From c70789e81a8920b5eb8e5cd969104825d33c64bf Mon Sep 17 00:00:00 2001 From: NI-R0 Date: Fri, 10 Apr 2026 14:15:05 +0200 Subject: [PATCH 1/2] update kaneo compose to v2.6.0 --- services/kaneo/.env | 19 ++++++++++- services/kaneo/compose.yaml | 65 +++++++++++++++++++++++-------------- 2 files changed, 59 insertions(+), 25 deletions(-) diff --git a/services/kaneo/.env b/services/kaneo/.env index 5b5bd475..01380373 100644 --- a/services/kaneo/.env +++ b/services/kaneo/.env @@ -6,11 +6,28 @@ SERVICE=kaneo IMAGE_URL_BACKEND=ghcr.io/usekaneo/api:latest IMAGE_URL_FRONTEND=ghcr.io/usekaneo/web:latest +IMAGE_URL_DATABASE=postgres:16-alpine # Network Configuration -SERVICEPORT=80 +# SERVICEPORT= +SERVICEPORT_FRONTEND=5173 +SERVICEPORT_BACKEND=1337 +SERVICEPORT_DATABASE=5432 DNS_SERVER=9.9.9.9 +# Kaneo Configuration +KANEO_API_URL="https://kaneo..net/api" +KANEO_CLIENT_URL="https://kaneo..net" + +# AUTH Configuration +AUTH_SECRET= +BETTER_AUTH_TRUSTED_PROXIES: "0.0.0.0/0" + +# DB Configuration +DB_USERNAME=kaneo +DB_DATABASE_NAME=kaneo +DB_PASSWORD= + # Tailscale Configuration TS_AUTHKEY= diff --git a/services/kaneo/compose.yaml b/services/kaneo/compose.yaml index f99c1ae9..ad5c6850 100644 --- a/services/kaneo/compose.yaml +++ b/services/kaneo/compose.yaml @@ -3,8 +3,10 @@ configs: content: | {"TCP":{"443":{"HTTPS":true}}, "Web":{"$${TS_CERT_DOMAIN}:443": - {"Handlers":{"/": - {"Proxy":"http://127.0.0.1:80"}}}}, + {"Handlers":{ + "/api/":{"Proxy":"http://localhost:${SERVICEPORT_BACKEND}/api/"}, + "/":{"Proxy":"http://localhost:${SERVICEPORT_FRONTEND}"} + }}}, "AllowFunnel":{"$${TS_CERT_DOMAIN}:443":false}} services: @@ -47,41 +49,56 @@ services: start_period: 10s # Time to wait before starting health checks restart: always - # ${SERVICE} - Backend + # ${SERVICE} - DB + postgres: + image: ${IMAGE_URL_DATABASE} # Image to be used + network_mode: service:tailscale # Sidecar configuration to route ${SERVICE} through Tailscale + container_name: app-${SERVICE}-postgres # Name for local container management + env_file: + - .env + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + volumes: + - ./${SERVICE}-data/postgres_data:/var/lib/postgresql/data + healthcheck: + test: ["CMD-SHELL", "pg_isready -U ${DB_USERNAME} -d ${DB_DATABASE_NAME}"] + interval: 10s # How often to perform the check + timeout: 5s # Time to wait for the check to succeed + retries: 5 # Number of retries before marking as unhealthy + start_period: 30s # Time to wait before starting health checks + restart: unless-stopped + + # ${SERVICE} - Backend (API) backend: image: ${IMAGE_URL_BACKEND} # Image to be used network_mode: service:tailscale # Sidecar configuration to route ${SERVICE} through Tailscale container_name: app-${SERVICE}-backend # Name for local container management + env_file: + - .env environment: - JWT_ACCESS: "change_me" - DB_PATH: "/app/apps/api/data/kaneo.db" - volumes: - - ./${SERVICE}-data/sqlite_data:/app/apps/api/data + DATABASE_URL: "postgresql://${DB_USERNAME}:${DB_PASSWORD}@localhost:${SERVICEPORT_DATABASE}/${DB_DATABASE_NAME}" depends_on: tailscale: condition: service_healthy - healthcheck: - test: ["CMD", "pgrep", "-f", "${SERVICE}"] # Check if ${SERVICE} process is running - interval: 1m # How often to perform the check - timeout: 10s # Time to wait for the check to succeed - retries: 3 # Number of retries before marking as unhealthy - start_period: 30s # Time to wait before starting health checks - restart: always + postgres: + condition: service_healthy + restart: unless-stopped - # ${SERVICE} - Frontend + # ${SERVICE} - Frontend (Web) frontend: image: ${IMAGE_URL_FRONTEND} # Image to be used network_mode: service:tailscale # Sidecar configuration to route ${SERVICE} through Tailscale container_name: app-${SERVICE}-frontend # Name for local container management - environment: - KANEO_API_URL: "https://kaneo./api" + env_file: + - .env depends_on: tailscale: condition: service_healthy - healthcheck: - test: ["CMD", "pgrep", "-f", "${SERVICE}"] # Check if ${SERVICE} process is running - interval: 1m # How often to perform the check - timeout: 10s # Time to wait for the check to succeed - retries: 3 # Number of retries before marking as unhealthy - start_period: 30s # Time to wait before starting health checks - restart: always \ No newline at end of file + kaneo-backend: + condition: service_started + restart: unless-stopped + +volumes: + postgres_data: From e882a1b52eae9798f177eaf19c2bee884fd2abdc Mon Sep 17 00:00:00 2001 From: crypt0rr <57799908+crypt0rr@users.noreply.github.com> Date: Sat, 11 Apr 2026 21:46:55 +0200 Subject: [PATCH 2/2] Update .env and compose.yaml for Kaneo service configuration --- services/kaneo/.env | 25 ++++++++++++++++++------- services/kaneo/compose.yaml | 2 +- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/services/kaneo/.env b/services/kaneo/.env index 82557861..13ef46ae 100644 --- a/services/kaneo/.env +++ b/services/kaneo/.env @@ -3,21 +3,32 @@ #COMPOSE_PROJECT_NAME= # Optional: only use when running multiple deployments on the same infrastructure. # Service Configuration -SERVICE=kaneo -IMAGE_URL_BACKEND=ghcr.io/usekaneo/api:latest -IMAGE_URL_FRONTEND=ghcr.io/usekaneo/web:latest -IMAGE_URL_DATABASE=postgres:16-alpine +SERVICE=kaneo # Service name (e.g., adguard). Used as hostname in Tailscale and for container naming (app-${SERVICE}). +IMAGE_URL_BACKEND=ghcr.io/usekaneo/api:latest # Docker image URL from container registry (e.g., adguard/adguard-home). +IMAGE_URL_FRONTEND=ghcr.io/usekaneo/web:latest # Docker image URL from container registry (e.g., adguard/adguard-home). +IMAGE_URL_DATABASE=postgres:16-alpine # Docker image URL from container registry (e.g., adguard/adguard-home). # Network Configuration # SERVICEPORT= SERVICEPORT_FRONTEND=5173 SERVICEPORT_BACKEND=1337 SERVICEPORT_DATABASE=5432 -DNS_SERVER=9.9.9.9 +DNS_SERVER=9.9.9.9 # Preferred DNS server for Tailscale. Uncomment the "dns:" section in compose.yaml to enable. + +# Tailscale Configuration +TS_AUTHKEY= # Auth key from https://tailscale.com/admin/authkeys. See: https://tailscale.com/kb/1085/auth-keys#generate-an-auth-key for instructions. + +# Optional Service variables +# PUID=1000 + +#Time Zone setting for containers +TZ=Europe/Amsterdam # See: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones + +# Any Container environment variables are declared below. See https://docs.docker.com/compose/how-tos/environment-variables/ # Kaneo Configuration -KANEO_API_URL="https://kaneo..net/api" -KANEO_CLIENT_URL="https://kaneo..net" +KANEO_API_URL="https://kaneo..ts.net/api" +KANEO_CLIENT_URL="https://kaneo..ts.net" # AUTH Configuration AUTH_SECRET= diff --git a/services/kaneo/compose.yaml b/services/kaneo/compose.yaml index ad5c6850..23294d12 100644 --- a/services/kaneo/compose.yaml +++ b/services/kaneo/compose.yaml @@ -96,7 +96,7 @@ services: depends_on: tailscale: condition: service_healthy - kaneo-backend: + backend: condition: service_started restart: unless-stopped