mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-13 00:11:05 +01:00
Merge branch 'master' of github.com:kevinveenbirkenbach/server-manager
This commit is contained in:
commit
d8877d1c6e
@ -7,6 +7,11 @@
|
||||
- system-update
|
||||
- native-journalctl
|
||||
#- native-hostname
|
||||
- name: setup btrfs health check
|
||||
hosts: btrfs_health_check_hosts
|
||||
become: true
|
||||
roles:
|
||||
- native-btrfs-health-check
|
||||
- name: setup standard wireguard hosts
|
||||
hosts: wireguard_hosts
|
||||
become: true
|
||||
|
@ -14,6 +14,8 @@ services:
|
||||
interval: 1s
|
||||
timeout: 3s
|
||||
retries: 30
|
||||
logging:
|
||||
driver: journald
|
||||
database:
|
||||
image: mariadb
|
||||
restart: always
|
||||
@ -29,13 +31,16 @@ services:
|
||||
interval: 3s
|
||||
timeout: 1s
|
||||
retries: 5
|
||||
logging:
|
||||
driver: journald
|
||||
|
||||
# Core services
|
||||
front:
|
||||
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-1.8}
|
||||
restart: always
|
||||
env_file: mailu.env
|
||||
logging:
|
||||
driver: json-file
|
||||
driver: journald
|
||||
ports:
|
||||
- "127.0.0.1:{{ http_port }}:80"
|
||||
- "{{ ip4_address }}:25:25"
|
||||
@ -60,6 +65,8 @@ services:
|
||||
- "dkim:/dkim"
|
||||
depends_on:
|
||||
- front
|
||||
logging:
|
||||
driver: journald
|
||||
imap:
|
||||
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-1.8}
|
||||
restart: always
|
||||
@ -69,6 +76,8 @@ services:
|
||||
- "/etc/mailu/overrides:/overrides"
|
||||
depends_on:
|
||||
- front
|
||||
logging:
|
||||
driver: journald
|
||||
|
||||
smtp:
|
||||
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-1.8}
|
||||
@ -79,6 +88,8 @@ services:
|
||||
- "smtp_queue:/queue"
|
||||
depends_on:
|
||||
- front
|
||||
logging:
|
||||
driver: journald
|
||||
|
||||
antispam:
|
||||
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-1.8}
|
||||
@ -90,6 +101,8 @@ services:
|
||||
- "/etc/mailu/overrides/rspamd:/etc/rspamd/override.d"
|
||||
depends_on:
|
||||
- front
|
||||
logging:
|
||||
driver: journald
|
||||
|
||||
# Optional services
|
||||
antivirus:
|
||||
@ -98,6 +111,8 @@ services:
|
||||
env_file: mailu.env
|
||||
volumes:
|
||||
- "filter:/data"
|
||||
logging:
|
||||
driver: journald
|
||||
|
||||
webdav:
|
||||
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}radicale:${MAILU_VERSION:-1.8}
|
||||
@ -105,13 +120,17 @@ services:
|
||||
env_file: mailu.env
|
||||
volumes:
|
||||
- "webdav_data:/data"
|
||||
logging:
|
||||
driver: journald
|
||||
|
||||
# Deactivated, because service leads to slowing down of webservices.
|
||||
# Checkout the readme.md for more information
|
||||
# fetchmail:
|
||||
#fetchmail:
|
||||
# image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}fetchmail:${MAILU_VERSION:-1.8}
|
||||
# restart: always
|
||||
# env_file: mailu.env
|
||||
# env_file: mailu.env
|
||||
# logging:
|
||||
# driver: journald
|
||||
|
||||
# Webmail
|
||||
webmail:
|
||||
@ -122,6 +141,8 @@ services:
|
||||
- "webmail_data:/data"
|
||||
depends_on:
|
||||
- imap
|
||||
logging:
|
||||
driver: journald
|
||||
volumes:
|
||||
database:
|
||||
smtp_queue:
|
||||
|
@ -67,6 +67,15 @@ To use occ run:
|
||||
```bash
|
||||
docker exec -it -u www-data nextcloud_application_1 /var/www/html/occ
|
||||
```
|
||||
### app relevant tables
|
||||
- oc_appconfig
|
||||
- oc_migrations
|
||||
|
||||
### initialize duplicates
|
||||
|
||||
```bash
|
||||
sudo docker exec -it -u www-data nextcloud_application_1 /var/www/html/occ duplicates:find-all --output
|
||||
```
|
||||
|
||||
### unlock files
|
||||
```bash
|
||||
@ -81,12 +90,17 @@ Until NC24 MariaDB version has to be used.
|
||||
|
||||
## performance
|
||||
### 504 Gateway Timeout
|
||||
- https://serverfault.com/questions/178671/nginx-php-fpm-504-gateway-time-out-error-with-almost-zero-load-on-a-test-se
|
||||
- https://help.nextcloud.com/t/solved-manual-lemp-install-php-fpm-timing-out/39070
|
||||
|
||||
```bash
|
||||
docker logs nextcloud_web_1 --tail 1000 | grep 504
|
||||
```
|
||||
|
||||
#### See
|
||||
- https://support.f5.com/csp/article/K48373902
|
||||
- https://github.com/nextcloud/server/issues/25436
|
||||
- https://help.nextcloud.com/t/update-to-next-cloud-21-0-2-has-get-an-error/117028/23?page=2
|
||||
- https://serverfault.com/questions/178671/nginx-php-fpm-504-gateway-time-out-error-with-almost-zero-load-on-a-test-se
|
||||
- https://help.nextcloud.com/t/solved-manual-lemp-install-php-fpm-timing-out/39070
|
||||
|
||||
## further information
|
||||
- https://github.com/nextcloud/docker/blob/master/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/docker-compose.yml
|
||||
|
@ -25,6 +25,7 @@ http {
|
||||
keepalive_timeout 65;
|
||||
fastcgi_send_timeout 600s;
|
||||
fastcgi_read_timeout 600s;
|
||||
proxy_buffering off;
|
||||
|
||||
#gzip on;
|
||||
|
||||
|
8
roles/native-btrfs-health-check/README.md
Normal file
8
roles/native-btrfs-health-check/README.md
Normal file
@ -0,0 +1,8 @@
|
||||
# btrfs-health-check
|
||||
|
||||
Sends a health report
|
||||
|
||||
## see
|
||||
- https://superuser.com/questions/789303/how-to-monitor-btrfs-filesystem-raid-for-errors
|
||||
- https://unix.stackexchange.com/questions/193619/list-all-btrfs-filesystems-and-subvolumes-in-shell
|
||||
- https://www.freedesktop.org/software/systemd/man/systemd.unit.html
|
@ -0,0 +1,8 @@
|
||||
[Unit]
|
||||
Description=Check btrfs status
|
||||
OnFailure=systemd-email@%n.service
|
||||
OnSuccess=systemd-email@%n.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/bin/bash /home/administrator/scripts/btrfs-health-check/btrfs-health-check.sh
|
@ -0,0 +1,6 @@
|
||||
#!/bin/bash
|
||||
# Checks the healt of all btrfs volumes
|
||||
for path in $(btrfs filesystem show | awk '/ path /{print $NF}')
|
||||
do
|
||||
btrfs device stats $path
|
||||
done
|
@ -0,0 +1,8 @@
|
||||
[Unit]
|
||||
Description=starts btrfs-health-check.service
|
||||
|
||||
[Timer]
|
||||
OnCalendar=12:00
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
12
roles/native-btrfs-health-check/handlers/main.yml
Normal file
12
roles/native-btrfs-health-check/handlers/main.yml
Normal file
@ -0,0 +1,12 @@
|
||||
- name: "restart btrfs-health-check.service"
|
||||
systemd:
|
||||
name: btrfs-health-check.service
|
||||
state: restarted
|
||||
enabled: yes
|
||||
daemon_reload: yes
|
||||
- name: "restart btrfs-health-check.timer"
|
||||
systemd:
|
||||
name: btrfs-health-check.timer
|
||||
state: restarted
|
||||
enabled: yes
|
||||
daemon_reload: yes
|
2
roles/native-btrfs-health-check/meta/main.yml
Normal file
2
roles/native-btrfs-health-check/meta/main.yml
Normal file
@ -0,0 +1,2 @@
|
||||
dependencies:
|
||||
- native-systemd-email
|
22
roles/native-btrfs-health-check/tasks/main.yml
Normal file
22
roles/native-btrfs-health-check/tasks/main.yml
Normal file
@ -0,0 +1,22 @@
|
||||
- name: "create /home/administrator/scripts/btrfs-health-check/"
|
||||
file:
|
||||
path: "/home/administrator/scripts/btrfs-health-check"
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
- name: create btrfs-health-check.sh
|
||||
copy:
|
||||
src: btrfs-health-check.sh
|
||||
dest: "/home/administrator/scripts/btrfs-health-check/btrfs-health-check.sh"
|
||||
|
||||
- name: create btrfs-health-check.service
|
||||
copy:
|
||||
src: btrfs-health-check.service
|
||||
dest: "/etc/systemd/system/btrfs-health-check.service"
|
||||
notify: restart btrfs-health-check.service
|
||||
|
||||
- name: create btrfs-health-check.timer
|
||||
copy:
|
||||
src: btrfs-health-check.timer
|
||||
dest: "/etc/systemd/system/btrfs-health-check.timer"
|
||||
notify: restart btrfs-health-check.timer
|
@ -11,3 +11,9 @@ curl -I {{address}}
|
||||
## performance
|
||||
- https://stackoverflow.com/questions/33703230/caching-images-on-all-folder-levels-of-nginx-reverse-proxy
|
||||
- https://www.tweaked.io/guide/nginx-proxying/
|
||||
- https://serverfault.com/questions/796735/nginx-reverse-proxy-is-slow/796740
|
||||
- https://serverfault.com/questions/741610/what-is-the-difference-between-proxy-request-buffering-and-proxy-buffering-on-ng
|
||||
- https://askubuntu.com/questions/1103626/should-i-enable-client-max-body-size-proxy-request-buffering-and-proxy-bufferin
|
||||
- https://serverfault.com/questions/692577/whats-the-difference-between-proxy-buffer-and-proxy-cache-module-in-nginx-confi
|
||||
- https://github.com/sissbruecker/linkding/issues/88
|
||||
- https://www.bogotobogo.com/DevOps/Docker/Docker-Compose-Nginx-Reverse-Proxy-Multiple-Containers.php
|
||||
|
@ -6,11 +6,16 @@ location /
|
||||
proxy_pass http://127.0.0.1:{{http_port}}/;
|
||||
{% endif %}
|
||||
|
||||
# headers
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_set_header X-Forwarded-Port 443;
|
||||
|
||||
# deactivate buffering
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
|
||||
# timeouts
|
||||
proxy_connect_timeout 1s;
|
||||
proxy_send_timeout 300s;
|
||||
@ -19,6 +24,7 @@ location /
|
||||
|
||||
# cache media files
|
||||
location ~* \.(gif|ico|jpg|jpeg|png|svg|mp4|mp3|pdf)$ {
|
||||
proxy_buffering on;
|
||||
proxy_cache cache;
|
||||
proxy_cache_key $host$uri$is_args$args;
|
||||
proxy_cache_revalidate on;
|
||||
@ -37,6 +43,7 @@ location /
|
||||
|
||||
# cache content
|
||||
location ~* \.(html|css|js)$ {
|
||||
proxy_buffering on;
|
||||
proxy_cache cache;
|
||||
proxy_cache_key $host$uri$is_args$args;
|
||||
proxy_cache_revalidate on;
|
||||
|
Loading…
Reference in New Issue
Block a user