eriks/docker_system
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: eriks:eriks-patch-1
Branches Tags
eriks:main eriks:cleanup eriks:eriks-patch-1
..
compare: eriks:afbbc1f573e45561487e7f624d246a3590982505
Branches Tags
eriks:main eriks:cleanup eriks:eriks-patch-1

2 Commits
eriks-patc ... afbbc1f573

Author SHA1 Message Date
KEriks
afbbc1f573 minified compose file 2022-07-07 16:54:44 +03:00
KEriks
7dbb9e2b91 Nginx cleanup 2022-07-07 16:44:00 +03:00
13 changed files with 45 additions and 40 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@ -12,4 +12,3 @@ compose/qbit/config/*
!compose/pgdb/docker-entrypoint-initdb.d/
compose/pgdb/docker-entrypoint-initdb.d/*.sh
.idea

7
README.md
View File

@ -26,6 +26,9 @@
- **registry** - Privately hosted DockerRegistry (must generate `compose/nginx/conf/registry.htpasswd`
- **gitea** - Privately hosted Git server
- **default\_web\_app** - primitive Flask app to serve default nginx template html and display request information at `/req` or `/json` endpoints
- **default\_web\_app** - primitive Flask app to serve default nginx tempalte html and display request information at `/req` or `/json` endpoints
- **vardadienas** - Flask app to generate and download customisable Latvian nameday calendar `.ics`
- **vardadienas** - private Flask app to generate and download customisable Latvian nameday calendar `.ics`
- **datne** - private Flask app for on-disk file browsing through WebUI
- **fuelkeeper** - private Django app
- **books** - private Django app

2
compose/certbot/init.sh
View File

@ -3,7 +3,7 @@ set -eu
touch /var/log/letsencrypt/letsencrypt.log
echo "Initializing certbot..."
rsa_key_size=4096
email=${ADMIN_EMAIL:-'admin@example.com'} # Valid address is required
email=${ADMIN_EMAIL:-'admin@example.com'} # Adding a valid address is strongly recommended
# Enable staging mode if needed
staging_arg=$(test $CB_STAGING && echo "--staging" || echo "")

0
compose/nextcloud/Dockerfile → compose/cloud/Dockerfile
View File

0
compose/nextcloud/entry_uid_change.sh → compose/cloud/entry_uid_change.sh
View File

0
compose/nextcloud/supervisord.conf → compose/cloud/supervisord.conf
View File

3
compose/nginx/conf/nginx.conf
View File

@ -42,7 +42,8 @@ http {
geo $local_ips {
default 0;
10.1.1.0/24 1;
83.243.93.200/32 1;
}
include /etc/nginx/sites-enables/*.conf;
include /etc/nginx/conf.d/*.conf;
}

0
compose/nginx/conf/sites-enabled/100-default.conf → compose/nginx/site-configs/100-default.conf
View File

12
compose/pgdb/docker-entrypoint-initdb.d/00-init-users-db.sh.example
View File

@ -2,15 +2,15 @@
set -e
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
CREATE USER flask WITH PASSWORD 'flask';
CREATE DATABASE flask;
GRANT ALL PRIVILEGES ON DATABASE flask TO flask;
CREATE USER books WITH PASSWORD 'books';
CREATE DATABASE books;
GRANT ALL PRIVILEGES ON DATABASE books TO books;
EOSQL
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
CREATE USER django WITH PASSWORD 'django';
CREATE DATABASE django;
GRANT ALL PRIVILEGES ON DATABASE django TO django;
CREATE USER fuelkeeper WITH PASSWORD 'fuelkeeper';
CREATE DATABASE fuelkeeper;
GRANT ALL PRIVILEGES ON DATABASE fuelkeeper TO fuelkeeper;
EOSQL
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL

9
default.env
View File

@ -1,4 +1,7 @@
nextcloud_data=/path/to/data/nextcloud
torrent_path=/path/to/data/files
cloud_data=/path/to/data/nextcloud
datne_media=/path/to/data/files
datne_target=/path/to/data/files
certbot_path=./compose/cb
nameday_git_path="https://git.72.lv/eriks/flask-namedays"
datne_git_path="git@gitlab.com:keriks/datne.git"
fuelkeeper_git_path="git@bitbucket.org:keriks/fuelkeeper.git"

1
default.env_certbot
View File

@ -1,4 +1,3 @@
DIGITALOCEAN_TOKEN=
DOMAINS="main example.com|secrets secret.example.com|testing test.example.com *.test.example.com"
ADMIN_EMAIL=domain@example.com
CB_STAGING=1

0
default.env_nextcloud → default.env_cloud
View File

50
docker-compose.yaml
View File

@ -11,15 +11,25 @@ services:
restart: always
volumes:
- ./compose/nginx/conf:/etc/nginx:ro
- ./compose/nginx/site-configs:/etc/nginx/conf.d:ro
# All mount points are read only (:ro) - file uploads/edits are processed inside service containers
- nextcloud:/var/www/app/nextcloud:ro
- ${nextcloud_data}:/var/www/app/nextcloud/data:ro
- fuelkeeper_static:/var/www/app/fuelkeeper/staticfiles:ro
- fuelkeeper_media:/var/www/app/fuelkeeper/media:ro
- books_static:/var/www/app/books/static:ro
- books_media:/var/www/app/books/media:ro
- ${datne_static}:/var/www/app/datne/staticfiles:ro
- ${datne_media}:/var/www/app/datne/media:ro
- nextcloud:/var/www/app/cloud:ro
- ${cloud_data}:/var/www/app/cloud/data:ro
- certbot_certs:/etc/letsencrypt:ro
- ./projects/72_lv:/var/www/72_lv:ro
depends_on:
- default_web_app
- nextcloud
- cloud
- yopass
- certbot
- gitea
@ -37,16 +47,14 @@ services:
image: redis:alpine
restart: always
nextcloud:
cloud:
build:
context: ./compose/nextcloud
context: ./compose/cloud
dockerfile: Dockerfile
env_file: .env_nextcloud
env_file: .env_cloud
volumes:
- nextcloud:/var/www/html
# Using path from variable "nextcloud_data" to place data at different disk,
# which isn't easily accomplished from compose
- ${nextcloud_data}:/var/www/html/data
- ${cloud_data}:/var/www/html/data
restart: always
links:
- pgdb
@ -71,6 +79,8 @@ services:
vardadienas:
image: registry.72.lv/flask-namedays:latest
restart: always
security_opt:
- no-new-privileges
certbot:
image: certbot/dns-digitalocean:latest
@ -99,24 +109,14 @@ services:
env_file:
- .env_gitea
qbit:
image: lscr.io/linuxserver/qbittorrent
environment:
- PUID=1000
- PGID=1001
- TZ=UTC
volumes:
- /config # persistent unnamed storage
- ${torrent_path}:/downloads
ports:
- "30000:30000"
- "30000:30000/udp"
restart: unless-stopped
volumes:
# named persistent volumes
nextcloud: {} # nextcloud configuration
books_media: {}
books_static: {}
fuelkeeper_media: {}
fuelkeeper_static: {}
nextcloud: {}
pgdb: {}
certbot_certs: {}
registry: {}