##-----core pre-deploy------ #make traefik dirs mkdir -p /docker/traefik/dynamic || true mkdir -p /docker/traefik/letsencrypt ||true #copy traefik connection files cp -r /etc/komodo/repos/mapletree-pve*lxc*/lxc*/traefik/dynamic/* /docker/traefik/dynamic/ #traefik secure acme.json touch /docker/traefik/letsencrypt/acme.json chmod 600 /docker/traefik/letsencrypt/acme.json ##-----guacamole variables------ ##Change these variables TRAEFIK_ENABLED= #TRAEFIK - copy in whichever environment is being worked on # prod(lxc1): mapletree.email # dev(lxc6): dev.mapletree.email # test(lxc7): test.mapletree.email ENV_DOMAIN= #TRAEFIK - set the unque public name (i.e. ssh, manage, etc) SUBDOMAIN= #TRAEFIK - set the hostname with no dashes (i.e. pve1-lxc1 would be set as pve1lxc1) HOSTNAME_NODASH= #TRAEFIK - use "web", "websecure", or "web,websecure" TRAEFIK_ENTRYPOINT= #TRAEFIK - set the correct resolver name (default is myresolver) TRAEFIK_RESOLVER= #TRAEFIK - set the internal port that http/https will redirect to INTERNAL_PORT= #TRAEFIK - most apps are unneeded but if needed add required flag #MIDDLEWARES ##Variables that don't change #traefik DB creds PG_USERNAME=guacamole_user PG_PASSWORD={$--standard_apts--} ##-----keepalived files------ run: /docker/keepalived path: {keepalived static compose link i.e. /etc/komodo/[repo]/[lxc#]/[service]/[container].yml} ##-----keepalived variables------ #Make sure that /docker from the node is mounted in the periphery ##static blocks - doesn't change per slot (VIP) #KEEPALIVED - define which PVE we're deploying this to (i.e. pve1-lxc6 would have 1 here) PVE_NUM= #KEEPALIVED - define which LXC we're deploying this to (i.e. pve1-lxc6 would have 6 here) LXC_NUM= #KEEPALIVED - define the base password it uses to talk to the opposing node. #note: this should be different for each LXC BASE_PASSSWORD= ##dynamic blocks - used in generating the slots (VIPs) #KEEPALIVED - copy the format below (between the #<># marks and change for additional slots # SLOT_DEFINITIONS=SLOT_DEFINITIONS="1,keepalived,,MASTER,150,172.16.201.106,172.16.201.220;,gitea,gitea-postgres,MASTER,150,172.16.201.106,172.16.201.221" ## # #KEEPALIVED - slot - Define the slot number #KEEPALIVED - Name - Define the namne that the service is known as (i.e. komodo) #KEEPALIVED - Dependency - Define the name that the service dependency is deployed as (i.e. komodo-mongo) #KEEPALIVED - State - select MASTER or BACKUP depending on PVE placement (i.e. pve2-lxc1 = MASTER) #KEEPALIVED - Priority - select the priority to match the master/backup (higher number mean more important) #master=150 #backup=100 #KEEPALIVED - Peer - give the opposing LXC peer IP (i.e. if pve2-lx6 connecting to pve1-lx6 the put 172.16.201.106) #KEEPALIVED - define the VIP for this service slot ##-----keepalived pre-deploy----- mkdir /docker/keepalived || true mkdir /docker/keepalived/config || true mkdir /docker/keepalived/checks || true cp -r /etc/komodo/repos/mapletree-pve2lxc6/lxc1/keepalived/* /docker/keepalived/ chmod +x /docker/keepalived/deploy_keepalived.sh chmod +x /docker/keepalived/check_services.sh ##-----keepalived post-deploy----- bash /docker/keepalived/deploy_keepalived.sh ##-----management files------ run:/docker/management path: {gitea static compose link i.e. /etc/komodo/[repo]/[lxc#]/[service]/[container].yml} path: {komodo static compose link i.e. /etc/komodo/[repo]/[lxc#]/[service]/[container].yml} path: {wud static compose link i.e. /etc/komodo/[repo]/[lxc#]/[service]/[container].yml} ##-----management environment------ #Make sure that /docker from the node is mounted in the periphery ##change these entries #change the node numbers REPO_ROOT=/repo/mapletree-pve#lxc# #GITEA - change the FQDN for the root URL GITEA_FQDN= #GITEA - define the service name (used in everything) SERVICE_NAME=gitea #GITEA - define the network names GITEA_INTERNAL_NETWORK_NAME=gitea_internal GITEA_EXTERNAL_NETWORK_NAME=gitea_external ##static entries - leave alone TZ=America/Edmonton #Gitea - DB info GITEA_DB_USERNAME=admin GITEA_DB_PASSWORD=admin #GITEA - app info GITEA_PROTOCOL=HTTPS TRAEFIK_ENTRYPOINT=websecure TRAEFIK_RESOLVER=dns_resolver GITEA_INTERNAL_PORT=3000 #KOMODO CORE - general config KOMODO_DISABLE_CONFIRM_DIALOG=false KOMODO_MONITORING_INTERVAL="5-sec" KOMODO_RESOURCE_POLL_INTERVAL="1-hr" KOMODO_LOCAL_AUTH=true KOMODO_DISABLE_USER_REGISTRATION=false KOMODO_ENABLE_NEW_USERS=false KOMODO_DISABLE_NON_ADMIN_CREATE=false KOMODO_TRANSPARENT_MODE=false KOMODO_LOGGING_PRETTY=false KOMODO_PRETTY_STARTUP_CONFIG=true KOMODO_OIDC_ENABLED=false KOMODO_GITHUB_OAUTH_ENABLED=false KOMODO_GOOGLE_OAUTH_ENABLED=false KOMODO_TITLE=Komodo #KOMODO PERIPHERY - general config PERIPHERY_ROOT_DIRECTORY=/etc/komodo PERIPHERY_PASSKEYS=${KOMODO_PASSKEY} PERIPHERY_DISABLE_TERMINALS=false PERIPHERY_SSL_ENABLED=true PERIPHERY_INCLUDE_DISK_MOUNTS=/etc/hostname PERIPHERY_LOGGING_PRETTY=false PERIPHERY_PRETTY_STARTUP_CONFIG=true ##-----management pre-deploy------ docker network create ${GITEA_INTERNAL_NETWORK_NAME} || true docker network create ${GITEA_EXTERNAL_NETWORK_NAME} || true