From f612739c2f2d4c5d54e9285954f396384f4fb571 Mon Sep 17 00:00:00 2001 From: giomba Date: Mon, 11 Jan 2021 20:54:20 +0100 Subject: [PATCH 01/44] matrix server draft --- matrix/docker-compose.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 matrix/docker-compose.yml diff --git a/matrix/docker-compose.yml b/matrix/docker-compose.yml new file mode 100644 index 0000000..36267f3 --- /dev/null +++ b/matrix/docker-compose.yml @@ -0,0 +1,23 @@ +version: "3.3" +services: + synapse: + image: matrixdotorg/synapse:latest + restart: unless-stopped + ports: + - "7020:8008" + volumes: + - /srv/matrix/synapse:/data + depends_on: + - db + db: + image: postgres:latest + restart: unless-stopped + volumes: + - /srv/matrix/postgres:/var/lib/postgresql/data + ports: + - "5432:5432" + environment: + - POSTGRES_USER=synapse + - POSTGRES_PASSWORD=wnHhJo1QQLWoouaVLYwTRCC8HjZep2vx3yZkbxmDvI + + From 7605eac7d0ba9a44d66d156aa95954d4539c4ff3 Mon Sep 17 00:00:00 2001 From: giomba Date: Mon, 11 Jan 2021 21:01:31 +0100 Subject: [PATCH 02/44] matrix README create user --- matrix/README.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 matrix/README.md diff --git a/matrix/README.md b/matrix/README.md new file mode 100644 index 0000000..9f8bb5e --- /dev/null +++ b/matrix/README.md @@ -0,0 +1,6 @@ +# Matrix + +## Create new user +```$ docker exec -it matrix_synapse_1 register_new_matrix_user http://localhost:8008/ -c /data/homeserver.yaml --user giomba --password p455w0rd --admin``` + +Obviously ```--admin``` creates an admin user. From 92ac04b0bc89e7efeaec66c8097a4e8a357555a9 Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 30 Jan 2021 18:01:38 +0100 Subject: [PATCH 03/44] thttpd docker container with embedde sftp --- pubblici/docker-compose.yml | 1 + thttpd/Dockerfile | 12 +++- thttpd/entrypoint.sh | 5 ++ thttpd/sshd_config | 118 ++++++++++++++++++++++++++++++++++++ 4 files changed, 135 insertions(+), 1 deletion(-) create mode 100755 thttpd/entrypoint.sh create mode 100644 thttpd/sshd_config diff --git a/pubblici/docker-compose.yml b/pubblici/docker-compose.yml index eb3aae8..89d1dfb 100644 --- a/pubblici/docker-compose.yml +++ b/pubblici/docker-compose.yml @@ -5,6 +5,7 @@ services: restart: unless-stopped ports: - "7003:80" + - "7005:22" volumes: - /srv/pubblici:/html diff --git a/thttpd/Dockerfile b/thttpd/Dockerfile index 8aa81cf..08b6133 100644 --- a/thttpd/Dockerfile +++ b/thttpd/Dockerfile @@ -1,6 +1,16 @@ FROM alpine:latest +COPY entrypoint.sh /entrypoint.sh +COPY sshd_config /etc/ssh/ + RUN apk add thttpd -ENTRYPOINT ["thttpd", "-D", "-d", "/html"] +RUN apk add openssh-server +RUN apk add openssh-sftp-server +RUN rm -rf /etc/ssh/ssh_host_*_key +RUN ssh-keygen -A + +RUN echo "root:G/4YVyjqFxVud2It1HSJ2Z3Zobc0/JvnpHBSEmaY2e4" | chpasswd + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/thttpd/entrypoint.sh b/thttpd/entrypoint.sh new file mode 100755 index 0000000..e5dc31b --- /dev/null +++ b/thttpd/entrypoint.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +/usr/sbin/sshd -f /etc/ssh/sshd_config +thttpd -D -d /html + diff --git a/thttpd/sshd_config b/thttpd/sshd_config new file mode 100644 index 0000000..95bb2c6 --- /dev/null +++ b/thttpd/sshd_config @@ -0,0 +1,118 @@ +# $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_dsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +#AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +# UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +#X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +#PrintMotd no +#PrintLastLog yes +#TCPKeepAlive yes +#UseLogin no +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# override default of no subsystems +Subsystem sftp /usr/lib/ssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server From b65c758745f62e69560d5b8a6b73fe11d3599aea Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 6 Mar 2021 16:16:01 +0100 Subject: [PATCH 04/44] vpnunit docker-compose for deployment --- vpnunit/docker-compose.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 vpnunit/docker-compose.yml diff --git a/vpnunit/docker-compose.yml b/vpnunit/docker-compose.yml new file mode 100644 index 0000000..e8c039e --- /dev/null +++ b/vpnunit/docker-compose.yml @@ -0,0 +1,10 @@ +version: "3.3" +services: + vpnunit: + image: hub.docker.golem.linux.it/vpnunit:latest + restart: unless-stopped + volumes: + - /srv/vpnunit:/data + ports: + - "7030:5000" + From d1cc56fdfbc05a115f79fcc1ec2d9b89d80b0df9 Mon Sep 17 00:00:00 2001 From: giomba Date: Mon, 8 Mar 2021 14:50:24 +0100 Subject: [PATCH 05/44] added docker-compose for bind (dns server) --- bind/docker-compose.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 bind/docker-compose.yml diff --git a/bind/docker-compose.yml b/bind/docker-compose.yml new file mode 100644 index 0000000..d05d854 --- /dev/null +++ b/bind/docker-compose.yml @@ -0,0 +1,10 @@ +version: "3.3" +services: + bind: + image: hub.docker.golem.linux.it/bind:latest + restart: unless-stopped + ports: + - "54:53/udp" + - "54:53/tcp" + volumes: + - /srv/bind/etc:/etc/bind From bc53fc18c98d82219966e74eb0bb4a2c2f5f0fea Mon Sep 17 00:00:00 2001 From: giomba Date: Mon, 8 Mar 2021 14:52:52 +0100 Subject: [PATCH 06/44] fixed bind DNS port --- bind/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bind/docker-compose.yml b/bind/docker-compose.yml index d05d854..bb33a33 100644 --- a/bind/docker-compose.yml +++ b/bind/docker-compose.yml @@ -4,7 +4,7 @@ services: image: hub.docker.golem.linux.it/bind:latest restart: unless-stopped ports: - - "54:53/udp" - - "54:53/tcp" + - "53:53/udp" + - "53:53/tcp" volumes: - /srv/bind/etc:/etc/bind From 08435e46a385011e57b584d36758a6cf514d3cd9 Mon Sep 17 00:00:00 2001 From: giomba Date: Tue, 23 Mar 2021 13:56:37 +0100 Subject: [PATCH 07/44] copied configuration from vupiuesse a temporary configuration had to be done on vupiuesse in order to cope with the consequences of Strasbourg incident, and now they have to be integrated --- nextcloud/docker-compose.yml | 4 ++-- wiki/docker-compose.yml | 24 ++++++++++++++++++++++++ wordpress/docker-compose.yml | 27 +++++++++++++++++++++++++++ 3 files changed, 53 insertions(+), 2 deletions(-) create mode 100644 wiki/docker-compose.yml create mode 100644 wordpress/docker-compose.yml diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 865bd36..87bddeb 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -1,9 +1,9 @@ version: "2" services: nextcloud: - image: nextcloud:17.0.10 + image: nextcloud:21 ports: - - 8000:80 + - "7080:80" depends_on: - db volumes: diff --git a/wiki/docker-compose.yml b/wiki/docker-compose.yml new file mode 100644 index 0000000..2364290 --- /dev/null +++ b/wiki/docker-compose.yml @@ -0,0 +1,24 @@ +version: "3.3" +services: + wiki: + image: mediawiki:1.31 + restart: unless-stopped + volumes: + - /srv/wiki/images:/var/www/html/images + - /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php + ports: + - "7050:80" + depends_on: + - db + db: + image: mariadb + restart: unless-stopped + volumes: + - /srv/wiki/db:/var/lib/mysql + environment: + MYSQL_DATABASE: golem_wiki + MYSQL_USER: golem + MYSQL_PASSWORD: Pl4uUBs0LofHNxwXJpTkEg + MYSQL_RANDOM_ROOT_PASSWORD: 'yes' + + diff --git a/wordpress/docker-compose.yml b/wordpress/docker-compose.yml new file mode 100644 index 0000000..c0e8e2b --- /dev/null +++ b/wordpress/docker-compose.yml @@ -0,0 +1,27 @@ +version: "3.3" +services: + wordpress: + depends_on: + - db + image: wordpress:5.7 + restart: unless-stopped + environment: + WORDPRESS_DB_HOST: db + WORDPRESS_DB_USER: root + WORDPRESS_DB_PASSWORD: apVSHnTUrfDIdE5YcFvng + WORDPRESS_DB_NAME: golem_wordpress + ports: + - "7070:80" + volumes: + - "/srv/wordpress/app:/var/www/html" + # - "/srv/sito:/var/www/html/sito" + db: + image: mariadb:latest + restart: unless-stopped + environment: + MYSQL_ROOT_PASSWORD: apVSHnTUrfDIdE5YcFvng + volumes: + - "/srv/wordpress/db:/var/lib/mysql" + - "/tmp/golem_wordpress_dump.sql:/docker-entrypoint-initdb.d/dump.sql" + + From ba40889aceb6e68456f689d4e82433587d3681e2 Mon Sep 17 00:00:00 2001 From: giomba Date: Tue, 23 Mar 2021 23:36:03 +0100 Subject: [PATCH 08/44] bind to 127.0.0.1 only --- gitea/docker-compose.yml | 4 ++-- nextcloud/docker-compose.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 820b4be..a12f156 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -8,8 +8,8 @@ services: volumes: - /srv/gitea/app:/data ports: - - "3000:3000" - - "3022:22" + - "127.0.0.1:3000:3000" + - "22:22" db: image: mysql:8 restart: unless-stopped diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 87bddeb..7699d06 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -3,7 +3,7 @@ services: nextcloud: image: nextcloud:21 ports: - - "7080:80" + - "127.0.0.1:7080:80" depends_on: - db volumes: From 24f312caefc2f53a239e54c81bd0d34cfe81160a Mon Sep 17 00:00:00 2001 From: giomba Date: Wed, 24 Mar 2021 09:34:40 +0100 Subject: [PATCH 09/44] bind wordpress to 127.0.0.1 only --- wordpress/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wordpress/docker-compose.yml b/wordpress/docker-compose.yml index c0e8e2b..bd0d7d7 100644 --- a/wordpress/docker-compose.yml +++ b/wordpress/docker-compose.yml @@ -11,7 +11,7 @@ services: WORDPRESS_DB_PASSWORD: apVSHnTUrfDIdE5YcFvng WORDPRESS_DB_NAME: golem_wordpress ports: - - "7070:80" + - "127.0.0.1:7070:80" volumes: - "/srv/wordpress/app:/var/www/html" # - "/srv/sito:/var/www/html/sito" @@ -22,6 +22,6 @@ services: MYSQL_ROOT_PASSWORD: apVSHnTUrfDIdE5YcFvng volumes: - "/srv/wordpress/db:/var/lib/mysql" - - "/tmp/golem_wordpress_dump.sql:/docker-entrypoint-initdb.d/dump.sql" + # - "/tmp/golem_wordpress_dump.sql:/docker-entrypoint-initdb.d/dump.sql" From cef07b17b4350ceae3de8413d4ea0d55fe55c8c3 Mon Sep 17 00:00:00 2001 From: giomba Date: Fri, 26 Mar 2021 10:34:13 +0100 Subject: [PATCH 10/44] added .htaccess for mediawiki --- wiki/docker-compose.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/wiki/docker-compose.yml b/wiki/docker-compose.yml index 2364290..e56382d 100644 --- a/wiki/docker-compose.yml +++ b/wiki/docker-compose.yml @@ -6,8 +6,9 @@ services: volumes: - /srv/wiki/images:/var/www/html/images - /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php + - /srv/wiki/.htaccess:/var/www/html/.htaccess ports: - - "7050:80" + - "127.0.0.1:7050:80" depends_on: - db db: From 3d4d34fd79448ee004c6c25cfc3234c30dd50503 Mon Sep 17 00:00:00 2001 From: giomba Date: Mon, 12 Apr 2021 10:05:33 +0200 Subject: [PATCH 11/44] [wiki] use golem custom image --- wiki/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wiki/docker-compose.yml b/wiki/docker-compose.yml index e56382d..3c700ab 100644 --- a/wiki/docker-compose.yml +++ b/wiki/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.3" services: wiki: - image: mediawiki:1.31 + image: hub.docker.golem.linux.it/mediawiki:1.31 restart: unless-stopped volumes: - /srv/wiki/images:/var/www/html/images From 91c52e6302ba0bc14e13292c62fdaaca753b9372 Mon Sep 17 00:00:00 2001 From: giomba Date: Sun, 9 May 2021 20:44:03 +0200 Subject: [PATCH 12/44] added volume for custom theme for mediawiki --- wiki/docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/wiki/docker-compose.yml b/wiki/docker-compose.yml index 3c700ab..5c7965b 100644 --- a/wiki/docker-compose.yml +++ b/wiki/docker-compose.yml @@ -7,6 +7,7 @@ services: - /srv/wiki/images:/var/www/html/images - /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php - /srv/wiki/.htaccess:/var/www/html/.htaccess + - /srv/wiki/VectorGOLEM:/var/www/html/skins/VectorGOLEM ports: - "127.0.0.1:7050:80" depends_on: From 2045c9d3f8b5ca5ced23dd5272e88b163b4354b7 Mon Sep 17 00:00:00 2001 From: giomba Date: Thu, 26 Aug 2021 21:03:29 +0200 Subject: [PATCH 13/44] usa l'immagine custom per wordpress --- wordpress/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wordpress/docker-compose.yml b/wordpress/docker-compose.yml index bd0d7d7..09bcf09 100644 --- a/wordpress/docker-compose.yml +++ b/wordpress/docker-compose.yml @@ -3,7 +3,7 @@ services: wordpress: depends_on: - db - image: wordpress:5.7 + image: hub.docker.golem.linux.it/wordpress:5.7 restart: unless-stopped environment: WORDPRESS_DB_HOST: db From 7c6e9a863a366dc1e30ac07c3dbf1d0acd0c5af9 Mon Sep 17 00:00:00 2001 From: giuliof Date: Thu, 26 Aug 2021 21:14:28 +0200 Subject: [PATCH 14/44] added cgi-python docker-compose --- cgi-python/docker-compose.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 cgi-python/docker-compose.yml diff --git a/cgi-python/docker-compose.yml b/cgi-python/docker-compose.yml new file mode 100644 index 0000000..f2d1a6c --- /dev/null +++ b/cgi-python/docker-compose.yml @@ -0,0 +1,10 @@ +version: "3.3" +services: + pubblici: + image: hub.docker.golem.linux.it/cgi-python:latest + restart: unless-stopped + ports: + - "80:80" + volumes: + - /srv/cgi-python:/srv/cfg + From 094cfeea41787b7ddbfac5f2f76b692e36010dee Mon Sep 17 00:00:00 2001 From: giuliof Date: Thu, 26 Aug 2021 21:16:38 +0200 Subject: [PATCH 15/44] changed cgi-python port to 7006 --- cgi-python/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cgi-python/docker-compose.yml b/cgi-python/docker-compose.yml index f2d1a6c..931c9f9 100644 --- a/cgi-python/docker-compose.yml +++ b/cgi-python/docker-compose.yml @@ -4,7 +4,7 @@ services: image: hub.docker.golem.linux.it/cgi-python:latest restart: unless-stopped ports: - - "80:80" + - "7006:80" volumes: - /srv/cgi-python:/srv/cfg From 1135b5870555824433efe5376ce577e597793fe3 Mon Sep 17 00:00:00 2001 From: giuliof Date: Thu, 30 Dec 2021 23:49:49 +0100 Subject: [PATCH 16/44] Aggiunto docker compose per websdr basato su openwebrx --- websdr/docker-compose.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 websdr/docker-compose.yml diff --git a/websdr/docker-compose.yml b/websdr/docker-compose.yml new file mode 100644 index 0000000..e813e67 --- /dev/null +++ b/websdr/docker-compose.yml @@ -0,0 +1,15 @@ +version: "3.3" +services: + websdr: + image: jketterl/openwebrx:stable + restart: unless-stopped + volumes: + - /srv/websdr/etc:/etc/openwebrx + - /srv/websdr/var:/var/lib/openwebrx + ports: + - "127.0.0.1:8074:8074" + - "8073:8073" + devices: + - "/dev/bus/usb:/dev/bus/usb" + + From 0922dd4992e5acaa87a7de2bf806fa815c964a60 Mon Sep 17 00:00:00 2001 From: giomba Date: Fri, 14 Jan 2022 22:24:10 +0100 Subject: [PATCH 17/44] wiki: upgrade to 1.35 fix https://git.golem.linux.it/golem/morgan/issues/8 --- wiki/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wiki/docker-compose.yml b/wiki/docker-compose.yml index 5c7965b..b694505 100644 --- a/wiki/docker-compose.yml +++ b/wiki/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.3" services: wiki: - image: hub.docker.golem.linux.it/mediawiki:1.31 + image: mediawiki:1.35 restart: unless-stopped volumes: - /srv/wiki/images:/var/www/html/images From 7ebe4aa4b94598c2ef458b03e8efea08823dc86c Mon Sep 17 00:00:00 2001 From: giomba Date: Sun, 16 Jan 2022 13:57:55 +0100 Subject: [PATCH 18/44] nextcloud: upgrade 21.0.0 -> 22.2.3 --- nextcloud/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 7699d06..84590f8 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -1,7 +1,7 @@ version: "2" services: nextcloud: - image: nextcloud:21 + image: nextcloud:22.2.3 ports: - "127.0.0.1:7080:80" depends_on: @@ -10,7 +10,7 @@ services: - /srv/nextcloud/app:/var/www/html restart: unless-stopped db: - image: mariadb + image: mariadb:10.5.13 restart: unless-stopped volumes: - /srv/nextcloud/db:/var/lib/mysql From 3aaaaa66064c5db5133f12513a4c097d44ad4755 Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 18 Jun 2022 09:48:42 +0200 Subject: [PATCH 19/44] drone CI: first commit. --- drone/docker-compose.yml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 drone/docker-compose.yml diff --git a/drone/docker-compose.yml b/drone/docker-compose.yml new file mode 100644 index 0000000..19c5cf9 --- /dev/null +++ b/drone/docker-compose.yml @@ -0,0 +1,34 @@ +version: "3.3" +services: + drone: + image: drone/drone:2 + restart: unless-stopped + depends_on: + - drunner + volumes: + - /srv/drone/app:/data + ports: + - "80:80" + - "443:443" + environment: + - DRONE_GITEA_SERVER=https://git.golem.linux.it/ + - DRONE_GITEA_CLIENT_ID=6db2ee17-56ac-45d2-8609-1bb9edf20733 + - DRONE_GITEA_CLIENT_SECRET=OQtZg0SQF4pC0j7dT2wGkzwcEVVSLQLLrImkjxsIlZsp + - DRONE_RPC_SECRET=375881da893a025bc461d71c73014cfa + - DRONE_SERVER_HOST=ci.golem.linux.it + - DRONE_SERVER_PROTO=https + drunner: + image: drone/drone-runner-docker:1 + restart: unless-stopped + volumes: + - /var/run/docker.sock:/var/run/docker.sock + ports: + - "3000:3000" + environment: + - DRONE_RPC_PROTO=http + - DRONE_RPC_HOST=drone + - DRONE_RPC_SECRET=375881da893a025bc461d71c73014cfa + - DRONE_RUNNER_NAME=drone-drunner + + + From dcdbb3c6049f169ba06d4aa662f198030ccbfb24 Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 18 Jun 2022 10:17:07 +0200 Subject: [PATCH 20/44] drone: move TCP ports in safe range. --- drone/docker-compose.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drone/docker-compose.yml b/drone/docker-compose.yml index 19c5cf9..6e3c83d 100644 --- a/drone/docker-compose.yml +++ b/drone/docker-compose.yml @@ -8,8 +8,8 @@ services: volumes: - /srv/drone/app:/data ports: - - "80:80" - - "443:443" + - "7040:80" + - "7041:443" environment: - DRONE_GITEA_SERVER=https://git.golem.linux.it/ - DRONE_GITEA_CLIENT_ID=6db2ee17-56ac-45d2-8609-1bb9edf20733 @@ -23,7 +23,7 @@ services: volumes: - /var/run/docker.sock:/var/run/docker.sock ports: - - "3000:3000" + - "7042:3000" environment: - DRONE_RPC_PROTO=http - DRONE_RPC_HOST=drone From fde8253b8649337eb94a41e2bc5146bbbd87bbdb Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 18 Jun 2022 10:41:06 +0200 Subject: [PATCH 21/44] Remove thttpd build image, move to dedicated repository. --- thttpd/Dockerfile | 16 ------ thttpd/entrypoint.sh | 5 -- thttpd/sshd_config | 118 ------------------------------------------- 3 files changed, 139 deletions(-) delete mode 100644 thttpd/Dockerfile delete mode 100755 thttpd/entrypoint.sh delete mode 100644 thttpd/sshd_config diff --git a/thttpd/Dockerfile b/thttpd/Dockerfile deleted file mode 100644 index 08b6133..0000000 --- a/thttpd/Dockerfile +++ /dev/null @@ -1,16 +0,0 @@ -FROM alpine:latest - -COPY entrypoint.sh /entrypoint.sh -COPY sshd_config /etc/ssh/ - -RUN apk add thttpd - -RUN apk add openssh-server -RUN apk add openssh-sftp-server -RUN rm -rf /etc/ssh/ssh_host_*_key -RUN ssh-keygen -A - -RUN echo "root:G/4YVyjqFxVud2It1HSJ2Z3Zobc0/JvnpHBSEmaY2e4" | chpasswd - -ENTRYPOINT ["/entrypoint.sh"] - diff --git a/thttpd/entrypoint.sh b/thttpd/entrypoint.sh deleted file mode 100755 index e5dc31b..0000000 --- a/thttpd/entrypoint.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -/usr/sbin/sshd -f /etc/ssh/sshd_config -thttpd -D -d /html - diff --git a/thttpd/sshd_config b/thttpd/sshd_config deleted file mode 100644 index 95bb2c6..0000000 --- a/thttpd/sshd_config +++ /dev/null @@ -1,118 +0,0 @@ -# $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options override the -# default value. - -#Port 22 -#AddressFamily any -#ListenAddress 0.0.0.0 -#ListenAddress :: - -#HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_dsa_key -#HostKey /etc/ssh/ssh_host_ecdsa_key -#HostKey /etc/ssh/ssh_host_ed25519_key - -# Ciphers and keying -#RekeyLimit default none - -# Logging -#SyslogFacility AUTH -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -PermitRootLogin yes -#StrictModes yes -#MaxAuthTries 6 -#MaxSessions 10 - -#PubkeyAuthentication yes - -# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 -# but this is overridden so installations will only check .ssh/authorized_keys -#AuthorizedKeysFile .ssh/authorized_keys - -#AuthorizedPrincipalsFile none - -#AuthorizedKeysCommand none -#AuthorizedKeysCommandUser nobody - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -#PasswordAuthentication yes -#PermitEmptyPasswords no - -# Change to no to disable s/key passwords -#ChallengeResponseAuthentication no - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass -# the setting of "PermitRootLogin without-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. -# UsePAM yes - -#AllowAgentForwarding yes -#AllowTcpForwarding yes -#GatewayPorts no -#X11Forwarding yes -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PermitTTY yes -#PrintMotd no -#PrintLastLog yes -#TCPKeepAlive yes -#UseLogin no -#PermitUserEnvironment no -#Compression delayed -#ClientAliveInterval 0 -#ClientAliveCountMax 3 -#UseDNS no -#PidFile /run/sshd.pid -#MaxStartups 10:30:100 -#PermitTunnel no -#ChrootDirectory none -#VersionAddendum none - -# no default banner path -#Banner none - -# override default of no subsystems -Subsystem sftp /usr/lib/ssh/sftp-server - -# Example of overriding settings on a per-user basis -#Match User anoncvs -# X11Forwarding no -# AllowTcpForwarding no -# PermitTTY no -# ForceCommand cvs server From 7418cf448baaa9f4075eaf8388fe72922190c044 Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 18 Jun 2022 11:31:01 +0200 Subject: [PATCH 22/44] pubblici: usage of new thttpd image, version 2. --- pubblici/docker-compose.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pubblici/docker-compose.yml b/pubblici/docker-compose.yml index 89d1dfb..ae3d147 100644 --- a/pubblici/docker-compose.yml +++ b/pubblici/docker-compose.yml @@ -1,11 +1,15 @@ version: "3.3" services: pubblici: - image: hub.docker.golem.linux.it/thttpd:latest + image: hub.docker.golem.linux.it/thttpd:2 restart: unless-stopped ports: - "7003:80" - "7005:22" volumes: - /srv/pubblici:/html + environment: + THTTPD_SSH_USER: root + THTTPD_SSH_PASSWORD: d42e230954db2929fbe7997de341c874 + From d994f44be0c9ffd6f007e7007f611bea2a167707 Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 18 Jun 2022 13:34:40 +0200 Subject: [PATCH 23/44] build: CI artifacts archive. --- build/docker-compose.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 build/docker-compose.yml diff --git a/build/docker-compose.yml b/build/docker-compose.yml new file mode 100644 index 0000000..42c22c2 --- /dev/null +++ b/build/docker-compose.yml @@ -0,0 +1,15 @@ +version: "3.3" +services: + pubblici: + image: hub.docker.golem.linux.it/thttpd:2 + restart: unless-stopped + ports: + - "7060:80" + - "7061:22" + volumes: + - /srv/build:/html + environment: + THTTPD_SSH_USER: root + THTTPD_SSH_PASSWORD: 9ec5c8ca6e12357e7fb7e0aff0aed46e + + From 42053eba9dcfa41f83bf2daac84b076394ff5fb8 Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 18 Jun 2022 13:35:46 +0200 Subject: [PATCH 24/44] build: rename pubblici -> build. --- build/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/docker-compose.yml b/build/docker-compose.yml index 42c22c2..660952f 100644 --- a/build/docker-compose.yml +++ b/build/docker-compose.yml @@ -1,6 +1,6 @@ version: "3.3" services: - pubblici: + build: image: hub.docker.golem.linux.it/thttpd:2 restart: unless-stopped ports: From f03fb33c1b83f7e27698d029d41b38cae91de25c Mon Sep 17 00:00:00 2001 From: giomba Date: Fri, 11 Nov 2022 21:58:18 +0100 Subject: [PATCH 25/44] Add README.md about credentials. --- README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..9d7aa17 --- /dev/null +++ b/README.md @@ -0,0 +1,13 @@ +# Authentication + +In order to use the real credentials, you should: + +- install [direnv](https://direnv.net/) and get it running +- get the official `.envrc`, which is versioned +- put it in a safe place +- `ln -s /safe/place .evnrc` + +In order to be granted access to the real credentials, you must: +- hardly beg the sysadmin for permission +- or, alternatively, gift him with a beer or a retrocomputer + From 273a5c6e60cb45d2b50a3c20a09a3712cc8599ec Mon Sep 17 00:00:00 2001 From: giomba Date: Fri, 11 Nov 2022 21:58:32 +0100 Subject: [PATCH 26/44] Decouple docker-compose and container credentials for pubblici. --- pubblici/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pubblici/docker-compose.yml b/pubblici/docker-compose.yml index ae3d147..5478456 100644 --- a/pubblici/docker-compose.yml +++ b/pubblici/docker-compose.yml @@ -9,7 +9,7 @@ services: volumes: - /srv/pubblici:/html environment: - THTTPD_SSH_USER: root - THTTPD_SSH_PASSWORD: d42e230954db2929fbe7997de341c874 + THTTPD_SSH_USER: ${PUBBLICI_SSH_USER} + THTTPD_SSH_PASSWORD: ${PUBBLICI_SSH_PASSWORD} From a3ae4ee22f32e71cf5fb1cbe77bba4e796deefac Mon Sep 17 00:00:00 2001 From: giomba Date: Fri, 11 Nov 2022 21:58:32 +0100 Subject: [PATCH 27/44] Decouple docker-compose and container credentials for build. --- build/docker-compose.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/build/docker-compose.yml b/build/docker-compose.yml index 660952f..47dce40 100644 --- a/build/docker-compose.yml +++ b/build/docker-compose.yml @@ -9,7 +9,6 @@ services: volumes: - /srv/build:/html environment: - THTTPD_SSH_USER: root - THTTPD_SSH_PASSWORD: 9ec5c8ca6e12357e7fb7e0aff0aed46e - + THTTPD_SSH_USER: ${BUILD_SSH_USER} + THTTPD_SSH_PASSWORD: ${BUILD_SSH_PASSWORD} From d220a1152dbe1d203ec02edb0a7aa8476776842b Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 12 Nov 2022 22:35:53 +0100 Subject: [PATCH 28/44] Decouple docker-compose and container credentials for gitea. --- gitea/docker-compose.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index a12f156..f3f999d 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -18,6 +18,5 @@ services: volumes: - /srv/gitea/database:/var/lib/mysql environment: - - MYSQL_ROOT_PASSWORD=EiwlA2BWTdcKRdDuHxVPGw - + - MYSQL_ROOT_PASSWORD=${GITEA_MYSQL_ROOT_PASSWORD} From a95082822b94dbf985917dc1ffb47f3ad94acda8 Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 12 Nov 2022 22:43:46 +0100 Subject: [PATCH 29/44] Decouple docker-compose and container credentials for gestionaledb. --- gestionaledb/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gestionaledb/docker-compose.yml b/gestionaledb/docker-compose.yml index 83b9755..3e9f05c 100644 --- a/gestionaledb/docker-compose.yml +++ b/gestionaledb/docker-compose.yml @@ -4,7 +4,7 @@ services: image: mariadb:10.5.8 restart: unless-stopped environment: - MYSQL_ROOT_PASSWORD: hpArhr9OtQT9ObPmHeuYQQEoGbQukKIcUlhLaYjYJBA + MYSQL_ROOT_PASSWORD: ${GESTIONALEDB_MYSQL_ROOT_PASSWORD} ports: - "7004:3306" volumes: From 9328ce34feea1d6b74758f21c12947947639ae92 Mon Sep 17 00:00:00 2001 From: giomba Date: Sun, 13 Nov 2022 11:44:18 +0100 Subject: [PATCH 30/44] Decouple docker-compose and container credentials for nextcloud. --- nextcloud/docker-compose.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 84590f8..011657e 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -15,8 +15,8 @@ services: volumes: - /srv/nextcloud/db:/var/lib/mysql environment: - - MYSQL_ROOT_PASSWORD=R78Tnmynd5MtdI5Nz03qw - - MYSQL_PASSWORD=R78Tnmynd5MtdI5Nz03qw - - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud + - MYSQL_ROOT_PASSWORD=${NEXTCLOUD_MYSQL_ROOT_PASSWORD} + - MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD} + - MYSQL_DATABASE=${NEXTCLOUD_MYSQL_DATABASE} + - MYSQL_USER=${NEXTCLOUD_MYSQL_USER} From 435bc456672dc593abdeb7a4d215449b495e81d4 Mon Sep 17 00:00:00 2001 From: giomba Date: Thu, 15 Dec 2022 21:43:55 +0100 Subject: [PATCH 31/44] Decouple docker-compose and container credentials for wiki. --- wiki/docker-compose.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/wiki/docker-compose.yml b/wiki/docker-compose.yml index b694505..a91ea08 100644 --- a/wiki/docker-compose.yml +++ b/wiki/docker-compose.yml @@ -18,9 +18,8 @@ services: volumes: - /srv/wiki/db:/var/lib/mysql environment: - MYSQL_DATABASE: golem_wiki - MYSQL_USER: golem - MYSQL_PASSWORD: Pl4uUBs0LofHNxwXJpTkEg + MYSQL_DATABASE: ${WIKI_MYSQL_DATABASE} + MYSQL_USER: ${WIKI_MYSQL_USER} + MYSQL_PASSWORD: ${WIKI_MYSQL_PASSWORD} MYSQL_RANDOM_ROOT_PASSWORD: 'yes' - From 2a7bf59f0b34392edd8a779b3b83d4eb17321d16 Mon Sep 17 00:00:00 2001 From: giomba Date: Sun, 18 Dec 2022 23:14:57 +0100 Subject: [PATCH 32/44] Decouple docker-compose and container credentials for Wordpress blog. --- wordpress/docker-compose.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/wordpress/docker-compose.yml b/wordpress/docker-compose.yml index 09bcf09..2c2ebc3 100644 --- a/wordpress/docker-compose.yml +++ b/wordpress/docker-compose.yml @@ -8,20 +8,17 @@ services: environment: WORDPRESS_DB_HOST: db WORDPRESS_DB_USER: root - WORDPRESS_DB_PASSWORD: apVSHnTUrfDIdE5YcFvng + WORDPRESS_DB_PASSWORD: "${BLOG_MYSQL_PASSWORD}" WORDPRESS_DB_NAME: golem_wordpress ports: - "127.0.0.1:7070:80" volumes: - "/srv/wordpress/app:/var/www/html" - # - "/srv/sito:/var/www/html/sito" db: image: mariadb:latest restart: unless-stopped environment: - MYSQL_ROOT_PASSWORD: apVSHnTUrfDIdE5YcFvng + MYSQL_ROOT_PASSWORD: "{BLOG_MYSQL_PASSWORD}" volumes: - "/srv/wordpress/db:/var/lib/mysql" - # - "/tmp/golem_wordpress_dump.sql:/docker-entrypoint-initdb.d/dump.sql" - From 47f9d4889933b7b2c3f3dd6184b7aa5232a1a2c8 Mon Sep 17 00:00:00 2001 From: giomba Date: Thu, 29 Dec 2022 21:32:42 +0100 Subject: [PATCH 33/44] Decouple docker-compose and container credentials for Registry. --- registry/docker-compose.yml | 25 +++++++++--------- registry/htpasswd | 4 --- registry/registry.crt | 36 ------------------------- registry/registry.key | 52 ------------------------------------- 4 files changed, 13 insertions(+), 104 deletions(-) delete mode 100644 registry/htpasswd delete mode 100644 registry/registry.crt delete mode 100644 registry/registry.key diff --git a/registry/docker-compose.yml b/registry/docker-compose.yml index 16fbb38..5f02e3f 100644 --- a/registry/docker-compose.yml +++ b/registry/docker-compose.yml @@ -15,17 +15,18 @@ services: - /srv/registry/data:/var/lib/registry - /srv/registry/certs:/certs - /srv/registry/auth:/auth - browser: - restart: unless-stopped - depends_on: - - registry - image: klausmeyer/docker-registry-browser - ports: - - "5001:8080" - environment: - DOCKER_REGISTRY_URL: https://registry:5000/ - NO_SSL_VERIFICATION: "true" - BASIC_AUTH_USER: browser - BASIC_AUTH_PASSWORD: Z8kitWWfpsfj11HsXgNjtQ +# browser: +# restart: unless-stopped +# depends_on: +# - registry +# image: klausmeyer/docker-registry-browser +# ports: +# - "5001:8080" +# environment: +# DOCKER_REGISTRY_URL: https://registry:5000/ +# NO_SSL_VERIFICATION: "true" +# BASIC_AUTH_USER: browser +# BASIC_AUTH_PASSWORD: ${REGISTRY_BROWSER_AUTH_PASSWORD} + diff --git a/registry/htpasswd b/registry/htpasswd deleted file mode 100644 index c301924..0000000 --- a/registry/htpasswd +++ /dev/null @@ -1,4 +0,0 @@ -golem:$2y$05$rNWyfcyYTwvypKdzplPve.Ip.CA5.deA0GOEGpFxsejYqd3q.5BLG - -giomba:$2y$05$HIGY3JUl9NOImMS4Mv3yceCPTMjiZO2ZIfJmBOZxP1MEcD7kvTA2W - diff --git a/registry/registry.crt b/registry/registry.crt deleted file mode 100644 index a35ff3e..0000000 --- a/registry/registry.crt +++ /dev/null @@ -1,36 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGMzCCBBugAwIBAgIUXYyZewh05ioE7FThv9monCJb4W4wDQYJKoZIhvcNAQEL -BQAwgagxCzAJBgNVBAYTAklUMRAwDgYDVQQIDAdGaXJlbnplMQ8wDQYDVQQHDAZF -bXBvbGkxLjAsBgNVBAoMJUdPTEVNIC0gR3J1cHBvIE9wZXJhdGl2byBMaW51eCBF -bXBvbGkxIjAgBgNVBAMMGWh1Yi5kb2NrZXIuZ29sZW0ubGludXguaXQxIjAgBgkq -hkiG9w0BCQEWE2luZm9AZ29sZW0ubGludXguaXQwHhcNMjAxMDI4MjA0ODAyWhcN -MzAxMDI2MjA0ODAyWjCBqDELMAkGA1UEBhMCSVQxEDAOBgNVBAgMB0ZpcmVuemUx -DzANBgNVBAcMBkVtcG9saTEuMCwGA1UECgwlR09MRU0gLSBHcnVwcG8gT3BlcmF0 -aXZvIExpbnV4IEVtcG9saTEiMCAGA1UEAwwZaHViLmRvY2tlci5nb2xlbS5saW51 -eC5pdDEiMCAGCSqGSIb3DQEJARYTaW5mb0Bnb2xlbS5saW51eC5pdDCCAiIwDQYJ -KoZIhvcNAQEBBQADggIPADCCAgoCggIBALSZSg7SvO+cfgmFVPM4tE21+pP3mvNt -/s231TjS/VA/n0omk7ynsJACvKp+kHzgqJ8FbJsOPysjJ18YmnMhFzyDvNDULazJ -y7n/9gld+02SEjjMC+rcQoZpZwS+3U0R7y5XPJ1Og2J45zXYWLYkkocHRb7+FvQD -olviKw6wWCAq0CrLP3Y4xwJYBGxiyfm3B2nz3fVJTS+oC33ZmaVWsjowwq+HwuL4 -4p7xdyVine4dC24rgRDGvGPt8c/f/CuXr11e6JMYX8vRxEeyemH8u2RKRG7NvTou -SxaTzVSnYRPjrMCjAriVU/h3pH2S3g3gLm04wKid0Si5eiHG4+vSfgw6s/eRZOCg -xXNPLuZWTphQpAgeAlbvhCiw5ho6dI0DA/xoIsUfQuKMLzhGxGp6ItM6ezFVuemk -+oHr3bS9+uJcNwDTrF5b1Mc7/poGVKF1502WbJaN6ZfB1wUW6DEWYPMZz7u2tbYC -ElkFBmubzVTJLu6xwHkVwU8S2aUfPFwktOJvmpjUciB6WTx/hgJpm24ws27g7+hw -A9czdqQdiauOsjKfHed8PMDD6r+zdRfgi7hHsZsVIesU0mys0SuYo1Dmcsm8tZwH -rKsZxbyIlwkiMKW1PYjhfmovOq4fMXd9V9Jvz6JN0m+ngGRmFpxViJ/WGnA1ic26 -m9fgmEAwatmdAgMBAAGjUzBRMB0GA1UdDgQWBBQObzsdet9Y+qXypttDKuaduF+9 -XTAfBgNVHSMEGDAWgBQObzsdet9Y+qXypttDKuaduF+9XTAPBgNVHRMBAf8EBTAD -AQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCC13si+1ew9Cmmrmw1Qn4CBaDvbjmFQLMx -8pWLefhqngQRHpFhpQd3SnH3/XB+wynZjJWxr9nmEOrb0bSzXG9cD0cfddwvQr3D -aT4r2guXi3s23AbayV2YkNynycqRT8mbfPcyyjX04BKuDu+gUNX88s6aIeryufw6 -7J834smpb7B7Kb6jjVgTLnivcf3353Vpc4f74Q2ZEIl1iWxjUySW9cfA4Rks7/wU -MU034kyMQR6OAnOkm+45rdNWPHrwheZ2Z/rpTUgFqRKhNdu9hQX9YI8ydePyZdos -Bm0xp7W7U7bQEz1hSAb7AcbYiMnxyhNFLd7wZv86mZNII3JCFTJ4wTBSAiquGrsL -vLj+yXFAv7vm4s56i/IggjxltkiZrwX3pxS81XyBBe6DvqZ0jKvhIrT+z/gzFkdC -f8HnREvZsP9hEsDVssQuI8Brjd5dCk1Bhz2K1vNHviRrABwxjuG4+KAfRlqLj7FV -9TWrzn+kLE1DFHDsmtr5Ec1ORVXHeDbn7JX4UJapwzaQ8oAW2KnFgbc4+lnBeACB -Zte7CLXGl5wrp1frdznsf3SBhNnL78dF6DscMmBO/KJ6SF5JD6zP1pY+U6qq0Ixl -NGE7dTPFcZpdn2Eg9wsxbKBEeYW2pVH7UXI9zq8Nog8NgfK3OpjFNwyl5YSVN20y -wVRibvmyZw== ------END CERTIFICATE----- diff --git a/registry/registry.key b/registry/registry.key deleted file mode 100644 index 0322fb9..0000000 --- a/registry/registry.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC0mUoO0rzvnH4J -hVTzOLRNtfqT95rzbf7Nt9U40v1QP59KJpO8p7CQAryqfpB84KifBWybDj8rIydf -GJpzIRc8g7zQ1C2sycu5//YJXftNkhI4zAvq3EKGaWcEvt1NEe8uVzydToNieOc1 -2Fi2JJKHB0W+/hb0A6Jb4isOsFggKtAqyz92OMcCWARsYsn5twdp8931SU0vqAt9 -2ZmlVrI6MMKvh8Li+OKe8XclYp3uHQtuK4EQxrxj7fHP3/wrl69dXuiTGF/L0cRH -snph/LtkSkRuzb06LksWk81Up2ET46zAowK4lVP4d6R9kt4N4C5tOMCondEouXoh -xuPr0n4MOrP3kWTgoMVzTy7mVk6YUKQIHgJW74QosOYaOnSNAwP8aCLFH0LijC84 -RsRqeiLTOnsxVbnppPqB6920vfriXDcA06xeW9THO/6aBlShdedNlmyWjemXwdcF -FugxFmDzGc+7trW2AhJZBQZrm81UyS7uscB5FcFPEtmlHzxcJLTib5qY1HIgelk8 -f4YCaZtuMLNu4O/ocAPXM3akHYmrjrIynx3nfDzAw+q/s3UX4Iu4R7GbFSHrFNJs -rNErmKNQ5nLJvLWcB6yrGcW8iJcJIjCltT2I4X5qLzquHzF3fVfSb8+iTdJvp4Bk -ZhacVYif1hpwNYnNupvX4JhAMGrZnQIDAQABAoICADZ+VoFYh1gJsWIwECz/vDAC -rCR/vwqa8xqh0L2/tF3FhMv8DfIL61PY75LGc9SqeVbabSXwS5E5n0SriNcacgd5 -fLzKeSm9DjMGj/fNmumSHNt0flgUtCIYpdQhv2bk9XXXLtwMd8p7ztBJgqMbL/d8 -c0gpJUXl3tS4zuM0xLKYGI4BHBoREcOcSWFnAajO2HbY9e1we9DYdPc5dIoWOdsj -IWuTnHOeQ8tP8vKd6ieSLgPFLsGgJfJFNwTRgiapM2oKHEVeQnGezwoPSaxNdUHS -wwloHSP0GgYq/PcBNmKo/VR3G3gU3uyHNWQKr+Qh9ABS8pcuX5FZPgf5Gobq0ctf -Ag1ERnGhQVPl6vYtZf8nZHVNMJ3ZIeYkQZiD3lSmbAss0IcVSrabyVLp30gEavSS -hFHSYD/6J8wM87izYyj7quGymJUmOqDL8A5rK7g++3o9YMllzX28cgROZTom01ZJ -WIzXMVGo8Dc+bge+L9xK8mD6T5uc4pkaPLyb6isWm2Xt5mhruDE/LQiY9/ZrkQAn -04LDyYM0VMiNiB3DkKRJum52hYnlCqCRn7BQTUoLhCW+IweHQMuQVegm0wS6VlHv -+fuXt8DEShuNxUh/Yg92UvugE2gmOX6t8RmBYMnwi+qoksxCv0kn0rQ6AZlmdH4b -AS/BeyHruuYgqBWbbw7hAoIBAQDfwb1Zc5dGTwnTtbl6O96MD3vmNB2WyynbFw7b -lL0u7B+EtetNoeOhoMZ5upRqnRbgWGGpjTQb5lYowfEsMkbJYdqCOiaQ3umtmXf9 -OVkE2emOqou50JQbtX1fmkWg4TXdxJ4wXTw0I2LDaMkT2r3xx9SoO8Bag8ng0Bhz -M6wmmYLG0dk3QQjfyqxQmM7eSWDHLCcVUMCk0ZTyKqmcnOyTcEllp6E9Feib019h -9BoJl9kVhWV3b1BXDDsUO6ZwF+gWsPJF1gRt0ztitdRF/hNxj7+pz0gt13yatbH9 -7GiQo+X8nM9Mriu4fkT0Enf5hLBVNaemVmd6PEd/t04MBMdVAoIBAQDOn3mvz1gk -JKiJj1ziISPTk4q72iV9wBysQbT3JJKFaeDxNAVU3Ii3UYa38oxkEhr91cEgJ1hV -phDMtEFPHYoMIo9TtUD19KyTV5mjK7tCpVFgpHOTtSG1pJ7yt8uIy2r+uNfoDqYT -PvoAj3UJieDx2tzSPvVjZsPoANbNoXjLmYWgAK60k5vj9Hy2ia7ld+9XfI3Gkb5u -Y6KNuBwQFdmu/ELSY4ljYTv217/ONt+P9Mzzr+JEsTVtUuth4vQs8gn0fCkuXEPu -yY3aptzl8DcgC71XwftyhvQcrz8hYej2st9UaGvcCEqFhB9OhYCl77UMKLmpyuWj -aOZN7GzcMTkpAoIBAEFkbIME7hPlK3kM5ezcLFkAeXQ4jOEx9MSLw5LWsEdTSI7P -X7orcswcoYSXy6Iw0Ku2CKy1kKIKuellbKc+9kMKbwKaHgU+sEpEzLVbmjF5wfEo -1Hb0hyRl8QMMoga3areqK5T02pBeOxHiwMklp1dO0E5uT/PkCg7CojKgylHpkTer -wnCMeBx3Lc7MKcD67uamd7GaDQLeIUp4v2L+1YDtUvX7fHrOuVE4/+ovnaBqGU5Z -0uKJzI/0ChwKpsShp/lhsxxHxLmX/wYFH8lozKPmn9vvsSd8j3TjXuZXveNvkto1 -tbuyNyLO/DXcY+WvKp1sddd97vXhQgAIQS3wA5UCggEBAIijR2pu+H+2Sknlp2vW -tIV23VjKst5My+lR7mU9JzPYx6taVmg/Cp4H6Mn+OL74hib0Uyl7O1wwXI2yajny -c9cAh724cEP2UKWDWZNhGQ3Cm2UIe3HjZ25idcZWqt9EffYCsKzB+ythCxyRwbjU -GBB4Rm02uznHvKfQ3jvPmz0wwgAEU4QQ1RdTF6HyvNj8jidRs8Prn34Kn3WOmeg9 -Ot4P7fSJZFJ2+5uKI0owWXkuTtabqkr40TcBja0G06hhSxoFfYot87KWURuWGyBn -0Vx8xvKg0jJzcj0B2wKtZ8y0jyGXiDRSu00+CSH5ARE6yoRG7jiNd3yvoxVG0tpu -JrkCggEBALWMT2EbUvQColvms83TeDsxxbI/EV7ksWS+6/IlXd5odaIm5Jf/pgv7 -VxO4jFzFIKt1KmxBsy6HsOrZO8qBhRcSbgw07JxvMQv5EWi5waDhnuzXOqllPsT7 -GeEpite6wIF6ZVcSfBuXb3+Li+UhqiM1w1TWkrJF3TIcyCFioFMDxo9iSJJpC/bA -6PGeOfL/jd/BrZKHeffJhFZYu+STdK60AE/gWNaPkJmJNKGqzMw4uoWtyQABCVIG -bZsj3XZX+9/mR+7kSP2liiVUlhG5hPs1XLZ6RI5f8mzW4yIi7GDtZJqieXzZnKMN -jGabIx7FuMoybT9+JIdCs4dxaGZ5/lk= ------END PRIVATE KEY----- From 1ca4053cfe6b957c2290046aadc2038375fd380a Mon Sep 17 00:00:00 2001 From: giomba Date: Sun, 8 Jan 2023 20:05:56 +0100 Subject: [PATCH 34/44] Update gitea 1.18.0 --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index f3f999d..b771476 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.3" services: gitea: - image: gitea/gitea:latest + image: gitea/gitea:1.18.0 restart: unless-stopped depends_on: - db From 03246c57037585f9a7e263a1d0330367dfb9c318 Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 8 Apr 2023 19:11:42 +0200 Subject: [PATCH 35/44] Update VPNUnit image. --- vpnunit/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vpnunit/docker-compose.yml b/vpnunit/docker-compose.yml index e8c039e..46811f0 100644 --- a/vpnunit/docker-compose.yml +++ b/vpnunit/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.3" services: vpnunit: - image: hub.docker.golem.linux.it/vpnunit:latest + image: git.golem.linux.it/argilla/vpnunit:2 restart: unless-stopped volumes: - /srv/vpnunit:/data From 5db23186e15b455ece13ca248c345c7ffe46d867 Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 8 Apr 2023 19:40:54 +0200 Subject: [PATCH 36/44] Fix VPNUnit image name typo. --- vpnunit/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vpnunit/docker-compose.yml b/vpnunit/docker-compose.yml index 46811f0..8413ce1 100644 --- a/vpnunit/docker-compose.yml +++ b/vpnunit/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.3" services: vpnunit: - image: git.golem.linux.it/argilla/vpnunit:2 + image: git.golem.linux.it/argilla/vpnunit-img:2 restart: unless-stopped volumes: - /srv/vpnunit:/data From a890c32f58419b1cca2107b1e400b9591b7d5969 Mon Sep 17 00:00:00 2001 From: giomba Date: Mon, 10 Apr 2023 11:45:57 +0200 Subject: [PATCH 37/44] Add docker-compose for drone.io CI --- drone/docker-compose.yml | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/drone/docker-compose.yml b/drone/docker-compose.yml index 6e3c83d..aa26e5e 100644 --- a/drone/docker-compose.yml +++ b/drone/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.3" services: drone: - image: drone/drone:2 + image: drone/drone:2.16.0 restart: unless-stopped depends_on: - drunner @@ -11,12 +11,12 @@ services: - "7040:80" - "7041:443" environment: - - DRONE_GITEA_SERVER=https://git.golem.linux.it/ - - DRONE_GITEA_CLIENT_ID=6db2ee17-56ac-45d2-8609-1bb9edf20733 - - DRONE_GITEA_CLIENT_SECRET=OQtZg0SQF4pC0j7dT2wGkzwcEVVSLQLLrImkjxsIlZsp - - DRONE_RPC_SECRET=375881da893a025bc461d71c73014cfa - - DRONE_SERVER_HOST=ci.golem.linux.it - - DRONE_SERVER_PROTO=https + DRONE_GITEA_SERVER: https://git.golem.linux.it/ + DRONE_GITEA_CLIENT_ID: ${DRONE_GITEA_CLIENT_ID} + DRONE_GITEA_CLIENT_SECRET: ${DRONE_GITEA_CLIENT_SECRET} + DRONE_RPC_SECRET: ${DRONE_RPC_SECRET} + DRONE_SERVER_HOST: ci.golem.linux.it + DRONE_SERVER_PROTO: https drunner: image: drone/drone-runner-docker:1 restart: unless-stopped @@ -25,10 +25,8 @@ services: ports: - "7042:3000" environment: - - DRONE_RPC_PROTO=http - - DRONE_RPC_HOST=drone - - DRONE_RPC_SECRET=375881da893a025bc461d71c73014cfa - - DRONE_RUNNER_NAME=drone-drunner - - + DRONE_RPC_PROTO: http + DRONE_RPC_HOST: drone + DRONE_RPC_SECRET: ${DRONE_RPC_SECRET} + DRONE_RUNNER_NAME: drone-drunner From 0099932a081355a967ea98f200a9041816334243 Mon Sep 17 00:00:00 2001 From: giomba Date: Mon, 10 Apr 2023 16:46:58 +0200 Subject: [PATCH 38/44] Update image and volumes for pubblici -> archivio. --- {pubblici => archivio}/docker-compose.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) rename {pubblici => archivio}/docker-compose.yml (68%) diff --git a/pubblici/docker-compose.yml b/archivio/docker-compose.yml similarity index 68% rename from pubblici/docker-compose.yml rename to archivio/docker-compose.yml index 5478456..3f06321 100644 --- a/pubblici/docker-compose.yml +++ b/archivio/docker-compose.yml @@ -1,13 +1,14 @@ version: "3.3" services: pubblici: - image: hub.docker.golem.linux.it/thttpd:2 + image: hub.docker.golem.linux.it/thttpd:3 restart: unless-stopped ports: - "7003:80" - "7005:22" volumes: - - /srv/pubblici:/html + - /srv/archivio/html:/html + - /srv/archivio/conf:/conf environment: THTTPD_SSH_USER: ${PUBBLICI_SSH_USER} THTTPD_SSH_PASSWORD: ${PUBBLICI_SSH_PASSWORD} From 1e40ad246d534e493a9695adb1dd3d685f22894f Mon Sep 17 00:00:00 2001 From: giomba Date: Mon, 10 Apr 2023 16:48:40 +0200 Subject: [PATCH 39/44] Fix image path. --- archivio/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/archivio/docker-compose.yml b/archivio/docker-compose.yml index 3f06321..64b47c5 100644 --- a/archivio/docker-compose.yml +++ b/archivio/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.3" services: - pubblici: - image: hub.docker.golem.linux.it/thttpd:3 + archivio: + image: git.golem.linux.it/golem/thttpd:3 restart: unless-stopped ports: - "7003:80" From 7a7a7c40381cd7b559dc97f583b885e2ebe19e32 Mon Sep 17 00:00:00 2001 From: gbiotti Date: Tue, 11 Apr 2023 22:29:35 +0200 Subject: [PATCH 40/44] Upgrade NextCloud a versione 26.0.0 --- nextcloud/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 011657e..0e72288 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -1,7 +1,7 @@ version: "2" services: nextcloud: - image: nextcloud:22.2.3 + image: nextcloud:26.0.0 ports: - "127.0.0.1:7080:80" depends_on: From 10e628514cb4134c4f111774dcfc9be7809caab6 Mon Sep 17 00:00:00 2001 From: giomba Date: Sat, 15 Apr 2023 14:04:42 +0200 Subject: [PATCH 41/44] Update gitea to 1.19.1. --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index b771476..9f7d1ea 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.3" services: gitea: - image: gitea/gitea:1.18.0 + image: gitea/gitea:1.19.1 restart: unless-stopped depends_on: - db From 8323d2e883b4a29e3bedf5271d6d30b56fb57105 Mon Sep 17 00:00:00 2001 From: giomba Date: Mon, 1 May 2023 11:13:52 +0200 Subject: [PATCH 42/44] gitea: upgrade to 1.19.2 --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 9f7d1ea..5f4f2c8 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.3" services: gitea: - image: gitea/gitea:1.19.1 + image: gitea/gitea:1.19.2 restart: unless-stopped depends_on: - db From 635ba1eeaf33bace117e2f6182422f3e06c11947 Mon Sep 17 00:00:00 2001 From: giuliof Date: Mon, 4 Sep 2023 22:00:41 +0200 Subject: [PATCH 43/44] websdr: aggiornata immagine a nuova versione openwebrx+ --- websdr/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/websdr/docker-compose.yml b/websdr/docker-compose.yml index e813e67..008cea6 100644 --- a/websdr/docker-compose.yml +++ b/websdr/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.3" services: websdr: - image: jketterl/openwebrx:stable + image: slechev/openwebrxplus-softmbe:2023-09-02 restart: unless-stopped volumes: - /srv/websdr/etc:/etc/openwebrx From da8c963e7f3fdf63c334cba6639a241098396890 Mon Sep 17 00:00:00 2001 From: giuliof Date: Sun, 17 Dec 2023 11:14:19 +0100 Subject: [PATCH 44/44] gitea: upgrade to 1.21.2 Update was performed by steps: 1.19.2 -> 1.19.4 -> 1.20.6 -> 1.21.2 --- gitea/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 5f4f2c8..7af4e94 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.3" services: gitea: - image: gitea/gitea:1.19.2 + image: gitea/gitea:1.21.2 restart: unless-stopped depends_on: - db