luc/alpine-server
1
0
Fork 0
Code Issues Pull requests Wiki Activity

removed bugs and improved syntax

Browse source
This commit is contained in:
Luc Bijl 2023-01-27 21:55:40 +01:00
parent 5a771084c4
commit eb549df3e9
3 changed files with 57 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

101
alpine-server-install.txt Normal file → Executable file
View file

@ -2,7 +2,7 @@ Alpine Linux Musl += (btrfs + gummiboot) >> Eventually
Installation:
{
# alpine-setup: >> Will be replaced eventually with manual install with btrfs and gummiboot, instead of default ext4 and grub.
# setup-alpine: >> Will be replaced eventually with manual install with btrfs and gummiboot, instead of default ext4 and grub.
{
\
}
@ -18,28 +18,19 @@ Installation:
}
Post install:
{
Repositories:
{
# vim /etc/apk/repositories:
{
> {v3.15/main}
> {v3.15/community}
> {edge/main}
> {edge/community}
> {edge/testing}
}
# apk update
}
# apk add git
# git clone https://git.bijl.us/luc/alpine-server.git
ups(client):
{
# apk add nut
# mv ups /bin/ups << ups.c
# mv exec_ups /bin/exec_ups << exec_ups.c
# apk add nut build-base
# gcc alpine-server/config-files/ups.c -o /bin/ups
# gcc alpine-server/config-files/exec-ups.c -o /bin/exec-ups
# vim /etc/init.d/ups:
{
> #!/sbin/openrc-run
> name="UPS"
> command="/bin/exec_ups"
> name="ups"
> command="/bin/exec-ups"
}
# rc-update add ups
# rc-service ups start
@ -73,14 +64,14 @@ Post install:
}
# vim /etc/periodic/{*}/rsnapshot:
{
#!/bin/sh
exec /usr/bin/rsnapshot {*}
> #!/bin/sh
> exec /usr/bin/rsnapshot {*}
}
# chmod +x /etc/periodic/{*}/rsnapshot
# rc-update add crond
# rc-service crond start
}
apk-autoupdate:
apk-autoupdate : << Does not work possibly.
{
# apk add apk-autoupdate
# vim /etc/periodic/weekly/apk-autoupdate:
@ -102,11 +93,11 @@ Post install:
> server string = Samba Server
> [home{user}]
> comment = homedir{user}
> valid_users = {user}
> path = /home/{user}
> browseable = yes
> writable = yes
> comment = homedir{user}
> valid_users = {user}
> path = /home/{user}
> browseable = yes
> writable = yes
}
# rc-update add samba
# rc-service samba start
@ -122,10 +113,14 @@ Post install:
Docker:
{
# apk add docker docker-compose
# addgroup <user> docker
# rc-update add docker boot
# service docker start
portainer:
{
# vim /opt/docker-compose.yml: << portainer.yml
# cp alpine-server/config-files/portainer.yml /opt/docker-compose.yml
$ cd /opt/
$ docker-compose up -d
}
traefik:
@ -149,7 +144,7 @@ Post install:
WATCHTOWER_NOTIFICATION_EMAIL_SERVER=mail.{domain}
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=465
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER=info
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD=
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD={passwd}
WATCHTOWER_NOTIFICATION_EMAIL_DELAY=2
WATCHTOWER_NOTIFICATIONS=email
WATCHTOWER_SCHEDULE=0 0 0 * * 6
@ -168,10 +163,10 @@ Post install:
/backups:/var/backups
/source:duplicati-source - local
/config:/opt/duplicati
/source/host_home:/home
/source/host_etc:/etc
/source/host_opt:/opt
/source/host_usr_local:/usr/local
/source/host_home:/home:ro
/source/host_etc:/etc:ro
/source/host_opt:/opt:ro
/source/host_usr_local:/usr/local:ro
}
Network: bridge
Environment:
@ -230,8 +225,8 @@ Post install:
Volumes:
{
/backups:/opt/postgresbackup
/var/lib/postgresql/data:/postgresbackup - local
/etc/localtime:/etc/localtime
/var/lib/postgresql/data:postgresbackup - local
/etc/localtime:/etc/localtime:ro
}
Network: proxy
Environment:
@ -272,7 +267,7 @@ Post install:
Network: proxy
Environment:
{
ADMIN_TOKEN={admin_token}
ADMIN_TOKEN={admin_token} >> Remove to disable admin page.
SIGNUPS_ALLOWED=true/false
DATABASE_URL=postgresql://postgres:{passwd}@postgres/vaultwarden
}
@ -336,14 +331,22 @@ Post install:
> database:
> name: psycopg2
> password: "{passwd}"
> database: synapse
> host: postgres
> cp_min: 5
> cp_max: 10
> txn_limit: 10000
> allow_unsafe_locale: false
> args:
> user: postgres
> password: "{passwd}"
> database: synapse
> host: postgres
> cp_min: 5
> cp_max: 10
> enable_registration: true/false
> enable_registration_without_verification: true
> app_server_config_files:
> - /data/mautrix/whatsapp/registration.yaml
> - /data/mautrix/signal/registration.yaml
}
}
mautrix-whatsapp:
@ -357,13 +360,13 @@ Post install:
Image: dock.mau.dev/mautrix/whatsapp:latest
Volumes:
{
/data:/opt/matrix/mautrix-whatsapp
/data:/var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp
/etc/localtime:/etc/localtime:ro
}
Network: proxy
Restart: Unless-stopped
# vim /opt/matrix/mautrix-whatsapp/config.yaml:
# vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/config.yaml:
{
> homeserver:
> address: http://synapse:8008
@ -387,12 +390,12 @@ Post install:
> permissions:
> "*": relay
> "matrix.{domain}": user
> "@admin:matrix.{domain}: admin
> "@admin:matrix.{domain}": admin
}
# vim /opt/matrix/mautrix-signal/registration.yaml:
# vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/registration.yaml:
{
> url: http://mautrix-whatsapp:29318
> regex: << matrix.{domain.bijl.us}
> regex: << matrix.{domain}
}
}
mautrix-signal:
@ -406,13 +409,13 @@ Post install:
Image: dock.mau.dev/mautrix/signal:latest
Volumes:
{
/data:/opt/matrix/mautrix-signal
/data:/var/lib/docker/volumes/synapse-data/_data/mautrix/signal
/etc/localtime:/etc/localtime:ro
}
Network: proxy
Restart: Unless-stopped
# vim /opt/matrix/mautrix-signal/config.yaml:
# vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/config.yaml:
{
> homeserver:
> address: http://synapse:8008
@ -439,10 +442,10 @@ Post install:
> "matrix.{domain}": user
> "@admin:matrix.{domain}: admin
}
# vim /opt/matrix/mautrix-signal/registration.yaml:
# vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/registration.yaml:
{
> regex: << matrix.{domain.bijl.us}
> url: http://mautrix-signal:29328
> regex: << matrix.{domain}
}
}
signald:

6
config-files/traefik.labels Normal file → Executable file
View file

@ -1,6 +1,6 @@
traefik.enable=true
traefik.http.routers..entrypoints=web/websecure/webfederation
traefik.http.routers..entrypoints={web/websecure/webfederation}
traefik.http.routers..rule=Host("")
traefik.http.routers..tls=true
traefik.http.routers..tls.certresolver=staging/production
(optional) traefik.http.services..loadbalancer.server.port=
traefik.http.routers..tls.certresolver={staging/production}
(optional) traefik.http.services..loadbalancer.server.port={port}

4
config-files/treafik.yml → config-files/traefik.yml Normal file → Executable file
View file

@ -20,12 +20,12 @@ services:
- --certificatesresolvers.staging.acme.email={email}
- --certificatesresolvers.staging.acme.storage=/ssl-certs/acme.json
- --certificatesresolvers.staging.acme.caServer="https://acme-staging-v02.api.letsencrypt.org/directory"
- --certificatesresolvers.staging.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.staging.acme.httpChallenge.entryPoint=web
- --certificatesresolvers.production.acme.email={email}
- --certificatesresolvers.production.acme.storage=/ssl-certs/acme.json
- --certificatesresolvers.production.acme.caServer="https://acme-v02.api.letsencrypt.org/directory"
- --certificatesresolvers.production.acme.caServer=https://acme-v02.api.letsencrypt.org/directory
- --certificatesresolvers.production.acme.httpChallenge.entryPoint=web
ports:
- "80:80"