From af493ab282313d2f802b105085b5ad21e9c52438 Mon Sep 17 00:00:00 2001
From: spinach <spinach@spin.ach>
Date: Sun, 23 Feb 2025 07:33:46 -0500
Subject: [PATCH] extracting most env vars and writing script to generate sql
 init helper

---
 Makefile                    |   6 ++
 {caddy => config}/Caddyfile |   6 +-
 docker-compose.yml          | 139 +++++++++++++++++++++++-------------
 init-gen.sh                 |  41 +++++++++++
 4 files changed, 141 insertions(+), 51 deletions(-)
 rename {caddy => config}/Caddyfile (72%)
 create mode 100755 init-gen.sh

diff --git a/Makefile b/Makefile
index e6e6509..88405ea 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,11 @@
 fetch:
 	git submodule update --init --recursive
  
+init: fetch
+	mkdir -p volumes/caddy/data volumes/caddy/config
+	mkdir -p volumes/gitea/data volumes/gitea/config
+	chown 1000:1000 volumes/gitea/data volumes/gitea/config
+	mkdir -p volumes/seafile/data volumes/seafile/noti
+	mkdir -p volumes/mariadb/db
 build: fetch
 	cd website; hugo
diff --git a/caddy/Caddyfile b/config/Caddyfile
similarity index 72%
rename from caddy/Caddyfile
rename to config/Caddyfile
index b187df7..3e31218 100644
--- a/caddy/Caddyfile
+++ b/config/Caddyfile
@@ -7,11 +7,15 @@ seafile.keegandeppe.com {
 	reverse_proxy seafile
 }
 
+sea_noti.keegandeppe.com {
+	reverse_proxy seafile
+}
+
 git.keegandeppe.com {
 	reverse_proxy gitea
 }
 
 resume.noa.fish {
-	root * /static/fish
+	root * /srv/fish
 	file_server
 }
diff --git a/docker-compose.yml b/docker-compose.yml
index 43e7969..3fd3d72 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -10,70 +10,109 @@ services:
       auth
       caddy
     volumes:
-      - caddy/Caddyfile:/etc/caddy/Caddyfile
-      - ./website/public:/srv/keegan
-      - ./fish:/srv/fish
-      - caddy_data:/data
-      - caddy_config:/config
+      - config/Caddyfile:/etc/caddy/Caddyfile
+      - website/public:/srv/keegan
+      - fish:/srv/fish
+      - volumes/caddy/data:/data
+      - volumes/caddy/config:/config
+
+  mariadb:
+    image: mariadb:10.11
+    container_name: mariadb
+    env-file: "priv/env"
+    volumes:
+      - ./volumes/mariadb/db:/var/lib/mysql
+      - ./priv/init.sql:/script/init.sql
+    networks:
+      - gitea-net
+      - seafile-net
+    healthcheck:
+      test:
+        [
+          "CMD",
+          "/usr/local/bin/healthcheck.sh",
+          "--connect",
+          "--mariadbupgrade",
+          "--innodb_initialized",
+        ]
+      interval: 20s
+      start_period: 30s
+      timeout: 5s
+      retries: 10
+
+  memcached:
+    image: memcached:1.6.29
+    container_name: seafile-memcached
+    entrypoint: memcached -m 256
+    networks:
+      - seafile-net
+
+  notification-server:
+    image: seafileltd/notification-server:12.0-latest
+    container_name: seafile-notification-server
+    restart: unless-stopped
+    volumes:
+      - volumes/seafile/noti:/shared
+    environment:
+      - SEAFILE_MYSQL_DB_HOST=${SEAFILE_MYSQL_DB_HOST:-db}
+      - SEAFILE_MYSQL_DB_USER=${SEAFILE_MYSQL_DB_USER:-seafile}
+      - SEAFILE_MYSQL_DB_PASSWORD=${SEAFILE_MYSQL_DB_PASSWORD:?Variable is not set or empty}
+      - SEAFILE_MYSQL_DB_CCNET_DB_NAME=${SEAFILE_MYSQL_DB_CCNET_DB_NAME:-ccnet_db}
+      - SEAFILE_MYSQL_DB_SEAFILE_DB_NAME=${SEAFILE_MYSQL_DB_SEAFILE_DB_NAME:-seafile_db}
+      - JWT_PRIVATE_KEY=${JWT_PRIVATE_KEY:?Variable is not set or empty}
+      - SEAFILE_LOG_TO_STDOUT=${SEAFILE_LOG_TO_STDOUT:-false}
+      - NOTIFICATION_SERVER_LOG_LEVEL=${NOTIFICATION_SERVER_LOG_LEVEL:-info}
+    labels:
+      caddy: ${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty}
+      caddy.@ws.0_header: "Connection *Upgrade*"
+      caddy.@ws.1_header: "Upgrade websocket"
+      caddy.0_reverse_proxy: "@ws {{upstreams 8083}}"
+      caddy.1_handle_path: "/notification*"
+      caddy.1_handle_path.0_rewrite: "* {uri}"
+      caddy.1_handle_path.1_reverse_proxy: "{{upstreams 8083}}"
+    depends_on:
+      db:
+        condition: service_healthy
+    networks:
+      - seafile-net
+          
+  seafile:
+    image: seafileltd/seafile-mc:12.0-latest
+    container_name: seafile
+    volumes:
+      - /opt/seafile-mysql:/shared
+    env-file: "priv/env"
+    environment:
+      - JWT_PRIVATE_KEY=${SEAFILE_JWT_PRIVATE_KEY}
+    depends_on:
+      db:
+        condition: service_healthy
+      memcached:
+        condition: service_started
+    networks:
+      - seafile-net
+      - caddy
 
   gitea:
-    image: gitea/gitea
-    environment:
-      - USER_UID=1000
-      - USER_GID=1000
+    image: gitea/gitea:latest-rootless
+    restart: unless-stopped
+    env-file: "priv/env"
     restart: always
     networks:
       - gitea
       - caddy
     volumes:
-      - gitea:/data
+      - ./volumes/gitea/data:/var/lib/gitea
+      - ./volumes/gitea/config:/etc/gitea
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
         # allows ssh pushing via locally stored keys
       - /home/git/.ssh:/data/git/.ssh
     ports:
       - "127.0.0.1:2222:22"
-
-  postgres:
-    image: postgresql:latest
-    env-file: "priv/env"
-    networks:
-      postgres:
-
-  mariadb:
-    image: mariadb:10.11
-    container_name: seafile-mysql
-    environment:
-      # - MYSQL_ROOT_PASSWORD=8RK5bG4u4Xbthp9Zr9kQ  # Requested, set the root's password of MySQL service.
-      - MYSQL_ROOT_PASSWORD=${SEAFILE_DB_PASS}
-      - MYSQL_LOG_CONSOLE=true
-    volumes:
-      - /opt/seafile-mysql/db:/var/lib/mysql
-    networks:
-      - seafile-net
-
-  memcached:
-    image: memcached:1.6.18
-    container_name: seafile-memcached
-    entrypoint: memcached -m 256
-    networks:
-      - seafile-net
-          
-  seafile:
-    image: seafileltd/seafile-mc:10.0-latest
-    container_name: seafile
-    volumes:
-      - /opt/seafile-mysql:/shared
-    env-file: "priv/env"
-    environment: 
-      - DB_HOST=seafile-db
-      - DB_ROOT_PASSWD=${SEAFILE_DB_PASSWORD}
     depends_on:
-      - db
-      - memcached
-    networks:
-      - seafile-net
-      - caddy
+      db:
+        condition: service_healthy
 
 volumes:
   gitea:
diff --git a/init-gen.sh b/init-gen.sh
new file mode 100755
index 0000000..bb2867f
--- /dev/null
+++ b/init-gen.sh
@@ -0,0 +1,41 @@
+#!/usr/bin/env bash
+
+## A simple tool go generate an sql init script
+
+set -e 
+
+sql="init.sql"
+
+cd priv
+
+source ./env
+
+# printf "testing the env sourcing Seafile host = %s\n", "$SEAFILE_MYSQL_DB_HOST"
+
+# do not overwrite existing file
+# test -f "$sql" || exit 1 
+[ -f "$sql" ] && printf "failed: file exists\n" && exit 1
+
+printf "Generating sql script... "
+touch "$sql"
+
+# root
+printf "CREATE USER 'root'@'localhost' IDENTIFIED BY 'local';\n" >> "$sql"
+printf "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%%'\n" >> "$sql"
+
+# Seafile
+printf "CREATE USER $SEAFILE_MYSQL_DB_USER IDENTIFIED BY %s;\n" "$SEAFILE_MYSQL_DB_PASSWORD" >> "$sql"
+printf "CREATE DATABASE ccnet_db;\n" >> "$sql"
+printf "GRANT ALL PRIVILEGES ON ccnet_db TO $SEAFILE_MYSQL_DB_USER;\n" >> "$sql"
+printf "CREATE DATABASE seafile_db;\n" >> "$sql"
+printf "GRANT ALL PRIVILEGES ON seafile_db TO $SEAFILE_MYSQL_DB_USER;\n" >> "$sql"
+printf "CREATE DATABASE seahub_db;\n" >> "$sql"
+printf "GRANT ALL PRIVILEGES ON seahub_db TO $SEAFILE_MYSQL_DB_USER;\n" >> "$sql"
+
+# Gitea
+printf "CREATE USER $GITEA__database__USER IDENTIFIED BY %s;\n" "$GITEA__database__PASSWD" >> "$sql"
+printf "CREATE DATABASE $GITEA__database__NAME;\n" >> "$sql"
+printf "GRANT ALL PRIVILEGES ON $GITEA__database__NAME TO $GITEA__database__USER\n" >> "$sql"
+
+printf "success\n"
+printf "output at priv/%s\n" "$sql"