servnest/servnest-containers
1
0
Fork 0
Code Issues Pull requests Activity

fully qualified images + static ips

Browse source
This commit is contained in:
Miraty 2025-01-20 17:24:27 +01:00
parent bebfe9d6fb
commit fbbaf1f31f
11 changed files with 42 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apache.Containerfile
View file

@ -1,4 +1,4 @@
FROM servnest-alpine
FROM a.invalid/servnest/alpine
RUN apk add apache2 apache2-brotli
RUN chown apache: /run/apache2/
USER apache

3
base.yaml
View file

@ -1,6 +1,8 @@
name: servnest
services:
alpine:
pull_policy: build
image: a.invalid/servnest/alpine
build:
args:
SYS: $SYS
@ -18,4 +20,3 @@ services:
service: alpine
build:
args: {}

26
compose.yaml
View file

@ -1,6 +1,7 @@
name: servnest
services:
tor:
image: a.invalid/servnest/tor
extends:
file: base.yaml
service: base
@ -15,7 +16,11 @@ services:
- ./sock/nginx-onion/:/run/nginx-onion/:rw
- ./tmp/tor/:/var/lib/tor/:rw
mem_limit: 128m
networks:
snet:
ipv4_address: 10.5.0.59
sftpgo:
image: a.invalid/servnest/sftpgo
extends:
file: base.yaml
service: base
@ -32,7 +37,11 @@ services:
- ./data/ht/fs/:/srv/servnest/ht/fs/:rw
- ./logs/sftpgo/:/var/log/sftpgo/:rw
mem_limit: 256mb
networks:
snet:
ipv4_address: 10.5.0.58
knot:
image: a.invalid/servnest/knot
extends:
file: base.yaml
service: base
@ -52,6 +61,7 @@ services:
snet:
ipv4_address: 10.5.0.51
knot-secondary:
image: a.invalid/servnest/knot-secondary
extends:
file: base.yaml
service: base
@ -69,6 +79,7 @@ services:
snet:
ipv4_address: 10.5.0.52
apache:
image: a.invalid/servnest/apache
extends:
file: base.yaml
service: base
@ -80,7 +91,11 @@ services:
- ./data/ht/:/srv/servnest/ht/:ro
- ./logs/apache/:/var/log/apache2/:rw
- ./tmp/apache/:/run/apache2/:rw
networks:
snet:
ipv4_address: 10.5.0.57
php:
image: a.invalid/servnest/php
extends:
file: base.yaml
service: base
@ -126,7 +141,11 @@ services:
- SETUID
- SETGID
- CHOWN
networks:
snet:
ipv4_address: 10.5.0.54
cronie:
image: a.invalid/servnest/cronie
extends:
service: php
build:
@ -135,7 +154,11 @@ services:
- ./conf/cronie:/etc/cron.d/servnest:ro
- ./logs/cronie/:/var/log/cronie/:rw
- ./tmp/cronie/:/var/run/:rw
networks:
snet:
ipv4_address: 10.5.0.55
nginx:
image: a.invalid/servnest/nginx
extends:
file: base.yaml
service: base
@ -157,6 +180,9 @@ services:
- ./tmp/nginx/:/var/lib/nginx/tmp/:rw
- ./tmp/nginx-run/:/run/nginx/:rw
- ./tmp/acme/:/srv/servnest/acme/:ro
networks:
snet:
ipv4_address: 10.5.0.56
networks:
snet:
driver: bridge

6
conf/knot-secondary.conf
View file

@ -2,8 +2,8 @@ server:
version: ""
nsid: ""
rundir: "/run/knot"
listen: [ "::@53", "0.0.0.0@53", "/run/knot/dns.sock" ]
listen-quic: [ "::@853", "0.0.0.0@853" ]
listen: [ "::@42053", "0.0.0.0@42053" ] #, "/run/knot/dns.sock" ]
listen-quic: [ "::@42853", "0.0.0.0@42853" ]
automatic-acl: "on"
log:
@ -17,7 +17,7 @@ database:
remote:
- id: "primary"
address: [ "10.5.0.51@853" ]
address: [ "10.5.0.51@42853" ]
quic: on
cert-key: "0000000000000000000000000000000000000000000=" # will be replaced by setup-xoq.sh

6
conf/knot.conf
View file

@ -2,8 +2,8 @@ server:
version: ""
nsid: ""
rundir: "/run/knot"
listen: [ "::@53", "0.0.0.0@53", "/run/knot/dns.sock" ]
listen-quic: [ "::@853", "0.0.0.0@853" ]
listen: [ "::@42053", "0.0.0.0@42053" ] #, "/run/knot/dns.sock" ]
listen-quic: [ "::@42853", "0.0.0.0@42853" ]
automatic-acl: "on"
log:
@ -26,7 +26,7 @@ policy:
remote:
- id: "secondary"
address: [ "10.5.0.52@853" ]
address: [ "10.5.0.52@42853" ]
quic: on
cert-key: "1111111111111111111111111111111111111111111=" # will be replaced by setup-xoq.sh

2
cronie.Containerfile
View file

@ -1,4 +1,4 @@
FROM servnest-php
FROM a.invalid/servnest/php
USER root
RUN apk add cronie moreutils
CMD ["crond", "-n", "-s"]

2
knot.Containerfile
View file

@ -1,4 +1,4 @@
FROM servnest-alpine
FROM a.invalid/servnest/alpine
RUN apk add knot knot-utils
USER knot
CMD ["knotd", "--confdb", "/var/lib/knot/confdb/"]

2
nginx.Containerfile
View file

@ -1,4 +1,4 @@
FROM servnest-alpine
FROM a.invalid/servnest/alpine
RUN apk add nginx nginx-mod-http-headers-more openssl
RUN openssl req -quiet -subj '/' -new -newkey RSA:3072 -days 3650 -nodes -x509 -keyout /etc/ssl/private/servnest.key -out /etc/ssl/certs/servnest.crt \
&& openssl req -quiet -subj '/CN=servnest.test' -new -newkey RSA:3072 -days 3650 -nodes -x509 -keyout /etc/ssl/private/servnest.test.key -out /etc/ssl/certs/servnest.test.crt \

2
php.Containerfile
View file

@ -1,4 +1,4 @@
FROM servnest-alpine
FROM a.invalid/servnest/alpine
RUN apk add \
php83 \
php83-fpm \

4
sftpgo.Containerfile
View file

@ -1,4 +1,4 @@
FROM servnest-alpine AS builder
FROM a.invalid/servnest/alpine AS builder
RUN apk add go
ARG SFTPGO
ADD $SFTPGO /
@ -8,7 +8,7 @@ RUN cp -r openapi ./internal/bundle/openapi && \
cp -r static ./internal/bundle/static
RUN go build -tags nogcs,nos3,noazblob,nobolt,nomysql,nopgsql,nosqlite,noportable,nometrics,bundle -o /usr/local/bin/sftpgo && strip /usr/local/bin/sftpgo
FROM servnest-alpine
FROM a.invalid/servnest/alpine
RUN apk add openssh-keygen bash
RUN mkdir /etc/sftpgo/ && ssh-keygen -f /etc/sftpgo/ed25519 -t ed25519 -N "" -C ""
RUN touch /etc/sftpgo/banner.txt

2
tor.Containerfile
View file

@ -1,3 +1,3 @@
FROM servnest-alpine
FROM a.invalid/servnest/alpine
RUN apk add tor
CMD ["tor", "--hush"]