Introduce scripts/source/paths.sh as the canonical path resolver for three independently-relocatable roots: LP_SYSTEM_DIR manager-owned control plane (configs/logs/install/db/ssl/ssh/migrate) LP_CONTAINERS_DIR container-user-owned live app data LP_BACKUPS_DIR container-user-owned backup repos (own mount-able) Roots come from the environment when set (install bakes them; CLI/app inherit from init.sh), else default to /libreportal-*. A transitional compat default keeps EXISTING installs (legacy single /docker tree, by config marker) on /docker until a deliberate reinstall, so deploying this never strands a running box. - init.sh derives the same vars inline (self-contained for the bare /root/init.sh reinstall case); paths.sh mirrors it for the standalone task/check processors, which now self-locate their scripts dir and source it. - Replace functional /docker literals with the derived vars across runtime, install, backup, crontab, crowdsec/restic, headscale, and reinstall paths; clean the inert '== /docker/containers/*' guard fallbacks to the variable form. - backend: CONTAINERS_DIR now from LP_CONTAINERS_DIR (compose env, filled at generation via a new CONTAINERS_DIR_TAG), legacy-safe default for un-recreated containers. - backup default path falls back to the backups root; exclude paths.sh from the sourced-file arrays (bootstrap file, sourced explicitly). The CLI-wrapper heredoc + root helpers still reference /docker; those get baked in phase 3. No layout/ownership change yet (phase 2). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
54 lines
2.6 KiB
YAML
54 lines
2.6 KiB
YAML
|
|
|
|
networks:
|
|
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
external: true
|
|
|
|
services:
|
|
libreportal-service: #LIBREPORTAL|SERVICE_TAG_1|libreportal-service
|
|
container_name: libreportal-service
|
|
build:
|
|
context: .
|
|
image: libreportal-service:latest
|
|
user: "USER_DATA" #LIBREPORTAL|USER_TAG|USER_DATA
|
|
group_add:
|
|
- SOCKET_GID_DATA #LIBREPORTAL|SOCKET_GID_TAG|SOCKET_GID_DATA
|
|
ports:
|
|
- "PORTS_DATA_1" #LIBREPORTAL|PORTS_TAG_1|PORTS_DATA_1
|
|
volumes:
|
|
- ./frontend:/app/frontend
|
|
- ./backend/routes:/app/backend/routes
|
|
- ./backend/utils:/app/backend/utils
|
|
- ./backend/server.js:/app/backend/server.js
|
|
- ./libreportal.config:/app/libreportal.config:ro
|
|
- ../../configs/webui/webui_logins:/app/webui_logins:ro
|
|
- ../../configs/webui/webui_logs:/app/webui_logs:ro
|
|
# >>> crowdsec-host-logs >>>
|
|
#- /var/log/crowdsec.log:/host/var/log/crowdsec.log:ro
|
|
#- /var/log/crowdsec-firewall-bouncer.log:/host/var/log/crowdsec-firewall-bouncer.log:ro
|
|
# <<< crowdsec-host-logs <<<
|
|
- SOCKET_DATA #LIBREPORTAL|SOCKET_TAG|SOCKET_DATA
|
|
environment:
|
|
FRONTEND_PATH: /data/frontend
|
|
LIBREPORTAL_CONFIG_PATH: /app/libreportal.config
|
|
LP_CONTAINERS_DIR: CONTAINERS_DIR_DATA #LIBREPORTAL|CONTAINERS_DIR_TAG|CONTAINERS_DIR_DATA
|
|
TZ: TIMEZONE_DATA #LIBREPORTAL|TIMEZONE_TAG|TIMEZONE_DATA
|
|
labels:
|
|
libreportal.category: "CATEGORY_DATA" #LIBREPORTAL|CATEGORY_TAG|CATEGORY_DATA
|
|
libreportal.title: "TITLE_DATA" #LIBREPORTAL|TITLE_TAG|TITLE_DATA
|
|
traefik.enable: TRAEFIK_ENABLE_DATA #LIBREPORTAL|TRAEFIK_ENABLE_TAG|TRAEFIK_ENABLE_DATA
|
|
# TRAEFIK_PORT_1_BEGIN
|
|
traefik.http.routers.libreportal-service.entrypoints: web,websecure
|
|
traefik.http.routers.libreportal-service.rule: Host(`DOMAINSUBNAME_DATA_1`) #LIBREPORTAL|DOMAINSUBNAME_TAG_1|DOMAINSUBNAME_DATA_1
|
|
traefik.http.routers.libreportal-service.tls: true
|
|
traefik.http.routers.libreportal-service.tls.certresolver: production
|
|
traefik.http.services.libreportal-service.loadbalancer.server.port: PORT_INTERNAL_DATA_1 #LIBREPORTAL|PORT_INTERNAL_TAG_1|PORT_INTERNAL_DATA_1
|
|
traefik.http.routers.libreportal-service.middlewares: MIDDLEWARE_DATA_1 #LIBREPORTAL|MIDDLEWARE_TAG_1|MIDDLEWARE_DATA_1
|
|
# TRAEFIK_PORT_1_END
|
|
traefik.docker.network: DOCKER_NETWORK_DATA #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
healthcheck:
|
|
disable: HEALTHCHECK_DATA #LIBREPORTAL|HEALTHCHECK_TAG|HEALTHCHECK_DATA
|
|
networks:
|
|
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
ipv4_address: IP_DATA_1 #LIBREPORTAL|IP_TAG_1|IP_DATA_1
|