justin/site
1
0
Fork 0
forked from finn/site
Code Pull Requests Activity

Compare commits

base: justin:78384a31fb56a6bec9879df7c355cd44af1aec8a
Branches Tags
justin:master justin:typo-fix finn:caddy finn:master finn:nc
...
compare: finn:caddy
Branches Tags
finn:caddy finn:master finn:nc justin:master justin:typo-fix

25 Commits
78384a31fb ... caddy

Author SHA1 Message Date
finn
9aaba3452e cleanup caddyfile comments 2026-04-16 06:25:07 +00:00
finn
6f0df113c2 working book and caddy 2026-04-16 06:21:50 +00:00
finn
0a8d754365 gitignore stumpdir 2026-04-13 22:28:38 +00:00
finn
c34789a631 fix stump compose 2026-04-13 22:27:48 +00:00
finn
49d08e8f42 Merge branch 'caddy' of https://gut.oily.dad/finn/site into caddy 2026-04-13 14:30:03 -07:00
finn
fb5fc705dc add stump 2026-04-13 14:27:29 -07:00
finn
f63ee28d2b pre fuse checkpoint 2026-04-13 18:08:52 +00:00
finn
b780c043fa sshtun add rev tunnel keys 2026-04-13 00:50:58 -07:00
finn
fa73ccbc90 Switch to Caddy 2026-04-12 18:09:30 -07:00
finn
345d66b5c9 fix py3 back compat failure 2026-03-19 19:24:44 -07:00
finn
b6ccb0c859 stop gitea regs 2026-03-19 21:18:01 +00:00
finn
42a12d7ced also update example compose files 2026-01-04 08:03:22 +00:00
finn
a329511464 set up admin-allowed registration 2026-01-04 08:01:10 +00:00
finn
fc927eef63 add long staged emoji changes 2025-08-30 08:38:45 +00:00
finn
7ed3b07ab4 Merge pull request 'Fixed typo.' (#7) from oily.mom/site:typo-fix into master 
Reviewed-on: finn/site#7
Massive.
 2025-08-30 04:46:38 +00:00
JustinOros
0f2ab58f00 Fixed typo. 2025-08-25 09:32:28 -07:00
finn
950c9a6aea gitea ui tweaks 2025-01-02 02:22:57 +00:00
finn
414c300b41 recenter gitea link 2024-09-05 20:24:47 -07:00
finn
a5ac19a2a4 Merge pull request 'remove hard tabs oops' (#5) from tab_to_softtab into master 
Reviewed-on: finn/site#5
 2024-09-02 22:48:05 +00:00
finn
78c0895418 disable gitea reg if link on tld 2024-09-02 07:47:47 +00:00
finn
8cbe7eecd3 remove tabs from html 2024-09-02 07:22:23 +00:00
finn
9090da987f gitea link in header 2024-09-02 00:04:58 -07:00
finn
650e77210e move onion address to nginx header 2024-08-20 19:40:33 +00:00
finn
16a45c495d restart always incomp with env switch 2024-08-10 06:30:54 -07:00
finn
08ae04a154 ssh tunnel env switch and logging 2024-08-10 06:12:26 -07:00
35 changed files with 662 additions and 438 deletions
Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -1,6 +1,8 @@
gitea
.env
pmb-pf
stump
kavita
venv
zapp.db
db/bu

2
backend/app/forms.py
View File

@@ -7,7 +7,7 @@ from app.models import User
class LoginForm(FlaskForm):
username = StringField('Username', validators=[DataRequired()])
password = PasswordField('Pasword', validators=[DataRequired()])
password = PasswordField('Password', validators=[DataRequired()])
remember_me = BooleanField('Remember Me')
submit = SubmitField('Sign In')

1
backend/app/static/test.txt Normal file
View File

@@ -0,0 +1 @@
eee

4
backend/app/templates/404.html
View File

@@ -2,7 +2,7 @@
{% block content %}
<h2>File Not Found</h1>
<p><a href="{{ url_for('index') }}">Back</a></p>
<h2>File Not Found</h1>
<p><a href="{{ url_for('index') }}">Back</a></p>
{% endblock %}

6
backend/app/templates/500.html
View File

@@ -2,8 +2,8 @@
{% block content %}
<h2>An unexpected error has occurred.</h1>
<p>Administrator has been notified.</p>
<p><a href="{{ url_for('index') }}">Back</a></p>
<h2>An unexpected error has occurred.</h1>
<p>Administrator has been notified.</p>
<p><a href="{{ url_for('index') }}">Back</a></p>
{% endblock %}

22
backend/app/templates/_post.html
View File

@@ -1,11 +1,11 @@
<tr style="vertical-align: top;">
<td style="vertical-align: middle; width: 60px;">
<img style="vertical-align: middle; width: 40px;" src="data:image/png;base64,{{ post.author.gen_avatar(write_png=False) }}">
</td>
<td style="word-break: break-word;">
<a href="{{ url_for('user', username=post.author.username) }}">
{{ post.author.username }}
</a> says:<br>
{{ post.body }}
</td>
</tr>
<tr style="vertical-align: top;">
<td style="vertical-align: middle; width: 60px;">
<img style="vertical-align: middle; width: 40px;" src="data:image/png;base64,{{ post.author.gen_avatar(write_png=False) }}">
</td>
<td style="word-break: break-word;">
<a href="{{ url_for('user', username=post.author.username) }}">
{{ post.author.username }}
</a> says:<br>
{{ post.body }}
</td>
</tr>

24
backend/app/templates/_postnav.html
View File

@@ -1,14 +1,14 @@
<div>
{% if prev_url %}
<a class="button" href="{{ prev_url }}">Newer</a>
{% else %}
<a class="button" aria-disabled=true>Newer</a>
{% endif %}
<div>
{% if prev_url %}
<a class="button" href="{{ prev_url }}">Newer</a>
{% else %}
<a class="button" aria-disabled=true>Newer</a>
{% endif %}
{% if next_url %}
<a class="button" href="{{ next_url }}">Older</a>
{% else %}
<a class="button" aria-disabled=true>Older</a>
{% endif %}
</div>
{% if next_url %}
<a class="button" href="{{ next_url }}">Older</a>
{% else %}
<a class="button" aria-disabled=true>Older</a>
{% endif %}
</div>

72
backend/app/templates/base.html
View File

@@ -1,42 +1,44 @@
<!doctype html>
<html>
<head>
<link rel="stylesheet" href="{{ url_for('static', filename='simple.css') }}">
{% if title %}
<title>{{ title }}</title>
{% else %}
<title>oily page</title>
{% endif %}
</head>
<body>
<header>
<nav>
<a {% block indexcurrent %}{% endblock %} href="{{ url_for('index') }}">home</a>
<a {% block explorecurrent %}{% endblock %} href="{{ url_for('explore') }}">explore</a>
{% if current_user.is_anonymous %}
<a {% block logincurrent %}{% endblock %} href="{{ url_for('login') }}">login</a>
{% else %}
<a {% block profilecurrent %}{% endblock %} href="{{ url_for('user', username=current_user.username) }}">profile</a>
<a href="{{ url_for('logout') }}">logout</a>
{% endif %}
<head>
<link rel="stylesheet" href="{{ url_for('static', filename='simple.css') }}">
{% if title %}
<title>{{ title }}</title>
{% else %}
<title>oily page</title>
{% endif %}
</head>
<body>
<header>
<nav>
<a {% block indexcurrent %}{% endblock %} href="{{ url_for('index') }}">home</a>
<a {% block explorecurrent %}{% endblock %} href="{{ url_for('explore') }}">explore</a>
{% if current_user.is_anonymous %}
<a {% block logincurrent %}{% endblock %} href="{{ url_for('login') }}">login</a>
{% else %}
<a {% block profilecurrent %}{% endblock %} href="{{ url_for('user', username=current_user.username) }}">profile</a>
<a href="{{ url_for('logout') }}">logout</a>
{% endif %}
<a href="https://gut.oily.dad/explore/repos">
<img style="vertical-align: middle; horizontal-align: center; height: 22px" src="https://gut.oily.dad/assets/img/logo.svg" alt="Logo" aria-hidden="true">
</a>
</nav>
</nav>
<h2>oily.dad</h2>
<h5>oilydada7ckiseinkbeathsefwgkvjrce743xy7x7iiybkuxh4vheead.onion</h5>
</header>
<hr>
{% with messages = get_flashed_messages() %}
{% if messages %}
<ul>
{% for message in messages %}
<p class="notice">{{ message }}</p>
{% endfor %}
</ul>
{% endif %}
{% endwith %}
<h2>oily.dad</h2>
</header>
<hr>
{% with messages = get_flashed_messages() %}
{% if messages %}
<ul>
{% for message in messages %}
<p class="notice">{{ message }}</p>
{% endfor %}
</ul>
{% endif %}
{% endwith %}
{% block content %}{% endblock %}
</body>
{% block content %}{% endblock %}
</body>
</html>

38
backend/app/templates/edit_profile.html
View File

@@ -1,24 +1,24 @@
{% extends "base.html" %}
{% block content %}
<h2>Edit Profile</h1>
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.username.label }}
{{ form.username(size=32) }}
{% for error in form.username.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.about_me.label }}
{{ form.about_me(cols=50, rows=4) }}
{% for error in form.about_me.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit }}</p>
</form>
<h2>Edit Profile</h1>
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.username.label }}
{{ form.username(size=32) }}
{% for error in form.username.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.about_me.label }}
{{ form.about_me(cols=50, rows=4) }}
{% for error in form.about_me.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit }}</p>
</form>
{% endblock %}

12
backend/app/templates/email/reset_password.html
View File

@@ -1,10 +1,10 @@
<!doctype html>
<html>
<body>
<p>User {{ user.username }} requested password reset.</p>
<p>Reset link:</p>
<p><a href="{{ hostname }}{{ url_for('reset_password', token=token) }}">click here</a>
<p>If you did not request this, ignore this message.</p>
</body>
<body>
<p>User {{ user.username }} requested password reset.</p>
<p>Reset link:</p>
<p><a href="{{ hostname }}{{ url_for('reset_password', token=token) }}">click here</a>
<p>If you did not request this, ignore this message.</p>
</body>
</html>

38
backend/app/templates/explore.html
View File

@@ -3,26 +3,26 @@
{% block explorecurrent %}class="current"{% endblock %}
{% block content %}
{% if form %}
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.post.label }}
{{ form.post(cols=32, rows=4) }}
{% for error in form.post.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit() }}</p>
</form>
{% endif %}
<table>
{% for post in posts %}
{% include '_post.html' %}
{% endfor %}
</table>
{% if form %}
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.post.label }}
{{ form.post(cols=32, rows=4) }}
{% for error in form.post.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit() }}</p>
</form>
{% endif %}
<table>
{% for post in posts %}
{% include '_post.html' %}
{% endfor %}
</table>
{% include '_postnav.html' %}
{% include '_postnav.html' %}
{% endblock %}

38
backend/app/templates/index.html
View File

@@ -3,26 +3,26 @@
{% block indexcurrent %}class="current"{% endblock %}
{% block content %}
{% if form %}
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.post.label }}
{{ form.post(cols=32, rows=4) }}
{% for error in form.post.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit() }}</p>
</form>
{% endif %}
<table>
{% for post in posts %}
{% include '_post.html' %}
{% endfor %}
</table>
{% if form %}
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.post.label }}
{{ form.post(cols=32, rows=4) }}
{% for error in form.post.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit() }}</p>
</form>
{% endif %}
<table>
{% for post in posts %}
{% include '_post.html' %}
{% endfor %}
</table>
{% include '_postnav.html' %}
{% include '_postnav.html' %}
{% endblock %}

48
backend/app/templates/login.html
View File

@@ -3,31 +3,31 @@
{% block logincurrent %}class="current"{% endblock %}
{% block content %}
<h2>Sign In</h1>
<form action="" method="post" novalidate>
{{ form.hidden_tag() }}
<p>
{{ form.username.label }}<br>
{{ form.username(size=32) }}<br>
{% for error in form.username.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.password.label }}<br>
{{ form.password(size=32) }}<br>
{% for error in form.password.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.remember_me() }} {{ form.remember_me.label }}</p>
<p>
{{ form.submit }}
<a class="button" href="{{ url_for('register') }}">Register</a>
</p>
</form>
<h2>Sign In</h1>
<form action="" method="post" novalidate>
{{ form.hidden_tag() }}
<p>
{{ form.username.label }}<br>
{{ form.username(size=32) }}<br>
{% for error in form.username.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.password.label }}<br>
{{ form.password(size=32) }}<br>
{% for error in form.password.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.remember_me() }} {{ form.remember_me.label }}</p>
<p>
{{ form.submit }}
<a class="button" href="{{ url_for('register') }}">Register</a>
</p>
</form>
<p><a href="{{ url_for('reset_password_request') }}">Reset Password</a></p>
<p><a href="{{ url_for('reset_password_request') }}">Reset Password</a></p>
{% endblock %}

66
backend/app/templates/register.html
View File

@@ -2,39 +2,39 @@
{% block content %}
<h2>Register</h1>
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.username.label }}<br>
{{ form.username(size=32) }}<br>
{% for error in form.username.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.email.label }}<br>
{{ form.email(size=64) }}<br>
{% for error in form.email.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.password.label }}<br>
{{ form.password(size=64) }}<br>
{% for error in form.password.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.password2.label }}<br>
{{ form.password2(size=64) }}<br>
{% for error in form.password2.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit }}</p>
</form>
<h2>Register</h1>
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.username.label }}<br>
{{ form.username(size=32) }}<br>
{% for error in form.username.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.email.label }}<br>
{{ form.email(size=64) }}<br>
{% for error in form.email.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.password.label }}<br>
{{ form.password(size=64) }}<br>
{% for error in form.password.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.password2.label }}<br>
{{ form.password2(size=64) }}<br>
{% for error in form.password2.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit }}</p>
</form>
{% endblock %}

38
backend/app/templates/reset_password.html
View File

@@ -2,25 +2,25 @@
{% block content %}
<h2>Reset Your Password</h1>
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.password.label }}
{{ form.password(size=32) }}
{% for error in form.password.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.password2.label }}
{{ form.password2(size=32) }}
{% for error in form.password2.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit() }}</p>
</form>
<h2>Reset Your Password</h1>
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.password.label }}
{{ form.password(size=32) }}
{% for error in form.password.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>
{{ form.password2.label }}
{{ form.password2(size=32) }}
{% for error in form.password2.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit() }}</p>
</form>
{% endblock %}

24
backend/app/templates/reset_password_request.html
View File

@@ -1,17 +1,17 @@
{% extends "base.html" %}
{% block content %}
<h2>Reset Password</h1>
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.email.label }}<br>
{{ form.email(size=64) }}<br>
{% for error in form.email.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit() }}</p>
</form>
<h2>Reset Password</h1>
<form action="" method="post">
{{ form.hidden_tag() }}
<p>
{{ form.email.label }}<br>
{{ form.email(size=64) }}<br>
{% for error in form.email.errors %}
<span style="color: red;">[{{ error }}]</span>
{% endfor %}
</p>
<p>{{ form.submit() }}</p>
</form>
{% endblock %}

64
backend/app/templates/user.html
View File

@@ -3,40 +3,40 @@
{% block profilecurrent %}class="current"{% endblock %}
{% block content %}
<article>
<h2>
<img style="vertical-align: middle; width: 60px;" src="data:image/png;base64,{{ user.gen_avatar(write_png=False) }}">
User: {{ user.username }}
</h2>
{% if user.about_me %}<p>{{ user.about_me }}</p>{% endif %}
{% if user.last_seen %}<p>Last activity: {{ user.last_seen }}</p>{% endif %}
{% if user == current_user %}
<p><a class="button" href="{{ url_for('edit_profile') }}">Edit Profile</a></p>
{% elif not current_user.is_following(user) %}
<p>
<form action="{{ url_for('follow', username=user.username) }}" method="post">
{{ form.hidden_tag() }}
{{ form.submit(value='Follow') }}
</form>
</p>
{% else %}
<p>
<form action="{{ url_for('unfollow', username=user.username) }}" method="post">
{{ form.hidden_tag() }}
{{ form.submit(value='Unfollow') }}
</form>
</p>
{% endif %}
</article>
<hr>
<article>
<h2>
<img style="vertical-align: middle; width: 60px;" src="data:image/png;base64,{{ user.gen_avatar(write_png=False) }}">
User: {{ user.username }}
</h2>
{% if user.about_me %}<p>{{ user.about_me }}</p>{% endif %}
{% if user.last_seen %}<p>Last activity: {{ user.last_seen }}</p>{% endif %}
{% if user == current_user %}
<p><a class="button" href="{{ url_for('edit_profile') }}">Edit Profile</a></p>
{% elif not current_user.is_following(user) %}
<p>
<form action="{{ url_for('follow', username=user.username) }}" method="post">
{{ form.hidden_tag() }}
{{ form.submit(value='Follow') }}
</form>
</p>
{% else %}
<p>
<form action="{{ url_for('unfollow', username=user.username) }}" method="post">
{{ form.hidden_tag() }}
{{ form.submit(value='Unfollow') }}
</form>
</p>
{% endif %}
</article>
<hr>
<table>
{% for post in posts %}
{% include '_post.html' %}
{% endfor %}
</table>
<table>
{% for post in posts %}
{% include '_post.html' %}
{% endfor %}
</table>
{% include '_postnav.html' %}
{% include '_postnav.html' %}
{% endblock %}

56
backend/requirements.txt
View File

@@ -1,28 +1,28 @@
alembic==1.13.2
blinker==1.8.2
click==8.1.7
dnspython==2.6.1
email_validator==2.2.0
Flask==3.0.3
Flask-Login==0.6.3
Flask-Mail==0.10.0
Flask-Migrate==4.0.7
Flask-SQLAlchemy==3.1.1
Flask-WTF==1.2.1
greenlet==3.0.3
idna==3.7
itsdangerous==2.2.0
Jinja2==3.1.4
Mako==1.3.5
mariadb==1.1.10
MarkupSafe==2.1.5
packaging==24.1
pillow==10.4.0
pydenticon==0.3.1
PyJWT==2.9.0
python-dotenv==1.0.1
SQLAlchemy==2.0.31
typing_extensions==4.12.2
uWSGI==2.0.26
Werkzeug==3.0.3
WTForms==3.1.2
alembic
blinker
click
dnspython
email_validator
Flask
Flask-Login
Flask-Mail
Flask-Migrate
Flask-SQLAlchemy
Flask-WTF
greenlet
idna
itsdangerous
Jinja2
Mako
mariadb
MarkupSafe
packaging
pillow
pydenticon
PyJWT
python-dotenv
SQLAlchemy
typing_extensions
uWSGI
Werkzeug
WTForms

28
backend/requirements.txt.old Normal file
View File

@@ -0,0 +1,28 @@
alembic==1.13.2
blinker==1.8.2
click==8.1.7
dnspython==2.6.1
email_validator==2.2.0
Flask==3.0.3
Flask-Login==0.6.3
Flask-Mail==0.10.0
Flask-Migrate==4.0.7
Flask-SQLAlchemy==3.1.1
Flask-WTF==1.2.1
greenlet==3.0.3
idna==3.7
itsdangerous==2.2.0
Jinja2==3.1.4
Mako==1.3.5
mariadb==1.1.10
MarkupSafe==2.1.5
packaging==24.1
pillow==10.4.0
pydenticon==0.3.1
PyJWT==2.9.0
python-dotenv==1.0.1
SQLAlchemy==2.0.31
typing_extensions==4.12.2
uWSGI==2.0.28
Werkzeug==3.0.3
WTForms==3.1.2

59
compose.yaml
View File

@@ -31,7 +31,7 @@ services:
#tty: true
restart: always
# Comment following line to use flask (1worker, dev), uncomment to use uwsgi (wsgi)
command: ["uwsgi", "--http", "0.0.0.0:8000", "--master", "-p", "4", "-w", "microblog:app"]
#command: ["uwsgi", "--http", "0.0.0.0:8000", "--master", "-p", "4", "--buffer-size", "16384", "--limit-as", "2048", "-w", "microblog:app"]
container_name: backend
environment:
- MYSQL_USER=flasku
@@ -75,10 +75,13 @@ services:
- GITEA__mailer__PROTOCOL=smtp
- GITEA__mailer__SMTP_ADDR=pmb
- GITEA__mailer__SMTP_PORT=25
- GITEA__service__REGISTER_EMAIL_CONFIRM=true
- GITEA__service__REGISTER_EMAIL_CONFIRM=false
- GITEA__service__REGISTER_MANUAL_CONFIRM=true
- GITEA__service__ENABLE_NOTIFY_MAIL=true
- GITEA__server__LANDING_PAGE=explore
- GITEA__ui__REACTIONS="+1, -1, fu, heart, laugh, confused, hooray, eyes, gun, boom, poop, kiss, rocket, bomb, chart_with_downwards_trend, eggplant"
# To disable new users after setup:
#- GITEA__service__DISABLE_REGISTRATION=false
- GITEA__service__DISABLE_REGISTRATION=true
networks:
- backnet
- frontnet
@@ -135,15 +138,61 @@ services:
networks:
- backnet
stump:
image: aaronleopold/stump
container_name: stump
# Replace my paths (prior to the colons) with your own
volumes:
- ./stump:/config
- /mnt/hub/rocky-remote/st/rockybookshare/:/rocky-remote
- /mnt/hub/rocky-remote/st/briebookshare/:/rocky-redundant
- /mnt/hub/brie-remote/st/bookshare:/brie-remote
#ports:
# - 10801:10801
environment:
- PUID=1000
- PGID=1000
- STUMP_ENABLE_UPLOAD=true
- ENABLE_KOREADER_SYNC=true
- ENABLE_OPDS_PROGRESSION=true
- STUMP_MAX_SCANNER_CONCURRENCY=2
- STUMP_MAX_THUMBNAIL_CONCURRENCY=1
restart: unless-stopped
networks:
- frontnet
- backnet
kavita:
image: jvmilazz0/kavita:latest # Using the stable branch from the official dockerhub repo.
container_name: kavita
volumes:
#- /your/path/to/manga:/manga
#- /your/path/to/comics:/comics
- /mnt/hub/rocky-remote/st/rockybookshare/:/rocky-remote
- /mnt/hub/rocky-remote/st/briebookshare/:/rocky-redundant
- /mnt/hub/brie-remote/st/bookshare/:/brie-remote
- ./kavita:/kavita/config # /kavita/config must not be changed
environment:
- PUID=1000
- PGID=1000
- TZ=UTC
#ports:
# - "5000:5000"
restart: unless-stopped
networks:
- frontnet
- backnet
sshtun:
build:
context: sshtun
dockerfile: Dockerfile
restart: always
restart: on-failure
environment:
- USE_TUN=${USE_TUN}
ports:
- "22222:22"
expose:
- "11111"
- "11112"
networks:
- frontnet

12
compose.yaml.local
View File

@@ -75,10 +75,13 @@ services:
- GITEA__mailer__PROTOCOL=smtp
- GITEA__mailer__SMTP_ADDR=pmb
- GITEA__mailer__SMTP_PORT=25
- GITEA__service__REGISTER_EMAIL_CONFIRM=true
- GITEA__service__REGISTER_EMAIL_CONFIRM=false
- GITEA__service__REGISTER_MANUAL_CONFIRM=true
- GITEA__service__ENABLE_NOTIFY_MAIL=true
- GITEA__server__LANDING_PAGE=explore
- GITEA__ui__REACTIONS="+1, -1, fu, heart, laugh, confused, hooray, eyes, gun, boom, poop, kiss, rocket, bomb, chart_with_downwards_trend, eggplant"
# To disable new users after setup:
#- GITEA__service__DISABLE_REGISTRATION=false
- GITEA__service__DISABLE_REGISTRATION=false
networks:
- backnet
- frontnet
@@ -139,11 +142,12 @@ services:
build:
context: sshtun
dockerfile: Dockerfile
restart: always
restart: on-failure
environment:
- USE_TUN=${USE_TUN}
ports:
- "22222:22"
expose:
- "11111"
- "11112"
networks:
- frontnet

12
compose.yaml.prod
View File

@@ -75,10 +75,13 @@ services:
- GITEA__mailer__PROTOCOL=smtp
- GITEA__mailer__SMTP_ADDR=pmb
- GITEA__mailer__SMTP_PORT=25
- GITEA__service__REGISTER_EMAIL_CONFIRM=true
- GITEA__service__REGISTER_EMAIL_CONFIRM=false
- GITEA__service__REGISTER_MANUAL_CONFIRM=true
- GITEA__service__ENABLE_NOTIFY_MAIL=true
- GITEA__server__LANDING_PAGE=explore
- GITEA__ui__REACTIONS="+1, -1, fu, heart, laugh, confused, hooray, eyes, gun, boom, poop, kiss, rocket, bomb, chart_with_downwards_trend, eggplant"
# To disable new users after setup:
#- GITEA__service__DISABLE_REGISTRATION=false
- GITEA__service__DISABLE_REGISTRATION=false
networks:
- backnet
- frontnet
@@ -139,11 +142,12 @@ services:
build:
context: sshtun
dockerfile: Dockerfile
restart: always
restart: on-failure
environment:
- USE_TUN=${USE_TUN}
ports:
- "22222:22"
expose:
- "11111"
- "11112"
networks:
- frontnet

3
dotenv
View File

@@ -13,6 +13,9 @@ BUILD_GPG_PP=
# Tor:
# true/false:
USE_TOR=false
# SSH Tun:
# true/false:
USE_TUN=false
# Backend:
FLASK_SECRET_KEY="flaskkey"

5
ls_rclone.sh Normal file
View File

@@ -0,0 +1,5 @@
rclone ls :sftp: \
--sftp-host=localhost \
--sftp-port=11111 \
--sftp-user=armbian \
--sftp-key-file=/home/armbian/.ssh/armbian-brie-202604

93
proxy/Caddyfile Normal file
View File

@@ -0,0 +1,93 @@
# Global options
{
# Disable auto HTTPS since we're using existing certificates
auto_https off
}
# HTTP to HTTPS redirect
:80 {
redir https://{host}{uri} permanent
}
# Main domain - oily.dad and www.oily.dad
oily.dad, www.oily.dad {
# Root directory (not strictly needed for reverse proxy)
root * /var/www/html
# Use existing SSL certificates
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
# Onion-Location header
header Onion-Location http://oilydada7ckiseinkbeathsefwgkvjrce743xy7x7iiybkuxh4vheead.onion{path}
# Reverse proxy to backend
reverse_proxy http://backend:8000 {
# Preserve original host header
header_up Host {host}
header_up X-Real-IP {remote}
# X-Forwarded-For and X-Forwarded-Proto are set automatically by Caddy
}
}
# Subdomain for Gitea - gut.oily.dad
gut.oily.dad {
# Use existing SSL certificates
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
# Reverse proxy to Gitea
reverse_proxy http://gitea:3000 {
# WebSocket support for Gitea
header_up Connection {>Connection}
header_up Upgrade {>Upgrade}
# Preserve original headers
header_up Host {host}
header_up X-Real-IP {remote}
# X-Forwarded-For and X-Forwarded-Proto are set automatically by Caddy
}
}
# Subdomain for Stump - stump.oily.dad
stump.oily.dad {
# kavita supports gzip seems to work with stump
encode gzip
# Use existing SSL certificates
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
# Reverse proxy to Stump
reverse_proxy http://stump:10801 {
#reverse_proxy http://kavita:5000 {
# WebSocket support for Stump (if needed)
header_up Connection {>Connection}
header_up Upgrade {>Upgrade}
# Preserve original headers
header_up Host {host}
header_up X-Real-IP {remote}
# X-Forwarded-For and X-Forwarded-Proto are set automatically by Caddy
}
}
# Subdomain for Kavita - book.oily.dad
book.oily.dad {
# kavita supports gzip
encode gzip
# Use existing SSL certificates
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
# Reverse proxy to Kavita
#reverse_proxy http://stump:10801 {
reverse_proxy http://kavita:5000 {
# WebSocket support for Kavita (if needed)
header_up Connection {>Connection}
header_up Upgrade {>Upgrade}
# Preserve original headers
header_up Host {host}
header_up X-Real-IP {remote}
# X-Forwarded-For and X-Forwarded-Proto are set automatically by Caddy
}
}

65
proxy/Caddyfile.maybeno Normal file
View File

@@ -0,0 +1,65 @@
# Global options
{
# Disable auto HTTPS since we're using existing certificates
auto_https off
}
# HTTP to HTTPS redirect
:80 {
redir https://{host}{uri} permanent
}
# Main domain - oily.dad and www.oily.dad
oily.dad, www.oily.dad {
# Root directory (not strictly needed for reverse proxy)
root * /var/www/html
# Use existing SSL certificates
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
# Onion-Location header
header Onion-Location http://oilydada7ckiseinkbeathsefwgkvjrce743xy7x7iiybkuxh4vheead.onion{path}
# Reverse proxy to backend
reverse_proxy http://backend:8000 {
# Preserve original host header
header_up Host {host}
header_up X-Real-IP {remote}
# X-Forwarded-For and X-Forwarded-Proto are set automatically by Caddy
}
}
# Subdomain for Gitea - gut.oily.dad
gut.oily.dad {
# Root directory (not strictly needed for reverse proxy)
root * /var/www/html
# Use existing SSL certificates
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
# Reverse proxy to Gitea
reverse_proxy http://gitea:3000 {
# WebSocket support for Gitea
header_up Connection {>Connection}
header_up Upgrade {>Upgrade}
# Preserve original headers
header_up Host {host}
header_up X-Real-IP {remote}
# X-Forwarded-For and X-Forwarded-Proto are set automatically by Caddy
}
}
# Subdomain for Stump (comics/books) - book.oily.dad
book.oily.dad {
# Root directory (not strictly needed for reverse proxy)
root * /var/www/html
# Use existing SSL certificates
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
# Reverse proxy to Stump
#reverse_proxy http://stump:10801 {
reverse_proxy http://kavita:5000
}

74
proxy/Caddyfile.old Normal file
View File

@@ -0,0 +1,74 @@
# Global options
{
# Disable auto HTTPS since we're using existing certificates
auto_https off
}
# HTTP to HTTPS redirect
:80 {
redir https://{host}{uri} permanent
}
# Main domain - oily.dad and www.oily.dad
oily.dad, www.oily.dad {
# Root directory (not strictly needed for reverse proxy)
root * /var/www/html
# Use existing SSL certificates
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
# Onion-Location header
header Onion-Location http://oilydada7ckiseinkbeathsefwgkvjrce743xy7x7iiybkuxh4vheead.onion{path}
# Reverse proxy to backend
reverse_proxy http://backend:8000 {
# Preserve original host header
header_up Host {host}
header_up X-Real-IP {remote}
# X-Forwarded-For and X-Forwarded-Proto are set automatically by Caddy
}
}
# Subdomain for Gitea - gut.oily.dad
gut.oily.dad {
# Root directory (not strictly needed for reverse proxy)
root * /var/www/html
# Use existing SSL certificates
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
# Reverse proxy to Gitea
reverse_proxy http://gitea:3000 {
# WebSocket support for Gitea
header_up Connection {>Connection}
header_up Upgrade {>Upgrade}
# Preserve original headers
header_up Host {host}
header_up X-Real-IP {remote}
# X-Forwarded-For and X-Forwarded-Proto are set automatically by Caddy
}
}
# Subdomain for Stump (comics/books) - book.oily.dad
book.oily.dad {
# Root directory (not strictly needed for reverse proxy)
root * /var/www/html
# Use existing SSL certificates
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
# Reverse proxy to Stump
#reverse_proxy http://stump:10801 {
reverse_proxy http://kavita:5000 {
# WebSocket support for Stump (if needed)
header_up Connection {>Connection}
header_up Upgrade {>Upgrade}
# Preserve original headers
header_up Host {host}
header_up X-Real-IP {remote}
# X-Forwarded-For and X-Forwarded-Proto are set automatically by Caddy
}
}

12
proxy/Dockerfile
View File

@@ -1,2 +1,10 @@
FROM nginx:alpine
COPY conf /etc/nginx/conf.d/default.conf
FROM caddy:alpine
# Copy Caddyfile configuration
COPY Caddyfile /etc/caddy/Caddyfile
# Create directory for www root
RUN mkdir -p /var/www/html
# Caddy runs as non-root user by default
# Ports 80 and 443 are exposed by the base image

12
proxy/baseconf
View File

@@ -1,12 +0,0 @@
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://backend:8000;
}
location /gutty{
proxy_pass http://gitea:3000;
}
}

52
proxy/conf
View File

@@ -1,52 +0,0 @@
#server {
# listen 80;
# server_name localhost;
# location / {
# proxy_pass http://backend:8000;
# }
# always redirect to https
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
# use the certificates
ssl_certificate /etc/letsencrypt/live/oily.dad/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/oily.dad/privkey.pem;
server_name oily.dad www.oily.dad;
root /var/www/html;
index index.php index.html index.htm;
location / {
proxy_pass http://backend:8000/;
}
}
server {
listen 443 ssl http2;
# use the certificates
ssl_certificate /etc/letsencrypt/live/oily.dad/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/oily.dad/privkey.pem;
server_name gut.oily.dad;
root /var/www/html;
index index.php index.html index.htm;
location / {
client_max_body_size 512M;
#proxy_pass http://localhost:3000;
proxy_set_header Connection $http_connection;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitea:3000/;
}
}

17
proxy/giteaconf
View File

@@ -1,17 +0,0 @@
server {
listen 80;
server_name localhost;
location / {
client_max_body_size 512M;
#proxy_pass http://localhost:3000;
proxy_pass http://gitea:3000;
proxy_set_header Connection $http_connection;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}

52
proxy/sslconf
View File

@@ -1,52 +0,0 @@
#server {
# listen 80;
# server_name localhost;
# location / {
# proxy_pass http://backend:8000;
# }
# always redirect to https
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
# use the certificates
ssl_certificate /etc/letsencrypt/live/oily.dad/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/oily.dad/privkey.pem;
server_name oily.dad www.oily.dad;
root /var/www/html;
index index.php index.html index.htm;
location / {
proxy_pass http://backend:8000/;
}
}
server {
listen 443 ssl http2;
# use the certificates
ssl_certificate /etc/letsencrypt/live/oily.dad/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/oily.dad/privkey.pem;
server_name gut.oily.dad;
root /var/www/html;
index index.php index.html index.htm;
location / {
client_max_body_size 512M;
#proxy_pass http://localhost:3000;
proxy_set_header Connection $http_connection;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitea:3000/;
}
}

23
sshtun/Dockerfile
View File

@@ -1,15 +1,20 @@
FROM debian:12-slim
FROM debian:13-slim
RUN apt update && apt install -y openssh-server socat
RUN apt update
RUN apt install -y \
openssh-server \
socat
RUN adduser --disabled-password --gecos "" finn
RUN adduser --disabled-password --gecos "" armbian
RUN mkdir /home/finn/.ssh
# only one pubkey -- wildcard to conceal filename
COPY ./oilykey/*.pub /home/finn/.ssh/authorized_keys
RUN mkdir /var/run/sshd
# ssh:
RUN mkdir /home/armbian/.ssh
# only one pubkey -- wildcard just to conceal filename
COPY ./oilykey/*.pub /home/armbian/.ssh/authorized_keys
COPY ./oilykey/* /home/armbian/.ssh/
RUN chown -R armbian:armbian /home/armbian/.ssh/
RUN chmod 600 /home/armbian/.ssh/*
#RUN mkdir /var/run/sshd
RUN echo "PermitRootLogin no" >> /etc/ssh/sshd_config
RUN echo "PasswordAuthentication no" >> /etc/ssh/sshd_config

16
sshtun/entrypoint.sh
View File

@@ -1,8 +1,14 @@
#!/bin/bash
# Container goal:
# autossh -N -R 11111:localhost:11434 -i sshtun/oilykey/<SOMEKEY> -p 22222 <SOMEURL>
# forwards rem_c_port:(operator_pc:op_pc_port) ...some args... rem_host_p rem_host_url
# Container goal: egress
# first: physical_box$ autossh -N -R 11111:localhost:11434 -i sshtun/oilykey/<SOMEKEY> -p 22222 <rem_vps_url>
# will forward rem_c_port:physical_box:physical_box_port ...some args... rem_vps_p rem_vps_url
# then: frontnet_c$ curl sshtun.frontnet:11112 --> physical_box:11434
nohup socat TCP-LISTEN:11112,fork TCP:localhost:11111 &
/usr/sbin/sshd -D
if $USE_TUN ; then
echo "@@@@@@@@@@ SSH TUNNEL ENABLED BY ENV"
nohup socat TCP-LISTEN:11112,fork TCP:localhost:11111 &
/usr/sbin/sshd -De
else
echo "@@@@@@@@@@ SSH TUNNEL DISABLED BY ENV"
fi

8
sshtun/manual_rclone.sh Executable file
View File

@@ -0,0 +1,8 @@
rclone mount :sftp: /armbian/briemount \
--sftp-host=localhost \
--sftp-port=11111 \
--sftp-user=armbian \
--sftp-key-file=/home/armbian/.ssh/armbian-brie-202604 \
--vfs-cache-mode off \
--allow-other \
--daemon