fabian/berry-docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: fabian:006df5004786b4a6dcf3da3719a6282313c7cab8
Branches Tags
fabian:master
..
compare: fabian:master
Branches Tags
fabian:master

2 Commits
006df50047 ... master

Author SHA1 Message Date
Fabian Gerle
4b51dce8e9 add pihole and grocy 2023-07-23 00:21:41 +01:00
Fabian Gerle
4af96828f0 add ssh support for gitea 2023-07-18 08:52:36 +01:00
2 changed files with 222 additions and 80 deletions
Expand all files Collapse all files

297
docker-compose.yaml
View File

@@ -4,7 +4,7 @@ volumes:
services:
#############################################################################
##################### MariaDB 1 #####################
##################### MariaDB Vikunja #####################
#############################################################################
db:
container_name: mariadb-vikunja
@@ -25,7 +25,7 @@ services:
- /etc/localtime:/etc/localtime:ro
#############################################################################
##################### MariaDB 2 #####################
##################### MariaDB Gitea #####################
#############################################################################
gitdb:
container_name: mariadb-git
@@ -48,62 +48,79 @@ services:
- /etc/localtime:/etc/localtime:ro
#############################################################################
##################### MariaDB 3 #####################
##################### MariaDB Nextcloud #####################
#############################################################################
nextcloud-db:
container_name: mariadb-nextcloud
image: tobi312/rpi-mariadb:10.11-alpine
# image: yobasystems/alpine-mariadb:10.5.9
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
# networks:
# ports:
# - "3326:3306"
# - "3327:3307"
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=${NEXTCLOUD_DB_ROOT}
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=${NEXTCLOUD_DB_PW}
volumes:
- ./databases/db-nextcloud:/var/lib/mysql
- /etc/localtime:/etc/localtime:ro
# nextcloud-db:
# container_name: mariadb-nextcloud
# image: tobi312/rpi-mariadb:10.11-alpine
# # image: yobasystems/alpine-mariadb:10.5.9
# command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
# # networks:
# # ports:
# # - "3326:3306"
# # - "3327:3307"
# restart: unless-stopped
# environment:
# - MYSQL_ROOT_PASSWORD=${NEXTCLOUD_DB_ROOT}
# - MYSQL_DATABASE=nextcloud
# - MYSQL_USER=nextcloud
# - MYSQL_PASSWORD=${NEXTCLOUD_DB_PW}
# volumes:
# - ./databases/db-nextcloud:/var/lib/mysql
# - /etc/localtime:/etc/localtime:ro
#############################################################################
##################### MariaDB Baikal #####################
#############################################################################
baikal-db:
container_name: mariadb-baikal
image: tobi312/rpi-mariadb:10.11-alpine
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=${BAIKAL_DB_ROOT}
- MYSQL_DATABASE=baikal
- MYSQL_USER=baikal
- MYSQL_PASSWORD=${BAIKAL_DB_PW}
volumes:
- ./databases/db-baikal:/var/lib/mysql
- /etc/localtime:/etc/localtime:ro
#############################################################################
##################### Nextcloud #####################
#############################################################################
nextcloud:
container_name: nextcloud
image: nextcloud:latest
restart: always
links:
- nextcloud-db
volumes:
- ./volumes/nextcloud:/var/www/html
environment:
- MYSQL_PASSWORD=${NEXTCLOUD_DB_PW}
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=nextcloud-db
- OVERWRITEPROTOCOL=https
- OVERWRITECLIURL=https://cloud.gerle.duckdns.org
- OVERWRITEHOST=cloud.gerle.duckdns.org
networks:
- dockernet
- default
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.nextcloud.rule=Host(`cloud.gerle.duckdns.org`)'
- "traefik.http.routers.nextcloud.entrypoints=websecure"
- "traefik.http.routers.nextcloud.tls=true"
- "traefik.http.routers.nextcloud.tls.certResolver=letsencrypt"
- 'traefik.http.services.nextcloud.loadbalancer.server.port=80'
- "traefik.http.routers.nextcloud.service=nextcloud"
# - "traefik.docker.network=proxy"
- "traefik.http.routers.nextcloud.middlewares=nextcloud-dav" #,default@file"
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/"
# nextcloud:
# container_name: nextcloud
# image: nextcloud:latest
# restart: always
# links:
# - nextcloud-db
# volumes:
# - ./volumes/nextcloud:/var/www/html
# environment:
# - MYSQL_PASSWORD=${NEXTCLOUD_DB_PW}
# - MYSQL_DATABASE=nextcloud
# - MYSQL_USER=nextcloud
# - MYSQL_HOST=nextcloud-db
# - OVERWRITEPROTOCOL=https
# - OVERWRITECLIURL=https://cloud.gerle.duckdns.org
# - OVERWRITEHOST=cloud.gerle.duckdns.org
# networks:
# - dockernet
# - default
# labels:
# - 'traefik.enable=true'
# - 'traefik.http.routers.nextcloud.rule=Host(`cloud.gerle.duckdns.org`)'
# - "traefik.http.routers.nextcloud.entrypoints=websecure"
# - "traefik.http.routers.nextcloud.tls=true"
# - "traefik.http.routers.nextcloud.tls.certResolver=letsencrypt"
# - 'traefik.http.services.nextcloud.loadbalancer.server.port=80'
# - "traefik.http.routers.nextcloud.service=nextcloud"
# # - "traefik.docker.network=proxy"
# - "traefik.http.routers.nextcloud.middlewares=nextcloud-dav" #,default@file"
# - "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
# - "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/"
#############################################################################
###################### Vikunja Api #####################
@@ -196,6 +213,7 @@ services:
- '80:80'
- '8080:8080'
- '443:443'
- '2222:2222/tcp'
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
- './traefik.yaml:/traefik.yaml'
@@ -244,32 +262,32 @@ services:
#############################################################################
##################### Baikal #####################
#############################################################################
# baikal:
# container_name: baikal
# image: ckulka/baikal:latest
# restart: always
# labels:
# - 'traefik.enable=true'
# - 'traefik.http.routers.baikal.rule=Host(`baikal.gerle.duckdns.org`)'
# - 'traefik.http.services.baikal.loadbalancer.server.port=80'
# - "traefik.http.routers.baikal.entrypoints=websecure"
# - "traefik.http.routers.baikal.tls.certResolver=letsencrypt"
# # traefik.port: 80
# # Traefik middleware required for iOS, see https://github.com/ckulka/baikal-docker/issues/37.
# # When using a Traefik provider file (YAML/TOML) instead of these labels, remove the escape
# # character from "*.redirectregex.replacement" - it's only needed in Docker Compose YAML files:
# # redirectRegex:
# # replacement: "https://$1/dav/php/
# - 'traefik.http.middlewares.baikal-dav.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav'
# - 'traefik.http.middlewares.baikal-dav.redirectregex.replacement=https://$$1/dav.php/'
# - 'traefik.http.middlewares.baikal-dav.redirectregex.permanent=true'
# - 'traefik.http.routers.baikal.middlewares=baikal-dav'
# volumes:
# - ./volumes/baikal-config:/var/www/baikal/config
# - ./volumes/baikal-data:/var/www/baikal/Specific
# networks:
# - dockernet
# - default
baikal:
container_name: baikal
image: ckulka/baikal:latest
restart: always
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.baikal.rule=Host(`baikal.gerle.duckdns.org`)'
- 'traefik.http.services.baikal.loadbalancer.server.port=80'
- "traefik.http.routers.baikal.entrypoints=websecure"
- "traefik.http.routers.baikal.tls.certResolver=letsencrypt"
# traefik.port: 80
# Traefik middleware required for iOS, see https://github.com/ckulka/baikal-docker/issues/37.
# When using a Traefik provider file (YAML/TOML) instead of these labels, remove the escape
# character from "*.redirectregex.replacement" - it's only needed in Docker Compose YAML files:
# redirectRegex:
# replacement: "https://$1/dav/php/
- 'traefik.http.middlewares.baikal-dav.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav'
- 'traefik.http.middlewares.baikal-dav.redirectregex.replacement=https://$$1/dav.php/'
- 'traefik.http.middlewares.baikal-dav.redirectregex.permanent=true'
- 'traefik.http.routers.baikal.middlewares=baikal-dav'
volumes:
- ./volumes/baikal-config:/var/www/baikal/config
- ./volumes/baikal-data:/var/www/baikal/Specific
networks:
- dockernet
- default
# acmedns:
@@ -310,6 +328,10 @@ services:
- GITEA__mailer__USER=${MAIL_USER}
- GITEA__mailer__PASSWD=${MAIL_PW}
- GITEA__server__ROOT_URL="https://git.gerle.duckdns.org"
- GITEA__server__START_SSH_SERVER=true
- GITEA__server__SSH_DOMAIN="git.gerle.duckdns.org"
- GITEA__server__SSH_PORT=22
- GITEA__server__SSH_LISTEN_PORT=2222
restart: always
networks:
- gitea
@@ -320,9 +342,16 @@ services:
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "222:22"
# - "222:22"
labels:
- 'traefik.enable=true'
# - 'traefik.http.routers.git-ssh.rule=Host(`git.gerle.duckdns.org`)'
# - 'traefik.http.services.git-ssh.loadbalancer.server.port=22'
# - "traefik.http.routers.git-ssh.entrypoints=ssh"
- traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)
- traefik.tcp.routers.gitea-ssh.entrypoints=ssh
- traefik.tcp.routers.gitea-ssh.service=gitea-ssh-svc
- traefik.tcp.services.gitea-ssh-svc.loadbalancer.server.port=2222
- 'traefik.http.routers.git.rule=Host(`git.gerle.duckdns.org`)'
- 'traefik.http.services.git.loadbalancer.server.port=3000'
- "traefik.http.routers.git.entrypoints=websecure"
@@ -330,6 +359,116 @@ services:
depends_on:
- gitdb
#############################################################################
##################### Pihole #####################
#############################################################################
pihole:
container_name: pihole
image: pihole/pihole:latest
# For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
ports:
- "53:53/tcp"
- "53:53/udp"
- "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
- "8022:80/tcp"
environment:
TZ: 'Europe/Berlin'
WEBPASSWORD: ${PIHOLE_PW}
# Volumes store your data between container upgrades
volumes:
- './volumes/pihole-etc:/etc/pihole'
- './volumes/pihole-etc-dnsmasq.d:/etc/dnsmasq.d'
# https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
# cap_add:
# - NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
restart: unless-stopped
#############################################################################
##################### Grocy #####################
#############################################################################
# grocy-frontend:
# container_name: grocy-frontend
# image: grocy/frontend:v3.3.2
# # build:
# # args:
# # GROCY_VERSION: v3.3.2
# # PLATFORM: linux/amd64
# # context: .
# # dockerfile: Containerfile-frontend
# depends_on:
# - backend
# # ports:
# # - "8888:80"
# networks:
# - dockernet
# - default
# read_only: true
# volumes:
# - ./volumes/grocy:/var/www/data
# tmpfs:
# - /tmp
# restart: unless-stopped
# labels:
# - 'traefik.enable=true'
# - 'traefik.http.routers.grocy.rule=Host(`grocy.gerle.duckdns.org`)'
# # - 'traefik.http.services.grocy.loadbalancer.server.port=8888'
# - "traefik.http.routers.grocy.entrypoints=websecure"
# - "traefik.http.routers.grocy.tls.certResolver=letsencrypt"
# backend:
# container_name: grocy-backend
# image: grocy/backend:v3.3.2
# expose:
# - '9000'
# read_only: true
# networks:
# # - dockernet
# - default
# tmpfs:
# - /tmp
# volumes:
# - ./volumes/grocy:/var/www/data
# environment:
# # - GROCY_MODE=production
# - GROCY_CULTURE=de
# - MAX_UPLOAD=50M
# - PHP_MAX_FILE_UPLOAD=200
# - PHP_MAX_POST=100M
# - PHP_MEMORY_LIMIT=512M
# - GROCY_CURRENCY=EUR
# restart: unless-stopped
grocy:
image: lscr.io/linuxserver/grocy:latest
container_name: grocy
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- GROCY_CURRENCY=EUR
- GROCY_CULTURE=de
volumes:
- ./volumes/grocy:/config
# ports:
# - 9283:80
restart: unless-stopped
networks:
- gitea
- dockernet
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.grocy.rule=Host(`grocy.gerle.duckdns.org`)'
- "traefik.http.routers.grocy.entrypoints=websecure"
- "traefik.http.routers.grocy.tls.certResolver=letsencrypt"
- "traefik.http.routers.grocy.tls=true"
- 'traefik.http.services.grocy.loadbalancer.server.port=80'
#############################################################################
##################### Networks #####################
#############################################################################

5
traefik.yaml
View File

@@ -7,6 +7,9 @@ entryPoints:
to: "websecure"
scheme: "https"
permanent: true
ssh:
address: ":2222"
websecure:
@@ -26,7 +29,7 @@ accessLog:
log:
level: DEBUG
# level: DEBUG
filePath: "/logs/traefik.log"
providers: