Compare commits
6 Commits
3fbd0c5053
...
798d35be16
| Author | SHA1 | Date | |
|---|---|---|---|
| 798d35be16 | |||
| 4fb991ac52 | |||
| 4d1732ff16 | |||
| 2a7bd0dc74 | |||
| c94c3641b0 | |||
| e7cac9e19c |
3
.gitignore
vendored
3
.gitignore
vendored
@ -1,2 +1,3 @@
|
|||||||
.python-version
|
.python-version
|
||||||
secrets.enc
|
secrets.enc
|
||||||
|
vault_pass
|
||||||
2
dns.yml
2
dns.yml
@ -53,7 +53,7 @@
|
|||||||
amazon.aws.route53:
|
amazon.aws.route53:
|
||||||
state: present
|
state: present
|
||||||
zone: "{{ item.0.name }}"
|
zone: "{{ item.0.name }}"
|
||||||
record: "{{ item.1.name }}.{{ item.0.name }}"
|
record: "{{ item.0.name if item.1.name == '@' else item.1.name + '.' + item.0.name }}"
|
||||||
type: A
|
type: A
|
||||||
ttl: 300
|
ttl: 300
|
||||||
value: "{{ item.1.ip }}"
|
value: "{{ item.1.ip }}"
|
||||||
|
|||||||
@ -115,6 +115,11 @@ repair.nerder.land {
|
|||||||
file_server
|
file_server
|
||||||
}
|
}
|
||||||
|
|
||||||
|
nerder.land {
|
||||||
|
root * /srv/nerderland
|
||||||
|
file_server
|
||||||
|
}
|
||||||
|
|
||||||
forms.nerder.land {
|
forms.nerder.land {
|
||||||
reverse_proxy heyform-heyform-1:8000
|
reverse_proxy heyform-heyform-1:8000
|
||||||
}
|
}
|
||||||
|
|||||||
@ -37,7 +37,7 @@ services:
|
|||||||
glance.parent: authentik
|
glance.parent: authentik
|
||||||
glance.name: Redis
|
glance.name: Redis
|
||||||
server:
|
server:
|
||||||
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.1}
|
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.4}
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
command: server
|
command: server
|
||||||
environment:
|
environment:
|
||||||
@ -64,7 +64,7 @@ services:
|
|||||||
glance.description: Authentication server
|
glance.description: Authentication server
|
||||||
glance.id: authentik
|
glance.id: authentik
|
||||||
worker:
|
worker:
|
||||||
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.1}
|
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.4}
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
command: worker
|
command: worker
|
||||||
environment:
|
environment:
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
services:
|
services:
|
||||||
gotosocial:
|
gotosocial:
|
||||||
image: superseriousbusiness/gotosocial:0.18.2
|
image: superseriousbusiness/gotosocial:latest
|
||||||
container_name: gotosocial
|
container_name: gotosocial
|
||||||
user: 1000:1000
|
user: 1000:1000
|
||||||
extra_hosts:
|
extra_hosts:
|
||||||
|
|||||||
@ -19,6 +19,7 @@ services:
|
|||||||
OIDC_ISSUER: https://auth.thesatelliteoflove.com/application/o/manyfold/
|
OIDC_ISSUER: https://auth.thesatelliteoflove.com/application/o/manyfold/
|
||||||
OIDC_NAME: Authentik
|
OIDC_NAME: Authentik
|
||||||
PUBLIC_HOSTNAME: models.thesatelliteoflove.com
|
PUBLIC_HOSTNAME: models.thesatelliteoflove.com
|
||||||
|
MAX_FILE_UPLOAD_SIZE: 5368709120
|
||||||
PUID: 1000
|
PUID: 1000
|
||||||
PGID: 1000
|
PGID: 1000
|
||||||
extra_hosts:
|
extra_hosts:
|
||||||
|
|||||||
24
roles/docker/templates/redlib-compose.yml.j2
Normal file
24
roles/docker/templates/redlib-compose.yml.j2
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
services:
|
||||||
|
redlib:
|
||||||
|
image: quay.io/redlib/redlib:latest
|
||||||
|
restart: always
|
||||||
|
container_name: "redlib"
|
||||||
|
user: nobody
|
||||||
|
read_only: true
|
||||||
|
security_opt:
|
||||||
|
- no-new-privileges:true
|
||||||
|
# - seccomp=seccomp-redlib.json
|
||||||
|
cap_drop:
|
||||||
|
- ALL
|
||||||
|
env_file: .env
|
||||||
|
networks:
|
||||||
|
- redlib
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
|
||||||
|
interval: 5m
|
||||||
|
timeout: 3s
|
||||||
|
|
||||||
|
networks:
|
||||||
|
default:
|
||||||
|
external: true
|
||||||
|
name: lava
|
||||||
Loading…
x
Reference in New Issue
Block a user