valknar/stacks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
48 Commits 1 Branch 0 Tags
6f12bf9af751f084a7dcc88e8a8dc4c870d493d0
Commit Graph

48 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
valknar 6f12bf9af7 fix(passbolt): disable metadata encryption for new instance setup 
Passbolt 5.x's isNotCreatedInTheFutureRule has zero tolerance for
clock skew — even 1 second between browser and server causes the
metadata key creation to fail during first setup. Disabling the
automatic metadata setup for new instances allows the browser
extension to complete account setup successfully.

Encrypted metadata can be enabled from the admin panel post-setup.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-09 21:24:51 +02:00
valknar 758e69300f fix(passbolt): add TZ env var (Europe/Amsterdam) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-09 21:06:01 +02:00
valknar ae81935376 fix(passbolt): clean setup with correct GPG fingerprint 
Passbolt 5.x does not auto-persist the server key fingerprint across
container restarts (no passbolt.php is written). The fingerprint env var
is required and corresponds to the key auto-generated on first clean start.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-09 20:39:55 +02:00
valknar d8cfcd23d1 fix(passbolt): fix DB hostname, encoding, and GPG fingerprint 
- Use container_name passbolt_db instead of service name db (service names
  are ambiguous on the shared falcon_network — 6 other stacks also have a
  service named db)
- Add DATASOURCES_DEFAULT_ENCODING=utf8 to override MySQL's utf8mb4 default
- Add DATASOURCES_QUOTE_IDENTIFIER=true for PostgreSQL identifier quoting
- Set PASSBOLT_GPG_SERVER_KEY_FINGERPRINT for the auto-generated server key
- Add PASSBOLT_GPG_SERVER_KEY_EMAIL for correct server key identity

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-09 20:14:57 +02:00
valknar a1f0f7091b feat(passbolt): add Passbolt CE stack 
Password manager with GPG encryption. Uses PostgreSQL for consistency
with other stacks. Backed up alongside existing databases. Vaultwarden
kept running during migration.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-09 20:00:05 +02:00
valknar 31841d1ac3 fix(compose): remove empty labels keys left after watchtower label removal 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-09 19:44:01 +02:00
valknar 4c522961a9 feat(_update): replace watchtower with custom nightly update script 
Removes the watchtower container in favour of a host-side script that
runs daily at 2:00 AM via systemd timer.  Mirrors the _backup pattern:
auto-discovers stacks, pulls images, recreates changed containers,
prunes dangling images, and notifies via n8n → Telegram.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-09 19:42:25 +02:00
valknar cb241c9696 feat(affine): add SMTP config, AFFINE_SERVER_EXTERNAL_URL; remove blinko dir 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-09 06:57:45 +02:00
valknar 4b99e21a99 feat: replace blinko with affine, route notifications to telegram 
- Add AFFiNE stack (affine.pivoine.art): main app, migration job,
  redis, pgvector postgres
- Remove blinko stack
- Update backup.sh: swap blinko_db → affine_db
- Update README

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-09 06:28:27 +02:00
valknar 11ceb46e4a chore(backup): replace emoji codes with actual Unicode emojis 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-09 06:04:09 +02:00
valknar 5985d8619f fix(backup): use message field in webhook payload, matching watchtower 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-08 22:36:16 +02:00
valknar eed45f1627 docs: update README — add notifications section for n8n/Telegram 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-08 22:30:40 +02:00
valknar 39636e85c3 feat: replace mattermost with n8n, route notifications to telegram 
- Add n8n stack (n8n.pivoine.art) with postgres, traefik, watchtower
- Remove mattermost stack entirely
- Update backup.sh: swap mattermost_db → n8n_db, rename
  MATTERMOST_WEBHOOK → WEBHOOK_URL, simplify notify() payload
- Update watchtower: mattermost:// → generic+https:// for n8n webhook
- Add _backup/.env.example
- Update README

Webhook URLs in _backup/.env and watchtower/.env contain
FILL_AFTER_N8N_SETUP — update once n8n workflow is created.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-08 20:36:58 +02:00
valknar 5482236a9a chore(coolify): remove SSH config volume mounts 
No longer needed after Coolify update — verified on VPS, container
stays healthy without them.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-08 19:05:11 +02:00
valknar dc52de77bc feat(coolify): track SSH config and known_hosts in repo 
Mount from stack directory instead of .data, consistent with how
gitea handles runner-config.yaml.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-08 19:02:12 +02:00
valknar 68bcea4adc fix(coolify): add SSH config volume mounts for Gitea integration 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-08 18:59:59 +02:00
valknar f5b7f6f27e docs: update README — remove sexy stack, add .env.example setup step 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-08 18:56:55 +02:00
valknar 28b31e91e4 chore: add .env.example files for all stacks 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-08 18:55:30 +02:00
valknar 990ab0730a fix: no-index 2026-04-10 19:47:10 +02:00
valknar 1c8835bcf3 chore: cleanup 2026-03-30 17:47:34 +02:00
valknar 2750602fa5 chore: cleanup 2026-03-30 17:11:55 +02:00
valknar 3de764a055 chore: cleanup 2026-03-30 17:10:45 +02:00
valknar c5131580e4 chore: remove api 2026-03-27 09:54:38 +01:00
valknar 36da0dc752 fix: remove gemini 2026-03-20 17:19:02 +01:00
valknar 8364cdc65f chore: remove litellm docs 2026-03-18 20:16:54 +01:00
valknar 36fc4ee20a feat: add gemini-2.5-flash model to litellm 2026-03-18 18:43:44 +01:00
valknar 13956d7632 feat: add qwen3-coder model to litellm 2026-03-18 17:52:22 +01:00
valknar adfb6032ee chore: format 2026-03-18 17:39:36 +01:00
valknar cdb5a776be feat: add litellm 2026-03-18 17:39:19 +01:00
valknar 9e068eb7b3 style: customize gitea 2026-03-14 20:03:05 +01:00
valknar 74768a3ce5 chore: traefik without watchtower 2026-03-06 10:29:48 +01:00
valknar 1865844260 chore: cleanup 2026-03-05 09:51:40 +01:00
valknar 491d54bbd5 fix: update sexy_db credentials to sexy:sexy 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-04 21:53:00 +01:00
valknar f697eae0de fix: sexy directus image tag 2026-03-04 16:46:24 +01:00
valknar f427f408e0 feat: add blinko stack, remove joplin 2026-03-02 10:10:26 +01:00
valknar d0c38c1f46 fix: traefik image tag 2026-03-02 09:49:14 +01:00
valknar a22da351ed chore: umami tracking setup 2026-02-21 11:34:07 +01:00
valknar 0f10af0ca4 feat: palina ai image blog 2026-02-17 18:38:25 +01:00
valknar e555a78131 fix: use latest images 2026-02-17 12:23:09 +01:00
valknar 15f62b9e55 feat: Add realesrgan-api service to API stack 2026-02-16 20:22:33 +01:00
valknar 4a09dce2c0 Add api stack with freepik and facefusion behind forwardAuth 
Traefik routes api.pivoine.art/freepik and /facefusion to their
respective containers with path rewriting, shared API token auth
via an nginx sidecar, and api-rate-limit middleware.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 15:51:06 +01:00
valknar cd46be7d45 fix(sexy): add ASSETS_CACHE_TTL for long-lived browser caching 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 08:44:15 +01:00
valknar 70462f4bd5 Fix umami DATABASE_URL to use container name 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 08:09:57 +01:00
valknar 755e5b5716 Update umami image to postgresql-latest 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 08:01:35 +01:00
valknar 9c60f62422 Move restic repo path to .env and derive paths from script dir 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 07:19:35 +01:00
valknar d80d59fc2f Add restic backup stack with daily systemd timer 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 07:14:32 +01:00
valknar e7bad9cbcb Add coolify network to traefik for Coolify container routing 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 23:03:17 +01:00
valknar f21e0611b4 Add self-contained Docker Compose stacks for pivoine.art infrastructure 
Migrated 11 services from monolithic docker-compose project into independent stacks,
each with dedicated databases, minimal .env configuration, and bind-mount data volumes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 22:41:50 +01:00