From fdb2ba0d4727b6d0ba999da33cfbabeca2c2514f Mon Sep 17 00:00:00 2001 From: rskntroot Date: Sun, 15 Jun 2025 23:31:21 +0000 Subject: [PATCH] enable ghost, enable paste, add stage k3s env --- .gitignore | 1 + ghost/.env | 13 +++++ ghost/compose.yml | 118 ++++++++++++++++++++++++++++++++++++++++ ghost/compose.yml.off | 85 ----------------------------- paste/compose.yml | 2 +- rskio.service | 10 ++-- traefik/etc/dynamic.yml | 26 +++++++++ 7 files changed, 164 insertions(+), 91 deletions(-) create mode 100644 ghost/.env create mode 100644 ghost/compose.yml delete mode 100644 ghost/compose.yml.off diff --git a/.gitignore b/.gitignore index 047870a..892f41b 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ ghost/mysql/* mattermost/volumes paperless/consume paperless/export +paste/data/* pihole/etc-pihole traefik/log/*.log traefik/log/*.gz diff --git a/ghost/.env b/ghost/.env new file mode 100644 index 0000000..4b161d9 --- /dev/null +++ b/ghost/.env @@ -0,0 +1,13 @@ +# ghost service +database__client=mysql +database__connection__host=ghost-mysql-1 +database__connection__user=ghost +database__connection__password=ghost +database__connection__database=ghost +url=https://blog.rskio.com + +# ghost mysql +MYSQL_ROOT_PASSWORD=root +MYSQL_DATABASE=ghost +MYSQL_USER=ghost +MYSQL_PASSWORD=ghost diff --git a/ghost/compose.yml b/ghost/compose.yml new file mode 100644 index 0000000..1205633 --- /dev/null +++ b/ghost/compose.yml @@ -0,0 +1,118 @@ +services: + service: + image: ghost:5-alpine + labels: + - traefik.enable=true + - traefik.http.routers.ghost.entrypoints=websecure + - traefik.http.routers.ghost.rule=Host(`blog.rskio.com`) + - traefik.http.routers.ghost.middlewares=secureHeaders@file + - traefik.http.routers.ghost.tls=true + - traefik.http.routers.ghost.tls.options=internal@file + - traefik.http.routers.ghost.service=ghost@docker + - traefik.http.services.ghost.loadbalancer.server.port=2368 + - traefik.http.routers.ghost.tls.certresolver=rskio_certresolver + environment: + - database__client + - database__connection__host + - database__connection__user + - database__connection__password + - database__connection__database + - url + depends_on: + mysql: + condition: service_healthy + redis: + condition: service_healthy + restart: unless-stopped + networks: + - default + - traefik + mysql: + image: mysql:8.0.35 + command: + - --innodb-buffer-pool-size=1G + - --innodb-log-buffer-size=500M + - --innodb-change-buffer-max-size=50 + - --innodb-flush-log-at-trx_commit=0 + - --innodb-flush-method=O_DIRECT + ports: + - 3306:3306 + environment: + - MYSQL_ROOT_PASSWORD + - MYSQL_DATABASE + - MYSQL_USER + - MYSQL_PASSWORD + restart: always + volumes: + - ./mysql:/var/lib/mysql + healthcheck: + test: mysql -uroot -proot ghost -e 'select 1' + interval: 5s + retries: 120 + networks: + - default + redis: + image: redis:7.0 + restart: always + ports: + - 6379:6379 + healthcheck: + test: + - CMD + - redis-cli + - --raw + - incr + - ping + interval: 1s + retries: 120 + networks: + - default + pushgateway: + profiles: [monitoring] + image: prom/pushgateway:v1.6.0 + container_name: ghost-pushgateway + ports: + - 9091:9091 + mailhog: + image: mailhog/mailhog:latest + container_name: ghost-mailhog + profiles: [ghost] + ports: + - "1025:1025" # SMTP server + - "8025:8025" # Web interface + restart: always + networks: + - default +# prometheus: +# profiles: [monitoring] +# image: prom/prometheus:v2.30.3 +# container_name: ghost-prometheus +# ports: +# - 9090:9090 +# restart: always +# volumes: +# - ./.docker/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml +# networks: +# - default +# grafana: +# profiles: [monitoring] +# image: grafana/grafana:8.3.0 +# container_name: ghost-grafana +# ports: +# - 3000:3000 +# restart: always +# environment: +# - GF_AUTH_ANONYMOUS_ENABLED=true +# - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin +# volumes: +# - ./.docker/grafana/datasources:/etc/grafana/provisioning/datasources +# - ./.docker/grafana/dashboard.yml:/etc/grafana/provisioning/dashboards/main.yaml +# - ./.docker/grafana/dashboards:/var/lib/grafana/dashboards +# networks: +# - default +# - traefik + +networks: + default: {} + traefik: + external: true diff --git a/ghost/compose.yml.off b/ghost/compose.yml.off deleted file mode 100644 index b780271..0000000 --- a/ghost/compose.yml.off +++ /dev/null @@ -1,85 +0,0 @@ -services: - service: - image: ghost:5-alpine - ports: - - 2368:2368 # Ghost - environment: - database__client: mysql - database__connection__host: ghost-mysql-1 - database__connection__user: ghost - database__connection__password: ghost - database__connection__database: ghost - url: https://blog.rskio.com - depends_on: - mysql: - condition: service_healthy - redis: - condition: service_healthy - mysql: - image: mysql:8.0.35 - command: --innodb-buffer-pool-size=1G --innodb-log-buffer-size=500M --innodb-change-buffer-max-size=50 --innodb-flush-log-at-trx_commit=0 --innodb-flush-method=O_DIRECT - ports: - - 3306:3306 - environment: - MYSQL_ROOT_PASSWORD: root - MYSQL_DATABASE: ghost - MYSQL_USER: ghost - MYSQL_PASSWORD: ghost - restart: always - volumes: - - ./mysql:/var/lib/mysql - healthcheck: - test: mysql -uroot -proot ghost -e 'select 1' - interval: 5s - retries: 120 - redis: - image: redis:7.0 - restart: always - ports: - - 6379:6379 - healthcheck: - test: - - CMD - - redis-cli - - --raw - - incr - - ping - interval: 1s - retries: 120 -# prometheus: -# profiles: [monitoring] -# image: prom/prometheus:v2.30.3 -# container_name: ghost-prometheus -# ports: -# - 9090:9090 -# restart: always -# volumes: -# - ./.docker/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml -# grafana: -# profiles: [monitoring] -# image: grafana/grafana:8.3.0 -# container_name: ghost-grafana -# ports: -# - 3000:3000 -# restart: always -# environment: -# - GF_AUTH_ANONYMOUS_ENABLED=true -# - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin -# volumes: -# - ./.docker/grafana/datasources:/etc/grafana/provisioning/datasources -# - ./.docker/grafana/dashboard.yml:/etc/grafana/provisioning/dashboards/main.yaml -# - ./.docker/grafana/dashboards:/var/lib/grafana/dashboards -# pushgateway: -# profiles: [monitoring] -# image: prom/pushgateway:v1.6.0 -# container_name: ghost-pushgateway -# ports: -# - 9091:9091 -# mailhog: -# image: mailhog/mailhog:latest -# container_name: ghost-mailhog -# profiles: [ghost] -# ports: -# - "1025:1025" # SMTP server -# - "8025:8025" # Web interface -# restart: always diff --git a/paste/compose.yml b/paste/compose.yml index 710ec3b..cee1d71 100644 --- a/paste/compose.yml +++ b/paste/compose.yml @@ -13,7 +13,7 @@ services: - traefik.http.routers.paste.service=paste@docker - traefik.http.services.paste.loadbalancer.server.port=8000 environment: - - RUST_LOG=debug + - RUST_LOG=info volumes: - ./data/:/app/upload - ./config.toml:/app/config.toml diff --git a/rskio.service b/rskio.service index 5e5171c..ed2f0ff 100644 --- a/rskio.service +++ b/rskio.service @@ -1,14 +1,14 @@ [Unit] -Description=Rskio Website +Description=Rskio Services After=docker.service Requires=docker.service [Service] Type=oneshot RemainAfterExit=yes -WorkingDirectory=/opt/docker/rskio -ExecStart=/bin/bash -c "docker compose -f ./compose.yml up -d" -ExecStop=/bin/bash -c "docker compose -f ./compose.yml down" +WorkingDirectory=/home/lost/workspace/hq +ExecStart=/bin/bash -c "./compose.sh start" +ExecStop=/bin/bash -c "./compose.sh stop" [Install] -WantedBy=multi-user.target \ No newline at end of file +WantedBy=multi-user.target diff --git a/traefik/etc/dynamic.yml b/traefik/etc/dynamic.yml index ba700b0..dafc57d 100644 --- a/traefik/etc/dynamic.yml +++ b/traefik/etc/dynamic.yml @@ -50,6 +50,26 @@ http: # tls: # options: internal@file # certResolver: rskio_certresolver + # + stage-docs: + rule: Host(`docs.stage.rskio.com`) + service: stage@file + entryPoints: + - websecure + tls: + options: internal@file + certResolver: rskio_certresolver + + stage-dashboard: + rule: Host(`lb.stage.rskio.com`) + service: stage@file + entryPoints: + - websecure + middlewares: + - redirect-dashboard + tls: + options: internal@file + certResolver: rskio_certresolver pihole: rule: Host(`dns.rskio.com`) @@ -128,6 +148,12 @@ http: # - url: "https://192.168.1.230:3000" # serversTransport: backendIgnoreTLS + stage: + loadBalancer: + servers: + - url: "https://192.168.1.25" + serversTransport: backendIgnoreTLS + pihole: loadBalancer: servers: