From 3f1b682b4e90cc4e4fcbeabca3274d6d899545df Mon Sep 17 00:00:00 2001 From: zenfyr Date: Thu, 1 Jan 2026 15:10:08 +0700 Subject: [PATCH 01/22] pds --- .../etc/containers/systemd/pds/pds.container | 19 +++++++++++++++++++ beeper/var/containers/pds/.gitkeep | 0 2 files changed, 19 insertions(+) create mode 100644 beeper/etc/containers/systemd/pds/pds.container create mode 100644 beeper/var/containers/pds/.gitkeep diff --git a/beeper/etc/containers/systemd/pds/pds.container b/beeper/etc/containers/systemd/pds/pds.container new file mode 100644 index 0000000..f0883dd --- /dev/null +++ b/beeper/etc/containers/systemd/pds/pds.container @@ -0,0 +1,19 @@ +[Unit] +Description=ATProto Personal Data Server +After=network-online.target +Wants=network-online.target + +[Container] +Image=ghcr.io/bluesky-social/pds:latest +ContainerName=pds +EnvironmentFile=/var/containers/pds/.env.secrets +EnvironmentFile=/var/containers/pds/.env +PublishPort=127.0.0.1:24318:3000 +Volume=/var/containers/pds/pds:/pds:Z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/var/containers/pds/.gitkeep b/beeper/var/containers/pds/.gitkeep new file mode 100644 index 0000000..e69de29 From ec0fd52fad3d0d1e7244c207827f84dc6162ab23 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Thu, 1 Jan 2026 15:42:18 +0700 Subject: [PATCH 02/22] ask.js, copyparty, forgejo, i2pd, knot, mollysocket (untested) --- .../systemd/ask-js/ask-js.container | 19 ++++++++++++++ .../systemd/copyparty/copyparty.container | 25 +++++++++++++++++++ .../systemd/forgejo/forgejo.container | 23 +++++++++++++++++ .../containers/systemd/i2pd/i2pd.container | 18 +++++++++++++ .../systemd/iceshrimp/iceshrimp.container | 3 ++- .../containers/systemd/knot/knot.container | 23 +++++++++++++++++ .../systemd/mollysocket/mollysocket.container | 21 ++++++++++++++++ beeper/var/containers/ask-js/.gitkeep | 0 beeper/var/containers/copyparty/.gitkeep | 0 beeper/var/containers/forgejo/.gitkeep | 0 beeper/var/containers/i2pd/.gitkeep | 0 beeper/var/containers/knot/.gitkeep | 0 beeper/var/containers/mollysocket/.gitkeep | 0 13 files changed, 131 insertions(+), 1 deletion(-) create mode 100644 beeper/etc/containers/systemd/ask-js/ask-js.container create mode 100644 beeper/etc/containers/systemd/copyparty/copyparty.container create mode 100644 beeper/etc/containers/systemd/forgejo/forgejo.container create mode 100644 beeper/etc/containers/systemd/i2pd/i2pd.container create mode 100644 beeper/etc/containers/systemd/knot/knot.container create mode 100644 beeper/etc/containers/systemd/mollysocket/mollysocket.container create mode 100644 beeper/var/containers/ask-js/.gitkeep create mode 100644 beeper/var/containers/copyparty/.gitkeep create mode 100644 beeper/var/containers/forgejo/.gitkeep create mode 100644 beeper/var/containers/i2pd/.gitkeep create mode 100644 beeper/var/containers/knot/.gitkeep create mode 100644 beeper/var/containers/mollysocket/.gitkeep diff --git a/beeper/etc/containers/systemd/ask-js/ask-js.container b/beeper/etc/containers/systemd/ask-js/ask-js.container new file mode 100644 index 0000000..d44d116 --- /dev/null +++ b/beeper/etc/containers/systemd/ask-js/ask-js.container @@ -0,0 +1,19 @@ +[Unit] +Description=Ask.JS +After=network-online.target postgresql.service +Requires=postgresql.service +Wants=network-online.target + +[Container] +Image=ghcr.io/ihateblueb/ask-js:dev +ContainerName=ask-js +Network=postgresql.network +PublishPort=127.0.0.1:20617:3579 +Volume=/var/containers/ask-js/config.json:/app/config/config.json:ro,Z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/copyparty/copyparty.container b/beeper/etc/containers/systemd/copyparty/copyparty.container new file mode 100644 index 0000000..fbfeaaa --- /dev/null +++ b/beeper/etc/containers/systemd/copyparty/copyparty.container @@ -0,0 +1,25 @@ +[Unit] +Description=copyparty +After=network-online.target +Wants=network-online.target + +[Container] +Image=registry.hub.docker.com/copyparty/ac:latest +ContainerName=copyparty +Environment=LD_PRELOAD=/usr/lib/libmimalloc-secure.so +Environment=PYTHONUNBUFFERED=1 +HealthCmd=wget --spider -q 127.0.0.1:3923/?reset=/._ +HealthInterval=1m +HealthTimeout=2s +HealthRetries=5 +PublishPort=127.0.0.1:15084:3923 +UserNS=keep-id:uid=1000,gid=1000 +Volume=/var/containers/copyparty/conf:/cfg:Z +Volume=/mnt/ext/copyparty:/w:z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/forgejo/forgejo.container b/beeper/etc/containers/systemd/forgejo/forgejo.container new file mode 100644 index 0000000..94b860d --- /dev/null +++ b/beeper/etc/containers/systemd/forgejo/forgejo.container @@ -0,0 +1,23 @@ +[Unit] +Description=Forgejo +After=network-online.target postgresql.service +Requires=postgresql.service +Wants=network-online.target + +[Container] +Image=codeberg.org/forgejo/forgejo:13 +ContainerName=forgejo +EnvironmentFile=/var/containers/forgejo/.env +Network=postgresql.network +PublishPort=127.0.0.1:41807:3000 +PublishPort=10429:22 +Volume=/var/containers/forgejo/forgejo:/data:Z +Volume=/etc/timezone:/etc/timezone:ro +Volume=/etc/localtime:/etc/localtime:ro + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/i2pd/i2pd.container b/beeper/etc/containers/systemd/i2pd/i2pd.container new file mode 100644 index 0000000..3a0cdbf --- /dev/null +++ b/beeper/etc/containers/systemd/i2pd/i2pd.container @@ -0,0 +1,18 @@ +[Unit] +Description=I2PD Daemon +After=network-online.target +Wants=network-online.target + +[Container] +Image=registry.hub.docker.com/justinhimself/i2pd:latest +ContainerName=i2pd +AutoUpdate=registry +Network=host +Volume=/var/containers/i2pd/data:/config:Z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container index 13199d1..4658e9b 100644 --- a/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container +++ b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container @@ -1,7 +1,8 @@ [Unit] Description=Iceshrimp.NET -Requires=postgresql.service +Requires=network-online.target postgresql.service After=postgresql.service +Wants=network-online.target [Container] Image=iceshrimp.dev/iceshrimp/iceshrimp.net:dev diff --git a/beeper/etc/containers/systemd/knot/knot.container b/beeper/etc/containers/systemd/knot/knot.container new file mode 100644 index 0000000..6966753 --- /dev/null +++ b/beeper/etc/containers/systemd/knot/knot.container @@ -0,0 +1,23 @@ +[Unit] +Description=Tangled Knot Server +After=network-online.target +Wants=network-online.target + +[Container] +Image=ghcr.io/zenfyrdev/knot:latest +ContainerName=knot +EnvironmentFile=/var/containers/knot/.env +LogDriver=journald:max-size=10m +PublishPort=127.0.0.1:44131:5555 +PublishPort=20564:22 +UserNS=keep-id:uid=1000,gid=1000 +Volume=/var/containers/knot/keys:/etc/ssh/keys:Z +Volume=/var/containers/knot/repositories:/home/git/repositories:Z +Volume=/var/containers/knot/server:/app:Z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/mollysocket/mollysocket.container b/beeper/etc/containers/systemd/mollysocket/mollysocket.container new file mode 100644 index 0000000..60c6554 --- /dev/null +++ b/beeper/etc/containers/systemd/mollysocket/mollysocket.container @@ -0,0 +1,21 @@ +[Unit] +Description=MollySocket +After=network-online.target +Wants=network-online.target + +[Container] +Image=ghcr.io/mollyim/mollysocket:1.6-alpine +ContainerName=mollysocket +EnvironmentFile=/var/containers/mollysocket/.env.secrets +EnvironmentFile=/var/containers/mollysocket/.env +Exec=server +PublishPort=127.0.0.1:19236:19236 +Volume=/var/containers/mollysocket/data:/data:Z +WorkingDir=/data + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/var/containers/ask-js/.gitkeep b/beeper/var/containers/ask-js/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/beeper/var/containers/copyparty/.gitkeep b/beeper/var/containers/copyparty/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/beeper/var/containers/forgejo/.gitkeep b/beeper/var/containers/forgejo/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/beeper/var/containers/i2pd/.gitkeep b/beeper/var/containers/i2pd/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/beeper/var/containers/knot/.gitkeep b/beeper/var/containers/knot/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/beeper/var/containers/mollysocket/.gitkeep b/beeper/var/containers/mollysocket/.gitkeep new file mode 100644 index 0000000..e69de29 From cb6f1c5629bb9dfd38db4580fd7332e0a99d31b7 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Thu, 1 Jan 2026 17:10:18 +0700 Subject: [PATCH 03/22] remove options that break the knot. LogDriver is wrong, but journald is already configured to nice values by default. UserNS breaks s6 init --- beeper/etc/containers/systemd/knot/knot.container | 2 -- 1 file changed, 2 deletions(-) diff --git a/beeper/etc/containers/systemd/knot/knot.container b/beeper/etc/containers/systemd/knot/knot.container index 6966753..ee6bef5 100644 --- a/beeper/etc/containers/systemd/knot/knot.container +++ b/beeper/etc/containers/systemd/knot/knot.container @@ -7,10 +7,8 @@ Wants=network-online.target Image=ghcr.io/zenfyrdev/knot:latest ContainerName=knot EnvironmentFile=/var/containers/knot/.env -LogDriver=journald:max-size=10m PublishPort=127.0.0.1:44131:5555 PublishPort=20564:22 -UserNS=keep-id:uid=1000,gid=1000 Volume=/var/containers/knot/keys:/etc/ssh/keys:Z Volume=/var/containers/knot/repositories:/home/git/repositories:Z Volume=/var/containers/knot/server:/app:Z From 491ef252ac3ed01b1175ab22a7b515fe37da2348 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Thu, 1 Jan 2026 18:00:42 +0700 Subject: [PATCH 04/22] redlib, safetwitch, searxng, tor --- .../systemd/redlib/redlib.container | 20 ++++++++++++++++ .../safetwitch/safetwitch-backend.container | 18 ++++++++++++++ .../safetwitch/safetwitch-frontend.container | 22 +++++++++++++++++ .../systemd/searxng/searxng-dfdb.container | 24 +++++++++++++++++++ .../systemd/searxng/searxng.container | 20 ++++++++++++++++ .../systemd/searxng/searxng.network | 3 +++ .../containers/systemd/searxng/searxng.volume | 2 ++ .../etc/containers/systemd/tor/tor.container | 19 +++++++++++++++ beeper/var/containers/redlib/.gitkeep | 0 beeper/var/containers/searxng/.gitkeep | 0 beeper/var/containers/tor/.gitkeep | 0 11 files changed, 128 insertions(+) create mode 100644 beeper/etc/containers/systemd/redlib/redlib.container create mode 100644 beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container create mode 100644 beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container create mode 100644 beeper/etc/containers/systemd/searxng/searxng-dfdb.container create mode 100644 beeper/etc/containers/systemd/searxng/searxng.container create mode 100644 beeper/etc/containers/systemd/searxng/searxng.network create mode 100644 beeper/etc/containers/systemd/searxng/searxng.volume create mode 100644 beeper/etc/containers/systemd/tor/tor.container create mode 100644 beeper/var/containers/redlib/.gitkeep create mode 100644 beeper/var/containers/searxng/.gitkeep create mode 100644 beeper/var/containers/tor/.gitkeep diff --git a/beeper/etc/containers/systemd/redlib/redlib.container b/beeper/etc/containers/systemd/redlib/redlib.container new file mode 100644 index 0000000..cc194fb --- /dev/null +++ b/beeper/etc/containers/systemd/redlib/redlib.container @@ -0,0 +1,20 @@ +[Unit] +Description=Redlib +After=network-online.target +Wants=network-online.target + +[Container] +Image=quay.io/redlib/redlib:latest +ContainerName=redlib +EnvironmentFile=/var/containers/redlib/.env +HealthCmd=wget --spider -q --tries=1 http://localhost:8080/settings +HealthInterval=5m +HealthTimeout=3s +PublishPort=127.0.0.1:51617:8080 + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container b/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container new file mode 100644 index 0000000..7bf6087 --- /dev/null +++ b/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container @@ -0,0 +1,18 @@ +[Unit] +Description=SafeTwitch Backend +After=network-online.target +Wants=network-online.target + +[Container] +Image=codeberg.org/safetwitch/safetwitch-backend:latest +ContainerName=safetwitch-backend +Environment=PORT=7000 +Environment=URL=https://b.twitch.synth.download +PublishPort=127.0.0.1:43072:7000 + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container b/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container new file mode 100644 index 0000000..2b4de43 --- /dev/null +++ b/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container @@ -0,0 +1,22 @@ +[Unit] +Description=SafeTwitch Frontend +After=network-online.target safetwitch-backend.service +Wants=network-online.target +Requires=safetwitch-backend.service + +[Container] +Image=codeberg.org/safetwitch/safetwitch:latest +ContainerName=safetwitch-frontend +Environment=SAFETWITCH_BACKEND_DOMAIN=b.twitch.synth.download +Environment=SAFETWITCH_INSTANCE_DOMAIN=twitch.synth.download +Environment=SAFETWITCH_HTTPS=true +Environment=SAFETWITCH_DEFAULT_LOCALE=en +Environment=SAFETWITCH_FALLBACK_LOCALE=en +PublishPort=127.0.0.1:24682:8280 + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/searxng/searxng-dfdb.container b/beeper/etc/containers/systemd/searxng/searxng-dfdb.container new file mode 100644 index 0000000..a921b64 --- /dev/null +++ b/beeper/etc/containers/systemd/searxng/searxng-dfdb.container @@ -0,0 +1,24 @@ +[Unit] +Description=SearXNG Dragonfly DB + +[Container] +Image=docker.dragonflydb.io/dragonflydb/dragonfly +ContainerName=searxng-dfdb +Environment=DFLY_snapshot_cron="* * * * *" +Environment=DFLY_version_check=false +Environment=DFLY_default_lua_flags=allow-undeclared-keys +Environment=DFLY_dbfilename=dump.rdb +Environment=DFLY_df_snapshot_format=false +Environment=DFLY_dir=/data +HealthCmd=redis-cli ping +HealthInterval=5s +HealthRetries=20 +Network=searxng.network +Volume=/var/containers/searxng/dragonfly:/data:z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/searxng/searxng.container b/beeper/etc/containers/systemd/searxng/searxng.container new file mode 100644 index 0000000..68a346b --- /dev/null +++ b/beeper/etc/containers/systemd/searxng/searxng.container @@ -0,0 +1,20 @@ +[Unit] +Description=SearXNG +After=network-online.target searxng-dfdb.service +Wants=network-online.target +Requires=searxng-dfdb.service + +[Container] +Image=docker.io/searxng/searxng:latest +ContainerName=searxng +PublishPort=127.0.0.1:48898:8080 +Network=searxng.network +Volume=/var/containers/searxng/searxng:/etc/searxng:Z +Volume=searxng.volume:/var/cache/searxng + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/searxng/searxng.network b/beeper/etc/containers/systemd/searxng/searxng.network new file mode 100644 index 0000000..ef28705 --- /dev/null +++ b/beeper/etc/containers/systemd/searxng/searxng.network @@ -0,0 +1,3 @@ +[Network] +NetworkName=searxng +IPv6=true diff --git a/beeper/etc/containers/systemd/searxng/searxng.volume b/beeper/etc/containers/systemd/searxng/searxng.volume new file mode 100644 index 0000000..99b410b --- /dev/null +++ b/beeper/etc/containers/systemd/searxng/searxng.volume @@ -0,0 +1,2 @@ +[Volume] +VolumeName=searxng diff --git a/beeper/etc/containers/systemd/tor/tor.container b/beeper/etc/containers/systemd/tor/tor.container new file mode 100644 index 0000000..c7927ec --- /dev/null +++ b/beeper/etc/containers/systemd/tor/tor.container @@ -0,0 +1,19 @@ +[Unit] +Description=Tor Daemon +After=network-online.target +Wants=network-online.target + +[Container] +Image=docker.io/dockurr/tor +ContainerName=tor +AutoUpdate=registry +Network=host +Volume=/var/containers/tor/config:/etc/tor:ro,Z +Volume=/var/containers/tor/data:/var/lib/tor:Z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/var/containers/redlib/.gitkeep b/beeper/var/containers/redlib/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/beeper/var/containers/searxng/.gitkeep b/beeper/var/containers/searxng/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/beeper/var/containers/tor/.gitkeep b/beeper/var/containers/tor/.gitkeep new file mode 100644 index 0000000..e69de29 From 70f8f72705d388da11cd8bc2e52f1023f60db441 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Thu, 1 Jan 2026 18:21:06 +0700 Subject: [PATCH 05/22] vaultwarden --- .../systemd/vaultwarden/vaultwarden.container | 18 ++++++++++++++++++ beeper/var/containers/vaultwarden/.gitkeep | 0 2 files changed, 18 insertions(+) create mode 100644 beeper/etc/containers/systemd/vaultwarden/vaultwarden.container create mode 100644 beeper/var/containers/vaultwarden/.gitkeep diff --git a/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container b/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container new file mode 100644 index 0000000..bd5f28c --- /dev/null +++ b/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container @@ -0,0 +1,18 @@ +[Unit] +Description=Vaultwarden +After=network-online.target +Wants=network-online.target + +[Container] +Image=vaultwarden/server:latest +ContainerName=vaultwarden +EnvironmentFile=/var/containers/vaultwarden/.env +PublishPort=127.0.0.1:60838:80 +Volume=/var/containers/vaultwarden/data:/data:Z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/var/containers/vaultwarden/.gitkeep b/beeper/var/containers/vaultwarden/.gitkeep new file mode 100644 index 0000000..e69de29 From 2941f609576a93315a66b4594e63f00d0d7b8fc2 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Thu, 1 Jan 2026 18:52:17 +0700 Subject: [PATCH 06/22] add dind --- .../containers/systemd/dind/dind.container | 25 +++++++++++++++++++ .../etc/containers/systemd/dind/dind.volume | 2 ++ 2 files changed, 27 insertions(+) create mode 100644 beeper/etc/containers/systemd/dind/dind.container create mode 100644 beeper/etc/containers/systemd/dind/dind.volume diff --git a/beeper/etc/containers/systemd/dind/dind.container b/beeper/etc/containers/systemd/dind/dind.container new file mode 100644 index 0000000..c73ed20 --- /dev/null +++ b/beeper/etc/containers/systemd/dind/dind.container @@ -0,0 +1,25 @@ +[Unit] +Description=Docker-in-Podman +After=network-online.target +Wants=network-online.target + +[Container] +Image=docker.io/library/docker:dind +ContainerName=dind +AutoUpdate=registry +Environment=DOCKER_HOST=unix:///var/run/docker.sock +SecurityLabelDisable=true +PodmanArgs=--privileged --cgroupns=host +HealthCmd=docker info || exit 1 +HealthInterval=5s +HealthTimeout=3s +HealthRetries=5 +Volume=dind.volume:/var/lib/docker:Z +Volume=/var/run/dind:/var/run:z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/dind/dind.volume b/beeper/etc/containers/systemd/dind/dind.volume new file mode 100644 index 0000000..610a756 --- /dev/null +++ b/beeper/etc/containers/systemd/dind/dind.volume @@ -0,0 +1,2 @@ +[Volume] +VolumeName=dind From e962a3323122802906fd681864ab9bdeab9c524b Mon Sep 17 00:00:00 2001 From: zenfyr Date: Thu, 1 Jan 2026 21:08:45 +0700 Subject: [PATCH 07/22] Create forgejo-runner.container --- .../systemd/forgejo/forgejo-runner.container | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 beeper/etc/containers/systemd/forgejo/forgejo-runner.container diff --git a/beeper/etc/containers/systemd/forgejo/forgejo-runner.container b/beeper/etc/containers/systemd/forgejo/forgejo-runner.container new file mode 100644 index 0000000..f311c8a --- /dev/null +++ b/beeper/etc/containers/systemd/forgejo/forgejo-runner.container @@ -0,0 +1,20 @@ +[Unit] +Description=Forgejo Runner +After=dind.service +Requires=dind.service + +[Container] +Image=data.forgejo.org/forgejo/runner:4.0.0 +ContainerName=forgejo-runner +EnvironmentFile=/var/containers/forgejo/.env.runner +User=1001:1001 +Volume=/var/containers/forgejo/runner:/data:Z +Volume=/var/run/dind/docker.sock:/var/run/docker.sock:z +Exec=/bin/sh -c "sleep 5; forgejo-runner daemon" + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target From a26a1c722cde5f6ced59bbff90c21dbadf8004f4 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Thu, 1 Jan 2026 23:04:20 +0700 Subject: [PATCH 08/22] quadlet adds that dep automatically --- beeper/etc/containers/systemd/aode/aode-relay.container | 2 -- beeper/etc/containers/systemd/ask-js/ask-js.container | 3 +-- beeper/etc/containers/systemd/caddy/caddy.container | 4 +--- beeper/etc/containers/systemd/copyparty/copyparty.container | 2 -- beeper/etc/containers/systemd/dind/dind.container | 2 -- beeper/etc/containers/systemd/forgejo/forgejo.container | 3 +-- beeper/etc/containers/systemd/i2pd/i2pd.container | 2 -- beeper/etc/containers/systemd/iceshrimp/iceshrimp.container | 3 +-- beeper/etc/containers/systemd/knot/knot.container | 2 -- .../containers/systemd/mastodon/mastodon-darkhttpd.container | 2 -- .../etc/containers/systemd/mollysocket/mollysocket.container | 2 -- beeper/etc/containers/systemd/pds/pds.container | 2 -- beeper/etc/containers/systemd/redlib/redlib.container | 2 -- .../systemd/safetwitch/safetwitch-backend.container | 2 -- .../systemd/safetwitch/safetwitch-frontend.container | 3 +-- beeper/etc/containers/systemd/searxng/searxng.container | 3 +-- .../containers/systemd/sharkey/sharkey-activity.container | 3 +-- beeper/etc/containers/systemd/sharkey/sharkey-api.container | 3 +-- .../etc/containers/systemd/sharkey/sharkey-media.container | 5 ++--- .../etc/containers/systemd/sharkey/sharkey-worker.container | 3 +-- beeper/etc/containers/systemd/tor/tor.container | 2 -- .../etc/containers/systemd/vaultwarden/vaultwarden.container | 2 -- beeper/etc/containers/systemd/yggdrasil/yggdrasil.container | 2 -- 23 files changed, 11 insertions(+), 48 deletions(-) diff --git a/beeper/etc/containers/systemd/aode/aode-relay.container b/beeper/etc/containers/systemd/aode/aode-relay.container index 39c44f1..b5ff31f 100644 --- a/beeper/etc/containers/systemd/aode/aode-relay.container +++ b/beeper/etc/containers/systemd/aode/aode-relay.container @@ -1,7 +1,5 @@ [Unit] Description=Aode ActivityPub Relay -Requires=network-online.target -After=network-online.target [Container] Image=registry.hub.docker.com/asonix/relay:latest diff --git a/beeper/etc/containers/systemd/ask-js/ask-js.container b/beeper/etc/containers/systemd/ask-js/ask-js.container index d44d116..cc0fe55 100644 --- a/beeper/etc/containers/systemd/ask-js/ask-js.container +++ b/beeper/etc/containers/systemd/ask-js/ask-js.container @@ -1,8 +1,7 @@ [Unit] Description=Ask.JS -After=network-online.target postgresql.service +After=postgresql.service Requires=postgresql.service -Wants=network-online.target [Container] Image=ghcr.io/ihateblueb/ask-js:dev diff --git a/beeper/etc/containers/systemd/caddy/caddy.container b/beeper/etc/containers/systemd/caddy/caddy.container index 40a944f..4dfa345 100644 --- a/beeper/etc/containers/systemd/caddy/caddy.container +++ b/beeper/etc/containers/systemd/caddy/caddy.container @@ -1,7 +1,5 @@ [Unit] Description=Caddy reverse proxy -After=network-online.target -Wants=network-online.target [Container] ContainerName=caddy @@ -18,4 +16,4 @@ Volume=/var/www:/var/www:z Restart=always [Install] -WantedBy=default.target \ No newline at end of file +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/copyparty/copyparty.container b/beeper/etc/containers/systemd/copyparty/copyparty.container index fbfeaaa..566e9bc 100644 --- a/beeper/etc/containers/systemd/copyparty/copyparty.container +++ b/beeper/etc/containers/systemd/copyparty/copyparty.container @@ -1,7 +1,5 @@ [Unit] Description=copyparty -After=network-online.target -Wants=network-online.target [Container] Image=registry.hub.docker.com/copyparty/ac:latest diff --git a/beeper/etc/containers/systemd/dind/dind.container b/beeper/etc/containers/systemd/dind/dind.container index c73ed20..5679316 100644 --- a/beeper/etc/containers/systemd/dind/dind.container +++ b/beeper/etc/containers/systemd/dind/dind.container @@ -1,7 +1,5 @@ [Unit] Description=Docker-in-Podman -After=network-online.target -Wants=network-online.target [Container] Image=docker.io/library/docker:dind diff --git a/beeper/etc/containers/systemd/forgejo/forgejo.container b/beeper/etc/containers/systemd/forgejo/forgejo.container index 94b860d..21879ac 100644 --- a/beeper/etc/containers/systemd/forgejo/forgejo.container +++ b/beeper/etc/containers/systemd/forgejo/forgejo.container @@ -1,8 +1,7 @@ [Unit] Description=Forgejo -After=network-online.target postgresql.service +After=postgresql.service Requires=postgresql.service -Wants=network-online.target [Container] Image=codeberg.org/forgejo/forgejo:13 diff --git a/beeper/etc/containers/systemd/i2pd/i2pd.container b/beeper/etc/containers/systemd/i2pd/i2pd.container index 3a0cdbf..9ca77ac 100644 --- a/beeper/etc/containers/systemd/i2pd/i2pd.container +++ b/beeper/etc/containers/systemd/i2pd/i2pd.container @@ -1,7 +1,5 @@ [Unit] Description=I2PD Daemon -After=network-online.target -Wants=network-online.target [Container] Image=registry.hub.docker.com/justinhimself/i2pd:latest diff --git a/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container index 4658e9b..13199d1 100644 --- a/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container +++ b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container @@ -1,8 +1,7 @@ [Unit] Description=Iceshrimp.NET -Requires=network-online.target postgresql.service +Requires=postgresql.service After=postgresql.service -Wants=network-online.target [Container] Image=iceshrimp.dev/iceshrimp/iceshrimp.net:dev diff --git a/beeper/etc/containers/systemd/knot/knot.container b/beeper/etc/containers/systemd/knot/knot.container index ee6bef5..b2bdca3 100644 --- a/beeper/etc/containers/systemd/knot/knot.container +++ b/beeper/etc/containers/systemd/knot/knot.container @@ -1,7 +1,5 @@ [Unit] Description=Tangled Knot Server -After=network-online.target -Wants=network-online.target [Container] Image=ghcr.io/zenfyrdev/knot:latest diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container b/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container index 704e83d..39c24aa 100644 --- a/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container +++ b/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container @@ -1,7 +1,5 @@ [Unit] Description=Mastodon DarkHTTPD Static Server -After=network-online.target -Wants=network-online.target [Container] Image=registry.hub.docker.com/p3terx/darkhttpd diff --git a/beeper/etc/containers/systemd/mollysocket/mollysocket.container b/beeper/etc/containers/systemd/mollysocket/mollysocket.container index 60c6554..176bcc1 100644 --- a/beeper/etc/containers/systemd/mollysocket/mollysocket.container +++ b/beeper/etc/containers/systemd/mollysocket/mollysocket.container @@ -1,7 +1,5 @@ [Unit] Description=MollySocket -After=network-online.target -Wants=network-online.target [Container] Image=ghcr.io/mollyim/mollysocket:1.6-alpine diff --git a/beeper/etc/containers/systemd/pds/pds.container b/beeper/etc/containers/systemd/pds/pds.container index f0883dd..2ec444a 100644 --- a/beeper/etc/containers/systemd/pds/pds.container +++ b/beeper/etc/containers/systemd/pds/pds.container @@ -1,7 +1,5 @@ [Unit] Description=ATProto Personal Data Server -After=network-online.target -Wants=network-online.target [Container] Image=ghcr.io/bluesky-social/pds:latest diff --git a/beeper/etc/containers/systemd/redlib/redlib.container b/beeper/etc/containers/systemd/redlib/redlib.container index cc194fb..76394bf 100644 --- a/beeper/etc/containers/systemd/redlib/redlib.container +++ b/beeper/etc/containers/systemd/redlib/redlib.container @@ -1,7 +1,5 @@ [Unit] Description=Redlib -After=network-online.target -Wants=network-online.target [Container] Image=quay.io/redlib/redlib:latest diff --git a/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container b/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container index 7bf6087..92c1815 100644 --- a/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container +++ b/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container @@ -1,7 +1,5 @@ [Unit] Description=SafeTwitch Backend -After=network-online.target -Wants=network-online.target [Container] Image=codeberg.org/safetwitch/safetwitch-backend:latest diff --git a/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container b/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container index 2b4de43..a6e1da7 100644 --- a/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container +++ b/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container @@ -1,7 +1,6 @@ [Unit] Description=SafeTwitch Frontend -After=network-online.target safetwitch-backend.service -Wants=network-online.target +After=safetwitch-backend.service Requires=safetwitch-backend.service [Container] diff --git a/beeper/etc/containers/systemd/searxng/searxng.container b/beeper/etc/containers/systemd/searxng/searxng.container index 68a346b..49bdc7f 100644 --- a/beeper/etc/containers/systemd/searxng/searxng.container +++ b/beeper/etc/containers/systemd/searxng/searxng.container @@ -1,7 +1,6 @@ [Unit] Description=SearXNG -After=network-online.target searxng-dfdb.service -Wants=network-online.target +After=searxng-dfdb.service Requires=searxng-dfdb.service [Container] diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-activity.container b/beeper/etc/containers/systemd/sharkey/sharkey-activity.container index c9aba25..5905e09 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-activity.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-activity.container @@ -1,8 +1,7 @@ [Unit] Description=Sharkey's ActivityPub Federation service -After=postgresql.service sharkey-dfdb.service network-online.target +After=postgresql.service sharkey-dfdb.service Requires=postgresql.service sharkey-dfdb.service -Wants=network-online.target [Container] ContainerName=sharkey-activity diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-api.container b/beeper/etc/containers/systemd/sharkey/sharkey-api.container index a161876..5ee4df0 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-api.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-api.container @@ -1,8 +1,7 @@ [Unit] Description=Sharkey's API and Web service -After=postgresql.service sharkey-dfdb.service network-online.target +After=postgresql.service sharkey-dfdb.service Requires=postgresql.service sharkey-dfdb.service -Wants=network-online.target [Container] ContainerName=sharkey-api diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-media.container b/beeper/etc/containers/systemd/sharkey/sharkey-media.container index 40949f0..72a4b8a 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-media.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-media.container @@ -1,8 +1,7 @@ [Unit] Description=Sharkey's Media service -After=postgresql.service sharkey-dfdb.service network-online.target +After=postgresql.service sharkey-dfdb.service Requires=postgresql.service sharkey-dfdb.service -Wants=network-online.target [Container] ContainerName=sharkey-media @@ -25,4 +24,4 @@ Restart=always RestartSec=10s [Install] -WantedBy=default.target \ No newline at end of file +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-worker.container b/beeper/etc/containers/systemd/sharkey/sharkey-worker.container index 83f908c..ffa6d37 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-worker.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-worker.container @@ -1,8 +1,7 @@ [Unit] Description=Sharkey's Worker service -After=postgresql.service sharkey-dfdb.service network-online.target +After=postgresql.service sharkey-dfdb.service Requires=postgresql.service sharkey-dfdb.service -Wants=network-online.target [Container] ContainerName=sharkey-worker diff --git a/beeper/etc/containers/systemd/tor/tor.container b/beeper/etc/containers/systemd/tor/tor.container index c7927ec..beb09cf 100644 --- a/beeper/etc/containers/systemd/tor/tor.container +++ b/beeper/etc/containers/systemd/tor/tor.container @@ -1,7 +1,5 @@ [Unit] Description=Tor Daemon -After=network-online.target -Wants=network-online.target [Container] Image=docker.io/dockurr/tor diff --git a/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container b/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container index bd5f28c..9effe0a 100644 --- a/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container +++ b/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container @@ -1,7 +1,5 @@ [Unit] Description=Vaultwarden -After=network-online.target -Wants=network-online.target [Container] Image=vaultwarden/server:latest diff --git a/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container b/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container index 5dab345..6ec00ac 100644 --- a/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container +++ b/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container @@ -1,7 +1,5 @@ [Unit] Description=Yggdrasil Network Stack Daemon -After=network-online.target -Wants=network-online.target [Container] Image=ghcr.io/yggdrasil-network/yggstack:trunk From 09db5001e713b7a1aec262aad7e9cb47a98925ee Mon Sep 17 00:00:00 2001 From: zenfyr Date: Thu, 1 Jan 2026 23:25:31 +0700 Subject: [PATCH 09/22] network changes --- beeper/etc/containers/systemd/ask-js/ask-js.container | 1 + beeper/etc/containers/systemd/ask-js/ask-js.network | 2 ++ .../etc/containers/systemd/forgejo/forgejo-runner.container | 3 ++- beeper/etc/containers/systemd/forgejo/forgejo.container | 1 + beeper/etc/containers/systemd/forgejo/forgejo.network | 2 ++ beeper/etc/containers/systemd/iceshrimp/iceshrimp.container | 1 + beeper/etc/containers/systemd/iceshrimp/iceshrimp.network | 2 ++ beeper/etc/containers/systemd/mastodon/mastodon.network | 1 - beeper/etc/containers/systemd/postgresql/postgresql.network | 4 +++- beeper/etc/containers/systemd/searxng/searxng.network | 1 - .../etc/containers/systemd/sharkey/sharkey-activity.container | 2 +- beeper/etc/containers/systemd/sharkey/sharkey-api.container | 2 +- beeper/etc/containers/systemd/sharkey/sharkey-media.container | 2 +- .../etc/containers/systemd/sharkey/sharkey-worker.container | 2 +- beeper/etc/containers/systemd/sharkey/sharkey.network | 1 - 15 files changed, 18 insertions(+), 9 deletions(-) create mode 100644 beeper/etc/containers/systemd/ask-js/ask-js.network create mode 100644 beeper/etc/containers/systemd/forgejo/forgejo.network create mode 100644 beeper/etc/containers/systemd/iceshrimp/iceshrimp.network diff --git a/beeper/etc/containers/systemd/ask-js/ask-js.container b/beeper/etc/containers/systemd/ask-js/ask-js.container index cc0fe55..7749725 100644 --- a/beeper/etc/containers/systemd/ask-js/ask-js.container +++ b/beeper/etc/containers/systemd/ask-js/ask-js.container @@ -6,6 +6,7 @@ Requires=postgresql.service [Container] Image=ghcr.io/ihateblueb/ask-js:dev ContainerName=ask-js +Network=ask-js.network Network=postgresql.network PublishPort=127.0.0.1:20617:3579 Volume=/var/containers/ask-js/config.json:/app/config/config.json:ro,Z diff --git a/beeper/etc/containers/systemd/ask-js/ask-js.network b/beeper/etc/containers/systemd/ask-js/ask-js.network new file mode 100644 index 0000000..70cde7b --- /dev/null +++ b/beeper/etc/containers/systemd/ask-js/ask-js.network @@ -0,0 +1,2 @@ +[Network] +IPv6=true diff --git a/beeper/etc/containers/systemd/forgejo/forgejo-runner.container b/beeper/etc/containers/systemd/forgejo/forgejo-runner.container index f311c8a..8136a71 100644 --- a/beeper/etc/containers/systemd/forgejo/forgejo-runner.container +++ b/beeper/etc/containers/systemd/forgejo/forgejo-runner.container @@ -7,10 +7,11 @@ Requires=dind.service Image=data.forgejo.org/forgejo/runner:4.0.0 ContainerName=forgejo-runner EnvironmentFile=/var/containers/forgejo/.env.runner +Network=forgejo.network User=1001:1001 +Exec=/bin/sh -c "sleep 5; forgejo-runner daemon" Volume=/var/containers/forgejo/runner:/data:Z Volume=/var/run/dind/docker.sock:/var/run/docker.sock:z -Exec=/bin/sh -c "sleep 5; forgejo-runner daemon" [Service] Restart=always diff --git a/beeper/etc/containers/systemd/forgejo/forgejo.container b/beeper/etc/containers/systemd/forgejo/forgejo.container index 21879ac..746e89e 100644 --- a/beeper/etc/containers/systemd/forgejo/forgejo.container +++ b/beeper/etc/containers/systemd/forgejo/forgejo.container @@ -7,6 +7,7 @@ Requires=postgresql.service Image=codeberg.org/forgejo/forgejo:13 ContainerName=forgejo EnvironmentFile=/var/containers/forgejo/.env +Network=forgejo.network Network=postgresql.network PublishPort=127.0.0.1:41807:3000 PublishPort=10429:22 diff --git a/beeper/etc/containers/systemd/forgejo/forgejo.network b/beeper/etc/containers/systemd/forgejo/forgejo.network new file mode 100644 index 0000000..70cde7b --- /dev/null +++ b/beeper/etc/containers/systemd/forgejo/forgejo.network @@ -0,0 +1,2 @@ +[Network] +IPv6=true diff --git a/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container index 13199d1..c501457 100644 --- a/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container +++ b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container @@ -7,6 +7,7 @@ After=postgresql.service Image=iceshrimp.dev/iceshrimp/iceshrimp.net:dev ContainerName=iceshrimp Environment=ICESHRIMP_CONFIG_OVERRIDES=/app/config/configuration.ini +Network=iceshrimp.network Network=postgresql.network PublishPort=127.0.0.1:24042:24042 Volume=/var/containers/iceshrimp/data/media:/data/media:Z diff --git a/beeper/etc/containers/systemd/iceshrimp/iceshrimp.network b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.network new file mode 100644 index 0000000..70cde7b --- /dev/null +++ b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.network @@ -0,0 +1,2 @@ +[Network] +IPv6=true diff --git a/beeper/etc/containers/systemd/mastodon/mastodon.network b/beeper/etc/containers/systemd/mastodon/mastodon.network index b245ebd..70cde7b 100644 --- a/beeper/etc/containers/systemd/mastodon/mastodon.network +++ b/beeper/etc/containers/systemd/mastodon/mastodon.network @@ -1,3 +1,2 @@ [Network] -NetworkName=mastodon IPv6=true diff --git a/beeper/etc/containers/systemd/postgresql/postgresql.network b/beeper/etc/containers/systemd/postgresql/postgresql.network index e4d4ea8..62fd4f6 100644 --- a/beeper/etc/containers/systemd/postgresql/postgresql.network +++ b/beeper/etc/containers/systemd/postgresql/postgresql.network @@ -1,2 +1,4 @@ [Network] -NetworkName=postgresql \ No newline at end of file +NetworkName=postgresql +IPv6=true +Internal=true diff --git a/beeper/etc/containers/systemd/searxng/searxng.network b/beeper/etc/containers/systemd/searxng/searxng.network index ef28705..70cde7b 100644 --- a/beeper/etc/containers/systemd/searxng/searxng.network +++ b/beeper/etc/containers/systemd/searxng/searxng.network @@ -1,3 +1,2 @@ [Network] -NetworkName=searxng IPv6=true diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-activity.container b/beeper/etc/containers/systemd/sharkey/sharkey-activity.container index 5905e09..6f577a8 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-activity.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-activity.container @@ -12,8 +12,8 @@ Environment=MK_ONLY_SERVER=1 Environment=MK_DISABLE_CLUSTERING=1 Environment=MK_NO_DAEMONS=1 EnvironmentFile=/var/containers/sharkey/.env.secrets -Network=postgresql.network Network=sharkey.network +Network=postgresql.network PublishPort=127.0.0.1:47815:3002 Volume=/var/containers/sharkey/files:/sharkey/files:z Volume=/var/containers/sharkey/activity:/sharkey/.config:z diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-api.container b/beeper/etc/containers/systemd/sharkey/sharkey-api.container index 5ee4df0..7d7ccea 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-api.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-api.container @@ -11,8 +11,8 @@ Environment=MISSKEY_CONFIG_DIR=/sharkey/.config Environment=MK_ONLY_SERVER=1 Environment=MK_DISABLE_CLUSTERING=1 EnvironmentFile=/var/containers/sharkey/.env.secrets -Network=postgresql.network Network=sharkey.network +Network=postgresql.network PublishPort=127.0.0.1:60628:3001 Volume=/var/containers/sharkey/files:/sharkey/files:z Volume=/var/containers/sharkey/api:/sharkey/.config:z diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-media.container b/beeper/etc/containers/systemd/sharkey/sharkey-media.container index 72a4b8a..deb49f5 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-media.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-media.container @@ -12,8 +12,8 @@ Environment=MK_ONLY_SERVER=1 Environment=MK_DISABLE_CLUSTERING=1 Environment=MK_NO_DAEMONS=1 EnvironmentFile=/var/containers/sharkey/.env.secrets -Network=postgresql.network Network=sharkey.network +Network=postgresql.network PublishPort=127.0.0.1:57378:3003 Volume=/var/containers/sharkey/files:/sharkey/files:z Volume=/var/containers/sharkey/media:/sharkey/.config:z diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-worker.container b/beeper/etc/containers/systemd/sharkey/sharkey-worker.container index ffa6d37..74427f0 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-worker.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-worker.container @@ -10,8 +10,8 @@ Environment=MISSKEY_CONFIG_YML=*.yml Environment=MISSKEY_CONFIG_DIR=/sharkey/.config Environment=MK_ONLY_QUEUE=1 EnvironmentFile=/var/containers/sharkey/.env.secrets -Network=postgresql.network Network=sharkey.network +Network=postgresql.network Volume=/var/containers/sharkey/files:/sharkey/files:z Volume=/var/containers/sharkey/worker:/sharkey/.config:z Volume=/var/containers/sharkey/default.yml:/sharkey/.config/default.yml:ro,z diff --git a/beeper/etc/containers/systemd/sharkey/sharkey.network b/beeper/etc/containers/systemd/sharkey/sharkey.network index e8b6107..70cde7b 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey.network +++ b/beeper/etc/containers/systemd/sharkey/sharkey.network @@ -1,3 +1,2 @@ [Network] -NetworkName=sharkey IPv6=true From 03c11c49ceb2f4f1abf6101084c43865c36e8d2a Mon Sep 17 00:00:00 2001 From: zenfyr Date: Fri, 2 Jan 2026 00:15:05 +0700 Subject: [PATCH 10/22] rest of serrvices --- .../systemd/ejabberd/ejabberd.container | 30 ++++++++++++++++++ .../systemd/ejabberd/ejabberd.network | 2 ++ .../systemd/forgejo/forgejo.container | 3 +- .../systemd/freshrss/freshrss.container | 21 +++++++++++++ .../systemd/freshrss/freshrss.network | 2 ++ .../systemd/mailserver/mailserver.container | 31 +++++++++++++++++++ .../systemd/spindle/spindle.container | 18 +++++++++++ .../systemd/zitadel/zitadel.container | 20 ++++++++++++ .../systemd/zitadel/zitadel.network | 2 ++ 9 files changed, 127 insertions(+), 2 deletions(-) create mode 100644 beeper/etc/containers/systemd/ejabberd/ejabberd.container create mode 100644 beeper/etc/containers/systemd/ejabberd/ejabberd.network create mode 100644 beeper/etc/containers/systemd/freshrss/freshrss.container create mode 100644 beeper/etc/containers/systemd/freshrss/freshrss.network create mode 100644 beeper/etc/containers/systemd/mailserver/mailserver.container create mode 100644 beeper/etc/containers/systemd/spindle/spindle.container create mode 100644 beeper/etc/containers/systemd/zitadel/zitadel.container create mode 100644 beeper/etc/containers/systemd/zitadel/zitadel.network diff --git a/beeper/etc/containers/systemd/ejabberd/ejabberd.container b/beeper/etc/containers/systemd/ejabberd/ejabberd.container new file mode 100644 index 0000000..f0a4b87 --- /dev/null +++ b/beeper/etc/containers/systemd/ejabberd/ejabberd.container @@ -0,0 +1,30 @@ +[Unit] +Description=ejabberd +Requires=postgresql.service +After=postgresql.service + +[Container] +Image=ghcr.io/processone/ejabberd:latest +ContainerName=ejabberd +Environment=CTL_ON_START=registered_users synth.download ; status +EnvironmentFile=/var/containers/ejabberd/.env +Network=ejabberd.network +Network=postgresql.network +PublishPort=5222:5222 +PublishPort=5223:5223 +PublishPort=5269:5269 +PublishPort=5270:5270 +PublishPort=5280:5280 +PublishPort=5443:5443 +PublishPort=5478:5478 +Volume=/var/containers/ejabberd/ejabberd.yml:/opt/ejabberd/conf/ejabberd.yml:ro,Z +Volume=/var/containers/ejabberd/files:/opt/ejabberd/upload:Z +Volume=/var/containers/ejabberd/db:/opt/ejabberd/database:Z +Volume=/etc/certs:/etc/letsencrypt/live:ro,z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/ejabberd/ejabberd.network b/beeper/etc/containers/systemd/ejabberd/ejabberd.network new file mode 100644 index 0000000..70cde7b --- /dev/null +++ b/beeper/etc/containers/systemd/ejabberd/ejabberd.network @@ -0,0 +1,2 @@ +[Network] +IPv6=true diff --git a/beeper/etc/containers/systemd/forgejo/forgejo.container b/beeper/etc/containers/systemd/forgejo/forgejo.container index 746e89e..eb0cd1e 100644 --- a/beeper/etc/containers/systemd/forgejo/forgejo.container +++ b/beeper/etc/containers/systemd/forgejo/forgejo.container @@ -11,9 +11,8 @@ Network=forgejo.network Network=postgresql.network PublishPort=127.0.0.1:41807:3000 PublishPort=10429:22 +Timezone=local Volume=/var/containers/forgejo/forgejo:/data:Z -Volume=/etc/timezone:/etc/timezone:ro -Volume=/etc/localtime:/etc/localtime:ro [Service] Restart=always diff --git a/beeper/etc/containers/systemd/freshrss/freshrss.container b/beeper/etc/containers/systemd/freshrss/freshrss.container new file mode 100644 index 0000000..fd9505a --- /dev/null +++ b/beeper/etc/containers/systemd/freshrss/freshrss.container @@ -0,0 +1,21 @@ +[Unit] +Description=FreshRSS +Requires=postgresql.service +After=postgresql.service + +[Container] +Image=docker.io/freshrss/freshrss:latest +ContainerName=freshrss +EnvironmentFile=/var/containers/freshrss/.env.secrets +Network=freshrss.network +Network=postgresql.network +PublishPort=127.0.0.1:27819:80 +Volume=/var/containers/freshrss/data:/var/www/FreshRSS/data:Z +Volume=/var/containers/freshrss/extensions:/var/www/FreshRSS/extensions:Z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/freshrss/freshrss.network b/beeper/etc/containers/systemd/freshrss/freshrss.network new file mode 100644 index 0000000..70cde7b --- /dev/null +++ b/beeper/etc/containers/systemd/freshrss/freshrss.network @@ -0,0 +1,2 @@ +[Network] +IPv6=true diff --git a/beeper/etc/containers/systemd/mailserver/mailserver.container b/beeper/etc/containers/systemd/mailserver/mailserver.container new file mode 100644 index 0000000..4d308bd --- /dev/null +++ b/beeper/etc/containers/systemd/mailserver/mailserver.container @@ -0,0 +1,31 @@ +[Unit] +Description=mailserver + +[Container] +Image=ghcr.io/docker-mailserver/docker-mailserver:edge +ContainerName=mailserver +EnvironmentFile=/var/containers/mailserver/mailserver.env +AddCapability=NET_ADMIN +HealthCmd=ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1 +HealthInterval=10s +HealthTimeout=3s +HealthRetries=0 +HostName=mx1.synth.download +PublishPort=25:25 +PublishPort=143:143 +PublishPort=587:587 +PublishPort=993:993 +Timezone=local +Volume=/var/containers/mailserver/data:/var/mail:Z +Volume=/var/containers/mailserver/state:/var/mail-state:Z +Volume=/var/containers/mailserver/logs:/var/log/mail:Z +Volume=/var/containers/mailserver/config:/tmp/docker-mailserver:Z +Volume=/etc/certs/wildcard_.synth.download.crt:/etc/letsencrypt/live/synth.download/fullchain.pem:ro,z +Volume=/etc/certs/wildcard_.synth.download.key:/etc/letsencrypt/live/synth.download/privkey.pem:ro,z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/spindle/spindle.container b/beeper/etc/containers/systemd/spindle/spindle.container new file mode 100644 index 0000000..6e8376a --- /dev/null +++ b/beeper/etc/containers/systemd/spindle/spindle.container @@ -0,0 +1,18 @@ +[Unit] +Description=Tangled Spindle Server + +[Container] +Image=ghcr.io/zenfyrdev/spindle:latest +ContainerName=spindle +EnvironmentFile=/var/containers/spindle/.env +PublishPort=127.0.0.1:40653:6555 +Volume=/var/containers/spindle/server/logs:/var/log/spindle:Z +Volume=/var/containers/spindle/server:/app:Z +Volume=/var/run/dind/docker.sock:/var/run/docker.sock:z + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/zitadel/zitadel.container b/beeper/etc/containers/systemd/zitadel/zitadel.container new file mode 100644 index 0000000..1d5a657 --- /dev/null +++ b/beeper/etc/containers/systemd/zitadel/zitadel.container @@ -0,0 +1,20 @@ +[Unit] +Description=Zitadel +Requires=postgresql.service +After=postgresql.service + +[Container] +Image=ghcr.io/zitadel/zitadel:latest +ContainerName=zitadel +EnvironmentFile=/var/containers/zitadel/.env +Network=zitadel.network +Network=postgresql.network +PublishPort=127.0.0.1:19241:8080 +Exec=start-from-init --masterkeyFromEnv --tlsMode external + +[Service] +Restart=always +RestartSec=10s + +[Install] +WantedBy=default.target diff --git a/beeper/etc/containers/systemd/zitadel/zitadel.network b/beeper/etc/containers/systemd/zitadel/zitadel.network new file mode 100644 index 0000000..70cde7b --- /dev/null +++ b/beeper/etc/containers/systemd/zitadel/zitadel.network @@ -0,0 +1,2 @@ +[Network] +IPv6=true From 3d243ec7913325a3d9d189f6b7f6e3cb6bdfcd6f Mon Sep 17 00:00:00 2001 From: zenfyr Date: Fri, 2 Jan 2026 04:25:07 +0700 Subject: [PATCH 11/22] move pds to a volume --- beeper/etc/containers/systemd/pds/pds.container | 2 +- beeper/etc/containers/systemd/pds/pds.volume | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 beeper/etc/containers/systemd/pds/pds.volume diff --git a/beeper/etc/containers/systemd/pds/pds.container b/beeper/etc/containers/systemd/pds/pds.container index 2ec444a..3bc7016 100644 --- a/beeper/etc/containers/systemd/pds/pds.container +++ b/beeper/etc/containers/systemd/pds/pds.container @@ -7,7 +7,7 @@ ContainerName=pds EnvironmentFile=/var/containers/pds/.env.secrets EnvironmentFile=/var/containers/pds/.env PublishPort=127.0.0.1:24318:3000 -Volume=/var/containers/pds/pds:/pds:Z +Volume=pds.volume:/pds [Service] Restart=always diff --git a/beeper/etc/containers/systemd/pds/pds.volume b/beeper/etc/containers/systemd/pds/pds.volume new file mode 100644 index 0000000..bb4286a --- /dev/null +++ b/beeper/etc/containers/systemd/pds/pds.volume @@ -0,0 +1,2 @@ +[Volume] +VolumeName=pds From 6cf7e7f1d7b9eb172c350fbf23e1973a53e569ef Mon Sep 17 00:00:00 2001 From: zenfyr Date: Fri, 2 Jan 2026 04:38:40 +0700 Subject: [PATCH 12/22] move .env to /etc/containers/systemd --- beeper/etc/containers/systemd/aode/aode-relay.container | 4 ++-- beeper/etc/containers/systemd/ejabberd/ejabberd.container | 2 +- .../etc/containers/systemd/forgejo/forgejo-runner.container | 2 +- beeper/etc/containers/systemd/forgejo/forgejo.container | 2 +- beeper/etc/containers/systemd/freshrss/freshrss.container | 2 +- beeper/etc/containers/systemd/knot/knot.container | 2 +- beeper/etc/containers/systemd/mailserver/mailserver.container | 2 +- .../containers/systemd/mastodon/mastodon-ingress.container | 4 ++-- .../containers/systemd/mastodon/mastodon-sidekiq.container | 4 ++-- .../containers/systemd/mastodon/mastodon-streaming.container | 4 ++-- beeper/etc/containers/systemd/mastodon/mastodon-web.container | 4 ++-- .../etc/containers/systemd/mollysocket/mollysocket.container | 4 ++-- beeper/etc/containers/systemd/pds/pds.container | 4 ++-- beeper/etc/containers/systemd/postgresql/postgresql.container | 2 +- beeper/etc/containers/systemd/redlib/redlib.container | 2 +- .../etc/containers/systemd/sharkey/sharkey-activity.container | 2 +- beeper/etc/containers/systemd/sharkey/sharkey-api.container | 2 +- beeper/etc/containers/systemd/sharkey/sharkey-media.container | 2 +- .../etc/containers/systemd/sharkey/sharkey-worker.container | 2 +- beeper/etc/containers/systemd/spindle/spindle.container | 2 +- .../etc/containers/systemd/vaultwarden/vaultwarden.container | 2 +- beeper/etc/containers/systemd/xpost/xpost-zenfyr.container | 2 +- beeper/etc/containers/systemd/zitadel/zitadel.container | 2 +- 23 files changed, 30 insertions(+), 30 deletions(-) diff --git a/beeper/etc/containers/systemd/aode/aode-relay.container b/beeper/etc/containers/systemd/aode/aode-relay.container index b5ff31f..7ef2dbe 100644 --- a/beeper/etc/containers/systemd/aode/aode-relay.container +++ b/beeper/etc/containers/systemd/aode/aode-relay.container @@ -4,8 +4,8 @@ Description=Aode ActivityPub Relay [Container] Image=registry.hub.docker.com/asonix/relay:latest ContainerName=aode-relay -EnvironmentFile=/var/containers/aode/.env.secrets -EnvironmentFile=/var/containers/aode/.env +EnvironmentFile=/etc/containers/systemd/aode/.env.secrets +EnvironmentFile=/etc/containers/systemd/aode/.env PublishPort=127.0.0.1:19438:8080 Volume=/var/containers/aode/relay:/db:Z diff --git a/beeper/etc/containers/systemd/ejabberd/ejabberd.container b/beeper/etc/containers/systemd/ejabberd/ejabberd.container index f0a4b87..4a4553e 100644 --- a/beeper/etc/containers/systemd/ejabberd/ejabberd.container +++ b/beeper/etc/containers/systemd/ejabberd/ejabberd.container @@ -7,7 +7,7 @@ After=postgresql.service Image=ghcr.io/processone/ejabberd:latest ContainerName=ejabberd Environment=CTL_ON_START=registered_users synth.download ; status -EnvironmentFile=/var/containers/ejabberd/.env +EnvironmentFile=/etc/containers/systemd/ejabberd/.env Network=ejabberd.network Network=postgresql.network PublishPort=5222:5222 diff --git a/beeper/etc/containers/systemd/forgejo/forgejo-runner.container b/beeper/etc/containers/systemd/forgejo/forgejo-runner.container index 8136a71..9b3ea37 100644 --- a/beeper/etc/containers/systemd/forgejo/forgejo-runner.container +++ b/beeper/etc/containers/systemd/forgejo/forgejo-runner.container @@ -6,7 +6,7 @@ Requires=dind.service [Container] Image=data.forgejo.org/forgejo/runner:4.0.0 ContainerName=forgejo-runner -EnvironmentFile=/var/containers/forgejo/.env.runner +EnvironmentFile=/etc/containers/systemd/forgejo/.env.runner Network=forgejo.network User=1001:1001 Exec=/bin/sh -c "sleep 5; forgejo-runner daemon" diff --git a/beeper/etc/containers/systemd/forgejo/forgejo.container b/beeper/etc/containers/systemd/forgejo/forgejo.container index eb0cd1e..dd4c760 100644 --- a/beeper/etc/containers/systemd/forgejo/forgejo.container +++ b/beeper/etc/containers/systemd/forgejo/forgejo.container @@ -6,7 +6,7 @@ Requires=postgresql.service [Container] Image=codeberg.org/forgejo/forgejo:13 ContainerName=forgejo -EnvironmentFile=/var/containers/forgejo/.env +EnvironmentFile=/etc/containers/systemd/forgejo/.env Network=forgejo.network Network=postgresql.network PublishPort=127.0.0.1:41807:3000 diff --git a/beeper/etc/containers/systemd/freshrss/freshrss.container b/beeper/etc/containers/systemd/freshrss/freshrss.container index fd9505a..c07efdf 100644 --- a/beeper/etc/containers/systemd/freshrss/freshrss.container +++ b/beeper/etc/containers/systemd/freshrss/freshrss.container @@ -6,7 +6,7 @@ After=postgresql.service [Container] Image=docker.io/freshrss/freshrss:latest ContainerName=freshrss -EnvironmentFile=/var/containers/freshrss/.env.secrets +EnvironmentFile=/etc/containers/systemd/freshrss/.env.secrets Network=freshrss.network Network=postgresql.network PublishPort=127.0.0.1:27819:80 diff --git a/beeper/etc/containers/systemd/knot/knot.container b/beeper/etc/containers/systemd/knot/knot.container index b2bdca3..b9a62a4 100644 --- a/beeper/etc/containers/systemd/knot/knot.container +++ b/beeper/etc/containers/systemd/knot/knot.container @@ -4,7 +4,7 @@ Description=Tangled Knot Server [Container] Image=ghcr.io/zenfyrdev/knot:latest ContainerName=knot -EnvironmentFile=/var/containers/knot/.env +EnvironmentFile=/etc/containers/systemd/knot/.env PublishPort=127.0.0.1:44131:5555 PublishPort=20564:22 Volume=/var/containers/knot/keys:/etc/ssh/keys:Z diff --git a/beeper/etc/containers/systemd/mailserver/mailserver.container b/beeper/etc/containers/systemd/mailserver/mailserver.container index 4d308bd..026ffa6 100644 --- a/beeper/etc/containers/systemd/mailserver/mailserver.container +++ b/beeper/etc/containers/systemd/mailserver/mailserver.container @@ -4,7 +4,7 @@ Description=mailserver [Container] Image=ghcr.io/docker-mailserver/docker-mailserver:edge ContainerName=mailserver -EnvironmentFile=/var/containers/mailserver/mailserver.env +EnvironmentFile=/etc/containers/systemd/mailserver/mailserver.env AddCapability=NET_ADMIN HealthCmd=ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1 HealthInterval=10s diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-ingress.container b/beeper/etc/containers/systemd/mastodon/mastodon-ingress.container index ff84931..d0b81e5 100644 --- a/beeper/etc/containers/systemd/mastodon/mastodon-ingress.container +++ b/beeper/etc/containers/systemd/mastodon/mastodon-ingress.container @@ -6,8 +6,8 @@ After=postgresql.service mastodon-dfdb.service [Container] Image=ghcr.io/synth-download/mastodon-ingress:nightly ContainerName=mastodon-ingress -EnvironmentFile=/var/containers/mastodon/.env.secrets -EnvironmentFile=/var/containers/mastodon/.env +EnvironmentFile=/etc/containers/systemd/mastodon/.env.secrets +EnvironmentFile=/etc/containers/systemd/mastodon/.env Network=mastodon.network Network=postgresql.network diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-sidekiq.container b/beeper/etc/containers/systemd/mastodon/mastodon-sidekiq.container index cf3efb2..09fcb4f 100644 --- a/beeper/etc/containers/systemd/mastodon/mastodon-sidekiq.container +++ b/beeper/etc/containers/systemd/mastodon/mastodon-sidekiq.container @@ -6,8 +6,8 @@ After=postgresql.service mastodon-dfdb.service [Container] Image=ghcr.io/synth-download/mastodon:nightly ContainerName=mastodon-sidekiq -EnvironmentFile=/var/containers/mastodon/.env.secrets -EnvironmentFile=/var/containers/mastodon/.env +EnvironmentFile=/etc/containers/systemd/mastodon/.env.secrets +EnvironmentFile=/etc/containers/systemd/mastodon/.env Exec=bundle exec sidekiq HealthCmd=ps aux | grep '[s]idekiq 7' || false Network=mastodon.network diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-streaming.container b/beeper/etc/containers/systemd/mastodon/mastodon-streaming.container index a7be589..50a9b95 100644 --- a/beeper/etc/containers/systemd/mastodon/mastodon-streaming.container +++ b/beeper/etc/containers/systemd/mastodon/mastodon-streaming.container @@ -6,8 +6,8 @@ After=postgresql.service mastodon-dfdb.service [Container] Image=ghcr.io/synth-download/mastodon-streaming:nightly ContainerName=mastodon-streaming -EnvironmentFile=/var/containers/mastodon/.env.secrets -EnvironmentFile=/var/containers/mastodon/.env +EnvironmentFile=/etc/containers/systemd/mastodon/.env.secrets +EnvironmentFile=/etc/containers/systemd/mastodon/.env Exec=node ./streaming/index.js HealthCmd=curl -s --noproxy localhost localhost:4000/api/v1/streaming/health | grep -q 'OK' || exit 1 Network=mastodon.network diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-web.container b/beeper/etc/containers/systemd/mastodon/mastodon-web.container index 7a48881..a77598b 100644 --- a/beeper/etc/containers/systemd/mastodon/mastodon-web.container +++ b/beeper/etc/containers/systemd/mastodon/mastodon-web.container @@ -6,8 +6,8 @@ After=postgresql.service mastodon-dfdb.service [Container] Image=ghcr.io/synth-download/mastodon:nightly ContainerName=mastodon-web -EnvironmentFile=/var/containers/mastodon/.env.secrets -EnvironmentFile=/var/containers/mastodon/.env +EnvironmentFile=/etc/containers/systemd/mastodon/.env.secrets +EnvironmentFile=/etc/containers/systemd/mastodon/.env Exec=bundle exec puma -C config/puma.rb HealthCmd=curl -s --noproxy localhost localhost:3000/health | grep -q 'OK' || exit 1 Network=mastodon.network diff --git a/beeper/etc/containers/systemd/mollysocket/mollysocket.container b/beeper/etc/containers/systemd/mollysocket/mollysocket.container index 176bcc1..b25260d 100644 --- a/beeper/etc/containers/systemd/mollysocket/mollysocket.container +++ b/beeper/etc/containers/systemd/mollysocket/mollysocket.container @@ -4,8 +4,8 @@ Description=MollySocket [Container] Image=ghcr.io/mollyim/mollysocket:1.6-alpine ContainerName=mollysocket -EnvironmentFile=/var/containers/mollysocket/.env.secrets -EnvironmentFile=/var/containers/mollysocket/.env +EnvironmentFile=/etc/containers/systemd/mollysocket/.env.secrets +EnvironmentFile=/etc/containers/systemd/mollysocket/.env Exec=server PublishPort=127.0.0.1:19236:19236 Volume=/var/containers/mollysocket/data:/data:Z diff --git a/beeper/etc/containers/systemd/pds/pds.container b/beeper/etc/containers/systemd/pds/pds.container index 3bc7016..166720a 100644 --- a/beeper/etc/containers/systemd/pds/pds.container +++ b/beeper/etc/containers/systemd/pds/pds.container @@ -4,8 +4,8 @@ Description=ATProto Personal Data Server [Container] Image=ghcr.io/bluesky-social/pds:latest ContainerName=pds -EnvironmentFile=/var/containers/pds/.env.secrets -EnvironmentFile=/var/containers/pds/.env +EnvironmentFile=/etc/containers/systemd/pds/.env.secrets +EnvironmentFile=/etc/containers/systemd/pds/.env PublishPort=127.0.0.1:24318:3000 Volume=pds.volume:/pds diff --git a/beeper/etc/containers/systemd/postgresql/postgresql.container b/beeper/etc/containers/systemd/postgresql/postgresql.container index 066c8f7..31c2aa4 100644 --- a/beeper/etc/containers/systemd/postgresql/postgresql.container +++ b/beeper/etc/containers/systemd/postgresql/postgresql.container @@ -4,7 +4,7 @@ Description=PostgreSQL Database [Container] Image=registry.hub.docker.com/groonga/pgroonga:latest-alpine-18 ContainerName=postgresql -EnvironmentFile=/var/containers/postgresql/.env +EnvironmentFile=/etc/containers/systemd/postgresql/.env Network=postgresql.network HealthCmd=pg_isready -U postgres -d postgres HealthInterval=40s diff --git a/beeper/etc/containers/systemd/redlib/redlib.container b/beeper/etc/containers/systemd/redlib/redlib.container index 76394bf..d9c3516 100644 --- a/beeper/etc/containers/systemd/redlib/redlib.container +++ b/beeper/etc/containers/systemd/redlib/redlib.container @@ -4,7 +4,7 @@ Description=Redlib [Container] Image=quay.io/redlib/redlib:latest ContainerName=redlib -EnvironmentFile=/var/containers/redlib/.env +EnvironmentFile=/etc/containers/systemd/redlib/.env HealthCmd=wget --spider -q --tries=1 http://localhost:8080/settings HealthInterval=5m HealthTimeout=3s diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-activity.container b/beeper/etc/containers/systemd/sharkey/sharkey-activity.container index 6f577a8..54e8fe9 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-activity.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-activity.container @@ -11,7 +11,7 @@ Environment=MISSKEY_CONFIG_DIR=/sharkey/.config Environment=MK_ONLY_SERVER=1 Environment=MK_DISABLE_CLUSTERING=1 Environment=MK_NO_DAEMONS=1 -EnvironmentFile=/var/containers/sharkey/.env.secrets +EnvironmentFile=/etc/containers/systemd/sharkey/.env.secrets Network=sharkey.network Network=postgresql.network PublishPort=127.0.0.1:47815:3002 diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-api.container b/beeper/etc/containers/systemd/sharkey/sharkey-api.container index 7d7ccea..ec3c4bd 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-api.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-api.container @@ -10,7 +10,7 @@ Environment=MISSKEY_CONFIG_YML=*.yml Environment=MISSKEY_CONFIG_DIR=/sharkey/.config Environment=MK_ONLY_SERVER=1 Environment=MK_DISABLE_CLUSTERING=1 -EnvironmentFile=/var/containers/sharkey/.env.secrets +EnvironmentFile=/etc/containers/systemd/sharkey/.env.secrets Network=sharkey.network Network=postgresql.network PublishPort=127.0.0.1:60628:3001 diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-media.container b/beeper/etc/containers/systemd/sharkey/sharkey-media.container index deb49f5..fac7232 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-media.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-media.container @@ -11,7 +11,7 @@ Environment=MISSKEY_CONFIG_DIR=/sharkey/.config Environment=MK_ONLY_SERVER=1 Environment=MK_DISABLE_CLUSTERING=1 Environment=MK_NO_DAEMONS=1 -EnvironmentFile=/var/containers/sharkey/.env.secrets +EnvironmentFile=/etc/containers/systemd/sharkey/.env.secrets Network=sharkey.network Network=postgresql.network PublishPort=127.0.0.1:57378:3003 diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-worker.container b/beeper/etc/containers/systemd/sharkey/sharkey-worker.container index 74427f0..f9e90e6 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-worker.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-worker.container @@ -9,7 +9,7 @@ Image=registry.activitypub.software/transfem-org/sharkey:develop Environment=MISSKEY_CONFIG_YML=*.yml Environment=MISSKEY_CONFIG_DIR=/sharkey/.config Environment=MK_ONLY_QUEUE=1 -EnvironmentFile=/var/containers/sharkey/.env.secrets +EnvironmentFile=/etc/containers/systemd/sharkey/.env.secrets Network=sharkey.network Network=postgresql.network Volume=/var/containers/sharkey/files:/sharkey/files:z diff --git a/beeper/etc/containers/systemd/spindle/spindle.container b/beeper/etc/containers/systemd/spindle/spindle.container index 6e8376a..5a92bce 100644 --- a/beeper/etc/containers/systemd/spindle/spindle.container +++ b/beeper/etc/containers/systemd/spindle/spindle.container @@ -4,7 +4,7 @@ Description=Tangled Spindle Server [Container] Image=ghcr.io/zenfyrdev/spindle:latest ContainerName=spindle -EnvironmentFile=/var/containers/spindle/.env +EnvironmentFile=/etc/containers/systemd/spindle/.env PublishPort=127.0.0.1:40653:6555 Volume=/var/containers/spindle/server/logs:/var/log/spindle:Z Volume=/var/containers/spindle/server:/app:Z diff --git a/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container b/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container index 9effe0a..3e79931 100644 --- a/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container +++ b/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container @@ -4,7 +4,7 @@ Description=Vaultwarden [Container] Image=vaultwarden/server:latest ContainerName=vaultwarden -EnvironmentFile=/var/containers/vaultwarden/.env +EnvironmentFile=/etc/containers/systemd/vaultwarden/.env PublishPort=127.0.0.1:60838:80 Volume=/var/containers/vaultwarden/data:/data:Z diff --git a/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container b/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container index 3e94994..2ac37c9 100644 --- a/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container +++ b/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container @@ -3,7 +3,7 @@ Description=zenfyr's XPost [Container] Image=ghcr.io/zenfyrdev/xpost:latest -EnvironmentFile=/var/containers/zenfyr-xpost/.env +EnvironmentFile=/etc/containers/systemd/zenfyr-xpost/.env Volume=/var/containers/zenfyr-xpost/data:/app/data:Z,U [Service] diff --git a/beeper/etc/containers/systemd/zitadel/zitadel.container b/beeper/etc/containers/systemd/zitadel/zitadel.container index 1d5a657..a3c8073 100644 --- a/beeper/etc/containers/systemd/zitadel/zitadel.container +++ b/beeper/etc/containers/systemd/zitadel/zitadel.container @@ -6,7 +6,7 @@ After=postgresql.service [Container] Image=ghcr.io/zitadel/zitadel:latest ContainerName=zitadel -EnvironmentFile=/var/containers/zitadel/.env +EnvironmentFile=/etc/containers/systemd/zitadel/.env Network=zitadel.network Network=postgresql.network PublishPort=127.0.0.1:19241:8080 From d51ae61ea7a69287a527e69493373cffcfa72a0d Mon Sep 17 00:00:00 2001 From: zenfyr Date: Fri, 2 Jan 2026 05:03:40 +0700 Subject: [PATCH 13/22] use common path names --- beeper/etc/containers/systemd/aode/aode-relay.container | 2 +- beeper/etc/containers/systemd/ask-js/ask-js.container | 2 +- beeper/etc/containers/systemd/caddy/caddy.container | 4 ++-- beeper/etc/containers/systemd/copyparty/copyparty.container | 2 +- beeper/etc/containers/systemd/ejabberd/ejabberd.container | 4 ++-- .../etc/containers/systemd/forgejo/forgejo-runner.container | 2 +- beeper/etc/containers/systemd/forgejo/forgejo.container | 2 +- beeper/etc/containers/systemd/knot/knot.container | 2 +- beeper/etc/containers/systemd/mailserver/mailserver.container | 3 ++- .../etc/containers/systemd/mastodon/mastodon-dfdb.container | 2 +- beeper/etc/containers/systemd/pds/pds.container | 2 +- beeper/etc/containers/systemd/pds/pds.volume | 2 -- beeper/etc/containers/systemd/postgresql/postgresql.container | 2 +- beeper/etc/containers/systemd/searxng/searxng-dfdb.container | 2 +- beeper/etc/containers/systemd/searxng/searxng.container | 2 +- beeper/etc/containers/systemd/sharkey/sharkey-dfdb.container | 2 +- beeper/etc/containers/systemd/spindle/spindle.container | 4 ++-- beeper/etc/containers/systemd/xpost/xpost-zenfyr.container | 2 +- beeper/etc/containers/systemd/yggdrasil/yggdrasil.container | 2 +- 19 files changed, 22 insertions(+), 23 deletions(-) delete mode 100644 beeper/etc/containers/systemd/pds/pds.volume diff --git a/beeper/etc/containers/systemd/aode/aode-relay.container b/beeper/etc/containers/systemd/aode/aode-relay.container index 7ef2dbe..0403e25 100644 --- a/beeper/etc/containers/systemd/aode/aode-relay.container +++ b/beeper/etc/containers/systemd/aode/aode-relay.container @@ -7,7 +7,7 @@ ContainerName=aode-relay EnvironmentFile=/etc/containers/systemd/aode/.env.secrets EnvironmentFile=/etc/containers/systemd/aode/.env PublishPort=127.0.0.1:19438:8080 -Volume=/var/containers/aode/relay:/db:Z +Volume=/var/containers/aode/data:/db:Z [Service] Restart=always diff --git a/beeper/etc/containers/systemd/ask-js/ask-js.container b/beeper/etc/containers/systemd/ask-js/ask-js.container index 7749725..f1db162 100644 --- a/beeper/etc/containers/systemd/ask-js/ask-js.container +++ b/beeper/etc/containers/systemd/ask-js/ask-js.container @@ -9,7 +9,7 @@ ContainerName=ask-js Network=ask-js.network Network=postgresql.network PublishPort=127.0.0.1:20617:3579 -Volume=/var/containers/ask-js/config.json:/app/config/config.json:ro,Z +Volume=/var/containers/ask-js/config:/app/config:ro,Z [Service] Restart=always diff --git a/beeper/etc/containers/systemd/caddy/caddy.container b/beeper/etc/containers/systemd/caddy/caddy.container index 4dfa345..0257690 100644 --- a/beeper/etc/containers/systemd/caddy/caddy.container +++ b/beeper/etc/containers/systemd/caddy/caddy.container @@ -7,8 +7,8 @@ AddCapability=NET_ADMIN Image=ghcr.io/zenfyrdev/caddy:latest Network=host Volume=/etc/caddy:/etc/caddy:z -Volume=/var/containers/caddy/caddy_config:/config:z -Volume=/var/containers/caddy/caddy_data:/data:z +Volume=/var/containers/caddy/config:/config:z +Volume=/var/containers/caddy/data:/data:z Volume=/var/log/caddy:/var/log/caddy:z Volume=/var/www:/var/www:z diff --git a/beeper/etc/containers/systemd/copyparty/copyparty.container b/beeper/etc/containers/systemd/copyparty/copyparty.container index 566e9bc..d6ab036 100644 --- a/beeper/etc/containers/systemd/copyparty/copyparty.container +++ b/beeper/etc/containers/systemd/copyparty/copyparty.container @@ -12,7 +12,7 @@ HealthTimeout=2s HealthRetries=5 PublishPort=127.0.0.1:15084:3923 UserNS=keep-id:uid=1000,gid=1000 -Volume=/var/containers/copyparty/conf:/cfg:Z +Volume=/var/containers/copyparty/config:/cfg:Z Volume=/mnt/ext/copyparty:/w:z [Service] diff --git a/beeper/etc/containers/systemd/ejabberd/ejabberd.container b/beeper/etc/containers/systemd/ejabberd/ejabberd.container index 4a4553e..ebcd227 100644 --- a/beeper/etc/containers/systemd/ejabberd/ejabberd.container +++ b/beeper/etc/containers/systemd/ejabberd/ejabberd.container @@ -17,9 +17,9 @@ PublishPort=5270:5270 PublishPort=5280:5280 PublishPort=5443:5443 PublishPort=5478:5478 -Volume=/var/containers/ejabberd/ejabberd.yml:/opt/ejabberd/conf/ejabberd.yml:ro,Z +Volume=/var/containers/ejabberd/config:/opt/ejabberd/conf:ro,Z Volume=/var/containers/ejabberd/files:/opt/ejabberd/upload:Z -Volume=/var/containers/ejabberd/db:/opt/ejabberd/database:Z +Volume=/var/containers/ejabberd/database:/opt/ejabberd/database:Z Volume=/etc/certs:/etc/letsencrypt/live:ro,z [Service] diff --git a/beeper/etc/containers/systemd/forgejo/forgejo-runner.container b/beeper/etc/containers/systemd/forgejo/forgejo-runner.container index 9b3ea37..51b0b95 100644 --- a/beeper/etc/containers/systemd/forgejo/forgejo-runner.container +++ b/beeper/etc/containers/systemd/forgejo/forgejo-runner.container @@ -10,7 +10,7 @@ EnvironmentFile=/etc/containers/systemd/forgejo/.env.runner Network=forgejo.network User=1001:1001 Exec=/bin/sh -c "sleep 5; forgejo-runner daemon" -Volume=/var/containers/forgejo/runner:/data:Z +Volume=/var/containers/forgejo/runner/data:/data:Z Volume=/var/run/dind/docker.sock:/var/run/docker.sock:z [Service] diff --git a/beeper/etc/containers/systemd/forgejo/forgejo.container b/beeper/etc/containers/systemd/forgejo/forgejo.container index dd4c760..1c4aefc 100644 --- a/beeper/etc/containers/systemd/forgejo/forgejo.container +++ b/beeper/etc/containers/systemd/forgejo/forgejo.container @@ -12,7 +12,7 @@ Network=postgresql.network PublishPort=127.0.0.1:41807:3000 PublishPort=10429:22 Timezone=local -Volume=/var/containers/forgejo/forgejo:/data:Z +Volume=/var/containers/forgejo/data:/data:Z [Service] Restart=always diff --git a/beeper/etc/containers/systemd/knot/knot.container b/beeper/etc/containers/systemd/knot/knot.container index b9a62a4..9965224 100644 --- a/beeper/etc/containers/systemd/knot/knot.container +++ b/beeper/etc/containers/systemd/knot/knot.container @@ -9,7 +9,7 @@ PublishPort=127.0.0.1:44131:5555 PublishPort=20564:22 Volume=/var/containers/knot/keys:/etc/ssh/keys:Z Volume=/var/containers/knot/repositories:/home/git/repositories:Z -Volume=/var/containers/knot/server:/app:Z +Volume=/var/containers/knot/data:/app:Z [Service] Restart=always diff --git a/beeper/etc/containers/systemd/mailserver/mailserver.container b/beeper/etc/containers/systemd/mailserver/mailserver.container index 026ffa6..486d8c0 100644 --- a/beeper/etc/containers/systemd/mailserver/mailserver.container +++ b/beeper/etc/containers/systemd/mailserver/mailserver.container @@ -4,7 +4,8 @@ Description=mailserver [Container] Image=ghcr.io/docker-mailserver/docker-mailserver:edge ContainerName=mailserver -EnvironmentFile=/etc/containers/systemd/mailserver/mailserver.env +EnvironmentFile=/etc/containers/systemd/mailserver/.env.secrets +EnvironmentFile=/etc/containers/systemd/mailserver/.env AddCapability=NET_ADMIN HealthCmd=ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1 HealthInterval=10s diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-dfdb.container b/beeper/etc/containers/systemd/mastodon/mastodon-dfdb.container index d6dde0a..c42aba7 100644 --- a/beeper/etc/containers/systemd/mastodon/mastodon-dfdb.container +++ b/beeper/etc/containers/systemd/mastodon/mastodon-dfdb.container @@ -14,7 +14,7 @@ HealthCmd=redis-cli ping HealthInterval=5s HealthRetries=20 Network=mastodon.network -Volume=/var/containers/mastodon/dragonfly:/data:z +Volume=/var/containers/mastodon/dragonfly:/data:Z [Service] Restart=always diff --git a/beeper/etc/containers/systemd/pds/pds.container b/beeper/etc/containers/systemd/pds/pds.container index 166720a..0bada32 100644 --- a/beeper/etc/containers/systemd/pds/pds.container +++ b/beeper/etc/containers/systemd/pds/pds.container @@ -7,7 +7,7 @@ ContainerName=pds EnvironmentFile=/etc/containers/systemd/pds/.env.secrets EnvironmentFile=/etc/containers/systemd/pds/.env PublishPort=127.0.0.1:24318:3000 -Volume=pds.volume:/pds +Volume=/var/containers/pds/data:/pds:Z [Service] Restart=always diff --git a/beeper/etc/containers/systemd/pds/pds.volume b/beeper/etc/containers/systemd/pds/pds.volume deleted file mode 100644 index bb4286a..0000000 --- a/beeper/etc/containers/systemd/pds/pds.volume +++ /dev/null @@ -1,2 +0,0 @@ -[Volume] -VolumeName=pds diff --git a/beeper/etc/containers/systemd/postgresql/postgresql.container b/beeper/etc/containers/systemd/postgresql/postgresql.container index 31c2aa4..ce3733d 100644 --- a/beeper/etc/containers/systemd/postgresql/postgresql.container +++ b/beeper/etc/containers/systemd/postgresql/postgresql.container @@ -11,7 +11,7 @@ HealthInterval=40s HealthTimeout=3s HealthRetries=20 UserNS=keep-id:uid=999,gid=999 -Volume=/var/containers/postgresql/db:/var/lib/postgresql/data:Z +Volume=/var/containers/postgresql/data:/var/lib/postgresql/data:Z Volume=/var/containers/postgresql/exp:/mnt/exp:Z [Service] diff --git a/beeper/etc/containers/systemd/searxng/searxng-dfdb.container b/beeper/etc/containers/systemd/searxng/searxng-dfdb.container index a921b64..3680359 100644 --- a/beeper/etc/containers/systemd/searxng/searxng-dfdb.container +++ b/beeper/etc/containers/systemd/searxng/searxng-dfdb.container @@ -14,7 +14,7 @@ HealthCmd=redis-cli ping HealthInterval=5s HealthRetries=20 Network=searxng.network -Volume=/var/containers/searxng/dragonfly:/data:z +Volume=/var/containers/searxng/dragonfly:/data:Z [Service] Restart=always diff --git a/beeper/etc/containers/systemd/searxng/searxng.container b/beeper/etc/containers/systemd/searxng/searxng.container index 49bdc7f..ae6cfc4 100644 --- a/beeper/etc/containers/systemd/searxng/searxng.container +++ b/beeper/etc/containers/systemd/searxng/searxng.container @@ -8,7 +8,7 @@ Image=docker.io/searxng/searxng:latest ContainerName=searxng PublishPort=127.0.0.1:48898:8080 Network=searxng.network -Volume=/var/containers/searxng/searxng:/etc/searxng:Z +Volume=/var/containers/searxng/config:/etc/searxng:ro,Z Volume=searxng.volume:/var/cache/searxng [Service] diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-dfdb.container b/beeper/etc/containers/systemd/sharkey/sharkey-dfdb.container index 382fa48..1103462 100644 --- a/beeper/etc/containers/systemd/sharkey/sharkey-dfdb.container +++ b/beeper/etc/containers/systemd/sharkey/sharkey-dfdb.container @@ -11,7 +11,7 @@ Environment=DFLY_df_snapshot_format=false Environment=DFLY_dir=/data Image=docker.dragonflydb.io/dragonflydb/dragonfly Network=sharkey.network -Volume=/var/containers/sharkey/dfdb:/data:z +Volume=/var/containers/sharkey/dfdb:/data:Z [Service] Restart=always diff --git a/beeper/etc/containers/systemd/spindle/spindle.container b/beeper/etc/containers/systemd/spindle/spindle.container index 5a92bce..28fb601 100644 --- a/beeper/etc/containers/systemd/spindle/spindle.container +++ b/beeper/etc/containers/systemd/spindle/spindle.container @@ -6,8 +6,8 @@ Image=ghcr.io/zenfyrdev/spindle:latest ContainerName=spindle EnvironmentFile=/etc/containers/systemd/spindle/.env PublishPort=127.0.0.1:40653:6555 -Volume=/var/containers/spindle/server/logs:/var/log/spindle:Z -Volume=/var/containers/spindle/server:/app:Z +Volume=/var/containers/spindle/logs:/var/log/spindle:Z +Volume=/var/containers/spindle/data:/app:Z Volume=/var/run/dind/docker.sock:/var/run/docker.sock:z [Service] diff --git a/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container b/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container index 2ac37c9..465ba79 100644 --- a/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container +++ b/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container @@ -3,7 +3,7 @@ Description=zenfyr's XPost [Container] Image=ghcr.io/zenfyrdev/xpost:latest -EnvironmentFile=/etc/containers/systemd/zenfyr-xpost/.env +EnvironmentFile=/etc/containers/systemd/xpost/zenfyr.env Volume=/var/containers/zenfyr-xpost/data:/app/data:Z,U [Service] diff --git a/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container b/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container index 6ec00ac..43255ce 100644 --- a/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container +++ b/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container @@ -7,7 +7,7 @@ ContainerName=yggdrasil AutoUpdate=registry Exec=-useconffile /etc/yggdrasil/yggdrasil.conf -remote-tcp 22:22 -remote-tcp 80:80 -remote-udp 80:80 Network=host -Volume=/var/containers/yggdrasil:/etc/yggdrasil:ro,Z +Volume=/var/containers/yggdrasil/config:/etc/yggdrasil:ro,Z [Service] Restart=always From af02ad3f7d25375c6c38a5a2f262cc7185c5d053 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Fri, 2 Jan 2026 05:45:03 +0700 Subject: [PATCH 14/22] tag some stuff for auto-updates --- beeper/etc/containers/systemd/mollysocket/mollysocket.container | 1 + beeper/etc/containers/systemd/redlib/redlib.container | 1 + .../containers/systemd/safetwitch/safetwitch-backend.container | 1 + .../containers/systemd/safetwitch/safetwitch-frontend.container | 1 + beeper/etc/containers/systemd/searxng/searxng.container | 1 + 5 files changed, 5 insertions(+) diff --git a/beeper/etc/containers/systemd/mollysocket/mollysocket.container b/beeper/etc/containers/systemd/mollysocket/mollysocket.container index b25260d..9f08929 100644 --- a/beeper/etc/containers/systemd/mollysocket/mollysocket.container +++ b/beeper/etc/containers/systemd/mollysocket/mollysocket.container @@ -4,6 +4,7 @@ Description=MollySocket [Container] Image=ghcr.io/mollyim/mollysocket:1.6-alpine ContainerName=mollysocket +AutoUpdate=registry EnvironmentFile=/etc/containers/systemd/mollysocket/.env.secrets EnvironmentFile=/etc/containers/systemd/mollysocket/.env Exec=server diff --git a/beeper/etc/containers/systemd/redlib/redlib.container b/beeper/etc/containers/systemd/redlib/redlib.container index d9c3516..74e37c0 100644 --- a/beeper/etc/containers/systemd/redlib/redlib.container +++ b/beeper/etc/containers/systemd/redlib/redlib.container @@ -4,6 +4,7 @@ Description=Redlib [Container] Image=quay.io/redlib/redlib:latest ContainerName=redlib +AutoUpdate=registry EnvironmentFile=/etc/containers/systemd/redlib/.env HealthCmd=wget --spider -q --tries=1 http://localhost:8080/settings HealthInterval=5m diff --git a/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container b/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container index 92c1815..c9914d5 100644 --- a/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container +++ b/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container @@ -4,6 +4,7 @@ Description=SafeTwitch Backend [Container] Image=codeberg.org/safetwitch/safetwitch-backend:latest ContainerName=safetwitch-backend +AutoUpdate=registry Environment=PORT=7000 Environment=URL=https://b.twitch.synth.download PublishPort=127.0.0.1:43072:7000 diff --git a/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container b/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container index a6e1da7..122a1ab 100644 --- a/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container +++ b/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container @@ -6,6 +6,7 @@ Requires=safetwitch-backend.service [Container] Image=codeberg.org/safetwitch/safetwitch:latest ContainerName=safetwitch-frontend +AutoUpdate=registry Environment=SAFETWITCH_BACKEND_DOMAIN=b.twitch.synth.download Environment=SAFETWITCH_INSTANCE_DOMAIN=twitch.synth.download Environment=SAFETWITCH_HTTPS=true diff --git a/beeper/etc/containers/systemd/searxng/searxng.container b/beeper/etc/containers/systemd/searxng/searxng.container index ae6cfc4..afedd46 100644 --- a/beeper/etc/containers/systemd/searxng/searxng.container +++ b/beeper/etc/containers/systemd/searxng/searxng.container @@ -6,6 +6,7 @@ Requires=searxng-dfdb.service [Container] Image=docker.io/searxng/searxng:latest ContainerName=searxng +AutoUpdate=registry PublishPort=127.0.0.1:48898:8080 Network=searxng.network Volume=/var/containers/searxng/config:/etc/searxng:ro,Z From c8324f0922ef9b29322b7e17fa121e51241015f0 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Sat, 3 Jan 2026 21:59:18 +0700 Subject: [PATCH 15/22] use docker.io instead of full hostname --- beeper/etc/containers/systemd/aode/aode-relay.container | 2 +- beeper/etc/containers/systemd/copyparty/copyparty.container | 2 +- beeper/etc/containers/systemd/i2pd/i2pd.container | 2 +- .../containers/systemd/mastodon/mastodon-darkhttpd.container | 2 +- beeper/etc/containers/systemd/postgresql/postgresql.container | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/beeper/etc/containers/systemd/aode/aode-relay.container b/beeper/etc/containers/systemd/aode/aode-relay.container index 0403e25..4011dda 100644 --- a/beeper/etc/containers/systemd/aode/aode-relay.container +++ b/beeper/etc/containers/systemd/aode/aode-relay.container @@ -2,7 +2,7 @@ Description=Aode ActivityPub Relay [Container] -Image=registry.hub.docker.com/asonix/relay:latest +Image=docker.io/asonix/relay:latest ContainerName=aode-relay EnvironmentFile=/etc/containers/systemd/aode/.env.secrets EnvironmentFile=/etc/containers/systemd/aode/.env diff --git a/beeper/etc/containers/systemd/copyparty/copyparty.container b/beeper/etc/containers/systemd/copyparty/copyparty.container index d6ab036..7ec62bc 100644 --- a/beeper/etc/containers/systemd/copyparty/copyparty.container +++ b/beeper/etc/containers/systemd/copyparty/copyparty.container @@ -2,7 +2,7 @@ Description=copyparty [Container] -Image=registry.hub.docker.com/copyparty/ac:latest +Image=docker.io/copyparty/ac:latest ContainerName=copyparty Environment=LD_PRELOAD=/usr/lib/libmimalloc-secure.so Environment=PYTHONUNBUFFERED=1 diff --git a/beeper/etc/containers/systemd/i2pd/i2pd.container b/beeper/etc/containers/systemd/i2pd/i2pd.container index 9ca77ac..9de8f28 100644 --- a/beeper/etc/containers/systemd/i2pd/i2pd.container +++ b/beeper/etc/containers/systemd/i2pd/i2pd.container @@ -2,7 +2,7 @@ Description=I2PD Daemon [Container] -Image=registry.hub.docker.com/justinhimself/i2pd:latest +Image=docker.io/justinhimself/i2pd:latest ContainerName=i2pd AutoUpdate=registry Network=host diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container b/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container index 39c24aa..e5092be 100644 --- a/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container +++ b/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container @@ -2,7 +2,7 @@ Description=Mastodon DarkHTTPD Static Server [Container] -Image=registry.hub.docker.com/p3terx/darkhttpd +Image=docker.io/p3terx/darkhttpd ContainerName=mastodon-darkhttpd Exec=/mastodon/public/system PublishPort=127.0.0.1:42261:80 diff --git a/beeper/etc/containers/systemd/postgresql/postgresql.container b/beeper/etc/containers/systemd/postgresql/postgresql.container index ce3733d..c255a54 100644 --- a/beeper/etc/containers/systemd/postgresql/postgresql.container +++ b/beeper/etc/containers/systemd/postgresql/postgresql.container @@ -2,7 +2,7 @@ Description=PostgreSQL Database [Container] -Image=registry.hub.docker.com/groonga/pgroonga:latest-alpine-18 +Image=docker.io/groonga/pgroonga:latest-alpine-18 ContainerName=postgresql EnvironmentFile=/etc/containers/systemd/postgresql/.env Network=postgresql.network From c20ce4fd6c0d4ac17701acf3f1f8f825d121e26d Mon Sep 17 00:00:00 2001 From: zenfyr Date: Sun, 4 Jan 2026 01:01:59 +0700 Subject: [PATCH 16/22] switch to rootless podman --- .../etc/containers/systemd/dind/dind.container | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/beeper/etc/containers/systemd/dind/dind.container b/beeper/etc/containers/systemd/dind/dind.container index 5679316..228a642 100644 --- a/beeper/etc/containers/systemd/dind/dind.container +++ b/beeper/etc/containers/systemd/dind/dind.container @@ -1,19 +1,21 @@ [Unit] -Description=Docker-in-Podman +Description=Rootless Podman-in-Podman [Container] -Image=docker.io/library/docker:dind +Image=quay.io/podman/stable ContainerName=dind AutoUpdate=registry -Environment=DOCKER_HOST=unix:///var/run/docker.sock SecurityLabelDisable=true -PodmanArgs=--privileged --cgroupns=host -HealthCmd=docker info || exit 1 +Unmask=ALL +AddDevice=/dev/fuse +HealthCmd=podman info || exit 1 HealthInterval=5s HealthTimeout=3s HealthRetries=5 -Volume=dind.volume:/var/lib/docker:Z -Volume=/var/run/dind:/var/run:z +User=podman +Volume=dind.volume:/home/podman/.local/share/containers:Z +Volume=/var/run/dind:/var/run/1000:z +Exec=sh -c "podman system service --time=0 unix:///var/run/1000/docker.sock & PID=$!; while [ ! -S /var/run/1000/docker.sock ]; do sleep 0.1; kill -0 $PID 2>/dev/null || exit 1; done && chmod 0666 /var/run/1000/docker.sock && wait $PID" [Service] Restart=always From fcf424a8e9d1b8e3823ecfed7ee8edabddf5813b Mon Sep 17 00:00:00 2001 From: zenfyr Date: Sun, 4 Jan 2026 08:48:10 +0700 Subject: [PATCH 17/22] use official i2pd container --- beeper/etc/containers/systemd/i2pd/i2pd.container | 4 ++-- beeper/etc/containers/systemd/i2pd/i2pd.volume | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 beeper/etc/containers/systemd/i2pd/i2pd.volume diff --git a/beeper/etc/containers/systemd/i2pd/i2pd.container b/beeper/etc/containers/systemd/i2pd/i2pd.container index 9de8f28..2f1c88f 100644 --- a/beeper/etc/containers/systemd/i2pd/i2pd.container +++ b/beeper/etc/containers/systemd/i2pd/i2pd.container @@ -2,11 +2,11 @@ Description=I2PD Daemon [Container] -Image=docker.io/justinhimself/i2pd:latest +Image=ghcr.io/purplei2p/i2pd:latest ContainerName=i2pd AutoUpdate=registry Network=host -Volume=/var/containers/i2pd/data:/config:Z +Volume=i2pd.volume:/home/i2pd/data:Z,U [Service] Restart=always diff --git a/beeper/etc/containers/systemd/i2pd/i2pd.volume b/beeper/etc/containers/systemd/i2pd/i2pd.volume new file mode 100644 index 0000000..4fd6534 --- /dev/null +++ b/beeper/etc/containers/systemd/i2pd/i2pd.volume @@ -0,0 +1 @@ +[Volume] From d659f8aa06d28b172ec49b59147e33bbb7ec0db0 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Sun, 4 Jan 2026 13:34:30 +0700 Subject: [PATCH 18/22] keep everything on disk for consistensysysysye --- beeper/etc/containers/systemd/dind/dind.container | 2 +- beeper/etc/containers/systemd/dind/dind.volume | 2 -- beeper/etc/containers/systemd/i2pd/i2pd.container | 2 +- beeper/etc/containers/systemd/i2pd/i2pd.volume | 1 - beeper/etc/containers/systemd/searxng/searxng.container | 2 +- beeper/etc/containers/systemd/searxng/searxng.volume | 2 -- 6 files changed, 3 insertions(+), 8 deletions(-) delete mode 100644 beeper/etc/containers/systemd/dind/dind.volume delete mode 100644 beeper/etc/containers/systemd/i2pd/i2pd.volume delete mode 100644 beeper/etc/containers/systemd/searxng/searxng.volume diff --git a/beeper/etc/containers/systemd/dind/dind.container b/beeper/etc/containers/systemd/dind/dind.container index 228a642..a7dabfb 100644 --- a/beeper/etc/containers/systemd/dind/dind.container +++ b/beeper/etc/containers/systemd/dind/dind.container @@ -13,7 +13,7 @@ HealthInterval=5s HealthTimeout=3s HealthRetries=5 User=podman -Volume=dind.volume:/home/podman/.local/share/containers:Z +Volume=/var/containers/dind/data:/home/podman/.local/share/containers:Z Volume=/var/run/dind:/var/run/1000:z Exec=sh -c "podman system service --time=0 unix:///var/run/1000/docker.sock & PID=$!; while [ ! -S /var/run/1000/docker.sock ]; do sleep 0.1; kill -0 $PID 2>/dev/null || exit 1; done && chmod 0666 /var/run/1000/docker.sock && wait $PID" diff --git a/beeper/etc/containers/systemd/dind/dind.volume b/beeper/etc/containers/systemd/dind/dind.volume deleted file mode 100644 index 610a756..0000000 --- a/beeper/etc/containers/systemd/dind/dind.volume +++ /dev/null @@ -1,2 +0,0 @@ -[Volume] -VolumeName=dind diff --git a/beeper/etc/containers/systemd/i2pd/i2pd.container b/beeper/etc/containers/systemd/i2pd/i2pd.container index 2f1c88f..8194f82 100644 --- a/beeper/etc/containers/systemd/i2pd/i2pd.container +++ b/beeper/etc/containers/systemd/i2pd/i2pd.container @@ -6,7 +6,7 @@ Image=ghcr.io/purplei2p/i2pd:latest ContainerName=i2pd AutoUpdate=registry Network=host -Volume=i2pd.volume:/home/i2pd/data:Z,U +Volume=/var/containers/i2pd/data:/home/i2pd/data:Z,U [Service] Restart=always diff --git a/beeper/etc/containers/systemd/i2pd/i2pd.volume b/beeper/etc/containers/systemd/i2pd/i2pd.volume deleted file mode 100644 index 4fd6534..0000000 --- a/beeper/etc/containers/systemd/i2pd/i2pd.volume +++ /dev/null @@ -1 +0,0 @@ -[Volume] diff --git a/beeper/etc/containers/systemd/searxng/searxng.container b/beeper/etc/containers/systemd/searxng/searxng.container index afedd46..2f7395a 100644 --- a/beeper/etc/containers/systemd/searxng/searxng.container +++ b/beeper/etc/containers/systemd/searxng/searxng.container @@ -10,7 +10,7 @@ AutoUpdate=registry PublishPort=127.0.0.1:48898:8080 Network=searxng.network Volume=/var/containers/searxng/config:/etc/searxng:ro,Z -Volume=searxng.volume:/var/cache/searxng +Volume=/var/containers/searxng/cache:/var/cache/searxng [Service] Restart=always diff --git a/beeper/etc/containers/systemd/searxng/searxng.volume b/beeper/etc/containers/systemd/searxng/searxng.volume deleted file mode 100644 index 99b410b..0000000 --- a/beeper/etc/containers/systemd/searxng/searxng.volume +++ /dev/null @@ -1,2 +0,0 @@ -[Volume] -VolumeName=searxng From 46af32415926714c1b3ec22da08bfff3ab3d12c9 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Wed, 7 Jan 2026 01:36:15 +0700 Subject: [PATCH 19/22] add mastodon cleanup timer --- beeper/etc/systemd/system/mastodon-maintenance.service | 9 +++++++++ beeper/etc/systemd/system/mastodon-maintenance.timer | 9 +++++++++ 2 files changed, 18 insertions(+) create mode 100644 beeper/etc/systemd/system/mastodon-maintenance.service create mode 100644 beeper/etc/systemd/system/mastodon-maintenance.timer diff --git a/beeper/etc/systemd/system/mastodon-maintenance.service b/beeper/etc/systemd/system/mastodon-maintenance.service new file mode 100644 index 0000000..6a16c69 --- /dev/null +++ b/beeper/etc/systemd/system/mastodon-maintenance.service @@ -0,0 +1,9 @@ +[Unit] +Description=Mastodon Maintenance Service +Requires=mastodon-web.service + +[Service] +Type=oneshot +RemainAfterExit=no +ExecStart=/usr/bin/podman exec mastodon-web tootctl statuses remove --days 90 +ExecStart=/usr/bin/podman exec mastodon-web tootctl accounts cull diff --git a/beeper/etc/systemd/system/mastodon-maintenance.timer b/beeper/etc/systemd/system/mastodon-maintenance.timer new file mode 100644 index 0000000..2626c3f --- /dev/null +++ b/beeper/etc/systemd/system/mastodon-maintenance.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Mastodon monthly maintenance + +[Timer] +OnCalendar=monthly +Persistent=true + +[Install] +WantedBy=timers.target From 3c36cd8a57a90b2b0f29c397350c1796087b2ab1 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Wed, 7 Jan 2026 02:30:58 +0700 Subject: [PATCH 20/22] skip culling for now, as it's very expensive --- beeper/etc/systemd/system/mastodon-maintenance.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/beeper/etc/systemd/system/mastodon-maintenance.service b/beeper/etc/systemd/system/mastodon-maintenance.service index 6a16c69..092cfa5 100644 --- a/beeper/etc/systemd/system/mastodon-maintenance.service +++ b/beeper/etc/systemd/system/mastodon-maintenance.service @@ -6,4 +6,4 @@ Requires=mastodon-web.service Type=oneshot RemainAfterExit=no ExecStart=/usr/bin/podman exec mastodon-web tootctl statuses remove --days 90 -ExecStart=/usr/bin/podman exec mastodon-web tootctl accounts cull +#ExecStart=/usr/bin/podman exec mastodon-web tootctl accounts cull From bc2793e29c5310a958863efd1871d3df89109a59 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Fri, 9 Jan 2026 10:30:25 +0700 Subject: [PATCH 21/22] try zram params (stolen from archwiki) --- beeper/etc/sysctl.d/99-vm-zram-parameters.conf | 4 ++++ beeper/etc/systemd/zram-generator.conf | 3 +++ 2 files changed, 7 insertions(+) create mode 100644 beeper/etc/sysctl.d/99-vm-zram-parameters.conf create mode 100644 beeper/etc/systemd/zram-generator.conf diff --git a/beeper/etc/sysctl.d/99-vm-zram-parameters.conf b/beeper/etc/sysctl.d/99-vm-zram-parameters.conf new file mode 100644 index 0000000..0c63445 --- /dev/null +++ b/beeper/etc/sysctl.d/99-vm-zram-parameters.conf @@ -0,0 +1,4 @@ +vm.swappiness = 180 +vm.watermark_boost_factor = 0 +vm.watermark_scale_factor = 125 +vm.page-cluster = 0 \ No newline at end of file diff --git a/beeper/etc/systemd/zram-generator.conf b/beeper/etc/systemd/zram-generator.conf new file mode 100644 index 0000000..d5d553f --- /dev/null +++ b/beeper/etc/systemd/zram-generator.conf @@ -0,0 +1,3 @@ +[zram0] +zram-size = ram +compression-algorithm = zstd(level=3) From 7405c6adeaa459a0b8ced1c08409fd3e2132a512 Mon Sep 17 00:00:00 2001 From: zenfyr Date: Fri, 9 Jan 2026 23:04:30 +0700 Subject: [PATCH 22/22] Create resolved.conf --- beeper/etc/systemd/resolved.conf | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 beeper/etc/systemd/resolved.conf diff --git a/beeper/etc/systemd/resolved.conf b/beeper/etc/systemd/resolved.conf new file mode 100644 index 0000000..a18fcc0 --- /dev/null +++ b/beeper/etc/systemd/resolved.conf @@ -0,0 +1,5 @@ +[Resolve] +DNS=5.78.43.29#dns.vixen.computer 2a01:4ff:1f0:cebe::1#dns.vixen.computer +FallbackDNS=1.1.1.1#one.one.one.one 2606:4700:4700::1111#one.one.one.one +DNSOverTLS=yes +DNSSEC=allow-downgrade