diff --git a/services/docker-registry/auth/registry.password b/services/docker-registry/auth/registry.password new file mode 100644 index 0000000..0ce238a --- /dev/null +++ b/services/docker-registry/auth/registry.password @@ -0,0 +1 @@ +cicd:$2y$05$X3QHiXD318OoWjAoRA8bTeTj/Qyqp3lvVmE0mQvKVxLEHwJyRHylK diff --git a/services/docker-registry/docker-compose.yaml b/services/docker-registry/docker-compose.yaml new file mode 100644 index 0000000..d3ae817 --- /dev/null +++ b/services/docker-registry/docker-compose.yaml @@ -0,0 +1,14 @@ +services: + registry: + image: registry:latest + ports: + - "5000:5000" + restart: unless-stopped + environment: + REGISTRY_AUTH: htpasswd + REGISTRY_AUTH_HTPASSWD_REALM: Registry + REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password + REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data + volumes: + - ./auth:/auth + - /mnt/Teka2/docker-registry:/data diff --git a/services/ingress-rtmp/stream.nginx.conf b/services/ingress-rtmp/stream.nginx.conf new file mode 100644 index 0000000..1c0ddb6 --- /dev/null +++ b/services/ingress-rtmp/stream.nginx.conf @@ -0,0 +1,15 @@ +server { + listen 1935; + + # chunk_size 4096; + + application stream { + live on; + + # recorder rec1 { + # record all; + # record_path /var/rec; + # record_unique on; + # } + } +} \ No newline at end of file diff --git a/services/ingress/docker-registry.conf b/services/ingress/docker-registry.conf new file mode 100644 index 0000000..3f04c7e --- /dev/null +++ b/services/ingress/docker-registry.conf @@ -0,0 +1,35 @@ +server { + server_name registry.maksim-pankov.ru; + client_max_body_size 4000m; + + location / { + proxy_pass http://localhost:5000/; + client_max_body_size 0; + proxy_set_header Host $http_host; # required for docker client's sake + proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 900; + } + + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/registry.maksim-pankov.ru/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/registry.maksim-pankov.ru/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + + +} +server { + if ($host = registry.maksim-pankov.ru) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + server_name registry.maksim-pankov.ru; + listen 80; + return 404; # managed by Certbot + + +} \ No newline at end of file diff --git a/services/ingress/site.conf b/services/ingress/site.conf index 37e5da5..3716af5 100644 --- a/services/ingress/site.conf +++ b/services/ingress/site.conf @@ -20,6 +20,7 @@ server { include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + } server { if ($host = maksim-pankov.ru) { diff --git a/services/transmission/data/config/settings.json b/services/transmission/data/config/settings.json index d9b2191..ef3bbd7 100644 --- a/services/transmission/data/config/settings.json +++ b/services/transmission/data/config/settings.json @@ -50,7 +50,7 @@ "rpc-enabled": true, "rpc-host-whitelist": "", "rpc-host-whitelist-enabled": false, - "rpc-password": "{46bb4cd939c5b6d6a79ecc0686cbe166adf4c0076uxI16Ap", + "rpc-password": "{5df10b8d5ce87dc9599e117461688a7485e986f7LhkfMMb9", "rpc-port": 9091, "rpc-socket-mode": "0750", "rpc-url": "/transmission/",