
TZ=''
|
||||||
|
MY_TLD=''
|
||||||
|
# END OF DEFAULT SETTINGS
|
||||||
|
|
||||||
|
##
|
||||||
|
## ADDY
|
||||||
|
##
|
||||||
|
ADDY_ANONADDY_ADDITIONAL_USERNAME_LIMIT=''
|
||||||
|
ADDY_ANONADDY_ADMIN_USERNAME=''
|
||||||
|
ADDY_ANONADDY_ALL_DOMAINS=''
|
||||||
|
ADDY_ANONADDY_BANDWIDTH_LIMIT=''
|
||||||
|
ADDY_ANONADDY_DKIM_SELECTOR=''
|
||||||
|
ADDY_ANONADDY_DKIM_SIGNING_KEY=''
|
||||||
|
ADDY_ANONADDY_DNS_RESOLVER=''
|
||||||
|
ADDY_ANONADDY_DOMAIN=''
|
||||||
|
ADDY_ANONADDY_HOSTNAME=''
|
||||||
|
ADDY_ANONADDY_LIMIT=''
|
||||||
|
ADDY_ANONADDY_NEW_ALIAS_LIMIT=''
|
||||||
|
ADDY_ANONADDY_RETURN_PATH=''
|
||||||
|
ADDY_ANONADDY_SECRET=''
|
||||||
|
ADDY_ANONADDY_SIGNING_KEY_FINGERPRINT=''
|
||||||
|
ADDY_APP_KEY=''
|
||||||
|
ADDY_APP_URL=''
|
||||||
|
ADDY_DB_PASSWORD=''
|
||||||
|
ADDY_MAIL_ENCRYPTION=''
|
||||||
|
ADDY_MAIL_FROM_ADDRESS=''
|
||||||
|
ADDY_MAIL_FROM_NAME=''
|
||||||
|
ADDY_POSTFIX_DEBUG=''
|
||||||
|
ADDY_POSTFIX_MESSAGE_SIZE_LIMIT=''
|
||||||
|
ADDY_POSTFIX_RELAYHOST=''
|
||||||
|
ADDY_POSTFIX_RELAYHOST_AUTH_ENABLE=''
|
||||||
|
ADDY_POSTFIX_SMTPD_TLS_CERT_FILE=''
|
||||||
|
ADDY_POSTFIX_SMTPD_TLS_KEY_FILE=''
|
||||||
|
ADDY_POSTFIX_SPAMHAUS_DQS_KEY=''
|
||||||
|
ADDY_REDIS_PASSWORD=''
|
||||||
|
ADDY_RSPAMD_NO_LOCAL_ADDRS=''
|
||||||
|
ADDY_RSPAMD_WEB_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## ADGUARD
|
||||||
|
##
|
||||||
|
ADGUARD_CONTAINER_NAME=''
|
||||||
|
ADGUARD_ENABLED=''
|
||||||
|
ADGUARD_ENVIRONMENT_SERVERIP=''
|
||||||
|
ADGUARD_NETWORK_MODE=''
|
||||||
|
ADGUARD_PORT_3000=''
|
||||||
|
ADGUARD_PORT_443=''
|
||||||
|
ADGUARD_PORT_53=''
|
||||||
|
ADGUARD_PORT_67=''
|
||||||
|
ADGUARD_PORT_68=''
|
||||||
|
ADGUARD_PORT_80=''
|
||||||
|
ADGUARD_PORT_853=''
|
||||||
|
ADGUARD_RESTART=''
|
||||||
|
ADGUARD_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## ADGUARD
|
||||||
|
##
|
||||||
|
ADGUARD_CF_TUNNEL_PASSWORD=''
|
||||||
|
ADGUARD_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## ANYTHINGLLM
|
||||||
|
##
|
||||||
|
ANYTHINGLLM_JWT_SECRET=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## APPRISE
|
||||||
|
##
|
||||||
|
APPRISE_CONTAINER_NAME=''
|
||||||
|
APPRISE_ENABLED=''
|
||||||
|
APPRISE_NETWORK_MODE=''
|
||||||
|
APPRISE_PORT_8000=''
|
||||||
|
APPRISE_RESTART=''
|
||||||
|
APPRISE_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## AUDIOBOOKSHELF
|
||||||
|
##
|
||||||
|
AUDIOBOOKSHELF_CONTAINER_NAME=''
|
||||||
|
AUDIOBOOKSHELF_ENABLED=''
|
||||||
|
AUDIOBOOKSHELF_NETWORK_MODE=''
|
||||||
|
AUDIOBOOKSHELF_PORT_80=''
|
||||||
|
AUDIOBOOKSHELF_RESTART=''
|
||||||
|
AUDIOBOOKSHELF_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## AUDIOBOOKSHELF
|
||||||
|
##
|
||||||
|
AUDIOBOOKSHELF_ROOT_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## AUTHELIA
|
||||||
|
##
|
||||||
|
AUTHELIA_AUTH_BIND_LDAP_PASSWORD=''
|
||||||
|
AUTHELIA_JWT_SECRET=''
|
||||||
|
AUTHELIA_SESSION_SECRET=''
|
||||||
|
AUTHELIA_STORAGE_ENCRYPTION_KEY=''
|
||||||
|
AUTHELIA_STORAGE_POSTGRES_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## BAZARR
|
||||||
|
##
|
||||||
|
BAZARR_CONTAINER_NAME=''
|
||||||
|
BAZARR_ENABLED=''
|
||||||
|
BAZARR_NETWORK_MODE=''
|
||||||
|
BAZARR_PORT_6767=''
|
||||||
|
BAZARR_RESTART=''
|
||||||
|
BAZARR_TAG=''
|
||||||
|
BAZARR_API_KEY=''
|
||||||
|
##
|
||||||
|
## BITMAGNET
|
||||||
|
##
|
||||||
|
BITMAGNET_POSTGRESQL_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## BITWARDEN
|
||||||
|
##
|
||||||
|
BITWARDEN_CONTAINER_NAME=''
|
||||||
|
BITWARDEN_ENABLED=''
|
||||||
|
BITWARDEN_ENVIRONMENT_ADMIN_TOKEN=''
|
||||||
|
BITWARDEN_ENVIRONMENT_DATABASE_URL=''
|
||||||
|
BITWARDEN_ENVIRONMENT_DISABLE_ADMIN_TOKEN=''
|
||||||
|
BITWARDEN_ENVIRONMENT_DOMAIN=''
|
||||||
|
BITWARDEN_ENVIRONMENT_ENABLE_DB_WAL=''
|
||||||
|
BITWARDEN_ENVIRONMENT_INVITATIONS_ALLOWED=''
|
||||||
|
BITWARDEN_ENVIRONMENT_SHOW_PASSWORD_HINT=''
|
||||||
|
BITWARDEN_ENVIRONMENT_SIGNUPS_ALLOWED=''
|
||||||
|
BITWARDEN_ENVIRONMENT_SIGNUPS_VERIFY=''
|
||||||
|
BITWARDEN_ENVIRONMENT_WEBSOCKET_ENABLE=''
|
||||||
|
BITWARDEN_NETWORK_MODE=''
|
||||||
|
BITWARDEN_PORT_3012=''
|
||||||
|
BITWARDEN_PORT_80=''
|
||||||
|
BITWARDEN_RESTART=''
|
||||||
|
BITWARDEN_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## CHROMIUM
|
||||||
|
##
|
||||||
|
CHROMIUM_TOKEN=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## CLOUDFLARE
|
||||||
|
##
|
||||||
|
CLOUDFLARE_ACCOUNT_ID=''
|
||||||
|
CLOUDFLARE_DNS_API_TOKEN=''
|
||||||
|
CLOUDFLARE_ZONE_ID=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## CLOUDFLAREDDNS
|
||||||
|
##
|
||||||
|
CLOUDFLAREDDNS_CONTAINER_NAME=''
|
||||||
|
CLOUDFLAREDDNS_ENABLED=''
|
||||||
|
CLOUDFLAREDDNS_ENVIRONMENT_APIKEY=''
|
||||||
|
CLOUDFLAREDDNS_ENVIRONMENT_APITOKEN=''
|
||||||
|
CLOUDFLAREDDNS_ENVIRONMENT_ARGS=''
|
||||||
|
CLOUDFLAREDDNS_ENVIRONMENT_DETECTION_MODE=''
|
||||||
|
CLOUDFLAREDDNS_ENVIRONMENT_HOSTS=''
|
||||||
|
CLOUDFLAREDDNS_ENVIRONMENT_INTERVAL=''
|
||||||
|
CLOUDFLAREDDNS_ENVIRONMENT_LOG_LEVEL=''
|
||||||
|
CLOUDFLAREDDNS_ENVIRONMENT_RECORDTYPES=''
|
||||||
|
CLOUDFLAREDDNS_ENVIRONMENT_USER=''
|
||||||
|
CLOUDFLAREDDNS_ENVIRONMENT_ZONES=''
|
||||||
|
CLOUDFLAREDDNS_RESTART=''
|
||||||
|
CLOUDFLAREDDNS_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## CROWDSEC
|
||||||
|
##
|
||||||
|
CROWDSEC_API_KEY=''
|
||||||
|
CROWDSEC_LOCAL_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## DELUGEVPN
|
||||||
|
##
|
||||||
|
DELUGEVPN_CONTAINER_NAME=''
|
||||||
|
DELUGEVPN_ENABLED=''
|
||||||
|
DELUGEVPN_ENVIRONMENT_ENABLE_PRIVOXY=''
|
||||||
|
DELUGEVPN_ENVIRONMENT_LAN_NETWORK=''
|
||||||
|
DELUGEVPN_ENVIRONMENT_NAME_SERVERS=''
|
||||||
|
DELUGEVPN_ENVIRONMENT_VPN_CLIENT=''
|
||||||
|
DELUGEVPN_ENVIRONMENT_VPN_ENABLE=''
|
||||||
|
DELUGEVPN_ENVIRONMENT_VPN_INPUT_PORTS=''
|
||||||
|
DELUGEVPN_ENVIRONMENT_VPN_OPTIONS=''
|
||||||
|
DELUGEVPN_ENVIRONMENT_VPN_OUTPUT_PORTS=''
|
||||||
|
DELUGEVPN_ENVIRONMENT_VPN_PASS=''
|
||||||
|
DELUGEVPN_ENVIRONMENT_VPN_PROV=''
|
||||||
|
DELUGEVPN_ENVIRONMENT_VPN_USER=''
|
||||||
|
DELUGEVPN_NETWORK_MODE=''
|
||||||
|
DELUGEVPN_PORT_58846=''
|
||||||
|
DELUGEVPN_PORT_58946=''
|
||||||
|
DELUGEVPN_PORT_8112=''
|
||||||
|
DELUGEVPN_PORT_8118=''
|
||||||
|
DELUGEVPN_RESTART=''
|
||||||
|
DELUGEVPN_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## DELUGEVPN
|
||||||
|
##
|
||||||
|
DELUGEVPN_PASSWORD=''
|
||||||
|
DELUGEVPN_PORT_51413=''
|
||||||
|
DELUGEVPN_PORT_6881=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## DUPLICATI
|
||||||
|
##
|
||||||
|
DUPLICATI_CONTAINER_NAME=''
|
||||||
|
DUPLICATI_ENABLED=''
|
||||||
|
DUPLICATI_NETWORK_MODE=''
|
||||||
|
DUPLICATI_PORT_8200=''
|
||||||
|
DUPLICATI_RESTART=''
|
||||||
|
DUPLICATI_TAG=''
|
||||||
|
DUPLICATI_VOLUME_BACKUPSDIR=''
|
||||||
|
DUPLICATI_VOLUME_SOURCEDIR=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## DUPLICATI
|
||||||
|
##
|
||||||
|
DUPLICATI_CF_TUNNEL_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## EMBY
|
||||||
|
##
|
||||||
|
EMBY_CONTAINER_NAME=''
|
||||||
|
EMBY_ENABLED=''
|
||||||
|
EMBY_NETWORK_MODE=''
|
||||||
|
EMBY_PORT_8096=''
|
||||||
|
EMBY_PORT_8920=''
|
||||||
|
EMBY_RESTART=''
|
||||||
|
EMBY_TAG=''
|
||||||
|
EMBY_VOLUME_TRANSCODEDIR=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## EMBY
|
||||||
|
##
|
||||||
|
EMBY_HOMEPAGE_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## FLARESOLVERR
|
||||||
|
##
|
||||||
|
FLARESOLVERR_CONTAINER_NAME=''
|
||||||
|
FLARESOLVERR_ENABLED=''
|
||||||
|
FLARESOLVERR_ENVIRONMENT_CAPTCHA_SOLVER=''
|
||||||
|
FLARESOLVERR_ENVIRONMENT_LOG_HTML=''
|
||||||
|
FLARESOLVERR_ENVIRONMENT_LOG_LEVEL=''
|
||||||
|
FLARESOLVERR_NETWORK_MODE=''
|
||||||
|
FLARESOLVERR_PORT_8191=''
|
||||||
|
FLARESOLVERR_RESTART=''
|
||||||
|
FLARESOLVERR_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## GHOST
|
||||||
|
##
|
||||||
|
GHOST_DB_PASSWORD=''
|
||||||
|
GHOST_DB_USER=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## GITEA
|
||||||
|
##
|
||||||
|
GITEA_HOMEPAGE_API_KEY=''
|
||||||
|
GITEA_PG_DB_PASSWORD=''
|
||||||
|
GITEA_RUNNER_REGISTRATION_TOKEN=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## GLUETUN
|
||||||
|
##
|
||||||
|
GLUETUN_SERVER_REGIONS=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## GOTIFY
|
||||||
|
##
|
||||||
|
GOTIFY_HOMEPAGE_CLIENT_KEY=''
|
||||||
|
GOTIFY_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## GRAFANA
|
||||||
|
##
|
||||||
|
GRAFANA_CONTAINER_NAME=''
|
||||||
|
GRAFANA_ENABLED=''
|
||||||
|
GRAFANA_ENVIRONMENT_GF_INSTALL_PLUGINS=''
|
||||||
|
GRAFANA_NETWORK_MODE=''
|
||||||
|
GRAFANA_PORT_3000=''
|
||||||
|
GRAFANA_RESTART=''
|
||||||
|
GRAFANA_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## GRAFANA
|
||||||
|
##
|
||||||
|
GRAFANA_ADMIN_PASSWORD=''
|
||||||
|
GRAFANA_MIMIR_HTTP_AUTH_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## GUID
|
||||||
|
##
|
||||||
|
GUID=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## HORTUSFOX
|
||||||
|
##
|
||||||
|
HORTUSFOX_ADMIN_PASSWORD=''
|
||||||
|
HORTUSFOX_DB_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## HUGINN
|
||||||
|
##
|
||||||
|
HUGINN_CONTAINER_NAME=''
|
||||||
|
HUGINN_ENABLED=''
|
||||||
|
HUGINN_ENVIRONMENT_DATABASE_HOST=''
|
||||||
|
HUGINN_ENVIRONMENT_DATABASE_NAME=''
|
||||||
|
HUGINN_ENVIRONMENT_DATABASE_PASSWORD=''
|
||||||
|
HUGINN_ENVIRONMENT_DATABASE_PORT=''
|
||||||
|
HUGINN_ENVIRONMENT_DATABASE_USERNAME=''
|
||||||
|
HUGINN_NETWORK_MODE=''
|
||||||
|
HUGINN_PORT_3000=''
|
||||||
|
HUGINN_RESTART=''
|
||||||
|
HUGINN_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## IN
|
||||||
|
##
|
||||||
|
IN_APP_KEY=''
|
||||||
|
IN_MYSQL_PASSWORD=''
|
||||||
|
IN_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## JAN
|
||||||
|
##
|
||||||
|
JAN_AI_S3_ACCESS_KEY=''
|
||||||
|
JAN_AI_S3_SECRET_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## JITSI
|
||||||
|
##
|
||||||
|
JITSI__ADMIN_DB_PASSWORD=''
|
||||||
|
JITSI__ADMIN_JWT_SECRET=''
|
||||||
|
JITSI__ETHERPAD_DEFAULT_PAD_TEXT=''
|
||||||
|
JITSI__ETHERPAD_SKIN_NAME=''
|
||||||
|
JITSI__ETHERPAD_SKIN_VARIANTS=''
|
||||||
|
JITSI__ETHERPAD_TITLE=''
|
||||||
|
JITSI__ETHERPAD_URL_BASE=''
|
||||||
|
JITSI__HTTP_PORT=''
|
||||||
|
JITSI__HTTPS_PORT=''
|
||||||
|
JITSI__JIBRI_RECORDER_PASSWORD=''
|
||||||
|
JITSI__JIBRI_XMPP_PASSWORD=''
|
||||||
|
JITSI__JICOFO_AUTH_PASSWORD=''
|
||||||
|
JITSI__JIGAGI_SIP_PASSWORD=''
|
||||||
|
JITSI__JIGAGI_SIP_PORT=''
|
||||||
|
JITSI__JIGAGI_SIP_SERVER=''
|
||||||
|
JITSI__JIGAGI_SIP_TRANSPORT=''
|
||||||
|
JITSI__JIGAGI_SIP_URI=''
|
||||||
|
JITSI__JIGASI_XMPP_PASSWORD=''
|
||||||
|
JITSI__JVB_AUTH_PASSWORD=''
|
||||||
|
JITSI__PUBLIC_URL=''
|
||||||
|
JITSI__SIP_URI=''
|
||||||
|
JITSI__TZ=''
|
||||||
|
JITSI__WEBSOCKET_SECRET=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## JOPLIN
|
||||||
|
##
|
||||||
|
JOPLIN_APP_BASE_URL=''
|
||||||
|
JOPLIN_APP_PORT=''
|
||||||
|
JOPLIN_POSTGRES_DATABASE=''
|
||||||
|
JOPLIN_POSTGRES_PASSWORD=''
|
||||||
|
JOPLIN_POSTGRES_PORT=''
|
||||||
|
JOPLIN_POSTGRES_USER=''
|
||||||
|
JOPLIN_S3_ACCESS_KEY=''
|
||||||
|
JOPLIN_S3_SECRET_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## KEYCLOAK
|
||||||
|
##
|
||||||
|
KEYCLOAK_ADMIN_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## LAN
|
||||||
|
##
|
||||||
|
LAN_NETWORK=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## LASTFM
|
||||||
|
##
|
||||||
|
LASTFM_API_KEY=''
|
||||||
|
LASTFM_API_SECRET=''
|
||||||
|
LASTFM_PASSWORD=''
|
||||||
|
LASTFM_USERNAME=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## LIBRESPEED
|
||||||
|
##
|
||||||
|
LIBRESPEED_CONTAINER_NAME=''
|
||||||
|
LIBRESPEED_ENABLED=''
|
||||||
|
LIBRESPEED_ENVIRONMENT_DB_HOSTNAME=''
|
||||||
|
LIBRESPEED_ENVIRONMENT_DB_NAME=''
|
||||||
|
LIBRESPEED_ENVIRONMENT_DB_PASSWORD=''
|
||||||
|
LIBRESPEED_ENVIRONMENT_DB_TYPE=''
|
||||||
|
LIBRESPEED_ENVIRONMENT_DB_USERNAME=''
|
||||||
|
LIBRESPEED_ENVIRONMENT_PASSWORD=''
|
||||||
|
LIBRESPEED_NETWORK_MODE=''
|
||||||
|
LIBRESPEED_PORT_80=''
|
||||||
|
LIBRESPEED_RESTART=''
|
||||||
|
LIBRESPEED_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## LIDARR
|
||||||
|
##
|
||||||
|
LIDARR_CONTAINER_NAME=''
|
||||||
|
LIDARR_ENABLED=''
|
||||||
|
LIDARR_NETWORK_MODE=''
|
||||||
|
LIDARR_PORT_8686=''
|
||||||
|
LIDARR_RESTART=''
|
||||||
|
LIDARR_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## LIDARR
|
||||||
|
##
|
||||||
|
LIDARR_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## LLDAP
|
||||||
|
##
|
||||||
|
LLDAP_JWT_SECRET=''
|
||||||
|
LLDAP_KEY_SEED=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## LOCALAI
|
||||||
|
##
|
||||||
|
LOCALAI_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## MALOJA
|
||||||
|
##
|
||||||
|
MALOJA_FORCE_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## MARIADB
|
||||||
|
##
|
||||||
|
MARIADB_CONTAINER_NAME=''
|
||||||
|
MARIADB_ENABLED=''
|
||||||
|
MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD=''
|
||||||
|
MARIADB_NETWORK_MODE=''
|
||||||
|
MARIADB_PORT_3306=''
|
||||||
|
MARIADB_RESTART=''
|
||||||
|
MARIADB_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## MATTERMOST
|
||||||
|
##
|
||||||
|
MATTERMOST_AWS_S3_ACCESSKEY=''
|
||||||
|
MATTERMOST_AWS_S3_SECRETKEY=''
|
||||||
|
MATTERMOST_POSTGRES_CONNECTION_URI=''
|
||||||
|
MATTERMOST_POSTGRES_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## MAYBE
|
||||||
|
##
|
||||||
|
MAYBE_POSTGRES_PASSWORD=''
|
||||||
|
MAYBE_SECRET_KEY_BASE=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## MEDUSAJS
|
||||||
|
##
|
||||||
|
MEDUSAJS_COOKIE_SECRET=''
|
||||||
|
MEDUSAJS_JWT_TOKEN=''
|
||||||
|
MEDUSAJS_POSTGRES_PASSWORD=''
|
||||||
|
MEDUSAJS_S3_ACCESS_KEY=''
|
||||||
|
MEDUSAJS_S3_SECRET_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## MINIO
|
||||||
|
##
|
||||||
|
MINIO_MIMIR_STORAGE_ACCESS_KEY=''
|
||||||
|
MINIO_MIMIR_STORAGE_SECRET_KEY=''
|
||||||
|
MINIO_ROOT_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## MONGO
|
||||||
|
##
|
||||||
|
MONGO_INITDB_ROOT_PASSWORD=''
|
||||||
|
MONGO_INITDB_ROOT_USERNAME=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## NAVIDROME
|
||||||
|
##
|
||||||
|
NAVIDROME_PASSWORD=''
|
||||||
|
NAVIDROME_USERNAME=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## NEXTCLOUD
|
||||||
|
##
|
||||||
|
NEXTCLOUD_CONTAINER_NAME=''
|
||||||
|
NEXTCLOUD_ENABLED=''
|
||||||
|
NEXTCLOUD_NETWORK_MODE=''
|
||||||
|
NEXTCLOUD_PORT_443=''
|
||||||
|
NEXTCLOUD_RESTART=''
|
||||||
|
NEXTCLOUD_TAG=''
|
||||||
|
NEXTCLOUD_VOLUME_DATADIR=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## OMBI
|
||||||
|
##
|
||||||
|
OMBI_CONTAINER_NAME=''
|
||||||
|
OMBI_ENABLED=''
|
||||||
|
OMBI_NETWORK_MODE=''
|
||||||
|
OMBI_PORT_3579=''
|
||||||
|
OMBI_RESTART=''
|
||||||
|
OMBI_TAG=''
|
||||||
|
OMBI_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## OPENGIST
|
||||||
|
##
|
||||||
|
OPENGIST_GITEA_CLIENT_KEY=''
|
||||||
|
OPENGIST_GITEA_SECRET=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## PAPERLESS
|
||||||
|
##
|
||||||
|
PAPERLESS_DBPASS=''
|
||||||
|
PAPERLESS_SECRET_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## PLAUSIBLE
|
||||||
|
##
|
||||||
|
PLAUSIBLE_PG_PASSWORD=''
|
||||||
|
PLAUSIBLE_SECRET_KEY_BASE=''
|
||||||
|
PLAUSIBLE_TOTP_VAULT_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## PODINDEX
|
||||||
|
##
|
||||||
|
PODINDEX_API_KEY=''
|
||||||
|
PODINDEX_API_SECRET=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## PORTAINER
|
||||||
|
##
|
||||||
|
PORTAINER_CONTAINER_NAME=''
|
||||||
|
PORTAINER_ENABLED=''
|
||||||
|
PORTAINER_NETWORK_MODE=''
|
||||||
|
PORTAINER_PORT_9000=''
|
||||||
|
PORTAINER_RESTART=''
|
||||||
|
PORTAINER_TAG=''
|
||||||
|
PORTAINER_VOLUME_DOCKER_SOCKET=''
|
||||||
|
PORTAINER_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## POSTAL
|
||||||
|
##
|
||||||
|
POSTAL_MYSQL_PASSWORD=''
|
||||||
|
POSTAL_SMTP_AUTH_PASSWORD=''
|
||||||
|
POSTAL_SMTP_AUTH_USER=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## POSTGRES
|
||||||
|
##
|
||||||
|
POSTGRES_HOST=''
|
||||||
|
POSTGRES_PASSWORD=''
|
||||||
|
POSTGRES_USER=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## PROWLARR
|
||||||
|
##
|
||||||
|
PROWLARR_CONTAINER_NAME=''
|
||||||
|
PROWLARR_ENABLED=''
|
||||||
|
PROWLARR_NETWORK_MODE=''
|
||||||
|
PROWLARR_PORT_9696=''
|
||||||
|
PROWLARR_RESTART=''
|
||||||
|
PROWLARR_TAG=''
|
||||||
|
PROWLARR_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## RADARR
|
||||||
|
##
|
||||||
|
RADARR_CONTAINER_NAME=''
|
||||||
|
RADARR_ENABLED=''
|
||||||
|
RADARR_NETWORK_MODE=''
|
||||||
|
RADARR_PORT_7878=''
|
||||||
|
RADARR_RESTART=''
|
||||||
|
RADARR_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## RADARR
|
||||||
|
##
|
||||||
|
RADARR_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## REACTIVE
|
||||||
|
##
|
||||||
|
REACTIVE_RESUME_ACCESS_TOKEN_SECRET=''
|
||||||
|
REACTIVE_RESUME_PGSQL_PASSWORD=''
|
||||||
|
REACTIVE_RESUME_REFRESH_TOKEN_SECRET=''
|
||||||
|
REACTIVE_RESUME_S3_ACCESS_KEY=''
|
||||||
|
REACTIVE_RESUME_S3_SECRET_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## READARR
|
||||||
|
##
|
||||||
|
READARR_CONTAINER_NAME=''
|
||||||
|
READARR_ENABLED=''
|
||||||
|
READARR_NETWORK_MODE=''
|
||||||
|
READARR_PORT_8787=''
|
||||||
|
READARR_RESTART=''
|
||||||
|
READARR_TAG=''
|
||||||
|
READARR_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## REMMINA
|
||||||
|
##
|
||||||
|
REMMINA_CF_TUNNEL_ID=''
|
||||||
|
REMMINA_CF_TUNNEL_PASSWORD=''
|
||||||
|
REMMINA_USER_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## RUSTDESK
|
||||||
|
##
|
||||||
|
RUSTDESK_CUSTOM_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## SABNZBDVPN
|
||||||
|
##
|
||||||
|
SABNZBDVPN_CONTAINER_NAME=''
|
||||||
|
SABNZBDVPN_ENABLED=''
|
||||||
|
SABNZBDVPN_ENVIRONMENT_ENABLE_PRIVOXY=''
|
||||||
|
SABNZBDVPN_ENVIRONMENT_LAN_NETWORK=''
|
||||||
|
SABNZBDVPN_ENVIRONMENT_NAME_SERVERS=''
|
||||||
|
SABNZBDVPN_ENVIRONMENT_VPN_CLIENT=''
|
||||||
|
SABNZBDVPN_ENVIRONMENT_VPN_ENABLE=''
|
||||||
|
SABNZBDVPN_ENVIRONMENT_VPN_INPUT_PORTS=''
|
||||||
|
SABNZBDVPN_ENVIRONMENT_VPN_OPTIONS=''
|
||||||
|
SABNZBDVPN_ENVIRONMENT_VPN_OUTPUT_PORTS=''
|
||||||
|
SABNZBDVPN_ENVIRONMENT_VPN_PASS=''
|
||||||
|
SABNZBDVPN_ENVIRONMENT_VPN_PROV=''
|
||||||
|
SABNZBDVPN_ENVIRONMENT_VPN_USER=''
|
||||||
|
SABNZBDVPN_NETWORK_MODE=''
|
||||||
|
SABNZBDVPN_PORT_8080=''
|
||||||
|
SABNZBDVPN_PORT_8090=''
|
||||||
|
SABNZBDVPN_PORT_8118=''
|
||||||
|
SABNZBDVPN_RESTART=''
|
||||||
|
SABNZBDVPN_TAG=''
|
||||||
|
SABNZBDVPN_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## SCRAPERR
|
||||||
|
##
|
||||||
|
SCRAPERR_SECRET_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## SCRUTINY
|
||||||
|
##
|
||||||
|
SCRUTINY_CF_TUNNEL_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## SEARXNG
|
||||||
|
##
|
||||||
|
SEARXNG_BASE_URL=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## SLSKD
|
||||||
|
##
|
||||||
|
SLSKD_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## SONARQUBE
|
||||||
|
##
|
||||||
|
SONARQUBE_POSTGRES_PASSWORD=''
|
||||||
|
SONARQUBE_LDAP_BIND_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## SONARR
|
||||||
|
##
|
||||||
|
SONARR_CONTAINER_NAME=''
|
||||||
|
SONARR_ENABLED=''
|
||||||
|
SONARR_NETWORK_MODE=''
|
||||||
|
SONARR_PORT_8989=''
|
||||||
|
SONARR_RESTART=''
|
||||||
|
SONARR_TAG=''
|
||||||
|
SONARR_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## SWAG
|
||||||
|
##
|
||||||
|
SWAG_CONTAINER_NAME=''
|
||||||
|
SWAG_ENABLED=''
|
||||||
|
SWAG_ENVIRONMENT_DNSPLUGIN=''
|
||||||
|
SWAG_ENVIRONMENT_EMAIL=''
|
||||||
|
SWAG_ENVIRONMENT_EXTRA_DOMAINS=''
|
||||||
|
SWAG_ENVIRONMENT_ONLY_SUBDOMAINS=''
|
||||||
|
SWAG_ENVIRONMENT_SUBDOMAINS=''
|
||||||
|
SWAG_ENVIRONMENT_URL=''
|
||||||
|
SWAG_ENVIRONMENT_VALIDATION=''
|
||||||
|
SWAG_NETWORK_MODE=''
|
||||||
|
SWAG_PORT_443=''
|
||||||
|
SWAG_PORT_80=''
|
||||||
|
SWAG_RESTART=''
|
||||||
|
SWAG_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## SWAG
|
||||||
|
##
|
||||||
|
SWAG_CF_TUNNEL_ID=''
|
||||||
|
SWAG_CF_TUNNEL_PASSWORD=''
|
||||||
|
SWAG_DUCKDNSTOKEN=''
|
||||||
|
SWAG_MAXMINDDB_LICENSE_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## TANDOOR
|
||||||
|
##
|
||||||
|
TANDOOR_API_TOKEN=''
|
||||||
|
TANDOOR_POSTGRES_PASSWORD=''
|
||||||
|
TANDOOR_SECRET_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## TMDB
|
||||||
|
##
|
||||||
|
TMDB_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## TRACCAR
|
||||||
|
##
|
||||||
|
TRACCAR_POSTGRES_DATABASE=''
|
||||||
|
TRACCAR_POSTGRES_PASSWORD=''
|
||||||
|
TRACCAR_POSTGRES_USER=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## UPTIME
|
||||||
|
##
|
||||||
|
UPTIME_KUMA_PASSWORD=''
|
||||||
|
UPTIME_KUMA_USERNAME=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## UPTIMEKUMA
|
||||||
|
##
|
||||||
|
UPTIMEKUMA_CONTAINER_NAME=''
|
||||||
|
UPTIMEKUMA_ENABLED=''
|
||||||
|
UPTIMEKUMA_NETWORK_MODE=''
|
||||||
|
UPTIMEKUMA_PORT_3001=''
|
||||||
|
UPTIMEKUMA_RESTART=''
|
||||||
|
UPTIMEKUMA_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## VAULT
|
||||||
|
##
|
||||||
|
VAULT_HASHICORP_AWS_ACCESS_KEY_ID=''
|
||||||
|
VAULT_HASHICORP_AWS_SECRET_ACCESS_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## VIRUS
|
||||||
|
##
|
||||||
|
VIRUS_TOTAL_API_KEY=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## WALLABAG
|
||||||
|
##
|
||||||
|
WALLABAG_DB=''
|
||||||
|
WALLABAG_DB_PASSWORD=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## WATCHTOWER
|
||||||
|
##
|
||||||
|
WATCHTOWER_CONTAINER_NAME=''
|
||||||
|
WATCHTOWER_ENABLED=''
|
||||||
|
WATCHTOWER_ENVIRONMENT_CLEANUP=''
|
||||||
|
WATCHTOWER_ENVIRONMENT_INCLUDE_STOPPED=''
|
||||||
|
WATCHTOWER_ENVIRONMENT_MONITOR_ONLY=''
|
||||||
|
WATCHTOWER_ENVIRONMENT_NOTIFICATION_TEMPLATE=''
|
||||||
|
WATCHTOWER_ENVIRONMENT_NOTIFICATION_URL=''
|
||||||
|
WATCHTOWER_ENVIRONMENT_NOTIFICATIONS=''
|
||||||
|
WATCHTOWER_ENVIRONMENT_NOTIFICATIONS_LEVEL=''
|
||||||
|
WATCHTOWER_ENVIRONMENT_REPO_PASS=''
|
||||||
|
WATCHTOWER_ENVIRONMENT_REPO_USER=''
|
||||||
|
WATCHTOWER_ENVIRONMENT_SCHEDULE=''
|
||||||
|
WATCHTOWER_ENVIRONMENT_TIMEOUT=''
|
||||||
|
WATCHTOWER_NETWORK_MODE=''
|
||||||
|
WATCHTOWER_RESTART=''
|
||||||
|
WATCHTOWER_TAG=''
|
||||||
|
WATCHTOWER_VOLUME_DOCKER_SOCKET=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## WATCHTOWER
|
||||||
|
##
|
||||||
|
WATCHTOWER_HTTP_API_TOKEN=''
|
||||||
|
WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY=''
|
||||||
|
WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN=''
|
||||||
|
WATCHTOWER_NOTIFICATION_GOTIFY_URL=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## WAZUH
|
||||||
|
##
|
||||||
|
WAZUH_API_PASSWORD=''
|
||||||
|
WAZUH_INDEXER_PASSWORD=''
|
||||||
|
WAZUH_KIBANA_PASSWORD=''
|
||||||
|
WAZUH_VERSION=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## YOUR
|
||||||
|
##
|
||||||
|
YOUR_SPOTIFY_ID=''
|
||||||
|
YOUR_SPOTIFY_PORT_443=''
|
||||||
|
YOUR_SPOTIFY_PORT_80=''
|
||||||
|
YOUR_SPOTIFY_SECRET=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## YOUTUBEDL
|
||||||
|
##
|
||||||
|
YOUTUBEDL_CONTAINER_NAME=''
|
||||||
|
YOUTUBEDL_ENABLED=''
|
||||||
|
YOUTUBEDL_ENVIRONMENT_CONFIG_PATH=''
|
||||||
|
YOUTUBEDL_ENVIRONMENT_DEBUG=''
|
||||||
|
YOUTUBEDL_NETWORK_MODE=''
|
||||||
|
YOUTUBEDL_PORT_8080=''
|
||||||
|
YOUTUBEDL_RESTART=''
|
||||||
|
YOUTUBEDL_TAG=''
|
||||||
|
|
||||||
|
##
|
||||||
|
## ZAMMAD
|
||||||
|
##
|
||||||
|
ZAMMAD_ELASTICSEARCH_VERSION=''
|
||||||
|
ZAMMAD_IMAGE_REPO=''
|
||||||
|
ZAMMAD_MEMCACHE_SERVERS=''
|
||||||
|
ZAMMAD_MEMCACHE_VERSION=''
|
||||||
|
ZAMMAD_POSTGRES_DB=''
|
||||||
|
ZAMMAD_POSTGRES_HOST=''
|
||||||
|
ZAMMAD_POSTGRES_PASS=''
|
||||||
|
ZAMMAD_POSTGRES_PORT=''
|
||||||
|
ZAMMAD_POSTGRES_USER=''
|
||||||
|
ZAMMAD_POSTGRES_VERSION=''
|
||||||
|
ZAMMAD_POSTGRESQL_OPTIONS=''
|
||||||
|
ZAMMAD_REDIS_URL=''
|
||||||
|
ZAMMAD_REDIS_VERSION=''
|
||||||
|
ZAMMAD_RESTART=''
|
||||||
|
ZAMMAD_S3_ACCESS_KEY=''
|
||||||
|
ZAMMAD_S3_SECRET_KEY=''
|
||||||
|
ZAMMAD_VERSION=''
|
||||||
Reference in New Issue
Block a user