diff options
author | Yuqian Yang <crupest@crupest.life> | 2025-03-30 22:27:19 +0800 |
---|---|---|
committer | Yuqian Yang <crupest@crupest.life> | 2025-04-01 20:10:08 +0800 |
commit | 9d9b68f8fb70dc72f34f3dd41f5811529e09789b (patch) | |
tree | 9aa05b4f86cd7a2d3aace053752fbb4431a3ca74 | |
parent | 84e614d7bed2d30930344c427ff227558162d0c6 (diff) | |
download | crupest-dev.tar.gz crupest-dev.tar.bz2 crupest-dev.zip |
migrate(ali): to ali server.dev
-rw-r--r-- | .editorconfig | 3 | ||||
-rw-r--r-- | dictionary.txt | 4 | ||||
-rw-r--r-- | services/docker/auto-backup/Dockerfile | 5 | ||||
-rwxr-xr-x | services/docker/auto-backup/daemon.bash | 20 | ||||
-rw-r--r-- | services/docker/auto-backup/rclone.conf | 4 | ||||
-rw-r--r-- | services/templates/docker-compose.yaml.template | 2 | ||||
-rw-r--r-- | services/templates/envs/auto-backup.env.template | 9 | ||||
-rw-r--r-- | services/templates/envs/mailserver.env.template (renamed from services/templates/envs/mailserver.env) | 18 |
8 files changed, 34 insertions, 31 deletions
diff --git a/.editorconfig b/.editorconfig index d28b4e3..4ff2eca 100644 --- a/.editorconfig +++ b/.editorconfig @@ -15,6 +15,9 @@ tab_width = 8 indent_size = 2 max_line_length = 80 +[*.{sh,bash}] +indent_size = 2 + [*.{html,css,js,ts}] indent_size = 2 diff --git a/dictionary.txt b/dictionary.txt index 139dee0..c89911c 100644 --- a/dictionary.txt +++ b/dictionary.txt @@ -50,6 +50,7 @@ sourceware zstd btrfs pacman +rclone # hurd gnumach @@ -73,9 +74,6 @@ sbuild sbuildrc schroot -# commercial -myqcloud - # misc geodata geoip diff --git a/services/docker/auto-backup/Dockerfile b/services/docker/auto-backup/Dockerfile index e376174..147be21 100644 --- a/services/docker/auto-backup/Dockerfile +++ b/services/docker/auto-backup/Dockerfile @@ -1,13 +1,12 @@ FROM debian RUN apt-get update && apt-get install -y \ - tini ca-certificates coreutils tar zstd \ + tini ca-certificates coreutils tar zstd rclone \ && rm -rf /var/lib/apt/lists/* ENV CRUPEST_AUTO_BACKUP_INIT_DELAY= ENV CRUPEST_AUTO_BACKUP_INTERVAL=1d -ADD --chmod=755 https://github.com/tencentyun/coscli/releases/download/v1.0.3/coscli-v1.0.3-linux-amd64 /app/coscli -ADD daemon.bash /app/ +ADD daemon.bash rclone.conf /app/ VOLUME [ "/data" ] diff --git a/services/docker/auto-backup/daemon.bash b/services/docker/auto-backup/daemon.bash index ff670e3..da9f853 100755 --- a/services/docker/auto-backup/daemon.bash +++ b/services/docker/auto-backup/daemon.bash @@ -20,16 +20,17 @@ if [[ -z "$CRUPEST_AUTO_BACKUP_INTERVAL" ]]; then fi note "Checking secrets..." -[[ -n "$CRUPEST_AUTO_BACKUP_COS_ENDPOINT" ]] || die "COS endpoint not set!" -[[ -n "$CRUPEST_AUTO_BACKUP_COS_BUCKET" ]] || die "COS bucket not set!" -[[ -n "$CRUPEST_AUTO_BACKUP_COS_SECRET_ID" ]] || die "COS secret ID not set!" -[[ -n "$CRUPEST_AUTO_BACKUP_COS_SECRET_KEY" ]] || die "COS secret key not set!" +[[ -n "$RCLONE_S3_PROVIDER" ]] || die "S3 provider not set!" +[[ -n "$RCLONE_S3_ENDPOINT" ]] || die "S3 endpoint not set!" +[[ -n "$RCLONE_S3_ACCESS_KEY_ID" ]] || die "S3 AccessKey ID not set!" +[[ -n "$RCLONE_S3_SECRET_ACCESS_KEY" ]] || die "S3 AccessKey Secret not set!" +[[ -n "$CRUPEST_AUTO_BACKUP_S3_BUCKET" ]] || die "S3 bucket not set!" success "Secrets check passed." note "Checking tools..." tar --version zstd --version -/app/coscli --version +rclone --version success "Tools check passed." echo "Backup interval set to $CRUPEST_AUTO_BACKUP_INTERVAL..." @@ -57,13 +58,10 @@ function backup { du -h "$tmp_file" | cut -f1 | xargs echo "Size of $tmp_file:" des_file_name="$current_time.$backup_file_ext" - echo "Upload $des_file_name to COS..." + echo "Upload $des_file_name to S3..." - /app/coscli --init-skip \ - --secret-id "${CRUPEST_AUTO_BACKUP_COS_SECRET_ID}" \ - --secret-key "${CRUPEST_AUTO_BACKUP_COS_SECRET_KEY}" \ - --endpoint "${CRUPEST_AUTO_BACKUP_COS_ENDPOINT}" \ - cp "$tmp_file" "cos://${CRUPEST_AUTO_BACKUP_COS_BUCKET}/$des_file_name" + rclone --config=/app/rclone.conf copyto \ + "$tmp_file" "remote://${CRUPEST_AUTO_BACKUP_S3_BUCKET}/$des_file_name" echo "Remove tmp file..." rm "$tmp_file" diff --git a/services/docker/auto-backup/rclone.conf b/services/docker/auto-backup/rclone.conf new file mode 100644 index 0000000..bfcbbc3 --- /dev/null +++ b/services/docker/auto-backup/rclone.conf @@ -0,0 +1,4 @@ +[remote] +type = s3 +env_auth = true +no_head = true diff --git a/services/templates/docker-compose.yaml.template b/services/templates/docker-compose.yaml.template index e133462..ddd3c95 100644 --- a/services/templates/docker-compose.yaml.template +++ b/services/templates/docker-compose.yaml.template @@ -47,7 +47,7 @@ services: restart: on-failure:3 mailserver: - image: docker.io/mailserver/docker-mailserver:latest + image: ghcr.io/docker-mailserver/docker-mailserver:latest pull_policy: always container_name: mailserver hostname: mail.@@CRUPEST_DOMAIN@@ diff --git a/services/templates/envs/auto-backup.env.template b/services/templates/envs/auto-backup.env.template index c2a6ba9..59d5fed 100644 --- a/services/templates/envs/auto-backup.env.template +++ b/services/templates/envs/auto-backup.env.template @@ -1,4 +1,5 @@ -CRUPEST_AUTO_BACKUP_COS_ENDPOINT=@@CRUPEST_AUTO_BACKUP_COS_ENDPOINT@@ -CRUPEST_AUTO_BACKUP_COS_BUCKET=@@CRUPEST_AUTO_BACKUP_COS_BUCKET@@ -CRUPEST_AUTO_BACKUP_COS_SECRET_ID=@@CRUPEST_AUTO_BACKUP_COS_SECRET_ID@@ -CRUPEST_AUTO_BACKUP_COS_SECRET_KEY=@@CRUPEST_AUTO_BACKUP_COS_SECRET_KEY@@ +RCLONE_S3_PROVIDER=@@CRUPEST_AUTO_BACKUP_S3_PROVIDER@@ +RCLONE_S3_ENDPOINT=@@CRUPEST_AUTO_BACKUP_S3_ENDPOINT@@ +RCLONE_S3_ACCESS_KEY_ID=@@CRUPEST_AUTO_BACKUP_S3_ACCESS_KEY_ID@@ +RCLONE_S3_SECRET_ACCESS_KEY=@@CRUPEST_AUTO_BACKUP_S3_ACCESS_KEY_SECRET@@ +CRUPEST_AUTO_BACKUP_S3_BUCKET=@@CRUPEST_AUTO_BACKUP_S3_BUCKET@@ diff --git a/services/templates/envs/mailserver.env b/services/templates/envs/mailserver.env.template index 9b12dfe..dffb0e8 100644 --- a/services/templates/envs/mailserver.env +++ b/services/templates/envs/mailserver.env.template @@ -89,10 +89,10 @@ TLS_LEVEL= # Configures the handling of creating mails with forged sender addresses. # # **0** => (not recommended) Mail address spoofing allowed. Any logged in user may create email messages with a forged sender address (see also https://en.wikipedia.org/wiki/Email_spoofing). -# 1 => Mail spoofing denied. Each user may only send with his own or his alias addresses. Addresses with extension delimiters(http://www.postfix.org/postconf.5.html#recipient_delimiter) are not able to send messages. +# 1 => Mail spoofing denied. Each user may only send with their own or their alias addresses. Addresses with extension delimiters(http://www.postfix.org/postconf.5.html#recipient_delimiter) are not able to send messages. SPOOF_PROTECTION= -# Enables the Sender Rewriting Scheme. SRS is needed if your mail server acts as forwarder. See [postsrsd](https://github.com/roehling/postsrsd/blob/master/README.md#sender-rewriting-scheme-crash-course) for further explanation. +# Enables the Sender Rewriting Scheme. SRS is needed if your mail server acts as forwarder. See [postsrsd](https://github.com/roehling/postsrsd/blob/main/README.rst) for further explanation. # - **0** => Disabled # - 1 => Enabled ENABLE_SRS=0 @@ -154,7 +154,7 @@ ENABLE_RSPAMD_REDIS= # # **0** => disabled # 1 => enabled -RSPAMD_LEARN=0 +RSPAMD_LEARN=1 # This settings controls whether checks should be performed on emails coming # from authenticated users (i.e. most likely outgoing emails). The default value @@ -171,7 +171,7 @@ RSPAMD_CHECK_AUTHENTICATED=0 # # **0** => disabled # 1 => enabled -RSPAMD_GREYLISTING=1 +RSPAMD_GREYLISTING=0 # Can be used to enable or disable the Hfilter group module. # @@ -508,7 +508,7 @@ DOVECOT_MAILBOX_FORMAT=maildir # empty => no # yes => Allow bind authentication for LDAP -# https://wiki.dovecot.org/AuthDatabase/LDAP/AuthBinds +# https://doc.dovecot.org/2.4.0/core/config/auth/databases/ldap.html#authentication-bind DOVECOT_AUTH_BIND= # ----------------------------------------------- @@ -631,7 +631,7 @@ SRS_SECRET= # # Set a default host to relay all mail through (optionally include a port) # Example: [mail.example.com]:587 -DEFAULT_RELAY_HOST= +DEFAULT_RELAY_HOST=@@CRUPEST_MAIL_SERVER_RELAY@@ # ----------------------------------------------- # --- Multi-Domain Relay Section ---------------- @@ -646,7 +646,7 @@ RELAY_HOST= # empty => 25 # default port to relay mail -RELAY_PORT=25 +RELAY_PORT=@@CRUPEST_MAIL_SERVER_RELAY_PORT@@ # ----------------------------------------------- # --- Relay Host Credentials Section ------------ @@ -655,7 +655,7 @@ RELAY_PORT=25 # Configure a relay user and password to use with RELAY_HOST / DEFAULT_RELAY_HOST # empty => no default -RELAY_USER= +RELAY_USER=@@CRUPEST_MAIL_SERVER_RELAY_USER@@ # empty => no default -RELAY_PASSWORD= +RELAY_PASSWORD=@@CRUPEST_MAIL_SERVER_RELAY_PASSWORD@@ |