env/Makefile

MODULES += nginx
MODULES += keycloak
MODULES += hedgedoc
MODULES += grafana
MODULES += prometheus
MODULES += mastodon
MODULES += matrix
MODULES += nextcloud
MODULES += mobilizon
MODULES += gitea
MODULES += nitter
MODULES += pixelfed
#MODULES += bookwyrm

include env.production
domain_name := $(DOMAIN_NAME)


help:
	@echo "usage: make run"
UC = $(shell echo '$1' | tr '[:lower:]' '[:upper:]')

DOCKER = \
	$(foreach m,$(MODULES),. secrets/$m && ) \
	docker-compose \
		--env-file env.production \
		$(foreach m,$(MODULES),--file ./$m.yaml) \

run:
	$(DOCKER) up
rund:
	$(DOCKER) up -d
stop:
	$(DOCKER) stop
down:
	$(DOCKER) down
nginx-shell:
	$(DOCKER) exec nginx sh
nginx-logs:
	$(DOCKER) logs -f --tail 100000 nginx
mastodon-logs:
	$(DOCKER) logs -f --tail 1000 mastodon mastodon-sidekiq mastodon-streaming mastodon-es mastodon-db
grafana-shell:
	$(DOCKER) exec grafana bash
hedgedoc-shell:
	$(DOCKER) exec hedgedoc sh
keycloak-shell:
	$(DOCKER) exec keycloak sh
keycloak-rebuild:
	$(DOCKER) create keycloak
	$(DOCKER) restart keycloak
mastodon-es-rebuild:
	$(DOCKER) create mastodon-es
	$(DOCKER) restart mastodon-es
mastodon-restart:
	$(DOCKER) restart mastodon
mastodon-shell:
	$(DOCKER) exec mastodon bash
mastodon-worker-shell:
	$(DOCKER) exec mastodon-worker bash
matrix-shell:
	$(DOCKER) exec matrix-synapse bash
nextcloud-shell:
	$(DOCKER) exec nextcloud bash
matrix-logs:
	$(DOCKER) logs --tail 100 -f matrix-synapse
pixelfed-shell:
	$(DOCKER) exec pixelfed-app bash
pixelfed-worker-shell:
	$(DOCKER) exec pixelfed-worker bash
pixelfed-logs:
	$(DOCKER) logs --tail 100 -f pixelfed-app pixelfed-worker pixelfed-db pixelfed-redis
pixelfed-worker-logs:
	$(DOCKER) logs --tail 100 -f pixelfed-worker
pixelfed-rebuild:
	$(DOCKER) build pixelfed-app pixelfed-worker pixelfed-redis pixelfed-db
pixelfed-restart:
	$(DOCKER) restart pixelfed-app pixelfed-worker pixelfed-redis pixelfed-db
pixelfed-down:
	$(DOCKER) stop pixelfed-app pixelfed-worker pixelfed-redis pixelfed-db
mastodon-sidekiq-logs:
	$(DOCKER) logs --tail 100 -f mastodon-sidekiq
nextcloud-logs:
	$(DOCKER) logs -f nextcloud
nginx-build: secrets/nginx
	$(DOCKER) build nginx
bookwyrm-restart:
	$(DOCKER) restart bookwyrm-db bookwyrm-redis_activity bookwyrm-redis_broker bookwyrm-web bookwyrm-celery_worker bookwyrm-celery_beat bookwyrm-flower

certdir		= ./data/certbot/conf/live/${DOMAIN_NAME}

run: secrets-setup

secrets-setup: $(foreach m,$(MODULES),secrets/$m)

# Create the per-subdomain secrets if they don't exist
# not every service requires all of these features, but create them anyway
GET_MODULE = $(call UC,$(word 2,$(subst /, ,$@)))
RAND = $$(openssl rand -hex $1)

secrets/%:
	mkdir -p $(dir $@)
	echo >$@ "# DO NOT CHECK IN"
	echo >>$@ "export $(GET_MODULE)_ADMIN_PASSWORD=$(call RAND,8)"
	echo >>$@ "export $(GET_MODULE)_CLIENT_SECRET=$(call RAND,20)"
	echo >>$@ "export $(GET_MODULE)_SESSION_SECRET=$(call RAND,20)"

secrets/gitea: data/gitea/host-setup.done
data/gitea/host-setup.done:
	sudo ./gitea/host-setup.sh
	mkdir -p $(dir $@)
	touch $@

secrets/pixelfed: secrets/pixelfed.app
secrets/pixelfed.app:
	echo 'APP_KEY=base64:$(shell openssl rand -base64 32)' > $@

keycloak-setup: secrets-setup
	docker exec keycloak /setup.sh

# Determine the extra hostnames that need to be included in the SSL cert
# see sites/README.md for an explanation of how to add additional sites
EXTRA_HOSTNAMES=$(foreach f,$(wildcard sites/*.conf),$(notdir $(f:.conf=)))

certbot:
	$(DOCKER) \
		run --entrypoint '/bin/sh -c "\
		rm -rf /etc/letsencrypt ; \
		certbot certonly \
			--webroot \
			--webroot-path /var/www/certbot \
			--email "admin@$(DOMAIN_NAME)" \
			--rsa-key-size "2048" \
			--agree-tos \
			--no-eff-email \
			--force-renewal \
			-d $(DOMAIN_NAME) \
			$(foreach m,$(MODULES),\
				-d $($(call UC,$m)_HOSTNAME).$(DOMAIN_NAME)) \
			$(foreach m,$(EXTRA_HOSTNAMES),\
				-d $m) \
		"' certbot


nginx-reload:
	$(DOCKER) restart nginx
nextcloud-restart:
	$(DOCKER) restart nextcloud
mastodon-rebuild:
	$(DOCKER) create mastodon mastodon-sidekiq
mastodon-restart:
	$(DOCKER) restart mastodon mastodon-sidekiq mastodon-db mastodon-streaming mastodon-redis mastodon-es
mastodon-cache:
	$(DOCKER) exec mastodon bin/tootctl media remove
matrix-restart:
	$(DOCKER) restart matrix-synapse matrix-element


config:
	$(DOCKER) config

FORCE:
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago			`MODULES += nginx`
			`MODULES += keycloak`
			`MODULES += hedgedoc`
			`MODULES += grafana`
			`MODULES += prometheus`
			`MODULES += mastodon`
matrix: federation works and setup seems to do the right thing 2 years ago			`MODULES += matrix`
nextcloud: works with sso and has a better setup/install script on first run 2 years ago			`MODULES += nextcloud`
mobilizon: work with the new single docker environment, perform setup 2 years ago			`MODULES += mobilizon`
gitea: hacked to work with the new format 2 years ago			`MODULES += gitea`
nitter: enable twitter gateway 2 years ago			`MODULES += nitter`
pixelfed: OIDC login and mobile app work 2 years ago			`MODULES += pixelfed`
Makefile: more targets for logs and shells 1 year ago			`#MODULES += bookwyrm`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago
			`include env.production`
			`domain_name := $(DOMAIN_NAME)`


			`help:`
			`@echo "usage: make run"`
			`UC = $(shell echo '$1' \| tr '[:lower:]' '[:upper:]')`

			`DOCKER = \`
makefile: move secrets out of ./data into ./secrets 2 years ago			`$(foreach m,$(MODULES),. secrets/$m && ) \`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago			`docker-compose \`
			`--env-file env.production \`
			`$(foreach m,$(MODULES),--file ./$m.yaml) \`

			`run:`
			`$(DOCKER) up`
makefile: add rund and some other log things 2 years ago			`rund:`
			`$(DOCKER) up -d`
			`stop:`
			`$(DOCKER) stop`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago			`down:`
			`$(DOCKER) down`
			`nginx-shell:`
			`$(DOCKER) exec nginx sh`
nginx: create certdir directory before attempting symlink 2 years ago			`nginx-logs:`
Makefile: more targets for logs and shells 1 year ago			`$(DOCKER) logs -f --tail 100000 nginx`
mastodon logs 2 years ago			`mastodon-logs:`
Makefile: more targets for logs and shells 1 year ago			`$(DOCKER) logs -f --tail 1000 mastodon mastodon-sidekiq mastodon-streaming mastodon-es mastodon-db`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago			`grafana-shell:`
			`$(DOCKER) exec grafana bash`
			`hedgedoc-shell:`
			`$(DOCKER) exec hedgedoc sh`
			`keycloak-shell:`
			`$(DOCKER) exec keycloak sh`
Makefile: keycloak-rebuild 2 years ago			`keycloak-rebuild:`
			`$(DOCKER) create keycloak`
			`$(DOCKER) restart keycloak`
mastodon logs 2 years ago			`mastodon-es-rebuild:`
			`$(DOCKER) create mastodon-es`
			`$(DOCKER) restart mastodon-es`
makefile: add rund and some other log things 2 years ago			`mastodon-restart:`
			`$(DOCKER) restart mastodon`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago			`mastodon-shell:`
			`$(DOCKER) exec mastodon bash`
Makefile: more targets for logs and shells 1 year ago			`mastodon-worker-shell:`
			`$(DOCKER) exec mastodon-worker bash`
matrix: federation works and setup seems to do the right thing 2 years ago			`matrix-shell:`
			`$(DOCKER) exec matrix-synapse bash`
prod: lots of little hacks to get things working on the prod server 2 years ago			`nextcloud-shell:`
			`$(DOCKER) exec nextcloud bash`
matrix: federation works and setup seems to do the right thing 2 years ago			`matrix-logs:`
Makefile: keycloak-rebuild 2 years ago			`$(DOCKER) logs --tail 100 -f matrix-synapse`
Makefile: more targets for logs and shells 1 year ago			`pixelfed-shell:`
			`$(DOCKER) exec pixelfed-app bash`
			`pixelfed-worker-shell:`
			`$(DOCKER) exec pixelfed-worker bash`
			`pixelfed-logs:`
			`$(DOCKER) logs --tail 100 -f pixelfed-app pixelfed-worker pixelfed-db pixelfed-redis`
			`pixelfed-worker-logs:`
			`$(DOCKER) logs --tail 100 -f pixelfed-worker`
			`pixelfed-rebuild:`
			`$(DOCKER) build pixelfed-app pixelfed-worker pixelfed-redis pixelfed-db`
			`pixelfed-restart:`
			`$(DOCKER) restart pixelfed-app pixelfed-worker pixelfed-redis pixelfed-db`
			`pixelfed-down:`
			`$(DOCKER) stop pixelfed-app pixelfed-worker pixelfed-redis pixelfed-db`
makefile: add rund and some other log things 2 years ago			`mastodon-sidekiq-logs:`
			`$(DOCKER) logs --tail 100 -f mastodon-sidekiq`
nextcloud: works with sso and has a better setup/install script on first run 2 years ago			`nextcloud-logs:`
			`$(DOCKER) logs -f nextcloud`
makefile: move secrets out of ./data into ./secrets 2 years ago			`nginx-build: secrets/nginx`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago			`$(DOCKER) build nginx`
Makefile: more targets for logs and shells 1 year ago			`bookwyrm-restart:`
			`$(DOCKER) restart bookwyrm-db bookwyrm-redis_activity bookwyrm-redis_broker bookwyrm-web bookwyrm-celery_worker bookwyrm-celery_beat bookwyrm-flower`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago
			`certdir = ./data/certbot/conf/live/${DOMAIN_NAME}`

			`run: secrets-setup`

makefile: move secrets out of ./data into ./secrets 2 years ago			`secrets-setup: $(foreach m,$(MODULES),secrets/$m)`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago
			`# Create the per-subdomain secrets if they don't exist`
			`# not every service requires all of these features, but create them anyway`
			`GET_MODULE = $(call UC,$(word 2,$(subst /, ,$@)))`
			`RAND = $$(openssl rand -hex $1)`

makefile: move secrets out of ./data into ./secrets 2 years ago			`secrets/%:`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago			`mkdir -p $(dir $@)`
			`echo >$@ "# DO NOT CHECK IN"`
			`echo >>$@ "export $(GET_MODULE)_ADMIN_PASSWORD=$(call RAND,8)"`
			`echo >>$@ "export $(GET_MODULE)_CLIENT_SECRET=$(call RAND,20)"`
			`echo >>$@ "export $(GET_MODULE)_SESSION_SECRET=$(call RAND,20)"`

makefile: move secrets out of ./data into ./secrets 2 years ago			`secrets/gitea: data/gitea/host-setup.done`
gitea: hacked to work with the new format 2 years ago			`data/gitea/host-setup.done:`
			`sudo ./gitea/host-setup.sh`
			`mkdir -p $(dir $@)`
			`touch $@`

pixelfed: OIDC login and mobile app work 2 years ago			`secrets/pixelfed: secrets/pixelfed.app`
			`secrets/pixelfed.app:`
			`echo 'APP_KEY=base64:$(shell openssl rand -base64 32)' > $@`

collapse everything into one docker-compose environment and enable prometheus logging 2 years ago			`keycloak-setup: secrets-setup`
prod: lots of little hacks to get things working on the prod server 2 years ago			`docker exec keycloak /setup.sh`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago
nginx: serve extra sites if requested 2 years ago			`# Determine the extra hostnames that need to be included in the SSL cert`
			`# see sites/README.md for an explanation of how to add additional sites`
			`EXTRA_HOSTNAMES=$(foreach f,$(wildcard sites/*.conf),$(notdir $(f:.conf=)))`

collapse everything into one docker-compose environment and enable prometheus logging 2 years ago			`certbot:`
			`$(DOCKER) \`
			`run --entrypoint '/bin/sh -c "\`
			`rm -rf /etc/letsencrypt ; \`
			`certbot certonly \`
			`--webroot \`
			`--webroot-path /var/www/certbot \`
			`--email "admin@$(DOMAIN_NAME)" \`
			`--rsa-key-size "2048" \`
			`--agree-tos \`
			`--no-eff-email \`
			`--force-renewal \`
			`-d $(DOMAIN_NAME) \`
			`$(foreach m,$(MODULES),\`
			`-d $($(call UC,$m)_HOSTNAME).$(DOMAIN_NAME)) \`
nginx: serve extra sites if requested 2 years ago			`$(foreach m,$(EXTRA_HOSTNAMES),\`
			`-d $m) \`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago			`"' certbot`

nginx: serve extra sites if requested 2 years ago
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago			`nginx-reload:`
			`$(DOCKER) restart nginx`
prod: lots of little hacks to get things working on the prod server 2 years ago			`nextcloud-restart:`
			`$(DOCKER) restart nextcloud`
Makefile: more targets for logs and shells 1 year ago			`mastodon-rebuild:`
			`$(DOCKER) create mastodon mastodon-sidekiq`
			`mastodon-restart:`
			`$(DOCKER) restart mastodon mastodon-sidekiq mastodon-db mastodon-streaming mastodon-redis mastodon-es`
			`mastodon-cache:`
			`$(DOCKER) exec mastodon bin/tootctl media remove`
			`matrix-restart:`
			`$(DOCKER) restart matrix-synapse matrix-element`
collapse everything into one docker-compose environment and enable prometheus logging 2 years ago

			`config:`
			`$(DOCKER) config`

			`FORCE:`