Update
This commit is contained in:
parent
baba7a3379
commit
255f742ddc
|
@ -0,0 +1,38 @@
|
|||
# container-authentik-postgres.service
|
||||
# autogenerated by Podman 4.1.1
|
||||
# Wed Aug 17 07:18:00 UTC 2022
|
||||
|
||||
[Unit]
|
||||
Description=Podman container-authentik-postgres.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=%t/containers
|
||||
BindsTo=pod-authentik.service
|
||||
After=pod-authentik.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run \
|
||||
--cidfile=%t/%n.ctr-id \
|
||||
--cgroups=no-conmon \
|
||||
--rm \
|
||||
--pod-id-file %t/pod-authentik.pod-id \
|
||||
--sdnotify=conmon \
|
||||
-d \
|
||||
--replace \
|
||||
--name authentik-postgres \
|
||||
--label io.containers.autoupdate=registry \
|
||||
-v authentik-db:/var/lib/postgresql/data:Z \
|
||||
-e POSTGRES_PASSWORD=authentik \
|
||||
-e POSTGRES_USER=authentik \
|
||||
-e POSTGRES_DB=authentik docker.io/postgres:12-alpine
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -0,0 +1,34 @@
|
|||
# container-authentik-redis.service
|
||||
# autogenerated by Podman 4.1.1
|
||||
# Wed Aug 17 07:18:00 UTC 2022
|
||||
|
||||
[Unit]
|
||||
Description=Podman container-authentik-redis.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=%t/containers
|
||||
BindsTo=pod-authentik.service
|
||||
After=pod-authentik.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run \
|
||||
--cidfile=%t/%n.ctr-id \
|
||||
--cgroups=no-conmon \
|
||||
--rm \
|
||||
--pod-id-file %t/pod-authentik.pod-id \
|
||||
--sdnotify=conmon \
|
||||
-d \
|
||||
--replace \
|
||||
--label io.containers.autoupdate=registry \
|
||||
--name authentik-redis docker.io/redis:alpine
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -0,0 +1,43 @@
|
|||
# container-authentik-server.service
|
||||
# autogenerated by Podman 4.1.1
|
||||
# Wed Aug 17 07:18:00 UTC 2022
|
||||
|
||||
[Unit]
|
||||
Description=Podman container-authentik-server.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=%t/containers
|
||||
BindsTo=pod-authentik.service
|
||||
After=pod-authentik.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run \
|
||||
--cidfile=%t/%n.ctr-id \
|
||||
--cgroups=no-conmon \
|
||||
--rm \
|
||||
--pod-id-file %t/pod-authentik.pod-id \
|
||||
--sdnotify=conmon \
|
||||
-d \
|
||||
--replace \
|
||||
--name authentik-server \
|
||||
--label io.containers.autoupdate=registry \
|
||||
-v authentik-media:/media:z \
|
||||
-v authentik-templates:/templates:z \
|
||||
-e AUTHENTIK_SECRET_KEY=P8UNDagVZS1HMUxoaov7ouP2CxpAuODBpFYyJ773w3N7Pk96m4 \
|
||||
-e AUTHENTIK_ERROR_REPORTING__ENABLED=true \
|
||||
-e AUTHENTIK_REDIS__HOST=localhost \
|
||||
-e AUTHENTIK_POSTGRESQL__HOST=localhost \
|
||||
-e AUTHENTIK_POSTGRESQL__USER=authentik \
|
||||
-e AUTHENTIK_POSTGRESQL__NAME=authentik \
|
||||
-e AUTHENTIK_POSTGRESQL__PASSWORD=authentik ghcr.io/goauthentik/server:latest server
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -0,0 +1,44 @@
|
|||
# container-authentik-worker.service
|
||||
# autogenerated by Podman 4.1.1
|
||||
# Wed Aug 17 07:18:00 UTC 2022
|
||||
|
||||
[Unit]
|
||||
Description=Podman container-authentik-worker.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=%t/containers
|
||||
BindsTo=pod-authentik.service
|
||||
After=pod-authentik.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run \
|
||||
--cidfile=%t/%n.ctr-id \
|
||||
--cgroups=no-conmon \
|
||||
--rm \
|
||||
--pod-id-file %t/pod-authentik.pod-id \
|
||||
--sdnotify=conmon \
|
||||
-d \
|
||||
--replace \
|
||||
--name authentik-worker \
|
||||
--label io.containers.autoupdate=registry \
|
||||
-v authentik-media:/media:z \
|
||||
-v authentik-templates:/templates:z \
|
||||
-v authentik-certs:/certs:Z \
|
||||
-e AUTHENTIK_SECRET_KEY=P8UNDagVZS1HMUxoaov7ouP2CxpAuODBpFYyJ773w3N7Pk96m4 \
|
||||
-e AUTHENTIK_ERROR_REPORTING__ENABLED=true \
|
||||
-e AUTHENTIK_REDIS__HOST=localhost \
|
||||
-e AUTHENTIK_POSTGRESQL__HOST=localhost \
|
||||
-e AUTHENTIK_POSTGRESQL__USER=authentik \
|
||||
-e AUTHENTIK_POSTGRESQL__NAME=authentik \
|
||||
-e AUTHENTIK_POSTGRESQL__PASSWORD=authentik ghcr.io/goauthentik/server:latest worker
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -0,0 +1,29 @@
|
|||
[Unit]
|
||||
Description=Podman container-dendrite-monolith.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=%t/containers
|
||||
BindsTo=pod-dendrite.service
|
||||
After=pod-dendrite.service
|
||||
Requires=container-dendrite-postgres.service
|
||||
After=container-dendrite-postgres.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm \
|
||||
--pod-id-file %t/pod-dendrite.pod-id --sdnotify=conmon --replace -d \
|
||||
--name=dendrite-monolith \
|
||||
-v dendrite:/etc/dendrite:Z \
|
||||
-v dendrite-media:/var/dendrite/media:Z \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/matrixdotorg/dendrite-monolith:latest --tls-cert=server.crt --tls-key=server.key
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -0,0 +1,26 @@
|
|||
[Unit]
|
||||
Description=Podman container-dendrite-postgres.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=%t/containers
|
||||
BindsTo=pod-dendrite.service
|
||||
After=pod-dendrite.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm \
|
||||
--pod-id-file %t/pod-dendrite.pod-id --sdnotify=conmon --replace -d \
|
||||
--name=dendrite-postgres \
|
||||
-v dendrite-postgres:/var/lib/postgresql/data:Z \
|
||||
-e POSTGRES_USER=dendrite -e POSTGRES_PASSWORD=dendrite \
|
||||
docker.io/postgres:14
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -18,10 +18,11 @@ ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm \
|
|||
--pod-id-file %t/pod-gitea.pod-id \
|
||||
--sdnotify=conmon --replace -d \
|
||||
--name=gitea-app \
|
||||
-v gitea:/data \
|
||||
-v gitea:/data:Z \
|
||||
-v /home/git/.ssh/:/data/git/.ssh:z \
|
||||
-v /etc/timezone:/etc/timezone:z,ro \
|
||||
-v /etc/localtime:/etc/localtime:z,ro \
|
||||
--tz=Europe/Brussels \
|
||||
#-v /etc/timezone:/etc/timezone:ro \
|
||||
#-v /etc/localtime:/etc/localtime:ro \
|
||||
-e USER_UID=1001 -e USER_GID=1001 \
|
||||
-e GITEA__database__DB_TYPE=postgres -e GITEA__database__HOST=localhost \
|
||||
-e GITEA__database__NAME=gitea -e GITEA__database__USER=gitea -e GITEA__database__PASSWD=gitea \
|
||||
|
@ -33,4 +34,4 @@ Type=notify
|
|||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -16,7 +16,7 @@ ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm \
|
|||
--pod-id-file %t/pod-gitea.pod-id \
|
||||
--sdnotify=conmon --replace -d \
|
||||
--name=gitea-postgres \
|
||||
-v gitea-postgres:/var/lib/postgresql/data \
|
||||
-v gitea-postgres:/var/lib/postgresql/data:Z \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/postgres:11
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
|
@ -25,4 +25,4 @@ Type=notify
|
|||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -20,11 +20,10 @@ ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
|||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d \
|
||||
--name="hass-app" \
|
||||
--pod-id-file %t/pod-home-assistant.pod-id \
|
||||
-v hass-app:/config \
|
||||
#-v /home/pi/containers/hass/homeassistant:/config:z \
|
||||
-v hass-app:/config:Z \
|
||||
-v /home/hass/.ssh:/root/.ssh:z \
|
||||
-v /etc/localtime:/etc/localtime:z,ro \
|
||||
--privileged \
|
||||
--tz=Europe/Brussels \
|
||||
#--privileged \
|
||||
-e TZ=Europe/Brussels \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
--net=host \
|
||||
|
@ -35,4 +34,4 @@ Type=notify
|
|||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -13,9 +13,9 @@ TimeoutStopSec=70
|
|||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d \
|
||||
--name=hass-mosquitto \
|
||||
--pod-id-file %t/pod-home-assistant.pod-id \
|
||||
-v hass-mosquitto-config:/mosquitto/config \
|
||||
-v hass-mosquitto-data:/mosquitto/data \
|
||||
--pod-id-file %t/pod-home-assistant.pod-id \
|
||||
-v hass-mosquitto-config:/mosquitto/config:Z \
|
||||
-v hass-mosquitto-data:/mosquitto/data:Z \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
--net=host \
|
||||
docker.io/eclipse-mosquitto
|
||||
|
@ -25,4 +25,4 @@ Type=notify
|
|||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -19,7 +19,7 @@ ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm \
|
|||
-e POSTGRES_PASSWORD=home-assistant \
|
||||
-e POSTGRES_DB=home-assistant \
|
||||
--net=host \
|
||||
-v hass-postgres:/var/lib/postgresql/data \
|
||||
-v hass-postgres:/var/lib/postgresql/data:Z \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/postgres:14
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
|
@ -28,4 +28,4 @@ Type=notify
|
|||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -16,8 +16,10 @@ ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
|||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d \
|
||||
--name=hass-zigbee2mqtt \
|
||||
--pod-id-file %t/pod-home-assistant.pod-id \
|
||||
-v hass-zigbee2mqtt:/app/data \
|
||||
-v /run/udev:/run/udev:ro -e TZ=Europe/Brussels \
|
||||
-v hass-zigbee2mqtt:/app/data:Z \
|
||||
-v /run/udev:/run/udev:ro \
|
||||
-e TZ=Europe/Brussels \
|
||||
--tz=Europe/Brussels \
|
||||
--device=/dev/ttyACM0:/dev/ttyACM0 \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
--net=host \
|
||||
|
@ -28,4 +30,4 @@ Type=notify
|
|||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -0,0 +1,32 @@
|
|||
[Unit]
|
||||
Description=Podman container-mullvad.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=%t/containers
|
||||
BindsTo=pod-torrent.service
|
||||
After=pod-torrent.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm \
|
||||
--pod-id-file %t/pod-torrent.pod-id \
|
||||
--sdnotify=conmon --replace -d \
|
||||
--name=mullvad \
|
||||
--privileged \
|
||||
--device /dev/net/tun \
|
||||
-e PUID=1000 \
|
||||
-e PGID=1000 \
|
||||
-e TZ=Europe/Brussels \
|
||||
-v mullvad-openvpn:/vpn:Z \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/dperson/openvpn-client
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -18,6 +18,7 @@ ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
|||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d \
|
||||
--name=nextcloud-fpm \
|
||||
--pod-id-file %t/pod-nextcloud.pod-id \
|
||||
--tz=Europe/Brussels \
|
||||
-v nextcloud:/var/www/html:z \
|
||||
-e POSTGRES_DB=nextcloud \
|
||||
-e POSTGRES_USER=nextcloud \
|
||||
|
@ -34,4 +35,4 @@ Type=notify
|
|||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -16,8 +16,8 @@ ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
|||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d \
|
||||
--name=nextcloud-nginx \
|
||||
--pod-id-file %t/pod-nextcloud.pod-id \
|
||||
-v nextcloud:/var/www/html \
|
||||
-v /var/lib/containers/storage/volumes/nextcloud-nginx/_data/nginx.conf:/etc/nginx/nginx.conf \
|
||||
-v nextcloud:/var/www/html:z \
|
||||
-v /var/lib/containers/storage/volumes/nextcloud-nginx/_data/nginx.conf:/etc/nginx/nginx.conf:Z \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/nginx
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
|
@ -26,4 +26,4 @@ Type=notify
|
|||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -14,7 +14,7 @@ ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
|||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d \
|
||||
--name=nextcloud-postgres \
|
||||
--pod-id-file %t/pod-nextcloud.pod-id \
|
||||
-v nextcloud-postgres:/var/lib/postgresql/data \
|
||||
-v nextcloud-postgres:/var/lib/postgresql/data:Z \
|
||||
-e POSTGRES_USER=nextcloud \
|
||||
-e POSTGRES_PASSWORD=nextcloud \
|
||||
-e POSTGRES_DB=nextcloud \
|
||||
|
@ -26,4 +26,4 @@ Type=notify
|
|||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
[Unit]
|
||||
Description=Podman container-nginx-web.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
Requires=container-php-fpm.service
|
||||
After=container-php-fpm.service
|
||||
BindsTo=pod-web.service
|
||||
After=pod-web.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d \
|
||||
--name=nginx-web \
|
||||
--pod-id-file %t/pod-web.pod-id \
|
||||
-v nginx-web:/var/www/html:z \
|
||||
-v /var/lib/containers/storage/volumes/nginx-web-config/_data/nginx.conf:/etc/nginx/nginx.conf:Z \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/nginx
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -0,0 +1,47 @@
|
|||
# container-oauth2-proxy.service
|
||||
# autogenerated by Podman 4.1.1
|
||||
# Thu Aug 18 10:12:36 UTC 2022
|
||||
|
||||
[Unit]
|
||||
Description=Podman container-oauth2-proxy.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=%t/containers
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run \
|
||||
--cidfile=%t/%n.ctr-id \
|
||||
--cgroups=no-conmon \
|
||||
--rm \
|
||||
--sdnotify=conmon \
|
||||
-d \
|
||||
--replace \
|
||||
--name oauth2-proxy \
|
||||
-p 4180:4180 \
|
||||
-e OAUTH2_PROXY_PROVIDER=keycloak-oidc \
|
||||
-e OAUTH2_PROXY_CLIENT_ID=oauth2-proxy \
|
||||
-e OAUTH2_PROXY_CLIENT_SECRET=H2SITUCIsnVMq0k1OfWsQuSvXmkdHBe0 \
|
||||
#-e OAUTH2_PROXY_REDIRECT_URL=https://home.vanoverloop.xyz/oauth2/callback \
|
||||
-e OAUTH2_PROXY_OIDC_ISSUER_URL=https://auth.vanoverloop.xyz/realms/master \
|
||||
-e OAUTH2_PROXY_ALLOWED_ROLE=home \
|
||||
-e OAUTH2_PROXY_HTTP_ADDRESS=0.0.0.0:4180 \
|
||||
-e OAUTH2_PROXY_REVERSE_PROXY=true \
|
||||
-e OAUTH2_PROXY_COOKIE_SECRET=jmoZ8LpDuAO1PLAtD16Xe4tu7e_OAmXZetiumqquCWA= \
|
||||
-e OAUTH2_PROXY_UPSTREAMS=http://pi.lan:5180/ \
|
||||
-e OAUTH2_PROXY_EMAIL_DOMAINS=* \
|
||||
-e OAUTH2_PROXY_AUTH_LOGGING=true \
|
||||
-e OAUTH2_PROXY_REQUEST_LOGGING=true \
|
||||
-e OAUTH2_PROXY_SESSION_COOKIE_MINIMAL=true \
|
||||
-e OAUTH2_PROXY_COOKIE_DOMAINS=.vanoverloop.xyz \
|
||||
-e OAUTH2_PROXY_SKIP_PROVIDER_BUTTON=true quay.io/oauth2-proxy/oauth2-proxy
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -0,0 +1,26 @@
|
|||
[Unit]
|
||||
Description=Podman container-php-fpm.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
BindsTo=pod-web.service
|
||||
After=pod-web.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d \
|
||||
--name=php-fpm \
|
||||
--pod-id-file %t/pod-web.pod-id \
|
||||
-v nginx-web:/var/www/html:z \
|
||||
--tz=Europe/Brussels \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/php:fpm-alpine
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -30,11 +30,11 @@ ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --
|
|||
-p 53:53/tcp \
|
||||
-p 53:53/udp \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/pihole/pihole
|
||||
docker.io/pihole/pihole:latest
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
[Unit]
|
||||
Description=Podman container-proxy-internal.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=%t/containers
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d \
|
||||
--name=proxy-internal \
|
||||
-v proxy-internal-data:/data:Z \
|
||||
-v proxy-internal-letsencrypt:/etc/letsencrypt:Z \
|
||||
--ip=10.88.0.18 \
|
||||
-p 5180:80 -p 82:81 \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/jc21/nginx-proxy-manager:latest
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -12,10 +12,10 @@ ExecStartPre=/bin/mkdir -p /home/pi/containers/proxy
|
|||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d \
|
||||
--name=proxy \
|
||||
-v /home/pi/containers/proxy/data:/data:z \
|
||||
-v /home/pi/containers/proxy/letsencrypt:/etc/letsencrypt:z \
|
||||
-v /home/pi/containers/proxy/data:/data:Z \
|
||||
-v /home/pi/containers/proxy/letsencrypt:/etc/letsencrypt:Z \
|
||||
--ip=10.88.0.17 \
|
||||
-p 80:80 -p 443:443 -p 81:81 \
|
||||
-p 80:80 -p 443:443 -p 81:81 -p 8448:8448 \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/jc21/nginx-proxy-manager:latest
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
|
@ -24,4 +24,4 @@ Type=notify
|
|||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -0,0 +1,37 @@
|
|||
[Unit]
|
||||
Description=Podman container-qbittorrent.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=%t/containers
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm \
|
||||
--sdnotify=conmon --replace -d \
|
||||
--name=qbittorrent \
|
||||
--privileged \
|
||||
-e PUID=1000 \
|
||||
-e PGID=1000 \
|
||||
-e TZ=Europe/Brussels \
|
||||
-e "VPN_ENABLED=yes" \
|
||||
-e "LAN_NETWORK=192.168.1.0/24" \
|
||||
-e "NAME_SERVERS=8.8.8.8,8.8.4.4" \
|
||||
-e "VPN_USERNAME=9368404547387870" \
|
||||
-e "VPN_PASSWORD=m" \
|
||||
-p 8080:8080 \
|
||||
-p 8999:8999 \
|
||||
-p 8999:8999/udp \
|
||||
-v qbittorrent-appdata:/config:Z \
|
||||
-v qbittorrent-downloads:/downloads:z \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/markusmcnugen/qbittorrentvpn
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -0,0 +1,25 @@
|
|||
[Unit]
|
||||
Description=Podman container-vaultwarden-server.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=%t/containers
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d \
|
||||
--name="vaultwarden-server" \
|
||||
-v vaultwarden-server:/data/:Z \
|
||||
-p 8485:80 \
|
||||
-e TZ=Europe/Brussels \
|
||||
--label "io.containers.autoupdate=registry" \
|
||||
docker.io/vaultwarden/server:latest
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -0,0 +1,26 @@
|
|||
# pod-authentik.service
|
||||
# autogenerated by Podman 4.1.1
|
||||
# Wed Aug 17 07:18:00 UTC 2022
|
||||
|
||||
[Unit]
|
||||
Description=Podman pod-authentik.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=
|
||||
Requires=container-authentik-postgres.service container-authentik-redis.service container-authentik-server.service container-authentik-worker.service
|
||||
Before=container-authentik-postgres.service container-authentik-redis.service container-authentik-server.service container-authentik-worker.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/pod-authentik.pid %t/pod-authentik.pod-id
|
||||
ExecStartPre=/usr/bin/podman pod create --infra-conmon-pidfile %t/pod-authentik.pid --pod-id-file %t/pod-authentik.pod-id --name authentik -p 9000:9000 -p 9443:9443 --replace
|
||||
ExecStart=/usr/bin/podman pod start --pod-id-file %t/pod-authentik.pod-id
|
||||
ExecStop=/usr/bin/podman pod stop --ignore --pod-id-file %t/pod-authentik.pod-id -t 10
|
||||
ExecStopPost=/usr/bin/podman pod rm --ignore -f --pod-id-file %t/pod-authentik.pod-id
|
||||
PIDFile=%t/pod-authentik.pid
|
||||
Type=forking
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -0,0 +1,22 @@
|
|||
[Unit]
|
||||
Description=Podman pod-dendrite.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=
|
||||
Requires=container-dendrite-monolith.service container-dendrite-postgres.service
|
||||
Before=container-dendrite-monolith.service container-dendrite-postgres.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/pod-dendrite.pid %t/pod-dendrite.pod-id
|
||||
ExecStartPre=/usr/bin/podman pod create --infra-conmon-pidfile %t/pod-dendrite.pid --pod-id-file %t/pod-dendrite.pod-id -p 8008:8008 -p 8447:8448 --name dendrite --replace
|
||||
ExecStart=/usr/bin/podman pod start --pod-id-file %t/pod-dendrite.pod-id
|
||||
ExecStop=/usr/bin/podman pod stop --ignore --pod-id-file %t/pod-dendrite.pod-id -t 10
|
||||
ExecStopPost=/usr/bin/podman pod rm --ignore -f --pod-id-file %t/pod-dendrite.pod-id
|
||||
PIDFile=%t/pod-dendrite.pid
|
||||
Type=forking
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -3,8 +3,8 @@ Description=Podman pod-home-assistant.service
|
|||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=
|
||||
#Requires=container-hass-app.service container-hass-zigbee2mqtt.service container-hass-mosquitto.service
|
||||
#Before=container-hass-app.service container-hass-zigbee2mqtt.service container-hass-mosquitto.service
|
||||
Requires=container-hass-app.service container-hass-zigbee2mqtt.service container-hass-mosquitto.service
|
||||
Before=container-hass-app.service container-hass-zigbee2mqtt.service container-hass-mosquitto.service
|
||||
Requires=container-hass-app.service container-hass-zigbee2mqtt.service container-hass-mosquitto.service container-hass-postgres.service
|
||||
Before=container-hass-app.service container-hass-zigbee2mqtt.service container-hass-mosquitto.service container-hass-postgres.service
|
||||
|
||||
|
@ -13,7 +13,7 @@ Environment=PODMAN_SYSTEMD_UNIT=%n
|
|||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/pod-home-assistant.pid %t/pod-home-assistant.pod-id
|
||||
ExecStartPre=/usr/bin/podman pod create --infra-conmon-pidfile %t/pod-home-assistant.pid --pod-id-file %t/pod-home-assistant.pod-id --network=host --name home-assistant --replace
|
||||
ExecStartPre=/usr/bin/podman pod create --infra-conmon-pidfile %t/pod-home-assistant.pid --pod-id-file %t/pod-home-assistant.pod-id --network=host --device=/dev/ttyACM0:/dev/ttyACM0 --name home-assistant --replace
|
||||
ExecStart=/usr/bin/podman pod start --pod-id-file %t/pod-home-assistant.pod-id
|
||||
ExecStop=/usr/bin/podman pod stop --ignore --pod-id-file %t/pod-home-assistant.pod-id -t 10
|
||||
ExecStopPost=/usr/bin/podman pod rm --ignore -f --pod-id-file %t/pod-home-assistant.pod-id
|
||||
|
@ -21,4 +21,4 @@ PIDFile=%t/pod-home-assistant.pid
|
|||
Type=forking
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=default.target
|
||||
|
|
|
@ -0,0 +1,22 @@
|
|||
[Unit]
|
||||
Description=Podman pod-torrent.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=
|
||||
Requires=container-qbittorrent.service
|
||||
Before=container-qbittorrent.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/pod-torrent.pid %t/pod-torrent.pod-id
|
||||
ExecStartPre=/usr/bin/podman pod create --infra-conmon-pidfile %t/pod-torrent.pid --pod-id-file %t/pod-torrent.pod-id -p 54822:8080 -p 57490:6881 -p 57490:6881/udp --name torrent --network=vpn-net --replace
|
||||
ExecStart=/usr/bin/podman pod start --pod-id-file %t/pod-torrent.pod-id
|
||||
ExecStop=/usr/bin/podman pod stop --ignore --pod-id-file %t/pod-torrent.pod-id -t 10
|
||||
ExecStopPost=/usr/bin/podman pod rm --ignore -f --pod-id-file %t/pod-torrent.pod-id
|
||||
PIDFile=%t/pod-torrent.pid
|
||||
Type=forking
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -0,0 +1,22 @@
|
|||
[Unit]
|
||||
Description=Podman pod-web.service
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
RequiresMountsFor=
|
||||
Requires=container-php-fpm.service container-nginx-web.service
|
||||
Before=container-php-fpm.service container-nginx-web.service
|
||||
|
||||
[Service]
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=on-failure
|
||||
TimeoutStopSec=70
|
||||
ExecStartPre=/bin/rm -f %t/pod-web.pid %t/pod-web.pod-id
|
||||
ExecStartPre=/usr/bin/podman pod create --infra-conmon-pidfile %t/pod-web.pid --pod-id-file %t/pod-web.pod-id -p 8053:80 --name web --replace
|
||||
ExecStart=/usr/bin/podman pod start --pod-id-file %t/pod-web.pod-id
|
||||
ExecStop=/usr/bin/podman pod stop --ignore --pod-id-file %t/pod-web.pod-id -t 10
|
||||
ExecStopPost=/usr/bin/podman pod rm --ignore -f --pod-id-file %t/pod-web.pod-id
|
||||
PIDFile=%t/pod-web.pid
|
||||
Type=forking
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
Loading…
Reference in New Issue