From 97c6c4a3c80f8f643ce35ddd24b14f7f05227f6f Mon Sep 17 00:00:00 2001
From: admin <jkilloran@mapletree.email>
Date: Sat, 31 Jan 2026 16:35:39 -0700
Subject: [PATCH] document old stack templates and update komodo vars

---
 lxc1/old_komodo_templates_info.txt | 139 +++++++++++++++++++++++++++++
 lxc1/p2-apps/komodo.yml            |   8 ++
 2 files changed, 147 insertions(+)
 create mode 100644 lxc1/old_komodo_templates_info.txt

diff --git a/lxc1/old_komodo_templates_info.txt b/lxc1/old_komodo_templates_info.txt
new file mode 100644
index 0000000..e826596
--- /dev/null
+++ b/lxc1/old_komodo_templates_info.txt
@@ -0,0 +1,139 @@
+##-----core pre-deploy------
+#make traefik dirs
+mkdir -p /docker/traefik/dynamic || true
+mkdir -p /docker/traefik/letsencrypt ||true
+#copy traefik connection files
+cp -r /etc/komodo/repos/mapletree-pve*lxc*/lxc*/traefik/dynamic/* /docker/traefik/dynamic/
+#traefik secure acme.json
+touch /docker/traefik/letsencrypt/acme.json
+chmod 600 /docker/traefik/letsencrypt/acme.json
+
+##-----guacamole variables------
+##Change these variables
+TRAEFIK_ENABLED=
+#TRAEFIK - copy in whichever environment is being worked on
+# prod(lxc1): mapletree.email
+# dev(lxc6): dev.mapletree.email	
+# test(lxc7): test.mapletree.email
+ENV_DOMAIN=
+#TRAEFIK - set the unque public name (i.e. ssh, manage, etc)
+SUBDOMAIN=
+#TRAEFIK - set the hostname with no dashes (i.e. pve1-lxc1 would be set as pve1lxc1)
+HOSTNAME_NODASH=
+#TRAEFIK - use "web", "websecure", or "web,websecure"
+TRAEFIK_ENTRYPOINT=
+#TRAEFIK - set the correct resolver name (default is myresolver)
+TRAEFIK_RESOLVER=
+#TRAEFIK - set the internal port that http/https will redirect to 
+INTERNAL_PORT=
+#TRAEFIK - most apps are unneeded but if needed add required flag
+#MIDDLEWARES
+
+##Variables that don't change
+#traefik DB creds
+PG_USERNAME=guacamole_user
+PG_PASSWORD={$--standard_apts--}
+
+
+##-----keepalived files------
+run: /docker/keepalived
+path: {keepalived static compose link i.e. /etc/komodo/[repo]/[lxc#]/[service]/[container].yml}
+
+##-----keepalived variables------
+#Make sure that /docker from the node is mounted in the periphery
+
+
+
+##static blocks - doesn't change per slot (VIP)
+#KEEPALIVED - define which PVE we're deploying this to (i.e. pve1-lxc6 would have 1 here)
+PVE_NUM=
+#KEEPALIVED - define which LXC we're deploying this to (i.e. pve1-lxc6 would have 6 here)
+LXC_NUM=
+#KEEPALIVED - define the base password it uses to talk to the opposing node.
+#note: this should be different for each LXC
+BASE_PASSSWORD=
+
+##dynamic blocks - used in generating the slots (VIPs)
+#KEEPALIVED - copy the format below (between the #<># marks and change for additional slots
+#
+SLOT_DEFINITIONS=SLOT_DEFINITIONS="1,keepalived,,MASTER,150,172.16.201.106,172.16.201.220;,gitea,gitea-postgres,MASTER,150,172.16.201.106,172.16.201.221"
+#<slot,Name,Dependency,State,Priority,Peer,VIP>#
+#
+#KEEPALIVED - slot - Define the slot number
+#KEEPALIVED - Name - Define the namne that the service is known as (i.e. komodo)
+#KEEPALIVED - Dependency - Define the name that the service dependency is deployed as (i.e. komodo-mongo)
+#KEEPALIVED - State - select MASTER or BACKUP depending on PVE placement (i.e. pve2-lxc1 = MASTER)
+#KEEPALIVED - Priority - select the priority to match the master/backup (higher number mean more important)
+#master=150 #backup=100
+#KEEPALIVED - Peer - give the opposing LXC peer IP (i.e. if pve2-lx6 connecting to pve1-lx6 the put 172.16.201.106)
+#KEEPALIVED - define the VIP for this service slot
+
+##-----keepalived pre-deploy-----
+mkdir /docker/keepalived || true
+mkdir /docker/keepalived/config || true
+mkdir /docker/keepalived/checks || true
+cp -r  /etc/komodo/repos/mapletree-pve2lxc6/lxc1/keepalived/* /docker/keepalived/
+chmod +x /docker/keepalived/deploy_keepalived.sh
+chmod +x /docker/keepalived/check_services.sh
+
+##-----keepalived post-deploy-----
+bash /docker/keepalived/deploy_keepalived.sh
+
+##-----management files------
+run:/docker/management
+path: {gitea static compose link i.e. /etc/komodo/[repo]/[lxc#]/[service]/[container].yml}
+path: {komodo static compose link i.e. /etc/komodo/[repo]/[lxc#]/[service]/[container].yml}
+path: {wud static compose link i.e. /etc/komodo/[repo]/[lxc#]/[service]/[container].yml}
+
+##-----management environment------
+#Make sure that /docker from the node is mounted in the periphery
+
+##change these entries
+#change the node numbers
+REPO_ROOT=/repo/mapletree-pve#lxc#
+#GITEA - change the FQDN for the root URL
+GITEA_FQDN=
+#GITEA - define the service name (used in everything)
+SERVICE_NAME=gitea
+#GITEA - define the network names
+GITEA_INTERNAL_NETWORK_NAME=gitea_internal
+GITEA_EXTERNAL_NETWORK_NAME=gitea_external
+
+##static entries - leave alone
+TZ=America/Edmonton
+#Gitea - DB info
+GITEA_DB_USERNAME=admin
+GITEA_DB_PASSWORD=admin
+#GITEA - app info
+GITEA_PROTOCOL=HTTPS
+TRAEFIK_ENTRYPOINT=websecure
+TRAEFIK_RESOLVER=dns_resolver
+GITEA_INTERNAL_PORT=3000
+#KOMODO CORE - general config
+KOMODO_DISABLE_CONFIRM_DIALOG=false
+KOMODO_MONITORING_INTERVAL="5-sec"
+KOMODO_RESOURCE_POLL_INTERVAL="1-hr"
+KOMODO_LOCAL_AUTH=true
+KOMODO_DISABLE_USER_REGISTRATION=false
+KOMODO_ENABLE_NEW_USERS=false
+KOMODO_DISABLE_NON_ADMIN_CREATE=false
+KOMODO_TRANSPARENT_MODE=false
+KOMODO_LOGGING_PRETTY=false
+KOMODO_PRETTY_STARTUP_CONFIG=true
+KOMODO_OIDC_ENABLED=false
+KOMODO_GITHUB_OAUTH_ENABLED=false
+KOMODO_GOOGLE_OAUTH_ENABLED=false
+KOMODO_TITLE=Komodo
+#KOMODO PERIPHERY - general config
+PERIPHERY_ROOT_DIRECTORY=/etc/komodo
+PERIPHERY_PASSKEYS=${KOMODO_PASSKEY}
+PERIPHERY_DISABLE_TERMINALS=false
+PERIPHERY_SSL_ENABLED=true
+PERIPHERY_INCLUDE_DISK_MOUNTS=/etc/hostname
+PERIPHERY_LOGGING_PRETTY=false
+PERIPHERY_PRETTY_STARTUP_CONFIG=true
+
+
+##-----management pre-deploy------
+docker network create ${GITEA_INTERNAL_NETWORK_NAME} || true
+docker network create ${GITEA_EXTERNAL_NETWORK_NAME} || true
\ No newline at end of file
diff --git a/lxc1/p2-apps/komodo.yml b/lxc1/p2-apps/komodo.yml
index 0adc733..58344a9 100644
--- a/lxc1/p2-apps/komodo.yml
+++ b/lxc1/p2-apps/komodo.yml
@@ -36,6 +36,14 @@ services:
       - "komodo.skip=true"
       - KOMODO_DATABASE_URI=mongodb://${KOMODO_DB_PRI}:27017,${KOMODO_DB_SEC}:27017/komodo?replicaSet=${KOMODO_DB_REPLICA}
       #- KOMODO_DATABASE_ADDRESS=
+      - "traefik.enable=${KOMODO_TRAEFIK_ENABLED}"
+      # Router
+      - "traefik.http.routers.komodo.rule=Host(`${KOMODO_TRAEFIK_HOSTNAME}.${TRAEFIK_DNS_SUFFIX}`)"
+      - "traefik.http.routers.komodo.entrypoints=${KOMODO_TRAEFIK_ENTRYPOINTS}"
+      - "traefik.http.routers.komodo.tls.certresolver=${KOMODO_TRAEFIK_RESOLVER}"
+      # Service (points to internal port)
+      - "traefik.http.services.komodo.loadbalancer.server.port=${KOMODO_TRAEFIK_PORT}"
+      - "traefik.docker.network=k${KOMODO_EXT_NETWORK}"
     networks:
       - ${KOMODO_INT_NETWORK}
       - ${KOMODO_EXT_NETWORK}