diff --git a/config/docker/2023/yml-files/HedgeDoc.yml b/config/docker/2023/yml-files/HedgeDoc.yml new file mode 100644 index 0000000..0a6274e --- /dev/null +++ b/config/docker/2023/yml-files/HedgeDoc.yml @@ -0,0 +1,48 @@ +version: "3" +services: + mariadb: + image: lscr.io/linuxserver/mariadb:latest + container_name: hedgedoc_mariadb + restart: unless-stopped + volumes: + - /gurulandia/data/docker/hedgedoc/db:/config + environment: + - MYSQL_ROOT_PASSWORD=SuperPassword + - MYSQL_DATABASE=hedgedoc + - MYSQL_USER=hedgedoc + - MYSQL_PASSWORD=hedgedoc + - PGID=1000 + - PUID=1000 + - TZ=Europe/Helsinki + adminer: + image: adminer:latest + container_name: adminer + environment: + ADMINER_DEFAULT_SERVER: mariadb + restart: unless-stopped + ports: + - 7777:8080 + hedgedoc: + image: lscr.io/linuxserver/hedgedoc:latest + container_name: hedgedoc + restart: unless-stopped + depends_on: + - mariadb + volumes: + - /gurulandia/data/docker/hedgedoc/config:/config + environment: + - DB_HOST=mariadb + - DB_USER=hedgedoc + - DB_PASS=hedgedoc + - DB_NAME=hedgedoc + - DB_PORT=3306 + - PGID=1000 + - PUID=1000 + - TZ=Europe/Helsinki + - CMD_DOMAIN=gurulandia.fi + - CMD_ALLOW_ORIGIN = ['.gurulandia.fi'] + - CMD_URL_ADDPORT=true #optional + - CMD_PROTOCOL_USESSL=false #optional + - CMD_PORT=3000 #optional + ports: + - 53000:3000 \ No newline at end of file diff --git a/config/docker/2023/yml-files/HedgeDoc_1.yml b/config/docker/2023/yml-files/HedgeDoc_1.yml new file mode 100644 index 0000000..8c37a45 --- /dev/null +++ b/config/docker/2023/yml-files/HedgeDoc_1.yml @@ -0,0 +1,47 @@ +version: "3" +services: + mariadb: + image: lscr.io/linuxserver/mariadb:latest + container_name: hedgedoc_mariadb + restart: always + volumes: + - /gurulandia/data/docker/hedgedoc/db:/config + environment: + - MYSQL_ROOT_PASSWORD=SuperPassword + - MYSQL_DATABASE=hedgedoc + - MYSQL_USER=hedgedoc + - MYSQL_PASSWORD=hedgedoc + - PGID=1000 + - PUID=1000 + - TZ=Europe/Helsinki + adminer: + image: adminer:latest + container_name: adminer + environment: + ADMINER_DEFAULT_SERVER: mariadb + restart: always + ports: + - 7777:8080 + hedgedoc: + image: lscr.io/linuxserver/hedgedoc:latest + container_name: hedgedoc + restart: always + depends_on: + - mariadb + volumes: + - /gurulandia/data/docker/hedgedoc/config:/config + environment: + - DB_HOST=mariadb + - DB_USER=hedgedoc + - DB_PASS=hedgedoc + - DB_NAME=hedgedoc + - DB_PORT=3306 + - PGID=1000 + - PUID=1000 + - TZ=Europe/Helsinki + - CMD_DOMAIN=gl-v-l-srv-04.local.gurulandia.eu + - CMD_URL_ADDPORT=true #optional + - CMD_PROTOCOL_USESSL=false #optional + - CMD_PORT=3000 #optional + ports: + - 53000:3000 \ No newline at end of file diff --git a/config/docker/2023/yml-files/gitea.yml b/config/docker/2023/yml-files/gitea.yml new file mode 100644 index 0000000..68e1bd9 --- /dev/null +++ b/config/docker/2023/yml-files/gitea.yml @@ -0,0 +1,42 @@ +version: "3" + +networks: + gitea: + external: false + +services: + server: + image: gitea/gitea:1.18.1 + container_name: gitea + environment: + - USER_UID=1000 + - USER_GID=1000 + - GITEA__database__DB_TYPE=mysql + - GITEA__database__HOST=db:3306 + - GITEA__database__NAME=gitea + - GITEA__database__USER=gitea + - GITEA__database__PASSWD=gitea + restart: always + networks: + - gitea + volumes: + - /gurulandia/data/docker/gitea/data:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + - "3000:3000" + - "222:22" + depends_on: + - db + db: + image: mysql:8 + restart: always + environment: + - MYSQL_ROOT_PASSWORD=gitea + - MYSQL_USER=gitea + - MYSQL_PASSWORD=gitea + - MYSQL_DATABASE=gitea + networks: + - gitea + volumes: + - /gurulandia/data/docker/gitea/db:/var/lib/mysql diff --git a/config/docker/2023/yml-files/guacamole.yml b/config/docker/2023/yml-files/guacamole.yml new file mode 100644 index 0000000..665fe0c --- /dev/null +++ b/config/docker/2023/yml-files/guacamole.yml @@ -0,0 +1,171 @@ +#################################################################################### +# docker-compose file for Apache Guacamole +# created by PCFreak 2017-06-28 +# +# Apache Guacamole is a clientless remote desktop gateway. It supports standard +# protocols like VNC, RDP, and SSH. We call it clientless because no plugins or +# client software are required. Thanks to HTML5, once Guacamole is installed on +# a server, all you need to access your desktops is a web browser. +#################################################################################### +# +# What does this file do? +# +# Using docker-compose it will: +# +# - create a network 'guacnetwork_compose' with the 'bridge' driver. +# - create a service 'guacd_compose' from 'guacamole/guacd' connected to 'guacnetwork' +# - create a service 'postgres_guacamole_compose' (1) from 'postgres' connected to 'guacnetwork' +# - create a service 'guacamole_compose' (2) from 'guacamole/guacamole/' conn. to 'guacnetwork' +# - create a service 'nginx_guacamole_compose' (3) from 'nginx' connected to 'guacnetwork' +# +# (1) +# DB-Init script is in './init/initdb.sql' it has been created executing +# 'docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgres > ./init/initdb.sql' +# 'docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql' +# once. +# DATA-DIR is in './data' +# If you want to change the DB password change all lines with 'POSTGRES_PASSWORD:' and +# change it to your needs before first start. +# To start from scratch delete './data' dir completely +# './data' will hold all data after first start! +# The initdb.d scripts are only executed the first time the container is started +# (and the database files are empty). If the database files already exist then the initdb.d +# scripts are ignored (e.g. when you mount a local directory or when docker-compose saves +# the volume and reuses it for the new container). +# +# !!!!! MAKE SURE your folder './init' is executable (chmod +x ./init) +# !!!!! or 'initdb.sql' will be ignored! +# +# './data' will hold all data after first start! +# +# (2) +# Make sure you use the same value for 'POSTGRES_USER' and 'POSTGRES_PASSWORD' +# as configured under (1) +# +# (3) +# ./nginx/nginx.conf will be mapped read-only into the container at /etc/nginx/nginx.conf +# ./nginx/mysite.template will be mapped into the container at /etc/nginx/conf.d/mysite.template +# ./nginx/ssl will be mapped into the container at /etc/nginx/ssl +# At startup a self-signed certificate will be created. If you want to use your own certs +# just remove the part that generates the certs from the 'command' section and replace +# 'self-ssl.key' and 'self.cert' with your certificate. +# To debug nginx replace '&& nginx -g 'daemon off' with '&& nginx-debug -g 'daemon off' +# nginx will export port 8443 to the outside world, make sure that this port is reachable +# on your system from the "outside world". All other traffice is only internal. +# +# You could remove the entire 'nginx' service from this file if you want to use your own +# reverse proxy in front of guacamole. If doing so, make sure you change the line +# - 8080/tcp +# to - 8080:8080/tcp +# within the 'guacamole' service. This will expose the guacamole webinterface directly +# on port 8080 and you can use it for your own purposes. +# Do note, guacamole is available on :8080/guacamole, not /. +# +# !!!!! FOR INITAL SETUP (after git clone) run ./prepare.sh once +# +# !!!!! FOR A FULL RESET (WILL ERASE YOUR DATABASE, YOUR FILES, YOUR RECORDS AND CERTS) DO A +# !!!!! ./reset.sh +# +# +# The initial login to the guacamole webinterface is: +# +# Username: guacadmin +# Password: guacadmin +# +# Make sure you change it immediately! +# +# version date comment +# 0.1 2017-06-28 initial release +# 0.2 2017-10-09 minor fixes + internal GIT push +# 0.3 2017-10-09 minor fixes + public GIT push +# 0.4 2019-08-14 creating of ssl certs now in prepare.sh +# simplified nginx startup commands +#################################################################################### + +version: '2.0' + +# networks +# create a network 'guacnetwork_compose' in mode 'bridged' +networks: + guacnetwork_compose: + driver: bridge + +# services +services: + # guacd + guacd: + container_name: guacd_compose + image: guacamole/guacd + networks: + guacnetwork_compose: + restart: unless-stopped +# volumes: +# - /gurulandia/data/docker/guacamole/drive:/drive:rw +# - /gurulandia/data/docker/guacamole/record:/record:rw + # postgres + #postgres: + # container_name: postgres_guacamole_compose + # environment: + # PGDATA: /var/lib/postgresql/data/guacamole + # POSTGRES_DB: guacamole_db + # POSTGRES_PASSWORD: 'ChooseYourOwnPasswordHere1234' + # POSTGRES_USER: guacamole_user + # image: postgres:13.4-buster + # networks: + # guacnetwork_compose: + # restart: always + # volumes: + # - ./init:/docker-entrypoint-initdb.d:z + # - ./data:/var/lib/postgresql/data:Z + + # guacamole + guacamole: + container_name: guacamole + depends_on: + - guacd + + environment: + GUACD_HOSTNAME: guacd + MYSQL_HOSTNAME: 192.168.5.33 + MYSQL_PORT: 3306 + MYSQL_DATABASE: Guacamole + MYSQL_USER: guacamole + MYSQL_PASSWORD: Q&6nbS0FrnPHTw*6KF + WEBAPP_CONTEXT: 'ROOT' + #POSTGRES_DATABASE: guacamole_db + #POSTGRES_HOSTNAME: postgres + #POSTGRES_PASSWORD: 'ChooseYourOwnPasswordHere1234' + #POSTGRES_USER: guacamole_user + image: guacamole/guacamole + links: + - guacd + networks: + guacnetwork_compose: + ports: +## enable next line if not using nginx + - 8080:8080/tcp # Guacamole is on :8080/guacamole, not /. +## enable next line when using nginx + #- 8080/tcp + restart: unless-stopped + +########### optional ############## + # nginx + #nginx: +# container_name: nginx_guacamole_compose +# restart: always +# image: nginx +# volumes: +# - ./nginx/ssl/self.cert:/etc/nginx/ssl/self.cert:ro +# - ./nginx/ssl/self-ssl.key:/etc/nginx/ssl/self-ssl.key:ro +# - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro +# - ./nginx/mysite.template:/etc/nginx/conf.d/default.conf:ro +# ports: +# - 8443:443 +# links: +# - guacamole +# networks: +# guacnetwork_compose: + # run nginx +# command: /bin/bash -c "nginx -g 'daemon off;'" +# nginx-debug-mode +# command: /bin/bash -c "nginx-debug -g 'daemon off;'" diff --git a/config/docker/2023/yml-files/heimdall.yml b/config/docker/2023/yml-files/heimdall.yml new file mode 100644 index 0000000..347ce95 --- /dev/null +++ b/config/docker/2023/yml-files/heimdall.yml @@ -0,0 +1,54 @@ +version: "3.7" +########################### NETWORKS +# There is no need to create any networks outside this docker-compose file. +# You may customize the network subnets (192.168.90.0/24 and 91.0/24) below as you please. +# Docker Compose version 3.5 or higher required to define networks this way. +networks: + gl_proxy: + name: gl_proxy + driver: bridge + ipam: + config: + - subnet: $GL_PROXY_SUBNET + - gateway: $GL_PROXY_GATEWAY + default: + driver: bridge + gl_socket_proxy: + name: gl_socket_proxy + driver: bridge + ipam: + config: + - subnet: $GL_SOCKET_PROXY_SUBNET + - gateway: $GL_SOCKET_PROXY_GATEWAY + +########################### SERVICES +services: + # Heimdall - Unified Frontend Alternative + heimdall: + container_name: gl-heimdall + image: linuxserver/heimdall:latest + restart: unless-stopped + networks: + gl_proxy: + ipv4_address: $HEIMDALL_IP + security_opt: + - no-new-privileges:true + # ports: + # - "$HEIMDALL_PORT:80" + volumes: + - $DOCKERDIR/appdata/heimdall:/config + environment: + - PUID=$PUID + - PGID=$PGID + - TZ=$TZ + labels: + - "traefik.enable=true" + ## HTTP Routers + - "traefik.http.routers.heimdall-rtr.entrypoints=https" + - "traefik.http.routers.heimdall-rtr.rule=Host(`home.$DOMAINNAME0`)" + - "traefik.http.routers.heimdall-rtr.rule=Host(`home.$DOMAINNAME1`)" + ## Middlewares + - "traefik.http.routers.heimdall-rtr.middlewares=chain-authelia@file" + ## HTTP Services + - "traefik.http.routers.heimdall-rtr.service=heimdall-svc" + - "traefik.http.services.heimdall-svc.loadbalancer.server.port=80"