You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
52 lines
1.4 KiB
52 lines
1.4 KiB
# community services for woodbine.nyc
|
|
|
|
Experiment in digital autonomy
|
|
|
|
Latest code is hosted on https://git.woodbine.nyc/micro/woodbine.nyc
|
|
|
|
## Goals
|
|
|
|
We hope this is understandable by a single individual, after learning a bit about docker compose and caddy.
|
|
|
|
## setup
|
|
|
|
Make a backblaze B2 account for backups. Add the secrets to ./secrets/backup/.
|
|
|
|
## running
|
|
|
|
To enable additional services, add their compose file to the following command
|
|
|
|
podman compose --env-file env.production \
|
|
--file services/secrets.yaml \
|
|
--file services/backup.yaml \
|
|
--file services/caddy.yaml \
|
|
--file services/authelia.yaml \
|
|
--file services/web.yaml \
|
|
up --build
|
|
|
|
## port forwarding
|
|
|
|
The caddy service expects to be able to bind to ports 80 and 443
|
|
|
|
One simple way is to allow unprivileged users access to these low ports
|
|
|
|
echo 'net.ipv4.ip_unprivileged_port_start=80' | sudo tee -a /etc/sysctl.conf
|
|
sudo sysctl -w net.ipv4.ip_unprivileged_port_start=80
|
|
|
|
## beta release
|
|
|
|
- [x] caddy for homepage
|
|
- [x] webdav for personal home pages
|
|
- [?] ~~zitadel~~ authelia single sign-on
|
|
- [x] mount caddy files from service compose files
|
|
- [ ] backup using duplicity uploaded to backblaze b2
|
|
- [ ] restore using duplicity downloaded from backblaze b2
|
|
- [ ] wiki
|
|
- [ ] see if we can only expose 443
|
|
- [ ] dendrite matrix server
|
|
- [ ] gitea
|
|
|
|
## credits
|
|
|
|
thank you https://hackerspace.zone
|