init
This commit is contained in:
commit
1db8eb22a5
SSH Key Fingerprint:
SHA256:BezbKv3jZaqu7SdNrZM0e42b8nlNwh63zaVj/pUxc7U
2
news-postgres-backup.volume
Normal file
2
news-postgres-backup.volume
Normal file
@ -0,0 +1,2 @@
|
||||
[Volume]
|
||||
Label="backup=true"
|
||||
6
news-postgres.backup
Executable file
6
news-postgres.backup
Executable file
@ -0,0 +1,6 @@
|
||||
#!/bin/sh
|
||||
# podman exec -it systemd-news-postgres psql -U postgres -f /backup/dump.sql
|
||||
|
||||
echo 'news-postgres: creating backup'
|
||||
podman exec systemd-news-postgres pg_dumpall -U postgres -f /backup/dump.sql
|
||||
echo 'news-postgres: finished'
|
||||
24
news-postgres.container
Normal file
24
news-postgres.container
Normal file
@ -0,0 +1,24 @@
|
||||
[Container]
|
||||
Image=docker.io/postgres:16-alpine
|
||||
AutoUpdate=registry
|
||||
Network=news.network
|
||||
|
||||
# environment
|
||||
Secret=news-postgres-password,target=POSTGRES_PASSWORD,type=env
|
||||
|
||||
# storage
|
||||
VolatileTmp=true
|
||||
Volume=news-postgres.volume:/var/lib/postgresql/data
|
||||
Volume=news-postgres-backup.volume:/backup
|
||||
|
||||
# security
|
||||
ReadOnly=true
|
||||
NoNewPrivileges=true
|
||||
DropCapability=ALL
|
||||
AddCapability=CHOWN DAC_OVERRIDE FOWNER SETGID SETUID
|
||||
|
||||
[Service]
|
||||
Restart=always
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target default.target
|
||||
0
news-postgres.volume
Normal file
0
news-postgres.volume
Normal file
6
news.caddy
Normal file
6
news.caddy
Normal file
@ -0,0 +1,6 @@
|
||||
news.plabble.org {
|
||||
reverse_proxy systemd-news:8080
|
||||
encode zstd gzip
|
||||
log access
|
||||
import default-headers
|
||||
}
|
||||
29
news.container
Normal file
29
news.container
Normal file
@ -0,0 +1,29 @@
|
||||
[Container]
|
||||
Image=docker.io/miniflux/miniflux:latest
|
||||
AutoUpdate=registry
|
||||
Network=news.network
|
||||
|
||||
# environment
|
||||
Environment=RUN_MIGRATIONS=1
|
||||
Environment=CREATE_ADMIN=1
|
||||
Environment=ADMIN_USERNAME=admin
|
||||
Secret=news-adminpass,target=ADMIN_PASSWORD,type=env
|
||||
Secret=news-connectionstr,target=DATABASE_URL,type=env
|
||||
|
||||
# storage
|
||||
VolatileTmp=true
|
||||
|
||||
# security
|
||||
ReadOnly=true
|
||||
NoNewPrivileges=true
|
||||
DropCapability=ALL
|
||||
AddCapability=CHOWN DAC_OVERRIDE FOWNER SETGID SETUID
|
||||
|
||||
[Service]
|
||||
Restart=always
|
||||
|
||||
[Unit]
|
||||
After=news-postgres.service
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target default.target
|
||||
2
news.network
Normal file
2
news.network
Normal file
@ -0,0 +1,2 @@
|
||||
[Network]
|
||||
Label="caddy=true"
|
||||
Loading…
Reference in New Issue
Block a user