From 9daf40bdfa652fd83700cfee6ca95e3f09c8e1f8 Mon Sep 17 00:00:00 2001 From: Mike Phares Date: Mon, 25 Nov 2024 23:45:49 -0700 Subject: [PATCH] Dockge --- .gitignore | 2 + etc/bash_history_2024-11-23.txt | 500 ++++++++++++++++++ etc/dnsmasq.d/README | 7 + etc/group | 3 + etc/group- | 4 +- etc/gshadow | 3 + etc/gshadow- | 4 +- etc/hosts | 12 +- etc/nginx/sites-available/default | 25 +- etc/passwd | 1 + etc/passwd- | 3 +- etc/resolv.conf | 2 +- etc/shadow | 1 + etc/shadow- | 1 + opt/stacks/firefox/.env | 1 + opt/stacks/firefox/compose.yaml | 8 + opt/stacks/kuma/.env | 0 opt/stacks/kuma/compose.yaml | 8 + opt/stacks/one-review-webapp-production/.env | 1 + .../one-review-webapp-production/compose.yaml | 7 + opt/stacks/open-project/.env | 11 + opt/stacks/open-project/compose.yaml | 112 ++++ .../openproject-docker-compose/.gitignore | 4 + 23 files changed, 703 insertions(+), 17 deletions(-) create mode 100644 etc/bash_history_2024-11-23.txt create mode 100644 etc/dnsmasq.d/README create mode 100644 opt/stacks/firefox/.env create mode 100644 opt/stacks/firefox/compose.yaml create mode 100644 opt/stacks/kuma/.env create mode 100644 opt/stacks/kuma/compose.yaml create mode 100644 opt/stacks/one-review-webapp-production/.env create mode 100644 opt/stacks/one-review-webapp-production/compose.yaml create mode 100644 opt/stacks/open-project/.env create mode 100644 opt/stacks/open-project/compose.yaml create mode 100644 opt/stacks/openproject-docker-compose/.gitignore diff --git a/.gitignore b/.gitignore index ed5c0cc..0adafc9 100644 --- a/.gitignore +++ b/.gitignore @@ -52,6 +52,8 @@ !etc/letsencrypt/**/* !opt/copy/**/* +!opt/stacks/**/*.env +!opt/stacks/**/*.yaml !root/**/*container !home/podman/**/*volume diff --git a/etc/bash_history_2024-11-23.txt b/etc/bash_history_2024-11-23.txt new file mode 100644 index 0000000..37b2109 --- /dev/null +++ b/etc/bash_history_2024-11-23.txt @@ -0,0 +1,500 @@ +nginx -t +nginx -s reload +exit +ln -s /var/log/nginx /var/www/html/log-nginx +ls -la /var/www/html +cp ~/.bash_history /etc/bash_history_2024-11-05.txt +cat /etc/bash_history_2024-11-05.txt +exit +apt-get install podman -y +apt-cache rdepends podman-compose +apt-get install podman-compose -y +apt-get install sudo +mkdir /home/podman/.ssh +cp /root/.ssh/authorized_keys /home/podman/.ssh/authorized_keys +chown podman:podman -R /home/podman +adduser podman sudo +loginctl enable-linger +sudo -iu podman +podman --version +sudo -iu podman +sudo -iu podman +mkdir -p /run/user/1000/ +chown -R podman:podman /run/user/1000/ +sudo -iu podman +sudo -iu podman +sudo -iu podman +systemctl --user start uptime-kuma-server +systemctl start uptime-kuma-server +sudo -iu podman +sudo -iu podman +find / -name "*fedora*" 2>/dev/null +nano /usr/share/lxc/config/fedora.common.conf +nano /usr/share/lxc/config/fedora.common.conf +nano /usr/share/lxc/config/fedora.common.conf +nano /usr/share/lxc/config/fedora.common.conf +nano /usr/share/lxc/config/fedora.userns.conf +sudo -iu podman +sudo -iu podman +sudo -iu podman +sudo -iu podman +sudo -iu podman +sudo -iu podman +sudo -iu podman +chown -R podman:podman /home/podman +sudo -iu podman +apt install podman-quadlet +ls -la /usr/libexec/podman +systemctl -l | grep -i rootlessport +ps aux | grep rootlessport +whereis podman-generate-systemd +exit +clear +apt list --installed +sudo -iu podman +exit +sudo -iu podman +exit +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/ubuntu.sh)" +apt-get install podman-compose -y +exit +pip3 install podman-compose +systemctl enable podmand +apt install podman +systemctl enable podmand +podman --version +systemctl enable podman.socket +systemctl start podman.socket +systemctl status podman.socket +apt-get install cockpit cockpit-podman -y +systemctl enable --now cockpit.socket +sudo -iu podman +apt install software-properties-common uidmap -y +sudo -iu podman +apt-get install -y libapparmor-dev +cd /tmp/acme.sh +ls /root/.acme.sh/ +./acme.sh --issue --dns dns_duckdns -d '*.phares.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory +cd /tmp +git clone https://github.com/acmesh-official/acme.sh.git +cd /tmp/acme.sh +./acme.sh --install -m mikepharesjr@msn.com +export DuckDNS_Token=1d3fc707-7052-4459-a624-fb01250f00b9 +echo $DuckDNS_Token +./acme.sh --register-account -m mikepharesjr@msn.com +./acme.sh --set-default-ca --server letsencrypt +./acme.sh --issue --dns dns_duckdns -d '*.phares.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory +ls +ls /root/.acme.sh/ +cd /root/.acme.sh/ +cp -R \*.phares.duckdns.org_ecc/ wild-phares +cd wild-phares/ +ls +mv \*.phares.duckdns.org.cer phares.duckdns.org.cer +mv \*.phares.duckdns.org.conf phares.duckdns.org.conf +mv \*.phares.duckdns.org.csr phares.duckdns.org.csr +mv \*.phares.duckdns.org.csr.conf phares.duckdns.org.csr.conf +mv \*.phares.duckdns.org.key phares.duckdns.org.key +ls +cd .. +cd .. +cd /tmp/ +cd acme.sh/ +ls +./acme.sh --issue --dns dns_duckdns -d '*.affirm.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory +cp -R \*.affirm.duckdns.org_ecc/ wild-affirm +cp -R \*.affirm.duckdns.org_ecc/ wild-affirm +cp -R /root/.acme.sh/\*.affirm.duckdns.org_ecc/ /root/.acme.sh/wild-affirm +mv /root/.acme.sh/\*.affirm.duckdns.org.cer /root/.acme.sh/affirm.duckdns.org.cer +mv /root/.acme.sh/\*.affirm.duckdns.org.conf /root/.acme.sh/affirm.duckdns.org.conf +mv /root/.acme.sh/\*.affirm.duckdns.org.csr /root/.acme.sh/affirm.duckdns.org.csr +mv /root/.acme.sh/\*.affirm.duckdns.org.csr.conf /root/.acme.sh/affirm.duckdns.org.csr.conf +mv /root/.acme.sh/\*.affirm.duckdns.org.key /root/.acme.sh/affirm.duckdns.org.key +mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.cer /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer +mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.conf /root/.acme.sh/wild-affirm/affirm.duckdns.org.conf +mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.csr /root/.acme.sh/wild-affirm/affirm.duckdns.org.csr +mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.csr.conf /root/.acme.sh/wild-affirm/affirm.duckdns.org.csr.conf +mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key +nginx -t +nginx -s reload +exit +rm -R /root/.acme.sh/affirm.duckdns.org_ecc/ +cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs +cd /root/.acme.sh/ +ls -la +cd /tmp/ +cd acme.sh/ +./acme.sh --issue --dns dns_duckdns -d '*.bchs.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory +cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.cer /root/.acme.sh/wild-bchs/bchs.duckdns.org.cer +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.conf +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr.conf +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.key /root/.acme.sh/wild-bchs/bchs.duckdns.org.key +cd /root/.acme.sh/ +ls +cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs +cp -R /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.cer /root/.acme.sh/wild-bchs/bchs.duckdns.org.cer +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.conf +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr.conf +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.key /root/.acme.sh/wild-bchs/bchs.duckdns.org.key +exit +nginx -t +nginx -t +nginx -s reload +nginx -s reload +exit +nano /etc/cockpit/cockpit.conf +systemctl restart cockpit +journalctl -u cockpit +systemctl restart cockpit.service +systemctl restart cockpit.socket +exit +systemctl restart cockpit.socket +systemctl restart cockpit.service +journalctl -u cockpit +systemctl stop cockpit +systemctl stop cockpit.socket +exit +mv /etc/cockpit/ws-certs.d/0-self-signed.cert /etc/cockpit/ws-certs.d/0-self-signed.cert.old +mv /etc/cockpit/ws-certs.d/0-self-signed.key /etc/cockpit/ws-certs.d/0-self-signed.key.old +cp /root/.acme.sh/wild-affirm/fullchain.cer /etc/cockpit/ws-certs.d/0-self-signed.cert +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /etc/cockpit/ws-certs.d/0-self-signed.key +systemctl start cockpit +journalctl -xeu cockpit.service +systemctl start cockpit +systemctl start cockpit.socket +systemctl start cockpit +systemctl status cockpit.service +ls -la /etc/cockpit/ws-certs.d +exit +chmod 774 -R /etc/cockpit/ws-certs.d +systemctl start cockpit +systemctl status cockpit.service +systemctl start cockpit.socket +systemctl start cockpit +systemctl stop cockpit +systemctl start cockpit +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /etc/cockpit/ws-certs.d/0-self-signed.cert +ls -la /etc/cockpit/ws-certs.d +chmod 774 -R /etc/cockpit/ws-certs.d +ls -la /etc/cockpit/ws-certs.d +systemctl start cockpit +journalctl -u cockpit +systemctl start cockpit.soket +systemctl start cockpit.socket +cat /etc/cockpit/ws-certs.d/0-self-signed.cert +exit +cat /etc/cockpit/ws-certs.d/0-self-signed.key +exit +systemctl start cockpit +exit +systemctl stop cockpit +systemctl stop cockpit.socket +systemctl start cockpit +systemctl start cockpit.socket +journalctl -u cockpit +journalctl -u cockpit +journalctl --rotate +journalctl --vacuum-time=1s +journalctl -u cockpit +journalctl -u cockpit +journalctl -u cockpit +journalctl -u cockpit +nano /etc/cockpit/cockpit.conf +ngnix -t +nginx -t +nginx -s reload +exit +sudo -iu podman +exit +cp ~/.bash_history /etc/bash_history_2024-11-11.txt +cat /etc/bash_history_2024-11-11.txt +ls +ls -la +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)" +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)" +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)" +/etc/network/interfaces +ls /etc/network/interfaces +cat /etc/network/interfaces +ping 192.168.31.31 +ping 192.168.31.32 +ngnix -t +nginx -s reload +links http://192.168.31.31:3001 +links http://192.168.31.31:3001 +links http://192.168.31.31 +links http://192.168.31.31:3002 +links http://192.168.31.32:3001 +nginx -s reload +nginx -s reload +nginx -s reload +nginx -s reload +links http://192.168.31.65:3001 +links https://192.168.31.65:3001 +links http://192.168.31.12:8006 +links http://192.168.31.12:8006 +nginx -s reload +nginx -s reload +cat /etc/systemd/system/getty@.service.d/autologin.conf +pct enter 100 +nginx -s reload +pct enter 100 +pct enter 101 +pct enter 100 +nginx -s reload +pct enter 100 +mkdir /mnt/vm-100-disk-0 +mount /dev/pve/vm-100-disk-0 /mnt/vm-100-disk-0 +cd /mnt/vm-100-disk-0 +ls -la +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /certs/server.cert +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key +mkdir /mnt/vm-100-disk-0/certs +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key +ls +cd certs/ +ls +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /certs/server.cert +nano /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /mnt/vm-100-disk-0/certs/server.cert +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /mnt/vm-100-disk-0/certs/server.key +ls +ls -la +umount /mnt/vm-100-disk-0 +cd / +umount /mnt/vm-100-disk-0 +cd /mnt/vm-100-disk-0 +ls +pct enter 100 +pct enter 100 +pct enter 100 +links http://192.168.31.39:3001 +links http://192.168.31.39:3004 +links https://192.168.31.39:3001 +nginx -s reload +links https://192.168.31.39:3001 +ip a +pct enter 100 +pct enter 100 +pct enter 100 +nginx -s reload +pct enter 100 +nano /etc/hosts +pct enter 100 +ping mattermost.phares.duckdns.org +curl https://mattermost.phares.duckdns.org +pct enter 100 +exit +links http://192.168.31.12:8084/ +cp /var/www/html /var/www/html-quartz +cp -R /var/www/html /var/www/html-quartz +links http://192.168.31.12:8084/ +nginx -s reload +nginx -s reload +links http://192.168.31.12:8084/ +ls -la /var/www/html-quartz +r -r /var/www/html-quartz/log-nginx +rm -R /var/www/html-quartz/log-nginx +ls -la /var/www/html-quartz +mv /var/www/html-quartz/index.nginx-debian.html index.html +links http://192.168.31.12:8084/ +ls +mv index.html /var/www/html-quartz/ +ls +links http://192.168.31.12:8084/ +links http://192.168.31.12:8084/ +exit +cd /run/user/1000/ +cd systemd/ +ls -la +nano generator.late/ +cd generator.late/ +ls +cd .. +mkdir /run/user/1000/systemd/generator +cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service +cd generator +ls +sudo -iu podman +sudo -iu podman +ls -la /run/user/1000/systemd/generator/neko-server.service +ls -la /run/user/1000/systemd/generator +ls -la /run/user/1000/systemd +mkdir /run/user/1000/systemd/generator +cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service +sudo -iu podman +nginx -s reload +nginx -s reload +sudo -iu podman +cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service +mkdir /run/user/1000/systemd/generator +cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service +exit +mkdir /run/user/1000/systemd/generator +cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service +sudo -iu podman +nginx -s reload +exit +cat /etc/network/interfaces +apt update +apt install dnsmasq -y +systemctl disable --now dnsmasq +apt install frr-pythontools -y +exit +exit +cat /etc/network/interfaces +nginx -s reload +links http://192.168.32.100:3001 +curl http://192.168.32.100:3001 +curl http://192.168.32.100:3001 +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/vm/ubuntu2404-vm.sh)" +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/vm/ubuntu2404-vm.sh)" +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/adguard.sh)" +curl http://192.168.32.100:3001 +snap remove addguard +snap remove addguardhome +snap remove adguardhome +snap remove adguard +snap remove adguard-home +snap install adguard-home +curl http:192.168.31.12:3000 +curl http://192.168.31.12:3000 +nginx -s reload +nginx -s reload +curl http:192.168.31.100:3002 +curl http://192.168.31.100:3002 +curl http://192.168.31.100:3000 +curl http://192.168.31.100:3001 +curl http://192.168.31.100:3001 +ping 192.168.32.100 +curl http://192.168.32.100:3002 +curl http://192.168.32.100:3001 +links http://192.168.32.100:3001/ +nginx -s reload +pct enter 100 +curl http://192.168.32.100:3001 +curl http://192.168.32.100:3001/dashboardroot +nano /etc/dnsmasq.d/SDN/ethers +pct enter 100 +nano /etc/hosts +pct enter 100 +pct enter 100 +nano /etc/hosts +pct modify /etc/hosts 100 +exit +cat /var/lib/misc/dnsmasq.SDN.leases +exit +mviewcl +lsblk -I 8 -o NAME,SIZE,TYPE,FSUSED,FSUSE% +docker +exit +snap info +snap +snap find +snap list +exit +cd /tmp +curl -fsSL https://get.docker.com -o get-docker.sh +sh get-docker.sh +docker ps -a +exit +cd /tmp +mkdir -p /opt/stacks /opt/dockge +cd /opt/dockge +curl https://raw.githubusercontent.com/louislam/dockge/master/compose.yaml --output compose.yaml +docker compose up -d +nginx -s reload +nginx -s reload +apt install podman-docker +/usr/libexec/podman/quadlet -dryrun --user +apt install podman-docker +docker down +docker +docker stop +docker ls +docker ps a +docker ps -a +docker stop c +nginx -s reload +docker compose up -d +docker ps -a +docker stop c +docker compose up -d +nginx -s reload +curl http://192.168.31.12:5800 +nginx -s reload +nginx -s reload +nginx -s reload +docker exec -it firefox bash +docker ps -a +docker exec -it 1 bash +docker exec -it 1 sh +exit +exit +exit +docker exec -it 1 bash +docker exec -it firefox bash +docker ps a +docker ps -a +docker exec -it 1 bash +docker exec -it 1 sh +snap list +nginx -s reload +snap install dotnet-sdk --classic --channel latest/stable +export DOTNET_ROOT=/snap/dotnet-sdk/current +~/.bashrc +dotnet --info +exit +cd /tmp/ +git clone https://33aada599f8e245782e68931fe2629a959af5d26@gitea.phares.duckdns.org/phares3757/one-review.git +cd one-review/ +git checkout origin/11-17 +git log -1 +docker compose -up +docker compose up +docker compose up +nano docker-compose.yaml +exit +links http://localhost:5001 +links http://192.168.11.2:5001 +exit +nginx -s reload +links http://localhost:5000/Products +exit +cd /tmp/ +cd one-review/ +nano docker-compose.yaml +docker compose up +docker ps -a\ +docker ps -a +docker images ls +docker image ls +git pull origin 11-17 +git log -1 +git reset --hard +git log -1 +git pull origin 11-17 +git log -1 +docker compose up +docker ps -a +docker image ls +docker compose up +docker compose up +dotnet run --project src/OneReview +dotnet run --project src/OneReview +docker image ls +docker image ls +docker image rm 0f +docker image rm 0f +docker ps -a +docker container rm e5 +docker image rm 0f +docker compose up +exit +nginx -t +nginx -s reload diff --git a/etc/dnsmasq.d/README b/etc/dnsmasq.d/README new file mode 100644 index 0000000..13db0d8 --- /dev/null +++ b/etc/dnsmasq.d/README @@ -0,0 +1,7 @@ +# All files in this directory will be read by dnsmasq as +# configuration files, except if their names end in +# ".dpkg-dist",".dpkg-old" or ".dpkg-new" +# +# This can be changed by editing /etc/default/dnsmasq + + diff --git a/etc/group b/etc/group index 867a635..0a64c1a 100644 --- a/etc/group +++ b/etc/group @@ -59,3 +59,6 @@ cockpit-ws:x:117: cockpit-wsinstance:x:118: polkitd:x:997: podman:x:1000: +frrvty:x:119:frr +frr:x:120: +docker:x:996: diff --git a/etc/group- b/etc/group- index d672841..4482354 100644 --- a/etc/group- +++ b/etc/group- @@ -18,7 +18,7 @@ voice:x:22: cdrom:x:24: floppy:x:25: tape:x:26: -sudo:x:27: +sudo:x:27:podman audio:x:29: dip:x:30: www-data:x:33: @@ -59,3 +59,5 @@ cockpit-ws:x:117: cockpit-wsinstance:x:118: polkitd:x:997: podman:x:1000: +frrvty:x:119:frr +frr:x:120: diff --git a/etc/gshadow b/etc/gshadow index bf9966b..23750ac 100644 --- a/etc/gshadow +++ b/etc/gshadow @@ -59,3 +59,6 @@ cockpit-ws:!:: cockpit-wsinstance:!:: polkitd:!*:: podman:!:: +frrvty:!::frr +frr:!:: +docker:!:: diff --git a/etc/gshadow- b/etc/gshadow- index 23d68aa..cd85d12 100644 --- a/etc/gshadow- +++ b/etc/gshadow- @@ -18,7 +18,7 @@ voice:*:: cdrom:*:: floppy:*:: tape:*:: -sudo:*:: +sudo:*::podman audio:*:: dip:*:: www-data:*:: @@ -59,3 +59,5 @@ cockpit-ws:!:: cockpit-wsinstance:!:: polkitd:!*:: podman:!:: +frrvty:!::frr +frr:!:: diff --git a/etc/hosts b/etc/hosts index 4d7c0db..f667219 100644 --- a/etc/hosts +++ b/etc/hosts @@ -1,5 +1,13 @@ 127.0.0.1 localhost.localdomain localhost +127.0.1.1 uptimekuma.affirm.duckdns.org +# +192.168.0.11 mattermost.phares.duckdns.org +192.168.0.11 vaultwarden.phares.duckdns.org +192.168.0.11 gitea.phares.duckdns.org +# 192.168.31.12 pve.affirm.duckdns.org pve +192.168.31.12 cockpit.affirm.duckdns.org + # The following lines are desirable for IPv6 capable hosts @@ -8,6 +16,4 @@ fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters -ff02::3 ip6-allhosts - -192.168.0.11 mattermost.phares.duckdns.org +ff02::3 ip6-allhosts \ No newline at end of file diff --git a/etc/nginx/sites-available/default b/etc/nginx/sites-available/default index cd13fa6..68af76a 100644 --- a/etc/nginx/sites-available/default +++ b/etc/nginx/sites-available/default @@ -1,10 +1,15 @@ -include /etc/nginx/include/adguard.conf; # https://adguard.affirm.duckddns.org # http://192.168.31.12:3002/; -include /etc/nginx/include/chat.conf; # https://chat.affirm.duckddns.org # https://192.168.31.12:5001/; -include /etc/nginx/include/cockpit.conf; # https://cockpit.affirm.duckddns.org # https://192.168.31.12:9090/; -include /etc/nginx/include/diskstation.conf; # https://diskstation.affirm.duckddns.org # https://192.168.31.12:5001/; -include /etc/nginx/include/drive.conf; # https://drive.affirm.duckddns.org # https://192.168.31.12:5001/; -include /etc/nginx/include/kuma.conf; # https://kuma.affirm.duckddns.org # http://192.168.31.37:3001/; -include /etc/nginx/include/neko.conf; # https://neko.affirm.duckddns.org # http://192.168.31.12:8082/; -include /etc/nginx/include/photos.conf; # https://photos.affirm.duckddns.org # https://192.168.31.12:5001/; -include /etc/nginx/include/pve.conf; # https://pve.affirm.duckddns.org # https://192.168.31.12:8006/; -include /etc/nginx/include/quartz.conf; # https://quartz.affirm.duckddns.org # http://192.168.31.12:8084/; +include /etc/nginx/include/adguard.conf; # https://adguard.affirm.duckdns.org # http://192.168.31.12:3002/; +include /etc/nginx/include/chat.conf; # https://chat.affirm.duckdns.org # https://192.168.31.12:5001/; +include /etc/nginx/include/cockpit.conf; # https://cockpit.affirm.duckdns.org # https://192.168.31.12:9090/; +include /etc/nginx/include/diskstation.conf; # https://diskstation.affirm.duckdns.org # https://192.168.31.12:5001/; +include /etc/nginx/include/dockge.conf; # https://dockge.affirm.duckdns.org # http://192.168.31.12:5002/; +include /etc/nginx/include/drive.conf; # https://drive.affirm.duckdns.org # https://192.168.31.12:5001/; +include /etc/nginx/include/firefox.conf; # https://firefox.affirm.duckdns.org # http://192.168.31.12:5800/; +include /etc/nginx/include/kuma.conf; # https://kuma.affirm.duckdns.org # http://192.168.32.100:3001/; +include /etc/nginx/include/neko.conf; # https://neko.affirm.duckdns.org # http://192.168.31.12:8082/; +include /etc/nginx/include/open-project.conf; # https://open-project.affirm.duckdns.org # https://192.168.31.12:8080/; +include /etc/nginx/include/photos.conf; # https://photos.affirm.duckdns.org # https://192.168.31.12:5001/; +include /etc/nginx/include/products.conf; # https://products.affirm.duckdns.org # https://192.168.31.12:5005/; +include /etc/nginx/include/pve.conf; # https://pve.affirm.duckdns.org # https://192.168.31.12:8006/; +include /etc/nginx/include/quartz.conf; # https://quartz.affirm.duckdns.org # http://192.168.31.12:8084/; +# ssh root@free.file.sync.media -i C:/Users/phares/.ssh/id_ed25519 \ No newline at end of file diff --git a/etc/passwd b/etc/passwd index 8cbb3f6..dded0ba 100644 --- a/etc/passwd +++ b/etc/passwd @@ -32,3 +32,4 @@ cockpit-ws:x:110:117::/nonexistent:/usr/sbin/nologin cockpit-wsinstance:x:111:118::/nonexistent:/usr/sbin/nologin polkitd:x:997:997:polkit:/nonexistent:/usr/sbin/nologin podman:x:1000:1000:Podman,,,:/home/podman:/bin/bash +frr:x:112:120:Frr routing suite,,,:/nonexistent:/usr/sbin/nologin diff --git a/etc/passwd- b/etc/passwd- index 53b8783..f515ad4 100644 --- a/etc/passwd- +++ b/etc/passwd- @@ -31,4 +31,5 @@ dnsmasq:x:109:65534:dnsmasq,,,:/var/lib/misc:/usr/sbin/nologin cockpit-ws:x:110:117::/nonexistent:/usr/sbin/nologin cockpit-wsinstance:x:111:118::/nonexistent:/usr/sbin/nologin polkitd:x:997:997:polkit:/nonexistent:/usr/sbin/nologin -podman:x:1000:1000::/home/podman:/bin/bash +podman:x:1000:1000:Podman,,,:/home/podman:/bin/bash +frr:x:112:120::/nonexistent:/usr/sbin/nologin diff --git a/etc/resolv.conf b/etc/resolv.conf index 7c35a0d..86e6c1a 100644 --- a/etc/resolv.conf +++ b/etc/resolv.conf @@ -1,2 +1,2 @@ search affirm.duckdns.org -nameserver 192.168.31.1 +nameserver 192.168.31.12 diff --git a/etc/shadow b/etc/shadow index 122b151..c50bd52 100644 --- a/etc/shadow +++ b/etc/shadow @@ -32,3 +32,4 @@ cockpit-ws:!:20033:::::: cockpit-wsinstance:!:20033:::::: polkitd:!*:20033:::::: podman:$y$j9T$nnCjvHHv8TyjZALLaQTLW1$AXTOIYnt4d90f9uFmkIdC8CcWqAlJ429.w645eQnqu2:20033:0:99999:7::: +frr:!:20039:::::: diff --git a/etc/shadow- b/etc/shadow- index ec38210..122b151 100644 --- a/etc/shadow- +++ b/etc/shadow- @@ -31,3 +31,4 @@ dnsmasq:!:20033:::::: cockpit-ws:!:20033:::::: cockpit-wsinstance:!:20033:::::: polkitd:!*:20033:::::: +podman:$y$j9T$nnCjvHHv8TyjZALLaQTLW1$AXTOIYnt4d90f9uFmkIdC8CcWqAlJ429.w645eQnqu2:20033:0:99999:7::: diff --git a/opt/stacks/firefox/.env b/opt/stacks/firefox/.env new file mode 100644 index 0000000..855d67b --- /dev/null +++ b/opt/stacks/firefox/.env @@ -0,0 +1 @@ +FF_OPEN_URL=https://192.168.31.1 \ No newline at end of file diff --git a/opt/stacks/firefox/compose.yaml b/opt/stacks/firefox/compose.yaml new file mode 100644 index 0000000..444f820 --- /dev/null +++ b/opt/stacks/firefox/compose.yaml @@ -0,0 +1,8 @@ +version: '3' +services: + firefox: + image: jlesage/firefox + ports: + - "5800:5800" + volumes: + - "/docker/appdata/firefox:/config:rw" \ No newline at end of file diff --git a/opt/stacks/kuma/.env b/opt/stacks/kuma/.env new file mode 100644 index 0000000..e69de29 diff --git a/opt/stacks/kuma/compose.yaml b/opt/stacks/kuma/compose.yaml new file mode 100644 index 0000000..decc7d4 --- /dev/null +++ b/opt/stacks/kuma/compose.yaml @@ -0,0 +1,8 @@ +version: "3" +services: + kuma: + image: docker.io/louislam/uptime-kuma:1 + ports: + - 3001:3001 + volumes: + - /docker/appdata/kuma:/app/data:rw \ No newline at end of file diff --git a/opt/stacks/one-review-webapp-production/.env b/opt/stacks/one-review-webapp-production/.env new file mode 100644 index 0000000..b569454 --- /dev/null +++ b/opt/stacks/one-review-webapp-production/.env @@ -0,0 +1 @@ +ASPNETCORE_ENVIRONMENT=Production \ No newline at end of file diff --git a/opt/stacks/one-review-webapp-production/compose.yaml b/opt/stacks/one-review-webapp-production/compose.yaml new file mode 100644 index 0000000..eb0e956 --- /dev/null +++ b/opt/stacks/one-review-webapp-production/compose.yaml @@ -0,0 +1,7 @@ +version: "3" +services: + one-review-webapp: + image: one-review-webapp + ports: + - 5005:5001 +networks: {} diff --git a/opt/stacks/open-project/.env b/opt/stacks/open-project/.env new file mode 100644 index 0000000..8213708 --- /dev/null +++ b/opt/stacks/open-project/.env @@ -0,0 +1,11 @@ +TAG=14-slim +OPENPROJECT_HTTPS=false +OPENPROJECT_HOST__NAME=open-project.affirm.duckdns.org +PORT=192.168.31.12:8080 +OPENPROJECT_RAILS__RELATIVE__URL__ROOT= +IMAP_ENABLED=false +DATABASE_URL=postgres://postgres:p4ssw0rd@db/openproject?pool=20&encoding=unicode&reconnect=true +RAILS_MIN_THREADS=4 +RAILS_MAX_THREADS=16 +PGDATA="/var/lib/postgresql/data" +OPDATA="/var/openproject/assets" \ No newline at end of file diff --git a/opt/stacks/open-project/compose.yaml b/opt/stacks/open-project/compose.yaml new file mode 100644 index 0000000..666fe98 --- /dev/null +++ b/opt/stacks/open-project/compose.yaml @@ -0,0 +1,112 @@ +networks: + frontend: null + backend: null +volumes: + pgdata: null + opdata: null +x-op-restart-policy: &a2 + restart: unless-stopped +x-op-image: &a1 + image: openproject/openproject:${TAG:-15-slim} +x-op-app: &a3 + <<: + - *a1 + - *a2 + environment: + OPENPROJECT_HTTPS: ${OPENPROJECT_HTTPS:-true} + OPENPROJECT_HOST__NAME: ${OPENPROJECT_HOST__NAME:-localhost:8080} + OPENPROJECT_HSTS: ${OPENPROJECT_HSTS:-true} + RAILS_CACHE_STORE: memcache + OPENPROJECT_CACHE__MEMCACHE__SERVER: cache:11211 + OPENPROJECT_RAILS__RELATIVE__URL__ROOT: ${OPENPROJECT_RAILS__RELATIVE__URL__ROOT:-} + DATABASE_URL: ${DATABASE_URL:-postgres://postgres:p4ssw0rd@db/openproject?pool=20&encoding=unicode&reconnect=true} + RAILS_MIN_THREADS: ${RAILS_MIN_THREADS:-4} + RAILS_MAX_THREADS: ${RAILS_MAX_THREADS:-16} + # set to true to enable the email receiving feature. See ./docker/cron for more options + IMAP_ENABLED: ${IMAP_ENABLED:-false} + volumes: + - ${OPDATA:-opdata}:/var/openproject/assets +services: + db: + image: postgres:13 + <<: *a2 + stop_grace_period: 3s + volumes: + - ${PGDATA:-pgdata}:/var/lib/postgresql/data + environment: + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-p4ssw0rd} + POSTGRES_DB: openproject + networks: + - backend + cache: + image: memcached + <<: *a2 + networks: + - backend + proxy: + build: + context: ./proxy + args: + APP_HOST: web + image: openproject/proxy + <<: *a2 + ports: + - ${PORT:-8080}:80 + depends_on: + - web + networks: + - frontend + web: + <<: *a3 + command: ./docker/prod/web + networks: + - frontend + - backend + depends_on: + - db + - cache + - seeder + labels: + - autoheal=true + healthcheck: + test: + - CMD + - curl + - -f + - http://localhost:8080${OPENPROJECT_RAILS__RELATIVE__URL__ROOT:-}/health_checks/default + interval: 10s + timeout: 3s + retries: 3 + start_period: 30s + autoheal: + image: willfarrell/autoheal:1.2.0 + volumes: + - /var/run/docker.sock:/var/run/docker.sock + environment: + AUTOHEAL_CONTAINER_LABEL: autoheal + AUTOHEAL_START_PERIOD: 600 + AUTOHEAL_INTERVAL: 30 + worker: + <<: *a3 + command: ./docker/prod/worker + networks: + - backend + depends_on: + - db + - cache + - seeder + cron: + <<: *a3 + command: ./docker/prod/cron + networks: + - backend + depends_on: + - db + - cache + - seeder + seeder: + <<: *a3 + command: ./docker/prod/seeder + restart: on-failure + networks: + - backend diff --git a/opt/stacks/openproject-docker-compose/.gitignore b/opt/stacks/openproject-docker-compose/.gitignore new file mode 100644 index 0000000..d4284de --- /dev/null +++ b/opt/stacks/openproject-docker-compose/.gitignore @@ -0,0 +1,4 @@ +.env + +docker-compose.override.yml +backups/