m1ngsama
f82cd2d956
Add services/ directory with deploy scripts for system-level infrastructure
services. Each script reads INFRA_DIR pointing to the corresponding infra
module, sources its .env, substitutes config templates via envsubst, and
installs/enables systemd services. Zero hardcoded values — public-safe.
New scripts:
- services/email/deploy.sh (Postfix + Dovecot + OpenDKIM + SpamAssassin)
- services/nginx/deploy.sh (Nginx vhosts via envsubst)
- services/shadowsocks/server/deploy.sh (shadowsocks-rust server)
- services/shadowsocks/client/deploy.sh (sslocal + privoxy chain)
- services/frp/server/deploy.sh (frps)
- services/frp/client/deploy.sh (frpc)
README: add "Relationship with infra" section explaining the two-repo workflow
Makefile: add deploy-email, deploy-nginx, deploy-ss-{server,client},
deploy-frp-{server,client} targets
Closes #6
|
||
|---|---|---|
| bin | ||
| minecraft | ||
| nextcloud | ||
| services | ||
| teamspeak | ||
| .gitignore | ||
| config.sh | ||
| LICENSE | ||
| Makefile | ||
| README.md | ||
Automa
Deployment scripts for self-hosted infrastructure. Pairs with infra (private) for configuration.
infra/services/<name>/.env → automa/services/<name>/deploy.sh
Relationship with infra
infra (private) holds config templates and .env.example files — the "what" and "how to configure".
automa (public) holds deployment scripts — the "how to deploy". Zero hardcoded values, zero domain names.
Workflow:
- Clone infra (private), fill in
.envfiles for each service you want - Clone automa (public), run the matching deploy script
- Each script reads
INFRA_DIRto locate the corresponding.env
# Example
cd infra/services/email && cp .env.example .env && $EDITOR .env
cd automa/services/email
INFRA_DIR=../../infra/services/email ./deploy.sh
Philosophy
This project embraces Unix principles:
- Modularity: Each service is self-contained
- Simplicity: Minimal dependencies, clear configuration
- Composability: Tools work together through standard interfaces
- Transparency: Plain text configuration, readable scripts
Infrastructure Services
System services deployed from infra module configs.
Postfix + Dovecot + OpenDKIM + SpamAssassin.
INFRA_DIR=/path/to/infra/services/email ./services/email/deploy.sh
Nginx
Web server and reverse proxy vhosts.
INFRA_DIR=/path/to/infra/services/nginx ./services/nginx/deploy.sh
Shadowsocks
GFW-resistant proxy.
# Server (VPS)
INFRA_DIR=/path/to/infra/services/shadowsocks/server ./services/shadowsocks/server/deploy.sh
# Client (home machine)
INFRA_DIR=/path/to/infra/services/shadowsocks/client ./services/shadowsocks/client/deploy.sh
FRP
Reverse tunnel — expose home services through VPS.
# Server (VPS)
INFRA_DIR=/path/to/infra/services/frp/server ./services/frp/server/deploy.sh
# Client (home machine)
INFRA_DIR=/path/to/infra/services/frp/client ./services/frp/client/deploy.sh
Home Services
Docker-based services with their own config.
Minecraft Server
Automated Minecraft Fabric server deployment with mod management.
Location: minecraft/
Quick Start:
cd minecraft
cp .env.example .env # Edit as needed
docker compose up -d
See minecraft/README.md for details.
TeamSpeak Server
Voice communication server with minimal configuration.
Location: teamspeak/
Quick Start:
cd teamspeak
cp .env.example .env # Edit as needed
docker compose up -d
See teamspeak/README.md for details.
Nextcloud
Self-hosted file sync and collaboration platform.
Location: nextcloud/
Quick Start:
cd nextcloud
cp .env.example .env # Edit as needed
docker compose up -d
See nextcloud/README.md for details.
Utilities
Organization Repository Cloner
Batch clone all repositories from a GitHub organization.
Location: bin/org-clone.sh
Usage:
./bin/org-clone.sh <org-name>
Prerequisites
- Docker & Docker Compose
- Bash 4.0+
- Git
Project Structure
automa/
├── bin/ # Utility scripts
│ └── lib/common.sh # Shared logging + env helpers
├── services/ # Infrastructure deploy scripts (reads infra .env)
│ ├── email/deploy.sh
│ ├── nginx/deploy.sh
│ ├── shadowsocks/
│ │ ├── server/deploy.sh
│ │ └── client/deploy.sh
│ └── frp/
│ ├── server/deploy.sh
│ └── client/deploy.sh
├── minecraft/ # Minecraft server (Docker)
├── teamspeak/ # TeamSpeak server (Docker)
├── nextcloud/ # Nextcloud (Docker)
└── README.md
Common Operations
All services follow consistent patterns:
Start a Service
cd <service-name>
docker compose up -d
View Logs
cd <service-name>
docker compose logs -f
Stop a Service
cd <service-name>
docker compose down
Update a Service
cd <service-name>
docker compose pull
docker compose up -d
Security Notes
- Always change default passwords in
.envfiles - Keep
.envfiles out of version control - Use strong passwords for production deployments
- Review exposed ports before deployment
Contributing
Contributions welcome. Keep changes:
- Simple and focused
- Well-documented
- Following existing patterns
- Unix philosophy aligned
License
MIT License - See LICENSE file for details.