Merge branch 'main' into passbolt

2024-11-25 17:55:06 +01:00 · 2022-12-02 09:48:55 +01:00 · 2022-12-02 09:48:55 +01:00 · fe0f9d1b8c
commit fe0f9d1b8c
parent a0da58aa7c 743e4248c0
17 changed files with 65 additions and 171 deletions
--- a/README.md
+++ b/README.md
@ -2,7 +2,7 @@
 Hi, there! 👋
-I’m Christian, a 35 years old tech enthusiast from Germany, and I love to inspire and educate people in IT.
+I’m Christian, a 35-year-old tech enthusiast from Germany, and I love to inspire and educate people in IT.
 This Repository **Boilerplates** is my personal template collection. Here you'll find templates, and configurations for various tools, and technologies. 
@ -16,10 +16,10 @@ If you’d like to contribute to this project, reach out to me on social media o
 ## Other Resources
- [Videos](https://github.com/xcad2k/videos) - Documentation and project files for all my video tutorials on YouTube
+- [Videos](https://github.com/christianlempa/videos) - Documentation and project files for all my video tutorials on YouTube
- [Dotfiles](https://github.com/xcad2k/dotfiles) - My personal configuration files on Linux and Windows
+- [Dotfiles](https://github.com/christianlempa/dotfiles) - My personal configuration files on Linux and Windows
- [Boilerplates](https://github.com/xcad2k/boilerplates) - Templates for various projects like Docker, K8S, Ansible, etc
+- [Boilerplates](https://github.com/christianlempa/boilerplates) - Templates for various projects like Docker, K8S, Ansible, etc
- [Cheat-Sheets](https://github.com/xcad2k/cheat-sheets) - Command Reference for various tools and technologies
+- [Cheat-Sheets](https://github.com/christianlempa/cheat-sheets) - Command Reference for various tools and technologies
 ## Support me
--- a/ansible/README.md
+++ b/ansible/README.md
@ -1,3 +0,0 @@
 # Ansible Boilerplates
 These are my ansible boilerplates to configure, provision and maintain servers and clients. Most of them are written and tested on Ubuntu Servers (with a few exceptions).
--- a/ansible/provisoning/ubuntu/install-docker.yaml
+++ b/ansible/provisoning/ubuntu/install-docker.yaml
@ -10,27 +10,7 @@
  - name: install prerequisites
    apt:
      name:
-        - apt-transport-https
+        - docker.io
        - ca-certificates 
        - curl 
        - gnupg-agent
        - software-properties-common
      update_cache: yes
  - name: add apt-key
    apt_key:
      url: https://download.docker.com/linux/ubuntu/gpg
  - name: add docker repo
    apt_repository:
      repo: deb https://download.docker.com/linux/ubuntu focal stable
  - name: install docker 
    apt:
      name: 
        - docker-ce
        - docker-ce-cli
        - containerd.io
      update_cache: yes
  - name: add user permissions
--- a/docker-compose/README.md
+++ b/docker-compose/README.md
@ -1,21 +0,0 @@
 # Docker-Compose Boilerplates and Templates
 ## Index
 - **Authelia** - 
 - **Duplicati** - 
 - **Grafana** - 
 - **Homer** - 
 - **Influxdb** - 
 - **Jellyfin** - 
 - **Nextcloud** - 
 - **Nginxproxymanager** - 
 - **Pihole** - 
 - **Plex** - 
 - **Portainer** - 
 - **Prometheus** - 
 - **SWAG** - 
 - **Teleport** -
 - **Traefik** - 
 - **Watchtower** - 
 - **Whoami** - 
--- a/docker-compose/cadvisor/README.md
+++ b/docker-compose/cadvisor/README.md
--- a/docker-compose/cadvisor/docker-compose.yml
+++ b/docker-compose/cadvisor/docker-compose.yml
@ -0,0 +1,21 @@
 ---
 version: '3'
 services:
  cadvisor:
    # TODO: latest tag is not updated, check latest release https://github.com/google/cadvisor/releases 
    image: gcr.io/cadvisor/cadvisor:v0.45.0     
    container_name: cadvisor
    ports:
      - "8080:8080"
    network_mode: host
    volumes:
      - /:/rootfs:ro
      - /var/run:/var/run:ro
      - /sys:/sys:ro
      - /var/lib/docker/:/var/lib/docker:ro
      - /dev/disk/:/dev/disk:ro
    devices:
      - /dev/kmsg
    restart: unless-stopped
    privileged: true
--- a/docker-compose/heimdall/heimdall.yaml
+++ b/docker-compose/heimdall/heimdall.yaml
@ -0,0 +1,15 @@
 ---
 version: "2.1"
 services:
  heimdall:
    image: lscr.io/linuxserver/heimdall:latest
    container_name: heimdall
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ./heimdall/config:/config
    ports:
      - 80:80
      - 443:443
    restart: unless-stopped
--- a/docker-compose/nextcloud/nextcloud-npm.yaml
+++ b/docker-compose/nextcloud/nextcloud-npm.yaml
@ -1,77 +0,0 @@
 version: '3'
 volumes:
  nextcloud-data:
  nextcloud-db:
  npm-data:
  npm-ssl:
  npm-db:
 networks:
  frontend:
    # add this if the network is already existing!
    # external: true
  backend:
 services:
  nextcloud-app:
    image: nextcloud
    restart: always
    volumes:
      - nextcloud-data:/var/www/html
    environment:
      - MYSQL_PASSWORD=replace-with-secure-password
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_HOST=nextcloud-db
    networks:
      - frontend
      - backend
  nextcloud-db:
    image: mariadb
    restart: always
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    volumes:
      - nextcloud-db:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=replace-with-secure-password
      - MYSQL_PASSWORD=replace-with-secure-password
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
    networks:
      - backend
  npm-app:
    image: jc21/nginx-proxy-manager:latest
    restart: always
    ports:
      - "80:80"
      - "81:81"
      - "443:443"
    environment:
      - DB_MYSQL_HOST=npm-db
      - DB_MYSQL_PORT=3306
      - DB_MYSQL_USER=npm
      - DB_MYSQL_PASSWORD=replace-with-secure-password
      - DB_MYSQL_NAME=npm
    volumes:
      - npm-data:/data
      - npm-ssl:/etc/letsencrypt
    networks:
      - frontend
      - backend
  npm-db:
    image: jc21/mariadb-aria:latest
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=replace-with-secure-password
      - MYSQL_DATABASE=npm
      - MYSQL_USER=npm
      - MYSQL_PASSWORD=replace-with-secure-password
    volumes:
      - npm-db:/var/lib/mysql
    networks:
      - backend
--- a/docker-compose/nextcloud/nextcloud.yaml
+++ b/docker-compose/nextcloud/nextcloud.yaml
@ -4,38 +4,29 @@ volumes:
  nextcloud-data:
  nextcloud-db:
 networks:
  frontend:
    # add this if the network is already existing!
    # external: true
  backend:
 services:
  nextcloud-app:
-    image: nextcloud
+    image: nextcloud:latest
-    restart: always
+    restart: unless-stopped
    volumes:
      - nextcloud-data:/var/www/html
    environment:
-      - MYSQL_PASSWORD=replace-with-secure-password
+      - MYSQL_PASSWORD=$MYSQL_PASSWORD
-      - MYSQL_DATABASE=nextcloud
+      - MYSQL_DATABASE=$MYSQL_DATABASE
-      - MYSQL_USER=nextcloud
+      - MYSQL_USER=$MYSQL_USER
      - MYSQL_HOST=nextcloud-db
-    networks:
+    ports:
-      - frontend
+      - 80:80
      - backend
  nextcloud-db:
-    image: mariadb
+    image: mariadb:latest
-    restart: always
+    restart: unless-stopped
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    volumes:
      - nextcloud-db:/var/lib/mysql
    environment:
-      - MYSQL_ROOT_PASSWORD=replace-with-secure-password
+      - MYSQL_RANDOM_ROOT_PASSWORD=true
-      - MYSQL_PASSWORD=replace-with-secure-password
+      - MYSQL_PASSWORD=$MYSQL_PASSWORD
-      - MYSQL_DATABASE=nextcloud
+      - MYSQL_DATABASE=$MYSQL_DATABASE
-      - MYSQL_USER=nextcloud
+      - MYSQL_USER=$MYSQL_USER
    networks:
      - backend
--- a/docker-compose/prometheus/exporters/node_exporter/docker-compose.yml
+++ b/docker-compose/prometheus/exporters/node_exporter/docker-compose.yml
--- a/docker-compose/prometheus/exporters/Nvidia
+++ b/docker-compose/prometheus/exporters/Nvidia
--- a/docker-compose/nvidiadgcm/docker-compose.yml
+++ b/docker-compose/nvidiadgcm/docker-compose.yml
--- a/docker-compose/prometheus/exporters/Nvidia_smi_exporter/README.md
+++ b/docker-compose/prometheus/exporters/Nvidia_smi_exporter/README.md
--- a/docker-compose/prometheus/exporters/Nvidia_smi_exporter/docker-compose.yml
+++ b/docker-compose/prometheus/exporters/Nvidia_smi_exporter/docker-compose.yml
--- a/docker-compose/prometheus/README.md
+++ b/docker-compose/prometheus/README.md
@ -11,6 +11,15 @@ Configure your settings in the `/etc/prometheus/prometheus.yml` file.
 *For more info visit:* [Official Prometheus Installation Documentation](https://prometheus.io/docs/prometheus/latest/installation/)
 # Exporters
 TODO: WIP
 - cadvisor
 - nodeexporter
 - nvidiadgcm
 - nvidiasmi
 # Best-Practices & Post-Installation
 ## Disable HTTP
@ -19,7 +28,7 @@ It's not secure to expose Prometheus via the HTTP protocol.
 ### Use a Reverse Proxy
- [] Use a Reverse Proxy to securely expose administrative services.
+- [ ] Use a Reverse Proxy to securely expose administrative services.
 # Additional Referfences
--- a/docker-compose/prometheus/exporters/cadvisor/docker-compose.yml
+++ b/docker-compose/prometheus/exporters/cadvisor/docker-compose.yml
@ -1,21 +0,0 @@
 ---
 version: '3'
 services:
  cadvisor:
    image: gcr.io/cadvisor/cadvisor:v0.45.0 # latest tag is not updated...
                                            # https://github.com/google/cadvisor/issues/3066    
                                            # To manual check versions: https://github.com/google/cadvisor/releases      
    container_name: cadvisor
    # ports:
    #   - "8080:8080"
    network_mode: host
    volumes:
      - /:/rootfs:ro
      - /var/run:/var/run:ro
      - /sys:/sys:ro
      - /var/lib/docker/:/var/lib/docker:ro
      - /dev/disk/:/dev/disk:ro
    devices:
      - /dev/kmsg
    restart: unless-stopped
--- a/terraform/README.md
+++ b/terraform/README.md
		`@ -1,3 +0,0 @@`
			`# Ansible Boilerplates`

			`These are my ansible boilerplates to configure, provision and maintain servers and clients. Most of them are written and tested on Ubuntu Servers (with a few exceptions).`