version: 3.7 services: reverse-proxy: image: caddy:2-alpine container_name: caddy-vishwambhar command: caddy run --config /etc/caddy/Caddyfile restart: always ports: - 8080:80 - 8443:443 volumes: - /trayimurti/containers/volumes/caddy/Caddyfile:/etc/caddy/Caddyfile:Z - /trayimurti/containers/volumes/caddy/site:/srv:Z - /trayimurti/containers/volumes/caddy/caddy_data:/data:Z - /trayimurti/containers/volumes/caddy/caddy_config:/config:Z - /trayimurti/containers/volumes/caddy/ssl:/etc/ssl:Z depends_on: - gitea-web - thefossguy-blog - nextcloud-web - thefossguy-mach gitea-web: image: gitea/gitea:latest container_name: gitea-govinda restart: always ports: - 8010:3000 - 8011:2222 volumes: - /trayimurti/containers/volumes/gitea/web/data:/var/lib/gitea:Z - /trayimurti/containers/volumes/gitea/web/config:/etc/gitea:Z - /etc/localtime:/etc/localtime:ro environment: - ROOT_URL=https://git.thefossguy.com - GITEA__database__DB_TYPE=postgres - GITEA__database__HOST=gitea-db:5432 - GITEA__database__NAME=gitea - GITEA__database__USER=gitea - GITEA__database__PASSWD=/run/secrets/gitea_database_user_password - TZ=Asia/Kolkata depends_on: - gitea-db secrets: - gitea_database_user_password gitea-db: image: postgres:alpine container_name: gitea-chitragupta restart: always volumes: - /trayimurti/containers/volumes/gitea/database:/var/lib/postgresql/data:Z environment: - POSTGRES_USER=gitea - POSTGRES_PASSWORD=/run/secrets/gitea_database_user_password - POSTGRES_DB=gitea - TZ=Asia/Kolkata secrets: - gitea_database_user_password thefossguy-blog: image: klakegg/hugo:alpine container_name: hugo-vaikunthnatham restart: always command: server --disableFastRender -b https://blog.thefossguy.com/ --appendPort=false ports: - 8020:1313 volumes: - /trayimurti/containers/volumes/blog:/src:Z environment: - TZ=Asia/Kolkata nextcloud-web: image: nextcloud:production container_name: nextcloud-govinda restart: always ports: - 8030:80 volumes: - /trayimurti/containers/volumes/nextcloud/web:/var/www/html:Z environment: - MYSQL_PASSWORD=/run/secrets/nextcloud_database_user_password - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_HOST=nextcloud-db - NEXTCLOUD_TRUSTED_DOMAINS=cloud.thefossguy.com - OVERWRITECLIURL=https://cloud.thefossguy.com - OVERWRITEPROTOCOL=https - TZ=Asia/Kolkata depends_on: - nextcloud-db secrets: - nextcloud_database_user_password nextcloud-db: image: mariadb:latest container_name: nextcloud-chitragupta restart: always command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW volumes: - /trayimurti/containers/volumes/nextcloud/database:/var/lib/mysql:Z environment: - MYSQL_ROOT_PASSWORD=/run/secrets/nextcloud_database_root_password - MYSQL_PASSWORD=/run/secrets/nextcloud_database_user_password - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - TZ=Asia/Kolkata secrets: - nextcloud_database_root_password - nextcloud_database_user_password thefossguy-mach: image: klakegg/hugo:alpine container_name: hugo-mahayogi restart: always command: server --disableFastRender -b https://mach.thefossguy.com/ --appendPort=false ports: - 8040:1313 volumes: - /trayimurti/containers/volumes/mach:/src:Z environment: - TZ=Asia/Kolkata secrets: gitea_database_user_password: external: true nextcloud_database_user_password: external: true nextcloud_database_root_password: external: true # sudo firewall-cmd --permanent --add-port=8080/tcp --add-port=8443/tcp --add-port=8010/tcp --add-port=8011/tcp --add-port=8020/tcp --add-port=8030/tcp --add-port=8040/tcp # sudo firewall-cmd --reload # sudo firewall-cmd --list-ports # sudo zfs create trayimurti/containers/volumes/caddy # sudo zfs create trayimurti/containers/volumes/gitea # sudo zfs create trayimurti/containers/volumes/blog # sudo zfs create trayimurti/containers/volumes/nextcloud # sudo zfs create trayimurti/containers/volumes/mach # sudo chown pratham:pratham -vR /trayimurti/containers/volumes # mkdir -vp /trayimurti/containers/volumes/caddy/{site,ssl/{private,certs},caddy_{data,config}} # mkdir -vp /trayimurti/containers/volumes/gitea/{database,web/{data,config}} # mkdir -vp /trayimurti/containers/volumes/nextcloud/{database,web} # cp -v Caddyfile /trayimurti/containers/volumes/caddy/ # chmod 700 -v /trayimurti/containers/volumes/caddy/ssl/private # chmod 600 -v /trayimurti/containers/volumes/caddy/ssl/private/key.pem # git clone git@gitlab.com:shivohamx3/blog.git /trayimurti/containers/volumes/blog # git clone git@gitlab.com:shivohamx3/machines.git /trayimurti/containers/volumes/mach # mkdir -vp /trayimurti/containers/volumes/{mach,blog}/content # podman pull docker.io/library/caddy:2-alpine && sleep 60 && podman pull docker.io/gitea/gitea:latest && sleep 60 && podman pull docker.io/klakegg/hugo:alpine && sleep 60 && podman pull docker.io/library/mariadb:latest && sleep 60 && podman pull docker.io/library/nextcloud:production && sleep 60 && podman pull docker.io/library/postgres:alpine && sleep 60 # openssl rand -base64 20 | podman secret create gitea_database_user_password - # openssl rand -base64 20 | podman secret create nextcloud_database_user_password - # openssl rand -base64 20 | podman secret create nextcloud_database_root_password -