diff --git a/alpine-server-install.txt b/alpine-server-install.txt old mode 100644 new mode 100755 index d46660a..c9b75c0 --- a/alpine-server-install.txt +++ b/alpine-server-install.txt @@ -2,7 +2,7 @@ Alpine Linux Musl += (btrfs + gummiboot) >> Eventually Installation: { - # alpine-setup: >> Will be replaced eventually with manual install with btrfs and gummiboot, instead of default ext4 and grub. + # setup-alpine: >> Will be replaced eventually with manual install with btrfs and gummiboot, instead of default ext4 and grub. { \ } @@ -18,28 +18,19 @@ Installation: } Post install: { - Repositories: - { - # vim /etc/apk/repositories: - { - > {v3.15/main} - > {v3.15/community} - > {edge/main} - > {edge/community} - > {edge/testing} - } - # apk update - } + # apk add git + # git clone https://git.bijl.us/luc/alpine-server.git + ups(client): { - # apk add nut - # mv ups /bin/ups << ups.c - # mv exec_ups /bin/exec_ups << exec_ups.c + # apk add nut build-base + # gcc alpine-server/config-files/ups.c -o /bin/ups + # gcc alpine-server/config-files/exec-ups.c -o /bin/exec-ups # vim /etc/init.d/ups: { > #!/sbin/openrc-run - > name="UPS" - > command="/bin/exec_ups" + > name="ups" + > command="/bin/exec-ups" } # rc-update add ups # rc-service ups start @@ -73,14 +64,14 @@ Post install: } # vim /etc/periodic/{*}/rsnapshot: { - #!/bin/sh - exec /usr/bin/rsnapshot {*} + > #!/bin/sh + > exec /usr/bin/rsnapshot {*} } # chmod +x /etc/periodic/{*}/rsnapshot # rc-update add crond # rc-service crond start } - apk-autoupdate: + apk-autoupdate : << Does not work possibly. { # apk add apk-autoupdate # vim /etc/periodic/weekly/apk-autoupdate: @@ -102,11 +93,11 @@ Post install: > server string = Samba Server > [home{user}] - > comment = homedir{user} - > valid_users = {user} - > path = /home/{user} - > browseable = yes - > writable = yes + > comment = homedir{user} + > valid_users = {user} + > path = /home/{user} + > browseable = yes + > writable = yes } # rc-update add samba # rc-service samba start @@ -122,10 +113,14 @@ Post install: Docker: { # apk add docker docker-compose + # addgroup docker + # rc-update add docker boot + # service docker start portainer: { - # vim /opt/docker-compose.yml: << portainer.yml + # cp alpine-server/config-files/portainer.yml /opt/docker-compose.yml + $ cd /opt/ $ docker-compose up -d } traefik: @@ -149,7 +144,7 @@ Post install: WATCHTOWER_NOTIFICATION_EMAIL_SERVER=mail.{domain} WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=465 WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER=info - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD= + WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD={passwd} WATCHTOWER_NOTIFICATION_EMAIL_DELAY=2 WATCHTOWER_NOTIFICATIONS=email WATCHTOWER_SCHEDULE=0 0 0 * * 6 @@ -168,10 +163,10 @@ Post install: /backups:/var/backups /source:duplicati-source - local /config:/opt/duplicati - /source/host_home:/home - /source/host_etc:/etc - /source/host_opt:/opt - /source/host_usr_local:/usr/local + /source/host_home:/home:ro + /source/host_etc:/etc:ro + /source/host_opt:/opt:ro + /source/host_usr_local:/usr/local:ro } Network: bridge Environment: @@ -230,8 +225,8 @@ Post install: Volumes: { /backups:/opt/postgresbackup - /var/lib/postgresql/data:/postgresbackup - local - /etc/localtime:/etc/localtime + /var/lib/postgresql/data:postgresbackup - local + /etc/localtime:/etc/localtime:ro } Network: proxy Environment: @@ -272,7 +267,7 @@ Post install: Network: proxy Environment: { - ADMIN_TOKEN={admin_token} + ADMIN_TOKEN={admin_token} >> Remove to disable admin page. SIGNUPS_ALLOWED=true/false DATABASE_URL=postgresql://postgres:{passwd}@postgres/vaultwarden } @@ -336,14 +331,22 @@ Post install: > database: > name: psycopg2 - > password: "{passwd}" - > database: synapse - > host: postgres - > cp_min: 5 - > cp_max: 10 + > txn_limit: 10000 + > allow_unsafe_locale: false + > args: + > user: postgres + > password: "{passwd}" + > database: synapse + > host: postgres + > cp_min: 5 + > cp_max: 10 > enable_registration: true/false > enable_registration_without_verification: true + + > app_server_config_files: + > - /data/mautrix/whatsapp/registration.yaml + > - /data/mautrix/signal/registration.yaml } } mautrix-whatsapp: @@ -357,13 +360,13 @@ Post install: Image: dock.mau.dev/mautrix/whatsapp:latest Volumes: { - /data:/opt/matrix/mautrix-whatsapp + /data:/var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp /etc/localtime:/etc/localtime:ro } Network: proxy Restart: Unless-stopped - # vim /opt/matrix/mautrix-whatsapp/config.yaml: + # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/config.yaml: { > homeserver: > address: http://synapse:8008 @@ -387,12 +390,12 @@ Post install: > permissions: > "*": relay > "matrix.{domain}": user - > "@admin:matrix.{domain}: admin + > "@admin:matrix.{domain}": admin } - # vim /opt/matrix/mautrix-signal/registration.yaml: + # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/registration.yaml: { > url: http://mautrix-whatsapp:29318 - > regex: << matrix.{domain.bijl.us} + > regex: << matrix.{domain} } } mautrix-signal: @@ -406,13 +409,13 @@ Post install: Image: dock.mau.dev/mautrix/signal:latest Volumes: { - /data:/opt/matrix/mautrix-signal + /data:/var/lib/docker/volumes/synapse-data/_data/mautrix/signal /etc/localtime:/etc/localtime:ro } Network: proxy Restart: Unless-stopped - # vim /opt/matrix/mautrix-signal/config.yaml: + # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/config.yaml: { > homeserver: > address: http://synapse:8008 @@ -439,10 +442,10 @@ Post install: > "matrix.{domain}": user > "@admin:matrix.{domain}: admin } - # vim /opt/matrix/mautrix-signal/registration.yaml: + # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/registration.yaml: { - > regex: << matrix.{domain.bijl.us} > url: http://mautrix-signal:29328 + > regex: << matrix.{domain} } } signald: diff --git a/config-files/traefik.labels b/config-files/traefik.labels old mode 100644 new mode 100755 index 51768b5..0dcda6f --- a/config-files/traefik.labels +++ b/config-files/traefik.labels @@ -1,6 +1,6 @@ traefik.enable=true -traefik.http.routers..entrypoints=web/websecure/webfederation +traefik.http.routers..entrypoints={web/websecure/webfederation} traefik.http.routers..rule=Host("") traefik.http.routers..tls=true -traefik.http.routers..tls.certresolver=staging/production -(optional) traefik.http.services..loadbalancer.server.port= \ No newline at end of file +traefik.http.routers..tls.certresolver={staging/production} +(optional) traefik.http.services..loadbalancer.server.port={port} \ No newline at end of file diff --git a/config-files/treafik.yml b/config-files/traefik.yml old mode 100644 new mode 100755 similarity index 83% rename from config-files/treafik.yml rename to config-files/traefik.yml index c0748ac..118dff3 --- a/config-files/treafik.yml +++ b/config-files/traefik.yml @@ -20,12 +20,12 @@ services: - --certificatesresolvers.staging.acme.email={email} - --certificatesresolvers.staging.acme.storage=/ssl-certs/acme.json - - --certificatesresolvers.staging.acme.caServer="https://acme-staging-v02.api.letsencrypt.org/directory" + - --certificatesresolvers.staging.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory - --certificatesresolvers.staging.acme.httpChallenge.entryPoint=web - --certificatesresolvers.production.acme.email={email} - --certificatesresolvers.production.acme.storage=/ssl-certs/acme.json - - --certificatesresolvers.production.acme.caServer="https://acme-v02.api.letsencrypt.org/directory" + - --certificatesresolvers.production.acme.caServer=https://acme-v02.api.letsencrypt.org/directory - --certificatesresolvers.production.acme.httpChallenge.entryPoint=web ports: - "80:80"