fabian/berry-docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add ssh support for gitea

Browse Source
This commit is contained in:
Fabian Gerle
2023-07-18 08:52:36 +01:00
parent 006df50047
commit 4af96828f0
2 changed files with 112 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

177
docker-compose.yaml
View File

@@ -4,7 +4,7 @@ volumes:
services:
#############################################################################
##################### MariaDB 1 #####################
##################### MariaDB Vikunja #####################
#############################################################################
db:
container_name: mariadb-vikunja
@@ -25,7 +25,7 @@ services:
- /etc/localtime:/etc/localtime:ro
#############################################################################
##################### MariaDB 2 #####################
##################### MariaDB Gitea #####################
#############################################################################
gitdb:
container_name: mariadb-git
@@ -48,62 +48,79 @@ services:
- /etc/localtime:/etc/localtime:ro
#############################################################################
##################### MariaDB 3 #####################
##################### MariaDB Nextcloud #####################
#############################################################################
nextcloud-db:
container_name: mariadb-nextcloud
# nextcloud-db:
# container_name: mariadb-nextcloud
# image: tobi312/rpi-mariadb:10.11-alpine
# # image: yobasystems/alpine-mariadb:10.5.9
# command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
# # networks:
# # ports:
# # - "3326:3306"
# # - "3327:3307"
# restart: unless-stopped
# environment:
# - MYSQL_ROOT_PASSWORD=${NEXTCLOUD_DB_ROOT}
# - MYSQL_DATABASE=nextcloud
# - MYSQL_USER=nextcloud
# - MYSQL_PASSWORD=${NEXTCLOUD_DB_PW}
# volumes:
# - ./databases/db-nextcloud:/var/lib/mysql
# - /etc/localtime:/etc/localtime:ro
#############################################################################
##################### MariaDB Baikal #####################
#############################################################################
baikal-db:
container_name: mariadb-baikal
image: tobi312/rpi-mariadb:10.11-alpine
# image: yobasystems/alpine-mariadb:10.5.9
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
# networks:
# ports:
# - "3326:3306"
# - "3327:3307"
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=${NEXTCLOUD_DB_ROOT}
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=${NEXTCLOUD_DB_PW}
- MYSQL_ROOT_PASSWORD=${BAIKAL_DB_ROOT}
- MYSQL_DATABASE=baikal
- MYSQL_USER=baikal
- MYSQL_PASSWORD=${BAIKAL_DB_PW}
volumes:
- ./databases/db-nextcloud:/var/lib/mysql
- ./databases/db-baikal:/var/lib/mysql
- /etc/localtime:/etc/localtime:ro
#############################################################################
##################### Nextcloud #####################
#############################################################################
nextcloud:
container_name: nextcloud
image: nextcloud:latest
restart: always
links:
- nextcloud-db
volumes:
- ./volumes/nextcloud:/var/www/html
environment:
- MYSQL_PASSWORD=${NEXTCLOUD_DB_PW}
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=nextcloud-db
- OVERWRITEPROTOCOL=https
- OVERWRITECLIURL=https://cloud.gerle.duckdns.org
- OVERWRITEHOST=cloud.gerle.duckdns.org
networks:
- dockernet
- default
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.nextcloud.rule=Host(`cloud.gerle.duckdns.org`)'
- "traefik.http.routers.nextcloud.entrypoints=websecure"
- "traefik.http.routers.nextcloud.tls=true"
- "traefik.http.routers.nextcloud.tls.certResolver=letsencrypt"
- 'traefik.http.services.nextcloud.loadbalancer.server.port=80'
- "traefik.http.routers.nextcloud.service=nextcloud"
# - "traefik.docker.network=proxy"
- "traefik.http.routers.nextcloud.middlewares=nextcloud-dav" #,default@file"
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/"
# nextcloud:
# container_name: nextcloud
# image: nextcloud:latest
# restart: always
# links:
# - nextcloud-db
# volumes:
# - ./volumes/nextcloud:/var/www/html
# environment:
# - MYSQL_PASSWORD=${NEXTCLOUD_DB_PW}
# - MYSQL_DATABASE=nextcloud
# - MYSQL_USER=nextcloud
# - MYSQL_HOST=nextcloud-db
# - OVERWRITEPROTOCOL=https
# - OVERWRITECLIURL=https://cloud.gerle.duckdns.org
# - OVERWRITEHOST=cloud.gerle.duckdns.org
# networks:
# - dockernet
# - default
# labels:
# - 'traefik.enable=true'
# - 'traefik.http.routers.nextcloud.rule=Host(`cloud.gerle.duckdns.org`)'
# - "traefik.http.routers.nextcloud.entrypoints=websecure"
# - "traefik.http.routers.nextcloud.tls=true"
# - "traefik.http.routers.nextcloud.tls.certResolver=letsencrypt"
# - 'traefik.http.services.nextcloud.loadbalancer.server.port=80'
# - "traefik.http.routers.nextcloud.service=nextcloud"
# # - "traefik.docker.network=proxy"
# - "traefik.http.routers.nextcloud.middlewares=nextcloud-dav" #,default@file"
# - "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
# - "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/"
#############################################################################
###################### Vikunja Api #####################
@@ -196,6 +213,7 @@ services:
- '80:80'
- '8080:8080'
- '443:443'
- '2222:2222/tcp'
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
- './traefik.yaml:/traefik.yaml'
@@ -244,32 +262,32 @@ services:
#############################################################################
##################### Baikal #####################
#############################################################################
# baikal:
# container_name: baikal
# image: ckulka/baikal:latest
# restart: always
# labels:
# - 'traefik.enable=true'
# - 'traefik.http.routers.baikal.rule=Host(`baikal.gerle.duckdns.org`)'
# - 'traefik.http.services.baikal.loadbalancer.server.port=80'
# - "traefik.http.routers.baikal.entrypoints=websecure"
# - "traefik.http.routers.baikal.tls.certResolver=letsencrypt"
# # traefik.port: 80
# # Traefik middleware required for iOS, see https://github.com/ckulka/baikal-docker/issues/37.
# # When using a Traefik provider file (YAML/TOML) instead of these labels, remove the escape
# # character from "*.redirectregex.replacement" - it's only needed in Docker Compose YAML files:
# # redirectRegex:
# # replacement: "https://$1/dav/php/
# - 'traefik.http.middlewares.baikal-dav.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav'
# - 'traefik.http.middlewares.baikal-dav.redirectregex.replacement=https://$$1/dav.php/'
# - 'traefik.http.middlewares.baikal-dav.redirectregex.permanent=true'
# - 'traefik.http.routers.baikal.middlewares=baikal-dav'
# volumes:
# - ./volumes/baikal-config:/var/www/baikal/config
# - ./volumes/baikal-data:/var/www/baikal/Specific
# networks:
# - dockernet
# - default
baikal:
container_name: baikal
image: ckulka/baikal:latest
restart: always
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.baikal.rule=Host(`baikal.gerle.duckdns.org`)'
- 'traefik.http.services.baikal.loadbalancer.server.port=80'
- "traefik.http.routers.baikal.entrypoints=websecure"
- "traefik.http.routers.baikal.tls.certResolver=letsencrypt"
# traefik.port: 80
# Traefik middleware required for iOS, see https://github.com/ckulka/baikal-docker/issues/37.
# When using a Traefik provider file (YAML/TOML) instead of these labels, remove the escape
# character from "*.redirectregex.replacement" - it's only needed in Docker Compose YAML files:
# redirectRegex:
# replacement: "https://$1/dav/php/
- 'traefik.http.middlewares.baikal-dav.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav'
- 'traefik.http.middlewares.baikal-dav.redirectregex.replacement=https://$$1/dav.php/'
- 'traefik.http.middlewares.baikal-dav.redirectregex.permanent=true'
- 'traefik.http.routers.baikal.middlewares=baikal-dav'
volumes:
- ./volumes/baikal-config:/var/www/baikal/config
- ./volumes/baikal-data:/var/www/baikal/Specific
networks:
- dockernet
- default
# acmedns:
@@ -310,6 +328,10 @@ services:
- GITEA__mailer__USER=${MAIL_USER}
- GITEA__mailer__PASSWD=${MAIL_PW}
- GITEA__server__ROOT_URL="https://git.gerle.duckdns.org"
- GITEA__server__START_SSH_SERVER=true
- GITEA__server__SSH_DOMAIN="git.gerle.duckdns.org"
- GITEA__server__SSH_PORT=22
- GITEA__server__SSH_LISTEN_PORT=2222
restart: always
networks:
- gitea
@@ -320,9 +342,16 @@ services:
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "222:22"
# - "222:22"
labels:
- 'traefik.enable=true'
# - 'traefik.http.routers.git-ssh.rule=Host(`git.gerle.duckdns.org`)'
# - 'traefik.http.services.git-ssh.loadbalancer.server.port=22'
# - "traefik.http.routers.git-ssh.entrypoints=ssh"
- traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)
- traefik.tcp.routers.gitea-ssh.entrypoints=ssh
- traefik.tcp.routers.gitea-ssh.service=gitea-ssh-svc
- traefik.tcp.services.gitea-ssh-svc.loadbalancer.server.port=2222
- 'traefik.http.routers.git.rule=Host(`git.gerle.duckdns.org`)'
- 'traefik.http.services.git.loadbalancer.server.port=3000'
- "traefik.http.routers.git.entrypoints=websecure"

5
traefik.yaml
View File

@@ -8,6 +8,9 @@ entryPoints:
scheme: "https"
permanent: true
ssh:
address: ":2222"
websecure:
address: ":443"
@@ -26,7 +29,7 @@ accessLog:
log:
level: DEBUG
# level: DEBUG
filePath: "/logs/traefik.log"
providers: