root/the_prg_server_configuration_old
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

- Services: Added Part-DB

Browse source 
- Implementation: Added nix-sops based secret version controlling.
This commit is contained in:
Root User 2026-02-07 17:31:23 +01:00
parent 99a0ed1719
commit 5e68e6ee96
Signed by: root
GPG key ID: 087F0A95E5766D72
19 changed files with 258 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

54
nix-system-configs/modules/songsheet/wavelog/docker-compose.nix
View file

@ -25,11 +25,63 @@
virtualisation.oci-containers.backend = "podman";
# Containers
virtualisation.oci-containers.containers."partdb" = {
image = "jbtronics/part-db1:latest";
environment = {
"ALLOW_ATTACHMENT_DOWNLOADS" = "0";
"APP_ENV" = "docker";
"BASE_CURRENCY" = "EUR";
"DATABASE_URL" = "postgresql://:@:/?charset=utf8";
"DEFAULT_LANG" = "en";
"DEFAULT_TIMEZONE" = "Europe/Berlin";
"INSTANCE_NAME" = "Part-DB";
"POSTGRES_DB" = "part_db_database";
"POSTGRES_HOST" = "10.1.1.251";
"POSTGRES_PORT" = "5432";
"USE_GRAVATAR" = "0";
};
environmentFiles = [
config.sops.secrets."songsheet/database".path
];
volumes = [
"nix-system-configs/modules/songsheet/wavelog/db:/var/www/html/var/db:rw"
"nix-system-configs/modules/songsheet/wavelog/public_media:/var/www/html/public/media:rw"
"nix-system-configs/modules/songsheet/wavelog/uploads:/var/www/html/uploads:rw"
];
ports = [
"8087:80/tcp"
];
labels = {
"compose2nix.settings.sops.secrets" = "songsheet/database";
};
log-driver = "journald";
extraOptions = [
"--network-alias=partdb"
"--network=wavelog_default"
];
};
systemd.services."podman-partdb" = {
serviceConfig = {
Restart = lib.mkOverride 90 "always";
};
after = [
"podman-network-wavelog_default.service"
];
requires = [
"podman-network-wavelog_default.service"
];
partOf = [
"podman-compose-wavelog-root.target"
];
wantedBy = [
"podman-compose-wavelog-root.target"
];
};
virtualisation.oci-containers.containers."wavelog-db" = {
image = "mariadb:11.3";
environment = {
"MARIADB_DATABASE" = "wavelog";
"MARIADB_PASSWORD" = "oijawfjiojoijoiawf";
"MARIADB_PASSWORD" = "THIS_IS_NOT_IN_USE_yes";
"MARIADB_RANDOM_ROOT_PASSWORD" = "yes";
"MARIADB_USER" = "wavelog";
};

63
nix-system-configs/modules/songsheet/wavelog/docker-compose.yml
View file

@ -1,4 +1,65 @@
services:
partdb:
container_name: partdb
# By default Part-DB will be running under Port 8080, you can change it here
ports:
- '8087:80'
volumes:
# By default
- ./uploads:/var/www/html/uploads
- ./public_media:/var/www/html/public/media
- ./db:/var/www/html/var/db
restart: unless-stopped
labels:
- "compose2nix.settings.sops.secrets=songsheet/database"
image: jbtronics/part-db1:latest
environment:
# Put SQLite database in our mapped folder. You can configure some other kind of database here too.
- POSTGRES_HOST=10.1.1.251
- POSTGRES_PORT=5432
- POSTGRES_DB=part_db_database
- DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}?charset=utf8
# In docker env logs will be redirected to stderr
- APP_ENV=docker
# Uncomment this, if you want to use the automatic database migration feature. With this you have you do not have to
# run the doctrine:migrations:migrate commands on installation or upgrade. A database backup is written to the uploads/
# folder (under .automigration-backup), so you can restore it, if the migration fails.
# This feature is currently experimental, so use it at your own risk!
# - DB_AUTOMIGRATE=true
# You can configure Part-DB using environment variables
# Below you can find the most essential ones predefined
# However you can add any other environment configuration you want here
# See .env file for all available options or https://docs.part-db.de/configuration.html
# !!! Do not use quotes around the values, as they will be interpreted as part of the value and this will lead to errors !!!
# The language to use serverwide as default (en, de, ru, etc.)
- DEFAULT_LANG=en
# The default timezone to use serverwide (e.g. Europe/Berlin)
- DEFAULT_TIMEZONE=Europe/Berlin
# The currency that is used inside the DB (and is assumed when no currency is set). This can not be changed later, so be sure to set it the currency used in your country
- BASE_CURRENCY=EUR
# The name of this installation. This will be shown as title in the browser and in the header of the website
- INSTANCE_NAME=Part-DB
# Allow users to download attachments to the server by providing an URL
# This could be a potential security issue, as the user can retrieve any file the server has access to (via internet)
- ALLOW_ATTACHMENT_DOWNLOADS=0
# Use gravatars for user avatars, when user has no own avatar defined
- USE_GRAVATAR=0
# Override value if you want to show a given text on homepage.
# When this is empty the content of config/banner.md is used as banner
#- BANNER=This is a test banner<br>with a line break
# If you use a reverse proxy in front of Part-DB, you must configure the trusted proxies IP addresses here (see reverse proxy documentation for more information):
# - TRUSTED_PROXIES=127.0.0.0/8,::1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
# If you need to install additional composer packages (e.g., for specific mailer transports), you can specify them here:
# The packages will be installed automatically when the container starts
# - COMPOSER_EXTRA_PACKAGES=symfony/mailgun-mailer symfony/sendgrid-mailer
wavelog-db: # THIS IS NOW DANGLING BUT WILL BE THERE TO PREVENT BREAKAGE OF THE MAIN COMPOSE FILE
image: mariadb:11.3
container_name: wavelog-db
@ -6,7 +67,7 @@ services:
MARIADB_RANDOM_ROOT_PASSWORD: yes
MARIADB_DATABASE: wavelog
MARIADB_USER: wavelog
MARIADB_PASSWORD: oijawfjiojoijoiawfoij191229888dajkvhiuviuaiuhvaihuauis1123312 # THIS DATABASE IS NOW MIGRATED PROPERLY
MARIADB_PASSWORD: THIS_IS_NOT_IN_USE_yes # THIS DATABASE IS NOW MIGRATED PROPERLY
volumes:
- wavelog-dbdata:/var/lib/mysql
restart: unless-stopped