diff --git a/__swarm/bitwarden/bitwarden-swarm.yml b/__swarm/bitwarden/bitwarden-swarm.yml index 54e39ea..b46f35d 100644 --- a/__swarm/bitwarden/bitwarden-swarm.yml +++ b/__swarm/bitwarden/bitwarden-swarm.yml @@ -1,39 +1,39 @@ -version: '3.9' services: bitwarden: environment: - - WEBSOCKET_ENABLED=true - - SIGNUPS_ALLOWED=true - - DOMAIN=https://pw.sectorq.eu - - SMTP_HOST=mail.sectorq.eu - - SMTP_FROM=jaydee@sectorq.eu - - SMTP_PORT=465 - - SMTP_SSL=true - - SMTP_USERNAME=jaydee@sectorq.eu - - SMTP_PASSWORD=$SMTP_PASSWORD - - ADMIN_TOKEN=$ADMIN_PASSWORD + WEBSOCKET_ENABLED: 'true' + SIGNUPS_ALLOWED: 'true' + DOMAIN: https://pw.sectorq.eu + SMTP_HOST: mail.sectorq.eu + SMTP_FROM: jaydee@sectorq.eu + SMTP_PORT: '465' + SMTP_SSL: 'true' + SMTP_USERNAME: jaydee@sectorq.eu + SMTP_PASSWORD: $SMTP_PASSWORD + ADMIN_TOKEN: $ADMIN_PASSWORD image: ${DOCKER_REGISTRY:-}vaultwarden/server:latest ports: - - 8181:80 + - target: 80 + published: 8181 + protocol: tcp + mode: ingress + restart: ${RESTART:-unless-stopped} volumes: - /share/docker_data/bitwarden/bw-data:/data deploy: - mode: replicated - replicas: 1 - restart_policy: - condition: any labels: com.centurylinklabs.watchtower.enable: 'true' homepage.container: vaultwarden - homepage.description: password manager - homepage.group: utilities + homepage.description: Password manager + homepage.group: Utilities homepage.href: https://pw.sectorq.eu homepage.icon: bitwarden.png - homepage.name: bitwarden + homepage.name: Bitwarden homepage.server: my-docker homepage.weight: '1' wud.watch: 'true' wud.watch.digest: 'true' + replicas: 1 placement: constraints: - node.role == manager diff --git a/__swarm/grafana/grafana-swarm.yml b/__swarm/grafana/grafana-swarm.yml new file mode 100644 index 0000000..8bea948 --- /dev/null +++ b/__swarm/grafana/grafana-swarm.yml @@ -0,0 +1,113 @@ +name: grafana +networks: + loki: null +services: + grafana: + entrypoint: + - sh + - -euc + - "mkdir -p /etc/grafana/provisioning/datasources\ncat < /etc/grafana/provisioning/datasources/ds.yaml\n\ + apiVersion: 1\ndatasources:\n- name: Loki\n type: loki\n access: proxy\n \ + \ orgId: 1\n url: http://loki:3100\n basicAuth: false\n isDefault: true\n\ + \ version: 1\n editable: false\nEOF\n/run.sh\n" + environment: + GF_AUTH_GENERIC_OAUTH_API_URL: https://auth.sectorq.eu/application/o/userinfo/ + GF_AUTH_GENERIC_OAUTH_AUTH_URL: https://auth.sectorq.eu/application/o/authorize/ + GF_AUTH_GENERIC_OAUTH_CLIENT_ID: xc8AKsYOvHFmYnRjfnvt2YfgR5pg8Mlfc9YEqd3T + GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: gb5ThPlyIUN2I8UPvIKAqQBoGFmTAb7tFxt5OiJQkAG6Ef2HDKksNOjWPJFfXiO22RuCnWuyzl6IMqPYO6QTa55EYfoN5N87enh5MOhTXjo2JTTnEL1eZhEI1Sw1vBO8 + GF_AUTH_GENERIC_OAUTH_ENABLED: 'true' + GF_AUTH_GENERIC_OAUTH_NAME: authentik + GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: contains(groups, 'Grafana Admins') + && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer' + GF_AUTH_GENERIC_OAUTH_SCOPES: openid profile email + GF_AUTH_GENERIC_OAUTH_TOKEN_URL: https://auth.sectorq.eu/application/o/token/ + GF_AUTH_OAUTH_AUTO_LOGIN: 'true' + GF_AUTH_SIGNOUT_REDIRECT_URL: https://auth.sectorq.eu/application/o/grafana/end-session/ + GF_INSTALL_PLUGINS: https://storage.googleapis.com/integration-artifacts/alexanderzobnin-zabbix-app/4.5.7/main/163fabf651b776bf70adc08fa41bec4f52645374/alexanderzobnin-zabbix-app-4.5.7%2B163fabf6.linux_amd64.zip;alexanderzobnin-zabbix-app + GF_LOG_FILTERS: rendering:debug + GF_RENDERING_CALLBACK_URL: http://grafana:3000/ + GF_RENDERING_SERVER_URL: http://renderer:8092/render + GF_SERVER_ROOT_URL: https://g.sectorq.eu/ + image: ${DOCKER_REGISTRY:-}grafana/grafana:latest + networks: + - loki + ports: + - target: 3000 + published: 3007 + protocol: tcp + mode: ingress + restart: ${RESTART:-unless-stopped} + user: 0:0 + volumes: + - /share/docker_data/grafana/data:/var/lib/grafana + - /share/docker_data/grafana/certs:/certs + deploy: + labels: + com.centurylinklabs.watchtower.enable: 'true' + homepage.container: grafana + homepage.description: Graphs + homepage.group: Smarthome + homepage.href: https://g.sectorq.eu + homepage.icon: grafana.png + homepage.name: Grafana + homepage.server: my-docker + homepage.weight: '1' + wud.watch: 'true' + wud.watch.digest: 'true' + replicas: 1 + placement: + constraints: + - node.role == manager + loki: + command: -config.file=/etc/loki/local-config.yaml + image: ${DOCKER_REGISTRY:-}grafana/loki:latest + networks: + - loki + ports: + - target: 3100 + published: 3100 + protocol: tcp + mode: ingress + restart: ${RESTART:-unless-stopped} + deploy: + labels: + wud.watch: 'true' + wud.watch.digest: 'true' + replicas: 1 + placement: + constraints: + - node.role == manager + promtail: + command: -config.file=/etc/promtail/config.yml + image: ${DOCKER_REGISTRY:-}grafana/promtail:latest + networks: + - loki + volumes: + - /var/log:/var/log + - /share/docker_data/grafana/promtail/config.yml:/etc/promtail/config.yml + - /share/Data/__GITLAB/omv_backup/:/share/Data/__GITLAB/omv_backup/ + restart: ${RESTART:-unless-stopped} + deploy: + labels: + wud.watch: 'true' + wud.watch.digest: 'true' + replicas: 1 + placement: + constraints: + - node.role == manager + renderer: + image: ${DOCKER_REGISTRY:-}grafana/grafana-image-renderer:latest + ports: + - 8092 + networks: + - loki + restart: ${RESTART:-unless-stopped} + deploy: + labels: + com.centurylinklabs.watchtower.enable: 'true' + wud.watch: 'true' + wud.watch.digest: 'true' + replicas: 1 + placement: + constraints: + - node.role == manager diff --git a/yaml_convert2.py b/yaml_convert2.py index 0854508..59c1f21 100644 --- a/yaml_convert2.py +++ b/yaml_convert2.py @@ -3,7 +3,7 @@ import sys stack_name = sys.argv[1] INPUT_FILE = f"{stack_name}/docker-compose.yml" -OUTPUT_FILE = f"__swarm/{stack_name}/{stack_name}-stack.yml" +OUTPUT_FILE = f"__swarm/{stack_name}/{stack_name}-swarm.yml" def convert_ports(ports): """Convert short port syntax to Swarm long syntax.""" result = []