all working services

docker-compose.yml

@@ -0,0 +1,135 @@
+version: "3"
+
+networks:
+  shnet:
+
+services:
+  cocalc:
+    image: sagemathinc/cocalc
+    container_name: cocalc
+    volumes:
+      - ./cocalc-data:/projects
+    # ports:
+    #   - 0.0.0.0:8752:443
+    networks:
+      - shnet
+
+  swag:
+    image: linuxserver/swag
+    container_name: swag
+    cap_add:
+      - NET_ADMIN
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Chicago
+      - URL=alcap.duckdns.org
+      - DUCKDNSTOKEN=7efb0d54-574a-49c5-80d6-214da7c523c6
+      - SUBDOMAINS=
+      - EXTRA_DOMAINS=gminus2.duckdns.org,cloud.gminus2.duckdns.org,git.gminus2.duckdns.org,kb.gminus2.duckdns.org
+      - VALIDATION=http
+      - ONLY_SUBDOMAINS=false
+      - STAGING=false
+    volumes:
+      - ./swag-config:/config
+    ports:
+      - 443:443
+      - 80:80
+    restart: unless-stopped
+    networks:
+      - shnet
+
+  mariadb:
+    image: linuxserver/mariadb
+    container_name: mariadb
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - MYSQL_ROOT_PASSWORD=a141592-Z
+      - TZ=America/Chicago
+      - MYSQL_DATABASE=bookstack
+      - MYSQL_USER=bsa
+      - MYSQL_PASSWORD=bsa@@2197
+    ports:
+      - 192.168.1.107:4406:3306
+    volumes:
+      - ./mariadb-data:/config
+    restart: unless-stopped
+    networks:
+      - shnet
+
+  gitea:
+    image: gitea/gitea:latest
+    container_name: gitea
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      - RUN_MODE=prod
+      - DB_TYPE=mysql
+      - DB_HOST=mariadb:3306
+      - DB_NAME=gitea
+      - DB_USER=gitea
+      - DB_PASSWD=gitee@@2197
+      - DISABLE_SSH=false
+    restart: unless-stopped
+    networks:
+      - shnet
+    volumes:
+      - ./gitea-data:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      #  - "3000:3000"
+       - "0.0.0.0:9822:22"
+    depends_on:
+      - mariadb
+
+  bookstack:
+    image: linuxserver/bookstack:v0.29.3-ls103
+    container_name: bookstack
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - DB_HOST=mariadb
+      - DB_USER=bsa
+      - DB_PASS=bsa@@2197
+      - DB_DATABASE=bookstack
+    volumes:
+      - ./bookstack-data:/config
+    # ports:
+    #   - 6875:80
+    restart: unless-stopped
+    depends_on:
+      - mariadb
+    networks:
+      - shnet
+  
+  cloud:
+    image: linuxserver/nextcloud
+    container_name: cloud
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Chicago
+    # ports:
+    #   - 4443:443
+    restart: unless-stopped
+    volumes:
+      - /home/nam/Data/CloudData:/data
+      - ./cloud-config:/config
+    depends_on: 
+      - mariadb
+    networks:
+      - shnet
+  
+  # pma:
+  #   image: phpmyadmin/phpmyadmin:latest
+  #   container_name: pma
+  #   environment: 
+  #     - PMA_HOST=mariadb
+  #     - PMA_USER=root
+  #     - PMA_PASSWORD=a141592-Z
+  #   ports:
+  #     - 0.0.0.0:8081:80
+  #   networks: 
+  #     - shnet

swag-config/nginx/proxy-confs/bookstack.subdomain.conf

@@ -0,0 +1,24 @@
+# make sure that your dns has a cname set for bookstack and that your bookstack container is named bookstack
+# Ensure you have the APP_URL Environment Variable set correctly in your Docker Run/Compose or in BookStack Env File (/www/.env)
+# https://github.com/linuxserver/docker-bookstack#docker
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name kb.gminus2.duckdns.org;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+        include /config/nginx/proxy.conf;
+        # resolver 127.0.0.11 valid=30s;
+        set $upstream_app bookstack;
+        set $upstream_port 80;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}

swag-config/nginx/proxy-confs/cocalc.subdomain.conf

@@ -0,0 +1,35 @@
+# redirect all traffic to https
+server {
+	listen 80 ;
+	listen [::]:80 ;
+	server_name alcap.duckdns.org;
+	return 301 https://$host$request_uri;
+}
+
+# main server block
+server {
+	listen 443 ssl http2;
+	listen [::]:443 ssl http2;
+
+	index index.html index.htm index.php;
+
+	server_name alcap.duckdns.org;
+
+	# all ssl related config moved to ssl.conf
+	include /config/nginx/ssl.conf;
+  client_max_body_size 50;
+  server_tokens off;
+
+
+   location / {
+       proxy_pass https://cocalc:443;
+       proxy_http_version 1.1;
+       proxy_set_header Upgrade $http_upgrade;
+       proxy_set_header Connection "upgrade";
+       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+       proxy_set_header X-Forwarded-Proto $scheme;
+       proxy_read_timeout 3m;
+       proxy_send_timeout 3m;
+   }
+}

swag-config/nginx/proxy-confs/gitea.subdomain.conf

@@ -0,0 +1,30 @@
+server {
+    listen 80;
+    listen [::]:80;
+    server_name git.gminus2.duckdns.org;
+
+    location / {
+        return 301 https://$server_name$request_uri;
+    }
+
+}
+
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name git.gminus2.duckdns.org;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 10G;
+
+    location / {
+        proxy_pass http://gitea:3000;
+        proxy_redirect off;
+        proxy_set_header X-Scheme $scheme;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
+    }
+}

swag-config/nginx/proxy-confs/nextcloud.subdomain.conf

@@ -0,0 +1,38 @@
+# make sure that your dns has a cname set for nextcloud
+# assuming this container is called "swag", edit your nextcloud container's config
+# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
+#  'trusted_proxies' => ['swag'],
+#  'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
+#  'overwritehost' => 'nextcloud.your-domain.com',
+#  'overwriteprotocol' => 'https',
+#
+# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
+#  array (
+#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
+#    1 => 'nextcloud.your-domain.com',
+#  ),
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name cloud.gminus2.duckdns.org;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+        include /config/nginx/proxy.conf;
+        # resolver 127.0.0.11 valid=30s;
+        set $upstream_app cloud;
+        set $upstream_port 443;
+        set $upstream_proto https;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+        
+        proxy_max_temp_file_size 2048m;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
+        add_header X-Frame-Options "SAMEORIGIN" always;
+    }
+}