heri410/container
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Changes from Docker Server

Browse source
This commit is contained in:
root 2023-08-18 09:33:37 +02:00
parent 2badc54f91
commit 79c0515295
7 changed files with 370 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Composer/basic/docker-compose.yml
View file

@ -40,7 +40,7 @@ services:
labels: labels:
# Dashboard # Dashboard
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`traefik.dev.mertens.digital`)" - "traefik.http.routers.traefik.rule=Host(`traefik.zuhause.mertens.digital`)"
- "traefik.http.routers.traefik.service=api@internal" - "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt" - "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
- "traefik.http.routers.traefik.entrypoints=websecure" - "traefik.http.routers.traefik.entrypoints=websecure"

12
Composer/nextcloud/default-config/preview.config.php Normal file
View file

@ -0,0 +1,12 @@
<?php
$CONFIG = array (
'enabledPreviewProviders' => [
'OC\Preview\MP3',
'OC\Preview\TXT',
'OC\Preview\MarkDown',
'OC\Preview\OpenDocument',
'OC\Preview\Krita',
'OC\Preview\Imaginary',
],
'preview_imaginary_url' => 'http://preview:9000',
);

115
Composer/nextcloud/docker-compose.yml Normal file
View file

@ -0,0 +1,115 @@
version: '3'
services:
app:
image: nextcloud
restart: always
networks:
- caddy
- nextcloud
labels:
caddy: ${HOSTNAME}
caddy.reverse_proxy: "{{upstreams http 80}}"
caddy.0_redir: "/.well-known/carddav /remote.php/dav 301"
caddy.1_redir: "/.well-known/caldav /remote.php/dav 301"
caddy.header: "Strict-Transport-Security max-age=15552000"
caddy.tls: "internal"
volumes:
- ./data/nextcloud/www:/var/www/html
- ./default-config/preview.config.php:/var/www/html/config/preview.config.php
depends_on:
- clamav
- preview
# - db
- redis
environment:
- POSTGRES_HOST=db
- REDIS_HOST=redis
- POSTGRES_DB=nextcloud
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- NEXTCLOUD_TRUSTED_DOMAINS=${HOSTNAME}
- OVERWRITEPROTOCOL=https
- TRUSTED_PROXIES=${NEXTCLOUD_TRUSTED_PROXIES}
- APACHE_DISABLE_REWRITE_IP=1
preview:
container_name: "preview"
image: docker.io/nextcloud/aio-imaginary:latest
restart: always
networks:
- nextcloud
environment:
- PORT=9000
command: -concurrency 50 -enable-url-source
clamav:
image: "clamav/clamav:stable_base"
container_name: "clamav"
networks:
- nextcloud
volumes:
- ./data/clamav/virus_db:/var/lib/clamav/ # Virus database
restart: unless-stopped
# Does Not Work
#notify_push:
# image: icewind1991/notify_push
# restart: always
# networks:
# - nextcloud
# - caddy
# labels:
# caddy: ${HOSTNAME}
# caddy.handle_path: /push/*
# caddy.handle_path.0_reverse_proxy: "{{upstreams http 7867}}"
# depends_on:
# - db
# - redis
# - app
# volumes:
# - ./data/nextcloud/www:/var/www/html:ro
# - /etc/localtime:/etc/localtime:ro
# - /etc/timezone:/etc/timezone:ro
# environment:
# - PORT=7867
# - "NEXTCLOUD_URL=http://app" # don't go through the proxy to contact the nextcloud server
# entrypoint: ./notify_push --allow-self-signed --dump-config redis://:@redis --log-level debug /var/www/html/config/config.php
cron:
image: nextcloud
restart: always
volumes:
- ./data/nextcloud/www:/var/www/html
entrypoint: /cron.sh
depends_on:
# - db
- redis
networks:
- nextcloud
# db:
# image: postgres:alpine
# restart: always
# networks:
# - nextcloud
# environment:
# POSTGRES_USER: ${POSTGRES_USER}
# POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
# volumes:
# - ./data/db:/var/lib/postgresql/data
# - /etc/localtime:/etc/localtime:ro
redis:
image: redis:alpine
restart: always
networks:
- nextcloud
networks:
nextcloud:
internal: true
caddy:
external: true

154
Composer/overleaf/docker-compose.yml Normal file
View file

@ -0,0 +1,154 @@
version: '2.2'
services:
sharelatex:
restart: always
image: tuetenk0pp/sharelatex-full
container_name: sharelatex
labels:
- "traefik.enable=true"
# handle https traffic
- "traefik.http.routers.sharel-secured.rule=Host(`overleaf.mertens.digital`)"
- "traefik.http.routers.sharel-secured.tls=true"
- "traefik.http.routers.sharel-secured.tls.certresolver=letsencrypt"
- "traefik.http.routers.sharel-secured.entrypoints=websecure"
- "traefik.http.middlewares.sharel-secured.forwardauth.trustForwardHeader=true"
# Docker loadbalance
- "traefik.http.services.sharel.loadbalancer.server.port=80"
- "traefik.http.services.sharel.loadbalancer.server.scheme=http"
- "traefik.http.services.sharel.loadbalancer.sticky.cookie=true"
- "traefik.http.services.sharel.loadbalancer.sticky.cookie.name=io"
- "traefik.http.services.sharel.loadbalancer.sticky.cookie.httponly=true"
- "traefik.http.services.sharel.loadbalancer.sticky.cookie.secure=true"
- "traefik.http.services.sharel.loadbalancer.sticky.cookie.samesite=io"
# labels:
# caddy: overleaf.mertens.digital
# caddy.reverse_proxy: "{{upstreams http 80}}"
networks:
- proxy
- default
depends_on:
mongo:
condition: service_healthy
redis:
condition: service_started
ports:
- 8088:80
- 8080:8080
links:
- mongo
- redis
stop_grace_period: 60s
volumes:
- ./data/sharelatex_log:/var/log/sharelatex/
- ./data/sharelatex:/var/lib/sharelatex
environment:
SHARELATEX_APP_NAME: Overleaf Mertens
SHARELATEX_MONGO_URL: mongodb://mongo/sharelatex
SHARELATEX_REDIS_HOST: redis
REDIS_HOST: redis
ENABLED_LINKED_FILE_TYPES: 'project_file,project_output_file'
ENABLE_CONVERSIONS: 'true'
EMAIL_CONFIRMATION_DISABLED: 'true'
TEXMFVAR: /var/lib/sharelatex/tmp/texmf-var
#Proxy
SHARELATEX_SECURE_COOKIE: 'true'
SHARELATEX_BEHIND_PROXY: 'true'
## Set for SSL via nginx-proxy
#VIRTUAL_HOST: 103.112.212.22
SHARELATEX_SITE_URL: https://overleaf.mertens.digital
# SHARELATEX_NAV_TITLE: Our ShareLaTeX Instance
# SHARELATEX_HEADER_IMAGE_URL: http://somewhere.com/mylogo.png
# SHARELATEX_ADMIN_EMAIL: support@it.com
# SHARELATEX_LEFT_FOOTER: '[{"text": "Powered by <a href=\"https://www.sharelatex.com\">ShareLaTeX</a> 2016"},{"text": "Another page I want to link to can be found <a href=\"here\">here</a>"} ]'
# SHARELATEX_RIGHT_FOOTER: '[{"text": "Hello I am on the Right"} ]'
SHARELATEX_EMAIL_FROM_ADDRESS: ${SHARELATEX_EMAIL_FROM_ADDRESS}
# SHARELATEX_EMAIL_AWS_SES_ACCESS_KEY_ID:
# SHARELATEX_EMAIL_AWS_SES_SECRET_KEY:
SHARELATEX_EMAIL_SMTP_HOST: ${SHARELATEX_EMAIL_SMTP_HOST}
SHARELATEX_EMAIL_SMTP_PORT: 25
SHARELATEX_EMAIL_SMTP_SECURE: "false"
SHARELATEX_EMAIL_SMTP_USER: ${SHARELATEX_EMAIL_SMTP_USER}
SHARELATEX_EMAIL_SMTP_PASS: ${SHARELATEX_EMAIL_SMTP_PASS}
SHARELATEX_EMAIL_SMTP_TLS_REJECT_UNAUTH: "true"
SHARELATEX_EMAIL_SMTP_IGNORE_TLS: "true"
#SHARELATEX_EMAIL_SMTP_NAME: '127.0.0.1'
SHARELATEX_EMAIL_SMTP_LOGGER: "true"
#SHARELATEX_CUSTOM_EMAIL_FOOTER: "This system is run by department x"
################
## Server Pro ##
################
# SANDBOXED_COMPILES: 'true'
# SANDBOXED_COMPILES_SIBLING_CONTAINERS: 'true'
# SANDBOXED_COMPILES_HOST_DIR: '/var/sharelatex_data/data/compiles'
# DOCKER_RUNNER: 'false'
## Works with test LDAP server shown at bottom of docker compose
# SHARELATEX_LDAP_URL: 'ldap://ldap:389'
# SHARELATEX_LDAP_SEARCH_BASE: 'ou=people,dc=planetexpress,dc=com'
# SHARELATEX_LDAP_SEARCH_FILTER: '(uid={{username}})'
# SHARELATEX_LDAP_BIND_DN: 'cn=admin,dc=planetexpress,dc=com'
# SHARELATEX_LDAP_BIND_CREDENTIALS: 'GoodNewsEveryone'
# SHARELATEX_LDAP_EMAIL_ATT: 'mail'
# SHARELATEX_LDAP_NAME_ATT: 'cn'
# SHARELATEX_LDAP_LAST_NAME_ATT: 'sn'
# SHARELATEX_LDAP_UPDATE_USER_DETAILS_ON_LOGIN: 'true'
# SHARELATEX_TEMPLATES_USER_ID: "578773160210479700917ee5"
# SHARELATEX_NEW_PROJECT_TEMPLATE_LINKS: '[ {"name":"All Templates","url":"/templates/all"}]'
# SHARELATEX_PROXY_LEARN: "true"
mongo:
restart: always
image: mongo:4.4
container_name: mongo
expose:
- 27017
volumes:
- ./data/mongo_data:/data/db
healthcheck:
test: echo 'db.stats().ok' | mongo localhost:27017/test --quiet
interval: 10s
timeout: 10s
retries: 5
redis:
restart: always
image: redis:5
container_name: redis
expose:
- 6379
volumes:
- ./data/redis_data:/data
# nginx-proxy:
# image: jwilder/nginx-proxy
# container_name: nginx-proxy
# ports:
# #- "80:80"
# - "443:443"
# volumes:
# - /var/run/docker.sock:/tmp/docker.sock:ro
# - /home/sharelatex/tmp:/etc/nginx/certs
networks:
proxy:
external: true

32
Composer/photoprism/docker-compose.yml
View file

@ -9,16 +9,34 @@ services:
security_opt: security_opt:
- seccomp:unconfined - seccomp:unconfined
- apparmor:unconfined - apparmor:unconfined
#ports: ports:
# - "2342:2342" # HTTP port (host:container) - "2342:2342" # HTTP port (host:container)
labels: labels:
caddy: ${SERVER_DOMAIN} - "traefik.enable=true"
caddy.reverse_proxy: "{{upstreams http 2342}}" - "traefik.http.routers.photo.rule=Host(`${SERVER_DOMAIN}`)"
- "traefik.http.routers.photo.service=nextcloud"
- "traefik.http.routers.photo.entrypoints=websecure"
- "traefik.http.services.photo.loadbalancer.server.port=2343"
- "traefik.http.routers.photo.tls=true"
- "traefik.http.routers.photo.tls.certresolver=letsencrypt"
- "traefik.http.services.photo.loadbalancer.passhostheader=true"
- "traefik.http.routers.photo.middlewares=compresstraefik"
- "traefik.http.middlewares.compresstraefik.compress=true"
#- "traefik.http.routers.photoprism.rule=Host(`${SERVER_DOMAIN}`)"
#- "traefik.http.routers.photoprism.tls=true"
#- "traefik.http.routers.photoprism.tls.certresolver=myresolver"
#caddy: ${SERVER_DOMAIN}
#caddy.reverse_proxy: "{{upstreams http 2342}}"
#caddy.@denied.not.remote_ip: "192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8" #caddy.@denied.not.remote_ip: "192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8"
#caddy.reverse_proxy: "@denied {{upstreams 2342}}" #caddy.reverse_proxy: "@denied {{upstreams 2342}}"
caddy.tls: "internal" #caddy.tls: "internal"
networks: networks:
- caddy - proxy
- photoprism - photoprism
environment: environment:
PHOTOPRISM_ADMIN_USER: "admin" # superadmin username PHOTOPRISM_ADMIN_USER: "admin" # superadmin username
@ -95,5 +113,5 @@ services:
networks: networks:
photoprism: photoprism:
internal: true internal: true
caddy: proxy:
external: true external: true

49
Composer/restic/docker-compose.yml Normal file
View file

@ -0,0 +1,49 @@
version: '3'
services:
restic-server:
image: restic/rest-server
restart: unless-stopped
labels:
- traefik.enable=true
- traefik.http.routers.rest-server.entrypoints=websecure
- traefik.http.routers.rest-server.rule=Host(`restic-zuhause.mertens.digital`)
- traefik.http.routers.rest-server.tls=true
- traefik.http.routers.rest-server.tls.certresolver=letsencrypt
- traefik.http.services.rest-server.loadbalancer.server.port=8000
networks:
- proxy
# networks:
# - caddy
# labels:
# caddy: restic-zuhause.mertens.digital
# caddy.reverse_proxy: "{{upstreams 8000}}"
volumes:
- /mnt/helmut/backup/restic:/data
environment:
OPTIONS: "--private-repos --append-only"
networks:
proxy:
external: true
# whoami:
# image: traefik/whoami
# command:
# - --port=2001
# - --name=test
# ports:
# - "2001:2001"
# networks:
# - proxy
# labels:
# - "traefik.enable=true"
# - "traefik.http.routers.whoami.entrypoints=websecure"
# - "traefik.http.routers.whoami.rule=Host(`whoami.dev.mertens.digital`)"
# - "traefik.http.routers.whoami.tls=true"
# - "traefik.http.routers.whoami.tls.certresolver=letsencrypt"
# - "traefik.http.services.whoami.loadbalancer.server.port=2001"

20
Composer/woodpecker/docker-compose.yml
View file

@ -4,25 +4,28 @@ services:
woodpecker-server: woodpecker-server:
image: woodpeckerci/woodpecker-server:next image: woodpeckerci/woodpecker-server:next
restart: always restart: always
#ports:
# - 8000:8000
volumes: volumes:
- ./data/woodpecker:/var/lib/woodpecker/ - ./data/woodpecker:/var/lib/woodpecker/
environment: environment:
- WOODPECKER_LOG_LEVEL=info - WOODPECKER_LOG_LEVEL=info
- WOODPECKER_OPEN=true - WOODPECKER_OPEN=true
- WOODPECKER_HOST=${WOODPECKER_HOST} - WOODPECKER_HOST=${WOODPECKER_HOST}
- WOODPECKER_SECRET=${WOODPECKER_AGENT_SECRET} - WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}
- WOODPECKER_GITEA=true - WOODPECKER_GITEA=true
- WOODPECKER_GITEA_URL=${WOODPECKER_GITEA_URL} - WOODPECKER_GITEA_URL=${WOODPECKER_GITEA_URL}
- WOODPECKER_GITEA_CLIENT=${WOODPECKER_GITEA_CLIENT} - WOODPECKER_GITEA_CLIENT=${WOODPECKER_GITEA_CLIENT}
- WOODPECKER_GITEA_SECRET=${WOODPECKER_GITEA_SECRET} - WOODPECKER_GITEA_SECRET=${WOODPECKER_GITEA_SECRET}
networks: networks:
- caddy - proxy
- woodpecker - woodpecker
labels: labels:
caddy: woodpecker.mertens.digital - "traefik.enable=true"
caddy.reverse_proxy: "{{upstreams 8000}}" - "traefik.http.routers.woodpecker.rule=Host(`woodpecker.mertens.digital`)"
- "traefik.http.routers.woodpecker.entrypoints=websecure"
- "traefik.http.routers.woodpecker.tls=true"
- "traefik.http.routers.woodpecker.tls.certresolver=letsencrypt"
- "traefik.http.services.woodpecker.loadbalancer.server.port=8000"
woodpecker-agent: woodpecker-agent:
image: woodpeckerci/woodpecker-agent:next image: woodpeckerci/woodpecker-agent:next
#command: agent #command: agent
@ -36,10 +39,11 @@ services:
environment: environment:
# - WOODPECKER_LOG_LEVEL=debug # - WOODPECKER_LOG_LEVEL=debug
- WOODPECKER_SERVER=woodpecker-server:9000 - WOODPECKER_SERVER=woodpecker-server:9000
- WOODPECKER_SECRET=${WOODPECKER_AGENT_SECRET} - WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}
- WOODPECKER_MAX_WORKFLOWS=2
networks: networks:
woodpecker: woodpecker:
internal: true internal: true
caddy: proxy:
external: true external: true