New
Convert the following docker compose configuration to run under podman and quadlet:

```
# Usage:
# curl -fsSL 'https://docker-compose.archivebox.io' > docker-compose.yml
# docker compose up
# docker compose run archivebox version
# docker compose run -T archivebox add < urls_to_archive.txt
# docker compose run archivebox add --depth=1 'https://news.ycombinator.com'
# docker compose run archivebox config --set SAVE_ARCHIVE_DOT_ORG=False
# docker compose run archivebox help
# Documentation:
# https://github.com/ArchiveBox/ArchiveBox/wiki/Docker#docker-compose

services:
archivebox:
image: archivebox/archivebox:latest
ports:
- 8000:8000
volumes:
- ./data:/data
# ./data/personas/Default/chrome_profile/Default:/data/personas/Default/chrome_profile/Default
environment:
# - ADMIN_USERNAME=admin # creates an admin user on first run with the given user/pass combo
# - ADMIN_PASSWORD=SomeSecretPassword
- CSRF_TRUSTED_ORIGINS=https://archivebox.example.com # REQUIRED for auth, REST API, etc. to work
- ALLOWED_HOSTS=* # set this to the hostname(s) from your CSRF_TRUSTED_ORIGINS
- PUBLIC_INDEX=True # set to False to prevent anonymous users from viewing snapshot list
- PUBLIC_SNAPSHOTS=True # set to False to prevent anonymous users from viewing snapshot content
- PUBLIC_ADD_VIEW=False # set to True to allow anonymous users to submit new URLs to archive
- SEARCH_BACKEND_ENGINE=sonic # tells ArchiveBox to use sonic container below for fast full-text search
- SEARCH_BACKEND_HOST_NAME=sonic
- SEARCH_BACKEND_PASSWORD=SomeSecretPassword
# - PUID=911 # set to your host user's UID & GID if you encounter permissions issues
# - PGID=911 # UID/GIDs <500 may clash with existing users and are not recommended
# For options below, it's better to set using `docker compose run archivebox config --set SOME_KEY=someval` instead of setting here:
# - MEDIA_MAX_SIZE=750m # increase this filesize limit to allow archiving larger audio/video files
# - TIMEOUT=60 # increase this number to 120+ seconds if you see many slow downloads timing out
# - CHECK_SSL_VALIDITY=True # set to False to disable strict SSL checking (allows saving URLs w/ broken certs)
# - SAVE_ARCHIVE_DOT_ORG=True # set to False to disable submitting all URLs to Archive.org when archiving
# - USER_AGENT="..." # set a custom USER_AGENT to avoid being blocked as a bot
# ...
# For more info, see: https://github.com/ArchiveBox/ArchiveBox/wiki/Docker#configuration

# For ad-blocking during archiving, uncomment this section and the pihole service below
# networks:
# - dns
# dns:
# - 172.20.0.53


######## Optional Addons: tweak examples below as needed for your specific use case ########

### This optional container runs scheduled jobs in the background (and retries failed ones). To add a new job:
# $ docker compose run archivebox schedule --add --every=day --depth=1 'https://example.com/some/rss/feed.xml'
# then restart the scheduler container to apply any changes to the scheduled task list:
# $ docker compose restart archivebox_scheduler
# https://github.com/ArchiveBox/ArchiveBox/wiki/Scheduled-Archiving

archivebox_scheduler:

image: archivebox/archivebox:latest
command: schedule --foreground --update --every=day
environment:
# - PUID=911 # set to your host user's UID & GID if you encounter permissions issues
# - PGID=911
- TIMEOUT=120 # use a higher timeout than the main container to give slow tasks more time when retrying
- SEARCH_BACKEND_ENGINE=sonic # tells ArchiveBox to use sonic container below for fast full-text search
- SEARCH_BACKEND_HOST_NAME=sonic
- SEARCH_BACKEND_PASSWORD=SomeSecretPassword
# For other config it's better to set using `docker compose run archivebox config --set SOME_KEY=someval` instead of setting here
# ...
# For more info, see: https://github.com/ArchiveBox/ArchiveBox/wiki/Docker#configuration
volumes:
- ./data:/data
# cpus: 2 # uncomment / edit these values to limit scheduler container resource consumption
# mem_limit: 2048m
# restart: always


### This runs the optional Sonic full-text search backend (much faster than default rg backend).
# If Sonic is ever started after not running for a while, update its full-text index by running:
# $ docker-compose run archivebox update --index-only
# https://github.com/ArchiveBox/ArchiveBox/wiki/Setting-up-Search

sonic:
image: archivebox/sonic:latest
expose:
- 1491
environment:
- SEARCH_BACKEND_PASSWORD=SomeSecretPassword
volumes:
#- ./sonic.cfg:/etc/sonic.cfg:ro # mount to customize: https://raw.githubusercontent.com/ArchiveBox/ArchiveBox/stable/etc/sonic.cfg
- ./data/sonic:/var/lib/sonic/store


### This optional container runs xvfb+noVNC so you can watch the ArchiveBox browser as it archives things,
# or remote control it to set up a chrome profile w/ login credentials for sites you want to archive.
# https://github.com/ArchiveBox/ArchiveBox/wiki/Chromium-Install#setting-up-a-chromium-user-profile
# https://github.com/ArchiveBox/ArchiveBox/wiki/Chromium-Install#docker-vnc-setup

novnc:
image: theasp/novnc:latest
environment:
- DISPLAY_WIDTH=1920
- DISPLAY_HEIGHT=1080
- RUN_XTERM=no
ports:
# to view/control ArchiveBox's browser, visit: http://127.0.0.1:8080/vnc.html
# restricted to access from localhost by default because it has no authentication
- 127.0.0.1:8080:8080


### Example: Put Nginx in front of the ArchiveBox server for SSL termination and static file serving.
# You can also any other ingress provider for SSL like Apache, Caddy, Traefik, Cloudflare Tunnels, etc.

# nginx:
# image: nginx:alpine
# ports:
# - 443:443
# - 80:80
# volumes:
# - ./etc/nginx.conf:/etc/nginx/nginx.conf
# - ./data:/var/www


### Example: To run pihole in order to block ad/tracker requests during archiving,
# uncomment this optional block and set up pihole using its admin interface

# pihole:
# image: pihole/pihole:latest
# ports:
# # access the admin HTTP interface on http://localhost:8090
# - 127.0.0.1:8090:80
# environment:
# - WEBPASSWORD=SET_THIS_TO_SOME_SECRET_PASSWORD_FOR_ADMIN_DASHBOARD
# - DNSMASQ_LISTENING=all
# dns:
# - 127.0.0.1
# - 1.1.1.1
# networks:
# dns:
# ipv4_address: 172.20.0.53
# volumes:
# - ./etc/pihole:/etc/pihole
# - ./etc/dnsmasq:/etc/dnsmasq.d


### Example: run all your ArchiveBox traffic through a WireGuard VPN tunnel to avoid IP blocks.
# You can also use any other VPN that works at the docker/IP level, e.g. Tailscale, OpenVPN, etc.

# wireguard:
# image: linuxserver/wireguard:latest
# network_mode: 'service:archivebox'
# cap_add:
# - NET_ADMIN
# - SYS_MODULE
# sysctls:
# - net.ipv4.conf.all.rp_filter=2
# - net.ipv4.conf.all.src_valid_mark=1
# volumes:
# - /lib/modules:/lib/modules
# - ./wireguard.conf:/config/wg0.conf:ro

### Example: Run ChangeDetection.io to watch for changes to websites, then trigger ArchiveBox to archive them
# Documentation: https://github.com/dgtlmoon/changedetection.io
# More info: https://github.com/dgtlmoon/changedetection.io/blob/master/docker-compose.yml

# changedetection:
# image: ghcr.io/dgtlmoon/changedetection.io
# volumes:
# - ./data-changedetection:/datastore


### Example: Run PYWB in parallel and auto-import WARCs from ArchiveBox

# pywb:
# image: webrecorder/pywb:latest
# entrypoint: /bin/sh -c '(wb-manager init default || test $$? -eq 2) && wb-manager add default /archivebox/archive/*/warc/*.warc.gz; wayback;'
# environment:
# - INIT_COLLECTION=archivebox
# ports:
# - 8686:8080
# volumes:
# - ./data:/archivebox
# - ./data/wayback:/webarchive


networks:
# network just used for pihole container to offer :53 dns resolving on fixed ip for archivebox container
dns:
ipam:
driver: default
config:
- subnet: 172.20.0.0/24


# HOW TO: Set up cloud storage for your ./data/archive (e.g. Amazon S3, Backblaze B2, Google Drive, OneDrive, SFTP, etc.)
# https://github.com/ArchiveBox/ArchiveBox/wiki/Setting-Up-Storage
#
# Follow the steps here to set up the Docker RClone Plugin https://rclone.org/docker/
# $ docker plugin install rclone/docker-volume-rclone:amd64 --grant-all-permissions --alias rclone
# $ nano /var/lib/docker-plugins/rclone/config/rclone.conf
# [examplegdrive]
# type = drive
# scope = drive
# drive_id = 1234567...
# root_folder_id = 0Abcd...
# token = {"access_token":...}

# volumes:
# archive:
# driver: rclone
# driver_opts:
# remote: 'examplegdrive:archivebox'
# allow_other: 'true'
# vfs_cache_mode: full
# poll_interval: 0
```
Jan 5, 3:38pm

To convert the given Docker Compose configuration to run under Podman and Quadlet, you need to make a few adjustments. Podman is a container engine that is compatible with Docker, and Quadlet is a Kubernetes-like orchestration tool for Podman. Below is the converted configuration:

  1. Podman Compose File (podman-compose.yml):
yaml
# Usage:
#     curl -fsSL 'https://docker-compose.archivebox.io' > podman-compose.yml
#     podman-compose up
#     podman-compose run archivebox version
#     podman-compose run -T archivebox add < urls_to_archive.txt
#     podman-compose run archivebox add --depth=1 'https://news.ycombinator.com'
#     podman-compose run archivebox config --set SAVE_ARCHIVE_DOT_ORG=False
#     podman-compose run archivebox help
# Documentation:
#     https://github.com/ArchiveBox/ArchiveBox/wiki/Docker#docker-compose

services:
    archivebox:
        image: archivebox/archivebox:latest
        ports:
            - 8000:8000
        volumes:
            - ./data:/data
            # ./data/personas/Default/chrome_profile/Default:/data/personas/Default/chrome_profile/Default
        environment:
            # - ADMIN_USERNAME=admin            # creates an admin user on first run with the given user/pass combo
            # - ADMIN_PASSWORD=SomeSecretPassword
            - CSRF_TRUSTED_ORIGINS=https://archivebox.example.com  # REQUIRED for auth, REST API, etc. to work
            - ALLOWED_HOSTS=*                   # set this to the hostname(s) from your CSRF_TRUSTED_ORIGINS
            - PUBLIC_INDEX=True                 # set to False to prevent anonymous users from viewing snapshot list
            - PUBLIC_SNAPSHOTS=True             # set to False to prevent anonymous users from viewing snapshot content
            - PUBLIC_ADD_VIEW=False             # set to True to allow anonymous users to submit new URLs to archive
            - SEARCH_BACKEND_ENGINE=sonic       # tells ArchiveBox to use sonic container below for fast full-text search
            - SEARCH_BACKEND_HOST_NAME=sonic
            - SEARCH_BACKEND_PASSWORD=SomeSecretPassword
            # - PUID=911                        # set to your host user's UID & GID if you encounter permissions issues
            # - PGID=911                        # UID/GIDs <500 may clash with existing users and are not recommended
            # For options below, it's better to set using `podman-compose run archivebox config --set SOME_KEY=someval` instead of setting here:
            # - MEDIA_MAX_SIZE=750m             # increase this filesize limit to allow archiving larger audio/video files
            # - TIMEOUT=60                      # increase this number to 120+ seconds if you see many slow downloads timing out
            # - CHECK_SSL_VALIDITY=True         # set to False to disable strict SSL checking (allows saving URLs w/ broken certs)
            # - SAVE_ARCHIVE_DOT_ORG=True       # set to False to disable submitting all URLs to Archive.org when archiving
            # - USER_AGENT="..."                # set a custom USER_AGENT to avoid being blocked as a bot
            # ...
            # For more info, see: https://github.com/ArchiveBox/ArchiveBox/wiki/Docker#configuration

        # For ad-blocking during archiving, uncomment this section and the pihole service below
        # networks:
        #   - dns
        # dns:
        #   - 172.20.0.53

    archivebox_scheduler:
        image: archivebox/archivebox:latest
        command: schedule --foreground --update --every=day
        environment:
            # - PUID=911                        # set to your host user's UID & GID if you encounter permissions issues
            # - PGID=911
            - TIMEOUT=120                       # use a higher timeout than the main container to give slow tasks more time when retrying
            - SEARCH_BACKEND_ENGINE=sonic       # tells ArchiveBox to use sonic container below for fast full-text search
            - SEARCH_BACKEND_HOST_NAME=sonic
            - SEARCH_BACKEND_PASSWORD=SomeSecretPassword
            # For other config it's better to set using `podman-compose run archivebox config --set SOME_KEY=someval` instead of setting here
            # ...
            # For more info, see: https://github.com/ArchiveBox/ArchiveBox/wiki/Docker#configuration
        volumes:
            - ./data:/data
        # cpus: 2                               # uncomment / edit these values to limit scheduler container resource consumption
        # mem_limit: 2048m
        # restart: always

    sonic:
        image: archivebox/sonic:latest
        expose:
            - 1491
        environment:
            - SEARCH_BACKEND_PASSWORD=SomeSecretPassword
        volumes:
            #- ./sonic.cfg:/etc/sonic.cfg:ro    # mount to customize: https://raw.githubusercontent.com/ArchiveBox/ArchiveBox/stable/etc/sonic.cfg
            - ./data/sonic:/var/lib/sonic/store

    novnc:
        image: theasp/novnc:latest
        environment:
            - DISPLAY_WIDTH=1920
            - DISPLAY_HEIGHT=1080
            - RUN_XTERM=no
        ports:
            # to view/control ArchiveBox's browser, visit: http://127.0.0.1:8080/vnc.html
            # restricted to access from localhost by default because it has no authentication
            - 127.0.0.1:8080:8080

    # nginx:
    #     image: nginx:alpine
    #     ports:
    #         - 443:443
    #         - 80:80
    #     volumes:
    #         - ./etc/nginx.conf:/etc/nginx/nginx.conf
    #         - ./data:/var/www

    # pihole:
    #   image: pihole/pihole:latest
    #   ports:
    #     # access the admin HTTP interface on http://localhost:8090
    #     - 127.0.0.1:8090:80
    #   environment:
    #     - WEBPASSWORD=SET_THIS_TO_SOME_SECRET_PASSWORD_FOR_ADMIN_DASHBOARD
    #     - DNSMASQ_LISTENING=all
    #   dns:
    #     - 127.0.0.1
    #     - 1.1.1.1
    #   networks:
    #     dns:
    #       ipv4_address: 172.20.0.53
    #   volumes:
    #     - ./etc/pihole:/etc/pihole
    #     - ./etc/dnsmasq:/etc/dnsmasq.d

    # wireguard:
    #   image: linuxserver/wireguard:latest
    #   network_mode: 'service:archivebox'
    #   cap_add:
    #     - NET_ADMIN
    #     - SYS_MODULE
    #   sysctls:
    #     - net.ipv4.conf.all.rp_filter=2
    #     - net.ipv4.conf.all.src_valid_mark=1
    #   volumes:
    #     - /lib/modules:/lib/modules
    #     - ./wireguard.conf:/config/wg0.conf:ro

    # changedetection:
    #     image: ghcr.io/dgtlmoon/changedetection.io
    #     volumes:
    #         - ./data-changedetection:/datastore

    # pywb:
    #     image: webrecorder/pywb:latest
    #     entrypoint: /bin/sh -c '(wb-manager init default || test $$? -eq 2) && wb-manager add default /archivebox/archive/*/warc/*.warc.gz; wayback;'
    #     environment:
    #         - INIT_COLLECTION=archivebox
    #     ports:
    #         - 8686:8080
    #     volumes:
    #         - ./data:/archivebox
    #         - ./data/wayback:/webarchive

networks:
    # network just used for pihole container to offer :53 dns resolving on fixed ip for archivebox container
    dns:
        ipam:
            driver: default
            config:
                - subnet: 172.20.0.0/24

# HOW TO: Set up cloud storage for your ./data/archive (e.g. Amazon S3, Backblaze B2, Google Drive, OneDrive, SFTP, etc.)
#   https://github.com/ArchiveBox/ArchiveBox/wiki/Setting-Up-Storage
#
#   Follow the steps here to set up the Docker RClone Plugin https://rclone.org/docker/
#     $ podman plugin install rclone/docker-volume-rclone:amd64 --grant-all-permissions --alias rclone
#     $ nano /var/lib/containers/storage/volumes/rclone/config/rclone.conf
#     [examplegdrive]
#     type = drive
#     scope = drive
#     drive_id = 1234567...
#     root_folder_id = 0Abcd...
#     token = {"access_token":...}

# volumes:
#     archive:
#         driver: rclone
#         driver_opts:
#             remote: 'examplegdrive:archivebox'
#             allow_other: 'true'
#             vfs_cache_mode: full
#             poll_interval: 0
  1. Quadlet Configuration:

Quadlet uses Kubernetes-like YAML files to define pods. Below is an example of how you might define the archivebox service in Quadlet:

yaml
apiVersion: v1
kind: Pod
metadata:
  name: archivebox
spec:
  containers:
  - name: archivebox
    image: archivebox/archivebox:latest
    ports:
    - containerPort: 8000
    volumeMounts:
    - name: data
      mountPath: /data
    env:
    - name: CSRF_TRUSTED_ORIGINS
      value: "https://archivebox.example.com"
    - name: ALLOWED_HOSTS
      value: "*"
    - name: PUBLIC_INDEX
      value: "True"
    - name: PUBLIC_SNAPSHOTS
      value: "True"
    - name: PUBLIC_ADD_VIEW
      value: "False"
    - name: SEARCH_BACKEND_ENGINE
      value: "sonic"
    - name: SEARCH_BACKEND_HOST_NAME
      value: "sonic"
    - name: SEARCH_BACKEND_PASSWORD
      value: "SomeSecretPassword"
  volumes:
  - name: data
    hostPath:
      path: /path/to/your/data

You would need to create similar definitions for the other services (archivebox_scheduler, sonic, novnc, etc.).

  1. Running the Configuration:

  • Podman Compose:

    sh
    podman-compose -f podman-compose.yml up

  • Quadlet:

    sh
    quadlet apply -f archivebox.yaml

Ensure you have Podman and Quadlet installed and configured correctly on your system. Adjust the paths and environment variables as needed for your specific setup.

Jan 5, 3:38pm
Skip podman compose, provide a complete and fully functional Quadlet configuration.
Jan 5, 3:40pm

To create a fully functional Quadlet configuration for the given Docker Compose setup, you need to translate each service into a Quadlet pod definition. Below is the complete Quadlet configuration:

  1. Quadlet Configuration (quadlet.yaml):
yaml
apiVersion: v1
kind: Pod
metadata:
  name: archivebox
spec:
  containers:
  - name: archivebox
    image: archivebox/archivebox:latest
    ports:
    - containerPort: 8000
    volumeMounts:
    - name: data
      mountPath: /data
    env:
    - name: CSRF_TRUSTED_ORIGINS
      value: "https://archivebox.example.com"
    - name: ALLOWED_HOSTS
      value: "*"
    - name: PUBLIC_INDEX
      value: "True"
    - name: PUBLIC_SNAPSHOTS
      value: "True"
    - name: PUBLIC_ADD_VIEW
      value: "False"
    - name: SEARCH_BACKEND_ENGINE
      value: "sonic"
    - name: SEARCH_BACKEND_HOST_NAME
      value: "sonic"
    - name: SEARCH_BACKEND_PASSWORD
      value: "SomeSecretPassword"
  volumes:
  - name: data
    hostPath:
      path: /path/to/your/data

---
apiVersion: v1
kind: Pod
metadata:
  name: archivebox-scheduler
spec:
  containers:
  - name: archivebox-scheduler
    image: archivebox/archivebox:latest
    command: ["schedule", "--foreground", "--update", "--every=day"]
    volumeMounts:
    - name: data
      mountPath: /data
    env:
    - name: TIMEOUT
      value: "120"
    - name: SEARCH_BACKEND_ENGINE
      value: "sonic"
    - name: SEARCH_BACKEND_HOST_NAME
      value: "sonic"
    - name: SEARCH_BACKEND_PASSWORD
      value: "SomeSecretPassword"
  volumes:
  - name: data
    hostPath:
      path: /path/to/your/data

---
apiVersion: v1
kind: Pod
metadata:
  name: sonic
spec:
  containers:
  - name: sonic
    image: archivebox/sonic:latest
    ports:
    - containerPort: 1491
    volumeMounts:
    - name: sonic-data
      mountPath: /var/lib/sonic/store
    env:
    - name: SEARCH_BACKEND_PASSWORD
      value: "SomeSecretPassword"
  volumes:
  - name: sonic-data
    hostPath:
      path: /path/to/your/data/sonic

---
apiVersion: v1
kind: Pod
metadata:
  name: novnc
spec:
  containers:
  - name: novnc
    image: theasp/novnc:latest
    ports:
    - containerPort: 8080
    env:
    - name: DISPLAY_WIDTH
      value: "1920"
    - name: DISPLAY_HEIGHT
      value: "1080"
    - name: RUN_XTERM
      value: "no"

---
apiVersion: v1
kind: Pod
metadata:
  name: nginx
spec:
  containers:
  - name: nginx
    image: nginx:alpine
    ports:
    - containerPort: 443
    - containerPort: 80
    volumeMounts:
    - name: nginx-config
      mountPath: /etc/nginx/nginx.conf
    - name: data
      mountPath: /var/www
  volumes:
  - name: nginx-config
    hostPath:
      path: /path/to/your/etc/nginx.conf
  - name: data
    hostPath:
      path: /path/to/your/data

---
apiVersion: v1
kind: Pod
metadata:
  name: pihole
spec:
  containers:
  - name: pihole
    image: pihole/pihole:latest
    ports:
    - containerPort: 80
    env:
    - name: WEBPASSWORD
      value: "SET_THIS_TO_SOME_SECRET_PASSWORD_FOR_ADMIN_DASHBOARD"
    - name: DNSMASQ_LISTENING
      value: "all"
    volumeMounts:
    - name: pihole-config
      mountPath: /etc/pihole
    - name: dnsmasq-config
      mountPath: /etc/dnsmasq.d
  volumes:
  - name: pihole-config
    hostPath:
      path: /path/to/your/etc/pihole
  - name: dnsmasq-config
    hostPath:
      path: /path/to/your/etc/dnsmasq

---
apiVersion: v1
kind: Pod
metadata:
  name: wireguard
spec:
  containers:
  - name: wireguard
    image: linuxserver/wireguard:latest
    capAdd:
    - NET_ADMIN
    - SYS_MODULE
    sysctls:
    - name: net.ipv4.conf.all.rp_filter
      value: "2"
    - name: net.ipv4.conf.all.src_valid_mark
      value: "1"
    volumeMounts:
    - name: modules
      mountPath: /lib/modules
    - name: wireguard-config
      mountPath: /config/wg0.conf
  volumes:
  - name: modules
    hostPath:
      path: /lib/modules
  - name: wireguard-config
    hostPath:
      path: /path/to/your/wireguard.conf

---
apiVersion: v1
kind: Pod
metadata:
  name: changedetection
spec:
  containers:
  - name: changedetection
    image: ghcr.io/dgtlmoon/changedetection.io
    volumeMounts:
    - name: changedetection-data
      mountPath: /datastore
  volumes:
  - name: changedetection-data
    hostPath:
      path: /path/to/your/data-changedetection

---
apiVersion: v1
kind: Pod
metadata:
  name: pywb
spec:
  containers:
  - name: pywb
    image: webrecorder/pywb:latest
    command: ["/bin/sh", "-c", "(wb-manager init default || test $$? -eq 2) && wb-manager add default /archivebox/archive/*/warc/*.warc.gz; wayback;"]
    ports:
    - containerPort: 8080
    volumeMounts:
    - name: data
      mountPath: /archivebox
    - name: wayback
      mountPath: /webarchive
    env:
    - name: INIT_COLLECTION
      value: "archivebox"
  volumes:
  - name: data
    hostPath:
      path: /path/to/your/data
  - name: wayback
    hostPath:
      path: /path/to/your/data/wayback
  1. Running the Configuration:

To apply the Quadlet configuration, use the following command:

sh
quadlet apply -f quadlet.yaml

Ensure you have Quadlet installed and configured correctly on your system. Adjust the paths and environment variables as needed for your specific setup.

Jan 5, 3:40pm
put all the containers into one pod instead
Jan 5, 3:41pm

To put all the containers into a single pod in Quadlet, you need to define a single pod specification that includes all the containers. Below is the complete Quadlet configuration with all containers in one pod:

yaml
apiVersion: v1
kind: Pod
metadata:
  name: archivebox-pod
spec:
  containers:
  - name: archivebox
    image: archivebox/archivebox:latest
    ports:
    - containerPort: 8000
    volumeMounts:
    - name: data
      mountPath: /data
    env:
    - name: CSRF_TRUSTED_ORIGINS
      value: "https://archivebox.example.com"
    - name: ALLOWED_HOSTS
      value: "*"
    - name: PUBLIC_INDEX
      value: "True"
    - name: PUBLIC_SNAPSHOTS
      value: "True"
    - name: PUBLIC_ADD_VIEW
      value: "False"
    - name: SEARCH_BACKEND_ENGINE
      value: "sonic"
    - name: SEARCH_BACKEND_HOST_NAME
      value: "sonic"
    - name: SEARCH_BACKEND_PASSWORD
      value: "SomeSecretPassword"

  - name: archivebox-scheduler
    image: archivebox/archivebox:latest
    command: ["schedule", "--foreground", "--update", "--every=day"]
    volumeMounts:
    - name: data
      mountPath: /data
    env:
    - name: TIMEOUT
      value: "120"
    - name: SEARCH_BACKEND_ENGINE
      value: "sonic"
    - name: SEARCH_BACKEND_HOST_NAME
      value: "sonic"
    - name: SEARCH_BACKEND_PASSWORD
      value: "SomeSecretPassword"

  - name: sonic
    image: archivebox/sonic:latest
    ports:
    - containerPort: 1491
    volumeMounts:
    - name: sonic-data
      mountPath: /var/lib/sonic/store
    env:
    - name: SEARCH_BACKEND_PASSWORD
      value: "SomeSecretPassword"

  - name: novnc
    image: theasp/novnc:latest
    ports:
    - containerPort: 8080
    env:
    - name: DISPLAY_WIDTH
      value: "1920"
    - name: DISPLAY_HEIGHT
      value: "1080"
    - name: RUN_XTERM
      value: "no"

  - name: nginx
    image: nginx:alpine
    ports:
    - containerPort: 443
    - containerPort: 80
    volumeMounts:
    - name: nginx-config
      mountPath: /etc/nginx/nginx.conf
    - name: data
      mountPath: /var/www

  - name: pihole
    image: pihole/pihole:latest
    ports:
    - containerPort: 80
    env:
    - name: WEBPASSWORD
      value: "SET_THIS_TO_SOME_SECRET_PASSWORD_FOR_ADMIN_DASHBOARD"
    - name: DNSMASQ_LISTENING
      value: "all"
    volumeMounts:
    - name: pihole-config
      mountPath: /etc/pihole
    - name: dnsmasq-config
      mountPath: /etc/dnsmasq.d

  - name: wireguard
    image: linuxserver/wireguard:latest
    capAdd:
    - NET_ADMIN
    - SYS_MODULE
    sysctls:
    - name: net.ipv4.conf.all.rp_filter
      value: "2"
    - name: net.ipv4.conf.all.src_valid_mark
      value: "1"
    volumeMounts:
    - name: modules
      mountPath: /lib/modules
    - name: wireguard-config
      mountPath: /config/wg0.conf

  - name: changedetection
    image: ghcr.io/dgtlmoon/changedetection.io
    volumeMounts:
    - name: changedetection-data
      mountPath: /datastore

  - name: pywb
    image: webrecorder/pywb:latest
    command: ["/bin/sh", "-c", "(wb-manager init default || test $$? -eq 2) && wb-manager add default /archivebox/archive/*/warc/*.warc.gz; wayback;"]
    ports:
    - containerPort: 8080
    volumeMounts:
    - name: data
      mountPath: /archivebox
    - name: wayback
      mountPath: /webarchive
    env:
    - name: INIT_COLLECTION
      value: "archivebox"

  volumes:
  - name: data
    hostPath:
      path: /path/to/your/data
  - name: sonic-data
    hostPath:
      path: /path/to/your/data/sonic
  - name: nginx-config
    hostPath:
      path: /path/to/your/etc/nginx.conf
  - name: pihole-config
    hostPath:
      path: /path/to/your/etc/pihole
  - name: dnsmasq-config
    hostPath:
      path: /path/to/your/etc/dnsmasq
  - name: modules
    hostPath:
      path: /lib/modules
  - name: wireguard-config
    hostPath:
      path: /path/to/your/wireguard.conf
  - name: changedetection-data
    hostPath:
      path: /path/to/your/data-changedetection
  - name: wayback
    hostPath:
      path: /path/to/your/data/wayback
  1. Running the Configuration:

To apply the Quadlet configuration, use the following command:

sh
quadlet apply -f quadlet.yaml

Ensure you have Quadlet installed and configured correctly on your system. Adjust the paths and environment variables as needed for your specific setup.

Jan 5, 3:41pm

This Chat is read-only. Login to resume chatting.

# Usage: # curl -fsSL 'https://docker-compose.archivebox.io' > podman-compose.yml # podman-compose up # podman-compose run archivebox version # podman-compose run -T archivebox add < urls_to_archive.txt # podman-compose run archivebox add --depth=1 'https://news.ycombinator.com' # podman-compose run archivebox config --set SAVE_ARCHIVE_DOT_ORG=False # podman-compose run archivebox help # Documentation: # https://github.com/ArchiveBox/ArchiveBox/wiki/Docker#docker-compose services: archivebox: image: archivebox/archivebox:latest ports: - 8000:8000 volumes: - ./data:/data # ./data/personas/Default/chrome_profile/Default:/data/personas/Default/chrome_profile/Default environment: # - ADMIN_USERNAME=admin # creates an admin user on first run with the given user/pass combo # - ADMIN_PASSWORD=SomeSecretPassword - CSRF_TRUSTED_ORIGINS=https://archivebox.example.com # REQUIRED for auth, REST API, etc. to work - ALLOWED_HOSTS=* # set this to the hostname(s) from your CSRF_TRUSTED_ORIGINS - PUBLIC_INDEX=True # set to False to prevent anonymous users from viewing snapshot list - PUBLIC_SNAPSHOTS=True # set to False to prevent anonymous users from viewing snapshot content - PUBLIC_ADD_VIEW=False # set to True to allow anonymous users to submit new URLs to archive - SEARCH_BACKEND_ENGINE=sonic # tells ArchiveBox to use sonic container below for fast full-text search - SEARCH_BACKEND_HOST_NAME=sonic - SEARCH_BACKEND_PASSWORD=SomeSecretPassword # - PUID=911 # set to your host user's UID & GID if you encounter permissions issues # - PGID=911 # UID/GIDs <500 may clash with existing users and are not recommended # For options below, it's better to set using `podman-compose run archivebox config --set SOME_KEY=someval` instead of setting here: # - MEDIA_MAX_SIZE=750m # increase this filesize limit to allow archiving larger audio/video files # - TIMEOUT=60 # increase this number to 120+ seconds if you see many slow downloads timing out # - CHECK_SSL_VALIDITY=True # set to False to disable strict SSL checking (allows saving URLs w/ broken certs) # - SAVE_ARCHIVE_DOT_ORG=True # set to False to disable submitting all URLs to Archive.org when archiving # - USER_AGENT="..." # set a custom USER_AGENT to avoid being blocked as a bot # ... # For more info, see: https://github.com/ArchiveBox/ArchiveBox/wiki/Docker#configuration # For ad-blocking during archiving, uncomment this section and the pihole service below # networks: # - dns # dns: # - 172.20.0.53 archivebox_scheduler: image: archivebox/archivebox:latest command: schedule --foreground --update --every=day environment: # - PUID=911 # set to your host user's UID & GID if you encounter permissions issues # - PGID=911 - TIMEOUT=120 # use a higher timeout than the main container to give slow tasks more time when retrying - SEARCH_BACKEND_ENGINE=sonic # tells ArchiveBox to use sonic container below for fast full-text search - SEARCH_BACKEND_HOST_NAME=sonic - SEARCH_BACKEND_PASSWORD=SomeSecretPassword # For other config it's better to set using `podman-compose run archivebox config --set SOME_KEY=someval` instead of setting here # ... # For more info, see: https://github.com/ArchiveBox/ArchiveBox/wiki/Docker#configuration volumes: - ./data:/data # cpus: 2 # uncomment / edit these values to limit scheduler container resource consumption # mem_limit: 2048m # restart: always sonic: image: archivebox/sonic:latest expose: - 1491 environment: - SEARCH_BACKEND_PASSWORD=SomeSecretPassword volumes: #- ./sonic.cfg:/etc/sonic.cfg:ro # mount to customize: https://raw.githubusercontent.com/ArchiveBox/ArchiveBox/stable/etc/sonic.cfg - ./data/sonic:/var/lib/sonic/store novnc: image: theasp/novnc:latest environment: - DISPLAY_WIDTH=1920 - DISPLAY_HEIGHT=1080 - RUN_XTERM=no ports: # to view/control ArchiveBox's browser, visit: http://127.0.0.1:8080/vnc.html # restricted to access from localhost by default because it has no authentication - 127.0.0.1:8080:8080 # nginx: # image: nginx:alpine # ports: # - 443:443 # - 80:80 # volumes: # - ./etc/nginx.conf:/etc/nginx/nginx.conf # - ./data:/var/www # pihole: # image: pihole/pihole:latest # ports: # # access the admin HTTP interface on http://localhost:8090 # - 127.0.0.1:8090:80 # environment: # - WEBPASSWORD=SET_THIS_TO_SOME_SECRET_PASSWORD_FOR_ADMIN_DASHBOARD # - DNSMASQ_LISTENING=all # dns: # - 127.0.0.1 # - 1.1.1.1 # networks: # dns: # ipv4_address: 172.20.0.53 # volumes: # - ./etc/pihole:/etc/pihole # - ./etc/dnsmasq:/etc/dnsmasq.d # wireguard: # image: linuxserver/wireguard:latest # network_mode: 'service:archivebox' # cap_add: # - NET_ADMIN # - SYS_MODULE # sysctls: # - net.ipv4.conf.all.rp_filter=2 # - net.ipv4.conf.all.src_valid_mark=1 # volumes: # - /lib/modules:/lib/modules # - ./wireguard.conf:/config/wg0.conf:ro # changedetection: # image: ghcr.io/dgtlmoon/changedetection.io # volumes: # - ./data-changedetection:/datastore # pywb: # image: webrecorder/pywb:latest # entrypoint: /bin/sh -c '(wb-manager init default || test $$? -eq 2) && wb-manager add default /archivebox/archive/*/warc/*.warc.gz; wayback;' # environment: # - INIT_COLLECTION=archivebox # ports: # - 8686:8080 # volumes: # - ./data:/archivebox # - ./data/wayback:/webarchive networks: # network just used for pihole container to offer :53 dns resolving on fixed ip for archivebox container dns: ipam: driver: default config: - subnet: 172.20.0.0/24 # HOW TO: Set up cloud storage for your ./data/archive (e.g. Amazon S3, Backblaze B2, Google Drive, OneDrive, SFTP, etc.) # https://github.com/ArchiveBox/ArchiveBox/wiki/Setting-Up-Storage # # Follow the steps here to set up the Docker RClone Plugin https://rclone.org/docker/ # $ podman plugin install rclone/docker-volume-rclone:amd64 --grant-all-permissions --alias rclone # $ nano /var/lib/containers/storage/volumes/rclone/config/rclone.conf # [examplegdrive] # type = drive # scope = drive # drive_id = 1234567... # root_folder_id = 0Abcd... # token = {"access_token":...} # volumes: # archive: # driver: rclone # driver_opts: # remote: 'examplegdrive:archivebox' # allow_other: 'true' # vfs_cache_mode: full # poll_interval: 0
apiVersion: v1 kind: Pod metadata: name: archivebox spec: containers: - name: archivebox image: archivebox/archivebox:latest ports: - containerPort: 8000 volumeMounts: - name: data mountPath: /data env: - name: CSRF_TRUSTED_ORIGINS value: "https://archivebox.example.com" - name: ALLOWED_HOSTS value: "*" - name: PUBLIC_INDEX value: "True" - name: PUBLIC_SNAPSHOTS value: "True" - name: PUBLIC_ADD_VIEW value: "False" - name: SEARCH_BACKEND_ENGINE value: "sonic" - name: SEARCH_BACKEND_HOST_NAME value: "sonic" - name: SEARCH_BACKEND_PASSWORD value: "SomeSecretPassword" volumes: - name: data hostPath: path: /path/to/your/data
apiVersion: v1 kind: Pod metadata: name: archivebox spec: containers: - name: archivebox image: archivebox/archivebox:latest ports: - containerPort: 8000 volumeMounts: - name: data mountPath: /data env: - name: CSRF_TRUSTED_ORIGINS value: "https://archivebox.example.com" - name: ALLOWED_HOSTS value: "*" - name: PUBLIC_INDEX value: "True" - name: PUBLIC_SNAPSHOTS value: "True" - name: PUBLIC_ADD_VIEW value: "False" - name: SEARCH_BACKEND_ENGINE value: "sonic" - name: SEARCH_BACKEND_HOST_NAME value: "sonic" - name: SEARCH_BACKEND_PASSWORD value: "SomeSecretPassword" volumes: - name: data hostPath: path: /path/to/your/data --- apiVersion: v1 kind: Pod metadata: name: archivebox-scheduler spec: containers: - name: archivebox-scheduler image: archivebox/archivebox:latest command: ["schedule", "--foreground", "--update", "--every=day"] volumeMounts: - name: data mountPath: /data env: - name: TIMEOUT value: "120" - name: SEARCH_BACKEND_ENGINE value: "sonic" - name: SEARCH_BACKEND_HOST_NAME value: "sonic" - name: SEARCH_BACKEND_PASSWORD value: "SomeSecretPassword" volumes: - name: data hostPath: path: /path/to/your/data --- apiVersion: v1 kind: Pod metadata: name: sonic spec: containers: - name: sonic image: archivebox/sonic:latest ports: - containerPort: 1491 volumeMounts: - name: sonic-data mountPath: /var/lib/sonic/store env: - name: SEARCH_BACKEND_PASSWORD value: "SomeSecretPassword" volumes: - name: sonic-data hostPath: path: /path/to/your/data/sonic --- apiVersion: v1 kind: Pod metadata: name: novnc spec: containers: - name: novnc image: theasp/novnc:latest ports: - containerPort: 8080 env: - name: DISPLAY_WIDTH value: "1920" - name: DISPLAY_HEIGHT value: "1080" - name: RUN_XTERM value: "no" --- apiVersion: v1 kind: Pod metadata: name: nginx spec: containers: - name: nginx image: nginx:alpine ports: - containerPort: 443 - containerPort: 80 volumeMounts: - name: nginx-config mountPath: /etc/nginx/nginx.conf - name: data mountPath: /var/www volumes: - name: nginx-config hostPath: path: /path/to/your/etc/nginx.conf - name: data hostPath: path: /path/to/your/data --- apiVersion: v1 kind: Pod metadata: name: pihole spec: containers: - name: pihole image: pihole/pihole:latest ports: - containerPort: 80 env: - name: WEBPASSWORD value: "SET_THIS_TO_SOME_SECRET_PASSWORD_FOR_ADMIN_DASHBOARD" - name: DNSMASQ_LISTENING value: "all" volumeMounts: - name: pihole-config mountPath: /etc/pihole - name: dnsmasq-config mountPath: /etc/dnsmasq.d volumes: - name: pihole-config hostPath: path: /path/to/your/etc/pihole - name: dnsmasq-config hostPath: path: /path/to/your/etc/dnsmasq --- apiVersion: v1 kind: Pod metadata: name: wireguard spec: containers: - name: wireguard image: linuxserver/wireguard:latest capAdd: - NET_ADMIN - SYS_MODULE sysctls: - name: net.ipv4.conf.all.rp_filter value: "2" - name: net.ipv4.conf.all.src_valid_mark value: "1" volumeMounts: - name: modules mountPath: /lib/modules - name: wireguard-config mountPath: /config/wg0.conf volumes: - name: modules hostPath: path: /lib/modules - name: wireguard-config hostPath: path: /path/to/your/wireguard.conf --- apiVersion: v1 kind: Pod metadata: name: changedetection spec: containers: - name: changedetection image: ghcr.io/dgtlmoon/changedetection.io volumeMounts: - name: changedetection-data mountPath: /datastore volumes: - name: changedetection-data hostPath: path: /path/to/your/data-changedetection --- apiVersion: v1 kind: Pod metadata: name: pywb spec: containers: - name: pywb image: webrecorder/pywb:latest command: ["/bin/sh", "-c", "(wb-manager init default || test $$? -eq 2) && wb-manager add default /archivebox/archive/*/warc/*.warc.gz; wayback;"] ports: - containerPort: 8080 volumeMounts: - name: data mountPath: /archivebox - name: wayback mountPath: /webarchive env: - name: INIT_COLLECTION value: "archivebox" volumes: - name: data hostPath: path: /path/to/your/data - name: wayback hostPath: path: /path/to/your/data/wayback
apiVersion: v1 kind: Pod metadata: name: archivebox-pod spec: containers: - name: archivebox image: archivebox/archivebox:latest ports: - containerPort: 8000 volumeMounts: - name: data mountPath: /data env: - name: CSRF_TRUSTED_ORIGINS value: "https://archivebox.example.com" - name: ALLOWED_HOSTS value: "*" - name: PUBLIC_INDEX value: "True" - name: PUBLIC_SNAPSHOTS value: "True" - name: PUBLIC_ADD_VIEW value: "False" - name: SEARCH_BACKEND_ENGINE value: "sonic" - name: SEARCH_BACKEND_HOST_NAME value: "sonic" - name: SEARCH_BACKEND_PASSWORD value: "SomeSecretPassword" - name: archivebox-scheduler image: archivebox/archivebox:latest command: ["schedule", "--foreground", "--update", "--every=day"] volumeMounts: - name: data mountPath: /data env: - name: TIMEOUT value: "120" - name: SEARCH_BACKEND_ENGINE value: "sonic" - name: SEARCH_BACKEND_HOST_NAME value: "sonic" - name: SEARCH_BACKEND_PASSWORD value: "SomeSecretPassword" - name: sonic image: archivebox/sonic:latest ports: - containerPort: 1491 volumeMounts: - name: sonic-data mountPath: /var/lib/sonic/store env: - name: SEARCH_BACKEND_PASSWORD value: "SomeSecretPassword" - name: novnc image: theasp/novnc:latest ports: - containerPort: 8080 env: - name: DISPLAY_WIDTH value: "1920" - name: DISPLAY_HEIGHT value: "1080" - name: RUN_XTERM value: "no" - name: nginx image: nginx:alpine ports: - containerPort: 443 - containerPort: 80 volumeMounts: - name: nginx-config mountPath: /etc/nginx/nginx.conf - name: data mountPath: /var/www - name: pihole image: pihole/pihole:latest ports: - containerPort: 80 env: - name: WEBPASSWORD value: "SET_THIS_TO_SOME_SECRET_PASSWORD_FOR_ADMIN_DASHBOARD" - name: DNSMASQ_LISTENING value: "all" volumeMounts: - name: pihole-config mountPath: /etc/pihole - name: dnsmasq-config mountPath: /etc/dnsmasq.d - name: wireguard image: linuxserver/wireguard:latest capAdd: - NET_ADMIN - SYS_MODULE sysctls: - name: net.ipv4.conf.all.rp_filter value: "2" - name: net.ipv4.conf.all.src_valid_mark value: "1" volumeMounts: - name: modules mountPath: /lib/modules - name: wireguard-config mountPath: /config/wg0.conf - name: changedetection image: ghcr.io/dgtlmoon/changedetection.io volumeMounts: - name: changedetection-data mountPath: /datastore - name: pywb image: webrecorder/pywb:latest command: ["/bin/sh", "-c", "(wb-manager init default || test $$? -eq 2) && wb-manager add default /archivebox/archive/*/warc/*.warc.gz; wayback;"] ports: - containerPort: 8080 volumeMounts: - name: data mountPath: /archivebox - name: wayback mountPath: /webarchive env: - name: INIT_COLLECTION value: "archivebox" volumes: - name: data hostPath: path: /path/to/your/data - name: sonic-data hostPath: path: /path/to/your/data/sonic - name: nginx-config hostPath: path: /path/to/your/etc/nginx.conf - name: pihole-config hostPath: path: /path/to/your/etc/pihole - name: dnsmasq-config hostPath: path: /path/to/your/etc/dnsmasq - name: modules hostPath: path: /lib/modules - name: wireguard-config hostPath: path: /path/to/your/wireguard.conf - name: changedetection-data hostPath: path: /path/to/your/data-changedetection - name: wayback hostPath: path: /path/to/your/data/wayback