164 lines
6.2 KiB
YAML
164 lines
6.2 KiB
YAML
version: 3.7
|
|
|
|
services:
|
|
|
|
reverse-proxy:
|
|
image: caddy:2-alpine
|
|
container_name: caddy-vishwambhar
|
|
command: caddy run --config /etc/caddy/Caddyfile
|
|
restart: always
|
|
ports:
|
|
- 8080:80
|
|
- 8443:443
|
|
volumes:
|
|
- /trayimurti/containers/volumes/caddy/Caddyfile:/etc/caddy/Caddyfile:Z
|
|
- /trayimurti/containers/volumes/caddy/site:/srv:Z
|
|
- /trayimurti/containers/volumes/caddy/caddy_data:/data:Z
|
|
- /trayimurti/containers/volumes/caddy/caddy_config:/config:Z
|
|
- /trayimurti/containers/volumes/caddy/ssl:/etc/ssl:Z
|
|
depends_on:
|
|
- gitea-web
|
|
- thefossguy-blog
|
|
- nextcloud-web
|
|
- thefossguy-mach
|
|
|
|
gitea-web:
|
|
image: gitea/gitea:latest
|
|
container_name: gitea-govinda
|
|
restart: always
|
|
ports:
|
|
- 8010:3000
|
|
- 8011:2222
|
|
volumes:
|
|
- /trayimurti/containers/volumes/gitea/web/data:/var/lib/gitea:Z
|
|
- /trayimurti/containers/volumes/gitea/web/config:/etc/gitea:Z
|
|
- /etc/localtime:/etc/localtime:ro
|
|
environment:
|
|
- ROOT_URL=https://git.thefossguy.com
|
|
- GITEA__database__DB_TYPE=postgres
|
|
- GITEA__database__HOST=gitea-db:5432
|
|
- GITEA__database__NAME=gitea
|
|
- GITEA__database__USER=gitea
|
|
- GITEA__database__PASSWD=/run/secrets/gitea_database_user_password
|
|
- TZ=Asia/Kolkata
|
|
depends_on:
|
|
- gitea-db
|
|
secrets:
|
|
- gitea_database_user_password
|
|
|
|
gitea-db:
|
|
image: postgres:alpine
|
|
container_name: gitea-chitragupta
|
|
restart: always
|
|
volumes:
|
|
- /trayimurti/containers/volumes/gitea/database:/var/lib/postgresql/data:Z
|
|
environment:
|
|
- POSTGRES_USER=gitea
|
|
- POSTGRES_PASSWORD=/run/secrets/gitea_database_user_password
|
|
- POSTGRES_DB=gitea
|
|
- TZ=Asia/Kolkata
|
|
secrets:
|
|
- gitea_database_user_password
|
|
|
|
thefossguy-blog:
|
|
image: klakegg/hugo:alpine
|
|
container_name: hugo-vaikunthnatham
|
|
restart: always
|
|
command: server --disableFastRender -b https://blog.thefossguy.com/ --appendPort=false
|
|
ports:
|
|
- 8020:1313
|
|
volumes:
|
|
- /trayimurti/containers/volumes/blog:/src:Z
|
|
environment:
|
|
- TZ=Asia/Kolkata
|
|
|
|
nextcloud-web:
|
|
image: nextcloud:production
|
|
container_name: nextcloud-govinda
|
|
restart: always
|
|
ports:
|
|
- 8030:80
|
|
volumes:
|
|
- /trayimurti/containers/volumes/nextcloud/web:/var/www/html:Z
|
|
environment:
|
|
- MYSQL_PASSWORD=/run/secrets/nextcloud_database_user_password
|
|
- MYSQL_DATABASE=nextcloud
|
|
- MYSQL_USER=nextcloud
|
|
- MYSQL_HOST=nextcloud-db
|
|
- NEXTCLOUD_TRUSTED_DOMAINS=cloud.thefossguy.com
|
|
- OVERWRITECLIURL=https://cloud.thefossguy.com
|
|
- OVERWRITEPROTOCOL=https
|
|
- TZ=Asia/Kolkata
|
|
depends_on:
|
|
- nextcloud-db
|
|
secrets:
|
|
- nextcloud_database_user_password
|
|
|
|
nextcloud-db:
|
|
image: mariadb:latest
|
|
container_name: nextcloud-chitragupta
|
|
restart: always
|
|
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
|
|
volumes:
|
|
- /trayimurti/containers/volumes/nextcloud/database:/var/lib/mysql:Z
|
|
environment:
|
|
- MYSQL_ROOT_PASSWORD=/run/secrets/nextcloud_database_root_password
|
|
- MYSQL_PASSWORD=/run/secrets/nextcloud_database_user_password
|
|
- MYSQL_DATABASE=nextcloud
|
|
- MYSQL_USER=nextcloud
|
|
- TZ=Asia/Kolkata
|
|
secrets:
|
|
- nextcloud_database_root_password
|
|
- nextcloud_database_user_password
|
|
|
|
thefossguy-mach:
|
|
image: klakegg/hugo:alpine
|
|
container_name: hugo-mahayogi
|
|
restart: always
|
|
command: server --disableFastRender -b https://mach.thefossguy.com/ --appendPort=false
|
|
ports:
|
|
- 8040:1313
|
|
volumes:
|
|
- /trayimurti/containers/volumes/mach:/src:Z
|
|
environment:
|
|
- TZ=Asia/Kolkata
|
|
|
|
secrets:
|
|
gitea_database_user_password:
|
|
external: true
|
|
nextcloud_database_user_password:
|
|
external: true
|
|
nextcloud_database_root_password:
|
|
external: true
|
|
|
|
|
|
# sudo firewall-cmd --permanent --add-port=8080/tcp --add-port=8443/tcp --add-port=8010/tcp --add-port=8011/tcp --add-port=8020/tcp --add-port=8030/tcp --add-port=8040/tcp
|
|
# sudo firewall-cmd --reload
|
|
# sudo firewall-cmd --list-ports
|
|
|
|
# sudo zfs create trayimurti/containers/volumes/caddy
|
|
# sudo zfs create trayimurti/containers/volumes/gitea
|
|
# sudo zfs create trayimurti/containers/volumes/blog
|
|
# sudo zfs create trayimurti/containers/volumes/nextcloud
|
|
# sudo zfs create trayimurti/containers/volumes/mach
|
|
|
|
# sudo chown pratham:pratham -vR /trayimurti/containers/volumes
|
|
|
|
# mkdir -vp /trayimurti/containers/volumes/caddy/{site,ssl/{private,certs},caddy_{data,config}}
|
|
# mkdir -vp /trayimurti/containers/volumes/gitea/{database,web/{data,config}}
|
|
# mkdir -vp /trayimurti/containers/volumes/nextcloud/{database,web}
|
|
|
|
# cp -v Caddyfile /trayimurti/containers/volumes/caddy/
|
|
# chmod 700 -v /trayimurti/containers/volumes/caddy/ssl/private
|
|
# chmod 600 -v /trayimurti/containers/volumes/caddy/ssl/private/key.pem
|
|
|
|
# git clone git@gitlab.com:shivohamx3/blog.git /trayimurti/containers/volumes/blog
|
|
# git clone git@gitlab.com:shivohamx3/machines.git /trayimurti/containers/volumes/mach
|
|
# mkdir -vp /trayimurti/containers/volumes/{mach,blog}/content
|
|
|
|
# podman pull docker.io/library/caddy:2-alpine && sleep 60 && podman pull docker.io/gitea/gitea:latest && sleep 60 && podman pull docker.io/klakegg/hugo:alpine && sleep 60 && podman pull docker.io/library/mariadb:latest && sleep 60 && podman pull docker.io/library/nextcloud:production && sleep 60 && podman pull docker.io/library/postgres:alpine && sleep 60
|
|
|
|
# openssl rand -base64 20 | podman secret create gitea_database_user_password -
|
|
# openssl rand -base64 20 | podman secret create nextcloud_database_user_password -
|
|
# openssl rand -base64 20 | podman secret create nextcloud_database_root_password -
|