removed bugs and improved syntax

alpine-server-install.txt

@@ -2,7 +2,7 @@ Alpine Linux Musl += (btrfs + gummiboot) >> Eventually
 
 Installation:
 {
-    # alpine-setup: >> Will be replaced eventually with manual install with btrfs and gummiboot, instead of default ext4 and grub.
+    # setup-alpine: >> Will be replaced eventually with manual install with btrfs and gummiboot, instead of default ext4 and grub.
     {
         \
     }
@@ -18,28 +18,19 @@ Installation:
 }
 Post install:
 {
-    Repositories:
-    {
-        # vim /etc/apk/repositories:
-        {
-            > {v3.15/main}
-            > {v3.15/community}
-            > {edge/main}
-            > {edge/community}
-            > {edge/testing}
-        }
-        # apk update
-    }
+    # apk add git
+    # git clone https://git.bijl.us/luc/alpine-server.git
+
     ups(client):
     {
-        # apk add nut
-        # mv ups /bin/ups << ups.c
-        # mv exec_ups /bin/exec_ups << exec_ups.c
+        # apk add nut build-base
+        # gcc alpine-server/config-files/ups.c -o /bin/ups
+        # gcc alpine-server/config-files/exec-ups.c -o /bin/exec-ups
         # vim /etc/init.d/ups:
         {
             > #!/sbin/openrc-run
-            > name="UPS"
-            > command="/bin/exec_ups"
+            > name="ups"
+            > command="/bin/exec-ups"
         }
         # rc-update add ups
         # rc-service ups start
@@ -73,14 +64,14 @@ Post install:
         }
         # vim /etc/periodic/{*}/rsnapshot: 
         {
-            #!/bin/sh
-            exec /usr/bin/rsnapshot {*}
+            > #!/bin/sh
+            > exec /usr/bin/rsnapshot {*}
         }
         # chmod +x /etc/periodic/{*}/rsnapshot
         # rc-update add crond
         # rc-service crond start
     }
-    apk-autoupdate:
+    apk-autoupdate : << Does not work possibly.
     {
         # apk add apk-autoupdate
         # vim /etc/periodic/weekly/apk-autoupdate:
@@ -122,10 +113,14 @@ Post install:
     Docker:
     {
         # apk add docker docker-compose
+        # addgroup <user> docker
+        # rc-update add docker boot
+        # service docker start
 
         portainer:
         {
-            # vim /opt/docker-compose.yml: << portainer.yml
+            # cp alpine-server/config-files/portainer.yml /opt/docker-compose.yml
+            $ cd /opt/
             $ docker-compose up -d 
         }
         traefik:
@@ -149,7 +144,7 @@ Post install:
                 WATCHTOWER_NOTIFICATION_EMAIL_SERVER=mail.{domain}
                 WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=465
                 WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER=info
-                WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD=
+                WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD={passwd}
                 WATCHTOWER_NOTIFICATION_EMAIL_DELAY=2
                 WATCHTOWER_NOTIFICATIONS=email
                 WATCHTOWER_SCHEDULE=0 0 0 * * 6
@@ -168,10 +163,10 @@ Post install:
                 /backups:/var/backups
                 /source:duplicati-source - local
                 /config:/opt/duplicati
-                /source/host_home:/home
-                /source/host_etc:/etc
-                /source/host_opt:/opt
-                /source/host_usr_local:/usr/local
+                /source/host_home:/home:ro
+                /source/host_etc:/etc:ro
+                /source/host_opt:/opt:ro
+                /source/host_usr_local:/usr/local:ro
             }
             Network: bridge
             Environment:
@@ -230,8 +225,8 @@ Post install:
             Volumes:
             {
                 /backups:/opt/postgresbackup
-                /var/lib/postgresql/data:/postgresbackup - local
-                /etc/localtime:/etc/localtime
+                /var/lib/postgresql/data:postgresbackup - local
+                /etc/localtime:/etc/localtime:ro
             }
             Network: proxy
             Environment:
@@ -272,7 +267,7 @@ Post install:
             Network: proxy
             Environment:
             {
-                ADMIN_TOKEN={admin_token}
+                ADMIN_TOKEN={admin_token} >> Remove to disable admin page.
                 SIGNUPS_ALLOWED=true/false
                 DATABASE_URL=postgresql://postgres:{passwd}@postgres/vaultwarden
             }
@@ -336,6 +331,10 @@ Post install:
 
                 > database:
                 >   name: psycopg2
+                >   txn_limit: 10000
+                >   allow_unsafe_locale: false
+                >   args:
+                >       user: postgres
                 >       password: "{passwd}"
                 >       database: synapse
                 >       host: postgres
@@ -344,6 +343,10 @@ Post install:
 
                 > enable_registration: true/false
                 > enable_registration_without_verification: true
+
+                > app_server_config_files:
+                >   - /data/mautrix/whatsapp/registration.yaml
+                >   - /data/mautrix/signal/registration.yaml
             }
         }
         mautrix-whatsapp:
@@ -357,13 +360,13 @@ Post install:
             Image: dock.mau.dev/mautrix/whatsapp:latest
             Volumes:
             {
-                /data:/opt/matrix/mautrix-whatsapp
+                /data:/var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp
                 /etc/localtime:/etc/localtime:ro
             }
             Network: proxy
             Restart: Unless-stopped
 
-            # vim /opt/matrix/mautrix-whatsapp/config.yaml:
+            # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/config.yaml:
             {
                 > homeserver:
                 >   address: http://synapse:8008
@@ -387,12 +390,12 @@ Post install:
                 >   permissions:
                 >       "*": relay
                 >       "matrix.{domain}": user
-                >       "@admin:matrix.{domain}: admin
+                >       "@admin:matrix.{domain}": admin
             }
-            # vim /opt/matrix/mautrix-signal/registration.yaml:
+            # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/registration.yaml:
             {
                 > url: http://mautrix-whatsapp:29318
-                > regex: << matrix.{domain.bijl.us}
+                > regex: << matrix.{domain}
             }
         }
         mautrix-signal:
@@ -406,13 +409,13 @@ Post install:
             Image: dock.mau.dev/mautrix/signal:latest
             Volumes:
             {
-                /data:/opt/matrix/mautrix-signal
+                /data:/var/lib/docker/volumes/synapse-data/_data/mautrix/signal
                 /etc/localtime:/etc/localtime:ro
             }
             Network: proxy
             Restart: Unless-stopped
 
-            # vim /opt/matrix/mautrix-signal/config.yaml:
+            # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/config.yaml:
             {
                 > homeserver:
                 >   address: http://synapse:8008
@@ -439,10 +442,10 @@ Post install:
                 >       "matrix.{domain}": user
                 >       "@admin:matrix.{domain}: admin
             }
-            # vim /opt/matrix/mautrix-signal/registration.yaml:
+            # vim /var/lib/docker/volumes/synapse-data/_data/mautrix/whatsapp/registration.yaml:
             {
-                > regex: << matrix.{domain.bijl.us}
                 > url: http://mautrix-signal:29328
+                > regex: << matrix.{domain}
             }
         }
         signald:

config-files/traefik.labels

@@ -1,6 +1,6 @@
 traefik.enable=true
-traefik.http.routers..entrypoints=web/websecure/webfederation
+traefik.http.routers..entrypoints={web/websecure/webfederation}
 traefik.http.routers..rule=Host("")
 traefik.http.routers..tls=true
-traefik.http.routers..tls.certresolver=staging/production
-(optional) traefik.http.services..loadbalancer.server.port=
+traefik.http.routers..tls.certresolver={staging/production}
+(optional) traefik.http.services..loadbalancer.server.port={port}

config-files/traefik.yml

@@ -20,12 +20,12 @@ services:
       
       - --certificatesresolvers.staging.acme.email={email}
       - --certificatesresolvers.staging.acme.storage=/ssl-certs/acme.json
-      - --certificatesresolvers.staging.acme.caServer="https://acme-staging-v02.api.letsencrypt.org/directory"
+      - --certificatesresolvers.staging.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
       - --certificatesresolvers.staging.acme.httpChallenge.entryPoint=web
       
       - --certificatesresolvers.production.acme.email={email}
       - --certificatesresolvers.production.acme.storage=/ssl-certs/acme.json
-      - --certificatesresolvers.production.acme.caServer="https://acme-v02.api.letsencrypt.org/directory"
+      - --certificatesresolvers.production.acme.caServer=https://acme-v02.api.letsencrypt.org/directory
       - --certificatesresolvers.production.acme.httpChallenge.entryPoint=web
     ports:
       - "80:80"