version: '3.4' volumes: data: services: ############################################################################# ##################### MariaDB 1 ##################### ############################################################################# db: container_name: mariadb-vikunja image: tobi312/rpi-mariadb:10.11-alpine # image: yobasystems/alpine-mariadb:10.5.9 command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci ports: - "3306:3306" - "3307:3307" restart: unless-stopped environment: - MYSQL_ROOT_PASSWORD=${VIKUNJA_DB_ROOT} - MYSQL_DATABASE=vikunja - MYSQL_USER=vikunja - MYSQL_PASSWORD=${VIKUNJA_DB_PW} volumes: - ./databases/db:/var/lib/mysql - /etc/localtime:/etc/localtime:ro ############################################################################# ##################### MariaDB 2 ##################### ############################################################################# gitdb: container_name: mariadb-git image: tobi312/rpi-mariadb:10.11-alpine # image: yobasystems/alpine-mariadb:10.5.9 command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci networks: - gitea # ports: # - "3326:3306" # - "3327:3307" restart: unless-stopped environment: - MYSQL_ROOT_PASSWORD=${GITEA_DB_ROOT} - MYSQL_DATABASE=gitea - MYSQL_USER=gitea - MYSQL_PASSWORD=${GITEA_DB_PW} volumes: - ./databases/db-git:/var/lib/mysql - /etc/localtime:/etc/localtime:ro ############################################################################# ##################### MariaDB 3 ##################### ############################################################################# nextcloud-db: container_name: mariadb-nextcloud image: tobi312/rpi-mariadb:10.11-alpine # image: yobasystems/alpine-mariadb:10.5.9 command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW # networks: # ports: # - "3326:3306" # - "3327:3307" restart: unless-stopped environment: - MYSQL_ROOT_PASSWORD=${NEXTCLOUD_DB_ROOT} - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_PASSWORD=${NEXTCLOUD_DB_PW} volumes: - ./databases/db-nextcloud:/var/lib/mysql - /etc/localtime:/etc/localtime:ro ############################################################################# ##################### Nextcloud ##################### ############################################################################# nextcloud: container_name: nextcloud image: nextcloud:latest restart: always links: - nextcloud-db volumes: - ./volumes/nextcloud:/var/www/html environment: - MYSQL_PASSWORD=${NEXTCLOUD_DB_PW} - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_HOST=nextcloud-db - OVERWRITEPROTOCOL=https - OVERWRITECLIURL=https://cloud.gerle.duckdns.org - OVERWRITEHOST=cloud.gerle.duckdns.org networks: - dockernet - default labels: - 'traefik.enable=true' - 'traefik.http.routers.nextcloud.rule=Host(`cloud.gerle.duckdns.org`)' - "traefik.http.routers.nextcloud.entrypoints=websecure" - "traefik.http.routers.nextcloud.tls.certResolver=letsencrypt" - "traefik.http.routers.nextcloud.tls=true" - 'traefik.http.services.nextcloud.loadbalancer.server.port=80' - "traefik.http.routers.nextcloud.service=nextcloud" # - "traefik.docker.network=proxy" - "traefik.http.routers.nextcloud.middlewares=nextcloud-dav" #,default@file" - "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav" - "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/" ############################################################################# ###################### Vikunja Api ##################### ############################################################################# api: container_name: vikunja-api image: vikunja/api environment: - VIKUNJA_DATABASE_HOST=db - VIKUNJA_DATABASE_PASSWORD=${VIKUNJA_DB_PW} - VIKUNJA_DATABASE_TYPE=mysql - VIKUNJA_DATABASE_USER=vikunja - VIKUNJA_DATABASE_DATABASE=vikunja - VIKUNJA_SERVICE_JWTSECRET=${VIKUNJA_JWT} - VIKUNJA_SERVICE_FRONTENDURL=https://vikunja.gerle.duckdns.org/ - VIKUNJA_SERVICE_TIMEZONE=Europe/Berlin - VIKUNJA_DEFAULTSETTINGS_TIMEZONE=Europe/Berlin - VIKUNJA_DEFAULTSETTINGS_WEEK_START=1 - VIKUNJA_MAILER_ENABLED=true - VIKUNJA_MAILER_HOST=${MAIL_HOST} - VIKUNJA_MAILER_PORT=${MAIL_PORT} - VIKUNJA_MAILER_AUTHTYPE=login - VIKUNJA_MAILER_USERNAME=${MAIL_USER} - VIKUNJA_MAILER_PASSWORD=${MAIL_PW} - VIKUNJA_MAILER_FROMEMAIL=${MAIL_ADDR} # ports: # - "3456:3456" volumes: - ./volumes/files:/app/vikunja/files depends_on: - db networks: - dockernet - default restart: unless-stopped labels: - "traefik.enable=true" - "traefik.http.routers.vikunja-api.rule=Host(`vikunja.gerle.duckdns.org`) && (PathPrefix(`/api/v1`) || PathPrefix(`/dav/`) || PathPrefix(`/.well-known/`))" - "traefik.http.routers.vikunja-api.tls=true" - "traefik.http.routers.vikunja-api.entrypoints=websecure" - "traefik.http.routers.vikunja-api.tls.certResolver=letsencrypt" # - 'traefik.http.services.vikunja-api.loadbalancer.server.port=80' ############################################################################# ##################### Vikunja Frontend ##################### ############################################################################# frontend: container_name: vikunja-frontend image: vikunja/frontend # ports: # - "80:80" # environment: # VIKUNJA_API_URL: http://gerle.i234.me:3456/api/v1 restart: unless-stopped networks: - dockernet - default labels: - 'traefik.enable=true' - 'traefik.http.routers.vikunja-frontend.rule=Host(`vikunja.gerle.duckdns.org`)' - "traefik.http.routers.vikunja-frontend.entrypoints=websecure" - "traefik.http.routers.vikunja-frontend.tls.certResolver=letsencrypt" - "traefik.http.routers.vikunja-frontend.tls=true" - 'traefik.http.services.vikunja-frontend.loadbalancer.server.port=80' ############################################################################# ##################### Traefik ##################### ############################################################################# traefik: image: 'traefik:latest' container_name: 'traefik' restart: 'unless-stopped' # command: # - "--log.level=DEBUG" # - "--accesslog=true" depends_on: - api environment: - ACME_DNS_API_BASE="http://10.0.0.8:4443" - ACME_DNS_STORAGE_PATH="/.lego-acme-dns-accounts.json" - DUCKDNS_TOKEN=${DUCKDNS} - LEGO_DISABLE_CNAME_SUPPORT=true - FREEMYIP_TOKEN=${FMIP_TOKEN} # - CF_API_EMAIL=${CLOUDFLARE_MAIL} # - CF_API_KEY=${CLOUDFLARE_KEY} # - CF_DNS_API_TOKEN=${CLOUDFLARE_TOKEN} ports: - '80:80' - '8080:8080' - '443:443' volumes: - '/var/run/docker.sock:/var/run/docker.sock:ro' - './traefik.yaml:/traefik.yaml' - "./rules.yaml:/etc/traefik/rules.yaml" - "./logs/:/logs/" - './secrets/acme.json:/acme.json' - './secrets/acme_ds.json:/acme_ds.json' - "./secrets/lego-acme-dns-accounts.json:/.lego-acme-dns-accounts.json" labels: - "traefik.enable=true" - "traefik.http.routers.api.rule=Host(`berry.local/traefik`)" - "traefik.http.routers.api.service=api@internal" - "traefik.http.routers.api.entrypoints=web" # - "traefik.http.routers.synology.rule=Host(`nas.gerle.i234.me`)" # - "traefik.http.routers.synology.service=nas" # - "traefik.http.services.nas.loadBalancer.passHostHeader=true" # - "traefik.http.services.nas.loadBalancer.servers.url=https://192.168.2.2:5001" networks: - dockernet - default ############################################################################# ##################### WhoAmI ##################### ############################################################################# whoami: container_name: whoami image: 'traefik/whoami' restart: 'unless-stopped' labels: - 'traefik.enable=true' # - "traefik.http.routers.whoami-http.entrypoints=web" # - "traefik.http.routers.whoami-http.rule=Host(`whoami.gerle.duckdns.org`)" - 'traefik.http.routers.whoami.rule=Host(`whoami.gerle.duckdns.org`)' - 'traefik.http.services.whoami.loadbalancer.server.port=80' - "traefik.http.routers.whoami.entrypoints=websecure" - "traefik.http.routers.whoami.tls.certResolver=letsencrypt" # - "traefik.http.middlewares.whoami-https.redirectscheme.scheme=https" networks: - dockernet ############################################################################# ##################### Baikal ##################### ############################################################################# # baikal: # container_name: baikal # image: ckulka/baikal:latest # restart: always # labels: # - 'traefik.enable=true' # - 'traefik.http.routers.baikal.rule=Host(`baikal.gerle.duckdns.org`)' # - 'traefik.http.services.baikal.loadbalancer.server.port=80' # - "traefik.http.routers.baikal.entrypoints=websecure" # - "traefik.http.routers.baikal.tls.certResolver=letsencrypt" # # traefik.port: 80 # # Traefik middleware required for iOS, see https://github.com/ckulka/baikal-docker/issues/37. # # When using a Traefik provider file (YAML/TOML) instead of these labels, remove the escape # # character from "*.redirectregex.replacement" - it's only needed in Docker Compose YAML files: # # redirectRegex: # # replacement: "https://$1/dav/php/ # - 'traefik.http.middlewares.baikal-dav.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav' # - 'traefik.http.middlewares.baikal-dav.redirectregex.replacement=https://$$1/dav.php/' # - 'traefik.http.middlewares.baikal-dav.redirectregex.permanent=true' # - 'traefik.http.routers.baikal.middlewares=baikal-dav' # volumes: # - ./volumes/baikal-config:/var/www/baikal/config # - ./volumes/baikal-data:/var/www/baikal/Specific # networks: # - dockernet # - default # acmedns: # build: # context: . # dockerfile: Dockerfile # image: joohoi/acme-dns:latest # ports: # - "443:443" # - "53:53" # - "53:53/udp" # - "80:80" # volumes: # - ./volumes/acmedns-config:/etc/acme-dns:ro # - ./volumes/acmedns-data:/var/lib/acme-dns ############################################################################# ##################### GiTea ##################### ############################################################################# git: image: gitea/gitea:latest container_name: gitea environment: - GITEA__database__DB_TYPE=mysql - GITEA__database__HOST=gitdb - GITEA__database__NAME=gitea - GITEA__database__USER=gitea - GITEA__database__PASSWD=${GITEA_DB_PW} - GITEA__repository__DEFAULT_BRANCH=master - GITEA__mailer__ENABLED=true - GITEA__mailer__FROM=${MAIL_ADDR} - GITEA__mailer__PROTOCOL=smtp+starttls - GITEA__mailer__SMTP_ADDR=${MAIL_HOST} - GITEA__mailer__SMTP_PORT=${MAIL_PORT} # - GITEA__mailer__IS_TLS_ENABLED=true - GITEA__mailer__USER=${MAIL_USER} - GITEA__mailer__PASSWD=${MAIL_PW} - GITEA__server__ROOT_URL="https://git.gerle.duckdns.org" restart: always networks: - gitea - dockernet volumes: - ./volumes/gitea:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro ports: - "3000:3000" - "222:22" labels: - 'traefik.enable=true' - 'traefik.http.routers.git.rule=Host(`git.gerle.duckdns.org`)' - 'traefik.http.services.git.loadbalancer.server.port=3000' - "traefik.http.routers.git.entrypoints=websecure" - "traefik.http.routers.git.tls.certResolver=letsencrypt" depends_on: - gitdb ############################################################################# ##################### Networks ##################### ############################################################################# networks: dockernet: external: true gitea: external: false # secrets: # mariadb_root: # file: ./docker/secrets/mariadb_root # vikunja-db_database: # file: ./docker/secrets/vikunja-db_database # vikunja-db_user: # file: ./docker/secrets/vikunja-db_user # vikunja-db_pw: # file: ./docker/secrets/vikunja-db_pw # gitea-db_database: # file: ./docker/secrets/gitea-db_database # gitea-db_user: # file: ./docker/secrets/gitea-db_user # gitea-db_pw: # file: ./docker/secrets/gitea-db_pw # viknja_jwt: # file: ./docker/secrets/vikunja_jwt # mail_host: # file: ./docker/secrets/mail_host # mail_user: # file: ./docker/secrets/mail_user # mail_pw: # file: ./docker/secrets/mail_pw # duckdns_token: # file: ./docker/secrets/duckdns_token