attempting to revert postgres version to fix gitea indexing issue

.gitignore

@@ -11,3 +11,7 @@ volumes/
 # prevents env from being leaked anywhere
 **/.env
 
+# prevents username or directory structure leak
+init/
+!init/readme.md
+

bin/init.py

@@ -55,34 +55,16 @@ def get_var(key):
             if confirm in ["y", "Y"]:
                 return user_input
 
-def gen_sql_user(username, password, *databases):
-    """gen_sql_user creates the sql queries to add a user and db with perms"""
-
-    sql = f"CREATE USER IF NOT EXISTS {username} IDENTIFIED BY '{password}';\n"
-    for db in databases:
-        sql += f"CREATE DATABASE {db};\n"
-        sql += f"GRANT ALL PRIVILEGES ON {db} TO {username};\n"
-
-    print(sql)
-
-    return sql
-
-def gen_sql(sql):
-    """gen_sql creates an init.sql file to be run by the database on first launch"""
-
-    if sql == "":
-        return
-
-    subprocess.run(["mkdir", "-p", "mariadb/priv/initdb.d"])
-    f = open(f"mariadb/priv/initdb.d/init.sql", 'w')
-    f.write(sql)
-    f.close()
-
 def parse_env(env_file):
     """parse_env returns a dictionary of env vars parsed from the base file
 
     :service: is a string of the service name to parse, must match folder name
     """
+
+    if os.path.isfile(env_file):
+        print(f"{env_file} not found... skipping")
+        return
+
     f = open(env_file)
     c = dict()
     for line in f:
@@ -112,10 +94,46 @@ def gen_env(kv):
     """
     env = ""
     for key, value in kv.items():
-        env += f"{key}=\"{value}\"\n"
+        env += f"{key}='{value}'\n"
 
     return env
 
+def gen_init(service, force=False):
+    """gen_init takes in a service name and creates a service file"""
+
+    service_file = f"init/{service}.service"
+    # prevent overwrite
+    if os.path.isfile(service_file) and not force:
+        print(f"{service_file} already exists... skipping")
+        return
+
+    PWD = os.getenv("PWD")
+    contents = f"""[Unit]
+Description=Starts {service}
+After=docker.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=true
+WorkingDirectory={PWD}/{service}
+ExecStart=/usr/bin/docker compose up -d
+ExecStop=/usr/bin/docker compose down
+
+[Install]
+WantedBy=multi-user.target"""
+
+    f = open(service_file, 'w')
+    f.write(contents)
+    f.close()
+     
+def enable_service(service, force=False):
+
+    gen_init(service,force)
+    subprocess.run(["sudo", "install", "-m", "644", f"init/{service}.service", "/etc/systemd/system/"])
+    subprocess.run(["sudo", "systemctl", "enable", f"{service}"])
+    subprocess.run(["sudo", "systemctl", "start", f"{service}"])
+
+
 def config_service(service, force=False):
     """config_service processes service env vars to generate private .env file
 
@@ -124,21 +142,20 @@ def config_service(service, force=False):
     :force: is an optional parameter to overwrite existing file
         default is False
     """
-    # setup directories
-
-    subprocess.run(["mkdir", "-p", f"{service}/priv"])
-    priv_file = f"{service}/.env"
-
 
+    enable_service(service, force)
 
+    priv_file = f"{service}/priv/env"
 
     # prevent overwrite
     if os.path.isfile(priv_file) and not force:
         print(f"{priv_file} already exists... skipping")
         return parse_env(priv_file)
 
+
     c = parse_env(f"{service}/env")
 
+    subprocess.run(["mkdir", "-p", f"{service}/priv"])
     f = open(priv_file, 'w')
     f.write(gen_env(c))
     f.close()
@@ -158,22 +175,6 @@ def main():
     for service in args.service:
         print(f"\nsetting up {service}...")
         c = config_service(service, args.force)
-        # create mariadb users/dbs
-        if service == "gitea":
-            username = c["GITEA__database__USER"]
-            password = c["GITEA__database__PASSWD"]
-            db = c["GITEA__database__NAME"]
-            sql += gen_sql_user(username, password, db)
-        elif service == "seafile":
-            username = c["SEAFILE_MYSQL_DB_USER"]
-            password = c["SEAFILE_MYSQL_DB_PASSWORD"]
-            dbs = ["ccnet_db", "seafile_db", "seahub_db"]
-            sql += gen_sql_user(username, password, *dbs)
-
-    gen_sql(sql)
-    # finalize sql
-    print("running mariadb to initialize users/dbs. Ctrl+c to cancel after database is setup")
-    subprocess.run(["docker", "compose", "-f", f"mariadb/compose.yml", "up"])
 
     print("success")
 

caddy/Caddyfile

@@ -7,12 +7,12 @@ seafile.keegandeppe.com {
 	reverse_proxy seafile
 }
 
-sea_noti.keegandeppe.com {
-	reverse_proxy seafile
+git.keegandeppe.com {
+	reverse_proxy gitea:3000
 }
 
-git.keegandeppe.com {
-	reverse_proxy gitea
+cal.keegandeppe.com {
+	reverse_proxy radicale:5232
 }
 
 resume.noa.fish {

caddy/docker-compose.yml

@@ -7,17 +7,16 @@ services:
     ports:
       - "80:80"
       - "443:443"
-      - "443:443/udp"
     networks:
-      caddy-net
+      - caddy
     volumes:
-      - Caddyfile:/etc/caddy/Caddyfile
-      - website/public:/srv/keegan
-      - fish:/srv/fish
-      - volumes/data:/data
-      - volumes/config:/config
+      - ./Caddyfile:/etc/caddy/Caddyfile
+      - ./website/public:/srv/keegan
+      - ./fish:/srv/fish
+      - ./volumes/data:/data
+      - ./volumes/config:/config
   
 networks:
-  caddy-net:
+  caddy:
     external: false
     driver: bridge

caddy/website

@@ -1 +1 @@
-Subproject commit 1ca7069aa2e94527d2f245e52ee96730308442b5
+Subproject commit 54d6f55ce2029a18ca3a1d86bb978e48c9586496

docker-compose.yml

@@ -1,18 +0,0 @@
-include:
-  - gitea/docker-compose.yml
-  - seafile/docker-compose.yml
-  - mariadb/docker-compose.yml
-  - caddy/docker-compose.yml
-
-networks:
-  gitea-net:
-    external: false
-  seafile-net:
-    external: false
-  caddy:
-    external: false
-    driver: bridge
-  # auth:
-  #   external: true
-  postgres:
-    external: false

env

@@ -1,2 +0,0 @@
-## Global Settings
-TIME_ZONE="America/New_York"

gitea/docker-compose.yml

@@ -1,29 +1,40 @@
 services:
 
   gitea:
-    image: gitea/gitea:latest-rootless
+    image: gitea/gitea:1.23
     restart: unless-stopped
     env_file: "priv/env"
+    environment:
+      - USER_UID=106
+      - USER_GID=112
     networks:
-      - gitea-net
-      - caddy-net
+      - gitea
+      - caddy
     volumes:
-      - ./volumes/gitea/data:/var/lib/gitea
-      - ./volumes/gitea/config:/etc/gitea
+      - ./volumes/gitea:/data
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
         # allows ssh pushing via locally stored keys
       - /home/git/.ssh:/data/git/.ssh
+    # need to expose 2222 over local host for ssh agent forwarding
     ports:
       - "127.0.0.1:2222:22"
     depends_on:
-      db:
-        condition: service_healthy
+      - postgres
+
+  postgres:
+    image: postgres:14
+    restart: unless-stopped
+    env_file: "priv/env"
+    networks:
+      - gitea
+    volumes:
+      - ./volumes/postgres:/var/lib/postgresql/data
 
 networks:
-  gitea-net:
-    external: false
-  caddy-net:
+  gitea:
     external: false
+  caddy:
+    external: true
+    name: caddy_caddy
     driver: bridge
-

gitea/env

@@ -1,6 +1,11 @@
 ## Gitea Settings
-GITEA__database__DB_TYPE="mysql"
-GITEA__database__HOST="mariadb"
+GITEA__database__DB_TYPE="postgres"
+GITEA__database__HOST="postgres-gitea"
 GITEA__database__NAME="gitea"
 GITEA__database__USER="gitea"
 GITEA__database__PASSWD=""
+
+## Postgresql Settings
+POSTGRES_USER="gitea"
+POSTGRES_DB="gitea"
+POSTGRES_PASSWORD="$GITEA__database__PASSWD"

mariadb/docker-compose.yml

@@ -1,30 +0,0 @@
-services:
-  mariadb:
-    image: mariadb:10.11
-    container_name: mariadb
-    env_file: "priv/env"
-    volumes:
-      - ./volumes/mariadb/db:/var/lib/mysql
-      - ./priv/initdb.d:/config/initdb.d
-    networks:
-      - gitea-net
-      - seafile-net
-    healthcheck:
-      test:
-        [
-          "CMD",
-          "/usr/local/bin/healthcheck.sh",
-          "--connect",
-          "--mariadbupgrade",
-          "--innodb_initialized",
-        ]
-      interval: 20s
-      start_period: 30s
-      timeout: 5s
-      retries: 10
-
-networks:
-  gitea-net:
-    external: false
-  seafile-net:
-    external: false

mariadb/env

@@ -1,4 +0,0 @@
-## Mariadb Settings
-MYSQL_ROOT_PASSWORD=""
-MYSQL_LOG_CONSOLE="true"
-MARIADB_AUTO_UPGRADE=1

radicale/docker-compose.yml

@@ -0,0 +1,27 @@
+services:
+  radicale:
+    image: tomsquest/docker-radicale
+    container_name: radicale
+    restart: unless-stopped
+    init: true
+    read_only: true
+    security_opt:
+      - no-new-privileges:true
+    cap_drop:
+      - ALL
+    cap_add:
+      - SETUID
+      - SETGID
+      - CHOWN
+      - KILL
+    volumes:
+      - ./volumes/data:/data
+      - ./volumes/config:/config:ro
+    networks:
+      - caddy
+
+networks:
+  caddy:
+    external:
+      name: caddy_caddy
+    driver: bridge

readme.md

@@ -2,5 +2,5 @@
 
 Originally I was going to use a single main database container and build everything off of that.
 But you know what, this ends up being far more trouble than it seems to be worth.
-If performance becomes an issue, I will revert back to this commit but for now, goodnight my sweet prince.
 
+So instead I will couple each service with its own database and write environment vars there

seafile/docker-compose.yml

@@ -1,62 +1,55 @@
 services:
+  mariadb:
+    image: mariadb:10.11
+    container_name: mariadb
+    env_file: "priv/env"
+    volumes:
+      - ./volumes/mariadb/db:/var/lib/mysql
+    networks:
+      - seafile
+    healthcheck:
+      test:
+        [
+          "CMD",
+          "/usr/local/bin/healthcheck.sh",
+          "--connect",
+          "--mariadbupgrade",
+          "--innodb_initialized",
+        ]
+      interval: 5s
+      start_period: 5s
+      timeout: 10s
+      retries: 10
+
   memcached:
     image: memcached:1.6.29
     container_name: seafile-memcached
     entrypoint: memcached -m 256
     networks:
-      - seafile-net
-
-  # notification-server:
-  #   image: seafileltd/notification-server:12.0-latest
-  #   container_name: seafile-notification-server
-  #   restart: unless-stopped
-  #   volumes:
-  #     - volumes/seafile/noti:/shared
-  #   environment:
-  #     - SEAFILE_MYSQL_DB_HOST=${SEAFILE_MYSQL_DB_HOST:-db}
-  #     - SEAFILE_MYSQL_DB_USER=${SEAFILE_MYSQL_DB_USER:-seafile}
-  #     - SEAFILE_MYSQL_DB_PASSWORD=${SEAFILE_MYSQL_DB_PASSWORD:?Variable is not set or empty}
-  #     - SEAFILE_MYSQL_DB_CCNET_DB_NAME=${SEAFILE_MYSQL_DB_CCNET_DB_NAME:-ccnet_db}
-  #     - SEAFILE_MYSQL_DB_SEAFILE_DB_NAME=${SEAFILE_MYSQL_DB_SEAFILE_DB_NAME:-seafile_db}
-  #     - JWT_PRIVATE_KEY=${SEAFILE_JWT_PRIVATE_KEY:?Variable is not set or empty}
-  #     - SEAFILE_LOG_TO_STDOUT=${SEAFILE_LOG_TO_STDOUT:-false}
-  #     - NOTIFICATION_SERVER_LOG_LEVEL=${NOTIFICATION_SERVER_LOG_LEVEL:-info}
-  #   labels:
-  #     caddy: ${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty}
-  #     caddy.@ws.0_header: "Connection *Upgrade*"
-  #     caddy.@ws.1_header: "Upgrade websocket"
-  #     caddy.0_reverse_proxy: "@ws {{upstreams 8083}}"
-  #     caddy.1_handle_path: "/notification*"
-  #     caddy.1_handle_path.0_rewrite: "* {uri}"
-  #     caddy.1_handle_path.1_reverse_proxy: "{{upstreams 8083}}"
-  #   depends_on:
-  #     db:
-  #       condition: service_healthy
-  #   networks:
-  #     - seafile-net
+      - seafile
           
   seafile:
     image: seafileltd/seafile-mc:12.0-latest
     container_name: seafile
     volumes:
-      # - /opt/seafile-mysql:/shared
-      - seafile-vol:/shared
+      - ./volumes/seafile:/shared
     env_file: "priv/env"
     depends_on:
-      db:
+      mariadb:
         condition: service_healthy
       memcached:
         condition: service_started
+    labels:
+      caddy: "https://seafile.keegandeppe.com"
+      caddy.reverse_proxy: "{{upstreams 80}}"
     networks:
-      - seafile-net
-      - caddy-net
-
-volumes:
-  seafile-vol:
+      - seafile
+      - caddy
 
 networks:
-  seafile-net:
-    external: false
-  caddy-net:
+  seafile:
     external: false
+  caddy:
+    external: true
+    name: caddy_caddy
     driver: bridge

seafile/env

@@ -1,18 +1,22 @@
-## Seafile Settings
-# COMPOSE_FILE='seafile-server.yml,caddy.yml,seadoc.yml'
-# COMPOSE_PATH_SEPARATOR=','
+## Mariadb Settings
+MYSQL_ROOT_PASSWORD=""
+MYSQL_LOG_CONSOLE="true"
+MARIADB_AUTO_UPGRADE=1
 
-SEAFILE_VOLUME=volume/seafile/data
-SEAFILE_CADDY_VOLUME=volume/caddy/data
+TIME_ZONE="America/New_York"
 
-SEAFILE_MYSQL_DB_HOST="mariadb"
-SEAFILE_MYSQL_DB_USER="seafile"
-SEAFILE_MYSQL_DB_PASSWORD=""
+SEAFILE_VOLUME="volumes/seafile/data"
+SEAFILE_CADDY_VOLUME="volumes/caddy/data"
 
-SEAFILE_JWT_PRIVATE_KEY=""
+DB_ROOT_PASSWORD="$MYSQL_ROOT_PASSWORD"
+DB_HOST="mariadb"
+DB_USER="seafile"
+DB_PASSWORD=""
+
+JWT_PRIVATE_KEY=""
 
-SEAFILE_SERVER_HOSTNAME=""
 SEAFILE_SERVER_PROTOCOL="https"
+SEAFILE_SERVER_HOSTNAME=""
 
 INIT_SEAFILE_ADMIN_EMAIL=""
 INIT_SEAFILE_ADMIN_PASSWORD=""