MODULES += nginx MODULES += keycloak MODULES += hedgedoc MODULES += grafana MODULES += prometheus MODULES += mastodon MODULES += matrix MODULES += nextcloud MODULES += mobilizon MODULES += gitea MODULES += nitter MODULES += pixelfed include env.production domain_name := $(DOMAIN_NAME) help: @echo "usage: make run" UC = $(shell echo '$1' | tr '[:lower:]' '[:upper:]') DOCKER = \ $(foreach m,$(MODULES),. secrets/$m && ) \ docker-compose \ --env-file env.production \ $(foreach m,$(MODULES),--file ./$m.yaml) \ run: $(DOCKER) up down: $(DOCKER) down nginx-shell: $(DOCKER) exec nginx sh nginx-logs: $(DOCKER) logs -f --tail 1000 nginx grafana-shell: $(DOCKER) exec grafana bash hedgedoc-shell: $(DOCKER) exec hedgedoc sh keycloak-shell: $(DOCKER) exec keycloak sh keycloak-rebuild: $(DOCKER) create keycloak $(DOCKER) restart keycloak mastodon-shell: $(DOCKER) exec mastodon bash mastodon-streaming-shell: $(DOCKER) exec mastodon-streaming bash matrix-shell: $(DOCKER) exec matrix-synapse bash nextcloud-shell: $(DOCKER) exec nextcloud bash matrix-logs: $(DOCKER) logs --tail 100 -f matrix-synapse nextcloud-logs: $(DOCKER) logs -f nextcloud nginx-build: secrets/nginx $(DOCKER) build nginx certdir = ./data/certbot/conf/live/${DOMAIN_NAME} run: secrets-setup secrets-setup: $(foreach m,$(MODULES),secrets/$m) # Create the per-subdomain secrets if they don't exist # not every service requires all of these features, but create them anyway GET_MODULE = $(call UC,$(word 2,$(subst /, ,$@))) RAND = $$(openssl rand -hex $1) secrets/%: mkdir -p $(dir $@) echo >$@ "# DO NOT CHECK IN" echo >>$@ "export $(GET_MODULE)_ADMIN_PASSWORD=$(call RAND,8)" echo >>$@ "export $(GET_MODULE)_CLIENT_SECRET=$(call RAND,20)" echo >>$@ "export $(GET_MODULE)_SESSION_SECRET=$(call RAND,20)" secrets/gitea: data/gitea/host-setup.done data/gitea/host-setup.done: sudo ./gitea/host-setup.sh mkdir -p $(dir $@) touch $@ secrets/pixelfed: secrets/pixelfed.app secrets/pixelfed.app: echo 'APP_KEY=base64:$(shell openssl rand -base64 32)' > $@ keycloak-setup: secrets-setup docker exec keycloak /setup.sh # Determine the extra hostnames that need to be included in the SSL cert # see sites/README.md for an explanation of how to add additional sites EXTRA_HOSTNAMES=$(foreach f,$(wildcard sites/*.conf),$(notdir $(f:.conf=))) certbot: $(DOCKER) \ run --entrypoint '/bin/sh -c "\ rm -rf /etc/letsencrypt ; \ certbot certonly \ --webroot \ --webroot-path /var/www/certbot \ --email "admin@$(DOMAIN_NAME)" \ --rsa-key-size "2048" \ --agree-tos \ --no-eff-email \ --force-renewal \ -d $(DOMAIN_NAME) \ $(foreach m,$(MODULES),\ -d $($(call UC,$m)_HOSTNAME).$(DOMAIN_NAME)) \ $(foreach m,$(EXTRA_HOSTNAMES),\ -d $m) \ "' certbot nginx-reload: $(DOCKER) restart nginx nextcloud-restart: $(DOCKER) restart nextcloud config: $(DOCKER) config FORCE: