diff --git a/Composer/basic/docker-compose.yml b/Composer/basic/docker-compose.yml
index bf76f0f..f609456 100644
--- a/Composer/basic/docker-compose.yml
+++ b/Composer/basic/docker-compose.yml
@@ -40,7 +40,7 @@ services:
labels:
# Dashboard
- "traefik.enable=true"
- - "traefik.http.routers.traefik.rule=Host(`traefik.dev.mertens.digital`)"
+ - "traefik.http.routers.traefik.rule=Host(`traefik.zuhause.mertens.digital`)"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
- "traefik.http.routers.traefik.entrypoints=websecure"
@@ -93,4 +93,4 @@ services:
networks:
proxy:
- external: true
\ No newline at end of file
+ external: true
diff --git a/Composer/nextcloud/default-config/preview.config.php b/Composer/nextcloud/default-config/preview.config.php
new file mode 100644
index 0000000..9f7ffff
--- /dev/null
+++ b/Composer/nextcloud/default-config/preview.config.php
@@ -0,0 +1,12 @@
+ [
+ 'OC\Preview\MP3',
+ 'OC\Preview\TXT',
+ 'OC\Preview\MarkDown',
+ 'OC\Preview\OpenDocument',
+ 'OC\Preview\Krita',
+ 'OC\Preview\Imaginary',
+],
+'preview_imaginary_url' => 'http://preview:9000',
+);
\ No newline at end of file
diff --git a/Composer/nextcloud/docker-compose.yml b/Composer/nextcloud/docker-compose.yml
new file mode 100644
index 0000000..c167dd7
--- /dev/null
+++ b/Composer/nextcloud/docker-compose.yml
@@ -0,0 +1,115 @@
+version: '3'
+
+services:
+ app:
+ image: nextcloud
+ restart: always
+ networks:
+ - caddy
+ - nextcloud
+ labels:
+ caddy: ${HOSTNAME}
+ caddy.reverse_proxy: "{{upstreams http 80}}"
+ caddy.0_redir: "/.well-known/carddav /remote.php/dav 301"
+ caddy.1_redir: "/.well-known/caldav /remote.php/dav 301"
+ caddy.header: "Strict-Transport-Security max-age=15552000"
+ caddy.tls: "internal"
+ volumes:
+ - ./data/nextcloud/www:/var/www/html
+ - ./default-config/preview.config.php:/var/www/html/config/preview.config.php
+ depends_on:
+ - clamav
+ - preview
+# - db
+ - redis
+ environment:
+ - POSTGRES_HOST=db
+ - REDIS_HOST=redis
+ - POSTGRES_DB=nextcloud
+ - POSTGRES_USER=${POSTGRES_USER}
+ - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
+ - NEXTCLOUD_TRUSTED_DOMAINS=${HOSTNAME}
+ - OVERWRITEPROTOCOL=https
+ - TRUSTED_PROXIES=${NEXTCLOUD_TRUSTED_PROXIES}
+ - APACHE_DISABLE_REWRITE_IP=1
+
+ preview:
+ container_name: "preview"
+ image: docker.io/nextcloud/aio-imaginary:latest
+ restart: always
+ networks:
+ - nextcloud
+ environment:
+ - PORT=9000
+ command: -concurrency 50 -enable-url-source
+
+ clamav:
+ image: "clamav/clamav:stable_base"
+ container_name: "clamav"
+ networks:
+ - nextcloud
+ volumes:
+ - ./data/clamav/virus_db:/var/lib/clamav/ # Virus database
+ restart: unless-stopped
+
+ # Does Not Work
+ #notify_push:
+ # image: icewind1991/notify_push
+ # restart: always
+ # networks:
+ # - nextcloud
+ # - caddy
+ # labels:
+ # caddy: ${HOSTNAME}
+ # caddy.handle_path: /push/*
+ # caddy.handle_path.0_reverse_proxy: "{{upstreams http 7867}}"
+ # depends_on:
+ # - db
+ # - redis
+ # - app
+ # volumes:
+ # - ./data/nextcloud/www:/var/www/html:ro
+ # - /etc/localtime:/etc/localtime:ro
+ # - /etc/timezone:/etc/timezone:ro
+ # environment:
+ # - PORT=7867
+ # - "NEXTCLOUD_URL=http://app" # don't go through the proxy to contact the nextcloud server
+ # entrypoint: ./notify_push --allow-self-signed --dump-config redis://:@redis --log-level debug /var/www/html/config/config.php
+
+ cron:
+ image: nextcloud
+ restart: always
+ volumes:
+ - ./data/nextcloud/www:/var/www/html
+ entrypoint: /cron.sh
+ depends_on:
+# - db
+ - redis
+ networks:
+ - nextcloud
+
+
+# db:
+# image: postgres:alpine
+# restart: always
+# networks:
+# - nextcloud
+# environment:
+# POSTGRES_USER: ${POSTGRES_USER}
+# POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+# volumes:
+# - ./data/db:/var/lib/postgresql/data
+# - /etc/localtime:/etc/localtime:ro
+
+ redis:
+ image: redis:alpine
+ restart: always
+ networks:
+ - nextcloud
+
+
+networks:
+ nextcloud:
+ internal: true
+ caddy:
+ external: true
diff --git a/Composer/overleaf/docker-compose.yml b/Composer/overleaf/docker-compose.yml
new file mode 100644
index 0000000..e772de4
--- /dev/null
+++ b/Composer/overleaf/docker-compose.yml
@@ -0,0 +1,154 @@
+version: '2.2'
+services:
+ sharelatex:
+ restart: always
+ image: tuetenk0pp/sharelatex-full
+ container_name: sharelatex
+ labels:
+ - "traefik.enable=true"
+ # handle https traffic
+ - "traefik.http.routers.sharel-secured.rule=Host(`overleaf.mertens.digital`)"
+ - "traefik.http.routers.sharel-secured.tls=true"
+ - "traefik.http.routers.sharel-secured.tls.certresolver=letsencrypt"
+ - "traefik.http.routers.sharel-secured.entrypoints=websecure"
+ - "traefik.http.middlewares.sharel-secured.forwardauth.trustForwardHeader=true"
+ # Docker loadbalance
+ - "traefik.http.services.sharel.loadbalancer.server.port=80"
+ - "traefik.http.services.sharel.loadbalancer.server.scheme=http"
+ - "traefik.http.services.sharel.loadbalancer.sticky.cookie=true"
+ - "traefik.http.services.sharel.loadbalancer.sticky.cookie.name=io"
+ - "traefik.http.services.sharel.loadbalancer.sticky.cookie.httponly=true"
+ - "traefik.http.services.sharel.loadbalancer.sticky.cookie.secure=true"
+ - "traefik.http.services.sharel.loadbalancer.sticky.cookie.samesite=io"
+# labels:
+# caddy: overleaf.mertens.digital
+# caddy.reverse_proxy: "{{upstreams http 80}}"
+ networks:
+ - proxy
+ - default
+ depends_on:
+ mongo:
+ condition: service_healthy
+ redis:
+ condition: service_started
+ ports:
+ - 8088:80
+ - 8080:8080
+ links:
+ - mongo
+ - redis
+ stop_grace_period: 60s
+ volumes:
+ - ./data/sharelatex_log:/var/log/sharelatex/
+ - ./data/sharelatex:/var/lib/sharelatex
+ environment:
+ SHARELATEX_APP_NAME: Overleaf Mertens
+ SHARELATEX_MONGO_URL: mongodb://mongo/sharelatex
+
+ SHARELATEX_REDIS_HOST: redis
+ REDIS_HOST: redis
+
+ ENABLED_LINKED_FILE_TYPES: 'project_file,project_output_file'
+
+ ENABLE_CONVERSIONS: 'true'
+
+ EMAIL_CONFIRMATION_DISABLED: 'true'
+
+ TEXMFVAR: /var/lib/sharelatex/tmp/texmf-var
+
+ #Proxy
+ SHARELATEX_SECURE_COOKIE: 'true'
+ SHARELATEX_BEHIND_PROXY: 'true'
+
+ ## Set for SSL via nginx-proxy
+ #VIRTUAL_HOST: 103.112.212.22
+
+ SHARELATEX_SITE_URL: https://overleaf.mertens.digital
+ # SHARELATEX_NAV_TITLE: Our ShareLaTeX Instance
+ # SHARELATEX_HEADER_IMAGE_URL: http://somewhere.com/mylogo.png
+ # SHARELATEX_ADMIN_EMAIL: support@it.com
+
+ # SHARELATEX_LEFT_FOOTER: '[{"text": "Powered by ShareLaTeX 2016"},{"text": "Another page I want to link to can be found here"} ]'
+ # SHARELATEX_RIGHT_FOOTER: '[{"text": "Hello I am on the Right"} ]'
+
+ SHARELATEX_EMAIL_FROM_ADDRESS: ${SHARELATEX_EMAIL_FROM_ADDRESS}
+
+ # SHARELATEX_EMAIL_AWS_SES_ACCESS_KEY_ID:
+ # SHARELATEX_EMAIL_AWS_SES_SECRET_KEY:
+
+ SHARELATEX_EMAIL_SMTP_HOST: ${SHARELATEX_EMAIL_SMTP_HOST}
+ SHARELATEX_EMAIL_SMTP_PORT: 25
+ SHARELATEX_EMAIL_SMTP_SECURE: "false"
+ SHARELATEX_EMAIL_SMTP_USER: ${SHARELATEX_EMAIL_SMTP_USER}
+ SHARELATEX_EMAIL_SMTP_PASS: ${SHARELATEX_EMAIL_SMTP_PASS}
+ SHARELATEX_EMAIL_SMTP_TLS_REJECT_UNAUTH: "true"
+ SHARELATEX_EMAIL_SMTP_IGNORE_TLS: "true"
+ #SHARELATEX_EMAIL_SMTP_NAME: '127.0.0.1'
+ SHARELATEX_EMAIL_SMTP_LOGGER: "true"
+ #SHARELATEX_CUSTOM_EMAIL_FOOTER: "This system is run by department x"
+
+ ################
+ ## Server Pro ##
+ ################
+
+ # SANDBOXED_COMPILES: 'true'
+
+ # SANDBOXED_COMPILES_SIBLING_CONTAINERS: 'true'
+ # SANDBOXED_COMPILES_HOST_DIR: '/var/sharelatex_data/data/compiles'
+
+ # DOCKER_RUNNER: 'false'
+
+ ## Works with test LDAP server shown at bottom of docker compose
+ # SHARELATEX_LDAP_URL: 'ldap://ldap:389'
+ # SHARELATEX_LDAP_SEARCH_BASE: 'ou=people,dc=planetexpress,dc=com'
+ # SHARELATEX_LDAP_SEARCH_FILTER: '(uid={{username}})'
+ # SHARELATEX_LDAP_BIND_DN: 'cn=admin,dc=planetexpress,dc=com'
+ # SHARELATEX_LDAP_BIND_CREDENTIALS: 'GoodNewsEveryone'
+ # SHARELATEX_LDAP_EMAIL_ATT: 'mail'
+ # SHARELATEX_LDAP_NAME_ATT: 'cn'
+ # SHARELATEX_LDAP_LAST_NAME_ATT: 'sn'
+ # SHARELATEX_LDAP_UPDATE_USER_DETAILS_ON_LOGIN: 'true'
+
+ # SHARELATEX_TEMPLATES_USER_ID: "578773160210479700917ee5"
+ # SHARELATEX_NEW_PROJECT_TEMPLATE_LINKS: '[ {"name":"All Templates","url":"/templates/all"}]'
+
+
+ # SHARELATEX_PROXY_LEARN: "true"
+
+ mongo:
+ restart: always
+ image: mongo:4.4
+ container_name: mongo
+ expose:
+ - 27017
+ volumes:
+ - ./data/mongo_data:/data/db
+ healthcheck:
+ test: echo 'db.stats().ok' | mongo localhost:27017/test --quiet
+ interval: 10s
+ timeout: 10s
+ retries: 5
+
+ redis:
+ restart: always
+ image: redis:5
+ container_name: redis
+ expose:
+ - 6379
+ volumes:
+ - ./data/redis_data:/data
+
+ # nginx-proxy:
+ # image: jwilder/nginx-proxy
+ # container_name: nginx-proxy
+ # ports:
+ # #- "80:80"
+ # - "443:443"
+ # volumes:
+ # - /var/run/docker.sock:/tmp/docker.sock:ro
+ # - /home/sharelatex/tmp:/etc/nginx/certs
+
+
+networks:
+ proxy:
+ external: true
diff --git a/Composer/photoprism/docker-compose.yml b/Composer/photoprism/docker-compose.yml
index 4cea8df..9cdb600 100644
--- a/Composer/photoprism/docker-compose.yml
+++ b/Composer/photoprism/docker-compose.yml
@@ -9,16 +9,34 @@ services:
security_opt:
- seccomp:unconfined
- apparmor:unconfined
- #ports:
- # - "2342:2342" # HTTP port (host:container)
+ ports:
+ - "2342:2342" # HTTP port (host:container)
labels:
- caddy: ${SERVER_DOMAIN}
- caddy.reverse_proxy: "{{upstreams http 2342}}"
+ - "traefik.enable=true"
+ - "traefik.http.routers.photo.rule=Host(`${SERVER_DOMAIN}`)"
+ - "traefik.http.routers.photo.service=nextcloud"
+ - "traefik.http.routers.photo.entrypoints=websecure"
+ - "traefik.http.services.photo.loadbalancer.server.port=2343"
+ - "traefik.http.routers.photo.tls=true"
+ - "traefik.http.routers.photo.tls.certresolver=letsencrypt"
+ - "traefik.http.services.photo.loadbalancer.passhostheader=true"
+ - "traefik.http.routers.photo.middlewares=compresstraefik"
+ - "traefik.http.middlewares.compresstraefik.compress=true"
+
+
+
+
+ #- "traefik.http.routers.photoprism.rule=Host(`${SERVER_DOMAIN}`)"
+ #- "traefik.http.routers.photoprism.tls=true"
+ #- "traefik.http.routers.photoprism.tls.certresolver=myresolver"
+
+ #caddy: ${SERVER_DOMAIN}
+ #caddy.reverse_proxy: "{{upstreams http 2342}}"
#caddy.@denied.not.remote_ip: "192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8"
#caddy.reverse_proxy: "@denied {{upstreams 2342}}"
- caddy.tls: "internal"
+ #caddy.tls: "internal"
networks:
- - caddy
+ - proxy
- photoprism
environment:
PHOTOPRISM_ADMIN_USER: "admin" # superadmin username
@@ -95,5 +113,5 @@ services:
networks:
photoprism:
internal: true
- caddy:
- external: true
\ No newline at end of file
+ proxy:
+ external: true
diff --git a/Composer/restic/docker-compose.yml b/Composer/restic/docker-compose.yml
new file mode 100644
index 0000000..e7e273a
--- /dev/null
+++ b/Composer/restic/docker-compose.yml
@@ -0,0 +1,49 @@
+version: '3'
+
+services:
+
+ restic-server:
+ image: restic/rest-server
+ restart: unless-stopped
+ labels:
+ - traefik.enable=true
+ - traefik.http.routers.rest-server.entrypoints=websecure
+ - traefik.http.routers.rest-server.rule=Host(`restic-zuhause.mertens.digital`)
+ - traefik.http.routers.rest-server.tls=true
+ - traefik.http.routers.rest-server.tls.certresolver=letsencrypt
+ - traefik.http.services.rest-server.loadbalancer.server.port=8000
+ networks:
+ - proxy
+# networks:
+# - caddy
+# labels:
+# caddy: restic-zuhause.mertens.digital
+# caddy.reverse_proxy: "{{upstreams 8000}}"
+ volumes:
+ - /mnt/helmut/backup/restic:/data
+ environment:
+ OPTIONS: "--private-repos --append-only"
+
+networks:
+ proxy:
+ external: true
+
+
+
+
+ # whoami:
+ # image: traefik/whoami
+ # command:
+ # - --port=2001
+ # - --name=test
+ # ports:
+ # - "2001:2001"
+ # networks:
+ # - proxy
+ # labels:
+ # - "traefik.enable=true"
+ # - "traefik.http.routers.whoami.entrypoints=websecure"
+ # - "traefik.http.routers.whoami.rule=Host(`whoami.dev.mertens.digital`)"
+ # - "traefik.http.routers.whoami.tls=true"
+ # - "traefik.http.routers.whoami.tls.certresolver=letsencrypt"
+ # - "traefik.http.services.whoami.loadbalancer.server.port=2001"
diff --git a/Composer/woodpecker/docker-compose.yml b/Composer/woodpecker/docker-compose.yml
index fc50070..91b195c 100644
--- a/Composer/woodpecker/docker-compose.yml
+++ b/Composer/woodpecker/docker-compose.yml
@@ -4,25 +4,28 @@ services:
woodpecker-server:
image: woodpeckerci/woodpecker-server:next
restart: always
- #ports:
- # - 8000:8000
volumes:
- ./data/woodpecker:/var/lib/woodpecker/
environment:
- WOODPECKER_LOG_LEVEL=info
- WOODPECKER_OPEN=true
- WOODPECKER_HOST=${WOODPECKER_HOST}
- - WOODPECKER_SECRET=${WOODPECKER_AGENT_SECRET}
+ - WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}
- WOODPECKER_GITEA=true
- WOODPECKER_GITEA_URL=${WOODPECKER_GITEA_URL}
- WOODPECKER_GITEA_CLIENT=${WOODPECKER_GITEA_CLIENT}
- WOODPECKER_GITEA_SECRET=${WOODPECKER_GITEA_SECRET}
networks:
- - caddy
+ - proxy
- woodpecker
labels:
- caddy: woodpecker.mertens.digital
- caddy.reverse_proxy: "{{upstreams 8000}}"
+ - "traefik.enable=true"
+ - "traefik.http.routers.woodpecker.rule=Host(`woodpecker.mertens.digital`)"
+ - "traefik.http.routers.woodpecker.entrypoints=websecure"
+ - "traefik.http.routers.woodpecker.tls=true"
+ - "traefik.http.routers.woodpecker.tls.certresolver=letsencrypt"
+ - "traefik.http.services.woodpecker.loadbalancer.server.port=8000"
+
woodpecker-agent:
image: woodpeckerci/woodpecker-agent:next
#command: agent
@@ -36,10 +39,11 @@ services:
environment:
# - WOODPECKER_LOG_LEVEL=debug
- WOODPECKER_SERVER=woodpecker-server:9000
- - WOODPECKER_SECRET=${WOODPECKER_AGENT_SECRET}
+ - WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}
+ - WOODPECKER_MAX_WORKFLOWS=2
networks:
woodpecker:
internal: true
- caddy:
+ proxy:
external: true