From f14b2aefc4c1618b49f6677db184003b3359bb13 Mon Sep 17 00:00:00 2001 From: Nam Tran Date: Sun, 4 Oct 2020 20:57:03 -0500 Subject: [PATCH] all working services --- docker-compose.yml | 135 ++++++++++++++++++ .../proxy-confs/bookstack.subdomain.conf | 24 ++++ .../nginx/proxy-confs/cocalc.subdomain.conf | 35 +++++ .../nginx/proxy-confs/gitea.subdomain.conf | 30 ++++ .../proxy-confs/nextcloud.subdomain.conf | 38 +++++ 5 files changed, 262 insertions(+) create mode 100644 docker-compose.yml create mode 100644 swag-config/nginx/proxy-confs/bookstack.subdomain.conf create mode 100644 swag-config/nginx/proxy-confs/cocalc.subdomain.conf create mode 100644 swag-config/nginx/proxy-confs/gitea.subdomain.conf create mode 100644 swag-config/nginx/proxy-confs/nextcloud.subdomain.conf diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..b5b433e --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,135 @@ +version: "3" + +networks: + shnet: + +services: + cocalc: + image: sagemathinc/cocalc + container_name: cocalc + volumes: + - ./cocalc-data:/projects + # ports: + # - 0.0.0.0:8752:443 + networks: + - shnet + + swag: + image: linuxserver/swag + container_name: swag + cap_add: + - NET_ADMIN + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Chicago + - URL=alcap.duckdns.org + - DUCKDNSTOKEN=7efb0d54-574a-49c5-80d6-214da7c523c6 + - SUBDOMAINS= + - EXTRA_DOMAINS=gminus2.duckdns.org,cloud.gminus2.duckdns.org,git.gminus2.duckdns.org,kb.gminus2.duckdns.org + - VALIDATION=http + - ONLY_SUBDOMAINS=false + - STAGING=false + volumes: + - ./swag-config:/config + ports: + - 443:443 + - 80:80 + restart: unless-stopped + networks: + - shnet + + mariadb: + image: linuxserver/mariadb + container_name: mariadb + environment: + - PUID=1000 + - PGID=1000 + - MYSQL_ROOT_PASSWORD=a141592-Z + - TZ=America/Chicago + - MYSQL_DATABASE=bookstack + - MYSQL_USER=bsa + - MYSQL_PASSWORD=bsa@@2197 + ports: + - 192.168.1.107:4406:3306 + volumes: + - ./mariadb-data:/config + restart: unless-stopped + networks: + - shnet + + gitea: + image: gitea/gitea:latest + container_name: gitea + environment: + - USER_UID=1000 + - USER_GID=1000 + - RUN_MODE=prod + - DB_TYPE=mysql + - DB_HOST=mariadb:3306 + - DB_NAME=gitea + - DB_USER=gitea + - DB_PASSWD=gitee@@2197 + - DISABLE_SSH=false + restart: unless-stopped + networks: + - shnet + volumes: + - ./gitea-data:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + # - "3000:3000" + - "0.0.0.0:9822:22" + depends_on: + - mariadb + + bookstack: + image: linuxserver/bookstack:v0.29.3-ls103 + container_name: bookstack + environment: + - PUID=1000 + - PGID=1000 + - DB_HOST=mariadb + - DB_USER=bsa + - DB_PASS=bsa@@2197 + - DB_DATABASE=bookstack + volumes: + - ./bookstack-data:/config + # ports: + # - 6875:80 + restart: unless-stopped + depends_on: + - mariadb + networks: + - shnet + + cloud: + image: linuxserver/nextcloud + container_name: cloud + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Chicago + # ports: + # - 4443:443 + restart: unless-stopped + volumes: + - /home/nam/Data/CloudData:/data + - ./cloud-config:/config + depends_on: + - mariadb + networks: + - shnet + + # pma: + # image: phpmyadmin/phpmyadmin:latest + # container_name: pma + # environment: + # - PMA_HOST=mariadb + # - PMA_USER=root + # - PMA_PASSWORD=a141592-Z + # ports: + # - 0.0.0.0:8081:80 + # networks: + # - shnet \ No newline at end of file diff --git a/swag-config/nginx/proxy-confs/bookstack.subdomain.conf b/swag-config/nginx/proxy-confs/bookstack.subdomain.conf new file mode 100644 index 0000000..e748c20 --- /dev/null +++ b/swag-config/nginx/proxy-confs/bookstack.subdomain.conf @@ -0,0 +1,24 @@ +# make sure that your dns has a cname set for bookstack and that your bookstack container is named bookstack +# Ensure you have the APP_URL Environment Variable set correctly in your Docker Run/Compose or in BookStack Env File (/www/.env) +# https://github.com/linuxserver/docker-bookstack#docker + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name kb.gminus2.duckdns.org; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + location / { + include /config/nginx/proxy.conf; + # resolver 127.0.0.11 valid=30s; + set $upstream_app bookstack; + set $upstream_port 80; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} diff --git a/swag-config/nginx/proxy-confs/cocalc.subdomain.conf b/swag-config/nginx/proxy-confs/cocalc.subdomain.conf new file mode 100644 index 0000000..76d411e --- /dev/null +++ b/swag-config/nginx/proxy-confs/cocalc.subdomain.conf @@ -0,0 +1,35 @@ +# redirect all traffic to https +server { + listen 80 ; + listen [::]:80 ; + server_name alcap.duckdns.org; + return 301 https://$host$request_uri; +} + +# main server block +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + index index.html index.htm index.php; + + server_name alcap.duckdns.org; + + # all ssl related config moved to ssl.conf + include /config/nginx/ssl.conf; + client_max_body_size 50; + server_tokens off; + + + location / { + proxy_pass https://cocalc:443; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 3m; + proxy_send_timeout 3m; + } +} \ No newline at end of file diff --git a/swag-config/nginx/proxy-confs/gitea.subdomain.conf b/swag-config/nginx/proxy-confs/gitea.subdomain.conf new file mode 100644 index 0000000..a6ac09c --- /dev/null +++ b/swag-config/nginx/proxy-confs/gitea.subdomain.conf @@ -0,0 +1,30 @@ +server { + listen 80; + listen [::]:80; + server_name git.gminus2.duckdns.org; + + location / { + return 301 https://$server_name$request_uri; + } + +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name git.gminus2.duckdns.org; + + include /config/nginx/ssl.conf; + + client_max_body_size 10G; + + location / { + proxy_pass http://gitea:3000; + proxy_redirect off; + proxy_set_header X-Scheme $scheme; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always; + } +} diff --git a/swag-config/nginx/proxy-confs/nextcloud.subdomain.conf b/swag-config/nginx/proxy-confs/nextcloud.subdomain.conf new file mode 100644 index 0000000..14c5fe8 --- /dev/null +++ b/swag-config/nginx/proxy-confs/nextcloud.subdomain.conf @@ -0,0 +1,38 @@ +# make sure that your dns has a cname set for nextcloud +# assuming this container is called "swag", edit your nextcloud container's config +# located at /config/www/nextcloud/config/config.php and add the following lines before the ");": +# 'trusted_proxies' => ['swag'], +# 'overwrite.cli.url' => 'https://nextcloud.your-domain.com/', +# 'overwritehost' => 'nextcloud.your-domain.com', +# 'overwriteprotocol' => 'https', +# +# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this: +# array ( +# 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it. +# 1 => 'nextcloud.your-domain.com', +# ), + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name cloud.gminus2.duckdns.org; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + location / { + include /config/nginx/proxy.conf; + # resolver 127.0.0.11 valid=30s; + set $upstream_app cloud; + set $upstream_port 443; + set $upstream_proto https; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + proxy_max_temp_file_size 2048m; + add_header X-Content-Type-Options "nosniff" always; + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always; + add_header X-Frame-Options "SAMEORIGIN" always; + } +}