build

2025-12-13 18:04:54 +01:00 · 2025-12-08 15:21:02 +01:00 · 2025-12-08 15:20:18 +01:00 · 2025-12-08 15:08:41 +01:00 · 2025-12-08 14:02:49 +01:00
3 changed files with 51 additions and 28 deletions
--- a/__swarm/gitlab/gitlab-swarm.yml
+++ b/__swarm/gitlab/gitlab-swarm.yml
@@ -1,24 +1,39 @@
 services:
-  web:
+  app:
    environment:
-      GITLAB_OMNIBUS_CONFIG: "external_url 'https://gitlab.sectorq.eu'\nnginx['listen_port']\
-        \ = 80\nnginx['listen_https'] = false\nweb_server['username'] = 'git'\ngitlab_rails['time_zone']\
-        \ = 'Europe/Bratislava'\ngitlab_rails['omniauth_enabled'] = true\ngitlab_rails['omniauth_allow_single_sign_on']\
-        \ = ['saml']\ngitlab_rails['omniauth_sync_email_from_provider'] = 'saml'\n\
-        gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml']\ngitlab_rails['omniauth_sync_profile_attributes']\
-        \ = ['email']\ngitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'\n\
-        gitlab_rails['omniauth_block_auto_created_users'] = false\ngitlab_rails['omniauth_auto_link_saml_user']\
-        \ = true\ngitlab_rails['omniauth_providers'] = [\n  {\n    name: 'saml',\n\
-        \    args: {\n      assertion_consumer_service_url: 'https://gitlab.sectorq.eu/users/auth/saml/callback',\n\
-        \      # Shown when navigating to certificates in authentik1\n      idp_cert_fingerprint:\
-        \ 'f7:fd:49:03:b3:38:52:b3:23:f5:43:c4:8d:08:65:32:e0:5a:7b:0e',\n      idp_sso_target_url:\
-        \ 'https://auth.sectorq.eu/application/saml/gitlab/sso/binding/redirect/',\n\
-        \      issuer: 'https://gitlab.sectorq.eu',\n      name_identifier_format:\
-        \ 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',\n      attribute_statements:\
-        \ {\n        email: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'],\n\
-        \        first_name: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'],\n\
-        \        nickname: ['http://schemas.goauthentik.io/2021/02/saml/username']\n\
-        \      }\n    },\n    label: 'authentik'\n  }\n]\n"
+      GITLAB_OMNIBUS_CONFIG: |
+        external_url 'https://gitlab.sectorq.eu'
+        nginx['listen_port'] = 80
+        nginx['listen_https'] = false
+        web_server['username'] = 'git'
+        gitlab_rails['time_zone'] = 'Europe/Bratislava'
+        gitlab_rails['omniauth_enabled'] = true
+        gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']
+        gitlab_rails['omniauth_sync_email_from_provider'] = 'saml'
+        gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml']
+        gitlab_rails['omniauth_sync_profile_attributes'] = ['email']
+        gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
+        gitlab_rails['omniauth_block_auto_created_users'] = false
+        gitlab_rails['omniauth_auto_link_saml_user'] = true
+        gitlab_rails['omniauth_providers'] = [
+          {
+            name: 'saml',
+            args: {
+              assertion_consumer_service_url: 'https://gitlab.sectorq.eu/users/auth/saml/callback',
+              # Shown when navigating to certificates in authentik1
+              idp_cert_fingerprint: 'f7:fd:49:03:b3:38:52:b3:23:f5:43:c4:8d:08:65:32:e0:5a:7b:0e',
+              idp_sso_target_url: 'https://auth.sectorq.eu/application/saml/gitlab/sso/binding/redirect/',
+              issuer: 'https://gitlab.sectorq.eu',
+              name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
+              attribute_statements: {
+                email: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'],
+                first_name: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'],
+                nickname: ['http://schemas.goauthentik.io/2021/02/saml/username']
+              }
+            },
+            label: 'authentik'
+          }
+        ]
      TZ: Europe/Bratislava
    hostname: gitlab.sectorq.eu
    image: ${DOCKER_REGISTRY:-}gitlab/gitlab-ce:latest
--- a/__swarm/influxdb/influxdb-swarm.yml
+++ b/__swarm/influxdb/influxdb-swarm.yml
@@ -29,9 +29,6 @@ services:
        wud.watch: 'true'
        wud.watch.digest: 'true'
      replicas: 1
-      placement:
-        constraints:
-        - node.role == manager
 secrets:
  influxdb2-admin-token:
    external: true
--- a/__swarm/zabbix-server/zabbix-server-swarm.yml
+++ b/__swarm/zabbix-server/zabbix-server-swarm.yml
@@ -24,7 +24,9 @@ services:
      labels:
        com.centurylinklabs.watchtower.enable: 'true'
      replicas: 1
-
+      placement:
+        constraints:
+        - node.role == manager
  zabbix-frontend:
    env_file:
    - stack.env
@@ -49,11 +51,14 @@ services:
        wud.watch: 'true'
        wud.watch.digest: 'true'
      replicas: 1
-
+      placement:
+        constraints:
+        - node.role == manager
  zabbix-server:
    env_file:
    - stack.env
-    image: ${DOCKER_REGISTRY:-}zabbix/zabbix-server-pgsql:alpine-latest
+    #image: ${DOCKER_REGISTRY:-}zabbix/zabbix-server-pgsql:alpine-latest
+    image: r.sectorq.eu/library/jaydee/zabbix-server:latest
    volumes:
    - alertscripts:/usr/lib/zabbix/alertscripts
    networks:
@@ -81,7 +86,9 @@ services:
        wud.watch: 'true'
        wud.watch.digest: 'true'
      replicas: 1
-
+      placement:
+        constraints:
+        - node.role == manager
  webdriver:
    ports:
    - target: 4444
@@ -99,7 +106,9 @@ services:
        wud.watch: 'true'
        wud.watch.digest: 'true'
      replicas: 1
-
+      placement:
+        constraints:
+        - node.role == manager
  postinstall:
    image: debian:12-slim
    environment:
@@ -115,7 +124,9 @@ services:
    - /scripts/install-curl.sh
    deploy:
      replicas: 1
-
+      placement:
+        constraints:
+        - node.role == manager
 volumes:
  db:
  certs:
Author	SHA1	Message	Date
jaydee	4537da6174	build	2025-12-08 15:21:02 +01:00
jaydee	020b784632	build	2025-12-08 15:20:18 +01:00
jaydee	2963ee88f9	build	2025-12-08 15:08:41 +01:00
jaydee	682a727d50	build	2025-12-08 14:02:49 +01:00