This commit is contained in:
Adrian Amaglio 2023-06-08 09:34:51 +02:00
parent be32063fdc
commit 48a27ddf71
12 changed files with 198 additions and 49 deletions

View File

@ -24,6 +24,26 @@ function ipof {
resolv.sh "$1" resolv.sh "$1"
} }
function jcservice {
if [ "$#" -ne 2 ] ; then
echo "usage: $0 <action> <service>"
echo "action is start/stop/reload/restart"
echo "service is a jc service name"
exit 1
fi
action="$1"
service="$2"
if [ -f "/docker/$service/install.sh" ] ; then
section "Running install script"
. "/docker/$service/install.sh"
# Is $action a bash function?
if [ -n "$(LC_ALL=C type "$action" | head -n 1 | grep 'function')" ] ; then
"$action"
fi
unset -f start stop reload restart "$action"
fi
}
# Path to this directory # Path to this directory
here="$(where 'follow_links')" here="$(where 'follow_links')"
@ -94,13 +114,7 @@ for dir in /docker/* ; do
[ -d "$HTTP_DIR" ] && rm -r "$HTTP_DIR" [ -d "$HTTP_DIR" ] && rm -r "$HTTP_DIR"
fi fi
# If there is an install script? jcservice stop "$service"
if [ -x "/docker/$service/install.sh" ] ; then
section "Running install script"
. "/docker/$service/install.sh"
stop
unset -f start stop reload restart
fi
# TODO check for leftover wg interfaces # TODO check for leftover wg interfaces
continue continue
@ -123,14 +137,7 @@ for dir in /docker/* ; do
run docker-compose up -d --remove-orphans run docker-compose up -d --remove-orphans
fi fi
jcservice start "$service"
# If there is an install script
if [ -f "/docker/$service/install.sh" ] ; then
section "Running install script"
. "/docker/$service/install.sh"
start
unset -f start stop reload restart
fi
# If there is a wireguard vpn script # If there is a wireguard vpn script

View File

@ -0,0 +1,17 @@
#!/bin/bash
set -euo pipefail
if [ "$#" -ne 1 ] ; then
echo "Usage: $0 <wgif>"
exit 1
fi
wgif="$1"
if [ -z "$(ip a | grep "$wgif")" ] ; then
wg-quick up "$wgif"
else
wg syncconf "$wgif" <(wg-quick strip "$wgif")
fi

View File

@ -33,7 +33,7 @@ gm3._domainkey 10800 IN CNAME gm3.gandimail.net.
; Website classics ; Website classics
webmail 10800 IN CNAME webmail.gandi.net. webmail 10800 IN CNAME webmail.gandi.net.
www 10800 IN CNAME jean-cloud.org. www 10800 IN CNAME jean-cloud.net.
; Machines ; Machines
vandamme IN A 51.255.33.248 vandamme IN A 51.255.33.248

View File

@ -15,7 +15,8 @@ $TTL 604800
@ IN NS ns4.he.net. @ IN NS ns4.he.net.
@ IN NS ns5.he.net. @ IN NS ns5.he.net.
@ IN A 51.178.80.171 @ IN A 51.195.40.128
@ IN AAAA 2001:41d0:701:1100::31f
; Resolving nameserver ; Resolving nameserver

View File

@ -1,6 +1,6 @@
$TTL 604800 $TTL 604800
@ IN SOA max.jean-cloud.org. contact.jean-cloud.org. ( @ IN SOA max.jean-cloud.org. contact.jean-cloud.org. (
2023052300 ; Serial 2023060100 ; Serial
604800 ; Refresh 604800 ; Refresh
7200 ; Retry 7200 ; Retry
2419200 ; Expire 2419200 ; Expire
@ -27,18 +27,17 @@ _submission._tcp IN SRV 0 0 465 ssl0.ovh.net.
; web ; web
@ IN A 51.255.33.248 @ IN A 51.255.33.248
www IN CNAME vandamme.jean-cloud.net. www IN CNAME vandamme.jean-cloud.org.
www.registry IN CNAME nougaro.jean-cloud.net. registry IN CNAME montbonnot.jean-cloud.org.
registry IN CNAME nougaro.jean-cloud.net.
services IN CNAME nougaro.jean-cloud.net. radionimaitre IN CNAME tetede.jean-cloud.org.
www.radionimaitre IN CNAME tetede.jean-cloud.org.
paj IN CNAME nougaro.jean-cloud.org.
www.paj IN CNAME nougaro.jean-cloud.org.
radiodemo IN CNAME tetede.jean-cloud.org.
radiodemo-back IN CNAME montbonnot.jean-cloud.org.
radionimaitre IN CNAME tetede.jean-cloud.net.
www.radionimaitre IN CNAME tetede.jean-cloud.net.
paj IN CNAME nougaro.jean-cloud.net.
www.paj IN CNAME nougaro.jean-cloud.net.
radiodemo IN CNAME tetede.jean-cloud.net.
radiodemo-back IN CNAME montbonnot.jean-cloud.net.
;autoconfig IN SRV mailconfig.ovh.net. ;autoconfig IN SRV mailconfig.ovh.net.
@ -50,15 +49,15 @@ pop3 IN CNAME ssl0.ovh.net.
stream.paj._ports IN TXT 9002 stream.paj._ports IN TXT 9002
control.paj._ports IN TXT 9492 control.paj._ports IN TXT 9492
pa1.studios IN CNAME tetede.jean-cloud.net. pa1.studios IN CNAME tetede.jean-cloud.org.
montpellier1.studios IN CNAME tetede.jean-cloud.net. montpellier1.studios IN CNAME tetede.jean-cloud.org.
npm IN CNAME vandamme.jean-cloud.net. npm IN CNAME vandamme.jean-cloud.org.
www.npm IN CNAME vandamme.jean-cloud.net. www.npm IN CNAME vandamme.jean-cloud.org.
static IN CNAME vandamme.jean-cloud.net. static IN CNAME vandamme.jean-cloud.org.
www.static IN CNAME vandamme.jean-cloud.net. www.static IN CNAME vandamme.jean-cloud.org.
discordbot IN CNAME vandamme.jean-cloud.net. discordbot IN CNAME vandamme.jean-cloud.org.
www.discordbot IN CNAME vandamme.jean-cloud.net. www.discordbot IN CNAME vandamme.jean-cloud.org.

View File

View File

@ -0,0 +1,62 @@
version: '3'
services:
app:
image: jeancloud/site-benevole:dev-karna-debian
environment:
UID: 33
MOUNT: /
volumes:
- /tmp/uwsgi/$JC_SERVICE:/tmp/uwsgi
- $DATA_DIR/assets:/usr/src/app/assets
- $DATA_DIR/media:/usr/src/app/media
- $DATA_DIR/local_settings.py:/usr/src/app/site_benevole/local_settings.py
restart: unless-stopped
networks:
default:
ipv4_address: 172.16.17.100
redis:
image: redis
db:
image: postgres:9.6-alpine
env_file: $DATA_DIR/postgres.env
environment:
POSTGRES_USER: benevoles
POSTGRES_DB: benevoles
volumes:
- $DATA_DIR/db:/var/lib/postgresql/data
networks:
default:
ipv4_address: 172.16.17.101
# app2:
# image: jeancloud/site-benevole:dev-karna-debian
# environment:
# UID: 33
# MOUNT: /
# volumes:
# - /tmp/uwsgi/app2/$JC_SERVICE:/tmp/uwsgi
# - $DATA_DIR/app2/assets:/usr/src/app/assets
# - $DATA_DIR/app2/media:/usr/src/app/media
# - $DATA_DIR/app2/local_settings.py:/usr/src/app/site_benevole/local_settings.py
# restart: unless-stopped
# networks:
# default:
# ipv4_address: 172.29.17.110
#
# db2:
# image: postgres:9.6-alpine
# env_file: $DATA_DIR/postgres.env
# environment:
# POSTGRES_USER: benevoles
# POSTGRES_DB: benevoles
# volumes:
# - $DATA_DIR/db2:/var/lib/postgresql/data
# networks:
# default:
# ipv4_address: 172.29.17.111
networks:
default:
ipam:
config:
- subnet: 172.16.17.0/24

View File

@ -0,0 +1,55 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/$JC_SERVICE/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$JC_SERVICE/privkey.pem;
server_name $JC_SERVICE benevoles.karnaval.fr;
root $DATA_DIR/assets;
gzip on;
gzip_static on;
gzip_types application/javascript image/* text/css application/font-woff application/font-woff2;
gunzip on;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_buffer_size 4k;
client_max_body_size 4M;
location / {
include uwsgi_params;
uwsgi_pass unix:/tmp/uwsgi/$JC_SERVICE/uwsgi.sock;
}
location = /favicon.ico {
root $DATA_DIR/assets/;
}
location = /favicon-admin.ico {
root $DATA_DIR/assets/;
}
location /assets/ {
alias $DATA_DIR/assets/;
access_log off;
sendfile on;
tcp_nopush on;
sendfile_max_chunk 1m;
keepalive_timeout 65;
location ~* \.(jpg|jpeg|png|gif|ico|woff|woff2)$ {
access_log off;
expires 5d;
}
}
location /media/ {
alias $DATA_DIR/media/;
access_log off;
sendfile on;
tcp_nopush on;
sendfile_max_chunk 1m;
keepalive_timeout 65;
}
}

View File

@ -9,3 +9,7 @@ start() {
restart () { restart () {
start start
} }
stop () {
:
}

View File

@ -10,3 +10,7 @@ start() {
restart () { restart () {
start start
} }
stop () {
:
}

View File

@ -1,7 +1,7 @@
version: '3' version: '3'
services: services:
ambre_mux: ambre_mux:
image: registry.oma-radio.fr/mux:$OMA_DOCKER_VERSION image: jeancloud/mux:$OMA_DOCKER_VERSION
env_file: .env env_file: .env
environment: environment:
OMA_CONFIG_Client1Host: $NET.108 OMA_CONFIG_Client1Host: $NET.108
@ -22,7 +22,7 @@ services:
saphir_telecom_server: saphir_telecom_server:
image: registry.oma-radio.fr/telecom-server:$OMA_DOCKER_VERSION image: jeancloud/telecom-server:$OMA_DOCKER_VERSION
env_file: .env env_file: .env
ports: ports:
- $TELECOM_SERVER_PORT:3490 - $TELECOM_SERVER_PORT:3490
@ -37,7 +37,7 @@ services:
memory: 100M memory: 100M
anthracite_jukebox: anthracite_jukebox:
image: registry.oma-radio.fr/jukebox:$OMA_DOCKER_VERSION image: jeancloud/jukebox:$OMA_DOCKER_VERSION
env_file: .env env_file: .env
environment: environment:
OMA_CONFIG_TelecommandeHost: $NET$TELECOM OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -56,7 +56,7 @@ services:
memory: 100M memory: 100M
azurite_jukebox_simulator: azurite_jukebox_simulator:
image: registry.oma-radio.fr/jukebox-simulator:$OMA_DOCKER_VERSION image: jeancloud/jukebox-simulator:$OMA_DOCKER_VERSION
env_file: .env env_file: .env
environment: environment:
OMA_CONFIG_TelecommandeHost: $NET$TELECOM OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -73,13 +73,13 @@ services:
memory: 100M memory: 100M
# aventurine_transcode: # aventurine_transcode:
# image: registry.oma-radio.fr/transcode:$OMA_DOCKER_VERSION # image: jeancloud/transcode:$OMA_DOCKER_VERSION
# env_file: .env # env_file: .env
# restart: unless-stopped # restart: unless-stopped
agate_importer: agate_importer:
image: registry.oma-radio.fr/baseimport:$OMA_DOCKER_VERSION image: jeancloud/baseimport:$OMA_DOCKER_VERSION
env_file: .env env_file: .env
environment: environment:
OMA_CONFIG_TelecommandeHost: $NET$TELECOM OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -96,7 +96,7 @@ services:
memory: 500M memory: 500M
amarante_webserver: amarante_webserver:
image: registry.oma-radio.fr/webserver:$OMA_DOCKER_VERSION image: jeancloud/webserver:$OMA_DOCKER_VERSION
env_file: .env env_file: .env
environment: environment:
OMA_CONFIG_TelecommandeHost: $NET$TELECOM OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -114,7 +114,7 @@ services:
memory: 100M memory: 100M
rubis_base_mg: rubis_base_mg:
image: registry.oma-radio.fr/base-mg:$OMA_DOCKER_VERSION image: jeancloud/base-mg:$OMA_DOCKER_VERSION
env_file: .env env_file: .env
environment: environment:
OMA_CONFIG_TelecommandeHost: $NET$TELECOM OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -132,7 +132,7 @@ services:
system_api: system_api:
image: registry.oma-radio.fr/system-api:dev image: jeancloud/system-api:dev
env_file: .env env_file: .env
environment: environment:
OMA_CONFIG_TelecommandeHost: $NET$TELECOM OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -167,7 +167,7 @@ services:
ipv4_address: $NET.108 ipv4_address: $NET.108
#radioking: #radioking:
# image: registry.oma-radio.fr/liquidsoap:1.3.7 # image: jeancloud/liquidsoap:1.3.7
# env_file: .env # env_file: .env
# volumes: # volumes:
# - ./radioking.liq:/radioking.liq # - ./radioking.liq:/radioking.liq
@ -178,7 +178,7 @@ services:
# ipv4_address: $NET.111 # ipv4_address: $NET.111
#ammolite_mp3_addon: #ammolite_mp3_addon:
# image: registry.oma-radio.fr/mp3addon:$OMA_DOCKER_VERSION # image: jeancloud/mp3addon:$OMA_DOCKER_VERSION
# env_file: .env # env_file: .env
# environment: # environment:
# OMA_CONFIG_TelecommandeHost: $NET.101 # OMA_CONFIG_TelecommandeHost: $NET.101

View File

@ -4,7 +4,7 @@ set -euo pipefail
. .env . .env
[ -f "$DATA_DIR/privatekey" ] || echo 'No privatekey found' && exit 1 [ -f "$DATA_DIR/privatekey" ] || { echo 'No privatekey found' && exit 1 ; }
echo " echo "
[Interface] [Interface]