Updating HC Vault token.

2025-03-20 21:55:40 -04:00 · 2025-03-20 21:41:42 -04:00 · 2025-03-20 21:41:16 -04:00 · 2025-03-20 20:44:52 -04:00 · 2025-03-20 20:43:36 -04:00 · 2025-03-20 09:34:08 -04:00
6 changed files with 83 additions and 80 deletions
@@ -139,6 +139,7 @@
 | speedtest-tracker | lscr.io/linuxserver/speedtest-tracker:latest |
 | stable-diffusion-download | git.trez.wtf/trez.one/stable-diffusion-download:v9.0.0 |
 | stable-diffusion-webui | git.trez.wtf/trez.one/stable-diffusion-ui:v9.0.1 |
+| stirling-pdf | docker.stirlingpdf.com/stirlingtools/stirling-pdf:latest |
 | swag | lscr.io/linuxserver/swag:latest |
 | tandoor | vabene1111/recipes |
 | tandoor-pg | postgres:16-alpine |
@@ -36,7 +36,8 @@ webauthn:
  timeout: 60s
  display_name: Authelia
  attestation_conveyance_preference: indirect
-  user_verification: preferred
+  selection_criteria:
+    user_verification: preferred
 ntp:
  address: "time.cloudflare.com:123"
  version: 4
@@ -143,11 +144,8 @@ identity_providers:
  oidc:
    hmac_secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_OIDC_HMAC_SECRET'] }}'
    jwks:
-      key_id: 'netbird'
-      key: |
-        {{ lookup("community.hashi_vault.vault_kv2_get", "env", engine_mount_point="rinoa-docker", url=vault_addr, token=vault_token_cleaned)["secret"]["AUTHELIA_OIDC_JWKS_KEY"] | replace("\\n", "\n") | indent(8) }}
-      certificate_chain: |
-        {{ lookup("community.hashi_vault.vault_kv2_get", "env", engine_mount_point="rinoa-docker", url=vault_addr, token=vault_token_cleaned)["secret"]["AUTHELIA_OIDC_JWKS_CERT_CHAIN"] | replace("\\n", "\n") | indent(8) }}
+      - key: |
+          {{ lookup("community.hashi_vault.vault_kv2_get", "env", engine_mount_point="rinoa-docker", url=vault_addr, token=vault_token_cleaned)["secret"]["AUTHELIA_OIDC_JWKS_KEY"] | replace("\\n", "\n") | indent(10) }}
    cors:
      allowed_origins_from_client_redirect_uris: true
      endpoints:
@@ -0,0 +1,41 @@
+{% set vault_addr = 'https://vault.trez.wtf' %}
+{% set secrets_path = 'rinoa-docker/env' %}
+
+{
+  "url": "blog.trez.wtf",
+  "database": {
+    "client": "mysql",
+    "connection": {
+      "host"     : "mariadb",
+      "user"     : "ghost",
+      "password" : "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GHOST_DB_PASSWORD'] }}",
+      "database" : "ghost"
+    }
+  },
+  "mail": {
+    "from": "'Ghost @ Rinoa' <noreply@trez.wtf>"
+    "transport": "SMTP",
+    "options": {
+      "host": "postal-smtp",
+      "port": 25,
+      "secure": false,
+      "auth": {
+        "user": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }}",
+        "pass": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}"
+      }
+    }
+  },
+  "paths": {
+    "contentPath": "content/"
+  },
+  "privacy": {
+    "useGravatar": true
+  }
+  "logging": {
+    "level": "info",
+    "rotation": {
+      "enabled": true
+    },
+    "transports": ["file"]
+  }
+}
@@ -41,7 +41,7 @@ layout:
    columns: 5
  Privacy/Security:
    style: row
-    columns: 5
+    columns: 3
  Personal/Professional Services:
    style: row
    columns: 5
@@ -1,14 +1,14 @@
 vault_addr: "https://vault.trez.wtf"
 vault_token: !vault |
  $ANSIBLE_VAULT;1.1;AES256
-  30623330336664656231653066343930303830343530323930613666643863623837633738346639
-  3734386663383333386635623931343361343363396434660a633637666539626264653437636134
-  36616334386264383330323164333432623538366234326563323664353338646331353233396161
-  3030623162373232320a386432393337613431303432613065626163326363316365613937623031
-  39316566343238363934383833376136323461336666663762383663633531303138616132333938
-  30316334363436333164303035643835316238313038663761636338313433303766626238656234
-  34373436396430646339326361366634363735346637303865373164363663663263646661366663
-  36336334393535386332646461313262646131383932353534363936623961613761333762376561
-  31366662626231346638346339626565653831613865646436643233653066366534
+  61383638616263666539386332333638356662623166393234383666366265346537353533653833
+  3333313230636166663734356261316132393834613737630a386166376365333862383031343838
+  35346338633530636463643165623432353466363230646239656463333263373738663639313136
+  3966633235393937350a343337613061616238323238386332363635623932333230323037353136
+  66616561613038656462636565656361613065373238613862386235623265396133633034326563
+  32663532343137366334366630356232313865666661326337326263613262306637663434646639
+  61623030383963623332333135396363643036646461303438643233313136346139343232353535
+  39356432623161333661333266333937626364643964333839333934306364373234653761326638
+  33396534396163373034666164393039303639643431353662666265666264353062
 vault_token_cleaned: "{{ vault_token | regex_replace('\\n', '') }}"
 secrets_path: "rinoa-docker/env"
@@ -1198,11 +1198,9 @@ services:
      - netbird-letsencrypt:/backup/netbird-letsencrypt:ro
      - nextcloud_aio_mastercontainer:/backup/nextcloud_aio_mastercontainer:ro
      - ollama:/backup/ollama:ro
-      - open-webui:/backup/open-webui:ro
      - paperless-ngx-data:/backup/paperless-ngx-data:ro
      - paperless-ngx-media:/backup/paperless-ngx-media:ro
      - paperless-ngx-pg:/backup/paperless-ngx-pg:ro
-      - peppermint-pg-data:/backup/peppermint-pg-data:ro
      - pgbackweb-data:/backup/pgbackweb-data:ro
      - plausible-db-data:/backup/plausible-db-data:ro
      - plausible-event-data:/backup/plausible-event-data:ro
@@ -1222,32 +1220,6 @@ services:
      - unmanic-cache:/backup/unmanic-cache:ro
      - wallos-db:/backup/wallos-db:ro
      - wallos-logos:/backup/wallos-logos:ro
-  docuseal:
-    container_name: docuseal
-    image: docuseal/docuseal:latest
-    labels:
-      homepage.group: Personal/Professional Services
-      homepage.name: Docuseal
-      homepage.href: https://docs.${MY_TLD}
-      homepage.description: OSS Document Signing & Verification
-      homepage.icon: docuseal.png
-      swag: enable
-      swag_proto: http
-      swag_port: 3000
-      swag_url: sign.${MY_TLD}
-      swag.uptime-kuma.enabled: true
-      swag.uptime-kuma.monitor.url: https://sign.${MY_TLD}
-    networks:
-      default: null
-    ports:
-      - 3002:3000
-    restart: unless-stopped
-    volumes:
-      - source: ${DOCKER_VOLUME_CONFIG}/docuseal
-        target: /data
-        type: bind
-        bind:
-          create_host_path: true
  duplicati:
    container_name: duplicati
    environment:
@@ -1365,21 +1337,6 @@ services:
        condition: service_started
        required: true
        restart: true
-    environment:
-      database__client: mysql
-      database__connection__host: mariadb
-      database__connection__port: 3306
-      database__connection__user: ${GHOST_DB_USER}
-      database__connection__password: ${GHOST_DB_PASSWORD}
-      database__connection__database: ghost_db
-      mail__transport: SMTP
-      mail__options__host: postal-smtp
-      mail__options__port: 25
-      mail__options__secure: false
-      mail__options__auth__user: ${POSTAL_SMTP_AUTH_USER}
-      mail__options__auth__pass: ${POSTAL_SMTP_AUTH_PASSWORD}
-      mail__from: "noreply@trez.wtf"
-      url: https://blog.${MY_TLD}
    image: ghost:latest
    labels:
      homepage.group: Lifestyle
@@ -1395,9 +1352,11 @@ services:
      swag.uptime-kuma.monitor.url: https://blog.${MY_TLD}
    links:
      - mariadb
-    networks:
-      default: null
+    ports:
+      - 2368:2368
    restart: always
+    volumes:
+      - ${DOCKER_VOLUME_CONFIG}/ghost:/home/ghost
  gitea:
    container_name: gitea
    depends_on:
@@ -1589,7 +1548,8 @@ services:
          create_host_path: true
  graylog:
    container_name: graylog
-    image: ${GRAYLOG_IMAGE:-graylog/graylog:6.1}
+    hostname: graylog
+    image: graylog/graylog:6.1
    depends_on:
      graylog-datanode:
        condition: service_started
@@ -1621,29 +1581,32 @@ services:
      homepage.description: Log Management
      swag: enable
      swag_port: 9000
+      swag_url: logs.${MY_TLD}
      swag_proto: http
      swag.uptime-kuma.enabled: true
+      swag.uptime-kuma.monitor.url: https://logs.${MY_TLD}
    ports:
-    - 5044:5044/tcp   # Beats
-    - 5140:5140/udp   # Syslog
-    - 5140:5140/tcp   # Syslog
-    - 5555:5555/tcp   # RAW TCP
-    - 5555:5555/udp   # RAW UDP
-    - 13457:9000/tcp   # Server API
-    - 12201:12201/tcp # GELF TCP
-    - 12201:12201/udp # GELF UDP
-    #- 10000:10000/tcp # Custom TCP port
-    #- 10000:10000/udp # Custom UDP port
-    - 13301:13301/tcp # Forwarder data
-    - 13302:13302/tcp # Forwarder config
+      - 5044:5044/tcp   # Beats
+      - 5140:5140/udp   # Syslog
+      - 5140:5140/tcp   # Syslog
+      - 5555:5555/tcp   # RAW TCP
+      - 5555:5555/udp   # RAW UDP
+      - 13457:9000/tcp   # Server API
+      - 12201:12201/tcp # GELF TCP
+      - 12201:12201/udp # GELF UDP
+      #- 10000:10000/tcp # Custom TCP port
+      #- 10000:10000/udp # Custom UDP port
+      - 13301:13301/tcp # Forwarder data
+      - 13302:13302/tcp # Forwarder config
    restart: on-failure
    volumes:
      - graylog-data:/usr/share/graylog/data/data
  graylog-datanode:
    container_name: graylog-datanode
-    image: ${DATANODE_IMAGE:-graylog/graylog-datanode:6.1}
+    hostname: graylog-datanode
+    image: graylog/graylog-datanode:6.1
    environment:
-      GRAYLOG_DATANODE_NODE_ID_FILE: /var/lib/graylog-datanode/node-id
+      GRAYLOG_NODE_NAME: graylog-datanode
      GRAYLOG_DATANODE_PASSWORD_SECRET: ${GRAYLOG_PASSWORD_SECRET}
      GRAYLOG_DATANODE_MONGODB_URI: mongodb://graylog:${GRAYLOG_MONGODB_PASSWORD}@mongodb:27017/graylog?replicaSet=rinoa
      GRAYLOG_PATH_REPO: graylog
@@ -2719,6 +2682,10 @@ services:
      - librechat-vectordb
    environment:
      DB_HOST: librechat-vectordb
+      OPENAI_API_KEY: ${LIBRECHAT_OPENAI_API_KEY}
+      DEEPSEEK_API_KEY: ${LIBRECHAT_DEEPSEEK_API_KEY}
+      MISTRAL_API_KEY: ${LIBRECHAT_MISTRAL_API_KEY}
+      ANTHROPIC_API_KEY: ${LIBRECHAT_ANTHROPIC_API_KEY}
      POSTGRES_DB: librechat
      POSTGRES_USER: librechat
      POSTGRES_PASSWORD: ${LIBRECHAT_PG_DB_PASSWD}
@@ -5268,16 +5235,12 @@ volumes:
    name: nextcloud_aio_mastercontainer
  ollama:
    name: ollama
-  open-webui:
-    name: open-webui
  paperless-ngx-data:
    name: paperless-ngx-data
  paperless-ngx-media:
    name: paperless-ngx-media
  paperless-ngx-pg:
    name: paperless-ngx-pg
-  peppermint-pg-data:
-    name: peppermint-pg-data
  pgbackweb-data:
    name: pgbackweb-data
  plausible-db-data:
Author	SHA1	Message	Date
Trez.One	498d3b10c2	Updating HC Vault token. Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Check and Create PR (push) Successful in 3m7s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Docker Compose & Ansible Lints (push) Successful in 9m31s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Cloudflare DNS Setup (push) Successful in 1m6s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Update README & Generate List of Modified Services (push) Successful in 7m42s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / PR Merge (push) Successful in 1m48s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Ansible Configs & Docker Compose Deployment (push) Successful in 23m49s Details	2025-03-20 21:55:40 -04:00
Trez.One	94bdb2cef2	Updating HC Vault token. Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Check and Create PR (push) Successful in 3m50s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Docker Compose & Ansible Lints (push) Failing after 7m3s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Cloudflare DNS Setup (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Update README & Generate List of Modified Services (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / PR Merge (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Ansible Configs & Docker Compose Deployment (push) Has been skipped Details	2025-03-20 21:41:42 -04:00
Trez.One	8774039a97	Updating HC Vault token.	2025-03-20 21:41:16 -04:00
Trez.One	e562ec9ec8	Updating HC Vault token. Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Check and Create PR (push) Successful in 15m55s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Docker Compose & Ansible Lints (push) Failing after 16m6s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Cloudflare DNS Setup (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Update README & Generate List of Modified Services (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / PR Merge (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Ansible Configs & Docker Compose Deployment (push) Has been skipped Details	2025-03-20 20:44:52 -04:00
Trez.One	105e71f5a8	Updating HC Vault token.	2025-03-20 20:43:36 -04:00
Trez.One	6752abdacc	Modifications to Ghost container. Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Check and Create PR (push) Successful in 6m3s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Docker Compose & Ansible Lints (push) Failing after 18m11s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Update README & Generate List of Modified Services (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Ansible Configs & Docker Compose Deployment (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / PR Merge (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Cloudflare DNS Setup (push) Has been skipped Details	2025-03-20 09:34:08 -04:00
Trez.One	9cdc60d580	Adding config for Ghost.	2025-03-20 09:31:19 -04:00
Trez.One	5ab77bcf77	Modifications to Ghost container.	2025-03-20 09:31:19 -04:00
Trez.One	d6b61b9081	Merge remote-tracking branch 'refs/remotes/origin/main'	2025-03-19 19:52:56 -04:00
Trez.One	8610917662	Indentation fix under Graylog.	2025-03-19 19:52:43 -04:00
Trez.One	7f2d1c01a3	Homepaage layout change for Privacy/Security section.	2025-03-19 18:48:56 -04:00
Trez.One	9168e6d2a8	Correcting labels for Graylog.	2025-03-19 18:32:27 -04:00
Trez.One	eb9866d115	Hostnames for Graylog containers.	2025-03-19 17:10:10 -04:00
Trez.One	5b12fe155f	Merge pull request 'Automated PR for docuseal-removal-librechat-tweaks-graylog-fix-misc - #33 ' (#33 ) from docuseal-removal-librechat-tweaks-graylog-fix-misc into main Reviewed-on: Trez.One/rinoa-docker#33	2025-03-19 16:28:56 -04:00
Trez.One	2d84d26b27	Authelia fix. Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Check and Create PR (push) Successful in 5m45s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Docker Compose & Ansible Lints (push) Failing after 46m11s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Update README & Generate List of Modified Services (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / PR Merge (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Cloudflare DNS Setup (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Ansible Configs & Docker Compose Deployment (push) Has been skipped Details	2025-03-19 10:58:17 -04:00
Trez.One	8a218e7e42	Removing Docuseal; fixes for Graylog and LibreChat. Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Check and Create PR (push) Successful in 7m33s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Docker Compose & Ansible Lints (push) Failing after 11m8s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Update README & Generate List of Modified Services (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / PR Merge (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Ansible Configs & Docker Compose Deployment (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Cloudflare DNS Setup (push) Has been skipped Details	2025-03-19 08:54:33 -04:00
Trez.One	53aabb9d8f	Removing Docuseal; fixes for Graylog and LibreChat. Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Check and Create PR (push) Successful in 11m59s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Docker Compose & Ansible Lints (push) Failing after 18m22s Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Cloudflare DNS Setup (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Update README & Generate List of Modified Services (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / PR Merge (push) Has been skipped Details Gitea Branch PR, Cloudflare DNS, README generation, & Ansible/Docker Deployment / Ansible Configs & Docker Compose Deployment (push) Has been skipped Details	2025-03-19 07:24:32 -04:00
gitea-sonarqube-bot	9f07ee562c	Auto Merge of PR 32 - stirling-pdf-deployment Merged by Trez.One	2025-03-18 12:13:39 -04:00
Trez.One	da458d0e38	chore: Update README	2025-03-18 16:11:29 +00:00