Home A - Z Changelog
Page Index

Commit caee9c

2025-12-31 16:18:28 theophile: Services Hng deleted.
services hng.md .. /dev/null
@@ 1,14 0,0 @@
- # Historique des services
-
- ## Avant la mort de notre premier SSD
-
- - [[bookstack]]
- - [[archivebox]]
- - [[synapse]]
- - [[etherpad]]
-
- ## Ancien ayant été retirer ou remplacer
-
- - [[dokuwiki]]
- - [[jitsi]]
- - [[mumble]]
services hng/dokuwiki.md .. /dev/null
@@ 1,24 0,0 @@
- # Dokuwiki
-
- - Source Code: <https://github.com/dokuwiki/dokuwiki>
- - Docker Source: <https://github.com/dokuwiki/docker>
-
- ## Markdown ?
-
- Dokuwiki utilise la syntax Wiki, utilisé aussi par exemple MediaWiki, le
- logiciels de wiki qu'utilise Wikipedia.
-
- La syntax est décrite dans leur [page de documentation](https://www.dokuwiki.org/wiki:syntax).
-
- Alternativement, il est possible de convertir un document en markdown en
- syntax dokuwiki (extension de fichier `.txt`), utilisant pandoc:
-
- ``` shell
- pandoc -f markdown -t dokuwiki fichier.md
- ```
- ## Backup
-
- [How to backup Dokuwiki ? → dokuwiki.org](https://www.dokuwiki.org/faq:backup)
-
- Dokuwiki being a flatfile wiki, we can back it up by simply copying the
- `/mnt/data/dokuwiki` folder.
services hng/forgejo.md .. /dev/null
@@ 1,42 0,0 @@
- # Forgejo
-
- ![Preview de forgejo](Screenshot_2025-09-28_at_15-58-28_theophile_test_test_-_Forgejo_HnG_Beyond_coding._We_Forge._HappynGreen.png)
-
- - **[Siteweb](https://forgejo.org/)**
- - **[Repo git](https://codeberg.org/forgejo/forgejo)**
-
- Forgejo est un fork de [gitea](https://about.gitea.com/). C'est une git forge en
-
- ## Configuration
-
-
- ### Ports
-
- Il semblerait que le `SSH_LISTEN_PORT` par default ets `222`.
-
- Par ailleurs, on va garder
-
- ```yaml
- ports:
- - '222:222'
- ```
-
- Pour map le port 222 en interne au 222 du host.
-
- SSH n'est pas gérer par Traefik. Il faut donc ensuite ouvrire le port `222` à la fois dans le firewall:
-
- ```bash
- sudo ufw allow 222/tcp
- ```
-
- On peut utiliser `ufw limit` pour limiter ...
-
- ```bash
- sudo ufw limit 222/tcp
- ```
-
- :::warning
- Il faut aussi ouvrire le port 222 sur le routeur.
- :::
-
- ### Fail2Ban
services hng/forgejo/Screenshot_2025-09-28_at_15-58-28_theophile_test_test_-_Forgejo_HnG_Beyond_coding._We_Forge._HappynGreen.png .. /dev/null
services hng/historique.md .. /dev/null
@@ 1,14 0,0 @@
- # Historique des services
-
- ## Avant la mort de notre premier SSD
-
- - [[bookstack]]
- - [[archivebox]]
- - [[synapse]]
- - [[etherpad]]
-
- ## Ancien ayant été retirer ou remplacer
-
- - [[dokuwiki]]
- - [[jitsi]]
- - [[mumble]]
services hng/jellyfin.md .. /dev/null
@@ 1,7 0,0 @@
- # Jellyfin
-
- ## Rsync commands
-
- ```
- rsync -vur --chown="docker:docker" --delete --exclude='*.srt' /local/path/ user@remote:/remote/path/
- ```
services hng/mailu.md .. /dev/null
@@ 1,30 0,0 @@
- # Mailu
-
- The mailu server is installed right from the Mailu docker service.
-
- Present version is [[Mailu 2024.06](https://mailu.io/2024.06/)]
-
- The following files are controlling the Mailu service
-
- - Docker compose yaml file (![[ici]])
- - Mailu.env environment file
- - .env file in the directory
-
- The .env file is sued to provide the Docker Compose Yaml ([[DCY]])file with
- variable. It is different from the mailu.env file which provides variables
- inside the container (but not in the DYC) the mailu.env control
-
- ## Documentation
-
- The [Official Documentation](https://mailu.io/2024.06/cli.html) is very useful.
-
- ### CLI commands
-
- #### Create a New Account
-
- user
- ----
-
- ```bash
- docker compose exec admin flask mailu user myuser example.net 'password123'
- ```
services hng/nextcloud.md .. /dev/null
@@ 1,31 0,0 @@
- # Nextcloud (snap edition)
-
- # Nextcloud
-
- - [Project Page](https://nextcloud.com/)
- - [Source Code](https://github.com/nextcloud)
- - [Source Code (snap edition)](https://github.com/nextcloud-snap/nextcloud-snap)
- - [Snap edition wiki](https://github.com/nextcloud-snap/nextcloud-snap/wiki/)
-
- ## OCC
- **OCC** (_Own Cloud Console_) is a commandline management interface requiring root privileges and is accessed from the Nextcloud snap host shell.
-
- - [snap version occ wiki page](https://github.com/nextcloud-snap/nextcloud-snap/wiki/OCC-management-console)
-
- It is useful notably to **turn off maintenance mode**.
-
- ```bash
- sudo nextcloud.occ maintenance:mode --off
- ```
-
- ### Maintenance Mode
-
- Parfois, l'instance Nextcloud se met en mode maintenance et deviens
- inaccessible.
-
- Pour relancer l'instance, il faut se connecter via SSH au serveur, puis
- utilisé la commande :
-
- ``` bash
- sudo nextcloud.occ
- ```
services hng/onlyoffice.md .. /dev/null
@@ 1,66 0,0 @@
- # OnlyOffice
-
- > [!NOTE]
- > For Nextcloud
-
- The Onlyoffice server is set as a docker service, for
- [office.happyngreen.fr](https://office.happyngreen.fr)(the link send to
- a information page as it is not designed for direct access).
-
- ## Docker Compose
-
- Here is the present docker compose file used to drive the service. The
- setup is minimum to only support Nextcloud (No DB...)
-
- ``` yaml
- services:
- onlyoffice-document-server:
- image: onlyoffice/documentserver:latest
- container_name: onlyoffice-document-server
- restart: always
- environment:
- JWT_ENABLED: "true"
- JWT_SECRET: ${ONLYOFFICE_JWT_SECRET}
- JWT_HEADER: Authorization
- JWT_IN_BODY: "true"
- volumes:
- - /mnt/data/office/Data:/var/www/onlyoffice/Data
- - /var/log:/var/log/onlyoffice
- - /var/cache/onlyoffice:/var/lib/onlyoffice/documentserver/App_Data/cache
- networks:
- - office
- labels:
- - "traefik.enable=true"
- - "traefik.docker.network=office"
- - "traefik.http.routers.office.entrypoints=web"
- - "traefik.http.routers.office.rule=Host(`${ONLYOFFICE_DOMAIN}`)"
- # Workaround a bug in OnlyOffice, see the issue tracker: https://github.com/ONLYOFFICE/DocumentServer/issues/2186
- - "traefik.http.middlewares.onlyoffice_redirect_http2https_header.headers.contentSecurityPolicy=upgrade-insecure-requests"
- - "traefik.http.routers.office.middlewares=onlyoffice_redirect_http2https_header,redirect-to-https@docker"
- - "traefik.http.routers.office-secure.entrypoints=web-secure"
- - "traefik.http.routers.office-secure.rule=Host(`${ONLYOFFICE_DOMAIN}`)"
- - "traefik.http.routers.office-secure.middlewares=onlyoffice_redirect_http2https_header"
- - "traefik.http.routers.office-secure.service=office-secure"
- - "traefik.http.services.office-secure.loadbalancer.server.port=80"
-
- networks:
- office:
- name: office
- driver: bridge
-
- ```
-
- The secret is set in the corresponding .env (value is in Bitwarden)
- alongsite the site URL A Json token is used to allow Nextcloud to use
- the Onlyoffice service. For the volume part, the cache is set to the SSD
- disk to improve performance while the log is sent to regular `/var/log`,
- into a directory `documentserver`
-
- > [!WARNING]
- > Beware, a specific Traefik set up needs to be done to avoid the browser
- > triggering a mixed content error (Http in Https page)
-
- As
- usual, the port 80 is redirected to 443, but also, the header field
- contentSecurityPolicy is set to upgrade-insecure-requests in both
- routers to force to https protocol!
services hng/openwebui.md .. /dev/null
@@ 1,4 0,0 @@
- # Openwebui
-
- OpenWebUI est un logiciel auto-hébergé qui sert d'interface à notre
- installation d'[[ollama]].
services hng/readeck.md .. /dev/null
@@ 1,30 0,0 @@
- # Readeck
-
- - [Project Page](https://readeck.org)
- - [Source code](https://codeberg.org/readeck/readeck)
-
- > Readeck is an open source web application that lets you save content from the web so you can access it later and keep it forever.
-
- **Technologies**:
-
- - Go (templ)
- - Turbo Hotwire
- - TailwindCSS
- - SQLite (or PostgreSQL)
-
- :::info
- Our current setup is the SQLite version, having migrated from an initial PostgreSQL instance. This is due to some bugs in the DB export system and PostgreSQL. An added benefit to the SQLite version, found in other deployments of ours, is that the backup and restore is super easy. Just copy and paste.
- :::
-
- ## Admin
-
- ### Export & Import
-
- Manual import of a zip file downloaded via the interface. _This command only works if the user does not already exist_:
-
- ```bash
- docker compose exec app readeck import -config /readeck/config.toml /readeck/readeck-user-20251012-1614.zip
- ```
- :::info
- `/readeck` is the internal path to the volume at `/mnt/data/readeck`.
- :::
services hng/traefik.md .. /dev/null
@@ 1,57 0,0 @@
- # Traefik
-
- **traefik** serves as our reverse-proxy and let's encrypt certificat issuer.
-
- For each docker service, we create an **external network** (usually named after the service it serves) and add it to the **traefik**'s `docker-compose.yml` file, in two locations:
-
- ```yaml
- networks:
- # → 1st Entry of traefik-managed networks
- traefik:
- mail:
- name: mailu_mail
- external: true
- # etc...
-
- services:
- traefik:
- # (...)
- networks:
- # → 2nd Entry of the networks
- traefik:
- mail:
- # etc...
- ```
-
- We then have to rebuild restart (?) **traefik**.
-
- ## Labels
-
- To add traefik handling to a service, we use `expose` instead of `port` to set the port, and use labels:
-
- ```yaml
- expose:
- - 3001
- # This our default label setup.
- labels:
- - "traefik.enable=true" # Enable reverse-proxy for this service
- - "traefik.docker.network=uptime-kuma" # The external docker network
- - "traefik.http.routers.uptime-kuma.rule=Host(`status.happyngreen.fr`)" # The domain name.
- - "traefik.http.routers.uptime-kuma.entrypoints=web"
- - "traefik.http.routers.uptime-kuma.middlewares=redirect-to-https@docker"
- - "traefik.http.routers.uptime-kuma-secure.rule=Host(`status.happyngreen.fr`)"
- - "traefik.http.routers.uptime-kuma-secure.entrypoints=web-secure"
- - "traefik.http.routers.uptime-kuma-secure.tls=true"
- - "traefik.http.routers.uptime-kuma-secure.tls.certresolver=le" # The Let's Encrypt certificat type
- - "traefik.http.routers.uptime-kuma-secure.service=uptime-kuma-secure"
- - "traefik.http.services.uptime-kuma-secure.loadbalancer.server.port=3001" # The exposed port.
-
- ```
-
- > [!IMPORTANT]
- > A **traefik** router can have any name. `uptime-kuma`, `docker-uptim-kuma`, etc.
-
-
- ## Remove `le-stg` certificats
-
- Let's Encrypt certificates are stored in `$CONFIG/cert/acme.json`. You can remove the relevant lines in the `le-stg` section, then restart traefik.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9