me/env-docker
me/env-docker
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes and Enhancements (#16)

Browse Source 
* Add more instructions after successfully creating a new subdomain.

* Update the container name.

* Add a just-in-case step.

* Add an alias and improve comments.

* Fix manage path.

* Add limits but no reservations for PP. Start off somewhat relaxed rather than strict.

* Always restart PP containers.

* Move URL to env file. Do not recommend using HTTPS in the value.

* Format comments.

* Put commands in shells so they cannot exit the full program.

* Updating apps like this did not seem to be working, but also do not want it to work anymore.
This commit is contained in:
Hyperling 2023-10-17 04:35:57 -07:00 committed by GitHub
parent eb79978adf
commit f45cc326fc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 47 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Config/Nextcloud/cron.sh
View File

@ -12,10 +12,11 @@ if (( $RUNNING > 0 )); then
fi fi
# 2023-08-25 From crontab. # 2023-08-25 From crontab.
docker exec -u www-data nc-app php cron.php --define apc.enable_cli=1 sh -c "docker exec -u www-data nc-app php cron.php --define apc.enable_cli=1"
# 2023-08-25 From fixes.sh, keep ownership correct and apps up to date. # 2023-08-25 From fixes.sh, keep ownership correct and apps up to date.
docker exec -it nc-app chown -Rc www-data:www-data . sh -c "docker exec -it nc-app chown -Rc www-data:www-data ."
docker exec -itu www-data nc-app ./occ app:update --all # No longer update apps in advance of NC updates, allow the upgrade process to do it.
#sh -c "docker exec -itu www-data nc-app ./occ app:update --all"
exit 0 exit 0

19
Config/PhotoPrism/docker-compose.yml
View File

@ -28,7 +28,6 @@
# #
# CLI Commands: # CLI Commands:
# - https://docs.photoprism.app/getting-started/docker-compose/#command-line-interface # - https://docs.photoprism.app/getting-started/docker-compose/#command-line-interface
#
## ##
## ##
@ -46,6 +45,7 @@ services:
## If the service gets stuck in a restart loop, this points to a memory, filesystem, network, or database issue: ## If the service gets stuck in a restart loop, this points to a memory, filesystem, network, or database issue:
## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors ## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors
#restart: unless-stopped #restart: unless-stopped
restart: always
stop_grace_period: 10s stop_grace_period: 10s
depends_on: depends_on:
- pp-db - pp-db
@ -58,7 +58,7 @@ services:
PHOTOPRISM_ADMIN_USER: $PHOTOPRISM_ADMIN_USER # admin login username PHOTOPRISM_ADMIN_USER: $PHOTOPRISM_ADMIN_USER # admin login username
PHOTOPRISM_ADMIN_PASSWORD: $PHOTOPRISM_ADMIN_PASSWORD # initial admin password (8-72 characters) PHOTOPRISM_ADMIN_PASSWORD: $PHOTOPRISM_ADMIN_PASSWORD # initial admin password (8-72 characters)
PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password)
PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_SITE_URL: $PHOTOPRISM_SITE_URL # server URL in the format "http(s)://domain.name(:port)/(path)"
PHOTOPRISM_DISABLE_TLS: "false" # disables HTTPS/TLS even if the site URL starts with https:// and a certificate is available PHOTOPRISM_DISABLE_TLS: "false" # disables HTTPS/TLS even if the site URL starts with https:// and a certificate is available
PHOTOPRISM_DEFAULT_TLS: "true" # defaults to a self-signed HTTPS/TLS certificate if no other certificate is available PHOTOPRISM_DEFAULT_TLS: "true" # defaults to a self-signed HTTPS/TLS certificate if no other certificate is available
PHOTOPRISM_ORIGINALS_LIMIT: $PHOTOPRISM_ORIGINALS_LIMIT # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_ORIGINALS_LIMIT: $PHOTOPRISM_ORIGINALS_LIMIT # file size limit for originals in MB (increase for high-res video)
@ -119,6 +119,12 @@ services:
# *Optional* base folder from which files can be imported to originals # *Optional* base folder from which files can be imported to originals
# Importing reorganizes files+folders, would rather they remain intact. # Importing reorganizes files+folders, would rather they remain intact.
#- "../../Volumes/PhotoPrism/imports_go_here:/photoprism/import" #- "../../Volumes/PhotoPrism/imports_go_here:/photoprism/import"
deploy:
mode: global
resources:
limits:
cpus: '2.00'
memory: 2G
## Database Server (recommended) ## Database Server (recommended)
## see https://docs.photoprism.app/getting-started/faq/#should-i-use-sqlite-mariadb-or-mysql ## see https://docs.photoprism.app/getting-started/faq/#should-i-use-sqlite-mariadb-or-mysql
@ -127,7 +133,8 @@ services:
image: mariadb:10.11 image: mariadb:10.11
## If MariaDB gets stuck in a restart loop, this points to a memory or filesystem issue: ## If MariaDB gets stuck in a restart loop, this points to a memory or filesystem issue:
## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors ## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors
restart: unless-stopped #restart: unless-stopped
restart: always
stop_grace_period: 5s stop_grace_period: 5s
security_opt: # see https://github.com/MariaDB/mariadb-docker/issues/434#issuecomment-1136151239 security_opt: # see https://github.com/MariaDB/mariadb-docker/issues/434#issuecomment-1136151239
- seccomp:unconfined - seccomp:unconfined
@ -143,6 +150,12 @@ services:
MARIADB_USER: $MARIADB_USER MARIADB_USER: $MARIADB_USER
MARIADB_PASSWORD: $MARIADB_PASSWORD MARIADB_PASSWORD: $MARIADB_PASSWORD
MARIADB_ROOT_PASSWORD: $MARIADB_ROOT_PASSWORD MARIADB_ROOT_PASSWORD: $MARIADB_ROOT_PASSWORD
deploy:
mode: global
resources:
limits:
cpus: '0.50'
memory: 512M
# Configured but not using this, would prefer to update manually, and the # Configured but not using this, would prefer to update manually, and the
# volume needs also seem sort of odd. Do not want it to harm other projects. # volume needs also seem sort of odd. Do not want it to harm other projects.

6
Config/PhotoPrism/env.example
View File

@ -7,6 +7,12 @@
PHOTOPRISM_ADMIN_USER = "admin" # admin login username PHOTOPRISM_ADMIN_USER = "admin" # admin login username
PHOTOPRISM_ADMIN_PASSWORD = "PleaseChangeMe" # initial admin password (8-72 characters) PHOTOPRISM_ADMIN_PASSWORD = "PleaseChangeMe" # initial admin password (8-72 characters)
# External FQDN
# Should be in the format "http(s)://domain.name(:port)/(path)".
# Seems to work best if you leave off the s if behind a revese proxy,
# such as: PHOTOPRISM_SITE_URL = "http://photoprism.example.com"
PHOTOPRISM_SITE_URL = "http://localhost:2342"
# Max Storage Space? # Max Storage Space?
PHOTOPRISM_ORIGINALS_LIMIT = 5000 # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_ORIGINALS_LIMIT = 5000 # file size limit for originals in MB (increase for high-res video)

9
Config/ReverseProxy/README.md
View File

@ -72,3 +72,12 @@ If wanted as a one-line command:
``` ```
# docker compose down && docker compose build && docker compose up -d # docker compose down && docker compose build && docker compose up -d
``` ```
## Add New Config
1. Modify your `./config/hosts/domain` file and add the resource.
1. Create the `./config/conf.d/fqdn` file as needed, using the resource.
1. (Optional) If the system needs a cert added, run the placeholder script.
1. Restart the project based on Update Config above.
1. (Optional) Now you may run the letsencrypt script for a real certificate.
1. (Optional) Run another Update Config to make sure the certs are loaded.
1. Done! If set up correctly the site should be live.

6
Config/ReverseProxy/create_letsencrypt_certs.sh
View File

@ -21,7 +21,7 @@ if [[ ! -d $CERT_DIR ]]; then
fi fi
# The container needs to be running in order to use the certbot command. # The container needs to be running in order to use the certbot command.
certbot_running=`docker ps | grep -c reverseproxy-certbot-1` certbot_running=`docker ps | grep -c rp-certbot`
if [[ $certbot_running != 1 ]]; then if [[ $certbot_running != 1 ]]; then
echo "ERROR: Certbot container does not appear to be running, cannot continue." >&2 echo "ERROR: Certbot container does not appear to be running, cannot continue." >&2
exit 1 exit 1
@ -85,12 +85,12 @@ grep -l proxy_pass $DIR/config/conf.d/*.* | while read file; do
echo "Domains='$domains'" echo "Domains='$domains'"
echo "Attempting to create certs at $CERT_DIR/$filename." echo "Attempting to create certs at $CERT_DIR/$filename."
docker exec reverseproxy-certbot-1 \ docker exec rp-certbot \
certbot certonly -n --webroot $dry_run \ certbot certonly -n --webroot $dry_run \
-w /etc/letsencrypt --agree-tos -m $email -d $filename -w /etc/letsencrypt --agree-tos -m $email -d $filename
if [[ -z $dry_run ]]; then if [[ -z $dry_run ]]; then
docker exec reverseproxy-certbot-1 \ docker exec rp-certbot \
sh -c "cp -rL /etc/letsencrypt/live/$filename /etc/letsencrypt/nginx/" sh -c "cp -rL /etc/letsencrypt/live/$filename /etc/letsencrypt/nginx/"
ls -lh $CERT_DIR/$filename/* ls -lh $CERT_DIR/$filename/*
fi fi

8
source.env
View File

@ -12,12 +12,20 @@ if [[ "$DIR" == '.'* ]]; then
cd "$RETURN" cd "$RETURN"
fi fi
## Variables ##
DOCKER_HOME="$DIR" DOCKER_HOME="$DIR"
DOCKER_PATH="$DOCKER_HOME/bin" DOCKER_PATH="$DOCKER_HOME/bin"
PATH="$DOCKER_PATH:$PATH" PATH="$DOCKER_PATH:$PATH"
export DOCKER_HOME DOCKER_PATH PATH export DOCKER_HOME DOCKER_PATH PATH
## Aliases ##
alias manage="$DOCKER_HOME/bin/manage.sh"
## Validations ##
if [[ -e $DOCKER_HOME/$PROG ]]; then if [[ -e $DOCKER_HOME/$PROG ]]; then
echo "'$DOCKER_HOME/$PROG' has been loaded successfully." echo "'$DOCKER_HOME/$PROG' has been loaded successfully."
else else