remove basically everything
This commit is contained in:
@@ -1,20 +0,0 @@
|
||||
services:
|
||||
adminer:
|
||||
profiles: ["all", "database", "backend", "adminer", "app"]
|
||||
image: adminer
|
||||
container_name: ${INFRASTRUCTURE_LABEL:-default}-adminer-${ENVIRONMENT:-development}
|
||||
restart: always
|
||||
ports:
|
||||
- ${ADMINER_PORT:-0}:8080
|
||||
networks:
|
||||
- database
|
||||
- proxy
|
||||
labels:
|
||||
- "traefik.enable=${TRAEFIK_ENABLE:-false}"
|
||||
- "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_adminer.entrypoints=${TRAEFIK_ENTRYPOINT:-websecure}"
|
||||
- "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_adminer.rule=Host(`${ADMINER_DOMAIN}`)"
|
||||
- "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_adminer.tls=true"
|
||||
- "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_adminer.tls.certresolver=${TRAEFIK_CERT_RESOLVER:-http_resolver}"
|
||||
- 'traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_adminer.service=adminer'
|
||||
- "traefik.http.adminer.cloud.loadbalancer.server.port=8080"
|
||||
- "traefik.docker.network=${TRAEFIK_NETWORK:-default}"
|
||||
@@ -1,9 +0,0 @@
|
||||
### Develop (./apps/develop/docker-compose.yml)
|
||||
# - [ ] Create services for Gitea, Jenkins, and Adminer
|
||||
# - [ ] Configure volumes for persistent storage of Git repositories, Jenkins data, and Adminer settings
|
||||
# - [ ] Set up environment variables using the new structure (../../env/${ENVIRONMENT:-development}/develop.env)
|
||||
# - [ ] Configure networking to allow these services to communicate with each other and the necessary application services
|
||||
# - [ ] Set up access controls and security measures for development tools
|
||||
|
||||
include:
|
||||
- ./gitea/docker-compose.yml
|
||||
@@ -1,44 +0,0 @@
|
||||
services:
|
||||
gitea:
|
||||
image: gitea/gitea:latest
|
||||
container_name: ${INFRASTRUCTURE_LABEL:-mindboost}-gitea
|
||||
profiles: ["all", "gitea","develop"]
|
||||
restart: always
|
||||
volumes:
|
||||
- ${GITEA_VOLUME_PATH}:/data
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
depends_on:
|
||||
- gitea_db
|
||||
labels:
|
||||
- "traefik.enable=${TRAEFIK_ENABLE:-false}"
|
||||
- "traefik.http.routers.gitea.entrypoints=${TRAEFIK_ENTRYPOINT}"
|
||||
- "traefik.http.routers.gitea.rule=(Host(`${GITEA_DOMAIN})`)"
|
||||
- "traefik.http.routers.gitea.tls=true"
|
||||
- "traefik.http.routers.gitea.tls.certresolver=${TRAEFIK_CERT_RESOLVER}"
|
||||
- "traefik.http.routers.gitea.service=gitea"
|
||||
- 'traefik.http.services.gitea.loadbalancer.gitea.port=3000'
|
||||
- "traefik.http.routers.gitea.tls.domains[0].main=`${GITEA_TLS_DOMAIN_MAIN}`"
|
||||
|
||||
# SSH routing, can't route based on host so anything to port 222 will come to this container
|
||||
- "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
|
||||
- "traefik.tcp.routers.gitea-ssh.entrypoints=ssh"
|
||||
- "traefik.tcp.routers.gitea-ssh.service=gitea-ssh-svc"
|
||||
- "traefik.tcp.services.gitea-ssh-svc.loadbalancer.gitea.port=22"
|
||||
|
||||
gitea_db:
|
||||
image: mysql:latest
|
||||
container_name: ${INFRASTRUCTURE_LABEL:-mindboost}-gitea_db
|
||||
profiles: ["all", "gitea","develop"]
|
||||
restart: always
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=${GITEA_MYSQL_ROOT_PASSWORD}
|
||||
- MYSQL_DATABASE=${GITEA_MYSQL_DATABASE}
|
||||
- MYSQL_USER=${GITEA_MYSQL_USER}
|
||||
- MYSQL_PASSWORD=${GITEA_MYSQL_PASSWORD}
|
||||
volumes:
|
||||
- ${GITEA_DATABASE_VOLUME_PATH}:/var/lib/mysql
|
||||
|
||||
networks:
|
||||
gitea:
|
||||
|
||||
@@ -1,40 +0,0 @@
|
||||
### Jenkins (./apps/frontend/docker-compose.yml)
|
||||
services:
|
||||
jenkins:
|
||||
image: jenkins/jenkins:lts
|
||||
container_name: jenkins
|
||||
ports:
|
||||
- "50000:50000" # Jenkins Agent Port
|
||||
volumes:
|
||||
- ../../../volumes/develop/jenkins:/var/jenkins_home
|
||||
- ./plugins.yml:/usr/share/jenkins/ref/plugins.yml
|
||||
depends_on:
|
||||
- jenkins-plugins
|
||||
environment:
|
||||
- JAVA_OPTS=-Djenkins.install.runSetupWizard=false
|
||||
networks:
|
||||
- proxy
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.jenkins.rule=Host(`j.haslach2025.de`)"
|
||||
- "traefik.http.routers.jenkins.entrypoints=websecure"
|
||||
- "traefik.http.routers.jenkins.tls=true"
|
||||
- "traefik.http.routers.jenkins.tls.certresolver=http_resolver"
|
||||
- "traefik.http.services.jenkins.loadbalancer.server.port=8080" # interner Port von Jenkins
|
||||
- "traefik.docker.network=proxy"
|
||||
|
||||
jenkins-plugins:
|
||||
image: jenkins/jenkins:lts-jdk17
|
||||
command: >
|
||||
jenkins-plugin-cli -f /usr/share/jenkins/ref/plugins.yml --available-updates --output txt > /usr/share/jenkins/ref/plugins.yml
|
||||
volumes:
|
||||
- ./plugins.yml:/usr/share/jenkins/ref/plugins.yml
|
||||
restart: "no"
|
||||
|
||||
volumes:
|
||||
jenkins_home:
|
||||
driver: local
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
||||
@@ -1,50 +0,0 @@
|
||||
##
|
||||
## ONE SCRIPT TO RULE THEM ALL
|
||||
##
|
||||
## Dieses Compose-File startet alle verfügbaren Services, abhängig von dem angegebenen ENVIRONMENT.
|
||||
|
||||
## Um diese Konfiguration zu verwenden, kannst du folgende Befehle nutzen:
|
||||
## Um alle Services zu starten:
|
||||
## docker compose -f docker-compose.all.yml --env-file ../env/.env.all --profile all up -d
|
||||
|
||||
## Um nur bestimmte Services zu starten (z.B. frontend und backend):
|
||||
## docker compose -f docker-compose.all.yml --env-file ../env/.env.all --profile frontend --profile backend up -d
|
||||
|
||||
##
|
||||
## Stellen Sie sicher, dass die .env.all Datei im angegebenen Verzeichnis existiert und den ENVIRONMENT Wert enthält.
|
||||
##
|
||||
|
||||
configs:
|
||||
all:
|
||||
file: ../env/.env.all
|
||||
include:
|
||||
- path: ./proxy/docker-compose.yml
|
||||
env_file:
|
||||
- ../env/.env.all
|
||||
- ../env/${ENVIRONMENT:-development}/.env.proxy
|
||||
- path: ./frontend/docker-compose.yml
|
||||
env_file:
|
||||
- ../env/.env.all
|
||||
- ../env/${ENVIRONMENT:-development}/.env.frontend
|
||||
- path: ./backend/docker-compose.yml
|
||||
- path: ./database/docker-compose.yml
|
||||
- path: ./website/docker-compose.yml
|
||||
env_file:
|
||||
- ../env/.env.all
|
||||
- ../env/${ENVIRONMENT:-development}/.env.website
|
||||
- ../env/${ENVIRONMENT:-development}/.env.proxy
|
||||
- path: ./administration/docker-compose.yml
|
||||
env_file:
|
||||
- ../env/.env.all
|
||||
- ../env/${ENVIRONMENT:-development}/.env.administration
|
||||
- ../env/${ENVIRONMENT:-development}/.env.proxy
|
||||
- path: ./develop/docker-compose.yml
|
||||
env_file:
|
||||
- ../env/.env.all
|
||||
- ../env/${ENVIRONMENT:-development}/.env.develop
|
||||
- ../env/${ENVIRONMENT:-development}/.env.proxy
|
||||
- path: ./tools/docker-compose.yml
|
||||
env_file:
|
||||
- ../env/.env.all
|
||||
- ../env/${ENVIRONMENT:-development}/.env.tools
|
||||
- ../env/${ENVIRONMENT:-development}/.env.proxy
|
||||
@@ -1,30 +0,0 @@
|
||||
services:
|
||||
wireguard:
|
||||
image: linuxserver/wireguard
|
||||
container_name: wireguard
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
- SYS_MODULE
|
||||
environment:
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Berlin
|
||||
- SERVERURL=${SERVER_IP:?"❌ ERROR = SERVERURL is not set. Run set-server-ip.sh first."}
|
||||
- SERVERPORT=51820
|
||||
- PEERS=3 # Number of VPN clients to generate
|
||||
- PEERDNS=auto
|
||||
- INTERNAL_SUBNET=22.22.22.0
|
||||
volumes:
|
||||
- ../../volumes/security/wireguard/config:/config
|
||||
- /lib/modules:/lib/modules
|
||||
ports:
|
||||
- "51820:51820/udp"
|
||||
sysctls:
|
||||
- net.ipv4.conf.all.src_valid_mark=1
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- wireguard_network
|
||||
|
||||
networks:
|
||||
wireguard_network:
|
||||
driver: bridge
|
||||
@@ -1,50 +0,0 @@
|
||||
volumes:
|
||||
etc_wireguard:
|
||||
|
||||
services:
|
||||
wg-easy:
|
||||
environment:
|
||||
# Change Language:
|
||||
# (Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi, ja, si)
|
||||
- LANG=${WG_LANG:-de}
|
||||
# ⚠️ Required:
|
||||
# Change this to your host's public address
|
||||
- WG_HOST=${SERVER_IP:-localhost}
|
||||
|
||||
# Optional:
|
||||
# - PASSWORD_HASH=$$2y$$10$$hBCoykrB95WSzuV4fafBzOHWKu9sbyVa34GJr8VV5R/pIelfEMYyG # (needs double $$, hash of 'foobar123'; see "How_to_generate_an_bcrypt_hash.md" for generate the hash)
|
||||
# - PORT=51821
|
||||
# - WG_PORT=51820
|
||||
# - WG_CONFIG_PORT=92820
|
||||
- WG_DEFAULT_ADDRESS=${WG_DEFAULT_ADDRESS:-22.22.22.0}
|
||||
# - WG_DEFAULT_DNS=1.1.1.1
|
||||
# - WG_MTU=1420
|
||||
# - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24
|
||||
# - WG_PERSISTENT_KEEPALIVE=25
|
||||
# - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
|
||||
# - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
|
||||
# - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
|
||||
# - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
|
||||
# - UI_TRAFFIC_STATS=true
|
||||
# - UI_CHART_TYPE=0 # (0 Charts disabled, 1 # Line chart, 2 # Area chart, 3 # Bar chart)
|
||||
# - WG_ENABLE_ONE_TIME_LINKS=true
|
||||
# - UI_ENABLE_SORT_CLIENTS=true
|
||||
# - WG_ENABLE_EXPIRES_TIME=true
|
||||
# - ENABLE_PROMETHEUS_METRICS=false
|
||||
# - PROMETHEUS_METRICS_PASSWORD=$$2a$$12$$vkvKpeEAHD78gasyawIod.1leBMKg8sBwKW.pQyNsq78bXV3INf2G # (needs double $$, hash of 'prometheus_password'; see "How_to_generate_an_bcrypt_hash.md" for generate the hash)
|
||||
|
||||
image: ghcr.io/wg-easy/wg-easy
|
||||
container_name: wg-easy
|
||||
volumes:
|
||||
- ../../volumes/wireguardeasy/:/etc/wireguard
|
||||
ports:
|
||||
- "51820:51820/udp"
|
||||
- "51821:51821/tcp"
|
||||
restart: unless-stopped
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
- SYS_MODULE
|
||||
# - NET_RAW # ⚠️ Uncomment if using Podman
|
||||
sysctls:
|
||||
- net.ipv4.ip_forward=1
|
||||
- net.ipv4.conf.all.src_valid_mark=1
|
||||
@@ -1,2 +0,0 @@
|
||||
#!/bin/bash
|
||||
export SERVER_IP=$(curl -s https://api.ipify.org)
|
||||
@@ -1,11 +0,0 @@
|
||||
### Tools (./apps/tools/docker-compose.yml)
|
||||
# - [ ] Create services for Nextcloud, LimeSurvey, and LinkStack
|
||||
# - [ ] Configure volumes for persistent storage of files, survey data, and link management data
|
||||
# - [ ] Set up environment variables using the new structure (../../env/${ENVIRONMENT:-development}/tools.env)
|
||||
# - [ ] Configure networking to expose these services to the internet via the proxy
|
||||
# - [ ] Set up regular backup jobs for critical data in these services
|
||||
|
||||
include:
|
||||
- path: ./nextcloud/docker-compose.yml
|
||||
- path: ./limesurvey/docker-compose.yml
|
||||
- path: ./invoiceninja/dockerfiles/debian/docker-compose.yml
|
||||
@@ -1,59 +0,0 @@
|
||||
services:
|
||||
nextcloud-db:
|
||||
image: mariadb:10.6
|
||||
container_name: ${INFRASTRUCTURE_LABEL:-default}-nextcloud-db-${ENVIRONMENT:-development}
|
||||
profiles: ["all", "tools", "nextcloud"]
|
||||
command: --transaction-isolation=READ-COMMITTED --innodb_read_only_compressed=OFF
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- ../../volumes/tools/${INFRASTRUCTURE_LABEL:-default}_cloud/database:/var/lib/mysql
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=headpiece-constant1-denim-mindboost #SQL root Passwort eingeben
|
||||
- MYSQL_PASSWORD=idealist9-frayed-murkiness-mindboost #SQL Benutzer Passwort eingeben
|
||||
- MYSQL_DATABASE=nextcloud-mindboost #Datenbank Name
|
||||
- MYSQL_USER=mindboostcloud #SQL Nutzername
|
||||
- MYSQL_INITDB_SKIP_TZINFO=1
|
||||
- MARIADB_AUTO_UPGRADE=1
|
||||
nextcloud-redis:
|
||||
image: redis:alpine
|
||||
container_name: ${INFRASTRUCTURE_LABEL:-default}-nextcloud-redis-${ENVIRONMENT:-development}
|
||||
profiles: ["all", "tools", "nextcloud"]
|
||||
hostname: nextcloud-redis
|
||||
restart: unless-stopped
|
||||
command: redis-server --requirepass redis-mindboost-passwort # Redis Passwort eingeben
|
||||
cloud:
|
||||
image: nextcloud
|
||||
container_name: ${INFRASTRUCTURE_LABEL:-default}-nextcloud-app-${ENVIRONMENT:-development}
|
||||
profiles: ["all", "tools", "nextcloud"]
|
||||
restart: unless-stopped
|
||||
depends_on:
|
||||
- nextcloud-db
|
||||
- nextcloud-redis
|
||||
environment:
|
||||
TRUSTED_PROXIES: 172.16.255.254/16
|
||||
OVERWRITEPROTOCOL: https
|
||||
OVERWRITECLIURL: https://${CLOUD_DOMAIN:-cloud}
|
||||
OVERWRITEHOST: ${CLOUD_DOMAIN:-cloud}
|
||||
REDIS_HOST: nextcloud-redis
|
||||
REDIS_HOST_PASSWORD: redis-mindboost-passwort # Redis Passwort von oben wieder eingeben
|
||||
volumes:
|
||||
- ../../volumes/tools/${INFRASTRUCTURE_LABEL:-default}_cloudapp/:/var/www/html/data
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.entrypoints=websecure"
|
||||
- "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.rule=Host(`${CLOUD_DOMAIN}`)"
|
||||
- "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.tls=true"
|
||||
- "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.tls.certresolver=http_resolver"
|
||||
- 'traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.service=cloud'
|
||||
- "traefik.http.services.cloud.loadbalancer.server.port=80"
|
||||
- "traefik.docker.network=${TRAEFIK_NETWORK:-default}"
|
||||
- "traefik.http.routers.${INFRASTRUCTURE_LABEL:-default}_cloud.middlewares=nextcloud-dav,default@file"
|
||||
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
|
||||
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/"
|
||||
networks:
|
||||
- ${TRAEFIK_NETWORK}
|
||||
networks:
|
||||
nextcloud:
|
||||
name: ${INFRASTRUCTURE_LABEL:-default}_nextcloud
|
||||
@@ -1,32 +0,0 @@
|
||||
services:
|
||||
kirbycms:
|
||||
build:
|
||||
context: ./kirby
|
||||
dockerfile: Dockerfile
|
||||
image: kirbycms
|
||||
container_name: ${INFRASTRUCTURE_LABEL:-default}-kirbycms-${ENVIRONMENT:-development}
|
||||
profiles: ["website","kirbycms","all"]
|
||||
volumes:
|
||||
- kirbycms_data:/var/www/html:rw # Persistente Daten
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- 0:80
|
||||
networks:
|
||||
- ${TRAEFIK_NETWORK:-default}
|
||||
labels:
|
||||
- "traefik.enable=${TRAEFIK_ENABLE:-false}"
|
||||
- "traefik.docker.network=${TRAEFIK_NETWORK:-default}"
|
||||
- "traefik.http.routers.kirbycms.service=kirbycms"
|
||||
- "traefik.http.routers.kirbycms.tls.certresolver=${TRAEFIK_CERT_RESOLVER:-default}"
|
||||
- "traefik.http.routers.kirbycms.tls.domains[0].main=`${WEBSITE_DOMAIN:-kirby.local}`"
|
||||
- "traefik.http.routers.kirbycms.rule=Host(`${WEBSITE_DOMAIN:-kirby.local}`)"
|
||||
- "traefik.http.routers.kirbycms.entrypoints=${TRAEFIK_ENTRYPOINT:-default}"
|
||||
- "traefik.http.routers.kirbycms.tls=true"
|
||||
- "traefik.http.services.kirbycms.loadbalancer.server.port=80"
|
||||
volumes:
|
||||
kirbycms_data:
|
||||
driver: local
|
||||
driver_opts:
|
||||
type: none
|
||||
o: bind
|
||||
device: /mnt/docker-volumes/website/kirbycms # Neuer fester Speicherort
|
||||
@@ -1,49 +0,0 @@
|
||||
# Use latest offical ubuntu image
|
||||
FROM ubuntu:latest
|
||||
|
||||
# Set timezone
|
||||
ENV TZ=Europe/Berlin
|
||||
|
||||
# Set geographic area using above variable
|
||||
# This is necessary, otherwise building the image doesn't work
|
||||
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
|
||||
|
||||
# Remove annoying messages during package installation
|
||||
ARG DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
# Install packages: web server & PHP plus extensions
|
||||
RUN apt-get update && apt-get install -y \
|
||||
apache2 \
|
||||
apache2-utils \
|
||||
ca-certificates \
|
||||
php \
|
||||
libapache2-mod-php \
|
||||
php-curl \
|
||||
php-dom \
|
||||
php-gd \
|
||||
php-intl \
|
||||
php-json \
|
||||
php-mbstring \
|
||||
php-xml \
|
||||
php-zip && \
|
||||
apt-get clean && rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Copy virtual host configuration from current path onto existing 000-default.conf
|
||||
COPY default.conf /etc/apache2/sites-available/000-default.conf
|
||||
|
||||
# Remove default content (existing index.html)
|
||||
RUN rm /var/www/html/*
|
||||
|
||||
# Activate Apache modules headers & rewrite
|
||||
RUN a2enmod headers rewrite
|
||||
|
||||
# Ensure Group Ownership for www-data every member of kirbygroup should edit files
|
||||
RUN groupadd -g 1003 kirbygroup && usermod -aG kirbygroup www-data
|
||||
RUN chown -R www-data:kirbygroup /var/www/html
|
||||
RUN chmod -R g+rw /var/www/html && find /var/www/html -type d -exec chmod g+xs {} \;
|
||||
|
||||
# Tell container to listen to port 80 at runtime
|
||||
EXPOSE 80
|
||||
|
||||
# Start Apache web server
|
||||
CMD [ "/usr/sbin/apache2ctl", "-DFOREGROUND" ]
|
||||
@@ -1,9 +0,0 @@
|
||||
<VirtualHost *:80>
|
||||
ServerName localhost
|
||||
# Set the document root
|
||||
DocumentRoot "/var/www/html"
|
||||
<Directory "/var/www/html">
|
||||
# Allow overriding the default configuration via `.htaccess`
|
||||
AllowOverride All
|
||||
</Directory>
|
||||
</VirtualHost>
|
||||
@@ -1,7 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e -u
|
||||
|
||||
[[ $USERID ]] && usermod --uid "${USERID}" www-data
|
||||
|
||||
exec "$@"
|
||||
@@ -1 +0,0 @@
|
||||
USERID=${USERID:-0}
|
||||
Reference in New Issue
Block a user