|
|
|
|
@ -20,7 +20,7 @@ help: |
|
|
|
|
UC = $(shell echo '$1' | tr '[:lower:]' '[:upper:]')
|
|
|
|
|
|
|
|
|
|
DOCKER = \
|
|
|
|
|
$(foreach m,$(MODULES),. data/$m/secrets && ) \
|
|
|
|
|
$(foreach m,$(MODULES),. secrets/$m && ) \
|
|
|
|
|
docker-compose \
|
|
|
|
|
--env-file env.production \
|
|
|
|
|
$(foreach m,$(MODULES),--file ./$m.yaml) \
|
|
|
|
|
@ -52,28 +52,28 @@ matrix-logs: |
|
|
|
|
$(DOCKER) logs --tail 100 -f matrix-synapse
|
|
|
|
|
nextcloud-logs: |
|
|
|
|
$(DOCKER) logs -f nextcloud
|
|
|
|
|
nginx-build: data/nginx/secrets |
|
|
|
|
nginx-build: secrets/nginx |
|
|
|
|
$(DOCKER) build nginx
|
|
|
|
|
|
|
|
|
|
certdir = ./data/certbot/conf/live/${DOMAIN_NAME}
|
|
|
|
|
|
|
|
|
|
run: secrets-setup |
|
|
|
|
|
|
|
|
|
secrets-setup: $(foreach m,$(MODULES),data/$m/secrets) |
|
|
|
|
secrets-setup: $(foreach m,$(MODULES),secrets/$m) |
|
|
|
|
|
|
|
|
|
# Create the per-subdomain secrets if they don't exist
|
|
|
|
|
# not every service requires all of these features, but create them anyway
|
|
|
|
|
GET_MODULE = $(call UC,$(word 2,$(subst /, ,$@)))
|
|
|
|
|
RAND = $$(openssl rand -hex $1)
|
|
|
|
|
|
|
|
|
|
data/%/secrets: |
|
|
|
|
secrets/%: |
|
|
|
|
mkdir -p $(dir $@)
|
|
|
|
|
echo >$@ "# DO NOT CHECK IN"
|
|
|
|
|
echo >>$@ "export $(GET_MODULE)_ADMIN_PASSWORD=$(call RAND,8)"
|
|
|
|
|
echo >>$@ "export $(GET_MODULE)_CLIENT_SECRET=$(call RAND,20)"
|
|
|
|
|
echo >>$@ "export $(GET_MODULE)_SESSION_SECRET=$(call RAND,20)"
|
|
|
|
|
|
|
|
|
|
data/gitea/secrets: data/gitea/host-setup.done |
|
|
|
|
secrets/gitea: data/gitea/host-setup.done |
|
|
|
|
data/gitea/host-setup.done: |
|
|
|
|
sudo ./gitea/host-setup.sh
|
|
|
|
|
mkdir -p $(dir $@)
|
|
|
|
|
|
Ubuntu
2 years ago