librelad 376610cd11 feat(apps): scoped multi-instance support (run two of an app)
Lets a *multi-instance-capable* app run as several fully isolated instances
on one box (e.g. two Bookstack/WordPress sites, or a "family" + "work"
Nextcloud) — distinct data, DB, subdomain, backups and update cadence.

Design: an instance is just another app. It gets its own slug (<type>_<id>),
its own CFG_<SLUG>_* namespace, deployed dir, DB row, IP/port allocation and
host, so the entire existing pipeline (scan, install, services, routing,
updater, backups) treats it like any app with zero changes. All
instance-specific rewriting is confined to a clone of the type's template;
the shipped template and the core engine are untouched.

Gating: opt-in per app via CFG_<TYPE>_MULTI_INSTANCE=true. Only Bookstack
carries it for now (the validated reference). The other 31 apps are
unaffected — the feature is invisible unless the flag is present.

- scripts/instance/instance_create.sh — clone + re-namespace config, rewrite
  compose identity (container_name / Traefik routers / backup labels) and
  per-app tools, set a hostname-safe subdomain (PORT field 10), then hand off
  to dockerInstallApp. Plus instanceList / instanceRemove.
- libreportal instance create|remove|list — new CLI category; mutations route
  through the task system (no new mutating API endpoint).
- WebUI: "instance of <type>" badge + a "New instance" card action on capable
  apps, and a create modal (name + domain# + subdomain, live host preview)
  that dispatches the standard task. Capability/instance-of read straight off
  the already-exposed app config.

Known follow-ups (documented): flip the flag on more apps after a compose
identity check (Nextcloud next); per-app tools are best-effort isolated.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-06-04 23:34:52 +01:00

81 lines
4.2 KiB
Plaintext

#
# =============================================================================
# GENERAL CONFIGURATION
# =============================================================================
# APP_NAME = name of application for use in scripts
# COMPOSE_FILE = default for no app_name in docker-compose file name, app if there is
# BACKUP = if true, include this application in backup operations
# HEALTHCHECK = if true, default docker health checks for that container will be enabled
# AUTHELIA = if true, use Authelia authentication, if false turned off.
# HEADSCALE = options : false, local, remote (see general config). e.g false or local,remote
# ADMIN_EMAIL = email used for the Bookstack admin account
# ADMIN_PASSWORD = password used for the Bookstack admin account
#
CFG_BOOKSTACK_APP_NAME=bookstack
# MULTI_INSTANCE = if true, this app can run as multiple isolated instances
# (own data/DB/subdomain/backups) via `libreportal instance create`. Only set on
# apps whose compose identity (container_name, Traefik routers, backup labels)
# is instance-safe — see scripts/instance/instance_create.sh.
CFG_BOOKSTACK_MULTI_INSTANCE=true
CFG_BOOKSTACK_BACKUP=true
CFG_BOOKSTACK_BACKUP_STRATEGY=auto
CFG_BOOKSTACK_COMPOSE_FILE=default
CFG_BOOKSTACK_HEALTHCHECK=true
CFG_BOOKSTACK_AUTHELIA=false
CFG_BOOKSTACK_HEADSCALE=false
CFG_BOOKSTACK_ADMIN_EMAIL=admin@example.com
CFG_BOOKSTACK_ADMIN_PASSWORD=RANDOMIZEDPASSWORD3
# Secrets below feed the compose via #LIBREPORTAL|BOOKSTACK_<KEY>_TAG| tags —
# auto-generated, and (unlike a RANDOMIZED* placeholder in the compose)
# preserved across reinstalls. DB_PASSWORD is shared by the app + db services.
CFG_BOOKSTACK_APP_KEY=RANDOMIZEDAPPKEY1
CFG_BOOKSTACK_DB_PASSWORD=RANDOMIZEDPASSWORD1
CFG_BOOKSTACK_DB_ROOT_PASSWORD=RANDOMIZEDPASSWORD2
#
# =============================================================================
# METADATA
# =============================================================================
# CATEGORY = application category for grouping
# TITLE = display name for the application
# DESCRIPTION = short description of the application
# LONG_DESCRIPTION = detailed description of the application
# URL = source repository or documentation URL
# ACTIONS = available actions for this application
#
CFG_BOOKSTACK_CATEGORY="knowledge"
CFG_BOOKSTACK_TITLE="Bookstack"
CFG_BOOKSTACK_DESCRIPTION="Wiki/Knowledge Base"
CFG_BOOKSTACK_LONG_DESCRIPTION="BookStack is a simple, self-hosted wiki and documentation platform that provides a pleasant and simple way to organize and store information"
CFG_BOOKSTACK_URL="https://github.com/BookStackApp/BookStack"
CFG_BOOKSTACK_ACTIONS="configure|install|restart|shutdown|uninstall"
#
# =============================================================================
# NETWORK CONFIGURATION
# =============================================================================
# DOMAIN = number of domain from the general config, useful when using multiple domains
# WHITELIST = if true only allow whitelisted ips (see general config), if false allow all
#
CFG_BOOKSTACK_DOMAIN=1
CFG_BOOKSTACK_WHITELIST=false
CFG_BOOKSTACK_NETWORK=default
#
# =============================================================================
# PORT CONFIGURATION
# =============================================================================
# PORT_ = port configuration: app|name|external:internal|access|protocol|login|traefik|webui|description
# - app: application name
# - name: service identifier (webui, dns, ssh, etc.)
# - external:internal: port mapping (external can be 'random' for auto-allocation)
# - access: 'public' (internet accessible), 'private' (local network only), 'disabled' (not running)
# - protocol: 'tcp' or 'udp'
# - login: if true, this port requires basic-auth via Traefik (only meaningful when traefik=true)
# - traefik: if true, Traefik handles this port (reverse proxy)
# - webui: if true, this port serves the main web interface
# - description: human-readable description of the service
#
CFG_BOOKSTACK_PORT_1="bookstack-service|webui|random:80|public|tcp|false|true|true|Web Interface||bookstack"
# AUTH_PROFILE = capability tier for the WebUI auth tools (single_password | user_password | multi_user)
CFG_BOOKSTACK_AUTH_PROFILE=multi_user
CFG_BOOKSTACK_ADMIN_USER=