turned base to snipe-it deployment

This commit is contained in:
Bryan Joshua Pedini 2022-10-13 15:14:23 +02:00
parent 5ed1af1f7f
commit 9eb93f52e5
5 changed files with 178 additions and 14 deletions

View File

@ -1,2 +1 @@
# Base App Deployment
This is the base on which (almost) every deployment is sort-of-based on.
# Snipe-IT Deployment

View File

@ -1,7 +1,51 @@
---
services:
app:
snipeit:
image: snipe/snipe-it:${SNIPEIT_VERSION}
restart: unless-stopped
depends_on:
- mariadb
- redis
environment:
- APP_ENV=${SNIPEIT_ENV}
- APP_DEBUG=${SNIPEIT_DEBUG}
- APP_KEY=${SNIPEIT_KEY}
- APP_URL=${SNIPEIT_URL}
- APP_TIMEZONE=${SNIPEIT_TIMEZONE}
- APP_LOCALE=${SNIPEIT_LOCALE}
- MAX_RESULTS=${SNIPEIT_MAXRESULTS}
- PRIVATE_FILESYSTEM_DISK=${SNIPEIT_PRIVATE_FS}
- PUBLIC_FILESYSTEM_DISK=${SNIPEIT_PUBLIC_FS}
- DB_CONNECTION=mysql
- DB_HOST=mariadb
- DB_DATABASE=${MARIADB_NAME}
- DB_USERNAME=${MARIADB_USER}
- DB_PASSWORD=${MARIADB_PASS}
- DB_PREFIX=${MARIADB_PREFIX}
- DB_DUMP_PATH=
- DB_CHARSET=utf8mb4
- DB_COLLATION=utf8mb4_unicode_ci
- MAIL_DRIVER=smtp
- MAIL_HOST=${SNIPEIT_MAIL_HOST}
- MAIL_PORT=${SNIPEIT_MAIL_PORT}
- MAIL_USERNAME=${SNIPEIT_MAIL_USER}
- MAIL_PASSWORD=${SNIPEIT_MAIL_PASS}
- MAIL_ENCRYPTION=${SNIPEIT_MAIL_ENCR}
- MAIL_FROM_ADDR=${SNIPEIT_MAIL_FADDR}
- MAIL_FROM_NAME=${SNIPEIT_MAIL_FNAME}
- MAIL_REPLYTO_ADDR=${SNIPEIT_MAIL_RADDR}
- MAIL_REPLYTO_NAME=${SNIPEIT_MAIL_RNAME}
- MAIL_AUTO_EMBED=true
- MAIL_AUTO_EMBED_METHOD=${SNIPEIT_MAIL_EMBED}
- IMAGE_LIB=gd
- APP_TRUSTED_PROXIES=${SNIPEIT_PROXY}
- SECURE_COOKIES=true
- REDIS_HOST=redis
- REDIS_PASSWORD=${REDIS_PASS}
- REDIS_PORT=6379
- LOGIN_MAX_ATTEMPTS=${SNIPEIT_LOGINATT}
- LOGIN_LOCKOUT_DURATION=${SNIPEIT_LOCKDUR}
- RESET_PASSWORD_LINK_EXPIRES=${SNIPEIT_PWLINKEXP}
labels:
### Section Træfik
- traefik.enable=${TRAEFIK_ENABLED}
@ -22,15 +66,56 @@ services:
# specify a service so a custom port can be used
- traefik.http.services.${TRAEFIK_SERVICE}.loadbalancer.server.port=${TRAEFIK_SERVICE_PORT}
### Section Diun
- diun.enable=${DIUN_ENABLE}
- diun.watch_repo=${DIUN_WATCHREPO}
- diun.sort_tags=${DIUN_SORTALGO}
- diun.include_tags=${DIUN_INCLUDE}
- diun.exclude_tags=${DIUN_EXCLUDE}
- diun.enable=${DIUN_SNIPEIT_ENABLE}
- diun.watch_repo=${DIUN_SNIPEIT_WATCHREPO}
- diun.sort_tags=${DIUN_SNIPEIT_SORTALGO}
- diun.include_tags=${DIUN_SNIPEIT_INCLUDE}
- diun.exclude_tags=${DIUN_SNIPEIT_EXCLUDE}
networks:
- internal
- traefik
volumes:
- ${SNIPEIT_DATA}/data:/var/lib/snipeit
- ${SNIPEIT_DATA}/logs:/var/www/html/storage/logs
mariadb:
image: mariadb:${MARIADB_VERSION}
restart: unless-stopped
environment:
- MARIADB_ROOT_PASSWORD=${MARIADB_ROOT}
- MARIADB_DATABASE=${MARIADB_NAME}
- MARIADB_USER=${MARIADB_USER}
- MARIADB_PASSWORD=${MARIADB_PASS}
labels:
### Section Diun
- diun.enable=${DIUN_MARIADB_ENABLE}
- diun.watch_repo=${DIUN_MARIADB_WATCHREPO}
- diun.sort_tags=${DIUN_MARIADB_SORTALGO}
- diun.include_tags=${DIUN_MARIADB_INCLUDE}
- diun.exclude_tags=${DIUN_MARIADB_EXCLUDE}
networks:
- internal
volumes:
- ${MARIADB_DATA}:/var/lib/mysql
redis:
image: redis:${REDIS_VERSION}
restart: unless-stopped
command: --requirepass ${REDIS_PASS}
environment:
- REDIS_PASS=${REDIS_PASS}
labels:
### Section Diun
- diun.enable=${DIUN_REDIS_ENABLE}
- diun.watch_repo=${DIUN_REDIS_WATCHREPO}
- diun.sort_tags=${DIUN_REDIS_SORTALGO}
- diun.include_tags=${DIUN_REDIS_INCLUDE}
- diun.exclude_tags=${DIUN_REDIS_EXCLUDE}
networks:
- internal
networks:
internal:
traefik:
external: true
name: ${TRAEFIK_NETWORK}

View File

@ -10,9 +10,57 @@ TRAEFIK_CERTRESOLVER=letsencrypt
TRAEFIK_HTTP_MIDDLEWARES=http-to-https
TRAEFIK_HTTPS_MIDDLEWARES=hsts
# Diun
DIUN_ENABLE=true
DIUN_WATCHREPO=true
DIUN_SORTALGO=semver
DIUN_INCLUDE=
DIUN_EXCLUDE=
# Snipe-IT
SNIPEIT_VERSION=v6.0.11-alpine
SNIPEIT_DATA=./data/snipeit
SNIPEIT_ENV=production
SNIPEIT_DEBUG=false
SNIPEIT_KEY=
SNIPEIT_URL=https://app.example.com
SNIPEIT_TIMEZONE=UTC
SNIPEIT_LOCALE=en
SNIPEIT_MAXRESULTS=500
SNIPEIT_PRIVATE_FS=local
SNIPEIT_PUBLIC_FS=local_public
SNIPEIT_MAIL_HOST=mail.example.com
SNIPEIT_MAIL_PORT=25
SNIPEIT_MAIL_USER=noreply@example.com
SNIPEIT_MAIL_PASS=
SNIPEIT_MAIL_ENCR=
SNIPEIT_MAIL_FADDR=noreply@example.com
SNIPEIT_MAIL_FNAME=Snipe-IT
SNIPEIT_MAIL_RADDR=
SNIPEIT_MAIL_RNAME=
SNIPEIT_MAIL_EMBED=base64
SNIPEIT_LOGINATT=5
SNIPEIT_LOCKDUR=60
SNIPEIT_PWLINKEXP=900
SNIPEIT_PROXY=172.16.0.0/12
DIUN_SNIPEIT_ENABLE=true
DIUN_SNIPEIT_WATCHREPO=true
DIUN_SNIPEIT_SORTALGO=semver
DIUN_SNIPEIT_INCLUDE=v[0-9]+\.[0-9]+\.[0-9]+-alpine
DIUN_SNIPEIT_EXCLUDE=
# MariaDB
MARIADB_VERSION=10.9.3
MARIADB_DATA=./data/mariadb
MARIADB_ROOT=
MARIADB_NAME=
MARIADB_USER=
MARIADB_PASS=
MARIADB_PREFIX=
DIUN_MARIADB_ENABLE=true
DIUN_MARIADB_WATCHREPO=true
DIUN_MARIADB_SORTALGO=semver
DIUN_MARIADB_INCLUDE=[0-9]+\.[0-9]+\.[0-9]+
DIUN_MARIADB_EXCLUDE=
# Redis
REDIS_VERSION=7.0.5-alpine3.16
REDIS_PASS=
DIUN_REDIS_ENABLE=true
DIUN_REDIS_WATCHREPO=true
DIUN_REDIS_SORTALGO=semver
DIUN_REDIS_INCLUDE=[0-9]+\.[0-9]+\.[0-9]+-alpine[0-9]+\.[0-9]+
DIUN_REDIS_EXCLUDE=

11
init.sh Executable file
View File

@ -0,0 +1,11 @@
#!/usr/bin/env bash
set -e
# Retrieve proper environment variables
SNIPEIT_VERSION=$(cat .env | grep SNIPEIT_VERSION | sed 's/SNIPEIT_VERSION=//')
# Generate a new key (escaped for `sed` use)
SNIPEIT_KEY=$(docker run --rm snipe/snipe-it:${SNIPEIT_VERSION} | grep base64 | sed -e 's/[\/&]/\\&/g')
# Place the newly generated key in the env file
sed -i "s/SNIPEIT_KEY=.*/SNIPEIT_KEY=${SNIPEIT_KEY}/" .env

21
start.sh Executable file
View File

@ -0,0 +1,21 @@
#/usr/bin/env bash
set -e
# Retrieve proper environment variables
SNIPEIT_DATA=$(cat .env | grep SNIPEIT_DATA | sed 's/SNIPEIT_DATA=//')
# Start MariaDB first - Snipe-IT doesn't like when the DB is not ready yet
docker compose up -d mariadb
# Wait a couple of seconds that the database is ready
for I in {10..1}; do
printf " ${I}"
sleep 1
done
echo
# Start everything else
docker compose up -d
# Change the logs folder owner (because Snipe-IT really seems to not be able to do it on its own)
chown 100 ${SNIPEIT_DATA}/logs