[podman] Add Syncthing
This commit is contained in:
parent
26dd365b80
commit
728375f957
7 changed files with 98 additions and 27 deletions
|
@ -166,6 +166,11 @@ def setupProj(project):
|
||||||
setPerms(renderedFilename, 640)
|
setPerms(renderedFilename, 640)
|
||||||
setOwner(renderedFilename, os.getuid(), getUid(project))
|
setOwner(renderedFilename, os.getuid(), getUid(project))
|
||||||
|
|
||||||
|
if project in env['volumes']:
|
||||||
|
for volume in env['volumes'][project].values():
|
||||||
|
setPerms(volume, 750)
|
||||||
|
setOwner(volume, getUid(project), getUid(project))
|
||||||
|
|
||||||
upProj(project)
|
upProj(project)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -17,4 +17,6 @@ services:
|
||||||
- ${env['certs']['coturn']['cert']}:/etc/coturn/cert.pem:ro
|
- ${env['certs']['coturn']['cert']}:/etc/coturn/cert.pem:ro
|
||||||
- ${env['certs']['coturn']['pkey']}:/etc/coturn/pkey.pem:ro
|
- ${env['certs']['coturn']['pkey']}:/etc/coturn/pkey.pem:ro
|
||||||
|
|
||||||
${env['networks_attr']}
|
networks:
|
||||||
|
default:
|
||||||
|
enable_ipv6: true
|
||||||
|
|
|
@ -11,7 +11,9 @@ services:
|
||||||
- ./images.yml:/etc/diun/images.yml:ro
|
- ./images.yml:/etc/diun/images.yml:ro
|
||||||
- data:/data
|
- data:/data
|
||||||
|
|
||||||
${env['networks_attr']}
|
networks:
|
||||||
|
default:
|
||||||
|
enable_ipv6: true
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
data:
|
data:
|
||||||
|
|
|
@ -22,7 +22,9 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- valkey:/data
|
- valkey:/data
|
||||||
|
|
||||||
${env['networks_attr']}
|
networks:
|
||||||
|
default:
|
||||||
|
enable_ipv6: true
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
valkey:
|
valkey:
|
||||||
|
|
57
projects/syncthing/compose.yaml.mako
Normal file
57
projects/syncthing/compose.yaml.mako
Normal file
|
@ -0,0 +1,57 @@
|
||||||
|
services:
|
||||||
|
syncthing:
|
||||||
|
container_name: syncthing
|
||||||
|
image: docker.io/syncthing/syncthing:1
|
||||||
|
restart: always
|
||||||
|
user: ${env['users']['syncthing']}:${env['users']['syncthing']}
|
||||||
|
environment:
|
||||||
|
- PUID=${env['users']['syncthing']}
|
||||||
|
- PGID=${env['users']['syncthing']}
|
||||||
|
ports:
|
||||||
|
- 127.0.0.1:${env['ports']['syncthing_webui']}:8384 # Web UI
|
||||||
|
- ${env['ports']['syncthing_tcp']}:22000/tcp # TCP file transfers
|
||||||
|
- ${env['ports']['syncthing_udp']}:22000/udp # QUIC file transfers
|
||||||
|
volumes:
|
||||||
|
- ${env['volumes']['syncthing']['datadir']}:/var/syncthing
|
||||||
|
|
||||||
|
stdiscosrv:
|
||||||
|
container_name: syncthing-discosrv
|
||||||
|
image: docker.io/syncthing/discosrv:1
|
||||||
|
restart: always
|
||||||
|
command:
|
||||||
|
- "-http"
|
||||||
|
environment:
|
||||||
|
- PUID=${env['users']['syncthing_discosrv']}
|
||||||
|
- PGID=${env['users']['syncthing_discosrv']}
|
||||||
|
networks:
|
||||||
|
- discosrv
|
||||||
|
ports:
|
||||||
|
- 127.0.0.1:${env['ports']['syncthing_discosrv']}:8443
|
||||||
|
|
||||||
|
strelaysrv:
|
||||||
|
container_name: syncthing-relaysrv
|
||||||
|
image: docker.io/syncthing/relaysrv:1
|
||||||
|
restart: always
|
||||||
|
command:
|
||||||
|
- '-ext-address=:${env['ports']["syncthing_relaysrv"]}'
|
||||||
|
- '-pools='
|
||||||
|
environment:
|
||||||
|
- PUID=${env['users']['syncthing_relaysrv']}
|
||||||
|
- PGID=${env['users']['syncthing_relaysrv']}
|
||||||
|
networks:
|
||||||
|
- relaysrv
|
||||||
|
ports:
|
||||||
|
- 22067:22067
|
||||||
|
volumes:
|
||||||
|
- strelaysrv:/var/strelaysrv
|
||||||
|
|
||||||
|
networks:
|
||||||
|
default:
|
||||||
|
enable_ipv6: true
|
||||||
|
discosrv:
|
||||||
|
enable_ipv6: true
|
||||||
|
relaysrv:
|
||||||
|
enable_ipv6: true
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
strelaysrv:
|
45
pyenv.yml
45
pyenv.yml
|
@ -69,12 +69,6 @@ certs:
|
||||||
pkey: "/etc/letsencrypt/live/mail.viyurz.fr/privkey.pem"
|
pkey: "/etc/letsencrypt/live/mail.viyurz.fr/privkey.pem"
|
||||||
|
|
||||||
|
|
||||||
networks_attr: |
|
|
||||||
networks:
|
|
||||||
default:
|
|
||||||
enable_ipv6: true
|
|
||||||
|
|
||||||
|
|
||||||
# Ports exposed to host
|
# Ports exposed to host
|
||||||
ports:
|
ports:
|
||||||
coturn_listening: 3478
|
coturn_listening: 3478
|
||||||
|
@ -96,8 +90,7 @@ ports:
|
||||||
stump: 10801
|
stump: 10801
|
||||||
synapse: 8008
|
synapse: 8008
|
||||||
syncthing_discosrv: 8443
|
syncthing_discosrv: 8443
|
||||||
# Public port, forwarded to 22067 by nftables
|
syncthing_relaysrv: 143 # Public port, forwarded to 22067 by nftables
|
||||||
syncthing_relaysrv: 143
|
|
||||||
syncthing_webui: 8384
|
syncthing_webui: 8384
|
||||||
syncthing_tcp: 18880
|
syncthing_tcp: 18880
|
||||||
syncthing_udp: 22000
|
syncthing_udp: 22000
|
||||||
|
@ -128,16 +121,26 @@ users:
|
||||||
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
etebase_datadir: /mnt/etebasedata
|
etebase:
|
||||||
fireshare_datadir: /mnt/firesharedata
|
datadir: /mnt/etebasedata
|
||||||
fireshare_processeddir: /mnt/storagebox/fireshare/processed
|
fireshare:
|
||||||
fireshare_videosdir: /mnt/storagebox/fireshare/videos
|
datadir: /mnt/firesharedata
|
||||||
hedgedoc_uploadsdir: /mnt/hedgedocuploads
|
processeddir: /mnt/storagebox/fireshare/processed
|
||||||
mailserver_datadir: /mnt/mailserver
|
videosdir: /mnt/storagebox/fireshare/videos
|
||||||
postgres_datadir: /mnt/postgresdata
|
hedgedoc:
|
||||||
stump_configdir: /mnt/stump/config
|
uploadsdir: /mnt/hedgedocuploads
|
||||||
stump_datadir: /mnt/stump/data
|
mailserver:
|
||||||
synapse_datadir: /mnt/synapsedata
|
datadir: /mnt/mailserver
|
||||||
syncthing_datadir: "{env['cifs_mounts']['syncthing']['path']}"
|
postgres:
|
||||||
uptime_kuma_datadir: /mnt/uptimekumadata
|
datadir: /mnt/postgresdata
|
||||||
vaultwarden_datadir: /mnt/vwdata
|
stump:
|
||||||
|
configdir: /mnt/stump/config
|
||||||
|
datadir: /mnt/stump/data
|
||||||
|
synapse:
|
||||||
|
datadir: /mnt/synapsedata
|
||||||
|
syncthing:
|
||||||
|
datadir: /mnt/storagebox/syncthing
|
||||||
|
uptimekuma:
|
||||||
|
datadir: /mnt/uptimekumadata
|
||||||
|
vaultwarden:
|
||||||
|
datadir: /mnt/vwdata
|
||||||
|
|
6
setup.sh
6
setup.sh
|
@ -31,8 +31,8 @@ fi
|
||||||
|
|
||||||
declare -A sysctl_vars=(
|
declare -A sysctl_vars=(
|
||||||
[vm.overcommit_memory]=1
|
[vm.overcommit_memory]=1
|
||||||
[net.core.wmem_max]=2500000
|
[net.core.wmem_max]=7500000
|
||||||
[net.core.rmem_max]=2500000
|
[net.core.rmem_max]=7500000
|
||||||
)
|
)
|
||||||
|
|
||||||
echo -n "" | sudo tee /etc/sysctl.d/podman.conf
|
echo -n "" | sudo tee /etc/sysctl.d/podman.conf
|
||||||
|
@ -40,7 +40,7 @@ for key in "${!sysctl_vars[@]}"; do
|
||||||
value="${sysctl_vars[$key]}"
|
value="${sysctl_vars[$key]}"
|
||||||
echo "$key = $value" | sudo tee -a /etc/sysctl.d/podman.conf
|
echo "$key = $value" | sudo tee -a /etc/sysctl.d/podman.conf
|
||||||
done
|
done
|
||||||
sudo sysctl -p
|
sudo sysctl -p /etc/sysctl.d/podman.conf
|
||||||
|
|
||||||
|
|
||||||
sudo systemctl enable --now nftables
|
sudo systemctl enable --now nftables
|
||||||
|
|
Loading…
Reference in a new issue