Compare commits
2 Commits
a8226e2942
...
49c06fec1a
Author | SHA1 | Date |
---|---|---|
Benjamin Bohard | 49c06fec1a | |
Benjamin Bohard | be14957a0e |
|
@ -34,6 +34,28 @@ NINEAPACHE_SERVICE_NAME=nineapache
|
||||||
NINEAPACHE_ACTIVATE=1
|
NINEAPACHE_ACTIVATE=1
|
||||||
NINEAPACHE_LOCAL=1
|
NINEAPACHE_LOCAL=1
|
||||||
|
|
||||||
|
# MTA
|
||||||
|
# passerelle courriel
|
||||||
|
MTA_SERVICE_NAME=mta
|
||||||
|
MTA_ACTIVATE=1
|
||||||
|
MTA_LOCAL=1
|
||||||
|
MTA_RELAY_HOST=
|
||||||
|
MTA_RELAY_PORT=
|
||||||
|
MTA_RELAY_USER="user"
|
||||||
|
|
||||||
|
# DEBUGING MTA
|
||||||
|
# fake-smtp server
|
||||||
|
FAKE_SMTP_NAME=fakesmtp
|
||||||
|
FAKE_SMTP_LOCAL=1
|
||||||
|
FAKE_SMTP_ACTIVATE=1
|
||||||
|
# si actif, il faut sans doute l’utiliser
|
||||||
|
# comme passerelle pour le service MTA
|
||||||
|
if [ "$FAKE_SMTP_ACTIVATE" -eq 1 ]
|
||||||
|
then
|
||||||
|
MTA_RELAY_HOST="$FAKE_SMTP_NAME"
|
||||||
|
MTA_RELAY_PORT=2525
|
||||||
|
fi
|
||||||
|
|
||||||
# MARIADB
|
# MARIADB
|
||||||
MARIADB_SERVICE_NAME=mariadb
|
MARIADB_SERVICE_NAME=mariadb
|
||||||
MARIADB_ACTIVATE=1
|
MARIADB_ACTIVATE=1
|
||||||
|
@ -59,7 +81,6 @@ MINIO_HOST=${MINIO_SERVICE_NAME}
|
||||||
MINIO_PORT=9000
|
MINIO_PORT=9000
|
||||||
MINIO_URL=${PROTOCOLE}://${WEB_URL}:9001
|
MINIO_URL=${PROTOCOLE}://${WEB_URL}:9001
|
||||||
|
|
||||||
|
|
||||||
# OPENLDAP
|
# OPENLDAP
|
||||||
# LDAP_SYNC Si MASTERIDENTITY = SQL permet la synchronisation des utilisateurs SQL vers LDAP
|
# LDAP_SYNC Si MASTERIDENTITY = SQL permet la synchronisation des utilisateurs SQL vers LDAP
|
||||||
OPENLDAP_SERVICE_NAME=openldap
|
OPENLDAP_SERVICE_NAME=openldap
|
||||||
|
|
|
@ -0,0 +1,33 @@
|
||||||
|
FROM debian:buster-slim
|
||||||
|
|
||||||
|
RUN set -eux; \
|
||||||
|
apt-get update; \
|
||||||
|
apt-get install -y \
|
||||||
|
exim4-daemon-light \
|
||||||
|
tini \
|
||||||
|
; \
|
||||||
|
rm -rf /var/lib/apt/lists/*; \
|
||||||
|
ln -svfT /etc/hostname /etc/mailname
|
||||||
|
|
||||||
|
# https://blog.dhampir.no/content/exim4-line-length-in-debian-stretch-mail-delivery-failed-returning-message-to-sender
|
||||||
|
# https://serverfault.com/a/881197
|
||||||
|
# https://bugs.debian.org/828801
|
||||||
|
RUN echo "IGNORE_SMTP_LINE_LENGTH_LIMIT='true'" >> /etc/exim4/exim4.conf.localmacros
|
||||||
|
|
||||||
|
RUN set -eux; \
|
||||||
|
mkdir -p /var/spool/exim4 /var/log/exim4; \
|
||||||
|
chown -R Debian-exim:Debian-exim /var/spool/exim4 /var/log/exim4
|
||||||
|
|
||||||
|
COPY set-exim4-update-conf docker-entrypoint.sh /usr/local/bin/
|
||||||
|
RUN set -eux; \
|
||||||
|
set-exim4-update-conf \
|
||||||
|
dc_eximconfig_configtype 'internet' \
|
||||||
|
dc_hide_mailname 'true' \
|
||||||
|
dc_local_interfaces '0.0.0.0 ; ::0' \
|
||||||
|
dc_other_hostnames '' \
|
||||||
|
dc_relay_nets '0.0.0.0/0' \
|
||||||
|
;
|
||||||
|
|
||||||
|
EXPOSE 25
|
||||||
|
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||||
|
CMD ["exim", "-bd", "-v"]
|
|
@ -0,0 +1,33 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -Eeuo pipefail
|
||||||
|
|
||||||
|
if [ "$1" = 'exim' ]; then
|
||||||
|
if [ -n "${GMAIL_USER:-}" ] && [ -n "${GMAIL_PASSWORD:-}" ]; then
|
||||||
|
# see https://wiki.debian.org/GmailAndExim4
|
||||||
|
export EXIM4_SMARTHOST='smtp.gmail.com::587' \
|
||||||
|
EXIM4_SMARTHOST_USER="$GMAIL_USER" \
|
||||||
|
EXIM4_SMARTHOST_PASSWORD="$GMAIL_PASSWORD"
|
||||||
|
fi
|
||||||
|
unset GMAIL_USER GMAIL_PASSWORD # scrub env of creds
|
||||||
|
|
||||||
|
if [ -n "${EXIM4_SMARTHOST:-}" ]; then
|
||||||
|
set-exim4-update-conf \
|
||||||
|
dc_eximconfig_configtype 'smarthost' \
|
||||||
|
dc_smarthost "$EXIM4_SMARTHOST"
|
||||||
|
if [ -n "${EXIM4_SMARTHOST_USER:-}" ] && [ -n "${EXIM4_SMARTHOST_PASSWORD:-}" ]; then
|
||||||
|
echo "*:$EXIM4_SMARTHOST_USER:$EXIM4_SMARTHOST_PASSWORD" > /etc/exim4/passwd.client
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
unset EXIM4_SMARTHOST EXIM4_SMARTHOST_USER EXIM4_SMARTHOST_PASSWORD # scrub env of creds
|
||||||
|
|
||||||
|
if [ "$(id -u)" = '0' ]; then
|
||||||
|
mkdir -p /var/spool/exim4 /var/log/exim4 || :
|
||||||
|
chown -R Debian-exim:Debian-exim /var/spool/exim4 /var/log/exim4 || :
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$$" = 1 ]; then
|
||||||
|
set -- tini -- "$@"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec "$@"
|
|
@ -0,0 +1,28 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
set -Eeuo pipefail
|
||||||
|
|
||||||
|
conf='/etc/exim4/update-exim4.conf.conf'
|
||||||
|
|
||||||
|
args=()
|
||||||
|
while [ "$#" -gt 0 ]; do
|
||||||
|
key="$1"
|
||||||
|
value="$2"
|
||||||
|
shift 2
|
||||||
|
|
||||||
|
if ! grep -qE "^#?${key}=" "$conf"; then
|
||||||
|
echo >&2 "error: '$key' not found in '$conf'"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
sed_escaped_value="$(sed -e 's/[\/&]/\\&/g' <<<"$value")"
|
||||||
|
args+=( -e "s/^#?(${key})=.*/\1='${sed_escaped_value}'/" )
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ "${#args[@]}" -eq 0 ]; then
|
||||||
|
echo >&2 "error: nothing to do?"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
set -x
|
||||||
|
sed -ri "${args[@]}" "$conf"
|
||||||
|
update-exim4.conf -v
|
|
@ -0,0 +1,25 @@
|
||||||
|
#!/usr/bin/env -S -i bash
|
||||||
|
|
||||||
|
env_files="env/.env env/.env.local"
|
||||||
|
merged_env="env/.env.merge"
|
||||||
|
if [ -n "$1" ]
|
||||||
|
then
|
||||||
|
env_files="$env_files $1/env/.env $1/env/.env.local"
|
||||||
|
merged_env="$1/env/.env.merge"
|
||||||
|
fi
|
||||||
|
|
||||||
|
unset PWD
|
||||||
|
unset SHLVL
|
||||||
|
for env_file in $env_files
|
||||||
|
do
|
||||||
|
set -a
|
||||||
|
if [ -f "$env_file" ]
|
||||||
|
then
|
||||||
|
. $env_file
|
||||||
|
fi
|
||||||
|
set +a
|
||||||
|
done
|
||||||
|
unset username
|
||||||
|
export -p | cut -d" " -f3- | sed "/OLDPWD/d" | head -n -1 | sort > "$merged_env"
|
||||||
|
|
||||||
|
exit 0
|
39
nine.sh
39
nine.sh
|
@ -113,7 +113,8 @@ destroyall(){
|
||||||
|
|
||||||
env(){
|
env(){
|
||||||
for dir in $(ls -d "services"/[0-9][0-9]-* | sort); do
|
for dir in $(ls -d "services"/[0-9][0-9]-* | sort); do
|
||||||
mergeenv $dir/env/.env.merge env/.env.merge $dir/env/.env $dir/env/.env.local
|
#mergeenv $dir/env/.env.merge env/.env.merge $dir/env/.env $dir/env/.env.local
|
||||||
|
misc/tools/mergeenv.sh $dir
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -123,18 +124,40 @@ env(){
|
||||||
# Construction du dockercompose
|
# Construction du dockercompose
|
||||||
|
|
||||||
dockercompose() {
|
dockercompose() {
|
||||||
echo "services:" > docker-compose.yml
|
|
||||||
|
|
||||||
|
echo "services:" > services.yml
|
||||||
|
echo "secrets:" > secrets.yml
|
||||||
|
echo "networks:" > networks.yml
|
||||||
|
echo " nine-network:" >> networks.yml
|
||||||
|
echo " name: nine-network" >> networks.yml
|
||||||
for dir in $(ls -d "services"/[0-9][0-9]-* | sort); do
|
for dir in $(ls -d "services"/[0-9][0-9]-* | sort); do
|
||||||
# Construction du docker-compose
|
# Construction du docker-compose
|
||||||
if [ -f "$dir/dockercompose/dockercompose.yml" ]; then
|
if [ -f "$dir/dockercompose/dockercompose.yml" ]; then
|
||||||
cat "$dir/dockercompose/dockercompose.yml" >> docker-compose.yml
|
unset section
|
||||||
|
while read; do
|
||||||
|
case $REPLY in
|
||||||
|
"services:")
|
||||||
|
section=${REPLY%:}
|
||||||
|
;;
|
||||||
|
"secrets:")
|
||||||
|
section=${REPLY%:}
|
||||||
|
;;
|
||||||
|
"networks:")
|
||||||
|
section=${REPLY%:}
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
if [ -n "$section" ]; then
|
||||||
|
echo "$REPLY" >> ${section}.yml
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
|
||||||
|
esac
|
||||||
|
done < "$dir/dockercompose/dockercompose.yml"
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
cat services.yml secrets.yml networks.yml > docker-compose.yml
|
||||||
|
rm -f services.yml secrets.yml networks.yml
|
||||||
|
|
||||||
echo "networks:" >> docker-compose.yml
|
|
||||||
echo " nine-network:" >> docker-compose.yml
|
|
||||||
echo " name: nine-network" >> docker-compose.yml
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#===========================================================================================================================================
|
#===========================================================================================================================================
|
||||||
|
@ -186,9 +209,9 @@ services() {
|
||||||
#===========================================================================================================================================
|
#===========================================================================================================================================
|
||||||
|
|
||||||
# Include variable d'environnement global
|
# Include variable d'environnement global
|
||||||
mergeenv env/.env.merge env/.env env/.env.local
|
#mergeenv env/.env.merge env/.env env/.env.local
|
||||||
|
misc/tools/mergeenv.sh
|
||||||
. env/.env.merge
|
. env/.env.merge
|
||||||
|
|
||||||
# Include service
|
# Include service
|
||||||
declare -A services
|
declare -A services
|
||||||
for dir in $(ls -d "services"/[0-9][0-9]-* | sort); do
|
for dir in $(ls -d "services"/[0-9][0-9]-* | sort); do
|
||||||
|
|
|
@ -0,0 +1,14 @@
|
||||||
|
# Passerelle courriel pour les autres conteneurs
|
||||||
|
services:
|
||||||
|
mta:
|
||||||
|
image: postfix
|
||||||
|
container_name: mta
|
||||||
|
restart: unless-stopped
|
||||||
|
env_file: ./services/01-mta/env/.env.merge
|
||||||
|
networks:
|
||||||
|
- nine-network
|
||||||
|
secrets:
|
||||||
|
- postfix_password
|
||||||
|
secrets:
|
||||||
|
postfix_password:
|
||||||
|
file: ./services/01-mta/secrets/postfix_password.txt
|
|
@ -0,0 +1,4 @@
|
||||||
|
POSTFIX_HOSTNAME="nine.local"
|
||||||
|
POSTFIX_RELAY_HOST="$MTA_RELAY_HOST:$MTA_RELAY_PORT"
|
||||||
|
POSTFIX_RELAY_USER="$MTA_RELAY_USER"
|
||||||
|
POSTFIX_RELAY_PASSWORD_FILE="/run/secrets/postfix_password"
|
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
function upmta {
|
||||||
|
if [[ $MTA_ACTIVATE == 1 && $MTA_LOCAL == 1 ]]
|
||||||
|
then
|
||||||
|
Title ${MTA_SERVICE_NAME^^}
|
||||||
|
EchoVert "CONTAINER"
|
||||||
|
upservice ${MTA_SERVICE_NAME}
|
||||||
|
Echo
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function destroymta {
|
||||||
|
if [[ $MTA_LOCAL == 1 ]]
|
||||||
|
then
|
||||||
|
Title "DESTROY ${MTA_SERVICE_NAME}"
|
||||||
|
|
||||||
|
stop ${MTA_SERVICE_NAME} 1
|
||||||
|
docker-compose rm -s -v -f "${MTA_SERVICE_NAME}"
|
||||||
|
echo ""
|
||||||
|
fi
|
||||||
|
}
|
|
@ -0,0 +1 @@
|
||||||
|
secret
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Nineapache
|
# Nineapache
|
||||||
# Reverse proxy de l'ensemble des services
|
# Reverse proxy de l'ensemble des services
|
||||||
# Seul port ouvert sur l'exterieur
|
# Seul port ouvert sur l'exterieur
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Mariadb
|
# Mariadb
|
||||||
# Base de données des services
|
# Base de données des services
|
||||||
# Port interne 3306
|
# Port interne 3306
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Minio
|
# Minio
|
||||||
# Stocakge S3
|
# Stocakge S3
|
||||||
# Port interne 9000 pour le stockage / Port interne 9001 pour l'interface web
|
# Port interne 9000 pour le stockage / Port interne 9001 pour l'interface web
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Openldap
|
# Openldap
|
||||||
# Annuaire
|
# Annuaire
|
||||||
# Port interne 1389 & 1636
|
# Port interne 1389 & 1636
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Redis
|
# Redis
|
||||||
# Base de données redis pour les services qui souhaitent stocker leur session en bdd
|
# Base de données redis pour les services qui souhaitent stocker leur session en bdd
|
||||||
# Port interne 6379
|
# Port interne 6379
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Keycloak
|
# Keycloak
|
||||||
# serveur SSO
|
# serveur SSO
|
||||||
# Port interne 8999 & 8443
|
# Port interne 8999 & 8443
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Dokuwiki
|
# Dokuwiki
|
||||||
# Wiki
|
# Wiki
|
||||||
# Port interne 80
|
# Port interne 80
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Nextcloud
|
# Nextcloud
|
||||||
# Hébergement de fichiers et une plateforme de collaboration
|
# Hébergement de fichiers et une plateforme de collaboration
|
||||||
# Port interne 80
|
# Port interne 80
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Nineboard
|
# Nineboard
|
||||||
# Tableaux de bord collaboratif
|
# Tableaux de bord collaboratif
|
||||||
# Port interne 80
|
# Port interne 80
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Ninegate
|
# Ninegate
|
||||||
# Portail collaboratif
|
# Portail collaboratif
|
||||||
# Port interne 80
|
# Port interne 80
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Nineskeletor
|
# Nineskeletor
|
||||||
# Portail collaboratif
|
# Portail collaboratif
|
||||||
# Port interne 80
|
# Port interne 80
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Wordpress
|
# Wordpress
|
||||||
# Reseau de blog
|
# Reseau de blog
|
||||||
# Port interne 80
|
# Port interne 80
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Adminer
|
# Adminer
|
||||||
# Gestionnaire BDD
|
# Gestionnaire BDD
|
||||||
# Port interne 8080
|
# Port interne 8080
|
||||||
|
|
|
@ -0,0 +1,11 @@
|
||||||
|
# Passerelle courriel pour les autres conteneurs
|
||||||
|
services:
|
||||||
|
fakesmtp:
|
||||||
|
image: reg.cadoles.com/cadoles/fake-smtp
|
||||||
|
container_name: fakesmtp
|
||||||
|
restart: unless-stopped
|
||||||
|
env_file: ./services/90-fakesmtp/env/.env.merge
|
||||||
|
networks:
|
||||||
|
- nine-network
|
||||||
|
ports:
|
||||||
|
- "8080:8080"
|
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
function upfakesmtp {
|
||||||
|
if [[ $FAKE_SMTP_ACTIVATE == 1 && $FAKE_SMTP_LOCAL == 1 ]]
|
||||||
|
then
|
||||||
|
Title ${FAKE_SMTP_NAME^^}
|
||||||
|
EchoVert "CONTAINER"
|
||||||
|
upservice ${FAKE_SMTP_NAME}
|
||||||
|
Echo
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function destroyfakesmtp {
|
||||||
|
if [[ $FAKE_SMTP_LOCAL == 1 ]]
|
||||||
|
then
|
||||||
|
Title "DESTROY ${FAKE_SMTP_NAME}"
|
||||||
|
|
||||||
|
stop ${FAKE_SMTP_NAME} 1
|
||||||
|
docker-compose rm -s -v -f "${FAKE_SMTP_NAME}"
|
||||||
|
echo ""
|
||||||
|
fi
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
|
services:
|
||||||
# Phpldapadmin
|
# Phpldapadmin
|
||||||
# Gestionnaire Annuaire
|
# Gestionnaire Annuaire
|
||||||
# Port interne 80
|
# Port interne 80
|
||||||
|
|
Loading…
Reference in New Issue