Initial checkin.

.gitignore

@@ -0,0 +1 @@
+letsencrypt/**

README.adoc

@@ -0,0 +1,41 @@
+# rpi-ai
+
+## Nextcloud
+
+
+* ```docker exec -it nxtcld /bin/bash```
+** ```/var/www/html/config/config.php```
+----
+<?php
+$CONFIG = array (
+  ... ... ... ...
+  'trusted_domains' => 
+  array (
+    0 => 'nxtcld.njord.dynv6.net',
+    1 => 'dockerpi:882',
+  ),
+  ... ... ... ...
+  'overwrite.cli.url' => 'https://nxtcld.njord.dynv6.net',
+  'overwriteprotocol' => 'https',
+  ... ... ... ...
+);
+----
+
+
+
+* Create user without email notification ```NextCloud 25.xx```
+----
+sudo -u www-data bash -c "export OC_PASS=Zapata21092015    ; php occ  user:add jdiller     --password-from-env --group='admin' --display-name='Jan Diller'"
+sudo -u www-data bash -c "export OC_PASS=Patterson21092015 ; php occ  user:add ndiller     --password-from-env                 --display-name='Nicole Diller'"
+sudo -u www-data bash -c "export OC_PASS=Donnerhall8102    ; php occ  user:add ldiller     --password-from-env                 --display-name='Lucie Diller'"
+sudo -u www-data bash -c "export OC_PASS=BeeGees1958       ; php occ  user:add bwolzenburg --password-from-env                 --display-name='Brigitta Wolzenburg'"
+----
+
+* Rescan file system
+----
+docker exec -u www-data 7e9dfbbf4739 php occ files:cleanup
+docker exec -u www-data 7e9dfbbf4739 php occ files:scan --all
+----
+
+
+

README.md

@@ -1,2 +0,0 @@
-# rpi-ai
-

directory

@@ -0,0 +1,22 @@
+{
+  "72tzckKsEF4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
+  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
+  "meta": {
+    "caaIdentities": [
+      "letsencrypt.org"
+    ],
+    "profiles": {
+      "classic": "https://letsencrypt.org/docs/profiles#classic",
+      "shortlived": "https://letsencrypt.org/docs/profiles#shortlived (not yet generally available)",
+      "tlsclient": "https://letsencrypt.org/docs/profiles#tlsclient",
+      "tlsserver": "https://letsencrypt.org/docs/profiles#tlsserver"
+    },
+    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.5-February-24-2025.pdf",
+    "website": "https://letsencrypt.org"
+  },
+  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
+  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
+  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
+  "renewalInfo": "https://acme-v02.api.letsencrypt.org/acme/renewal-info",
+  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
+}

docker-compose.yml

@@ -0,0 +1,112 @@
+version: '3.8'
+
+services:
+  reverse-proxy:
+    container_name:  "reverse-proxy"
+    image:           "traefik:v3.6.5"
+    restart:         "unless-stopped"
+    labels:
+         #           global redirect to https
+         -           "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
+         -           "traefik.http.routers.http-catchall.entrypoints=web"
+         -           "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
+         #           middleware redirect
+         -           "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
+    command:
+         -           "--api.insecure=true"
+         -           "--certificatesresolvers.njordresolver.acme.caserver=https://acme-v02.api.letsencrypt.org/directory"
+         -           "--certificatesresolvers.njordresolver.acme.email=progisart@gmx.de"
+         -           "--certificatesresolvers.njordresolver.acme.httpchallenge.entrypoint=web"
+         -           "--certificatesresolvers.njordresolver.acme.storage=/letsencrypt/acme.json"
+         -           "--certificatesresolvers.njordresolver.acme.dnschallenge.resolvers=1.1.1.1:53,8.8.8.8:53"
+         -           "--entrypoints.web.address=0.0.0.0:80"
+         -           "--entrypoints.websecure.address=0.0.0.0:443"
+         -           "--log.level=info"
+         -           "--providers.docker=true"
+    ports:
+         -             "80:80"
+         -            "443:443"
+         -           "8080:8080"
+    volumes:
+         -                  "./letsencrypt:/letsencrypt"
+         -           "/var/run/docker.sock:/var/run/docker.sock"
+    depends_on:
+         -           gogs
+         -           nxtcld
+         -           httpd
+
+  gogs:
+    image:           "gogs/gogs:0.13"
+    container_name:  "gogs"
+    privileged:      true
+    restart:         "unless-stopped"
+    labels:
+         -           "traefik.enable=true"
+         -           "traefik.http.routers.gogs.entrypoints=websecure"
+         -           "traefik.http.routers.gogs.rule=Host(`gogs.njord.dynv6.net`)"
+         -           "traefik.http.routers.gogs.tls.certresolver=njordresolver"
+         -           "traefik.http.routers.gogs.tls=true"
+         -           "traefik.http.services.gogs.loadbalancer.server.port=3000"
+    ports:
+         -           "881:3000"
+    volumes:
+         -           "./gogs/data:/data"
+    environment:
+         -           "DB_TYPE=sqlite3"
+
+
+  nxtcld_db:
+    image:           "mariadb:latest"
+    container_name:  "nxtcld_db"
+    command:         [ "--transaction-isolation=READ-COMMITTED", "--binlog-format=ROW" ]   
+    restart:         "unless-stopped"
+    volumes:
+      -              "./nxtcld/db:/var/lib/mysql"
+    environment:
+      -              MYSQL_ROOT_PASSWORD=nextcloud_admin
+      -              MYSQL_PASSWORD=nextcloud
+      -              MYSQL_DATABASE=nextcloud
+      -              MYSQL_USER=nextcloud
+
+  nxtcld:
+    image:           "nextcloud:stable"
+    container_name:  "nxtcld"
+    privileged:      true
+    restart:         "unless-stopped"
+    labels:
+         -           "traefik.enable=true"
+         -           "traefik.http.routers.nxtcld.entrypoints=websecure"
+         -           "traefik.http.routers.nxtcld.rule=Host(`nxtcld.njord.dynv6.net`)"
+         -           "traefik.http.routers.nxtcld.tls.certresolver=njordresolver"
+         -           "traefik.http.routers.nxtcld.tls=true"
+         -           "traefik.http.services.nxtcld.loadbalancer.server.port=80"
+    ports:
+         -           "882:80"
+    links:
+         -           "nxtcld_db"
+    volumes:
+         -           "./nxtcld/data:/var/www/html"
+    environment:
+         -           MYSQL_PASSWORD=nextcloud
+         -           MYSQL_DATABASE=nextcloud
+         -           MYSQL_USER=nextcloud
+         -           MYSQL_HOST=nxtcld_db
+    depends_on:
+         -           nxtcld_db
+
+  httpd:
+    image:           "httpd:2.4.57"
+    container_name:  "httpd"
+    restart:         "unless-stopped"
+    labels:
+         -           "traefik.enable=true"
+         -           "traefik.http.routers.httpd.entrypoints=websecure"
+         -           "traefik.http.routers.httpd.rule=Host(`progisart.njord.dynv6.net`)"
+         -           "traefik.http.routers.httpd.tls.certresolver=njordresolver"
+         -           "traefik.http.routers.httpd.tls=true"
+         -           "traefik.http.services.httpd.loadbalancer.server.port=80"
+    ports:
+         -           "883:80"
+    volumes:
+         -           "./httpd/data:/usr/local/apache2/htdocs"
+

dockerfiles/gogs-rpi/Dockerfile

@@ -0,0 +1,45 @@
+FROM      arm32v7/ubuntu:18.04
+  
+
+
+ADD       resources/gogs_0.12.3_linux_armv7.tar.gz                    \
+          /app
+ADD       resources/start.sh                                          \
+          /
+ENV       GOGS_CUSTOM /data/gogs
+ENV       DEBIAN_FRONTEND=noninteractive
+
+RUN       addgroup git                                                \
+     &&   adduser  --disabled-password                                \
+            --gecos ""                                                \
+            --home "/app/gogs"                                        \
+            --ingroup "git"                                           \
+            --no-create-home                                          \
+            git                                                       \
+     &&   mkdir /data                                                 \
+     &&   chown -R git:git /app /data                                 \
+     &&   ln -snf "/usr/share/zoneinfo/${TZ}"   /etc/localtime        \ 
+     &&   echo "${TZ}"                         >/etc/timezone         \
+     &&   apt update                                                  \
+     &&   apt --yes install                                           \
+            bash                                                      \
+            ca-certificates                                           \
+            curl                                                      \
+            git                                                       \
+            less                                                      \
+            libcap2-bin                                               \
+            musl-tools                                                \
+            rsync                                                     \
+            socat                                                     \
+            sqlite                                                    \
+            tzdata                                                    \
+            vim                                                       \
+     &&   chmod 755 /start.sh                                         \
+     &&   echo "export GOGS_CUSTOM=${GOGS_CUSTOM}" >> /etc/profile
+
+
+
+VOLUME       ["/data", "/backup"]
+
+ENTRYPOINT   /start.sh
+

dockerfiles/gogs-rpi/resources/start.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+chown -R git:git /data /app/gogs
+
+setcap CAP_NET_BIND_SERVICE=+eip /app/gogs/gogs
+su - git -c '/app/gogs/gogs web -port 80'

dockerfiles/jekyll-rpi/Dockerfile

@@ -0,0 +1,30 @@
+FROM     arm32v7/ruby:2.7.2-buster
+
+
+
+ADD      resources/docker-entrypoint.sh                \
+         /usr/local/bin/
+
+RUN      apt update                                    \
+     &&  apt --yes install                             \
+         bash                                          \
+         build-essential                               \
+         cmake                                         \
+         dos2unix                                      \
+         gcc                                           \
+     &&  gem update --system                           \
+     &&  gem install sass-embedded -v 1.58.0           \
+     &&  gem install bundler -v "~>1.0"                \
+     &&  gem install bundler jekyll                    \
+     &&  dos2unix /usr/local/bin/docker-entrypoint.sh  \
+     &&  mkdir /site                                   \
+     &&  chmod 755 /usr/local/bin/docker-entrypoint.sh
+
+
+
+WORKDIR     /site
+
+EXPOSE      4000
+
+ENTRYPOINT  [ "docker-entrypoint.sh" ]
+CMD         [ "bundle", "exec", "jekyll", "serve", "--force-polling", "-H", "0.0.0.0", "-P", "80" ]

dockerfiles/jekyll-rpi/resources/docker-entrypoint.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+set -e
+
+echo ">>>>>>>>>    $*"
+
+if [ "$*" != "jekyll new ." ]; then
+  if [ ! -f Gemfile  ]; then
+    echo "NOTE: hmm, I don't see a Gemfile so I don't think there's a jekyll site here"
+    echo "Either you didn't mount a volume, or you mounted it incorrectly."
+    echo "Be sure you're in your jekyll site root and use something like this to launch"
+    echo ""
+    echo "docker run -p 80:4000 -v \$(pwd):/site bretfisher/jekyll-serve"
+    echo ""
+    echo "NOTE: To create a new site, you can use the sister image bretfisher/jekyll like:"
+    echo ""
+    echo "docker run -v \$(pwd):/site bretfisher/jekyll new ."
+    exit 1
+  fi
+
+  bundle install --retry 5 --jobs 20
+fi
+
+exec "$@"

dockerfiles/monitor-rpi/Dockerfile

@@ -0,0 +1,33 @@
+FROM    arm32v7/ubuntu:18.04
+
+ENV     DEBIAN_FRONTEND=noninteractive
+
+RUN     apt-get -y update                                                                                        \
+    &&  apt-get install -y --no-install-recommends                                                               \
+                        apt-transport-https                                                                      \ 
+                        ca-certificates                                                                          \
+                        dirmngr                                                                                  \
+                        gnupg                                                                                    \
+    &&  apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 2C0D3C0F                                        \
+    &&  echo deb http://giteduberger.fr rpimonitor/ > /etc/apt/sources.list.d/rpimonitor.list                    \
+    &&  apt-get -y update                                                                                        \
+    &&  apt-get install -y rpimonitor                                                                            \
+    &&  apt-get clean                                                                                            \
+    &&  apt-get autoclean                                                                                        \
+    &&  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*                                                            \
+    &&  sed -i 's/\/sys\//\/dockerhost\/sys\//g' /etc/rpimonitor/template/*                                      \
+    &&  sed -i 's/\/etc\/os-release/\/dockerhost\/usr\/lib\/os-release/g' /etc/rpimonitor/template/version.conf  \
+    &&  sed -i 's/\/proc\//\/dockerhost\/proc\//g' /etc/rpimonitor/template/*                                    \
+    &&  echo include=/etc/rpimonitor/template/wlan.conf >> /etc/rpimonitor/data.conf                             \
+    &&  sed -i '/^web.status.1.content.8.line/ d' /etc/rpimonitor/template/network.conf                          \
+    &&  sed -i '/^#web.status.1.content.8.line/s/^#//g' /etc/rpimonitor/template/network.conf                    \
+    &&  sed -i 's/\#dynamic/dynamic/g' /etc/rpimonitor/template/network.conf                                     \
+    &&  sed -i 's/\#web.statistics/web.statistics/g' /etc/rpimonitor/template/network.conf                       \
+    &&  sed -i 's/\#daemon.port=8889/daemon.port=80/g' /etc/rpimonitor/daemon.conf
+
+EXPOSE 80
+
+# Start rpimonitord using run.sh wrapper script
+ADD resources/run.sh /run.sh
+RUN chmod +x /run.sh
+CMD bash -C '/run.sh';'bash'

dockerfiles/monitor-rpi/resources/run.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+# Load shared libraries from /opt/vc/lib
+echo /opt/vc/lib > /etc/ld.so.conf.d/00-vmcs.conf
+ldconfig
+
+# Link /opt/vc/bin binaries to /usr/bin
+ln -s /opt/vc/bin/raspividyuv     /usr/bin/raspividyuv
+ln -s /opt/vc/bin/dtmerge         /usr/bin/dtmerge
+ln -s /opt/vc/bin/raspistill      /usr/bin/raspistill
+ln -s /opt/vc/bin/vcgencmd        /usr/bin/vcgencmd
+ln -s /opt/vc/bin/vcdbg           /usr/bin/vcdbg
+ln -s /opt/vc/bin/dtoverlay-pre   /usr/bin/dtoverlay-pre
+ln -s /opt/vc/bin/raspiyuv        /usr/bin/raspiyuv
+ln -s /opt/vc/bin/vchiq_test      /usr/bin/vchiq_test
+ln -s /opt/vc/bin/tvservice       /usr/bin/tvservice
+ln -s /opt/vc/bin/edidparser      /usr/bin/edidparser
+ln -s /opt/vc/bin/raspivid        /usr/bin/raspivid
+ln -s /opt/vc/bin/dtoverlay-post  /usr/bin/dtoverlay-post
+ln -s /opt/vc/bin/dtoverlay       /usr/bin/dtoverlay
+ln -s /opt/vc/bin/dtparam         /usr/bin/dtparam
+
+# Insert Docker Host hostname into raspbian.conf
+DOCKERHOST=$(cat /dockerhost/etc/hostname)
+sed -i "s/'+data.hostname+'/$DOCKERHOST/g" /etc/rpimonitor/template/raspbian.conf
+
+# Update RPI Monitor Package Status
+/etc/init.d/rpimonitor install_auto_package_status_update
+/usr/share/rpimonitor/scripts/updatePackagesStatus.pl
+
+# Start RPI Monitor
+/usr/bin/rpimonitord -v

gogs/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore

httpd/.gitignore

@@ -0,0 +1 @@
+data

jekyll/.gitignore

@@ -0,0 +1 @@
+data

nxtcld/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore