浏览代码

Update arm config

Nicolas Meienberger 3 年之前
父节点
当前提交
1705078a28

+ 1 - 1
ansible/tasks/common/docker.yml

@@ -20,7 +20,7 @@
   when: lsb_release.stdout == "bookworm"
 
 - name: Add deb for non-bookworm
-  shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+  shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
   when: lsb_release.stdout != "bookworm"
 
 - name: Update packages

+ 6 - 6
ansible/tasks/common/essential.yml

@@ -13,12 +13,12 @@
     name: "{{ username }}"
     group: root
 
-- name: Disable SSH password auth
-  lineinfile:
-    dest: /etc/ssh/sshd_config
-    regexp: "^#PasswordAuthentication yes"
-    line: "PasswordAuthentication no"
-  register: sshd_config
+# - name: Disable SSH password auth
+#   lineinfile:
+#     dest: /etc/ssh/sshd_config
+#     regexp: "^#PasswordAuthentication yes"
+#     line: "PasswordAuthentication no"
+#   register: sshd_config
 
 - name: Enable passwordless sudo for user
   lineinfile:

+ 4 - 0
ansible/tasks/common/packages.yml

@@ -20,7 +20,11 @@
 - name: Clean packages
   shell: cd {{ playbook_dir }} && pnpm -r clean
 
+- name: Remove packages/system-api/dist folder
+  shell: rm -rf {{ playbook_dir }}/packages/system-api/dist
+
 - name: Build packages
+  become_user: "{{ username }}"
   shell: cd {{ playbook_dir }} && pnpm -r build-prod
 
 - name: Check if app is already running

+ 1 - 0
apps/filerun/config.json

@@ -1,6 +1,7 @@
 {
   "name": "FileRun",
   "port": 8087,
+  "available": false,
   "id": "filerun",
   "description": "Reliable and Performant File Management Desktop Sync and File Sharing",
   "short_desc": "Access your homeserver files from your browser",

+ 10 - 9
apps/freshrss/docker-compose.yml

@@ -2,23 +2,24 @@ version: "3.7"
 
 services:
   freshrss:
+    image: lscr.io/linuxserver/freshrss:1.19.2
     container_name: freshrss
-    image: freshrss/freshrss:arm
-    restart: unless-stopped
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=${TZ}
+    volumes:
+      - ${APP_DATA_DIR}/data/freshrss:/config
     ports:
       - ${APP_PORT}:80
-    volumes:
-      - ${APP_DATA_DIR}/data/freshrss:/var/www/FreshRSS/data
-      - ${APP_DATA_DIR}/data/extensions/:/var/www/FreshRSS/extensions
-    environment:
-      CRON_MIN: '*/20'
-      TZ: $TZ
+    restart: unless-stopped
     networks:
       - tipi_main_network
+
     # labels:
     #     traefik.enable: true
     #     traefik.http.routers.freshrss.rule: Host(`freshrss.tipi.home`)
     #     traefik.http.routers.freshrss.service: freshrss
     #     traefik.http.routers.freshrss.tls: true
     #     traefik.http.routers.freshrss.entrypoints: websecure
-    #     traefik.http.services.freshrss.loadbalancer.server.port: 80
+    #     traefik.http.services.freshrss.loadbalancer.server.port: 80

+ 0 - 3
apps/invidious/docker-compose.arm.yml

@@ -8,9 +8,6 @@ services:
     ports:
       - "${APP_PORT}:3000"
     environment:
-      # Please read the following file for a comprehensive list of all available
-      # configuration options and their associated syntax:
-      # https://github.com/iv-org/invidious/blob/master/config/config.example.yml
       INVIDIOUS_CONFIG: |
         db:
           dbname: invidious

+ 2 - 2
apps/pihole/docker-compose.yml

@@ -19,7 +19,7 @@ services:
     hostname: pihole
     dns:
       - 127.0.0.1
-      - 10.21.21.200 # Points to unbound
+      # - 10.21.21.200 # Points to unbound
     ports:
       - 53:53/tcp
       - 53:53/udp
@@ -30,7 +30,7 @@ services:
     environment:
       TZ: ${TZ}
       WEBPASSWORD: ${APP_PASSWORD}
-      PIHOLE_DNS_: 10.21.21.200 # Points to unbound
+      # PIHOLE_DNS_: 10.21.21.200 # Points to unbound
       FTLCONF_REPLY_ADDR4: 10.21.21.201
     cap_add:
       - NET_ADMIN

+ 5 - 0
packages/system-api/src/modules/apps/__tests__/apps.service.test.ts

@@ -37,6 +37,10 @@ const testApp2: Partial<AppConfig> = {
   id: 'test-app2',
 };
 
+const testApp3: Partial<AppConfig> = {
+  id: 'test-app3',
+};
+
 const MOCK_FILE_EMPTY = {
   [`${config.ROOT_FOLDER}/apps/test-app/config.json`]: JSON.stringify(testApp),
   [`${config.ROOT_FOLDER}/.env`]: 'TEST=test',
@@ -46,6 +50,7 @@ const MOCK_FILE_EMPTY = {
 const MOCK_FILE_INSTALLED = {
   [`${config.ROOT_FOLDER}/apps/test-app/config.json`]: JSON.stringify(testApp),
   [`${config.ROOT_FOLDER}/apps/test-app2/config.json`]: JSON.stringify(testApp2),
+  [`${config.ROOT_FOLDER}/apps/test-app3/config.json`]: JSON.stringify(testApp3),
   [`${config.ROOT_FOLDER}/.env`]: 'TEST=test',
   [`${config.ROOT_FOLDER}/state/apps.json`]: '{"installed": "test-app"}',
   [`${config.ROOT_FOLDER}/app-data/test-app`]: '',

+ 2 - 2
packages/system-api/src/server.ts

@@ -8,7 +8,7 @@ import { isProd } from './constants/constants';
 import appsRoutes from './modules/apps/apps.routes';
 import systemRoutes from './modules/system/system.routes';
 import authRoutes from './modules/auth/auth.routes';
-import { tradeTokenForUser } from './modules/auth/auth.helpers';
+import AuthHelpers from './modules/auth/auth.helpers';
 import cookieParser from 'cookie-parser';
 import config from './config';
 
@@ -30,7 +30,7 @@ app.use((req, res, next) => {
   let user = null;
 
   if (req?.cookies?.tipi_token) {
-    user = tradeTokenForUser(req.cookies.tipi_token);
+    user = AuthHelpers.tradeTokenForUser(req.cookies.tipi_token);
     if (user) req.user = user;
   }
 

+ 6 - 5
scripts/start.sh

@@ -14,10 +14,11 @@ SED_ROOT_FOLDER="$(echo $ROOT_FOLDER | sed 's/\//\\\//g')"
 INTERNAL_IP="$(hostname -I | awk '{print $1}')"
 DNS_IP=9.9.9.9 # Default to Quad9 DNS
 ARCHITECTURE="$(uname -m)"
+USERNAME="$(id -nu 1000)"
 
 if [[ "$ARCHITECTURE" == "x86_64" ]]; then
   ARCHITECTURE="amd64"
-else if [[ "$ARCHITECTURE" == "aarch64" ]]; then
+elif [[ "$ARCHITECTURE" == "aarch64" ]]; then
   ARCHITECTURE="arm64"
 fi
 
@@ -44,8 +45,6 @@ function derive_entropy() {
   printf "%s" "${identifier}" | openssl dgst -sha256 -hmac "${tipi_seed}" | sed 's/^.* //'
 }
 
-
-
 # Get dns ip if pihole is installed
 str=$(get_json_field ${STATE_FOLDER}/apps.json installed)
 
@@ -123,7 +122,7 @@ done
 mv -f "$ENV_FILE" "$ROOT_FOLDER/.env"
 mv -f "$ENV_FILE_SYSTEM_API" "$ROOT_FOLDER/packages/system-api/.env"
 
-ansible-playbook ansible/start.yml -i ansible/hosts -K -e username="$USER"
+ansible-playbook ansible/start.yml -i ansible/hosts -K -e username="$USERNAME"
 
 # Run docker-compose
 docker-compose --env-file "${ROOT_FOLDER}/.env" up --detach --remove-orphans --build || {
@@ -164,4 +163,6 @@ cat << "EOF"
 EOF
 echo ""
 echo "Visit http://${INTERNAL_IP}/ to view the dashboard"
-echo ""
+echo ""
+
+