Compare commits

...

2 commits

Author SHA1 Message Date
3ce28b14b4
Fix problems (mailcow, typos, watchtower script)
Mailcow blocked login because "force_pw_update" was true
2024-11-09 02:32:41 +01:00
05e79ae90a
Fix issues (backup, watchtower, firewall)
Remove remote_docker backups
Add option to monitor with watchtower
Add teamspeak ports to firewall
2024-11-08 00:05:55 +01:00
24 changed files with 57 additions and 35 deletions

View file

@ -4,7 +4,8 @@ compose_file_main:
image: "{{ compose.image }}"
restart: always
labels:
com.centurylinklabs.watchtower.enable: "{{ compose.watchtower | default(false) }}"
com.centurylinklabs.watchtower.enable: "{{ compose.watchtower | default('') == 'update' }}"
com.centurylinklabs.watchtower.monitor-only: "{{ compose.watchtower | default('') == 'monitor' }}"
compose_file_env:
services:

View file

@ -10,6 +10,7 @@ resource "mailcow_mailbox" "services" {
full_name = each.value.mail
local_part = each.value.mail
password = random_password.mailcow_service_passwords[each.key].result
force_pw_update = false
imap_access = false
pop3_access = false
sogo_access = false

View file

@ -7,7 +7,7 @@ NAME_env:
EXAMPLE: value
NAME_compose:
watchtower: true
watchtower: update
image:
volumes:
- data:/data

View file

@ -14,7 +14,7 @@ acme_dns_svc:
db: "{{ opentofu.postgresql_data.acme_dns.database }}"
acme_dns_compose:
watchtower: true
watchtower: update
monitoring: true
image: joohoi/acme-dns
volumes:

View file

@ -13,9 +13,9 @@ forgejo_svc:
forgejo_env:
FORGEJO__database__DB_TYPE: postgres
FORGEJO__database__HOST: "{{ svc.db.host }}:{{ svc.db.port }}"
FORGEJO__database__NAME: "{{ opentofu.postgresql_service_roles.forgejo.database }}"
FORGEJO__database__USER: "{{ opentofu.postgresql_service_roles.forgejo.user }}"
FORGEJO__database__PASSWD: "{{ opentofu.postgresql_service_roles.forgejo.pass }}"
FORGEJO__database__NAME: "{{ opentofu.postgresql_data.forgejo.database }}"
FORGEJO__database__USER: "{{ opentofu.postgresql_data.forgejo.user }}"
FORGEJO__database__PASSWD: "{{ opentofu.postgresql_data.forgejo.pass }}"
FORGEJO__database__SSL_MODE: verify-full
FORGEJO__repository__ENABLE_PUSH_CREATE_USER: true
@ -52,7 +52,7 @@ forgejo_env:
FORGEJO__mailer__ENABLED: true
FORGEJO__mailer__PROTOCOL: smtp+starttls
FORGEJO__mailer__SMTP_ADDR: "{{ mailer.host }}"
FORGEJO__mailer__SMTP_PORT: "{{ mailer.post }}"
FORGEJO__mailer__SMTP_PORT: "{{ mailer.port }}"
FORGEJO__mailer__FROM: "git <{{ opentofu.mailcow_data.forgejo.address }}>"
FORGEJO__mailer__USER: "{{ opentofu.mailcow_data.forgejo.address }}"
FORGEJO__mailer__PASSWD: "{{ opentofu.mailcow_data.forgejo.password }}"
@ -81,7 +81,7 @@ forgejo_env:
FORGEJO__other__SHOW_FOOTER_TEMPLATE_LOAD_TIME: false
forgejo_compose:
watchtower: true
watchtower: update
image: codeberg.org/forgejo/forgejo:9
volumes:
- data:/data

View file

@ -5,7 +5,7 @@ forgejo_runner_env:
DOCKER_HOST: tcp://docker-in-docker:2375
forgejo_runner_compose:
watchtower: true
watchtower: update
image: code.forgejo.org/forgejo/runner:3.3.0
volumes:
- ./config.yml:/config/config.yml

View file

@ -65,7 +65,7 @@ gatus_yml:
endpoints: "{{ gatus_endpoints_hosts | union(gatus_endpoints_services) | union(gatus_endpoints_other) }}"
gatus_compose:
watchtower: true
watchtower: update
image: twinproduction/gatus
volumes:
- ./config.yaml:/config/config.yaml

View file

@ -13,8 +13,8 @@ homebox_env:
HBOX_SWAGGER_SCHEMA: https
homebox_compose:
watchtower: true
image: ghcr.io/hay-kot/homebox:latest-rootless
watchtower: update
image: ghcr.io/sysadminsmedia/homebox:latest-rootless
volumes:
- data:/data
file:

View file

@ -30,7 +30,7 @@ immich_env:
REDIS_HOSTNAME: redis
immich_compose:
watchtower: false
watchtower: monitor
image: ghcr.io/immich-app/immich-server:release
volumes:
- upload:/usr/src/app/upload

View file

@ -62,7 +62,7 @@ influxdb_yml:
vault-token: ""
influxdb_compose:
watchtower: false
watchtower: monitor
image: influxdb:2.7
volumes:
- ./influxdb.yml:/etc/influxdb2/config.yml

View file

@ -10,7 +10,7 @@ jellyfin_env:
JELLYFIN_PublishedServerUrl: https://{{ svc.domain }}
jellyfin_compose:
watchtower: true
watchtower: update
image: jellyfin/jellyfin
volumes:
- config:/config

View file

@ -34,5 +34,5 @@ linkwarden_env:
AUTHENTIK_CLIENT_SECRET: "{{ opentofu.authentik_data.linkwarden.client_secret }}"
linkwarden_compose:
watchtower: true
watchtower: update
image: ghcr.io/linkwarden/linkwarden:latest

View file

@ -29,7 +29,7 @@ minio_env:
minio_compose:
watchtower: true
watchtower: update
image: minio/minio
volumes:
- data:/data

View file

@ -39,7 +39,7 @@ ntfy_env:
NTFY_ENABLE_METRICS: true
ntfy_compose:
watchtower: true
watchtower: update
image: binwiederhier/ntfy
volumes:
- cache:/var/cache/ntfy

View file

@ -26,5 +26,5 @@ shlink_env:
GEOLITE_LICENSE_KEY: "{{ vault_shlink.geolite_key }}"
shlink_compose:
watchtower: true
watchtower: update
image: shlinkio/shlink

View file

@ -98,7 +98,7 @@ synapse_yml:
notif_from: "matrix <{{ opentofu.mailcow_data.synapse.address }}>"
synapse_compose:
watchtower: true
watchtower: update
image: ghcr.io/element-hq/synapse:latest
volumes:
- ./config:/config

View file

@ -35,7 +35,7 @@ tandoor_env:
SOCIAL_DEFAULT_GROUP: guest
tandoor_compose:
watchtower: true
watchtower: update
image: nginx:mainline-alpine
volumes:
- nginx_config:/etc/nginx/conf.d:ro

View file

@ -36,7 +36,7 @@ teamspeak_fallback_yml:
name: X-Webhook-Token
teamspeak_fallback_compose:
watchtower: true
watchtower: update
image: ghcr.io/thecatlady/webhook
volumes:
- ./config:/config:ro

View file

@ -20,5 +20,5 @@ umami_env:
CLIENT_IP_HEADER: X-Analytics-IP
umami_compose:
watchtower: true
watchtower: update
image: "{{ umami_docker_image }}"

View file

@ -48,7 +48,7 @@ vikunja_yml:
enabled: true
vikunja_compose:
watchtower: true
watchtower: update
image: vikunja/vikunja
volumes:
- data:/app/vikunja/files

View file

@ -1,3 +1,3 @@
#!/usr/bin/env sh
docker compose run -e WATCHTOWER_RUN_ONCE=true -e WATCHTOWER_NOTIFICATIONS= watchtower
docker compose run --rm -e WATCHTOWER_RUN_ONCE=true app

View file

@ -21,5 +21,5 @@ wiki_js_env:
DB_SSL: 1
wiki_js_compose:
watchtower: true
watchtower: update
image: requarks/wiki

View file

@ -32,7 +32,7 @@ woodpecker_env:
WOODPECKER_DATABASE_DATASOURCE: postgres://{{ svc.db.user }}:{{ svc.db.pass }}@{{ svc.db.host }}:{{ svc.db.port }}/{{ svc.db.database }}?sslmode=verify-full
woodpecker_compose:
watchtower: true
watchtower: update
image: woodpeckerci/woodpecker-server
file:
services:

View file

@ -215,10 +215,10 @@ services = {
domain = "gallery.serguzim.me"
}]
backup = [
{
name = "immich_upload"
type = "docker_remote"
},
#{
# name = "immich_upload"
# type = "docker_remote"
#},
{
name = "immich_database"
type = "hook"
@ -265,10 +265,10 @@ services = {
name = "jellyfin_config"
type = "docker"
},
{
name = "jellyfin_media"
type = "docker_remote"
}
#{
# name = "jellyfin_media"
# type = "docker_remote"
#}
]
monitoring = {
url = "/health"
@ -552,6 +552,26 @@ services = {
monitoring = {
group = "7-support"
}
ports = [
{
description = "Teamspeak server"
port = 9987
protocol = "udp"
type = "firewall"
},
{
description = "Teamspeak filetransfer"
port = 30033
protocol = "tcp"
type = "firewall"
},
{
description = "Teamspeak serverquery"
port = 10011
protocol = "tcp"
type = "firewall"
}
]
auth = false
database = false
s3 = false