Compare commits
No commits in common. "5134e0622b4bdd49935d328e9ed0c2423c604cf2" and "3be5d506474bb0b83c9ff083932585a5ebfab84e" have entirely different histories.
5134e0622b
...
3be5d50647
19
doom.org
19
doom.org
@ -1411,18 +1411,6 @@ https://kitchingroup.cheme.cmu.edu/blog/2016/11/07/Better-equation-numbering-in-
|
||||
)
|
||||
#+end_src
|
||||
|
||||
** Org Media Note
|
||||
#+begin_src emacs-lisp
|
||||
(use-package! org-media-note
|
||||
:hook (org-mode . org-media-note-setup-org-ref)
|
||||
:bind (
|
||||
("H-v" . org-media-note-hydra/body)) ;; Main entrance
|
||||
:config
|
||||
(setq org-media-note-screenshot-image-dir "~/Pictures/") ;; Folder to save screencast
|
||||
(setq org-media-note-use-refcite-first t) ;; use videocite link instead of video link if possible
|
||||
)
|
||||
#+end_src
|
||||
|
||||
** Org Auto Tangle
|
||||
#+begin_src emacs-lisp :tangle no
|
||||
(use-package! org-auto-tangle
|
||||
@ -3334,13 +3322,6 @@ Choose account label to feed msmtp -a option based on From header in Message buf
|
||||
(package! vimrc-mode)
|
||||
#+end_src
|
||||
|
||||
#+begin_src emacs-lisp
|
||||
(package! org-media-note
|
||||
:recipe (:host github :repo "yuchen-lea/org-media-note"))
|
||||
(package! mpv)
|
||||
(package! pretty-hydra)
|
||||
#+end_src
|
||||
|
||||
#+begin_src emacs-lisp
|
||||
;; Automatic toggling of LaTeX fragments
|
||||
(package! org-fragtog)
|
||||
|
||||
240
nas.org
240
nas.org
@ -271,7 +271,7 @@ You can use =latest= instead of the ID.
|
||||
:END:
|
||||
|
||||
#+begin_src yaml
|
||||
version: "3.4"
|
||||
version: "3.2"
|
||||
#+end_src
|
||||
|
||||
** Networks
|
||||
@ -286,16 +286,6 @@ networks:
|
||||
driver: bridge
|
||||
#+end_src
|
||||
|
||||
** Logging
|
||||
#+begin_src yaml
|
||||
x-logging:
|
||||
&default-logging
|
||||
driver: "json-file"
|
||||
options:
|
||||
max-size: "200k"
|
||||
max-file: "10"
|
||||
#+end_src
|
||||
|
||||
** =traefik= - Application proxy
|
||||
#+begin_src yaml
|
||||
services:
|
||||
@ -306,6 +296,33 @@ services:
|
||||
container_name: traefik
|
||||
image: traefik:2.2.1
|
||||
restart: unless-stopped
|
||||
command:
|
||||
- --global.checkNewVersion=true
|
||||
- --global.sendAnonymousUsage=false
|
||||
- --entryPoints.http.address=:80
|
||||
- --entryPoints.https.address=:443
|
||||
- --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
|
||||
- --entryPoints.traefik.address=:8080
|
||||
- --api=true
|
||||
- --api.dashboard=true
|
||||
- --log=true
|
||||
- --log.level=ERROR # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
|
||||
- --accessLog=true
|
||||
- --accessLog.filePath=/var/log/access.log
|
||||
- --accessLog.filters.statusCodes=400-499
|
||||
- --providers.docker=true
|
||||
- --providers.docker.endpoint=unix:///var/run/docker.sock
|
||||
- --providers.docker.defaultrule=Host(`{{ index .Labels "com.docker.compose.service" }}.$DOMAINNAME`)
|
||||
- --providers.docker.exposedByDefault=false
|
||||
- --providers.docker.network=t2_proxy
|
||||
- --providers.docker.swarmMode=false
|
||||
- --providers.file.directory=/rules
|
||||
- --providers.file.watch=true
|
||||
# - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing
|
||||
- --certificatesResolvers.dns-cloudflare.acme.email=$CLOUDFLARE_EMAIL
|
||||
- --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
|
||||
- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
|
||||
- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
|
||||
networks:
|
||||
t2_proxy:
|
||||
ipv4_address: 192.168.90.254 # You can specify a static IP
|
||||
@ -319,7 +336,6 @@ services:
|
||||
- $CONFIGDIR/traefik2/rules:/rules
|
||||
- $CONFIGDIR/traefik2/acme/acme.json:/acme.json
|
||||
- $CONFIGDIR/traefik2/shared:/shared
|
||||
- $CONFIGDIR/traefik2/traefik.yaml:/etc/traefik/traefik.yaml
|
||||
- /var/log/traefik:/var/log
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
@ -349,55 +365,6 @@ services:
|
||||
# - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://login.$DOMAINNAME/'
|
||||
# - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
|
||||
# - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups'
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
*** =traefik.yaml=
|
||||
#+begin_src yaml :tangle /ssh:thomas@grenoble:~/docker/config/traefik2/traefik.yaml
|
||||
global:
|
||||
checkNewVersion: true
|
||||
sendAnonymousUsage: false
|
||||
|
||||
entryPoints:
|
||||
traefik:
|
||||
address: :8080
|
||||
http:
|
||||
address: :80
|
||||
https:
|
||||
address: :443
|
||||
forwardedHeaders:
|
||||
trustedIPs: 173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
|
||||
|
||||
api:
|
||||
dashboard: true
|
||||
|
||||
log:
|
||||
level: ERROR
|
||||
|
||||
accessLog:
|
||||
filePath: /var/log/access.log
|
||||
filters:
|
||||
statusCodes: 400-499
|
||||
|
||||
providers:
|
||||
docker:
|
||||
endpoint: unix:///var/run/docker.sock
|
||||
defaultrule: Host(`{{ index .Labels "com.docker.compose.service" }}.$DOMAINNAME`)
|
||||
exposedByDefault: false
|
||||
network: t2_proxy
|
||||
swarmMode: false
|
||||
file:
|
||||
directory: /rules
|
||||
watch: true
|
||||
|
||||
certificatesResolvers:
|
||||
dns-cloudflare:
|
||||
acme:
|
||||
email: $CLOUDFLARE_EMAIL
|
||||
storage: /acme.json
|
||||
dnsChallenge:
|
||||
provider: cloudflare
|
||||
resolvers: 1.1.1.1:53,1.0.0.1:53
|
||||
#+end_src
|
||||
|
||||
** =homer= - Home page
|
||||
@ -421,7 +388,6 @@ certificatesResolvers:
|
||||
- "traefik.http.routers.homer-rtr.tls=true"
|
||||
- "traefik.http.routers.homer-rtr.service=homer-svc"
|
||||
- "traefik.http.services.homer-svc.loadbalancer.server.port=8080"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
*** =config.yml=
|
||||
@ -557,7 +523,38 @@ services:
|
||||
- name: "OctoPrint"
|
||||
logo: "/assets/tools/octoprint.png"
|
||||
subtitle: "3D-Printing"
|
||||
url: "https://octoprint.tdehaeze.xyz/"
|
||||
url: "http://192.168.1.56/"
|
||||
#+end_src
|
||||
|
||||
** =restic= - Automatic online backups
|
||||
#+begin_src yaml
|
||||
restic:
|
||||
container_name: restic
|
||||
image: mazzolino/restic
|
||||
restart: "no"
|
||||
networks:
|
||||
- t2_proxy
|
||||
environment:
|
||||
- RUN_ON_STARTUP=true
|
||||
- BACKUP_CRON=0 30 0 * * *
|
||||
- RESTIC_REPOSITORY=rclone:mega:mega
|
||||
- RESTIC_PASSWORD="$RESTIC_PASSWORD"
|
||||
- RESTIC_BACKUP_SOURCES=/data
|
||||
- RESTIC_FORGET_ARGS=--keep-daily 7 --keep-weekly 4 --keep-monthly 12
|
||||
- UID=$PUID
|
||||
- GID=$PGID
|
||||
- TZ=$TZ
|
||||
volumes:
|
||||
- $CONFIGDIR/restic:/root/.config/rclone
|
||||
- /srv/storage/Cloud/thesis:/data/thesis
|
||||
#+end_src
|
||||
|
||||
*** =rclone.conf=
|
||||
#+begin_src conf :tangle /ssh:thomas@grenoble:~/docker/config/restic/rclone.conf :noweb yes
|
||||
[mega]
|
||||
type = mega
|
||||
user = dehaeze.thomas@gmail.com
|
||||
pass = <<get-password(passname="nas/rclone_mega_pass")>>
|
||||
#+end_src
|
||||
|
||||
** =snapraid= - Manage local backup with parity disk
|
||||
@ -577,7 +574,6 @@ services:
|
||||
- PUID=$PUID
|
||||
- PGID=$PGID
|
||||
- TZ=$TZ
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
*** =snapraid.conf=
|
||||
@ -701,7 +697,6 @@ older-than = 10
|
||||
- "traefik.http.routers.portainer-rtr.service=portainer-svc"
|
||||
- "traefik.http.routers.portainer-rtr.middlewares=traefik-auth"
|
||||
- "traefik.http.services.portainer-svc.loadbalancer.server.port=9000"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =wireguard= - VPN
|
||||
@ -728,7 +723,6 @@ older-than = 10
|
||||
- /lib/modules:/lib/modules
|
||||
ports:
|
||||
- 51820:51820/udp
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =gitea= - Git server
|
||||
@ -758,7 +752,6 @@ older-than = 10
|
||||
- "traefik.http.routers.git-rtr.tls=true"
|
||||
- "traefik.http.routers.git-rtr.service=git-svc"
|
||||
- "traefik.http.services.git-svc.loadbalancer.server.port=3000"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
#+begin_src yaml
|
||||
@ -803,7 +796,6 @@ older-than = 10
|
||||
- "traefik.http.routers.caddy-rtr.tls=true"
|
||||
- "traefik.http.routers.caddy-rtr.service=caddy-svc"
|
||||
- "traefik.http.services.caddy-svc.loadbalancer.server.port=2015"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
*** =Caddyfile=
|
||||
@ -844,7 +836,6 @@ older-than = 10
|
||||
- "traefik.http.routers.dotfiles-rtr.tls=true"
|
||||
- "traefik.http.routers.dotfiles-rtr.service=dotfiles-svc"
|
||||
- "traefik.http.services.dotfiles-svc.loadbalancer.server.port=2015"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
*** =Caddyfile=
|
||||
@ -878,7 +869,6 @@ older-than = 10
|
||||
- "traefik.http.routers.hugo-rtr.tls=true"
|
||||
- "traefik.http.routers.hugo-rtr.service=hugo-svc"
|
||||
- "traefik.http.services.hugo-svc.loadbalancer.server.port=2015"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =syncthing= - File Synchronization
|
||||
@ -913,7 +903,6 @@ older-than = 10
|
||||
- "traefik.http.routers.syncthing-rtr.service=syncthing-svc"
|
||||
- "traefik.http.routers.syncthing-rtr.middlewares=traefik-auth"
|
||||
- "traefik.http.services.syncthing-svc.loadbalancer.server.port=8384"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =miniflux= - RSS reader
|
||||
@ -942,10 +931,7 @@ older-than = 10
|
||||
# - 'traefik.http.routers.miniflux-rtr.middlewares=authelia@docker'
|
||||
- "traefik.http.routers.miniflux-rtr.service=miniflux-svc"
|
||||
- "traefik.http.services.miniflux-svc.loadbalancer.server.port=8080"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
#+begin_src yaml
|
||||
miniflux_db:
|
||||
container_name: miniflux_db
|
||||
image: postgres:12
|
||||
@ -957,7 +943,6 @@ older-than = 10
|
||||
- POSTGRES_PASSWORD=$MINIFLUX_POSTGRES_PASSWORD
|
||||
volumes:
|
||||
- $CONFIGDIR/miniflux_db:/var/lib/postgresql/data
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =homeassistant= - Home Automation
|
||||
@ -995,7 +980,6 @@ older-than = 10
|
||||
- "traefik.http.routers.homeassistant-rtr.service=homeassistant-svc"
|
||||
- "traefik.http.services.homeassistant-svc.loadbalancer.servers.url=http://172.17.0.1:8123"
|
||||
#- "traefik.http.services.homeassistant-svc.loadbalancer.server.port=8123"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =jellyfin= - Media server
|
||||
@ -1024,7 +1008,6 @@ older-than = 10
|
||||
- "traefik.http.routers.jellyfin-rtr.tls=true"
|
||||
- "traefik.http.routers.jellyfin-rtr.service=jellyfin-svc"
|
||||
- "traefik.http.services.jellyfin-svc.loadbalancer.server.port=8096"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =filebrowser= - Web file browser
|
||||
@ -1051,7 +1034,6 @@ older-than = 10
|
||||
- "traefik.http.routers.filebrowser-rtr.tls=true"
|
||||
- "traefik.http.routers.filebrowser-rtr.service=filebrowser-svc"
|
||||
- "traefik.http.services.filebrowser-svc.loadbalancer.server.port=80"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
*** =.filebrowser.json=
|
||||
@ -1096,7 +1078,6 @@ older-than = 10
|
||||
- /dev/nvme0n1:/dev/nvme0n1
|
||||
ports:
|
||||
- 8089:8080
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =guacamole= - Remote connection
|
||||
@ -1121,7 +1102,6 @@ older-than = 10
|
||||
- "traefik.http.routers.guacamole-rtr.tls=true"
|
||||
- "traefik.http.routers.guacamole-rtr.service=guacamole-svc"
|
||||
- "traefik.http.services.guacamole-svc.loadbalancer.server.port=8080"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =transmission= - Torrent server
|
||||
@ -1164,7 +1144,6 @@ older-than = 10
|
||||
- "traefik.http.routers.transmission-rtr.service=transmission-svc"
|
||||
- "traefik.http.routers.transmission-rtr.middlewares=traefik-auth"
|
||||
- "traefik.http.services.transmission-svc.loadbalancer.server.port=9091"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =aria2= - Download daemon
|
||||
@ -1184,7 +1163,6 @@ older-than = 10
|
||||
- /srv/storage/Downloads:/downloads
|
||||
ports:
|
||||
- 6800:6800
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
*** =aria2.conf=
|
||||
@ -1232,7 +1210,6 @@ split=16
|
||||
- "traefik.http.routers.aria2-rtr.tls=false"
|
||||
- "traefik.http.routers.aria2-rtr.service=aria2-svc"
|
||||
- "traefik.http.services.aria2-svc.loadbalancer.server.port=6880"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =deemix= - Music Download
|
||||
@ -1259,7 +1236,6 @@ split=16
|
||||
- "traefik.http.routers.deemix-rtr.service=deemix-svc"
|
||||
# - "traefik.http.routers.deemix-rtr.middlewares=traefik-auth"
|
||||
- "traefik.http.services.deemix-svc.loadbalancer.server.port=6595"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
*** =.arl=
|
||||
@ -1288,101 +1264,9 @@ split=16
|
||||
- "traefik.http.routers.linkding-rtr.tls=true"
|
||||
- "traefik.http.routers.linkding-rtr.service=linkding-svc"
|
||||
- "traefik.http.services.linkding-svc.loadbalancer.server.port=9090"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
** =restic= - Automatic online backups
|
||||
#+begin_src yaml
|
||||
restic:
|
||||
container_name: restic
|
||||
image: mazzolino/restic
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- t2_proxy
|
||||
environment:
|
||||
- BACKUP_CRON=0 30 0 * * *
|
||||
- RESTIC_REPOSITORY=b2:tdehaeze:/restic
|
||||
- RESTIC_PASSWORD=$RESTIC_PASSWORD
|
||||
- RESTIC_BACKUP_SOURCES=/source
|
||||
- RESTIC_FORGET_ARGS=--keep-daily 7 --keep-weekly 4 --keep-monthly 12
|
||||
- RESTIC_BACKUP_ARGS=--exclude-file /exclude.txt
|
||||
- B2_ACCOUNT_ID=$RESTIC_B2_ACCOUNT_ID
|
||||
- B2_ACCOUNT_KEY=$RESTIC_B2_ACCOUNT_KEY
|
||||
- UID=$PUID
|
||||
- GID=$PGID
|
||||
- TZ=$TZ
|
||||
volumes:
|
||||
- $CONFIGDIR/restic/exclude.txt:/exclude.txt:ro
|
||||
- /srv/storage/Cloud/thesis:/source/Cloud/thesis:ro
|
||||
- /home/thomas/docker:/source/docker:ro
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
*** =exclude.txt= - Exclude files
|
||||
|
||||
#+begin_src conf :tangle /ssh:thomas@grenoble:~/docker/config/restic/exclude.txt
|
||||
*.db
|
||||
*.log
|
||||
*.log.*
|
||||
/source/docker/config/gitea/git/
|
||||
/source/docker/config/guacamole/
|
||||
/source/docker/config/guacamole_db/
|
||||
/source/docker/config/mariadb/
|
||||
/source/docker/config/miniflux_db/
|
||||
/source/docker/config/jellyfin/data/
|
||||
/source/docker/config/dotfiles/www/
|
||||
/source/docker/config/web/www/
|
||||
#+end_src
|
||||
|
||||
** =octoprint= - Web interface for 3D printing
|
||||
#+begin_src yaml
|
||||
octoprint:
|
||||
container_name: octoprint
|
||||
image: octoprint/octoprint
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- t2_proxy
|
||||
environment:
|
||||
- UID=$PUID
|
||||
- GID=$PGID
|
||||
- TZ=$TZ
|
||||
volumes:
|
||||
- $CONFIGDIR/octoprint:/octoprint
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.octoprint-rtr.entrypoints=https"
|
||||
- "traefik.http.routers.octoprint-rtr.rule=Host(`octoprint.$DOMAINNAME`)"
|
||||
- "traefik.http.routers.octoprint-rtr.tls=true"
|
||||
- "traefik.http.routers.octoprint-rtr.service=octoprint-svc"
|
||||
- "traefik.http.routers.octoprint-rtr.middlewares=traefik-auth"
|
||||
- "traefik.http.services.octoprint-svc.loadbalancer.server.port=80"
|
||||
logging: *default-logging
|
||||
#+end_src
|
||||
|
||||
* Docker-Compose OLD :noexport:
|
||||
** =duplicity= - Bookmark manager
|
||||
#+begin_src yaml
|
||||
duplicity:
|
||||
container_name: duplicity
|
||||
image: tecnativa/duplicity
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- t2_proxy
|
||||
environment:
|
||||
- TZ=$TZ
|
||||
- DST=megav2://mega@mega.nz/backup
|
||||
volumes:
|
||||
- $CONFIGDIR/duplicity/.megav2rc:/root/.megav2rc
|
||||
- /srv/storage/Cloud/thesis:/mnt/backup/src/thesis:ro
|
||||
#+end_src
|
||||
|
||||
*** =.megarc=
|
||||
#+begin_src conf :tangle /ssh:thomas@grenoble:~/docker/config/duplicity/.megav2rc :noweb yes
|
||||
[Login]
|
||||
user = dehaeze.thomas@gmail.com
|
||||
pass = <<get-password(passname="nas/duplicity_mega")>>
|
||||
#+end_src
|
||||
|
||||
** Transfer.sh
|
||||
#+begin_src yaml
|
||||
transfer:
|
||||
@ -2090,7 +1974,7 @@ pass = <<get-password(passname="nas/duplicity_mega")>>
|
||||
|
||||
* =.env= - Variable used for Docker Compose
|
||||
:PROPERTIES:
|
||||
:header-args: :tangle /ssh:thomas@grenoble:~/docker/.env
|
||||
:header-args: :tangle /ssh:thomas@grenoble:~/docker/.env.test
|
||||
:header-args+: :comments none :mkdirp yes :noweb yes
|
||||
:END:
|
||||
|
||||
@ -2115,8 +1999,6 @@ MINIFLUX_POSTGRES_PASSWORD=<<get-password(passname="nas/miniflux_postgres_pass")
|
||||
|
||||
#+begin_src conf
|
||||
RESTIC_PASSWORD=<<get-password(passname="nas/restic_pass")>>
|
||||
RESTIC_B2_ACCOUNT_ID=<<get-password(passname="nas/restic_B2_id")>>
|
||||
RESTIC_B2_ACCOUNT_KEY=<<get-password(passname="nas/restic_B2_key")>>
|
||||
#+end_src
|
||||
|
||||
#+begin_src conf
|
||||
|
||||
Loading…
Reference in New Issue
Block a user