From a2fd32bc86fb663bebe200aaba6e518035f9331b Mon Sep 17 00:00:00 2001 From: Marco von Rosenberg Date: Sun, 27 Nov 2022 15:54:58 +0000 Subject: [PATCH] Init --- docker-containers/gitea/docker-compose.yml | 48 +++++++++++++++++++ docker-containers/keycloak/docker-compose.yml | 46 ++++++++++++++++++ docker-containers/nextcloud/config.php | 23 +++++++++ .../nextcloud/docker-compose.yml | 44 +++++++++++++++++ .../nginx-proxy/docker-compose.yml | 34 +++++++++++++ docker-containers/pad/docker-compose.yml | 39 +++++++++++++++ 6 files changed, 234 insertions(+) create mode 100644 docker-containers/gitea/docker-compose.yml create mode 100644 docker-containers/keycloak/docker-compose.yml create mode 100644 docker-containers/nextcloud/config.php create mode 100644 docker-containers/nextcloud/docker-compose.yml create mode 100644 docker-containers/nginx-proxy/docker-compose.yml create mode 100644 docker-containers/pad/docker-compose.yml diff --git a/docker-containers/gitea/docker-compose.yml b/docker-containers/gitea/docker-compose.yml new file mode 100644 index 0000000..c68fa4b --- /dev/null +++ b/docker-containers/gitea/docker-compose.yml @@ -0,0 +1,48 @@ +version: "3" + +services: + db: + image: postgres:14 + restart: always + environment: + - POSTGRES_USER=gitea + - POSTGRES_PASSWORD=gitea + - POSTGRES_DB=gitea + networks: + - gitea + volumes: + - ./postgres:/var/lib/postgresql/data + + server: + image: gitea/gitea:1.17.3 + container_name: gitea + environment: + - USER_UID=1002 # git + - USER_GID=999 # docker + - GITEA__database__DB_TYPE=postgres + - GITEA__database__HOST=db:5432 + - GITEA__database__NAME=gitea + - GITEA__database__USER=gitea + - GITEA__database__PASSWD=gitea + - GITEA__security__SECRET_KEY=UVtqmCdTmLwgprrhXiLOOjTENkR1VXhmWCvJ9kwYBp545oGXFJ1Gakz3hk13dtIp + - GITEA__security__INTERNAL_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2Njc2ODY4NjZ9.So-OnzTxFU-Ps6jfad9rEZPGNnNBmbcF_wHhjsjF_0g + - VIRTUAL_HOST=git.cttue.de + - VIRTUAL_PORT=3000 + - LETSENCRYPT_HOST=git.cttue.de + restart: always + networks: + - cttue_web_services + - gitea + ports: + - 127.0.0.1:2222:22 + volumes: + - ./gitea-data:/data + - /home/git/.ssh/:/data/git/.ssh + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + + +networks: + cttue_web_services: + external: true + gitea: diff --git a/docker-containers/keycloak/docker-compose.yml b/docker-containers/keycloak/docker-compose.yml new file mode 100644 index 0000000..45af942 --- /dev/null +++ b/docker-containers/keycloak/docker-compose.yml @@ -0,0 +1,46 @@ +version: '3.9' + +services: + keycloak_db: + image: postgres:14.5 + restart: always + environment: + - POSTGRES_DB=keycloak + - POSTGRES_USER=keycloak + - POSTGRES_PASSWORD=keycloak + volumes: + - ./postgres_data:/var/lib/postgresql/data + networks: + - local-keycloak + + keycloak: + build: + context: ./build + depends_on: + - keycloak_db + environment: + - KC_HEALTH_ENABLED=true + - KC_DB=postgres + - KC_DB_URL=jdbc:postgresql://keycloak_db:5432/keycloak + - KC_DB_URL_DATABASE=keycloak + - KC_DB_USERNAME=keycloak + - KC_DB_PASSWORD=keycloak + - KC_PROXY_ADDRESS_FORWARDING=true + - KC_HOSTNAME=auth.cttue.de + - KC_HOSTNAME_STRICT_HTTPS=false + - KC_PROXY=edge + - KC_HTTP_ENABLED=true + - KC_HOSTNAME_STRICT=false + - VIRTUAL_HOST=auth.cttue.de + - VIRTUAL_PORT=8080 + - LETSENCRYPT_HOST=auth.cttue.de + restart: always + networks: + - local-keycloak + - cttue_web_services + +networks: + cttue_web_services: + external: true + local-keycloak: + diff --git a/docker-containers/nextcloud/config.php b/docker-containers/nextcloud/config.php new file mode 100644 index 0000000..17d0705 --- /dev/null +++ b/docker-containers/nextcloud/config.php @@ -0,0 +1,23 @@ +'allow_user_to_change_display_name' => false, +'lost_password_link' => 'disabled', +'oidc_login_button_text' => 'Continue with Chaostreff Tübingen SSO', +'oidc_login_use_id_token' => false, +'oidc_login_redir_fallback' => true, +'oidc_login_provider_url' => 'https://auth.cttue.de/realms/cttue', +'oidc_login_client_id' => 'nextcloud', +'oidc_login_client_secret' => 'oUZYWWLTVsRy0cmONdvXy3DV3dVAxpME', +'oidc_login_auto_redirect' => false, +'oidc_login_hide_password_form' => true, +'oidc_login_scope' => 'openid profile', +'oidc_login_logout_url' => 'https://auth.cttue.de/realms/cttue/protocol/openid-connect/logout', +'oidc_login_disable_registration' => false, +'oidc_login_proxy_ldap' => false, +'oidc_login_attributes' => [ + 'ldap_uid' => 'ldap_uid', + 'id' => 'sub', + 'name' => 'name', + 'mail' => 'email', + 'groups' => 'groups', +], + + diff --git a/docker-containers/nextcloud/docker-compose.yml b/docker-containers/nextcloud/docker-compose.yml new file mode 100644 index 0000000..228f07a --- /dev/null +++ b/docker-containers/nextcloud/docker-compose.yml @@ -0,0 +1,44 @@ +version: '3' +services: + nc_db: + image: mariadb + restart: always + command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW + environment: + - MYSQL_ROOT_PASSWORD=nextcloud + - MYSQL_PASSWORD=nextcloud + - MYSQL_DATABASE=nextcloud + - MYSQL_USER=nextcloud + volumes: + - ./database:/var/lib/mysql + networks: + backend: + + app: + image: nextcloud + restart: always + environment: + - MYSQL_PASSWORD=nextcloud + - MYSQL_DATABASE=nextcloud + - MYSQL_USER=nextcloud + - MYSQL_HOST=nc_db + - OVERWRITEPROTOCOL=https + - OVERWRITEHOST=cloud.cttue.de + - PHP_UPLOAD_LIMIT=50M + - VIRTUAL_HOST=cloud.cttue.de + - VIRTUAL_PORT=80 + - LETSENCRYPT_HOST=cloud.cttue.de + volumes: + - ./nextcloud-data:/var/www/html:z + networks: + cttue_web_services: + backend: + depends_on: + - nc_db + +networks: + cttue_web_services: + external: true + # Internal network for communication with MySQL + backend: + diff --git a/docker-containers/nginx-proxy/docker-compose.yml b/docker-containers/nginx-proxy/docker-compose.yml new file mode 100644 index 0000000..57a5ea8 --- /dev/null +++ b/docker-containers/nginx-proxy/docker-compose.yml @@ -0,0 +1,34 @@ +version: "2" + +services: + nginx-proxy: + image: jwilder/nginx-proxy + ports: + - 80:80 + - 443:443 + volumes: + - ./conf:/etc/nginx/conf.d + - ./certs:/etc/nginx/certs + - ./vhost:/etc/nginx/vhost.d + - ./html:/usr/share/nginx/html + - /var/run/docker.sock:/tmp/docker.sock:ro + networks: + cttue_web_services: + + nginx-proxy-acme: + image: nginxproxy/acme-companion + volumes_from: + - nginx-proxy + volumes: + - ./certs:/etc/nginx/certs:rw + - ./acme:/etc/acme.sh + - /var/run/docker.sock:/var/run/docker.sock:ro + environment: + - DEFAULT_EMAIL=codingmarco@gmail.com + networks: + cttue_web_services: + +networks: + cttue_web_services: + external: true + diff --git a/docker-containers/pad/docker-compose.yml b/docker-containers/pad/docker-compose.yml new file mode 100644 index 0000000..c73646f --- /dev/null +++ b/docker-containers/pad/docker-compose.yml @@ -0,0 +1,39 @@ +version: '3' + +services: + database: + image: postgres:13.4-alpine + environment: + - POSTGRES_USER=hedgedoc + - POSTGRES_PASSWORD=hedgedoc + - POSTGRES_DB=hedgedoc + volumes: + - ./database:/var/lib/postgresql/data + networks: + cttue_web_services: + restart: always + + app: + image: quay.io/hedgedoc/hedgedoc:1.9.4 + environment: + - CMD_DB_URL=postgres://hedgedoc:hedgedoc@database:5432/hedgedoc + - CMD_DOMAIN=pad.cttue.de + - CMD_PROTOCOL_USESSL=true + - CMD_ALLOW_PDF_EXPORT=true + - CMD_ALLOW_FREEURL=true + - CMD_SESSION_SECRET=9yonH247cLTXEqDv9JTGEygBCxk7fHXfYY2ckkhY7n0KPEuzRJ6yfmcUNBVcEJQI + # nginx-proxy stuff + - VIRTUAL_HOST=pad.cttue.de + - VIRTUAL_PORT=3000 + - LETSENCRYPT_HOST=pad.cttue.de + volumes: + - ./uploads:/hedgedoc/public/uploads + networks: + cttue_web_services: + restart: always + depends_on: + - database + +networks: + cttue_web_services: + external: true