Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 git
|
0f2c464392 | ||
|
git
|
b71cd3fcbb |
+11
@@ -3,6 +3,17 @@
|
|||||||
# allow git to enter directories
|
# allow git to enter directories
|
||||||
!*/
|
!*/
|
||||||
venv/
|
venv/
|
||||||
|
core/crowdsec/config
|
||||||
|
database
|
||||||
|
data
|
||||||
|
db
|
||||||
|
docs
|
||||||
|
examples
|
||||||
|
searx
|
||||||
|
tests
|
||||||
|
utils
|
||||||
|
stockfill
|
||||||
|
shift-recorder
|
||||||
# keep essential project files
|
# keep essential project files
|
||||||
!.gitignore
|
!.gitignore
|
||||||
!.gitattributes
|
!.gitattributes
|
||||||
|
|||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0000000000000000000000000000000000000000 8af5ca464225c888f5438a0fd226937e2ccabca4 Gitea <gitea@fake.local> 1757451832 +0000 fetch --prune --tags origin: storing head
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0000000000000000000000000000000000000000 bb76e891d59a88beeb4f5b233cbecfd94a8f0cae Gitea <gitea@fake.local> 1756461833 +0000 fetch --prune --tags origin: storing head
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0000000000000000000000000000000000000000 f5998826f6b9ed820f5a97a67ce11402e72fd2f3 Gitea <gitea@fake.local> 1756461833 +0000 fetch --prune --tags origin: storing head
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0000000000000000000000000000000000000000 791c61ee8129113a02d67ffa171ed48843cdf025 Gitea <gitea@fake.local> 1756815232 +0000 fetch --prune --tags origin: storing head
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0000000000000000000000000000000000000000 e76063242b47225e6614f17749b1bf2ba0b70ac9 Gitea <gitea@fake.local> 1757407432 +0000 fetch --prune --tags origin: storing head
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0000000000000000000000000000000000000000 1c93f2ab9ceef7601c5db93de0ddb057aef5b4b1 Gitea <gitea@fake.local> 1756433632 +0000 fetch --prune --tags origin: storing head
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0000000000000000000000000000000000000000 0404d47f0ba21269865f307f3fd53e746ff155a4 Gitea <gitea@fake.local> 1756436033 +0000 fetch --prune --tags origin: storing head
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0000000000000000000000000000000000000000 80111cd7579abc6319f5d357da060db8186babaf Gitea <gitea@fake.local> 1758786607 +0000 fetch --prune --tags origin: storing head
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0000000000000000000000000000000000000000 0fea5ebd8be8d93f95630bdc5cc9ecc0b0bbac43 Gitea <gitea@fake.local> 1756949032 +0000 fetch --prune --tags origin: storing head
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0000000000000000000000000000000000000000 7b87a0e2a6c03e5344da2fe6a391c1f1fb269b5c Gitea <gitea@fake.local> 1756851832 +0000 fetch --prune --tags origin: storing head
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0000000000000000000000000000000000000000 bde15e4b736be753b1272a3277f528d7eb75d371 Gitea <gitea@fake.local> 1756508033 +0000 fetch --prune --tags origin: storing head
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
8af5ca464225c888f5438a0fd226937e2ccabca4
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
bb76e891d59a88beeb4f5b233cbecfd94a8f0cae
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
f5998826f6b9ed820f5a97a67ce11402e72fd2f3
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
791c61ee8129113a02d67ffa171ed48843cdf025
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
e76063242b47225e6614f17749b1bf2ba0b70ac9
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
1c93f2ab9ceef7601c5db93de0ddb057aef5b4b1
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0404d47f0ba21269865f307f3fd53e746ff155a4
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
80111cd7579abc6319f5d357da060db8186babaf
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
0fea5ebd8be8d93f95630bdc5cc9ecc0b0bbac43
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
7b87a0e2a6c03e5344da2fe6a391c1f1fb269b5c
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
bde15e4b736be753b1272a3277f528d7eb75d371
|
||||||
@@ -1,5 +1,7 @@
|
|||||||
services:
|
services:
|
||||||
gitea:
|
gitea:
|
||||||
|
profiles: ["apps","all","gitea"]
|
||||||
|
container_name: gitea
|
||||||
image: gitea/gitea:latest # change to 1-rootless once find out how to move data.
|
image: gitea/gitea:latest # change to 1-rootless once find out how to move data.
|
||||||
restart: always
|
restart: always
|
||||||
environment:
|
environment:
|
||||||
@@ -8,37 +10,30 @@ services:
|
|||||||
- GITEA__database__DB_TYPE=sqlite3
|
- GITEA__database__DB_TYPE=sqlite3
|
||||||
- GITEA__server__ROOT_URL=https://gitea.lan.ddnsgeek.com/
|
- GITEA__server__ROOT_URL=https://gitea.lan.ddnsgeek.com/
|
||||||
volumes:
|
volumes:
|
||||||
- ./data:/data
|
- ${PROJECT_ROOT}/apps/gitea/data:/data
|
||||||
networks:
|
networks:
|
||||||
- traefik_reverse_proxy
|
- traefik
|
||||||
|
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
<<<<<<< HEAD
|
|
||||||
=======
|
|
||||||
# - "traefik.docker.network=proxy"
|
|
||||||
>>>>>>> d534f12f7412d036eb157e1463952b9e2b826b2d
|
|
||||||
- "traefik.http.routers.gitea.rule=Host(`gitea.lan.ddnsgeek.com`)"
|
- "traefik.http.routers.gitea.rule=Host(`gitea.lan.ddnsgeek.com`)"
|
||||||
- "traefik.http.routers.gitea.entrypoints=websecure"
|
- "traefik.http.routers.gitea.entrypoints=websecure"
|
||||||
- "traefik.http.routers.gitea.tls=true"
|
- "traefik.http.routers.gitea.tls=true"
|
||||||
- "traefik.http.routers.gitea.tls.certresolver=myresolver"
|
- "traefik.http.routers.gitea.tls.certresolver=myresolver"
|
||||||
- "traefik.http.services.gitea.loadbalancer.server.port=3000"
|
- "traefik.http.services.gitea.loadbalancer.server.port=3000"
|
||||||
- "io.portainer.accesscontrol.public"
|
- "io.portainer.accesscontrol.public"
|
||||||
<<<<<<< HEAD
|
- "traefik.docker.network=core_traefik"
|
||||||
healthcheck:
|
|
||||||
test: ["CMD-SHELL", "wget -qO- http://127.0.0.1:3000/api/v1/version >/dev/null"]
|
|
||||||
interval: 15s
|
|
||||||
timeout: 5s
|
|
||||||
retries: 8
|
|
||||||
start_period: 45s
|
|
||||||
=======
|
|
||||||
- "traefik.http.routers.gitea.middlewares=error-pages-middleware"
|
|
||||||
|
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "curl -fsS http://localhost:3000/api/healthz >/dev/null"]
|
||||||
|
interval: 30s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 6
|
||||||
|
start_period: 120s
|
||||||
|
|
||||||
#volumes:
|
#volumes:
|
||||||
# gitea_data:
|
# gitea_data:
|
||||||
>>>>>>> d534f12f7412d036eb157e1463952b9e2b826b2d
|
|
||||||
|
|
||||||
networks:
|
#networks:
|
||||||
traefik_reverse_proxy:
|
# traefik_reverse_proxy:
|
||||||
external: true
|
# external: true
|
||||||
@@ -0,0 +1,71 @@
|
|||||||
|
services:
|
||||||
|
gramps-db:
|
||||||
|
profiles: ["apps","all","gramps"]
|
||||||
|
image: postgres:13
|
||||||
|
container_name: gramps-db
|
||||||
|
restart: always
|
||||||
|
environment:
|
||||||
|
POSTGRES_USER: gramps
|
||||||
|
POSTGRES_PASSWORD: grampspassword
|
||||||
|
POSTGRES_DB: gramps
|
||||||
|
volumes:
|
||||||
|
- ${PROJECT_ROOT}/apps/gramps/db:/var/lib/postgresql
|
||||||
|
networks:
|
||||||
|
- gramps
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "pg_isready -h db -p 5432 -U gramps -d gramps"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 12
|
||||||
|
start_period: 30s
|
||||||
|
|
||||||
|
|
||||||
|
grampsweb:
|
||||||
|
profiles: ["apps","all","gramps"]
|
||||||
|
image: ghcr.io/gramps-project/grampsweb:latest
|
||||||
|
container_name: gramps-web
|
||||||
|
depends_on:
|
||||||
|
- gramps-db
|
||||||
|
restart: always
|
||||||
|
# ports:
|
||||||
|
# - "5000:5000" # access via http://localhost:5000
|
||||||
|
environment:
|
||||||
|
DB_URI: postgresql://gramps:grampspassword@db:5432/gramps
|
||||||
|
GRAMPSWEB_LOGLEVEL: INFO
|
||||||
|
# default admin user created on first run:
|
||||||
|
INITIAL_ADMIN: admin
|
||||||
|
INITIAL_ADMIN_PASSWORD: admin
|
||||||
|
# optional: storage paths inside container
|
||||||
|
GRAMPSWEB_MEDIAPATH: /app/media
|
||||||
|
GRAMPSWEB_TREE: "main"
|
||||||
|
volumes:
|
||||||
|
- ${PROJECT_ROOT}/apps/gramps/data/users:/app/users
|
||||||
|
- ${PROJECT_ROOT}/apps/gramps/data/media:/app/media
|
||||||
|
- ${PROJECT_ROOT}/apps/gramps/data/cache:/app/cache
|
||||||
|
labels:
|
||||||
|
- "traefik.http.routers.gramps.rule=Host(`familytree.lan.ddnsgeek.com`)"
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.http.routers.gramps.entrypoints=websecure"
|
||||||
|
- "traefik.http.routers.gramps.tls.certresolver=myresolver"
|
||||||
|
- "io.portainer.accesscontrol.public"
|
||||||
|
- "traefik.http.services.gramps.loadbalancer.server.port=5000"
|
||||||
|
- "traefik.docker.network=core_traefik"
|
||||||
|
networks:
|
||||||
|
- traefik
|
||||||
|
- gramps
|
||||||
|
healthcheck:
|
||||||
|
test:
|
||||||
|
- CMD-SHELL
|
||||||
|
- wget -qO- http://127.0.0.1:5000/ >/dev/null
|
||||||
|
interval: 30s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 6
|
||||||
|
start_period: 60s
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
networks:
|
||||||
|
# traefik_reverse_proxy:
|
||||||
|
# external: true
|
||||||
|
gramps:
|
||||||
|
# driver: bridge
|
||||||
@@ -1,4 +1,4 @@
|
|||||||
FROM nextcloud:latest
|
FROM nextcloud:production
|
||||||
|
|
||||||
#RUN groupadd -r doods && useradd -m -s /bin/bash -d /opt/doods -g doods doods
|
#RUN groupadd -r doods && useradd -m -s /bin/bash -d /opt/doods -g doods doods
|
||||||
#RUN chsh -s /usr/sbin/nologin root
|
#RUN chsh -s /usr/sbin/nologin root
|
||||||
@@ -9,4 +9,11 @@ FROM nextcloud:latest
|
|||||||
|
|
||||||
#ENV HOME /opt/doods
|
#ENV HOME /opt/doods
|
||||||
|
|
||||||
USER www-data
|
#USER root
|
||||||
|
|
||||||
|
RUN apt-get update && \
|
||||||
|
apt-get install -y ffmpeg && \
|
||||||
|
apt-get clean && \
|
||||||
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
|
#USER www-data
|
||||||
@@ -0,0 +1,130 @@
|
|||||||
|
services:
|
||||||
|
nextcloud-webapp:
|
||||||
|
# image: nextcloud:production
|
||||||
|
profiles: ["apps","all","nextcloud"]
|
||||||
|
build:
|
||||||
|
context: ${PROJECT_ROOT}/apps/nextcloud
|
||||||
|
container_name: nextcloud-webapp
|
||||||
|
restart: always
|
||||||
|
hostname: nextcloud.lan.ddnsgeek.com
|
||||||
|
volumes:
|
||||||
|
- ${PROJECT_ROOT}/apps/nextcloud/data:/var/www/html/data:rw
|
||||||
|
- ${PROJECT_ROOT}/apps/nextcloud/config:/var/www/html/config:rw
|
||||||
|
- type: tmpfs
|
||||||
|
target: /tmp:exec
|
||||||
|
depends_on:
|
||||||
|
- nextcloud-db
|
||||||
|
- nextcloud-redis
|
||||||
|
environment:
|
||||||
|
- MYSQL_PASSWORD=R1m@dmin
|
||||||
|
- MYSQL_DATABASE=nextcloud
|
||||||
|
- MYSQL_USER=nextcloud
|
||||||
|
- MYSQL_HOST=nextcloud_db:3306
|
||||||
|
- NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.lan.ddnsgeek.com
|
||||||
|
- OVERWRITEPROTOCOL=https
|
||||||
|
- OVERWRITECLIURL=https://nextcloud.lan.ddnsgeek.com
|
||||||
|
|
||||||
|
- SMTP_HOST=smtp.gmail.com
|
||||||
|
- SMTP_SECURE=tls
|
||||||
|
- SMTP_PORT=587
|
||||||
|
- SMTP_AUTHTYPE=login
|
||||||
|
- MAIL_FROM_ADDRESS=beatz174
|
||||||
|
- MAIL_DOMAIN=gmail.com
|
||||||
|
- SMTP_NAME=beatz174@gmail.com
|
||||||
|
- SMTP_PASSWORD=kqdw fvml wlag ldgv
|
||||||
|
|
||||||
|
- REDIS_HOST=redis
|
||||||
|
- REDIS_HOST_PORT=6379
|
||||||
|
- REDIS_HOST_PASSWORD=TzBF8wcJNmVd9p2CTmBejPS9dpye6kWQeH3DmrQS9TPfTRriSHFN5VqH4CgzcuVZYWH2GBb7QU5GuEpNDGYdKjM6hjmLyjSgCFMiPms3Hv9n
|
||||||
|
networks:
|
||||||
|
- traefik
|
||||||
|
- nextcloud
|
||||||
|
labels:
|
||||||
|
- "traefik.http.routers.nextcloud.rule=Host(`nextcloud.lan.ddnsgeek.com`)"
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.http.routers.nextcloud.entrypoints=websecure"
|
||||||
|
- "traefik.http.routers.nextcloud.tls.certresolver=myresolver"
|
||||||
|
- "io.portainer.accesscontrol.public"
|
||||||
|
- "traefik.http.routers.nextcloud.middlewares=nextcloud-dav, nextcloud-webfinger"
|
||||||
|
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
|
||||||
|
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/"
|
||||||
|
- "traefik.http.middlewares.nextcloud-nodeinfo.replacepathregex.regex=^/.well-known/nodeinfo"
|
||||||
|
- "traefik.http.middlewares.nextcloud-nodeinfo.replacepathregex.replacement=/nextcloud/index.php/.well-known/nodeinfo/"
|
||||||
|
- "traefik.http.middlewares.nextcloud-webfinger.redirectregex.permanent=true"
|
||||||
|
- "traefik.http.middlewares.nextcloud-webfinger.redirectregex.regex=https://(.*)/.well-known/webfinger"
|
||||||
|
- "traefik.http.middlewares.nextcloud-webfinger.redirectregex.replacement=https://$${1}/nextcloud/index.php/.well-known/webfinger"
|
||||||
|
- "traefik.docker.network=core_traefik"
|
||||||
|
|
||||||
|
healthcheck:
|
||||||
|
test:
|
||||||
|
- CMD-SHELL
|
||||||
|
- >-
|
||||||
|
php -r '$$f=@fsockopen("127.0.0.1",80,$$e,$$s,2); if(!$$f) exit(1);
|
||||||
|
fwrite($$f,"GET /status.php HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n");
|
||||||
|
$$o=""; while(!feof($$f)){$$o.=fgets($$f,1024);} fclose($$f);
|
||||||
|
if(strpos($$o,"\"installed\":true")===false) exit(1);'
|
||||||
|
interval: 30s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 6
|
||||||
|
start_period: 180s
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
nextcloud-db:
|
||||||
|
image: mariadb:11.4
|
||||||
|
restart: always
|
||||||
|
profiles: ["apps","all","nextcloud"]
|
||||||
|
container_name: nextcloud-db
|
||||||
|
hostname: nextcloud_db
|
||||||
|
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
|
||||||
|
volumes:
|
||||||
|
- ${PROJECT_ROOT}/apps/nextcloud/database:/var/lib/mysql:rw
|
||||||
|
environment:
|
||||||
|
- MYSQL_ROOT_PASSWORD=R1m@dmin
|
||||||
|
- MYSQL_PASSWORD=R1m@dmin
|
||||||
|
- MYSQL_DATABASE=nextcloud
|
||||||
|
- MYSQL_USER=nextcloud
|
||||||
|
- MARIADB_AUTO_UPGRADE=1
|
||||||
|
- NEXTCLOUD_ADMIN_USER=admin
|
||||||
|
- NEXTCLOUD_ADMIN_PASSWORD=R1m@dmin
|
||||||
|
networks:
|
||||||
|
- nextcloud
|
||||||
|
labels:
|
||||||
|
- "io.portainer.accesscontrol.public"
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "mariadb-admin ping -u nextcloud --password=R1m@dmin --silent"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 12
|
||||||
|
start_period: 60s
|
||||||
|
|
||||||
|
|
||||||
|
nextcloud-redis:
|
||||||
|
image: "redis"
|
||||||
|
profiles: ["apps","all","nextcloud"]
|
||||||
|
command: ["redis-server", "--requirepass", "TzBF8wcJNmVd9p2CTmBejPS9dpye6kWQeH3DmrQS9TPfTRriSHFN5VqH4CgzcuVZYWH2GBb7QU5GuEpNDGYdKjM6hjmLyjSgCFMiPms3Hv9n", "--appendonly", "yes", "--save", "60", "1000"]
|
||||||
|
hostname: redis
|
||||||
|
container_name: nextcloud-redis
|
||||||
|
environment:
|
||||||
|
- REDIS_HOST_PASSWORD=TzBF8wcJNmVd9p2CTmBejPS9dpye6kWQeH3DmrQS9TPfTRriSHFN5VqH4CgzcuVZYWH2GBb7QU5GuEpNDGYdKjM6hjmLyjSgCFMiPms3Hv9n
|
||||||
|
volumes:
|
||||||
|
- ${PROJECT_ROOT}/apps/nextcloud/data/redis:/data:rw
|
||||||
|
restart: always
|
||||||
|
networks:
|
||||||
|
- nextcloud
|
||||||
|
labels:
|
||||||
|
- "io.portainer.accesscontrol.public"
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "redis-cli -a TzBF8wcJNmVd9p2CTmBejPS9dpye6kWQeH3DmrQS9TPfTRriSHFN5VqH4CgzcuVZYWH2GBb7QU5GuEpNDGYdKjM6hjmLyjSgCFMiPms3Hv9n PING | grep -q PONG"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 6
|
||||||
|
start_period: 10s
|
||||||
|
|
||||||
|
|
||||||
|
networks:
|
||||||
|
# traefik_reverse_proxy:
|
||||||
|
# external: true
|
||||||
|
nextcloud:
|
||||||
|
# driver: bridge
|
||||||
@@ -1,73 +1,79 @@
|
|||||||
services:
|
services:
|
||||||
db:
|
passbolt-db:
|
||||||
|
profiles: ["apps","all","passbolt"]
|
||||||
|
container_name: passbolt-db
|
||||||
image: mariadb:12
|
image: mariadb:12
|
||||||
restart: unless-stopped
|
restart: always
|
||||||
environment:
|
environment:
|
||||||
MYSQL_RANDOM_ROOT_PASSWORD: "true"
|
MYSQL_RANDOM_ROOT_PASSWORD: "true"
|
||||||
MYSQL_DATABASE: "passbolt"
|
MYSQL_DATABASE: "passbolt"
|
||||||
MYSQL_USER: "passbolt"
|
MYSQL_USER: "passbolt"
|
||||||
MYSQL_PASSWORD: "P4ssb0lt"
|
MYSQL_PASSWORD: "P4ssb0lt"
|
||||||
volumes:
|
volumes:
|
||||||
- ./data/database:/var/lib/mysql
|
- ${PROJECT_ROOT}/apps/passbolt/data/database:/var/lib/mysql
|
||||||
networks:
|
networks:
|
||||||
- internal
|
- passbolt
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD-SHELL", "mariadb-admin ping -h 127.0.0.1 -u\"$$MARIADB_USER\" -p\"$$MARIADB_PASSWORD\" --silent"]
|
test: ["CMD-SHELL", "mariadb-admin ping -h 127.0.0.1 -u\"$$MARIADB_USER\" -p\"$$MARIADB_PASSWORD\" --silent"]
|
||||||
interval: 10s
|
interval: 10s
|
||||||
timeout: 5s
|
timeout: 5s
|
||||||
retries: 12
|
retries: 12
|
||||||
start_period: 60s
|
start_period: 60s
|
||||||
|
labels:
|
||||||
|
- "io.portainer.accesscontrol.public"
|
||||||
|
|
||||||
|
|
||||||
webapp:
|
passbolt-webapp:
|
||||||
image: passbolt/passbolt:latest-ce
|
image: passbolt/passbolt:latest-ce
|
||||||
|
profiles: ["apps","all","passbolt"]
|
||||||
|
container_name: passbolt-webapp
|
||||||
#Alternatively you can use rootless:
|
#Alternatively you can use rootless:
|
||||||
restart: unless-stopped
|
restart: always
|
||||||
depends_on:
|
depends_on:
|
||||||
- db
|
- passbolt-db
|
||||||
environment:
|
environment:
|
||||||
APP_FULL_BASE_URL: https://passbolt.lan.ddnsgeek.com
|
APP_FULL_BASE_URL: https://passbolt.lan.ddnsgeek.com
|
||||||
DATASOURCES_DEFAULT_HOST: "db"
|
DATASOURCES_DEFAULT_HOST: "passbolt-db"
|
||||||
DATASOURCES_DEFAULT_USERNAME: "passbolt"
|
DATASOURCES_DEFAULT_USERNAME: "passbolt"
|
||||||
DATASOURCES_DEFAULT_PASSWORD: "P4ssb0lt"
|
DATASOURCES_DEFAULT_PASSWORD: "P4ssb0lt"
|
||||||
DATASOURCES_DEFAULT_DATABASE: "passbolt"
|
DATASOURCES_DEFAULT_DATABASE: "passbolt"
|
||||||
|
PASSBOLT_GPG_SERVER_KEY_FINGERPRINT: "CBBB2B8F3E9FACA114537ACB8965B750F7363586"
|
||||||
volumes:
|
volumes:
|
||||||
- ./data/gpg:/etc/passbolt/gpg
|
- ${PROJECT_ROOT}/apps/passbolt/data/gpg:/etc/passbolt/gpg
|
||||||
- ./data/jwt:/etc/passbolt/jwt
|
- ${PROJECT_ROOT}/apps/passbolt/data/jwt:/etc/passbolt/jwt
|
||||||
command:
|
command:
|
||||||
[
|
[
|
||||||
"/usr/bin/wait-for.sh",
|
"/usr/bin/wait-for.sh",
|
||||||
"-t",
|
"-t",
|
||||||
"0",
|
"0",
|
||||||
"db:3306",
|
"passbolt-db:3306",
|
||||||
"--",
|
"--",
|
||||||
"/docker-entrypoint.sh",
|
"/docker-entrypoint.sh",
|
||||||
]
|
]
|
||||||
networks:
|
networks:
|
||||||
- traefik_reverse_proxy
|
- traefik
|
||||||
- internal
|
- passbolt
|
||||||
labels:
|
labels:
|
||||||
- "traefik.http.routers.passbolt.rule=Host(`passbolt.lan.ddnsgeek.com`)"
|
- "traefik.http.routers.passbolt.rule=Host(`passbolt.lan.ddnsgeek.com`)"
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.passbolt.entrypoints=websecure"
|
- "traefik.http.routers.passbolt.entrypoints=websecure"
|
||||||
- "traefik.http.routers.passbolt.tls.certresolver=myresolver"
|
- "traefik.http.routers.passbolt.tls.certresolver=myresolver"
|
||||||
- "io.portainer.accesscontrol.public"
|
- "io.portainer.accesscontrol.public"
|
||||||
- "traefik.http.routers.passbolt.middlewares=error-pages-middleware"
|
- "traefik.docker.network=core_traefik"
|
||||||
- "traefik.docker.network=traefik_reverse_proxy"
|
|
||||||
|
|
||||||
# healthcheck:
|
healthcheck:
|
||||||
# test: >
|
test: ["CMD-SHELL", "curl -fsS http://localhost/healthcheck/status | grep -qx OK"]
|
||||||
# CMD-SHELL
|
|
||||||
# su -s /bin/sh -c "/usr/share/php/passbolt/bin/cake passbolt healthcheck" www-data
|
# su -s /bin/sh -c "/usr/share/php/passbolt/bin/cake passbolt healthcheck" www-data
|
||||||
# | grep -q "No error found"
|
# | grep -q "No error found"
|
||||||
# interval: 30s
|
interval: 30s
|
||||||
# timeout: 10s
|
timeout: 10s
|
||||||
# retries: 6
|
retries: 6
|
||||||
# start_period: 120s
|
start_period: 120s
|
||||||
|
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
traefik_reverse_proxy:
|
# traefik_reverse_proxy:
|
||||||
external: true
|
# external: true
|
||||||
internal:
|
# internal:
|
||||||
driver: bridge
|
# driver: bridge
|
||||||
|
passbolt:
|
||||||
@@ -1,6 +1,8 @@
|
|||||||
services:
|
services:
|
||||||
webapp:
|
searxng-webapp:
|
||||||
image: searxng/searxng
|
image: searxng/searxng
|
||||||
|
profiles: ["apps","all","searxng"]
|
||||||
|
container_name: searxng-webapp
|
||||||
restart: always
|
restart: always
|
||||||
read_only: true
|
read_only: true
|
||||||
tmpfs:
|
tmpfs:
|
||||||
@@ -9,30 +11,22 @@ services:
|
|||||||
- /run
|
- /run
|
||||||
hostname: searxng.lan.ddnsgeek.com
|
hostname: searxng.lan.ddnsgeek.com
|
||||||
networks:
|
networks:
|
||||||
- traefik_reverse_proxy
|
- traefik
|
||||||
deploy:
|
|
||||||
restart_policy:
|
|
||||||
condition: on-failure
|
|
||||||
max_attempts: 5
|
|
||||||
labels:
|
labels:
|
||||||
- "traefik.http.routers.searxng.rule=Host(`searxng.lan.ddnsgeek.com`)"
|
- "traefik.http.routers.searxng.rule=Host(`searxng.lan.ddnsgeek.com`)"
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.searxng.entrypoints=websecure"
|
- "traefik.http.routers.searxng.entrypoints=websecure"
|
||||||
- "traefik.http.routers.searxng.tls.certresolver=myresolver"
|
- "traefik.http.routers.searxng.tls.certresolver=myresolver"
|
||||||
- "io.portainer.accesscontrol.public"
|
- "io.portainer.accesscontrol.public"
|
||||||
- "traefik.http.routers.searxng.middlewares=error-pages-middleware"
|
# - "traefik.http.routers.searxng.middlewares=crowdsec@file,secHeaders@file,error-pages-middleware"
|
||||||
|
- "traefik.http.services.searxng.loadbalancer.server.port=8080"
|
||||||
healthcheck:
|
healthcheck:
|
||||||
# test: >
|
|
||||||
# CMD-SHELL
|
|
||||||
# python3 -c "import urllib.request,sys;
|
|
||||||
# u=urllib.request.urlopen('http://127.0.0.1:8080/', timeout=2);
|
|
||||||
# sys.exit(0 if u.status==200 else 1)"
|
|
||||||
test: ["CMD-SHELL", "python3 -c \"import urllib.request,sys; r=urllib.request.urlopen('http://127.0.0.1:8080/', timeout=3); sys.exit(0 if 200<=r.status<400 else 1)\""]
|
test: ["CMD-SHELL", "python3 -c \"import urllib.request,sys; r=urllib.request.urlopen('http://127.0.0.1:8080/', timeout=3); sys.exit(0 if 200<=r.status<400 else 1)\""]
|
||||||
interval: 20s
|
interval: 20s
|
||||||
timeout: 5s
|
timeout: 5s
|
||||||
retries: 8
|
retries: 8
|
||||||
start_period: 30s
|
start_period: 30s
|
||||||
|
|
||||||
networks:
|
#networks:
|
||||||
traefik_reverse_proxy:
|
# traefik_reverse_proxy:
|
||||||
external: true
|
# external: true
|
||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user