Initial Commit

author: RATDAD <lambda@disroot.org> 2025-12-17 19:53:38 -0500
committer: RATDAD <lambda@disroot.org> 2025-12-17 19:53:38 -0500
commit: a50e5d21b0430a734929bc17017cc8c394b25524 (patch)
tree: 8a61bac5b36ca8725f3fdf64d30073b081c7d643
download: rds-platform-a50e5d21b0430a734929bc17017cc8c394b25524.tar.gz
rds-platform-a50e5d21b0430a734929bc17017cc8c394b25524.tar.bz2
rds-platform-a50e5d21b0430a734929bc17017cc8c394b25524.zip
33 files changed, 491 insertions, 0 deletions
diff --git a/.bashrc b/.bashrc
new file mode 100644
index 0000000..06c3009
--- /dev/null
+++ b/.bashrc
@@ -0,0 +1,18 @@
+# .bashrc
+# Source global definitions
+[ -f /etc/bashrc ] && . /etc/bashrc
+
+# User-specific PATH
+case ":$PATH:" in
+  *":$HOME/.local/bin:"*|*":$HOME/bin:"*) ;;
+  *) PATH="$HOME/.local/bin:$HOME/bin:$PATH" ;;
+esac
+export PATH
+
+# Load modular bash configs
+if [ -d "$HOME/.bashrc.d" ]; then
+    for rc in "$HOME/.bashrc.d"/*.bashrc; do
+        [ -f "$rc" ] && . "$rc"
+    done
+fi
+unset rc
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..037df8f
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,11 @@
+# Ignore everything.
+*
+.*
+
+# Permissable files.
+!.gitignore
+!.bashrc
+!stacks/
+!stacks/**
+!ops/
+!ops/**
diff --git a/ops/.gitignore b/ops/.gitignore
new file mode 100644
index 0000000..838478f
--- /dev/null
+++ b/ops/.gitignore
@@ -0,0 +1 @@
+bashrc.d/secrets.sh
+\ No newline at end of file
diff --git a/ops/bashrc.d/00-env.sh b/ops/bashrc.d/00-env.sh
new file mode 100644
index 0000000..59de281
--- /dev/null
+++ b/ops/bashrc.d/00-env.sh
@@ -0,0 +1,5 @@
+# Environment Variables
+BASHCONF=$HOME/.bashrc
+RDNBASHCONF=$HOME/.bashrc.d/rdn.bashrc
+RDNHTTPCONF=$HOME/rdn/http/conf/Caddyfile
+RDNHTTPCOMP=$HOME/rdn/http/compose.yml
diff --git a/ops/bashrc.d/01-alias.sh b/ops/bashrc.d/01-alias.sh
new file mode 100644
index 0000000..acea538
--- /dev/null
+++ b/ops/bashrc.d/01-alias.sh
@@ -0,0 +1,2 @@
+# Server
+alias src='source $BASHCONF'
diff --git a/ops/bashrc.d/10-docker.sh b/ops/bashrc.d/10-docker.sh
new file mode 100755
index 0000000..374a283
--- /dev/null
+++ b/ops/bashrc.d/10-docker.sh
@@ -0,0 +1,6 @@
+# Docker
+alias dcycle='docker compose down && docker compose up -d'
+alias ddrop='docker compose down'
+alias dlift='docker compose up -d'
+alias dlogs='docker compose logs'
+alias dps='docker ps'
diff --git a/ops/bashrc.d/11-proxy.sh b/ops/bashrc.d/11-proxy.sh
new file mode 100644
index 0000000..7b2a9ff
--- /dev/null
+++ b/ops/bashrc.d/11-proxy.sh
@@ -0,0 +1,6 @@
+# HTTP Server
+alias htcycle='docker compose -f $RDNHTTPCOMP down && docker compose -f $RDNHTTPCOMP up -d'
+alias htdrop='docker compose -f $RDNHTTPCOMP down'
+alias htlift='docker compose -f $RDNHTTPCOMP up -d'
+alias htlogs='docker compose -f $RDNHTTPCOMP logs'
+alias htconf='vim $RDNHTTPCONF'
diff --git a/ops/install.sh b/ops/install.sh
new file mode 100644
index 0000000..f28254f
--- /dev/null
+++ b/ops/install.sh
@@ -0,0 +1,2 @@
+#!/usr/bin/env bash
+## TODO: Bootstrap to respective locations.
diff --git a/stacks/.template/.container.env b/stacks/.template/.container.env
new file mode 100644
index 0000000..511f12d
--- /dev/null
+++ b/stacks/.template/.container.env
@@ -0,0 +1,13 @@
+#
+#
+# Stack Runtime Variables
+
+# Auth
+USERNAME=
+PASSWORD=
+
+SECRET=
+
+# Database
+DB_USER=
+ET_CETERA=
diff --git a/stacks/.template/.env b/stacks/.template/.env
new file mode 100644
index 0000000..4c7f7d8
--- /dev/null
+++ b/stacks/.template/.env
@@ -0,0 +1,15 @@
+#
+#
+# Stack Compose Variables
+
+# Namespace
+_STACK=
+_CONTAINER=
+
+# Network
+_NET=
+
+# Volumes
+_DATA_VOLUME=
+_CONFIG_VOLUME=
+_CUSTOM_VOLUME=
diff --git a/stacks/.template/compose.template.yml b/stacks/.template/compose.template.yml
new file mode 100644
index 0000000..593c968
--- /dev/null
+++ b/stacks/.template/compose.template.yml
@@ -0,0 +1,43 @@
+## Template compose used for each stack.
+name: ${_STACK} # Explicit project name (do not rely on directory name)
+
+networks:
+  net:
+    name: ${_NET}
+    external: true # All networks SHOULD be external in production.
+
+volumes:
+  data:
+    name: ${_DATA_VOLUME}
+    external: true # All volumes SHOULD be external in production.
+  config:
+    name: ${_CONFIG_VOLUME}
+    external: true
+  custom:
+    name: ${_CUSTOM_VOLUME} # Custom volumes may not be external depending on the stack.
+    # External volumes are not required for local stack testing.
+
+services:
+  servicename:
+    container_name: ${_CONTAINER} # Remove if a swarm is needed.
+    image: somewhere/someone/container:latest
+    restart: unless-stopped
+    env_file:
+      # NOTE: .compose.env WILL override .env if there are overlapping values.
+      - .compose.env # Compose wiring defaults go here
+      - .env # Service env vars
+    volumes:
+      # Example bind mount (read-only)
+      # - ./conf:/etc/service:ro
+      - type: volume
+        source: ${_DATA_VOLUME:-data} # Must exist if external; overridden in local dev
+        target: /data
+      - type: volume
+        source: ${_CONFIG_VOLUME:-config} # Must exist if external; overridden in local dev
+        target: /config
+    networks:
+      - net
+    expose:
+      - 80
+      - 9001
+      - 67
diff --git a/stacks/cgit/.cgit.env.template b/stacks/cgit/.cgit.env.template
new file mode 100644
index 0000000..a50b83f
--- /dev/null
+++ b/stacks/cgit/.cgit.env.template
@@ -0,0 +1,7 @@
+#
+#
+# Stack Runtime Variables
+# HTTP_AUTH_USER=
+# HTTP_AUTH_PASSWORD=
+# GIT_HTTP_AUTH_USER=
+# GIT_HTTP_AUTH_PASSWORD=
diff --git a/stacks/cgit/.env.template b/stacks/cgit/.env.template
new file mode 100644
index 0000000..d96cdc5
--- /dev/null
+++ b/stacks/cgit/.env.template
@@ -0,0 +1,15 @@
+#
+#
+# Stack Compose Variables
+
+# Namespace
+_STACK=cgit-test
+_CONTAINER=cgit-test
+
+# Network
+_NET=test
+
+# Volumes
+_CSS_FILE=
+_CONFIG_FILE=
+_GIT_ROOT=
diff --git a/stacks/cgit/.gitignore b/stacks/cgit/.gitignore
new file mode 100644
index 0000000..1c1138e
--- /dev/null
+++ b/stacks/cgit/.gitignore
@@ -0,0 +1,6 @@
+# Ignore .env files
+*.env
+srv/
+srv/*
+config/
+config/*
diff --git a/stacks/cgit/compose.yml b/stacks/cgit/compose.yml
new file mode 100644
index 0000000..da4e144
--- /dev/null
+++ b/stacks/cgit/compose.yml
@@ -0,0 +1,23 @@
+name: ${_STACK}
+
+networks:
+  net:
+    name: ${_NET}
+    external: true
+
+services:
+  cgit:
+    container_name: ${_CONTAINER}
+    image: ratdad/cgit:latest
+    env_file:
+      - .cgit.env
+      - .env
+    networks:
+      - net
+    expose:
+      - 80
+    volumes:
+      # TODO: Create env overrides in docker-cgit for css/config file locations as well as the git root.
+      - ${_CSS_FILE:-./config/cgit.css}:/srv/www/htdocs/cgit/cgit.css
+      - ${_CONFIG_FILE:-./config/cgitrc}:/etc/cgitrc
+      - ${_GIT_ROOT:-./srv/git/}:/srv/git # mount the directory you use for your git server
diff --git a/stacks/codex/.codex.env.template b/stacks/codex/.codex.env.template
new file mode 100644
index 0000000..9f373a5
--- /dev/null
+++ b/stacks/codex/.codex.env.template
@@ -0,0 +1,6 @@
+#
+#
+# Stack Runtime Variables
+SB_USER=
+SB_NAME=
+SB_DESCRIPTION=
diff --git a/stacks/codex/.env.template b/stacks/codex/.env.template
new file mode 100644
index 0000000..fa0eaba
--- /dev/null
+++ b/stacks/codex/.env.template
@@ -0,0 +1,13 @@
+#
+#
+# Stack Compose Variables
+
+# Namespace
+_STACK=
+_CONTAINER=
+
+# Network
+_NET=
+
+# Volumes
+_DATA_VOLUME=
diff --git a/stacks/codex/.gitignore b/stacks/codex/.gitignore
new file mode 100644
index 0000000..b31db7b
--- /dev/null
+++ b/stacks/codex/.gitignore
@@ -0,0 +1,3 @@
+*.env
+space/
+space/**
diff --git a/stacks/codex/compose.yml b/stacks/codex/compose.yml
new file mode 100644
index 0000000..8e17e82
--- /dev/null
+++ b/stacks/codex/compose.yml
@@ -0,0 +1,26 @@
+name: ${_STACK}
+
+networks:
+  net:
+    name: ${_NET}
+    external: true
+
+volumes:
+  data:
+    name: ${_DATA_VOLUME}
+    external: true
+
+services:
+  silverbullet:
+    container_name: ${_CONTAINER}
+    image: ghcr.io/silverbulletmd/silverbullet
+    restart: unless-stopped
+    env_file:
+      - .env
+      - .codex.env
+    networks:
+      - net
+    expose:
+      - 3000
+    volumes:
+      - ${data:-./space/}:/space
diff --git a/stacks/dav/.davis.env.template b/stacks/dav/.davis.env.template
new file mode 100644
index 0000000..67d9a7e
--- /dev/null
+++ b/stacks/dav/.davis.env.template
@@ -0,0 +1,60 @@
+#
+#
+# DAViS Environment Variables
+
+# General settings
+APP_ENV=prod # or dev
+CALDAV_ENABLED=true
+CARDDAV_ENABLED=true
+WEBDAV_ENABLED=false
+PUBLIC_CALENDARS_ENABLED=true
+BIRTHDAY_REMINDER_OFFSET=PT9H
+APP_TIMEZONE=America/New_York
+LOG_FILE_PATH="%kernel.logs_dir%/%kernel.environment%.log"
+
+# Database
+DATABASE_DRIVER=postgresql
+DB_DATABASE=davis
+DB_USER=davis_user
+DB_PASSWORD=davis_password
+DATABASE_URL=${DATABASE_DRIVER}://${DB_USER}:${DB_PASSWORD}@${_DB_CONTAINER}:5432/${DB_DATABASE}?serverVersion=15&charset=UTF-8
+
+# For the Davis admin interface
+ADMIN_LOGIN=admin
+ADMIN_PASSWORD=admin
+ADMIN_AUTH_BYPASS=false
+
+# DAV auth settings
+AUTH_METHOD=Basic   # Basic or IMAP or LDAP
+
+# Basic HTTP auth settings
+AUTH_REALM=SabreDAV
+
+# IMAP auth settings
+# IMAP_AUTH_URL=imap.mydomain.com:993
+# IMAP_ENCRYPTION_METHOD=ssl
+# IMAP_CERTIFICATE_VALIDATION=true
+# IMAP_AUTH_USER_AUTOCREATE=false
+
+# LDAP auth settings
+# LDAP_AUTH_URL=ldap://127.0.0.1:3890
+# LDAP_DN_PATTERN=uid=%u,ou=users,dc=domain,dc=com
+# LDAP_MAIL_ATTRIBUTE=mail
+# LDAP_AUTH_USER_AUTOCREATE=false
+# LDAP_CERTIFICATE_CHECKING_STRATEGY=try # never, hard, demand, try, or allow
+
+# WebDAV settings
+WEBDAV_TMP_DIR=/webdav/tmp
+WEBDAV_PUBLIC_DIR=/webdav/public
+WEBDAV_HOMES_DIR=
+
+# Mail settings
+# INVITE_FROM_ADDRESS=no-reply@example.org
+# MAIL_HOST=smtp.myprovider.com
+# MAIL_PORT=587
+# MAIL_USERNAME=userdav
+# MAIL_PASSWORD=test
+# MAILER_DSN=smtp://${MAIL_USERNAME}:${MAIL_PASSWORD}@${MAIL_HOST}:${MAIL_PORT}
+
+# Trust the immediate proxy for X-Forwarded-* headers including HTTPS detection
+SYMFONY_TRUSTED_PROXIES=REMOTE_ADDR
diff --git a/stacks/dav/.db.env.template b/stacks/dav/.db.env.template
new file mode 100644
index 0000000..bd9bc9e
--- /dev/null
+++ b/stacks/dav/.db.env.template
@@ -0,0 +1,3 @@
+POSTGRES_PASSWORD=${DB_PASSWORD}
+POSTGRES_DB=${DB_DATABASE}
+POSTGRES_USER=${DB_USER}
diff --git a/stacks/dav/.env.template b/stacks/dav/.env.template
new file mode 100644
index 0000000..2183497
--- /dev/null
+++ b/stacks/dav/.env.template
@@ -0,0 +1,14 @@
+#
+#
+# Stack Compose Variables
+
+# Namespace
+_STACK=
+_CONTAINER=
+_DB_CONTAINER=
+
+# Network
+_NET=
+
+# Volumes
+# _DB_VOLUME=
diff --git a/stacks/dav/.gitignore b/stacks/dav/.gitignore
new file mode 100644
index 0000000..dff03c1
--- /dev/null
+++ b/stacks/dav/.gitignore
@@ -0,0 +1,4 @@
+# Ignore .env files
+*.env
+.database/
+.database/**
diff --git a/stacks/dav/compose.yml b/stacks/dav/compose.yml
new file mode 100644
index 0000000..7e59600
--- /dev/null
+++ b/stacks/dav/compose.yml
@@ -0,0 +1,39 @@
+name: ${_STACK}
+
+networks:
+  net:
+    name: ${_NET}
+    external: true
+  intra:
+
+volumes:
+  data:
+    name: ${_DB_DATA_VOLUME}
+    external: true
+
+services:
+  db:
+    container_name: ${_DB_CONTAINER} # Required for now.
+    image: postgres:16-alpine
+    networks:
+      - intra
+    env_file:
+      - .env
+      - .davis.env
+      - .db.env
+    volumes:
+      - ${data:-.database/}:/var/lib/postgresql/data
+
+  davis:
+    container_name: ${_CONTAINER}
+    image: ghcr.io/tchapi/davis-standalone:latest
+    env_file:
+      - .davis.env
+      - .env
+    networks:
+      - net
+      - intra
+    expose:
+      - 9000
+    depends_on:
+      - db
diff --git a/stacks/edge/.edge.env.template b/stacks/edge/.edge.env.template
new file mode 100644
index 0000000..737f239
--- /dev/null
+++ b/stacks/edge/.edge.env.template
@@ -0,0 +1,18 @@
+DOMAIN=
+DOCUMENT_ROOT=
+
+SERVICE0=
+SERVICE0_SUB=
+SERVICE0_PORT=
+
+SERVICE1=
+SERVICE1_SUB=
+SERVICE1_PORT=
+
+SERVICE2=
+SERVICE2_SUB=
+SERVICE2_PORT=
+
+SERVICE3=
+SERVICE3_SUB=
+SERVICE3_PORT=
diff --git a/stacks/edge/.env.template b/stacks/edge/.env.template
new file mode 100644
index 0000000..972ca33
--- /dev/null
+++ b/stacks/edge/.env.template
@@ -0,0 +1,16 @@
+#
+#
+# Stack Compose Variables
+
+# Namespace
+_STACK=
+_CONTAINER=
+
+# Network
+_NET=
+
+# Volumes
+_CADDYFILE=
+_DATA_VOLUME=
+_CONFIG_VOLUME=
+_WEBROOT=
diff --git a/stacks/edge/.gitignore b/stacks/edge/.gitignore
new file mode 100644
index 0000000..077b892
--- /dev/null
+++ b/stacks/edge/.gitignore
@@ -0,0 +1,6 @@
+# Ignore .env files
+*.env
+.srv/
+.data/
+.config/
+Caddyfile
diff --git a/stacks/edge/Caddyfile.template b/stacks/edge/Caddyfile.template
new file mode 100644
index 0000000..23a6498
--- /dev/null
+++ b/stacks/edge/Caddyfile.template
@@ -0,0 +1,29 @@
+# {
+#   debug
+#   auto_https off
+# }
+
+# NOTE: EDIT THIS FILE EXPLICITLY. DO NOT AUTOMATE.
+
+{$DOMAIN}:80 {
+  root * {$DOCUMENT_ROOT}
+  encode
+  try_files {path} index.html
+  file_server
+}
+
+{$SERVICE0_SUB}.{$DOMAIN}:80 {
+  reverse_proxy {$SERVICE0}:{$SERVICE0_PORT}
+}
+
+{$SERVICE1_SUB}.{$DOMAIN}:80 {
+  reverse_proxy {$SERVICE1}:{$SERVICE1_PORT}
+}
+
+{$SERVICE2_SUB}.{$DOMAIN}:80 {
+  reverse_proxy {$SERVICE2}:{$SERVICE2_PORT}
+}
+
+{$SERVICE3_SUB}.{$DOMAIN}:80 {
+  reverse_proxy {$SERVICE3}:{$SERVICE3_PORT}
+}
diff --git a/stacks/edge/compose.yml b/stacks/edge/compose.yml
new file mode 100644
index 0000000..1fc33a7
--- /dev/null
+++ b/stacks/edge/compose.yml
@@ -0,0 +1,34 @@
+name: ${_STACK}
+
+volumes:
+  data:
+    name: ${_DATA_VOLUME}
+    external: true
+  config:
+    name: ${_CONFIG_VOLUME}
+    external: true
+
+networks:
+  net:
+    name: ${_NET}
+    external: true
+
+services:
+  srv:
+    container_name: ${_CONTAINER}
+    image: caddy:latest
+    restart: unless-stopped
+    env_file:
+      - .edge.env
+      - .env
+    networks:
+      - net
+    ports:
+      - 80:80
+      - 443:443
+      - 443:443/udp
+    volumes:
+      - ${_CADDYFILE:-./Caddyfile}:/etc/caddy/Caddyfile
+      - ${_WEBROOT:-.srv/}:/srv
+      - ${data:-.data/}:/data
+      - ${config:-.config/}:/config
diff --git a/stacks/tss/.env.template b/stacks/tss/.env.template
new file mode 100644
index 0000000..fa0eaba
--- /dev/null
+++ b/stacks/tss/.env.template
@@ -0,0 +1,13 @@
+#
+#
+# Stack Compose Variables
+
+# Namespace
+_STACK=
+_CONTAINER=
+
+# Network
+_NET=
+
+# Volumes
+_DATA_VOLUME=
diff --git a/stacks/tss/.gitignore b/stacks/tss/.gitignore
new file mode 100644
index 0000000..091dacc
--- /dev/null
+++ b/stacks/tss/.gitignore
@@ -0,0 +1,3 @@
+*.env
+.data/
+.data/**
diff --git a/stacks/tss/.tss.env.template b/stacks/tss/.tss.env.template
new file mode 100644
index 0000000..103c5da
--- /dev/null
+++ b/stacks/tss/.tss.env.template
@@ -0,0 +1,5 @@
+# TSS CONFIG
+RUST_LOG=info
+DATA_DIR=/var/lib/taskchampion-sync-server/data
+LISTEN=0.0.0.0:8080
+CLIENT_ID=
diff --git a/stacks/tss/compose.yml b/stacks/tss/compose.yml
new file mode 100644
index 0000000..8e086e8
--- /dev/null
+++ b/stacks/tss/compose.yml
@@ -0,0 +1,26 @@
+name: ${_STACK}
+
+volumes:
+  data:
+    name: ${_DATA_VOLUME}
+    external: true
+
+networks:
+  net:
+    name: ${_NET}
+    external: true
+
+services:
+  tss:
+    container_name: ${_CONTAINER}
+    image: ghcr.io/gothenburgbitfactory/taskchampion-sync-server:latest
+    restart: unless-stopped
+    env_file:
+      - .tss.env
+      - .env
+    volumes:
+      - ${data:-.data/}:/var/lib/taskchampion-sync-server/data
+    networks:
+      - net
+    expose:
+      - 8080
author	RATDAD <lambda@disroot.org>	2025-12-17 19:53:38 -0500
committer	RATDAD <lambda@disroot.org>	2025-12-17 19:53:38 -0500
commit	a50e5d21b0430a734929bc17017cc8c394b25524 (patch)
tree	8a61bac5b36ca8725f3fdf64d30073b081c7d643
download	rds-platform-a50e5d21b0430a734929bc17017cc8c394b25524.tar.gz rds-platform-a50e5d21b0430a734929bc17017cc8c394b25524.tar.bz2 rds-platform-a50e5d21b0430a734929bc17017cc8c394b25524.zip