safebox/default-applications-tree
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add firewall configuration files for Leantime services

Browse Source
This commit is contained in:
gyurix
2025-08-14 17:30:29 +02:00
parent fbb8934b2d
commit 8e61ae53e3
5 changed files with 545 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
leantime/firewall-leantime-dns.json Normal file
View File

@@ -0,0 +1,76 @@
{
"main": {
"SERVICE_NAME": "firewalls",
"DOMAIN": "null"
},
"containers": [
{
"IMAGE": "safebox/firewall",
"UPDATE": "true",
"NAME": "firewall",
"MEMORY": "64M",
"NETWORK": "host",
"SCALE": "0",
"VOLUMES": [
{
"SOURCE": "/run/",
"DEST": "/run/",
"TYPE": "rw"
},
{
"SOURCE": "/etc/user/config/services",
"DEST": "/services",
"TYPE": "ro"
},
{
"SOURCE": "/etc/system/data/dns/hosts.local",
"DEST": "/etc/dns/hosts.local",
"TYPE": "ro"
},
{
"SOURCE": "/var/run/docker.sock",
"DEST": "/var/run/docker.sock",
"TYPE": "rw"
}
],
"PORTS": [],
"READYNESS": [
{
"tcp": ""
},
{
"HTTP": ""
},
{
"EXEC": "/ready.sh"
}
],
"ENVS": [
{
"CHAIN": "DOCKER-USER"
},
{
"SOURCE": "leantimeapp"
},
{
"TARGET": "coredns"
},
{
"TYPE": "udp"
},
{
"TARGET_PORT": "53"
},
{
"COMMENT": "leantime nginx access for local dns"
}
],
"EXTRA": "--privileged --rm",
"DEPEND": "null",
"START_ON_BOOT": "false",
"CMD": "",
"PRE_START": [],
"POST_START": []
}
]
}

75
leantime/firewall-leantime-smtp.json Normal file
View File

@@ -0,0 +1,75 @@
{
"main": {
"SERVICE_NAME": "firewalls",
"DOMAIN": "null"
},
"containers": [
{
"IMAGE": "safebox/firewall",
"NAME": "firewall",
"MEMORY": "64M",
"NETWORK": "host",
"SCALE": "0",
"VOLUMES": [
{
"SOURCE": "/run/",
"DEST": "/run/",
"TYPE": "rw"
},
{
"SOURCE": "/etc/user/config/services",
"DEST": "/services",
"TYPE": "ro"
},
{
"SOURCE": "/etc/system/data/dns/hosts.local",
"DEST": "/etc/dns/hosts.local",
"TYPE": "ro"
},
{
"SOURCE": "/var/run/docker.sock",
"DEST": "/var/run/docker.sock",
"TYPE": "rw"
}
],
"PORTS": [],
"READYNESS": [
{
"tcp": ""
},
{
"HTTP": ""
},
{
"EXEC": "/ready.sh"
}
],
"ENVS": [
{
"CHAIN": "DOCKER-USER"
},
{
"SOURCE": "leantime-app"
},
{
"TARGET": "smtp"
},
{
"TYPE": "tcp"
},
{
"TARGET_PORT": "25"
},
{
"COMMENT": "leantime to smtp"
}
],
"EXTRA": "--privileged --rm",
"DEPEND": "null",
"START_ON_BOOT": "false",
"CMD": "null",
"PRE_START": "null",
"POST_START": "null"
}
]
}

75
leantime/firewall-leantime.json Normal file
View File

@@ -0,0 +1,75 @@
{
"main": {
"SERVICE_NAME": "firewalls",
"DOMAIN": "null"
},
"containers": [
{
"IMAGE": "safebox/firewall",
"NAME": "firewall",
"MEMORY": "64M",
"NETWORK": "host",
"SCALE": "0",
"VOLUMES": [
{
"SOURCE": "/run/",
"DEST": "/run/",
"TYPE": "rw"
},
{
"SOURCE": "/etc/user/config/services",
"DEST": "/services",
"TYPE": "ro"
},
{
"SOURCE": "/etc/system/data/dns/hosts.local",
"DEST": "/etc/dns/hosts.local",
"TYPE": "ro"
},
{
"SOURCE": "/var/run/docker.sock",
"DEST": "/var/run/docker.sock",
"TYPE": "rw"
}
],
"PORTS": [],
"READYNESS": [
{
"tcp": ""
},
{
"HTTP": ""
},
{
"EXEC": "/ready.sh"
}
],
"ENVS": [
{
"CHAIN": "DOCKER-USER"
},
{
"SOURCE": "smarthostbackend"
},
{
"TARGET": "leantime-app"
},
{
"TYPE": "tcp"
},
{
"TARGET_PORT": "80"
},
{
"COMMENT": "leantime"
}
],
"EXTRA": "--privileged --rm",
"DEPEND": "null",
"START_ON_BOOT": "false",
"CMD": "null",
"PRE_START": "null",
"POST_START": "null"
}
]
}

17
leantime/leantime-secret.json Normal file
View File

@@ -0,0 +1,17 @@
{
"leantimemysql": {
"MARIADB_DATABASE": "#DB_MYSQL",
"MARIADB_USER": "#DB_USER",
"MARIADB_PASSWORD": "#DB_PASSWORD",
"MARIADB_ROOT_PASSWORD": "#DB_ROOT_PASSWORD"
},
"leantimeapp": {
"LEAN_DB_USER": "#DB_USER",
"LEAN_DB_PASSWORD": "#DB_PASSWORD",
"LEAN_DB_HOST": "leantimemysql-db",
"LEAN_DB_DATABASE": "#DB_MYSQL",
"LEAN_OIDC_CLIENT_SECRET": "#OIDC_CLIENT_SECRET",
"LEAN_S3_SECRET": "#S3_SECRET",
"LEAN_SESSION_PASSWORD": "#SESSION_PASSWORD"
}
}

302
leantime/service-leantime.json Normal file
View File

@@ -0,0 +1,302 @@
{
"main": {
"SERVICE_NAME": "leantime",
"DOMAIN": "#DOMAIN"
},
"containers": [
{
"IMAGE": "alpine:latest",
"UPDATE": "true",
"NAME": "leantime",
"NETWORK": "host",
"MEMORY": "64M",
"VOLUMES": [
{
"SOURCE": "USER_DATA",
"DEST": "/etc/user/data",
"TYPE": "rw"
},
{
"SOURCE": "SYSTEM_DATA",
"DEST": "/etc/system/data",
"TYPE": "rw"
},
{
"SOURCE": "SYSTEM_LOG",
"DEST": "/etc/system/log",
"TYPE": "rw"
}
],
"ENV_FILES": [
"/etc/user/secret/leantime/leantime.json"
],
"EXTRA": "--rm",
"DEPEND": "null",
"START_ON_BOOT": "false",
"ENTRYPOINT": "sh -c",
"CMD": "mkdir -p /etc/user/data/leantime/db && mkdir -p /etc/system/log/leantime/db && mkdir -p /etc/user/data/leantime/data/plugins && mkdir -p /etc/user/data/leantime/data/public && mkdir -p /etc/user/data/leantime/data/user && chmod 770 -R /etc/user/data/leantime/data && chown -R 82:82 /etc/user/data/leantime/data",
"PRE_START": "null",
"POST_START": "null"
},
{
"IMAGE": "mariadb:latest",
"UPDATE": "true",
"NAME": "leantimemysql-db",
"MEMORY": "256M",
"NETWORK": "leantime-net",
"SELECTOR": "leantimemysql",
"VOLUMES": [
{
"SOURCE": "/etc/user/data/leantime/db",
"DEST": "/var/lib/mysql",
"TYPE": "rw"
},
{
"SOURCE": "/etc/system/log/leantime/db",
"DEST": "/var/lib/mysql/mysql-bin",
"TYPE": "rw"
}
],
"PORTS": [
{
"SOURCE": "null",
"DEST": "3306",
"TYPE": "tcp"
}
],
"READYNESS": [
{
"tcp": "3306"
},
{
"HTTP": ""
},
{
"EXEC": "/ready.sh"
}
],
"ENV_FILES": [
"/etc/user/secret/leantime/leantime.json"
],
"EXTRA": "--restart always",
"DEPEND": "null",
"START_ON_BOOT": "false",
"CMD": "null",
"PRE_START": "null",
"POST_START": "null"
},
{
"IMAGE": "leantime/leantime:latest",
"UPDATE": "true",
"NAME": "leantimeapp",
"MEMORY": "1024M",
"NETWORK": "leantime-net",
"SELECTOR": "leantime-app",
"DNS": [
"coredns"
],
"VOLUMES": [
{
"SOURCE": "/etc/user/data/leantime/data/public",
"DEST": "/var/www/html/public/userfiles",
"TYPE": "rw"
},
{
"SOURCE": "/etc/user/data/leantime/data/user",
"DEST": "/var/www/html/userfiles",
"TYPE": "rw"
},
{
"SOURCE": "/etc/user/data/leantime/data/plugins",
"DEST": "/var/www/html/app/Plugins",
"TYPE": "rw"
}
],
"PORTS": [
{
"SOURCE": "null",
"DEST": "80",
"TYPE": "tcp"
}
],
"READYNESS": [
{
"tcp": ""
},
{
"HTTP": ""
},
{
"EXEC": "/ready.sh"
}
],
"ENVS": [
{
"LEAN_RATELIMIT_GENERAL": "1000"
},
{
"LEAN_RATELIMIT_API": "10"
},
{
"LEAN_RATELIMIT_AUTH": "20"
},
{
"LEAN_LDAP_USE_LDAP": "false"
},
{
"LEAN_USER_FILE_PATH": "userfiles/"
},
{
"LEAN_PORT": "80"
},
{
"LEAN_APP_URL": "https://#DOMAIN"
},
{
"LEAN_APP_DIR": "leantime/"
},
{
"LEAN_DEBUG": "DEBUG"
},
{
"LEAN_SITENAME": "#LEANTIME_SITENAME"
},
{
"LEAN_LANGUAGE": "#LEANTIME_LANG"
},
{
"LEAN_DEFAULT_TIMEZONE": "#LEANTIME_TZ"
},
{
"LEAN_LOG_PATH": "log/"
},
{
"LEAN_DISABLE_LOGIN_FORM": "false"
},
{
"LEAN_SESSION_EXPIRATION": "#SESSION_EXPIRATION"
},
{
"LEAN_SESSION_SECURE": "#SESSION_SECURITY"
},
{
"LEAN_EMAIL_RETURN": ""
},
{
"LEAN_EMAIL_USE_SMTP": "true"
},
{
"LEAN_EMAIL_SMTP_HOSTS": "#LEANTIME_SMTP"
},
{
"LEAN_EMAIL_SMTP_AUTH": "false"
},
{
"LEAN_EMAIL_SMTP_USERNAME": ""
},
{
"LEAN_EMAIL_SMTP_PASSWORD": ""
},
{
"LEAN_EMAIL_SMTP_AUTO_TLS": "false"
},
{
"LEAN_EMAIL_SMTP_SECURE": "false"
},
{
"LEAN_EMAIL_SMTP_SSLNOVERIFY": "false"
},
{
"LEAN_EMAIL_SMTP_PORT": "25"
},
{
"LEAN_LDAP_USE_LDAP": "false"
},
{
"LEAN_OIDC_ENABLE": "#OIDC_ENABLE"
},
{
"LEAN_OIDC_CLIENT_ID": "#OIDC_CLIENT_ID"
},
{
"LEAN_OIDC_CREATE_USER": "#OIDC_CREATE_USER"
},
{
"LEAN_OIDC_DEFAULT_ROLE": "20"
},
{
"LEAN_OIDC_PROVIDER_URL": "#OIDC_PROVIDER_URL"
},
{
"LEAN_OIDC_AUTH_URL_OVERRIDE": "#OIDC_AUTH_URL_OVERRIDE"
},
{
"LEAN_OIDC_TOKEN_URL_OVERRIDE": "#OIDC_TOKEN_URL_OVERRIDE"
},
{
"LEAN_OIDC_USERINFO_URL_OVERRIDE": "#OIDC_USERINFO_URL_OVERRIDE"
},
{
"LEAN_OIDC_SCOPES": "user:email,read:user"
},
{
"LEAN_OIDC_FIELD_EMAIL": "0.email"
},
{
"LEAN_OIDC_FIELD_FIRSTNAME": "name"
},
{
"LEAN_LOGO_PATH": "/dist/images/logo.svg"
},
{
"LEAN_PRINT_LOGO_URL": "/dist/images/logo.png"
},
{
"LEAN_DEFAULT_THEME": "default"
},
{
"LEAN_PRIMARY_COLOR": "#006d9f"
},
{
"LEAN_SECONDARY_COLOR": "#00a886"
},
{
"LEAN_USE_S3": "#LEANTIME_USE_S3"
},
{
"LEAN_S3_KEY": "#S3_KEY"
},
{
"LEAN_S3_BUCKET": "#S3_BUCKET"
},
{
"LEAN_S3_USE_PATH_STYLE_ENDPOINT": "#S3_USE_PATH_STYLE_ENDPOINT"
},
{
"LEAN_S3_REGION": "#S3_REGION"
},
{
"LEAN_S3_FOLDER_NAME": "#S3_FOLDER_NAME"
},
{
"LEAN_S3_END_POINT": "#S3_END_POINT"
}
],
"ENV_FILES": [
"/etc/user/secret/leantime/leantime.json"
],
"EXTRA": "--restart always",
"DEPEND": "null",
"START_ON_BOOT": "false",
"CMD": "null",
"PRE_START": [
"firewall-leantime-dns"
],
"POST_START": [
"firewall-leantime-smtp",
"firewall-leantime",
"domain-leantime"
]
}
]
}