florent/docker
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: florent:0d37b007f00b56ec0a389d1ccd6893bd3720c75f
Branches Tags
florent:master
florent:service-baikal
..
compare: florent:274a733dae2dd72cb17ecc3facf0ac7e0e3fed9c
Branches Tags
florent:master
florent:service-baikal

2 Commits
0d37b007f0 ... 274a733dae

Author SHA1 Message Date
Florent Guiotte
274a733dae Add subdomains for ente 2026-01-04 13:04:22 +01:00
Florent Guiotte
c5fc801fd3 WIP setup ente and garage 2026-01-04 12:23:34 +01:00
7 changed files with 262 additions and 29 deletions
Show Stats Expand all files Collapse all files

10
bind9/guiotte.db
View File

@ -18,7 +18,6 @@ guiotte.fr. IN A 37.59.61.141
; LAN ; LAN
dm.guiotte.fr. IN A 192.168.1.2 dm.guiotte.fr. IN A 192.168.1.2
money.guiotte.fr. IN CNAME dm.guiotte.fr. money.guiotte.fr. IN CNAME dm.guiotte.fr.
photos.guiotte.fr. IN CNAME dm.guiotte.fr.
dl.guiotte.fr. IN CNAME dm.guiotte.fr. dl.guiotte.fr. IN CNAME dm.guiotte.fr.
kdoc.guiotte.fr. IN CNAME dm.guiotte.fr. kdoc.guiotte.fr. IN CNAME dm.guiotte.fr.
sync.guiotte.fr. IN CNAME dm.guiotte.fr. sync.guiotte.fr. IN CNAME dm.guiotte.fr.
@ -30,3 +29,12 @@ db.guiotte.fr. IN CNAME dm.guiotte.fr.
flix.guiotte.fr. IN CNAME dm.guiotte.fr. flix.guiotte.fr. IN CNAME dm.guiotte.fr.
task.guiotte.fr. IN CNAME dm.guiotte.fr. task.guiotte.fr. IN CNAME dm.guiotte.fr.
todo.guiotte.fr. IN CNAME dm.guiotte.fr. todo.guiotte.fr. IN CNAME dm.guiotte.fr.
pics.guiotte.fr. IN CNAME dm.guiotte.fr.
photos.guiotte.fr. IN CNAME dm.guiotte.fr.
ente.guiotte.fr. IN CNAME dm.guiotte.fr.
s3.guiotte.fr. IN CNAME dm.guiotte.fr.
comptes-photos.guiotte.fr. IN CNAME dm.guiotte.fr.
albums-photos.guiotte.fr. IN CNAME dm.guiotte.fr.
auth.guiotte.fr. IN CNAME dm.guiotte.fr.
capsule-photos.guiotte.fr. IN CNAME dm.guiotte.fr.
tele-photos.guiotte.fr. IN CNAME dm.guiotte.fr.

BIN
ddclient/ddclient.conf
View File

Binary file not shown.

25
docker-compose.yml
View File

@ -181,7 +181,7 @@ services:
DB_USERNAME: lychee DB_USERNAME: lychee
DB_DATABASE: lychee DB_DATABASE: lychee
DB_PORT: 3306 DB_PORT: 3306
APP_URL: https://photos.guiotte.fr APP_URL: https://pics.guiotte.fr
TRUSTED_PROXIES: 172.22.0.0/24 TRUSTED_PROXIES: 172.22.0.0/24
secrets: secrets:
- lychee-db-pw - lychee-db-pw
@ -484,8 +484,8 @@ services:
image: ghcr.io/ente-io/server image: ghcr.io/ente-io/server
container_name: ente-server container_name: ente-server
restart: unless-stopped restart: unless-stopped
ports: #ports:
- 8080:8080 # API # - 8080:8080 # API
depends_on: depends_on:
ente-db: ente-db:
condition: service_healthy condition: service_healthy
@ -494,13 +494,15 @@ services:
ENTE_DB_HOST: ente-db ENTE_DB_HOST: ente-db
ENTE_DB_NAME: ente_db ENTE_DB_NAME: ente_db
ENTE_DB_USER: pguser ENTE_DB_USER: pguser
ENTE_S3_B2_EU_CEN_ENDPOINT: garage:3900 ENTE_S3_ARE_LOCAL_BUCKETS: false
ENTE_S3_USE_PATH_STYLE_URLS: true
ENTE_S3_B2_EU_CEN_ENDPOINT: https://s3.guiotte.fr
ENTE_S3_B2_EU_CEN_REGION: garage ENTE_S3_B2_EU_CEN_REGION: garage
ENTE_S3_B2_EU_CEN_BUCKET: ente ENTE_S3_B2_EU_CEN_BUCKET: ente
ENTE_APPS_PUBLIC_ALBUMS: http://dm:3002 ENTE_APPS_PUBLIC_ALBUMS: https://albums-photos.guiotte.fr
ENTE_APPS_CAST: http://dm:3004 ENTE_APPS_CAST: https://tele-photos.guiotte.fr
ENTE_APPS_EMBED_ALBUMS: http://dm:3005 ENTE_APPS_EMBED_ALBUMS: https://capsule-photos.guiotte.fr
ENTE_APPS_ACCOUNTS: http://dm:3001 ENTE_APPS_ACCOUNTS: https://comptes-photos.guiotte.fr
secrets: secrets:
- ente-db-pw - ente-db-pw
- ente-s3-key - ente-s3-key
@ -521,7 +523,6 @@ services:
retries: 3 retries: 3
start_period: 120s start_period: 120s
ente-web: ente-web:
image: ghcr.io/ente-io/web image: ghcr.io/ente-io/web
container_name: ente-web container_name: ente-web
@ -538,9 +539,9 @@ services:
# Modify these values to your custom subdomains, if using any # Modify these values to your custom subdomains, if using any
environment: environment:
<<: *common-environment <<: *common-environment
ENTE_API_ORIGIN: http://localhost:8080 ENTE_API_ORIGIN: https://ente.guiotte.fr
ENTE_ALBUMS_ORIGIN: https://dm:3002 ENTE_ALBUMS_ORIGIN: https://albums-photos.guiotte.fr
ENTE_PHOTOS_ORIGIN: http://dm:3000 ENTE_PHOTOS_ORIGIN: https://photos.guiotte.fr/
volumes: volumes:

22
swag/nginx/proxy-confs/ente-server.subdomain.conf Normal file
View File

@ -0,0 +1,22 @@
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name ente.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app ente-server;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

153
swag/nginx/proxy-confs/ente-web.subdomain.conf Normal file
View File

@ -0,0 +1,153 @@
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name photos.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app ente-web;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name comptes-photos.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app ente-web;
set $upstream_port 3001;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name albums-photos.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app ente-web;
set $upstream_port 3002;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name auth.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app ente-web;
set $upstream_port 3003;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name tele-photos.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app ente-web;
set $upstream_port 3004;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}
#server {
# listen 443 ssl;
# listen [::]:443 ssl;
#
# server_name partage-photos.*; # This is Ente Locker for files, not only photos
#
# include /config/nginx/ssl.conf;
#
# client_max_body_size 0;
#
# location / {
#
# include /config/nginx/proxy.conf;
# include /config/nginx/resolver.conf;
# set $upstream_app ente-web;
# set $upstream_port 3005;
# set $upstream_proto http;
# proxy_pass $upstream_proto://$upstream_app:$upstream_port;
#
# }
#}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name capsule-photos.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app ente-web;
set $upstream_port 3006;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

49
swag/nginx/proxy-confs/garage.subdomain.conf Normal file
View File

@ -0,0 +1,49 @@
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name s3.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app garage;
set $upstream_port 3900;
set $upstream_proto http;
# --- Handle CORS preflight ---
if ($request_method = OPTIONS) {
add_header 'Access-Control-Allow-Origin' "*" always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, HEAD' always;
add_header 'Access-Control-Allow-Headers' '*' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Max-Age' 3000;
add_header 'Content-Length' 0;
add_header 'Content-Type' 'text/plain charset=UTF-8';
return 204;
}
# --- Proxy normal requests ---
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
# Prevent backend from sending conflicting CORS headers (optional)
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Expose-Headers;
# --- Add CORS headers for actual responses ---
add_header 'Access-Control-Allow-Origin' "*" always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, HEAD' always;
add_header 'Access-Control-Allow-Headers' '*' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Expose-Headers' 'Etag' always;#
}
}

2
swag/nginx/proxy-confs/lychee.subdomain.conf
View File

@ -6,7 +6,7 @@ server {
listen 443 ssl http2; listen 443 ssl http2;
listen [::]:443 ssl http2; listen [::]:443 ssl http2;
server_name photos.*; server_name pics.*;
include /config/nginx/ssl.conf; include /config/nginx/ssl.conf;