feat: add Palmr file sharing service to replace Pingvin

- Add Palmr Docker Compose template with encryption enabled - Create Palmr deployment tasks for productivity category - Add files.thesatelliteoflove.com routing in Caddyfile - Restore files subdomain for Palmr service - Add Palmr to Glance dashboard with file icon - Generate and store encryption key in vault - Configure HTTPS, Authentik integration, and dockcheck updates 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-23 12:59:11 -06:00
parent 75fabb3523
commit 17c3077cf0
5 changed files with 56 additions and 0 deletions
--- a/roles/docker/files/Caddyfile
+++ b/roles/docker/files/Caddyfile
@@ -53,6 +53,9 @@ snippets.thesatelliteoflove.com {
    reverse_proxy bytestash:5000
 }

+files.thesatelliteoflove.com {
+    reverse_proxy palmr-palmr-1:5487
+}

 git.thesatelliteoflove.com {
    reverse_proxy gitea:3000
--- a/roles/docker/tasks/productivity/main.yml
+++ b/roles/docker/tasks/productivity/main.yml
@@ -25,6 +25,9 @@
  import_tasks: dawarich.yml
  tags: dawarich

+- name: Install palmr
+  import_tasks: palmr.yml
+  tags: palmr

 - name: Install obsidian-livesync
  import_tasks: obsidian-livesync.yml
--- a/roles/docker/tasks/productivity/palmr.yml
+++ b/roles/docker/tasks/productivity/palmr.yml
@@ -0,0 +1,19 @@
+- name: make palmr directories
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+  loop:
+    - /opt/stacks/palmr
+
+- name: Template out the compose file
+  ansible.builtin.template:
+    src: palmr-compose.yml.j2
+    dest: /opt/stacks/palmr/compose.yml
+    owner: root
+    mode: 644
+
+- name: deploy palmr stack
+  community.docker.docker_compose_v2:
+    project_src: /opt/stacks/palmr
+    files:
+      - compose.yml
--- a/roles/docker/templates/palmr-compose.yml.j2
+++ b/roles/docker/templates/palmr-compose.yml.j2
@@ -0,0 +1,30 @@
+services:
+  palmr:
+    image: kyantech/palmr:latest
+    restart: unless-stopped
+    environment:
+      DISABLE_FILESYSTEM_ENCRYPTION: "false"
+      ENCRYPTION_KEY: "{{ vault_palmr.encryption_key }}"
+      PALMR_UID: "1000"
+      PALMR_GID: "1000"
+      SECURE_SITE: "true"
+      DEFAULT_LANGUAGE: "en-US"
+      TRUST_PROXY: "true"
+    extra_hosts:
+      - "{{ subdomains.auth }}:{{ docker.hairpin_ip }}"
+    labels:
+      glance.name: Palmr
+      glance.icon: si:files
+      glance.url: "https://{{ subdomains.files }}/"
+      glance.description: File sharing and storage
+      glance.id: palmr
+      mag37.dockcheck.update: true
+    volumes:
+      - palmr_data:/app/server
+volumes:
+  palmr_data:
+    driver: local
+networks:
+  default:
+    external: true
+    name: "{{ docker.network_name }}"