Viyurz/vps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[podman] Add Syncthing

Browse source
This commit is contained in:
Viyurz 2024-10-07 14:42:58 +02:00
parent 26dd365b80
commit 728375f957
Signed by: Viyurz
SSH key fingerprint: SHA256:IskOHTmhHSJIvAt04N6aaxd5SZCVWW1Guf9tEcxIMj8
7 changed files with 98 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
manage.py
View file

@ -166,6 +166,11 @@ def setupProj(project):
setPerms(renderedFilename, 640) setPerms(renderedFilename, 640)
setOwner(renderedFilename, os.getuid(), getUid(project)) setOwner(renderedFilename, os.getuid(), getUid(project))
if project in env['volumes']:
for volume in env['volumes'][project].values():
setPerms(volume, 750)
setOwner(volume, getUid(project), getUid(project))
upProj(project) upProj(project)

4
projects/coturn/compose.yaml.mako
View file

@ -17,4 +17,6 @@ services:
- ${env['certs']['coturn']['cert']}:/etc/coturn/cert.pem:ro - ${env['certs']['coturn']['cert']}:/etc/coturn/cert.pem:ro
- ${env['certs']['coturn']['pkey']}:/etc/coturn/pkey.pem:ro - ${env['certs']['coturn']['pkey']}:/etc/coturn/pkey.pem:ro
${env['networks_attr']} networks:
default:
enable_ipv6: true

4
projects/diun/compose.yaml.mako
View file

@ -11,7 +11,9 @@ services:
- ./images.yml:/etc/diun/images.yml:ro - ./images.yml:/etc/diun/images.yml:ro
- data:/data - data:/data
${env['networks_attr']} networks:
default:
enable_ipv6: true
volumes: volumes:
data: data:

4
projects/searxng/compose.yaml.mako
View file

@ -22,7 +22,9 @@ services:
volumes: volumes:
- valkey:/data - valkey:/data
${env['networks_attr']} networks:
default:
enable_ipv6: true
volumes: volumes:
valkey: valkey:

57
projects/syncthing/compose.yaml.mako Normal file
View file

@ -0,0 +1,57 @@
services:
syncthing:
container_name: syncthing
image: docker.io/syncthing/syncthing:1
restart: always
user: ${env['users']['syncthing']}:${env['users']['syncthing']}
environment:
- PUID=${env['users']['syncthing']}
- PGID=${env['users']['syncthing']}
ports:
- 127.0.0.1:${env['ports']['syncthing_webui']}:8384 # Web UI
- ${env['ports']['syncthing_tcp']}:22000/tcp # TCP file transfers
- ${env['ports']['syncthing_udp']}:22000/udp # QUIC file transfers
volumes:
- ${env['volumes']['syncthing']['datadir']}:/var/syncthing
stdiscosrv:
container_name: syncthing-discosrv
image: docker.io/syncthing/discosrv:1
restart: always
command:
- "-http"
environment:
- PUID=${env['users']['syncthing_discosrv']}
- PGID=${env['users']['syncthing_discosrv']}
networks:
- discosrv
ports:
- 127.0.0.1:${env['ports']['syncthing_discosrv']}:8443
strelaysrv:
container_name: syncthing-relaysrv
image: docker.io/syncthing/relaysrv:1
restart: always
command:
- '-ext-address=:${env['ports']["syncthing_relaysrv"]}'
- '-pools='
environment:
- PUID=${env['users']['syncthing_relaysrv']}
- PGID=${env['users']['syncthing_relaysrv']}
networks:
- relaysrv
ports:
- 22067:22067
volumes:
- strelaysrv:/var/strelaysrv
networks:
default:
enable_ipv6: true
discosrv:
enable_ipv6: true
relaysrv:
enable_ipv6: true
volumes:
strelaysrv:

45
pyenv.yml
View file

@ -69,12 +69,6 @@ certs:
pkey: "/etc/letsencrypt/live/mail.viyurz.fr/privkey.pem" pkey: "/etc/letsencrypt/live/mail.viyurz.fr/privkey.pem"
networks_attr: |
networks:
default:
enable_ipv6: true
# Ports exposed to host # Ports exposed to host
ports: ports:
coturn_listening: 3478 coturn_listening: 3478
@ -96,8 +90,7 @@ ports:
stump: 10801 stump: 10801
synapse: 8008 synapse: 8008
syncthing_discosrv: 8443 syncthing_discosrv: 8443
# Public port, forwarded to 22067 by nftables syncthing_relaysrv: 143 # Public port, forwarded to 22067 by nftables
syncthing_relaysrv: 143
syncthing_webui: 8384 syncthing_webui: 8384
syncthing_tcp: 18880 syncthing_tcp: 18880
syncthing_udp: 22000 syncthing_udp: 22000
@ -128,16 +121,26 @@ users:
volumes: volumes:
etebase_datadir: /mnt/etebasedata etebase:
fireshare_datadir: /mnt/firesharedata datadir: /mnt/etebasedata
fireshare_processeddir: /mnt/storagebox/fireshare/processed fireshare:
fireshare_videosdir: /mnt/storagebox/fireshare/videos datadir: /mnt/firesharedata
hedgedoc_uploadsdir: /mnt/hedgedocuploads processeddir: /mnt/storagebox/fireshare/processed
mailserver_datadir: /mnt/mailserver videosdir: /mnt/storagebox/fireshare/videos
postgres_datadir: /mnt/postgresdata hedgedoc:
stump_configdir: /mnt/stump/config uploadsdir: /mnt/hedgedocuploads
stump_datadir: /mnt/stump/data mailserver:
synapse_datadir: /mnt/synapsedata datadir: /mnt/mailserver
syncthing_datadir: "{env['cifs_mounts']['syncthing']['path']}" postgres:
uptime_kuma_datadir: /mnt/uptimekumadata datadir: /mnt/postgresdata
vaultwarden_datadir: /mnt/vwdata stump:
configdir: /mnt/stump/config
datadir: /mnt/stump/data
synapse:
datadir: /mnt/synapsedata
syncthing:
datadir: /mnt/storagebox/syncthing
uptimekuma:
datadir: /mnt/uptimekumadata
vaultwarden:
datadir: /mnt/vwdata

6
setup.sh
View file

@ -31,8 +31,8 @@ fi
declare -A sysctl_vars=( declare -A sysctl_vars=(
[vm.overcommit_memory]=1 [vm.overcommit_memory]=1
[net.core.wmem_max]=2500000 [net.core.wmem_max]=7500000
[net.core.rmem_max]=2500000 [net.core.rmem_max]=7500000
) )
echo -n "" | sudo tee /etc/sysctl.d/podman.conf echo -n "" | sudo tee /etc/sysctl.d/podman.conf
@ -40,7 +40,7 @@ for key in "${!sysctl_vars[@]}"; do
value="${sysctl_vars[$key]}" value="${sysctl_vars[$key]}"
echo "$key = $value" | sudo tee -a /etc/sysctl.d/podman.conf echo "$key = $value" | sudo tee -a /etc/sysctl.d/podman.conf
done done
sudo sysctl -p sudo sysctl -p /etc/sysctl.d/podman.conf
sudo systemctl enable --now nftables sudo systemctl enable --now nftables