Fossil/Foscarealm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Fossil:c7dc1115a644bde0a18e6876ce1f1800fd9369ba
Branches Tags
Fossil:main
...
compare: Fossil:main
Branches Tags
Fossil:main

35 Commits
c7dc1115a6 ... main

Author SHA1 Message Date
Stanislav Hubacek
7bf65691c7 strazcetajemstvi 3 2026-06-05 16:58:18 +02:00
Stanislav Hubacek
14da8dd465 strazcetajemstvi 2 2026-06-05 16:54:55 +02:00
Stanislav Hubacek
918359a802 strazcetajemstvi 2026-06-05 16:23:13 +02:00
hubaceks
6031e14793 fakturace 2026-06-02 21:33:00 +02:00
Stanislav Hubacek
cd6e59a5b6 Update Caddyfile.wrapper 
new basic auth
 2026-05-26 09:49:26 +02:00
Stanislav Hubacek
e6230e3975 Update services/smsgw.yml 
fix
 2026-05-26 09:43:48 +02:00
Stanislav Hubacek
8735c410bd Add services/smsgw 
SMSGW
 2026-05-26 09:43:25 +02:00
hubaceks
05e0072548 fix 3 2026-05-19 19:22:01 +02:00
hubaceks
a05ae55c37 fix 2 2026-05-19 19:18:37 +02:00
hubaceks
b6f3708aad fix 2026-05-19 19:12:20 +02:00
hubaceks
eb3116778a Eshop 2026-05-18 22:15:23 +02:00
hubaceks
684f88b56d Catalogue generator 2026-05-13 22:20:51 +02:00
hubaceks
036b27d4bc Portal 4 2026-05-04 22:08:51 +02:00
hubaceks
c2295e2442 Portal 3 2026-05-04 22:07:49 +02:00
hubaceks
89a10061c5 Portal 2 2026-05-04 21:57:40 +02:00
hubaceks
374244ba66 Portal 2026-05-04 21:12:46 +02:00
hubaceks
4a78885c66 Bistrousky DEV - Socky 2026-05-04 20:29:45 +02:00
hubaceks
85cba202d4 fix of internal 2026-05-02 22:11:07 +02:00
hubaceks
c3354c0cec fix of internal 2026-05-02 22:08:54 +02:00
hubaceks
f9ae17cdd4 test of webhook 2026-05-02 22:01:47 +02:00
hubaceks
4f74b317f4 Internal pages 2026-05-02 20:50:02 +02:00
hubaceks
329c27a6a2 redirect for Micinas 2026-05-01 22:43:38 +02:00
hubaceks
d5760660f3 PROD5 for Micinas 2026-05-01 22:39:54 +02:00
hubaceks
f891a75063 PROD2 for Micinas 2026-05-01 21:47:30 +02:00
hubaceks
0c856a9f84 bystrousky PROD 2026-05-01 20:16:04 +02:00
Stanislav Hubacek
56d5fa8d32 Immich 2026-04-27 21:26:59 +02:00
Stanislav Hubacek
10bbab3460 Bistrousky migration 3 2026-04-24 16:25:50 +02:00
Stanislav Hubacek
056f14dbe1 Bistrousky migration 2 2026-04-24 15:34:06 +02:00
Stanislav Hubacek
ea1c124e1d Bistrousky migration 2026-04-24 13:51:36 +02:00
hubaceks
1ac1d57465 Dalik 2026-04-22 19:27:39 +02:00
hubaceks
084afba83d ippplan 2026-04-20 22:56:38 +02:00
Stanislav Hubacek
d4480c4d2b provisioner 2026-04-12 21:29:42 +02:00
hubaceks
48a696b176 new services - homarr + IPplan 2026-04-10 22:24:27 +02:00
Stanislav Hubacek
acb7ccdf77 homepage 2026-04-09 00:56:59 +02:00
Stanislav Hubacek
7d2228d75a CI 2026-04-08 19:35:40 +02:00
22 changed files with 164 additions and 23 deletions
Expand all files Collapse all files

BIN
.DS_Store vendored Normal file
View File

Binary file not shown.

1
Caddyfile.wrapper
View File

@@ -15,6 +15,7 @@
(common_auth) {
basicauth {
Standa $2a$14$Qt8qzPSymY09baSwfhTVw./vsB4debh4UcS5Ty/2yg44vXrGnxTz.
eit $2a$14$PGERi8FOypvxFoy3vVGPAOgMbP1XZtwe9/4uQVDQeUGOSBqO0SAOO
}
}

28
scripts/deploy_from_git.sh
View File

@@ -2,26 +2,20 @@
set -euo pipefail
REPO_DIR="/opt/homelab"
BRANCH="main"
#note
echo "[1/4] Switching to repo..."
echo "[1/5] Switching to repo..."
cd "$REPO_DIR"
echo "[2/4] Fetching changes..."
git fetch origin "$BRANCH"
echo "[2/5] Fetching changes..."
git fetch origin
LOCAL="$(git rev-parse HEAD)"
REMOTE="$(git rev-parse origin/$BRANCH)"
echo "[3/5] Resetting to origin/main..."
git reset --hard origin/main
if [[ "$LOCAL" == "$REMOTE" ]]; then
echo "[3/4] No changes to deploy."
exit 0
fi
echo "[4/5] Cleaning untracked files..."
git clean -fd
echo "[3/4] Pulling latest changes..."
git pull --ff-only origin "$BRANCH"
echo "[5/5] Running deploy..."
./scripts/deploy_caddy.sh
echo "[4/4] Running Caddy deployment..."
"$REPO_DIR/scripts/deploy_caddy.sh"
echo "[Done] Git-based deployment completed."
echo "[Done]"

18
scripts/generate_caddy.py
View File

@@ -24,7 +24,8 @@ def validate_service(data: dict, source: Path) -> None:
raise ValueError(f"{source.name}: missing required key '{key}'")
svc_type = data["type"]
if svc_type not in {"static", "proxy"}:
if svc_type not in {"static", "proxy", "redirect"}:
raise ValueError(f"{source.name}: unsupported type '{svc_type}'")
if svc_type == "static" and "root" not in data:
@@ -33,6 +34,9 @@ def validate_service(data: dict, source: Path) -> None:
if svc_type == "proxy" and "backend" not in data:
raise ValueError(f"{source.name}: proxy service requires 'backend'")
if svc_type == "redirect" and "target" not in data:
raise ValueError(f"{source.name}: redirect service requires 'target'")
def render_service(env: Environment, data: dict) -> str:
svc_type = data["type"]
@@ -43,6 +47,13 @@ def render_service(env: Environment, data: dict) -> str:
"real_ip": False,
"health_uri": None,
"health_interval": None,
"internal": False,
"internal_ranges": [
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16",
],
"redirect_code": 301,
}
merged = {**defaults, **data}
@@ -51,6 +62,10 @@ def render_service(env: Environment, data: dict) -> str:
template = env.get_template("static.caddy.j2")
return template.render(**merged).strip() + "\n"
if svc_type == "redirect":
template = env.get_template("redirect.caddy.j2")
return template.render(**merged).strip() + "\n"
reverse_proxy_block = any(
[
merged.get("real_ip"),
@@ -91,6 +106,5 @@ def main() -> int:
return 0
if __name__ == "__main__":
sys.exit(main())

6
services/bistrousky-dev.yml Normal file
View File

@@ -0,0 +1,6 @@
name: bistrousky-dev
type: proxy
domain: bistrousky-dev.hubacek.cloud
headers: true
auth: false
backend: 192.168.50.109:80

7
services/bistrousky.yml
View File

@@ -1,5 +1,6 @@
name: bistrousky
type: static
domain: bistrousky.hubacek.cloud
type: proxy
domain: bistrousky.cz, www.bistrousky.cz
headers: true
root: /var/www/html
auth: false
backend: 192.168.50.107:80

5
services/bystrousky.yml Normal file
View File

@@ -0,0 +1,5 @@
name: bystrousky
type: redirect
domain: www.bystrousky.cz, bystrousky.cz
target: https://bistrousky.cz{uri}
code: 301

9
services/catalog-generator.yml Normal file
View File

@@ -0,0 +1,9 @@
name: Catalogue Generator
type: proxy
domain: catalogue-generator.hubacek.cloud
headers: true
auth: false
internal: true
internal_ranges:
- 192.168.50.0/24
backend: 192.168.50.112:8080

6
services/dalik.yml Normal file
View File

@@ -0,0 +1,6 @@
name: dalik
type: proxy
domain: daliborturza.hubacek.cloud
headers: true
auth: false
backend: 192.168.50.105:80

6
services/eshop-bistrousky.yml Normal file
View File

@@ -0,0 +1,6 @@
name: eshop.bistrousky
type: proxy
domain: eshop-bistrousky.hubacek.cloud
headers: true
auth: false
backend: 192.168.50.113:80

6
services/fakturace.yml Normal file
View File

@@ -0,0 +1,6 @@
name: fakturace
type: proxy
domain: fakturace.hubacek.cloud
headers: true
auth: false
backend: 192.168.50.118:80

2
services/git.yml
View File

@@ -2,5 +2,5 @@ name: gitea
type: proxy
domain: git.hubacek.cloud
headers: true
auth: true
auth: false
backend: 192.168.50.110:3000

9
services/homarr.yml Normal file
View File

@@ -0,0 +1,9 @@
name: homarr
type: proxy
domain: homarr.hubacek.cloud
headers: true
auth: false
internal: true
internal_ranges:
- 192.168.50.0/24
backend: 192.168.50.236:7575

9
services/homepage.yml Normal file
View File

@@ -0,0 +1,9 @@
name: homepage
type: proxy
domain: home.hubacek.cloud
headers: true
auth: true
internal: true
internal_ranges:
- 192.168.50.0/24
backend: 192.168.50.245:3000

6
services/immich.yml Normal file
View File

@@ -0,0 +1,6 @@
name: immich-app
type: proxy
domain: immich.hubacek.cloud
headers: true
auth: false
backend: 192.168.50.10:2283

9
services/ipplan.yml Normal file
View File

@@ -0,0 +1,9 @@
name: IPplan
type: proxy
domain: ipplan.hubacek.cloud
headers: true
auth: true
internal: true
internal_ranges:
- 192.168.50.0/24
backend: 192.168.50.237:5000

6
services/portal.yml Normal file
View File

@@ -0,0 +1,6 @@
name: portal
type: proxy
domain: portal.hubacek.cloud
headers: true
auth: false
backend: 192.168.50.111:8000

9
services/provisioner.yml Normal file
View File

@@ -0,0 +1,9 @@
name: provisioner
type: proxy
domain: provisioner.hubacek.cloud
headers: true
auth: false
internal: true
internal_ranges:
- 192.168.50.0/24
backend: 192.168.50.103:8000

6
services/smsgw.yml Normal file
View File

@@ -0,0 +1,6 @@
name: smsgw
type: proxy
domain: smsgw.hubacek.cloud
headers: true
auth: true
backend: 192.168.50.116:80

6
services/spravcetajemstvi.yml Normal file
View File

@@ -0,0 +1,6 @@
name: spravcetajemstvi
type: proxy
domain: spravcetajemstvi.cz, www.spravcetajemstvi.cz
headers: true
auth: false
backend: 192.168.50.115:3000

30
templates/proxy.caddy.j2
View File

@@ -5,6 +5,34 @@
{% if auth %}
import common_auth
{% endif %}
{% if internal %}
@internal {
remote_ip {{ internal_ranges | join(' ') }}
}
handle @internal {
{% if reverse_proxy_block %}
reverse_proxy {{ backend }} {
{% if real_ip %}
header_up X-Real-IP {remote_host}
{% endif %}
{% if health_uri %}
health_uri {{ health_uri }}
{% endif %}
{% if health_interval %}
health_interval {{ health_interval }}
{% endif %}
}
{% else %}
reverse_proxy {{ backend }}
{% endif %}
}
handle {
respond "Forbidden" 403
}
{% else %}
{% if reverse_proxy_block %}
reverse_proxy {{ backend }} {
{% if real_ip %}
@@ -20,4 +48,6 @@
{% else %}
reverse_proxy {{ backend }}
{% endif %}
{% endif %}
}

3
templates/redirect.caddy.j2 Normal file
View File

@@ -0,0 +1,3 @@
{{ domain }} {
redir {{ target }} {{ code | default(redirect_code) }}
}