From 0f081689477e2f119b2bb6d3f5efac2f5281bfcb Mon Sep 17 00:00:00 2001 From: rorapp Date: Fri, 28 Feb 2025 18:06:47 +0100 Subject: [PATCH] update the docker files for almost all apps --- apps/backend/docker-compose.yml | 29 ++++++----- apps/database/docker-compose.yml | 54 +++++++++++++------- apps/docker-compose.all.yml | 4 +- apps/frontend/docker-compose.yml | 20 ++------ apps/tools/docker-compose.yml | 64 ++---------------------- apps/tools/limesurvey/docker-compose.yml | 0 apps/tools/nextcloud/docker-compose.yml | 59 ++++++++++++++++++++++ apps/website/docker-compose.yml | 25 ++++++--- 8 files changed, 140 insertions(+), 115 deletions(-) create mode 100644 apps/tools/limesurvey/docker-compose.yml create mode 100644 apps/tools/nextcloud/docker-compose.yml diff --git a/apps/backend/docker-compose.yml b/apps/backend/docker-compose.yml index 22ac631..5f53f80 100644 --- a/apps/backend/docker-compose.yml +++ b/apps/backend/docker-compose.yml @@ -1,19 +1,17 @@ ### Backend (./apps/backend/docker-compose.yml) - services: backend: - container_name: ${INFRASTRUCTURE_LABEL}-laravel-${ENVIRONMENT} + container_name: ${INFRASTRUCTURE_LABEL:-default}-backend-laravel-${ENVIRONMENT:-development} profiles: ["laravel", "backend", "all", "app"] env_file: - - ../../env/.env.all - - ../../env/${ENVIRONMENT}/.env.proxy - - ../../env/${ENVIRONMENT}/.env.database - - ../../env/${ENVIRONMENT}/.env.backend + - ../../env/${ENVIRONMENT:-development}/.env.backend depends_on: - database build: context: ./src dockerfile: Dockerfile + networks: + - backend labels: - "traefik.enable=${TRAEFIK_ENABLE}" - "traefik.http.routers.backend.entrypoints=${TRAEFIK_ENTRYPOINT}" @@ -23,14 +21,21 @@ services: - "traefik.http.routers.backend.tls.domains[0].main=`${BACKEND_DOMAIN}`" - "traefik.http.services.backend.loadbalancer.server.port=${BACKEND_PORT:-8000}" - "traefik.docker.network=${TRAEFIK_NETWORK}" - # Traefik-Crowdsec Stack backend-redis: image: redis:alpine - container_name: ${INFRASTRUCTURE_LABEL}-laravelredis-${ENVIRONMENT} + container_name: ${INFRASTRUCTURE_LABEL:-default}-backend-redis-${ENVIRONMENT:-development} profiles: ["redis", "backend", "all"] + env_file: + - ../../env/${ENVIRONMENT:-development}/.env.backend restart: unless-stopped - command: redis-server --appendonly yes --requirepass laravel-redis-passwort # Redis Passwort eingeben + command: redis-server --appendonly yes --requirepass ${REDIS_PASSWORD:-laravel-redis-passwort} # Redis Passwort eingeben volumes: - - ../../volumes/backend/redis:/data -networks: - backend: + - backend_redis_data:/data + networks: + - backend +volumes: + backend_redis_data: + driver: local + name: "${INFRASTRUCTURE_LABEL}_backend_redis_data" + + diff --git a/apps/database/docker-compose.yml b/apps/database/docker-compose.yml index 87d0bdc..d85a294 100644 --- a/apps/database/docker-compose.yml +++ b/apps/database/docker-compose.yml @@ -1,39 +1,55 @@ ### Database (./apps/database/docker-compose.yml) # - [ ] Create a MariaDB service # - [ ] Configure volumes for persistent storage of database data -# - [ ] Set up environment variables using the new structure (../../env/${ENVIRONMENT:-development}/database.env) -# - [ ] Configure networking to allow connections from the backend service -# - [ ] Set up regular backup jobs for the database -# - [ ] Configure appropriate resource limits and restart policies +secrets: + mariadb_root: + file: ${ROOT_DIR:-../..}/env/secrets.env services: database: - profiles: ["all", "mariadb", "backend", "app"] + secrets: + - mariadb_root + profiles: ["all", "database", "backend", "app"] image: mariadb:latest container_name: ${INFRASTRUCTURE_LABEL:-default}-mariadb-${ENVIRONMENT:-development} command: --bind-address=0.0.0.0 env_file: - - ../../env/.env.all - - ../../env/${ENVIRONMENT:-development}/.env.backend - - ../../env/${ENVIRONMENT:-development}/.env.proxy - environment: - - MARIADB_USER=${MARIADB_USER} - - MARIADB_DATABASE=${MARIADB_DATABASE} - - MARIADB_PASSWORD=${MARIADB_PASSWORD} - - MARIADB_ROOT_PASSWORD=root-mindboost + - ../../env/${ENVIRONMENT:-development}/.env.database volumes: - - ../../volumes/database/mariadb:/var/lib/mysql + - backend_mariadb_data:/var/lib/mysql + - ./healthcheck.sh:/usr/local/bin/healthcheck.sh networks: - backend + - database healthcheck: - test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] - interval: 10s + test: ["CMD", "bash", "/usr/local/bin/healthcheck.sh"] + interval: 1s retries: 3 adminer: - profiles: ["all", "mariadb", "backend", "app"] + profiles: ["all", "database", "backend", "adminer", "app"] image: adminer container_name: ${INFRASTRUCTURE_LABEL:-default}-adminer-${ENVIRONMENT:-development} restart: always ports: - - 8082:8080 + - ${ADMINER_PORT:-0}:8080 networks: - - backend \ No newline at end of file + - database + - proxy + labels: + - "traefik.enable=true" + - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_adminer.entrypoints=websecure" + - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_adminer.rule=Host(`${ADMINER_DOMAIN}`)" + - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_adminer.tls=true" + - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_adminer.tls.certresolver=http_resolver" + - 'traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_adminer.service=adminer' + - "traefik.http.adminer.cloud.loadbalancer.server.port=8080" + - "traefik.docker.network=${TRAEFIK_NETWORK:-default}" + # TODO: ADMINER IS NOT PREPARED FOR TRAEFIK +networks: + backend: + name: ${INFRASTRUCTURE_LABEL:-default}-backend-${ENVIRONMENT:-development} + database: + name: ${INFRASTRUCTURE_LABEL:-default}-database-${ENVIRONMENT:-development} +volumes: + backend_mariadb_data: + driver: local + name: ${INFRASTRUCTURE_LABEL:-default}_mariadb_${ENVIRONMENT:-development} diff --git a/apps/docker-compose.all.yml b/apps/docker-compose.all.yml index 61435db..4226b1a 100644 --- a/apps/docker-compose.all.yml +++ b/apps/docker-compose.all.yml @@ -14,6 +14,9 @@ ## Stellen Sie sicher, dass die .env.all Datei im angegebenen Verzeichnis existiert und den ENVIRONMENT Wert enthält. ## +configs: + all: + file: ../env/.env.all include: - path: ./proxy/docker-compose.yml env_file: @@ -23,7 +26,6 @@ include: env_file: - ../env/.env.all - ../env/${ENVIRONMENT:-development}/.env.frontend - - ../env/${ENVIRONMENT:-development}/.env.proxy - path: ./backend/docker-compose.yml - path: ./database/docker-compose.yml - path: ./website/docker-compose.yml diff --git a/apps/frontend/docker-compose.yml b/apps/frontend/docker-compose.yml index 549cac9..9247f01 100644 --- a/apps/frontend/docker-compose.yml +++ b/apps/frontend/docker-compose.yml @@ -1,10 +1,3 @@ -### Frontend (./apps/frontend/docker-compose.yml) -# - [ ] Create a Vue.js frontend service -# - [ ] Set up a Node.js environment for the frontend -# - [ ] Configure volumes for persistent storage of frontend assets -# - [ ] Set up environment variables using the new structure (../../env/${ENVIRONMENT:-development}/frontend.env) -# - [ ] Configure networking to communicate with the backend service -# - [ ] Set up healthchecks for the frontend service services: webapp: build: @@ -12,16 +5,13 @@ services: dockerfile: Dockerfile container_name: ${INFRASTRUCTURE_LABEL:-default}-frontend-${ENVIRONMENT:-development} profiles: ["webapp", "frontend", "all", "app"] - depends_on: - - database - - backend + ports: + - 3000:3000 labels: - "traefik.enable=${TRAEFIK_ENABLE}" + - "traefik.http.routers.webapp.service=webapp" - "traefik.http.routers.webapp.entrypoints=${TRAEFIK_ENTRYPOINT}" - 'traefik.http.routers.webapp.rule=Host(`${FRONTEND_DOMAIN}`) || Host(`${FRONTEND_DOMAIN_2}`)' - - "traefik.http.routers.webapp.tls=true" - - "traefik.http.routers.webapp.tls.certresolver=${TRAEFIK_CERT_RESOLVER}" - - "traefik.http.routers.webapp.tls.domains[0].main=${FRONTEND_DOMAIN}" - - "traefik.http.routers.webapp.tls.domains[0].sans=${FRONTEND_DOMAIN_2}" - "traefik.http.services.webapp.loadbalancer.server.port=3000" - - "traefik.docker.network=${TRAEFIK_NETWORK}" \ No newline at end of file + - "traefik.docker.network=${TRAEFIK_NETWORK}" + \ No newline at end of file diff --git a/apps/tools/docker-compose.yml b/apps/tools/docker-compose.yml index 4aa9966..3c6ebce 100644 --- a/apps/tools/docker-compose.yml +++ b/apps/tools/docker-compose.yml @@ -5,63 +5,7 @@ # - [ ] Configure networking to expose these services to the internet via the proxy # - [ ] Set up regular backup jobs for critical data in these services -services: - nextcloud-db: - image: mariadb:10.6 - container_name: ${INFRASTRUCTURE_LABEL:-default}-nextcloud-db-${ENVIRONMENT:-development} - profiles: ["all", "tools", "nextcloud"] - command: --transaction-isolation=READ-COMMITTED --innodb_read_only_compressed=OFF - restart: unless-stopped - volumes: - - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - - ../../volumes/tools/${INFRASTRUCTURE_LABEL:-default}_cloud/database:/var/lib/mysql - environment: - - MYSQL_ROOT_PASSWORD=headpiece-constant1-denim-mindboost #SQL root Passwort eingeben - - MYSQL_PASSWORD=idealist9-frayed-murkiness-mindboost #SQL Benutzer Passwort eingeben - - MYSQL_DATABASE=nextcloud-mindboost #Datenbank Name - - MYSQL_USER=mindboostcloud #SQL Nutzername - - MYSQL_INITDB_SKIP_TZINFO=1 - - MARIADB_AUTO_UPGRADE=1 - nextcloud-redis: - image: redis:alpine - container_name: ${INFRASTRUCTURE_LABEL:-default}-nextcloud-redis-${ENVIRONMENT:-development} - profiles: ["all", "tools", "nextcloud"] - hostname: nextcloud-redis - restart: unless-stopped - command: redis-server --requirepass redis-mindboost-passwort # Redis Passwort eingeben - cloud: - image: nextcloud - container_name: ${INFRASTRUCTURE_LABEL:-default}-nextcloud-app-${ENVIRONMENT:-development} - profiles: ["all", "tools", "nextcloud"] - restart: unless-stopped - depends_on: - - nextcloud-db - - nextcloud-redis - environment: - TRUSTED_PROXIES: 172.16.255.254/16 - OVERWRITEPROTOCOL: https - OVERWRITECLIURL: https://${CLOUD_DOMAIN:-cloud} - OVERWRITEHOST: ${CLOUD_DOMAIN:-cloud} - REDIS_HOST: nextcloud-redis - REDIS_HOST_PASSWORD: redis-mindboost-passwort # Redis Passwort von oben wieder eingeben - volumes: - - ./app:/var/www/html - - ../../volumes/tools/${INFRASTRUCTURE_LABEL:-default}_cloudapp/:/var/www/html/data - labels: - - "traefik.enable=true" - - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.entrypoints=websecure" - - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.rule=Host(`${CLOUD_DOMAIN}`)" - - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.tls=true" - - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.tls.certresolver=http_resolver" - - 'traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.service=cloud' - - "traefik.http.services.cloud.loadbalancer.server.port=80" - - "traefik.docker.network=${TRAEFIK_NETWORK:-default}" - - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.middlewares=nextcloud-dav,default@file" - - "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav" - - "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/" - networks: - - ${TRAEFIK_NETWORK} -networks: - nextcloud: - name: ${INFRASTRUCTURE_LABEL:-default}_nextcloud +include: + - path: ./nextcloud/docker-compose.yml + - path: ./limesurvey/docker-compose.yml + - path: ./invoiceninja/dockerfiles/debian/docker-compose.yml diff --git a/apps/tools/limesurvey/docker-compose.yml b/apps/tools/limesurvey/docker-compose.yml new file mode 100644 index 0000000..e69de29 diff --git a/apps/tools/nextcloud/docker-compose.yml b/apps/tools/nextcloud/docker-compose.yml new file mode 100644 index 0000000..2a3acf6 --- /dev/null +++ b/apps/tools/nextcloud/docker-compose.yml @@ -0,0 +1,59 @@ +services: + nextcloud-db: + image: mariadb:10.6 + container_name: ${INFRASTRUCTURE_LABEL:-default}-nextcloud-db-${ENVIRONMENT:-development} + profiles: ["all", "tools", "nextcloud"] + command: --transaction-isolation=READ-COMMITTED --innodb_read_only_compressed=OFF + restart: unless-stopped + volumes: + - /etc/localtime:/etc/localtime:ro + - /etc/timezone:/etc/timezone:ro + - ../../volumes/tools/${INFRASTRUCTURE_LABEL:-default}_cloud/database:/var/lib/mysql + environment: + - MYSQL_ROOT_PASSWORD=headpiece-constant1-denim-mindboost #SQL root Passwort eingeben + - MYSQL_PASSWORD=idealist9-frayed-murkiness-mindboost #SQL Benutzer Passwort eingeben + - MYSQL_DATABASE=nextcloud-mindboost #Datenbank Name + - MYSQL_USER=mindboostcloud #SQL Nutzername + - MYSQL_INITDB_SKIP_TZINFO=1 + - MARIADB_AUTO_UPGRADE=1 + nextcloud-redis: + image: redis:alpine + container_name: ${INFRASTRUCTURE_LABEL:-default}-nextcloud-redis-${ENVIRONMENT:-development} + profiles: ["all", "tools", "nextcloud"] + hostname: nextcloud-redis + restart: unless-stopped + command: redis-server --requirepass redis-mindboost-passwort # Redis Passwort eingeben + cloud: + image: nextcloud + container_name: ${INFRASTRUCTURE_LABEL:-default}-nextcloud-app-${ENVIRONMENT:-development} + profiles: ["all", "tools", "nextcloud"] + restart: unless-stopped + depends_on: + - nextcloud-db + - nextcloud-redis + environment: + TRUSTED_PROXIES: 172.16.255.254/16 + OVERWRITEPROTOCOL: https + OVERWRITECLIURL: https://${CLOUD_DOMAIN:-cloud} + OVERWRITEHOST: ${CLOUD_DOMAIN:-cloud} + REDIS_HOST: nextcloud-redis + REDIS_HOST_PASSWORD: redis-mindboost-passwort # Redis Passwort von oben wieder eingeben + volumes: + - ../../volumes/tools/${INFRASTRUCTURE_LABEL:-default}_cloudapp/:/var/www/html/data + labels: + - "traefik.enable=true" + - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.entrypoints=websecure" + - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.rule=Host(`${CLOUD_DOMAIN}`)" + - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.tls=true" + - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.tls.certresolver=http_resolver" + - 'traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.service=cloud' + - "traefik.http.services.cloud.loadbalancer.server.port=80" + - "traefik.docker.network=${TRAEFIK_NETWORK:-default}" + - "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.middlewares=nextcloud-dav,default@file" + - "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav" + - "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/" + networks: + - ${TRAEFIK_NETWORK} +networks: + nextcloud: + name: ${INFRASTRUCTURE_LABEL:-default}_nextcloud diff --git a/apps/website/docker-compose.yml b/apps/website/docker-compose.yml index 06a1ade..2d5d4fb 100644 --- a/apps/website/docker-compose.yml +++ b/apps/website/docker-compose.yml @@ -7,17 +7,26 @@ services: container_name: ${INFRASTRUCTURE_LABEL:-default}-kirbycms-${ENVIRONMENT:-development} profiles: ["website","kirbycms","all"] volumes: - - ../../volumes/website/kirbycms:/var/www/html:rw # Persistente Daten + - kirbycms_data:/var/www/html:rw # Persistente Daten restart: unless-stopped + ports: + - 0:80 networks: - - ${TRAEFIK_NETWORK} + - ${TRAEFIK_NETWORK:-default} labels: - - "traefik.enable=${TRAEFIK_ENABLE}" - - "traefik.docker.network=${TRAEFIK_NETWORK}" + - "traefik.enable=${TRAEFIK_ENABLE:-false}" + - "traefik.docker.network=${TRAEFIK_NETWORK:-default}" - "traefik.http.routers.kirbycms.service=kirbycms" - - "traefik.http.routers.kirbycms.tls.certresolver=${TRAEFIK_CERT_RESOLVER}" - - "traefik.http.routers.kirbycms.tls.domains[0].main=`${WEBSITE_DOMAIN}`" - - "traefik.http.routers.kirbycms.rule=Host(`${WEBSITE_DOMAIN}`)" - - "traefik.http.routers.kirbycms.entrypoints=${TRAEFIK_ENTRYPOINT}" + - "traefik.http.routers.kirbycms.tls.certresolver=${TRAEFIK_CERT_RESOLVER:-default}" + - "traefik.http.routers.kirbycms.tls.domains[0].main=`${WEBSITE_DOMAIN:-kirby.local}`" + - "traefik.http.routers.kirbycms.rule=Host(`${WEBSITE_DOMAIN:-kirby.local}`)" + - "traefik.http.routers.kirbycms.entrypoints=${TRAEFIK_ENTRYPOINT:-default}" - "traefik.http.routers.kirbycms.tls=true" - "traefik.http.services.kirbycms.loadbalancer.server.port=80" +volumes: + kirbycms_data: + driver: local + driver_opts: + type: none + o: bind + device: /mnt/docker-volumes/website/kirbycms # Neuer fester Speicherort