6 年前 · 13941fe895
--- a/README.md
+++ b/README.md
 -------------
 If you want to add more domains after deployment, you can run this command manually from HAProxy docker instance (see [this](https://serversforhackers.com/c/letsencrypt-with-haproxy)):
 ```
 sudo certbot certonly --standalone -d nextcloud.example.com -d gogs.example.com \
 sudo certbot certonly --standalone -d nextcloud.example.com -d git.example.com \
    --non-interactive --agree-tos --email admin@example.com \
    --http-01-port=8888
 ```
--- a/docker-compose.yml
+++ b/docker-compose.yml
    depends_on:
      # For DNS resolution
      - nextcloud
      - gogs
      - gitea
      - pihole
    env_file:
      - haproxy.env
    env_file:
      - sftp.env
  gogs:
  gitea:
    build:
      context: ./images/gogs/
    image: bingen/${ARCH}-gogs
      context: ./images/gitea/
    image: bingen/${ARCH}-gitea
    depends_on:
      - db
      - openldap
    env_file:
      - gogs.env
      - gitea.env
    ports:
      - "2080:2080"
      - "2443:2443"
      - "2080:3000"
      - "${GITEA_HTTP_PORT}:${GITEA_HTTP_PORT}"
      - "2022:22"
    volumes:
      - ${GOGS_DATA_VOLUME_PATH}:/data
      - ${GITEA_DATA_VOLUME_PATH}:/data
  pihole:
    image: pihole/pihole:latest
--- a/env.template
+++ b/env.template
 PAPERLESS_EXPORT_VOLUME_PATH=${VOLUMES_PATH}/paperless/export
 PAPERLESS_EXPORT_PATH=/export
 # GOGS
 # GITEA
 GOGS_SERVER_NAME=gogs
 GOGS_DATA_VOLUME_PATH=${VOLUMES_PATH}/gogs/data
 GITEA_SERVER_NAME=git
 GITEA_DATA_VOLUME_PATH=${VOLUMES_PATH}/gitea/data
 GITEA_HTTP_PORT=2443
 # PI-HOLE
--- a/gitea.env.template
+++ b/gitea.env.template
 GITEA_DOMAIN=${DOMAIN}
 GITEA_ADMIN_PWD_FILE=/run/secrets/admin_pwd
 ADMIN_EMAIL=${ADMIN_EMAIL}
 # LDAP
 LDAP_SERVER_HOST=openldap
 LDAP_BIND_DN=uid=${LDAP_GITEA_UID},ou=services,dc=${ORGANIZATION},dc=${EXTENSION}
 LDAP_BIND_PWD_FILE=/run/secrets/ldap_pwd
 LDAP_SEARCH_BASE=ou=people,dc=${ORGANIZATION},dc=${EXTENSION}
--- a/gogs.env.template
+++ b/gogs.env.template
 GOGS_DOMAIN=${DOMAIN}
 GOGS_ADMIN_PWD_FILE=/run/secrets/admin_pwd
 ADMIN_EMAIL=${ADMIN_EMAIL}
 # DB
 MYSQL_ROOT_PWD_FILE=/run/secrets/mysql_pwd
 DB_HOST=db
 GOGS_DB_NAME=git
 GOGS_DB_USER=gogs
 # LDAP
 LDAP_SERVER_HOST=openldap
 LDAP_BIND_DN=uid=${LDAP_GOGS_UID},ou=services,dc=${ORGANIZATION},dc=${EXTENSION}
 LDAP_BIND_PWD_FILE=/run/secrets/ldap_pwd
 LDAP_SEARCH_BASE=ou=people,dc=${ORGANIZATION},dc=${EXTENSION}
--- a/images/gitea/Dockerfile.template
+++ b/images/gitea/Dockerfile.template
 FROM gitea/gitea:1.10-linux-ARCH_PLACEHOLDER
 #ENV GIT_HOME /home/git
 RUN apk --no-cache add openssl
 # Configuration
 # $HOME doesn't work with COPY
 COPY app.ini /home/${USER}/
 COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 RUN chmod 755 /usr/local/bin/docker-entrypoint.sh
 ENTRYPOINT []
 CMD ["/usr/local/bin/docker-entrypoint.sh"]
--- a/images/gitea/app.ini
+++ b/images/gitea/app.ini
 #APP_NAME = $APP_NAME
 RUN_MODE = prod
 #[log]
 #LEVEL=debug
 [repository]
 ROOT = /data/git/repositories
 [repository.local]
 LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
 [repository.upload]
 TEMP_PATH = /data/gitea/uploads
 [server]
 APP_DATA_PATH    = /data/gitea
 SSH_DOMAIN       = GITEA_FULL_DOMAIN
 PROTOCOL         = https
 CERT_FILE        = GITEA_CUSTOM/cert.pem
 KEY_FILE         = GITEA_CUSTOM/key.pem
 HTTP_PORT        = GITEA_HTTP_PORT
 #ROOT_URL         = $ROOT_URL
 #DISABLE_SSH      = $DISABLE_SSH
 SSH_PORT         = 2022
 SSH_LISTEN_PORT  = 22
 #LFS_START_SERVER = $LFS_START_SERVER
 #LFS_CONTENT_PATH = /data/git/lfs
 [database]
 DB_TYPE = sqlite3
 PATH = /data/gitea/gitea.db
 #DB_TYPE = mysql
 #HOST    = DB_HOST
 #NAME    = GITEA_DB_NAME
 #USER    = GITEA_DB_USER
 #PASSWD  = GITEA_DB_PWD
 [indexer]
 ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
 [session]
 PROVIDER_CONFIG = /data/gitea/sessions
 [picture]
 AVATAR_UPLOAD_PATH = /data/gitea/avatars
 REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
 [attachment]
 PATH = /data/gitea/attachments
 [log]
 ROOT_PATH = /data/gitea/log
 [security]
 INSTALL_LOCK = true
 SECRET_KEY   = SECRET_KEY
 [service]
 DISABLE_REGISTRATION = true
 #REQUIRE_SIGNIN_VIEW = $REQUIRE_SIGNIN_VIEW
--- a/images/gitea/docker-entrypoint.sh
+++ b/images/gitea/docker-entrypoint.sh
 #!/bin/bash
 GITEA_FULL_DOMAIN=${GITEA_SERVER_NAME}.${GITEA_DOMAIN}
 # set LDAP password from secret
 if [ ! -z $LDAP_BIND_PWD_FILE -a -f $LDAP_BIND_PWD_FILE ]; then
    LDAP_BIND_PWD=`cat $LDAP_BIND_PWD_FILE`;
 fi
 # set Admin password from secret
 if [ ! -z $GITEA_ADMIN_PWD_FILE -a -f $GITEA_ADMIN_PWD_FILE ]; then
    GITEA_ADMIN_PWD=`cat $GITEA_ADMIN_PWD_FILE`;
 fi
 GITEA_SECRET_KEY=`openssl rand -hex 64`
 # check needed variables
 if [[ -z ${GITEA_ADMIN_PWD} || -z ${ADMIN_EMAIL} \
          || -z ${LDAP_SERVER_HOST} || -z ${LDAP_BIND_DN} \
          || -z ${LDAP_BIND_PWD} || -z ${LDAP_SEARCH_BASE} \
    ]];
 then
    echo "Missing variable! You must provide: GITEA_ADMIN_PWD, ADMIN_EMAIL and LDAP stuff";
    echo ${#GITEA_ADMIN_PWD}, ${ADMIN_EMAIL},
    echo ${LDAP_SERVER_HOST}, ${LDAP_BIND_DN}, ${#LDAP_BIND_PWD}, ${LDAP_SEARCH_BASE}
    #env;
    exit 1;
 fi
 # ### Conf file ###
 echo Tweaking config files
 CONF_FILE=${GITEA_CUSTOM}/conf/app.ini
 if [[ ! -e ${CONF_FILE} ]]; then
    mkdir -p ${GITEA_CUSTOM}/conf
    mv /home/${USER}/app.ini ${CONF_FILE}
    chown -R ${USER} ${GITEA_CUSTOM}
    echo Setting domain and port
    sed -i "s/GITEA_FULL_DOMAIN/${GITEA_FULL_DOMAIN}/g" ${CONF_FILE}
    sed -i "s/GITEA_HTTP_PORT/${GITEA_HTTP_PORT}/g" ${CONF_FILE}
    echo Setting path
    sed -i "s/GITEA_CUSTOM/${GITEA_CUSTOM//\//\\/}/g" ${CONF_FILE}
    echo Setting secret key
    sed -i "s/SECRET_KEY/${GITEA_SECRET_KEY}/g" ${CONF_FILE}
 fi
 chown -R ${USER} /data
 # Create self-signed certificates
 su ${USER} -c "cd /${GITEA_CUSTOM}; gitea cert --host localhost,${GITEA_FULL_DOMAIN}"
 echo gfd: ${GITEA_FULL_DOMAIN}
 # TODO: start gitea to init
 echo Starting Gitea to init everything
 nohup su ${USER} -c "/app/gitea/gitea web" &
 GITEA_PID=`echo $!`
 echo Gitea pid: ${GITEA_PID}
 CURL_RESULT=1
 echo Waiting for web server to be ready
 while [[ ${CURL_RESULT} -gt 0 ]]; do
    sleep 10
    curl localhost:${GITEA_HTTP_PORT} > /dev/null 2>&1
    CURL_RESULT=$?;
    echo Curl result: ${CURL_RESULT}
 done;
 echo Killing Gitea
 kill -9 ${GITEA_PID}
 # Create admin user
 echo Creating admin user
 su ${USER} -c "gitea admin create-user --username root --password ${GITEA_ADMIN_PWD} --admin --email ${ADMIN_EMAIL}"
 # LDAP
 echo Creating LDAP access
 su ${USER} -c "gitea admin auth add-ldap \
      --name ldap \
      --security-protocol unencrypted \
      --host ${LDAP_SERVER_HOST} \
      --port 389 \
      --bind-dn ${LDAP_BIND_DN} \
      --bind-password ${LDAP_BIND_PWD} \
      --user-search-base ${LDAP_SEARCH_BASE} \
      --user-filter \"(&(objectclass=*)(|(uniqueIdentifier=%[1]s)(mail=%[1]s)))\" \
      --username-attribute uniqueIdentifier \
      --firstname-attribute givenName \
      --surname-attribute sn \
      --email-attribute mail"
 exec /bin/s6-svscan /etc/s6
--- a/images/gogs/Dockerfile
+++ b/images/gogs/Dockerfile
 FROM debian:stretch
 ENV GO_VERSION 1.9
 ENV GO_OS linux
 ENV GO_ARCH amd64
 ENV GOGS_CUSTOM /data/gogs
 ENV GIT_HOME /home/git
 # Install dependencies
 RUN apt-get update \
    && apt-get install -y --no-install-recommends \
       git wget ca-certificates openssh-server mariadb-client \
    && rm -rf /var/lib/apt/lists/*
 RUN mkdir -p /data/gogs/data \
    && mkdir -p /data/gogs/conf \
    && mkdir -p /data/gogs/log \
    && mkdir -p /data/gogs/gogs-repositories \
    && mkdir -p /data/ssh
 # Create git user for Gogs
 RUN export PUID=${PUID:-1000} \
    && export PGID=${PGID:-1000} \
    && addgroup --gid ${PGID} git \
    && adduser --uid ${PUID} --ingroup git --disabled-login --gecos 'Gogs Git User' --home ${GIT_HOME} --shell /bin/bash git \
    && ln -s /data/ssh ${GIT_HOME}/.ssh
 RUN chown -R git:git /data
 RUN chown -R git:git ${GIT_HOME}
 RUN echo "export GOGS_CUSTOM=${GOGS_CUSTOM}" > /etc/profile.d/gogs.sh
 RUN echo "export GOROOT=${GIT_HOME}/local/go" | tee -a /etc/profile.d/gogs.sh /etc/bash.bashrc > /dev/null \
    && echo "export GOPATH=${GIT_HOME}/go" | tee -a /etc/profile.d/gogs.sh /etc/bash.bashrc > /dev/null \
    && echo 'export PATH=$PATH:$GOROOT/bin:$GOPATH/bin' | tee -a /etc/profile.d/gogs.sh /etc/bash.bashrc > /dev/null
 # ############## USER git ########################
 USER git
 # Install Golang
 RUN cd $HOME \
    && mkdir local \
    && cd local \
    && wget https://storage.googleapis.com/golang/go${GO_VERSION}.${GO_OS}-${GO_ARCH}.tar.gz \
    && tar zxvf go${GO_VERSION}.${GO_OS}-${GO_ARCH}.tar.gz \
    && rm go${GO_VERSION}.${GO_OS}-${GO_ARCH}.tar.gz
 # Install Gogs
 RUN . /etc/profile.d/gogs.sh \
    && ${GOROOT}/bin/go get -u -tags "cert" github.com/gogs/gogs \
    && cd $GOPATH/src/github.com/gogs/gogs \
    && go build -tags "cert"
 # TODO:
 # clean stuff
 # https://github.com/gogs/gogs/blob/master/docker/finalize.sh
 # Clean stuff
 RUN rm -r $HOME/go/src/github.com/gogs/gogs/.git
 #RUN rm -r $HOME/local
 # Configuration
 # $HOME doesn't work with COPY
 RUN mkdir -p ${GIT_HOME}/go/src/github.com/gogs/gogs/custom/conf
 COPY app.ini ${GIT_HOME}/go/src/github.com/gogs/gogs/custom/conf/
 # LDAP
 RUN mkdir -p ${GIT_HOME}/go/src/github.com/gogs/gogs/custom/conf/auth.d
 COPY ldap.conf ${GIT_HOME}/go/src/github.com/gogs/gogs/custom/conf/auth.d/
 # ############## USER root ########################
 USER root
 COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 RUN chmod 755 /usr/local/bin/docker-entrypoint.sh
 #ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
 #CMD gosu git ${GOPATH}/src/github.com/gogs/gogs/gogs web
 ENTRYPOINT []
 CMD ["/usr/local/bin/docker-entrypoint.sh"]
--- a/images/gogs/Dockerfile.template
+++ b/images/gogs/Dockerfile.template
 FROM BASE_IMAGE_PLACEHOLDER
 ENV GO_VERSION 1.9
 ENV GO_OS linux
 ENV GO_ARCH GO_ARCH_PLACEHOLDER
 ENV GOGS_CUSTOM /data/gogs
 ENV GIT_HOME /home/git
 # Install dependencies
 RUN apt-get update \
    && apt-get install -y --no-install-recommends \
       git wget ca-certificates openssh-server mariadb-client \
    && rm -rf /var/lib/apt/lists/*
 RUN mkdir -p /data/gogs/data \
    && mkdir -p /data/gogs/conf \
    && mkdir -p /data/gogs/log \
    && mkdir -p /data/gogs/gogs-repositories \
    && mkdir -p /data/ssh
 # Create git user for Gogs
 RUN export PUID=${PUID:-1000} \
    && export PGID=${PGID:-1000} \
    && addgroup --gid ${PGID} git \
    && adduser --uid ${PUID} --ingroup git --disabled-login --gecos 'Gogs Git User' --home ${GIT_HOME} --shell /bin/bash git \
    && ln -s /data/ssh ${GIT_HOME}/.ssh
 RUN chown -R git:git /data
 RUN chown -R git:git ${GIT_HOME}
 RUN echo "export GOGS_CUSTOM=${GOGS_CUSTOM}" > /etc/profile.d/gogs.sh
 RUN echo "export GOROOT=${GIT_HOME}/local/go" | tee -a /etc/profile.d/gogs.sh /etc/bash.bashrc > /dev/null \
    && echo "export GOPATH=${GIT_HOME}/go" | tee -a /etc/profile.d/gogs.sh /etc/bash.bashrc > /dev/null \
    && echo 'export PATH=$PATH:$GOROOT/bin:$GOPATH/bin' | tee -a /etc/profile.d/gogs.sh /etc/bash.bashrc > /dev/null
 # ############## USER git ########################
 USER git
 # Install Golang
 RUN cd $HOME \
    && mkdir local \
    && cd local \
    && wget https://storage.googleapis.com/golang/go${GO_VERSION}.${GO_OS}-${GO_ARCH}.tar.gz \
    && tar zxvf go${GO_VERSION}.${GO_OS}-${GO_ARCH}.tar.gz \
    && rm go${GO_VERSION}.${GO_OS}-${GO_ARCH}.tar.gz
 # Install Gogs
 RUN . /etc/profile.d/gogs.sh \
    && ${GOROOT}/bin/go get -u -tags "cert" github.com/gogs/gogs \
    && cd $GOPATH/src/github.com/gogs/gogs \
    && go build -tags "cert"
 # TODO:
 # clean stuff
 # https://github.com/gogs/gogs/blob/master/docker/finalize.sh
 # Clean stuff
 RUN rm -r $HOME/go/src/github.com/gogs/gogs/.git
 #RUN rm -r $HOME/local
 # Configuration
 # $HOME doesn't work with COPY
 RUN mkdir -p ${GIT_HOME}/go/src/github.com/gogs/gogs/custom/conf
 COPY app.ini ${GIT_HOME}/go/src/github.com/gogs/gogs/custom/conf/
 # LDAP
 RUN mkdir -p ${GIT_HOME}/go/src/github.com/gogs/gogs/custom/conf/auth.d
 COPY ldap.conf ${GIT_HOME}/go/src/github.com/gogs/gogs/custom/conf/auth.d/
 # ############## USER root ########################
 USER root
 COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 RUN chmod 755 /usr/local/bin/docker-entrypoint.sh
 #ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
 #CMD gosu git ${GOPATH}/src/github.com/gogs/gogs/gogs web
 ENTRYPOINT []
 CMD ["/usr/local/bin/docker-entrypoint.sh"]
--- a/images/gogs/LICENSE
+++ b/images/gogs/LICENSE
                                 Apache License
                           Version 2.0, January 2004
                        http://www.apache.org/licenses/
   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
   1. Definitions.
      "License" shall mean the terms and conditions for use, reproduction,
      and distribution as defined by Sections 1 through 9 of this document.
      "Licensor" shall mean the copyright owner or entity authorized by
      the copyright owner that is granting the License.
      "Legal Entity" shall mean the union of the acting entity and all
      other entities that control, are controlled by, or are under common
      control with that entity. For the purposes of this definition,
      "control" means (i) the power, direct or indirect, to cause the
      direction or management of such entity, whether by contract or
      otherwise, or (ii) ownership of fifty percent (50%) or more of the
      outstanding shares, or (iii) beneficial ownership of such entity.
      "You" (or "Your") shall mean an individual or Legal Entity
      exercising permissions granted by this License.
      "Source" form shall mean the preferred form for making modifications,
      including but not limited to software source code, documentation
      source, and configuration files.
      "Object" form shall mean any form resulting from mechanical
      transformation or translation of a Source form, including but
      not limited to compiled object code, generated documentation,
      and conversions to other media types.
      "Work" shall mean the work of authorship, whether in Source or
      Object form, made available under the License, as indicated by a
      copyright notice that is included in or attached to the work
      (an example is provided in the Appendix below).
      "Derivative Works" shall mean any work, whether in Source or Object
      form, that is based on (or derived from) the Work and for which the
      editorial revisions, annotations, elaborations, or other modifications
      represent, as a whole, an original work of authorship. For the purposes
      of this License, Derivative Works shall not include works that remain
      separable from, or merely link (or bind by name) to the interfaces of,
      the Work and Derivative Works thereof.
      "Contribution" shall mean any work of authorship, including
      the original version of the Work and any modifications or additions
      to that Work or Derivative Works thereof, that is intentionally
      submitted to Licensor for inclusion in the Work by the copyright owner
      or by an individual or Legal Entity authorized to submit on behalf of
      the copyright owner. For the purposes of this definition, "submitted"
      means any form of electronic, verbal, or written communication sent
      to the Licensor or its representatives, including but not limited to
      communication on electronic mailing lists, source code control systems,
      and issue tracking systems that are managed by, or on behalf of, the
      Licensor for the purpose of discussing and improving the Work, but
      excluding communication that is conspicuously marked or otherwise
      designated in writing by the copyright owner as "Not a Contribution."
      "Contributor" shall mean Licensor and any individual or Legal Entity
      on behalf of whom a Contribution has been received by Licensor and
      subsequently incorporated within the Work.
   2. Grant of Copyright License. Subject to the terms and conditions of
      this License, each Contributor hereby grants to You a perpetual,
      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
      copyright license to reproduce, prepare Derivative Works of,
      publicly display, publicly perform, sublicense, and distribute the
      Work and such Derivative Works in Source or Object form.
   3. Grant of Patent License. Subject to the terms and conditions of
      this License, each Contributor hereby grants to You a perpetual,
      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
      (except as stated in this section) patent license to make, have made,
      use, offer to sell, sell, import, and otherwise transfer the Work,
      where such license applies only to those patent claims licensable
      by such Contributor that are necessarily infringed by their
      Contribution(s) alone or by combination of their Contribution(s)
      with the Work to which such Contribution(s) was submitted. If You
      institute patent litigation against any entity (including a
      cross-claim or counterclaim in a lawsuit) alleging that the Work
      or a Contribution incorporated within the Work constitutes direct
      or contributory patent infringement, then any patent licenses
      granted to You under this License for that Work shall terminate
      as of the date such litigation is filed.
   4. Redistribution. You may reproduce and distribute copies of the
      Work or Derivative Works thereof in any medium, with or without
      modifications, and in Source or Object form, provided that You
      meet the following conditions:
      (a) You must give any other recipients of the Work or
          Derivative Works a copy of this License; and
      (b) You must cause any modified files to carry prominent notices
          stating that You changed the files; and
      (c) You must retain, in the Source form of any Derivative Works
          that You distribute, all copyright, patent, trademark, and
          attribution notices from the Source form of the Work,
          excluding those notices that do not pertain to any part of
          the Derivative Works; and
      (d) If the Work includes a "NOTICE" text file as part of its
          distribution, then any Derivative Works that You distribute must
          include a readable copy of the attribution notices contained
          within such NOTICE file, excluding those notices that do not
          pertain to any part of the Derivative Works, in at least one
          of the following places: within a NOTICE text file distributed
          as part of the Derivative Works; within the Source form or
          documentation, if provided along with the Derivative Works; or,
          within a display generated by the Derivative Works, if and
          wherever such third-party notices normally appear. The contents
          of the NOTICE file are for informational purposes only and
          do not modify the License. You may add Your own attribution
          notices within Derivative Works that You distribute, alongside
          or as an addendum to the NOTICE text from the Work, provided
          that such additional attribution notices cannot be construed
          as modifying the License.
      You may add Your own copyright statement to Your modifications and
      may provide additional or different license terms and conditions
      for use, reproduction, or distribution of Your modifications, or
      for any such Derivative Works as a whole, provided Your use,
      reproduction, and distribution of the Work otherwise complies with
      the conditions stated in this License.
   5. Submission of Contributions. Unless You explicitly state otherwise,
      any Contribution intentionally submitted for inclusion in the Work
      by You to the Licensor shall be under the terms and conditions of
      this License, without any additional terms or conditions.
      Notwithstanding the above, nothing herein shall supersede or modify
      the terms of any separate license agreement you may have executed
      with Licensor regarding such Contributions.
   6. Trademarks. This License does not grant permission to use the trade
      names, trademarks, service marks, or product names of the Licensor,
      except as required for reasonable and customary use in describing the
      origin of the Work and reproducing the content of the NOTICE file.
   7. Disclaimer of Warranty. Unless required by applicable law or
      agreed to in writing, Licensor provides the Work (and each
      Contributor provides its Contributions) on an "AS IS" BASIS,
      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
      implied, including, without limitation, any warranties or conditions
      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
      PARTICULAR PURPOSE. You are solely responsible for determining the
      appropriateness of using or redistributing the Work and assume any
      risks associated with Your exercise of permissions under this License.
   8. Limitation of Liability. In no event and under no legal theory,
      whether in tort (including negligence), contract, or otherwise,
      unless required by applicable law (such as deliberate and grossly
      negligent acts) or agreed to in writing, shall any Contributor be
      liable to You for damages, including any direct, indirect, special,
      incidental, or consequential damages of any character arising as a
      result of this License or out of the use or inability to use the
      Work (including but not limited to damages for loss of goodwill,
      work stoppage, computer failure or malfunction, or any and all
      other commercial damages or losses), even if such Contributor
      has been advised of the possibility of such damages.
   9. Accepting Warranty or Additional Liability. While redistributing
      the Work or Derivative Works thereof, You may choose to offer,
      and charge a fee for, acceptance of support, warranty, indemnity,
      or other liability obligations and/or rights consistent with this
      License. However, in accepting such obligations, You may act only
      on Your own behalf and on Your sole responsibility, not on behalf
      of any other Contributor, and only if You agree to indemnify,
      defend, and hold each Contributor harmless for any liability
      incurred by, or claims asserted against, such Contributor by reason
      of your accepting any such warranty or additional liability.
   END OF TERMS AND CONDITIONS
   APPENDIX: How to apply the Apache License to your work.
      To apply the Apache License to your work, attach the following
      boilerplate notice, with the fields enclosed by brackets "{}"
      replaced with your own identifying information. (Don't include
      the brackets!)  The text should be enclosed in the appropriate
      comment syntax for the file format. We also recommend that a
      file or class name and description of purpose be included on the
      same "printed page" as the copyright notice for easier
      identification within third-party archives.
   Copyright {yyyy} {name of copyright owner}
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at
       http://www.apache.org/licenses/LICENSE-2.0
   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
--- a/images/gogs/README.md
+++ b/images/gogs/README.md
 # rpi-gogs
 Gogs Docker image for Raspberry Pi. Part of [Docker Raspberry Pi Home Server](https://github.com/bingen/rpi_docker_home_server).
--- a/images/gogs/app.ini
+++ b/images/gogs/app.ini
 RUN_USER = git
 RUN_MODE = prod
 [server]
 DOMAIN = GOGS_FULL_DOMAIN
 SSH_ROOT_PATH = /data/ssh
 PROTOCOL = https
 ROOT_URL = https://GOGS_FULL_DOMAIN/
 CERT_FILE = /data/gogs/https/cert.pem
 KEY_FILE = /data/gogs/https/key.pem
 HTTP_PORT = 2443
 [database]
 DB_TYPE = mysql
 HOST = DB_HOST:3306
 NAME = GOGS_DB_NAME
 USER = GOGS_DB_USER
 PASSWD = GOGS_DB_PWD
 [repository]
 ROOT = /data/gogs/gogs-repositories
 [security]
 SECRET_KEY = GOGS_SECRET_KEY
 INSTALL_LOCK = true
 [log]
 ROOT_PATH = /data/gogs/log
 LEVEL = Warn
--- a/images/gogs/docker-entrypoint.sh
+++ b/images/gogs/docker-entrypoint.sh
 #!/bin/bash
 GOGS_FULL_DOMAIN=${GOGS_SERVER_NAME}.${GOGS_DOMAIN}
 source /etc/profile.d/gogs.sh
 # set DB root password from secret
 if [ ! -z $MYSQL_ROOT_PWD_FILE -a -f $MYSQL_ROOT_PWD_FILE ]; then
    MYSQL_ROOT_PWD=`cat $MYSQL_ROOT_PWD_FILE`;
 fi
 GOGS_DB_PWD=`openssl rand -base64 20`
 # set LDAP password from secret
 if [ ! -z $LDAP_BIND_PWD_FILE -a -f $LDAP_BIND_PWD_FILE ]; then
    LDAP_BIND_PWD=`cat $LDAP_BIND_PWD_FILE`;
 fi
 # set Admin password from secret
 if [ ! -z $GOGS_ADMIN_PWD_FILE -a -f $GOGS_ADMIN_PWD_FILE ]; then
    GOGS_ADMIN_PWD=`cat $GOGS_ADMIN_PWD_FILE`;
 fi
 # check needed variables
 if [[ -z ${DB_HOST} || -z ${GOGS_DB_NAME} \
            || -z ${GOGS_DB_USER}  || -z ${GOGS_DB_PWD} \
            || -z ${GOGS_ADMIN_PWD} || -z ${ADMIN_EMAIL} \
            || -z ${LDAP_SERVER_HOST} || -z ${LDAP_BIND_DN} \
            || -z ${LDAP_BIND_PWD} || -z ${LDAP_SEARCH_BASE} \
    ]];
 then
    echo "Missing variable! You must provide: DB_HOST, GOGS_DB_NAME, \
 GOGS_DB_USER, GOGS_DB_PWD, GOGS_ADMIN_PWD, ADMIN_EMAIL and LDAP stuff";
    echo $DB_HOST, $GOGS_DB_NAME, $GOGS_DB_USER, ${#GOGS_DB_PWD}
    echo ${#GOGS_ADMIN_PWD}, ${ADMIN_EMAIL},
    echo ${LDAP_SERVER_HOST}, ${LDAP_BIND_DN}, ${#LDAP_BIND_PWD}, ${LDAP_SEARCH_BASE}
    #env;
    exit 1;
 fi
 GOGS_PATH=${GOPATH}/src/github.com/gogs/gogs
 function check_result {
    if [ $1 != 0 ]; then
        echo "Error: $2";
        exit 1;
    fi
 }
 # ### DB setup ###
 # wait for DB to be ready
 sleep 60 # to avoid hitting it while the first start for setting root pwd
 R=111
 while [ $R -eq 111 ]; do
    mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "SHOW DATABASES"  2> /dev/null;
    R=$?;
 done
 # check if DB exists
 DB_EXISTS=$(mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "SHOW DATABASES" 2> /dev/null | grep ${GOGS_DB_NAME})
 echo DB exists: ${DB_EXISTS}
 if [ -z "${DB_EXISTS}" ]; then
    echo Creating Database
    #mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "DROP DATABASE IF EXISTS ${GOGS_DB_NAME};"
    #check_result $? "Dropping DB"
    mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "CREATE DATABASE ${GOGS_DB_NAME};"
    check_result $? "Creating DB"
 fi
 echo Creating User
 # 'IF EXISTS' for DROP USER is available from MariaDB 10.1.3 only
 mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "DROP USER ${GOGS_DB_USER};" || echo "It seems it didn't exist"
 mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "CREATE USER ${GOGS_DB_USER} IDENTIFIED BY '${GOGS_DB_PWD}';"
 check_result $? "Creating User"
 mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "GRANT ALL ON ${GOGS_DB_NAME}.* TO ${GOGS_DB_USER};"
 check_result $? "Granting permissions"
 mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "FLUSH PRIVILEGES;"
 check_result $? "Flushing privileges"
 unset MYSQL_ROOT_PWD
 # ### Start ssh server ###
 echo "Starting ssh server"
 # https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/45234
 mkdir -p /var/run/sshd
 #/usr/sbin/sshd
 service ssh start
 # SSH certs
 if [[ ! -e ${GOGS_CUSTOM}/https/cert.pem || ! -e ${GOGS_CUSTOM}/https/key.pem ]]; then
    su git -c "mkdir -p ${GOGS_CUSTOM}/https"
    su git -c "cd ${GOGS_CUSTOM}/https && ${GOGS_PATH}/gogs cert --ca=true --duration=8760h0m0s --host=${GOGS_FULL_DOMAIN} && cd -"
 fi
 # ### Conf file ###
 echo Tweaking config files
 CONF_FILE=${GOGS_CUSTOM}/conf/app.ini
 # We need to re-generate conf file because we are changing DB pwd
 #if [[ ! -e ${CONF_FILE} ]]; then
 su git -c "mkdir -p ${GOGS_CUSTOM}/conf"
 mv ${GOGS_PATH}/custom/conf/app.ini ${CONF_FILE}
 echo Setting domain
 sed -i "s/GOGS_FULL_DOMAIN/${GOGS_FULL_DOMAIN}/g" ${CONF_FILE}
 # DB conf
 echo Setting DB conf
 sed -i "s/DB_HOST/${DB_HOST}/g" ${CONF_FILE}
 sed -i "s/GOGS_DB_NAME/${GOGS_DB_NAME}/g" ${CONF_FILE}
 sed -i "s/GOGS_DB_USER/${GOGS_DB_USER}/g" ${CONF_FILE}
 sed -i "s/GOGS_DB_PWD/${GOGS_DB_PWD//\//\\/}/g" ${CONF_FILE}
 #fi
 # LDAP config
 LDAP_FILE=${GOGS_CUSTOM}/conf/auth.d/ldap.conf
 #if [[ ! -e ${CONF_FILE} ]]; then
 su git -c "mkdir -p ${GOGS_CUSTOM}/conf/auth.d"
 mv ${GOGS_PATH}/custom/conf/auth.d/ldap.conf ${LDAP_FILE}
 echo Setting LDAP conf
 sed -i "s/LDAP_SERVER_HOST/${LDAP_SERVER_HOST}/g" ${LDAP_FILE}
 sed -i "s/LDAP_BIND_DN/${LDAP_BIND_DN}/g" ${LDAP_FILE}
 sed -i "s/LDAP_BIND_PWD/${LDAP_BIND_PWD}/g" ${LDAP_FILE}
 sed -i "s/LDAP_SEARCH_BASE/${LDAP_SEARCH_BASE}/g" ${LDAP_FILE}
 #fi
 # Create admin user if DB was new
 if [ -z "${DB_EXISTS}" ]; then
    su git -c "${GOGS_PATH}/gogs admin create-user --name admin --password ${GOGS_ADMIN_PWD} --admin --email ${ADMIN_EMAIL}"
 fi
 # Rewrite authorized keys. See issue:
 # https://github.com/gogs/gogs/issues/1688#issuecomment-143265108
 # https://github.com/gogs/gogs/issues/4435
 su git -c "${GOGS_PATH}/gogs admin rewrite-authorized-keys"
 #exec "$@"
 #exec gosu git ${GOGS_PATH}/gogs web
 exec su git -c "${GOGS_PATH}/gogs web"
--- a/images/gogs/ldap.conf
+++ b/images/gogs/ldap.conf
 # LDAP authentication
 #
 id           = 101
 type         = ldap_bind_dn
 name         = LDAP BindDN
 is_activated = true
 [config]
 host               = LDAP_SERVER_HOST
 port               = 389
 # 0 - Unencrypted, 1 - LDAPS, 2 - StartTLS
 security_protocol  = 0
 skip_verify        = false
 bind_dn            = LDAP_BIND_DN
 bind_password      = LDAP_BIND_PWD
 user_base          = LDAP_SEARCH_BASE
 #user_dn            =
 attribute_username = uniqueIdentifier
 attribute_name     = givenName
 attribute_surname  = sn
 attribute_mail     = mail
 attributes_in_bind = false
 filter             = (&(objectclass=*)(|(uniqueIdentifier=%s)(mail=%s)))
 admin_filter       =
 group_enabled      = false
 group_dn           =
 group_filter       =
 group_member_uid   =
 user_uid           =
--- a/images/haproxy/haproxy.cfg
+++ b/images/haproxy/haproxy.cfg
 # https://www.haproxy.com/blog/how-to-get-ssl-with-haproxy-getting-rid-of-stunnel-stud-nginx-or-pound/
 frontend https-in
    mode http
    #bind *:443 ssl crt /etc/letsencrypt/haproxy/${NEXTCLOUD_URL}.pem crt /etc/letsencrypt/haproxy/${GOGS_URL}.pem
    #bind *:443 ssl crt /etc/letsencrypt/haproxy/${NEXTCLOUD_URL}.pem crt /etc/letsencrypt/haproxy/${GITEA_URL}.pem
    bind *:443 ssl ${HAPROXY_CERTS}
    acl letsencrypt-acl path_beg /.well-known/acme-challenge/
    #acl nextcloud-acl ssl_fc_sni ${NEXTCLOUD_URL}
    #acl gogs-acl ssl_fc_sni ${GOGS_URL}
    #acl gitea-acl ssl_fc_sni ${GITEA_URL}
    acl nextcloud-acl ssl_fc_sni_reg ^${NEXTCLOUD_SERVER_NAME}\.
    acl gogs-acl ssl_fc_sni_reg ^${GOGS_SERVER_NAME}\.
    acl gitea-acl ssl_fc_sni_reg ^${GITEA_SERVER_NAME}\.
    use_backend letsencrypt-backend if letsencrypt-acl
    use_backend nextcloud if nextcloud-acl
    use_backend gogs if gogs-acl
    use_backend gitea if gitea-acl
    default_backend nextcloud
    server nextcloud nextcloud:443 maxconn 32 check ssl verify none
 backend gogs
 backend gitea
    #redirect http to https
    #redirect scheme https if !{ ssl_fc }
    server gogs gogs:2443 maxconn 32 check ssl verify none
    server gitea gitea:2443 maxconn 32 check ssl verify none
 frontend http-in
    bind *:80
    acl letsencrypt-acl path_beg /.well-known/acme-challenge/
    #acl is_nextcloud hdr_end(host) -i ${NEXTCLOUD_URL}
    #acl is_gogs hdr_end(host) -i ${GOGS_URL}
    #acl is_gitea hdr_end(host) -i ${GITEA_URL}
    acl is_nextcloud hdr_reg(host) ^${NEXTCLOUD_SERVER_NAME}\.
    acl is_gogs hdr_reg(host) ^${GOGS_SERVER_NAME}\.
    acl is_gitea hdr_reg(host) ^${GITEA_SERVER_NAME}\.
    use_backend letsencrypt-backend if letsencrypt-acl
    use_backend nextcloud-insecure if is_nextcloud
    use_backend gogs-insecure if is_gogs
    use_backend gitea-insecure if is_gitea
    default_backend pihole-insecure
 backend nextcloud-insecure
    server nextcloud nextcloud:80 maxconn 32
 backend gogs-insecure
    server gogs gogs:2080 maxconn 32
 backend gitea-insecure
    server gitea gitea:2080 maxconn 32
 backend pihole-insecure
    server pihole pihole:80 maxconn 32
--- a/images/haproxy/startup.sh
+++ b/images/haproxy/startup.sh
 # Get Let's Encrypt certificates
 HAPROXY_CERTS=""
 for domain in ${DOMAINS}; do
    for server_name in ${NEXTCLOUD_SERVER_NAME} ${GOGS_SERVER_NAME}; do
    for server_name in ${NEXTCLOUD_SERVER_NAME} ${GITEA_SERVER_NAME}; do
        _URL=${server_name}.${domain};
        echo ${_URL}
        HAPROXY_CERTS="${HAPROXY_CERTS} crt /etc/letsencrypt/haproxy/${_URL}.pem";
 done
 #sed -i "s/\${NEXTCLOUD_URL}/${NEXTCLOUD_URL}/g" $CFG_FILE
 #sed -i "s/\${GOGS_URL}/${GOGS_URL}/g" $CFG_FILE
 #sed -i "s/\${GITEA_URL}/${GITEA_URL}/g" $CFG_FILE
 sed -i "s/\${NEXTCLOUD_SERVER_NAME}/${NEXTCLOUD_SERVER_NAME}/g" $CFG_FILE
 sed -i "s/\${GOGS_SERVER_NAME}/${GOGS_SERVER_NAME}/g" $CFG_FILE
 sed -i "s/\${GITEA_SERVER_NAME}/${GITEA_SERVER_NAME}/g" $CFG_FILE
 echo sed -i "s/\${HAPROXY_CERTS}/${HAPROXY_CERTS}/g" ${CFG_FILE}
 sed -i "s/\${HAPROXY_CERTS}/${HAPROXY_CERTS//\//\\/}/g" ${CFG_FILE}
 cat ${CFG_FILE}
 #cat ${CFG_FILE}
 echo Killing haproxy `cat /tmp/haproxy.pid`
 kill -SIGTERM `cat /tmp/haproxy.pid`
--- a/images/openldap/data/serviceimport_gitea.ldif
+++ b/images/openldap/data/serviceimport_gitea.ldif
 # gitea
 dn: uid=${LDAP_GITEA_UID},ou=services,dc=${LDAP_ORGANIZATION},dc=${LDAP_EXTENSION}
 objectClass: simpleSecurityObject
 objectClass: account
 objectClass: top
 uid: ${LDAP_GITEA_UID}
 userPassword: ${LDAP_GITEA_PWD}
--- a/images/openldap/data/serviceimport_gogs.ldif
+++ b/images/openldap/data/serviceimport_gogs.ldif
 # gogs
 dn: uid=${LDAP_GOGS_UID},ou=services,dc=${LDAP_ORGANIZATION},dc=${LDAP_EXTENSION}
 objectClass: simpleSecurityObject
 objectClass: account
 objectClass: top
 uid: ${LDAP_GOGS_UID}
 userPassword: ${LDAP_GOGS_PWD}
--- a/images/openldap/startup.sh
+++ b/images/openldap/startup.sh
 if [ ! -z $LDAP_NEXTCLOUD_PWD_FILE -a -f $LDAP_NEXTCLOUD_PWD_FILE ]; then
    LDAP_NEXTCLOUD_PWD=`cat $LDAP_NEXTCLOUD_PWD_FILE`;
 fi
 if [ ! -z $LDAP_GOGS_PWD_FILE -a -f $LDAP_GOGS_PWD_FILE ]; then
    LDAP_GOGS_PWD=`cat $LDAP_GOGS_PWD_FILE`;
 if [ ! -z $LDAP_GITEA_PWD_FILE -a -f $LDAP_GITEA_PWD_FILE ]; then
    LDAP_GITEA_PWD=`cat $LDAP_GITEA_PWD_FILE`;
 fi
 echo slapd slapd/internal/generated_adminpw password ${LDAP_ADMIN_PWD} | debconf-set-selections \
    sed -i "s/\${VOLUMES_PATH}/${VOLUMES_PATH//\//\\/}/g" $1
    sed -i "s/\${LDAP_MAIL_UID}/${LDAP_MAIL_UID}/g" $1
    sed -i "s/\${LDAP_NEXTCLOUD_UID}/${LDAP_NEXTCLOUD_UID}/g" $1
    sed -i "s/\${LDAP_GOGS_UID}/${LDAP_GOGS_UID}/g" $1
    sed -i "s/\${LDAP_GITEA_UID}/${LDAP_GITEA_UID}/g" $1
    sed -i "s/\${LDAP_MAIL_PWD}/${LDAP_MAIL_PWD}/g" $1
    sed -i "s/\${LDAP_NEXTCLOUD_PWD}/${LDAP_NEXTCLOUD_PWD}/g" $1
    sed -i "s/\${LDAP_GOGS_PWD}/${LDAP_GOGS_PWD}/g" $1
    sed -i "s/\${LDAP_GITEA_PWD}/${LDAP_GITEA_PWD}/g" $1
 }
 ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/data/_postfix-book.ldif
 for i in `ls /tmp/data/[^_]*.ldif`; do
--- a/openldap.env.template
+++ b/openldap.env.template
 LDAP_MAIL_PWD_FILE=/run/secrets/mail_pwd
 LDAP_NEXTCLOUD_UID=${LDAP_NEXTCLOUD_UID}
 LDAP_NEXTCLOUD_PWD_FILE=/run/secrets/nextcloud_pwd
 LDAP_GOGS_UID=${LDAP_GOGS_UID}
 LDAP_GOGS_PWD_FILE=/run/secrets/gogs_pwd
 LDAP_GITEA_UID=${LDAP_GITEA_UID}
 LDAP_GITEA_PWD_FILE=/run/secrets/gitea_pwd
 DEBUG_LEVEL=0
 #BKP_FILE=/tmp/ldap_bkp.ldif
 LDAP_BACKEND="hdb"
--- a/setup.sh
+++ b/setup.sh
 #PWD_GEN='openssl rand -base64 20'
 DEFAULT_LDAP_MAIL_UID='mail'
 DEFAULT_LDAP_NEXTCLOUD_UID='nextcloud'
 DEFAULT_LDAP_GOGS_UID='gogs'
 DEFAULT_LDAP_GITEA_UID='git'
 read -p "Main domain: " domain
 while [[ ! $domain =~ ^.*\.[a-z]{2,}$ ]]; do
    ldap_nextcloud_pwd=`eval "$PWD_GEN"`
 fi
 read -p "LDAP Gogs Bind DN uid ($DEFAULT_LDAP_GOGS_UID): " ldap_gogs_uid
 if [[ ${#ldap_gogs_uid} -eq 0 ]]; then
    ldap_gogs_uid=$DEFAULT_LDAP_GOGS_UID
 read -p "LDAP Gitea Bind DN uid ($DEFAULT_LDAP_GITEA_UID): " ldap_gitea_uid
 if [[ ${#ldap_gitea_uid} -eq 0 ]]; then
    ldap_gitea_uid=$DEFAULT_LDAP_GITEA_UID
 fi
 read -p "LDAP Gogs Bind DN Pwd (a random one will be generated if empty): " ldap_gogs_pwd
 if [[ ${#ldap_gogs_pwd} -eq 0 ]]; then
    ldap_gogs_pwd=`eval "$PWD_GEN"`
 read -p "LDAP Gitea Bind DN Pwd (a random one will be generated if empty): " ldap_gitea_pwd
 if [[ ${#ldap_gitea_pwd} -eq 0 ]]; then
    ldap_gitea_pwd=`eval "$PWD_GEN"`
 fi
 read -p "Nextcloud Admin User Pwd (a random one will be generated if empty): " nextcloud_admin_pwd
    nextcloud_admin_pwd=`eval "$PWD_GEN"`
 fi
 read -p "Gogs Admin User Pwd (a random one will be generated if empty): " gogs_admin_pwd
 if [[ ${#gogs_admin_pwd} -eq 0 ]]; then
    gogs_admin_pwd=`eval "$PWD_GEN"`
 read -p "Gitea Admin User Pwd (a random one will be generated if empty): " gitea_admin_pwd
 if [[ ${#gitea_admin_pwd} -eq 0 ]]; then
    gitea_admin_pwd=`eval "$PWD_GEN"`
 fi
 read -p "Pi-Hole Web User Pwd (a random one will be generated if empty): " pihole_web_pwd
 echo Your Volumes path is:                 $volumes
 echo Your LDAP Mail Bind DN Uid is:        $ldap_mail_uid
 echo Your LDAP Nextcloud Bind DN Uid is:   $ldap_nextcloud_uid
 echo Your LDAP Gogs Bind DN Uid is:        $ldap_gogs_uid
 echo Your LDAP Gitea Bind DN Uid is:       $ldap_gitea_uid
 echo Your Admin email. Let\'s Encrypt...:  $admin_email
 echo Your Paperless Web Server User:       $paperless_webserver_user
 echo Your SFTP User:                       $paperless_ftp_user
 echo $ldap_pwd | docker secret create ldap_pwd -
 echo $ldap_mail_pwd | docker secret create ldap_mail_pwd -
 echo $ldap_nextcloud_pwd | docker secret create ldap_nextcloud_pwd -
 echo $ldap_gogs_pwd | docker secret create ldap_gogs_pwd -
 echo $ldap_gitea_pwd | docker secret create ldap_gitea_pwd -
 echo $nextcloud_admin_pwd | docker secret create nextcloud_admin_pwd -
 echo $nextcloud_salt | docker secret create nextcloud_salt -
 echo $nextcloud_secret | docker secret create nextcloud_secret -
 #echo $paperless_webserver_pwd | docker secret create paperless_webserver_pwd -
 #echo $paperless_passphrase | docker secret create paperless_passphrase -
 echo $paperless_ftp_pwd | docker secret create paperless_ftp_pwd -
 echo $gogs_admin_pwd | docker secret create gogs_admin_pwd -
 echo $gitea_admin_pwd | docker secret create gitea_admin_pwd -
 #echo $pihole_web_pwd | docker secret create pihole_web_pwd -
 sed -i "s/\${PIHOLE_WEB_PWD}/${pihole_web_pwd}/g" pihole.env
 cp haproxy.env.template haproxy.env
 cp paperless.env.template paperless.env
 cp sftp.env.template sftp.env
 cp gogs.env.template gogs.env
 cp gitea.env.template gitea.env
 cp pihole.env.template pihole.env
 # IP for Pi-Hole
    sed -i "s/\${VOLUMES_PATH}/${volumes//\//\\/}/g" $i
    sed -i "s/\${LDAP_MAIL_UID}/${ldap_mail_uid}/g" $i
    sed -i "s/\${LDAP_NEXTCLOUD_UID}/${ldap_nextcloud_uid}/g" $i
    sed -i "s/\${LDAP_GOGS_UID}/${ldap_gogs_uid}/g" $i
    sed -i "s/\${LDAP_GITEA_UID}/${ldap_gitea_uid}/g" $i
    sed -i "s/\${ADMIN_EMAIL}/${admin_email}/g" $i
    sed -i "s/\${PAPERLESS_WEBSERVER_USER}/${paperless_webserver_user}/g" $i
    sed -i "s/\${PAPERLESS_FTP_USER}/${paperless_ftp_user}/g" $i
 echo "NEXTCLOUD_DB_BACKUP=${NEXTCLOUD_DATA_PATH}/nextcloud_db_backup.sql" >> nextcloud.env
 echo "NEXTCLOUD_DATA_PATH=${NEXTCLOUD_DATA_PATH}" >> nextcloud.env
 echo "NEXTCLOUD_BACKUP_PATH=${NEXTCLOUD_BACKUP_PATH}" >> nextcloud.env
 echo "" >> gitea.env
 echo "GITEA_SERVER_NAME=${GITEA_SERVER_NAME}" >> gitea.env
 echo "GITEA_HTTP_PORT=${GITEA_HTTP_PORT}" >> gitea.env
 echo "" >> paperless.env
 echo "PAPERLESS_CONSUMPTION_DIR=${PAPERLESS_CONSUMPTION_PATH}" >> paperless.env
 echo "PAPERLESS_EXPORT_DIR=${PAPERLESS_EXPORT_PATH}" >> paperless.env
 sudo mkdir -p ${PAPERLESS_MEDIA_VOLUME_PATH}
 sudo mkdir -p ${PAPERLESS_CONSUMPTION_VOLUME_PATH}
 sudo mkdir -p ${PAPERLESS_EXPORT_VOLUME_PATH}
 # gogs
 sudo mkdir -p ${GOGS_DATA_VOLUME_PATH}
 # gitea
 sudo mkdir -p ${GITEA_DATA_VOLUME_PATH}
 # Pi-Hole
 sudo mkdir -p ${PIHOLE_CONFIG_VOLUME_PATH}
 sudo mkdir -p ${PIHOLE_DNSMASQ_VOLUME_PATH}
--- a/setup_noswarm.sh
+++ b/setup_noswarm.sh
 #PWD_GEN='openssl rand -base64 20'
 DEFAULT_LDAP_MAIL_UID='mail'
 DEFAULT_LDAP_NEXTCLOUD_UID='nextcloud'
 DEFAULT_LDAP_GOGS_UID='gogs'
 DEFAULT_LDAP_GITEA_UID='git'
 # main domain
 read -p "Add main domain: " domain
    ldap_nextcloud_pwd=`eval "$PWD_GEN"`
 fi
 read -p "LDAP Gogs Bind DN uid ($DEFAULT_LDAP_GOGS_UID): " ldap_gogs_uid
 if [[ ${#ldap_gogs_uid} -eq 0 ]]; then
    ldap_gogs_uid=$DEFAULT_LDAP_GOGS_UID
 read -p "LDAP Gitea Bind DN uid ($DEFAULT_LDAP_GITEA_UID): " ldap_gitea_uid
 if [[ ${#ldap_gitea_uid} -eq 0 ]]; then
    ldap_gitea_uid=$DEFAULT_LDAP_GITEA_UID
 fi
 read -p "LDAP Gogs Bind DN Pwd (a random one will be generated if empty): " ldap_gogs_pwd
 if [[ ${#ldap_gogs_pwd} -eq 0 ]]; then
    ldap_gogs_pwd=`eval "$PWD_GEN"`
 read -p "LDAP Gitea Bind DN Pwd (a random one will be generated if empty): " ldap_gitea_pwd
 if [[ ${#ldap_gitea_pwd} -eq 0 ]]; then
    ldap_gitea_pwd=`eval "$PWD_GEN"`
 fi
 read -p "Nextcloud Admin User Pwd (a random one will be generated if empty): " nextcloud_admin_pwd
    nextcloud_admin_pwd=`eval "$PWD_GEN"`
 fi
 read -p "Gogs Admin User Pwd (a random one will be generated if empty): " gogs_admin_pwd
 if [[ ${#gogs_admin_pwd} -eq 0 ]]; then
    gogs_admin_pwd=`eval "$PWD_GEN"`
 read -p "Gitea Admin User Pwd (a random one will be generated if empty): " gitea_admin_pwd
 if [[ ${#gitea_admin_pwd} -eq 0 ]]; then
    gitea_admin_pwd=`eval "$PWD_GEN"`
 fi
 read -p "Pi-Hole Web User Pwd (a random one will be generated if empty): " pihole_web_pwd
 echo Your Volumes path is:                 $volumes
 echo Your LDAP Mail Bind DN Uid is:        $ldap_mail_uid
 echo Your LDAP Nextcloud Bind DN Uid is:   $ldap_nextcloud_uid
 echo Your LDAP Gogs Bind DN Uid is:        $ldap_gogs_uid
 echo Your LDAP Gitea Bind DN Uid is:       $ldap_gitea_uid
 echo Your Admin email. Let\'s Encrypt...:  $admin_email
 echo Your Paperless Web Server User:       $paperless_webserver_user
 echo Your SFTP User:                       $paperless_ftp_user
 cp haproxy.env.template haproxy.env
 cp paperless.env.template paperless.env
 cp sftp.env.template sftp.env
 cp gogs.env.template gogs.env
 cp gitea.env.template gitea.env
 cp pihole.env.template pihole.env
 chmod 600 *.env
 # Passwords
 echo MYSQL_ROOT_PWD=$db_pwd >> mariadb.env
 echo MYSQL_ROOT_PWD=$db_pwd >> nextcloud.env
 echo MYSQL_ROOT_PWD=$db_pwd >> gogs.env
 echo LDAP_ADMIN_PWD=$ldap_pwd >> openldap.env
 echo LDAP_MAIL_PWD=$ldap_mail_pwd >> openldap.env
 echo LDAP_NEXTCLOUD_PWD=$ldap_nextcloud_pwd >> openldap.env
 echo LDAP_GOGS_PWD=$ldap_gogs_pwd >> openldap.env
 echo LDAP_GITEA_PWD=$ldap_gitea_pwd >> openldap.env
 echo LDAP_BIND_PWD=$ldap_mail_pwd >> mail.env
 echo LDAP_BIND_PWD=$ldap_nextcloud_pwd >> nextcloud.env
 echo LDAP_BIND_PWD=$ldap_gogs_pwd >> gogs.env
 echo LDAP_BIND_PWD=$ldap_gitea_pwd >> gitea.env
 echo NEXTCLOUD_ADMIN_PWD=$nextcloud_admin_pwd >> nextcloud.env
 echo NEXTCLOUD_SALT=$nextcloud_salt >> nextcloud.env
 #echo PAPERLESS_WEBSERVER_PWD=$paperless_webserver_pwd >> paperless.env
 #echo PAPERLESS_PASSPHRASE=$paperless_passphrase >> paperless.env
 echo PAPERLESS_FTP_PWD=$paperless_ftp_pwd >> sftp.env
 echo GOGS_ADMIN_PWD=$gogs_admin_pwd >> gogs.env
 echo GITEA_ADMIN_PWD=$gitea_admin_pwd >> gitea.env
 #echo $pihole_web_pwd | docker secret create pihole_web_pwd -
 sed -i "s/\${PIHOLE_WEB_PWD}/${pihole_web_pwd}/g" pihole.env
    sed -i "s/\${VOLUMES_PATH}/${volumes//\//\\/}/g" $i
    sed -i "s/\${LDAP_MAIL_UID}/${ldap_mail_uid}/g" $i
    sed -i "s/\${LDAP_NEXTCLOUD_UID}/${ldap_nextcloud_uid}/g" $i
    sed -i "s/\${LDAP_GOGS_UID}/${ldap_gogs_uid}/g" $i
    sed -i "s/\${LDAP_GITEA_UID}/${ldap_gitea_uid}/g" $i
    sed -i "s/\${ADMIN_EMAIL}/${admin_email}/g" $i
    sed -i "s/\${PAPERLESS_WEBSERVER_USER}/${paperless_webserver_user}/g" $i
    sed -i "s/\${PAPERLESS_FTP_USER}/${paperless_ftp_user}/g" $i
 echo "NEXTCLOUD_DB_BACKUP=${NEXTCLOUD_DATA_PATH}/nextcloud_db_backup.sql" >> nextcloud.env
 echo "NEXTCLOUD_DATA_PATH=${NEXTCLOUD_DATA_PATH}" >> nextcloud.env
 echo "NEXTCLOUD_BACKUP_PATH=${NEXTCLOUD_BACKUP_PATH}" >> nextcloud.env
 echo "" >> gogs.env
 echo "GOGS_SERVER_NAME=${GOGS_SERVER_NAME}" >> gogs.env
 echo "" >> gitea.env
 echo "GITEA_SERVER_NAME=${GITEA_SERVER_NAME}" >> gitea.env
 echo "GITEA_HTTP_PORT=${GITEA_HTTP_PORT}" >> gitea.env
 echo "" >> paperless.env
 echo "PAPERLESS_CONSUMPTION_DIR=${PAPERLESS_CONSUMPTION_PATH}" >> paperless.env
 echo "PAPERLESS_EXPORT_DIR=${PAPERLESS_EXPORT_PATH}" >> paperless.env
 echo "PAPERLESS_CONSUMPTION_DIR=${PAPERLESS_CONSUMPTION_PATH}" >> sftp.env
 echo "" >> haproxy.env
 echo "NEXTCLOUD_SERVER_NAME=${NEXTCLOUD_SERVER_NAME}" >> haproxy.env
 echo "GOGS_SERVER_NAME=${GOGS_SERVER_NAME}" >> haproxy.env
 echo "GITEA_SERVER_NAME=${GITEA_SERVER_NAME}" >> haproxy.env
 echo $'\E[33m'
 echo "//////////////////////////////////////////////////"
 sudo mkdir -p ${PAPERLESS_MEDIA_VOLUME_PATH}
 sudo mkdir -p ${PAPERLESS_CONSUMPTION_VOLUME_PATH}
 sudo mkdir -p ${PAPERLESS_EXPORT_VOLUME_PATH}
 # gogs
 sudo mkdir -p ${GOGS_DATA_VOLUME_PATH}
 # gitea
 sudo mkdir -p ${GITEA_DATA_VOLUME_PATH}
 # Pi-Hole
 sudo mkdir -p ${PIHOLE_CONFIG_VOLUME_PATH}
 sudo mkdir -p ${PIHOLE_DNSMASQ_VOLUME_PATH}

		# rpi-gogs

		Gogs Docker image for Raspberry Pi. Part of [Docker Raspberry Pi Home Server](https://github.com/bingen/rpi_docker_home_server).