Compare commits
22 Commits
gestionSec
...
bca0693a14
| Author | SHA1 | Date | |
|---|---|---|---|
| bca0693a14 | |||
|
0d00b418a0 | ||
| 98cc875611 | |||
| 618f22db6b | |||
| 290c6fe360 | |||
| 3b5d01d5df | |||
| 3a3c4f4d0c | |||
| 898d6a652d | |||
| 3bf952b57f | |||
| 70442f6464 | |||
| 33f793fcbe | |||
| 813e0e761f | |||
| 2e62e9782e | |||
| fc4adc0fae | |||
| 74812fa79a | |||
| 3220d862a6 | |||
| 1936326535 | |||
| a630e47bfe | |||
| 33fc237cb8 | |||
| ed5ef23ed2 | |||
| 6f33808736 | |||
|
|
477a9155fe |
@@ -123,6 +123,8 @@ export DebugLog="${KAZ_ROOT}/log/log-install-$(date +%y-%m-%d-%T)-"
|
|||||||
if [[ " ${DOCKERS_LIST[*]} " =~ " traefik " ]]; then
|
if [[ " ${DOCKERS_LIST[*]} " =~ " traefik " ]]; then
|
||||||
# on initialise traefik :-(
|
# on initialise traefik :-(
|
||||||
${KAZ_COMP_DIR}/traefik/first.sh
|
${KAZ_COMP_DIR}/traefik/first.sh
|
||||||
|
# on démarre traefik (plus lancé dans container.sh)
|
||||||
|
docker-compose -f ${KAZ_COMP_DIR}/traefik/docker-compose.yml up -d
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ " ${DOCKERS_LIST[*]} " =~ " etherpad " ]]; then
|
if [[ " ${DOCKERS_LIST[*]} " =~ " etherpad " ]]; then
|
||||||
|
|||||||
@@ -17,9 +17,13 @@ KAZ_ROOT=$(cd "$(dirname $0)"/..; pwd)
|
|||||||
. $KAZ_ROOT/bin/.commonFunctions.sh
|
. $KAZ_ROOT/bin/.commonFunctions.sh
|
||||||
setKazVars
|
setKazVars
|
||||||
. $DOCKERS_ENV
|
. $DOCKERS_ENV
|
||||||
. $KAZ_BIN_DIR/getPasswords.sh borg
|
. ${KAZ_KEY_DIR}/env-borg
|
||||||
|
# Si la variable SCRIPTBORG est renseignée avec un fichier on le source
|
||||||
VERSION="V-10-03-2025"
|
if [ ! -z ${SCRIPTBORG} ]
|
||||||
|
then
|
||||||
|
[ -f ${SCRIPTBORG} ] && . ${SCRIPTBORG}
|
||||||
|
fi
|
||||||
|
VERSION="V-07-08-2025"
|
||||||
PRG=$(basename $0)
|
PRG=$(basename $0)
|
||||||
RACINE=$(echo $PRG | awk '{print $1}')
|
RACINE=$(echo $PRG | awk '{print $1}')
|
||||||
#IFS=' '
|
#IFS=' '
|
||||||
|
|||||||
@@ -1,2 +1,2 @@
|
|||||||
proxy
|
# proxy
|
||||||
#traefik
|
traefik
|
||||||
|
|||||||
@@ -4,7 +4,7 @@ dokuwiki
|
|||||||
paheko
|
paheko
|
||||||
gitea
|
gitea
|
||||||
jirafeau
|
jirafeau
|
||||||
mattermost
|
#mattermost
|
||||||
roundcube
|
roundcube
|
||||||
mobilizon
|
mobilizon
|
||||||
vaultwarden
|
vaultwarden
|
||||||
|
|||||||
@@ -101,7 +101,7 @@ snappymailHost=snappymail
|
|||||||
########################################
|
########################################
|
||||||
# ports internes
|
# ports internes
|
||||||
|
|
||||||
matterPort=8000
|
matterPort=8065
|
||||||
imapsyncPort=8080
|
imapsyncPort=8080
|
||||||
apikaz=5000
|
apikaz=5000
|
||||||
|
|
||||||
|
|||||||
@@ -1,9 +1,5 @@
|
|||||||
|
|
||||||
MM_ADMIN_EMAIL=@@globalvar@@matterHost@@gv@@@@@globalvar@@domain@@gv@@
|
MM_ADMIN_EMAIL=@@globalvar@@matterHost@@gv@@@@@globalvar@@domain@@gv@@
|
||||||
MM_ADMIN_USER=@@user@@mattermost2@@u@@
|
MM_ADMIN_USER=@@user@@mattermost2@@u@@
|
||||||
MM_ADMIN_PASSWORD=@@pass@@mattermost2@@p@@
|
MM_ADMIN_PASSWORD=@@pass@@mattermost2@@p@@
|
||||||
|
|
||||||
|
|
||||||
MM_SQLSETTINGS_DRIVERNAME=postgres
|
|
||||||
MM_SQLSETTINGS_DATASOURCE=postgres://@@user@@mattermost@@u@@:@@pass@@mattermost@@p@@@postgres:5432/@@db@@mattermost@@d@@?sslmode=disable&connect_timeout=10
|
MM_SQLSETTINGS_DATASOURCE=postgres://@@user@@mattermost@@u@@:@@pass@@mattermost@@p@@@postgres:5432/@@db@@mattermost@@d@@?sslmode=disable&connect_timeout=10
|
||||||
|
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
services:
|
services:
|
||||||
|
|
||||||
app:
|
app:
|
||||||
image: mattermost/mattermost-team-edition:10.9.1
|
image: mattermost/mattermost-team-edition:10.11.1
|
||||||
container_name: ${mattermostServName}
|
container_name: ${mattermostServName}
|
||||||
restart: ${restartPolicy}
|
restart: ${restartPolicy}
|
||||||
volumes:
|
volumes:
|
||||||
@@ -39,12 +39,12 @@ services:
|
|||||||
- "traefik.http.routers.${mattermostServName}.rule=Host(`${matterHost}.${domain}`)"
|
- "traefik.http.routers.${mattermostServName}.rule=Host(`${matterHost}.${domain}`)"
|
||||||
- "traefik.http.services.${mattermostServName}.loadbalancer.server.port=${matterPort}"
|
- "traefik.http.services.${mattermostServName}.loadbalancer.server.port=${matterPort}"
|
||||||
- "traefik.docker.network=mattermostNet"
|
- "traefik.docker.network=mattermostNet"
|
||||||
healthcheck:
|
# healthcheck:
|
||||||
test: ["CMD", "curl", "-f", "http://app:${matterPort}"]
|
# test: ["CMD", "curl", "-f", "http://app:${matterPort}"]
|
||||||
interval: 20s
|
# interval: 20s
|
||||||
retries: 10
|
# retries: 10
|
||||||
start_period: 20s
|
# start_period: 20s
|
||||||
timeout: 10s
|
# timeout: 10s
|
||||||
|
|
||||||
postgres:
|
postgres:
|
||||||
image: postgres:17-alpine
|
image: postgres:17-alpine
|
||||||
|
|||||||
@@ -10,3 +10,7 @@ cd $(dirname $0)
|
|||||||
"${KAZ_BIN_DIR}/gestContainers.sh" --install -M -agora
|
"${KAZ_BIN_DIR}/gestContainers.sh" --install -M -agora
|
||||||
|
|
||||||
|
|
||||||
|
docker exec ${mattermostServName} mmctl auth login https://${matterHost}.${domain} --name local-server --username ${mattermost_MM_ADMIN_USER} --password ${mattermost_MM_ADMIN_PASSWORD}
|
||||||
|
docker exec ${mattermostServName} mmctl channel create --team kaz --name "une-question--un-soucis" --display-name "Une question ? Un souci ?"
|
||||||
|
docker exec ${mattermostServName} mmctl channel create --team kaz --name "cafe-du-commerce--ouvert-2424h" --display-name "Café du commerce"
|
||||||
|
docker exec ${mattermostServName} mmctl channel create --team kaz --name "creation-comptes" --display-name "Création comptes"
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
services:
|
services:
|
||||||
|
|
||||||
app:
|
app:
|
||||||
image: roundcube/roundcubemail:1.6.9-apache
|
image: roundcube/roundcubemail
|
||||||
container_name: ${roundcubeServName}
|
container_name: ${roundcubeServName}
|
||||||
restart: ${restartPolicy}
|
restart: ${restartPolicy}
|
||||||
depends_on:
|
depends_on:
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
services:
|
services:
|
||||||
reverse-proxy:
|
reverse-proxy:
|
||||||
image: traefik:v3.4.1
|
image: traefik:v3.4.4
|
||||||
container_name: ${traefikServName}
|
container_name: ${traefikServName}
|
||||||
restart: ${restartPolicy}
|
restart: ${restartPolicy}
|
||||||
# Enables the web UI and tells Traefik to listen to docker
|
# Enables the web UI and tells Traefik to listen to docker
|
||||||
@@ -23,6 +23,7 @@ services:
|
|||||||
- TRAEFIK_ENTRYPOINTS_websecure_HTTP_TLS_CERTRESOLVER=letsencrypt
|
- TRAEFIK_ENTRYPOINTS_websecure_HTTP_TLS_CERTRESOLVER=letsencrypt
|
||||||
- TRAEFIK_ENTRYPOINTS_websecure_HTTP_MIDDLEWARES=hsts@file,test-ipallowlist@file
|
- TRAEFIK_ENTRYPOINTS_websecure_HTTP_MIDDLEWARES=hsts@file,test-ipallowlist@file
|
||||||
- TRAEFIK_ENTRYPOINTS_websecure_TRANSPORT_RESPONDINGTIMEOUTS_READTIMEOUT=600
|
- TRAEFIK_ENTRYPOINTS_websecure_TRANSPORT_RESPONDINGTIMEOUTS_READTIMEOUT=600
|
||||||
|
- TRAEFIK_ENTRYPOINTS_websecure_TRANSPORT_RESPONDINGTIMEOUTS_IDLETIMEOUT=600
|
||||||
- TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_EMAIL=admin@${domain}
|
- TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_EMAIL=admin@${domain}
|
||||||
- TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_CASERVER=${acme_server}
|
- TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_CASERVER=${acme_server}
|
||||||
- TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_STORAGE=/letsencrypt/acme.json
|
- TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_STORAGE=/letsencrypt/acme.json
|
||||||
@@ -34,7 +35,7 @@ services:
|
|||||||
- TZ=Europe/Paris
|
- TZ=Europe/Paris
|
||||||
- TRAEFIK_ACCESSLOG=true
|
- TRAEFIK_ACCESSLOG=true
|
||||||
- TRAEFIK_ACCESSLOG_FILEPATH=/log/traefik_acces.log
|
- TRAEFIK_ACCESSLOG_FILEPATH=/log/traefik_acces.log
|
||||||
- TRAEFIK_ACCESSLOG_FILTERS_STATUSCODES=404,403,401
|
- TRAEFIK_ACCESSLOG_FILTERS_STATUSCODES=404,403,401
|
||||||
- TRAEFIK_LOG=true
|
- TRAEFIK_LOG=true
|
||||||
- TRAEFIK_LOG_LEVEL=INFO
|
- TRAEFIK_LOG_LEVEL=INFO
|
||||||
- TRAEFIK_LOG_FILEPATH=/log/traefik.log
|
- TRAEFIK_LOG_FILEPATH=/log/traefik.log
|
||||||
@@ -226,13 +227,13 @@ networks:
|
|||||||
}}
|
}}
|
||||||
{{peertube
|
{{peertube
|
||||||
peertubeNet:
|
peertubeNet:
|
||||||
external:true
|
external: true
|
||||||
name:peertubeNet
|
name: peertubeNet
|
||||||
}}
|
}}
|
||||||
{{spip
|
{{spip
|
||||||
spipNet:
|
spipNet:
|
||||||
external:true
|
external: true
|
||||||
name:spipNet
|
name: spipNet
|
||||||
}}
|
}}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -1,66 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# Attention à cause des scripts pas de ["'/] dans les mot de passe
|
|
||||||
|
|
||||||
|
|
||||||
# A COPIER DANS UN FICHIER DE CONF !! -> mattermostAdmin
|
|
||||||
# pour envoyer des messages sur l'agora avec mmctl
|
|
||||||
mattermost_user="admin-mattermost"
|
|
||||||
mattermost_pass="--clean_val--"
|
|
||||||
mattermost_token="xxx-private"
|
|
||||||
|
|
||||||
|
|
||||||
##################
|
|
||||||
# A DEPLACER DANS DOCKER ENV
|
|
||||||
#qui envoi le mail d'inscription ?
|
|
||||||
EMAIL_CONTACT="toto@kaz.bzh"
|
|
||||||
|
|
||||||
|
|
||||||
# A COPIER DANS UN FICHIER DE CONF !! -> paheko
|
|
||||||
##################
|
|
||||||
# Paheko
|
|
||||||
paheko_API_USER="admin-api"
|
|
||||||
paheko_API_PASSWORD="--clean_val--"
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# A virer dans koffre
|
|
||||||
##################
|
|
||||||
#Compte sur outlook.com
|
|
||||||
outlook_user="kaz-user@outlook.fr"
|
|
||||||
outlook_pass="--clean_val--"
|
|
||||||
|
|
||||||
|
|
||||||
# A COPIER DANS UN FICHIER DE CONF !! -> mail
|
|
||||||
service_mail=admin-kaz@kaz.bzh
|
|
||||||
service_password="--clean_val--"
|
|
||||||
|
|
||||||
##################
|
|
||||||
#Borg
|
|
||||||
|
|
||||||
# A COPIER DANS UN FICHIER DE CONF !! -> borg
|
|
||||||
BORG_REPO="/mnt/backup-nas1/BorgRepo"
|
|
||||||
BORG_PASSPHRASE="--clean_val--"
|
|
||||||
VOLUME_SAUVEGARDES="/mnt/backup-nas1"
|
|
||||||
MAIL_RAPPORT="a@${domain};b@${domain};c@${domain}"
|
|
||||||
BORGMOUNT="/mnt/disk-nas1/tmp/repo_mount"
|
|
||||||
|
|
||||||
|
|
||||||
#####################
|
|
||||||
#Traefik
|
|
||||||
|
|
||||||
# A COPIER DANS UN FICHIER DE CONF !! -> traefik
|
|
||||||
traefik_DASHBOARD_USER="admin"
|
|
||||||
traefik_DASHBOARD_PASSWORD="--clean_val--"
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#####################
|
|
||||||
# Castopod
|
|
||||||
# A COPIER DANS UN FICHIER DE CONF !! castopodAdmin
|
|
||||||
|
|
||||||
castopod_ADMIN_USER=adminKaz
|
|
||||||
castopod_ADMIN_MAIL=admin@${domain}
|
|
||||||
castopod_ADMIN_PASSWORD="--clean_val--"
|
|
||||||
|
|
||||||
|
|
||||||
@@ -1,17 +1,17 @@
|
|||||||
VOLUME_SAUVEGARDES=
|
borg_VOLUME_SAUVEGARDES=
|
||||||
BORG_REPO=
|
borg_BORG_REPO=
|
||||||
BORG_PASSPHRASE=@@token@@borg@@t@@
|
borg_BORG_PASSPHRASE=@@token@@borg@@t@@
|
||||||
BORGLOG="/var/log/borg"
|
borg_BORGLOG="/var/log/borg"
|
||||||
BORG_FIC_DEL="/tmp/sauvegarde_supp.txt"
|
borg_BORG_FIC_DEL="/tmp/sauvegarde_supp.txt"
|
||||||
BORG_EXCLUDE_BACKUP=
|
borg_BORG_EXCLUDE_BACKUP=
|
||||||
MAIL_RAPPORT=a@@@globalvar@@domain@@gv@@;b@@@globalvar@@domain@@gv@@;c@@@globalvar@@domain@@gv@@
|
borg_MAIL_RAPPORT=a@@@globalvar@@domain@@gv@@;b@@@globalvar@@domain@@gv@@;c@@@globalvar@@domain@@gv@@
|
||||||
LISTREPSAUV=
|
borg_LISTREPSAUV=
|
||||||
BORGMOUNT="/mnt/repo_borg"
|
borg_BORGMOUNT="/mnt/repo_borg"
|
||||||
MAILOK=
|
borg_MAILOK=
|
||||||
MAILWARNING=
|
borg_MAILWARNING=
|
||||||
MAILDETAIL=
|
borg_MAILDETAIL=
|
||||||
BACKUPS_KEEP="4m"
|
borg_BACKUPS_KEEP="4m"
|
||||||
NB_BACKUPS_JOUR=90
|
borg_NB_BACKUPS_JOUR=90
|
||||||
NB_BACKUPS_SEM=30
|
borg_NB_BACKUPS_SEM=30
|
||||||
NB_BACKUPS_MOIS=12
|
borg_NB_BACKUPS_MOIS=12
|
||||||
BORGSCRIPTS=/root/borgscripts
|
borg_BORGSCRIPTS=/root/borgscripts
|
||||||
@@ -1,9 +1,4 @@
|
|||||||
|
|
||||||
MYSQL_ROOT_PASSWORD=@@pass@@mattermostroot@@p@@
|
|
||||||
MYSQL_DATABASE=@@db@@mattermost@@d@@
|
|
||||||
MYSQL_USER=@@user@@mattermost@@u@@
|
|
||||||
MYSQL_PASSWORD=@@pass@@mattermost@@p@@
|
|
||||||
|
|
||||||
POSTGRES_USER=@@user@@mattermost@@u@@
|
POSTGRES_USER=@@user@@mattermost@@u@@
|
||||||
POSTGRES_PASSWORD=@@pass@@mattermost@@p@@
|
POSTGRES_PASSWORD=@@pass@@mattermost@@p@@
|
||||||
POSTGRES_DB=@@db@@mattermost@@d@@
|
POSTGRES_DB=@@db@@mattermost@@d@@
|
||||||
|
|
||||||
|
|||||||
@@ -1,9 +1,5 @@
|
|||||||
|
|
||||||
MM_ADMIN_EMAIL=@@globalvar@@matterHost@@gv@@@@@globalvar@@domain@@gv@@
|
MM_ADMIN_EMAIL=@@globalvar@@matterHost@@gv@@@@@globalvar@@domain@@gv@@
|
||||||
MM_ADMIN_USER=@@user@@mattermost2@@u@@
|
MM_ADMIN_USER=@@user@@mattermost2@@u@@
|
||||||
MM_ADMIN_PASSWORD=@@pass@@mattermost2@@p@@
|
MM_ADMIN_PASSWORD=@@pass@@mattermost2@@p@@
|
||||||
|
|
||||||
|
|
||||||
MM_SQLSETTINGS_DRIVERNAME=postgres
|
|
||||||
MM_SQLSETTINGS_DATASOURCE=postgres://@@user@@mattermost@@u@@:@@pass@@mattermost@@p@@@postgres:5432/@@db@@mattermost@@d@@?sslmode=disable&connect_timeout=10
|
MM_SQLSETTINGS_DATASOURCE=postgres://@@user@@mattermost@@u@@:@@pass@@mattermost@@p@@@postgres:5432/@@db@@mattermost@@d@@?sslmode=disable&connect_timeout=10
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user