Daniel Meiburg
8e0baf3a84
|
||
|---|---|---|
| audiobookshelf | ||
| authentik | ||
| freshrss | ||
| gitea | ||
| grist | ||
| nextcloud | ||
| nginx-proxy | ||
| portainer | ||
| watchtower | ||
| .gitignore | ||
| README.md | ||
| post-receive | ||
README.md
Container
This project contains my personal docker compose configurations.
Operating principle:
Changes in this repo get pushed to a bare repo on dmeiburg.de. Whenever a push is received a post-receive hook runs.
The post-receive hook then:
- deploys the code into a working directory
- decrypts .env.gpg files
- restarts stacks with changed compose files
The env files are encrypted for key@dmeiburg.de and server@dmeiburg.de.
Server setup
# create bare repo on dm@dmeiburg.de
mkdir -p git/container.git
cd git/container.git
git init --bare
# create and checkout working dir
cd && git clone ~/git/container.git
cd ~/container && git checkout main # might not be needed or needs to be master
# install the post receive hook, by using this command on the local machine
# whenever the hook is edited, this command has to be used again
scp post-receive dm@dmeiburg:~/git/container.git/hooks/
Local setup
# add bare repo as remote on local machine
git remote add dmeiburg ssh://dm@dmeiburg.de:/dm/git/container.git
Encrypting .env files
To encrypt an .env files, the following command is used:
$ gpg -er key@dmeiburg.de -r dm@dmeiburg.de .env
It's assumed dm@dmeiburg.de is a public gpg key for the server.
Deployment
git push dmeiburg
If necessary the post-receive hook has to be updated via scp.