Add services and cleanup volumes

2022-11-23 15:56:14 +01:00 · 2022-11-23 15:56:14 +01:00 · acc83618f3
commit acc83618f3
parent a14902ddf9
11 changed files with 97 additions and 35 deletions
--- a/authentik/.env
+++ b/authentik/.env
@ -17,6 +17,3 @@ AUTHENTIK_POSTGRESQL__HOST=node002.serguzim.net
 AUTHENTIK_POSTGRESQL__USER=authentik
 AUTHENTIK_POSTGRESQL__NAME=authentik
 AUTHENTIK_POSTGRESQL__PASSWORD=
-
-GEOIPUPDATE_EDITION_IDS="GeoLite2-City"
-GEOIPUPDATE_FREQUENCY="8"
--- a/authentik/docker-compose.yml
+++ b/authentik/docker-compose.yml
@ -8,7 +8,6 @@ services:
    volumes:
      - ./media:/media
      - ./custom-templates:/templates
-      - geoip:/geoip
    env_file:
      - .env
      - .secret.env
@ -31,19 +30,6 @@ services:
      - ./certs:/certs
      - /var/run/docker.sock:/var/run/docker.sock
      - ./custom-templates:/templates
-      - geoip:/geoip
-    env_file:
-      - .env
-      - .secret.env
-    depends_on:
-      - redis
-    networks:
-      local-net:
-
-  geoipupdate:
-    image: "maxmindinc/geoipupdate:latest"
-    volumes:
-      - "geoip:/usr/share/GeoIP"
    env_file:
      - .env
      - .secret.env
@ -58,9 +44,6 @@ services:
    networks:
      local-net:

-volumes:
-  geoip:
-
 networks:
  local-net:
  apps:
--- a/caddy/.gitignore
+++ b/caddy/.gitignore
@ -1 +1,2 @@
 /config/conf-hidden.d/
+/config/conf.d
--- a/caddy/Dockerfile
+++ b/caddy/Dockerfile
@ -0,0 +1,8 @@
+FROM caddy:2-builder AS builder
+
+RUN xcaddy build \
+    --with github.com/caddy-dns/acmedns
+
+FROM caddy:2-alpine
+
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy
--- a/caddy/config/conf.002.d/matrix.msrg.cc.conf
+++ b/caddy/config/conf.002.d/matrix.msrg.cc.conf
@ -3,11 +3,14 @@ matrix.msrg.cc {

 	reverse_proxy /_matrix/* synapse:8008
 	reverse_proxy /_synapse/* synapse:8008
+}

-	handle_path /admin/* {
-		rewrite * {path}
-		reverse_proxy synapse-admin:80
-	}
+admin.matrix.msrg.cc {
+	import default
+
+	reverse_proxy /_matrix/* synapse:8008
+	reverse_proxy /_synapse/* synapse:8008
+	reverse_proxy synapse-admin:80
 }

 msrg.cc:8008,
--- a/caddy/docker-compose.yml
+++ b/caddy/docker-compose.yml
@ -2,7 +2,9 @@ version: "3.7"

 services:
  app:
-    image: caddy:2-alpine
+    build:
+      context: .
+    image: caddy-custom:2-alpine
    restart: always
    ports:
      - "80:80"
--- a/gitea/.env
+++ b/gitea/.env
@ -50,11 +50,11 @@ GITEA__metrics__ENABLED="true"
 GITEA__metrics__TOKEN=""

 GITEA__storage__STORAGE_TYPE="minio"
-GITEA__storage__MINIO_ENDPOINT="sos-de-fra-1.exo.io"
+GITEA__storage__MINIO_ENDPOINT="s3.serguzim.me"
 GITEA__storage__MINIO_ACCESS_KEY_ID=""
 GITEA__storage__MINIO_SECRET_ACCESS_KEY=""
-GITEA__storage__MINIO_BUCKET="git.serguzim.me"
-GITEA__storage__MINIO_LOCATION="de-fra-1"
+GITEA__storage__MINIO_BUCKET="git"
+GITEA__storage__MINIO_LOCATION="de-contabo-1"
 GITEA__storage__MINIO_USE_SSL="true"

 GITEA__OTHER__SHOW_FOOTER_BRANDING="true"
--- a/influxdb/docker-compose.yml
+++ b/influxdb/docker-compose.yml
@ -0,0 +1,20 @@
+version: '3'
+
+services:
+  influxdb:
+    image: influxdb:latest
+    volumes:
+      - ./influxdb.yml:/etc/influxdb2/config.yml
+      - data:/var/lib/influxdb2
+    restart: always
+    networks:
+      apps:
+        aliases:
+          - influxdb
+
+volumes:
+  data:
+
+networks:
+  apps:
+    external: true
--- a/influxdb/influxdb.yml
+++ b/influxdb/influxdb.yml
@ -0,0 +1,55 @@
+assets-path: ""
+bolt-path: /var/lib/influxdb2/influxd.bolt
+e2e-testing: false
+engine-path: /var/lib/influxdb2/engine
+feature-flags: {}
+http-bind-address: :8086
+influxql-max-select-buckets: 0
+influxql-max-select-point: 0
+influxql-max-select-series: 0
+key-name: ""
+log-level: info
+nats-max-payload-bytes: 1048576
+nats-port: 4222
+no-tasks: false
+query-concurrency: 10
+query-initial-memory-bytes: 0
+query-max-memory-bytes: 0
+query-memory-bytes: 9223372036854775807
+query-queue-size: 10
+reporting-disabled: false
+secret-store: bolt
+session-length: 60
+session-renew-disabled: false
+storage-cache-max-memory-size: 1073741824
+storage-cache-snapshot-memory-size: 26214400
+storage-cache-snapshot-write-cold-duration: 10m0s
+storage-compact-full-write-cold-duration: 4h0m0s
+storage-compact-throughput-burst: 50331648
+storage-max-concurrent-compactions: 0
+storage-max-index-log-file-size: 1048576
+storage-retention-check-interval: 30m0s
+storage-series-file-max-concurrent-snapshot-compactions: 0
+storage-series-id-set-cache-size: 0
+storage-shard-precreator-advance-period: 30m0s
+storage-shard-precreator-check-interval: 10m0s
+storage-tsm-use-madv-willneed: false
+storage-validate-keys: false
+storage-wal-fsync-delay: 0s
+store: bolt
+testing-always-allow-setup: false
+tls-cert: ""
+tls-key: ""
+tls-min-version: "1.2"
+tls-strict-ciphers: false
+tracing-type: ""
+vault-addr: ""
+vault-cacert: ""
+vault-capath: ""
+vault-client-cert: ""
+vault-client-key: ""
+vault-client-timeout: 0s
+vault-max-retries: 0
+vault-skip-verify: false
+vault-tls-server-name: ""
+vault-token: ""
--- a/monitoring/docker-compose.yml
+++ b/monitoring/docker-compose.yml
@ -9,17 +9,12 @@ services:
    env_file:
      - .env
      - .secret.env
-    volumes:
-      - grafana-data:/var/lib/grafana/
    user: "104"
    networks:
      apps:
        aliases:
          - grafana

-volumes:
-  grafana-data:
-
 networks:
  apps:
    external: true
--- a/synapse/data/homeserver.yaml
+++ b/synapse/data/homeserver.yaml
@ -70,5 +70,3 @@ email:
  #smtp_pass: ""
  require_transport_security: true
  notif_from: "Matrix <matrix@serguzim.me>"
-
-# vim:ft=yaml