fzirker/selfhost
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: fzirker:fc106060b74c811526165aac1c2636e863d222de
Branches Tags
fzirker:main
fzirker:forgejo-actions
fzirker:traefik
..
compare: fzirker:922b97710ffce4454c20a08c2a8f58de6304da19
Branches Tags
fzirker:main
fzirker:forgejo-actions
fzirker:traefik

No commits in common. "fc106060b74c811526165aac1c2636e863d222de" and "922b97710ffce4454c20a08c2a8f58de6304da19" have entirely different histories.
fc106060b7 ... 922b97710f

11 changed files with 45 additions and 97 deletions
Download patch file Download diff file Expand all files Collapse all files

10
firefoxsync/docker-compose.yaml
View file

@ -3,7 +3,7 @@ services:
syncserver:
image: mozilla/syncserver:latest
volumes:
- ${VOLUMES_PATH}/firefoxsync/syncserver:/data
- ${VOLUMES_PATH}/firefoxsync_syncserver:/data
user: ${UID}:${GID}
networks:
- web
@ -23,7 +23,7 @@ services:
- SYNCSERVER_SQLURI=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db/${POSTGRES_DB}
- SYNCSERVER_BATCH_UPLOAD_ENABLED=true
- SYNCSERVER_FORCE_WSGI_ENVIRON=true
- SYNCSERVER_DEBUG_ENABLED=false
- SYNCSERVER_DEBUG_ENABLED=true
- SYNCSERVER_ALLOW_NEW_USER=true
- PORT=5000
@ -38,12 +38,8 @@ services:
networks:
- firefoxsync
volumes:
- ${VOLUMES_PATH}/firefoxsync/db:/var/lib/postgresql/data
- ${VOLUMES_PATH}/firefoxsync_db:/var/lib/postgresql/data
user: ${UID}:${GID}
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
interval: 10s
timeout: 5s
labels:
- "docker.group=firefoxsync"

32
git/docker-compose.yaml
View file

@ -11,22 +11,6 @@ services:
networks:
- web
- git
depends_on:
- db
restart: unless-stopped
environment:
- USER_UID=1000
- USER_GID=1000
- DB_TYPE=mysql
- DB_TYPE=postgres
- DB_HOST=db:5432
- DB_NAME=${POSTGRES_DB}
- DB_USER=${POSTGRES_USER}
- DB_PASSWD=${POSTGRES_PASSWORD}
healthcheck:
test: ["CMD", "curl" ,"--fail", "localhost:3000/api/healthz"]
interval: 5s
timeout: 3s
labels:
- "traefik.enable=true"
- "traefik.http.routers.forgejo.rule=Host(`gitea.${DOMAIN}`, `git.${DOMAIN}`)"
@ -39,6 +23,18 @@ services:
- "traefik.http.middlewares.gitearedir.redirectregex.permanent=true"
- "traefik.http.services.forgejo.loadbalancer.server.port=3000"
- "docker.group=git"
depends_on:
- db
restart: unless-stopped
environment:
- USER_UID=1000
- USER_GID=1000
- DB_TYPE=mysql
- DB_TYPE=postgres
- DB_HOST=db:5432
- DB_NAME=${POSTGRES_DB}
- DB_USER=${POSTGRES_USER}
- DB_PASSWD=${POSTGRES_PASSWORD}
db:
@ -52,10 +48,6 @@ services:
- git
volumes:
- ${VOLUMES_PATH}/git/forgejo_db:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
interval: 10s
timeout: 5s
labels:
- "docker.group=git"

10
monitoring/docker-compose.yaml
View file

@ -39,7 +39,7 @@ services:
grafanadb:
image: postgres:${POSTGRES_VERSION}
volumes:
- ${VOLUMES_PATH}/monitoring/grafanadb:/var/lib/postgresql/data
- ${VOLUMES_PATH}/grafanadb:/var/lib/postgresql/data
networks:
- grafana
restart: unless-stopped
@ -47,10 +47,6 @@ services:
- POSTGRES_DB=grafana
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
interval: 10s
timeout: 5s
labels:
- "docker.group=monitoring"
@ -65,7 +61,7 @@ services:
environment:
- INFLUXDB_MONITOR_STORE_ENABLED=false
volumes:
- ${VOLUMES_PATH}/monitoring/influxdb/:/var/lib/influxdb
- ${VOLUMES_PATH}/influxdb/:/var/lib/influxdb
- ${PWD}/influxdb.conf:/etc/influxdb/influxdb.conf:ro
labels:
- "traefik.enable=true"
@ -88,7 +84,7 @@ services:
- web # also used to get traefik metrics
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml
- ${VOLUMES_PATH}/monitoring/prometheus:/prometheus
- ${VOLUMES_PATH}/prometheus:/prometheus
labels:
- "docker.group=monitoring"

2
nextcloud/Dockerfile
View file

@ -9,5 +9,3 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
ocrmypdf tesseract-ocr-deu \
procps \
&& rm -rf /var/lib/apt/lists/*
RUN mkdir -p /var/spool/cron/crontabs; echo '* * * * * php -f /var/www/html/cron.php' > /var/spool/cron/crontabs/www-data

3
nextcloud/crontab Executable file
View file

@ -0,0 +1,3 @@
*/5 * * * * php -f /var/www/html/cron.php

39
nextcloud/docker-compose.yaml
View file

@ -5,16 +5,12 @@ services:
depends_on:
- app
volumes:
- ${VOLUMES_PATH}/nextcloud/html:/var/www/html:ro
- ${VOLUMES_PATH}/nextcloud_html:/var/www/html:ro
- $PWD/nginx.conf:/etc/nginx/nginx.conf:ro
restart: unless-stopped
networks:
- web
- nextcloud
healthcheck:
test: curl -sSf 'http://localhost/status.php' | grep '"installed":true' | grep '"maintenance":false' | grep '"needsDbUpgrade":false' || exit 1
interval: 5s
timeout: 3s
labels:
- "traefik.enable=true"
- "traefik.http.routers.nextcloud.rule=Host(`cloud.${DOMAIN}`)"
@ -38,8 +34,8 @@ services:
args:
- NC_MAIN_VERSION=${NC_MAIN_VERSION}
volumes:
- ${VOLUMES_PATH}/nextcloud/html:/var/www/html
- ${VOLUMES_PATH}/nextcloud/data:/var/www/html/data
- ${VOLUMES_PATH}/nextcloud_html:/var/www/html
- ${VOLUMES_PATH}/nextcloud_data:/var/www/html/data
- type: tmpfs
target: /tmp
restart: unless-stopped
@ -70,8 +66,14 @@ services:
networks:
- nextcloud
volumes:
- ${VOLUMES_PATH}/nextcloud/html:/var/www/html
- ${VOLUMES_PATH}/nextcloud/data:/var/www/html/data
- ${VOLUMES_PATH}/nextcloud_html:/var/www/html
- ${VOLUMES_PATH}/nextcloud_data:/var/www/html/data
# If I mount my crontab into the container crond is not working any more :(
# docker log should print 11110001 lines
# https://github.com/nextcloud/docker/issues/1775
# https://github.com/nextcloud/docker/issues/1695
# build own cron image?
# - $PWD/crontab:/var/spool/cron/crontabs/www-data
entrypoint: /cron.sh
depends_on:
- db
@ -89,8 +91,8 @@ services:
- web
- nextcloud
volumes:
- ${VOLUMES_PATH}/nextcloud/html:/var/www/html:ro
- ${VOLUMES_PATH}/nextcloud/data:/var/www/html/data:ro
- ${VOLUMES_PATH}/nextcloud_html:/var/www/html:ro
- ${VOLUMES_PATH}/nextcloud_data:/var/www/html/data:ro
environment:
- PORT=7867
- NEXTCLOUD_URL=http://web
@ -111,7 +113,7 @@ services:
image: mariadb:10
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --skip-innodb-read-only-compressed
volumes:
- ${VOLUMES_PATH}/nextcloud/db:/var/lib/mysql
- ${VOLUMES_PATH}/nextcloud_db:/var/lib/mysql
restart: unless-stopped
environment:
- PUID=1000
@ -121,7 +123,6 @@ services:
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MARIADB_AUTO_UPGRADE=1
logging:
driver: "json-file"
options:
@ -130,10 +131,6 @@ services:
networks:
- nextcloud
- mariadb
healthcheck:
test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
interval: 20s
timeout: 3s
labels:
- "docker.group=netxtcloud"
@ -168,11 +165,7 @@ services:
- nextcloud
- monitoring
volumes:
- ${VOLUMES_PATH}/nextcloud/redis:/data
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 5s
timeout: 3s
- ${VOLUMES_PATH}/nextcloud_redis:/data
labels:
- "docker.group=netxtcloud"
@ -212,7 +205,7 @@ services:
networks:
- nextcloud
volumes:
- ${VOLUMES_PATH}/nextcloud/fonts:/usr/share/fonts/drawio
- ${VOLUMES_PATH}/nextcloud_fonts:/usr/share/fonts/drawio
restart: unless-stopped
labels:
- "docker.group=netxtcloud"

5
nextcloud/nginx.conf
View file

@ -22,9 +22,6 @@ http {
sendfile on;
#tcp_nopush on;
# Prevent nginx HTTP Server Detection
server_tokens off;
keepalive_timeout 65;
#gzip on;
@ -51,7 +48,7 @@ http {
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak

13
proxy/docker-compose.yaml
View file

@ -18,7 +18,6 @@ services:
#- "--log.level=DEBUG"
- "--log.level=INFO"
#- "--accesslog=true"
- "--ping=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
- "--entrypoints.web.http.redirections.entrypoint.scheme=https"
@ -41,12 +40,8 @@ services:
- web
- dockersocket
volumes:
- ${VOLUMES_PATH}/proxy/letsencrypt:/letsencrypt
- ${VOLUMES_PATH}/letsencrypt:/letsencrypt
- $PWD/tls.toml:/etc/traefik/tls.toml
healthcheck:
test: traefik healthcheck --ping
interval: 3s
timeout: 1s
labels:
- "traefik.enable=true"
- "traefik.http.routers.dashboard.rule=Host(`traefik.${DOMAIN}`)"
@ -71,15 +66,11 @@ services:
- INFO=1
networks:
- dockersocket
healthcheck:
test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost:2375/version"]
interval: 10s
timeout: 3s
privileged: true
whoami:
image: traefik/whoami
image: containous/whoami
networks:
- web
labels:

2
start-all.sh
View file

@ -7,7 +7,7 @@ function up {
up proxy --scale whoami=3;
up monitoring;
up nextcloud;
up git;
up gitea;
up wallabag;
up www;
up firefoxsync;

20
wallabag/docker-compose.yaml
View file

@ -20,11 +20,7 @@ services:
- web
- wallabag
volumes:
- /var/dockervolumes/wallabag/images:/var/www/wallabag/web/assets/images
healthcheck:
test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost"]
interval: 10s
timeout: 3s
- /var/dockervolumes/wallabag_images:/var/www/wallabag/web/assets/images
labels:
- "traefik.enable=true"
- "traefik.http.routers.wallabag.rule=Host(`wallabag.${DOMAIN}`)"
@ -44,25 +40,15 @@ services:
networks:
- wallabag
volumes:
- /var/dockervolumes/wallabag/db:/var/lib/mysql
healthcheck:
test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
interval: 10s
timeout: 3s
- /var/dockervolumes/wallabag_db:/var/lib/mysql
labels:
- "docker.group=wallabag"
redis:
image: redis
image: redis:alpine
restart: unless-stopped
networks:
- wallabag
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 5s
timeout: 3s
labels:
- "docker.group=wallabag"
networks:

4
www/docker-compose.yaml
View file

@ -7,10 +7,6 @@ services:
networks:
- web
restart: unless-stopped
healthcheck:
test: ["CMD", "curl" ,"--fail", "localhost"]
interval: 5s
timeout: 3s
labels:
- "traefik.enable=true"
- "traefik.http.routers.webroot.entrypoints=websecure" # All HTTP requests are globally redirected to HTTPS