added stuff

autocli.yml

@@ -0,0 +1,27 @@
+auto_reload: 1
+confirm_quit: false
+
+modules: [auto.lib.docker, auto.lib.infrastructure]
+
+path:
+    cache: t:\autocli_home\cache
+    download: t:\autocli_home
+
+ssh:
+    user: rothe
+
+docker:
+    #~ disabled_hosts: [freimann, hebb, cassirer, hume, 192.168.1.63]
+    hide_status: [host_down]
+    timeout_connect: 10
+    timeout: 60
+
+image:
+    path: c:\apps\_home
+    build_host: himbeere
+
+service:
+    path: c:\apps\_home\services.yml
+
+docker_host:
+    names: [himbeere]

domoticz/Dockerfile

@@ -0,0 +1,25 @@
+#
+# Dockerfile for Rpi-Domoticz
+#
+# Based on version by LBTM
+#
+# Base image.
+FROM resin/rpi-raspbian:jessie-20161026
+
+MAINTAINER Florian Chauveau
+
+# Install Domoticz from sources.
+RUN \
+  apt-get update && \
+  apt-get install -y cmake apt-utils build-essential && \
+  apt-get install -y libboost-dev libboost-thread-dev libboost-system-dev libsqlite3-dev subversion curl libcurl4-openssl-dev libusb-dev zlib1g-dev && \
+  apt-get clean && \
+  apt-get autoclean && \
+  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Expose port.
+EXPOSE 8080
+
+CMD ["/root/domoticz/domoticz", "-www", "8080"]
+
+ADD domoticz_linux_armv7l.tgz /root/domoticz

home.bat

@@ -0,0 +1,3 @@
+@echo off
+cd %~dp0
+d:\vls-trunk\env-win64\python27\python.exe -m auto.cli %*

nexus/Dockerfile

@@ -0,0 +1,28 @@
+FROM resin/rpi-raspbian:jessie-20161026
+
+RUN apt-get update && \
+    apt-get install -y wget openjdk-8-jdk && \
+    rm -rf /var/lib/apt/lists/*
+ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-armhf
+
+ENV VER 3.1.0-04
+
+RUN wget https://sonatype-download.global.ssl.fastly.net/nexus/3/nexus-${VER}-unix.tar.gz -O /tmp/nexus-${VER}-unix.tar.gz && \
+        useradd -r -u 200 -m -c "nexus role account" -d /opt/sonatype-work -s /bin/false nexus && \
+        mkdir -p /opt/sonatype/ && \
+        mkdir -p /opt/sonatype-work && \
+        tar -C /opt/sonatype/ -xvaf /tmp/nexus-${VER}-unix.tar.gz && \
+        ln -s /opt/sonatype/nexus-${VER}/ /opt/sonatype/nexus && \
+        rm -f /tmp/nexus-${VER}-unix.tar.gz && \
+        chown -Rv nexus:nexus /opt/sonatype/nexus && \
+        chown -Rv nexus:nexus /opt/sonatype/nexus-${VER} && \
+        chown -Rv nexus:nexus /opt/sonatype-work
+
+VOLUME /opt/sonatype-work
+
+WORKDIR /opt/sonatype/nexus
+
+COPY nexus.vmoptions /opt/sonatype/nexus/bin/nexus.vmoptions
+
+USER nexus
+CMD ["/opt/sonatype/nexus/bin/nexus", "run"]

nexus/nexus.vmoptions

@@ -0,0 +1,12 @@
+-Xms512M
+-Xmx512M
+-XX:+UnlockDiagnosticVMOptions
+-XX:+UnsyncloadClass
+-Djava.net.preferIPv4Stack=true
+-Dkaraf.home=.
+-Dkaraf.base=.
+-Dkaraf.etc=etc
+-Djava.util.logging.config.file=etc/java.util.logging.properties
+-Dkaraf.data=data
+-Djava.io.tmpdir=data/tmp
+-Dkaraf.startLocalConsole=false

ngp/Dockerfile

@@ -0,0 +1,39 @@
+FROM resin/rpi-raspbian:jessie-20161026
+
+RUN echo "deb http://archive.raspbian.org/raspbian jessie main" >> /etc/apt/sources.list &&\
+    apt-get update &&\
+    apt-get install -y git mercurial golang nginx libgcrypt20-dev gcc wget &&\
+    apt-get clean
+
+RUN echo "daemon off;" >> /etc/nginx/nginx.conf
+
+# fix for long server names
+RUN sed -i 's/# server_names_hash_bucket/server_names_hash_bucket/g' /etc/nginx/nginx.conf
+
+ENV GOPATH /opt/go
+ENV PATH $PATH:$GOPATH/bin
+
+#ADD https://github.com/jwilder/forego/releases/download/v0.16.1/forego /usr/local/bin/forego
+RUN go get -v -u github.com/ddollar/forego
+
+ENV DOCKER_GEN_VERSION 0.7.3
+
+RUN wget https://github.com/jwilder/docker-gen/releases/download/$DOCKER_GEN_VERSION/docker-gen-linux-armhf-$DOCKER_GEN_VERSION.tar.gz \
+ && tar -C /usr/local/bin -xvzf docker-gen-linux-armhf-$DOCKER_GEN_VERSION.tar.gz \
+ && rm /docker-gen-linux-armhf-$DOCKER_GEN_VERSION.tar.gz
+
+COPY scripts/* /app/
+WORKDIR /app/
+
+ENV DOCKER_HOST unix:///tmp/docker.sock
+
+VOLUME ["/etc/nginx/certs"]
+
+RUN chmod u+x /app/docker-entrypoint.sh
+# RUN chmod u+x /opt/go/bin/forego
+
+ENTRYPOINT ["/app/docker-entrypoint.sh"]
+#ENTRYPOINT ["/bin/bash"]
+
+CMD ["/opt/go/bin/forego", "start", "-r"]
+

ngp/scripts/Procfile

@@ -0,0 +1,2 @@
+nginx: nginx
+dockergen: docker-gen -watch -notify "nginx -s reload" /app/nginx.tmpl /etc/nginx/conf.d/default.conf

ngp/scripts/docker-entrypoint.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+set -e
+
+# Warn if the DOCKER_HOST socket does not exist
+if [[ $DOCKER_HOST == unix://* ]]; then
+	socket_file=${DOCKER_HOST#unix://}
+	if ! [ -S $socket_file ]; then
+		cat >&2 <<-EOT
+			ERROR: you need to share your Docker host socket with a volume at $socket_file
+			Typically you should run your jwilder/nginx-proxy with: \`-v /var/run/docker.sock:$socket_file:ro\`
+			See the documentation at http://git.io/vZaGJ
+		EOT
+		socketMissing=1
+	fi
+fi
+
+# If the user has run the default command and the socket doesn't exist, fail
+if [ "$socketMissing" = 1 -a "$1" = forego -a "$2" = start -a "$3" = '-r' ]; then
+	exit 1
+fi
+
+exec "$@"

ngp/scripts/nginx.tmpl

@@ -0,0 +1,245 @@
+{{ $CurrentContainer := where $ "ID" .Docker.CurrentContainerID | first }}
+
+{{ define "upstream" }}
+	{{ if .Address }}
+		{{/* If we got the containers from swarm and this container's port is published to host, use host IP:PORT */}}
+		{{ if and .Container.Node.ID .Address.HostPort }}
+			# {{ .Container.Node.Name }}/{{ .Container.Name }}
+			server {{ .Container.Node.Address.IP }}:{{ .Address.HostPort }};
+		{{/* If there is no swarm node or the port is not published on host, use container's IP:PORT */}}
+		{{ else if .Network }}
+			# {{ .Container.Name }}
+			server {{ .Network.IP }}:{{ .Address.Port }};
+		{{ end }}
+	{{ else if .Network }}
+		# {{ .Container.Name }}
+		server {{ .Network.IP }} down;
+	{{ end }}
+{{ end }}
+
+# If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
+# scheme used to connect to this server
+map $http_x_forwarded_proto $proxy_x_forwarded_proto {
+  default $http_x_forwarded_proto;
+  ''      $scheme;
+}
+
+# If we receive X-Forwarded-Port, pass it through; otherwise, pass along the
+# server port the client connected to
+map $http_x_forwarded_port $proxy_x_forwarded_port {
+  default $http_x_forwarded_port;
+  ''      $server_port;
+}
+
+# If we receive Upgrade, set Connection to "upgrade"; otherwise, delete any
+# Connection header that may have been passed to this server
+map $http_upgrade $proxy_connection {
+  default upgrade;
+  '' close;
+}
+
+gzip_types text/plain text/css application/javascript application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
+
+log_format vhost '$host $remote_addr - $remote_user [$time_local] '
+                 '"$request" $status $body_bytes_sent '
+                 '"$http_referer" "$http_user_agent"';
+
+access_log off;
+
+{{ if (exists "/etc/nginx/proxy.conf") }}
+include /etc/nginx/proxy.conf;
+{{ else }}
+# HTTP 1.1 support
+proxy_http_version 1.1;
+proxy_buffering off;
+proxy_set_header Host $http_host;
+proxy_set_header Upgrade $http_upgrade;
+proxy_set_header Connection $proxy_connection;
+proxy_set_header X-Real-IP $remote_addr;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
+proxy_set_header X-Forwarded-Port $proxy_x_forwarded_port;
+
+# Mitigate httpoxy attack (see README for details)
+proxy_set_header Proxy "";
+{{ end }}
+
+server {
+	server_name _; # This is just an invalid value which will never trigger on a real hostname.
+	listen 80;
+	access_log /var/log/nginx/access.log vhost;
+	return 503;
+}
+
+{{ if (and (exists "/etc/nginx/certs/default.crt") (exists "/etc/nginx/certs/default.key")) }}
+server {
+	server_name _; # This is just an invalid value which will never trigger on a real hostname.
+	listen 443 ssl http2;
+	access_log /var/log/nginx/access.log vhost;
+	return 503;
+
+	ssl_session_tickets off;
+	ssl_certificate /etc/nginx/certs/default.crt;
+	ssl_certificate_key /etc/nginx/certs/default.key;
+}
+{{ end }}
+
+{{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }}
+
+upstream {{ $host }} {
+{{ range $container := $containers }}
+	{{ $addrLen := len $container.Addresses }}
+
+	{{ range $knownNetwork := $CurrentContainer.Networks }}
+		{{ range $containerNetwork := $container.Networks }}
+			{{ if eq $knownNetwork.Name $containerNetwork.Name }}
+				## Can be connect with "{{ $containerNetwork.Name }}" network
+
+				{{/* If only 1 port exposed, use that */}}
+				{{ if eq $addrLen 1 }}
+					{{ $address := index $container.Addresses 0 }}
+					{{ template "upstream" (dict "Container" $container "Address" $address "Network" $containerNetwork) }}
+				{{/* If more than one port exposed, use the one matching VIRTUAL_PORT env var, falling back to standard web port 80 */}}
+				{{ else }}
+					{{ $port := coalesce $container.Env.VIRTUAL_PORT "80" }}
+					{{ $address := where $container.Addresses "Port" $port | first }}
+					{{ template "upstream" (dict "Container" $container "Address" $address "Network" $containerNetwork) }}
+				{{ end }}
+			{{ end }}
+		{{ end }}
+	{{ end }}
+{{ end }}
+}
+
+{{ $default_host := or ($.Env.DEFAULT_HOST) "" }}
+{{ $default_server := index (dict $host "" $default_host "default_server") $host }}
+
+{{/* Get the VIRTUAL_PROTO defined by containers w/ the same vhost, falling back to "http" */}}
+{{ $proto := or (first (groupByKeys $containers "Env.VIRTUAL_PROTO")) "http" }}
+
+{{/* Get the HTTPS_METHOD defined by containers w/ the same vhost, falling back to "redirect" */}}
+{{ $https_method := or (first (groupByKeys $containers "Env.HTTPS_METHOD")) "redirect" }}
+
+{{/* Get the first cert name defined by containers w/ the same vhost */}}
+{{ $certName := (first (groupByKeys $containers "Env.CERT_NAME")) }}
+
+{{/* Get the best matching cert  by name for the vhost. */}}
+{{ $vhostCert := (closest (dir "/etc/nginx/certs") (printf "%s.crt" $host))}}
+
+{{/* vhostCert is actually a filename so remove any suffixes since they are added later */}}
+{{ $vhostCert := trimSuffix ".crt" $vhostCert }}
+{{ $vhostCert := trimSuffix ".key" $vhostCert }}
+
+{{/* Use the cert specified on the container or fallback to the best vhost match */}}
+{{ $cert := (coalesce $certName $vhostCert) }}
+
+{{ $is_https := (and (ne $cert "") (exists (printf "/etc/nginx/certs/%s.crt" $cert)) (exists (printf "/etc/nginx/certs/%s.key" $cert))) }}
+
+{{ if $is_https }}
+
+{{ if eq $https_method "redirect" }}
+server {
+	server_name {{ $host }};
+	listen 80 {{ $default_server }};
+	access_log /var/log/nginx/access.log vhost;
+	return 301 https://$host$request_uri;
+}
+{{ end }}
+
+server {
+	server_name {{ $host }};
+	listen 443 ssl http2 {{ $default_server }};
+	access_log /var/log/nginx/access.log vhost;
+
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+	ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
+
+	ssl_prefer_server_ciphers on;
+	ssl_session_timeout 5m;
+	ssl_session_cache shared:SSL:50m;
+	ssl_session_tickets off;
+
+	ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }};
+	ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }};
+
+	{{ if (exists (printf "/etc/nginx/certs/%s.dhparam.pem" $cert)) }}
+	ssl_dhparam {{ printf "/etc/nginx/certs/%s.dhparam.pem" $cert }};
+	{{ end }}
+
+	{{ if (ne $https_method "noredirect") }}
+	add_header Strict-Transport-Security "max-age=31536000";
+	{{ end }}
+
+	{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
+	include {{ printf "/etc/nginx/vhost.d/%s" $host }};
+	{{ else if (exists "/etc/nginx/vhost.d/default") }}
+	include /etc/nginx/vhost.d/default;
+	{{ end }}
+
+	location / {
+		{{ if eq $proto "uwsgi" }}
+		include uwsgi_params;
+		uwsgi_pass {{ trim $proto }}://{{ trim $host }};
+		{{ else }}
+		proxy_pass {{ trim $proto }}://{{ trim $host }};
+		{{ end }}
+		{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
+		auth_basic	"Restricted {{ $host }}";
+		auth_basic_user_file	{{ (printf "/etc/nginx/htpasswd/%s" $host) }};
+		{{ end }}
+                {{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $host)) }}
+                include {{ printf "/etc/nginx/vhost.d/%s_location" $host}};
+                {{ else if (exists "/etc/nginx/vhost.d/default_location") }}
+                include /etc/nginx/vhost.d/default_location;
+                {{ end }}
+	}
+}
+
+{{ end }}
+
+{{ if or (not $is_https) (eq $https_method "noredirect") }}
+
+server {
+	server_name {{ $host }};
+	listen 80 {{ $default_server }};
+	access_log /var/log/nginx/access.log vhost;
+
+	{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
+	include {{ printf "/etc/nginx/vhost.d/%s" $host }};
+	{{ else if (exists "/etc/nginx/vhost.d/default") }}
+	include /etc/nginx/vhost.d/default;
+	{{ end }}
+
+	location / {
+		{{ if eq $proto "uwsgi" }}
+		include uwsgi_params;
+		uwsgi_pass {{ trim $proto }}://{{ trim $host }};
+		{{ else }}
+		proxy_pass {{ trim $proto }}://{{ trim $host }};
+		{{ end }}
+		{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
+		auth_basic	"Restricted {{ $host }}";
+		auth_basic_user_file	{{ (printf "/etc/nginx/htpasswd/%s" $host) }};
+		{{ end }}
+                {{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $host)) }}
+                include {{ printf "/etc/nginx/vhost.d/%s_location" $host}};
+                {{ else if (exists "/etc/nginx/vhost.d/default_location") }}
+                include /etc/nginx/vhost.d/default_location;
+                {{ end }}
+	}
+}
+
+{{ if (and (not $is_https) (exists "/etc/nginx/certs/default.crt") (exists "/etc/nginx/certs/default.key")) }}
+server {
+	server_name {{ $host }};
+	listen 443 ssl http2 {{ $default_server }};
+	access_log /var/log/nginx/access.log vhost;
+	return 500;
+
+	ssl_certificate /etc/nginx/certs/default.crt;
+	ssl_certificate_key /etc/nginx/certs/default.key;
+}
+{{ end }}
+
+{{ end }}
+{{ end }}

pypy/Dockerfile

@@ -0,0 +1,8 @@
+FROM resin/rpi-raspbian:jessie-20161026
+
+RUN echo "deb http://archive.raspbian.org/raspbian jessie main" >> /etc/apt/sources.list &&\
+    apt-get update
+
+RUN apt-get install -y pypy
+
+

rsync/Dockerfile

@@ -0,0 +1,11 @@
+FROM hypriot/rpi-alpine-scratch
+
+RUN apk update \
+    && apk upgrade \
+    && apk add rsync
+
+# run rsync
+CMD rsync -av --delete /opt/from/ /opt/to/ && \
+    echo "$(date '+%a %M:%H:%S %h %d %Y') sleeping 1h now.." && \
+    sleep 3600s
+

services.yml

@@ -0,0 +1,75 @@
+---
+
+domoticz:
+  host: himbeere
+  fqdn: home.cere.duckdns.org
+  docker:
+    build: domoticz
+    image: domoticz
+    volumes:
+      - /etc/localtime:/etc/localtime
+      - /opt/fast/domoticz/domoticz.db:/root/domoticz/domoticz.db
+    ports: 8080:8080
+    devices: /dev/ttyUSB0
+
+# https://github.com/mkueper/rpi-svn/blob/master/Dockerfile
+svn:
+  host: himbeere
+  docker:
+    build: svn
+    volumes:
+      - /opt/fast/svn:/var/svn
+    ports: 3690:3690
+    stop_signal: SIGKILL
+
+ngp:
+  host: himbeere
+  docker:
+    build: ngp
+    ports: 0.0.0.0:1080:80, 0.0.0.0:1443:443
+    volumes:
+      - /usr/share/nginx/html
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - /opt/fast/nginx/certs:/etc/nginx/certs:ro
+      # see https://github.com/jwilder/nginx-proxy#per-virtual_host
+      - /opt/fast/nginx/vhost.d:/etc/nginx/vhost.d:ro
+
+    commands:
+      nginx_conf:
+        method: exec
+        cmd: cat /etc/nginx/conf.d/default.conf
+        docs: show dockergen-generated config
+
+nexus:
+  host: himbeere
+  docker:
+    build: nexus
+    volumes:
+      - /etc/localtime:/etc/localtime
+      - /opt/fast/nexus:/opt/sonatype-work
+    ports: 1381:8081
+
+pypy:
+  host: himbeere
+  docker:
+    build: pypy
+    volumes:
+      - /etc/localtime:/etc/localtime
+
+rsync:
+  host: himbeere
+  docker:
+    build: rsync
+    volumes:
+      - /mnt/ssdext/docker_fast_volumes:/opt/from
+      - /mnt/hddext/backup:/opt/to
+
+gogs:
+  host: himbeere
+  fqdn: git.cere.duckdns.org
+  docker:
+    image: gogs/gogs-rpi
+    volumes: /opt/fast/gogs:/data
+    ports: 3000:3000, 3022:22
+    env:
+      VIRTUAL_PORT: 3000

svn/Dockerfile

@@ -0,0 +1,10 @@
+FROM hypriot/rpi-alpine-scratch
+
+RUN apk update \
+    && apk upgrade \
+    && apk add subversion
+
+VOLUME /var/svn
+EXPOSE 3690:3690
+
+CMD svnserve -d -r /var/svn/ --log-file /dev/stdout --foreground