Gurulandia/Homelab
1
0
Fork 0
Code Pull Requests Actions Wiki Activity

Compare commits

base: Gurulandia:b765a8100cd283df917413afaf63ca7256dcedae
Branches Tags
Gurulandia:main
...
compare: Gurulandia:83aaa54e37e8226e9fd3bad5252c5a028f135621
Branches Tags
Gurulandia:main

4 Commits
b765a8100c ... 83aaa54e37

Author SHA1 Message Date
Gurulandia
83aaa54e37 add depend_on section 2025-02-05 20:33:30 +02:00
Gurulandia
28a72d8c7a added compose variables 2025-02-05 20:32:58 +02:00
Gurulandia
ee4230ac58 Move network to include 2025-02-05 20:32:19 +02:00
Gurulandia
ff55ea012d Initial Commit 2025-02-05 20:29:47 +02:00
31 changed files with 648 additions and 12 deletions
Expand all files Collapse all files

108
docker/.env.template
View File

@@ -25,3 +25,111 @@ SOCKET_PROXY_VERSION=latest
SOCKET_PROXY_RESTART_POLICY=always SOCKET_PROXY_RESTART_POLICY=always
DOCKER_ENDPOINT=tcp://${SOCKET_PROXY_CONTAINER_NAME}:2375 DOCKER_ENDPOINT=tcp://${SOCKET_PROXY_CONTAINER_NAME}:2375
#Configure
#COMPOSE_PROJECT_NAME
#COMPOSE_FILE
#Specifies the path to a Compose file. Specifying multiple Compose files is supported.
#Default behavior: If not provided, Compose looks for a file named compose.yaml in the current directory and, if not found, then Compose searches each parent directory recursively until a file by that name is found.
#When specifying multiple Compose files, the path separators are, by default, on:
#Mac and Linux: : (colon)
#Windows: ; (semicolon) For example:
#COMPOSE_FILE=docker-compose.yml:docker-compose.prod.yml
#The path separator can also be customized using COMPOSE_PATH_SEPARATOR.
#See also the command-line options overview and using -f to specify name and path of one or more Compose files.
#COMPOSE_PROFILES
#Specifies one or more profiles to be enabled when docker compose up is run.
#
#Services with matching profiles are started as well as any services for which no profile has been defined.
#
#For example, calling docker compose upwith COMPOSE_PROFILES=frontend selects services with the frontend profile as well as any services without a profile specified.
#
#If specifying multiple profiles, use a comma as a separator.
#This following example enables all services matching both the frontend and debug profiles and services without a profile.
#COMPOSE_PROFILES=frontend,debug
#See also Using profiles with Compose and the --profile command-line option.
#COMPOSE_CONVERT_WINDOWS_PATHS
#When enabled, Compose performs path conversion from Windows-style to Unix-style in volume definitions.
#Supported values:
#true or 1, to enable
#false or 0, to disable
#Defaults to: 0
#COMPOSE_PATH_SEPARATOR
#Specifies a different path separator for items listed in COMPOSE_FILE.
#Defaults to:
#On macOS and Linux to :
#On Windows to;
#COMPOSE_IGNORE_ORPHANS
#When enabled, Compose doesn't try to detect orphaned containers for the project.
#Supported values:
#true or 1, to enable
#false or 0, to disable
#Defaults to: 0
#COMPOSE_REMOVE_ORPHANS
#When enabled, Compose automatically removes orphaned containers when updating a service or stack. Orphaned containers are those that were created by a previous configuration but are no longer defined in the current compose.yaml file.
#Supported values:
#true or 1, to enable automatic removal of orphaned containers
#false or 0, to disable automatic removal. Compose displays a warning about orphaned containers instead.
#Defaults to: 0
#COMPOSE_PARALLEL_LIMIT
#Specifies the maximum level of parallelism for concurrent engine calls.
#COMPOSE_ANSI
#Specifies when to print ANSI control characters.
#Supported values:
#auto, Compose detects if TTY mode can be used. Otherwise, use plain text mode
#never, use plain text mode
#always or 0, use TTY mode
#Defaults to: auto
#COMPOSE_STATUS_STDOUT
#When enabled, Compose writes its internal status and progress messages to stdout instead of stderr. The default value is false to clearly separate the output streams between Compose messages and your container's logs.
#Supported values:
#true or 1, to enable
#false or 0, to disable
#Defaults to: 0
#COMPOSE_ENV_FILES
#Lets you specify which environment files Compose should use if --env-file isn't used.
#When using multiple environment files, use a comma as a separator. For example:
#COMPOSE_ENV_FILES=.env.envfile1, .env.envfile2
#If COMPOSE_ENV_FILES is not set, and you don't provide --env-file in the CLI, Docker Compose uses the default behavior, which is to look for an .env file in the project directory.
#COMPOSE_MENU
#Requires:
#Docker Compose 2.26.0 and later
#When enabled, Compose displays a navigation menu where you can choose to open the Compose stack in Docker Desktop, switch on watch mode, or use Docker Debug.
#Supported values:
#true or 1, to enable
#false or 0, to disable
#Defaults to: 1 if you obtained Docker Compose through Docker Desktop, otherwise default is 0
#COMPOSE_EXPERIMENTAL
#Requires:
#Docker Compose 2.26.0 and later
#This is an opt-out variable. When turned off it deactivates the experimental features such as the navigation menu or Synchronized file shares.
#Supported values:
#true or 1, to enable
#false or 0, to disable
#Defaults to: 1

18
docker/compose/joplin-server.yaml Normal file
View File

@@ -0,0 +1,18 @@
services:
joplin-server:
image: ${JOPLIN_IMAGE}:${JOPLIN_TAG}
container_name: ${JOPLIN_CONTAINER_NAME}
restart: ${JOPLIN_RESTART_POLICY}
security_opt:
- no-new-privileges:true
networks:
- ${JOPLIN_NETWORk_ID}
# ports:
# - "22300:22300"
environment:
UID: ${UID:-1000}
GID: ${GID:-1000}
TZ: ${TZ}
env_file:
- path: ../env/.env.joplin-srv
- path: ../env/.env.joplin-srv.db-cred

20
docker/compose/networks.yaml Normal file
View File

@@ -0,0 +1,20 @@
networks:
proy:
driver: bridge
#backendd:
# driver: bridge
socket_proxy:
driver: bridge
default:
driver: bridge
#networks:
# network1:
# external: true
# name: "${NETWORK_ID}"
#networks:
# mynet1:
# labels:
# com.example.description: "Financial transaction network"
# com.example.department: "Finance"
# com.example.label-with-empty-value: ""

4
docker/compose/networks/backend.yaml Normal file
View File

@@ -0,0 +1,4 @@
networks:
backend:
name: backend
driver: bridge

4
docker/compose/networks/default.yaml Normal file
View File

@@ -0,0 +1,4 @@
networks:
default:
# name: default
driver: bridge

4
docker/compose/networks/proxy.yaml Normal file
View File

@@ -0,0 +1,4 @@
networks:
proxy:
name: proxy
driver: bridge

4
docker/compose/networks/socket-proxy.yaml Normal file
View File

@@ -0,0 +1,4 @@
networks:
socket_proxy:
name: socket_proxy
driver: bridge

10
docker/compose/postgres.yaml Normal file
View File

@@ -0,0 +1,10 @@
services:
db:
image: postgres:16
restart: unless-stopped
security_opt:
- no-new-privileges:true
volumes:
- ${DOCKERDIR}/${COMPOSE_PROJECT_NAME}/db:/var/lib/postgresql/data
#ports:
# - "5432:5432"

14
docker/env/.env.common vendored Normal file
View File

@@ -0,0 +1,14 @@
##### SYSTEM
UID=1000
GID=1000
TZ=Europe/HelsinkI
#USERDIR=/home/gurulandia
DOCKERDIR=/gurulandia/data
SECRETSDIR=/gurulandia/docker-shared/secrets
##### DOMAIN
DOMAINNAME0=gurulandia.eu
DOMAINNAME1=lab.gurulandia.eu
DOMAINNAME2=gurulandia.fi
DOMAINNAME3=home.gurulandia.fi

27
docker/env/.env.joplin-srv vendored Normal file
View File

@@ -0,0 +1,27 @@
# APP_BASE_URL: This is the base public URL where the service will be running.
# - If Joplin Server needs to be accessible over the internet, configure APP_BASE_URL as follows: https://example.com/joplin.
# - If Joplin Server does not need to be accessible over the internet, set the APP_BASE_URL to your server's hostname.
# For Example: http://[hostname]:22300. The base URL can include the port.
# APP_PORT: The local port on which the Docker container will listen.
# - This would typically be mapped to port to 443 (TLS) with a reverse proxy.
# - If Joplin Server does not need to be accessible over the internet, the port can be mapped to 22300.
#- APP_BASE_URL=http://10.0.6.177:22300
APP_BASE_URL=https://joplin.lab.gurulandia.eu
APP_PORT=53014 #22300
# Database
DB_CLIENT=pg
POSTGRES_PORT=5432
POSTGRES_HOST=10.0.6.178
#- STORAGE_DRIVER=Type=S3; Region=us-east-1; Path=http://192.168.55.30:53008; AccessKeyId=joplinsrv; SecretAccessKeyId=joplinsrv; Bucket=joplin
# Mai8ler
MAILER_ENABLED=1
MAILER_HOST=mailrise.lab.gurulandia.eu
MAILER_PORT=465
MAILER_SECURITY=tls
MAILER_AUTH_USER=gurulandia
MAILER_AUTH_PASSWORD=gurulandia
MAILER_NOREPLY_NAME=JoplinServer
MAILER_NOREPLY_EMAIL=no-reply@mail.gurulandia.eu

3
docker/env/.env.joplin-srv.db-cred vendored Normal file
View File

@@ -0,0 +1,3 @@
POSTGRES_PASSWORD=joplinsrv
POSTGRES_DATABASE=joplin
POSTGRES_USER=joplinsrv

2
docker/env/.env.joplin-srv.withdb vendored Normal file
View File

@@ -0,0 +1,2 @@
# Database
POSTGRES_HOST=db

14
docker/env/.env.proxy vendored Normal file
View File

@@ -0,0 +1,14 @@
BASICAUTHUSER=gurulandia:$$apr1$$kBqxEDFb$$aOgGWvLwFUDhSymDy430m.
# create basic auth with: echo $(htpasswd -nb "<USER>" "<PASSWORD>") | sed -e s/\\$/\\$\\$/g
##### trustedIPs
CLOUDFLARE_IPS=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,172.64.0.0/13,131.0.72.0/22,104.16.0.0/13,104.24.0.0/14
LOCAL_IPS=127.0.0.1/32,10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
##### Certificate
CF_API_EMAIL=gurulandia@outlook.com
CERTRESOLVER=dns-cloudflare
DNS_PROVIDER=cloudflare
RESOLVER0=1.1.1.1:53
RESOLVER1=1.0.0.1:53

16
docker/env/.env.stack.joplin-srv vendored Normal file
View File

@@ -0,0 +1,16 @@
COMPOSE_PROJECT_NAME=joplinserver
JOPLIN_NETWORk_ID=proxy
JOPLIN_HOSTNAME=joplin
##### Joplin Server Container
JOPLIN_CONTAINER_NAME=joplinsrv
JOPLIN_IMAGE=joplin/server
JOPLIN_TAG=latest
JOPLIN_RESTART_POLICY=unless-stopped
##### Joplin Server DB Container
JOPLINDB_CONTAINER_NAME=joplindb
JOPLINDB_IMAGE=postgres
JOPLINDB_TAG=16
JOPLINDB_RESTART_POLICY=unless-stopped

32
docker/env/.env.stack.proxy vendored Normal file
View File

@@ -0,0 +1,32 @@
COMPOSE_PROJECT_NAME=proxy
##### ProxyName
PROXYNAME=proxy
##### Traefik Container
TRAEFIK_CONTAINER_NAME=traefik
TRAEFIK_IMAGE=traefik
TRAEFIK_TAG=latest
TRAEFIK_RESTART_POLICY=unless-stopped
##### socket-proxy Container
SOCKET_PROXY_CONTAINER_NAME=socket-proxy
SOCKET_PROXY_IMAGE=ghcr.io/tecnativa/docker-socket-proxy
SOCKET_PROXY_TAG=latest
SOCKET_PROXY_RESTART_POLICY=always
##### Crowdsec Container
CROWDSEC_CONTAINER_NAME=crowdsec
CROWDSEC_IMAGE=crowdsecurity/crowdsec
CROWDSEC_TAG=latest
CROWDSEC_RESTART_POLICY=unless-stopped
##### bouncer-traefik Container
BT_CONTAINER_NAME=bouncer-traefik
BT_IMAGE=docker.io/fbonalair/traefik-crowdsec-bouncer
BT_TAG=latest
BT_RESTART_POLICY=unless-stopped
GIN_MODE=release
DOCKER_ENDPOINT=tcp://${SOCKET_PROXY_CONTAINER_NAME}:2375

31
docker/jemma/.env Normal file
View File

@@ -0,0 +1,31 @@
COMPOSE_PROJECT_NAME=joplinserver
COMPOSE_FILE=joplinserver.yaml
#COMPOSE_PROFILES
#COMPOSE_PROFILES=frontend,debug
COMPOSE_ENV_FILES=../env/.env.common #, ../env/joplinserver.env
##### SYSTEM
PUID=1000
PGID=1000
TZ=Europe/HelsinkI
#USERDIR=/home/gurulandia
DOCKERDIR=/gurulandia/data
SECRETSDIR=/gurulandia/docker-shared/secrets
##### ProxyName
PROXYNAME=proxy
##### Traefik Container
TRAEFIK_CONTAINER_NAME=traefik
TRAEFIK_IMAGE=traefik
TRAEFIK_VERSION=latest
TRAEFIK_RESTART_POLICY=unless-stopped
##### socket-proxy Container
SOCKET_PROXY_CONTAINER_NAME=socket-proxy
SOCKET_PROXY_IMAGE=ghcr.io/tecnativa/docker-socket-proxy
SOCKET_PROXY_VERSION=latest
SOCKET_PROXY_RESTART_POLICY=always
DOCKER_ENDPOINT=tcp://${SOCKET_PROXY_CONTAINER_NAME}:2375

146
docker/jemma/compose.yaml Normal file
View File

@@ -0,0 +1,146 @@
name: myapp
networks:
proxy:
name: proxy
external: true
# joplinsrv:
# name: joplinsrv
# driver: bridge
# This is a sample docker-compose file that can be used to run Joplin Server
# along with a PostgreSQL server.
#
# Update the following fields in the stanza below:
#
# POSTGRES_USER
# POSTGRES_PASSWORD
# APP_BASE_URL
#
# APP_BASE_URL: This is the base public URL where the service will be running.
# - If Joplin Server needs to be accessible over the internet, configure APP_BASE_URL as follows: https://example.com/joplin.
# - If Joplin Server does not need to be accessible over the internet, set the APP_BASE_URL to your server's hostname.
# For Example: http://[hostname]:22300. The base URL can include the port.
# APP_PORT: The local port on which the Docker container will listen.
# - This would typically be mapped to port to 443 (TLS) with a reverse proxy.
# - If Joplin Server does not need to be accessible over the internet, the port can be mapped to 22300.
services:
# db:
# image: postgres:16
# volumes:
# - ./data/postgres:/var/lib/postgresql/data
# ports:
# - "5432:5432"
# restart: unless-stopped
# environment:
# - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
# - POSTGRES_USER=${POSTGRES_USER}
# - POSTGRES_DB=${POSTGRES_DATABASE}
app:
container_name: joplinsrv
image: joplin/server:latest
# depends_on:
# - db
# ports:
# - "22300:22300"
restart: unless-stopped
environment:
- APP_PORT=22300
#- APP_BASE_URL=http://10.0.6.177:22300
- APP_BASE_URL=https://joplin.lab.gurulandia.eu
- DB_CLIENT=pg
- POSTGRES_PASSWORD=joplinsrv
- POSTGRES_DATABASE=joplin
- POSTGRES_USER=joplinsrv
- POSTGRES_PORT=5432
- POSTGRES_HOST=10.0.6.178
#- STORAGE_DRIVER=Type=S3; Region=us-east-1; Path=http://192.168.55.30:53008; AccessKeyId=joplinsrv; SecretAccessKeyId=joplinsrv; Bucket=joplin
- MAILER_ENABLED=1
- MAILER_HOST=mailrise.lab.gurulandia.eu
- MAILER_PORT=465
- MAILER_SECURITY=tls
- MAILER_AUTH_USER=gurulandia
- MAILER_AUTH_PASSWORD=gurulandia
- MAILER_NOREPLY_NAME=JoplinServer
- MAILER_NOREPLY_EMAIL=my_email_address
networks:
- proxy
labels:
traefik.enable: true
## HTTP Routers
traefik.http.routers.joplin-server-rtr.entrypoints: https
traefik.http.routers.joplin-server-rtr.rule: Host(`joplin.lab.gurulandia.eu`)
## Middlewares
#- "traefik.http.routers.${GOTIFY_HOST_NAME}-rtr.middlewares=chain-authelia@file"
traefik.http.routers.joplinserver-rtr.middlewares: chain-no-auth@file
## HTTP Services
traefik.http.routers.joplin-server-rtr.service: joplin-server-svc
traefik.http.services.joplin-server-svc.loadbalancer.server.port: 22300
# dns_search:
# - dc1.example.com
# - dc2.example.com
# hostname:
#
# one:
# label_file: ./app.labels
#
# two:
# label_file:
# - ./app.labels
# - ./additional.labels
# dns: 8.8.8.8
# dns:
# - 8.8.8.8
# - 9.9.9.9
# domainname:
# test_lib:
# image: test_lib_image
# profiles:
# - test
# coverage_lib:
# image: coverage_lib_image
# depends_on:
# - test_lib
# profiles:
# - test
# debug_lib:
# image: debug_lib_image
# depends_on:
# - test_lib
# profiles:
# - debug
#include:
# - my-compose-include.yaml #with serviceB declared
#services:
# serviceA:
# build: .
# depends_on:
# - serviceB #use serviceB directly as if it was declared in this Compose file
#x-custom:
# foo:
# - bar
# - zot
#networks:
# network1:
# external: true
# name: "${NETWORK_ID}"
# depends_on:
# - crowdsec
#include:
# - my-compose-include.yaml #with serviceB declared
#services:
# serviceA:
# build: .
# depends_on:
# - serviceB #use serviceB directly as if it was declared in this Compose file

25
docker/joplin-server/behind-proxy-with-db/compose.override.yml Normal file
View File

@@ -0,0 +1,25 @@
services:
joplin-server:
labels:
- "traefik.enable=true"
## HTTP Routers
- "traefik.http.routers.${JOPLIN_HOSTNAME}-rtr.entrypoints=https"
- "traefik.http.routers.${JOPLIN_HOSTNAME}-rtr.rule=Host(`${JOPLIN_HOSTNAME}.$DOMAINNAME1`)"
## Middlewares
# - "traefik.http.routers.${JOPLIN_HOSTNAME}-rtr.middlewares=chain-authelia@file"
- "traefik.http.routers.${JOPLIN_HOSTNAME}-rtr.middlewares=chain-no-auth@file"
## HTTP Services
- "traefik.http.routers.${JOPLIN_HOSTNAME}-rtr.service=${JOPLIN_HOSTNAME}-svc"
- "traefik.http.services.${JOPLIN_HOSTNAME}-svc.loadbalancer.server.port=22300"
depends_on:
- db
env_file:
- path: ../../env/.env.joplin-srv.withdb
db:
image: ${JOPLINDB_IMAGE}:${JOPLINDB_TAG}
container_name: ${JOPLINDB_CONTAINER_NAME}
restart: ${JOPLINDB_RESTART_POLICY}
env_file:
- path: ../../env/.env.joplin-srv.db-cred
networks:
- ${JOPLIN_NETWORk_ID}

9
docker/joplin-server/behind-proxy-with-db/compose.yml Normal file
View File

@@ -0,0 +1,9 @@
# Docker Compose v2.20 or greater required to use "include"
include:
#################### NETWORKS ####################
- ../../compose/networks/proxy.yaml
- ../../compose/networks/socket-proxy.yaml
#################### SERVICES ####################
- ../../compose/postgres.yaml
- ../../compose/joplin-server.yaml

1
docker/joplin-server/behind-proxy-with-db/dcc.sh Executable file
View File

@@ -0,0 +1 @@
docker compose --env-file ../../env/.env.stack.joplin-srv --env-file ../../env/.env.common config

13
docker/joplin-server/behind-proxy/compose.override.yml Normal file
View File

@@ -0,0 +1,13 @@
services:
joplin-server:
labels:
- "traefik.enable=true"
## HTTP Routers
- "traefik.http.routers.${JOPLIN_HOSTNAME}-rtr.entrypoints=https"
- "traefik.http.routers.${JOPLIN_HOSTNAME}-rtr.rule=Host(`${JOPLIN_HOSTNAME}.$DOMAINNAME1`)"
## Middlewares
# - "traefik.http.routers.${JOPLIN_HOSTNAME}-rtr.middlewares=chain-authelia@file"
- "traefik.http.routers.${JOPLIN_HOSTNAME}-rtr.middlewares=chain-no-auth@file"
## HTTP Services
- "traefik.http.routers.${JOPLIN_HOSTNAME}-rtr.service=${JOPLIN_HOSTNAME}-svc"
- "traefik.http.services.${JOPLIN_HOSTNAME}-svc.loadbalancer.server.port=22300"

7
docker/joplin-server/behind-proxy/compose.yml Normal file
View File

@@ -0,0 +1,7 @@
# Docker Compose v2.20 or greater required to use "include"
include:
#################### NETWORKS ####################
- ../../compose/networks/proxy.yaml
- ../../compose/networks/socket-proxy.yaml
#################### SERVICES ####################
- ../../compose/joplin-server.yaml

1
docker/joplin-server/behind-proxy/dcc.sh Executable file
View File

@@ -0,0 +1 @@
docker compose --env-file ../../env/.env.stack.joplin-srv --env-file ../../env/.env.common config

7
docker/joplin-server/compose.yml Normal file
View File

@@ -0,0 +1,7 @@
# Docker Compose v2.20 or greater required to use "include"
include:
#################### NETWORKS ####################
- ../../compose/networks/proxy.yaml
- ../../compose/networks/socket-proxy.yaml
#################### SERVICES ####################
- ../../compose/joplin-server.yaml

1
docker/joplin-server/dcc.sh Executable file
View File

@@ -0,0 +1 @@
docker compose --env-file ../env/.env.stack.joplin-srv --env-file ../env/.env.common config

18
docker/joplin-server/with-db/compose.override.yml Normal file
View File

@@ -0,0 +1,18 @@
services:
joplin-server:
depends_on:
- db
# ports:
# - "22300:22300"
env_file:
- path: ../../env/.env.joplin-srv.withdb
db:
image: ${JOPLINDB_IMAGE}:${JOPLINDB_TAG}
container_name: ${JOPLINDB_CONTAINER_NAME}
restart: ${JOPLINDB_RESTART_POLICY}
env_file:
- path: ../../env/.env.joplin-srv.db-cred
# ports:
# - "5432:5432"
networks:
- ${JOPLIN_NETWORk_ID}

8
docker/joplin-server/with-db/compose.yml Normal file
View File

@@ -0,0 +1,8 @@
# Docker Compose v2.20 or greater required to use "include"
include:
#################### NETWORKS ####################
- ../../compose/networks/proxy.yaml
- ../../compose/networks/socket-proxy.yaml
#################### SERVICES ####################
- ../../compose/postgres.yaml
- ../../compose/joplin-server.yaml

1
docker/joplin-server/with-db/dcc.sh Executable file
View File

@@ -0,0 +1 @@
docker compose --env-file ../../env/.env.stack.joplin-srv --env-file ../../env/.env.common config

17
docker/proxy/docker-compose.yml
View File

@@ -1,17 +1,10 @@
########################### NETWORKS
# There is no need to create any networks outside this docker-compose file.
networks:
proxy:
name: proxy
driver: bridge
socket_proxy:
name: socket_proxy
driver: bridge
# Docker Compose v2.20 or greater required to use "include" # Docker Compose v2.20 or greater required to use "include"
include: include:
########################### SERVICES #################### NETWORKS ####################
- ../compose/networks/proxy.yaml
- ../compose/networks/socket-proxy.yaml
#################### SERVICES ####################
- ../services/dc-traefik.yml - ../services/dc-traefik.yml
- ../services/dc-socket-proxy.yml - ../services/dc-socket-proxy.yml
- ../services/dc-crowdsec.yml - ../services/dc-crowdsec.yml
- ../services/dc-traefik-bouncer.yml - ../services/dc-traefik-bouncer.yml

93
docker/services/dc-joplin-server.yml Normal file
View File

@@ -0,0 +1,93 @@
services:
# db:
# image: postgres:16
# volumes:
# - ./data/postgres:/var/lib/postgresql/data
# ports:
# - "5432:5432"
# restart: unless-stopped
# environment:
# - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
# - POSTGRES_USER=${POSTGRES_USER}
# - POSTGRES_DB=${POSTGRES_DATABASE}
app:
container_name: joplinsrv
image: joplin/server:latest
# depends_on:
# - db
# ports:
# - "22300:22300"
restart: unless-stopped
environment:
- APP_PORT=22300
#- APP_BASE_URL=http://10.0.6.177:22300
- APP_BASE_URL=https://joplin.lab.gurulandia.eu
- DB_CLIENT=pg
- POSTGRES_PASSWORD=joplinsrv
- POSTGRES_DATABASE=joplin
- POSTGRES_USER=joplinsrv
- POSTGRES_PORT=5432
- POSTGRES_HOST=10.0.6.178
#- STORAGE_DRIVER=Type=S3; Region=us-east-1; Path=http://192.168.55.30:53008; AccessKeyId=joplinsrv; SecretAccessKeyId=joplinsrv; Bucket=joplin
- MAILER_ENABLED=1
- MAILER_HOST=mailrise.lab.gurulandia.eu
- MAILER_PORT=465
- MAILER_SECURITY=tls
- MAILER_AUTH_USER=gurulandia
- MAILER_AUTH_PASSWORD=gurulandia
- MAILER_NOREPLY_NAME=JoplinServer
- MAILER_NOREPLY_EMAIL=my_email_address
networks:
- proxy
labels:
traefik.enable: true
## HTTP Routers
traefik.http.routers.joplin-server-rtr.entrypoints: https
traefik.http.routers.joplin-server-rtr.rule: Host(`joplin.lab.gurulandia.eu`)
## Middlewares
#- "traefik.http.routers.${GOTIFY_HOST_NAME}-rtr.middlewares=chain-authelia@file"
traefik.http.routers.joplinserver-rtr.middlewares: chain-no-auth@file
## HTTP Services
traefik.http.routers.joplin-server-rtr.service: joplin-server-svc
traefik.http.services.joplin-server-svc.loadbalancer.server.port: 22300
# one:
# label_file: ./app.labels
#
# two:
# label_file:
# - ./app.labels
# - ./additional.labels
services:
crowdsec:
image: ${CROWDSEC_IMAGE}:${CROWDSEC_VERSION}
container_name: ${CROWDSEC_CONTAINER_NAME}
restart: ${CROWDSEC_RESTART_POLICY}
security_opt:
- no-new-privileges:true
networks:
- proxy
environment:
GID: "${GID-1000}"
env_file:
- path: ./crowdsec.env
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKERDIR}/crowdsec/acquis.d:/etc/crowdsec/acquis.d
#- ${DOCKERDIR}/crowdsec/acquis.yaml:/etc/crowdsec/acquis.yaml
- ${DOCKERDIR}/crowdsec/db:/var/lib/crowdsec/data/
- ${DOCKERDIR}/crowdsec/config:/etc/crowdsec/
- ${DOCKERDIR}/traefik/logs:/var/log/traefik/:ro
- /var/log/auth.log:/logs/auth.log:ro
- /var/log/syslog.log:/logs/syslog.log:ro
##### Joplin Server Container
JOPLIN_CONTAINER_NAME=traefik
JOPLIN_IMAGE=traefik
JOPLIN_TAG=latest
JOPLIN_RESTART_POLICY=unless-stopped
##### Joplin Server DB Container
JOPLINDB_CONTAINER_NAME=socket-proxy
JOPLINDB_IMAGE=ghcr.io/tecnativa/docker-socket-proxy
JOPLINDB_TAG=latest
JOPLINDB_RESTART_POLICY=always

2
docker/services/dc-traefik-bouncer.yml
View File

@@ -5,6 +5,8 @@ services:
restart: ${BT_RESTART_POLICY} restart: ${BT_RESTART_POLICY}
env_file: env_file:
- path: ./env-files/traefik-bouncer.env - path: ./env-files/traefik-bouncer.env
depends_on:
- crowdsec
networks: networks:
- proxy - proxy
security_opt: security_opt: