v0.41.0: first-boot base-infra bring-up + self-heal (+ Section-G mount fix)
New internal/infra package renders traefik/cloudflared/filebrowser from config (pinned images, single source of truth; web filebrowser path delegates here). stacks.EnsureBaseStack deploys the traefik-public network + the three stacks, single-flight + idempotent + non-fatal; wired to first boot and every health tick. monitor.EffectiveProtected drops cloudflared when no tunnel token. Section-G fix lives in felhom-agent build-golden.sh (same-path stacks bind). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -13,6 +13,7 @@ import (
|
||||
|
||||
"gitea.dooplex.hu/admin/felhom-controller/internal/backup"
|
||||
"gitea.dooplex.hu/admin/felhom-controller/internal/crypto"
|
||||
"gitea.dooplex.hu/admin/felhom-controller/internal/infra"
|
||||
"gitea.dooplex.hu/admin/felhom-controller/internal/scheduler"
|
||||
"gitea.dooplex.hu/admin/felhom-controller/internal/settings"
|
||||
"gitea.dooplex.hu/admin/felhom-controller/internal/stacks"
|
||||
@@ -1378,115 +1379,15 @@ func (s *Server) syncFileBrowserMounts(resetDBOnChange bool) {
|
||||
}
|
||||
}
|
||||
|
||||
// generateFileBrowserCompose returns a FileBrowser docker-compose.yml string
|
||||
// with the given domain and storage volume mount lines.
|
||||
// generateFileBrowserCompose returns a FileBrowser docker-compose.yml string with the given domain
|
||||
// and storage volume-mount lines. Delegates to internal/infra (the single source of truth — so the
|
||||
// pinned image and the base-infra bring-up path can never diverge).
|
||||
func generateFileBrowserCompose(domain string, storageMounts []string) string {
|
||||
storageSection := ""
|
||||
if len(storageMounts) > 0 {
|
||||
storageSection = "\n # Storage paths (auto-generated by felhom-controller)\n" +
|
||||
strings.Join(storageMounts, "\n")
|
||||
}
|
||||
|
||||
return fmt.Sprintf(`# FileBrowser Quantum — Infrastructure file manager
|
||||
# Domain: files.%s
|
||||
# Deployed by docker-setup.sh — managed by felhom-controller
|
||||
# WARNING: Volume mounts are auto-generated. Manual edits will be overwritten.
|
||||
|
||||
services:
|
||||
filebrowser:
|
||||
image: gtstef/filebrowser:latest
|
||||
container_name: filebrowser
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- TZ=Europe/Budapest
|
||||
- FILEBROWSER_CONFIG=/home/filebrowser/config.yaml
|
||||
volumes:
|
||||
- filebrowser_data:/home/filebrowser/data
|
||||
- ./config.yaml:/home/filebrowser/config.yaml:ro%s
|
||||
networks:
|
||||
- traefik-public
|
||||
deploy:
|
||||
resources:
|
||||
limits:
|
||||
memory: 256M
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "--spider", "-q", "http://localhost:80/"]
|
||||
interval: 30s
|
||||
timeout: 5s
|
||||
retries: 3
|
||||
start_period: 15s
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.filebrowser.rule=Host(`+"`"+`files.%s`+"`"+`)"
|
||||
- "traefik.http.routers.filebrowser.entrypoints=websecure"
|
||||
- "traefik.http.routers.filebrowser.tls=true"
|
||||
- "traefik.http.services.filebrowser.loadbalancer.server.port=80"
|
||||
- "traefik.docker.network=traefik-public"
|
||||
|
||||
volumes:
|
||||
filebrowser_data:
|
||||
|
||||
networks:
|
||||
traefik-public:
|
||||
external: true
|
||||
`, domain, storageSection, domain)
|
||||
return infra.RenderFileBrowserCompose(domain, storageMounts)
|
||||
}
|
||||
|
||||
// generateFileBrowserConfig returns a FileBrowser Quantum config.yaml with
|
||||
// a separate source per registered storage path. Each source appears as a
|
||||
// named sidebar entry in the FileBrowser UI.
|
||||
// generateFileBrowserConfig returns a FileBrowser Quantum config.yaml with a separate source per
|
||||
// registered storage path. Delegates to internal/infra (single source of truth).
|
||||
func generateFileBrowserConfig(paths []settings.StoragePath) string {
|
||||
var sources string
|
||||
if len(paths) == 0 {
|
||||
sources = ` - path: "/srv"
|
||||
`
|
||||
} else {
|
||||
for _, sp := range paths {
|
||||
mountName := filepath.Base(sp.Path)
|
||||
label := sp.Label
|
||||
if label == "" {
|
||||
label = mountName
|
||||
}
|
||||
sources += fmt.Sprintf(" - path: \"/srv/%s\"\n name: %q\n config:\n defaultEnabled: true\n", mountName, label)
|
||||
}
|
||||
}
|
||||
|
||||
return fmt.Sprintf(`# FileBrowser Quantum — managed by felhom-controller
|
||||
# WARNING: This file is auto-generated. Manual edits will be overwritten.
|
||||
|
||||
server:
|
||||
port: 80
|
||||
baseURL: "/"
|
||||
database: "/home/filebrowser/data/database.db"
|
||||
logging:
|
||||
- levels: "info|warning|error"
|
||||
sources:
|
||||
%suserDefaults:
|
||||
stickySidebar: true
|
||||
darkMode: true
|
||||
viewMode: "normal"
|
||||
showHidden: false
|
||||
dateFormat: false
|
||||
gallerySize: 3
|
||||
themeColor: "var(--blue)"
|
||||
preview:
|
||||
disableHideSidebar: false
|
||||
highQuality: true
|
||||
image: true
|
||||
video: true
|
||||
motionVideoPreview: true
|
||||
office: true
|
||||
popup: true
|
||||
autoplayMedia: true
|
||||
folder: true
|
||||
permissions:
|
||||
api: false
|
||||
admin: false
|
||||
modify: false
|
||||
share: false
|
||||
realtime: false
|
||||
delete: false
|
||||
create: false
|
||||
download: true
|
||||
`, sources)
|
||||
return infra.RenderFileBrowserConfig(paths)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user