Merge branch 'main' into codex/refactor-credential-management-for-docker
This commit is contained in:
beatz174-bit
@@ -5,10 +5,10 @@ services:
|
|||||||
image: gitea/gitea:latest # change to 1-rootless once find out how to move data.
|
image: gitea/gitea:latest # change to 1-rootless once find out how to move data.
|
||||||
restart: always
|
restart: always
|
||||||
environment:
|
environment:
|
||||||
- USER_UID=1000
|
- USER_UID=${GITEA_USER_UID}
|
||||||
- USER_GID=1000
|
- USER_GID=${GITEA_USER_GID}
|
||||||
- GITEA__database__DB_TYPE=sqlite3
|
- GITEA__database__DB_TYPE=${GITEA_DB_TYPE}
|
||||||
- GITEA__server__ROOT_URL=https://gitea.lan.ddnsgeek.com/
|
- GITEA__server__ROOT_URL=${GITEA_ROOT_URL}
|
||||||
volumes:
|
volumes:
|
||||||
- ${PROJECT_ROOT}/apps/gitea/data:/data
|
- ${PROJECT_ROOT}/apps/gitea/data:/data
|
||||||
networks:
|
networks:
|
||||||
|
|||||||
@@ -33,12 +33,14 @@ services:
|
|||||||
env_file:
|
env_file:
|
||||||
- ${PROJECT_ROOT}/secrets/stack-secrets.env
|
- ${PROJECT_ROOT}/secrets/stack-secrets.env
|
||||||
environment:
|
environment:
|
||||||
DB_URI: postgresql://${GRAMPS_DB_USER}:${GRAMPS_DB_PASSWORD}@gramps-db:5432/${GRAMPS_DB_NAME}
|
DB_URI: ${GRAMPS_DB_URI}
|
||||||
GRAMPSWEB_LOGLEVEL: INFO
|
GRAMPSWEB_LOGLEVEL: ${GRAMPSWEB_LOGLEVEL}
|
||||||
|
# default admin user created on first run:
|
||||||
INITIAL_ADMIN: ${GRAMPS_INITIAL_ADMIN}
|
INITIAL_ADMIN: ${GRAMPS_INITIAL_ADMIN}
|
||||||
INITIAL_ADMIN_PASSWORD: ${GRAMPS_INITIAL_ADMIN_PASSWORD}
|
INITIAL_ADMIN_PASSWORD: ${GRAMPS_INITIAL_ADMIN_PASSWORD}
|
||||||
GRAMPSWEB_MEDIAPATH: /app/media
|
# optional: storage paths inside container
|
||||||
GRAMPSWEB_TREE: "main"
|
GRAMPSWEB_MEDIAPATH: ${GRAMPSWEB_MEDIAPATH}
|
||||||
|
GRAMPSWEB_TREE: "${GRAMPSWEB_TREE}"
|
||||||
volumes:
|
volumes:
|
||||||
- ${PROJECT_ROOT}/apps/gramps/data/users:/app/users
|
- ${PROJECT_ROOT}/apps/gramps/data/users:/app/users
|
||||||
- ${PROJECT_ROOT}/apps/gramps/data/media:/app/media
|
- ${PROJECT_ROOT}/apps/gramps/data/media:/app/media
|
||||||
|
|||||||
@@ -33,6 +33,13 @@ access_control:
|
|||||||
- "^/health"
|
- "^/health"
|
||||||
policy: bypass
|
policy: bypass
|
||||||
|
|
||||||
|
- domain: node-red.lan.ddnsgeek.com
|
||||||
|
resources:
|
||||||
|
- "^/health"
|
||||||
|
- "^/uptime-kuma"
|
||||||
|
- "^/docker-update-lockouts/clear"
|
||||||
|
policy: bypass
|
||||||
|
|
||||||
- domain: prometheus.lan.ddnsgeek.com
|
- domain: prometheus.lan.ddnsgeek.com
|
||||||
resources:
|
resources:
|
||||||
- "^/-/healthy"
|
- "^/-/healthy"
|
||||||
|
|||||||
@@ -76,7 +76,7 @@ services:
|
|||||||
container_name: error-pages
|
container_name: error-pages
|
||||||
read_only: true
|
read_only: true
|
||||||
environment:
|
environment:
|
||||||
TEMPLATE_NAME: app-down
|
TEMPLATE_NAME: ${ERROR_PAGES_TEMPLATE_NAME}
|
||||||
networks:
|
networks:
|
||||||
# - reverse_proxy
|
# - reverse_proxy
|
||||||
- traefik
|
- traefik
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
services:
|
services:
|
||||||
update-test:
|
update-test:
|
||||||
image: nginx:1.27.4
|
image: nginx:1.28.1
|
||||||
container_name: update-test
|
container_name: update-test
|
||||||
profiles: ["test"]
|
profiles: ["test"]
|
||||||
healthcheck:
|
healthcheck:
|
||||||
|
|||||||
@@ -2,3 +2,84 @@ PROJECT_ROOT=/home/nixos/docker
|
|||||||
DOMAIN=lan.ddnsgeek.com
|
DOMAIN=lan.ddnsgeek.com
|
||||||
TZ=Australia/Brisbane
|
TZ=Australia/Brisbane
|
||||||
EMAIL=wayne.bennett@live.com
|
EMAIL=wayne.bennett@live.com
|
||||||
|
|
||||||
|
# Core
|
||||||
|
CROWDSEC_COLLECTIONS=crowdsecurity/traefik
|
||||||
|
ERROR_PAGES_TEMPLATE_NAME=app-down
|
||||||
|
|
||||||
|
# Gitea
|
||||||
|
GITEA_USER_UID=1000
|
||||||
|
GITEA_USER_GID=1000
|
||||||
|
GITEA_DB_TYPE=sqlite3
|
||||||
|
GITEA_ROOT_URL=https://gitea.lan.ddnsgeek.com/
|
||||||
|
|
||||||
|
# Grafana
|
||||||
|
GRAFANA_ROOT_URL=https://grafana.lan.ddnsgeek.com/
|
||||||
|
|
||||||
|
# Nextcloud
|
||||||
|
NEXTCLOUD_MYSQL_ROOT_PASSWORD=R1m@dmin
|
||||||
|
NEXTCLOUD_MYSQL_PASSWORD=R1m@dmin
|
||||||
|
NEXTCLOUD_MYSQL_DATABASE=nextcloud
|
||||||
|
NEXTCLOUD_MYSQL_USER=nextcloud
|
||||||
|
NEXTCLOUD_MYSQL_HOST=nextcloud_db:3306
|
||||||
|
NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.lan.ddnsgeek.com
|
||||||
|
NEXTCLOUD_OVERWRITEPROTOCOL=https
|
||||||
|
NEXTCLOUD_OVERWRITECLIURL=https://nextcloud.lan.ddnsgeek.com
|
||||||
|
NEXTCLOUD_SMTP_HOST=smtp.gmail.com
|
||||||
|
NEXTCLOUD_SMTP_SECURE=tls
|
||||||
|
NEXTCLOUD_SMTP_PORT=587
|
||||||
|
NEXTCLOUD_SMTP_AUTHTYPE=login
|
||||||
|
NEXTCLOUD_MAIL_FROM_ADDRESS=beatz174
|
||||||
|
NEXTCLOUD_MAIL_DOMAIN=gmail.com
|
||||||
|
NEXTCLOUD_SMTP_NAME=beatz174@gmail.com
|
||||||
|
NEXTCLOUD_SMTP_PASSWORD=kqdw fvml wlag ldgv
|
||||||
|
NEXTCLOUD_REDIS_HOST=redis
|
||||||
|
NEXTCLOUD_REDIS_HOST_PORT=6379
|
||||||
|
NEXTCLOUD_REDIS_HOST_PASSWORD=TzBF8wcJNmVd9p2CTmBejPS9dpye6kWQeH3DmrQS9TPfTRriSHFN5VqH4CgzcuVZYWH2GBb7QU5GuEpNDGYdKjM6hjmLyjSgCFMiPms3Hv9n
|
||||||
|
NEXTCLOUD_MARIADB_AUTO_UPGRADE=1
|
||||||
|
NEXTCLOUD_ADMIN_USER=admin
|
||||||
|
NEXTCLOUD_ADMIN_PASSWORD=R1m@dmin
|
||||||
|
|
||||||
|
# Passbolt
|
||||||
|
PASSBOLT_MYSQL_RANDOM_ROOT_PASSWORD=true
|
||||||
|
PASSBOLT_MYSQL_DATABASE=passbolt
|
||||||
|
PASSBOLT_MYSQL_USER=passbolt
|
||||||
|
PASSBOLT_MYSQL_PASSWORD=P4ssb0lt
|
||||||
|
PASSBOLT_APP_FULL_BASE_URL=https://passbolt.lan.ddnsgeek.com
|
||||||
|
PASSBOLT_DATASOURCES_DEFAULT_HOST=passbolt-db
|
||||||
|
PASSBOLT_DATASOURCES_DEFAULT_USERNAME=passbolt
|
||||||
|
PASSBOLT_DATASOURCES_DEFAULT_PASSWORD=P4ssb0lt
|
||||||
|
PASSBOLT_DATASOURCES_DEFAULT_DATABASE=passbolt
|
||||||
|
PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=CBBB2B8F3E9FACA114537ACB8965B750F7363586
|
||||||
|
|
||||||
|
# Gramps
|
||||||
|
GRAMPS_POSTGRES_USER=gramps
|
||||||
|
GRAMPS_POSTGRES_PASSWORD=grampspassword
|
||||||
|
GRAMPS_POSTGRES_DB=gramps
|
||||||
|
GRAMPS_DB_URI=postgresql://gramps:grampspassword@db:5432/gramps
|
||||||
|
GRAMPSWEB_LOGLEVEL=INFO
|
||||||
|
GRAMPS_INITIAL_ADMIN=admin
|
||||||
|
GRAMPS_INITIAL_ADMIN_PASSWORD=admin
|
||||||
|
GRAMPSWEB_MEDIAPATH=/app/media
|
||||||
|
GRAMPSWEB_TREE=main
|
||||||
|
|
||||||
|
# Prometheus stack
|
||||||
|
INFLUXDB_INIT_MODE=setup
|
||||||
|
INFLUXDB_INIT_USERNAME=admin
|
||||||
|
INFLUXDB_INIT_PASSWORD=adminpassword
|
||||||
|
INFLUXDB_INIT_ORG=pbs
|
||||||
|
INFLUXDB_INIT_BUCKET=telemetry
|
||||||
|
DOCKER_EXPORTER_LOG_LEVEL=INFO
|
||||||
|
PIHOLE_HOSTNAME=pihole.sweet.home
|
||||||
|
PIHOLE_PASSWORD=
|
||||||
|
PIHOLE_EXPORTER_PORT=9617
|
||||||
|
|
||||||
|
# Gotify
|
||||||
|
GOTIFY_DEFAULTUSER_NAME=admin
|
||||||
|
GOTIFY_DEFAULTUSER_PASS=R1m@dmin
|
||||||
|
GOTIFY_REGISTRATION=false
|
||||||
|
#GOTIFY_URL=https://gotify.lan.ddnsgeek.com
|
||||||
|
#GOTIFY_TOKEN=ADuOnDBG7C27hcf
|
||||||
|
|
||||||
|
# Portainer
|
||||||
|
PORTAINER_GODEBUG=netdns=cgo
|
||||||
|
|||||||
@@ -12,7 +12,8 @@ services:
|
|||||||
- TZ=${TZ}
|
- TZ=${TZ}
|
||||||
- GOTIFY_DEFAULTUSER_NAME=${GOTIFY_DEFAULTUSER_NAME}
|
- GOTIFY_DEFAULTUSER_NAME=${GOTIFY_DEFAULTUSER_NAME}
|
||||||
- GOTIFY_DEFAULTUSER_PASS=${GOTIFY_DEFAULTUSER_PASS}
|
- GOTIFY_DEFAULTUSER_PASS=${GOTIFY_DEFAULTUSER_PASS}
|
||||||
- GOTIFY_REGISTRATION=false
|
- GOTIFY_REGISTRATION=${GOTIFY_REGISTRATION}
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
- traefik
|
- traefik
|
||||||
labels:
|
labels:
|
||||||
|
|||||||
@@ -5,7 +5,7 @@ services:
|
|||||||
container_name: grafana
|
container_name: grafana
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
environment:
|
environment:
|
||||||
- GF_SERVER_ROOT_URL=https://grafana.lan.ddnsgeek.com/
|
- GF_SERVER_ROOT_URL=${GRAFANA_ROOT_URL}
|
||||||
volumes:
|
volumes:
|
||||||
- ${PROJECT_ROOT}/monitoring/grafana/data:/var/lib/grafana
|
- ${PROJECT_ROOT}/monitoring/grafana/data:/var/lib/grafana
|
||||||
networks:
|
networks:
|
||||||
|
|||||||
@@ -3,4 +3,5 @@ FROM nodered/node-red:latest
|
|||||||
USER root
|
USER root
|
||||||
RUN apk add --no-cache docker-cli docker-cli-compose
|
RUN apk add --no-cache docker-cli docker-cli-compose
|
||||||
RUN addgroup -g 131 -S docker && addgroup node-red docker
|
RUN addgroup -g 131 -S docker && addgroup node-red docker
|
||||||
|
|
||||||
USER node-red
|
USER node-red
|
||||||
|
|||||||
@@ -7,12 +7,15 @@ services:
|
|||||||
profiles: ["monitoring","all"]
|
profiles: ["monitoring","all"]
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
privileged: true
|
privileged: true
|
||||||
|
environment:
|
||||||
|
- TZ=${TZ}
|
||||||
# ports:
|
# ports:
|
||||||
# - "1880:1880"
|
# - "1880:1880"
|
||||||
volumes:
|
volumes:
|
||||||
- ${PROJECT_ROOT}/monitoring/node-red/data:/data
|
- ${PROJECT_ROOT}/monitoring/node-red/data:/data
|
||||||
- /var/run/docker.sock:/var/run/docker.sock:rw
|
- /var/run/docker.sock:/var/run/docker.sock:rw
|
||||||
- ${PROJECT_ROOT}:/compose
|
- ${PROJECT_ROOT}:/compose/docker:ro
|
||||||
|
- /home/nixos/raspi:/compose/raspi:ro
|
||||||
- ${PROJECT_ROOT}/default-environment.env:/usr/src/node-red/default-environment.env:ro
|
- ${PROJECT_ROOT}/default-environment.env:/usr/src/node-red/default-environment.env:ro
|
||||||
- ${PROJECT_ROOT}/default-network.yml:/usr/src/node-red/default-network.yml:ro
|
- ${PROJECT_ROOT}/default-network.yml:/usr/src/node-red/default-network.yml:ro
|
||||||
- ${PROJECT_ROOT}/core/docker-compose.yml:/usr/src/node-red/core/docker-compose.yml:ro
|
- ${PROJECT_ROOT}/core/docker-compose.yml:/usr/src/node-red/core/docker-compose.yml:ro
|
||||||
|
|||||||
@@ -24,7 +24,7 @@ services:
|
|||||||
- traefik.http.services.portainer.loadbalancer.server.port=9000
|
- traefik.http.services.portainer.loadbalancer.server.port=9000
|
||||||
|
|
||||||
environment:
|
environment:
|
||||||
- GODEBUG=netdns=cgo
|
- GODEBUG=${PORTAINER_GODEBUG}
|
||||||
# healthcheck:
|
# healthcheck:
|
||||||
# test: ["CMD", "wget", "--spider", "-q", "https://portainer.lan.ddnsgeek.com/api/status"]
|
# test: ["CMD", "wget", "--spider", "-q", "https://portainer.lan.ddnsgeek.com/api/status"]
|
||||||
# interval: 30s
|
# interval: 30s
|
||||||
|
|||||||
@@ -169,30 +169,30 @@ services:
|
|||||||
# - ${PROJECT_ROOT}/monitoring/docker-exporter/data:/data:rw
|
# - ${PROJECT_ROOT}/monitoring/docker-exporter/data:/data:rw
|
||||||
# - ${PROJECT_ROOT}/services-up.sh:/app/services-up.sh:ro
|
# - ${PROJECT_ROOT}/services-up.sh:/app/services-up.sh:ro
|
||||||
environment:
|
environment:
|
||||||
LOG_LEVEL: DEBUG
|
LOG_LEVEL: ${DOCKER_EXPORTER_LOG_LEVEL}
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
- ~/.docker/config.json:/root/.docker/config.json:ro
|
- ~/.docker/config.json:/root/.docker/config.json:ro
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
- ${PROJECT_ROOT}/monitoring/docker-exporter/data:/data:rw
|
- ${PROJECT_ROOT}/monitoring/docker-exporter/data:/data:rw
|
||||||
- ${PROJECT_ROOT}:/compose
|
- ${PROJECT_ROOT}:/compose:ro
|
||||||
- ${PROJECT_ROOT}/default-environment.env:/compose/default-environment.env:ro
|
# - ${PROJECT_ROOT}/default-environment.env:/compose/default-environment.env:ro
|
||||||
- ${PROJECT_ROOT}/default-network.yml:/compose/default-network.yml:ro
|
# - ${PROJECT_ROOT}/default-network.yml:/compose/default-network.yml:ro
|
||||||
- ${PROJECT_ROOT}/core/docker-compose.yml:/compose/core/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/core/docker-compose.yml:/compose/core/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/monitoring/prometheus/docker-compose.yml:/compose/monitoring/prometheus/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/monitoring/prometheus/docker-compose.yml:/compose/monitoring/prometheus/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/monitoring/gotify/docker-compose.yml:/compose/monitoring/gotify/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/monitoring/gotify/docker-compose.yml:/compose/monitoring/gotify/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/monitoring/grafana/docker-compose.yml:/compose/monitoring/grafana/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/monitoring/grafana/docker-compose.yml:/compose/monitoring/grafana/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/monitoring/portainer/docker-compose.yml:/compose/monitoring/portainer/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/monitoring/portainer/docker-compose.yml:/compose/monitoring/portainer/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/monitoring/uptime-kuma/docker-compose.yml:/compose/monitoring/uptime-kuma/docker-compose.yml:>
|
# - ${PROJECT_ROOT}/monitoring/uptime-kuma/docker-compose.yml:/compose/monitoring/uptime-kuma/docker-compose.yml:>
|
||||||
- ${PROJECT_ROOT}/apps/gitea/docker-compose.yml:/compose/apps/gitea/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/apps/gitea/docker-compose.yml:/compose/apps/gitea/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/apps/gramps/docker-compose.yml:/compose/apps/gramps/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/apps/gramps/docker-compose.yml:/compose/apps/gramps/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/apps/nextcloud/docker-compose.yml:/compose/apps/nextcloud/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/apps/nextcloud/docker-compose.yml:/compose/apps/nextcloud/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/apps/passbolt/docker-compose.yml:/compose/apps/passbolt/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/apps/passbolt/docker-compose.yml:/compose/apps/passbolt/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/apps/searxng/docker-compose.yml:/compose/apps/searxng/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/apps/searxng/docker-compose.yml:/compose/apps/searxng/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/apps/shift-recorder/docker-compose.yml:/compose/apps/shift-recorder/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/apps/shift-recorder/docker-compose.yml:/compose/apps/shift-recorder/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/apps/stockfill/docker-compose.yml:/compose/apps/stockfill/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/apps/stockfill/docker-compose.yml:/compose/apps/stockfill/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/monitoring/node-red/docker-compose.yml:/compose/monitoring/node-red/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/monitoring/node-red/docker-compose.yml:/compose/monitoring/node-red/docker-compose.yml:ro
|
||||||
- ${PROJECT_ROOT}/core/test/docker-compose.yml:/compose/core/test/docker-compose.yml:ro
|
# - ${PROJECT_ROOT}/core/test/docker-compose.yml:/compose/core/test/docker-compose.yml:ro
|
||||||
|
|
||||||
|
|
||||||
# ports:
|
# ports:
|
||||||
|
|||||||
@@ -63,6 +63,7 @@ scrape_configs:
|
|||||||
static_configs:
|
static_configs:
|
||||||
- targets:
|
- targets:
|
||||||
- telegraf:9273
|
- telegraf:9273
|
||||||
|
- raspberrypi.tail13f623.ts.net:9273
|
||||||
labels:
|
labels:
|
||||||
role: docker
|
role: docker
|
||||||
|
|
||||||
|
|||||||
+13
-13
@@ -1,13 +1,13 @@
|
|||||||
07:29:20 INFO: === Update started: 2026-04-01 07:29:20 ===
|
12:23:36 INFO: === Update started: 2026-04-04 12:23:36 ===
|
||||||
07:29:20 WARNING: Skipping traefik (directory does not exist)
|
12:23:36 WARNING: Skipping traefik (directory does not exist)
|
||||||
07:29:20 WARNING: Skipping nextcloud (directory does not exist)
|
12:23:36 WARNING: Skipping nextcloud (directory does not exist)
|
||||||
07:29:20 WARNING: Skipping passbolt (directory does not exist)
|
12:23:36 WARNING: Skipping passbolt (directory does not exist)
|
||||||
07:29:20 WARNING: Skipping searxng (directory does not exist)
|
12:23:36 WARNING: Skipping searxng (directory does not exist)
|
||||||
07:29:20 WARNING: Skipping gitea (directory does not exist)
|
12:23:36 WARNING: Skipping gitea (directory does not exist)
|
||||||
07:29:20 WARNING: Skipping gotify (directory does not exist)
|
12:23:36 WARNING: Skipping gotify (directory does not exist)
|
||||||
07:29:20 WARNING: Skipping grafana (directory does not exist)
|
12:23:36 WARNING: Skipping grafana (directory does not exist)
|
||||||
07:29:20 WARNING: Skipping gramps (directory does not exist)
|
12:23:36 WARNING: Skipping gramps (directory does not exist)
|
||||||
07:29:20 WARNING: Skipping portainer (directory does not exist)
|
12:23:36 WARNING: Skipping portainer (directory does not exist)
|
||||||
07:29:20 WARNING: Skipping prometheus (directory does not exist)
|
12:23:36 WARNING: Skipping prometheus (directory does not exist)
|
||||||
07:29:20 WARNING: Skipping uptime-kuma (directory does not exist)
|
12:23:36 WARNING: Skipping uptime-kuma (directory does not exist)
|
||||||
07:29:20 INFO: Pruning unused containers, images, networks, and volumes...
|
12:23:36 INFO: Pruning unused containers, images, networks, and volumes...
|
||||||
|
|||||||
Reference in New Issue
Block a user