add ente server tools

.github/workflows/ente-server-tools-docker-image.yml

@@ -0,0 +1,36 @@
+name: Build and Publish
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+
+jobs:
+  build-and-push-docker-image:
+    name: Build Docker image and push
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Login to Github Packages
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build image and push to GitHub Container Registry
+        uses: docker/build-push-action@v2
+        with:
+          context: ente-server-tools/.
+          tags: ghcr.io/edythecow/ente-server-tools:latest
+          push: ${{ github.ref == 'refs/heads/master' }}
+
+      - name: Image digest
+        run: echo ${{ steps.docker_build.outputs.digest }}

_base/compose/.env

@@ -0,0 +1,5 @@
+# Prefix for container names when docker compose is started
+COMPOSE_PROJECT_NAME=ente
+
+# Directory for storing containers data
+DATA_DIR=../data

_base/compose/docker-compose.yml

@@ -0,0 +1,23 @@
+version: '3'
+
+networks:
+  ente:
+    external: true
+
+services:
+
+  traefik:
+    image: traefik:v3.0
+    restart: always
+    env_file:
+      - .env
+    ports:
+      - "80:80"
+      - "443:443"
+    networks:
+      - ente
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ${DATA_DIR}/traefik/traefik.toml:/etc/traefik/traefik.toml
+      - ${DATA_DIR}/traefik/acme.json:/acme.json
+      - ${DATA_DIR}/traefik/logs:/logs

_base/data/traefik/traefik.toml

@@ -0,0 +1,35 @@
+[global]
+  checkNewVersion = false
+  sendAnonymousUsage = false
+
+[log]
+  level = "INFO"
+
+[entryPoints]
+  [entryPoints.web]
+    address = ":80"
+
+  [entryPoints.web.http]
+    [entryPoints.web.http.redirections]
+      [entryPoints.web.http.redirections.entryPoint]
+        to = "websecure"
+        scheme = "https"
+
+  [entryPoints.websecure]
+    address = ":443"
+
+[providers.docker]
+  exposedbydefault = false
+
+[certificatesResolvers.cloudflare.acme]
+  email = "admin@example.com"
+  [certificatesResolvers.cloudflare.acme.dnsChallenge]
+    provider = "cloudflare"
+    delayBeforeCheck = 0
+
+[certificatesResolvers.letsencrypt.acme]
+  email = "admin@example.com"
+  storage = "acme.json"
+  [certificatesResolvers.letsencrypt.acme.httpChallenge]
+    entryPoint = "web"
+

ente-server-tools/Dockerfile

@@ -0,0 +1,11 @@
+FROM golang:1.20-alpine3.17
+
+RUN apk add --no-cache gcc musl-dev git libsodium-dev
+
+WORKDIR /etc/
+
+RUN git clone https://github.com/ente-io/ente.git && mv ente/server /etc/server && rm -r /etc/ente
+
+WORKDIR /etc/server/
+
+RUN go mod download

ente-server/compose/.env

@@ -0,0 +1,54 @@
+###
+# DOCKER COMPOSE ENTE-SELFHOST SPECIFIC VARIABLES
+# These variables are unofficial variables used by Traefik and Docker Compose
+###
+
+# Prefix for container names when docker compose is started
+COMPOSE_PROJECT_NAME=ente
+
+# Directory for storing containers data
+DATA_DIR=../data
+
+# Endpoint domain for ente server, DO NOT include https:// here.
+# This is used by Traefik to generate certificates and route traffic
+DOMAIN_MUSEUM=api.your-domain.com
+
+
+###
+# OFFICIAL ENTE-SERVER ENVIRONMENT VARIABLES 
+# These variables are provided by Ente server
+# Used to override config file values so we have everything in one place
+# Full config: https://github.com/ente-io/ente/blob/main/server/configurations/local.yaml
+###
+
+# First time setup for account if SMTP isn't working
+#ENTE_INTERNAL_HARDCODED-OTT_LOCAL-DOMAIN-SUFFIX=@example.com
+#ENTE_INTERNAL_HARDCODED-OTT_LOCAL-DOMAIN-VALUE=123456
+
+#ENTE_HTTP_USE-TLS=false
+#ENTE_APPS_PUBLIC-ALBUMS=https://albums.example.com
+
+# Database credentials
+# These are automatically passed down to postgres in docker-compose.yml file
+ENTE_DB_USER=ente
+ENTE_DB_PASSWORD=
+ENTE_DB_NAME=ente_db
+
+# SMTP configuration 
+ENTE_SMTP_HOST=
+ENTE_SMTP_PORT=
+ENTE_SMTP_USERNAME=
+ENTE_SMTP_PASSWORD=
+
+# Key used for encrypting user emails before storing them in DB
+ENTE_KEY_ENCRYPTION=
+ENTE_KEY_HASH=
+
+# JWT secrets
+ENTE_JWT_SECRET=
+
+# Move to config file?
+# S3 storage endpoints
+ENTE_S3_B2-EU-CEN_KEY=
+
+

ente-server/compose/docker-compose.yml

@@ -0,0 +1,56 @@
+services:
+  museum:
+    image: ghcr.io/ente-io/server
+    depends_on:
+      postgres:
+        condition: service_healthy
+    volumes:
+      - ${DATA_DIR}/museum/logs:/var/logs
+    networks:
+      - internal
+      - ente
+    labels:
+      - "traefik.enable=true"
+      # HTTP
+      - "traefik.http.routers.ente-museum.entrypoints=web"
+      - "traefik.http.routers.ente-museum.rule=Host(`${DOMAIN_MUSEUM}`)"
+      - "traefik.http.routers.ente-museum.middlewares=ente-museum_https"
+      - "traefik.http.middlewares.ente-museum_https.redirectscheme.scheme=https"
+      # HTTPS
+      - "traefik.http.routers.ente-museum_https.entrypoints=websecure"
+      - "traefik.http.routers.ente-museum_https.rule=Host(`${DOMAIN_MUSEUM}`)"
+      - "traefik.http.routers.ente-museum_https.tls=true"
+      - "traefik.http.routers.ente-museum_https.tls.certresolver=letsencrypt"
+      - "traefik.http.services.ente-museum_https.loadbalancer.server.port=8080"
+
+  postgres:
+    image: postgres:12
+    environment:
+      POSTGRES_USER: ${ENTE_DB_USER}
+      POSTGRES_PASSWORD: ${ENTE_DB_PASSWORD}
+      POSTGRES_DB: ${ENTE_DB_NAME}
+    # Wait for postgres to be accept connections before starting museum.
+    healthcheck:
+      test:
+        [
+          "CMD",
+          "pg_isready",
+          "-q",
+          "-d",
+          "ente_db",
+          "-U",
+          "pguser"
+        ]
+      interval: 1s
+      timeout: 5s
+      retries: 20
+    volumes:
+      - ${DATA_DIR}/postgres:/var/lib/postgresql/data
+    networks:
+      - internal
+
+networks:
+  ente:
+    external: true
+  internal:
+    external: false

ente-server/data/museum/credentials.yaml

@@ -0,0 +1,28 @@
+db:
+    host: postgres
+    port: 5432
+    name: ente_db
+    user: pguser
+    password: pgpass
+
+s3:
+    are_local_buckets: true
+    b2-eu-cen:
+        key: test
+        secret: testtest
+        endpoint: localhost:3200
+        region: eu-central-2
+        bucket: b2-eu-cen
+    wasabi-eu-central-2-v3:
+        key: test
+        secret: testtest
+        endpoint: localhost:3200
+        region: eu-central-2
+        bucket: wasabi-eu-central-2-v3
+        compliance: false
+    scw-eu-fr-v3:
+        key: test
+        secret: testtest
+        endpoint: localhost:3200
+        region: eu-central-2
+        bucket: scw-eu-fr-v3