diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..1bb0a7c --- /dev/null +++ b/Makefile @@ -0,0 +1,54 @@ +MODULES = traefik code-server covid19 gitea grafana homepage jenkins minecraft monica nordvpn photoprism plex portainer +DOCKER_COMPOSE_DOWN = docker-compose down +DOCKER_PRUNE = docker system prune -f +DOCKER_COMPOSE_UP = docker-compose up -d +DOCKER_COMPOSE_BUILD = docker-compose build +DOCKER_START = $(DOCKER_COMPOSE_DOWN) && $(DOCKER_PRUNE) && $(DOCKER_COMPOSE_UP) +DOCKER_BUILD = $(DOCKER_COMPOSE_DOWN) && $(DOCKER_PRUNE) && $(DOCKER_COMPOSE_BUILD) && $(DOCKER_COMPOSE_UP) +DOCKER_NETWORK_CREATE = docker network create + +.PHONY: $(MODULES) + +all: $(MODULES) + +code-server: + cd code-server && $(DOCKER_BUILD) + +covid19: + cd covid19/covidapp-repo && docker build --tag="kr/covidapp" . + cd covid19 && $(DOCKER_START) + @echo "Setup complete, see README.md for instructions on seeding database." + +gitea: + cd gitea && $(DOCKER_BUILD) + +grafana: minecraft + cd grafana && $(DOCKER_COMPOSE_BUILD) && $(DOCKER_COMPOSE_UP) + +homepage: + cd homepage && $(DOCKER_BUILD) + +jenkins: + cd jenkins && $(DOCKER_BUILD) + +minecraft: + cd minecraft && $(DOCKER_NETWORK_CREATE) grafana_grafana-network && $(DOCKER_COMPOSE_UP) + +monica: + cd monica && $(DOCKER_BUILD) + +nordvpn: + cd nordvpn && $(DOCKER_BUILD) + +photoprism: + cd photoprism && $(DOCKER_BUILD) + +plex: + cd plex && $(DOCKER_BUILD) + +portainer: + cd portainer && $(DOCKER_BUILD) + +traefik: + cd traefik && $(DOCKER_NETWORK_CREATE) traefik_traefik-network && $(DOCKER_COMPOSE_UP) + diff --git a/code-server/.gitignore b/code-server/.gitignore new file mode 100644 index 0000000..1120be9 --- /dev/null +++ b/code-server/.gitignore @@ -0,0 +1 @@ +docker-compose.yml diff --git a/code-server/docker-compose.yml b/code-server/docker-compose.yml.blanked similarity index 68% rename from code-server/docker-compose.yml rename to code-server/docker-compose.yml.blanked index 5f14a94..4aae698 100644 --- a/code-server/docker-compose.yml +++ b/code-server/docker-compose.yml.blanked @@ -1,7 +1,7 @@ version: '3.7' networks: - traefik_traefik-network: + [TRAEFIK_NETWORK]: external: true services: @@ -10,7 +10,7 @@ services: container_name: code-server restart: unless-stopped networks: - - traefik_traefik-network + - [TRAEFIK_NETWORK] volumes: - /pwspool/software/code-server/config:/config ports: @@ -19,14 +19,14 @@ services: - PUID=1000 - PGID=1000 - TZ=Etc/UTC - - PASSWORD=jakenotes - #- HASHED_PASSWORD=TODO - - SUDO_PASSWORD=jakenotes - #- SUDO_PASSWORD_HASH=TODO - - PROXY_DOMAIN=code.whitney.rip + - PASSWORD=[PASS] + #- HASHED_PASSWORD=[PASS_HASH] + - SUDO_PASSWORD=[SUDO_PASS] + #- SUDO_PASSWORD_HASH=[SUDO_PASS_HASH] + - PROXY_DOMAIN=[SUBDOMAIN_URL] - DEFAULT_WORKSPACE=/config/workspace labels: - - traefik.http.routers.code.rule=Host(`code.whitney.rip`) + - traefik.http.routers.code.rule=Host(`[SUBDOMAIN_URL]`) - traefik.http.routers.code.tls=true - traefik.http.routers.code.tls.certresolver=lets-encrypt - traefik.http.services.code.loadbalancer.server.port=8443 diff --git a/covid19/docker-compose.yml.blanked b/covid19/docker-compose.yml.blanked index b6d7d0a..d8ec776 100644 --- a/covid19/docker-compose.yml.blanked +++ b/covid19/docker-compose.yml.blanked @@ -3,21 +3,22 @@ version: "3" networks: covidapp-network: driver: bridge - traefik_traefik-network: + [TRAEFIK_NETWORK]: external: true services: covid_app: image: kr/covidapp - restart: always + container_name: covidapp + restart: unless-stopped networks: - covidapp-network - - traefik_traefik-network + - [TRAEFIK_NETWORK] build: . depends_on: - mysql labels: - - traefik.http.routers.covidapp.rule=Host(`[[SITE_URL]]`) + - traefik.http.routers.covidapp.rule=Host(`[SUBDOMAIN_URL]`) - traefik.http.routers.covidapp.tls=true - traefik.http.routers.covidapp.tls.certresolver=lets-encrypt - traefik.http.services.covidapp.loadbalancer.server.port=1337 @@ -26,15 +27,15 @@ services: mysql: image: mysql/mysql-server:latest container_name: mysql_covidapp - restart: always + restart: unless-stopped environment: - MYSQL_ROOT_PASSWORD: '[[MYSQL_ROOT_PASSWORD]]' + MYSQL_ROOT_PASSWORD: '[MYSQL_ROOT_PASS]' command: mysqld --sql_mode="" --character-set-server=utf8mb4 --init-connect='SET NAMES UTF8;' --innodb-flush-log-at-trx-commit=0 - ports: - - "[[HOST_PORT]]:3306" volumes: - /pwspool/software/covid19/mysql:/var/lib/mysql - ./schema:/docker-entrypoint-initdb.d/:ro networks: - covidapp-network + labels: + - traefik.enable=false diff --git a/gitea/docker-compose.yml.blanked b/gitea/docker-compose.yml.blanked index c7da304..382842b 100644 --- a/gitea/docker-compose.yml.blanked +++ b/gitea/docker-compose.yml.blanked @@ -3,33 +3,35 @@ version: "3" networks: gitea_network: external: false - traefik_traefik-network: + [TRAEFIK_NETWORK]: external: true services: server: image: gitea/gitea:latest container_name: gitea + restart: unless-stopped depends_on: - database environment: - - USER_UID=[[USER_ID]] - - USER_GID=[[USER_ID]] + - USER_UID=1001 + - USER_GID=1001 + - DOMAIN=[SUBDOMAIN_URL] + - PROTOCOL=http - GITEA__database__DB_TYPE=postgres - GITEA__database__HOST=database:5432 - - GITEA__database__NAME=[[DATABASE_NAME]] - - GITEA__database__USER=[[DATABASE_USER]] - - GITEA__database__PASSWD=[[DATABASE_PASSWD]] - restart: always + - GITEA__database__NAME=[GITEA_DB_NAME] + - GITEA__database__USER=[GITEA_DB_USER] + - GITEA__database__PASSWD=[GITEA_DB_PASS] networks: - gitea_network - - traefik_traefik-network + - [TRAEFIK_NETWORK] volumes: - /pwspool/software/gitea/gitea:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro labels: - - traefik.http.routers.gitea.rule=Host(`[[SITE_URL]]`) + - traefik.http.routers.gitea.rule=Host(`[SUBDOMAIN_URL]`) - traefik.http.routers.gitea.tls=true - traefik.http.routers.gitea.tls.certresolver=lets-encrypt - traefik.http.services.gitea.loadbalancer.server.port=3000 @@ -37,13 +39,15 @@ services: database: image: postgres:14 - restart: always networks: - gitea_network + restart: unless-stopped environment: - - POSTGRES_USER=[[DATABASE_USER]] - - POSTGRES_PASSWORD=[[DATABASE_PASSWD]] - - POSTGRES_DB=[[DATABASE_NAME]] + - POSTGRES_USER=[GITEA_DB_USER] + - POSTGRES_PASSWORD=[GITEA_DB_PASS] + - POSTGRES_DB=[GITEA_DB_NAME] volumes: - /pwspool/software/gitea/database:/var/lib/postgresql/data + labels: + - traefik.enable=false diff --git a/grafana/docker-compose.yml.blanked b/grafana/docker-compose.yml.blanked index 42b3df5..7d6b116 100644 --- a/grafana/docker-compose.yml.blanked +++ b/grafana/docker-compose.yml.blanked @@ -3,29 +3,28 @@ version: "3" networks: grafana-network: driver: bridge - traefik_traefik-network: + [TRAEFIK_NETWORK]: external: true - minecraft_minecraft_network: + [MINECRAFT_NETWORK]: external: true volumes: - grafana_data: {} prometheus_data: {} services: grafana: image: grafana/grafana - user: "[[USER_ID]]" + user: "[USER_ID]" container_name: grafana - restart: always + restart: unless-stopped networks: - grafana-network - - traefik_traefik-network + - [TRAEFIK_NETWORK] volumes: - ./olomana.ini:/etc/grafana/grafana.ini - /pwspool/software/grafana:/var/lib/grafana labels: - - traefik.http.routers.grafana.rule=Host(`[[SITE_URL]]`) + - traefik.http.routers.grafana.rule=Host(`[SUBDOMAIN_URL]`) - traefik.http.routers.grafana.tls=true - traefik.http.routers.grafana.tls.certresolver=lets-encrypt - traefik.http.services.grafana.loadbalancer.server.port=3000 @@ -37,8 +36,8 @@ services: node_exporter: image: quay.io/prometheus/node-exporter:latest container_name: node_exporter - user: "[[USER_ID]]:[[GROUP_ID]]" - restart: always + user: "[USER_ID]:[GROUP_ID]" + restart: unless-stopped networks: - grafana-network pid: host @@ -55,7 +54,7 @@ services: restart: always networks: - grafana-network - - minecraft_minecraft_network + - [MINECRAFT_NETWORK] volumes: - "./prometheus.yml:/etc/prometheus.yml" - prometheus_data:/prometheus diff --git a/homepage/docker-compose.yml.blanked b/homepage/docker-compose.yml.blanked index 7c43b6d..016c920 100644 --- a/homepage/docker-compose.yml.blanked +++ b/homepage/docker-compose.yml.blanked @@ -1,18 +1,19 @@ version: '3' networks: - [[TRAEFIK_NETWORK]]: + [TRAEFIK_NETWORK]: external: true services: web: image: homepage + restart: unless-stopped networks: - - [[TRAEFIK_NETWORK]] + - [TRAEFIK_NETWORK] build: . labels: - - traefik.http.routers.homepage.rule=Host(`[[SITE_URL]]`) + - traefik.http.routers.homepage.rule=Host(`[SUBDOMAIN_URL]`) - traefik.http.routers.homepage.tls=true - traefik.http.routers.homepage.tls.certresolver=lets-encrypt - traefik.http.services.homepage.loadbalancer.server.port=[[NGINX_INTERNAL_PORT]] - - traefik.port=[[NGINX_INTERNAL_PORT]] \ No newline at end of file + - traefik.port=[[NGINX_INTERNAL_PORT]] diff --git a/jenkins/docker-compose.yml.blanked b/jenkins/docker-compose.yml.blanked index a71fd06..a2e3043 100644 --- a/jenkins/docker-compose.yml.blanked +++ b/jenkins/docker-compose.yml.blanked @@ -1,24 +1,24 @@ version: '3.7' networks: - traefik_traefik-network: + TRAEFIK_NETWORK: external: true services: jenkins: image: jenkins/jenkins:lts container_name: jenkins - restart: always + restart: unless-stopped networks: - - traefik_traefik-network + - [TRAEFIK_NETWORK] privileged: true - user: [[USER]] + user: root volumes: - /pwspool/software/jenkins:/var/jenkins_home - /var/run/docker.sock:/var/run/docker.sock - /usr/local/bin/docker:/usr/local/bin/docker labels: - - traefik.http.routers.jenkins.rule=Host(`[[SITE_URL]]`) + - traefik.http.routers.jenkins.rule=Host(`[SUBDOMAIN_URL]`) - traefik.http.routers.jenkins.tls=true - traefik.http.routers.jenkins.tls.certresolver=lets-encrypt - traefik.http.services.jenkins.loadbalancer.server.port=8080 diff --git a/minecraft/docker-compose.yml.blanked b/minecraft/docker-compose.yml.blanked index 81ba693..9bea528 100644 --- a/minecraft/docker-compose.yml.blanked +++ b/minecraft/docker-compose.yml.blanked @@ -1,30 +1,30 @@ version: "3" networks: - minecraft_network: + [MINECRAFT_NETWORK]: driver: bridge - grafana_grafana-network: + [GRAFANA_NETWORK]: external: true - traefik_traefik-network: + [TRAEFIK_NETWORK]: external: true services: minecraft_creative: image: itzg/minecraft-server:latest container_name: minecraft_creative - restart: always + restart: unless-stopped networks: - - grafana_grafana-network - - minecraft_network + - [GRAFANA_NETWORK] + - [MINECRAFT_NETWORK] ports: - - "[[HOST_PORT_1]]:25565" - - "[[METRICS_HOST_PORT_1]]:9225" + - "[SERVER_PORT_1]:25565" + - "[PROMETHEUS_PORT_1]:9225" volumes: - /pwspool/games/minecraft/minecraft_creative:/data environment: - TYPE=PAPER - MEMORY=2G - - VERSION=1.19.2 + - VERSION=1.20.2 - EULA=TRUE - SERVER_NAME=minecraft_creative - MODE=creative @@ -37,19 +37,20 @@ services: - PVP=false - LEVEL_TYPE=FLAT - ALLOW_FLIGHT=true - + labels: + - traefik.enable=false + minecraft_2023: image: itzg/minecraft-server:latest container_name: minecraft_2023 - restart: always networks: - - traefik_traefik-network - - grafana_grafana-network - - minecraft_network + - [TRAEFIK_NETWORK] + - [GRAFANA_NETWORK] + - [MINECRAFT_NETWORK] ports: - - "[[HOST_PORT_2]]:25565" - - "[[METRICS_HOST_PORT_2]]:9225" - - "[[DYNMAP_PORT]]:8123" + - "[SERVER_PORT_2]:25565" + - "[PROMETHEUS_PORT_2]:9225" + - "[DYNMAP_PORT_2]:8123" volumes: - /pwspool/games/minecraft/minecraft_2023:/data environment: @@ -67,26 +68,25 @@ services: - MOTD="\u00A77Pinnerland, powered by \u00A75P\u00A79W\u00A75S\u00A77\!" - ALLOW_FLIGHT=false labels: - - traefik.http.routers.minemap.rule=Host(`[[MINEMAP_URL]]`) + - traefik.http.routers.minemap.rule=Host(`[MINEMAP_SUBDOMAIN_URL]`) - traefik.http.routers.minemap.tls=true - traefik.http.routers.minemap.tls.certresolver=lets-encrypt - traefik.http.services.minemap.loadbalancer.server.port=8123 - - traefik.port=[[HOST_PORT_2]] + - traefik.port=8123 minecraft_skyblock: image: itzg/minecraft-server:latest container_name: minecraft_skyblock - restart: always networks: - minecraft_network ports: - - "[[HOST_PORT_3]]:25565" + - "[SERVER_PORT_3]:25565" volumes: - /pwspool/games/minecraft/minecraft_skyblock:/data environment: - TYPE=PAPER - MEMORY=4G - - VERSION=1.20.1 + - VERSION=1.20.2 - EULA=TRUE - SERVER_NAME=minecraft_skyblock - MODE=survival @@ -94,22 +94,27 @@ services: - OPS=RicecakeSMS,pZ_aeriaL - ICON=https://i.imgur.com/sqjZGql.png - MOTD="\u00A77Skyblock, powered by \u00A75P\u00A79W\u00A75S\u00A77\!" + labels: + - traefik.enable=false minecraft_2023_metrics: image: joshi425/minecraft_exporter:latest container_name: minecraft_2023_metrics - restart: always networks: - minecraft_network ports: - - 2565:2565 + - [SEVER_PORT_4]:2565 volumes: - /pwspool/games/minecraft/minecraft_2023/world:/world environment: - RCON_HOST=127.0.0.1 - - RCON_PORT=[[HOST_PORT_2]] - - HTTP_PORT=2565 + - RCON_PORT=25565 + - HTTP_PORT=[SERVER_PORT_4] - FORGE_SERVER="False" - PAPER_SERVER="True" - DYNMAP_ENABLED="True" + labels: + - traefik.enable=false + + diff --git a/monica/docker-compose.yml.blanked b/monica/docker-compose.yml.blanked index dc6989e..e9f0f03 100644 --- a/monica/docker-compose.yml.blanked +++ b/monica/docker-compose.yml.blanked @@ -1,42 +1,44 @@ version: "3" networks: - traefik_traefik-network: + [TRAEFIK_NETWORK]: external: true services: app: image: monica:latest + container_name: monica + restart: unless-stopped depends_on: - db ports: - - [[HOST_PORT]]:80 + - [SERVER_PORT]:80 networks: - - traefik_traefik-network + - [TRAEFIK_NETWORK] environment: - - APP_KEY=[[APP_KEY]] - - DB_HOST=[[DATABASE_HOST]] - - DB_USERNAME=[[DATABASE_USERNAME]] - - DB_PASSWORD=[[DATABASE_PASSWORD]] + - APP_KEY=[APP_KEY] + - DB_HOST=[DATABASE_HOST] + - DB_USERNAME=[DATABASE_USER] + - DB_PASSWORD=[DATABASE_PASS] - APP_ENV=production - APP_DEBUG=false volumes: - /pwspool/software/monica/app:/var/www/html/storage restart: always labels: - - traefik.http.routers.monica.rule=Host(`[[SITE_URL]]`) + - traefik.http.routers.monica.rule=Host(`[SUBDOMAIN_URL]`) - traefik.http.routers.monica.tls=true - traefik.http.routers.monica.tls.certresolver=lets-encrypt - traefik.http.services.monica.loadbalancer.server.port=80 - - traefik.port=[[HOST_PORT]] + - traefik.port=[HOST_PORT] db: image: mysql:5.7 environment: - MYSQL_RANDOM_ROOT_PASSWORD=true - - MYSQL_DATABASE=[[DATABASE_HOST]] - - MYSQL_USER=[[DATABASE_USERNAME]] - - MYSQL_PASSWORD=[[DATABASE_PASSWORD]] + - MYSQL_DATABASE=[DATABASE_HOST] + - MYSQL_USER=[DATABASE_USERNAME] + - MYSQL_PASSWORD=[DATABASE_PASSWORD] volumes: - /pwspool/software/monica/db:/var/lib/mysql restart: always diff --git a/nordvpn/docker-compose.yml.blanked b/nordvpn/docker-compose.yml.blanked index 70a4a8e..d5854b8 100644 --- a/nordvpn/docker-compose.yml.blanked +++ b/nordvpn/docker-compose.yml.blanked @@ -4,26 +4,26 @@ services: nordlynx: image: ghcr.io/bubuntux/nordlynx container_name: nordlynx + restart: unless-stopped cap_add: - NET_ADMIN environment: - - PRIVATE_KEY=[[PRIVATE_KEY]] + - PRIVATE_KEY=[PRIVATE_KEY] - NET_LOCAL=192.168.1.0/24 - TZ=America/Los_Angeles - QUERY=filters\[country_id\]=202 ports: - - "[[HOST_URL]]:8888" - restart: "unless-stopped" + - "[HOST_URL]:8888" labels: - traefik.enable=false qb: image: ghcr.io/linuxserver/qbittorrent:latest container_name: qb - restart: always + restart: unless-stopped network_mode: service:nordlynx environment: - - WEBUI_PORT=[[HOST_URL]] + - WEBUI_PORT=[HOST_URL] volumes: - /data/write/qb/appdata/config:/config - /data/write/qb/downloads:/downloads @@ -31,4 +31,3 @@ services: - nordlynx labels: - traefik.enable=false - diff --git a/photoprism/docker-compose.yml.blanked b/photoprism/docker-compose.yml.blanked index ff4bf8a..cebf90f 100644 --- a/photoprism/docker-compose.yml.blanked +++ b/photoprism/docker-compose.yml.blanked @@ -1,15 +1,16 @@ version: "3" networks: - traefik_traefik-network: + [TRAEFIK_NETWORK]: external: true services: photoprism-private: image: photoprism/photoprism - restart: always + container_name: photoprism-private + restart: unless-stopped networks: - - traefik_traefik-network + - [TRAEFIK_NETWORK] security_opt: - seccomp:unconfined - apparmor:unconfined @@ -39,9 +40,10 @@ services: photoprism-public: image: photoprism/photoprism - restart: always + container_name: photoprism-public + restart: unless-stopped networks: - - traefik_traefik-network + - [TRAEFIK_NETWORK] security_opt: - seccomp:unconfined - apparmor:unconfined diff --git a/plex/docker-compose.yml.blanked b/plex/docker-compose.yml.blanked index a786cb4..7d33c81 100644 --- a/plex/docker-compose.yml.blanked +++ b/plex/docker-compose.yml.blanked @@ -5,7 +5,7 @@ services: image: ghcr.io/linuxserver/plex:latest container_name: plex network_mode: host - restart: always + restart: unless-stopped environment: - PUID=[[USER_ID]] - PGID=[[GROUP_ID]] diff --git a/portainer/docker-compose.yml.blanked b/portainer/docker-compose.yml.blanked index d3fd9c6..3fd28fb 100644 --- a/portainer/docker-compose.yml.blanked +++ b/portainer/docker-compose.yml.blanked @@ -10,7 +10,7 @@ services: portainer: image: portainer/portainer-ce container_name: portainer - restart: always + restart: unless-stopped networks: - traefik_traefik-network ports: diff --git a/traefik/.gitignore b/traefik/.gitignore index fbba291..4f1c6c8 100644 --- a/traefik/.gitignore +++ b/traefik/.gitignore @@ -2,6 +2,7 @@ letsencrypt/ tmp/ backups/ acme.json +docker-compose.yml traefik.toml traefik-dynamic.toml diff --git a/traefik/docker-compose.yml.blanked b/traefik/docker-compose.yml.blanked new file mode 100644 index 0000000..e6b3d69 --- /dev/null +++ b/traefik/docker-compose.yml.blanked @@ -0,0 +1,22 @@ +version: "3" + +networks: + traefik-network: + +services: + traefik: + image: traefik:v2.9 + container_name: traefik + restart: unless-stopped + networks: + - traefik-network + ports: + - "80:80" + - "8080:8080" + - "443:443" + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + - ./traefik.toml:/etc/traefik/traefik.toml + - ./traefik-dynamic.toml:/etc/traefik/dynamic/traefik-dynamic.toml + - ./acme.json:/etc/acme.json +