luc/alpine-server
1
0
Fork 0
Code Issues Pull requests Wiki Activity

removed bugs and improved syntax

Browse source
This commit is contained in:
Luc Bijl 2023-01-27 21:55:40 +01:00
parent 5a771084c4
commit eb549df3e9
3 changed files with 57 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

81
alpine-server-install.txt Normal file → Executable file
View file

@ -2,7 +2,7 @@ Alpine Linux Musl += (btrfs + gummiboot) >> Eventually
Installation: Installation:
{ {
# alpine-setup: >> Will be replaced eventually with manual install with btrfs and gummiboot, instead of default ext4 and grub. # setup-alpine: >> Will be replaced eventually with manual install with btrfs and gummiboot, instead of default ext4 and grub.
{ {
\ \
} }
@ -18,28 +18,19 @@ Installation:
} }
Post install: Post install:
{ {
Repositories: # apk add git
{ # git clone https://git.bijl.us/luc/alpine-server.git
# vim /etc/apk/repositories:
{
> {v3.15/main}
> {v3.15/community}
> {edge/main}
> {edge/community}
> {edge/testing}
}
# apk update
}
ups(client): ups(client):
{ {
# apk add nut # apk add nut build-base
# mv ups /bin/ups << ups.c # gcc alpine-server/config-files/ups.c -o /bin/ups
# mv exec_ups /bin/exec_ups << exec_ups.c # gcc alpine-server/config-files/exec-ups.c -o /bin/exec-ups
# vim /etc/init.d/ups: # vim /etc/init.d/ups:
{ {
> #!/sbin/openrc-run > #!/sbin/openrc-run
> name="UPS" > name="ups"
> command="/bin/exec_ups" > command="/bin/exec-ups"
} }
# rc-update add ups # rc-update add ups
# rc-service ups start # rc-service ups start
@ -73,14 +64,14 @@ Post install:
} }
# vim /etc/periodic/{*}/rsnapshot: # vim /etc/periodic/{*}/rsnapshot:
{ {
#!/bin/sh > #!/bin/sh
exec /usr/bin/rsnapshot {*} > exec /usr/bin/rsnapshot {*}
} }
# chmod +x /etc/periodic/{*}/rsnapshot # chmod +x /etc/periodic/{*}/rsnapshot
# rc-update add crond # rc-update add crond
# rc-service crond start # rc-service crond start
} }
apk-autoupdate: apk-autoupdate : << Does not work possibly.
{ {
# apk add apk-autoupdate # apk add apk-autoupdate
# vim /etc/periodic/weekly/apk-autoupdate: # vim /etc/periodic/weekly/apk-autoupdate:
@ -122,10 +113,14 @@ Post install:
Docker: Docker:
{ {
# apk add docker docker-compose # apk add docker docker-compose
# addgroup <user> docker
# rc-update add docker boot
# service docker start
portainer: portainer:
{ {
# vim /opt/docker-compose.yml: << portainer.yml # cp alpine-server/config-files/portainer.yml /opt/docker-compose.yml
$ cd /opt/
$ docker-compose up -d $ docker-compose up -d
} }
traefik: traefik:
@ -149,7 +144,7 @@ Post install:
WATCHTOWER_NOTIFICATION_EMAIL_SERVER=mail.{domain} WATCHTOWER_NOTIFICATION_EMAIL_SERVER=mail.{domain}
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=465 WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=465
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER=info WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER=info
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD= WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD={passwd}
WATCHTOWER_NOTIFICATION_EMAIL_DELAY=2 WATCHTOWER_NOTIFICATION_EMAIL_DELAY=2
WATCHTOWER_NOTIFICATIONS=email WATCHTOWER_NOTIFICATIONS=email
WATCHTOWER_SCHEDULE=0 0 0 * * 6 WATCHTOWER_SCHEDULE=0 0 0 * * 6
@ -168,10 +163,10 @@ Post install:
/backups:/var/backups /backups:/var/backups
/source:duplicati-source - local /source:duplicati-source - local
/config:/opt/duplicati /config:/opt/duplicati
/source/host_home:/home /source/host_home:/home:ro
/source/host_etc:/etc /source/host_etc:/etc:ro
/source/host_opt:/opt /source/host_opt:/opt:ro
/source/host_usr_local:/usr/local /source/host_usr_local:/usr/local:ro
} }
Network: bridge Network: bridge
Environment: Environment:
@ -230,8 +225,8 @@ Post install:
Volumes: Volumes:
{ {
/backups:/opt/postgresbackup /backups:/opt/postgresbackup
/var/lib/postgresql/data:/postgresbackup - local /var/lib/postgresql/data:postgresbackup - local
/etc/localtime:/etc/localtime /etc/localtime:/etc/localtime:ro
} }
Network: proxy Network: proxy
Environment: Environment:
@ -272,7 +267,7 @@ Post install:
Network: proxy Network: proxy
Environment: Environment:
{ {
ADMIN_TOKEN={admin_token} ADMIN_TOKEN={admin_token} >> Remove to disable admin page.
SIGNUPS_ALLOWED=true/false SIGNUPS_ALLOWED=true/false
DATABASE_URL=postgresql://postgres:{passwd}@postgres/vaultwarden DATABASE_URL=postgresql://postgres:{passwd}@postgres/vaultwarden
} }
@ -336,6 +331,10 @@ Post install:
> database: > database:
> name: psycopg2 > name: psycopg2
> txn_limit: 10000
> allow_unsafe_locale: false
> args:
> user: postgres
> password: "{passwd}" > password: "{passwd}"
> database: synapse > database: synapse
> host: postgres > host: postgres
@ -344,6 +343,10 @@ Post install:
> enable_registration: true/false > enable_registration: true/false
> enable_registration_without_verification: true > enable_registration_without_verification: true
> app_server_config_files:
> - /data/mautrix/whatsapp/registration.yaml
> - /data/mautrix/signal/registration.yaml
} }
} }
mautrix-whatsapp: mautrix-whatsapp:
@ -357,13 +360,13 @@ Post install:
Image: dock.mau.dev/mautrix/whatsapp:latest Image: dock.mau.dev/mautrix/whatsapp:latest
Volumes: Volumes:
{ {
/data:/opt/matrix/mautrix-whatsapp /data:/var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp
/etc/localtime:/etc/localtime:ro /etc/localtime:/etc/localtime:ro
} }
Network: proxy Network: proxy
Restart: Unless-stopped Restart: Unless-stopped
# vim /opt/matrix/mautrix-whatsapp/config.yaml: # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/config.yaml:
{ {
> homeserver: > homeserver:
> address: http://synapse:8008 > address: http://synapse:8008
@ -387,12 +390,12 @@ Post install:
> permissions: > permissions:
> "*": relay > "*": relay
> "matrix.{domain}": user > "matrix.{domain}": user
> "@admin:matrix.{domain}: admin > "@admin:matrix.{domain}": admin
} }
# vim /opt/matrix/mautrix-signal/registration.yaml: # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/registration.yaml:
{ {
> url: http://mautrix-whatsapp:29318 > url: http://mautrix-whatsapp:29318
> regex: << matrix.{domain.bijl.us} > regex: << matrix.{domain}
} }
} }
mautrix-signal: mautrix-signal:
@ -406,13 +409,13 @@ Post install:
Image: dock.mau.dev/mautrix/signal:latest Image: dock.mau.dev/mautrix/signal:latest
Volumes: Volumes:
{ {
/data:/opt/matrix/mautrix-signal /data:/var/lib/docker/volumes/synapse-data/_data/mautrix/signal
/etc/localtime:/etc/localtime:ro /etc/localtime:/etc/localtime:ro
} }
Network: proxy Network: proxy
Restart: Unless-stopped Restart: Unless-stopped
# vim /opt/matrix/mautrix-signal/config.yaml: # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/config.yaml:
{ {
> homeserver: > homeserver:
> address: http://synapse:8008 > address: http://synapse:8008
@ -439,10 +442,10 @@ Post install:
> "matrix.{domain}": user > "matrix.{domain}": user
> "@admin:matrix.{domain}: admin > "@admin:matrix.{domain}: admin
} }
# vim /opt/matrix/mautrix-signal/registration.yaml: # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/registration.yaml:
{ {
> regex: << matrix.{domain.bijl.us}
> url: http://mautrix-signal:29328 > url: http://mautrix-signal:29328
> regex: << matrix.{domain}
} }
} }
signald: signald:

6
config-files/traefik.labels Normal file → Executable file
View file

@ -1,6 +1,6 @@
traefik.enable=true traefik.enable=true
traefik.http.routers..entrypoints=web/websecure/webfederation traefik.http.routers..entrypoints={web/websecure/webfederation}
traefik.http.routers..rule=Host("") traefik.http.routers..rule=Host("")
traefik.http.routers..tls=true traefik.http.routers..tls=true
traefik.http.routers..tls.certresolver=staging/production traefik.http.routers..tls.certresolver={staging/production}
(optional) traefik.http.services..loadbalancer.server.port= (optional) traefik.http.services..loadbalancer.server.port={port}

4
config-files/treafik.yml → config-files/traefik.yml Normal file → Executable file
View file

@ -20,12 +20,12 @@ services:
- --certificatesresolvers.staging.acme.email={email} - --certificatesresolvers.staging.acme.email={email}
- --certificatesresolvers.staging.acme.storage=/ssl-certs/acme.json - --certificatesresolvers.staging.acme.storage=/ssl-certs/acme.json
- --certificatesresolvers.staging.acme.caServer="https://acme-staging-v02.api.letsencrypt.org/directory" - --certificatesresolvers.staging.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.staging.acme.httpChallenge.entryPoint=web - --certificatesresolvers.staging.acme.httpChallenge.entryPoint=web
- --certificatesresolvers.production.acme.email={email} - --certificatesresolvers.production.acme.email={email}
- --certificatesresolvers.production.acme.storage=/ssl-certs/acme.json - --certificatesresolvers.production.acme.storage=/ssl-certs/acme.json
- --certificatesresolvers.production.acme.caServer="https://acme-v02.api.letsencrypt.org/directory" - --certificatesresolvers.production.acme.caServer=https://acme-v02.api.letsencrypt.org/directory
- --certificatesresolvers.production.acme.httpChallenge.entryPoint=web - --certificatesresolvers.production.acme.httpChallenge.entryPoint=web
ports: ports:
- "80:80" - "80:80"