diff --git a/files/safe-stop b/files/safe-stop index cf03145..0e9b24c 100644 --- a/files/safe-stop +++ b/files/safe-stop @@ -1,10 +1,16 @@ #!/bin/bash set -o errexit -o pipefail -o noclobber -o nounset -o errtrace -o functrace -users=(arr gitea homeassistant immich jdownloader kiwix komga navidrome nextcloud nginx pairdrop paperless pihole qbittorrent synapse wallabag) +users=(arr gitea homeassistant immich jdownloader kiwix komga navidrome nextcloud nginx overleaf pairdrop paperless pihole qbittorrent synapse wallabag) +pids=() for user in "${users[@]}"; do readarray -t units <<< "$(systemctl --user -M "${user}@" list-units | grep container | grep running | grep service | awk '{print $1}')" || true if [[ "${#units[@]}" -gt 0 && -n "${units[0]:-}" ]]; then - systemctl --user -M "${user}@" stop "${units[@]}" + echo "Stopping ${user} containers..." + systemctl --user -M "${user}@" stop "${units[@]}" & + pids+=($!) fi done +for pid in "${pids[@]}"; do + wait "${pid}" +done diff --git a/generate-config b/generate-config index 16b88a6..468e1c7 100755 --- a/generate-config +++ b/generate-config @@ -41,7 +41,7 @@ files_template=" files: - path: /var/lib/systemd/linger/__USER__ mode: 0644" -users=('arr' 'gitea' 'homeassistant' 'immich' 'jdownloader' 'kiwix' 'komga' 'navidrome' 'nextcloud' 'nginx' 'pairdrop' 'paperless' 'pihole' 'qbittorrent' 'synapse' 'tga' 'wallabag') +users=('arr' 'gitea' 'homeassistant' 'immich' 'jdownloader' 'kiwix' 'komga' 'navidrome' 'nextcloud' 'nginx' 'overleaf' 'pairdrop' 'paperless' 'pihole' 'qbittorrent' 'synapse' 'tga' 'wallabag') mkdir -p users for user in "${users[@]}"; do echo "Generating ${user}" diff --git a/home/overleaf/.secrets b/home/overleaf/.secrets new file mode 100644 index 0000000..499fb14 --- /dev/null +++ b/home/overleaf/.secrets @@ -0,0 +1,2 @@ +overleaf-redis-password=LGj37FMineZaiSN24ce2vTbCMtT6Axn4 +overleaf-session-secret=eM4MbtPCqrZ7h9quiEhWeRQVgEekazMm diff --git a/init/enable-all-quadlets b/init/enable-all-quadlets index bae4b18..7f217f2 100644 --- a/init/enable-all-quadlets +++ b/init/enable-all-quadlets @@ -6,7 +6,7 @@ setsebool -P openvpn_run_unconfined on semanage fcontext -a -t container_file_t "/mnt/nas(/.*)?" restorecon -vR /mnt/nas -users=("gitea" "homeassistant" "immich" "jdownloader" "kiwix" "komga" "navidrome" "nextcloud" "nginx" "pairdrop" "paperless" "pihole" "qbittorrent" "synapse" "wallabag") +users=("gitea" "homeassistant" "immich" "jdownloader" "kiwix" "komga" "navidrome" "nextcloud" "nginx" "overleaf" "pairdrop" "paperless" "pihole" "qbittorrent" "synapse" "wallabag") for user in "${users[@]}"; do chown -R "${user}:${user}" "/var/home/${user}" secrets_file="/var/home/${user}/.secrets" diff --git a/pi4.bu b/pi4.bu index 82cf19a..a7b78f2 100644 --- a/pi4.bu +++ b/pi4.bu @@ -13,6 +13,7 @@ ignition: - local: users/navidrome.ign - local: users/nextcloud.ign - local: users/nginx.ign + - local: users/overleaf.ign - local: users/pairdrop.ign - local: users/paperless.ign - local: users/pihole.ign diff --git a/quadlets/overleaf/overleaf-data.volume b/quadlets/overleaf/overleaf-data.volume new file mode 100644 index 0000000..78a2eeb --- /dev/null +++ b/quadlets/overleaf/overleaf-data.volume @@ -0,0 +1,2 @@ +[Volume] +VolumeName=overleaf-data diff --git a/quadlets/overleaf/overleaf-database.container b/quadlets/overleaf/overleaf-database.container new file mode 100644 index 0000000..cb6bdb5 --- /dev/null +++ b/quadlets/overleaf/overleaf-database.container @@ -0,0 +1,26 @@ +[Unit] +Description=Overleaf MongoDB container + +[Container] +AutoUpdate=registry +Command="--replSet overleaf" +ContainerName=overleaf-database +Environment=MONGO_INITDB_DATABASE=sharelatex +Environment=TZ=Europe/Zurich +HealthCheck="echo 'db.stats().ok' | mongosh localhost:27017/test --quiet" +HealthCheckInterval=10s +HealthCheckTimeout=10s +HealthCheckRetries=5 +Image=docker.io/mongo:8.0 +Label=io.containers.autoupdate=registry +Pod=overleaf.pod +StartWithPod=true +Timezone=Europe/Zurich +Volume=overleaf-database-data.volume:/data/db +Volume=/var/mnt/nas/containers/overleaf/storage/shared/mongodb-init-replica-set.js:/docker-entrypoint-initdb.d/mongodb-init-replica-set.js + +[Service] +Restart=always + +[Install] +WantedBy=default.target diff --git a/quadlets/overleaf/overleaf-redis-config.volume b/quadlets/overleaf/overleaf-redis-config.volume new file mode 100644 index 0000000..6f889eb --- /dev/null +++ b/quadlets/overleaf/overleaf-redis-config.volume @@ -0,0 +1,7 @@ +[Volume] +Copy=true +Device=/var/mnt/nas/containers/overleaf/storage/redis-config +Driver=local +Options=bind +Type=none +VolumeName=overleaf-redis-config diff --git a/quadlets/overleaf/overleaf-redis-data.volume b/quadlets/overleaf/overleaf-redis-data.volume new file mode 100644 index 0000000..88c75e3 --- /dev/null +++ b/quadlets/overleaf/overleaf-redis-data.volume @@ -0,0 +1,2 @@ +[Volume] +VolumeName=overleaf-redis-data diff --git a/quadlets/overleaf/overleaf-redis.container b/quadlets/overleaf/overleaf-redis.container new file mode 100644 index 0000000..931bca3 --- /dev/null +++ b/quadlets/overleaf/overleaf-redis.container @@ -0,0 +1,20 @@ +[Unit] +Description=Overleaf Redis container + +[Container] +AutoUpdate=registry +ContainerName=overleaf-redis +Environment=TZ=Europe/Zurich +Exec=/bin/sh -c 'redis-server --appendonly yes --requirepass $${REDIS_PASSWORD}' +Image=docker.io/redis:latest +Label=io.containers.autoupdate=registry +Pod=overleaf.pod +StartWithPod=true +Timezone=Europe/Zurich +Volume=overleaf-redis-data.volume:/data + +[Service] +Restart=always + +[Install] +WantedBy=default.target diff --git a/quadlets/overleaf/overleaf.container b/quadlets/overleaf/overleaf.container new file mode 100644 index 0000000..5408968 --- /dev/null +++ b/quadlets/overleaf/overleaf.container @@ -0,0 +1,44 @@ +[Unit] +Description=Overleaf container +After=overleaf-database.container +After=overleaf-redis.container +Requires=overleaf-database.container +Requires=overleaf-redis.container + +[Container] +AutoUpdate=registry +ContainerName=overleaf +Environment=EMAIL_CONFIRMATION_DISABLED=true +Environment=ENABLE_CONVERSIONS=true +Environment=ENABLED_LINKED_FILE_TYPES=project_file,project_output_file +Environment=OVERLEAF_ADMIN_EMAIL=guillaume@gtache.ch +Environment=OVERLEAF_ALLOW_ANONYMOUS_READ_AND_WRITE_SHARING=false +Environment=OVERLEAF_ALLOW_PUBLIC_ACCESS=false +Environment=OVERLEAF_APP_NAME=Overleaf Community Edition +Environment=OVERLEAF_DISABLE_LINK_SHARING=false +Environment=OVERLEAF_MONGO_URL=mongodb://overleaf-database/sharelatex +Environment=OVERLEAF_REDIS_HOST=overleaf-redis +Environment=OVERLEAF_REDIS_PORT=6379 +Environment=OVERLEAF_SITE_URL=overleaf.gtache.ch +Environment=OVERLEAF_TRUSTED_PROXY_IPS="192.168.0.0/16 172.16.0.0/12 169.254.0.0/16 10.0.0.0/8" +Environment=EMAIL_CONFIRMATION_DISABLED=true +Environment=ENABLE_CRON_RESOURCE_DELETION=true +Environment=MONGO_URL=mongodb://overleaf-database/sharelatex +Environment=REDIS_HOST=overleaf-redis +Environment=REDIS_PORT=6379 +Image=quay.io/sharelatex/sharelatex:latest +Label=io.containers.autoupdate=registry +Pod=overleaf.pod +Secret=overleaf-redis-password,type=env,target=OVERLEAF_REDIS_PASS +Secret=overleaf-session-secret,type=env,target=OVERLEAF_SESSION_SECRET +Secret=overleaf-redis-password,type=env,target=REDIS_PASSWORD +StartWithPod=true +StopTimeout=60 +Timezone=Europe/Zurich +Volume=overleaf-data.volume:/var/lib/overleaf + +[Service] +Restart=always + +[Install] +WantedBy=default.target diff --git a/quadlets/overleaf/overleaf.pod b/quadlets/overleaf/overleaf.pod new file mode 100644 index 0000000..05b86dd --- /dev/null +++ b/quadlets/overleaf/overleaf.pod @@ -0,0 +1,3 @@ +[Pod] +PodName=overleaf +PublishPort=9024:80