From dce5b863ae2c53b93375f44f46554c2ab2679e20 Mon Sep 17 00:00:00 2001 From: Gal Date: Tue, 2 Jan 2024 23:47:54 +0700 Subject: [PATCH] Use env vars --- Makefile | 20 ++++++++++++++ gitea/docker-compose.yml | 2 +- homepage/docker-compose.yml | 6 ++--- linkding/docker-compose.yml | 2 +- nextcloud/docker-compose.yml | 12 ++++----- photoprism/docker-compose.yml | 4 +-- restic/docker-compose.yml | 6 ++--- syncthing/docker-compose.yml | 2 +- traefik/docker-compose.yml | 51 +++++++++++++++++------------------ 9 files changed, 62 insertions(+), 43 deletions(-) create mode 100644 Makefile diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..d4e0dbe --- /dev/null +++ b/Makefile @@ -0,0 +1,20 @@ +include .env + +SERVICES = actualbudget gitea homepage linkding nextcloud photoprism restic syncthing traefik + +# Default target: upload .env files for all services +upload: $(addprefix upload-,$(SERVICES)) + +# Target to upload .env file for a specific service +upload-%: + @echo "🚀 Uploading .env file for $* service..." + scp $*/.env $(REMOTE_USER)@$(REMOTE_HOST):$(REMOTE_PATH)/$*/ + @echo "✅ Uploaded .env file for $* service successfully." + +# Usage instructions +help: + @echo "📋 Usage: make [target]" + @echo "" + @echo "🎯 Targets:" + @echo " upload 📤 Upload .env files for all services" + @echo " upload-service 📤 Upload .env file for a specific service (e.g., upload-actualbudget)" \ No newline at end of file diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 4df6b9e..6718689 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -34,7 +34,7 @@ services: - db labels: - "traefik.enable=true" - - "traefik.http.routers.gitea.rule=Host(`git.velouria.dev`)" + - "traefik.http.routers.gitea.rule=Host(${HOST})" - "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.routers.gitea.tls.certresolver=myresolver" - "traefik.http.services.gitea.loadbalancer.server.port=3000" diff --git a/homepage/docker-compose.yml b/homepage/docker-compose.yml index 8c88556..ce194d9 100644 --- a/homepage/docker-compose.yml +++ b/homepage/docker-compose.yml @@ -7,8 +7,8 @@ services: PUID: 1000 PGID: 1000 ports: - - "100.104.163.2:4004:3000" + - "${HOST}:4004:3000" volumes: - - ${PWD}/config:/app/config # Make sure your local config directory exists - - /var/run/docker.sock:/var/run/docker.sock:ro # optional, for docker integrations + - ${PWD}/config:/app/config + - /var/run/docker.sock:/var/run/docker.sock:ro restart: unless-stopped \ No newline at end of file diff --git a/linkding/docker-compose.yml b/linkding/docker-compose.yml index 253321e..0f12f4a 100644 --- a/linkding/docker-compose.yml +++ b/linkding/docker-compose.yml @@ -5,7 +5,7 @@ services: container_name: "${LD_CONTAINER_NAME:-linkding}" image: sissbruecker/linkding:latest ports: - - "100.104.163.2:${LD_HOST_PORT:-9090}:9090" + - "${LD_HOST}:${LD_HOST_PORT:-9090}:9090" volumes: - "${LD_HOST_DATA_DIR:-./data}:/etc/linkding/data" env_file: diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index daeba28..a603f9c 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -19,7 +19,7 @@ services: image: nextcloud:latest restart: always ports: - - "100.104.163.2:8080:80" + - "${HOST}:8080:80" volumes: - ${PWD}/nextcloud:/var/www/html - /mnt/nextcloud_data:/var/www/html/data @@ -45,12 +45,12 @@ volumes: secrets: nextcloud_admin_password: - file: /etc/secure_config/.nextcloud_admin_password.txt # put admin password in this file + file: /etc/secure_config/.nextcloud_admin_password.txt nextcloud_admin_user: - file: /etc/secure_config/.nextcloud_admin_user.txt # put admin username in this file + file: /etc/secure_config/.nextcloud_admin_user.txt postgres_db: - file: /etc/secure_config/.postgres_db.txt # put postgresql db name in this file + file: /etc/secure_config/.postgres_db.txt postgres_password: - file: /etc/secure_config/.postgres_password.txt # put postgresql password in this file + file: /etc/secure_config/.postgres_password.txt postgres_user: - file: /etc/secure_config/.postgres_user.txt # put postgresql username in this file + file: /etc/secure_config/.postgres_user.txt diff --git a/photoprism/docker-compose.yml b/photoprism/docker-compose.yml index 5598958..6f549b4 100644 --- a/photoprism/docker-compose.yml +++ b/photoprism/docker-compose.yml @@ -14,12 +14,12 @@ services: - seccomp:unconfined - apparmor:unconfined ports: - - "100.104.163.2:2342:2342" + - "${HOST}:2342:2342" environment: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: ${PHOTOPRISM_DATABASE_PASSWORD} # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://100.104.163.2:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_SITE_URL: "http://${HOST}:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_DISABLE_TLS: "false" # disables HTTPS/TLS even if the site URL starts with https:// and a certificate is available PHOTOPRISM_DEFAULT_TLS: "true" # defaults to a self-signed HTTPS/TLS certificate if no other certificate is available PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) diff --git a/restic/docker-compose.yml b/restic/docker-compose.yml index 5ea23ce..9512000 100644 --- a/restic/docker-compose.yml +++ b/restic/docker-compose.yml @@ -30,7 +30,7 @@ services: --keep-monthly 12 B2_ACCOUNT_ID: ${B2_ACCOUNT_ID} B2_ACCOUNT_KEY: ${B2_ACCOUNT_KEY} - TZ: 'Europe/Berlin' + TZ: ${RESTIC_TIMEZONE} prune: image: mazzolino/restic:1.7.1 @@ -44,7 +44,7 @@ services: RESTIC_PASSWORD: ${RESTIC_PASSWORD} B2_ACCOUNT_ID: ${B2_ACCOUNT_ID} B2_ACCOUNT_KEY: ${B2_ACCOUNT_KEY} - TZ: 'Europe/Berlin' + TZ: ${RESTIC_TIMEZONE} check: image: mazzolino/restic:1.7.1 @@ -60,7 +60,7 @@ services: RESTIC_PASSWORD: ${RESTIC_PASSWORD} B2_ACCOUNT_ID: ${B2_ACCOUNT_ID} B2_ACCOUNT_KEY: ${B2_ACCOUNT_KEY} - TZ: 'Europe/Berlin' + TZ: ${RESTIC_TIMEZONE} networks: private: {} diff --git a/syncthing/docker-compose.yml b/syncthing/docker-compose.yml index ec4a99c..2b56634 100644 --- a/syncthing/docker-compose.yml +++ b/syncthing/docker-compose.yml @@ -11,7 +11,7 @@ services: volumes: - ${PWD}/st-sync:/var/syncthing ports: - - "100.104.163.2:8384:8384" # Web UI + - "{HOST}:8384:8384" # Web UI - 22000:22000/tcp # TCP file transfers - 22000:22000/udp # QUIC file transfers - 21027:21027/udp # Receive local discovery broadcasts diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 61c0002..e4863ad 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -1,38 +1,37 @@ version: "3.3" services: traefik: - image: "traefik:latest" + image: "traefik:${TRAEFIK_VERSION}" container_name: "traefik" command: - - "--api.dashboard=true" - - "--api.insecure=false" - - "--providers.docker=true" - - "--providers.docker.exposedbydefault=false" - - "--entrypoints.web.address=:9091" - - "--entrypoints.websecure.address=:443" - - "--certificatesresolvers.myresolver.acme.tlschallenge=true" - - "--certificatesresolvers.myresolver.acme.email=mail@velouria.dev" - - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" + - "--api.dashboard=${TRAEFIK_API_DASHBOARD}" + - "--api.insecure=${TRAEFIK_API_INSECURE}" + - "--providers.docker=${TRAEFIK_PROVIDERS_DOCKER}" + - "--providers.docker.exposedbydefault=${TRAEFIK_PROVIDERS_DOCKER_EXPOSEDBYDEFAULT}" + - "--entrypoints.web.address=${TRAEFIK_ENTRYPOINTS_WEB_ADDRESS}" + - "--entrypoints.websecure.address=${TRAEFIK_ENTRYPOINTS_WEBSECURE_ADDRESS}" + - "--certificatesresolvers.myresolver.acme.tlschallenge=${TRAEFIK_CERTIFICATESRESOLVERS_MYRESOLVER_ACME_TLSCHALLENGE}" + - "--certificatesresolvers.myresolver.acme.email=${TRAEFIK_CERTIFICATESRESOLVERS_MYRESOLVER_ACME_EMAIL}" + - "--certificatesresolvers.myresolver.acme.storage=${TRAEFIK_CERTIFICATESRESOLVERS_MYRESOLVER_ACME_STORAGE}" ports: - - "9091:80" - - "443:443" + - "${TRAEFIK_PORTS}" volumes: - - "./letsencrypt:/letsencrypt" - - "/var/run/docker.sock:/var/run/docker.sock:ro" + - "${TRAEFIK_VOLUMES_LETSENCRYPT}" + - "${TRAEFIK_VOLUMES_DOCKER_SOCK}" labels: - - "traefik.enable=true" - - "traefik.http.routers.traefik.rule=Host(`traefik.velouria.dev`)" - - "traefik.http.routers.traefik.entrypoints=websecure" - - "traefik.http.routers.traefik.service=api@internal" - - "traefik.http.routers.traefik.tls.certresolver=myresolver" - - "traefik.http.routers.traefik.middlewares=traefik-auth" - - "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$apr1$$DzkytTmy$$B/p/aGYr4N4iH0JW8/zbg/" - - "homepage.group=Base" - - "homepage.name=Traefik" - - "homepage.href=https://traefik.velouria.dev/" + - "traefik.enable=${TRAEFIK_LABELS_ENABLE}" + - "traefik.http.routers.traefik.rule=${TRAEFIK_LABELS_ROUTER_RULE}" + - "traefik.http.routers.traefik.entrypoints=${TRAEFIK_LABELS_ROUTER_ENTRYPOINTS}" + - "traefik.http.routers.traefik.service=${TRAEFIK_LABELS_ROUTER_SERVICE}" + - "traefik.http.routers.traefik.tls.certresolver=${TRAEFIK_LABELS_ROUTER_TLS_CERTRESOLVER}" + - "traefik.http.routers.traefik.middlewares=${TRAEFIK_LABELS_ROUTER_MIDDLEWARES}" + - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_MIDDLEWARES_TRAEFIK_AUTH_USERS}" + - "homepage.group=${TRAEFIK_HOMEPAGE_GROUP}" + - "homepage.name=${TRAEFIK_HOMEPAGE_NAME}" + - "homepage.href=${TRAEFIK_HOMEPAGE_HREF}" networks: - traefik_network networks: - traefik_network: - external: true \ No newline at end of file + traefik_network + external: true