Merge claude/1
This commit is contained in:
commit
727734dbfa
16
containers/gluetun/scripts/gluetun_compose_tags.sh
Normal file
16
containers/gluetun/scripts/gluetun_compose_tags.sh
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# App-specific compose tags for Gluetun (VPN gateway) + its forwarded-port wiring.
|
||||||
|
appSetupComposeTags_gluetun() {
|
||||||
|
local full_file_path="$1"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_VPN_SERVICE_PROVIDER_TAG" "$CFG_GLUETUN_VPN_SERVICE_PROVIDER"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_VPN_TYPE_TAG" "$CFG_GLUETUN_VPN_TYPE"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_VPN_COUNTRIES_TAG" "$CFG_GLUETUN_VPN_COUNTRIES"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_OPENVPN_USER_TAG" "$CFG_GLUETUN_OPENVPN_USER"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_OPENVPN_PASSWORD_TAG" "$CFG_GLUETUN_OPENVPN_PASSWORD"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_WIREGUARD_PRIVATE_KEY_TAG" "$CFG_GLUETUN_WIREGUARD_PRIVATE_KEY"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_WIREGUARD_ADDRESSES_TAG" "$CFG_GLUETUN_WIREGUARD_ADDRESSES"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_HEALTH_TARGETS_TAG" "${CFG_GLUETUN_HEALTH_TARGETS:-mullvad.net:443,eff.org:443}"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_HEALTH_ICMP_IPS_TAG" "${CFG_GLUETUN_HEALTH_ICMP_IPS:-9.9.9.9}"
|
||||||
|
tagsProcessorGluetunForwardedPorts
|
||||||
|
}
|
||||||
9
containers/nextcloud/scripts/nextcloud_compose_tags.sh
Normal file
9
containers/nextcloud/scripts/nextcloud_compose_tags.sh
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# App-specific compose tags for Nextcloud. host_setup + public_ip_v4 come from the
|
||||||
|
# caller's scope (variables_init_app). One value so the compose carries a single
|
||||||
|
# #LIBREPORTAL annotation per line; empty fields are filtered by Nextcloud's entrypoint.
|
||||||
|
appSetupComposeTags_nextcloud() {
|
||||||
|
local full_file_path="$1"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "NEXTCLOUD_TRUSTED_DOMAINS_TAG" "$host_setup $public_ip_v4 localhost 127.0.0.1"
|
||||||
|
}
|
||||||
16
containers/pihole/scripts/pihole_compose_tags.sh
Normal file
16
containers/pihole/scripts/pihole_compose_tags.sh
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# App-specific compose tags for Pi-hole — dispatched by dockerConfigSetupFileWithData
|
||||||
|
# (containers/<app>/scripts/<app>_compose_tags.sh defining appSetupComposeTags_<app>;
|
||||||
|
# $1 = the compose file path). The CFG_* tags are filled generically; only the
|
||||||
|
# computed REV_SERVER values need this handler.
|
||||||
|
appSetupComposeTags_pihole() {
|
||||||
|
local full_file_path="$1"
|
||||||
|
local default_gateway network_cidr
|
||||||
|
default_gateway=$(ip route | grep default | awk '{print $3}' | head -1)
|
||||||
|
[[ -z "$default_gateway" ]] && default_gateway="192.168.1.1"
|
||||||
|
network_cidr=$(ip route | grep -v default | grep -E "192\.168|10\.|172\." | awk '{print $1}' | head -1)
|
||||||
|
[[ -z "$network_cidr" ]] && network_cidr="192.168.0.0/16"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "PIHOLE_REV_SERVER_TARGET_TAG" "$default_gateway"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "PIHOLE_REV_SERVER_CIDR_TAG" "$network_cidr"
|
||||||
|
}
|
||||||
7
containers/searxng/scripts/searxng_compose_tags.sh
Normal file
7
containers/searxng/scripts/searxng_compose_tags.sh
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# App-specific compose tags for SearXNG.
|
||||||
|
appSetupComposeTags_searxng() {
|
||||||
|
local full_file_path="$1"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "SEARXNG_THEME_TAG" "$CFG_SEARXNG_THEME"
|
||||||
|
}
|
||||||
7
containers/speedtest/scripts/speedtest_compose_tags.sh
Normal file
7
containers/speedtest/scripts/speedtest_compose_tags.sh
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# App-specific compose tags for Speedtest Tracker.
|
||||||
|
appSetupComposeTags_speedtest() {
|
||||||
|
local full_file_path="$1"
|
||||||
|
tagsProcessorSpeedtestPass "$full_file_path" "$CFG_SPEEDTEST_PASSWORD_ENABLED" "$CFG_SPEEDTEST_PASSWORD"
|
||||||
|
}
|
||||||
@ -0,0 +1,8 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# App-specific compose tags for Vaultwarden.
|
||||||
|
appSetupComposeTags_vaultwarden() {
|
||||||
|
local full_file_path="$1"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "VAULTWARDEN_ADMIN_TOKEN_TAG" "$CFG_VAULTWARDEN_ADMIN_TOKEN"
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "VAULTWARDEN_SIGNUPS_ALLOWED_TAG" "$CFG_VAULTWARDEN_SIGNUPS_ALLOWED"
|
||||||
|
}
|
||||||
9
containers/wireguard/scripts/wireguard_compose_tags.sh
Normal file
9
containers/wireguard/scripts/wireguard_compose_tags.sh
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# App-specific compose tags for WireGuard (wg-easy) — bcrypt the admin password.
|
||||||
|
appSetupComposeTags_wireguard() {
|
||||||
|
local full_file_path="$1"
|
||||||
|
local bcrypt_hash
|
||||||
|
bcrypt_hash=$(hashPassword "$CFG_WIREGUARD_PASSWORD")
|
||||||
|
tagsManagerUpdateUniversalTag "$full_file_path" "WIREGUARD_PASSWORD_TAG" "$bcrypt_hash"
|
||||||
|
}
|
||||||
@ -104,54 +104,17 @@ dockerConfigSetupFileWithData()
|
|||||||
tagsManagerUpdateUniversalTag "$full_file_path" "MAIL_FROM_TAG" "$CFG_MAIL_FROM"
|
tagsManagerUpdateUniversalTag "$full_file_path" "MAIL_FROM_TAG" "$CFG_MAIL_FROM"
|
||||||
|
|
||||||
###############################################
|
###############################################
|
||||||
# App Specific
|
# App Specific (per-app hook)
|
||||||
###############################################
|
###############################################
|
||||||
if [[ "$app_name" == "pihole" ]]; then
|
# An app needing computed (non-CFG) compose tags ships
|
||||||
# PIHOLE_ADMIN_PASSWORD_TAG / PIHOLE_WEB_THEME_TAG are filled by the
|
# containers/<app>/scripts/<app>_compose_tags.sh defining
|
||||||
# generic tagsProcessorAppConfigValues (CFG_PIHOLE_ADMIN_PASSWORD /
|
# appSetupComposeTags_<app> (live-sourced by the container scan; called
|
||||||
# CFG_PIHOLE_WEB_THEME). Only the computed REV_SERVER tags below
|
# with the compose path, reads host_setup/public_ip_v4/CFG_* from scope).
|
||||||
# need an app-specific handler.
|
# Plain CFG_<APP>_<KEY> values are already filled by
|
||||||
local default_gateway
|
# tagsProcessorAppConfigValues above, so most apps need no hook.
|
||||||
local network_cidr
|
local _tags_hook="appSetupComposeTags_${app_name}"
|
||||||
default_gateway=$(ip route | grep default | awk '{print $3}' | head -1)
|
if declare -F "$_tags_hook" >/dev/null 2>&1; then
|
||||||
if [[ -z "$default_gateway" ]]; then
|
"$_tags_hook" "$full_file_path"
|
||||||
default_gateway="192.168.1.1" # Fallback
|
|
||||||
fi
|
|
||||||
network_cidr=$(ip route | grep -v default | grep -E "192\.168|10\.|172\." | awk '{print $1}' | head -1)
|
|
||||||
if [[ -z "$network_cidr" ]]; then
|
|
||||||
network_cidr="192.168.0.0/16" # Fallback
|
|
||||||
fi
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "PIHOLE_REV_SERVER_TARGET_TAG" "$default_gateway"
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "PIHOLE_REV_SERVER_CIDR_TAG" "$network_cidr"
|
|
||||||
elif [[ "$app_name" == "nextcloud" ]]; then
|
|
||||||
# Space-separated trusted-domains list. Built as one value so the
|
|
||||||
# compose carries one #LIBREPORTAL annotation per line — multiple
|
|
||||||
# annotations on a single line confuse the tag manager's
|
|
||||||
# placeholder-capture step. Empty fields (e.g. host_setup when
|
|
||||||
# no domain is configured) are filtered by Nextcloud's entrypoint.
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "NEXTCLOUD_TRUSTED_DOMAINS_TAG" "$host_setup $public_ip_v4 localhost 127.0.0.1"
|
|
||||||
elif [[ "$app_name" == "searxng" ]]; then
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "SEARXNG_THEME_TAG" "$CFG_SEARXNG_THEME"
|
|
||||||
elif [[ "$app_name" == "speedtest" ]]; then
|
|
||||||
tagsProcessorSpeedtestPass "$full_file_path" "$CFG_SPEEDTEST_PASSWORD_ENABLED" "$CFG_SPEEDTEST_PASSWORD"
|
|
||||||
elif [[ "$app_name" == "vaultwarden" ]]; then
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "VAULTWARDEN_ADMIN_TOKEN_TAG" "$CFG_VAULTWARDEN_ADMIN_TOKEN"
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "VAULTWARDEN_SIGNUPS_ALLOWED_TAG" "$CFG_VAULTWARDEN_SIGNUPS_ALLOWED"
|
|
||||||
elif [[ "$app_name" == "wireguard" ]]; then
|
|
||||||
local bcrypt_hash
|
|
||||||
bcrypt_hash=$(hashPassword "$CFG_WIREGUARD_PASSWORD")
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "WIREGUARD_PASSWORD_TAG" "$bcrypt_hash"
|
|
||||||
elif [[ "$app_name" == "gluetun" ]]; then
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_VPN_SERVICE_PROVIDER_TAG" "$CFG_GLUETUN_VPN_SERVICE_PROVIDER"
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_VPN_TYPE_TAG" "$CFG_GLUETUN_VPN_TYPE"
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_VPN_COUNTRIES_TAG" "$CFG_GLUETUN_VPN_COUNTRIES"
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_OPENVPN_USER_TAG" "$CFG_GLUETUN_OPENVPN_USER"
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_OPENVPN_PASSWORD_TAG" "$CFG_GLUETUN_OPENVPN_PASSWORD"
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_WIREGUARD_PRIVATE_KEY_TAG" "$CFG_GLUETUN_WIREGUARD_PRIVATE_KEY"
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_WIREGUARD_ADDRESSES_TAG" "$CFG_GLUETUN_WIREGUARD_ADDRESSES"
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_HEALTH_TARGETS_TAG" "${CFG_GLUETUN_HEALTH_TARGETS:-mullvad.net:443,eff.org:443}"
|
|
||||||
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_HEALTH_ICMP_IPS_TAG" "${CFG_GLUETUN_HEALTH_ICMP_IPS:-9.9.9.9}"
|
|
||||||
tagsProcessorGluetunForwardedPorts
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
###############################################
|
###############################################
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user