Rework podman network
All checks were successful
ShellCheck / shellcheck (push) Successful in 18s

This commit is contained in:
Mathieu Strypsteen 2024-11-20 21:23:04 +01:00
parent 3ab7c48728
commit 71d00e7789
Signed by: mathieu
GPG key ID: 782A42E461BC6824
12 changed files with 10 additions and 13 deletions

View file

@ -0,0 +1,5 @@
[Container]
Image=docker.io/ollama/ollama
AutoUpdate=registry
[Install]
WantedBy=multi-user.target

View file

@ -1,6 +1,5 @@
[Container] [Container]
Image=git.strypsteen.com/infra/big-agi Image=git.strypsteen.com/infra/big-agi
Network=nginx.network
Environment=HTTP_BASIC_AUTH_USERNAME=mathieu Environment=HTTP_BASIC_AUTH_USERNAME=mathieu
Environment=PUPPETEER_WSS_ENDPOINT=ws://sandbox.server.home.arpa:3000 Environment=PUPPETEER_WSS_ENDPOINT=ws://sandbox.server.home.arpa:3000
Secret=HTTP_BASIC_AUTH_PASSWORD,type=env Secret=HTTP_BASIC_AUTH_PASSWORD,type=env

View file

@ -2,7 +2,6 @@
Image=docker.io/collabora/code Image=docker.io/collabora/code
UserNS=host UserNS=host
ReadOnly=false ReadOnly=false
Network=nginx.network
Volume=/var/lib/container-data/collabora.xml:/etc/coolwsd/coolwsd.xml:U,Z Volume=/var/lib/container-data/collabora.xml:/etc/coolwsd/coolwsd.xml:U,Z
PublishPort=10.0.1.2:8010:9980 PublishPort=10.0.1.2:8010:9980
AutoUpdate=registry AutoUpdate=registry

View file

@ -1,6 +1,5 @@
[Container] [Container]
Image=docker.io/vectorim/element-web Image=docker.io/vectorim/element-web
Network=nginx.network
LogDriver=none LogDriver=none
Volume=/var/lib/system-config/container-config/element/config.json:/app/config.json:z,ro Volume=/var/lib/system-config/container-config/element/config.json:/app/config.json:z,ro
Tmpfs=/var/cache/nginx Tmpfs=/var/cache/nginx

View file

@ -1,7 +1,6 @@
[Container] [Container]
Image=docker.io/btcpayserver/monero:0.18.3.4 Image=docker.io/btcpayserver/monero:0.18.3.4
Network=nginx.network Exec=monerod --non-interactive --prune-blockchain --rpc-restricted-bind-ip=0.0.0.0 --rpc-restricted-bind-port=18089
Exec=monerod --non-interactive --prune-blockchain --rpc-use-ipv6 --rpc-restricted-bind-ip=0.0.0.0 --rpc-restricted-bind-ipv6-address=:: --rpc-restricted-bind-port=18089
Volume=monero.volume:/home/monero/.bitmonero:U,Z Volume=monero.volume:/home/monero/.bitmonero:U,Z
PublishPort=10.0.1.2:8012:18089 PublishPort=10.0.1.2:8012:18089
AutoUpdate=registry AutoUpdate=registry

View file

@ -4,7 +4,6 @@ After=postgresql.service nextcloud-valkey.service
[Container] [Container]
Image=docker.io/nextcloud Image=docker.io/nextcloud
Network=nextcloud.network Network=nextcloud.network
Network=postgresql.network
Entrypoint=sh Entrypoint=sh
Exec=-c "chown -Rh www-data:www-data /var/www/html && busybox crond && /entrypoint.sh apache2-foreground > /dev/null" Exec=-c "chown -Rh www-data:www-data /var/www/html && busybox crond && /entrypoint.sh apache2-foreground > /dev/null"
Volume=nextcloud.volume:/var/www/html:U,Z Volume=nextcloud.volume:/var/www/html:U,Z

View file

@ -1,2 +0,0 @@
[Network]
IPv6=true

View file

@ -1,6 +1,5 @@
[Container] [Container]
Image=docker.io/binwiederhier/ntfy Image=docker.io/binwiederhier/ntfy
Network=nginx.network
Exec=serve Exec=serve
Volume=ntfy.volume:/var/lib/ntfy:U,Z Volume=ntfy.volume:/var/lib/ntfy:U,Z
Environment=NTFY_AUTH_DEFAULT_ACCESS=write-only Environment=NTFY_AUTH_DEFAULT_ACCESS=write-only

View file

@ -1,6 +1,7 @@
[Container] [Container]
Image=docker.io/postgres:16-alpine Image=docker.io/postgres:16-alpine
Network=postgresql.network Network=nextcloud.network
Network=synapse.network
Volume=postgresql.volume:/var/lib/postgresql/data:U,Z Volume=postgresql.volume:/var/lib/postgresql/data:U,Z
Secret=POSTGRES_PASSWORD,type=env Secret=POSTGRES_PASSWORD,type=env
AutoUpdate=registry AutoUpdate=registry

View file

@ -3,8 +3,7 @@ Requires=postgresql.service
After=postgresql.service After=postgresql.service
[Container] [Container]
Image=docker.io/matrixdotorg/synapse Image=docker.io/matrixdotorg/synapse
Network=nginx.network Network=synapse.network
Network=postgresql.network
User=991 User=991
Exec=run --config-path /etc/synapse/homeserver.yaml --config-path /etc/synapse.yaml Exec=run --config-path /etc/synapse/homeserver.yaml --config-path /etc/synapse.yaml
Volume=/var/lib/system-config/container-config/synapse:/etc/synapse:z,ro Volume=/var/lib/system-config/container-config/synapse:/etc/synapse:z,ro

View file

@ -2,7 +2,7 @@
set -euo pipefail set -euo pipefail
cp -R desktop/* gpu/* / cp -R desktop/* gpu/* /
sh setup-desktop.sh sh setup-desktop.sh
systemctl enable --now sshd systemctl enable --now podman-auto-update.timer sshd
systemctl disable auditd systemctl disable auditd
sed "s/SUB_UID_COUNT.*/SUB_UID_COUNT 16777216/" -i /etc/login.defs sed "s/SUB_UID_COUNT.*/SUB_UID_COUNT 16777216/" -i /etc/login.defs
sed "s/SUB_GID_COUNT.*/SUB_GID_COUNT 16777216/" -i /etc/login.defs sed "s/SUB_GID_COUNT.*/SUB_GID_COUNT 16777216/" -i /etc/login.defs